From b2dff2033d72b7e9ed9a3a135327fead70c61b08 Mon Sep 17 00:00:00 2001 From: Francesc Esplugas <2720+fesplugas@users.noreply.github.com> Date: Mon, 16 Oct 2023 23:31:15 +0200 Subject: fix: initdb missing data area directory Use `PGDATA` environment variable instead of `-D` to maintain consistency with NixOS module. Co-Authored-By: Michael Hoang --- modules/services/postgresql/default.nix | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'modules/services') diff --git a/modules/services/postgresql/default.nix b/modules/services/postgresql/default.nix index 018b46e..64a2ece 100644 --- a/modules/services/postgresql/default.nix +++ b/modules/services/postgresql/default.nix @@ -237,10 +237,10 @@ in for an overview of `postgresql.conf`. ::: {.note} - + String values will automatically be enclosed in single quotes. Single quotes will be escaped with two single quotes as described by the upstream documentation linked above. - + ::: ''; example = literalExpression '' @@ -355,11 +355,14 @@ in "${cfg.dataDir}/recovery.conf" ''} - exec ${postgresql}/bin/postgres -D ${cfg.dataDir} + exec ${postgresql}/bin/postgres ''; serviceConfig.KeepAlive = true; serviceConfig.RunAtLoad = true; + serviceConfig.EnvironmentVariables = { + PGDATA = cfg.dataDir; + }; }; }; -- cgit v1.2.3 From def1e23be848848400d1d097d4f044e3c401f9dd Mon Sep 17 00:00:00 2001 From: Weijia Wang <9713184+wegank@users.noreply.github.com> Date: Sun, 14 Apr 2024 23:02:32 +0200 Subject: treewide: remove lib.mdDoc --- modules/services/activate-system/default.nix | 2 +- modules/services/autossh.nix | 10 ++-- modules/services/buildkite-agents.nix | 29 +++++----- modules/services/cachix-agent.nix | 10 ++-- modules/services/chunkwm.nix | 16 +++--- modules/services/dnsmasq.nix | 10 ++-- modules/services/emacs.nix | 8 +-- modules/services/eternal-terminal.nix | 12 ++-- modules/services/github-runner/options.nix | 34 +++++------ modules/services/gitlab-runner.nix | 76 ++++++++++++------------- modules/services/hercules-ci-agent/common.nix | 9 ++- modules/services/hercules-ci-agent/default.nix | 2 +- modules/services/hercules-ci-agent/settings.nix | 19 +++---- modules/services/ipfs.nix | 10 ++-- modules/services/karabiner-elements/default.nix | 2 +- modules/services/khd/default.nix | 8 +-- modules/services/kwm/default.nix | 6 +- modules/services/lorri.nix | 4 +- modules/services/mail/offlineimap.nix | 12 ++-- modules/services/monitoring/telegraf.nix | 10 ++-- modules/services/mopidy.nix | 8 +-- modules/services/netbird.nix | 4 +- modules/services/nextdns/default.nix | 4 +- modules/services/nix-daemon.nix | 8 +-- modules/services/nix-gc/default.nix | 8 +-- modules/services/nix-optimise/default.nix | 7 +-- modules/services/ofborg/default.nix | 8 +-- modules/services/postgresql/default.nix | 38 ++++++------- modules/services/privoxy/default.nix | 12 ++-- modules/services/redis/default.nix | 16 +++--- modules/services/sketchybar/default.nix | 8 +-- modules/services/skhd/default.nix | 6 +- modules/services/spacebar/default.nix | 8 +-- modules/services/spotifyd.nix | 6 +- modules/services/synapse-bt.nix | 10 ++-- modules/services/synergy/default.nix | 32 +++++------ modules/services/tailscale.nix | 6 +- modules/services/trezord.nix | 6 +- modules/services/wg-quick.nix | 38 ++++++------- modules/services/yabai/default.nix | 10 ++-- 40 files changed, 264 insertions(+), 268 deletions(-) (limited to 'modules/services') diff --git a/modules/services/activate-system/default.nix b/modules/services/activate-system/default.nix index 19034a1..c41d963 100644 --- a/modules/services/activate-system/default.nix +++ b/modules/services/activate-system/default.nix @@ -11,7 +11,7 @@ in services.activate-system.enable = mkOption { type = types.bool; default = true; - description = lib.mdDoc "Whether to activate system at boot time."; + description = "Whether to activate system at boot time."; }; }; diff --git a/modules/services/autossh.nix b/modules/services/autossh.nix index 9905d69..2df74ec 100644 --- a/modules/services/autossh.nix +++ b/modules/services/autossh.nix @@ -22,18 +22,18 @@ in name = mkOption { type = types.str; example = "socks-peer"; - description = lib.mdDoc "Name of the local AutoSSH session"; + description = "Name of the local AutoSSH session"; }; user = mkOption { type = types.str; example = "bill"; - description = lib.mdDoc "Name of the user the AutoSSH session should run as"; + description = "Name of the user the AutoSSH session should run as"; }; monitoringPort = mkOption { type = types.int; default = 0; example = 20000; - description = lib.mdDoc '' + description = '' Port to be used by AutoSSH for peer monitoring. Note, that AutoSSH also uses mport+1. Value of 0 disables the keep-alive style monitoring @@ -42,7 +42,7 @@ in extraArguments = mkOption { type = types.str; example = "-N -D4343 bill@socks.example.net"; - description = lib.mdDoc '' + description = '' Arguments to be passed to AutoSSH and retransmitted to SSH process. Some meaningful options include -N (don't run remote command), -D (open SOCKS proxy on local port), -R (forward @@ -54,7 +54,7 @@ in }); default = []; - description = lib.mdDoc '' + description = '' List of AutoSSH sessions to start as systemd services. Each service is named 'autossh-{session.name}'. ''; diff --git a/modules/services/buildkite-agents.nix b/modules/services/buildkite-agents.nix index 094f2c9..4888247 100644 --- a/modules/services/buildkite-agents.nix +++ b/modules/services/buildkite-agents.nix @@ -4,14 +4,13 @@ with lib; let cfg = config.services.buildkite-agents; - mdDoc = lib.mdDoc or (x: "Documentation not rendered. Please upgrade to a newer NixOS with markdown support."); literalMD = lib.literalMD or (x: lib.literalDocBook "Documentation not rendered. Please upgrade to a newer NixOS with markdown support."); mkHookOption = { name, description, example ? null }: { inherit name; value = mkOption { default = null; - description = mdDoc description; + description = description; type = types.nullOr types.lines; } // (if example == null then {} else { inherit example; }); }; @@ -36,32 +35,32 @@ let enable = mkOption { default = true; type = types.bool; - description = mdDoc "Whether to enable this buildkite agent"; + description = "Whether to enable this buildkite agent"; }; package = mkOption { default = pkgs.buildkite-agent; defaultText = literalExpression "pkgs.buildkite-agent"; - description = mdDoc "Which buildkite-agent derivation to use"; + description = "Which buildkite-agent derivation to use"; type = types.package; }; dataDir = mkOption { default = "/var/lib/buildkite-agent-${name}"; - description = mdDoc "The workdir for the agent"; + description = "The workdir for the agent"; type = types.str; }; runtimePackages = mkOption { default = [ pkgs.bash pkgs.gnutar pkgs.gzip pkgs.git pkgs.nix ]; defaultText = literalExpression "[ pkgs.bash pkgs.gnutar pkgs.gzip pkgs.git pkgs.nix ]"; - description = mdDoc "Add programs to the buildkite-agent environment"; + description = "Add programs to the buildkite-agent environment"; type = types.listOf (types.either types.package types.path); }; tokenPath = mkOption { type = types.path; - description = mdDoc '' + description = '' The token from your Buildkite "Agents" page. A run-time path to the token file, which is supposed to be provisioned @@ -72,7 +71,7 @@ let name = mkOption { type = types.str; default = "%hostname-${name}-%n"; - description = mdDoc '' + description = '' The name of the agent as seen in the buildkite dashboard. ''; }; @@ -81,7 +80,7 @@ let type = types.attrsOf (types.either types.str (types.listOf types.str)); default = {}; example = { queue = "default"; docker = "true"; ruby2 ="true"; }; - description = mdDoc '' + description = '' Tags for the agent. ''; }; @@ -90,7 +89,7 @@ let type = types.lines; default = ""; example = "debug=true"; - description = mdDoc '' + description = '' Extra lines to be added verbatim to the configuration file. ''; }; @@ -98,7 +97,7 @@ let preCommands = mkOption { type = types.lines; default = ""; - description = lib.mdDoc '' + description = '' Extra commands to run before starting buildkite. ''; }; @@ -110,7 +109,7 @@ let ## don't end up in the Nix store. apply = final: if final == null then null else toString final; - description = mdDoc '' + description = '' OpenSSH private key A run-time path to the key file, which is supposed to be provisioned @@ -179,7 +178,7 @@ let type = types.path; default = hooksDir config; defaultText = literalMD "generated from {option}`services.buildkite-agents..hooks`"; - description = mdDoc '' + description = '' Path to the directory storing the hooks. Consider using {option}`services.buildkite-agents..hooks.` instead. @@ -190,7 +189,7 @@ let type = types.str; default = "${pkgs.bash}/bin/bash -e -c"; defaultText = literalExpression ''"''${pkgs.bash}/bin/bash -e -c"''; - description = mdDoc '' + description = '' Command that buildkite-agent 3 will execute when it spawns a shell. ''; }; @@ -203,7 +202,7 @@ in options.services.buildkite-agents = mkOption { type = types.attrsOf (types.submodule buildkiteOptions); default = {}; - description = mdDoc '' + description = '' Attribute set of buildkite agents. The attribute key is combined with the hostname and a unique integer to create the final agent name. This can be overridden by setting the `name` diff --git a/modules/services/cachix-agent.nix b/modules/services/cachix-agent.nix index 68bc61c..0095d65 100644 --- a/modules/services/cachix-agent.nix +++ b/modules/services/cachix-agent.nix @@ -9,7 +9,7 @@ in { enable = mkOption { type = types.bool; default = false; - description = lib.mdDoc '' + description = '' Enable to run Cachix Agent as a system service. Read [Cachix Deploy](https://docs.cachix.org/deploy/) documentation for more information. @@ -19,13 +19,13 @@ in { name = mkOption { type = types.str; default = config.networking.hostName; - description = lib.mdDoc '' + description = '' Agent name, usually the same as the hostname. ''; }; package = mkOption { - description = lib.mdDoc '' + description = '' Package containing cachix executable. ''; type = types.package; @@ -36,7 +36,7 @@ in { credentialsFile = mkOption { type = types.path; default = "/etc/cachix-agent.token"; - description = lib.mdDoc '' + description = '' Required file that needs to contain: export CACHIX_AGENT_TOKEN=... @@ -46,7 +46,7 @@ in { logFile = mkOption { type = types.nullOr types.path; default = "/var/log/cachix-agent.log"; - description = lib.mdDoc "Absolute path to log all stderr and stdout"; + description = "Absolute path to log all stderr and stdout"; }; }; diff --git a/modules/services/chunkwm.nix b/modules/services/chunkwm.nix index a5955cc..354288a 100644 --- a/modules/services/chunkwm.nix +++ b/modules/services/chunkwm.nix @@ -12,51 +12,51 @@ in services.chunkwm.enable = mkOption { type = types.bool; default = false; - description = lib.mdDoc "Whether to enable the chunkwm window manager."; + description = "Whether to enable the chunkwm window manager."; }; services.chunkwm.package = mkOption { type = types.package; example = literalExpression "pkgs.chunkwm"; - description = lib.mdDoc "This option specifies the chunkwm package to use."; + description = "This option specifies the chunkwm package to use."; }; services.chunkwm.hotload = mkOption { type = types.bool; default = true; - description = lib.mdDoc "Whether to enable hotload."; + description = "Whether to enable hotload."; }; services.chunkwm.extraConfig = mkOption { type = types.lines; default = ""; example = ''chunkc tiling::rule --owner Emacs --state tile''; - description = lib.mdDoc "Additional commands for {file}`chunkwmrc`."; + description = "Additional commands for {file}`chunkwmrc`."; }; services.chunkwm.plugins.dir = mkOption { type = types.path; default = "/run/current-system/sw/lib/chunkwm/plugins"; - description = lib.mdDoc "Chunkwm Plugins directory."; + description = "Chunkwm Plugins directory."; }; services.chunkwm.plugins.list = mkOption { type = types.listOf (types.enum plugins); default = plugins; example = ["tiling"]; - description = lib.mdDoc "Chunkwm Plugins to enable."; + description = "Chunkwm Plugins to enable."; }; services.chunkwm.plugins."border".config = mkOption { type = types.lines; default = ''chunkc set focused_border_color 0xffc0b18b''; - description = lib.mdDoc "Optional border plugin configuration."; + description = "Optional border plugin configuration."; }; services.chunkwm.plugins."tiling".config = mkOption { type = types.lines; example = ''chunkc set global_desktop_mode bsp''; - description = lib.mdDoc "Optional tiling plugin configuration."; + description = "Optional tiling plugin configuration."; }; }; diff --git a/modules/services/dnsmasq.nix b/modules/services/dnsmasq.nix index 03071db..7ea674f 100644 --- a/modules/services/dnsmasq.nix +++ b/modules/services/dnsmasq.nix @@ -12,32 +12,32 @@ in services.dnsmasq.enable = mkOption { type = types.bool; default = false; - description = lib.mdDoc "Whether to enable DNSmasq."; + description = "Whether to enable DNSmasq."; }; services.dnsmasq.package = mkOption { type = types.path; default = pkgs.dnsmasq; defaultText = "pkgs.dnsmasq"; - description = lib.mdDoc "This option specifies the dnsmasq package to use."; + description = "This option specifies the dnsmasq package to use."; }; services.dnsmasq.bind = mkOption { type = types.str; default = "127.0.0.1"; - description = lib.mdDoc "This option specifies the interface on which DNSmasq will listen."; + description = "This option specifies the interface on which DNSmasq will listen."; }; services.dnsmasq.port = mkOption { type = types.int; default = 53; - description = lib.mdDoc "This option specifies port on which DNSmasq will listen."; + description = "This option specifies port on which DNSmasq will listen."; }; services.dnsmasq.addresses = mkOption { type = types.attrs; default = {}; - description = lib.mdDoc "List of domains that will be redirected by the DNSmasq."; + description = "List of domains that will be redirected by the DNSmasq."; example = literalExpression '' { localhost = "127.0.0.1"; } ''; diff --git a/modules/services/emacs.nix b/modules/services/emacs.nix index 88b5c8a..4b9a3cb 100644 --- a/modules/services/emacs.nix +++ b/modules/services/emacs.nix @@ -12,20 +12,20 @@ in { enable = mkOption { type = types.bool; default = false; - description = lib.mdDoc "Whether to enable the Emacs Daemon."; + description = "Whether to enable the Emacs Daemon."; }; package = mkOption { type = types.path; default = pkgs.emacs; - description = lib.mdDoc "This option specifies the emacs package to use."; + description = "This option specifies the emacs package to use."; }; additionalPath = mkOption { type = types.listOf types.str; default = [ ]; example = [ "/Users/my_user_name" ]; - description = lib.mdDoc '' + description = '' This option specifies additional PATH that the emacs daemon would have. Typically if you have binaries in your home directory that is what you would add your home path here. One caveat is that there won't be shell variable expansion, so you can't use $HOME for example @@ -35,7 +35,7 @@ in { exec = mkOption { type = types.str; default = "emacs"; - description = lib.mdDoc "Emacs command/binary to execute."; + description = "Emacs command/binary to execute."; }; }; }; diff --git a/modules/services/eternal-terminal.nix b/modules/services/eternal-terminal.nix index 3533080..d243a61 100644 --- a/modules/services/eternal-terminal.nix +++ b/modules/services/eternal-terminal.nix @@ -7,20 +7,20 @@ in { options = { services.eternal-terminal = { - enable = mkEnableOption (lib.mdDoc "Eternal Terminal server"); + enable = mkEnableOption "Eternal Terminal server"; package = mkOption { type = types.path; default = pkgs.eternal-terminal; defaultText = "pkgs.eternal-terminal"; - description = lib.mdDoc + description = "This option specifies the eternal-terminal package to use."; }; port = mkOption { default = 2022; type = types.port; - description = lib.mdDoc '' + description = '' The port the server should listen on. Will use the server's default (2022) if not specified. Make sure to open this port in the firewall if necessary. @@ -30,7 +30,7 @@ in { verbosity = mkOption { default = 0; type = types.enum (lib.range 0 9); - description = lib.mdDoc '' + description = '' The verbosity level (0-9). ''; }; @@ -38,7 +38,7 @@ in { silent = mkOption { default = false; type = types.bool; - description = lib.mdDoc '' + description = '' If enabled, disables all logging. ''; }; @@ -46,7 +46,7 @@ in { logSize = mkOption { default = 20971520; type = types.int; - description = lib.mdDoc '' + description = '' The maximum log size. ''; }; diff --git a/modules/services/github-runner/options.nix b/modules/services/github-runner/options.nix index 300ca32..f6c4830 100644 --- a/modules/services/github-runner/options.nix +++ b/modules/services/github-runner/options.nix @@ -6,7 +6,7 @@ with lib; { options.services.github-runners = mkOption { - description = mdDoc '' + description = '' Multiple GitHub Runners. If `user` and `group` are set to `null`, the module will configure nix-darwin to @@ -50,7 +50,7 @@ with lib; enable = mkOption { default = false; example = true; - description = mdDoc '' + description = '' Whether to enable GitHub Actions runner. Note: GitHub recommends using self-hosted runners with private repositories only. Learn more here: @@ -61,7 +61,7 @@ with lib; url = mkOption { type = types.str; - description = mdDoc '' + description = '' Repository to add the runner to. Changing this option triggers a new runner registration. @@ -79,7 +79,7 @@ with lib; tokenFile = mkOption { type = types.path; - description = mdDoc '' + description = '' The full path to a file which contains either * a fine-grained personal access token (PAT), @@ -122,7 +122,7 @@ with lib; name = mkOption { type = types.nullOr types.str; - description = mdDoc '' + description = '' Name of the runner to configure. If null, defaults to the hostname. Changing this option triggers a new runner registration. @@ -133,7 +133,7 @@ with lib; runnerGroup = mkOption { type = types.nullOr types.str; - description = mdDoc '' + description = '' Name of the runner group to add this runner to (defaults to the default runner group). Changing this option triggers a new runner registration. @@ -143,7 +143,7 @@ with lib; extraLabels = mkOption { type = types.listOf types.str; - description = mdDoc '' + description = '' Extra labels in addition to the default (unless disabled through the `noDefaultLabels` option). Changing this option triggers a new runner registration. @@ -154,7 +154,7 @@ with lib; noDefaultLabels = mkOption { type = types.bool; - description = mdDoc '' + description = '' Disables adding the default labels. Also see the `extraLabels` option. Changing this option triggers a new runner registration. @@ -164,7 +164,7 @@ with lib; replace = mkOption { type = types.bool; - description = mdDoc '' + description = '' Replace any existing runner with the same name. Without this flag, registering a new runner with the same name fails. @@ -174,7 +174,7 @@ with lib; extraPackages = mkOption { type = types.listOf types.package; - description = mdDoc '' + description = '' Extra packages to add to `PATH` of the service to make them available to workflows. ''; default = [ ]; @@ -182,7 +182,7 @@ with lib; extraEnvironment = mkOption { type = types.attrs; - description = mdDoc '' + description = '' Extra environment variables to set for the runner, as an attrset. ''; example = { @@ -193,7 +193,7 @@ with lib; serviceOverrides = mkOption { type = types.attrs; - description = mdDoc '' + description = '' Modify the service. Can be used to, e.g., adjust the sandboxing options. ''; default = { }; @@ -203,7 +203,7 @@ with lib; ephemeral = mkOption { type = types.bool; - description = mdDoc '' + description = '' If enabled, causes the following behavior: - Passes the `--ephemeral` flag to the runner configuration script @@ -222,7 +222,7 @@ with lib; user = mkOption { type = types.nullOr types.str; - description = mdDoc '' + description = '' User under which to run the service. If this option and the `group` option is set to `null`, nix-darwin creates @@ -234,7 +234,7 @@ with lib; group = mkOption { type = types.nullOr types.str; - description = mdDoc '' + description = '' Group under which to run the service. If this option and the `user` option is set to `null`, nix-darwin creates @@ -246,7 +246,7 @@ with lib; workDir = mkOption { type = with types; nullOr str; - description = mdDoc '' + description = '' Working directory, available as `$GITHUB_WORKSPACE` during workflow runs and used as a default for [repository checkouts](https://github.com/actions/checkout). The service cleans this directory on every service start. @@ -259,7 +259,7 @@ with lib; nodeRuntimes = mkOption { type = with types; nonEmptyListOf (enum [ "node20" ]); default = [ "node20" ]; - description = mdDoc '' + description = '' List of Node.js runtimes the runner should support. ''; }; diff --git a/modules/services/gitlab-runner.nix b/modules/services/gitlab-runner.nix index 7651ba5..94c291e 100644 --- a/modules/services/gitlab-runner.nix +++ b/modules/services/gitlab-runner.nix @@ -117,11 +117,11 @@ let in { options.services.gitlab-runner = { - enable = mkEnableOption (lib.mdDoc "Gitlab Runner"); + enable = mkEnableOption "Gitlab Runner"; configFile = mkOption { type = types.nullOr types.path; default = null; - description = lib.mdDoc '' + description = '' Configuration file for gitlab-runner. {option}`configFile` takes precedence over {option}`services`. @@ -137,7 +137,7 @@ in type = types.int; default = 0; example = literalExpression "with lib; (length (attrNames config.services.gitlab-runner.services)) * 3"; - description = lib.mdDoc '' + description = '' Defines the interval length, in seconds, between new jobs check. The default value is 3; if set to 0 or lower, the default value will be used. @@ -148,7 +148,7 @@ in type = types.int; default = 1; example = literalExpression "config.nix.maxJobs"; - description = lib.mdDoc '' + description = '' Limits how many jobs globally can be run concurrently. The most upper limit of jobs using all defined runners. 