dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

treewide/nixos: remove with lib; part 3 (#335623)

Browse Source
This commit is contained in:
Philip Taron 2024-11-29 10:10:53 -08:00 committed by GitHub
commit a403221cb8
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
130 changed files with 2019 additions and 2387 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
nixos/modules/i18n/input-method/hime.nix
View File

@ -1,12 +1,9 @@
{ config, pkgs, lib, ... }:
with lib;
let
imcfg = config.i18n.inputMethod;
in
{
config = mkIf (imcfg.enable && imcfg.type == "hime") {
config = lib.mkIf (imcfg.enable && imcfg.type == "hime") {
i18n.inputMethod.package = pkgs.hime;
environment.variables = {
GTK_IM_MODULE = "hime";

31
nixos/modules/i18n/input-method/ibus.nix
View File

@ -1,7 +1,4 @@
{ config, pkgs, lib, ... }:
with lib;
let
imcfg = config.i18n.inputMethod;
cfg = imcfg.ibus;
@ -9,10 +6,10 @@ let
ibusEngine = lib.types.mkOptionType {
name = "ibus-engine";
inherit (lib.types.package) descriptionClass merge;
check = x: (lib.types.package.check x) && (attrByPath ["meta" "isIbusEngine"] false x);
check = x: (lib.types.package.check x) && (lib.attrByPath ["meta" "isIbusEngine"] false x);
};
impanel = optionalString (cfg.panel != null) "--panel=${cfg.panel}";
impanel = lib.optionalString (cfg.panel != null) "--panel=${cfg.panel}";
ibusAutostart = pkgs.writeTextFile {
name = "autostart-ibus-daemon";
@ -29,32 +26,32 @@ let
in
{
imports = [
(mkRenamedOptionModule [ "programs" "ibus" "plugins" ] [ "i18n" "inputMethod" "ibus" "engines" ])
(lib.mkRenamedOptionModule [ "programs" "ibus" "plugins" ] [ "i18n" "inputMethod" "ibus" "engines" ])
];
options = {
i18n.inputMethod.ibus = {
engines = mkOption {
type = with types; listOf ibusEngine;
engines = lib.mkOption {
type = with lib.types; listOf ibusEngine;
default = [];
example = literalExpression "with pkgs.ibus-engines; [ mozc hangul ]";
example = lib.literalExpression "with pkgs.ibus-engines; [ mozc hangul ]";
description =
let
enginesDrv = filterAttrs (const isDerivation) pkgs.ibus-engines;
engines = concatStringsSep ", "
(map (name: "`${name}`") (attrNames enginesDrv));
enginesDrv = lib.filterAttrs (lib.const lib.isDerivation) pkgs.ibus-engines;
engines = lib.concatStringsSep ", "
(map (name: "`${name}`") (lib.attrNames enginesDrv));
in "Enabled IBus engines. Available engines are: ${engines}.";
};
panel = mkOption {
type = with types; nullOr path;
panel = lib.mkOption {
type = with lib.types; nullOr path;
default = null;
example = literalExpression ''"''${pkgs.plasma5Packages.plasma-desktop}/libexec/kimpanel-ibus-panel"'';
example = lib.literalExpression ''"''${pkgs.plasma5Packages.plasma-desktop}/libexec/kimpanel-ibus-panel"'';
description = "Replace the IBus panel with another panel.";
};
};
};
config = mkIf (imcfg.enable && imcfg.type == "ibus") {
config = lib.mkIf (imcfg.enable && imcfg.type == "ibus") {
i18n.inputMethod.package = ibusPackage;
environment.systemPackages = [
@ -76,7 +73,7 @@ in
XMODIFIERS = "@im=ibus";
};
xdg.portal.extraPortals = mkIf config.xdg.portal.enable [
xdg.portal.extraPortals = lib.mkIf config.xdg.portal.enable [
ibusPackage
];
};

4
nixos/modules/i18n/input-method/nabi.nix
View File

@ -1,11 +1,9 @@
{ config, pkgs, lib, ... }:
with lib;
let
imcfg = config.i18n.inputMethod;
in
{
config = mkIf (imcfg.enable && imcfg.type == "nabi") {
config = lib.mkIf (imcfg.enable && imcfg.type == "nabi") {
i18n.inputMethod.package = pkgs.nabi;
environment.variables = {

9
nixos/modules/i18n/input-method/uim.nix
View File

@ -1,7 +1,4 @@
{ config, pkgs, lib, ... }:
with lib;
let
imcfg = config.i18n.inputMethod;
cfg = imcfg.uim;
@ -10,8 +7,8 @@ in
options = {
i18n.inputMethod.uim = {
toolbar = mkOption {
type = types.enum [ "gtk" "gtk3" "gtk-systray" "gtk3-systray" "qt5" ];
toolbar = lib.mkOption {
type = lib.types.enum [ "gtk" "gtk3" "gtk-systray" "gtk3-systray" "qt5" ];
default = "gtk";
example = "gtk-systray";
description = ''
@ -22,7 +19,7 @@ in
};
config = mkIf (imcfg.enable && imcfg.type == "uim") {
config = lib.mkIf (imcfg.enable && imcfg.type == "uim") {
i18n.inputMethod.package = pkgs.uim;
environment.variables = {

11
nixos/modules/misc/assertions.nix
View File

@ -1,13 +1,10 @@
{ lib, ... }:
with lib;
{
options = {
assertions = mkOption {
type = types.listOf types.unspecified;
assertions = lib.mkOption {
type = lib.types.listOf lib.types.unspecified;
internal = true;
default = [];
example = [ { assertion = false; message = "you can't enable this for that reason"; } ];
@ -18,10 +15,10 @@ with lib;
'';
};
warnings = mkOption {
warnings = lib.mkOption {
internal = true;
default = [];
type = types.listOf types.str;
type = lib.types.listOf lib.types.str;
example = [ "The `foo' service is deprecated and will go away soon!" ];
description = ''
This option allows modules to show warnings to users during

19
nixos/modules/misc/crashdump.nix
View File

@ -1,11 +1,8 @@
{ config, lib, pkgs, ... }:
with lib;
let
crashdump = config.boot.crashDump;
kernelParams = concatStringsSep " " crashdump.kernelParams;
kernelParams = lib.concatStringsSep " " crashdump.kernelParams;
in
###### interface
@ -13,8 +10,8 @@ in
options = {
boot = {
crashDump = {
enable = mkOption {
type = types.bool;
enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
If enabled, NixOS will set up a kernel that will
@ -24,17 +21,17 @@ in
It also activates the NMI watchdog.
'';
};
reservedMemory = mkOption {
reservedMemory = lib.mkOption {
default = "128M";
type = types.str;
type = lib.types.str;
description = ''
The amount of memory reserved for the crashdump kernel.
If you choose a too high value, dmesg will mention
"crashkernel reservation failed".
'';
};
kernelParams = mkOption {
type = types.listOf types.str;
kernelParams = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ "1" "boot.shell_on_fail" ];
description = ''
Parameters that will be passed to the kernel kexec-ed on crash.
@ -46,7 +43,7 @@ in
###### implementation
config = mkIf crashdump.enable {
config = lib.mkIf crashdump.enable {
boot = {
postBootCommands = ''
echo "loading crashdump kernel...";

17
nixos/modules/misc/label.nix
View File

@ -1,7 +1,4 @@
{ config, lib, ... }:
with lib;
let
cfg = config.system.nixos;
in
@ -10,8 +7,8 @@ in
options.system = {
nixos.label = mkOption {
type = types.strMatching "[a-zA-Z0-9:_\\.-]*";
nixos.label = lib.mkOption {
type = lib.types.strMatching "[a-zA-Z0-9:_\\.-]*";
description = ''
NixOS version name to be used in the names of generated
outputs and boot labels.
@ -43,8 +40,8 @@ in
'';
};
nixos.tags = mkOption {
type = types.listOf types.str;
nixos.tags = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [];
example = [ "with-xen" ];
description = ''
@ -68,9 +65,9 @@ in
config = {
# This is set here rather than up there so that changing it would
# not rebuild the manual
system.nixos.label = mkDefault (maybeEnv "NIXOS_LABEL"
(concatStringsSep "-" ((sort (x: y: x < y) cfg.tags)
++ [ (maybeEnv "NIXOS_LABEL_VERSION" cfg.version) ])));
system.nixos.label = lib.mkDefault (lib.maybeEnv "NIXOS_LABEL"
(lib.concatStringsSep "-" ((lib.sort (x: y: x < y) cfg.tags)
++ [ (lib.maybeEnv "NIXOS_LABEL_VERSION" cfg.version) ])));
};
}

29
nixos/modules/misc/meta.nix
View File

@ -1,28 +1,25 @@
{ lib, ... }:
with lib;
let
maintainer = mkOptionType {
maintainer = lib.mkOptionType {
name = "maintainer";
check = email: elem email (attrValues lib.maintainers);
merge = loc: defs: listToAttrs (singleton (nameValuePair (last defs).file (last defs).value));
check = email: lib.elem email (lib.attrValues lib.maintainers);
merge = loc: defs: lib.listToAttrs (lib.singleton (lib.nameValuePair (lib.last defs).file (lib.last defs).value));
};
listOfMaintainers = types.listOf maintainer // {
listOfMaintainers = lib.types.listOf maintainer // {
# Returns list of
# { "module-file" = [
# "maintainer1 <first@nixos.org>"
# "maintainer2 <second@nixos.org>" ];
# }
merge = loc: defs:
zipAttrs
(flatten (imap1 (n: def: imap1 (m: def':
lib.zipAttrs
(lib.flatten (lib.imap1 (n: def: lib.imap1 (m: def':
maintainer.merge (loc ++ ["[${toString n}-${toString m}]"])
[{ inherit (def) file; value = def'; }]) def.value) defs));
};
docFile = types.path // {
docFile = lib.types.path // {
# Returns tuples of
# { file = "module location"; value = <path/to/doc.xml>; }
merge = loc: defs: defs;
@ -33,18 +30,18 @@ in
options = {
meta = {
maintainers = mkOption {
maintainers = lib.mkOption {
type = listOfMaintainers;
internal = true;
default = [];
example = literalExpression ''[ lib.maintainers.all ]'';
example = lib.literalExpression ''[ lib.maintainers.all ]'';
description = ''
List of maintainers of each module. This option should be defined at
most once per module.
'';
};
doc = mkOption {
doc = lib.mkOption {
type = docFile;
internal = true;
example = "./meta.chapter.md";
@ -54,8 +51,8 @@ in
'';
};
buildDocsInSandbox = mkOption {
type = types.bool // {
buildDocsInSandbox = lib.mkOption {
type = lib.types.bool // {
merge = loc: defs: defs;
};
internal = true;
@ -72,5 +69,5 @@ in
};
};
meta.maintainers = singleton lib.maintainers.pierron;
meta.maintainers = lib.singleton lib.maintainers.pierron;
}

15
nixos/modules/programs/fcast-receiver.nix
View File

@ -1,7 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.programs.fcast-receiver;
in
@ -11,20 +8,20 @@ in
};
options.programs.fcast-receiver = {
enable = mkEnableOption "FCast Receiver";
openFirewall = mkOption {
type = types.bool;
enable = lib.mkEnableOption "FCast Receiver";
openFirewall = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Open ports needed for the functionality of the program.
'';
};
package = mkPackageOption pkgs "fcast-receiver" { };
package = lib.mkPackageOption pkgs "fcast-receiver" { };
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
environment.systemPackages = [ cfg.package ];
networking.firewall = mkIf cfg.openFirewall {
networking.firewall = lib.mkIf cfg.openFirewall {
allowedTCPPorts = [ 46899 ];
};
};

49
nixos/modules/security/apparmor.nix
View File

@ -1,30 +1,27 @@
{ config, lib, pkgs, ... }:
with lib;
let
inherit (builtins) attrNames head map match readFile;
inherit (lib) types;
inherit (config.environment) etc;
cfg = config.security.apparmor;
mkDisableOption = name: mkEnableOption name // {
mkDisableOption = name: lib.mkEnableOption name // {
default = true;
example = false;
};
enabledPolicies = filterAttrs (n: p: p.enable) cfg.policies;
enabledPolicies = lib.filterAttrs (n: p: p.enable) cfg.policies;
in
{
imports = [
(mkRemovedOptionModule [ "security" "apparmor" "confineSUIDApplications" ] "Please use the new options: `security.apparmor.policies.<policy>.enable'.")
(mkRemovedOptionModule [ "security" "apparmor" "profiles" ] "Please use the new option: `security.apparmor.policies'.")
(lib.mkRemovedOptionModule [ "security" "apparmor" "confineSUIDApplications" ] "Please use the new options: `security.apparmor.policies.<policy>.enable'.")
(lib.mkRemovedOptionModule [ "security" "apparmor" "profiles" ] "Please use the new option: `security.apparmor.policies'.")
apparmor/includes.nix
apparmor/profiles.nix
];
options = {
security.apparmor = {
enable = mkEnableOption ''
enable = lib.mkEnableOption ''
the AppArmor Mandatory Access Control system.
If you're enabling this module on a running system,
@ -41,7 +38,7 @@ in
Enable [](#opt-security.apparmor.killUnconfinedConfinables)
if you want this service to do such killing
by sending a `SIGTERM` to those running processes'';
policies = mkOption {
policies = lib.mkOption {
description = ''
AppArmor policies.
'';
@ -49,7 +46,7 @@ in
options = {
enable = mkDisableOption "loading of the profile into the kernel";
enforce = mkDisableOption "enforcing of the policy or only complain in the logs";
profile = mkOption {
profile = lib.mkOption {
description = "The policy of the profile.";
type = types.lines;
apply = pkgs.writeText name;
@ -58,28 +55,28 @@ in
}));
default = {};
};
includes = mkOption {
includes = lib.mkOption {
type = types.attrsOf types.lines;
default = {};
description = ''
List of paths to be added to AppArmor's searched paths
when resolving `include` directives.
'';
apply = mapAttrs pkgs.writeText;
apply = lib.mapAttrs pkgs.writeText;
};
packages = mkOption {
packages = lib.mkOption {
type = types.listOf types.package;
default = [];
description = "List of packages to be added to AppArmor's include path";
};
enableCache = mkEnableOption ''
enableCache = lib.mkEnableOption ''
caching of AppArmor policies
in `/var/cache/apparmor/`.
Beware that AppArmor policies almost always contain Nix store paths,
and thus produce at each change of these paths
a new cached version accumulating in the cache'';
killUnconfinedConfinables = mkEnableOption ''
killUnconfinedConfinables = lib.mkEnableOption ''
killing of processes which have an AppArmor profile enabled
(in [](#opt-security.apparmor.policies))
but are not confined (because AppArmor can only confine new processes).
@ -92,7 +89,7 @@ in
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
assertions = map (policy:
{ assertion = match ".*/.*" policy == null;
message = "`security.apparmor.policies.\"${policy}\"' must not contain a slash.";
@ -108,15 +105,15 @@ in
environment.etc."apparmor.d".source = pkgs.linkFarm "apparmor.d" (
# It's important to put only enabledPolicies here and not all cfg.policies
# because aa-remove-unknown reads profiles from all /etc/apparmor.d/*
mapAttrsToList (name: p: { inherit name; path = p.profile; }) enabledPolicies ++
mapAttrsToList (name: path: { inherit name path; }) cfg.includes
lib.mapAttrsToList (name: p: { inherit name; path = p.profile; }) enabledPolicies ++
lib.mapAttrsToList (name: path: { inherit name path; }) cfg.includes
);
environment.etc."apparmor/parser.conf".text = ''
${if cfg.enableCache then "write-cache" else "skip-cache"}
cache-loc /var/cache/apparmor
Include /etc/apparmor.d
'' +
concatMapStrings (p: "Include ${p}/etc/apparmor.d\n") cfg.packages;
lib.concatMapStrings (p: "Include ${p}/etc/apparmor.d\n") cfg.packages;
# For aa-logprof
environment.etc."apparmor/apparmor.conf".text = ''
'';
@ -142,7 +139,7 @@ in
# 3 - force all perms on the rule to be user
default_owner_prompt = 1
custom_includes = /etc/apparmor.d ${concatMapStringsSep " " (p: "${p}/etc/apparmor.d") cfg.packages}
custom_includes = /etc/apparmor.d ${lib.concatMapStringsSep " " (p: "${p}/etc/apparmor.d") cfg.packages}
[qualifiers]
${pkgs.runtimeShell} = icnu
@ -187,17 +184,17 @@ in
xargs --verbose --no-run-if-empty --delimiter='\n' \
kill
'';
commonOpts = p: "--verbose --show-cache ${optionalString (!p.enforce) "--complain "}${p.profile}";
commonOpts = p: "--verbose --show-cache ${lib.optionalString (!p.enforce) "--complain "}${p.profile}";
in {
Type = "oneshot";
RemainAfterExit = "yes";
ExecStartPre = "${pkgs.apparmor-utils}/bin/aa-teardown";
ExecStart = mapAttrsToList (n: p: "${pkgs.apparmor-parser}/bin/apparmor_parser --add ${commonOpts p}") enabledPolicies;
ExecStartPost = optional cfg.killUnconfinedConfinables killUnconfinedConfinables;
ExecStart = lib.mapAttrsToList (n: p: "${pkgs.apparmor-parser}/bin/apparmor_parser --add ${commonOpts p}") enabledPolicies;
ExecStartPost = lib.optional cfg.killUnconfinedConfinables killUnconfinedConfinables;
ExecReload =
# Add or replace into the kernel profiles in enabledPolicies
# (because AppArmor can do that without stopping the processes already confined).
mapAttrsToList (n: p: "${pkgs.apparmor-parser}/bin/apparmor_parser --replace ${commonOpts p}") enabledPolicies ++
lib.mapAttrsToList (n: p: "${pkgs.apparmor-parser}/bin/apparmor_parser --replace ${commonOpts p}") enabledPolicies ++
# Remove from the kernel any profile whose name is not
# one of the names within the content of the profiles in enabledPolicies
# (indirectly read from /etc/apparmor.d/*, without recursing into sub-directory).
@ -205,7 +202,7 @@ in
[ "${pkgs.apparmor-utils}/bin/aa-remove-unknown" ] ++
# Optionally kill the processes which are unconfined but now have a profile loaded
# (because AppArmor can only start to confine new processes).
optional cfg.killUnconfinedConfinables killUnconfinedConfinables;
lib.optional cfg.killUnconfinedConfinables killUnconfinedConfinables;
ExecStop = "${pkgs.apparmor-utils}/bin/aa-teardown";
CacheDirectory = [ "apparmor" "apparmor/logprof" ];
CacheDirectoryMode = "0700";
@ -213,5 +210,5 @@ in
};
};
meta.maintainers = with maintainers; [ julm ];
meta.maintainers = with lib.maintainers; [ julm ];
}

25
nixos/modules/security/audit.nix
View File

@ -1,7 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.security.audit;
enabled = cfg.enable == "lock" || cfg.enable;
@ -29,7 +26,7 @@ let
# Put the rules in a temporary file owned and only readable by root
rulesfile="$(mktemp)"
${concatMapStrings (x: "echo '${x}' >> $rulesfile\n") cfg.rules}
${lib.concatMapStrings (x: "echo '${x}' >> $rulesfile\n") cfg.rules}
# Apply the requested rules
auditctl -R "$rulesfile"
@ -53,8 +50,8 @@ let
in {
options = {
security.audit = {
enable = mkOption {
type = types.enum [ false true "lock" ];
enable = lib.mkOption {
type = lib.types.enum [ false true "lock" ];
default = false;
description = ''
Whether to enable the Linux audit system. The special `lock` value can be used to
@ -64,14 +61,14 @@ in {
'';
};
failureMode = mkOption {
type = types.enum [ "silent" "printk" "panic" ];
failureMode = lib.mkOption {
type = lib.types.enum [ "silent" "printk" "panic" ];
default = "printk";
description = "How to handle critical errors in the auditing system";
};
backlogLimit = mkOption {
type = types.int;
backlogLimit = lib.mkOption {
type = lib.types.int;
default = 64; # Apparently the kernel default
description = ''
The maximum number of outstanding audit buffers allowed; exceeding this is
@ -79,8 +76,8 @@ in {
'';
};
rateLimit = mkOption {
type = types.int;
rateLimit = lib.mkOption {
type = lib.types.int;
default = 0;
description = ''
The maximum messages per second permitted before triggering a failure as
@ -88,8 +85,8 @@ in {
'';
};
rules = mkOption {
type = types.listOf types.str; # (types.either types.str (types.submodule rule));
rules = lib.mkOption {
type = lib.types.listOf lib.types.str; # (types.either types.str (types.submodule rule));
default = [];
example = [ "-a exit,always -F arch=b64 -S execve" ];
description = ''

17
nixos/modules/security/please.nix
View File

@ -1,22 +1,19 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.security.please;
ini = pkgs.formats.ini { };
in
{
options.security.please = {
enable = mkEnableOption ''
enable = lib.mkEnableOption ''
please, a Sudo clone which allows a users to execute a command or edit a
file as another user
'';
package = mkPackageOption pkgs "please" { };
package = lib.mkPackageOption pkgs "please" { };
wheelNeedsPassword = mkOption {
type = types.bool;
wheelNeedsPassword = lib.mkOption {
type = lib.types.bool;
default = true;
description = ''
Whether users of the `wheel` group must provide a password to run
@ -25,7 +22,7 @@ in
'';
};
settings = mkOption {
settings = lib.mkOption {
type = ini.type;
default = { };
example = {
@ -53,7 +50,7 @@ in
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
security.wrappers =
let
owner = "root";
@ -110,6 +107,6 @@ in
usshAuth = true;
};
meta.maintainers = with maintainers; [ azahi ];
meta.maintainers = with lib.maintainers; [ azahi ];
};
}

31
nixos/modules/services/admin/oxidized.nix
View File

@ -1,39 +1,36 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.oxidized;
in
{
options.services.oxidized = {
enable = mkEnableOption "the oxidized configuration backup service";
enable = lib.mkEnableOption "the oxidized configuration backup service";
user = mkOption {
type = types.str;
user = lib.mkOption {
type = lib.types.str;
default = "oxidized";
description = ''
User under which the oxidized service runs.
'';
};
group = mkOption {
type = types.str;
group = lib.mkOption {
type = lib.types.str;
default = "oxidized";
description = ''
Group under which the oxidized service runs.
'';
};
dataDir = mkOption {
type = types.path;
dataDir = lib.mkOption {
type = lib.types.path;
default = "/var/lib/oxidized";
description = "State directory for the oxidized service.";
};
configFile = mkOption {
type = types.path;
example = literalExpression ''
configFile = lib.mkOption {
type = lib.types.path;
example = lib.literalExpression ''
pkgs.writeText "oxidized-config.yml" '''
---
debug: true
@ -67,9 +64,9 @@ in
'';
};
routerDB = mkOption {
type = types.path;
example = literalExpression ''
routerDB = lib.mkOption {
type = lib.types.path;
example = lib.literalExpression ''
pkgs.writeText "oxidized-router.db" '''
hostname-sw1:powerconnect:username1:password2
hostname-sw2:procurve:username2:password2
@ -82,7 +79,7 @@ in
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
users.groups.${cfg.group} = { };
users.users.${cfg.user} = {
description = "Oxidized service user";

11
nixos/modules/services/admin/salt/minion.nix
View File

@ -1,7 +1,4 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.salt.minion;
@ -21,9 +18,9 @@ in
{
options = {
services.salt.minion = {
enable = mkEnableOption "Salt configuration management system minion service";
configuration = mkOption {
type = types.attrs;
enable = lib.mkEnableOption "Salt configuration management system minion service";
configuration = lib.mkOption {
type = lib.types.attrs;
default = {};
description = ''
Salt minion configuration as Nix attribute set.
@ -34,7 +31,7 @@ in
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
environment = {
# Set this up in /etc/salt/minion so `salt-call`, etc. work.
# The alternatives are

50
nixos/modules/services/amqp/activemq/default.nix
View File

@ -1,18 +1,14 @@
{ config, lib, pkgs, ... }:
with pkgs;
with lib;
let
cfg = config.services.activemq;
activemqBroker = runCommand "activemq-broker"
activemqBroker = pkgs.runCommand "activemq-broker"
{
nativeBuildInputs = [ jdk ];
nativeBuildInputs = [ pkgs.jdk ];
} ''
mkdir -p $out/lib
source ${activemq}/lib/classpath.env
source ${pkgs.activemq}/lib/classpath.env
export CLASSPATH
ln -s "${./ActiveMQBroker.java}" ActiveMQBroker.java
javac -d $out/lib ActiveMQBroker.java
@ -23,25 +19,25 @@ in
options = {
services.activemq = {
enable = mkOption {
type = types.bool;
enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Enable the Apache ActiveMQ message broker service.
'';
};
configurationDir = mkOption {
default = "${activemq}/conf";
defaultText = literalExpression ''"''${pkgs.activemq}/conf"'';
type = types.str;
configurationDir = lib.mkOption {
default = "${pkgs.activemq}/conf";
defaultText = lib.literalExpression ''"''${pkgs.activemq}/conf"'';
type = lib.types.str;
description = ''
The base directory for ActiveMQ's configuration.
By default, this directory is searched for a file named activemq.xml,
which should contain the configuration for the broker service.
'';
};
configurationURI = mkOption {
type = types.str;
configurationURI = lib.mkOption {
type = lib.types.str;
default = "xbean:activemq.xml";
description = ''
The URI that is passed along to the BrokerFactory to
@ -51,8 +47,8 @@ in
an activemq.xml configuration file in it.
'';
};
baseDir = mkOption {
type = types.str;
baseDir = lib.mkOption {
type = lib.types.str;
default = "/var/activemq";
description = ''
The base directory where ActiveMQ stores its persistent data and logs.
@ -61,10 +57,10 @@ in
this in activemq.xml.
'';
};
javaProperties = mkOption {
type = types.attrs;
javaProperties = lib.mkOption {
type = lib.types.attrs;
default = { };
example = literalExpression ''
example = lib.literalExpression ''
{
"java.net.preferIPv4Stack" = "true";
}
@ -73,7 +69,7 @@ in
"activemq.base" = "${cfg.baseDir}";
"activemq.data" = "${cfg.baseDir}/data";
"activemq.conf" = "${cfg.configurationDir}";
"activemq.home" = "${activemq}";
"activemq.home" = "${pkgs.activemq}";
} // attrs;
description = ''
Specifies Java properties that are sent to the ActiveMQ
@ -83,8 +79,8 @@ in
given reasonable defaults.
'';
};
extraJavaOptions = mkOption {
type = types.separatedString " ";
extraJavaOptions = lib.mkOption {
type = lib.types.separatedString " ";
default = "";
example = "-Xmx2G -Xms2G -XX:MaxPermSize=512M";
description = ''
@ -95,7 +91,7 @@ in
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
users.users.activemq = {
description = "ActiveMQ server user";
group = "activemq";
@ -118,13 +114,13 @@ in
systemd.services.activemq = {
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
path = [ jre ];
path = [ pkgs.jre ];
serviceConfig.User = "activemq";
script = ''
source ${activemq}/lib/classpath.env
source ${pkgs.activemq}/lib/classpath.env
export CLASSPATH=${activemqBroker}/lib:${cfg.configurationDir}:$CLASSPATH
exec java \
${concatStringsSep " \\\n" (mapAttrsToList (name: value: "-D${name}=${value}") cfg.javaProperties)} \
${lib.concatStringsSep " \\\n" (lib.mapAttrsToList (name: value: "-D${name}=${value}") cfg.javaProperties)} \
${cfg.extraJavaOptions} ActiveMQBroker "${cfg.configurationURI}"
'';
};

21
nixos/modules/services/audio/botamusique.nix
View File

@ -1,7 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.botamusique;
@ -12,34 +9,34 @@ in
meta.maintainers = with lib.maintainers; [ hexa ];
options.services.botamusique = {
enable = mkEnableOption "botamusique, a bot to play audio streams on mumble";
enable = lib.mkEnableOption "botamusique, a bot to play audio streams on mumble";
package = mkPackageOption pkgs "botamusique" { };
package = lib.mkPackageOption pkgs "botamusique" { };
settings = mkOption {
type = with types; submodule {
settings = lib.mkOption {
type = with lib.types; submodule {
freeformType = format.type;
options = {
server.host = mkOption {
server.host = lib.mkOption {
type = types.str;
default = "localhost";
example = "mumble.example.com";
description = "Hostname of the mumble server to connect to.";
};
server.port = mkOption {
server.port = lib.mkOption {
type = types.port;
default = 64738;
description = "Port of the mumble server to connect to.";
};
bot.username = mkOption {
bot.username = lib.mkOption {
type = types.str;
default = "botamusique";
description = "Name the bot should appear with.";
};
bot.comment = mkOption {
bot.comment = lib.mkOption {
type = types.str;
default = "Hi, I'm here to play radio, local music or youtube/soundcloud music. Have fun!";
description = "Comment displayed for the bot.";
@ -54,7 +51,7 @@ in
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.services.botamusique = {
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];

