ilyakooo0/nixpkgs
1
0
Fork 0
mirror of https://github.com/ilyakooo0/nixpkgs.git synced 2024-12-26 04:43:09 +03:00
Code Issues Projects Releases Wiki Activity

treewide: use attrs instead of list for types.loaOf options

Browse Source
This commit is contained in:
rnhmjoj 2019-09-14 19:51:29 +02:00 committed by worldofpeace
parent 6bd13ccd8e
commit 1d61efb7f1
153 changed files with 811 additions and 1006 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
nixos/modules/config/i18n.nix
View File

@ -80,14 +80,11 @@ with lib;
}; };
# /etc/locale.conf is used by systemd. # /etc/locale.conf is used by systemd.
environment.etc = singleton environment.etc."locale.conf".source = pkgs.writeText "locale.conf"
{ target = "locale.conf"; ''
source = pkgs.writeText "locale.conf" LANG=${config.i18n.defaultLocale}
'' ${concatStringsSep "\n" (mapAttrsToList (n: v: ''${n}=${v}'') config.i18n.extraLocaleSettings)}
LANG=${config.i18n.defaultLocale} '';
${concatStringsSep "\n" (mapAttrsToList (n: v: ''${n}=${v}'') config.i18n.extraLocaleSettings)}
'';
};
}; };
} }

4
nixos/modules/config/ldap.nix
View File

@ -224,7 +224,9 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
environment.etc = optional (!cfg.daemon.enable) ldapConfig; environment.etc = optionalAttrs (!cfg.daemon.enable) {
"ldap.conf" = ldapConfig;
};
system.activationScripts = mkIf (!cfg.daemon.enable) { system.activationScripts = mkIf (!cfg.daemon.enable) {
ldap = stringAfter [ "etc" "groups" "users" ] '' ldap = stringAfter [ "etc" "groups" "users" ] ''

27
nixos/modules/config/pulseaudio.nix
View File

@ -215,9 +215,8 @@ in {
config = mkMerge [ config = mkMerge [
{ {
environment.etc = singleton { environment.etc = {
target = "pulse/client.conf"; "pulse/client.conf".source = clientConf;
source = clientConf;
}; };
hardware.pulseaudio.configFile = mkDefault "${getBin overriddenPackage}/etc/pulse/default.pa"; hardware.pulseaudio.configFile = mkDefault "${getBin overriddenPackage}/etc/pulse/default.pa";
@ -228,19 +227,16 @@ in {
sound.enable = true; sound.enable = true;
environment.etc = [ environment.etc = {
{ target = "asound.conf"; "asound.conf".source = alsaConf;
source = alsaConf; }
{ target = "pulse/daemon.conf"; "pulse/daemon.conf".source = writeText "daemon.conf"
source = writeText "daemon.conf" (lib.generators.toKeyValue {} cfg.daemon.config); } (lib.generators.toKeyValue {} cfg.daemon.config);
{ target = "openal/alsoft.conf"; "openal/alsoft.conf".source = writeText "alsoft.conf" "drivers=pulse";
source = writeText "alsoft.conf" "drivers=pulse"; }
{ target = "libao.conf"; "libao.conf".source = writeText "libao.conf" "default_driver=pulse";
source = writeText "libao.conf" "default_driver=pulse"; } };
];
# Disable flat volumes to enable relative ones # Disable flat volumes to enable relative ones
hardware.pulseaudio.daemon.config.flat-volumes = mkDefault "no"; hardware.pulseaudio.daemon.config.flat-volumes = mkDefault "no";
@ -275,9 +271,8 @@ in {
}) })
(mkIf nonSystemWide { (mkIf nonSystemWide {
environment.etc = singleton { environment.etc = {
target = "pulse/default.pa"; "pulse/default.pa".source = myConfigFile;
source = myConfigFile;
}; };
systemd.user = { systemd.user = {
services.pulseaudio = { services.pulseaudio = {

5
nixos/modules/installer/cd-dvd/system-tarball-pc.nix
View File

@ -122,11 +122,10 @@ in
/* fake entry, just to have a happy stage-1. Users /* fake entry, just to have a happy stage-1. Users
may boot without having stage-1 though */ may boot without having stage-1 though */
fileSystems = [ fileSystems.fake =
{ mountPoint = "/"; { mountPoint = "/";
device = "/dev/something"; device = "/dev/something";
} };
];
nixpkgs.config = { nixpkgs.config = {
packageOverrides = p: { packageOverrides = p: {

5
nixos/modules/installer/cd-dvd/system-tarball-sheevaplug.nix
View File

@ -117,11 +117,10 @@ in
/* fake entry, just to have a happy stage-1. Users /* fake entry, just to have a happy stage-1. Users
may boot without having stage-1 though */ may boot without having stage-1 though */
fileSystems = [ fileSystems.fake =
{ mountPoint = "/"; { mountPoint = "/";
device = "/dev/something"; device = "/dev/something";
} };
];
services.mingetty = { services.mingetty = {
# Some more help text. # Some more help text.