0 does not mean unlimited. @@ -158,7 +158,7 @@ in type = types.nullOr types.str; default = null; example = "https://public:private@host:port/1"; - description = lib.mdDoc '' + description = '' Data Source Name for tracking of all system level errors to Sentry. ''; }; @@ -166,7 +166,7 @@ in type = types.nullOr types.str; default = null; example = "localhost:8080"; - description = lib.mdDoc '' + description = '' Address (<host>:<port>) on which the Prometheus metrics HTTP server should be listening. ''; @@ -178,7 +178,7 @@ in type = types.nullOr types.str; default = null; example = "0.0.0.0:8093"; - description = lib.mdDoc '' + description = '' An internal URL to be used for the session server. ''; }; @@ -186,7 +186,7 @@ in type = types.nullOr types.str; default = null; example = "runner-host-name.tld:8093"; - description = lib.mdDoc '' + description = '' The URL that the Runner will expose to GitLab to be used to access the session server. Fallbacks to {option}`listenAddress` if not defined. @@ -195,7 +195,7 @@ in sessionTimeout = mkOption { type = types.int; default = 1800; - description = lib.mdDoc '' + description = '' How long in seconds the session can stay active after the job completes (which will block the job from finishing). ''; @@ -208,7 +208,7 @@ in listenAddress = "0.0.0.0:8093"; } ''; - description = lib.mdDoc '' + description = '' The session server allows the user to interact with jobs that the Runner is responsible for. A good example of this is the [interactive web terminal](https://docs.gitlab.com/ee/ci/interactive_web_terminal/index.html). @@ -217,7 +217,7 @@ in gracefulTermination = mkOption { type = types.bool; default = false; - description = lib.mdDoc '' + description = '' Finish all remaining jobs before stopping. If not set gitlab-runner will stop immediatly without waiting for jobs to finish, which will lead to failed builds. @@ -227,7 +227,7 @@ in type = types.str; default = "infinity"; example = "5min 20s"; - description = lib.mdDoc '' + description = '' Time to wait until a graceful shutdown is turned into a forceful one. ''; }; @@ -236,17 +236,17 @@ in default = pkgs.gitlab-runner; defaultText = "pkgs.gitlab-runner"; example = literalExpression "pkgs.gitlab-runner_1_11"; - description = lib.mdDoc "Gitlab Runner package to use."; + description = "Gitlab Runner package to use."; }; extraPackages = mkOption { type = types.listOf types.package; default = [ ]; - description = lib.mdDoc '' + description = '' Extra packages to add to PATH for the gitlab-runner process. ''; }; services = mkOption { - description = lib.mdDoc "GitLab Runner services."; + description = "GitLab Runner services."; default = { }; example = literalExpression '' { @@ -328,7 +328,7 @@ in options = { registrationConfigFile = mkOption { type = types.path; - description = lib.mdDoc '' + description = '' Absolute path to a file with environment variables used for gitlab-runner registration. A list of all supported environment variables can be found in @@ -345,7 +345,7 @@ in type = types.listOf types.str; default = [ ]; example = [ "--docker-helper-image my/gitlab-runner-helper" ]; - description = lib.mdDoc '' + description = '' Extra command-line flags passed to `gitlab-runner register`. Execute `gitlab-runner register --help` @@ -356,7 +356,7 @@ in type = types.attrsOf types.str; default = { }; example = { NAME = "value"; }; - description = lib.mdDoc '' + description = '' Custom environment variables injected to build environment. For secrets you can use {option}`registrationConfigFile` with `RUNNER_ENV` variable set. @@ -365,7 +365,7 @@ in executor = mkOption { type = types.str; default = "docker"; - description = lib.mdDoc '' + description = '' Select executor, eg. shell, docker, etc. See [runner documentation](https://docs.gitlab.com/runner/executors/README.html) for more information. ''; @@ -374,7 +374,7 @@ in type = types.nullOr types.path; default = null; example = "/var/lib/gitlab-runner/builds"; - description = lib.mdDoc '' + description = '' Absolute path to a directory where builds will be stored in context of selected executor (Locally, Docker, SSH). ''; @@ -383,14 +383,14 @@ in type = types.nullOr types.str; default = null; example = "http://gitlab.example.local"; - description = lib.mdDoc '' + description = '' Overwrite the URL for the GitLab instance. Used if the Runner can’t connect to GitLab on the URL GitLab exposes itself. ''; }; dockerImage = mkOption { type = types.nullOr types.str; default = null; - description = lib.mdDoc '' + description = '' Docker image to be used. ''; }; @@ -398,7 +398,7 @@ in type = types.listOf types.str; default = [ ]; example = [ "/var/run/docker.sock:/var/run/docker.sock" ]; - description = lib.mdDoc '' + description = '' Bind-mount a volume and create it if it doesn't exist prior to mounting. ''; @@ -406,14 +406,14 @@ in dockerDisableCache = mkOption { type = types.bool; default = false; - description = lib.mdDoc '' + description = '' Disable all container caching. ''; }; dockerPrivileged = mkOption { type = types.bool; default = false; - description = lib.mdDoc '' + description = '' Give extended privileges to container. ''; }; @@ -421,7 +421,7 @@ in type = types.listOf types.str; default = [ ]; example = [ "other-host:127.0.0.1" ]; - description = lib.mdDoc '' + description = '' Add a custom host-to-IP mapping. ''; }; @@ -429,7 +429,7 @@ in type = types.listOf types.str; default = [ ]; example = [ "ruby:*" "python:*" "php:*" "my.registry.tld:5000/*:*" ]; - description = lib.mdDoc '' + description = '' Whitelist allowed images. ''; }; @@ -437,21 +437,21 @@ in type = types.listOf types.str; default = [ ]; example = [ "postgres:9" "redis:*" "mysql:*" ]; - description = lib.mdDoc '' + description = '' Whitelist allowed services. ''; }; preCloneScript = mkOption { type = types.nullOr types.path; default = null; - description = lib.mdDoc '' + description = '' Runner-specific command script executed before code is pulled. ''; }; preBuildScript = mkOption { type = types.nullOr types.path; default = null; - description = lib.mdDoc '' + description = '' Runner-specific command script executed after code is pulled, just before build executes. ''; @@ -459,7 +459,7 @@ in postBuildScript = mkOption { type = types.nullOr types.path; default = null; - description = lib.mdDoc '' + description = '' Runner-specific command script executed after code is pulled and just after build executes. ''; @@ -467,14 +467,14 @@ in tagList = mkOption { type = types.listOf types.str; default = [ ]; - description = lib.mdDoc '' + description = '' Tag list. ''; }; runUntagged = mkOption { type = types.bool; default = false; - description = lib.mdDoc '' + description = '' Register to run untagged builds; defaults to `true` when {option}`tagList` is empty. ''; @@ -482,7 +482,7 @@ in limit = mkOption { type = types.int; default = 0; - description = lib.mdDoc '' + description = '' Limit how many jobs can be handled concurrently by this service. 0 (default) simply means don't limit. ''; @@ -490,14 +490,14 @@ in requestConcurrency = mkOption { type = types.int; default = 0; - description = lib.mdDoc '' + description = '' Limit number of concurrent requests for new jobs from GitLab. ''; }; maximumTimeout = mkOption { type = types.int; default = 0; - description = lib.mdDoc '' + description = '' What is the maximum timeout (in seconds) that will be set for job when using this Runner. 0 (default) simply means don't limit. ''; @@ -505,7 +505,7 @@ in protected = mkOption { type = types.bool; default = false; - description = lib.mdDoc '' + description = '' When set to true Runner will only run on pipelines triggered on protected branches. ''; @@ -513,7 +513,7 @@ in debugTraceDisabled = mkOption { type = types.bool; default = false; - description = lib.mdDoc '' + description = '' When set to true Runner will disable the possibility of using the `CI_DEBUG_TRACE` feature. ''; diff --git a/modules/services/hercules-ci-agent/common.nix b/modules/services/hercules-ci-agent/common.nix index 6401f6f..5a4b739 100644 --- a/modules/services/hercules-ci-agent/common.nix +++ b/modules/services/hercules-ci-agent/common.nix @@ -18,7 +18,6 @@ let types ; literalMD = lib.literalMD or (x: lib.literalDocBook "Documentation not rendered. Please upgrade to a newer NixOS with markdown support."); - mdDoc = lib.mdDoc or (x: "Documentation not rendered. Please upgrade to a newer NixOS with markdown support."); cfg = config.services.hercules-ci-agent; @@ -37,7 +36,7 @@ in enable = mkOption { type = types.bool; default = false; - description = mdDoc '' + description = '' Enable to run Hercules CI Agent as a system service. [Hercules CI](https://hercules-ci.com) is a @@ -47,7 +46,7 @@ in ''; }; package = mkOption { - description = mdDoc '' + description = '' Package containing the bin/hercules-ci-agent executable. ''; type = types.package; @@ -55,7 +54,7 @@ in defaultText = literalExpression "pkgs.hercules-ci-agent"; }; settings = mkOption { - description = mdDoc '' + description = '' These settings are written to the `agent.toml` file. Not all settings are listed as options, can be set nonetheless. @@ -75,7 +74,7 @@ in type = types.path; internal = true; defaultText = literalMD "generated `hercules-ci-agent.toml`"; - description = mdDoc '' + description = '' The fully assembled config file. ''; }; diff --git a/modules/services/hercules-ci-agent/default.nix b/modules/services/hercules-ci-agent/default.nix index 538e104..d9fbf37 100644 --- a/modules/services/hercules-ci-agent/default.nix +++ b/modules/services/hercules-ci-agent/default.nix @@ -17,7 +17,7 @@ in logFile = mkOption { type = types.path; default = "/var/log/hercules-ci-agent.log"; - description = lib.mdDoc "Stdout and sterr of hercules-ci-agent process."; + description = "Stdout and sterr of hercules-ci-agent process."; }; }; diff --git a/modules/services/hercules-ci-agent/settings.nix b/modules/services/hercules-ci-agent/settings.nix index 157861a..6389461 100644 --- a/modules/services/hercules-ci-agent/settings.nix +++ b/modules/services/hercules-ci-agent/settings.nix @@ -7,7 +7,6 @@ let mkOption ; literalMD = lib.literalMD or (x: lib.literalDocBook "Documentation not rendered. Please upgrade to a newer NixOS with markdown support."); - mdDoc = lib.mdDoc or (x: "Documentation not rendered. Please upgrade to a newer NixOS with markdown support."); format = pkgs.formats.toml { }; @@ -15,7 +14,7 @@ let freeformType = format.type; options = { apiBaseUrl = mkOption { - description = mdDoc '' + description = '' API base URL that the agent will connect to. When using Hercules CI Enterprise, set this to the URL where your @@ -27,12 +26,12 @@ let baseDirectory = mkOption { type = types.path; default = "/var/lib/hercules-ci-agent"; - description = mdDoc '' + description = '' State directory (secrets, work directory, etc) for agent ''; }; concurrentTasks = mkOption { - description = mdDoc '' + description = '' Number of tasks to perform simultaneously. A task is a single derivation build, an evaluation or an effect run. @@ -56,7 +55,7 @@ let ''; }; labels = mkOption { - description = mdDoc '' + description = '' A key-value map of user data. This data will be available to organization members in the dashboard and API. @@ -75,7 +74,7 @@ let ''; }; workDirectory = mkOption { - description = mdDoc '' + description = '' The directory in which temporary subdirectories are created for task state. This includes sources for Nix evaluation. ''; type = types.path; @@ -83,7 +82,7 @@ let defaultText = literalExpression ''baseDirectory + "/work"''; }; staticSecretsDirectory = mkOption { - description = mdDoc '' + description = '' This is the default directory to look for statically configured secrets like `cluster-join-token.key`. See also `clusterJoinTokenPath` and `binaryCachesPath` for fine-grained configuration. @@ -93,7 +92,7 @@ let defaultText = literalExpression ''baseDirectory + "/secrets"''; }; clusterJoinTokenPath = mkOption { - description = mdDoc '' + description = '' Location of the cluster-join-token.key file. You can retrieve the contents of the file when creating a new agent via @@ -110,7 +109,7 @@ let defaultText = literalExpression ''staticSecretsDirectory + "/cluster-join-token.key"''; }; binaryCachesPath = mkOption { - description = mdDoc '' + description = '' Path to a JSON file containing binary cache secret keys. As these values are confidential, they should not be in the store, but @@ -124,7 +123,7 @@ let defaultText = literalExpression ''staticSecretsDirectory + "/binary-caches.json"''; }; secretsJsonPath = mkOption { - description = mdDoc '' + description = '' Path to a JSON file containing secrets for effects. As these values are confidential, they should not be in the store, but diff --git a/modules/services/ipfs.nix b/modules/services/ipfs.nix index 6cfcc49..e7cdb74 100644 --- a/modules/services/ipfs.nix +++ b/modules/services/ipfs.nix @@ -14,14 +14,14 @@ in enable = mkOption { type = types.bool; default = false; - description = lib.mdDoc "Whether to enable the ipfs daemon."; + description = "Whether to enable the ipfs daemon."; }; package = mkOption { type = types.package; default = pkgs.kubo; # defaultText = "pkgs.kubo"; - description = lib.mdDoc '' + description = '' The ipfs package to use. ''; }; @@ -30,7 +30,7 @@ in type = types.nullOr types.path; default = null; example = "/var/tmp/ipfs.log"; - description = lib.mdDoc '' + description = '' The logfile to use for the ipfs service. Alternatively {command}`sudo launchctl debug system/org.nixos.ipfs --stderr` can be used to stream the logs to a shell after restarting the service with @@ -41,13 +41,13 @@ in ipfsPath = mkOption { type = types.nullOr types.path; default = null; - description = lib.mdDoc "Set the IPFS_PATH environment variable."; + description = "Set the IPFS_PATH environment variable."; }; enableGarbageCollection = mkOption { type = types.bool; default = false; - description = lib.mdDoc "Passes --enable-gc flag to ipfs daemon."; + description = "Passes --enable-gc flag to ipfs daemon."; }; }; diff --git a/modules/services/karabiner-elements/default.nix b/modules/services/karabiner-elements/default.nix index 7c0636c..2f415b2 100644 --- a/modules/services/karabiner-elements/default.nix +++ b/modules/services/karabiner-elements/default.nix @@ -10,7 +10,7 @@ in { options = { - services.karabiner-elements.enable = mkEnableOption (lib.mdDoc "Karabiner-Elements"); + services.karabiner-elements.enable = mkEnableOption "Karabiner-Elements"; }; config = mkIf cfg.enable { diff --git a/modules/services/khd/default.nix b/modules/services/khd/default.nix index ef16a2b..7594baf 100644 --- a/modules/services/khd/default.nix +++ b/modules/services/khd/default.nix @@ -13,27 +13,27 @@ in services.khd.enable = mkOption { type = types.bool; default = false; - description = lib.mdDoc "Whether to enable the khd hotkey daemon."; + description = "Whether to enable the khd hotkey daemon."; }; services.khd.package = mkOption { type = types.package; default = pkgs.khd; defaultText = "pkgs.khd"; - description = lib.mdDoc "This option specifies the khd package to use."; + description = "This option specifies the khd package to use."; }; services.khd.khdConfig = mkOption { type = types.lines; default = ""; example = "alt + shift - r : kwmc quit"; - description = lib.mdDoc "Config to use for {file}`khdrc`."; + description = "Config to use for {file}`khdrc`."; }; services.khd.i3Keybindings = mkOption { type = types.bool; default = false; - description = lib.mdDoc "Wether to configure i3 style keybindings for kwm."; + description = "Wether to configure i3 style keybindings for kwm."; }; }; diff --git a/modules/services/kwm/default.nix b/modules/services/kwm/default.nix index c6603b9..5fb6c56 100644 --- a/modules/services/kwm/default.nix +++ b/modules/services/kwm/default.nix @@ -11,21 +11,21 @@ in services.kwm.enable = mkOption { type = types.bool; default = false; - description = lib.mdDoc "Whether to enable the khd window manager."; + description = "Whether to enable the khd window manager."; }; services.kwm.package = mkOption { type = types.path; default = pkgs.kwm; defaultText = "pkgs.kwm"; - description = lib.mdDoc "This option specifies the kwm package to use."; + description = "This option specifies the kwm package to use."; }; services.kwm.kwmConfig = mkOption { type = types.lines; default = ""; example = ''kwmc rule owner="iTerm2" properties={role="AXDialog"}''; - description = lib.mdDoc "Config to use for {file}`kwmrc`."; + description = "Config to use for {file}`kwmrc`."; }; }; diff --git a/modules/services/lorri.nix b/modules/services/lorri.nix index 246bcfa..0c12300 100644 --- a/modules/services/lorri.nix +++ b/modules/services/lorri.nix @@ -11,14 +11,14 @@ in enable = mkOption { type = types.bool; default = false; - description = lib.mdDoc "Whether to enable the lorri service."; + description = "Whether to enable the lorri service."; }; logFile = mkOption { type = types.nullOr types.path; default = null; example = "/var/tmp/lorri.log"; - description = lib.mdDoc '' + description = '' The logfile to use for the lorri service. Alternatively {command}`sudo launchctl debug system/org.nixos.lorri --stderr` can be used to stream the logs to a shell after restarting the service with diff --git a/modules/services/mail/offlineimap.nix b/modules/services/mail/offlineimap.nix index b7913cb..81c8bdb 100644 --- a/modules/services/mail/offlineimap.nix +++ b/modules/services/mail/offlineimap.nix @@ -7,32 +7,32 @@ let in { options.services.offlineimap = { - enable = mkEnableOption (lib.mdDoc "Offlineimap, a software to dispose your mailbox(es) as a local Maildir(s)"); + enable = mkEnableOption "Offlineimap, a software to dispose your mailbox(es) as a local Maildir(s)"; package = mkOption { type = types.package; default = pkgs.offlineimap; defaultText = "pkgs.offlineimap"; - description = lib.mdDoc "Offlineimap derivation to use."; + description = "Offlineimap derivation to use."; }; path = mkOption { type = types.listOf types.path; default = []; example = literalExpression "[ pkgs.pass pkgs.bash pkgs.notmuch ]"; - description = lib.mdDoc "List of derivations to put in Offlineimap's path."; + description = "List of derivations to put in Offlineimap's path."; }; startInterval = mkOption { type = types.nullOr types.int; default = 300; - description = lib.mdDoc "Optional key to start offlineimap services each N seconds"; + description = "Optional key to start offlineimap services each N seconds"; }; runQuick = mkOption { type = types.bool; default = false; - description = lib.mdDoc '' + description = '' Run only quick synchronizations. Ignore any flag updates on IMAP servers. If a flag on the remote IMAP changes, and we have the message locally, it will be left untouched in a quick run. ''; @@ -41,7 +41,7 @@ in { extraConfig = mkOption { type = types.lines; default = ""; - description = lib.mdDoc "Additional text to be appended to {file}`offlineimaprc`."; + description = "Additional text to be appended to {file}`offlineimaprc`."; }; }; diff --git a/modules/services/monitoring/telegraf.nix b/modules/services/monitoring/telegraf.nix index e3d3250..f40e013 100644 --- a/modules/services/monitoring/telegraf.nix +++ b/modules/services/monitoring/telegraf.nix @@ -10,12 +10,12 @@ let in { options = { services.telegraf = { - enable = mkEnableOption (lib.mdDoc "telegraf agent"); + enable = mkEnableOption "telegraf agent"; package = mkOption { default = pkgs.telegraf; defaultText = lib.literalExpression "pkgs.telegraf"; - description = lib.mdDoc "Which telegraf derivation to use"; + description = "Which telegraf derivation to use"; type = types.package; }; @@ -23,7 +23,7 @@ in { type = types.listOf types.path; default = [ ]; example = [ "/run/keys/telegraf.env" ]; - description = lib.mdDoc '' + description = '' File to load as environment file. This is useful to avoid putting secrets into the nix store. ''; @@ -31,7 +31,7 @@ in { extraConfig = mkOption { default = { }; - description = lib.mdDoc "Extra configuration options for telegraf"; + description = "Extra configuration options for telegraf"; type = settingsFormat.type; example = { outputs.influxdb = { @@ -47,7 +47,7 @@ in { configUrl = mkOption { default = null; - description = lib.mdDoc "Url to fetch config from"; + description = "Url to fetch config from"; type = types.nullOr types.str; }; }; diff --git a/modules/services/mopidy.nix b/modules/services/mopidy.nix index 2fb9a15..be3c05e 100644 --- a/modules/services/mopidy.nix +++ b/modules/services/mopidy.nix @@ -11,27 +11,27 @@ in services.mopidy.enable = mkOption { type = types.bool; default = false; - description = lib.mdDoc "Whether to enable the Mopidy Daemon."; + description = "Whether to enable the Mopidy Daemon."; }; services.mopidy.package = mkOption { type = types.path; default = pkgs.mopidy; defaultText = "pkgs.mopidy"; - description = lib.mdDoc "This option specifies the mopidy package to use."; + description = "This option specifies the mopidy package to use."; }; services.mopidy.mediakeys.enable = mkOption { type = types.bool; default = false; - description = lib.mdDoc "Whether to enable the Mopidy OSX Media Keys support daemon."; + description = "Whether to enable the Mopidy OSX Media Keys support daemon."; }; services.mopidy.mediakeys.package = mkOption { type = types.path; default = pkgs.pythonPackages.osxmpdkeys; defaultText = "pkgs.pythonPackages.osxmpdkeys"; - description = lib.mdDoc "This option specifies the mediakeys package to use."; + description = "This option specifies the mediakeys package to use."; }; }; diff --git a/modules/services/netbird.nix b/modules/services/netbird.nix index ad0bf3e..5bc8ebd 100644 --- a/modules/services/netbird.nix +++ b/modules/services/netbird.nix @@ -5,12 +5,12 @@ let in { options.services.netbird = { - enable = mkEnableOption (lib.mdDoc "Netbird daemon"); + enable = mkEnableOption "Netbird daemon"; package = mkOption { type = types.package; default = pkgs.netbird; defaultText = literalExpression "pkgs.netbird"; - description = lib.mdDoc "The package to use for netbird"; + description = "The package to use for netbird"; }; }; config = mkIf cfg.enable { diff --git a/modules/services/nextdns/default.nix b/modules/services/nextdns/default.nix index 5ea5e75..2312096 100644 --- a/modules/services/nextdns/default.nix +++ b/modules/services/nextdns/default.nix @@ -13,13 +13,13 @@ in { type = types.bool; default = false; description = - lib.mdDoc "Whether to enable the NextDNS DNS/53 to DoH Proxy service."; + "Whether to enable the NextDNS DNS/53 to DoH Proxy service."; }; arguments = mkOption { type = types.listOf types.str; default = [ ]; example = [ "-config" "10.0.3.0/24=abcdef" ]; - description = lib.mdDoc "Additional arguments to be passed to nextdns run."; + description = "Additional arguments to be passed to nextdns run."; }; }; }; diff --git a/modules/services/nix-daemon.nix b/modules/services/nix-daemon.nix index 584c226..d652dae 100644 --- a/modules/services/nix-daemon.nix +++ b/modules/services/nix-daemon.nix @@ -11,20 +11,20 @@ in services.nix-daemon.enable = mkOption { type = types.bool; default = false; - description = lib.mdDoc "Whether to enable the nix-daemon service."; + description = "Whether to enable the nix-daemon service."; }; services.nix-daemon.enableSocketListener = mkOption { type = types.bool; default = false; - description = lib.mdDoc "Whether to make the nix-daemon service socket activated."; + description = "Whether to make the nix-daemon service socket activated."; }; services.nix-daemon.logFile = mkOption { type = types.nullOr types.path; default = null; example = "/var/log/nix-daemon.log"; - description = lib.mdDoc '' + description = '' The logfile to use for the nix-daemon service. Alternatively {command}`sudo launchctl debug system/org.nixos.nix-daemon --stderr` can be used to stream the logs to a shell after restarting the service with @@ -35,7 +35,7 @@ in services.nix-daemon.tempDir = mkOption { type = types.nullOr types.path; default = null; - description = lib.mdDoc "The TMPDIR to use for nix-daemon."; + description = "The TMPDIR to use for nix-daemon."; }; }; diff --git a/modules/services/nix-gc/default.nix b/modules/services/nix-gc/default.nix index f13e250..49fb328 100644 --- a/modules/services/nix-gc/default.nix +++ b/modules/services/nix-gc/default.nix @@ -24,27 +24,27 @@ in automatic = mkOption { default = false; type = types.bool; - description = lib.mdDoc "Automatically run the garbage collector at a specific time."; + description = "Automatically run the garbage collector at a specific time."; }; # Not in NixOS module user = mkOption { type = types.nullOr types.str; default = null; - description = lib.mdDoc "User that runs the garbage collector."; + description = "User that runs the garbage collector."; }; interval = mkOption { type = types.attrs; default = { Hour = 3; Minute = 15; }; - description = lib.mdDoc "The time interval at which the garbage collector will run."; + description = "The time interval at which the garbage collector will run."; }; options = mkOption { default = ""; example = "--max-freed $((64 * 1024**3))"; type = types.str; - description = lib.mdDoc '' + description = '' Options given to {file}`nix-collect-garbage` when the garbage collector is run automatically. ''; diff --git a/modules/services/nix-optimise/default.nix b/modules/services/nix-optimise/default.nix index 5462bae..94f6e1c 100644 --- a/modules/services/nix-optimise/default.nix +++ b/modules/services/nix-optimise/default.nix @@ -6,7 +6,6 @@ let inherit (lib) - mdDoc mkIf mkOption mkRemovedOptionModule @@ -31,20 +30,20 @@ in automatic = mkOption { type = types.bool; default = false; - description = mdDoc "Automatically run the nix store optimiser at a specific time."; + description = "Automatically run the nix store optimiser at a specific time."; }; # Not in NixOS module user = mkOption { type = types.nullOr types.str; default = null; - description = mdDoc "User that runs the store optimisation."; + description = "User that runs the store optimisation."; }; interval = mkOption { type = types.attrs; default = { Hour = 3; Minute = 15; }; - description = mdDoc "The time interval at which the optimiser will run."; + description = "The time interval at which the optimiser will run."; }; }; diff --git a/modules/services/ofborg/default.nix b/modules/services/ofborg/default.nix index 9151039..4c35615 100644 --- a/modules/services/ofborg/default.nix +++ b/modules/services/ofborg/default.nix @@ -12,13 +12,13 @@ in services.ofborg.enable = mkOption { type = types.bool; default = false; - description = lib.mdDoc "Whether to enable the ofborg builder service."; + description = "Whether to enable the ofborg builder service."; }; services.ofborg.package = mkOption { type = types.package; example = literalExpression "pkgs.ofborg"; - description = lib.mdDoc '' + description = '' This option specifies the ofborg package to use. eg. (import <ofborg> {}).ofborg.rs @@ -30,7 +30,7 @@ in services.ofborg.configFile = mkOption { type = types.path; - description = lib.mdDoc '' + description = '' Configuration file to use for ofborg. WARNING Don't use a path literal or derivation for this, @@ -41,7 +41,7 @@ in services.ofborg.logFile = mkOption { type = types.path; default = "/var/log/ofborg.log"; - description = lib.mdDoc "The logfile to use for the ofborg service."; + description = "The logfile to use for the ofborg service."; }; }; diff --git a/modules/services/postgresql/default.nix b/modules/services/postgresql/default.nix index 018b46e..e063944 100644 --- a/modules/services/postgresql/default.nix +++ b/modules/services/postgresql/default.nix @@ -40,12 +40,12 @@ in services.postgresql = { - enable = mkEnableOption (lib.mdDoc "PostgreSQL Server"); + enable = mkEnableOption "PostgreSQL Server"; package = mkOption { type = types.package; example = literalExpression "pkgs.postgresql_11"; - description = lib.mdDoc '' + description = '' PostgreSQL package to use. ''; }; @@ -53,7 +53,7 @@ in port = mkOption { type = types.int; default = 5432; - description = lib.mdDoc '' + description = '' The port on which PostgreSQL listens. ''; }; @@ -61,14 +61,14 @@ in checkConfig = mkOption { type = types.bool; default = true; - description = lib.mdDoc "Check the syntax of the configuration file at compile time"; + description = "Check the syntax of the configuration file at compile time"; }; dataDir = mkOption { type = types.path; defaultText = literalExpression ''"/var/lib/postgresql/''${config.services.postgresql.package.psqlSchema}"''; example = "/var/lib/postgresql/11"; - description = lib.mdDoc '' + description = '' The data directory for PostgreSQL. If left as the default value this directory will automatically be created before the PostgreSQL server starts, otherwise the sysadmin is responsible for ensuring the directory exists with appropriate ownership @@ -79,7 +79,7 @@ in authentication = mkOption { type = types.lines; default = ""; - description = lib.mdDoc '' + description = '' Defines how users authenticate themselves to the server. See the [ PostgreSQL documentation for pg_hba.conf](https://www.postgresql.org/docs/current/auth-pg-hba-conf.html) @@ -96,7 +96,7 @@ in identMap = mkOption { type = types.lines; default = ""; - description = lib.mdDoc '' + description = '' Defines the mapping from system users to database users. The general form is: @@ -109,7 +109,7 @@ in type = with types; listOf str; default = []; example = [ "--data-checksums" "--allow-group-access" ]; - description = lib.mdDoc '' + description = '' Additional arguments passed to `initdb` during data dir initialisation. ''; @@ -118,7 +118,7 @@ in initialScript = mkOption { type = types.nullOr types.path; default = null; - description = lib.mdDoc '' + description = '' A file containing SQL statements to execute on first startup. ''; }; @@ -126,7 +126,7 @@ in ensureDatabases = mkOption { type = types.listOf types.str; default = []; - description = lib.mdDoc '' + description = '' Ensures that the specified databases exist. This option will never delete existing databases, especially not when the value of this option is changed. This means that databases created once through this option or @@ -143,14 +143,14 @@ in options = { name = mkOption { type = types.str; - description = lib.mdDoc '' + description = '' Name of the user to ensure. ''; }; ensurePermissions = mkOption { type = types.attrsOf types.str; default = {}; - description = lib.mdDoc '' + description = '' Permissions to ensure for the user, specified as an attribute set. The attribute names specify the database and tables to grant the permissions for. The attribute values specify the permissions to grant. You may specify one or @@ -171,7 +171,7 @@ in }; }); default = []; - description = lib.mdDoc '' + description = '' Ensures that the specified users exist and have at least the ensured permissions. The PostgreSQL users will be identified using peer authentication. This authenticates the Unix user with the same name only, and that without the need for a password. @@ -200,7 +200,7 @@ in enableTCPIP = mkOption { type = types.bool; default = false; - description = lib.mdDoc '' + description = '' Whether PostgreSQL should listen on all network interfaces. If disabled, the database can only be accessed via its Unix domain socket or via TCP connections to localhost. @@ -211,7 +211,7 @@ in type = types.str; default = "[%p] "; example = "%m [%p] "; - description = lib.mdDoc '' + description = '' A printf-style string that is output at the beginning of each log line. Upstream default is `'%m [%p] '`, i.e. it includes the timestamp. We do not include the timestamp, because journal has it anyway. @@ -222,7 +222,7 @@ in type = types.listOf types.path; default = []; example = literalExpression "with pkgs.postgresql_11.pkgs; [ postgis pg_repack ]"; - description = lib.mdDoc '' + description = '' List of PostgreSQL plugins. PostgreSQL version for each plugin should match version for `services.postgresql.package` value. ''; @@ -231,7 +231,7 @@ in settings = mkOption { type = with types; attrsOf (oneOf [ bool float int str ]); default = {}; - description = lib.mdDoc '' + description = '' PostgreSQL configuration. Refer to for an overview of `postgresql.conf`. @@ -257,7 +257,7 @@ in recoveryConfig = mkOption { type = types.nullOr types.lines; default = null; - description = lib.mdDoc '' + description = '' Contents of the {file}`recovery.conf` file. ''; }; @@ -267,7 +267,7 @@ in default = "postgres"; internal = true; readOnly = true; - description = lib.mdDoc '' + description = '' PostgreSQL superuser account to use for various operations. Internal since changing this value would lead to breakage while setting up databases. ''; diff --git a/modules/services/privoxy/default.nix b/modules/services/privoxy/default.nix index 5f7780c..b314723 100644 --- a/modules/services/privoxy/default.nix +++ b/modules/services/privoxy/default.nix @@ -10,40 +10,40 @@ in services.privoxy.enable = mkOption { type = types.bool; default = false; - description = lib.mdDoc "Whether to enable the privoxy proxy service."; + description = "Whether to enable the privoxy proxy service."; }; services.privoxy.listenAddress = mkOption { type = types.str; default = "127.0.0.1:8118"; - description = lib.mdDoc "The address and TCP port on which privoxy will listen."; + description = "The address and TCP port on which privoxy will listen."; }; services.privoxy.package = mkOption { type = types.package; default = pkgs.privoxy; example = literalExpression "pkgs.privoxy"; - description = lib.mdDoc "This option specifies the privoxy package to use."; + description = "This option specifies the privoxy package to use."; }; services.privoxy.config = mkOption { type = types.lines; default = ""; example = "forward / upstream.proxy:8080"; - description = lib.mdDoc "Config to use for privoxy"; + description = "Config to use for privoxy"; }; services.privoxy.templdir = mkOption { type = types.path; default = "${pkgs.privoxy}/etc/templates"; defaultText = "\${pkgs.privoxy}/etc/templates"; - description = lib.mdDoc "Directory for privoxy template files."; + description = "Directory for privoxy template files."; }; services.privoxy.confdir = mkOption { type = types.nullOr types.path; default = null; - description = lib.mdDoc "Directory for privoxy files such as .action and .filter."; + description = "Directory for privoxy files such as .action and .filter."; }; }; diff --git a/modules/services/redis/default.nix b/modules/services/redis/default.nix index 0fa0af7..ccacd3b 100644 --- a/modules/services/redis/default.nix +++ b/modules/services/redis/default.nix @@ -11,52 +11,52 @@ in services.redis.enable = mkOption { type = types.bool; default = false; - description = lib.mdDoc "Whether to enable the redis database service."; + description = "Whether to enable the redis database service."; }; services.redis.package = mkOption { type = types.path; default = pkgs.redis; defaultText = "pkgs.redis"; - description = lib.mdDoc "This option specifies the redis package to use"; + description = "This option specifies the redis package to use"; }; services.redis.dataDir = mkOption { type = types.nullOr types.path; default = "/var/lib/redis"; - description = lib.mdDoc "Data directory for the redis database."; + description = "Data directory for the redis database."; }; services.redis.port = mkOption { type = types.int; default = 6379; - description = lib.mdDoc "The port for Redis to listen to."; + description = "The port for Redis to listen to."; }; services.redis.bind = mkOption { type = types.nullOr types.str; default = null; # All interfaces - description = lib.mdDoc "The IP interface to bind to."; + description = "The IP interface to bind to."; example = "127.0.0.1"; }; services.redis.unixSocket = mkOption { type = types.nullOr types.path; default = null; - description = lib.mdDoc "The path to the socket to bind to."; + description = "The path to the socket to bind to."; example = "/var/run/redis.sock"; }; services.redis.appendOnly = mkOption { type = types.bool; default = false; - description = lib.mdDoc "By default data is only periodically persisted to disk, enable this option to use an append-only file for improved persistence."; + description = "By default