45
nixos/modules/services/audio/gmediarender.nix
View File

@ -1,58 +1,55 @@
{ pkgs, lib, config, utils, ... }:
with lib;
let
cfg = config.services.gmediarender;
in
{
options.services.gmediarender = {
enable = mkEnableOption "the gmediarender DLNA renderer";
enable = lib.mkEnableOption "the gmediarender DLNA renderer";
audioDevice = mkOption {
type = types.nullOr types.str;
audioDevice = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
description = ''
The audio device to use.
'';
};
audioSink = mkOption {
type = types.nullOr types.str;
audioSink = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
description = ''
The audio sink to use.
'';
};
friendlyName = mkOption {
type = types.nullOr types.str;
friendlyName = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
description = ''
A "friendly name" for identifying the endpoint.
'';
};
initialVolume = mkOption {
type = types.nullOr types.int;
initialVolume = lib.mkOption {
type = lib.types.nullOr lib.types.int;
default = 0;
description = ''
A default volume attenuation (in dB) for the endpoint.
'';
};
package = mkPackageOption pkgs "gmediarender" {
package = lib.mkPackageOption pkgs "gmediarender" {
default = "gmrender-resurrect";
};
port = mkOption {
type = types.nullOr types.port;
port = lib.mkOption {
type = lib.types.nullOr lib.types.port;
default = null;
description = "Port that will be used to accept client connections.";
};
uuid = mkOption {
type = types.nullOr types.str;
uuid = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
description = ''
A UUID for uniquely identifying the endpoint. If you have
@ -61,7 +58,7 @@ in
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd = {
services.gmediarender = {
wants = [ "network-online.target" ];
@ -78,12 +75,12 @@ in
SupplementaryGroups = [ "audio" ];
ExecStart =
"${cfg.package}/bin/gmediarender " +
optionalString (cfg.audioDevice != null) ("--gstout-audiodevice=${utils.escapeSystemdExecArg cfg.audioDevice} ") +
optionalString (cfg.audioSink != null) ("--gstout-audiosink=${utils.escapeSystemdExecArg cfg.audioSink} ") +
optionalString (cfg.friendlyName != null) ("--friendly-name=${utils.escapeSystemdExecArg cfg.friendlyName} ") +
optionalString (cfg.initialVolume != 0) ("--initial-volume=${toString cfg.initialVolume} ") +
optionalString (cfg.port != null) ("--port=${toString cfg.port} ") +
optionalString (cfg.uuid != null) ("--uuid=${utils.escapeSystemdExecArg cfg.uuid} ");
lib.optionalString (cfg.audioDevice != null) ("--gstout-audiodevice=${utils.escapeSystemdExecArg cfg.audioDevice} ") +
lib.optionalString (cfg.audioSink != null) ("--gstout-audiosink=${utils.escapeSystemdExecArg cfg.audioSink} ") +
lib.optionalString (cfg.friendlyName != null) ("--friendly-name=${utils.escapeSystemdExecArg cfg.friendlyName} ") +
lib.optionalString (cfg.initialVolume != 0) ("--initial-volume=${toString cfg.initialVolume} ") +
lib.optionalString (cfg.port != null) ("--port=${toString cfg.port} ") +
lib.optionalString (cfg.uuid != null) ("--uuid=${utils.escapeSystemdExecArg cfg.uuid} ");
Restart = "always";
RuntimeDirectory = "gmediarender";

15
nixos/modules/services/audio/gonic.nix
View File

@ -1,7 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.gonic;
settingsFormat = pkgs.formats.keyValue {
@ -13,11 +10,11 @@ in
options = {
services.gonic = {
enable = mkEnableOption "Gonic music server";
enable = lib.mkEnableOption "Gonic music server";
settings = mkOption rec {
settings = lib.mkOption rec {
type = settingsFormat.type;
apply = recursiveUpdate default;
apply = lib.recursiveUpdate default;
default = {
listen-addr = "127.0.0.1:4747";
cache-path = "/var/cache/gonic";
@ -36,7 +33,7 @@ in
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.services.gonic = {
description = "Gonic Media Server";
after = [ "network.target" ];
@ -45,7 +42,7 @@ in
ExecStart =
let
# these values are null by default but should not appear in the final config
filteredSettings = filterAttrs (n: v: !((n == "tls-cert" || n == "tls-key") && v == null)) cfg.settings;
filteredSettings = lib.filterAttrs (n: v: !((n == "tls-cert" || n == "tls-key") && v == null)) cfg.settings;
in
"${pkgs.gonic}/bin/gonic -config-path ${settingsFormat.generate "gonic" filteredSettings}";
DynamicUser = true;
@ -89,5 +86,5 @@ in
};
};
meta.maintainers = [ maintainers.autrimpo ];
meta.maintainers = [ lib.maintainers.autrimpo ];
}

21
nixos/modules/services/audio/goxlr-utility.nix
View File

@ -1,25 +1,22 @@
{ config, lib, pkgs, ... }:
let
cfg = config.services.goxlr-utility;
in
with lib;
{
options = {
services.goxlr-utility = {
enable = mkOption {
enable = lib.mkOption {
default = false;
type = types.bool;
type = lib.types.bool;
description = ''
Whether to enable goxlr-utility for controlling your TC-Helicon GoXLR or GoXLR Mini
'';
};
package = mkPackageOption pkgs "goxlr-utility" { };
autoStart.xdg = mkOption {
package = lib.mkPackageOption pkgs "goxlr-utility" { };
autoStart.xdg = lib.mkOption {
default = true;
type = with types; bool;
type = with lib.types; bool;
description = ''
Start the daemon automatically using XDG autostart.
Sets `xdg.autostart.enable = true` if not already enabled.
@ -44,16 +41,16 @@ with lib;
'';
};
in
mkIf config.services.goxlr-utility.enable {
lib.mkIf config.services.goxlr-utility.enable {
services.udev.packages = [ cfg.package ];
xdg.autostart.enable = mkIf cfg.autoStart.xdg true;
environment.systemPackages = mkIf cfg.autoStart.xdg
xdg.autostart.enable = lib.mkIf cfg.autoStart.xdg true;
environment.systemPackages = lib.mkIf cfg.autoStart.xdg
[
cfg.package
goxlr-autostart
];
};
meta.maintainers = with maintainers; [ errnoh ];
meta.maintainers = with lib.maintainers; [ errnoh ];
}

37
nixos/modules/services/audio/hqplayerd.nix
View File

@ -1,7 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.hqplayerd;
pkg = pkgs.hqplayerd;
@ -12,11 +9,11 @@ in
{
options = {
services.hqplayerd = {
enable = mkEnableOption "HQPlayer Embedded";
enable = lib.mkEnableOption "HQPlayer Embedded";
auth = {
username = mkOption {
type = types.nullOr types.str;
username = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
description = ''
Username used for HQPlayer's WebUI.
@ -26,8 +23,8 @@ in
'';
};
password = mkOption {
type = types.nullOr types.str;
password = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
description = ''
Password used for HQPlayer's WebUI.
@ -38,8 +35,8 @@ in
};
};
licenseFile = mkOption {
type = types.nullOr types.path;
licenseFile = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = null;
description = ''
Path to the HQPlayer license key file.
@ -49,16 +46,16 @@ in
'';
};
openFirewall = mkOption {
type = types.bool;
openFirewall = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Opens ports needed for the WebUI and controller API.
'';
};
config = mkOption {
type = types.nullOr types.lines;
config = lib.mkOption {
type = lib.types.nullOr lib.types.lines;
default = null;
description = ''
HQplayer daemon configuration, written to /etc/hqplayer/hqplayerd.xml.
@ -69,7 +66,7 @@ in
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
assertions = [
{
assertion = (cfg.auth.username != null -> cfg.auth.password != null)
@ -80,13 +77,13 @@ in
environment = {
etc = {
"hqplayer/hqplayerd.xml" = mkIf (cfg.config != null) { source = pkgs.writeText "hqplayerd.xml" cfg.config; };
"hqplayer/hqplayerd4-key.xml" = mkIf (cfg.licenseFile != null) { source = cfg.licenseFile; };
"hqplayer/hqplayerd.xml" = lib.mkIf (cfg.config != null) { source = pkgs.writeText "hqplayerd.xml" cfg.config; };
"hqplayer/hqplayerd4-key.xml" = lib.mkIf (cfg.licenseFile != null) { source = cfg.licenseFile; };
};
systemPackages = [ pkg ];
};
networking.firewall = mkIf cfg.openFirewall {
networking.firewall = lib.mkIf cfg.openFirewall {
allowedTCPPorts = [ 8088 4321 ];
};
@ -107,7 +104,7 @@ in
unitConfig.ConditionPathExists = [ configDir stateDir ];
restartTriggers = optionals (cfg.config != null) [ config.environment.etc."hqplayer/hqplayerd.xml".source ];
restartTriggers = lib.optionals (cfg.config != null) [ config.environment.etc."hqplayer/hqplayerd.xml".source ];
preStart = ''
cp -r "${pkg}/var/lib/hqplayer/web" "${stateDir}"
@ -117,7 +114,7 @@ in
echo "creating initial config file"
install -m 0644 "${pkg}/etc/hqplayer/hqplayerd.xml" "${configDir}/hqplayerd.xml"
fi
'' + optionalString (cfg.auth.username != null && cfg.auth.password != null) ''
'' + lib.optionalString (cfg.auth.username != null && cfg.auth.password != null) ''
${pkg}/bin/hqplayerd -s ${cfg.auth.username} ${cfg.auth.password}
'';
};

45
nixos/modules/services/audio/icecast.nix
View File

@ -1,7 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.icecast;
configFile = pkgs.writeText "icecast.xml" ''
@ -44,62 +41,62 @@ in {
services.icecast = {
enable = mkEnableOption "Icecast server";
enable = lib.mkEnableOption "Icecast server";
hostname = mkOption {
type = types.nullOr types.str;
hostname = lib.mkOption {
type = lib.types.nullOr lib.types.str;
description = "DNS name or IP address that will be used for the stream directory lookups or possibly the playlist generation if a Host header is not provided.";
default = config.networking.domain;
defaultText = literalExpression "config.networking.domain";
defaultText = lib.literalExpression "config.networking.domain";
};
admin = {
user = mkOption {
type = types.str;
user = lib.mkOption {
type = lib.types.str;
description = "Username used for all administration functions.";
default = "admin";
};
password = mkOption {
type = types.str;
password = lib.mkOption {
type = lib.types.str;
description = "Password used for all administration functions.";
};
};
logDir = mkOption {
type = types.path;
logDir = lib.mkOption {
type = lib.types.path;
description = "Base directory used for logging.";
default = "/var/log/icecast";
};
listen = {
port = mkOption {
type = types.port;
port = lib.mkOption {
type = lib.types.port;
description = "TCP port that will be used to accept client connections.";
default = 8000;
};
address = mkOption {
type = types.str;
address = lib.mkOption {
type = lib.types.str;
description = "Address Icecast will listen on.";
default = "::";
};
};
user = mkOption {
type = types.str;
user = lib.mkOption {
type = lib.types.str;
description = "User privileges for the server.";
default = "nobody";
};
group = mkOption {
type = types.str;
group = lib.mkOption {
type = lib.types.str;
description = "Group privileges for the server.";
default = "nogroup";
};
extraConf = mkOption {
type = types.lines;
extraConf = lib.mkOption {
type = lib.types.lines;
description = "icecast.xml content.";
default = "";
};
@ -111,7 +108,7 @@ in {
###### implementation
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.services.icecast = {
after = [ "network.target" ];

59
nixos/modules/services/audio/jack.nix
View File

@ -1,7 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.jack;
@ -10,29 +7,29 @@ let
enable32BitAlsaPlugins = cfg.alsa.support32Bit && pkgs.stdenv.hostPlatform.isx86_64 && pkgs.pkgsi686Linux.alsa-lib != null;
umaskNeeded = versionOlder cfg.jackd.package.version "1.9.12";
bridgeNeeded = versionAtLeast cfg.jackd.package.version "1.9.12";
umaskNeeded = lib.versionOlder cfg.jackd.package.version "1.9.12";
bridgeNeeded = lib.versionAtLeast cfg.jackd.package.version "1.9.12";
in {
options = {
services.jack = {
jackd = {
enable = mkEnableOption ''
enable = lib.mkEnableOption ''
JACK Audio Connection Kit. You need to add yourself to the "jackaudio" group
'';
package = mkPackageOption pkgs "jack2" {
package = lib.mkPackageOption pkgs "jack2" {
example = "jack1";
} // {
# until jack1 promiscuous mode is fixed
internal = true;
};
extraOptions = mkOption {
type = types.listOf types.str;
extraOptions = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [
"-dalsa"
];
example = literalExpression ''
example = lib.literalExpression ''
[ "-dalsa" "--device" "hw:1" ];
'';
description = ''
@ -40,8 +37,8 @@ in {
'';
};
session = mkOption {
type = types.lines;
session = lib.mkOption {
type = lib.types.lines;
description = ''
Commands to run after JACK is started.
'';
@ -50,16 +47,16 @@ in {
};
alsa = {
enable = mkOption {
type = types.bool;
enable = lib.mkOption {
type = lib.types.bool;
default = true;
description = ''
Route audio to/from generic ALSA-using applications using ALSA JACK PCM plugin.
'';
};
support32Bit = mkOption {
type = types.bool;
support32Bit = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Whether to support sound for 32-bit ALSA applications on 64-bit system.
@ -68,8 +65,8 @@ in {
};
loopback = {
enable = mkOption {
type = types.bool;
enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Create ALSA loopback device, instead of using PCM plugin. Has broader
@ -78,23 +75,23 @@ in {
'';
};
index = mkOption {
type = types.int;
index = lib.mkOption {
type = lib.types.int;
default = 10;
description = ''
Index of an ALSA loopback device.
'';
};
config = mkOption {
type = types.lines;
config = lib.mkOption {
type = lib.types.lines;
description = ''
ALSA config for loopback device.
'';
};
dmixConfig = mkOption {
type = types.lines;
dmixConfig = lib.mkOption {
type = lib.types.lines;
default = "";
example = ''
period_size 2048
@ -107,8 +104,8 @@ in {
'';
};
session = mkOption {
type = types.lines;
session = lib.mkOption {
type = lib.types.lines;
description = ''
Additional commands to run to setup loopback device.
'';
@ -119,9 +116,9 @@ in {
};
config = mkMerge [
config = lib.mkMerge [
(mkIf pcmPlugin {
(lib.mkIf pcmPlugin {
environment.etc."alsa/conf.d/98-jack.conf".text = ''
pcm_type.jack {
libs.native = ${pkgs.alsa-plugins}/lib/alsa-lib/libasound_module_pcm_jack.so ;
@ -136,13 +133,13 @@ in {
'';
})
(mkIf loopback {
(lib.mkIf loopback {
boot.kernelModules = [ "snd-aloop" ];
boot.kernelParams = [ "snd-aloop.index=${toString cfg.loopback.index}" ];
environment.etc."alsa/conf.d/99-jack-loopback.conf".text = cfg.loopback.config;
})
(mkIf cfg.jackd.enable {
(lib.mkIf cfg.jackd.enable {
services.jack.jackd.session = ''
${lib.optionalString bridgeNeeded "${pkgs.a2jmidid}/bin/a2jmidid -e &"}
'';
@ -247,7 +244,7 @@ in {
ExecStart = "${cfg.jackd.package}/bin/jackd ${lib.escapeShellArgs cfg.jackd.extraOptions}";
LimitRTPRIO = 99;
LimitMEMLOCK = "infinity";
} // optionalAttrs umaskNeeded {
} // lib.optionalAttrs umaskNeeded {
UMask = "007";
};
path = [ cfg.jackd.package ];

16
nixos/modules/services/audio/jmusicbot.nix
View File

@ -1,18 +1,16 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.jmusicbot;
in
{
options = {
services.jmusicbot = {
enable = mkEnableOption "jmusicbot, a Discord music bot that's easy to set up and run yourself";
enable = lib.mkEnableOption "jmusicbot, a Discord music bot that's easy to set up and run yourself";
package = mkPackageOption pkgs "jmusicbot" { };
package = lib.mkPackageOption pkgs "jmusicbot" { };
stateDir = mkOption {
type = types.path;
stateDir = lib.mkOption {
type = lib.types.path;
description = ''
The directory where config.txt and serversettings.json is saved.
If left as the default value this directory will automatically be created before JMusicBot starts, otherwise the sysadmin is responsible for ensuring the directory exists with appropriate ownership and permissions.
@ -23,20 +21,20 @@ in
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.services.jmusicbot = {
wantedBy = [ "multi-user.target" ];
wants = [ "network-online.target" ];
after = [ "network-online.target" ];
description = "Discord music bot that's easy to set up and run yourself!";
serviceConfig = mkMerge [{
serviceConfig = lib.mkMerge [{
ExecStart = "${cfg.package}/bin/JMusicBot";
WorkingDirectory = cfg.stateDir;
Restart = "always";
RestartSec = 20;
DynamicUser = true;
}
(mkIf (cfg.stateDir == "/var/lib/jmusicbot") { StateDirectory = "jmusicbot"; })];
(lib.mkIf (cfg.stateDir == "/var/lib/jmusicbot") { StateDirectory = "jmusicbot"; })];
};
};

11
nixos/modules/services/audio/liquidsoap.nix
View File

@ -1,7 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
streams = builtins.attrNames config.services.liquidsoap.streams;
@ -29,7 +26,7 @@ in
options = {
services.liquidsoap.streams = mkOption {
services.liquidsoap.streams = lib.mkOption {
description = ''
Set of Liquidsoap streams to start,
@ -38,7 +35,7 @@ in
default = {};
example = literalExpression ''
example = lib.literalExpression ''
{
myStream1 = "/etc/liquidsoap/myStream1.liq";
myStream2 = ./myStream2.liq;
@ -46,13 +43,13 @@ in
}
'';
type = types.attrsOf (types.either types.path types.str);
type = lib.types.attrsOf (lib.types.either lib.types.path lib.types.str);
};
};
##### implementation
config = mkIf (builtins.length streams != 0) {
config = lib.mkIf (builtins.length streams != 0) {
users.users.liquidsoap = {
uid = config.ids.uids.liquidsoap;

71
nixos/modules/services/audio/mpdscribble.nix
View File

@ -1,7 +1,4 @@
{ config, lib, options, pkgs, ... }:
with lib;
let
cfg = config.services.mpdscribble;
mpdCfg = config.services.mpd;
@ -22,7 +19,7 @@ let
journal = /var/lib/mpdscribble/${secname}.journal
'';
endpoints = concatStringsSep "\n" (mapAttrsToList mkSection cfg.endpoints);
endpoints = lib.concatStringsSep "\n" (lib.mapAttrsToList mkSection cfg.endpoints);
cfgTemplate = pkgs.writeText "mpdscribble.conf" ''
## This file was automatically genenrated by NixOS and will be overwritten.
## Do not edit. Edit your NixOS configuration instead.
@ -31,7 +28,7 @@ let
## http://mpd.wikia.com/wiki/Client:mpdscribble
# HTTP proxy URL.
${optionalString (cfg.proxy != null) "proxy = ${cfg.proxy}"}
${lib.optionalString (cfg.proxy != null) "proxy = ${cfg.proxy}"}
# The location of the mpdscribble log file. The special value
# "syslog" makes mpdscribble use the local syslog daemon. On most
@ -47,7 +44,7 @@ let
# The host running MPD, possibly protected by a password
# ([PASSWORD@]HOSTNAME).
host = ${(optionalString (cfg.passwordFile != null) "{{MPD_PASSWORD}}@") + cfg.host}
host = ${(lib.optionalString (cfg.passwordFile != null) "{{MPD_PASSWORD}}@") + cfg.host}
# The port that the MPD listens on and mpdscribble should try to
# connect to.
@ -59,13 +56,13 @@ let
cfgFile = "/run/mpdscribble/mpdscribble.conf";
replaceSecret = secretFile: placeholder: targetFile:
optionalString (secretFile != null) ''
lib.optionalString (secretFile != null) ''
${pkgs.replace-secret}/bin/replace-secret '${placeholder}' '${secretFile}' '${targetFile}' '';
preStart = pkgs.writeShellScript "mpdscribble-pre-start" ''
cp -f "${cfgTemplate}" "${cfgFile}"
${replaceSecret cfg.passwordFile "{{MPD_PASSWORD}}" cfgFile}
${concatStringsSep "\n" (mapAttrsToList (secname: cfg:
${lib.concatStringsSep "\n" (lib.mapAttrsToList (secname: cfg:
replaceSecret cfg.passwordFile "{{${secname}_PASSWORD}}" cfgFile)
cfg.endpoints)}
'';
@ -77,62 +74,62 @@ in {
options.services.mpdscribble = {
enable = mkEnableOption "mpdscribble, an MPD client which submits info about tracks being played to Last.fm (formerly AudioScrobbler)";
enable = lib.mkEnableOption "mpdscribble, an MPD client which submits info about tracks being played to Last.fm (formerly AudioScrobbler)";
proxy = mkOption {
proxy = lib.mkOption {
default = null;
type = types.nullOr types.str;
type = lib.types.nullOr lib.types.str;
description = ''
HTTP proxy URL.
'';
};
verbose = mkOption {
verbose = lib.mkOption {
default = 1;
type = types.int;
type = lib.types.int;
description = ''
Log level for the mpdscribble daemon.
'';
};
journalInterval = mkOption {
journalInterval = lib.mkOption {
default = 600;
example = 60;
type = types.int;
type = lib.types.int;
description = ''
How often should mpdscribble save the journal file? [seconds]
'';
};
host = mkOption {
host = lib.mkOption {
default = (if mpdCfg.network.listenAddress != "any" then
mpdCfg.network.listenAddress
else
"localhost");
defaultText = literalExpression ''
defaultText = lib.literalExpression ''
if config.${mpdOpt.network.listenAddress} != "any"
then config.${mpdOpt.network.listenAddress}
else "localhost"
'';
type = types.str;
type = lib.types.str;
description = ''
Host for the mpdscribble daemon to search for a mpd daemon on.
'';
};
passwordFile = mkOption {
passwordFile = lib.mkOption {
default = if localMpd then
(findFirst
(c: any (x: x == "read") c.permissions)
(lib.findFirst
(c: lib.any (x: x == "read") c.permissions)
{ passwordFile = null; }
mpdCfg.credentials).passwordFile
else
null;
defaultText = literalMD ''
defaultText = lib.literalMD ''
The first password file with read access configured for MPD when using a local instance,
otherwise `null`.
'';
type = types.nullOr types.str;
type = lib.types.nullOr lib.types.str;
description = ''
File containing the password for the mpd daemon.
If there is a local mpd configured using {option}`services.mpd.credentials`
@ -140,37 +137,37 @@ in {
'';
};
port = mkOption {
port = lib.mkOption {
default = mpdCfg.network.port;
defaultText = literalExpression "config.${mpdOpt.network.port}";
type = types.port;
defaultText = lib.literalExpression "config.${mpdOpt.network.port}";
type = lib.types.port;
description = ''
Port for the mpdscribble daemon to search for a mpd daemon on.
'';
};
endpoints = mkOption {
endpoints = lib.mkOption {
type = (let
endpoint = { name, ... }: {
options = {
url = mkOption {
type = types.str;
url = lib.mkOption {
type = lib.types.str;
default = endpointUrls.${name} or "";
description = "The url endpoint where the scrobble API is listening.";
};
username = mkOption {
type = types.str;
username = lib.mkOption {
type = lib.types.str;
description = ''
Username for the scrobble service.
'';
};
passwordFile = mkOption {
type = types.nullOr types.str;
passwordFile = lib.mkOption {
type = lib.types.nullOr lib.types.str;
description = "File containing the password, either as MD5SUM or cleartext.";
};
};
};
in types.attrsOf (types.submodule endpoint));
in lib.types.attrsOf (lib.types.submodule endpoint));
default = { };
example = {
"last.fm" = {
@ -181,7 +178,7 @@ in {
description = ''
Endpoints to scrobble to.
If the endpoint is one of "${
concatStringsSep "\", \"" (attrNames endpointUrls)
lib.concatStringsSep "\", \"" (lib.attrNames endpointUrls)
}" the url is set automatically.
'';
};
@ -190,9 +187,9 @@ in {
###### implementation
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.services.mpdscribble = {
after = [ "network.target" ] ++ (optional localMpd "mpd.service");
after = [ "network.target" ] ++ (lib.optional localMpd "mpd.service");
description = "mpdscribble mpd scrobble client";
wantedBy = [ "multi-user.target" ];
serviceConfig = {

7
nixos/modules/services/audio/networkaudiod.nix
View File

@ -1,18 +1,15 @@
{ config, lib, pkgs, ... }:
with lib;
let
name = "networkaudiod";
cfg = config.services.networkaudiod;
in {
options = {
services.networkaudiod = {
enable = mkEnableOption "Networkaudiod (NAA)";
enable = lib.mkEnableOption "Networkaudiod (NAA)";
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.packages = [ pkgs.networkaudiod ];
systemd.services.networkaudiod.wantedBy = [ "multi-user.target" ];
};

27
nixos/modules/services/audio/roon-bridge.nix
View File

@ -1,30 +1,27 @@
{ config, lib, pkgs, ... }:
with lib;
let
name = "roon-bridge";
cfg = config.services.roon-bridge;
in {
options = {
services.roon-bridge = {
enable = mkEnableOption "Roon Bridge";
openFirewall = mkOption {
type = types.bool;
enable = lib.mkEnableOption "Roon Bridge";
openFirewall = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Open ports in the firewall for the bridge.
'';
};
user = mkOption {
type = types.str;
user = lib.mkOption {
type = lib.types.str;
default = "roon-bridge";
description = ''
User to run the Roon bridge as.
'';
};
group = mkOption {
type = types.str;
group = lib.mkOption {
type = lib.types.str;
default = "roon-bridge";
description = ''
Group to run the Roon Bridge as.
@ -33,7 +30,7 @@ in {
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.services.roon-bridge = {
after = [ "network.target" ];
description = "Roon Bridge";
@ -50,17 +47,17 @@ in {
};
};
networking.firewall = mkIf cfg.openFirewall {
networking.firewall = lib.mkIf cfg.openFirewall {
allowedTCPPortRanges = [{ from = 9100; to = 9200; }];
allowedUDPPorts = [ 9003 ];
extraCommands = optionalString (!config.networking.nftables.enable) ''
extraCommands = lib.optionalString (!config.networking.nftables.enable) ''
iptables -A INPUT -s 224.0.0.0/4 -j ACCEPT
iptables -A INPUT -d 224.0.0.0/4 -j ACCEPT
iptables -A INPUT -s 240.0.0.0/5 -j ACCEPT
iptables -A INPUT -m pkttype --pkt-type multicast -j ACCEPT
iptables -A INPUT -m pkttype --pkt-type broadcast -j ACCEPT
'';
extraInputRules = optionalString config.networking.nftables.enable ''
extraInputRules = lib.optionalString config.networking.nftables.enable ''
ip saddr { 224.0.0.0/4, 240.0.0.0/5 } accept
ip daddr 224.0.0.0/4 accept
pkttype { multicast, broadcast } accept
@ -70,7 +67,7 @@ in {
users.groups.${cfg.group} = {};
users.users.${cfg.user} =
optionalAttrs (cfg.user == "roon-bridge") {
lib.optionalAttrs (cfg.user == "roon-bridge") {
isSystemUser = true;
description = "Roon Bridge user";
group = cfg.group;

27
nixos/modules/services/audio/roon-server.nix
View File

@ -1,31 +1,28 @@
{ config, lib, pkgs, ... }:
with lib;
let
name = "roon-server";
cfg = config.services.roon-server;
in {
options = {
services.roon-server = {
enable = mkEnableOption "Roon Server";
enable = lib.mkEnableOption "Roon Server";
package = lib.mkPackageOption pkgs "roon-server" { };
openFirewall = mkOption {
type = types.bool;
openFirewall = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Open ports in the firewall for the server.
'';
};
user = mkOption {
type = types.str;
user = lib.mkOption {
type = lib.types.str;
default = "roon-server";
description = ''
User to run the Roon Server as.
'';
};
group = mkOption {
type = types.str;
group = lib.mkOption {
type = lib.types.str;
default = "roon-server";
description = ''
Group to run the Roon Server as.
@ -34,7 +31,7 @@ in {
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.services.roon-server = {
after = [ "network.target" ];
description = "Roon Server";
@ -52,14 +49,14 @@ in {
};
};
networking.firewall = mkIf cfg.openFirewall {
networking.firewall = lib.mkIf cfg.openFirewall {
allowedTCPPortRanges = [
{ from = 9100; to = 9200; }
{ from = 9330; to = 9339; }
{ from = 30000; to = 30010; }
];
allowedUDPPorts = [ 9003 ];
extraCommands = optionalString (!config.networking.nftables.enable) ''
extraCommands = lib.optionalString (!config.networking.nftables.enable) ''
## IGMP / Broadcast ##
iptables -A INPUT -s 224.0.0.0/4 -j ACCEPT
iptables -A INPUT -d 224.0.0.0/4 -j ACCEPT
@ -67,7 +64,7 @@ in {
iptables -A INPUT -m pkttype --pkt-type multicast -j ACCEPT
iptables -A INPUT -m pkttype --pkt-type broadcast -j ACCEPT
'';
extraInputRules = optionalString config.networking.nftables.enable ''
extraInputRules = lib.optionalString config.networking.nftables.enable ''
ip saddr { 224.0.0.0/4, 240.0.0.0/5 } accept
ip daddr 224.0.0.0/4 accept
pkttype { multicast, broadcast } accept
@ -77,7 +74,7 @@ in {
users.groups.${cfg.group} = {};
users.users.${cfg.user} =
optionalAttrs (cfg.user == "roon-server") {
lib.optionalAttrs (cfg.user == "roon-server") {
isSystemUser = true;
description = "Roon Server user";
group = cfg.group;