2
nixos/modules/installer/cd-dvd/system-tarball.nix
View File

@ -41,7 +41,7 @@ in
# In stage 1 of the boot, mount the CD/DVD as the root FS by label # In stage 1 of the boot, mount the CD/DVD as the root FS by label
# so that we don't need to know its device. # so that we don't need to know its device.
fileSystems = [ ]; fileSystems = { };
# boot.initrd.availableKernelModules = [ "mvsdio" "reiserfs" "ext3" "ext4" ]; # boot.initrd.availableKernelModules = [ "mvsdio" "reiserfs" "ext3" "ext4" ];

9
nixos/modules/programs/dconf.nix
View File

@ -6,7 +6,10 @@ let
cfg = config.programs.dconf; cfg = config.programs.dconf;
mkDconfProfile = name: path: mkDconfProfile = name: path:
{ source = path; target = "dconf/profile/${name}"; }; {
name = "dconf/profile/${name}";
value.source = path;
};
in in
{ {
@ -29,8 +32,8 @@ in
###### implementation ###### implementation
config = mkIf (cfg.profiles != {} || cfg.enable) { config = mkIf (cfg.profiles != {} || cfg.enable) {
environment.etc = optionals (cfg.profiles != {}) environment.etc = optionalAttrs (cfg.profiles != {})
(mapAttrsToList mkDconfProfile cfg.profiles); (mapAttrs' mkDconfProfile cfg.profiles);
services.dbus.packages = [ pkgs.dconf ]; services.dbus.packages = [ pkgs.dconf ];

26
nixos/modules/programs/shadow.nix
View File

@ -76,22 +76,18 @@ in
config.users.defaultUserShell; config.users.defaultUserShell;
environment.etc = environment.etc =
[ { # /etc/login.defs: global configuration for pwdutils. You { # /etc/login.defs: global configuration for pwdutils. You
# cannot login without it! # cannot login without it!
source = pkgs.writeText "login.defs" loginDefs; "login.defs".source = pkgs.writeText "login.defs" loginDefs;
target = "login.defs";
}
{ # /etc/default/useradd: configuration for useradd. # /etc/default/useradd: configuration for useradd.
source = pkgs.writeText "useradd" "default/useradd".source = pkgs.writeText "useradd"
'' ''
GROUP=100 GROUP=100
HOME=/home HOME=/home
SHELL=${utils.toShellPath config.users.defaultUserShell} SHELL=${utils.toShellPath config.users.defaultUserShell}
''; '';
target = "default/useradd"; };
}
];
security.pam.services = security.pam.services =
{ chsh = { rootOK = true; }; { chsh = { rootOK = true; };

28
nixos/modules/security/duosec.nix
View File

@ -25,19 +25,21 @@ let
accept_env_factor=${boolToStr cfg.acceptEnvFactor} accept_env_factor=${boolToStr cfg.acceptEnvFactor}
''; '';
loginCfgFile = optional cfg.ssh.enable loginCfgFile = optionalAttrs cfg.ssh.enable {
{ source = pkgs.writeText "login_duo.conf" configFileLogin; "duo/login_duo.conf" =
mode = "0600"; { source = pkgs.writeText "login_duo.conf" configFileLogin;
user = "sshd"; mode = "0600";
target = "duo/login_duo.conf"; user = "sshd";
}; };
};
pamCfgFile = optional cfg.pam.enable pamCfgFile = optional cfg.pam.enable {
{ source = pkgs.writeText "pam_duo.conf" configFilePam; "duo/pam_duo.conf" =
mode = "0600"; { source = pkgs.writeText "pam_duo.conf" configFilePam;
user = "sshd"; mode = "0600";
target = "duo/pam_duo.conf"; user = "sshd";
}; };
};
in in
{ {
options = { options = {
@ -186,7 +188,7 @@ in
environment.systemPackages = [ pkgs.duo-unix ]; environment.systemPackages = [ pkgs.duo-unix ];
security.wrappers.login_duo.source = "${pkgs.duo-unix.out}/bin/login_duo"; security.wrappers.login_duo.source = "${pkgs.duo-unix.out}/bin/login_duo";
environment.etc = loginCfgFile ++ pamCfgFile; environment.etc = loginCfgFile // pamCfgFile;
/* If PAM *and* SSH are enabled, then don't do anything special. /* If PAM *and* SSH are enabled, then don't do anything special.
If PAM isn't used, set the default SSH-only options. */ If PAM isn't used, set the default SSH-only options. */

9
nixos/modules/security/pam.nix
View File

@ -475,9 +475,9 @@ let
motd = pkgs.writeText "motd" config.users.motd; motd = pkgs.writeText "motd" config.users.motd;
makePAMService = pamService: makePAMService = name: service:
{ source = pkgs.writeText "${pamService.name}.pam" pamService.text; { name = "pam.d/${name}";
target = "pam.d/${pamService.name}"; value.source = pkgs.writeText "${name}.pam" service.text;
}; };
in in
@ -760,8 +760,7 @@ in
}; };
}; };
environment.etc = environment.etc = mapAttrs' makePAMService config.security.pam.services;
mapAttrsToList (n: v: makePAMService v) config.security.pam.services;
security.pam.services = security.pam.services =
{ other.text = { other.text =