data is only periodically persisted to disk, enable this option to use an append-only file for improved persistence."; }; services.redis.extraConfig = mkOption { type = types.lines; default = ""; - description = lib.mdDoc "Additional text to be appended to {file}`redis.conf`."; + description = "Additional text to be appended to {file}`redis.conf`."; }; }; diff --git a/modules/services/sketchybar/default.nix b/modules/services/sketchybar/default.nix index 0cc4f6f..228636e 100644 --- a/modules/services/sketchybar/default.nix +++ b/modules/services/sketchybar/default.nix @@ -1,7 +1,7 @@ { config, lib, pkgs, ... }: let - inherit (lib) literalExpression maintainers mdDoc mkEnableOption mkIf mkPackageOptionMD mkOption optionals types; + inherit (lib) literalExpression maintainers mkEnableOption mkIf mkPackageOptionMD mkOption optionals types; cfg = config.services.sketchybar; @@ -15,7 +15,7 @@ in ]; options.services.sketchybar = { - enable = mkEnableOption (mdDoc "sketchybar"); + enable = mkEnableOption "sketchybar"; package = mkPackageOptionMD pkgs "sketchybar" { }; @@ -23,7 +23,7 @@ in type = types.listOf types.package; default = [ ]; example = literalExpression "[ pkgs.jq ]"; - description = mdDoc '' + description = '' Extra packages to add to PATH. ''; }; @@ -36,7 +36,7 @@ in sketchybar --update echo "sketchybar configuration loaded.." ''; - description = mdDoc '' + description = '' Contents of sketchybar's configuration file. If empty (the default), the configuration file won't be managed. See [documentation](https://felixkratz.github.io/SketchyBar/) diff --git a/modules/services/skhd/default.nix b/modules/services/skhd/default.nix index 4ec1e2b..72b52d4 100644 --- a/modules/services/skhd/default.nix +++ b/modules/services/skhd/default.nix @@ -11,20 +11,20 @@ in services.skhd.enable = mkOption { type = types.bool; default = false; - description = lib.mdDoc "Whether to enable the skhd hotkey daemon."; + description = "Whether to enable the skhd hotkey daemon."; }; services.skhd.package = mkOption { type = types.package; default = pkgs.skhd; - description = lib.mdDoc "This option specifies the skhd package to use."; + description = "This option specifies the skhd package to use."; }; services.skhd.skhdConfig = mkOption { type = types.lines; default = ""; example = "alt + shift - r : chunkc quit"; - description = lib.mdDoc "Config to use for {file}`skhdrc`."; + description = "Config to use for {file}`skhdrc`."; }; }; diff --git a/modules/services/spacebar/default.nix b/modules/services/spacebar/default.nix index eb06cad..a56dac5 100644 --- a/modules/services/spacebar/default.nix +++ b/modules/services/spacebar/default.nix @@ -22,12 +22,12 @@ in services.spacebar.enable = mkOption { type = bool; default = false; - description = lib.mdDoc "Whether to enable the spacebar spacebar."; + description = "Whether to enable the spacebar spacebar."; }; services.spacebar.package = mkOption { type = path; - description = lib.mdDoc "The spacebar package to use."; + description = "The spacebar package to use."; }; services.spacebar.config = mkOption { @@ -40,7 +40,7 @@ in foreground_color = "0xffa8a8a8"; } ''; - description = lib.mdDoc '' + description = '' Key/Value pairs to pass to spacebar's 'config' domain, via the configuration file. ''; }; @@ -51,7 +51,7 @@ in example = literalExpression '' echo "spacebar config loaded..." ''; - description = lib.mdDoc '' + description = '' Extra arbitrary configuration to append to the configuration file. ''; }; diff --git a/modules/services/spotifyd.nix b/modules/services/spotifyd.nix index 2469a24..612bae1 100644 --- a/modules/services/spotifyd.nix +++ b/modules/services/spotifyd.nix @@ -19,7 +19,7 @@ in enable = mkOption { type = types.bool; default = false; - description = lib.mdDoc '' + description = '' Whether to enable the spotifyd service. ''; }; @@ -28,7 +28,7 @@ in type = types.path; default = pkgs.spotifyd; defaultText = "pkgs.spotifyd"; - description = lib.mdDoc '' + description = '' The spotifyd package to use. ''; }; @@ -40,7 +40,7 @@ in bitrate = 160; volume_normalisation = true; }; - description = lib.mdDoc '' + description = '' Configuration for spotifyd, see for supported values. ''; diff --git a/modules/services/synapse-bt.nix b/modules/services/synapse-bt.nix index 3970cac..d85a2cd 100644 --- a/modules/services/synapse-bt.nix +++ b/modules/services/synapse-bt.nix @@ -26,32 +26,32 @@ in enable = mkOption { type = types.bool; default = false; - description = lib.mdDoc "Whether to run Synapse BitTorrent Daemon."; + description = "Whether to run Synapse BitTorrent Daemon."; }; package = mkOption { type = types.package; default = pkgs.synapse-bt; defaultText = "pkgs.synapse-bt"; - description = lib.mdDoc "Synapse BitTorrent package to use."; + description = "Synapse BitTorrent package to use."; }; port = mkOption { type = types.int; default = 16384; - description = lib.mdDoc "The port on which Synapse BitTorrent listens."; + description = "The port on which Synapse BitTorrent listens."; }; downloadDir = mkOption { type = types.path; default = "/var/lib/synapse-bt"; example = "/var/lib/synapse-bt/downloads"; - description = lib.mdDoc "Download directory for Synapse BitTorrent."; + description = "Download directory for Synapse BitTorrent."; }; extraConfig = mkOption { default = {}; - description = lib.mdDoc "Extra configuration options for Synapse BitTorrent."; + description = "Extra configuration options for Synapse BitTorrent."; type = types.attrs; }; }; diff --git a/modules/services/synergy/default.nix b/modules/services/synergy/default.nix index 9933fe6..2a9e088 100644 --- a/modules/services/synergy/default.nix +++ b/modules/services/synergy/default.nix @@ -16,28 +16,28 @@ in default = pkgs.synergy; defaultText = "pkgs.synergy"; type = types.package; - description = lib.mdDoc "The package used for the synergy client and server."; + description = "The package used for the synergy client and server."; }; client = { enable = mkOption { default = false; type = types.bool; - description = lib.mdDoc '' + description = '' Whether to enable the Synergy client (receive keyboard and mouse events from a Synergy server). ''; }; screenName = mkOption { default = ""; type = types.str; - description = lib.mdDoc '' + description = '' Use the given name instead of the hostname to identify ourselves to the server. ''; }; serverAddress = mkOption { type = types.str; - description = lib.mdDoc '' + description = '' The server address is of the form: [hostname][:port]. The hostname must be the address or hostname of the server. The port overrides the default port, 24800. @@ -46,20 +46,20 @@ in autoStart = mkOption { default = true; type = types.bool; - description = lib.mdDoc "Whether the Synergy client should be started automatically."; + description = "Whether the Synergy client should be started automatically."; }; tls = { - enable = mkEnableOption (lib.mdDoc '' + enable = mkEnableOption '' Whether TLS encryption should be used. Using this requires a TLS certificate that can be generated by starting the Synergy GUI once and entering - a valid product key''); + a valid product key''; cert = mkOption { type = types.nullOr types.str; default = null; example = "~/.synergy/SSL/Synergy.pem"; - description = lib.mdDoc "The TLS certificate to use for encryption."; + description = "The TLS certificate to use for encryption."; }; }; }; @@ -68,19 +68,19 @@ in enable = mkOption { default = false; type = types.bool; - description = lib.mdDoc '' + description = '' Whether to enable the Synergy server (send keyboard and mouse events). ''; }; configFile = mkOption { default = "/etc/synergy-server.conf"; type = types.str; - description = lib.mdDoc "The Synergy server configuration file."; + description = "The Synergy server configuration file."; }; screenName = mkOption { default = ""; type = types.str; - description = lib.mdDoc '' + description = '' Use the given name instead of the hostname to identify this screen in the configuration. ''; @@ -88,25 +88,25 @@ in address = mkOption { default = ""; type = types.str; - description = lib.mdDoc "Address on which to listen for clients."; + description = "Address on which to listen for clients."; }; autoStart = mkOption { default = true; type = types.bool; - description = lib.mdDoc "Whether the Synergy server should be started automatically."; + description = "Whether the Synergy server should be started automatically."; }; tls = { - enable = mkEnableOption (lib.mdDoc '' + enable = mkEnableOption '' Whether TLS encryption should be used. Using this requires a TLS certificate that can be generated by starting the Synergy GUI once and entering - a valid product key''); + a valid product key''; cert = mkOption { type = types.nullOr types.str; default = null; example = "~/.synergy/SSL/Synergy.pem"; - description = lib.mdDoc "The TLS certificate to use for encryption."; + description = "The TLS certificate to use for encryption."; }; }; }; diff --git a/modules/services/tailscale.nix b/modules/services/tailscale.nix index 4135ade..3c826cf 100644 --- a/modules/services/tailscale.nix +++ b/modules/services/tailscale.nix @@ -13,20 +13,20 @@ in ]; options.services.tailscale = { - enable = mkEnableOption (lib.mdDoc "Tailscale client daemon"); + enable = mkEnableOption "Tailscale client daemon"; package = mkOption { type = types.package; default = pkgs.tailscale; defaultText = literalExpression "pkgs.tailscale"; - description = lib.mdDoc "The package to use for tailscale"; + description = "The package to use for tailscale"; }; overrideLocalDns = mkOption { type = types.bool; default = false; example = true; - description = lib.mdDoc '' + description = '' This option implements `Override local DNS` as it is not yet implemented in Tailscaled-on-macOS. To use this option, in the Tailscale control panel: diff --git a/modules/services/trezord.nix b/modules/services/trezord.nix index 97db519..8da05f3 100644 --- a/modules/services/trezord.nix +++ b/modules/services/trezord.nix @@ -11,7 +11,7 @@ in { enable = mkOption { type = types.bool; default = false; - description = lib.mdDoc '' + description = '' Enable Trezor bridge daemon, for use with Trezor hardware wallets. ''; }; @@ -19,7 +19,7 @@ in { emulator.enable = mkOption { type = types.bool; default = false; - description = lib.mdDoc '' + description = '' Enable Trezor emulator support. ''; }; @@ -27,7 +27,7 @@ in { emulator.port = mkOption { type = types.port; default = 21324; - description = lib.mdDoc '' + description = '' Listening port for the Trezor emulator. ''; }; diff --git a/modules/services/wg-quick.nix b/modules/services/wg-quick.nix index 1e0b865..fab7a84 100644 --- a/modules/services/wg-quick.nix +++ b/modules/services/wg-quick.nix @@ -10,32 +10,32 @@ let allowedIPs = mkOption { type = types.listOf types.str; default = [ ]; - description = lib.mdDoc "List of IP addresses associated with this peer."; + description = "List of IP addresses associated with this peer."; }; endpoint = mkOption { type = types.nullOr types.str; default = null; - description = lib.mdDoc "IP and port to connect to this peer at."; + description = "IP and port to connect to this peer at."; }; persistentKeepalive = mkOption { type = types.nullOr types.int; default = null; - description = lib.mdDoc "Interval in seconds to send keepalive packets"; + description = "Interval in seconds to send keepalive packets"; }; presharedKeyFile = mkOption { type = types.nullOr types.str; default = null; description = - lib.mdDoc "Optional, path to file containing the pre-shared key for this peer."; + "Optional, path to file containing the pre-shared key for this peer."; }; publicKey = mkOption { default = null; type = types.str; - description = lib.mdDoc "The public key for this peer."; + description = "The public key for this peer."; }; }; }; @@ -45,75 +45,75 @@ let address = mkOption { type = types.nullOr (types.listOf types.str); default = [ ]; - description = lib.mdDoc "List of IP addresses for this interface."; + description = "List of IP addresses for this interface."; }; autostart = mkOption { type = types.bool; default = true; description = - lib.mdDoc "Whether to bring up this interface automatically during boot."; + "Whether to bring up this interface automatically during boot."; }; dns = mkOption { type = types.listOf types.str; default = [ ]; - description = lib.mdDoc "List of DNS servers for this interface."; + description = "List of DNS servers for this interface."; }; listenPort = mkOption { type = types.nullOr types.int; default = null; - description = lib.mdDoc "Port to listen on, randomly selected if not specified."; + description = "Port to listen on, randomly selected if not specified."; }; mtu = mkOption { type = types.nullOr types.int; default = null; description = - lib.mdDoc "MTU to set for this interface, automatically set if not specified"; + "MTU to set for this interface, automatically set if not specified"; }; peers = mkOption { type = types.listOf (types.submodule peerOpts); default = [ ]; - description = lib.mdDoc "List of peers associated with this interface."; + description = "List of peers associated with this interface."; }; preDown = mkOption { type = with types; coercedTo (listOf str) (concatStringsSep "\n") lines; default = ""; - description = lib.mdDoc "List of commadns to run before interface shutdown."; + description = "List of commadns to run before interface shutdown."; }; preUp = mkOption { type = with types; coercedTo (listOf str) (concatStringsSep "\n") lines; default = ""; - description = lib.mdDoc "List of commands to run before interface setup."; + description = "List of commands to run before interface setup."; }; postDown = mkOption { type = with types; coercedTo (listOf str) (concatStringsSep "\n") lines; default = ""; - description = lib.mdDoc "List of commands to run after interface shutdown"; + description = "List of commands to run after interface shutdown"; }; postUp = mkOption { type = with types; coercedTo (listOf str) (concatStringsSep "\n") lines; default = ""; - description = lib.mdDoc "List of commands to run after interface setup."; + description = "List of commands to run after interface setup."; }; privateKeyFile = mkOption { type = types.str; default = null; - description = lib.mdDoc "Path to file containing this interface's private key."; + description = "Path to file containing this interface's private key."; }; table = mkOption { type = types.nullOr types.str; default = null; - description = lib.mdDoc '' + description = '' Controls the routing table to which routes are added. There are two special values: `off` disables the creation of routes altogether, and `auto` (the default) adds routes to the default table and @@ -208,13 +208,13 @@ in { interfaces = mkOption { type = types.attrsOf (types.submodule interfaceOpts); default = { }; - description = lib.mdDoc "Set of wg-quick interfaces."; + description = "Set of wg-quick interfaces."; }; logDir = mkOption { type = types.str; default = "/var/log"; - description = lib.mdDoc "Directory to save wg-quick logs to."; + description = "Directory to save wg-quick logs to."; }; }; }; diff --git a/modules/services/yabai/default.nix b/modules/services/yabai/default.nix index a26c7ca..fe9d3f9 100644 --- a/modules/services/yabai/default.nix +++ b/modules/services/yabai/default.nix @@ -23,19 +23,19 @@ in services.yabai.enable = mkOption { type = bool; default = false; - description = lib.mdDoc "Whether to enable the yabai window manager."; + description = "Whether to enable the yabai window manager."; }; services.yabai.package = mkOption { type = path; default = pkgs.yabai; - description = lib.mdDoc "The yabai package to use."; + description = "The yabai package to use."; }; services.yabai.enableScriptingAddition = mkOption { type = bool; default = false; - description = lib.mdDoc '' + description = '' Whether to enable yabai's scripting-addition. SIP must be disabled for this to work. ''; @@ -57,7 +57,7 @@ in window_gap = 10; } ''; - description = lib.mdDoc '' + description = '' Key/Value pairs to pass to yabai's 'config' domain, via the configuration file. ''; }; @@ -68,7 +68,7 @@ in example = literalExpression '' yabai -m rule --add app='System Preferences' manage=off ''; - description = lib.mdDoc "Extra arbitrary configuration to append to the configuration file"; + description = "Extra arbitrary configuration to append to the configuration file"; }; }; -- cgit v1.2.3 From ec06ea883757c6075c61d1426f40719742d51f59 Mon Sep 17 00:00:00 2001 From: zowoq <59103226+zowoq@users.noreply.github.com> Date: Wed, 24 Apr 2024 15:55:01 +1000 Subject: nix-daemon: increase SoftResourceLimits.NumberOfFiles 1048576 matches the nixos/nix plist https://github.com/NixOS/nix/blob/e3a4e40a354e1c2d177541d24d6a86a001fa87c7/misc/launchd/org.nixos.nix-daemon.plist.in#L29 --- modules/services/nix-daemon.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules/services') diff --git a/modules/services/nix-daemon.nix b/modules/services/nix-daemon.nix index d652dae..42d31c9 100644 --- a/modules/services/nix-daemon.nix +++ b/modules/services/nix-daemon.nix @@ -51,7 +51,7 @@ in serviceConfig.ProcessType = config.nix.daemonProcessType; serviceConfig.LowPriorityIO = config.nix.daemonIOLowPriority; serviceConfig.Label = "org.nixos.nix-daemon"; # must match daemon installed by Nix regardless of the launchd label Prefix - serviceConfig.SoftResourceLimits.NumberOfFiles = mkDefault 4096; + serviceConfig.SoftResourceLimits.NumberOfFiles = mkDefault 1048576; serviceConfig.StandardErrorPath = cfg.logFile; serviceConfig.KeepAlive = mkIf (!cfg.enableSocketListener) true; -- cgit v1.2.3 From e043606b50526f4b9eb14d983f406acec9548962 Mon Sep 17 00:00:00 2001 From: Sander Date: Thu, 16 May 2024 17:55:14 +0400 Subject: cachix-agent: fix crash calling `security` One of cachix-agent's dependencies, `hs-certificate`, makes calls to `security`. This lives in `/usr/bin`, which isn't available from launchd. This commit makes the system paths available to cachix-agent. Fixes #924. --- modules/services/cachix-agent.