15
nixos/modules/services/audio/slimserver.nix
View File

@ -1,7 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.slimserver;
@ -11,18 +8,18 @@ in {
services.slimserver = {
enable = mkOption {
type = types.bool;
enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Whether to enable slimserver.
'';
};
package = mkPackageOption pkgs "slimserver" { };
package = lib.mkPackageOption pkgs "slimserver" { };
dataDir = mkOption {
type = types.path;
dataDir = lib.mkOption {
type = lib.types.path;
default = "/var/lib/slimserver";
description = ''
The directory where slimserver stores its state, tag cache,
@ -35,7 +32,7 @@ in {
###### implementation
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = [
"d '${cfg.dataDir}' - slimserver slimserver - -"

17
nixos/modules/services/audio/spotifyd.nix
View File

@ -1,14 +1,11 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.spotifyd;
toml = pkgs.formats.toml {};
warnConfig =
if cfg.config != ""
then lib.trace "Using the stringly typed .config attribute is discouraged. Use the TOML typed .settings attribute instead."
else id;
else lib.id;
spotifydConf =
if cfg.settings != {}
then toml.generate "spotify.conf" cfg.settings
@ -17,18 +14,18 @@ in
{
options = {
services.spotifyd = {
enable = mkEnableOption "spotifyd, a Spotify playing daemon";
enable = lib.mkEnableOption "spotifyd, a Spotify playing daemon";
config = mkOption {
config = lib.mkOption {
default = "";
type = types.lines;
type = lib.types.lines;
description = ''
(Deprecated) Configuration for Spotifyd. For syntax and directives, see
<https://docs.spotifyd.rs/config/File.html>.
'';
};
settings = mkOption {
settings = lib.mkOption {
default = {};
type = toml.type;
example = { global.bitrate = 320; };
@ -40,7 +37,7 @@ in
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
assertions = [
{
assertion = cfg.config == "" || cfg.settings == {};
@ -65,5 +62,5 @@ in
};
};
meta.maintainers = [ maintainers.anderslundstedt ];
meta.maintainers = [ lib.maintainers.anderslundstedt ];
}

21
nixos/modules/services/audio/ympd.nix
View File

@ -1,7 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.ympd;
in {
@ -12,26 +9,26 @@ in {
services.ympd = {
enable = mkEnableOption "ympd, the MPD Web GUI";
enable = lib.mkEnableOption "ympd, the MPD Web GUI";
webPort = mkOption {
type = types.either types.str types.port; # string for backwards compat
webPort = lib.mkOption {
type = lib.types.either lib.types.str lib.types.port; # string for backwards compat
default = "8080";
description = "The port where ympd's web interface will be available.";
example = "ssl://8080:/path/to/ssl-private-key.pem";
};
mpd = {
host = mkOption {
type = types.str;
host = lib.mkOption {
type = lib.types.str;
default = "localhost";
description = "The host where MPD is listening.";
};
port = mkOption {
type = types.port;
port = lib.mkOption {
type = lib.types.port;
default = config.services.mpd.network.port;
defaultText = literalExpression "config.services.mpd.network.port";
defaultText = lib.literalExpression "config.services.mpd.network.port";
description = "The port where MPD is listening.";
example = 6600;
};
@ -44,7 +41,7 @@ in {
###### implementation
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.services.ympd = {
description = "Standalone MPD Web GUI written in C";

41
nixos/modules/services/backup/borgmatic.nix
View File

@ -1,20 +1,17 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.borgmatic;
settingsFormat = pkgs.formats.yaml { };
repository = with types; submodule {
repository = with lib.types; submodule {
options = {
path = mkOption {
path = lib.mkOption {
type = str;
description = ''
Path to the repository
'';
};
label = mkOption {
label = lib.mkOption {
type = str;
description = ''
Label to the repository
@ -22,10 +19,10 @@ let
};
};
};
cfgType = with types; submodule {
cfgType = with lib.types; submodule {
freeformType = settingsFormat.type;
options = {
source_directories = mkOption {
source_directories = lib.mkOption {
type = listOf str;
default = [];
description = ''
@ -34,7 +31,7 @@ let
'';
example = [ "/home" "/etc" "/var/log/syslog*" "/home/user/path with spaces" ];
};
repositories = mkOption {
repositories = lib.mkOption {
type = listOf repository;
default = [];
description = ''
@ -59,33 +56,33 @@ let
in
{
options.services.borgmatic = {
enable = mkEnableOption "borgmatic";
enable = lib.mkEnableOption "borgmatic";
settings = mkOption {
settings = lib.mkOption {
description = ''
See https://torsion.org/borgmatic/docs/reference/configuration/
'';
default = null;
type = types.nullOr cfgType;
type = lib.types.nullOr cfgType;
};
configurations = mkOption {
configurations = lib.mkOption {
description = ''
Set of borgmatic configurations, see https://torsion.org/borgmatic/docs/reference/configuration/
'';
default = { };
type = types.attrsOf cfgType;
type = lib.types.attrsOf cfgType;
};
enableConfigCheck = mkEnableOption "checking all configurations during build time" // { default = true; };
enableConfigCheck = lib.mkEnableOption "checking all configurations during build time" // { default = true; };
};
config =
let
configFiles =
(optionalAttrs (cfg.settings != null) { "borgmatic/config.yaml".source = cfgfile; }) //
mapAttrs'
(name: value: nameValuePair
(lib.optionalAttrs (cfg.settings != null) { "borgmatic/config.yaml".source = cfgfile; }) //
lib.mapAttrs'
(name: value: lib.nameValuePair
"borgmatic.d/${name}.yaml"
{ source = settingsFormat.generate "${name}.yaml" value; })
cfg.configurations;
@ -94,12 +91,12 @@ in
touch $out
'';
in
mkIf cfg.enable {
lib.mkIf cfg.enable {
warnings = []
++ optional (cfg.settings != null && cfg.settings ? location)
++ lib.optional (cfg.settings != null && cfg.settings ? location)
"`services.borgmatic.settings.location` is deprecated, please move your options out of sections to the global scope"
++ optional (catAttrs "location" (attrValues cfg.configurations) != [])
++ lib.optional (lib.catAttrs "location" (lib.attrValues cfg.configurations) != [])
"`services.borgmatic.configurations.<name>.location` is deprecated, please move your options out of sections to the global scope"
;
@ -112,6 +109,6 @@ in
# Workaround: https://github.com/NixOS/nixpkgs/issues/81138
systemd.timers.borgmatic.wantedBy = [ "timers.target" ];
system.checks = mkIf cfg.enableConfigCheck (mapAttrsToList borgmaticCheck configFiles);
system.checks = lib.mkIf cfg.enableConfigCheck (lib.mapAttrsToList borgmaticCheck configFiles);
};
}

29
nixos/modules/services/backup/duplicati.nix
View File

@ -1,27 +1,24 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.duplicati;
in
{
options = {
services.duplicati = {
enable = mkEnableOption "Duplicati";
enable = lib.mkEnableOption "Duplicati";
package = mkPackageOption pkgs "duplicati" { };
package = lib.mkPackageOption pkgs "duplicati" { };
port = mkOption {
port = lib.mkOption {
default = 8200;
type = types.port;
type = lib.types.port;
description = ''
Port serving the web interface
'';
};
dataDir = mkOption {
type = types.str;
dataDir = lib.mkOption {
type = lib.types.str;
default = "/var/lib/duplicati";
description = ''
The directory where Duplicati stores its data files.
@ -34,18 +31,18 @@ in
'';
};
interface = mkOption {
interface = lib.mkOption {
default = "127.0.0.1";
type = types.str;
type = lib.types.str;
description = ''
Listening interface for the web UI
Set it to "any" to listen on all available interfaces
'';
};
user = mkOption {
user = lib.mkOption {
default = "duplicati";
type = types.str;
type = lib.types.str;
description = ''
Duplicati runs as it's own user. It will only be able to backup world-readable files.
Run as root with special care.
@ -54,21 +51,21 @@ in
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
environment.systemPackages = [ cfg.package ];
systemd.services.duplicati = {
description = "Duplicati backup";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = mkMerge [
serviceConfig = lib.mkMerge [
{
User = cfg.user;
Group = "duplicati";
ExecStart = "${cfg.package}/bin/duplicati-server --webservice-interface=${cfg.interface} --webservice-port=${toString cfg.port} --server-datafolder=${cfg.dataDir}";
Restart = "on-failure";
}
(mkIf (cfg.dataDir == "/var/lib/duplicati") {
(lib.mkIf (cfg.dataDir == "/var/lib/duplicati") {
StateDirectory = "duplicati";
})
];

80
nixos/modules/services/backup/duplicity.nix
View File

@ -1,30 +1,28 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.duplicity;
stateDirectory = "/var/lib/duplicity";
localTarget =
if hasPrefix "file://" cfg.targetUrl
then removePrefix "file://" cfg.targetUrl else null;
if lib.hasPrefix "file://" cfg.targetUrl
then lib.removePrefix "file://" cfg.targetUrl else null;
in
{
options.services.duplicity = {
enable = mkEnableOption "backups with duplicity";
enable = lib.mkEnableOption "backups with duplicity";
root = mkOption {
type = types.path;
root = lib.mkOption {
type = lib.types.path;
default = "/";
description = ''
Root directory to backup.
'';
};
include = mkOption {
type = types.listOf types.str;
include = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ ];
example = [ "/home" ];
description = ''
@ -33,8 +31,8 @@ in
'';
};
exclude = mkOption {
type = types.listOf types.str;
exclude = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ ];
description = ''
List of paths to exclude from backups. See the FILE SELECTION section in
@ -42,8 +40,8 @@ in
'';
};
includeFileList = mkOption {
type = types.nullOr types.path;
includeFileList = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = null;
example = /path/to/fileList.txt;
description = ''
@ -53,8 +51,8 @@ in
'';
};
excludeFileList = mkOption {
type = types.nullOr types.path;
excludeFileList = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = null;
example = /path/to/fileList.txt;
description = ''
@ -64,8 +62,8 @@ in
'';
};
targetUrl = mkOption {
type = types.str;
targetUrl = lib.mkOption {
type = lib.types.str;
example = "s3://host:port/prefix";
description = ''
Target url to backup to. See the URL FORMAT section in
@ -73,8 +71,8 @@ in
'';
};
secretFile = mkOption {
type = types.nullOr types.path;
secretFile = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = null;
description = ''
Path of a file containing secrets (gpg passphrase, access key...) in
@ -88,8 +86,8 @@ in
'';
};
frequency = mkOption {
type = types.nullOr types.str;
frequency = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = "daily";
description = ''
Run duplicity with the given frequency (see
@ -98,8 +96,8 @@ in
'';
};
extraFlags = mkOption {
type = types.listOf types.str;
extraFlags = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ ];
example = [ "--backend-retry-delay" "100" ];
description = ''
@ -108,8 +106,8 @@ in
'';
};
fullIfOlderThan = mkOption {
type = types.str;
fullIfOlderThan = lib.mkOption {
type = lib.types.str;
default = "never";
example = "1M";
description = ''
@ -123,8 +121,8 @@ in
};
cleanup = {
maxAge = mkOption {
type = types.nullOr types.str;
maxAge = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
example = "6M";
description = ''
@ -132,8 +130,8 @@ in
will not be deleted if backup sets newer than time depend on them.
'';
};
maxFull = mkOption {
type = types.nullOr types.int;
maxFull = lib.mkOption {
type = lib.types.nullOr lib.types.int;
default = null;
example = 2;
description = ''
@ -142,8 +140,8 @@ in
associated incremental sets).
'';
};
maxIncr = mkOption {
type = types.nullOr types.int;
maxIncr = lib.mkOption {
type = lib.types.nullOr lib.types.int;
default = null;
example = 1;
description = ''
@ -155,7 +153,7 @@ in
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd = {
services.duplicity = {
description = "backup files with duplicity";
@ -164,8 +162,8 @@ in
script =
let
target = escapeShellArg cfg.targetUrl;
extra = escapeShellArgs ([ "--archive-dir" stateDirectory ] ++ cfg.extraFlags);
target = lib.escapeShellArg cfg.targetUrl;
extra = lib.escapeShellArgs ([ "--archive-dir" stateDirectory ] ++ cfg.extraFlags);
dup = "${pkgs.duplicity}/bin/duplicity";
in
''
@ -178,8 +176,8 @@ in
[ cfg.root cfg.targetUrl ]
++ lib.optionals (cfg.includeFileList != null) [ "--include-filelist" cfg.includeFileList ]
++ lib.optionals (cfg.excludeFileList != null) [ "--exclude-filelist" cfg.excludeFileList ]
++ concatMap (p: [ "--include" p ]) cfg.include
++ concatMap (p: [ "--exclude" p ]) cfg.exclude
++ lib.concatMap (p: [ "--include" p ]) cfg.include
++ lib.concatMap (p: [ "--exclude" p ]) cfg.exclude
++ (lib.optionals (cfg.fullIfOlderThan != "never" && cfg.fullIfOlderThan != "always") [ "--full-if-older-than" cfg.fullIfOlderThan ])
)} ${extra}
'';
@ -188,19 +186,19 @@ in
ProtectSystem = "strict";
ProtectHome = "read-only";
StateDirectory = baseNameOf stateDirectory;
} // optionalAttrs (localTarget != null) {
} // lib.optionalAttrs (localTarget != null) {
ReadWritePaths = localTarget;
} // optionalAttrs (cfg.secretFile != null) {
} // lib.optionalAttrs (cfg.secretFile != null) {
EnvironmentFile = cfg.secretFile;
};
} // optionalAttrs (cfg.frequency != null) {
} // lib.optionalAttrs (cfg.frequency != null) {
startAt = cfg.frequency;
};
tmpfiles.rules = optional (localTarget != null) "d ${localTarget} 0700 root root -";
tmpfiles.rules = lib.optional (localTarget != null) "d ${localTarget} 0700 root root -";
};
assertions = singleton {
assertions = lib.singleton {
# Duplicity will fail if the last file selection option is an include. It
# is not always possible to detect but this simple case can be caught.
assertion = cfg.include != [ ] -> cfg.exclude != [ ] || cfg.extraFlags != [ ];

82
nixos/modules/services/misc/paperless.nix
View File

@ -1,6 +1,4 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.paperless;
@ -17,16 +15,16 @@ let
PAPERLESS_CONSUMPTION_DIR = cfg.consumptionDir;
PAPERLESS_THUMBNAIL_FONT_NAME = defaultFont;
GUNICORN_CMD_ARGS = "--bind=${cfg.address}:${toString cfg.port}";
} // optionalAttrs (config.time.timeZone != null) {
} // lib.optionalAttrs (config.time.timeZone != null) {
PAPERLESS_TIME_ZONE = config.time.timeZone;
} // optionalAttrs enableRedis {
} // lib.optionalAttrs enableRedis {
PAPERLESS_REDIS = "unix://${redisServer.unixSocket}";
} // optionalAttrs (cfg.settings.PAPERLESS_ENABLE_NLTK or true) {
} // lib.optionalAttrs (cfg.settings.PAPERLESS_ENABLE_NLTK or true) {
PAPERLESS_NLTK_DIR = pkgs.symlinkJoin {
name = "paperless_ngx_nltk_data";
paths = cfg.package.nltkData;
};
} // optionalAttrs (cfg.openMPThreadingWorkaround) {
} // lib.optionalAttrs (cfg.openMPThreadingWorkaround) {
OMP_NUM_THREADS = "1";
} // (lib.mapAttrs (_: s:
if (lib.isAttrs s || lib.isList s) then builtins.toJSON s
@ -53,7 +51,7 @@ let
CapabilityBoundingSet = "";
# ProtectClock adds DeviceAllow=char-rtc r
DeviceAllow = "";
EnvironmentFile = mkIf (cfg.environmentFile != null) cfg.environmentFile;
EnvironmentFile = lib.mkIf (cfg.environmentFile != null) cfg.environmentFile;
LockPersonality = true;
MemoryDenyWriteExecute = true;
NoNewPrivileges = true;
@ -80,22 +78,22 @@ let
RestrictNamespaces = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
SupplementaryGroups = optional enableRedis redisServer.user;
SupplementaryGroups = lib.optional enableRedis redisServer.user;
SystemCallArchitectures = "native";
SystemCallFilter = [ "@system-service" "~@privileged @setuid @keyring" ];
UMask = "0066";
};
in
{
meta.maintainers = with maintainers; [ leona SuperSandro2000 erikarvstedt ];
meta.maintainers = with lib.maintainers; [ leona SuperSandro2000 erikarvstedt ];
imports = [
(mkRenamedOptionModule [ "services" "paperless-ng" ] [ "services" "paperless" ])
(mkRenamedOptionModule [ "services" "paperless" "extraConfig" ] [ "services" "paperless" "settings" ])
(lib.mkRenamedOptionModule [ "services" "paperless-ng" ] [ "services" "paperless" ])
(lib.mkRenamedOptionModule [ "services" "paperless" "extraConfig" ] [ "services" "paperless" "settings" ])
];
options.services.paperless = {
enable = mkOption {
enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
@ -110,34 +108,34 @@ in
'';
};
dataDir = mkOption {
type = types.str;
dataDir = lib.mkOption {
type = lib.types.str;
default = "/var/lib/paperless";
description = "Directory to store the Paperless data.";
};
mediaDir = mkOption {
type = types.str;
mediaDir = lib.mkOption {
type = lib.types.str;
default = "${cfg.dataDir}/media";
defaultText = literalExpression ''"''${dataDir}/media"'';
defaultText = lib.literalExpression ''"''${dataDir}/media"'';
description = "Directory to store the Paperless documents.";
};
consumptionDir = mkOption {
type = types.str;
consumptionDir = lib.mkOption {
type = lib.types.str;
default = "${cfg.dataDir}/consume";
defaultText = literalExpression ''"''${dataDir}/consume"'';
defaultText = lib.literalExpression ''"''${dataDir}/consume"'';
description = "Directory from which new documents are imported.";
};
consumptionDirIsPublic = mkOption {
type = types.bool;
consumptionDirIsPublic = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Whether all users can write to the consumption dir.";
};
passwordFile = mkOption {
type = types.nullOr types.path;
passwordFile = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = null;
example = "/run/keys/paperless-password";
description = ''
@ -158,19 +156,19 @@ in
'';
};
address = mkOption {
type = types.str;
address = lib.mkOption {
type = lib.types.str;
default = "localhost";
description = "Web interface address.";
};
port = mkOption {
type = types.port;
port = lib.mkOption {
type = lib.types.port;
default = 28981;
description = "Web interface port.";
};
settings = mkOption {
settings = lib.mkOption {
type = lib.types.submodule {
freeformType = with lib.types; attrsOf (let
typeList = [ bool float int str path package ];
@ -196,19 +194,19 @@ in
};
};
user = mkOption {
type = types.str;
user = lib.mkOption {
type = lib.types.str;
default = defaultUser;
description = "User under which Paperless runs.";
};
package = mkPackageOption pkgs "paperless-ngx" { } // {
package = lib.mkPackageOption pkgs "paperless-ngx" { } // {
apply = pkg: pkg.override {
tesseract5 = pkg.tesseract5.override {
# always enable detection modules
# tesseract fails to build when eng is not present
enableLanguages = if cfg.settings ? PAPERLESS_OCR_LANGUAGE then
lists.unique (
lib.lists.unique (
[ "equ" "osd" "eng" ]
++ lib.splitString "+" cfg.settings.PAPERLESS_OCR_LANGUAGE
)
@ -217,7 +215,7 @@ in
};
};
openMPThreadingWorkaround = mkEnableOption ''
openMPThreadingWorkaround = lib.mkEnableOption ''
a workaround for document classifier timeouts.
Paperless uses OpenBLAS via scikit-learn for document classification.
@ -229,10 +227,10 @@ in
This sets `OMP_NUM_THREADS` to `1` in order to mitigate the issue. See
https://github.com/NixOS/nixpkgs/issues/240591 for more information
'' // mkOption { default = true; };
'' // lib.mkOption { default = true; };
environmentFile = mkOption {
type = types.nullOr lib.types.path;
environmentFile = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = null;
example = "/run/secrets/paperless";
description = ''
@ -250,8 +248,8 @@ in
};
};
config = mkIf cfg.enable {
services.redis.servers.paperless.enable = mkIf enableRedis true;
config = lib.mkIf cfg.enable {
services.redis.servers.paperless.enable = lib.mkIf enableRedis true;
systemd.slices.system-paperless = {
description = "Paperless Document Management System Slice";
@ -308,7 +306,7 @@ in
echo ${cfg.package.version} > "$versionFile"
fi
''
+ optionalString (cfg.passwordFile != null) ''
+ lib.optionalString (cfg.passwordFile != null) ''
export PAPERLESS_ADMIN_USER="''${PAPERLESS_ADMIN_USER:-admin}"
PAPERLESS_ADMIN_PASSWORD=$(cat "$CREDENTIALS_DIRECTORY/PAPERLESS_ADMIN_PASSWORD")
export PAPERLESS_ADMIN_PASSWORD
@ -320,7 +318,7 @@ in
echo "$superuserState" > "$superuserStateFile"
fi
'';
} // optionalAttrs enableRedis {
} // lib.optionalAttrs enableRedis {
after = [ "redis-paperless.service" ];
};
@ -401,7 +399,7 @@ in
unitConfig.JoinsNamespaceOf = "paperless-task-queue.service";
};
users = optionalAttrs (cfg.user == defaultUser) {
users = lib.optionalAttrs (cfg.user == defaultUser) {
users.${defaultUser} = {
group = defaultUser;
uid = config.ids.uids.paperless;

35
nixos/modules/services/misc/parsoid.nix
View File

@ -1,7 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.parsoid;
@ -15,19 +12,19 @@ let
module = "lib/index.js";
entrypoint = "apiServiceWorker";
conf = {
mwApis = map (x: if isAttrs x then x else { uri = x; }) cfg.wikis;
mwApis = map (x: if lib.isAttrs x then x else { uri = x; }) cfg.wikis;
serverInterface = cfg.interface;
serverPort = cfg.port;
};
}];
};
confFile = pkgs.writeText "config.yml" (builtins.toJSON (recursiveUpdate confTree cfg.extraConfig));
confFile = pkgs.writeText "config.yml" (builtins.toJSON (lib.recursiveUpdate confTree cfg.extraConfig));
in
{
imports = [
(mkRemovedOptionModule [ "services" "parsoid" "interwikis" ] "Use services.parsoid.wikis instead")
(lib.mkRemovedOptionModule [ "services" "parsoid" "interwikis" ] "Use services.parsoid.wikis instead")
];
##### interface
@ -36,8 +33,8 @@ in
services.parsoid = {
enable = mkOption {
type = types.bool;
enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Whether to enable Parsoid -- bidirectional
@ -45,40 +42,40 @@ in
'';
};
wikis = mkOption {
type = types.listOf (types.either types.str types.attrs);
wikis = lib.mkOption {
type = lib.types.listOf (lib.types.either lib.types.str lib.types.attrs);
example = [ "http://localhost/api.php" ];
description = ''
Used MediaWiki API endpoints.
'';
};
workers = mkOption {
type = types.int;
workers = lib.mkOption {
type = lib.types.int;
default = 2;
description = ''
Number of Parsoid workers.
'';
};
interface = mkOption {
type = types.str;
interface = lib.mkOption {
type = lib.types.str;
default = "127.0.0.1";
description = ''
Interface to listen on.
'';
};
port = mkOption {
type = types.port;
port = lib.mkOption {
type = lib.types.port;
default = 8000;
description = ''
Port to listen on.
'';
};
extraConfig = mkOption {
type = types.attrs;
extraConfig = lib.mkOption {
type = lib.types.attrs;
default = {};
description = ''
Extra configuration to add to parsoid configuration.
@ -91,7 +88,7 @@ in
##### implementation
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.services.parsoid = {
description = "Bidirectional wikitext parser";

31
nixos/modules/services/misc/pinnwand.nix
View File

@ -1,7 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.pinnwand;
@ -10,25 +7,25 @@ let
in
{
options.services.pinnwand = {
enable = mkEnableOption "Pinnwand, a pastebin";
enable = lib.mkEnableOption "Pinnwand, a pastebin";
port = mkOption {
type = types.port;
port = lib.mkOption {
type = lib.types.port;
description = "The port to listen on.";
default = 8000;
};
settings = mkOption {
settings = lib.mkOption {
default = {};
description = ''
Your {file}`pinnwand.toml` as a Nix attribute set. Look up
possible options in the [documentation](https://pinnwand.readthedocs.io/en/v${pkgs.pinnwand.version}/configuration.html).
'';
type = types.submodule {
type = lib.types.submodule {
freeformType = format.type;
options = {
database_uri = mkOption {
type = types.str;
database_uri = lib.mkOption {
type = lib.types.str;
default = "sqlite:////var/lib/pinnwand/pinnwand.db";
example = "sqlite:///:memory";
description = ''
@ -38,16 +35,16 @@ in
'';
};
paste_size = mkOption {
type = types.ints.positive;
paste_size = lib.mkOption {
type = lib.types.ints.positive;
default = 262144;
example = 524288;
description = ''
Maximum size of a paste in bytes.
'';
};
paste_help = mkOption {
type = types.str;
paste_help = lib.mkOption {
type = lib.types.str;
default = ''
<p>Welcome to pinnwand, this site is a pastebin. It allows you to share code with others. If you write code in the text area below and press the paste button you will be given a link you can share with others so they can view your code as well.</p><p>People with the link can view your pasted code, only you can remove your paste and it expires automatically. Note that anyone could guess the URI to your paste so don't rely on it being private.</p>
'';
@ -55,8 +52,8 @@ in
Raw HTML help text shown in the header area.
'';
};
footer = mkOption {
type = types.str;
footer = lib.mkOption {
type = lib.types.str;
default = ''
View <a href="//github.com/supakeen/pinnwand" target="_BLANK">source code</a>, the <a href="/removal">removal</a> or <a href="/expiry">expiry</a> stories, or read the <a href="/about">about</a> page.
'';
@ -69,7 +66,7 @@ in
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.services.pinnwand = {
description = "Pinnwannd HTTP Server";
after = [ "network.target" ];

55
nixos/modules/services/misc/plex.nix
View File

@ -1,53 +1,50 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.plex;
in
{
imports = [
(mkRemovedOptionModule [ "services" "plex" "managePlugins" ] "Please omit or define the option: `services.plex.extraPlugins' instead.")
(lib.mkRemovedOptionModule [ "services" "plex" "managePlugins" ] "Please omit or define the option: `services.plex.extraPlugins' instead.")
];
options = {
services.plex = {
enable = mkEnableOption "Plex Media Server";
enable = lib.mkEnableOption "Plex Media Server";
dataDir = mkOption {
type = types.str;
dataDir = lib.mkOption {
type = lib.types.str;
default = "/var/lib/plex";
description = ''
The directory where Plex stores its data files.
'';
};
openFirewall = mkOption {
type = types.bool;
openFirewall = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Open ports in the firewall for the media server.
'';
};
user = mkOption {
type = types.str;
user = lib.mkOption {
type = lib.types.str;
default = "plex";
description = ''
User account under which Plex runs.
'';
};
group = mkOption {
type = types.str;
group = lib.mkOption {
type = lib.types.str;
default = "plex";
description = ''
Group under which Plex runs.
'';
};
extraPlugins = mkOption {
type = types.listOf types.path;
extraPlugins = lib.mkOption {
type = lib.types.listOf lib.types.path;
default = [];
description = ''
A list of paths to extra plugin bundles to install in Plex's plugin
@ -55,7 +52,7 @@ in
symlinks in Plex's plugin directory will be cleared and this module
will symlink all of the paths specified here to that directory.
'';
example = literalExpression ''
example = lib.literalExpression ''
[
(builtins.path {
name = "Audnexus.bundle";
@ -70,8 +67,8 @@ in
'';
};
extraScanners = mkOption {
type = types.listOf types.path;
extraScanners = lib.mkOption {
type = lib.types.listOf lib.types.path;
default = [];
description = ''
A list of paths to extra scanners to install in Plex's scanners
@ -81,7 +78,7 @@ in
in Plex's scanners directory will be cleared and this module will
symlink all of the paths specified here to that directory.
'';
example = literalExpression ''
example = lib.literalExpression ''
[
(fetchFromGitHub {
owner = "ZeroQI";
@ -93,8 +90,8 @@ in
'';
};
accelerationDevices = mkOption {
type = types.listOf types.str;
accelerationDevices = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = ["*"];
example = [ "/dev/dri/renderD128" ];
description = ''
@ -104,7 +101,7 @@ in
'';
};
package = mkPackageOption pkgs "plex" {
package = lib.mkPackageOption pkgs "plex" {
extraDescription = ''
Plex subscribers may wish to use their own package here,
pointing to subscriber-only server versions.
@ -113,7 +110,7 @@ in
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
# Most of this is just copied from the RPM package's systemd service file.
systemd.services.plex = {
description = "Plex Media Server";
@ -149,7 +146,7 @@ in
NoNewPrivileges = true;
PrivateTmp = true;
PrivateDevices = cfg.accelerationDevices == [];
DeviceAllow = mkIf (cfg.accelerationDevices != [] && !lib.elem "*" cfg.accelerationDevices) cfg.accelerationDevices;
DeviceAllow = lib.mkIf (cfg.accelerationDevices != [] && !lib.elem "*" cfg.accelerationDevices) cfg.accelerationDevices;
ProtectSystem = true;
ProtectHome = true;
ProtectControlGroups = true;
@ -167,8 +164,8 @@ in
environment = {
# Configuration for our FHS userenv script
PLEX_DATADIR=cfg.dataDir;
PLEX_PLUGINS=concatMapStringsSep ":" builtins.toString cfg.extraPlugins;
PLEX_SCANNERS=concatMapStringsSep ":" builtins.toString cfg.extraScanners;
PLEX_PLUGINS=lib.concatMapStringsSep ":" builtins.toString cfg.extraPlugins;
PLEX_SCANNERS=lib.concatMapStringsSep ":" builtins.toString cfg.extraScanners;
# The following variables should be set by the FHS userenv script:
# PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR
@ -186,19 +183,19 @@ in
};
};
networking.firewall = mkIf cfg.openFirewall {
networking.firewall = lib.mkIf cfg.openFirewall {
allowedTCPPorts = [ 32400 3005 8324 32469 ];
allowedUDPPorts = [ 1900 5353 32410 32412 32413 32414 ];
};
users.users = mkIf (cfg.user == "plex") {
users.users = lib.mkIf (cfg.user == "plex") {
plex = {
group = cfg.group;
uid = config.ids.uids.plex;
};
};
users.groups = mkIf (cfg.group == "plex") {
users.groups = lib.mkIf (cfg.group == "plex") {
plex = {
gid = config.ids.gids.plex;
};