5
nixos/modules/security/pam_mount.nix
View File

@ -36,8 +36,7 @@ in
config = mkIf (cfg.enable || anyPamMount) { config = mkIf (cfg.enable || anyPamMount) {
environment.systemPackages = [ pkgs.pam_mount ]; environment.systemPackages = [ pkgs.pam_mount ];
environment.etc = [{ environment.etc."security/pam_mount.conf.xml" = {
target = "security/pam_mount.conf.xml";
source = source =
let let
extraUserVolumes = filterAttrs (n: u: u.cryptHomeLuks != null) config.users.users; extraUserVolumes = filterAttrs (n: u: u.cryptHomeLuks != null) config.users.users;
@ -66,7 +65,7 @@ in
${concatStringsSep "\n" cfg.extraVolumes} ${concatStringsSep "\n" cfg.extraVolumes}
</pam_mount> </pam_mount>
''; '';
}]; };
}; };
} }

5
nixos/modules/security/rtkit.nix
View File

@ -34,9 +34,8 @@ with lib;
services.dbus.packages = [ pkgs.rtkit ]; services.dbus.packages = [ pkgs.rtkit ];
users.users = singleton users.users.rtkit =
{ name = "rtkit"; { uid = config.ids.uids.rtkit;
uid = config.ids.uids.rtkit;
description = "RealtimeKit daemon"; description = "RealtimeKit daemon";
}; };

3
nixos/modules/security/sudo.nix
View File

@ -212,7 +212,7 @@ in
security.pam.services.sudo = { sshAgentAuth = true; }; security.pam.services.sudo = { sshAgentAuth = true; };
environment.etc = singleton environment.etc.sudoers =
{ source = { source =
pkgs.runCommand "sudoers" pkgs.runCommand "sudoers"
{ {
@ -222,7 +222,6 @@ in
# Make sure that the sudoers file is syntactically valid. # Make sure that the sudoers file is syntactically valid.
# (currently disabled - NIXOS-66) # (currently disabled - NIXOS-66)
"${pkgs.buildPackages.sudo}/sbin/visudo -f $src -c && cp $src $out"; "${pkgs.buildPackages.sudo}/sbin/visudo -f $src -c && cp $src $out";
target = "sudoers";
mode = "0440"; mode = "0440";
}; };

24
nixos/modules/services/audio/mpd.nix
View File

@ -184,19 +184,19 @@ in {
}; };
}; };
users.users = optionalAttrs (cfg.user == name) (singleton { users.users = optionalAttrs (cfg.user == name) {
inherit uid; ${name} = {
inherit name; inherit uid;
group = cfg.group; group = cfg.group;
extraGroups = [ "audio" ]; extraGroups = [ "audio" ];
description = "Music Player Daemon user"; description = "Music Player Daemon user";
home = "${cfg.dataDir}"; home = "${cfg.dataDir}";
}); };
};
users.groups = optionalAttrs (cfg.group == name) (singleton { users.groups = optionalAttrs (cfg.group == name) {
inherit name; ${name}.gid = gid;
gid = gid; };
});
}; };
} }

7
nixos/modules/services/backup/mysql-backup.nix
View File

@ -84,13 +84,14 @@ in
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.users = optionalAttrs (cfg.user == defaultUser) (singleton users.users = optionalAttrs (cfg.user == defaultUser) {
{ name = defaultUser; ${defaultUser} = {
isSystemUser = true; isSystemUser = true;
createHome = false; createHome = false;
home = cfg.location; home = cfg.location;
group = "nogroup"; group = "nogroup";
}); };
};
services.mysql.ensureUsers = [{ services.mysql.ensureUsers = [{
name = cfg.user; name = cfg.user;

3
nixos/modules/services/cluster/kubernetes/default.nix
View File

@ -266,8 +266,7 @@ in {
"d /var/lib/kubernetes 0755 kubernetes kubernetes -" "d /var/lib/kubernetes 0755 kubernetes kubernetes -"
]; ];
users.users = singleton { users.users.kubernetes = {
name = "kubernetes";
uid = config.ids.uids.kubernetes; uid = config.ids.uids.kubernetes;
description = "Kubernetes user"; description = "Kubernetes user";
extraGroups = [ "docker" ]; extraGroups = [ "docker" ];

21
nixos/modules/services/continuous-integration/buildbot/master.nix
View File

@ -223,18 +223,19 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.groups = optional (cfg.group == "buildbot") { users.groups = optional (cfg.group == "buildbot") {
name = "buildbot"; buildbot = { };
}; };
users.users = optional (cfg.user == "buildbot") { users.users = optionalAttrs (cfg.user == "buildbot") {
name = "buildbot"; buildbot = {
description = "Buildbot User."; description = "Buildbot User.";
isNormalUser = true; isNormalUser = true;
createHome = true; createHome = true;
home = cfg.home; home = cfg.home;
group = cfg.group; group = cfg.group;
extraGroups = cfg.extraGroups; extraGroups = cfg.extraGroups;
useDefaultShell = true; useDefaultShell = true;
};
}; };
systemd.services.buildbot-master = { systemd.services.buildbot-master = {

21
nixos/modules/services/continuous-integration/buildbot/worker.nix
View File

@ -137,18 +137,19 @@ in {
services.buildbot-worker.workerPassFile = mkDefault (pkgs.writeText "buildbot-worker-password" cfg.workerPass); services.buildbot-worker.workerPassFile = mkDefault (pkgs.writeText "buildbot-worker-password" cfg.workerPass);
users.groups = optional (cfg.group == "bbworker") { users.groups = optional (cfg.group == "bbworker") {
name = "bbworker"; bbworker = { };
}; };
users.users = optional (cfg.user == "bbworker") { users.users = optionalAttrs (cfg.user == "bbworker") {
name = "bbworker"; bbworker = {
description = "Buildbot Worker User."; description = "Buildbot Worker User.";
isNormalUser = true; isNormalUser = true;
createHome = true; createHome = true;
home = cfg.home; home = cfg.home;
group = cfg.group; group = cfg.group;
extraGroups = cfg.extraGroups; extraGroups = cfg.extraGroups;
useDefaultShell = true; useDefaultShell = true;
};
}; };
systemd.services.buildbot-worker = { systemd.services.buildbot-worker = {