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules/services') diff --git a/modules/services/cachix-agent.nix b/modules/services/cachix-agent.nix index 0095d65..d9e4a90 100644 --- a/modules/services/cachix-agent.nix +++ b/modules/services/cachix-agent.nix @@ -58,7 +58,7 @@ in { exec ${cfg.package}/bin/cachix deploy agent ${cfg.name} ''; - path = [ config.nix.package pkgs.coreutils ]; + path = [ config.nix.package pkgs.coreutils config.environment.systemPath ]; environment = { NIX_SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; -- cgit v1.2.3 From 251eaabfa0f421a864e75e6b1a23c2c73e7bc332 Mon Sep 17 00:00:00 2001 From: zowoq <59103226+zowoq@users.noreply.github.com> Date: Tue, 21 May 2024 23:16:46 +1000 Subject: hercules-ci-agent: fix crash calling `security` this applies the same fix that was used for the cachix agent in e043606b50526f4b9eb14d983f406acec9548962 --- modules/services/hercules-ci-agent/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules/services') diff --git a/modules/services/hercules-ci-agent/default.nix b/modules/services/hercules-ci-agent/default.nix index d9fbf37..fc3d952 100644 --- a/modules/services/hercules-ci-agent/default.nix +++ b/modules/services/hercules-ci-agent/default.nix @@ -25,7 +25,7 @@ in launchd.daemons.hercules-ci-agent = { script = "exec ${cfg.package}/bin/hercules-ci-agent --config ${cfg.tomlFile}"; - path = [ config.nix.package ]; + path = [ config.nix.package config.environment.systemPath ]; environment = { NIX_SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; }; -- cgit v1.2.3 From 861af0fc94df9454f4e92d6892f75588763164bb Mon Sep 17 00:00:00 2001 From: Tyler Miller Date: Thu, 29 Jun 2023 00:50:28 -0700 Subject: fix(launchd): improve `StartCalendarInterval` Stricter launchd -> StartCalendarInterval type: - Verify that the integers passed to `Minute`, `Hour`, etc. are within range. - When provided, the value for StartCalendarInterval must be a non-empty list of calendar intervals and must not contain duplicates entries (throw an error otherwise). - For increased flexibility and backwards-compatibility, allow an attrset to be passed as well (which will be type-checked and is functionally equivalent to passing a singleton list). Allowing an attrset or list is precisely in-line with what `launchd.plist(5)` accepts for StartCalendarInterval. Migrate `nix.gc.interval` and `nix.optimise.interval` over to use this new type, and update their defaults to run weekly instead of daily. Create `modules/launchd/types.nix` file for easier/modular use of launchd types needed in multiple files. Documentation: - Update and improve wording/documentation of launchd's `StartCalendarInterval`. - Improve wording/documentation of `nix.gc.interval` and `nix.optimise.interval` ("time interval" can be misleading as it's actually a "calendar interval"; e.g. `{ Hour = 3; Minute = 15;}` runs daily, not every 3.25 hours). --- modules/services/nix-gc/default.nix | 13 +++++++++---- modules/services/nix-optimise/default.nix | 13 +++++++++---- 2 files changed, 18 insertions(+), 8 deletions(-) (limited to 'modules/services') diff --git a/modules/services/nix-gc/default.nix b/modules/services/nix-gc/default.nix index 49fb328..9fe8e86 100644 --- a/modules/services/nix-gc/default.nix +++ b/modules/services/nix-gc/default.nix @@ -6,6 +6,7 @@ with lib; let cfg = config.nix.gc; + launchdTypes = import ../../launchd/types.nix { inherit config lib; }; in { @@ -35,9 +36,13 @@ in }; interval = mkOption { - type = types.attrs; - default = { Hour = 3; Minute = 15; }; - description = "The time interval at which the garbage collector will run."; + type = launchdTypes.StartCalendarInterval; + default = [{ Weekday = 7; Hour = 3; Minute = 15; }]; + description = '' + The calendar interval at which the garbage collector will run. + See the {option}`serviceConfig.StartCalendarInterval` option of + the {option}`launchd` module for more info. + ''; }; options = mkOption { @@ -63,7 +68,7 @@ in command = "${config.nix.package}/bin/nix-collect-garbage ${cfg.options}"; environment.NIX_REMOTE = optionalString config.nix.useDaemon "daemon"; serviceConfig.RunAtLoad = false; - serviceConfig.StartCalendarInterval = [ cfg.interval ]; + serviceConfig.StartCalendarInterval = cfg.interval; serviceConfig.UserName = cfg.user; }; diff --git a/modules/services/nix-optimise/default.nix b/modules/services/nix-optimise/default.nix index 94f6e1c..d8dc401 100644 --- a/modules/services/nix-optimise/default.nix +++ b/modules/services/nix-optimise/default.nix @@ -14,6 +14,7 @@ let ; cfg = config.nix.optimise; + launchdTypes = import ../../launchd/types.nix { inherit config lib; }; in { @@ -41,9 +42,13 @@ in }; interval = mkOption { - type = types.attrs; - default = { Hour = 3; Minute = 15; }; - description = "The time interval at which the optimiser will run."; + type = launchdTypes.StartCalendarInterval; + default = [{ Weekday = 7; Hour = 4; Minute = 15; }]; + description = '' + The calendar interval at which the optimiser will run. + See the {option}`serviceConfig.StartCalendarInterval` option of + the {option}`launchd` module for more info. + ''; }; }; @@ -63,7 +68,7 @@ in "/bin/wait4path ${config.nix.package} && exec ${config.nix.package}/bin/nix-store --optimise" ]; RunAtLoad = false; - StartCalendarInterval = [ cfg.interval ]; + StartCalendarInterval = cfg.interval; UserName = cfg.user; }; }; -- cgit v1.2.3 From e00896468a4723c799b3904e2d10f0cf9a0ff847 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nikola=20Milojevi=C4=87?= Date: Mon, 1 Jul 2024 16:24:41 +0200 Subject: chore: remove mkpackageoptionmd deprecation --- modules/services/github-runner/options.nix | 2 +- modules/services/sketchybar/default.nix | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'modules/services') diff --git a/modules/services/github-runner/options.nix b/modules/services/github-runner/options.nix index f6c4830..772eb78 100644 --- a/modules/services/github-runner/options.nix +++ b/modules/services/github-runner/options.nix @@ -199,7 +199,7 @@ with lib; default = { }; }; - package = mkPackageOptionMD pkgs "github-runner" { }; + package = mkPackageOption pkgs "github-runner" { }; ephemeral = mkOption { type = types.bool; diff --git a/modules/services/sketchybar/default.nix b/modules/services/sketchybar/default.nix index 228636e..c29eec2 100644 --- a/modules/services/sketchybar/default.nix +++ b/modules/services/sketchybar/default.nix @@ -1,7 +1,7 @@ { config, lib, pkgs, ... }: let - inherit (lib) literalExpression maintainers mkEnableOption mkIf mkPackageOptionMD mkOption optionals types; + inherit (lib) literalExpression maintainers mkEnableOption mkIf mkPackageOption mkOption optionals types; cfg = config.services.sketchybar; @@ -17,7 +17,7 @@ in options.services.sketchybar = { enable = mkEnableOption "sketchybar"; - package = mkPackageOptionMD pkgs "sketchybar" { }; + package = mkPackageOption pkgs "sketchybar" { }; extraPackages = mkOption { type = types.listOf types.package; -- cgit v1.2.3 From e2a85731a071811457c151d2da385f9bb4ea5cdb Mon Sep 17 00:00:00 2001 From: Henrique Goncalves Date: Mon, 8 Jul 2024 16:36:31 -0300 Subject: nextdns: fix argument handling --- modules/services/nextdns/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules/services') diff --git a/modules/services/nextdns/default.nix b/modules/services/nextdns/default.nix index 2312096..adc9823 100644 --- a/modules/services/nextdns/default.nix +++ b/modules/services/nextdns/default.nix @@ -31,7 +31,7 @@ in { launchd.daemons.nextdns = { path = [ nextdns ]; serviceConfig.ProgramArguments = - [ "${pkgs.nextdns}/bin/nextdns" "run" (escapeShellArgs cfg.arguments) ]; + [ "${pkgs.nextdns}/bin/nextdns" "run" ] ++ cfg.arguments; serviceConfig.KeepAlive = true; serviceConfig.RunAtLoad = true; }; -- cgit v1.2.3 From fa0d64721ff8dec9fe61544fea812f9a85e7c0b1 Mon Sep 17 00:00:00 2001 From: Prav!n <50878560+amsynist@users.noreply.github.com> Date: Wed, 12 Jun 2024 00:02:21 +0530 Subject: module: add jankyborders service - Added the jankyborders service. - Introduced changes for whitelist and blacklist options and assertions. - emoved path reference from launchd argument. - Corrected missing trailing newline in default.nix. --- modules/services/jankyborders/default.nix | 157 ++++++++++++++++++++++++++++++ 1 file changed, 157 insertions(+) create mode 100644 modules/services/jankyborders/default.nix (limited to 'modules/services') diff --git a/modules/services/jankyborders/default.nix b/modules/services/jankyborders/default.nix new file mode 100644 index 0000000..11b954e --- /dev/null +++ b/modules/services/jankyborders/default.nix @@ -0,0 +1,157 @@ +{ + config, + lib, + pkgs, + ... +}: let + inherit (lib) maintainers mkEnableOption mkIf mkPackageOptionMD mkOption types; + + cfg = config.services.jankyborders; + joinStrings = strings: builtins.concatStringsSep "," strings; + + optionalArg = arg: value: + if value != null && value != "" + then + if lib.isList value + then lib.map (val: "${arg}=${val}") value + else ["${arg}=${value}"] + else []; +in { + meta.maintainers = [ + maintainers.amsynist or "amsynist" + ]; + + options.services.jankyborders = { + enable = mkEnableOption "Enable the jankyborders service."; + + package = mkPackageOptionMD pkgs "jankyborders" {}; + + width = mkOption { + type = types.float; + default = 5.0; + description = '' + Determines the width of the border. For example, width=5.0 creates a border 5.0 points wide. + ''; + }; + + hidpi = mkOption { + type = types.bool; + default = false; + description = '' + If set to on, the border will be drawn with retina resolution. + ''; + }; + + active_color = mkOption { + type = types.str; + default = "0xFFFFFFFF"; + example = "0xFFFFFFFF"; + description = '' + Sets the border color for the focused window (format: 0xAARRGGBB). For instance, active_color="0xff00ff00" creates a green border. + For Gradient Border : active_color="gradient(top_right=0x9992B3F5,bottom_left=0x9992B3F5)" + ''; + }; + + inactive_color = mkOption { + type = types.str; + default = "0xFFFFFFFF"; + example = "0xFFFFFFFF"; + description = '' + Sets the border color for all windows not in focus (format: 0xAARRGGBB). + For Gradient Border : inactive_color="gradient(top_right=0x9992B3F5,bottom_left=0x9992B3F5)" + ''; + }; + + background_color = mkOption { + type = types.str; + default = ""; + example = "0xFFFFFFFF"; + description = '' + Sets the background fill color for all windows (only 0xAARRGGBB arguments supported). + ''; + }; + + style = mkOption { + type = types.str; + default = "round"; + example = "square/round"; + description = '' + Specifies the style of the border (either round or square). + ''; + }; + + blur_radius = mkOption { + type = types.float; + default = 0.0; + example = 5.0; + description = '' + Sets the blur radius applied to the borders or backgrounds with transparency. + ''; + }; + + ax_focus = mkOption { + type = types.bool; + default = false; + description = '' + If set to true, the (slower) accessibility API is used to resolve the focused window. + ''; + }; + + blacklist = mkOption { + type = types.listOf types.str; + default = []; + example = ["Safari" "kitty"]; + description = '' + The applications specified here are excluded from being bordered. + For example, blacklist = [ "Safari" "kitty" ] excludes Safari and kitty from being bordered. + ''; + }; + + whitelist = mkOption { + type = types.listOf types.str; + default = []; + example = ["Arc" "USB Overdrive"]; + description = '' + Once this list is populated, only applications listed here are considered for receiving a border. + If the whitelist is empty (default) it is inactive. + ''; + }; + }; + + config = mkIf cfg.enable { + assertions = [ + { + assertion = !(cfg.blacklist != [] && cfg.whitelist != []); + message = "Cannot define both a blacklist and a whitelist for jankyborders."; + } + ]; + environment.systemPackages = [cfg.package]; + + launchd.user.agents.jankyborders = { + serviceConfig.ProgramArguments = + [ + "${cfg.package}/bin/borders" + ] + ++ (optionalArg "width" (toString cfg.width)) + ++ (optionalArg "hidpi" ( + if cfg.hidpi + then "on" + else "off" + )) + ++ (optionalArg "active_color" cfg.active_color) + ++ (optionalArg "inactive_color" cfg.inactive_color) + ++ (optionalArg "background_color" cfg.background_color) + ++ (optionalArg "style" cfg.style) + ++ (optionalArg "blur_radius" (toString cfg.blur_radius)) + ++ (optionalArg "ax_focus" ( + if cfg.ax_focus + then "on" + else "off" + )) + ++ (optionalArg "blacklist" (joinStrings cfg.blacklist)) + ++ (optionalArg "whitelist" (joinStrings cfg.whitelist)); + serviceConfig.KeepAlive = true; + serviceConfig.RunAtLoad = true; + }; + }; +} -- cgit v1.2.3 From 199cf340127657faf97e6b86705fea5c356adaf3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nikola=20Milojevi=C4=87?= Date: Mon, 22 Jul 2024 13:37:17 +0200 Subject: chore: removing deprecations for 25.05 nix --- modules/services/jankyborders/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'modules/services') diff --git a/modules/services/jankyborders/default.nix b/modules/services/jankyborders/default.nix index 11b954e..92ec1a1 100644 --- a/modules/services/jankyborders/default.nix +++ b/modules/services/jankyborders/default.nix @@ -4,7 +4,7 @@ pkgs, ... }: let - inherit (lib) maintainers mkEnableOption mkIf mkPackageOptionMD mkOption types; + inherit (lib) maintainers mkEnableOption mkIf mkPackageOption mkOption types; cfg = config.services.jankyborders; joinStrings = strings: builtins.concatStringsSep "," strings; @@ -24,7 +24,7 @@ in { options.services.jankyborders = { enable = mkEnableOption "Enable the jankyborders service."; - package = mkPackageOptionMD pkgs "jankyborders" {}; + package = mkPackageOption pkgs "jankyborders" {}; width = mkOption { type = types.float; -- cgit v1.2.3 From fe99aa9699e7dd4ce6a81a8a623d010cedbe7eef Mon Sep 17 00:00:00 2001 From: Michael Hoang Date: Tue, 23 Jul 2024 10:48:48 +1000 Subject: github-runnners: fix workDir missing on reboot --- modules/services/github-runner/service.nix | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) (limited to 'modules/services') diff --git a/modules/services/github-runner/service.nix b/modules/services/github-runner/service.nix index 53f2cdd..2fc133f 100644 --- a/modules/services/github-runner/service.nix +++ b/modules/services/github-runner/service.nix @@ -41,7 +41,7 @@ in in { launchd = mkIf cfg.enable { - text = mkBefore ('' + text = mkBefore '' echo >&2 "setting up GitHub Runner '${cfg.name}'..." ${pkgs.coreutils}/bin/mkdir -p -m 0750 ${escapeShellArg (mkStateDir cfg)} @@ -49,10 +49,7 @@ in ${pkgs.coreutils}/bin/mkdir -p -m 0750 ${escapeShellArg (mkLogDir cfg)} ${pkgs.coreutils}/bin/chown ${user}:${group} ${escapeShellArg (mkLogDir cfg)} - '' + optionalString (cfg.workDir == null) '' - ${pkgs.coreutils}/bin/mkdir -p -m 0750 ${escapeShellArg (mkWorkDir cfg)} - ${pkgs.coreutils}/bin/chown ${user}:${group} ${escapeShellArg (mkWorkDir cfg)} - ''); + ''; }; })); @@ -62,6 +59,9 @@ in stateDir = mkStateDir cfg; logDir = mkLogDir cfg; workDir = mkWorkDir cfg; + user = if (cfg.user != null) then cfg.user else "_github-runner"; + # If both user and group are null then we manage the group, otherwise if only group is null then there's no group + group = if (cfg.group != null) then group else if (cfg.user == null) then "_github-runner" else ""; in nameValuePair (mkSvcName name) @@ -116,6 +116,12 @@ in '' echo "Configuring GitHub Actions Runner" + ${optionalString (cfg.workDir == null) '' + # /var/run gets cleared every reboot so we need to create it before starting the service + ${pkgs.coreutils}/bin/mkdir -p -m 0750 ${escapeShellArg workDir} + ${pkgs.coreutils}/bin/chown ${user}:${group} ${escapeShellArg workDir} + ''} + # Always clean the working directory ${pkgs.findutils}/bin/find ${escapeShellArg workDir} -mindepth 1 -delete @@ -147,7 +153,7 @@ in StandardErrorPath = "${logDir}/launchd-stderr.log"; StandardOutPath = "${logDir}/launchd-stdout.log"; ThrottleInterval = 30; - UserName = if (cfg.user != null) then cfg.user else "_github-runner"; + UserName = user; WatchPaths = [ "/etc/resolv.conf" "/Library/Preferences/SystemConfiguration/NetworkInterfaces.plist" -- cgit v1.2.3 From 5c8fb551822a137848a666472a17aeb651ee033d Mon Sep 17 00:00:00 2001 From: Michael Hoang Date: Sat, 27 Jul 2024 10:26:37 +1000 Subject: Revert "github-runnners: fix workDir missing on reboot" This reverts commit fe99aa9699e7dd4ce6a81a8a623d010cedbe7eef. --- modules/services/github-runner/service.nix | 18 ++++++------------ 1 file changed, 6 insertions(+), 12 deletions(-) (limited to 'modules/services') diff --git a/modules/services/github-runner/service.nix b/modules/services/github-runner/service.nix index 2fc133f..53f2cdd 100644 --- a/modules/services/github-runner/service.nix +++ b/modules/services/github-runner/service.nix @@ -41,7 +41,7 @@ in in { launchd = mkIf cfg.enable { - text = mkBefore '' + text = mkBefore ('' echo >&2 "setting up GitHub Runner '${cfg.name}'..." ${pkgs.coreutils}/bin/mkdir -p -m 0750 ${escapeShellArg (mkStateDir cfg)} @@ -49,7 +49,10 @@ in ${pkgs.coreutils}/bin/mkdir -p -m 0750 ${escapeShellArg (mkLogDir cfg)} ${pkgs.coreutils}/bin/chown ${user}:${group} ${escapeShellArg (mkLogDir cfg)} - ''; + '' + optionalString (cfg.workDir == null) '' + ${pkgs.coreutils}/bin/mkdir -p -m 0750 ${escapeShellArg (mkWorkDir cfg)} + ${pkgs.coreutils}/bin/chown ${user}:${group} ${escapeShellArg (mkWorkDir cfg)} + ''); }; })); @@ -59,9 +62,6 @@ in stateDir = mkStateDir cfg; logDir = mkLogDir cfg; workDir = mkWorkDir cfg; - user = if (cfg.user != null) then cfg.user else "_github-runner"; - # If both user and group are null then we manage the group, otherwise if only group is null then there's no group - group = if (cfg.group != null) then group else if (cfg.user == null) then "_github-runner" else ""; in nameValuePair (mkSvcName name) @@ -116,12 +116,6 @@ in '' echo "Configuring GitHub Actions Runner" - ${optionalString (cfg.workDir == null) '' - # /var/run gets cleared every reboot so we need to create it before starting the service - ${pkgs.coreutils}/bin/mkdir -p -m 0750 ${escapeShellArg workDir} - ${pkgs.coreutils}/bin/chown ${user}:${group} ${escapeShellArg workDir} - ''} - # Always clean the working directory ${pkgs.findutils}/bin/find ${escapeShellArg workDir} -mindepth 1 -delete @@ -153,7 +147,7 @@ in StandardErrorPath = "${logDir}/launchd-stderr.log"; StandardOutPath = "${logDir}/launchd-stdout.log"; ThrottleInterval = 30; - UserName = user; + UserName = if (cfg.user != null) then cfg.user else "_github-runner"; WatchPaths = [ "/etc/resolv.conf" "/Library/Preferences/SystemConfiguration/NetworkInterfaces.plist" -- cgit v1.2.3 From dc8e1f4839b735ffed17cb5368d9bd7f19577eb6 Mon Sep 17 00:00:00 2001 From: Michael Hoang Date: Sat, 27 Jul 2024 10:41:18 +1000 Subject: github-runners: move `workDir` outside of `/run` As `/run` gets recreated every reboot and we can't specify dependencies for launchd, creating the `workDir` every reboot will require extra complexity with a separate daemon that runs as `root` otherwise it won't have sufficient privileges. As we clean the `workDir` when the service first starts anyway, it ends up being the same. --- modules/services/github-runner/options.nix | 6 +++--- modules/services/github-runner/service.nix | 6 +++++- 2 files changed, 8 insertions(+), 4 deletions(-) (limited to 'modules/services') diff --git a/modules/services/github-runner/options.nix b/modules/services/github-runner/options.nix index 772eb78..8f98aa0 100644 --- a/modules/services/github-runner/options.nix +++ b/modules/services/github-runner/options.nix @@ -22,12 +22,12 @@ with lib; * `/var/lib/github-runners/`: State directory to store the runner registration credentials + * `/var/lib/github-runners/_work/`: + Working directory for workflow files. The runner only uses this + directory if `workDir` is `null` (see the `workDir` option for details). * `/var/log/github-runners/`: The launchd service writes the stdout and stderr streams to this directory. - * `/var/run/github-runners/`: - Working directory for workflow files. The runner only uses this - directory if `workDir` is `null` (see the `workDir` option for details). ''; example = { runner1 = { diff --git a/modules/services/github-runner/service.nix b/modules/services/github-runner/service.nix index 53f2cdd..75d6442 100644 --- a/modules/services/github-runner/service.nix +++ b/modules/services/github-runner/service.nix @@ -4,7 +4,7 @@ let mkSvcName = name: "github-runner-${name}"; mkStateDir = cfg: "/var/lib/github-runners/${cfg.name}"; mkLogDir = cfg: "/var/log/github-runners/${cfg.name}"; - mkWorkDir = cfg: if (cfg.workDir != null) then cfg.workDir else "/var/run/github-runners/${cfg.name}"; + mkWorkDir = cfg: if (cfg.workDir != null) then cfg.workDir else "/var/lib/github-runners/_work/${cfg.name}"; in { config.assertions = flatten ( @@ -17,6 +17,10 @@ in assertion = !cfg.noDefaultLabels || (cfg.extraLabels != [ ]); message = "`services.github-runners.