17
nixos/modules/services/misc/plikd.nix
View File

@ -1,7 +1,4 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.plikd;
@ -11,15 +8,15 @@ in
{
options = {
services.plikd = {
enable = mkEnableOption "plikd, a temporary file upload system";
enable = lib.mkEnableOption "plikd, a temporary file upload system";
openFirewall = mkOption {
type = types.bool;
openFirewall = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Open ports in the firewall for the plikd.";
};
settings = mkOption {
settings = lib.mkOption {
type = format.type;
default = {};
description = ''
@ -30,8 +27,8 @@ in
};
};
config = mkIf cfg.enable {
services.plikd.settings = mapAttrs (name: mkDefault) {
config = lib.mkIf cfg.enable {
services.plikd.settings = lib.mapAttrs (name: lib.mkDefault) {
ListenPort = 8080;
ListenAddress = "localhost";
DataBackend = "file";
@ -75,7 +72,7 @@ in
};
};
networking.firewall = mkIf cfg.openFirewall {
networking.firewall = lib.mkIf cfg.openFirewall {
allowedTCPPorts = [ cfg.settings.ListenPort ];
};
};

42
nixos/modules/services/misc/polaris.nix
View File

@ -2,8 +2,6 @@
, pkgs
, lib
, ...}:
with lib;
let
cfg = config.services.polaris;
settingsFormat = pkgs.formats.toml {};
@ -11,31 +9,31 @@ in
{
options = {
services.polaris = {
enable = mkEnableOption "Polaris Music Server";
enable = lib.mkEnableOption "Polaris Music Server";
package = mkPackageOption pkgs "polaris" { };
package = lib.mkPackageOption pkgs "polaris" { };
user = mkOption {
type = types.str;
user = lib.mkOption {
type = lib.types.str;
default = "polaris";
description = "User account under which Polaris runs.";
};
group = mkOption {
type = types.str;
group = lib.mkOption {
type = lib.types.str;
default = "polaris";
description = "Group under which Polaris is run.";
};
extraGroups = mkOption {
type = types.listOf types.str;
extraGroups = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [];
description = "Polaris' auxiliary groups.";
example = literalExpression ''["media" "music"]'';
example = lib.literalExpression ''["media" "music"]'';
};
port = mkOption {
type = types.port;
port = lib.mkOption {
type = lib.types.port;
default = 5050;
description = ''
The port which the Polaris REST api and web UI should listen to.
@ -43,7 +41,7 @@ in
'';
};
settings = mkOption {
settings = lib.mkOption {
type = settingsFormat.type;
default = {};
description = ''
@ -51,7 +49,7 @@ in
Although poorly documented, an example may be found here:
[test-config.toml](https://github.com/agersant/polaris/blob/374d0ca56fc0a466d797a4b252e2078607476797/test-data/config.toml)
'';
example = literalExpression ''
example = lib.literalExpression ''
{
settings.reindex_every_n_seconds = 7*24*60*60; # weekly, default is 1800
settings.album_art_pattern =
@ -70,8 +68,8 @@ in
'';
};
openFirewall = mkOption {
type = types.bool;
openFirewall = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Open the configured port in the firewall.
@ -80,7 +78,7 @@ in
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.services.polaris = {
description = "Polaris Music Server";
after = [ "network.target" ];
@ -93,13 +91,13 @@ in
SupplementaryGroups = cfg.extraGroups;
StateDirectory = "polaris";
CacheDirectory = "polaris";
ExecStart = escapeShellArgs ([
ExecStart = lib.escapeShellArgs ([
"${cfg.package}/bin/polaris"
"--foreground"
"--port" cfg.port
"--database" "/var/lib/${StateDirectory}/db.sqlite"
"--cache" "/var/cache/${CacheDirectory}"
] ++ optionals (cfg.settings != {}) [
] ++ lib.optionals (cfg.settings != {}) [
"--config" (settingsFormat.generate "polaris-config.toml" cfg.settings)
]);
Restart = "on-failure";
@ -141,11 +139,11 @@ in
};
};
networking.firewall = mkIf cfg.openFirewall {
networking.firewall = lib.mkIf cfg.openFirewall {
allowedTCPPorts = [ cfg.port ];
};
};
meta.maintainers = with maintainers; [ pbsds ];
meta.maintainers = with lib.maintainers; [ pbsds ];
}

11
nixos/modules/services/misc/preload.nix
View File

@ -1,25 +1,22 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.preload;
in {
meta = { maintainers = pkgs.preload.meta.maintainers; };
options.services.preload = {
enable = mkEnableOption "preload";
package = mkPackageOption pkgs "preload" { };
enable = lib.mkEnableOption "preload";
package = lib.mkPackageOption pkgs "preload" { };
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.services.preload = {
description = "Loads data into ram during idle time of CPU.";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
EnvironmentFile = "${cfg.package}/etc/conf.d/preload";
ExecStart = "${getExe cfg.package} -l '' --foreground $PRELOAD_OPTS";
ExecStart = "${lib.getExe cfg.package} -l '' --foreground $PRELOAD_OPTS";
Type = "simple";
# Only preload data during CPU idle time
IOSchedulingClass = 3;

15
nixos/modules/services/misc/prowlarr.nix
View File

@ -1,7 +1,4 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.prowlarr;
@ -9,19 +6,19 @@ in
{
options = {
services.prowlarr = {
enable = mkEnableOption "Prowlarr, an indexer manager/proxy for Torrent trackers and Usenet indexers";
enable = lib.mkEnableOption "Prowlarr, an indexer manager/proxy for Torrent trackers and Usenet indexers";
package = mkPackageOption pkgs "prowlarr" { };
package = lib.mkPackageOption pkgs "prowlarr" { };
openFirewall = mkOption {
type = types.bool;
openFirewall = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Open ports in the firewall for the Prowlarr web interface.";
};
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.services.prowlarr = {
description = "Prowlarr";
after = [ "network.target" ];
@ -37,7 +34,7 @@ in
environment.HOME = "/var/empty";
};
networking.firewall = mkIf cfg.openFirewall {
networking.firewall = lib.mkIf cfg.openFirewall {
allowedTCPPorts = [ 9696 ];
};
};

34
nixos/modules/services/misc/pykms.nix
View File

@ -1,6 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.pykms;
libDir = "/var/lib/pykms";
@ -10,56 +8,56 @@ in
meta.maintainers = with lib.maintainers; [ peterhoeg ];
imports = [
(mkRemovedOptionModule [ "services" "pykms" "verbose" ] "Use services.pykms.logLevel instead")
(lib.mkRemovedOptionModule [ "services" "pykms" "verbose" ] "Use services.pykms.logLevel instead")
];
options = {
services.pykms = {
enable = mkOption {
type = types.bool;
enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Whether to enable the PyKMS service.";
};
listenAddress = mkOption {
type = types.str;
listenAddress = lib.mkOption {
type = lib.types.str;
default = "0.0.0.0";
description = "The IP address on which to listen.";
};
port = mkOption {
type = types.port;
port = lib.mkOption {
type = lib.types.port;
default = 1688;
description = "The port on which to listen.";
};
openFirewallPort = mkOption {
type = types.bool;
openFirewallPort = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Whether the listening port should be opened automatically.";
};
memoryLimit = mkOption {
type = types.str;
memoryLimit = lib.mkOption {
type = lib.types.str;
default = "64M";
description = "How much memory to use at most.";
};
logLevel = mkOption {
type = types.enum [ "CRITICAL" "ERROR" "WARNING" "INFO" "DEBUG" "MININFO" ];
logLevel = lib.mkOption {
type = lib.types.enum [ "CRITICAL" "ERROR" "WARNING" "INFO" "DEBUG" "MININFO" ];
default = "INFO";
description = "How much to log";
};
extraArgs = mkOption {
type = types.listOf types.str;
extraArgs = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ ];
description = "Additional arguments";
};
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
networking.firewall.allowedTCPPorts = lib.mkIf cfg.openFirewallPort [ cfg.port ];
systemd.services.pykms = {

31
nixos/modules/services/misc/radarr.nix
View File

@ -1,7 +1,4 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.radarr;
@ -9,37 +6,37 @@ in
{
options = {
services.radarr = {
enable = mkEnableOption "Radarr, a UsetNet/BitTorrent movie downloader";
enable = lib.mkEnableOption "Radarr, a UsetNet/BitTorrent movie downloader";
package = mkPackageOption pkgs "radarr" { };
package = lib.mkPackageOption pkgs "radarr" { };
dataDir = mkOption {
type = types.str;
dataDir = lib.mkOption {
type = lib.types.str;
default = "/var/lib/radarr/.config/Radarr";
description = "The directory where Radarr stores its data files.";
};
openFirewall = mkOption {
type = types.bool;
openFirewall = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Open ports in the firewall for the Radarr web interface.";
};
user = mkOption {
type = types.str;
user = lib.mkOption {
type = lib.types.str;
default = "radarr";
description = "User account under which Radarr runs.";
};
group = mkOption {
type = types.str;
group = lib.mkOption {
type = lib.types.str;
default = "radarr";
description = "Group under which Radarr runs.";
};
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.tmpfiles.settings."10-radarr".${cfg.dataDir}.d = {
inherit (cfg) user group;
mode = "0700";
@ -59,11 +56,11 @@ in
};
};
networking.firewall = mkIf cfg.openFirewall {
networking.firewall = lib.mkIf cfg.openFirewall {
allowedTCPPorts = [ 7878 ];
};
users.users = mkIf (cfg.user == "radarr") {
users.users = lib.mkIf (cfg.user == "radarr") {
radarr = {
group = cfg.group;
home = cfg.dataDir;
@ -71,7 +68,7 @@ in
};
};
users.groups = mkIf (cfg.group == "radarr") {
users.groups = lib.mkIf (cfg.group == "radarr") {
radarr.gid = config.ids.gids.radarr;
};
};

31
nixos/modules/services/misc/readarr.nix
View File

@ -1,41 +1,38 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.readarr;
in
{
options = {
services.readarr = {
enable = mkEnableOption "Readarr, a Usenet/BitTorrent ebook downloader";
enable = lib.mkEnableOption "Readarr, a Usenet/BitTorrent ebook downloader";
dataDir = mkOption {
type = types.str;
dataDir = lib.mkOption {
type = lib.types.str;
default = "/var/lib/readarr/";
description = "The directory where Readarr stores its data files.";
};
package = mkPackageOption pkgs "readarr" { };
package = lib.mkPackageOption pkgs "readarr" { };
openFirewall = mkOption {
type = types.bool;
openFirewall = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Open ports in the firewall for Readarr
'';
};
user = mkOption {
type = types.str;
user = lib.mkOption {
type = lib.types.str;
default = "readarr";
description = ''
User account under which Readarr runs.
'';
};
group = mkOption {
type = types.str;
group = lib.mkOption {
type = lib.types.str;
default = "readarr";
description = ''
Group under which Readarr runs.
@ -44,7 +41,7 @@ in
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.tmpfiles.settings."10-readarr".${cfg.dataDir}.d = {
inherit (cfg) user group;
mode = "0700";
@ -64,11 +61,11 @@ in
};
};
networking.firewall = mkIf cfg.openFirewall {
networking.firewall = lib.mkIf cfg.openFirewall {
allowedTCPPorts = [ 8787 ];
};
users.users = mkIf (cfg.user == "readarr") {
users.users = lib.mkIf (cfg.user == "readarr") {
readarr = {
description = "Readarr service";
home = cfg.dataDir;
@ -77,7 +74,7 @@ in
};
};
users.groups = mkIf (cfg.group == "readarr") {
users.groups = lib.mkIf (cfg.group == "readarr") {
readarr = { };
};
};

79
nixos/modules/services/misc/ripple-data-api.nix
View File

@ -1,7 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.rippleDataApi;
@ -23,8 +20,8 @@ let
db_config = builtins.toJSON {
production = {
username = optional (cfg.couchdb.pass != "") cfg.couchdb.user;
password = optional (cfg.couchdb.pass != "") cfg.couchdb.pass;
username = lib.optional (cfg.couchdb.pass != "") cfg.couchdb.user;
password = lib.optional (cfg.couchdb.pass != "") cfg.couchdb.pass;
host = cfg.couchdb.host;
port = cfg.couchdb.port;
database = cfg.couchdb.db;
@ -35,105 +32,105 @@ let
in {
options = {
services.rippleDataApi = {
enable = mkEnableOption "ripple data api";
enable = lib.mkEnableOption "ripple data api";
port = mkOption {
port = lib.mkOption {
description = "Ripple data api port";
default = 5993;
type = types.port;
type = lib.types.port;
};
importMode = mkOption {
importMode = lib.mkOption {
description = "Ripple data api import mode.";
default = "liveOnly";
type = types.enum ["live" "liveOnly"];
type = lib.types.enum ["live" "liveOnly"];
};
minLedger = mkOption {
minLedger = lib.mkOption {
description = "Ripple data api minimal ledger to fetch.";
default = null;
type = types.nullOr types.int;
type = lib.types.nullOr lib.types.int;
};
maxLedger = mkOption {
maxLedger = lib.mkOption {
description = "Ripple data api maximal ledger to fetch.";
default = null;
type = types.nullOr types.int;
type = lib.types.nullOr lib.types.int;
};
redis = {
enable = mkOption {
enable = lib.mkOption {
description = "Whether to enable caching of ripple data to redis.";
default = true;
type = types.bool;
type = lib.types.bool;
};
host = mkOption {
host = lib.mkOption {
description = "Ripple data api redis host.";
default = "localhost";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
description = "Ripple data api redis port.";
default = 5984;
type = types.port;
type = lib.types.port;
};
};
couchdb = {
host = mkOption {
host = lib.mkOption {
description = "Ripple data api couchdb host.";
default = "localhost";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
description = "Ripple data api couchdb port.";
default = 5984;
type = types.port;
type = lib.types.port;
};
db = mkOption {
db = lib.mkOption {
description = "Ripple data api couchdb database.";
default = "rippled";
type = types.str;
type = lib.types.str;
};
user = mkOption {
user = lib.mkOption {
description = "Ripple data api couchdb username.";
default = "rippled";
type = types.str;
type = lib.types.str;
};
pass = mkOption {
pass = lib.mkOption {
description = "Ripple data api couchdb password.";
default = "";
type = types.str;
type = lib.types.str;
};
create = mkOption {
create = lib.mkOption {
description = "Whether to create couchdb database needed by ripple data api.";
type = types.bool;
type = lib.types.bool;
default = true;
};
};
rippleds = mkOption {
rippleds = lib.mkOption {
description = "List of rippleds to be used by ripple data api.";
default = [
"http://s_east.ripple.com:51234"
"http://s_west.ripple.com:51234"
];
type = types.listOf types.str;
type = lib.types.listOf lib.types.str;
};
};
};
config = mkIf (cfg.enable) {
services.couchdb.enable = mkDefault true;
services.couchdb.bindAddress = mkDefault "0.0.0.0";
services.redis.enable = mkDefault true;
config = lib.mkIf (cfg.enable) {
services.couchdb.enable = lib.mkDefault true;
services.couchdb.bindAddress = lib.mkDefault "0.0.0.0";
services.redis.enable = lib.mkDefault true;
systemd.services.ripple-data-api = {
after = [ "couchdb.service" "redis.service" "ripple-data-api-importer.service" ];
@ -176,9 +173,9 @@ in {
User = "ripple-data-api";
};
preStart = mkMerge [
(mkIf (cfg.couchdb.create) ''
HOST="http://${optionalString (cfg.couchdb.pass != "") "${cfg.couchdb.user}:${cfg.couchdb.pass}@"}${cfg.couchdb.host}:${toString cfg.couchdb.port}"
preStart = lib.mkMerge [
(lib.mkIf (cfg.couchdb.create) ''
HOST="http://${lib.optionalString (cfg.couchdb.pass != "") "${cfg.couchdb.user}:${cfg.couchdb.pass}@"}${cfg.couchdb.host}:${toString cfg.couchdb.port}"
curl -X PUT $HOST/${cfg.couchdb.db} || true
'')
"${pkgs.ripple-data-api}/bin/update-views"

60
nixos/modules/services/misc/rkvm.nix
View File

@ -1,6 +1,4 @@
{ options, config, pkgs, lib, ... }:
with lib;
let
opt = options.services.rkvm;
cfg = config.services.rkvm;
@ -10,35 +8,35 @@ in
meta.maintainers = [ ];
options.services.rkvm = {
enable = mkOption {
enable = lib.mkOption {
default = cfg.server.enable || cfg.client.enable;
defaultText = literalExpression "config.${opt.server.enable} || config.${opt.client.enable}";
type = types.bool;
defaultText = lib.literalExpression "config.${opt.server.enable} || config.${opt.client.enable}";
type = lib.types.bool;
description = ''
Whether to enable rkvm, a Virtual KVM switch for Linux machines.
'';
};
package = mkPackageOption pkgs "rkvm" { };
package = lib.mkPackageOption pkgs "rkvm" { };
server = {
enable = mkEnableOption "the rkvm server daemon (input transmitter)";
enable = lib.mkEnableOption "the rkvm server daemon (input transmitter)";
settings = mkOption {
type = types.submodule
settings = lib.mkOption {
type = lib.types.submodule
{
freeformType = toml.type;
options = {
listen = mkOption {
type = types.str;
listen = lib.mkOption {
type = lib.types.str;
default = "0.0.0.0:5258";
description = ''
An internet socket address to listen on, either IPv4 or IPv6.
'';
};
switch-keys = mkOption {
type = types.listOf types.str;
switch-keys = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ "left-alt" "left-ctrl" ];
description = ''
A key list specifying a host switch combination.
@ -47,8 +45,8 @@ in
'';
};
certificate = mkOption {
type = types.path;
certificate = lib.mkOption {
type = lib.types.path;
default = "/etc/rkvm/certificate.pem";
description = ''
TLS certificate path.
@ -59,8 +57,8 @@ in
'';
};
key = mkOption {
type = types.path;
key = lib.mkOption {
type = lib.types.path;
default = "/etc/rkvm/key.pem";
description = ''
TLS key path.
@ -71,8 +69,8 @@ in
'';
};
password = mkOption {
type = types.str;
password = lib.mkOption {
type = lib.types.str;
description = ''
Shared secret token to authenticate the client.
Make sure this matches your client's config.
@ -87,23 +85,23 @@ in
};
client = {
enable = mkEnableOption "the rkvm client daemon (input receiver)";
enable = lib.mkEnableOption "the rkvm client daemon (input receiver)";
settings = mkOption {
type = types.submodule
settings = lib.mkOption {
type = lib.types.submodule
{
freeformType = toml.type;
options = {
server = mkOption {
type = types.str;
server = lib.mkOption {
type = lib.types.str;
example = "192.168.0.123:5258";
description = ''
An RKVM server's internet socket address, either IPv4 or IPv6.
'';
};
certificate = mkOption {
type = types.path;
certificate = lib.mkOption {
type = lib.types.path;
default = "/etc/rkvm/certificate.pem";
description = ''
TLS ceritficate path.
@ -114,8 +112,8 @@ in
'';
};
password = mkOption {
type = types.str;
password = lib.mkOption {
type = lib.types.str;
description = ''
Shared secret token to authenticate the client.
Make sure this matches your server's config.
@ -131,7 +129,7 @@ in
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
environment.systemPackages = [ cfg.package ];
systemd.services =
@ -156,8 +154,8 @@ in
};
in
{
rkvm-server = mkIf cfg.server.enable (mkBase "server");
rkvm-client = mkIf cfg.client.enable (mkBase "client");
rkvm-server = lib.mkIf cfg.server.enable (mkBase "server");
rkvm-client = lib.mkIf cfg.client.enable (mkBase "client");
};
};

35
nixos/modules/services/misc/rmfakecloud.nix
View File

@ -4,9 +4,6 @@
pkgs,
...
}:
with lib;
let
cfg = config.services.rmfakecloud;
serviceDataDir = "/var/lib/rmfakecloud";
@ -15,28 +12,28 @@ in
{
options = {
services.rmfakecloud = {
enable = mkEnableOption "rmfakecloud remarkable self-hosted cloud";
enable = lib.mkEnableOption "rmfakecloud remarkable self-hosted cloud";
package = mkPackageOption pkgs "rmfakecloud" { };
package = lib.mkPackageOption pkgs "rmfakecloud" { };
storageUrl = mkOption {
type = types.str;
storageUrl = lib.mkOption {
type = lib.types.str;
example = "https://local.appspot.com";
description = ''
URL used by the tablet to access the rmfakecloud service.
'';
};
port = mkOption {
type = types.port;
port = lib.mkOption {
type = lib.types.port;
default = 3000;
description = ''
Listening port number.
'';
};
logLevel = mkOption {
type = types.enum [
logLevel = lib.mkOption {
type = lib.types.enum [
"info"
"debug"
"warn"
@ -48,8 +45,8 @@ in
'';
};
extraSettings = mkOption {
type = with types; attrsOf str;
extraSettings = lib.mkOption {
type = with lib.types; attrsOf str;
default = { };
example = {
DATADIR = "/custom/path/for/rmfakecloud/data";
@ -63,8 +60,8 @@ in
'';
};
environmentFile = mkOption {
type = with types; nullOr path;
environmentFile = lib.mkOption {
type = with lib.types; nullOr path;
default = null;
example = "/etc/secrets/rmfakecloud.env";
description = ''
@ -78,7 +75,7 @@ in
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.services.rmfakecloud = {
description = "rmfakecloud remarkable self-hosted cloud";
@ -113,9 +110,9 @@ in
Type = "simple";
Restart = "always";
EnvironmentFile = mkIf (cfg.environmentFile != null) cfg.environmentFile;
EnvironmentFile = lib.mkIf (cfg.environmentFile != null) cfg.environmentFile;
AmbientCapabilities = mkIf (cfg.port < 1024) [ "CAP_NET_BIND_SERVICE" ];
AmbientCapabilities = lib.mkIf (cfg.port < 1024) [ "CAP_NET_BIND_SERVICE" ];
DynamicUser = true;
PrivateDevices = true;
@ -148,5 +145,5 @@ in
};
};
meta.maintainers = with maintainers; [ pacien ];
meta.maintainers = with lib.maintainers; [ pacien ];
}

7
nixos/modules/services/misc/safeeyes.nix
View File

@ -1,7 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.safeeyes;
@ -16,7 +13,7 @@ in
services.safeeyes = {
enable = mkEnableOption "the safeeyes OSGi service";
enable = lib.mkEnableOption "the safeeyes OSGi service";
};
@ -24,7 +21,7 @@ in
###### implementation
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
environment.systemPackages = [ pkgs.safeeyes ];

5
nixos/modules/services/misc/sdrplay.nix
View File

@ -1,8 +1,7 @@
{ config, lib, pkgs, ... }:
with lib;
{
options.services.sdrplayApi = {
enable = mkOption {
enable = lib.mkOption {
default = false;
example = true;
description = ''
@ -17,7 +16,7 @@ with lib;
};
};
config = mkIf config.services.sdrplayApi.enable {
config = lib.mkIf config.services.sdrplayApi.enable {
systemd.services.sdrplayApi = {
description = "SDRplay API Service";
after = [ "network.target" ];

13
nixos/modules/services/misc/serviio.nix
View File

@ -1,7 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.serviio;
@ -28,16 +25,16 @@ in {
options = {
services.serviio = {
enable = mkOption {
type = types.bool;
enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Whether to enable the Serviio Media Server.
'';
};
dataDir = mkOption {
type = types.path;
dataDir = lib.mkOption {
type = lib.types.path;
default = "/var/lib/serviio";
description = ''
The directory where serviio stores its state, data, etc.
@ -49,7 +46,7 @@ in {
###### implementation
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.services.serviio = {
description = "Serviio Media Server";
after = [ "network.target" ];

37
nixos/modules/services/misc/sickbeard.nix
View File

@ -1,7 +1,4 @@
{ config, lib, options, pkgs, ... }:
with lib;
let
name = "sickbeard";
@ -17,41 +14,41 @@ in
options = {
services.sickbeard = {
enable = mkOption {
type = types.bool;
enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Whether to enable the sickbeard server.";
};
package = mkPackageOption pkgs "sickbeard" {
package = lib.mkPackageOption pkgs "sickbeard" {
example = "sickrage";
extraDescription = ''
Enable `pkgs.sickrage` or `pkgs.sickgear`
as an alternative to SickBeard
'';
};
dataDir = mkOption {
type = types.path;
dataDir = lib.mkOption {
type = lib.types.path;
default = "/var/lib/${name}";
description = "Path where to store data files.";
};
configFile = mkOption {
type = types.path;
configFile = lib.mkOption {
type = lib.types.path;
default = "${cfg.dataDir}/config.ini";
defaultText = literalExpression ''"''${config.${opt.dataDir}}/config.ini"'';
defaultText = lib.literalExpression ''"''${config.${opt.dataDir}}/config.ini"'';
description = "Path to config file.";
};
port = mkOption {
type = types.ints.u16;
port = lib.mkOption {
type = lib.types.ints.u16;
default = 8081;
description = "Port to bind to.";
};
user = mkOption {
type = types.str;
user = lib.mkOption {
type = lib.types.str;
default = name;
description = "User to run the service as";
};
group = mkOption {
type = types.str;
group = lib.mkOption {
type = lib.types.str;
default = name;
description = "Group to run the service as";
};
@ -61,9 +58,9 @@ in
###### implementation
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
users.users = optionalAttrs (cfg.user == name) {
users.users = lib.optionalAttrs (cfg.user == name) {
${name} = {
uid = config.ids.uids.sickbeard;
group = cfg.group;
@ -73,7 +70,7 @@ in
};
};
users.groups = optionalAttrs (cfg.group == name) {
users.groups = lib.optionalAttrs (cfg.group == name) {
${name}.gid = config.ids.gids.sickbeard;
};

22
nixos/modules/services/misc/signald.nix
View File

@ -1,6 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.signald;
dataDir = "/var/lib/signald";
@ -8,36 +6,36 @@ let
in
{
options.services.signald = {
enable = mkEnableOption "signald, the unofficial daemon for interacting with Signal";
enable = lib.mkEnableOption "signald, the unofficial daemon for interacting with Signal";
user = mkOption {
type = types.str;
user = lib.mkOption {
type = lib.types.str;
default = defaultUser;
description = "User under which signald runs.";
};
group = mkOption {
type = types.str;
group = lib.mkOption {
type = lib.types.str;
default = defaultUser;
description = "Group under which signald runs.";
};
socketPath = mkOption {
type = types.str;
socketPath = lib.mkOption {
type = lib.types.str;
default = "/run/signald/signald.sock";
description = "Path to the signald socket";
};
};
config = mkIf cfg.enable {
users.users = optionalAttrs (cfg.user == defaultUser) {
config = lib.mkIf cfg.enable {
users.users = lib.optionalAttrs (cfg.user == defaultUser) {
${defaultUser} = {
group = cfg.group;
isSystemUser = true;
};
};
users.groups = optionalAttrs (cfg.group == defaultUser) {
users.groups = lib.optionalAttrs (cfg.group == defaultUser) {
${defaultUser} = { };
};