24
nixos/modules/services/continuous-integration/gocd-agent/default.nix
View File

@ -135,20 +135,20 @@ in {
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.groups = optional (cfg.group == "gocd-agent") { users.groups = optionalAttrs (cfg.group == "gocd-agent") {
name = "gocd-agent"; gocd-agent.gid = config.ids.gids.gocd-agent;
gid = config.ids.gids.gocd-agent;
}; };
users.users = optional (cfg.user == "gocd-agent") { users.users = optionalAttrs (cfg.user == "gocd-agent") {
name = "gocd-agent"; gocd-agent = {
description = "gocd-agent user"; description = "gocd-agent user";
createHome = true; createHome = true;
home = cfg.workDir; home = cfg.workDir;
group = cfg.group; group = cfg.group;
extraGroups = cfg.extraGroups; extraGroups = cfg.extraGroups;
useDefaultShell = true; useDefaultShell = true;
uid = config.ids.uids.gocd-agent; uid = config.ids.uids.gocd-agent;
};
}; };
systemd.services.gocd-agent = { systemd.services.gocd-agent = {

24
nixos/modules/services/continuous-integration/gocd-server/default.nix
View File

@ -143,20 +143,20 @@ in {
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.groups = optional (cfg.group == "gocd-server") { users.groups = optionalAttrs (cfg.group == "gocd-server") {
name = "gocd-server"; gocd-server.gid = config.ids.gids.gocd-server;
gid = config.ids.gids.gocd-server;
}; };
users.users = optional (cfg.user == "gocd-server") { users.users = optionalAttrs (cfg.user == "gocd-server") {
name = "gocd-server"; gocd-server = {
description = "gocd-server user"; description = "gocd-server user";
createHome = true; createHome = true;
home = cfg.workDir; home = cfg.workDir;
group = cfg.group; group = cfg.group;
extraGroups = cfg.extraGroups; extraGroups = cfg.extraGroups;
useDefaultShell = true; useDefaultShell = true;
uid = config.ids.uids.gocd-server; uid = config.ids.uids.gocd-server;
};
}; };
systemd.services.gocd-server = { systemd.services.gocd-server = {

24
nixos/modules/services/continuous-integration/jenkins/default.nix
View File

@ -150,20 +150,20 @@ in {
pkgs.dejavu_fonts pkgs.dejavu_fonts
]; ];
users.groups = optional (cfg.group == "jenkins") { users.groups = optionalAttrs (cfg.group == "jenkins") {
name = "jenkins"; jenkins.gid = config.ids.gids.jenkins;
gid = config.ids.gids.jenkins;
}; };
users.users = optional (cfg.user == "jenkins") { users.users = optionalAttrs (cfg.user == "jenkins") {
name = "jenkins"; jenkins = {
description = "jenkins user"; description = "jenkins user";
createHome = true; createHome = true;
home = cfg.home; home = cfg.home;
group = cfg.group; group = cfg.group;
extraGroups = cfg.extraGroups; extraGroups = cfg.extraGroups;
useDefaultShell = true; useDefaultShell = true;
uid = config.ids.uids.jenkins; uid = config.ids.uids.jenkins;
};
}; };
systemd.services.jenkins = { systemd.services.jenkins = {

20
nixos/modules/services/continuous-integration/jenkins/slave.nix
View File

@ -51,18 +51,18 @@ in {
config = mkIf (cfg.enable && !masterCfg.enable) { config = mkIf (cfg.enable && !masterCfg.enable) {
users.groups = optional (cfg.group == "jenkins") { users.groups = optional (cfg.group == "jenkins") {
name = "jenkins"; jenkins.gid = config.ids.gids.jenkins;
gid = config.ids.gids.jenkins;
}; };
users.users = optional (cfg.user == "jenkins") { users.users = optionalAttrs (cfg.user == "jenkins") {
name = "jenkins"; jenkins = {
description = "jenkins user"; description = "jenkins user";
createHome = true; createHome = true;
home = cfg.home; home = cfg.home;
group = cfg.group; group = cfg.group;
useDefaultShell = true; useDefaultShell = true;
uid = config.ids.uids.jenkins; uid = config.ids.uids.jenkins;
};
}; };
}; };
} }

14
nixos/modules/services/databases/cockroachdb.nix
View File

@ -171,17 +171,17 @@ in
environment.systemPackages = [ crdb ]; environment.systemPackages = [ crdb ];
users.users = optionalAttrs (cfg.user == "cockroachdb") (singleton users.users = optionalAttrs (cfg.user == "cockroachdb") {
{ name = "cockroachdb"; cockroachdb = {
description = "CockroachDB Server User"; description = "CockroachDB Server User";
uid = config.ids.uids.cockroachdb; uid = config.ids.uids.cockroachdb;
group = cfg.group; group = cfg.group;
}); };
};
users.groups = optionalAttrs (cfg.group == "cockroachdb") (singleton users.groups = optionalAttrs (cfg.group == "cockroachdb") {
{ name = "cockroachdb"; cockroachdb.gid = config.ids.gids.cockroachdb;
gid = config.ids.gids.cockroachdb; };
});
networking.firewall.allowedTCPPorts = lib.optionals cfg.openPorts networking.firewall.allowedTCPPorts = lib.optionals cfg.openPorts
[ cfg.http.port cfg.listen.port ]; [ cfg.http.port cfg.listen.port ];