${name}`: The `extraLabels` option is mandatory if `noDefaultLabels` is set"; } + { + assertion = cfg.workDir == null || !(hasPrefix "/run/" cfg.workDir || hasPrefix "/var/run/" cfg.workDir || hasPrefix "/private/var/run/"); + message = "`services.github-runners.${name}`: `workDir` being inside /run is not supported"; + } ]) ); -- cgit v1.2.3 From c334175319949f6887dcab89afb32f1bb38e9f88 Mon Sep 17 00:00:00 2001 From: Sirio Balmelli Date: Tue, 3 Sep 2024 11:25:58 +0200 Subject: nixos/github-runner: quote comma separators so as to pass shellcheck Shellcheck complains: > args=( > ^-- SC2054 (warning): Use spaces, not commas, to separate array elements. Quote the --labels argument to resolve. Signed-off-by: Sirio Balmelli --- modules/services/github-runner/service.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'modules/services') diff --git a/modules/services/github-runner/service.nix b/modules/services/github-runner/service.nix index 75d6442..175b22d 100644 --- a/modules/services/github-runner/service.nix +++ b/modules/services/github-runner/service.nix @@ -90,7 +90,7 @@ in let configure = pkgs.writeShellApplication { name = "configure-github-runner-${name}"; - text = '' + text = /*bash*/'' export RUNNER_ROOT args=( @@ -98,7 +98,7 @@ in --disableupdate --work ${escapeShellArg workDir} --url ${escapeShellArg cfg.url} - --labels ${escapeShellArg (concatStringsSep "," cfg.extraLabels)} + --labels "${escapeShellArg (concatStringsSep "," cfg.extraLabels)}" ${optionalString (cfg.name != null ) "--name ${escapeShellArg cfg.name}"} ${optionalString cfg.replace "--replace"} ${optionalString (cfg.runnerGroup != null) "--runnergroup ${escapeShellArg cfg.runnerGroup}"} -- cgit v1.2.3 From 034c45dd0cac806b527e64c143020676e1070769 Mon Sep 17 00:00:00 2001 From: will Date: Sat, 31 Aug 2024 18:27:10 +1000 Subject: feat: use wait4path with script launchd option addresses https://github.com/LnL7/nix-darwin/issues/1043 fix: use exec in launchd daemon config fix: dont use a script thats in the nix store fix: remove manual wait4path in linux-builder fix: remove manual wait4path in karabiner elements fix: remove manual wait4path in nix-daemon fix: remove manual wait4path in nix-optimise fix: remove manual wait4path in tailscaled fix: autossh test Revert "fix: remove manual wait4path in nix-daemon" This reverts commit 6aec084fa5d095666e81676e78f7054c83703faa. fix: remove bad exec Reapply "fix: remove manual wait4path in nix-daemon" This reverts commit c8f136ecc555f803124af471324bc6ed1163d6dd. fix: update autossh test to reflect changes in f86e6133d957becb1958da638516b0860fbd7491 fix: services-activate-system-changed-label-prefix test fix: services-buildkite-agent test fix: services-activate-system test fix: escape ampersand fix: services-lorri test fix: services-nix-optimise test fix: services-nix-gc test refactor: use script rather than command in daemon fix: use config.command for clarity style: fix indentation fix: use lib.getExe rather than directly pointing to file revert: a87fc7bbbbdb7c25c5ad6721c93990ea035affdd - mistaken refactor meant that service waited for nix store and not the relevant path --- modules/services/karabiner-elements/default.nix | 20 +++++--------------- modules/services/nix-daemon.nix | 5 +---- modules/services/nix-optimise/default.nix | 5 +---- modules/services/tailscale.nix | 5 +---- 4 files changed, 8 insertions(+), 27 deletions(-) (limited to 'modules/services') diff --git a/modules/services/karabiner-elements/default.nix b/modules/services/karabiner-elements/default.nix index 2f415b2..0e2bb43 100644 --- a/modules/services/karabiner-elements/default.nix +++ b/modules/services/karabiner-elements/default.nix @@ -38,14 +38,11 @@ in # the system extension is activated, so we can call activate from the manager # which will block until the system extension is activated. launchd.daemons.start_karabiner_daemons = { - serviceConfig.ProgramArguments = [ - "/bin/sh" "-c" - "/bin/wait4path /nix/store && ${pkgs.writeScript "start_karabiner_daemons" '' + script = '' ${parentAppDir}/.Karabiner-VirtualHIDDevice-Manager.app/Contents/MacOS/Karabiner-VirtualHIDDevice-Manager activate launchctl kickstart system/org.pqrs.karabiner.karabiner_grabber launchctl kickstart system/org.pqrs.karabiner.karabiner_observer - ''}" - ]; + ''; serviceConfig.Label = "org.nixos.start_karabiner_daemons"; serviceConfig.RunAtLoad = true; }; @@ -73,11 +70,7 @@ in }; launchd.daemons.Karabiner-DriverKit-VirtualHIDDeviceClient = { - serviceConfig.ProgramArguments = [ - "/bin/sh" "-c" - # For unknown reasons this daemon will fail if VirtualHIDDeviceClient is not exec'd. - "/bin/wait4path /nix/store && exec \"${pkgs.karabiner-elements.driver}/Library/Application Support/org.pqrs/Karabiner-DriverKit-VirtualHIDDevice/Applications/Karabiner-DriverKit-VirtualHIDDeviceClient.app/Contents/MacOS/Karabiner-DriverKit-VirtualHIDDeviceClient\"" - ]; + command = "${pkgs.karabiner-elements.driver}/Library/Application Support/org.pqrs/Karabiner-DriverKit-VirtualHIDDevice/Applications/Karabiner-DriverKit-VirtualHIDDeviceClient.app/Contents/MacOS/Karabiner-DriverKit-VirtualHIDDeviceClient"; serviceConfig.ProcessType = "Interactive"; serviceConfig.Label = "org.pqrs.Karabiner-DriverKit-VirtualHIDDeviceClient"; serviceConfig.KeepAlive = true; @@ -95,14 +88,11 @@ in # We need this to run every reboot as /run gets nuked so we can't put this # inside the preActivation script as it only gets run on darwin-rebuild switch. launchd.daemons.setsuid_karabiner_session_monitor = { - serviceConfig.ProgramArguments = [ - "/bin/sh" "-c" - "/bin/wait4path /nix/store && ${pkgs.writeScript "setsuid_karabiner_session_monitor" '' + script = '' rm -rf /run/wrappers mkdir -p /run/wrappers/bin install -m4555 "${pkgs.karabiner-elements}/Library/Application Support/org.pqrs/Karabiner-Elements/bin/karabiner_session_monitor" /run/wrappers/bin - ''}" - ]; + ''; serviceConfig.RunAtLoad = true; serviceConfig.KeepAlive.SuccessfulExit = false; }; diff --git a/modules/services/nix-daemon.nix b/modules/services/nix-daemon.nix index 42d31c9..6718ac0 100644 --- a/modules/services/nix-daemon.nix +++ b/modules/services/nix-daemon.nix @@ -44,10 +44,7 @@ in nix.useDaemon = true; launchd.daemons.nix-daemon = { - serviceConfig.ProgramArguments = [ - "/bin/sh" "-c" - "/bin/wait4path ${config.nix.package}/bin/nix-daemon && exec ${config.nix.package}/bin/nix-daemon" - ]; + command = lib.getExe' config.nix.package "nix-daemon"; serviceConfig.ProcessType = config.nix.daemonProcessType; serviceConfig.LowPriorityIO = config.nix.daemonIOLowPriority; serviceConfig.Label = "org.nixos.nix-daemon"; # must match daemon installed by Nix regardless of the launchd label Prefix diff --git a/modules/services/nix-optimise/default.nix b/modules/services/nix-optimise/default.nix index d8dc401..c0ee0a3 100644 --- a/modules/services/nix-optimise/default.nix +++ b/modules/services/nix-optimise/default.nix @@ -62,11 +62,8 @@ in launchd.daemons.nix-optimise = { environment.NIX_REMOTE = optionalString config.nix.useDaemon "daemon"; + command = "${lib.getExe' config.nix.package "nix-store"} --optimise"; serviceConfig = { - ProgramArguments = [ - "/bin/sh" "-c" - "/bin/wait4path ${config.nix.package} && exec ${config.nix.package}/bin/nix-store --optimise" - ]; RunAtLoad = false; StartCalendarInterval = cfg.interval; UserName = cfg.user; diff --git a/modules/services/tailscale.nix b/modules/services/tailscale.nix index 3c826cf..e7d6b0d 100644 --- a/modules/services/tailscale.nix +++ b/modules/services/tailscale.nix @@ -54,12 +54,9 @@ in launchd.daemons.tailscaled = { # derived from # https://github.com/tailscale/tailscale/blob/main/cmd/tailscaled/install_darwin.go#L30 + command = lib.getExe' cfg.package "tailscaled"; serviceConfig = { Label = "com.tailscale.tailscaled"; - ProgramArguments = [ - "/bin/sh" "-c" - "/bin/wait4path ${cfg.package} && ${cfg.package}/bin/tailscaled" - ]; RunAtLoad = true; }; }; -- cgit v1.2.3 From 3d19b90fc74fa316cfb37b514e006d37c51e22a8 Mon Sep 17 00:00:00 2001 From: will Date: Sat, 28 Sep 2024 15:13:31 +1000 Subject: fix: karabiner elements virtualhiddeviceclient - command needed to be quoted --- modules/services/karabiner-elements/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules/services') diff --git a/modules/services/karabiner-elements/default.nix b/modules/services/karabiner-elements/default.nix index 0e2bb43..2764505 100644 --- a/modules/services/karabiner-elements/default.nix +++ b/modules/services/karabiner-elements/default.nix @@ -70,7 +70,7 @@ in }; launchd.daemons.Karabiner-DriverKit-VirtualHIDDeviceClient = { - command = "${pkgs.karabiner-elements.driver}/Library/Application Support/org.pqrs/Karabiner-DriverKit-VirtualHIDDevice/Applications/Karabiner-DriverKit-VirtualHIDDeviceClient.app/Contents/MacOS/Karabiner-DriverKit-VirtualHIDDeviceClient"; + command = "\"${pkgs.karabiner-elements.driver}/Library/Application Support/org.pqrs/Karabiner-DriverKit-VirtualHIDDevice/Applications/Karabiner-DriverKit-VirtualHIDDeviceClient.app/Contents/MacOS/Karabiner-DriverKit-VirtualHIDDeviceClient\""; serviceConfig.ProcessType = "Interactive"; serviceConfig.Label = "org.pqrs.Karabiner-DriverKit-VirtualHIDDeviceClient"; serviceConfig.KeepAlive = true; -- cgit v1.2.3 From af95f7b7ec80811cd5662d6b08b45f0160c85d1d Mon Sep 17 00:00:00 2001 From: aspauldingcode Date: Sun, 29 Sep 2024 17:29:14 -0600 Subject: add JankyBorders option order and set below by default (values: above/below) --- modules/services/jankyborders/default.nix | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'modules/services') diff --git a/modules/services/jankyborders/default.nix b/modules/services/jankyborders/default.nix index 92ec1a1..0af6d15 100644 --- a/modules/services/jankyborders/default.nix +++ b/modules/services/jankyborders/default.nix @@ -80,6 +80,15 @@ in { ''; }; + order = mkOption { + type = types.str; + default = "below"; + example = "above"; + description = '' + Specifies whether borders should be drawn above or below windows. + ''; + }; + blur_radius = mkOption { type = types.float; default = 0.0; @@ -149,7 +158,8 @@ in { else "off" )) ++ (optionalArg "blacklist" (joinStrings cfg.blacklist)) - ++ (optionalArg "whitelist" (joinStrings cfg.whitelist)); + ++ (optionalArg "whitelist" (joinStrings cfg.whitelist)) + ++ (optionalArg "order" cfg.order); serviceConfig.KeepAlive = true; serviceConfig.RunAtLoad = true; }; -- cgit v1.2.3 From 5cd9995215f0bc183811f0e4be017afa9a9a5e56 Mon Sep 17 00:00:00 2001 From: "Alex S." Date: Wed, 2 Oct 2024 10:38:08 -0600 Subject: Update modules/services/jankyborders/default.nix Co-authored-by: Michael Hoang --- modules/services/jankyborders/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules/services') diff --git a/modules/services/jankyborders/default.nix b/modules/services/jankyborders/default.nix index 0af6d15..cb7ab1e 100644 --- a/modules/services/jankyborders/default.nix +++ b/modules/services/jankyborders/default.nix @@ -81,7 +81,7 @@ in { }; order = mkOption { - type = types.str; + type = types.enum [ "above" "below" ]; default = "below"; example = "above"; description = '' -- cgit v1.2.3 From 239d802869a30bb45d4403e8f63a57a61f6910d9 Mon Sep 17 00:00:00 2001 From: Rohit Singh Date: Thu, 3 Oct 2024 23:42:10 +0530 Subject: netdata: add netdata service in nix-darwin. --- modules/services/monitoring/netdata.nix | 55 +++++++++++++++++++++++++++++++++ 1 file changed, 55 insertions(+) create mode 100644 modules/services/monitoring/netdata.nix (limited to 'modules/services') diff --git a/modules/services/monitoring/netdata.nix b/modules/services/monitoring/netdata.nix new file mode 100644 index 0000000..da0809c --- /dev/null +++ b/modules/services/monitoring/netdata.nix @@ -0,0 +1,55 @@ +{ config, lib, pkgs, ... }: +with lib; +let + cfg = config.services.netdata; + +in { + meta.maintainers = [ lib.maintainers.rsrohitsingh682 or "rsrohitsingh682" ]; + + options = { + services.netdata = { + enable = mkEnableOption "Netdata daemon"; + + package = lib.mkPackageOption pkgs "netdata" {}; + + config = mkOption { + type = types.lines; + default = ""; + description = "Custom configuration for Netdata"; + }; + + workDir = mkOption { + type = types.path; + default = "/var/lib/netdata"; + description = "Working directory for Netdata"; + }; + + logDir = mkOption { + type = types.path; + default = "/var/log/netdata"; + description = "Log directory for Netdata"; + }; + }; + }; + + config = mkIf cfg.enable { + environment.systemPackages = [ cfg.package ]; + + launchd.daemons.netdata = { + serviceConfig = { + Label = "netdata"; + KeepAlive = true; + WorkingDirectory = cfg.workDir; + StandardErrorPath = "${cfg.logDir}/netdata.log"; + StandardOutPath = "${cfg.logDir}/netdata.log"; + }; + command = lib.getExe cfg.package; + }; + + environment.etc."netdata/netdata.conf".text = cfg.config; + + system.activationScripts.preActivation.text = '' + mkdir -p ${cfg.workDir} + ''; + }; +} -- cgit v1.2.3 From 6347a9dcd1e43b9a5d43b837cfa4ca0073c2eb0e Mon Sep 17 00:00:00 2001 From: Michael Hoang Date: Mon, 14 Oct 2024 17:18:08 +1100 Subject: skhd: add `skhd` to `PATH` --- modules/services/skhd/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'modules/services') diff --git a/modules/services/skhd/default.nix b/modules/services/skhd/default.nix index 72b52d4..1f5d0cf 100644 --- a/modules/services/skhd/default.nix +++ b/modules/services/skhd/default.nix @@ -29,6 +29,7 @@ in }; config = mkIf cfg.enable { + environment.systemPackages = [ cfg.package ]; environment.etc."skhdrc".text = cfg.skhdConfig; -- cgit v1.2.3 From 72e93853c2d16d1ce04a5e8eee6695e2493ca80d Mon Sep 17 00:00:00 2001 From: Nick Hu Date: Sun, 13 Oct 2024 12:52:55 +0100 Subject: module: add aerospace service --- modules/services/aerospace/default.nix | 156 +++++++++++++++++++++++++++++++++ 1 file changed, 156 insertions(+) create mode 100644 modules/services/aerospace/default.nix (limited to 'modules/services') diff --git a/modules/services/aerospace/default.nix b/modules/services/aerospace/default.nix new file mode 100644 index 0000000..efbe9a1 --- /dev/null +++ b/modules/services/aerospace/default.nix @@ -0,0 +1,156 @@ +{ + config, + lib, + pkgs, + ... +}: + +with lib; + +let + cfg = config.services.aerospace; + + format = pkgs.formats.toml { }; + configFile = format.generate "aerospace.toml" cfg.settings; +in + +{ + options = with types; { + services.aerospace = { + enable = mkEnableOption "AeroSpace window manager"; + + package = mkOption { + type = types.path; + default = pkgs.aerospace; + description = "The AeroSpace package to use."; + }; + + settings = mkOption { + type = submodule { + freeformType = format.type; + options = { + start-at-login = mkOption { + type = addCheck bool (b: !false || !cfg.enable); + default = false; + description = "Do not start AeroSpace at login. (Managed by launchd instead)"; + }; + after-login-command = mkOption { + type = addCheck (listOf str) (l: l == [ ] || !cfg.enable); + default = [ ]; + description = "Do not use AeroSpace to run commands after login. (Managed by launchd instead)"; + }; + after-startup-command = mkOption { + type = addCheck (listOf str) (l: l == [ ] || !cfg.enable); + default = [ ]; + description = "Do not use AeroSpace to run commands after startup. (Managed by launchd instead)"; + }; + enable-normalization-flatten-containers = mkOption { + type = bool; + default = true; + description = "Containers that have only one child are \"flattened\"."; + }; + enable-normalization-opposite-orientation-for-nested-containers = mkOption { + type = bool; + default = true; + description = "Containers that nest into each other must have opposite orientations."; + }; + accordion-padding = mkOption { + type = int; + default = 30; + description = "Padding between windows in an accordion container."; + }; + default-root-container-layout = mkOption { + type = enum [ + "tiles" + "accordion" + ]; + default = "tiles"; + description = "Default layout for the root container."; + }; + default-root-container-orientation = mkOption { + type = enum [ + "horizontal" + "vertical" + "auto" + ]; + default = "auto"; + description = "Default orientation for the root container."; + }; + on-window-detected = mkOption { + type = listOf str; + default = [ ]; + description = "Commands to run every time a new window is detected."; + }; + on-focus-changed = mkOption { + type = listOf str; + default = [ ]; + description = "Commands to run every time focused window or workspace changes."; + }; + on-focused-monitor-changed = mkOption { + type = listOf str; + default = [ "move-mouse monitor-lazy-center" ]; + description = "Commands to run every time focused monitor changes."; + }; + exec-on-workspace-change = mkOption { + type = listOf str; + default = [ ]; + example = [ + "/bin/bash" + "-c" + "sketchybar --trigger aerospace_workspace_change FOCUSED=$AEROSPACE_FOCUSED_WORKSPACE" + ]; + description = "Commands to run every time workspace changes."; + }; + key-mapping.preset = mkOption { + type = enum [ + "qwerty" + "dvorak" + ]; + default = "qwerty"; + description = "Keymapping preset."; + }; + }; + }; + default = { }; + example = literalExpression '' + { + gaps = { + outer.left = 8; + outer.bottom = 8; + outer.top = 8; + outer.right = 8; + }; + mode.main.binding = { + alt-h = "focus left"; + alt-j = "focus down"; + alt-k = "focus up"; + alt-l = "focus right"; + }; + } + ''; + description = '' + AeroSpace configuration, see + + for supported values. + ''; + }; + }; + }; + + config = mkMerge [ + (mkIf (cfg.enable) { + environment.systemPackages = [ cfg.package ]; + + launchd.user.agents.aerospace.serviceConfig = { + ProgramArguments = + [ "${cfg.package}/Applications/AeroSpace.app/Contents/MacOS/AeroSpace" ] + ++ optionals (cfg.settings != { }) [ + "--config-path" + "${configFile}" + ]; + KeepAlive = true; + RunAtLoad = true; + }; + }) + ]; +} -- cgit v1.2.3 From 7ebf95a73e3b54e0f9c48f50fde29e96257417ac Mon Sep 17 00:00:00 2001 From: Nick Hu Date: Thu, 17 Oct 2024 23:30:31 +0100 Subject: style fixes --- modules/services/aerospace/default.nix | 89 ++++++++++++++++++---------------- 1 file changed, 48 insertions(+), 41 deletions(-) (limited to 'modules/services') diff --git a/modules/services/aerospace/default.nix b/modules/services/aerospace/default.nix index efbe9a1..50d47b3 100644 --- a/modules/services/aerospace/default.nix +++ b/modules/services/aerospace/default.nix @@ -5,8 +5,6 @@ ... }: -with lib; - let cfg = config.services.aerospace; @@ -15,51 +13,47 @@ let in { - options = with types; { - services.aerospace = { - enable = mkEnableOption "AeroSpace window manager"; + options = { + services.aerospace = with lib.types; { + enable = lib.mkEnableOption "AeroSpace window manager"; - package = mkOption { - type = types.path; - default = pkgs.aerospace; - description = "The AeroSpace package to use."; - }; + package = lib.mkPackageOption pkgs "aerospace" { }; - settings = mkOption { + settings = lib.mkOption { type = submodule { freeformType = format.type; options = { - start-at-login = mkOption { - type = addCheck bool (b: !false || !cfg.enable); + start-at-login = lib.mkOption { + type = bool; default = false; description = "Do not start AeroSpace at login. (Managed by launchd instead)"; }; - after-login-command = mkOption { - type = addCheck (listOf str) (l: l == [ ] || !cfg.enable); + after-login-command = lib.mkOption { + type = listOf str; default = [ ]; description = "Do not use AeroSpace