69
nixos/modules/services/misc/siproxd.nix
View File

@ -1,7 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.siproxd;
@ -17,10 +14,10 @@ let
rtp_port_high = ${toString cfg.rtpPortHigh}
rtp_dscp = ${toString cfg.rtpDscp}
sip_dscp = ${toString cfg.sipDscp}
${optionalString (cfg.hostsAllowReg != []) "hosts_allow_reg = ${concatStringsSep "," cfg.hostsAllowReg}"}
${optionalString (cfg.hostsAllowSip != []) "hosts_allow_sip = ${concatStringsSep "," cfg.hostsAllowSip}"}
${optionalString (cfg.hostsDenySip != []) "hosts_deny_sip = ${concatStringsSep "," cfg.hostsDenySip}"}
${optionalString (cfg.passwordFile != "") "proxy_auth_pwfile = ${cfg.passwordFile}"}
${lib.optionalString (cfg.hostsAllowReg != []) "hosts_allow_reg = ${lib.concatStringsSep "," cfg.hostsAllowReg}"}
${lib.optionalString (cfg.hostsAllowSip != []) "hosts_allow_sip = ${lib.concatStringsSep "," cfg.hostsAllowSip}"}
${lib.optionalString (cfg.hostsDenySip != []) "hosts_deny_sip = ${lib.concatStringsSep "," cfg.hostsDenySip}"}
${lib.optionalString (cfg.passwordFile != "") "proxy_auth_pwfile = ${cfg.passwordFile}"}
${cfg.extraConfig}
'';
@ -34,8 +31,8 @@ in
services.siproxd = {
enable = mkOption {
type = types.bool;
enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Whether to enable the Siproxd SIP
@ -43,20 +40,20 @@ in
'';
};
ifInbound = mkOption {
type = types.str;
ifInbound = lib.mkOption {
type = lib.types.str;
example = "eth0";
description = "Local network interface";
};
ifOutbound = mkOption {
type = types.str;
ifOutbound = lib.mkOption {
type = lib.types.str;
example = "ppp0";
description = "Public network interface";
};
hostsAllowReg = mkOption {
type = types.listOf types.str;
hostsAllowReg = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ ];
example = [ "192.168.1.0/24" "192.168.2.0/24" ];
description = ''
@ -64,8 +61,8 @@ in
'';
};
hostsAllowSip = mkOption {
type = types.listOf types.str;
hostsAllowSip = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ ];
example = [ "123.45.0.0/16" "123.46.0.0/16" ];
description = ''
@ -73,8 +70,8 @@ in
'';
};
hostsDenySip = mkOption {
type = types.listOf types.str;
hostsDenySip = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ ];
example = [ "10.0.0.0/8" "11.0.0.0/8" ];
description = ''
@ -83,32 +80,32 @@ in
'';
};
sipListenPort = mkOption {
type = types.int;
sipListenPort = lib.mkOption {
type = lib.types.int;
default = 5060;
description = ''
Port to listen for incoming SIP messages.
'';
};
rtpPortLow = mkOption {
type = types.int;
rtpPortLow = lib.mkOption {
type = lib.types.int;
default = 7070;
description = ''
Bottom of UDP port range for incoming and outgoing RTP traffic
'';
};
rtpPortHigh = mkOption {
type = types.int;
rtpPortHigh = lib.mkOption {
type = lib.types.int;
default = 7089;
description = ''
Top of UDP port range for incoming and outgoing RTP traffic
'';
};
rtpTimeout = mkOption {
type = types.int;
rtpTimeout = lib.mkOption {
type = lib.types.int;
default = 300;
description = ''
Timeout for an RTP stream. If for the specified
@ -117,8 +114,8 @@ in
'';
};
rtpDscp = mkOption {
type = types.int;
rtpDscp = lib.mkOption {
type = lib.types.int;
default = 46;
description = ''
DSCP (differentiated services) value to be assigned
@ -127,8 +124,8 @@ in
'';
};
sipDscp = mkOption {
type = types.int;
sipDscp = lib.mkOption {
type = lib.types.int;
default = 0;
description = ''
DSCP (differentiated services) value to be assigned
@ -137,16 +134,16 @@ in
'';
};
passwordFile = mkOption {
type = types.str;
passwordFile = lib.mkOption {
type = lib.types.str;
default = "";
description = ''
Path to per-user password file.
'';
};
extraConfig = mkOption {
type = types.lines;
extraConfig = lib.mkOption {
type = lib.types.lines;
default = "";
description = ''
Extra configuration to add to siproxd configuration.
@ -159,7 +156,7 @@ in
##### implementation
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
users.users.siproxyd = {
uid = config.ids.uids.siproxd;

17
nixos/modules/services/misc/soft-serve.nix
View File

@ -1,7 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.soft-serve;
configFile = format.generate "config.yaml" cfg.settings;
@ -12,11 +9,11 @@ in
{
options = {
services.soft-serve = {
enable = mkEnableOption "soft-serve";
enable = lib.mkEnableOption "soft-serve";
package = mkPackageOption pkgs "soft-serve" { };
package = lib.mkPackageOption pkgs "soft-serve" { };
settings = mkOption {
settings = lib.mkOption {
type = format.type;
default = { };
description = ''
@ -24,7 +21,7 @@ in
See <${docUrl}>.
'';
example = literalExpression ''
example = lib.literalExpression ''
{
name = "dadada's repos";
log_format = "text";
@ -41,7 +38,7 @@ in
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = [
# The config file has to be inside the state dir
@ -61,7 +58,7 @@ in
Type = "simple";
DynamicUser = true;
Restart = "always";
ExecStart = "${getExe cfg.package} serve";
ExecStart = "${lib.getExe cfg.package} serve";
StateDirectory = "soft-serve";
WorkingDirectory = stateDir;
RuntimeDirectory = "soft-serve";
@ -95,5 +92,5 @@ in
};
};
meta.maintainers = [ maintainers.dadada ];
meta.maintainers = [ lib.maintainers.dadada ];
}

31
nixos/modules/services/misc/sonarr.nix
View File

@ -1,46 +1,43 @@
{ config, pkgs, lib, utils, ... }:
with lib;
let
cfg = config.services.sonarr;
in
{
options = {
services.sonarr = {
enable = mkEnableOption "Sonarr";
enable = lib.mkEnableOption "Sonarr";
dataDir = mkOption {
type = types.str;
dataDir = lib.mkOption {
type = lib.types.str;
default = "/var/lib/sonarr/.config/NzbDrone";
description = "The directory where Sonarr stores its data files.";
};
openFirewall = mkOption {
type = types.bool;
openFirewall = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Open ports in the firewall for the Sonarr web interface
'';
};
user = mkOption {
type = types.str;
user = lib.mkOption {
type = lib.types.str;
default = "sonarr";
description = "User account under which Sonaar runs.";
};
group = mkOption {
type = types.str;
group = lib.mkOption {
type = lib.types.str;
default = "sonarr";
description = "Group under which Sonaar runs.";
};
package = mkPackageOption pkgs "sonarr" { };
package = lib.mkPackageOption pkgs "sonarr" { };
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = [
"d '${cfg.dataDir}' 0700 ${cfg.user} ${cfg.group} - -"
];
@ -63,11 +60,11 @@ in
};
};
networking.firewall = mkIf cfg.openFirewall {
networking.firewall = lib.mkIf cfg.openFirewall {
allowedTCPPorts = [ 8989 ];
};
users.users = mkIf (cfg.user == "sonarr") {
users.users = lib.mkIf (cfg.user == "sonarr") {
sonarr = {
group = cfg.group;
home = cfg.dataDir;
@ -75,7 +72,7 @@ in
};
};
users.groups = mkIf (cfg.group == "sonarr") {
users.groups = lib.mkIf (cfg.group == "sonarr") {
sonarr.gid = config.ids.gids.sonarr;
};
};

6
nixos/modules/services/misc/spice-vdagentd.nix
View File

@ -1,17 +1,15 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.spice-vdagentd;
in
{
options = {
services.spice-vdagentd = {
enable = mkEnableOption "Spice guest vdagent daemon";
enable = lib.mkEnableOption "Spice guest vdagent daemon";
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
environment.systemPackages = [ pkgs.spice-vdagent ];

8
nixos/modules/services/misc/spice-webdavd.nix
View File

@ -1,19 +1,17 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.spice-webdavd;
in
{
options = {
services.spice-webdavd = {
enable = mkEnableOption "the spice guest webdav proxy daemon";
enable = lib.mkEnableOption "the spice guest webdav proxy daemon";
package = mkPackageOption pkgs "phodav" { };
package = lib.mkPackageOption pkgs "phodav" { };
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
# ensure the webdav fs this exposes can actually be mounted
services.davfs2.enable = true;

29
nixos/modules/services/misc/sssd.nix
View File

@ -1,5 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.sssd;
nscd = config.services.nscd;
@ -10,10 +9,10 @@ let
in {
options = {
services.sssd = {
enable = mkEnableOption "the System Security Services Daemon";
enable = lib.mkEnableOption "the System Security Services Daemon";
config = mkOption {
type = types.lines;
config = lib.mkOption {
type = lib.types.lines;
description = "Contents of {file}`sssd.conf`.";
default = ''
[sssd]
@ -34,8 +33,8 @@ in {
'';
};
sshAuthorizedKeysIntegration = mkOption {
type = types.bool;
sshAuthorizedKeysIntegration = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Whether to make sshd look up authorized keys from SSS.
@ -43,16 +42,16 @@ in {
'';
};
kcm = mkOption {
type = types.bool;
kcm = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Whether to use SSS as a Kerberos Cache Manager (KCM).
Kerberos will be configured to cache credentials in SSS.
'';
};
environmentFile = mkOption {
type = types.nullOr types.path;
environmentFile = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = null;
description = ''
Environment file as defined in {manpage}`systemd.exec(5)`.
@ -75,8 +74,8 @@ in {
};
};
};
config = mkMerge [
(mkIf cfg.enable {
config = lib.mkMerge [
(lib.mkIf cfg.enable {
# For `sssctl` to work.
environment.etc."sssd/sssd.conf".source = settingsFile;
environment.etc."sssd/conf.d".source = "${dataDir}/conf.d";
@ -126,7 +125,7 @@ in {
services.dbus.packages = [ pkgs.sssd ];
})
(mkIf cfg.kcm {
(lib.mkIf cfg.kcm {
systemd.services.sssd-kcm = {
description = "SSSD Kerberos Cache Manager";
requires = [ "sssd-kcm.socket" ];
@ -148,7 +147,7 @@ in {
security.krb5.settings.libdefaults.default_ccache_name = "KCM:";
})
(mkIf cfg.sshAuthorizedKeysIntegration {
(lib.mkIf cfg.sshAuthorizedKeysIntegration {
# Ugly: sshd refuses to start if a store path is given because /nix/store is group-writable.
# So indirect by a symlink.
environment.etc."ssh/authorized_keys_command" = {
@ -162,5 +161,5 @@ in {
services.openssh.authorizedKeysCommandUser = "nobody";
})];
meta.maintainers = with maintainers; [ bbigras ];
meta.maintainers = with lib.maintainers; [ bbigras ];
}

49
nixos/modules/services/misc/subsonic.nix
View File

@ -1,17 +1,14 @@
{ config, lib, options, pkgs, ... }:
with lib;
let
cfg = config.services.subsonic;
opt = options.services.subsonic;
in {
options = {
services.subsonic = {
enable = mkEnableOption "Subsonic daemon";
enable = lib.mkEnableOption "Subsonic daemon";
home = mkOption {
type = types.path;
home = lib.mkOption {
type = lib.types.path;
default = "/var/lib/subsonic";
description = ''
The directory where Subsonic will create files.
@ -19,8 +16,8 @@ in {
'';
};
listenAddress = mkOption {
type = types.str;
listenAddress = lib.mkOption {
type = lib.types.str;
default = "0.0.0.0";
description = ''
The host name or IP address on which to bind Subsonic.
@ -30,8 +27,8 @@ in {
'';
};
port = mkOption {
type = types.port;
port = lib.mkOption {
type = lib.types.port;
default = 4040;
description = ''
The port on which Subsonic will listen for
@ -39,8 +36,8 @@ in {
'';
};
httpsPort = mkOption {
type = types.port;
httpsPort = lib.mkOption {
type = lib.types.port;
default = 0;
description = ''
The port on which Subsonic will listen for
@ -48,8 +45,8 @@ in {
'';
};
contextPath = mkOption {
type = types.path;
contextPath = lib.mkOption {
type = lib.types.path;
default = "/";
description = ''
The context path, i.e., the last part of the Subsonic
@ -57,8 +54,8 @@ in {
'';
};
maxMemory = mkOption {
type = types.int;
maxMemory = lib.mkOption {
type = lib.types.int;
default = 100;
description = ''
The memory limit (max Java heap size) in megabytes.
@ -66,8 +63,8 @@ in {
'';
};
defaultMusicFolder = mkOption {
type = types.path;
defaultMusicFolder = lib.mkOption {
type = lib.types.path;
default = "/var/music";
description = ''
Configure Subsonic to use this folder for music. This option
@ -75,8 +72,8 @@ in {
'';
};
defaultPodcastFolder = mkOption {
type = types.path;
defaultPodcastFolder = lib.mkOption {
type = lib.types.path;
default = "/var/music/Podcast";
description = ''
Configure Subsonic to use this folder for Podcasts. This option
@ -84,8 +81,8 @@ in {
'';
};
defaultPlaylistFolder = mkOption {
type = types.path;
defaultPlaylistFolder = lib.mkOption {
type = lib.types.path;
default = "/var/playlists";
description = ''
Configure Subsonic to use this folder for playlists. This option
@ -93,10 +90,10 @@ in {
'';
};
transcoders = mkOption {
type = types.listOf types.path;
transcoders = lib.mkOption {
type = lib.types.listOf lib.types.path;
default = [ "${pkgs.ffmpeg.bin}/bin/ffmpeg" ];
defaultText = literalExpression ''[ "''${pkgs.ffmpeg.bin}/bin/ffmpeg" ]'';
defaultText = lib.literalExpression ''[ "''${pkgs.ffmpeg.bin}/bin/ffmpeg" ]'';
description = ''
List of paths to transcoder executables that should be accessible
from Subsonic. Symlinks will be created to each executable inside
@ -106,7 +103,7 @@ in {
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.services.subsonic = {
description = "Personal media streamer";
after = [ "network.target" ];

7
nixos/modules/services/misc/sundtek.nix
View File

@ -1,17 +1,14 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.sundtek;
in
{
options.services.sundtek = {
enable = mkEnableOption "Sundtek driver";
enable = lib.mkEnableOption "Sundtek driver";
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
environment.systemPackages = [ pkgs.sundtek ];

13
nixos/modules/services/misc/svnserve.nix
View File

@ -1,8 +1,5 @@
# SVN server
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.svnserve;
@ -17,14 +14,14 @@ in
services.svnserve = {
enable = mkOption {
type = types.bool;
enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Whether to enable svnserve to serve Subversion repositories through the SVN protocol.";
};
svnBaseDir = mkOption {
type = types.str;
svnBaseDir = lib.mkOption {
type = lib.types.str;
default = "/repos";
description = "Base directory from which Subversion repositories are accessed.";
};
@ -35,7 +32,7 @@ in
###### implementation
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.services.svnserve = {
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];

57
nixos/modules/services/misc/synergy.nix
View File

@ -1,7 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfgC = config.services.synergy.client;
@ -19,60 +16,60 @@ in
# !!! All these option descriptions needs to be cleaned up.
client = {
enable = mkEnableOption "the Synergy client (receive keyboard and mouse events from a Synergy server)";
enable = lib.mkEnableOption "the Synergy client (receive keyboard and mouse events from a Synergy server)";
screenName = mkOption {
screenName = lib.mkOption {
default = "";
type = types.str;
type = lib.types.str;
description = ''
Use the given name instead of the hostname to identify
ourselves to the server.
'';
};
serverAddress = mkOption {
type = types.str;
serverAddress = lib.mkOption {
type = lib.types.str;
description = ''
The server address is of the form: [hostname][:port]. The
hostname must be the address or hostname of the server. The
port overrides the default port, 24800.
'';
};
autoStart = mkOption {
autoStart = lib.mkOption {
default = true;
type = types.bool;
type = lib.types.bool;
description = "Whether the Synergy client should be started automatically.";
};
};
server = {
enable = mkEnableOption "the Synergy server (send keyboard and mouse events)";
enable = lib.mkEnableOption "the Synergy server (send keyboard and mouse events)";
configFile = mkOption {
type = types.path;
configFile = lib.mkOption {
type = lib.types.path;
default = "/etc/synergy-server.conf";
description = "The Synergy server configuration file.";
};
screenName = mkOption {
type = types.str;
screenName = lib.mkOption {
type = lib.types.str;
default = "";
description = ''
Use the given name instead of the hostname to identify
this screen in the configuration.
'';
};
address = mkOption {
type = types.str;
address = lib.mkOption {
type = lib.types.str;
default = "";
description = "Address on which to listen for clients.";
};
autoStart = mkOption {
autoStart = lib.mkOption {
default = true;
type = types.bool;
type = lib.types.bool;
description = "Whether the Synergy server should be started automatically.";
};
tls = {
enable = mkOption {
type = types.bool;
enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Whether TLS encryption should be used.
@ -83,8 +80,8 @@ in
'';
};
cert = mkOption {
type = types.nullOr types.str;
cert = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
example = "~/.synergy/SSL/Synergy.pem";
description = "The TLS certificate to use for encryption.";
@ -98,24 +95,24 @@ in
###### implementation
config = mkMerge [
(mkIf cfgC.enable {
config = lib.mkMerge [
(lib.mkIf cfgC.enable {
systemd.user.services.synergy-client = {
after = [ "network.target" "graphical-session.target" ];
description = "Synergy client";
wantedBy = optional cfgC.autoStart "graphical-session.target";
wantedBy = lib.optional cfgC.autoStart "graphical-session.target";
path = [ pkgs.synergy ];
serviceConfig.ExecStart = ''${pkgs.synergy}/bin/synergyc -f ${optionalString (cfgC.screenName != "") "-n ${cfgC.screenName}"} ${cfgC.serverAddress}'';
serviceConfig.ExecStart = ''${pkgs.synergy}/bin/synergyc -f ${lib.optionalString (cfgC.screenName != "") "-n ${cfgC.screenName}"} ${cfgC.serverAddress}'';
serviceConfig.Restart = "on-failure";
};
})
(mkIf cfgS.enable {
(lib.mkIf cfgS.enable {
systemd.user.services.synergy-server = {
after = [ "network.target" "graphical-session.target" ];
description = "Synergy server";
wantedBy = optional cfgS.autoStart "graphical-session.target";
wantedBy = lib.optional cfgS.autoStart "graphical-session.target";
path = [ pkgs.synergy ];
serviceConfig.ExecStart = ''${pkgs.synergy}/bin/synergys -c ${cfgS.configFile} -f${optionalString (cfgS.address != "") " -a ${cfgS.address}"}${optionalString (cfgS.screenName != "") " -n ${cfgS.screenName}"}${optionalString cfgS.tls.enable " --enable-crypto"}${optionalString (cfgS.tls.cert != null) (" --tls-cert ${cfgS.tls.cert}")}'';
serviceConfig.ExecStart = ''${pkgs.synergy}/bin/synergys -c ${cfgS.configFile} -f${lib.optionalString (cfgS.address != "") " -a ${cfgS.address}"}${lib.optionalString (cfgS.screenName != "") " -n ${cfgS.screenName}"}${lib.optionalString cfgS.tls.enable " --enable-crypto"}${lib.optionalString (cfgS.tls.cert != null) (" --tls-cert ${cfgS.tls.cert}")}'';
serviceConfig.Restart = "on-failure";
};
})

24
nixos/modules/services/misc/tandoor-recipes.nix
View File

@ -1,6 +1,4 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.tandoor-recipes;
pkg = cfg.package;
@ -11,7 +9,7 @@ let
DEBUG = "0";
DEBUG_TOOLBAR = "0";
MEDIA_ROOT = "/var/lib/tandoor-recipes";
} // optionalAttrs (config.time.timeZone != null) {
} // lib.optionalAttrs (config.time.timeZone != null) {
TZ = config.time.timeZone;
} // (
lib.mapAttrs (_: toString) cfg.extraConfig
@ -27,10 +25,10 @@ let
'';
in
{
meta.maintainers = with maintainers; [ ambroisie ];
meta.maintainers = with lib.maintainers; [ ambroisie ];
options.services.tandoor-recipes = {
enable = mkOption {
enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
@ -45,20 +43,20 @@ in
'';
};
address = mkOption {
type = types.str;
address = lib.mkOption {
type = lib.types.str;
default = "localhost";
description = "Web interface address.";
};
port = mkOption {
type = types.port;
port = lib.mkOption {
type = lib.types.port;
default = 8080;
description = "Web interface port.";
};
extraConfig = mkOption {
type = types.attrs;
extraConfig = lib.mkOption {
type = lib.types.attrs;
default = { };
description = ''
Extra tandoor recipes config options.
@ -71,10 +69,10 @@ in
};
};
package = mkPackageOption pkgs "tandoor-recipes" { };
package = lib.mkPackageOption pkgs "tandoor-recipes" { };
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.services.tandoor-recipes = {
description = "Tandoor Recipes server";

39
nixos/modules/services/misc/tautulli.nix
View File

@ -1,60 +1,57 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.tautulli;
in
{
imports = [
(mkRenamedOptionModule [ "services" "plexpy" ] [ "services" "tautulli" ])
(lib.mkRenamedOptionModule [ "services" "plexpy" ] [ "services" "tautulli" ])
];
options = {
services.tautulli = {
enable = mkEnableOption "Tautulli Plex Monitor";
enable = lib.mkEnableOption "Tautulli Plex Monitor";
dataDir = mkOption {
type = types.str;
dataDir = lib.mkOption {
type = lib.types.str;
default = "/var/lib/plexpy";
description = "The directory where Tautulli stores its data files.";
};
configFile = mkOption {
type = types.str;
configFile = lib.mkOption {
type = lib.types.str;
default = "/var/lib/plexpy/config.ini";
description = "The location of Tautulli's config file.";
};
port = mkOption {
type = types.port;
port = lib.mkOption {
type = lib.types.port;
default = 8181;
description = "TCP port where Tautulli listens.";
};
openFirewall = mkOption {
type = types.bool;
openFirewall = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Open ports in the firewall for Tautulli.";
};
user = mkOption {
type = types.str;
user = lib.mkOption {
type = lib.types.str;
default = "plexpy";
description = "User account under which Tautulli runs.";
};
group = mkOption {
type = types.str;
group = lib.mkOption {
type = lib.types.str;
default = "nogroup";
description = "Group under which Tautulli runs.";
};
package = mkPackageOption pkgs "tautulli" { };
package = lib.mkPackageOption pkgs "tautulli" { };
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = [
"d '${cfg.dataDir}' - ${cfg.user} ${cfg.group} - -"
];
@ -73,9 +70,9 @@ in
};
};
networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.port ];
networking.firewall.allowedTCPPorts = lib.mkIf cfg.openFirewall [ cfg.port ];
users.users = mkIf (cfg.user == "plexpy") {
users.users = lib.mkIf (cfg.user == "plexpy") {
plexpy = { group = cfg.group; uid = config.ids.uids.plexpy; };
};
};

13
nixos/modules/services/misc/tiddlywiki.nix
View File

@ -1,11 +1,8 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.tiddlywiki;
listenParams = concatStrings (mapAttrsToList (n: v: " '${n}=${toString v}' ") cfg.listenOptions);
listenParams = lib.concatStrings (lib.mapAttrsToList (n: v: " '${n}=${toString v}' ") cfg.listenOptions);
exe = "${pkgs.nodePackages.tiddlywiki}/lib/node_modules/.bin/tiddlywiki";
name = "tiddlywiki";
dataDir = "/var/lib/" + name;
@ -14,10 +11,10 @@ in {
options.services.tiddlywiki = {
enable = mkEnableOption "TiddlyWiki nodejs server";
enable = lib.mkEnableOption "TiddlyWiki nodejs server";
listenOptions = mkOption {
type = types.attrs;
listenOptions = lib.mkOption {
type = lib.types.attrs;
default = {};
example = {
credentials = "../credentials.csv";
@ -32,7 +29,7 @@ in {
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd = {
services.tiddlywiki = {
description = "TiddlyWiki nodejs server";

21
nixos/modules/services/misc/tp-auto-kbbl.nix
View File

@ -1,28 +1,25 @@
{ config, lib, pkgs, ... }:
with lib;
let cfg = config.services.tp-auto-kbbl;
in {
meta.maintainers = with maintainers; [ sebtm ];
meta.maintainers = with lib.maintainers; [ sebtm ];
options = {
services.tp-auto-kbbl = {
enable = mkEnableOption "auto toggle keyboard back-lighting on Thinkpads (and maybe other laptops) for Linux";
enable = lib.mkEnableOption "auto toggle keyboard back-lighting on Thinkpads (and maybe other laptops) for Linux";
package = mkPackageOption pkgs "tp-auto-kbbl" { };
package = lib.mkPackageOption pkgs "tp-auto-kbbl" { };
arguments = mkOption {
type = types.listOf types.str;
arguments = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ ];
description = ''
List of arguments appended to `./tp-auto-kbbl --device [device] [arguments]`
'';
};
device = mkOption {
type = types.str;
device = lib.mkOption {
type = lib.types.str;
default = "/dev/input/event0";
description = "Device watched for activities.";
};
@ -30,12 +27,12 @@ in {
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
environment.systemPackages = [ cfg.package ];
systemd.services.tp-auto-kbbl = {
serviceConfig = {
ExecStart = concatStringsSep " "
ExecStart = lib.concatStringsSep " "
([ "${cfg.package}/bin/tp-auto-kbbl" "--device ${cfg.device}" ] ++ cfg.arguments);
Restart = "always";
Type = "simple";

21
nixos/modules/services/misc/tuxclocker.nix
View File

@ -1,23 +1,20 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.programs.tuxclocker;
in
{
options.programs.tuxclocker = {
enable = mkEnableOption ''
enable = lib.mkEnableOption ''
TuxClocker, a hardware control and monitoring program
'';
enableAMD = mkEnableOption ''
enableAMD = lib.mkEnableOption ''
AMD GPU controls.
Sets the `amdgpu.ppfeaturemask` kernel parameter to 0xfffd7fff to enable all TuxClocker controls
'';
enabledNVIDIADevices = mkOption {
type = types.listOf types.int;
enabledNVIDIADevices = lib.mkOption {
type = lib.types.listOf lib.types.int;
default = [ ];
example = [ 0 1 ];
description = ''
@ -26,8 +23,8 @@ in
'';
};
useUnfree = mkOption {
type = types.bool;
useUnfree = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = ''
@ -40,7 +37,7 @@ in
config = let
package = if cfg.useUnfree then pkgs.tuxclocker else pkgs.tuxclocker-without-unfree;
in
mkIf cfg.enable {
lib.mkIf cfg.enable {
environment.systemPackages = [
package
];
@ -62,10 +59,10 @@ in
EndSection
'');
in
concatStrings (map configSection cfg.enabledNVIDIADevices);
lib.concatStrings (map configSection cfg.enabledNVIDIADevices);
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/drivers/gpu/drm/amd/include/amd_shared.h#n207
# Enable everything modifiable in TuxClocker
boot.kernelParams = mkIf cfg.enableAMD [ "amdgpu.ppfeaturemask=0xfffd7fff" ];
boot.kernelParams = lib.mkIf cfg.enableAMD [ "amdgpu.ppfeaturemask=0xfffd7fff" ];
};
}

9
nixos/modules/services/misc/tzupdate.nix
View File

@ -1,13 +1,10 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.tzupdate;
in {
options.services.tzupdate = {
enable = mkOption {
type = types.bool;
enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Enable the tzupdate timezone updating service. This provides
@ -17,7 +14,7 @@ in {
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
# We need to have imperative time zone management for this to work.
# This will give users an error if they have set an explicit time
# zone, which is better than silently overriding it.