14
nixos/modules/services/databases/foundationdb.nix
View File

@ -341,17 +341,17 @@ in
environment.systemPackages = [ pkg ]; environment.systemPackages = [ pkg ];
users.users = optionalAttrs (cfg.user == "foundationdb") (singleton users.users = optionalAttrs (cfg.user == "foundationdb") {
{ name = "foundationdb"; foundationdb = {
description = "FoundationDB User"; description = "FoundationDB User";
uid = config.ids.uids.foundationdb; uid = config.ids.uids.foundationdb;
group = cfg.group; group = cfg.group;
}); };
};
users.groups = optionalAttrs (cfg.group == "foundationdb") (singleton users.groups = optionalAttrs (cfg.group == "foundationdb") {
{ name = "foundationdb"; foundationdb.gid = config.ids.gids.foundationdb;
gid = config.ids.gids.foundationdb; };
});
networking.firewall.allowedTCPPortRanges = mkIf cfg.openFirewall networking.firewall.allowedTCPPortRanges = mkIf cfg.openFirewall
[ { from = cfg.listenPortStart; [ { from = cfg.listenPortStart;

14
nixos/modules/services/databases/influxdb.nix
View File

@ -182,15 +182,15 @@ in
''; '';
}; };
users.users = optional (cfg.user == "influxdb") { users.users = optionalAttrs (cfg.user == "influxdb") {
name = "influxdb"; influxdb = {
uid = config.ids.uids.influxdb; uid = config.ids.uids.influxdb;
description = "Influxdb daemon user"; description = "Influxdb daemon user";
};
}; };
users.groups = optional (cfg.group == "influxdb") { users.groups = optionalAttrs (cfg.group == "influxdb") {
name = "influxdb"; influxdb.gid = config.ids.gids.influxdb;
gid = config.ids.gids.influxdb;
}; };
}; };

7
nixos/modules/services/databases/memcached.nix
View File

@ -64,10 +64,9 @@ in
config = mkIf config.services.memcached.enable { config = mkIf config.services.memcached.enable {
users.users = optional (cfg.user == "memcached") { users.users = optionalAttrs (cfg.user == "memcached") {
name = "memcached"; memcached.description = "Memcached server user";
description = "Memcached server user"; memcached.isSystemUser = true;
isSystemUser = true;
}; };
environment.systemPackages = [ memcached ]; environment.systemPackages = [ memcached ];

3
nixos/modules/services/databases/neo4j.nix
View File

@ -650,8 +650,7 @@ in {
environment.systemPackages = [ cfg.package ]; environment.systemPackages = [ cfg.package ];
users.users = singleton { users.users.neo4j = {
name = "neo4j";
uid = config.ids.uids.neo4j; uid = config.ids.uids.neo4j;
description = "Neo4j daemon user"; description = "Neo4j daemon user";
home = cfg.directories.home; home = cfg.directories.home;

5
nixos/modules/services/databases/virtuoso.nix
View File

@ -54,9 +54,8 @@ with lib;
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.users = singleton users.users.${virtuosoUser} =
{ name = virtuosoUser; { uid = config.ids.uids.virtuoso;
uid = config.ids.uids.virtuoso;
description = "virtuoso user"; description = "virtuoso user";
home = stateDir; home = stateDir;
}; };

15
nixos/modules/services/editors/infinoted.nix
View File

@ -111,14 +111,15 @@ in {
}; };
config = mkIf (cfg.enable) { config = mkIf (cfg.enable) {
users.users = optional (cfg.user == "infinoted") users.users = optionalAttrs (cfg.user == "infinoted")
{ name = "infinoted"; { infinoted = {
description = "Infinoted user"; description = "Infinoted user";
group = cfg.group; group = cfg.group;
isSystemUser = true; isSystemUser = true;
};
}; };
users.groups = optional (cfg.group == "infinoted") users.groups = optionalAttrs (cfg.group == "infinoted")
{ name = "infinoted"; { infinoted = { };
}; };
systemd.services.infinoted = systemd.services.infinoted =

6
nixos/modules/services/hardware/bluetooth.nix
View File

@ -74,9 +74,9 @@ in {
environment.systemPackages = [ bluez-bluetooth ]; environment.systemPackages = [ bluez-bluetooth ];
environment.etc = singleton { environment.etc."bluetooth/main.conf"= {
source = pkgs.writeText "main.conf" (generators.toINI { } cfg.config + optionalString (cfg.extraConfig != null) cfg.extraConfig); source = pkgs.writeText "main.conf"
target = "bluetooth/main.conf"; (generators.toINI { } cfg.config + optionalString (cfg.extraConfig != null) cfg.extraConfig);
}; };
services.udev.packages = [ bluez-bluetooth ]; services.udev.packages = [ bluez-bluetooth ];

