summaryrefslogtreecommitdiffstats
path: root/nixos
diff options
context:
space:
mode:
Diffstat (limited to 'nixos')
-rw-r--r--nixos/doc/manual/release-notes/rl-2103.xml5
-rw-r--r--nixos/modules/hardware/network/ath-user-regd.nix31
-rw-r--r--nixos/modules/hardware/video/nvidia.nix51
-rw-r--r--nixos/modules/module-list.nix1
-rw-r--r--nixos/modules/security/acme.nix6
-rw-r--r--nixos/modules/services/backup/restic.nix4
-rw-r--r--nixos/modules/services/web-servers/apache-httpd/vhost-options.nix2
-rw-r--r--nixos/modules/services/x11/clight.nix30
-rw-r--r--nixos/modules/system/boot/kernel.nix10
9 files changed, 88 insertions, 52 deletions
diff --git a/nixos/doc/manual/release-notes/rl-2103.xml b/nixos/doc/manual/release-notes/rl-2103.xml
index 235b9ba1ed90..f33b4ef919f0 100644
--- a/nixos/doc/manual/release-notes/rl-2103.xml
+++ b/nixos/doc/manual/release-notes/rl-2103.xml
@@ -661,6 +661,11 @@ self: super:
The <varname>platform</varname> grouping of these things never meant anything, and was just a historial/implementation artifact that was overdue removal.
</para>
</listitem>
+ <listitem>
+ <para>
+ <varname>services.restic</varname> now uses a dedicated cache directory for every backup defined in <varname>services.restic.backups</varname>. The old global cache directory, <literal>/root/.cache/restic</literal>, is now unused and can be removed to free up disk space.
+ </para>
+ </listitem>
</itemizedlist>
</section>
</section>
diff --git a/nixos/modules/hardware/network/ath-user-regd.nix b/nixos/modules/hardware/network/ath-user-regd.nix
new file mode 100644
index 000000000000..b5ade5ed5010
--- /dev/null
+++ b/nixos/modules/hardware/network/ath-user-regd.nix
@@ -0,0 +1,31 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+let
+ kernelVersion = config.boot.kernelPackages.kernel.version;
+ linuxKernelMinVersion = "5.8";
+ kernelPatch = pkgs.kernelPatches.ath_regd_optional // {
+ extraConfig = ''
+ ATH_USER_REGD y
+ '';
+ };
+in
+{
+ options.networking.wireless.athUserRegulatoryDomain = mkOption {
+ default = false;
+ type = types.bool;
+ description = ''
+ If enabled, sets the ATH_USER_REGD kernel config switch to true to
+ disable the enforcement of EEPROM regulatory restrictions for ath
+ drivers. Requires at least Linux ${linuxKernelMinVersion}.
+ '';
+ };
+
+ config = mkIf config.networking.wireless.athUserRegulatoryDomain {
+ assertions = singleton {
+ assertion = lessThan 0 (builtins.compareVersions kernelVersion linuxKernelMinVersion);
+ message = "ATH_USER_REGD patch for kernels older than ${linuxKernelMinVersion} not ported yet!";
+ };
+ boot.kernelPatches = [ kernelPatch ];
+ };
+}
diff --git a/nixos/modules/hardware/video/nvidia.nix b/nixos/modules/hardware/video/nvidia.nix
index 72eb9fcfaa60..97accc7b99a0 100644
--- a/nixos/modules/hardware/video/nvidia.nix
+++ b/nixos/modules/hardware/video/nvidia.nix
@@ -5,36 +5,17 @@
with lib;
let
-
- drivers = config.services.xserver.videoDrivers;
-
- # FIXME: should introduce an option like
- # ‘hardware.video.nvidia.package’ for overriding the default NVIDIA
- # driver.
- nvidiaForKernel = kernelPackages:
- if elem "nvidia" drivers then
- kernelPackages.nvidia_x11
- else if elem "nvidiaBeta" drivers then
- kernelPackages.nvidia_x11_beta
- else if elem "nvidiaVulkanBeta" drivers then
- kernelPackages.nvidia_x11_vulkan_beta
- else if elem "nvidiaLegacy304" drivers then
- kernelPackages.nvidia_x11_legacy304
- else if elem "nvidiaLegacy340" drivers then
- kernelPackages.nvidia_x11_legacy340
- else if elem "nvidiaLegacy390" drivers then
- kernelPackages.nvidia_x11_legacy390
- else null;
-
- nvidia_x11 = nvidiaForKernel config.boot.kernelPackages;
- nvidia_libs32 =
- if versionOlder nvidia_x11.version "391" then
- ((nvidiaForKernel pkgs.pkgsi686Linux.linuxPackages).override { libsOnly = true; kernel = null; }).out
- else
- (nvidiaForKernel config.boot.kernelPackages).lib32;
+ nvidia_x11 = let
+ drivers = config.services.xserver.videoDrivers;
+ isDeprecated = str: (hasPrefix "nvidia" str) && (str != "nvidia");
+ hasDeprecated = drivers: any isDeprecated drivers;
+ in if (hasDeprecated drivers) then
+ throw ''
+ Selecting an nvidia driver has been modified for NixOS 19.03. The version is now set using `hardware.nvidia.package`.