25
nixos/modules/services/misc/uhub.nix
View File

@ -1,7 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
settingsFormat = {
type = with lib.types; attrsOf (oneOf [ bool int str ]);
@ -13,21 +10,21 @@ let
in {
options = {
services.uhub = mkOption {
services.uhub = lib.mkOption {
default = { };
description = "Uhub ADC hub instances";
type = types.attrsOf (types.submodule {
type = lib.types.attrsOf (lib.types.submodule {
options = {
enable = mkEnableOption "hub instance" // { default = true; };
enable = lib.mkEnableOption "hub instance" // { default = true; };
enableTLS = mkOption {
type = types.bool;
enableTLS = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Whether to enable TLS support.";
};
settings = mkOption {
settings = lib.mkOption {
inherit (settingsFormat) type;
description = ''
Configuration of uhub.
@ -43,18 +40,18 @@ in {
};
};
plugins = mkOption {
plugins = lib.mkOption {
description = "Uhub plugin configuration.";
type = with types;
type = with lib.types;
listOf (submodule {
options = {
plugin = mkOption {
plugin = lib.mkOption {
type = path;
example = literalExpression
example = lib.literalExpression
"$${pkgs.uhub}/plugins/mod_auth_sqlite.so";
description = "Path to plugin file.";
};
settings = mkOption {
settings = lib.mkOption {
description = "Settings specific to this plugin.";
type = with types; attrsOf str;
example = { file = "/etc/uhub/users.db"; };

23
nixos/modules/services/misc/weechat.nix
View File

@ -1,34 +1,31 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.weechat;
in
{
options.services.weechat = {
enable = mkEnableOption "weechat";
root = mkOption {
enable = lib.mkEnableOption "weechat";
root = lib.mkOption {
description = "Weechat state directory.";
type = types.str;
type = lib.types.str;
default = "/var/lib/weechat";
};
sessionName = mkOption {
sessionName = lib.mkOption {
description = "Name of the `screen` session for weechat.";
default = "weechat-screen";
type = types.str;
type = lib.types.str;
};
binary = mkOption {
type = types.path;
binary = lib.mkOption {
type = lib.types.path;
description = "Binary to execute.";
default = "${pkgs.weechat}/bin/weechat";
defaultText = literalExpression ''"''${pkgs.weechat}/bin/weechat"'';
example = literalExpression ''"''${pkgs.weechat}/bin/weechat-headless"'';
defaultText = lib.literalExpression ''"''${pkgs.weechat}/bin/weechat"'';
example = lib.literalExpression ''"''${pkgs.weechat}/bin/weechat-headless"'';
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
users = {
groups.weechat = {};
users.weechat = {

16
nixos/modules/services/misc/xmrig.nix
View File

@ -1,28 +1,22 @@
{ config, pkgs, lib, ... }:
let
cfg = config.services.xmrig;
json = pkgs.formats.json { };
configFile = json.generate "config.json" cfg.settings;
in
with lib;
{
options = {
services.xmrig = {
enable = mkEnableOption "XMRig Mining Software";
enable = lib.mkEnableOption "XMRig Mining Software";
package = mkPackageOption pkgs "xmrig" {
package = lib.mkPackageOption pkgs "xmrig" {
example = "xmrig-mo";
};
settings = mkOption {
settings = lib.mkOption {
default = { };
type = json.type;
example = literalExpression ''
example = lib.literalExpression ''
{
autosave = true;
cpu = true;
@ -47,7 +41,7 @@ with lib;
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
hardware.cpu.x86.msr.enable = true;
systemd.services.xmrig = {

57
nixos/modules/services/misc/zookeeper.nix
View File

@ -1,7 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.zookeeper;
@ -24,31 +21,31 @@ let
in {
options.services.zookeeper = {
enable = mkEnableOption "Zookeeper";
enable = lib.mkEnableOption "Zookeeper";
port = mkOption {
port = lib.mkOption {
description = "Zookeeper Client port.";
default = 2181;
type = types.port;
type = lib.types.port;
};
id = mkOption {
id = lib.mkOption {
description = "Zookeeper ID.";
default = 0;
type = types.int;
type = lib.types.int;
};
purgeInterval = mkOption {
purgeInterval = lib.mkOption {
description = ''
The time interval in hours for which the purge task has to be triggered. Set to a positive integer (1 and above) to enable the auto purging.
'';
default = 1;
type = types.int;
type = lib.types.int;
};
extraConf = mkOption {
extraConf = lib.mkOption {
description = "Extra configuration for Zookeeper.";
type = types.lines;
type = lib.types.lines;
default = ''
initLimit=5
syncLimit=2
@ -56,10 +53,10 @@ in {
'';
};
servers = mkOption {
servers = lib.mkOption {
description = "All Zookeeper Servers.";
default = "";
type = types.lines;
type = lib.types.lines;
example = ''
server.0=host0:2888:3888
server.1=host1:2888:3888
@ -67,7 +64,7 @@ in {
'';
};
logging = mkOption {
logging = lib.mkOption {
description = "Zookeeper logging configuration.";
default = ''
zookeeper.root.logger=INFO, CONSOLE
@ -77,45 +74,45 @@ in {
log4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout
log4j.appender.CONSOLE.layout.ConversionPattern=[myid:%X{myid}] - %-5p [%t:%C{1}@%L] - %m%n
'';
type = types.lines;
type = lib.types.lines;
};
dataDir = mkOption {
type = types.path;
dataDir = lib.mkOption {
type = lib.types.path;
default = "/var/lib/zookeeper";
description = ''
Data directory for Zookeeper
'';
};
extraCmdLineOptions = mkOption {
extraCmdLineOptions = lib.mkOption {
description = "Extra command line options for the Zookeeper launcher.";
default = [ "-Dcom.sun.management.jmxremote" "-Dcom.sun.management.jmxremote.local.only=true" ];
type = types.listOf types.str;
type = lib.types.listOf lib.types.str;
example = [ "-Djava.net.preferIPv4Stack=true" "-Dcom.sun.management.jmxremote" "-Dcom.sun.management.jmxremote.local.only=true" ];
};
preferIPv4 = mkOption {
type = types.bool;
preferIPv4 = lib.mkOption {
type = lib.types.bool;
default = true;
description = ''
Add the -Djava.net.preferIPv4Stack=true flag to the Zookeeper server.
'';
};
package = mkPackageOption pkgs "zookeeper" { };
package = lib.mkPackageOption pkgs "zookeeper" { };
jre = mkOption {
jre = lib.mkOption {
description = "The JRE with which to run Zookeeper";
default = cfg.package.jre;
defaultText = literalExpression "pkgs.zookeeper.jre";
example = literalExpression "pkgs.jre";
type = types.package;
defaultText = lib.literalExpression "pkgs.zookeeper.jre";
example = lib.literalExpression "pkgs.jre";
type = lib.types.package;
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
environment.systemPackages = [cfg.package];
systemd.tmpfiles.rules = [
@ -131,9 +128,9 @@ in {
ExecStart = ''
${cfg.jre}/bin/java \
-cp "${cfg.package}/lib/*:${configDir}" \
${escapeShellArgs cfg.extraCmdLineOptions} \
${lib.escapeShellArgs cfg.extraCmdLineOptions} \
-Dzookeeper.datadir.autocreate=false \
${optionalString cfg.preferIPv4 "-Djava.net.preferIPv4Stack=true"} \
${lib.optionalString cfg.preferIPv4 "-Djava.net.preferIPv4Stack=true"} \
org.apache.zookeeper.server.quorum.QuorumPeerMain \
${configDir}/zoo.cfg
'';

45
nixos/modules/services/monitoring/alerta.nix
View File

@ -1,7 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.alerta;
@ -12,7 +9,7 @@ let
DATABASE_NAME = '${cfg.databaseName}'
LOG_FILE = '${cfg.logDir}/alertad.log'
LOG_FORMAT = '%(asctime)s - %(name)s - %(levelname)s - %(message)s'
CORS_ORIGINS = [ ${concatMapStringsSep ", " (s: "\"" + s + "\"") cfg.corsOrigins} ];
CORS_ORIGINS = [ ${lib.concatMapStringsSep ", " (s: "\"" + s + "\"") cfg.corsOrigins} ];
AUTH_REQUIRED = ${if cfg.authenticationRequired then "True" else "False"}
SIGNUP_ENABLED = ${if cfg.signupEnabled then "True" else "False"}
${cfg.extraConfig}
@ -21,64 +18,64 @@ let
in
{
options.services.alerta = {
enable = mkEnableOption "alerta";
enable = lib.mkEnableOption "alerta";
port = mkOption {
type = types.port;
port = lib.mkOption {
type = lib.types.port;
default = 5000;
description = "Port of Alerta";
};
bind = mkOption {
type = types.str;
bind = lib.mkOption {
type = lib.types.str;
default = "0.0.0.0";
description = "Address to bind to. The default is to bind to all addresses";
};
logDir = mkOption {
type = types.path;
logDir = lib.mkOption {
type = lib.types.path;
description = "Location where the logfiles are stored";
default = "/var/log/alerta";
};
databaseUrl = mkOption {
type = types.str;
databaseUrl = lib.mkOption {
type = lib.types.str;
description = "URL of the MongoDB or PostgreSQL database to connect to";
default = "mongodb://localhost";
};
databaseName = mkOption {
type = types.str;
databaseName = lib.mkOption {
type = lib.types.str;
description = "Name of the database instance to connect to";
default = "monitoring";
};
corsOrigins = mkOption {
type = types.listOf types.str;
corsOrigins = lib.mkOption {
type = lib.types.listOf lib.types.str;
description = "List of URLs that can access the API for Cross-Origin Resource Sharing (CORS)";
default = [ "http://localhost" "http://localhost:5000" ];
};
authenticationRequired = mkOption {
type = types.bool;
authenticationRequired = lib.mkOption {
type = lib.types.bool;
description = "Whether users must authenticate when using the web UI or command-line tool";
default = false;
};
signupEnabled = mkOption {
type = types.bool;
signupEnabled = lib.mkOption {
type = lib.types.bool;
description = "Whether to prevent sign-up of new users via the web UI";
default = true;
};
extraConfig = mkOption {
extraConfig = lib.mkOption {
description = "These lines go into alertad.conf verbatim.";
default = "";
type = types.lines;
type = lib.types.lines;
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.tmpfiles.settings."10-alerta".${cfg.logDir}.d = {
user = "alerta";
group = "alerta";

15
nixos/modules/services/monitoring/alloy.nix
View File

@ -1,19 +1,18 @@
{ lib, pkgs, config, ... }:
with lib;
let
cfg = config.services.alloy;
in
{
meta = {
maintainers = with maintainers; [ flokli hbjydev ];
maintainers = with lib.maintainers; [ flokli hbjydev ];
};
options.services.alloy = {
enable = mkEnableOption "Grafana Alloy";
enable = lib.mkEnableOption "Grafana Alloy";
package = mkPackageOption pkgs "grafana-alloy" { };
package = lib.mkPackageOption pkgs "grafana-alloy" { };
configPath = mkOption {
configPath = lib.mkOption {
type = lib.types.path;
default = "/etc/alloy";
description = ''
@ -43,7 +42,7 @@ in
'';
};
extraFlags = mkOption {
extraFlags = lib.mkOption {
type = with lib.types; listOf str;
default = [ ];
example = [ "--server.http.listen-addr=127.0.0.1:12346" "--disable-reporting" ];
@ -56,7 +55,7 @@ in
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.services.alloy = {
wantedBy = [ "multi-user.target" ];
reloadTriggers = [ config.environment.etc."alloy/config.alloy".source or null ];
@ -68,7 +67,7 @@ in
# allow to read the systemd journal for loki log forwarding
"systemd-journal"
];
ExecStart = "${lib.getExe cfg.package} run ${cfg.configPath} ${escapeShellArgs cfg.extraFlags}";
ExecStart = "${lib.getExe cfg.package} run ${cfg.configPath} ${lib.escapeShellArgs cfg.extraFlags}";
ExecReload = "${pkgs.coreutils}/bin/kill -SIGHUP $MAINPID";
ConfigurationDirectory = "alloy";
StateDirectory = "alloy";

21
nixos/modules/services/monitoring/apcupsd.nix
View File

@ -1,7 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.apcupsd;
@ -58,7 +55,7 @@ let
rm "$out/apcupsd.conf"
# Set the SCRIPTDIR= line in apccontrol to the dir we're creating now
sed -i -e "s|^SCRIPTDIR=.*|SCRIPTDIR=$out|" "$out/apccontrol"
'' + concatStringsSep "\n" (map eventToShellCmds eventList)
'' + lib.concatStringsSep "\n" (map eventToShellCmds eventList)
);
@ -87,9 +84,9 @@ in
services.apcupsd = {
enable = mkOption {
enable = lib.mkOption {
default = false;
type = types.bool;
type = lib.types.bool;
description = ''
Whether to enable the APC UPS daemon. apcupsd monitors your UPS and
permits orderly shutdown of your computer in the event of a power
@ -99,14 +96,14 @@ in
'';
};
configText = mkOption {
configText = lib.mkOption {
default = ''
UPSTYPE usb
NISIP 127.0.0.1
BATTERYLEVEL 50
MINUTES 5
'';
type = types.lines;
type = lib.types.lines;
description = ''
Contents of the runtime configuration file, apcupsd.conf. The default
settings makes apcupsd autodetect USB UPSes, limit network access to
@ -116,12 +113,12 @@ in
'';
};
hooks = mkOption {
hooks = lib.mkOption {
default = {};
example = {
doshutdown = "# shell commands to notify that the computer is shutting down";
};
type = types.attrsOf types.lines;
type = lib.types.attrsOf lib.types.lines;
description = ''
Each attribute in this option names an apcupsd event and the string
value it contains will be executed in a shell, in response to that
@ -141,10 +138,10 @@ in
###### implementation
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
assertions = [ {
assertion = let hooknames = builtins.attrNames cfg.hooks; in all (x: elem x eventList) hooknames;
assertion = let hooknames = builtins.attrNames cfg.hooks; in lib.all (x: lib.elem x eventList) hooknames;
message = ''
One (or more) attribute names in services.apcupsd.hooks are invalid.
Current attribute names: ${toString (builtins.attrNames cfg.hooks)}

17
nixos/modules/services/monitoring/arbtt.nix
View File

@ -1,18 +1,15 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.arbtt;
in {
options = {
services.arbtt = {
enable = mkEnableOption "Arbtt statistics capture service";
enable = lib.mkEnableOption "Arbtt statistics capture service";
package = mkPackageOption pkgs [ "haskellPackages" "arbtt" ] { };
package = lib.mkPackageOption pkgs [ "haskellPackages" "arbtt" ] { };
logFile = mkOption {
type = types.str;
logFile = lib.mkOption {
type = lib.types.str;
default = "%h/.arbtt/capture.log";
example = "/home/username/.arbtt-capture.log";
description = ''
@ -20,8 +17,8 @@ in {
'';
};
sampleRate = mkOption {
type = types.int;
sampleRate = lib.mkOption {
type = lib.types.int;
default = 60;
example = 120;
description = ''
@ -31,7 +28,7 @@ in {
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.user.services.arbtt = {
description = "arbtt statistics capture service";
wantedBy = [ "graphical-session.target" ];

41
nixos/modules/services/monitoring/below.nix
View File

@ -1,32 +1,31 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.below;
cfgContents = concatStringsSep "\n" (
mapAttrsToList (n: v: ''${n} = "${v}"'') (filterAttrs (_k: v: v != null) {
cfgContents = lib.concatStringsSep "\n" (
lib.mapAttrsToList (n: v: ''${n} = "${v}"'') (lib.filterAttrs (_k: v: v != null) {
log_dir = cfg.dirs.log;
store_dir = cfg.dirs.store;
cgroup_filter_out = cfg.cgroupFilterOut;
})
);
mkDisableOption = n: mkOption {
type = types.bool;
mkDisableOption = n: lib.mkOption {
type = lib.types.bool;
default = true;
description = "Whether to enable ${n}.";
};
optionalType = ty: x: mkOption (x // {
optionalType = ty: x: lib.mkOption (x // {
description = x.description;
type = (types.nullOr ty);
type = (lib.types.nullOr ty);
default = null;
});
optionalPath = optionalType types.path;
optionalStr = optionalType types.str;
optionalInt = optionalType types.int;
optionalPath = optionalType lib.types.path;
optionalStr = optionalType lib.types.str;
optionalInt = optionalType lib.types.int;
in {
options = {
services.below = {
enable = mkEnableOption "'below' resource monitor";
enable = lib.mkEnableOption "'below' resource monitor";
cgroupFilterOut = optionalStr {
description = "A regexp matching the full paths of cgroups whose data shouldn't be collected";
@ -34,10 +33,10 @@ in {
};
collect = {
diskStats = mkDisableOption "dist_stat collection";
ioStats = mkEnableOption "io.stat collection for cgroups";
ioStats = lib.mkEnableOption "io.stat collection for cgroups";
exitStats = mkDisableOption "eBPF-based exitstats";
};
compression.enable = mkEnableOption "data compression";
compression.enable = lib.mkEnableOption "data compression";
retention = {
size = optionalInt {
description = ''
@ -75,7 +74,7 @@ in {
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
environment.systemPackages = [ pkgs.below ];
# /etc/below.conf is also refered to by the `below` CLI tool,
# so this can't be a store-only file whose path is passed to the service
@ -90,14 +89,14 @@ in {
serviceConfig.ExecStart = [
""
("${lib.getExe pkgs.below} record " + (concatStringsSep " " (
optional (!cfg.collect.diskStats) "--disable-disk-stat" ++
optional cfg.collect.ioStats "--collect-io-stat" ++
optional (!cfg.collect.exitStats) "--disable-exitstats" ++
optional cfg.compression.enable "--compress" ++
("${lib.getExe pkgs.below} record " + (lib.concatStringsSep " " (
lib.optional (!cfg.collect.diskStats) "--disable-disk-stat" ++
lib.optional cfg.collect.ioStats "--collect-io-stat" ++
lib.optional (!cfg.collect.exitStats) "--disable-exitstats" ++
lib.optional cfg.compression.enable "--compress" ++
optional (cfg.retention.size != null) "--store-size-limit ${toString cfg.retention.size}" ++
optional (cfg.retention.time != null) "--retain-for-s ${toString cfg.retention.time}"
lib.optional (cfg.retention.size != null) "--store-size-limit ${toString cfg.retention.size}" ++
lib.optional (cfg.retention.time != null) "--retain-for-s ${toString cfg.retention.time}"
)))
];
};

49
nixos/modules/services/monitoring/bosun.nix
View File

@ -1,13 +1,10 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.bosun;
configFile = pkgs.writeText "bosun.conf" ''
${optionalString (cfg.opentsdbHost !=null) "tsdbHost = ${cfg.opentsdbHost}"}
${optionalString (cfg.influxHost !=null) "influxHost = ${cfg.influxHost}"}
${lib.optionalString (cfg.opentsdbHost !=null) "tsdbHost = ${cfg.opentsdbHost}"}
${lib.optionalString (cfg.influxHost !=null) "influxHost = ${cfg.influxHost}"}
httpListen = ${cfg.listenAddress}
stateFile = ${cfg.stateFile}
ledisDir = ${cfg.ledisDir}
@ -22,28 +19,28 @@ in {
services.bosun = {
enable = mkEnableOption "bosun";
enable = lib.mkEnableOption "bosun";
package = mkPackageOption pkgs "bosun" { };
package = lib.mkPackageOption pkgs "bosun" { };
user = mkOption {
type = types.str;
user = lib.mkOption {
type = lib.types.str;
default = "bosun";
description = ''
User account under which bosun runs.
'';
};
group = mkOption {
type = types.str;
group = lib.mkOption {
type = lib.types.str;
default = "bosun";
description = ''
Group account under which bosun runs.
'';
};
opentsdbHost = mkOption {
type = types.nullOr types.str;
opentsdbHost = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = "localhost:4242";
description = ''
Host and port of the OpenTSDB database that stores bosun data.
@ -51,8 +48,8 @@ in {
'';
};
influxHost = mkOption {
type = types.nullOr types.str;
influxHost = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
example = "localhost:8086";
description = ''
@ -60,40 +57,40 @@ in {
'';
};
listenAddress = mkOption {
type = types.str;
listenAddress = lib.mkOption {
type = lib.types.str;
default = ":8070";
description = ''
The host address and port that bosun's web interface will listen on.
'';
};
stateFile = mkOption {
type = types.path;
stateFile = lib.mkOption {
type = lib.types.path;
default = "/var/lib/bosun/bosun.state";
description = ''
Path to bosun's state file.
'';
};
ledisDir = mkOption {
type = types.path;
ledisDir = lib.mkOption {
type = lib.types.path;
default = "/var/lib/bosun/ledis_data";
description = ''
Path to bosun's ledis data dir
'';
};
checkFrequency = mkOption {
type = types.str;
checkFrequency = lib.mkOption {
type = lib.types.str;
default = "5m";
description = ''
Bosun's check frequency
'';
};
extraConfig = mkOption {
type = types.lines;
extraConfig = lib.mkOption {
type = lib.types.lines;
default = "";
description = ''
Extra configuration options for Bosun. You should describe your
@ -109,7 +106,7 @@ in {
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.services.bosun = {
description = "bosun metrics collector (part of Bosun)";

63
nixos/modules/services/monitoring/cadvisor.nix
View File

@ -1,55 +1,52 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.cadvisor;
in {
options = {
services.cadvisor = {
enable = mkEnableOption "Cadvisor service";
enable = lib.mkEnableOption "Cadvisor service";
listenAddress = mkOption {
listenAddress = lib.mkOption {
default = "127.0.0.1";
type = types.str;
type = lib.types.str;
description = "Cadvisor listening host";
};
port = mkOption {
port = lib.mkOption {
default = 8080;
type = types.port;
type = lib.types.port;
description = "Cadvisor listening port";
};
storageDriver = mkOption {
storageDriver = lib.mkOption {
default = null;
type = types.nullOr types.str;
type = lib.types.nullOr lib.types.str;
example = "influxdb";
description = "Cadvisor storage driver.";
};
storageDriverHost = mkOption {
storageDriverHost = lib.mkOption {
default = "localhost:8086";
type = types.str;
type = lib.types.str;
description = "Cadvisor storage driver host.";
};
storageDriverDb = mkOption {
storageDriverDb = lib.mkOption {
default = "root";
type = types.str;
type = lib.types.str;
description = "Cadvisord storage driver database name.";
};
storageDriverUser = mkOption {
storageDriverUser = lib.mkOption {
default = "root";
type = types.str;
type = lib.types.str;
description = "Cadvisor storage driver username.";
};
storageDriverPassword = mkOption {
storageDriverPassword = lib.mkOption {
default = "root";
type = types.str;
type = lib.types.str;
description = ''
Cadvisor storage driver password.
@ -60,8 +57,8 @@ in {
'';
};
storageDriverPasswordFile = mkOption {
type = types.str;
storageDriverPasswordFile = lib.mkOption {
type = lib.types.str;
description = ''
File that contains the cadvisor storage driver password.
@ -75,14 +72,14 @@ in {
'';
};
storageDriverSecure = mkOption {
storageDriverSecure = lib.mkOption {
default = false;
type = types.bool;
type = lib.types.bool;
description = "Cadvisor storage driver, enable secure communication.";
};
extraOptions = mkOption {
type = types.listOf types.str;
extraOptions = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [];
description = ''
Additional cadvisor options.
@ -93,23 +90,23 @@ in {
};
};
config = mkMerge [
{ services.cadvisor.storageDriverPasswordFile = mkIf (cfg.storageDriverPassword != "") (
mkDefault (toString (pkgs.writeTextFile {
config = lib.mkMerge [
{ services.cadvisor.storageDriverPasswordFile = lib.mkIf (cfg.storageDriverPassword != "") (
lib.mkDefault (toString (pkgs.writeTextFile {
name = "cadvisor-storage-driver-password";
text = cfg.storageDriverPassword;
}))
);
}
(mkIf cfg.enable {
(lib.mkIf cfg.enable {
systemd.services.cadvisor = {
wantedBy = [ "multi-user.target" ];
after = [ "network.target" "docker.service" "influxdb.service" ];
path = optionals config.boot.zfs.enabled [ pkgs.zfs ];
path = lib.optionals config.boot.zfs.enabled [ pkgs.zfs ];
postStart = mkBefore ''
postStart = lib.mkBefore ''
until ${pkgs.curl.bin}/bin/curl -s -o /dev/null 'http://${cfg.listenAddress}:${toString cfg.port}/containers/'; do
sleep 1;
done
@ -120,14 +117,14 @@ in {
-logtostderr=true \
-listen_ip="${cfg.listenAddress}" \
-port="${toString cfg.port}" \
${escapeShellArgs cfg.extraOptions} \
${optionalString (cfg.storageDriver != null) ''
${lib.escapeShellArgs cfg.extraOptions} \
${lib.optionalString (cfg.storageDriver != null) ''
-storage_driver "${cfg.storageDriver}" \
-storage_driver_host "${cfg.storageDriverHost}" \
-storage_driver_db "${cfg.storageDriverDb}" \
-storage_driver_user "${cfg.storageDriverUser}" \
-storage_driver_password "$(cat "${cfg.storageDriverPasswordFile}")" \
${optionalString cfg.storageDriverSecure "-storage_driver_secure"}
${lib.optionalString cfg.storageDriverSecure "-storage_driver_secure"}
''}
'';

37
nixos/modules/services/monitoring/collectd.nix
View File

@ -1,7 +1,4 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.collectd;
@ -28,10 +25,10 @@ let
};
in {
options.services.collectd = with types; {
enable = mkEnableOption "collectd agent";
options.services.collectd = with lib.types; {
enable = lib.mkEnableOption "collectd agent";
validateConfig = mkOption {
validateConfig = lib.mkOption {
default = true;
description = ''
Validate the syntax of collectd configuration file at build time.
@ -41,9 +38,9 @@ in {
type = types.bool;
};
package = mkPackageOption pkgs "collectd" { };
package = lib.mkPackageOption pkgs "collectd" { };
buildMinimalPackage = mkOption {
buildMinimalPackage = lib.mkOption {
default = false;
description = ''
Build a minimal collectd package with only the configured `services.collectd.plugins`
@ -51,7 +48,7 @@ in {
type = bool;
};
user = mkOption {
user = lib.mkOption {
default = "collectd";
description = ''
User under which to run collectd.
@ -59,7 +56,7 @@ in {
type = nullOr str;
};
dataDir = mkOption {
dataDir = lib.mkOption {
default = "/var/lib/collectd";
description = ''
Data directory for collectd agent.
@ -67,7 +64,7 @@ in {
type = path;
};
autoLoadPlugin = mkOption {
autoLoadPlugin = lib.mkOption {
default = false;
description = ''
Enable plugin autoloading.
@ -75,7 +72,7 @@ in {
type = bool;
};
include = mkOption {
include = lib.mkOption {
default = [];
description = ''
Additional paths to load config from.
@ -83,7 +80,7 @@ in {
type = listOf str;
};
plugins = mkOption {
plugins = lib.mkOption {
default = {};
example = { cpu = ""; memory = ""; network = "Server 192.168.1.1 25826"; };
description = ''
@ -92,7 +89,7 @@ in {
type = attrsOf lines;
};
extraConfig = mkOption {
extraConfig = lib.mkOption {
default = "";
description = ''
Extra configuration for collectd. Use mkBefore to add lines before the
@ -103,11 +100,11 @@ in {
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
# 1200 is after the default (1000) but before mkAfter (1500).
services.collectd.extraConfig = lib.mkOrder 1200 ''
${baseDirLine}
AutoLoadPlugin ${boolToString cfg.autoLoadPlugin}
AutoLoadPlugin ${lib.boolToString cfg.autoLoadPlugin}
Hostname "${config.networking.hostName}"
LoadPlugin syslog
@ -116,14 +113,14 @@ in {
NotifyLevel "OKAY"
</Plugin>
${concatStrings (mapAttrsToList (plugin: pluginConfig: ''
${lib.concatStrings (lib.mapAttrsToList (plugin: pluginConfig: ''
LoadPlugin ${plugin}
<Plugin "${plugin}">
${pluginConfig}
</Plugin>
'') cfg.plugins)}
${concatMapStrings (f: ''
${lib.concatMapStrings (f: ''
Include "${f}"
'') cfg.include}
'';
@ -145,14 +142,14 @@ in {
};
};
users.users = optionalAttrs (cfg.user == "collectd") {
users.users = lib.optionalAttrs (cfg.user == "collectd") {
collectd = {
isSystemUser = true;
group = "collectd";
};
};
users.groups = optionalAttrs (cfg.user == "collectd") {
users.groups = lib.optionalAttrs (cfg.user == "collectd") {
collectd = {};
};
};

7
nixos/modules/services/monitoring/das_watchdog.nix
View File

@ -1,9 +1,6 @@
# A general watchdog for the linux operating system that should run in the
# background at all times to ensure a realtime process won't hang the machine
{ config, lib, pkgs, ... }:
with lib;
let
inherit (pkgs) das_watchdog;
@ -12,12 +9,12 @@ in {
###### interface
options = {
services.das_watchdog.enable = mkEnableOption "realtime watchdog";
services.das_watchdog.enable = lib.mkEnableOption "realtime watchdog";
};
###### implementation
config = mkIf config.services.das_watchdog.enable {
config = lib.mkIf config.services.das_watchdog.enable {
environment.systemPackages = [ das_watchdog ];
systemd.services.das_watchdog = {
description = "Watchdog to ensure a realtime process won't hang the machine";