11
nixos/modules/services/hardware/sane_extra_backends/brscan4.nix
View File

@ -67,11 +67,11 @@ in
{ {
options = { options = {
hardware.sane.brscan4.enable = hardware.sane.brscan4.enable =
mkEnableOption "Brother's brscan4 scan backend" // { mkEnableOption "Brother's brscan4 scan backend" // {
description = '' description = ''
When enabled, will automatically register the "brscan4" sane When enabled, will automatically register the "brscan4" sane
backend and bring configuration files to their expected location. backend and bring configuration files to their expected location.
''; '';
}; };
@ -95,14 +95,11 @@ in
pkgs.brscan4 pkgs.brscan4
]; ];
environment.etc = singleton { environment.etc."opt/brother/scanner/brscan4" =
target = "opt/brother/scanner/brscan4"; { source = "${etcFiles}/etc/opt/brother/scanner/brscan4"; };
source = "${etcFiles}/etc/opt/brother/scanner/brscan4";
};
assertions = [ assertions = [
{ assertion = all (x: !(null != x.ip && null != x.nodename)) netDeviceList; { assertion = all (x: !(null != x.ip && null != x.nodename)) netDeviceList;
message = '' message = ''
When describing a network device as part of the attribute list When describing a network device as part of the attribute list
`hardware.sane.brscan4.netDevices`, only one of its `ip` or `nodename` `hardware.sane.brscan4.netDevices`, only one of its `ip` or `nodename`

14
nixos/modules/services/hardware/tcsd.nix
View File

@ -137,15 +137,15 @@ in
serviceConfig.ExecStart = "${pkgs.trousers}/sbin/tcsd -f -c ${tcsdConf}"; serviceConfig.ExecStart = "${pkgs.trousers}/sbin/tcsd -f -c ${tcsdConf}";
}; };
users.users = optionalAttrs (cfg.user == "tss") (singleton users.users = optionalAttrs (cfg.user == "tss") {
{ name = "tss"; tss = {
group = "tss"; group = "tss";
uid = config.ids.uids.tss; uid = config.ids.uids.tss;
}); };
};
users.groups = optionalAttrs (cfg.group == "tss") (singleton users.groups = optionalAttrs (cfg.group == "tss") {
{ name = "tss"; tss.gid = config.ids.gids.tss;
gid = config.ids.gids.tss; };
});
}; };
} }

15
nixos/modules/services/hardware/tlp.nix
View File

@ -103,13 +103,14 @@ in
services.udev.packages = [ tlp ]; services.udev.packages = [ tlp ];
environment.etc = [{ source = confFile; environment.etc =
target = "default/tlp"; {
} "default/tlp".source = confFile;
] ++ optional enableRDW { } // optionalAttrs enableRDW {
source = "${tlp}/etc/NetworkManager/dispatcher.d/99tlp-rdw-nm"; "NetworkManager/dispatcher.d/99tlp-rdw-nm" = {
target = "NetworkManager/dispatcher.d/99tlp-rdw-nm"; source = "${tlp}/etc/NetworkManager/dispatcher.d/99tlp-rdw-nm";
}; };
};
environment.systemPackages = [ tlp ]; environment.systemPackages = [ tlp ];

11
nixos/modules/services/hardware/udev.nix
View File

@ -281,13 +281,10 @@ in
boot.kernelParams = mkIf (!config.networking.usePredictableInterfaceNames) [ "net.ifnames=0" ]; boot.kernelParams = mkIf (!config.networking.usePredictableInterfaceNames) [ "net.ifnames=0" ];
environment.etc = environment.etc =
[ { source = udevRules; {
target = "udev/rules.d"; "udev/rules.d".source = udevRules;
} "udev/hwdb.bin".source = hwdbBin;
{ source = hwdbBin; };
target = "udev/hwdb.bin";
}
];
system.requiredKernelConfig = with config.lib.kernelConfig; [ system.requiredKernelConfig = with config.lib.kernelConfig; [
(isEnabled "UNIX") (isEnabled "UNIX")

13
nixos/modules/services/hardware/usbmuxd.nix
View File

@ -43,15 +43,16 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.users = optional (cfg.user == defaultUserGroup) { users.users = optionalAttrs (cfg.user == defaultUserGroup) {
name = cfg.user; ${cfg.user} = {
description = "usbmuxd user"; description = "usbmuxd user";
group = cfg.group; group = cfg.group;
isSystemUser = true; isSystemUser = true;
};
}; };
users.groups = optional (cfg.group == defaultUserGroup) { users.groups = optional (cfg.group == defaultUserGroup) {
name = cfg.group; ${cfg.group} = { };
}; };
# Give usbmuxd permission for Apple devices # Give usbmuxd permission for Apple devices

7
nixos/modules/services/logging/logcheck.nix
View File

@ -213,13 +213,14 @@ in
mapAttrsToList writeIgnoreRule cfg.ignore mapAttrsToList writeIgnoreRule cfg.ignore
++ mapAttrsToList writeIgnoreCronRule cfg.ignoreCron; ++ mapAttrsToList writeIgnoreCronRule cfg.ignoreCron;
users.users = optionalAttrs (cfg.user == "logcheck") (singleton users.users = optionalAttrs (cfg.user == "logcheck") {
{ name = "logcheck"; logcheck = {
uid = config.ids.uids.logcheck; uid = config.ids.uids.logcheck;
shell = "/bin/sh"; shell = "/bin/sh";
description = "Logcheck user account"; description = "Logcheck user account";
extraGroups = cfg.extraGroups; extraGroups = cfg.extraGroups;
}); };
};
system.activationScripts.logcheck = '' system.activationScripts.logcheck = ''
mkdir -m 700 -p /var/{lib,lock}/logcheck mkdir -m 700 -p /var/{lib,lock}/logcheck