to run commands after login. (Managed by launchd instead)"; }; - after-startup-command = mkOption { - type = addCheck (listOf str) (l: l == [ ] || !cfg.enable); + after-startup-command = lib.mkOption { + type = listOf str; default = [ ]; description = "Do not use AeroSpace to run commands after startup. (Managed by launchd instead)"; }; - enable-normalization-flatten-containers = mkOption { + enable-normalization-flatten-containers = lib.mkOption { type = bool; default = true; description = "Containers that have only one child are \"flattened\"."; }; - enable-normalization-opposite-orientation-for-nested-containers = mkOption { + enable-normalization-opposite-orientation-for-nested-containers = lib.mkOption { type = bool; default = true; description = "Containers that nest into each other must have opposite orientations."; }; - accordion-padding = mkOption { + accordion-padding = lib.mkOption { type = int; default = 30; description = "Padding between windows in an accordion container."; }; - default-root-container-layout = mkOption { + default-root-container-layout = lib.mkOption { type = enum [ "tiles" "accordion" @@ -67,7 +61,7 @@ in default = "tiles"; description = "Default layout for the root container."; }; - default-root-container-orientation = mkOption { + default-root-container-orientation = lib.mkOption { type = enum [ "horizontal" "vertical" @@ -76,22 +70,22 @@ in default = "auto"; description = "Default orientation for the root container."; }; - on-window-detected = mkOption { + on-window-detected = lib.mkOption { type = listOf str; default = [ ]; description = "Commands to run every time a new window is detected."; }; - on-focus-changed = mkOption { + on-focus-changed = lib.mkOption { type = listOf str; default = [ ]; description = "Commands to run every time focused window or workspace changes."; }; - on-focused-monitor-changed = mkOption { + on-focused-monitor-changed = lib.mkOption { type = listOf str; default = [ "move-mouse monitor-lazy-center" ]; description = "Commands to run every time focused monitor changes."; }; - exec-on-workspace-change = mkOption { + exec-on-workspace-change = lib.mkOption { type = listOf str; default = [ ]; example = [ @@ -101,7 +95,7 @@ in ]; description = "Commands to run every time workspace changes."; }; - key-mapping.preset = mkOption { + key-mapping.preset = lib.mkOption { type = enum [ "qwerty" "dvorak" @@ -112,7 +106,7 @@ in }; }; default = { }; - example = literalExpression '' + example = lib.literalExpression '' { gaps = { outer.left = 8; @@ -137,20 +131,33 @@ in }; }; - config = mkMerge [ - (mkIf (cfg.enable) { + config = ( + lib.mkIf (cfg.enable) { + assertions = [ + { + assertion = !cfg.settings.start-at-login; + message = "AeroSpace started at login is managed by home-manager and launchd instead of itself via this option."; + } + { + assertion = cfg.settings.after-login-command == [ ]; + message = "AeroSpace will not run these commands as it does not start itself."; + } + { + assertion = cfg.settings.after-startup-command == [ ]; + message = "AeroSpace will not run these commands as it does not start itself."; + } + ]; environment.systemPackages = [ cfg.package ]; - launchd.user.agents.aerospace.serviceConfig = { - ProgramArguments = - [ "${cfg.package}/Applications/AeroSpace.app/Contents/MacOS/AeroSpace" ] - ++ optionals (cfg.settings != { }) [ - "--config-path" - "${configFile}" - ]; - KeepAlive = true; - RunAtLoad = true; + launchd.user.agents.aerospace = { + command = + "${cfg.package}/Applications/AeroSpace.app/Contents/MacOS/AeroSpace" + + (lib.optionalString (cfg.settings != { }) " --config-path ${configFile}"); + serviceConfig = { + KeepAlive = true; + RunAtLoad = true; + }; }; - }) - ]; + } + ); } -- cgit v1.2.3 From 445c6bfc65b4f9df882d6bb089d46014204f8523 Mon Sep 17 00:00:00 2001 From: Ihar Hrachyshka Date: Sat, 26 Oct 2024 12:08:45 -0400 Subject: Add keepalive flag for emacs service --- modules/services/emacs.nix | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'modules/services') diff --git a/modules/services/emacs.nix b/modules/services/emacs.nix index 4b9a3cb..ec98950 100644 --- a/modules/services/emacs.nix +++ b/modules/services/emacs.nix @@ -44,9 +44,11 @@ in { launchd.user.agents.emacs = { path = cfg.additionalPath ++ [ config.environment.systemPath ]; - serviceConfig.ProgramArguments = - [ "${cfg.package}/bin/${cfg.exec}" "--fg-daemon" ]; - serviceConfig.RunAtLoad = true; + serviceConfig = { + ProgramArguments = [ "${cfg.package}/bin/${cfg.exec}" "--fg-daemon" ]; + RunAtLoad = true; + KeepAlive = true; + }; }; }; -- cgit v1.2.3 From 6c8d45fb20c40a8ccc73130d026d487b887a3de4 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Mon, 28 Oct 2024 04:10:45 +0100 Subject: module: add prometheus-node-exporter service --- .../monitoring/prometheus-node-exporter.nix | 117 +++++++++++++++++++++ 1 file changed, 117 insertions(+) create mode 100644 modules/services/monitoring/prometheus-node-exporter.nix (limited to 'modules/services') diff --git a/modules/services/monitoring/prometheus-node-exporter.nix b/modules/services/monitoring/prometheus-node-exporter.nix new file mode 100644 index 0000000..752dc0f --- /dev/null +++ b/modules/services/monitoring/prometheus-node-exporter.nix @@ -0,0 +1,117 @@ +{ + config, + lib, + pkgs, + ... +}: + +let + inherit (lib) + concatStringsSep + escapeShellArgs + getExe + mkEnableOption + mkIf + mkOption + mkPackageOption + mkRemovedOptionModule + types + ; + + cfg = config.services.prometheus.exporters.node; +in { + imports = [ + (mkRemovedOptionModule [ "services" "prometheus" "exporters" "node" "openFirewall" ] "No nix-darwin equivalent to this NixOS option.") + (mkRemovedOptionModule [ "services" "prometheus" "exporters" "node" "firewallFilter" ] "No nix-darwin equivalent to this NixOS option.") + (mkRemovedOptionModule [ "services" "prometheus" "exporters" "node" "firewallRules" ] "No nix-darwin equivalent to this NixOS option.") + ]; + + options = { + services.prometheus.exporters.node = { + enable = mkEnableOption "Prometheus Node exporter"; + + package = mkPackageOption pkgs "prometheus-node-exporter" { }; + + listenAddress = mkOption { + type = types.str; + default = ""; + example = "0.0.0.0"; + description = '' + Address where Node exporter exposes its HTTP interface. Leave empty to bind to all addresses. + ''; + }; + + port = mkOption { + type = types.port; + default = 9100; + description = '' + Port where the Node exporter exposes its HTTP interface. + ''; + }; + + extraFlags = mkOption { + type = types.listOf types.str; + default = [ ]; + example = [ "--log.level=debug" ]; + description = '' + Extra commandline options to pass to the Node exporter executable. + ''; + }; + + enabledCollectors = mkOption { + type = types.listOf types.str; + default = [ ]; + description = '' + Collectors to enable in addition to the ones that are [enabled by default](https://github.com/prometheus/node_exporter#enabled-by-default). + ''; + }; + + disabledCollectors = mkOption { + type = types.listOf types.str; + default = [ ]; + example = [ "boottime" ]; + description = '' + Collectors to disable from the list of collectors that are [enabled by default](https://github.com/prometheus/node_exporter#enabled-by-default). + ''; + }; + }; + }; + + config = mkIf cfg.enable { + users.users._prometheus-node-exporter = { + uid = config.ids.uids._prometheus-node-exporter; + gid = config.ids.gids._prometheus-node-exporter; + home = "/var/empty"; + shell = "/usr/bin/false"; + description = "System user for the Prometheus Node exporter"; + }; + + users.groups._prometheus-node-exporter = { + gid = config.ids.gids._prometheus-node-exporter; + description = "System group for the Prometheus Node exporter"; + }; + + users.knownGroups = [ "_prometheus-node-exporter" ]; + users.knownUsers = [ "_prometheus-node-exporter" ]; + + launchd.daemons.prometheus-node-exporter = { + script = concatStringsSep " " + ([ + (getExe cfg.package) + "--web.listen-address" + "${cfg.listenAddress}:${toString cfg.port}" + ] + ++ (map (collector: "--collector.${collector}") cfg.enabledCollectors) + ++ (map (collector: "--no-collector.${collector}") cfg.disabledCollectors) + ) + escapeShellArgs cfg.extraFlags; + serviceConfig = { + KeepAlive = true; + RunAtLoad = true; + StandardErrorPath = "/var/log/prometheus-node-exporter.log"; + StandardOutPath = "/var/log/prometheus-node-exporter.log"; + GroupName = "_prometheus-node-exporter"; + UserName = "_prometheus-node-exporter"; + }; + }; + }; +} -- cgit v1.2.3 From 331fd8d3b596999e731ede69a8cbf6524968d936 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Beno=C3=AEt=20de=20Chezelles?= Date: Thu, 31 Oct 2024 16:51:05 +0100 Subject: karabiner-elements: allow use of custom package --- modules/services/karabiner-elements/default.nix | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) (limited to 'modules/services') diff --git a/modules/services/karabiner-elements/default.nix b/modules/services/karabiner-elements/default.nix index 2764505..8be2ddf 100644 --- a/modules/services/karabiner-elements/default.nix +++ b/modules/services/karabiner-elements/default.nix @@ -9,18 +9,19 @@ let in { - options = { - services.karabiner-elements.enable = mkEnableOption "Karabiner-Elements"; + options.services.karabiner-elements = { + enable = mkEnableOption "Karabiner-Elements"; + package = mkPackageOption pkgs "karabiner-elements" { }; }; config = mkIf cfg.enable { - environment.systemPackages = [ pkgs.karabiner-elements ]; + environment.systemPackages = [ cfg.package ]; system.activationScripts.preActivation.text = '' rm -rf ${parentAppDir} mkdir -p ${parentAppDir} # Kernel extensions must reside inside of /Applications, they cannot be symlinks - cp -r ${pkgs.karabiner-elements.driver}/Applications/.Karabiner-VirtualHIDDevice-Manager.app ${parentAppDir} + cp -r ${cfg.package.driver}/Applications/.Karabiner-VirtualHIDDevice-Manager.app ${parentAppDir} ''; system.activationScripts.postActivation.text = '' @@ -49,7 +50,7 @@ in launchd.daemons.karabiner_grabber = { serviceConfig.ProgramArguments = [ - "${pkgs.karabiner-elements}/Library/Application Support/org.pqrs/Karabiner-Elements/bin/karabiner_grabber" + "${cfg.package}/Library/Application Support/org.pqrs/Karabiner-Elements/bin/karabiner_grabber" ]; serviceConfig.ProcessType = "Interactive"; serviceConfig.Label = "org.pqrs.karabiner.karabiner_grabber"; @@ -60,7 +61,7 @@ in launchd.daemons.karabiner_observer = { serviceConfig.ProgramArguments = [ - "${pkgs.karabiner-elements}/Library/Application Support/org.pqrs/Karabiner-Elements/bin/karabiner_observer" + "${cfg.package}/Library/Application Support/org.pqrs/Karabiner-Elements/bin/karabiner_observer" ]; serviceConfig.Label = "org.pqrs.karabiner.karabiner_observer"; @@ -70,7 +71,7 @@ in }; launchd.daemons.Karabiner-DriverKit-VirtualHIDDeviceClient = { - command = "\"${pkgs.karabiner-elements.driver}/Library/Application Support/org.pqrs/Karabiner-DriverKit-VirtualHIDDevice/Applications/Karabiner-DriverKit-VirtualHIDDeviceClient.app/Contents/MacOS/Karabiner-DriverKit-VirtualHIDDeviceClient\""; + command = "\"${cfg.package.driver}/Library/Application Support/org.pqrs/Karabiner-DriverKit-VirtualHIDDevice/Applications/Karabiner-DriverKit-VirtualHIDDeviceClient.app/Contents/MacOS/Karabiner-DriverKit-VirtualHIDDeviceClient\""; serviceConfig.ProcessType = "Interactive"; serviceConfig.Label = "org.pqrs.Karabiner-DriverKit-VirtualHIDDeviceClient"; serviceConfig.KeepAlive = true; @@ -91,7 +92,7 @@ in script = '' rm -rf /run/wrappers mkdir -p /run/wrappers/bin - install -m4555 "${pkgs.karabiner-elements}/Library/Application Support/org.pqrs/Karabiner-Elements/bin/karabiner_session_monitor" /run/wrappers/bin + install -m4555 "${cfg.package}/Library/Application Support/org.pqrs/Karabiner-Elements/bin/karabiner_session_monitor" /run/wrappers/bin ''; serviceConfig.RunAtLoad = true; serviceConfig.KeepAlive.SuccessfulExit = false; @@ -106,8 +107,8 @@ in serviceConfig.KeepAlive = true; }; - environment.userLaunchAgents."org.pqrs.karabiner.agent.karabiner_grabber.plist".source = "${pkgs.karabiner-elements}/Library/LaunchAgents/org.pqrs.karabiner.agent.karabiner_grabber.plist"; - environment.userLaunchAgents."org.pqrs.karabiner.agent.karabiner_observer.plist".source = "${pkgs.karabiner-elements}/Library/LaunchAgents/org.pqrs.karabiner.agent.karabiner_observer.plist"; - environment.userLaunchAgents."org.pqrs.karabiner.karabiner_console_user_server.plist".source = "${pkgs.karabiner-elements}/Library/LaunchAgents/org.pqrs.karabiner.karabiner_console_user_server.plist"; + environment.userLaunchAgents."org.pqrs.karabiner.agent.karabiner_grabber.plist".source = "${cfg.package}/Library/LaunchAgents/org.pqrs.karabiner.agent.karabiner_grabber.plist"; + environment.userLaunchAgents."org.pqrs.karabiner.agent.karabiner_observer.plist".source = "${cfg.package}/Library/LaunchAgents/org.pqrs.karabiner.agent.karabiner_observer.plist"; + environment.userLaunchAgents."org.pqrs.karabiner.karabiner_console_user_server.plist".source = "${cfg.package}/Library/LaunchAgents/org.pqrs.karabiner.karabiner_console_user_server.plist"; }; } -- cgit v1.2.3 From 84d14d404325380ec180f580332e8e85df232d06 Mon Sep 17 00:00:00 2001 From: Emily Date: Tue, 5 Nov 2024 02:59:00 +0000 Subject: prometheus-node-exporter: fix log permissions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The daemon won’t start as the assigned user doesn’t have permissions to create the log file. --- modules/services/monitoring/prometheus-node-exporter.nix | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'modules/services') diff --git a/modules/services/monitoring/prometheus-node-exporter.nix b/modules/services/monitoring/prometheus-node-exporter.nix index 752dc0f..7f58055 100644 --- a/modules/services/monitoring/prometheus-node-exporter.nix +++ b/modules/services/monitoring/prometheus-node-exporter.nix @@ -81,7 +81,8 @@ in { users.users._prometheus-node-exporter = { uid = config.ids.uids._prometheus-node-exporter; gid = config.ids.gids._prometheus-node-exporter; - home = "/var/empty"; + home = "/var/lib/prometheus-node-exporter"; + createHome = true; shell = "/usr/bin/false"; description = "System user for the Prometheus Node exporter"; }; @@ -104,11 +105,14 @@ in { ++ (map (collector: "--collector.${collector}") cfg.enabledCollectors) ++ (map (collector: "--no-collector.${collector}") cfg.disabledCollectors) ) + escapeShellArgs cfg.extraFlags; - serviceConfig = { + serviceConfig = let + logPath = config.users.users._prometheus-node-exporter.home + + "/prometheus-node-exporter.log"; + in { KeepAlive = true; RunAtLoad = true; - StandardErrorPath = "/var/log/prometheus-node-exporter.log"; - StandardOutPath = "/var/log/prometheus-node-exporter.log"; + StandardErrorPath = logPath; + StandardOutPath = logPath; GroupName = "_prometheus-node-exporter"; UserName = "_prometheus-node-exporter"; }; -- cgit v1.2.3 From 569153467be5f438e4f932a09bfba79adcecf856 Mon Sep 17 00:00:00 2001 From: Michael Hoang Date: Mon, 4 Nov 2024 14:00:05 +1100 Subject: ofborg: automatically add `ofborg` to `known{Users,Groups}` --- modules/services/ofborg/default.nix | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) (limited to 'modules/services') diff --git a/modules/services/ofborg/default.nix b/modules/services/ofborg/default.nix index 4c35615..8959cc8 100644 --- a/modules/services/ofborg/default.nix +++ b/modules/services/ofborg/default.nix @@ -46,12 +46,6 @@ in }; config = mkIf cfg.enable { - - assertions = [ - { assertion = elem "ofborg" config.users.knownGroups; message = "set users.knownGroups to enable ofborg group"; } - { assertion = elem "ofborg" config.users.knownUsers; message = "set users.knownUsers to enable ofborg user"; } - ]; - warnings = mkIf (isDerivation cfg.configFile) [ "services.ofborg.configFile is a derivation, credentials will be world readable" ]; @@ -87,9 +81,13 @@ in users.users.ofborg.shell = "/bin/bash"; users.users.ofborg.description = "OfBorg service user"; + users.knownUsers = [ "ofborg" ]; + users.groups.ofborg.gid = mkDefault 531; users.groups.ofborg.description = "Nix group for OfBorg service"; + users.knownGroups = [ "ofborg" ]; + # FIXME: create logfiles automatically if defined. system.activationScripts.preActivation.text = '' mkdir -p '${user.home}' -- cgit v1.2.3 From 3b738c765de1bb4ecc4993fa092b27dd46d495ed Mon Sep 17 00:00:00 2001 From: Michael Hoang Date: Sun, 3 Nov 2024 20:30:48 +1100 Subject: github-runner: replace `mkdir -p -m` with `umask` `mkdir -p -m` only applies the mode on the deepest directory which could be a security issue so we use umask to be more careful. --- modules/services/github-runner/service.nix | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) (limited to 'modules/services') diff --git a/modules/services/github-runner/service.nix b/modules/services/github-runner/service.nix index 175b22d..c273f43 100644 --- a/modules/services/github-runner/service.nix +++ b/modules/services/github-runner/service.nix @@ -48,14 +48,20 @@ in text = mkBefore ('' echo >&2 "setting up GitHub Runner '${cfg.name}'..." - ${pkgs.coreutils}/bin/mkdir -p -m 0750 ${escapeShellArg (mkStateDir cfg)} - ${pkgs.coreutils}/bin/chown ${user}:${group} ${escapeShellArg (mkStateDir cfg)} - - ${pkgs.coreutils}/bin/mkdir -p -m 0750 ${escapeShellArg (mkLogDir cfg)} - ${pkgs.coreutils}/bin/chown ${user}:${group} ${escapeShellArg (mkLogDir cfg)} - '' + optionalString (cfg.workDir == null) '' - ${pkgs.coreutils}/bin/mkdir -p -m 0750 ${escapeShellArg (mkWorkDir cfg)} - ${pkgs.coreutils}/bin/chown ${user}:${group} ${escapeShellArg (mkWorkDir cfg)} + ( + umask -S u=rwx,g=rx,o= + + ${pkgs.coreutils}/bin/mkdir -p ${escapeShellArg (mkStateDir cfg)} + ${pkgs.coreutils}/bin/chown ${user}:${group} ${escapeShellArg (mkStateDir cfg)} + + ${pkgs.coreutils}/bin/mkdir -p ${escapeShellArg (mkLogDir cfg)} + ${pkgs.coreutils}/bin/chown ${user}:${group} ${escapeShellArg (mkLogDir cfg)} + + ${optionalString (cfg.workDir == null) '' + ${pkgs.coreutils}/bin/mkdir -p ${escapeShellArg (mkWorkDir cfg)} + ${pkgs.coreutils}/bin/chown ${user}:${group} ${escapeShellArg (mkWorkDir cfg)} + ''} + ) ''); }; })); -- cgit v1.2.3 From 79608947e27163a2e74b1bec0812ce7a942cbdb8 Mon Sep 17 00:00:00 2001 From: Michael Hoang Date: Sun, 3 Nov 2024 20:30:48 +1100 Subject: buildkit-agents: don't use `mkdir -p -m` As `cfg.dataDir` will be the `home` of the Buildkite Agent user, it is guaranted to exist so we don't need to use the `-p` flag. --- modules/services/buildkite-agents.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules/services') diff --git a/modules/services/buildkite-agents.nix b/modules/services/buildkite-agents.nix index 4888247..69bc1f6 100644 --- a/modules/services/buildkite-agents.nix +++ b/modules/services/buildkite-agents.nix @@ -237,7 +237,7 @@ in tagStr = lib.concatStringsSep "," (lib.mapAttrsToList (name: value: "${name}=${value}") cfg.tags); in optionalString (cfg.privateSshKeyPath != null) '' - mkdir -m 0700 -p "${sshDir}" + mkdir -m 0700 "${sshDir}" install -m600 "${toString cfg.privateSshKeyPath}" "${sshDir}/id_rsa" '' + '' cat > "${cfg.dataDir}/buildkite-agent.cfg" < Date: Mon, 4 Nov 2024 18:31:38 +0100 Subject: github-runner: Fix labels for different nixpkgs versions Changes to escapeShellArg introduced in https://github.com/NixOS/nixpkgs/pull/333744 made different versions of nixpkgs behave differently. If current nix-darwin is used with nixpkgs before that change, labels end up having labels quoted twice (see https://github.com/LnL7/nix-darwin/issues/1085), but without changes from https://github.com/LnL7/nix-darwin/pull/1055, with new nixpkgs, labels end up not quoted at all, and ShellCheck ends up complaining that commas might have been used as array item separator (see https://www.shellcheck.net/wiki/SC2054). Use the old version of escapeShellArg to always escape the list of labels and make nix-darwin work with both old and new versions of nixpkgs. Fixes https://github.com/LnL7/nix-darwin/issues/1085 --- modules/services/github-runner/service.