+ ''
+ else if (elem "nvidia" drivers) then cfg.package else null;
enabled = nvidia_x11 != null;
-
cfg = config.hardware.nvidia;
pCfg = cfg.prime;
@@ -170,6 +151,16 @@ in
GPUs stay awake even during headless mode.
'';
};
+
+ hardware.nvidia.package = lib.mkOption {
+ type = lib.types.package;
+ default = config.boot.kernelPackages.nvidiaPackages.stable;
+ defaultText = "config.boot.kernelPackages.nvidiaPackages.stable";
+ description = ''
+ The NVIDIA X11 derivation to use.
+ '';
+ example = "config.boot.kernelPackages.nvidiaPackages.legacy340";
+ };
};
config = let
@@ -271,9 +262,9 @@ in
};
hardware.opengl.package = mkIf (!offloadCfg.enable) nvidia_x11.out;
- hardware.opengl.package32 = mkIf (!offloadCfg.enable) nvidia_libs32;
+ hardware.opengl.package32 = mkIf (!offloadCfg.enable) nvidia_x11.lib32;
hardware.opengl.extraPackages = optional offloadCfg.enable nvidia_x11.out;
- hardware.opengl.extraPackages32 = optional offloadCfg.enable nvidia_libs32;
+ hardware.opengl.extraPackages32 = optional offloadCfg.enable nvidia_x11.lib32;
environment.systemPackages = [ nvidia_x11.bin nvidia_x11.settings ]
++ optionals nvidiaPersistencedEnabled [ nvidia_x11.persistenced ];
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix
index 7586ae41bbb0..f64f2dbb2cb2 100644
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@@ -52,6 +52,7 @@
./hardware/ledger.nix
./hardware/logitech.nix
./hardware/mcelog.nix
+ ./hardware/network/ath-user-regd.nix
./hardware/network/b43.nix
./hardware/network/intel-2200bg.nix
./hardware/nitrokey.nix
diff --git a/nixos/modules/security/acme.nix b/nixos/modules/security/acme.nix
index 6b62e5043caf..c33a92580d4c 100644
--- a/nixos/modules/security/acme.nix
+++ b/nixos/modules/security/acme.nix
@@ -346,7 +346,7 @@ let
webroot = mkOption {
type = types.nullOr types.str;
default = null;
- example = "/var/lib/acme/acme-challenges";
+ example = "/var/lib/acme/acme-challenge";
description = ''
Where the webroot of the HTTP vhost is located.
<filename>.well-known/acme-challenge/</filename> directory
@@ -579,12 +579,12 @@ in {
example = literalExample ''
{
"example.com" = {
- webroot = "/var/www/challenges/";
+ webroot = "/var/lib/acme/acme-challenge/";
email = "foo@example.com";
extraDomainNames = [ "www.example.com" "foo.example.com" ];
};
"bar.example.com" = {
- webroot = "/var/www/challenges/";
+ webroot = "/var/lib/acme/acme-challenge/";
email = "bar@example.com";
};
}
diff --git a/nixos/modules/services/backup/restic.nix b/nixos/modules/services/backup/restic.nix
index d869835bf07e..573f0efa9da4 100644
--- a/nixos/modules/services/backup/restic.nix
+++ b/nixos/modules/services/backup/restic.nix
@@ -243,9 +243,11 @@ in
restartIfChanged = false;
serviceConfig = {
Type = "oneshot";
- ExecStart = [ "${resticCmd} backup ${concatStringsSep " " backup.extraBackupArgs} ${backupPaths}" ] ++ pruneCmd;
+ ExecStart = [ "${resticCmd} backup --cache-dir=%C/restic-backups-${name} ${concatStringsSep " " backup.extraBackupArgs} ${backupPaths}" ] ++ pruneCmd;
User = backup.user;
RuntimeDirectory = "restic-backups-${name}";
+ CacheDirectory = "restic-backups-${name}";
+ CacheDirectoryMode = "0700";
} // optionalAttrs (backup.s3CredentialsFile != null) {
EnvironmentFile = backup.s3CredentialsFile;
};
diff --git a/nixos/modules/services/web-servers/apache-httpd/vhost-options.nix b/nixos/modules/services/web-servers/apache-httpd/vhost-options.nix
index 173c0f8561c0..394f9a305546 100644
--- a/nixos/modules/services/web-servers/apache-httpd/vhost-options.nix
+++ b/nixos/modules/services/web-servers/apache-httpd/vhost-options.nix