89
nixos/modules/services/monitoring/datadog-agent.nix
View File

@ -1,7 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.datadog-agent;
@ -11,19 +8,19 @@ let
additional_checksd = "/etc/datadog-agent/checks.d";
use_dogstatsd = true;
}
// optionalAttrs (cfg.logLevel != null) { log_level = cfg.logLevel; }
// optionalAttrs (cfg.hostname != null) { inherit (cfg) hostname; }
// optionalAttrs (cfg.ddUrl != null) { dd_url = cfg.ddUrl; }
// optionalAttrs (cfg.site != null) { site = cfg.site; }
// optionalAttrs (cfg.tags != null ) { tags = concatStringsSep ", " cfg.tags; }
// optionalAttrs (cfg.enableLiveProcessCollection) { process_config = { enabled = "true"; }; }
// optionalAttrs (cfg.enableTraceAgent) { apm_config = { enabled = true; }; }
// lib.optionalAttrs (cfg.logLevel != null) { log_level = cfg.logLevel; }
// lib.optionalAttrs (cfg.hostname != null) { inherit (cfg) hostname; }
// lib.optionalAttrs (cfg.ddUrl != null) { dd_url = cfg.ddUrl; }
// lib.optionalAttrs (cfg.site != null) { site = cfg.site; }
// lib.optionalAttrs (cfg.tags != null ) { tags = lib.concatStringsSep ", " cfg.tags; }
// lib.optionalAttrs (cfg.enableLiveProcessCollection) { process_config = { enabled = "true"; }; }
// lib.optionalAttrs (cfg.enableTraceAgent) { apm_config = { enabled = true; }; }
// cfg.extraConfig;
# Generate Datadog configuration files for each configured checks.
# This works because check configurations have predictable paths,
# and because JSON is a valid subset of YAML.
makeCheckConfigs = entries: mapAttrs' (name: conf: {
makeCheckConfigs = entries: lib.mapAttrs' (name: conf: {
name = "datadog-agent/conf.d/${name}.d/conf.yaml";
value.source = pkgs.writeText "${name}-check-conf.yaml" (builtins.toJSON conf);
}) entries;
@ -49,9 +46,9 @@ let
};
in {
options.services.datadog-agent = {
enable = mkEnableOption "Datadog-agent v7 monitoring service";
enable = lib.mkEnableOption "Datadog-agent v7 monitoring service";
package = mkPackageOption pkgs "datadog-agent" {
package = lib.mkPackageOption pkgs "datadog-agent" {
extraDescription = ''
::: {.note}
The provided package is expected to have an overridable `pythonPackages`-attribute
@ -60,16 +57,16 @@ in {
'';
};
apiKeyFile = mkOption {
apiKeyFile = lib.mkOption {
description = ''
Path to a file containing the Datadog API key to associate the
agent with your account.
'';
example = "/run/keys/datadog_api_key";
type = types.path;
type = lib.types.path;
};
ddUrl = mkOption {
ddUrl = lib.mkOption {
description = ''
Custom dd_url to configure the agent with. Useful if traffic to datadog
needs to go through a proxy.
@ -77,42 +74,42 @@ in {
'';
default = null;
example = "http://haproxy.example.com:3834";
type = types.nullOr types.str;
type = lib.types.nullOr lib.types.str;
};
site = mkOption {
site = lib.mkOption {
description = ''
The datadog site to point the agent towards.
Set to datadoghq.eu to point it to their EU site.
'';
default = null;
example = "datadoghq.eu";
type = types.nullOr types.str;
type = lib.types.nullOr lib.types.str;
};
tags = mkOption {
tags = lib.mkOption {
description = "The tags to mark this Datadog agent";
example = [ "test" "service" ];
default = null;
type = types.nullOr (types.listOf types.str);
type = lib.types.nullOr (lib.types.listOf lib.types.str);
};
hostname = mkOption {
hostname = lib.mkOption {
description = "The hostname to show in the Datadog dashboard (optional)";
default = null;
example = "mymachine.mydomain";
type = types.nullOr types.str;
type = lib.types.nullOr lib.types.str;
};
logLevel = mkOption {
logLevel = lib.mkOption {
description = "Logging verbosity.";
default = null;
type = types.nullOr (types.enum ["DEBUG" "INFO" "WARN" "ERROR"]);
type = lib.types.nullOr (lib.types.enum ["DEBUG" "INFO" "WARN" "ERROR"]);
};
extraIntegrations = mkOption {
extraIntegrations = lib.mkOption {
default = {};
type = types.attrs;
type = lib.types.attrs;
description = ''
Extra integrations from the Datadog core-integrations
@ -126,51 +123,51 @@ in {
package set must be provided.
'';
example = literalExpression ''
example = lib.literalExpression ''
{
ntp = pythonPackages: [ pythonPackages.ntplib ];
}
'';
};
extraConfig = mkOption {
extraConfig = lib.mkOption {
default = {};
type = types.attrs;
type = lib.types.attrs;
description = ''
Extra configuration options that will be merged into the
main config file {file}`datadog.yaml`.
'';
};
enableLiveProcessCollection = mkOption {
enableLiveProcessCollection = lib.mkOption {
description = ''
Whether to enable the live process collection agent.
'';
default = false;
type = types.bool;
type = lib.types.bool;
};
processAgentPackage = mkOption {
processAgentPackage = lib.mkOption {
default = pkgs.datadog-process-agent;
defaultText = literalExpression "pkgs.datadog-process-agent";
defaultText = lib.literalExpression "pkgs.datadog-process-agent";
description = ''
Which DataDog v7 agent package to use. Note that the provided
package is expected to have an overridable `pythonPackages`-attribute
which configures the Python environment with the Datadog
checks.
'';
type = types.package;
type = lib.types.package;
};
enableTraceAgent = mkOption {
enableTraceAgent = lib.mkOption {
description = ''
Whether to enable the trace agent.
'';
default = false;
type = types.bool;
type = lib.types.bool;
};
checks = mkOption {
checks = lib.mkOption {
description = ''
Configuration for all Datadog checks. Keys of this attribute
set will be used as the name of the check to create the
@ -206,21 +203,21 @@ in {
# sic! The structure of the values is up to the check, so we can
# not usefully constrain the type further.
type = with types; attrsOf attrs;
type = with lib.types; attrsOf attrs;
};
diskCheck = mkOption {
diskCheck = lib.mkOption {
description = "Disk check config";
type = types.attrs;
type = lib.types.attrs;
default = {
init_config = {};
instances = [ { use_mount = "false"; } ];
};
};
networkCheck = mkOption {
networkCheck = lib.mkOption {
description = "Network check config";
type = types.attrs;
type = lib.types.attrs;
default = {
init_config = {};
# Network check only supports one configured instance
@ -229,7 +226,7 @@ in {
};
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
environment.systemPackages = [ datadogPkg pkgs.sysstat pkgs.procps pkgs.iproute2 ];
users.users.datadog = {
@ -243,7 +240,7 @@ in {
users.groups.datadog.gid = config.ids.gids.datadog;
systemd.services = let
makeService = attrs: recursiveUpdate {
makeService = attrs: lib.recursiveUpdate {
path = [ datadogPkg pkgs.sysstat pkgs.procps pkgs.iproute2 ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
@ -252,7 +249,7 @@ in {
Restart = "always";
RestartSec = 2;
};
restartTriggers = [ datadogPkg ] ++ map (x: x.source) (attrValues etcfiles);
restartTriggers = [ datadogPkg ] ++ map (x: x.source) (lib.attrValues etcfiles);
} attrs;
in {
datadog-agent = makeService {

7
nixos/modules/services/monitoring/do-agent.nix
View File

@ -1,17 +1,14 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.do-agent;
in
{
options.services.do-agent = {
enable = mkEnableOption "do-agent, the DigitalOcean droplet metrics agent";
enable = lib.mkEnableOption "do-agent, the DigitalOcean droplet metrics agent";
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.packages = [ pkgs.do-agent ];
systemd.services.do-agent = {

17
nixos/modules/services/monitoring/fusion-inventory.nix
View File

@ -1,13 +1,10 @@
# Fusion Inventory daemon.
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.fusionInventory;
configFile = pkgs.writeText "fusion_inventory.conf" ''
server = ${concatStringsSep ", " cfg.servers}
server = ${lib.concatStringsSep ", " cfg.servers}
logger = stderr
@ -22,18 +19,18 @@ in {
services.fusionInventory = {
enable = mkEnableOption "Fusion Inventory Agent";
enable = lib.mkEnableOption "Fusion Inventory Agent";
servers = mkOption {
type = types.listOf types.str;
servers = lib.mkOption {
type = lib.types.listOf lib.types.str;
description = ''
The urls of the OCS/GLPI servers to connect to.
'';
};
extraConfig = mkOption {
extraConfig = lib.mkOption {
default = "";
type = types.lines;
type = lib.types.lines;
description = ''
Configuration that is injected verbatim into the configuration file.
'';
@ -44,7 +41,7 @@ in {
###### implementation
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
users.users.fusion-inventory = {
description = "FusionInventory user";

33
nixos/modules/services/monitoring/grafana-agent.nix
View File

@ -1,5 +1,4 @@
{ lib, pkgs, config, generators, ... }:
with lib;
let
cfg = config.services.grafana-agent;
settingsFormat = pkgs.formats.yaml { };
@ -7,19 +6,19 @@ let
in
{
meta = {
maintainers = with maintainers; [ flokli zimbatm ];
maintainers = with lib.maintainers; [ flokli zimbatm ];
};
options.services.grafana-agent = {
enable = mkEnableOption "grafana-agent";
enable = lib.mkEnableOption "grafana-agent";
package = mkPackageOption pkgs "grafana-agent" { };
package = lib.mkPackageOption pkgs "grafana-agent" { };
credentials = mkOption {
credentials = lib.mkOption {
description = ''
Credentials to load at service startup. Keys that are UPPER_SNAKE will be loaded as env vars. Values are absolute paths to the credentials.
'';
type = types.attrsOf types.str;
type = lib.types.attrsOf lib.types.str;
default = { };
example = {
@ -32,8 +31,8 @@ in
};
};
extraFlags = mkOption {
type = with types; listOf str;
extraFlags = lib.mkOption {
type = with lib.types; listOf str;
default = [ ];
example = [ "-enable-features=integrations-next" "-disable-reporting" ];
description = ''
@ -43,14 +42,14 @@ in
'';
};
settings = mkOption {
settings = lib.mkOption {
description = ''
Configuration for {command}`grafana-agent`.
See <https://grafana.com/docs/agent/latest/configuration/>
'';
type = types.submodule {
type = lib.types.submodule {
freeformType = settingsFormat.type;
};
@ -110,17 +109,17 @@ in
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
services.grafana-agent.settings = {
# keep this in sync with config.services.grafana-agent.settings.defaultText.
metrics = {
wal_directory = mkDefault "\${STATE_DIRECTORY}";
global.scrape_interval = mkDefault "5s";
wal_directory = lib.mkDefault "\${STATE_DIRECTORY}";
global.scrape_interval = lib.mkDefault "5s";
};
integrations = {
agent.enabled = mkDefault true;
agent.scrape_integration = mkDefault true;
node_exporter.enabled = mkDefault true;
agent.enabled = lib.mkDefault true;
agent.scrape_integration = lib.mkDefault true;
node_exporter.enabled = lib.mkDefault true;
};
};
@ -144,7 +143,7 @@ in
# We can't use Environment=HOSTNAME=%H, as it doesn't include the domain part.
export HOSTNAME=$(< /proc/sys/kernel/hostname)
exec ${lib.getExe cfg.package} -config.expand-env -config.file ${configFile} ${escapeShellArgs cfg.extraFlags}
exec ${lib.getExe cfg.package} -config.expand-env -config.file ${configFile} ${lib.escapeShellArgs cfg.extraFlags}
'';
serviceConfig = {
Restart = "always";

55
nixos/modules/services/monitoring/grafana-image-renderer.nix
View File

@ -1,7 +1,4 @@
{ lib, pkgs, config, ... }:
with lib;
let
cfg = config.services.grafana-image-renderer;
@ -10,34 +7,34 @@ let
configFile = format.generate "grafana-image-renderer-config.json" cfg.settings;
in {
options.services.grafana-image-renderer = {
enable = mkEnableOption "grafana-image-renderer";
enable = lib.mkEnableOption "grafana-image-renderer";
chromium = mkOption {
type = types.package;
chromium = lib.mkOption {
type = lib.types.package;
description = ''
The chromium to use for image rendering.
'';
};
verbose = mkEnableOption "verbosity for the service";
verbose = lib.mkEnableOption "verbosity for the service";
provisionGrafana = mkEnableOption "Grafana configuration for grafana-image-renderer";
provisionGrafana = lib.mkEnableOption "Grafana configuration for grafana-image-renderer";
settings = mkOption {
type = types.submodule {
settings = lib.mkOption {
type = lib.types.submodule {
freeformType = format.type;
options = {
service = {
port = mkOption {
type = types.port;
port = lib.mkOption {
type = lib.types.port;
default = 8081;
description = ''
The TCP port to use for the rendering server.
'';
};
logging.level = mkOption {
type = types.enum [ "error" "warning" "info" "debug" ];
logging.level = lib.mkOption {
type = lib.types.enum [ "error" "warning" "info" "debug" ];
default = "info";
description = ''
The log-level of the {file}`grafana-image-renderer.service`-unit.
@ -45,23 +42,23 @@ in {
};
};
rendering = {
width = mkOption {
width = lib.mkOption {
default = 1000;
type = types.ints.positive;
type = lib.types.ints.positive;
description = ''
Width of the PNG used to display the alerting graph.
'';
};
height = mkOption {
height = lib.mkOption {
default = 500;
type = types.ints.positive;
type = lib.types.ints.positive;
description = ''
Height of the PNG used to display the alerting graph.
'';
};
mode = mkOption {
mode = lib.mkOption {
default = "default";
type = types.enum [ "default" "reusable" "clustered" ];
type = lib.types.enum [ "default" "reusable" "clustered" ];
description = ''
Rendering mode of `grafana-image-renderer`:
@ -74,8 +71,8 @@ in {
for that mode can be declared in `rendering.clustering`.
'';
};
args = mkOption {
type = types.listOf types.str;
args = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ "--no-sandbox" ];
description = ''
List of CLI flags passed to `chromium`.
@ -96,7 +93,7 @@ in {
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
assertions = [
{ assertion = cfg.provisionGrafana -> config.services.grafana.enable;
message = ''
@ -106,23 +103,23 @@ in {
}
];
services.grafana.settings.rendering = mkIf cfg.provisionGrafana {
services.grafana.settings.rendering = lib.mkIf cfg.provisionGrafana {
server_url = "http://localhost:${toString cfg.settings.service.port}/render";
callback_url = "http://${config.services.grafana.settings.server.http_addr}:${toString config.services.grafana.settings.server.http_port}";
};
services.grafana-image-renderer.chromium = mkDefault pkgs.chromium;
services.grafana-image-renderer.chromium = lib.mkDefault pkgs.chromium;
services.grafana-image-renderer.settings = {
rendering = mapAttrs (const mkDefault) {
rendering = lib.mapAttrs (lib.const lib.mkDefault) {
chromeBin = "${cfg.chromium}/bin/chromium";
verboseLogging = cfg.verbose;
timezone = config.time.timeZone;
};
service = {
logging.level = mkIf cfg.verbose (mkDefault "debug");
metrics.enabled = mkDefault false;
logging.level = lib.mkIf cfg.verbose (lib.mkDefault "debug");
metrics.enabled = lib.mkDefault false;
};
};
@ -144,5 +141,5 @@ in {
};
};
meta.maintainers = with maintainers; [ ma27 ];
meta.maintainers = with lib.maintainers; [ ma27 ];
}

33
nixos/modules/services/monitoring/grafana-reporter.nix
View File

@ -1,53 +1,50 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.grafana_reporter;
in {
options.services.grafana_reporter = {
enable = mkEnableOption "grafana_reporter";
enable = lib.mkEnableOption "grafana_reporter";
grafana = {
protocol = mkOption {
protocol = lib.mkOption {
description = "Grafana protocol.";
default = "http";
type = types.enum ["http" "https"];
type = lib.types.enum ["http" "https"];
};
addr = mkOption {
addr = lib.mkOption {
description = "Grafana address.";
default = "127.0.0.1";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
description = "Grafana port.";
default = 3000;
type = types.port;
type = lib.types.port;
};
};
addr = mkOption {
addr = lib.mkOption {
description = "Listening address.";
default = "127.0.0.1";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
description = "Listening port.";
default = 8686;
type = types.port;
type = lib.types.port;
};
templateDir = mkOption {
templateDir = lib.mkOption {
description = "Optional template directory to use custom tex templates";
default = pkgs.grafana_reporter;
defaultText = literalExpression "pkgs.grafana_reporter";
type = types.either types.str types.path;
defaultText = lib.literalExpression "pkgs.grafana_reporter";
type = lib.types.either lib.types.str lib.types.path;
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.services.grafana_reporter = {
description = "Grafana Reporter Service Daemon";
wantedBy = ["multi-user.target"];

7
nixos/modules/services/monitoring/hdaps.nix
View File

@ -1,20 +1,17 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.hdapsd;
hdapsd = [ pkgs.hdapsd ];
in
{
options = {
services.hdapsd.enable = mkEnableOption ''
services.hdapsd.enable = lib.mkEnableOption ''
Hard Drive Active Protection System Daemon,
devices are detected and managed automatically by udev and systemd
'';
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
boot.kernelModules = [ "hdapsd" ];
services.udev.packages = hdapsd;
systemd.packages = hdapsd;

21
nixos/modules/services/monitoring/heapster.nix
View File

@ -1,35 +1,32 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.heapster;
in {
options.services.heapster = {
enable = mkEnableOption "Heapster monitoring";
enable = lib.mkEnableOption "Heapster monitoring";
source = mkOption {
source = lib.mkOption {
description = "Heapster metric source";
example = "kubernetes:https://kubernetes.default";
type = types.str;
type = lib.types.str;
};
sink = mkOption {
sink = lib.mkOption {
description = "Heapster metic sink";
example = "influxdb:http://localhost:8086";
type = types.str;
type = lib.types.str;
};
extraOpts = mkOption {
extraOpts = lib.mkOption {
description = "Heapster extra options";
default = "";
type = types.separatedString " ";
type = lib.types.separatedString " ";
};
package = mkPackageOption pkgs "heapster" { };
package = lib.mkPackageOption pkgs "heapster" { };
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.services.heapster = {
wantedBy = ["multi-user.target"];
after = ["cadvisor.service" "kube-apiserver.service"];

38
nixos/modules/services/monitoring/incron.nix
View File

@ -1,8 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.incron;
@ -14,8 +10,8 @@ in
services.incron = {
enable = mkOption {
type = types.bool;
enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Whether to enable the incron daemon.
@ -24,8 +20,8 @@ in
'';
};
allow = mkOption {
type = types.nullOr (types.listOf types.str);
allow = lib.mkOption {
type = lib.types.nullOr (lib.types.listOf lib.types.str);
default = null;
description = ''
Users allowed to use incrontab.
@ -37,14 +33,14 @@ in
'';
};
deny = mkOption {
type = types.nullOr (types.listOf types.str);
deny = lib.mkOption {
type = lib.types.nullOr (lib.types.listOf lib.types.str);
default = null;
description = "Users forbidden from using incrontab.";
};
systab = mkOption {
type = types.lines;
systab = lib.mkOption {
type = lib.types.lines;
default = "";
description = "The system incrontab contents.";
example = ''
@ -53,10 +49,10 @@ in
'';
};
extraPackages = mkOption {
type = types.listOf types.package;
extraPackages = lib.mkOption {
type = lib.types.listOf lib.types.package;
default = [];
example = literalExpression "[ pkgs.rsync ]";
example = lib.literalExpression "[ pkgs.rsync ]";
description = "Extra packages available to the system incrontab.";
};
@ -64,9 +60,9 @@ in
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
warnings = optional (cfg.allow != null && cfg.deny != null)
warnings = lib.optional (cfg.allow != null && cfg.deny != null)
"If `services.incron.allow` is set then `services.incron.deny` will be ignored.";
environment.systemPackages = [ pkgs.incron ];
@ -83,11 +79,11 @@ in
mode = "0444";
text = cfg.systab;
};
environment.etc."incron.allow" = mkIf (cfg.allow != null) {
text = concatStringsSep "\n" cfg.allow;
environment.etc."incron.allow" = lib.mkIf (cfg.allow != null) {
text = lib.concatStringsSep "\n" cfg.allow;
};
environment.etc."incron.deny" = mkIf (cfg.deny != null) {
text = concatStringsSep "\n" cfg.deny;
environment.etc."incron.deny" = lib.mkIf (cfg.deny != null) {
text = lib.concatStringsSep "\n" cfg.deny;
};
systemd.services.incron = {

77
nixos/modules/services/monitoring/kapacitor.nix
View File

@ -1,7 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.kapacitor;
@ -26,13 +23,13 @@ let
[storage]
boltdb = "${cfg.dataDir}/kapacitor.db"
${optionalString (cfg.loadDirectory != null) ''
${lib.optionalString (cfg.loadDirectory != null) ''
[load]
enabled = true
dir = "${cfg.loadDirectory}"
''}
${optionalString (cfg.defaultDatabase.enable) ''
${lib.optionalString (cfg.defaultDatabase.enable) ''
[[influxdb]]
name = "default"
enabled = true
@ -42,7 +39,7 @@ let
password = "${cfg.defaultDatabase.password}"
''}
${optionalString (cfg.alerta.enable) ''
${lib.optionalString (cfg.alerta.enable) ''
[alerta]
enabled = true
url = "${cfg.alerta.url}"
@ -57,107 +54,107 @@ let
in
{
options.services.kapacitor = {
enable = mkEnableOption "kapacitor";
enable = lib.mkEnableOption "kapacitor";
dataDir = mkOption {
type = types.path;
dataDir = lib.mkOption {
type = lib.types.path;
default = "/var/lib/kapacitor";
description = "Location where Kapacitor stores its state";
};
port = mkOption {
type = types.port;
port = lib.mkOption {
type = lib.types.port;
default = 9092;
description = "Port of Kapacitor";
};
bind = mkOption {
type = types.str;
bind = lib.mkOption {
type = lib.types.str;
default = "";
example = "0.0.0.0";
description = "Address to bind to. The default is to bind to all addresses";
};
extraConfig = mkOption {
extraConfig = lib.mkOption {
description = "These lines go into kapacitord.conf verbatim.";
default = "";
type = types.lines;
type = lib.types.lines;
};
user = mkOption {
type = types.str;
user = lib.mkOption {
type = lib.types.str;
default = "kapacitor";
description = "User account under which Kapacitor runs";
};
group = mkOption {
type = types.str;
group = lib.mkOption {
type = lib.types.str;
default = "kapacitor";
description = "Group under which Kapacitor runs";
};
taskSnapshotInterval = mkOption {
type = types.str;
taskSnapshotInterval = lib.mkOption {
type = lib.types.str;
description = "Specifies how often to snapshot the task state (in InfluxDB time units)";
default = "1m0s";
};
loadDirectory = mkOption {
type = types.nullOr types.path;
loadDirectory = lib.mkOption {
type = lib.types.nullOr lib.types.path;
description = "Directory where to load services from, such as tasks, templates and handlers (or null to disable service loading on startup)";
default = null;
};
defaultDatabase = {
enable = mkEnableOption "kapacitor.defaultDatabase";
enable = lib.mkEnableOption "kapacitor.defaultDatabase";
url = mkOption {
url = lib.mkOption {
description = "The URL to an InfluxDB server that serves as the default database";
example = "http://localhost:8086";
type = types.str;
type = lib.types.str;
};
username = mkOption {
username = lib.mkOption {
description = "The username to connect to the remote InfluxDB server";
type = types.str;
type = lib.types.str;
};
password = mkOption {
password = lib.mkOption {
description = "The password to connect to the remote InfluxDB server";
type = types.str;
type = lib.types.str;
};
};
alerta = {
enable = mkEnableOption "kapacitor alerta integration";
enable = lib.mkEnableOption "kapacitor alerta integration";
url = mkOption {
url = lib.mkOption {
description = "The URL to the Alerta REST API";
default = "http://localhost:5000";
type = types.str;
type = lib.types.str;
};
token = mkOption {
token = lib.mkOption {
description = "Default Alerta authentication token";
type = types.str;
type = lib.types.str;
default = "";
};
environment = mkOption {
environment = lib.mkOption {
description = "Default Alerta environment";
type = types.str;
type = lib.types.str;
default = "Production";
};
origin = mkOption {
origin = lib.mkOption {
description = "Default origin of alert";
type = types.str;
type = lib.types.str;
default = "kapacitor";
};
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
environment.systemPackages = [ pkgs.kapacitor ];
systemd.tmpfiles.settings."10-kapacitor".${cfg.dataDir}.d = {

39
nixos/modules/services/monitoring/karma.nix
View File

@ -1,17 +1,16 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.karma;
yaml = pkgs.formats.yaml { };
in
{
options.services.karma = {
enable = mkEnableOption "the Karma dashboard service";
enable = lib.mkEnableOption "the Karma dashboard service";
package = mkPackageOption pkgs "karma" { };
package = lib.mkPackageOption pkgs "karma" { };
configFile = mkOption {
type = types.path;
configFile = lib.mkOption {
type = lib.types.path;
default = yaml.generate "karma.yaml" cfg.settings;
defaultText = "A configuration file generated from the provided nix attributes settings option.";
description = ''
@ -20,8 +19,8 @@ in
example = "/etc/karma/karma.conf";
};
environment = mkOption {
type = with types; attrsOf str;
environment = lib.mkOption {
type = with lib.types; attrsOf str;
default = {};
description = ''
Additional environment variables to provide to karma.
@ -32,16 +31,16 @@ in
};
};
openFirewall = mkOption {
type = types.bool;
openFirewall = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Whether to open ports in the firewall needed for karma to function.
'';
};
extraOptions = mkOption {
type = with types; listOf str;
extraOptions = lib.mkOption {
type = with lib.types; listOf str;
default = [];
description = ''
Extra command line options.
@ -51,13 +50,13 @@ in
];
};
settings = mkOption {
type = types.submodule {
settings = lib.mkOption {
type = lib.types.submodule {
freeformType = yaml.type;
options.listen = {
address = mkOption {
type = types.str;
address = lib.mkOption {
type = lib.types.str;
default = "127.0.0.1";
description = ''
Hostname or IP to listen on.
@ -65,8 +64,8 @@ in
example = "[::]";
};
port = mkOption {
type = types.port;
port = lib.mkOption {
type = lib.types.port;
default = 8080;
description = ''
HTTP port to listen on.
@ -104,7 +103,7 @@ in
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.services.karma = {
description = "Alert dashboard for Prometheus Alertmanager";
wantedBy = [ "multi-user.target" ];
@ -113,9 +112,9 @@ in
Type = "simple";
DynamicUser = true;
Restart = "on-failure";
ExecStart = "${pkgs.karma}/bin/karma --config.file ${cfg.configFile} ${concatStringsSep " " cfg.extraOptions}";
ExecStart = "${pkgs.karma}/bin/karma --config.file ${cfg.configFile} ${lib.concatStringsSep " " cfg.extraOptions}";
};
};
networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.settings.listen.port ];
networking.firewall.allowedTCPPorts = lib.mkIf cfg.openFirewall [ cfg.settings.listen.port ];
};
}

66
nixos/modules/services/monitoring/kthxbye.nix
View File

@ -1,33 +1,31 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.kthxbye;
in
{
options.services.kthxbye = {
enable = mkEnableOption "kthxbye alert acknowledgement management daemon";
enable = lib.mkEnableOption "kthxbye alert acknowledgement management daemon";
package = mkPackageOption pkgs "kthxbye" { };
package = lib.mkPackageOption pkgs "kthxbye" { };
openFirewall = mkOption {
type = types.bool;
openFirewall = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Whether to open ports in the firewall needed for the daemon to function.
'';
};
extraOptions = mkOption {
type = with types; listOf str;
extraOptions = lib.mkOption {
type = with lib.types; listOf str;
default = [];
description = ''
Extra command line options.
Documentation can be found [here](https://github.com/prymitive/kthxbye/blob/main/README.md).
'';
example = literalExpression ''
example = lib.literalExpression ''
[
"-extend-with-prefix 'ACK!'"
];
@ -35,16 +33,16 @@ in
};
alertmanager = {
timeout = mkOption {
type = types.str;
timeout = lib.mkOption {
type = lib.types.str;
default = "1m0s";
description = ''
Alertmanager request timeout duration in the [time.Duration](https://pkg.go.dev/time#ParseDuration) format.
'';
example = "30s";
};
uri = mkOption {
type = types.str;
uri = lib.mkOption {
type = lib.types.str;
default = "http://localhost:9093";
description = ''
Alertmanager URI to use.
@ -53,8 +51,8 @@ in
};
};
extendBy = mkOption {
type = types.str;
extendBy = lib.mkOption {
type = lib.types.str;
default = "15m0s";
description = ''
Extend silences by adding DURATION seconds.
@ -64,8 +62,8 @@ in
example = "6h0m0s";
};
extendIfExpiringIn = mkOption {
type = types.str;
extendIfExpiringIn = lib.mkOption {
type = lib.types.str;
default = "5m0s";
description = ''
Extend silences that are about to expire in the next DURATION seconds.
@ -75,8 +73,8 @@ in
example = "1m0s";
};
extendWithPrefix = mkOption {
type = types.str;
extendWithPrefix = lib.mkOption {
type = lib.types.str;
default = "ACK!";
description = ''
Extend silences with comment starting with PREFIX string.
@ -84,8 +82,8 @@ in
example = "!perma-silence";
};
interval = mkOption {
type = types.str;
interval = lib.mkOption {
type = lib.types.str;
default = "45s";
description = ''
Silence check interval duration in the [time.Duration](https://pkg.go.dev/time#ParseDuration) format.
@ -93,8 +91,8 @@ in
example = "30s";
};
listenAddress = mkOption {
type = types.str;
listenAddress = lib.mkOption {
type = lib.types.str;
default = "0.0.0.0";
description = ''
The address to listen on for HTTP requests.
@ -102,24 +100,24 @@ in
example = "127.0.0.1";
};
port = mkOption {
type = types.port;
port = lib.mkOption {
type = lib.types.port;
default = 8080;
description = ''
The port to listen on for HTTP requests.
'';
};
logJSON = mkOption {
type = types.bool;
logJSON = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Format logged messages as JSON.
'';
};
maxDuration = mkOption {
type = with types; nullOr str;
maxDuration = lib.mkOption {
type = with lib.types; nullOr str;
default = null;
description = ''
Maximum duration of a silence, it won't be extended anymore after reaching it.
@ -130,7 +128,7 @@ in
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.services.kthxbye = {
description = "kthxbye Alertmanager ack management daemon";
wantedBy = [ "multi-user.target" ];
@ -143,9 +141,9 @@ in
-extend-with-prefix ${cfg.extendWithPrefix} \
-interval ${cfg.interval} \
-listen ${cfg.listenAddress}:${toString cfg.port} \
${optionalString cfg.logJSON "-log-json"} \
${optionalString (cfg.maxDuration != null) "-max-duration ${cfg.maxDuration}"} \
${concatStringsSep " " cfg.extraOptions}
${lib.optionalString cfg.logJSON "-log-json"} \
${lib.optionalString (cfg.maxDuration != null) "-max-duration ${cfg.maxDuration}"} \
${lib.concatStringsSep " " cfg.extraOptions}
'';
serviceConfig = {
Type = "simple";
@ -154,6 +152,6 @@ in
};
};
networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.port ];
networking.firewall.allowedTCPPorts = lib.mkIf cfg.openFirewall [ cfg.port ];
};
}

