dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

nixos/services.fwupd: remove with lib;

Browse Source
This commit is contained in:
Felix Buehler 2024-08-27 20:43:17 +02:00
parent 6c707fe30f
commit 8ebc06069d
1 changed files with 33 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
nixos/modules/services/hardware/fwupd.nix
View File

@ -1,15 +1,11 @@
# fwupd daemon.
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.fwupd;
format = pkgs.formats.ini {
listToValue = l: lib.concatStringsSep ";" (map (s: generators.mkValueStringDefault {} s) l);
mkKeyValue = generators.mkKeyValueDefault {} "=";
listToValue = l: lib.concatStringsSep ";" (map (s: lib.generators.mkValueStringDefault {} s) l);
mkKeyValue = lib.generators.mkKeyValueDefault {} "=";
};
customEtc = {
@ -26,13 +22,13 @@ let
originalEtc =
let
mkEtcFile = n: nameValuePair n { source = "${cfg.package}/etc/${n}"; };
in listToAttrs (map mkEtcFile cfg.package.filesInstalledToEtc);
mkEtcFile = n: lib.nameValuePair n { source = "${cfg.package}/etc/${n}"; };
in lib.listToAttrs (map mkEtcFile cfg.package.filesInstalledToEtc);
extraTrustedKeys =
let
mkName = p: "pki/fwupd/${baseNameOf (toString p)}";
mkEtcFile = p: nameValuePair (mkName p) { source = p; };
in listToAttrs (map mkEtcFile cfg.extraTrustedKeys);
mkEtcFile = p: lib.nameValuePair (mkName p) { source = p; };
in lib.listToAttrs (map mkEtcFile cfg.extraTrustedKeys);
enableRemote = base: remote: {
"fwupd/remotes.d/${remote}.conf" = {
@ -42,7 +38,7 @@ let
'';
};
};
remotes = (foldl'
remotes = (lib.foldl'
(configFiles: remote: configFiles // (enableRemote cfg.package remote))
{}
cfg.extraRemotes
@ -61,8 +57,8 @@ in {
###### interface
options = {
services.fwupd = {
enable = mkOption {
type = types.bool;
enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Whether to enable fwupd, a DBus service that allows
@ -70,17 +66,17 @@ in {
'';
};
extraTrustedKeys = mkOption {
type = types.listOf types.path;
extraTrustedKeys = lib.mkOption {
type = lib.types.listOf lib.types.path;
default = [];
example = literalExpression "[ /etc/nixos/fwupd/myfirmware.pem ]";
example = lib.literalExpression "[ /etc/nixos/fwupd/myfirmware.pem ]";
description = ''
Installing a public key allows firmware signed with a matching private key to be recognized as trusted, which may require less authentication to install than for untrusted files. By default trusted firmware can be upgraded (but not downgraded) without the user or administrator password. Only very few keys are installed by default.
'';
};
extraRemotes = mkOption {
type = with types; listOf str;
extraRemotes = lib.mkOption {
type = with lib.types; listOf str;
default = [];
example = [ "lvfs-testing" ];
description = ''
@ -88,14 +84,14 @@ in {
'';
};
package = mkPackageOption pkgs "fwupd" { };
package = lib.mkPackageOption pkgs "fwupd" { };
daemonSettings = mkOption {
type = types.submodule {
daemonSettings = lib.mkOption {
type = lib.types.submodule {
freeformType = format.type.nestedTypes.elemType;
options = {
DisabledDevices = mkOption {
type = types.listOf types.str;
DisabledDevices = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [];
example = [ "2082b5e0-7a64-478a-b1b2-e3404fab6dad" ];
description = ''
@ -103,8 +99,8 @@ in {
'';
};
DisabledPlugins = mkOption {
type = types.listOf types.str;
DisabledPlugins = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [];
example = [ "udev" ];
description = ''
@ -112,8 +108,8 @@ in {
'';
};
EspLocation = mkOption {
type = types.path;
EspLocation = lib.mkOption {
type = lib.types.path;
default = config.boot.loader.efi.efiSysMountPoint;
defaultText = lib.literalExpression "config.boot.loader.efi.efiSysMountPoint";
description = ''
@ -122,9 +118,9 @@ in {
'';
};
TestDevices = mkOption {
TestDevices = lib.mkOption {
internal = true;
type = types.bool;
type = lib.types.bool;
default = false;
description = ''
Create virtual test devices and remote for validating daemon flows.
@ -139,8 +135,8 @@ in {
'';
};
uefiCapsuleSettings = mkOption {
type = types.submodule {
uefiCapsuleSettings = lib.mkOption {
type = lib.types.submodule {
freeformType = format.type.nestedTypes.elemType;
};
default = {};
@ -152,15 +148,15 @@ in {
};
imports = [
(mkRenamedOptionModule [ "services" "fwupd" "blacklistDevices"] [ "services" "fwupd" "daemonSettings" "DisabledDevices" ])
(mkRenamedOptionModule [ "services" "fwupd" "blacklistPlugins"] [ "services" "fwupd" "daemonSettings" "DisabledPlugins" ])
(mkRenamedOptionModule [ "services" "fwupd" "disabledDevices" ] [ "services" "fwupd" "daemonSettings" "DisabledDevices" ])
(mkRenamedOptionModule [ "services" "fwupd" "disabledPlugins" ] [ "services" "fwupd" "daemonSettings" "DisabledPlugins" ])
(mkRemovedOptionModule [ "services" "fwupd" "enableTestRemote" ] "This option was removed after being removed upstream. It only provided a method for testing fwupd functionality, and should not have been exposed for use outside of nix tests.")
(lib.mkRenamedOptionModule [ "services" "fwupd" "blacklistDevices"] [ "services" "fwupd" "daemonSettings" "DisabledDevices" ])
(lib.mkRenamedOptionModule [ "services" "fwupd" "blacklistPlugins"] [ "services" "fwupd" "daemonSettings" "DisabledPlugins" ])
(lib.mkRenamedOptionModule [ "services" "fwupd" "disabledDevices" ] [ "services" "fwupd" "daemonSettings" "DisabledDevices" ])
(lib.mkRenamedOptionModule [ "services" "fwupd" "disabledPlugins" ] [ "services" "fwupd" "daemonSettings" "DisabledPlugins" ])
(lib.mkRemovedOptionModule [ "services" "fwupd" "enableTestRemote" ] "This option was removed after being removed upstream. It only provided a method for testing fwupd functionality, and should not have been exposed for use outside of nix tests.")
];
###### implementation
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
# Disable test related plug-ins implicitly so that users do not have to care about them.
services.fwupd.daemonSettings = {
EspLocation = config.boot.loader.efi.efiSysMountPoint;