@@ -112,7 +112,7 @@ in
acmeRoot = mkOption {
type = types.str;
- default = "/var/lib/acme/acme-challenges";
+ default = "/var/lib/acme/acme-challenge";
description = "Directory for the acme challenge which is PUBLIC, don't put certs or keys in here";
};
diff --git a/nixos/modules/services/x11/clight.nix b/nixos/modules/services/x11/clight.nix
index 4daf6d8d9db7..873f425fb8be 100644
--- a/nixos/modules/services/x11/clight.nix
+++ b/nixos/modules/services/x11/clight.nix
@@ -11,14 +11,21 @@ let
else if isBool v then boolToString v
else if isString v then ''"${escape [''"''] v}"''
else if isList v then "[ " + concatMapStringsSep ", " toConf v + " ]"
+ else if isAttrs v then "\n{\n" + convertAttrs v + "\n}"
else abort "clight.toConf: unexpected type (v = ${v})";
- clightConf = pkgs.writeText "clight.conf"
- (concatStringsSep "\n" (mapAttrsToList
- (name: value: "${toString name} = ${toConf value};")
- (filterAttrs
- (_: value: value != null)
- cfg.settings)));
+ getSep = v:
+ if isAttrs v then ":"
+ else "=";
+
+ convertAttrs = attrs: concatStringsSep "\n" (mapAttrsToList
+ (name: value: "${toString name} ${getSep value} ${toConf value};")
+ attrs);
+
+ clightConf = pkgs.writeText "clight.conf" (convertAttrs
+ (filterAttrs
+ (_: value: value != null)
+ cfg.settings));
in {
options.services.clight = {
enable = mkOption {
@@ -49,9 +56,10 @@ in {
};
settings = let
- validConfigTypes = with types; either int (either str (either bool float));
+ validConfigTypes = with types; oneOf [ int str bool float ];
+ collectionTypes = with types; oneOf [ validConfigTypes (listOf validConfigTypes) ];
in mkOption {
- type = with types; attrsOf (nullOr (either validConfigTypes (listOf validConfigTypes)));
+ type = with types; attrsOf (nullOr (either collectionTypes (attrsOf collectionTypes)));
default = {};
example = { captures = 20; gamma_long_transition = true; ac_capture_timeouts = [ 120 300 60 ]; };
description = ''
@@ -69,10 +77,10 @@ in {
services.upower.enable = true;
services.clight.settings = {
- gamma_temp = with cfg.temperature; mkDefault [ day night ];
+ gamma.temp = with cfg.temperature; mkDefault [ day night ];
} // (optionalAttrs (config.location.provider == "manual") {
- latitude = mkDefault config.location.latitude;
- longitude = mkDefault config.location.longitude;
+ daytime.latitude = mkDefault config.location.latitude;
+ daytime.longitude = mkDefault config.location.longitude;
});
services.geoclue2.appConfig.clightc = {
diff --git a/nixos/modules/system/boot/kernel.nix b/nixos/modules/system/boot/kernel.nix
index ed7226331d70..9287852bacfd 100644
--- a/nixos/modules/system/boot/kernel.nix
+++ b/nixos/modules/system/boot/kernel.nix
@@ -37,12 +37,10 @@ in
boot.kernelPackages = mkOption {
default = pkgs.linuxPackages;
type = types.unspecified // { merge = mergeEqualOption; };
- apply = kernelPackages: kernelPackages.extend (self: super: {
- kernel = super.kernel.override {
- inherit randstructSeed;
- kernelPatches = super.kernel.kernelPatches ++ kernelPatches;
- features = lib.recursiveUpdate super.kernel.features features;
- };
+ apply = kernelPackages: pkgs.linuxPackagesFor (kernelPackages.kernel.override {
+ inherit randstructSeed;
+ kernelPatches = kernelPackages.kernel.kernelPatches ++ kernelPatches;
+ features = lib.recursiveUpdate kernelPackages.kernel.features features;
});
# We don't want to evaluate all of linuxPackages for the manual
# - some of it might not even evaluate correctly.
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-06 16:13:37 +0000