55
nixos/modules/services/monitoring/longview.nix
View File

@ -1,7 +1,4 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.longview;
@ -13,16 +10,16 @@ in {
services.longview = {
enable = mkOption {
type = types.bool;
enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
If enabled, system metrics will be sent to Linode LongView.
'';
};
apiKey = mkOption {
type = types.str;
apiKey = lib.mkOption {
type = lib.types.str;
default = "";
example = "01234567-89AB-CDEF-0123456789ABCDEF";
description = ''
@ -34,8 +31,8 @@ in {
'';
};
apiKeyFile = mkOption {
type = types.nullOr types.path;
apiKeyFile = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = null;
example = "/run/keys/longview-api-key";
description = ''
@ -47,8 +44,8 @@ in {
'';
};
apacheStatusUrl = mkOption {
type = types.str;
apacheStatusUrl = lib.mkOption {
type = lib.types.str;
default = "";
example = "http://127.0.0.1/server-status";
description = ''
@ -58,8 +55,8 @@ in {
'';
};
nginxStatusUrl = mkOption {
type = types.str;
nginxStatusUrl = lib.mkOption {
type = lib.types.str;
default = "";
example = "http://127.0.0.1/nginx_status";
description = ''
@ -69,8 +66,8 @@ in {
'';
};
mysqlUser = mkOption {
type = types.str;
mysqlUser = lib.mkOption {
type = lib.types.str;
default = "";
description = ''
The user for connecting to the MySQL database. If provided,
@ -80,8 +77,8 @@ in {
'';
};
mysqlPassword = mkOption {
type = types.str;
mysqlPassword = lib.mkOption {
type = lib.types.str;
default = "";
description = ''
The password corresponding to {option}`mysqlUser`.
@ -90,8 +87,8 @@ in {
'';
};
mysqlPasswordFile = mkOption {
type = types.nullOr types.path;
mysqlPasswordFile = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = null;
example = "/run/keys/dbpassword";
description = ''
@ -103,7 +100,7 @@ in {
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.services.longview =
{ description = "Longview Metrics Collection";
after = [ "network.target" ];
@ -116,27 +113,27 @@ in {
preStart = ''
umask 077
mkdir -p ${configsDir}
'' + (optionalString (cfg.apiKeyFile != null) ''
'' + (lib.optionalString (cfg.apiKeyFile != null) ''
cp --no-preserve=all "${cfg.apiKeyFile}" ${runDir}/longview.key
'') + (optionalString (cfg.apacheStatusUrl != "") ''
'') + (lib.optionalString (cfg.apacheStatusUrl != "") ''
cat > ${configsDir}/Apache.conf <<EOF
location ${cfg.apacheStatusUrl}?auto
EOF
'') + (optionalString (cfg.mysqlUser != "" && cfg.mysqlPasswordFile != null) ''
'') + (lib.optionalString (cfg.mysqlUser != "" && cfg.mysqlPasswordFile != null) ''
cat > ${configsDir}/MySQL.conf <<EOF
username ${cfg.mysqlUser}
password `head -n1 "${cfg.mysqlPasswordFile}"`
EOF
'') + (optionalString (cfg.nginxStatusUrl != "") ''
'') + (lib.optionalString (cfg.nginxStatusUrl != "") ''
cat > ${configsDir}/Nginx.conf <<EOF
location ${cfg.nginxStatusUrl}
EOF
'');
};
warnings = let warn = k: optional (cfg.${k} != "")
warnings = let warn = k: lib.optional (cfg.${k} != "")
"config.services.longview.${k} is insecure. Use ${k}File instead.";
in concatMap warn [ "apiKey" "mysqlPassword" ];
in lib.concatMap warn [ "apiKey" "mysqlPassword" ];
assertions = [
{ assertion = cfg.apiKeyFile != null;
@ -145,14 +142,14 @@ in {
];
# Create API key file if not configured.
services.longview.apiKeyFile = mkIf (cfg.apiKey != "")
(mkDefault (toString (pkgs.writeTextFile {
services.longview.apiKeyFile = lib.mkIf (cfg.apiKey != "")
(lib.mkDefault (toString (pkgs.writeTextFile {
name = "longview.key";
text = cfg.apiKey;
})));
# Create MySQL password file if not configured.
services.longview.mysqlPasswordFile = mkDefault (toString (pkgs.writeTextFile {
services.longview.mysqlPasswordFile = lib.mkDefault (toString (pkgs.writeTextFile {
name = "mysql-password-file";
text = cfg.mysqlPassword;
}));

45
nixos/modules/services/monitoring/mackerel-agent.nix
View File

@ -1,24 +1,21 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.mackerel-agent;
settingsFmt = pkgs.formats.toml {};
in {
options.services.mackerel-agent = {
enable = mkEnableOption "mackerel.io agent";
enable = lib.mkEnableOption "mackerel.io agent";
# the upstream package runs as root, but doesn't seem to be strictly
# necessary for basic functionality
runAsRoot = mkEnableOption "running as root";
runAsRoot = lib.mkEnableOption "running as root";
autoRetirement = mkEnableOption ''
autoRetirement = lib.mkEnableOption ''
retiring the host upon OS shutdown
'';
apiKeyFile = mkOption {
type = types.path;
apiKeyFile = lib.mkOption {
type = lib.types.path;
example = "/run/keys/mackerel-api-key";
description = ''
Path to file containing the Mackerel API key. The file should contain a
@ -28,7 +25,7 @@ in {
'';
};
settings = mkOption {
settings = lib.mkOption {
description = ''
Options for mackerel-agent.conf.
@ -42,29 +39,29 @@ in {
silent = false;
};
type = types.submodule {
type = lib.types.submodule {
freeformType = settingsFmt.type;
options.host_status = {
on_start = mkOption {
type = types.enum [ "working" "standby" "maintenance" "poweroff" ];
on_start = lib.mkOption {
type = lib.types.enum [ "working" "standby" "maintenance" "poweroff" ];
description = "Host status after agent startup.";
default = "working";
};
on_stop = mkOption {
type = types.enum [ "working" "standby" "maintenance" "poweroff" ];
on_stop = lib.mkOption {
type = lib.types.enum [ "working" "standby" "maintenance" "poweroff" ];
description = "Host status after agent shutdown.";
default = "poweroff";
};
};
options.diagnostic =
mkEnableOption "collecting memory usage for the agent itself";
lib.mkEnableOption "collecting memory usage for the agent itself";
};
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
environment.systemPackages = with pkgs; [ mackerel-agent ];
environment.etc = {
@ -74,11 +71,11 @@ in {
};
services.mackerel-agent.settings = {
root = mkDefault "/var/lib/mackerel-agent";
pidfile = mkDefault "/run/mackerel-agent/mackerel-agent.pid";
root = lib.mkDefault "/var/lib/mackerel-agent";
pidfile = lib.mkDefault "/run/mackerel-agent/mackerel-agent.pid";
# conf.d stores the symlink to cfg.apiKeyFile
include = mkDefault "/etc/mackerel-agent/conf.d/*.conf";
include = lib.mkDefault "/etc/mackerel-agent/conf.d/*.conf";
};
# upstream service file in https://github.com/mackerelio/mackerel-agent/blob/master/packaging/rpm/src/mackerel-agent.service
@ -88,20 +85,20 @@ in {
after = [ "network-online.target" "nss-lookup.target" ];
wantedBy = [ "multi-user.target" ];
environment = {
MACKEREL_PLUGIN_WORKDIR = mkDefault "%C/mackerel-agent";
MACKEREL_PLUGIN_WORKDIR = lib.mkDefault "%C/mackerel-agent";
};
serviceConfig = {
DynamicUser = !cfg.runAsRoot;
PrivateTmp = mkDefault true;
PrivateTmp = lib.mkDefault true;
CacheDirectory = "mackerel-agent";
ConfigurationDirectory = "mackerel-agent";
RuntimeDirectory = "mackerel-agent";
StateDirectory = "mackerel-agent";
ExecStart = "${pkgs.mackerel-agent}/bin/mackerel-agent supervise";
ExecStopPost = mkIf cfg.autoRetirement "${pkgs.mackerel-agent}/bin/mackerel-agent retire -force";
ExecStopPost = lib.mkIf cfg.autoRetirement "${pkgs.mackerel-agent}/bin/mackerel-agent retire -force";
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
LimitNOFILE = mkDefault 65536;
LimitNPROC = mkDefault 65536;
LimitNOFILE = lib.mkDefault 65536;
LimitNPROC = lib.mkDefault 65536;
};
restartTriggers = [
config.environment.etc."mackerel-agent/mackerel-agent.conf".source

13
nixos/modules/services/monitoring/monit.nix
View File

@ -1,7 +1,4 @@
{config, pkgs, lib, ...}:
with lib;
let
cfg = config.services.monit;
in
@ -9,17 +6,17 @@ in
{
options.services.monit = {
enable = mkEnableOption "Monit";
enable = lib.mkEnableOption "Monit";
config = mkOption {
type = types.lines;
config = lib.mkOption {
type = lib.types.lines;
default = "";
description = "monitrc content";
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
environment.systemPackages = [ pkgs.monit ];
@ -44,5 +41,5 @@ in
};
meta.maintainers = with maintainers; [ ryantm ];
meta.maintainers = with lib.maintainers; [ ryantm ];
}

58
nixos/modules/services/monitoring/munin.nix
View File

@ -1,18 +1,12 @@
{ config, lib, pkgs, ... }:
# TODO: support munin-async
# TODO: LWP/Pg perl libs aren't recognized
# TODO: support fastcgi
# https://guide.munin-monitoring.org/en/latest/example/webserver/apache-cgi.html
# spawn-fcgi -s /run/munin/fastcgi-graph.sock -U www-data -u munin -g munin /usr/lib/munin/cgi/munin-cgi-graph
# spawn-fcgi -s /run/munin/fastcgi-html.sock -U www-data -u munin -g munin /usr/lib/munin/cgi/munin-cgi-html
# https://paste.sh/vofcctHP#-KbDSXVeWoifYncZmLfZzgum
# nginx https://munin.readthedocs.org/en/latest/example/webserver/nginx.html
with lib;
let
nodeCfg = config.services.munin-node;
cronCfg = config.services.munin-cron;
@ -140,9 +134,9 @@ in
services.munin-node = {
enable = mkOption {
enable = lib.mkOption {
default = false;
type = types.bool;
type = lib.types.bool;
description = ''
Enable Munin Node agent. Munin node listens on 0.0.0.0 and
by default accepts connections only from 127.0.0.1 for security reasons.
@ -151,18 +145,18 @@ in
'';
};
extraConfig = mkOption {
extraConfig = lib.mkOption {
default = "";
type = types.lines;
type = lib.types.lines;
description = ''
{file}`munin-node.conf` extra configuration. See
<https://guide.munin-monitoring.org/en/latest/reference/munin-node.conf.html>
'';
};
extraPluginConfig = mkOption {
extraPluginConfig = lib.mkOption {
default = "";
type = types.lines;
type = lib.types.lines;
description = ''
{file}`plugin-conf.d` extra plugin configuration. See
<https://guide.munin-monitoring.org/en/latest/plugin/use.html>
@ -173,9 +167,9 @@ in
'';
};
extraPlugins = mkOption {
extraPlugins = lib.mkOption {
default = {};
type = with types; attrsOf path;
type = with lib.types; attrsOf path;
description = ''
Additional Munin plugins to activate. Keys are the name of the plugin
symlink, values are the path to the underlying plugin script. You
@ -194,7 +188,7 @@ in
`/bin`, `/usr/bin`,
`/sbin`, and `/usr/sbin`.
'';
example = literalExpression ''
example = lib.literalExpression ''
{
zfs_usage_bigpool = /src/munin-contrib/plugins/zfs/zfs_usage_;
zfs_usage_smallpool = /src/munin-contrib/plugins/zfs/zfs_usage_;
@ -203,9 +197,9 @@ in
'';
};
extraAutoPlugins = mkOption {
extraAutoPlugins = lib.mkOption {
default = [];
type = with types; listOf path;
type = with lib.types; listOf path;
description = ''
Additional Munin plugins to autoconfigure, using
`munin-node-configure --suggest`. These should be
@ -225,7 +219,7 @@ in
`/bin`, `/usr/bin`,
`/sbin`, and `/usr/sbin`.
'';
example = literalExpression ''
example = lib.literalExpression ''
[
/src/munin-contrib/plugins/zfs
/src/munin-contrib/plugins/ssh
@ -233,12 +227,12 @@ in
'';
};
disabledPlugins = mkOption {
disabledPlugins = lib.mkOption {
# TODO: figure out why Munin isn't writing the log file and fix it.
# In the meantime this at least suppresses a useless graph full of
# NaNs in the output.
default = [ "munin_stats" ];
type = with types; listOf str;
type = with lib.types; listOf str;
description = ''
Munin plugins to disable, even if
`munin-node-configure --suggest` tries to enable
@ -255,9 +249,9 @@ in
services.munin-cron = {
enable = mkOption {
enable = lib.mkOption {
default = false;
type = types.bool;
type = lib.types.bool;
description = ''
Enable munin-cron. Takes care of all heavy lifting to collect data from
nodes and draws graphs to html. Runs munin-update, munin-limits,
@ -268,9 +262,9 @@ in
'';
};
extraGlobalConfig = mkOption {
extraGlobalConfig = lib.mkOption {
default = "";
type = types.lines;
type = lib.types.lines;
description = ''
{file}`munin.conf` extra global configuration.
See <https://guide.munin-monitoring.org/en/latest/reference/munin.conf.html>.
@ -282,15 +276,15 @@ in
'';
};
hosts = mkOption {
hosts = lib.mkOption {
default = "";
type = types.lines;
type = lib.types.lines;
description = ''
Definitions of hosts of nodes to collect data from. Needs at least one
host for cron to succeed. See
<https://guide.munin-monitoring.org/en/latest/reference/munin.conf.html>
'';
example = literalExpression ''
example = lib.literalExpression ''
'''
[''${config.networking.hostName}]
address localhost
@ -298,9 +292,9 @@ in
'';
};
extraCSS = mkOption {
extraCSS = lib.mkOption {
default = "";
type = types.lines;
type = lib.types.lines;
description = ''
Custom styling for the HTML that munin-cron generates. This will be
appended to the CSS files used by munin-cron and will thus take
@ -320,7 +314,7 @@ in
};
config = mkMerge [ (mkIf (nodeCfg.enable || cronCfg.enable) {
config = lib.mkMerge [ (lib.mkIf (nodeCfg.enable || cronCfg.enable) {
environment.systemPackages = [ pkgs.munin ];
@ -335,7 +329,7 @@ in
gid = config.ids.gids.munin;
};
}) (mkIf nodeCfg.enable {
}) (lib.mkIf nodeCfg.enable {
systemd.services.munin-node = {
description = "Munin Node";
@ -380,7 +374,7 @@ in
group = "munin";
};
}) (mkIf cronCfg.enable {
}) (lib.mkIf cronCfg.enable {
# Munin is hardcoded to use DejaVu Mono and the graphs come out wrong if
# it's not available.

59
nixos/modules/services/monitoring/nagios.nix
View File

@ -1,8 +1,5 @@
# Nagios system/network monitoring daemon.
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.nagios;
@ -35,8 +32,8 @@ let
illegal_macro_output_chars="`~$&|'\"<>";
retain_state_information="1";
};
lines = mapAttrsToList (key: value: "${key}=${value}") (default // cfg.extraConfig);
content = concatStringsSep "\n" lines;
lines = lib.mapAttrsToList (key: value: "${key}=${value}") (default // cfg.extraConfig);
content = lib.concatStringsSep "\n" lines;
file = pkgs.writeText "nagios.cfg" content;
validated = pkgs.runCommand "nagios-checked.cfg" {preferLocalBuild=true;} ''
cp ${file} nagios.cfg
@ -81,45 +78,45 @@ let
in
{
imports = [
(mkRemovedOptionModule [ "services" "nagios" "urlPath" ] "The urlPath option has been removed as it is hard coded to /nagios in the nagios package.")
(lib.mkRemovedOptionModule [ "services" "nagios" "urlPath" ] "The urlPath option has been removed as it is hard coded to /nagios in the nagios package.")
];
meta.maintainers = with lib.maintainers; [ symphorien ];
options = {
services.nagios = {
enable = mkEnableOption ''[Nagios](https://www.nagios.org/) to monitor your system or network'';
enable = lib.mkEnableOption ''[Nagios](https://www.nagios.org/) to monitor your system or network'';
objectDefs = mkOption {
objectDefs = lib.mkOption {
description = ''
A list of Nagios object configuration files that must define
the hosts, host groups, services and contacts for the
network that you want Nagios to monitor.
'';
type = types.listOf types.path;
example = literalExpression "[ ./objects.cfg ]";
type = lib.types.listOf lib.types.path;
example = lib.literalExpression "[ ./objects.cfg ]";
};
plugins = mkOption {
type = types.listOf types.package;
plugins = lib.mkOption {
type = lib.types.listOf lib.types.package;
default = with pkgs; [ monitoring-plugins msmtp mailutils ];
defaultText = literalExpression "[pkgs.monitoring-plugins pkgs.msmtp pkgs.mailutils]";
defaultText = lib.literalExpression "[pkgs.monitoring-plugins pkgs.msmtp pkgs.mailutils]";
description = ''
Packages to be added to the Nagios {env}`PATH`.
Typically used to add plugins, but can be anything.
'';
};
mainConfigFile = mkOption {
type = types.nullOr types.package;
mainConfigFile = lib.mkOption {
type = lib.types.nullOr lib.types.package;
default = null;
description = ''
If non-null, overrides the main configuration file of Nagios.
'';
};
extraConfig = mkOption {
type = types.attrsOf types.str;
extraConfig = lib.mkOption {
type = lib.types.attrsOf lib.types.str;
example = {
debug_level = "-1";
debug_file = "/var/log/nagios/debug.log";
@ -128,25 +125,25 @@ in
description = "Configuration to add to /etc/nagios.cfg";
};
validateConfig = mkOption {
type = types.bool;
validateConfig = lib.mkOption {
type = lib.types.bool;
default = pkgs.stdenv.hostPlatform == pkgs.stdenv.buildPlatform;
defaultText = literalExpression "pkgs.stdenv.hostPlatform == pkgs.stdenv.buildPlatform";
defaultText = lib.literalExpression "pkgs.stdenv.hostPlatform == pkgs.stdenv.buildPlatform";
description = "if true, the syntax of the nagios configuration file is checked at build time";
};
cgiConfigFile = mkOption {
type = types.package;
cgiConfigFile = lib.mkOption {
type = lib.types.package;
default = nagiosCGICfgFile;
defaultText = literalExpression "nagiosCGICfgFile";
defaultText = lib.literalExpression "nagiosCGICfgFile";
description = ''
Derivation for the configuration file of Nagios CGI scripts
that can be used in web servers for running the Nagios web interface.
'';
};
enableWebInterface = mkOption {
type = types.bool;
enableWebInterface = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Whether to enable the Nagios web interface. You should also
@ -154,9 +151,9 @@ in
'';
};
virtualHost = mkOption {
type = types.submodule (import ../web-servers/apache-httpd/vhost-options.nix);
example = literalExpression ''
virtualHost = lib.mkOption {
type = lib.types.submodule (import ../web-servers/apache-httpd/vhost-options.nix);
example = lib.literalExpression ''
{ hostName = "example.org";
adminAddr = "webmaster@example.org";
enableSSL = true;
@ -173,7 +170,7 @@ in
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
users.users.nagios = {
description = "Nagios user";
uid = config.ids.uids.nagios;
@ -206,8 +203,8 @@ in
};
};
services.httpd.virtualHosts = optionalAttrs cfg.enableWebInterface {
${cfg.virtualHost.hostName} = mkMerge [ cfg.virtualHost { extraConfig = extraHttpdConfig; } ];
services.httpd.virtualHosts = lib.optionalAttrs cfg.enableWebInterface {
${cfg.virtualHost.hostName} = lib.mkMerge [ cfg.virtualHost { extraConfig = extraHttpdConfig; } ];
};
};
}

83
nixos/modules/services/monitoring/netdata.nix
View File

@ -1,7 +1,4 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.netdata;
@ -25,7 +22,7 @@ let
configDirectory = pkgs.runCommand "netdata-config-d" { } ''
mkdir $out
${concatStringsSep "\n" (mapAttrsToList (path: file: ''
${lib.concatStringsSep "\n" (lib.mapAttrsToList (path: file: ''
mkdir -p "$out/$(dirname ${path})"
ln -s "${file}" "$out/${path}"
'') cfg.configDir)}
@ -34,7 +31,7 @@ let
localConfig = {
global = {
"config directory" = "/etc/netdata/conf.d";
"plugins directory" = concatStringsSep " " plugins;
"plugins directory" = lib.concatStringsSep " " plugins;
};
web = {
"web files owner" = "root";
@ -45,7 +42,7 @@ let
"use unified cgroups" = "yes";
};
};
mkConfig = generators.toINI {} (recursiveUpdate localConfig cfg.config);
mkConfig = lib.generators.toINI {} (lib.recursiveUpdate localConfig cfg.config);
configFile = pkgs.writeText "netdata.conf" (if cfg.configText != null then cfg.configText else mkConfig);
defaultUser = "netdata";
@ -54,24 +51,24 @@ let
in {
options = {
services.netdata = {
enable = mkEnableOption "netdata";
enable = lib.mkEnableOption "netdata";
package = mkPackageOption pkgs "netdata" { };
package = lib.mkPackageOption pkgs "netdata" { };
user = mkOption {
type = types.str;
user = lib.mkOption {
type = lib.types.str;
default = "netdata";
description = "User account under which netdata runs.";
};
group = mkOption {
type = types.str;
group = lib.mkOption {
type = lib.types.str;
default = "netdata";
description = "Group under which netdata runs.";
};
configText = mkOption {
type = types.nullOr types.lines;
configText = lib.mkOption {
type = lib.types.nullOr lib.types.lines;
description = "Verbatim netdata.conf, cannot be combined with config.";
default = null;
example = ''
@ -83,26 +80,26 @@ in {
};
python = {
enable = mkOption {
type = types.bool;
enable = lib.mkOption {
type = lib.types.bool;
default = true;
description = ''
Whether to enable python-based plugins
'';
};
recommendedPythonPackages = mkOption {
type = types.bool;
recommendedPythonPackages = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Whether to enable a set of recommended Python plugins
by installing extra Python packages.
'';
};
extraPackages = mkOption {
type = types.functionTo (types.listOf types.package);
extraPackages = lib.mkOption {
type = lib.types.functionTo (lib.types.listOf lib.types.package);
default = ps: [];
defaultText = literalExpression "ps: []";
example = literalExpression ''
defaultText = lib.literalExpression "ps: []";
example = lib.literalExpression ''
ps: [
ps.psycopg2
ps.docker
@ -116,10 +113,10 @@ in {
};
};
extraPluginPaths = mkOption {
type = types.listOf types.path;
extraPluginPaths = lib.mkOption {
type = lib.types.listOf lib.types.path;
default = [ ];
example = literalExpression ''
example = lib.literalExpression ''
[ "/path/to/plugins.d" ]
'';
description = ''
@ -134,11 +131,11 @@ in {
'';
};
config = mkOption {
type = types.attrsOf types.attrs;
config = lib.mkOption {
type = lib.types.attrsOf lib.types.attrs;
default = {};
description = "netdata.conf configuration as nix attributes. cannot be combined with configText.";
example = literalExpression ''
example = lib.literalExpression ''
global = {
"debug log" = "syslog";
"access log" = "syslog";
@ -147,8 +144,8 @@ in {
'';
};
configDir = mkOption {
type = types.attrsOf types.path;
configDir = lib.mkOption {
type = lib.types.attrsOf lib.types.path;
default = {};
description = ''
Complete netdata config directory except netdata.conf.
@ -159,7 +156,7 @@ in {
Its value is the absolute path and must be readable by netdata.
Cannot be combined with configText.
'';
example = literalExpression ''
example = lib.literalExpression ''
"health_alarm_notify.conf" = pkgs.writeText "health_alarm_notify.conf" '''
sendmail="/path/to/sendmail"
''';
@ -167,8 +164,8 @@ in {
'';
};
claimTokenFile = mkOption {
type = types.nullOr types.path;
claimTokenFile = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = null;
description = ''
If set, automatically registers the agent using the given claim token
@ -176,8 +173,8 @@ in {
'';
};
enableAnalyticsReporting = mkOption {
type = types.bool;
enableAnalyticsReporting = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Enable reporting of anonymous usage statistics to Netdata Inc. via either
@ -187,8 +184,8 @@ in {
'';
};
deadlineBeforeStopSec = mkOption {
type = types.int;
deadlineBeforeStopSec = lib.mkOption {
type = lib.types.int;
default = 120;
description = ''
In order to detect when netdata is misbehaving, we run a concurrent task pinging netdata (wait-for-netdata-up)
@ -203,7 +200,7 @@ in {
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
assertions =
[ { assertion = cfg.config != {} -> cfg.configText == null ;
message = "Cannot specify both config and configText";
@ -220,7 +217,7 @@ in {
ps.netdata-pandas
]);
services.netdata.configDir.".opt-out-from-anonymous-statistics" = mkIf (!cfg.enableAnalyticsReporting) (pkgs.writeText ".opt-out-from-anonymous-statistics" "");
services.netdata.configDir.".opt-out-from-anonymous-statistics" = lib.mkIf (!cfg.enableAnalyticsReporting) (pkgs.writeText ".opt-out-from-anonymous-statistics" "");
environment.etc."netdata/netdata.conf".source = configFile;
environment.etc."netdata/conf.d".source = configDirectory;
@ -381,7 +378,7 @@ in {
permissions = "u+rx,g+x,o-rwx";
};
} // optionalAttrs (cfg.package.withIpmi) {
} // lib.optionalAttrs (cfg.package.withIpmi) {
"freeipmi.plugin" = {
source = "${cfg.package}/libexec/netdata/plugins.d/freeipmi.plugin.org";
capabilities = "cap_dac_override,cap_fowner+ep";
@ -389,7 +386,7 @@ in {
group = cfg.group;
permissions = "u+rx,g+x,o-rwx";
};
} // optionalAttrs (cfg.package.withNetworkViewer) {
} // lib.optionalAttrs (cfg.package.withNetworkViewer) {
"network-viewer.plugin" = {
source = "${cfg.package}/libexec/netdata/plugins.d/network-viewer.plugin.org";
capabilities = "cap_sys_admin,cap_dac_read_search,cap_sys_ptrace+ep";
@ -404,7 +401,7 @@ in {
{ domain = "netdata"; type = "hard"; item = "nofile"; value = "30000"; }
];
users.users = optionalAttrs (cfg.user == defaultUser) {
users.users = lib.optionalAttrs (cfg.user == defaultUser) {
${defaultUser} = {
group = defaultUser;
isSystemUser = true;
@ -413,7 +410,7 @@ in {
};
};
users.groups = optionalAttrs (cfg.group == defaultUser) {
users.groups = lib.optionalAttrs (cfg.group == defaultUser) {
${defaultUser} = { };
};

Some files were not shown because too many files have changed in this diff Show More