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'modules/services') diff --git a/modules/services/github-runner/service.nix b/modules/services/github-runner/service.nix index c273f43..5d73633 100644 --- a/modules/services/github-runner/service.nix +++ b/modules/services/github-runner/service.nix @@ -94,6 +94,10 @@ in script = let + # https://github.com/NixOS/nixpkgs/pull/333744 introduced an inconsistency with different + # versions of nixpkgs. Use the old version of escapeShellArg to make sure that labels + # are always escaped to avoid https://www.shellcheck.net/wiki/SC2054 + escapeShellArgAlways = string: "'${replaceStrings ["'"] ["'\\''"] (toString string)}'"; configure = pkgs.writeShellApplication { name = "configure-github-runner-${name}"; text = /*bash*/'' @@ -104,7 +108,7 @@ in --disableupdate --work ${escapeShellArg workDir} --url ${escapeShellArg cfg.url} - --labels "${escapeShellArg (concatStringsSep "," cfg.extraLabels)}" + --labels ${escapeShellArgAlways (concatStringsSep "," cfg.extraLabels)} ${optionalString (cfg.name != null ) "--name ${escapeShellArg cfg.name}"} ${optionalString cfg.replace "--replace"} ${optionalString (cfg.runnerGroup != null) "--runnergroup ${escapeShellArg cfg.runnerGroup}"} -- cgit v1.2.3 From dae702993d18c608f07e9d320ccba816e9bce064 Mon Sep 17 00:00:00 2001 From: Michael Hoang Date: Fri, 15 Nov 2024 14:03:43 +1100 Subject: activate-system: remove `enable` option Disabling this is not supported as `/run` gets cleared out on every reboot so it is necessary for ensuring that the `/run/current-system` symlink exists. --- modules/services/activate-system/default.nix | 20 ++++---------------- 1 file changed, 4 insertions(+), 16 deletions(-) (limited to 'modules/services') diff --git a/modules/services/activate-system/default.nix b/modules/services/activate-system/default.nix index c41d963..6a982fe 100644 --- a/modules/services/activate-system/default.nix +++ b/modules/services/activate-system/default.nix @@ -1,22 +1,11 @@ { config, lib, pkgs, ... }: -with lib; - -let - cfg = config.services.activate-system; -in - { - options = { - services.activate-system.enable = mkOption { - type = types.bool; - default = true; - description = "Whether to activate system at boot time."; - }; - }; - - config = mkIf cfg.enable { + imports = [ + (lib.mkRemovedOptionModule [ "services" "activate-system" "enable" ] "The `activate-system` service is now always enabled as it is necessary for a working `nix-darwin` setup.") + ]; + config = { launchd.daemons.activate-system = { script = '' set -e @@ -41,6 +30,5 @@ in serviceConfig.RunAtLoad = true; serviceConfig.KeepAlive.SuccessfulExit = false; }; - }; } -- cgit v1.2.3 From d2498644fd84360e46ad90de3029066ad441e15a Mon Sep 17 00:00:00 2001 From: Michael Hoang Date: Mon, 11 Nov 2024 19:56:15 +1100 Subject: nix-daemon: remove `with lib;` --- modules/services/nix-daemon.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'modules/services') diff --git a/modules/services/nix-daemon.nix b/modules/services/nix-daemon.nix index 6718ac0..6f93131 100644 --- a/modules/services/nix-daemon.nix +++ b/modules/services/nix-daemon.nix @@ -1,9 +1,9 @@ -{ config, lib, pkgs, ... }: - -with lib; +{ config, lib, ... }: let cfg = config.services.nix-daemon; + + inherit (lib) mkDefault mkIf mkMerge mkOption types; in { -- cgit v1.2.3 From 698414e4091d919cc1b3af622f29bd594d3c21c3 Mon Sep 17 00:00:00 2001 From: Michael Hoang Date: Mon, 11 Nov 2024 19:56:15 +1100 Subject: nix-daemon: enable by default Single user installs have been unsupported by the official Nix installer since 2.4. --- modules/services/nix-daemon.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules/services') diff --git a/modules/services/nix-daemon.nix b/modules/services/nix-daemon.nix index 6f93131..ffc7e65 100644 --- a/modules/services/nix-daemon.nix +++ b/modules/services/nix-daemon.nix @@ -10,7 +10,7 @@ in options = { services.nix-daemon.enable = mkOption { type = types.bool; - default = false; + default = true; description = "Whether to enable the nix-daemon service."; }; -- cgit v1.2.3 From caa23e878f7f6fecb978bb91c1d208bf94a62c43 Mon Sep 17 00:00:00 2001 From: Michael Hoang Date: Fri, 22 Nov 2024 11:18:17 +1100 Subject: github-runner: make `umask` quiet --- modules/services/github-runner/service.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules/services') diff --git a/modules/services/github-runner/service.nix b/modules/services/github-runner/service.nix index 5d73633..21d908e 100644 --- a/modules/services/github-runner/service.nix +++ b/modules/services/github-runner/service.nix @@ -49,7 +49,7 @@ in echo >&2 "setting up GitHub Runner '${cfg.name}'..." ( - umask -S u=rwx,g=rx,o= + umask -S u=rwx,g=rx,o= > /dev/null ${pkgs.coreutils}/bin/mkdir -p ${escapeShellArg (mkStateDir cfg)} ${pkgs.coreutils}/bin/chown ${user}:${group} ${escapeShellArg (mkStateDir cfg)} -- cgit v1.2.3 From 9a5955601847c728ffb98e70b89a359390b24d28 Mon Sep 17 00:00:00 2001 From: z0al <12673605+z0al@users.noreply.github.com> Date: Wed, 4 Dec 2024 19:03:03 +0000 Subject: fix(aerospace): allow startup commands --- modules/services/aerospace/default.nix | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) (limited to 'modules/services') diff --git a/modules/services/aerospace/default.nix b/modules/services/aerospace/default.nix index 50d47b3..531e7b2 100644 --- a/modules/services/aerospace/default.nix +++ b/modules/services/aerospace/default.nix @@ -36,7 +36,8 @@ in after-startup-command = lib.mkOption { type = listOf str; default = [ ]; - description = "Do not use AeroSpace to run commands after startup. (Managed by launchd instead)"; + description = "Add commands that run after AeroSpace startup"; + example = [ "layout tiles" ]; }; enable-normalization-flatten-containers = lib.mkOption { type = bool; @@ -142,10 +143,6 @@ in assertion = cfg.settings.after-login-command == [ ]; message = "AeroSpace will not run these commands as it does not start itself."; } - { - assertion = cfg.settings.after-startup-command == [ ]; - message = "AeroSpace will not run these commands as it does not start itself."; - } ]; environment.systemPackages = [ cfg.package ]; -- cgit v1.2.3 From d8255f09da39e603e710149dc87a5f3eaa4ff049 Mon Sep 17 00:00:00 2001 From: Michael Hoang Date: Sat, 7 Dec 2024 12:53:16 +1100 Subject: github-runner: remove `with lib;` --- modules/services/github-runner/options.nix | 4 +++- modules/services/github-runner/service.nix | 6 +++++- 2 files changed, 8 insertions(+), 2 deletions(-) (limited to 'modules/services') diff --git a/modules/services/github-runner/options.nix b/modules/services/github-runner/options.nix index 8f98aa0..7508434 100644 --- a/modules/services/github-runner/options.nix +++ b/modules/services/github-runner/options.nix @@ -3,7 +3,9 @@ , ... }: -with lib; +let + inherit (lib) literalExpression mkOption mkPackageOption types; +in { options.services.github-runners = mkOption { description = '' diff --git a/modules/services/github-runner/service.nix b/modules/services/github-runner/service.nix index 21d908e..7360a34 100644 --- a/modules/services/github-runner/service.nix +++ b/modules/services/github-runner/service.nix @@ -1,6 +1,10 @@ { config, lib, pkgs, ... }: -with lib; + let + inherit (lib) any attrValues boolToString concatStringsSep escapeShellArg + flatten flip getExe hasAttr hasPrefix mapAttrsToList mapAttrs' mkBefore + mkDefault mkIf mkMerge nameValuePair optionalAttrs optionalString replaceStrings; + mkSvcName = name: "github-runner-${name}"; mkStateDir = cfg: "/var/lib/github-runners/${cfg.name}"; mkLogDir = cfg: "/var/log/github-runners/${cfg.name}"; -- cgit v1.2.3 From 06e1d770687a832a13aa23f37cdebeadc3af89b8 Mon Sep 17 00:00:00 2001 From: Michael Hoang Date: Sat, 7 Dec 2024 13:00:54 +1100 Subject: github-runner: use `lib.getExe{,'}` --- modules/services/github-runner/service.nix | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) (limited to 'modules/services') diff --git a/modules/services/github-runner/service.nix b/modules/services/github-runner/service.nix index 7360a34..2c2411d 100644 --- a/modules/services/github-runner/service.nix +++ b/modules/services/github-runner/service.nix @@ -2,7 +2,7 @@ let inherit (lib) any attrValues boolToString concatStringsSep escapeShellArg - flatten flip getExe hasAttr hasPrefix mapAttrsToList mapAttrs' mkBefore + flatten flip getExe getExe' hasAttr hasPrefix mapAttrsToList mapAttrs' mkBefore mkDefault mkIf mkMerge nameValuePair optionalAttrs optionalString replaceStrings; mkSvcName = name: "github-runner-${name}"; @@ -55,15 +55,15 @@ in ( umask -S u=rwx,g=rx,o= > /dev/null - ${pkgs.coreutils}/bin/mkdir -p ${escapeShellArg (mkStateDir cfg)} - ${pkgs.coreutils}/bin/chown ${user}:${group} ${escapeShellArg (mkStateDir cfg)} + ${getExe' pkgs.coreutils "mkdir"} -p ${escapeShellArg (mkStateDir cfg)} + ${getExe' pkgs.coreutils "chown"} ${user}:${group} ${escapeShellArg (mkStateDir cfg)} - ${pkgs.coreutils}/bin/mkdir -p ${escapeShellArg (mkLogDir cfg)} - ${pkgs.coreutils}/bin/chown ${user}:${group} ${escapeShellArg (mkLogDir cfg)} + ${getExe' pkgs.coreutils "mkdir"} -p ${escapeShellArg (mkLogDir cfg)} + ${getExe' pkgs.coreutils "chown"} ${user}:${group} ${escapeShellArg (mkLogDir cfg)} ${optionalString (cfg.workDir == null) '' - ${pkgs.coreutils}/bin/mkdir -p ${escapeShellArg (mkWorkDir cfg)} - ${pkgs.coreutils}/bin/chown ${user}:${group} ${escapeShellArg (mkWorkDir cfg)} + ${getExe' pkgs.coreutils "mkdir"} -p ${escapeShellArg (mkWorkDir cfg)} + ${getExe' pkgs.coreutils "chown"} ${user}:${group} ${escapeShellArg (mkWorkDir cfg)} ''} ) ''); @@ -127,7 +127,7 @@ in else args+=(--token "$token") fi - ${package}/bin/config.sh "''${args[@]}" + ${getExe' package "config.sh"} "''${args[@]}" ''; }; in @@ -135,12 +135,12 @@ in echo "Configuring GitHub Actions Runner" # Always clean the working directory - ${pkgs.findutils}/bin/find ${escapeShellArg workDir} -mindepth 1 -delete + ${getExe pkgs.findutils} ${escapeShellArg workDir} -mindepth 1 -delete # Clean the $RUNNER_ROOT if we are in ephemeral mode if ${boolToString cfg.ephemeral}; then echo "Cleaning $RUNNER_ROOT" - ${pkgs.findutils}/bin/find "$RUNNER_ROOT" -mindepth 1 -delete + ${getExe pkgs.findutils} "$RUNNER_ROOT" -mindepth 1 -delete fi # If the `.runner` file does not exist, we assume the runner is not configured @@ -149,7 +149,7 @@ in fi # Start the service - ${package}/bin/Runner.Listener run --startuptype service + ${getExe' package "Runner.Listener"} run --startuptype service ''; serviceConfig = mkMerge [ -- cgit v1.2.3 From 22cde06f497b97cbab4186292f9fd82487bbfecc Mon Sep 17 00:00:00 2001 From: Michael Hoang Date: Sat, 7 Dec 2024 13:06:10 +1100 Subject: github-runner: fix service not starting --- modules/services/github-runner/service.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'modules/services') diff --git a/modules/services/github-runner/service.nix b/modules/services/github-runner/service.nix index 2c2411d..029f863 100644 --- a/modules/services/github-runner/service.nix +++ b/modules/services/github-runner/service.nix @@ -59,6 +59,8 @@ in ${getExe' pkgs.coreutils "chown"} ${user}:${group} ${escapeShellArg (mkStateDir cfg)} ${getExe' pkgs.coreutils "mkdir"} -p ${escapeShellArg (mkLogDir cfg)} + # launchd will fail to start the service if the outer direction doesn't have sufficient permissions + ${getExe' pkgs.coreutils "chmod"} o+rx ${escapeShellArg (mkLogDir { name = ""; })} ${getExe' pkgs.coreutils "chown"} ${user}:${group} ${escapeShellArg (mkLogDir cfg)} ${optionalString (cfg.workDir == null) '' -- cgit v1.2.3 From 8752b6ae3c0d6b44ca4ef28e50503f8efcec0096 Mon Sep 17 00:00:00 2001 From: Michael Hoang Date: Sat, 7 Dec 2024 13:08:04 +1100 Subject: github-runner: add instructions for triggering a runner registration --- modules/services/github-runner/options.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'modules/services') diff --git a/modules/services/github-runner/options.nix b/modules/services/github-runner/options.nix index 7508434..5152cc4 100644 --- a/modules/services/github-runner/options.nix +++ b/modules/services/github-runner/options.nix @@ -90,6 +90,9 @@ in Changing this option or the `tokenFile`’s content triggers a new runner registration. + You can also manually trigger a new runner registration by deleting + {file}`/var/lib/github-runners//.runner` and restarting the service. + We suggest using the fine-grained PATs. A runner registration token is valid only for 1 hour after creation, so the next time the runner configuration changes this will give you hard-to-debug HTTP 404 errors in the configure step. -- cgit v1.2.3 From aefd56bb562b26ae799e261b1ead27682bf0d8ff Mon Sep 17 00:00:00 2001 From: thuvasooriya Date: Mon, 2 Dec 2024 07:06:09 +0530 Subject: aerospace: add workspace-to-monitor-force-assignment option and fix on-window-detected type #1208 trying to fix #1142 testing requested changes adding workspace to monitor force assignment remove formatting tests pass proper tests undo formatting tests for on-window-detected and workspace-to-monitor-force-assignment testing submodules cleanup n if fiz checking final toml null field aerospace callback issue custom null filter for submodule list check for no presense of window-regex and if.workspace config check aerospace: add workspace-to-monitor-force-assignment option and fix on-window-detected type #1208 trying to fix #1142 testing requested changes adding workspace to monitor force assignment remove formatting tests pass proper tests undo formatting tests for on-window-detected and workspace-to-monitor-force-assignment testing submodules cleanup n if fiz checking final toml null field aerospace callback issue custom null filter for submodule list check for no presense of window-regex and if.workspace config check error formatting mishap space left small fix formatting mishaps --- modules/services/aerospace/default.nix | 105 ++++++++++++++++++++++++++++++++- 1 file changed, 102 insertions(+), 3 deletions(-) (limited to 'modules/services') diff --git a/modules/services/aerospace/default.nix b/modules/services/aerospace/default.nix index 531e7b2..3080579 100644 --- a/modules/services/aerospace/default.nix +++ b/modules/services/aerospace/default.nix @@ -9,7 +9,31 @@ let cfg = config.services.aerospace; format = pkgs.formats.toml { }; - configFile = format.generate "aerospace.toml" cfg.settings; + filterAttrsRecursive = pred: set: + lib.listToAttrs ( + lib.concatMap ( + name: let + v = set.${name}; + in + if pred v + then [ + (lib.nameValuePair name ( + if lib.isAttrs v + then filterAttrsRecursive pred v + else if lib.isList v + then + (map (i: + if lib.isAttrs i + then filterAttrsRecursive pred i + else i) (lib.filter pred v)) + else v + )) + ] + else [] + ) (lib.attrNames set) + ); + filterNulls = filterAttrsRecursive (v: v != null); + configFile = format.generate "aerospace.toml" (filterNulls cfg.settings); in { @@ -72,9 +96,84 @@ in description = "Default orientation for the root container."; }; on-window-detected = lib.mkOption { - type = listOf str; + type = listOf (submodule { + options = { + "if" = lib.mkOption { + type = submodule { + options = { + app-id = lib.mkOption { + type = nullOr str; + default = null; + description = "The application ID to match (optional)."; + }; + workspace = lib.mkOption { + type = nullOr str; + default = null; + description = "The workspace name to match (optional)."; + }; + window-title-regex-substring = lib.mkOption { + type = nullOr str; + default = null; + description = "Substring to match in the window title (optional)."; + }; + app-name-regex-substring = lib.mkOption { + type = nullOr str; + default = null; + description = "Regex substring to match the app name (optional)."; + }; + during-aerospace-startup = lib.mkOption { + type = nullOr bool; + default = null; + description = "Whether to match during aerospace startup (optional)."; + }; + }; + }; + default = { }; + description = "Conditions for detecting a window."; + }; + check-further-callbacks = lib.mkOption { + type = nullOr bool; + default = null; + description = "Whether to check further callbacks after this rule (optional)."; + }; + run = lib.mkOption { + type = oneOf [str (listOf str)]; + example = ["move-node-to-workspace m" "resize-node"]; + description = "Commands to execute when the conditions match (required)."; + }; + }; + }); default = [ ]; - description = "Commands to run every time a new window is detected."; + example = [ + { + "if" = { + app-id = "Another.Cool.App"; + workspace = "cool-workspace"; + window-title-regex-substring = "Title"; + app-name-regex-substring = "CoolApp"; + during-aerospace-startup = false; + }; + check-further-callbacks = false; + run = ["move-node-to-workspace m" "resize-node"]; + } + ]; + description = "Commands to run every time a new window is detected with optional conditions."; + }; + workspace-to-monitor-force-assignment = lib.mkOption { + type = attrsOf (oneOf [int str (listOf str)]); + default = { }; + description = '' + Map workspaces to specific monitors. + Left-hand side is the workspace name, and right-hand side is the monitor pattern. + ''; + example = { + "1" = 1; # First monitor from left to right. + "2" = "main"; # Main monitor. + "3" = "secondary"; # Secondary monitor (non-main). + "4" = "built-in"; # Built-in display. + "5" = "^built-in retina display$"; # Regex for the built-in retina display. + "6" = ["secondary" "dell"]; # Match first pattern in the list. + }; }; on-focus-changed = lib.mkOption { type = listOf str; -- cgit v1.2.3 From be4c1b897accbdfc3429e99b5bd5234c5663776e Mon Sep 17 00:00:00 2001 From: Michael Hoang Date: Fri, 15 Nov 2024 13:50:58 +1100 Subject: openssh: init module --- modules/services/openssh.nix | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 modules/services/openssh.nix (limited to 'modules/services') diff --git a/modules/services/openssh.nix b/modules/services/openssh.nix new file mode 100644 index 0000000..859f79d --- /dev/null +++ b/modules/services/openssh.nix @@ -0,0 +1,33 @@ +{ config, lib, ... }: + +let + cfg = config.services.openssh; +in +{ + options = { + services.openssh.enable = lib.mkOption { + type = lib.types.nullOr lib.types.bool; + default = null; + description = '' + Whether to enable Apple's built-in OpenSSH server. + + The default is null which means let macOS manage the OpenSSH server. + ''; + }; + }; + + config = { + # We don't use `systemsetup -setremotelogin` as it requires Full Disk Access + system.activationScripts.launchd.text = lib.mkIf (cfg.enable != null) (if cfg.enable then '' + if [[ "$(systemsetup -getremotelogin | sed 's/Remote Login: //')" == "Off" ]]; then + launchctl enable system/com.openssh.sshd + launchctl bootstrap system /System/Library/LaunchDaemons/ssh.plist + fi + '' else '' + if [[ "$(systemsetup -getremotelogin | sed 's/Remote Login: //')" == "On" ]]; then + launchctl bootout system/com.openssh.sshd + launchctl disable system/com.openssh.sshd + fi + ''); + }; +} -- cgit v1.2.3