50
nixos/modules/services/mail/dovecot.nix
View File

@ -310,36 +310,32 @@ in
++ optional cfg.enablePop3 "pop3" ++ optional cfg.enablePop3 "pop3"
++ optional cfg.enableLmtp "lmtp"; ++ optional cfg.enableLmtp "lmtp";
users.users = [ users.users = {
{ name = "dovenull"; dovenull =
uid = config.ids.uids.dovenull2; { uid = config.ids.uids.dovenull2;
description = "Dovecot user for untrusted logins"; description = "Dovecot user for untrusted logins";
group = "dovenull"; group = "dovenull";
} };
] ++ optional (cfg.user == "dovecot2") } // optionalAttrs (cfg.user == "dovecot2") {
{ name = "dovecot2"; dovecot2 =
uid = config.ids.uids.dovecot2; { uid = config.ids.uids.dovecot2;
description = "Dovecot user"; description = "Dovecot user";
group = cfg.group; group = cfg.group;
} };
++ optional (cfg.createMailUser && cfg.mailUser != null) } // optionalAttrs (cfg.createMailUser && cfg.mailUser != null) {
({ name = cfg.mailUser; ${cfg.mailUser} =
description = "Virtual Mail User"; { description = "Virtual Mail User"; } //
} // optionalAttrs (cfg.mailGroup != null) { optionalAttrs (cfg.mailGroup != null)
group = cfg.mailGroup; { group = cfg.mailGroup; };
}); };
users.groups = optional (cfg.group == "dovecot2") users.groups = {
{ name = "dovecot2"; dovenull.gid = config.ids.gids.dovenull2;
gid = config.ids.gids.dovecot2; } // optionalAttrs (cfg.group == "dovecot2") {
} dovecot2.gid = config.ids.gids.dovecot2;
++ optional (cfg.createMailUser && cfg.mailGroup != null) } // optionalAttrs (cfg.createMailUser && cfg.mailGroup != null) {
{ name = cfg.mailGroup; ${cfg.mailgroup} = { };
} };
++ singleton
{ name = "dovenull";
gid = config.ids.gids.dovenull2;
};
environment.etc."dovecot/modules".source = modulesDir; environment.etc."dovecot/modules".source = modulesDir;
environment.etc."dovecot/dovecot.conf".source = cfg.configFile; environment.etc."dovecot/dovecot.conf".source = cfg.configFile;

14
nixos/modules/services/mail/dspam.nix
View File

@ -86,16 +86,16 @@ in {
config = mkIf cfg.enable (mkMerge [ config = mkIf cfg.enable (mkMerge [
{ {
users.users = optionalAttrs (cfg.user == "dspam") (singleton users.users = optionalAttrs (cfg.user == "dspam") {
{ name = "dspam"; dspam = {
group = cfg.group; group = cfg.group;
uid = config.ids.uids.dspam; uid = config.ids.uids.dspam;
}); };
};
users.groups = optionalAttrs (cfg.group == "dspam") (singleton users.groups = optionalAttrs (cfg.group == "dspam") {
{ name = "dspam"; dspam.gid = config.ids.gids.dspam;
gid = config.ids.gids.dspam; };
});
environment.systemPackages = [ dspam ]; environment.systemPackages = [ dspam ];

6
nixos/modules/services/mail/exim.nix
View File

@ -87,15 +87,13 @@ in
systemPackages = [ cfg.package ]; systemPackages = [ cfg.package ];
}; };
users.users = singleton { users.users.${cfg.user} = {
name = cfg.user;
description = "Exim mail transfer agent user"; description = "Exim mail transfer agent user";
uid = config.ids.uids.exim; uid = config.ids.uids.exim;
group = cfg.group; group = cfg.group;
}; };
users.groups = singleton { users.groups.${cfg.group} = {
name = cfg.group;
gid = config.ids.gids.exim; gid = config.ids.gids.exim;
}; };

6
nixos/modules/services/mail/mlmmj.nix
View File

@ -94,8 +94,7 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.users = singleton { users.users.${cfg.user} = {
name = cfg.user;
description = "mlmmj user"; description = "mlmmj user";
home = stateDir; home = stateDir;
createHome = true; createHome = true;
@ -104,8 +103,7 @@ in
useDefaultShell = true; useDefaultShell = true;
}; };
users.groups = singleton { users.groups.${cfg.group} = {
name = cfg.group;
gid = config.ids.gids.mlmmj; gid = config.ids.gids.mlmmj;
}; };

7
nixos/modules/services/mail/nullmailer.nix
View File

@ -201,15 +201,12 @@ with lib;
}; };
users = { users = {
users = singleton { users.${cfg.user} = {
name = cfg.user;
description = "Nullmailer relay-only mta user"; description = "Nullmailer relay-only mta user";
group = cfg.group; group = cfg.group;
}; };
groups = singleton { groups.${cfg.group} = { };
name = cfg.group;
};
}; };
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [

14
nixos/modules/services/mail/opendkim.nix
View File

@ -91,16 +91,16 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.users = optionalAttrs (cfg.user == "opendkim") (singleton users.users = optionalAttrs (cfg.user == "opendkim") {
{ name = "opendkim"; opendkim = {
group = cfg.group; group = cfg.group;
uid = config.ids.uids.opendkim; uid = config.ids.uids.opendkim;
}); };
};
users.groups = optionalAttrs (cfg.group == "opendkim") (singleton users.groups = optionalAttrs (cfg.group == "opendkim") {
{ name = "opendkim"; opendkimgid = config.ids.gids.opendkim;
gid = config.ids.gids.opendkim; };
});
environment.systemPackages = [ pkgs.opendkim ]; environment.systemPackages = [ pkgs.opendkim ];

21
nixos/modules/services/mail/postfix.nix
View File

@ -655,21 +655,20 @@ in
setgid = true; setgid = true;
}; };
users.users = optional (user == "postfix") users.users = optionalAttrs (user == "postfix")
{ name = "postfix"; { postfix = {
description = "Postfix mail server user"; description = "Postfix mail server user";
uid = config.ids.uids.postfix; uid = config.ids.uids.postfix;
group = group; group = group;
};
}; };
users.groups = users.groups =
optional (group == "postfix") optionalAttrs (group == "postfix")
{ name = group; { group.gid = config.ids.gids.postfix;
gid = config.ids.gids.postfix;
} }
++ optional (setgidGroup == "postdrop") ++ optionalAttrs (setgidGroup == "postdrop")
{ name = setgidGroup; { ${setgidGroup}.gid = config.ids.gids.postdrop;
gid = config.ids.gids.postdrop;
}; };
systemd.services.postfix = systemd.services.postfix =

14
nixos/modules/services/mail/postsrsd.nix
View File

@ -90,16 +90,16 @@ in {
services.postsrsd.domain = mkDefault config.networking.hostName; services.postsrsd.domain = mkDefault config.networking.hostName;
users.users = optionalAttrs (cfg.user == "postsrsd") (singleton users.users = optionalAttrs (cfg.user == "postsrsd") {
{ name = "postsrsd"; postsrsd = {
group = cfg.group; group = cfg.group;
uid = config.ids.uids.postsrsd; uid = config.ids.uids.postsrsd;
}); };
};
users.groups = optionalAttrs (cfg.group == "postsrsd") (singleton users.groups = optionalAttrs (cfg.group == "postsrsd") {
{ name = "postsrsd"; postsrsd.gid = config.ids.gids.postsrsd;
gid = config.ids.gids.postsrsd; };
});
systemd.services.postsrsd = { systemd.services.postsrsd = {
description = "PostSRSd SRS rewriting server"; description = "PostSRSd SRS rewriting server";

6
nixos/modules/services/mail/rspamd.nix
View File

@ -374,15 +374,13 @@ in
# Allow users to run 'rspamc' and 'rspamadm'. # Allow users to run 'rspamc' and 'rspamadm'.
environment.systemPackages = [ pkgs.rspamd ]; environment.systemPackages = [ pkgs.rspamd ];
users.users = singleton { users.users.${cfg.user} = {
name = cfg.user;
description = "rspamd daemon"; description = "rspamd daemon";
uid = config.ids.uids.rspamd; uid = config.ids.uids.rspamd;
group = cfg.group; group = cfg.group;
}; };
users.groups = singleton { users.groups.${cfg.group} = {
name = cfg.group;
gid = config.ids.gids.rspamd; gid = config.ids.gids.rspamd;
}; };

6
nixos/modules/services/mail/spamassassin.nix
View File

@ -128,15 +128,13 @@ in
systemPackages = [ pkgs.spamassassin ]; systemPackages = [ pkgs.spamassassin ];
}; };
users.users = singleton { users.users.spamd = {
name = "spamd";
description = "Spam Assassin Daemon"; description = "Spam Assassin Daemon";
uid = config.ids.uids.spamd; uid = config.ids.uids.spamd;
group = "spamd"; group = "spamd";
}; };
users.groups = singleton { users.groups.spamd = {
name = "spamd";
gid = config.ids.gids.spamd; gid = config.ids.gids.spamd;
}; };

3
nixos/modules/services/misc/apache-kafka.nix
View File

@ -124,8 +124,7 @@ in {
environment.systemPackages = [cfg.package]; environment.systemPackages = [cfg.package];
users.users = singleton { users.users.apache-kafka = {
name = "apache-kafka";
uid = config.ids.uids.apache-kafka; uid = config.ids.uids.apache-kafka;
description = "Apache Kafka daemon user"; description = "Apache Kafka daemon user";
home = head cfg.logDirs; home = head cfg.logDirs;

16
nixos/modules/services/misc/bepasty.nix
View File

@ -168,16 +168,12 @@ in
}) })
) cfg.servers; ) cfg.servers;
users.users = [{ users.users.${user} =
uid = config.ids.uids.bepasty; { uid = config.ids.uids.bepasty;
name = user; group = group;
group = group; home = default_home;
home = default_home; };
}];
users.groups = [{ users.groups.${group}.gid = config.ids.gids.bepasty;
name = group;
gid = config.ids.gids.bepasty;
}];
}; };
} }

7
nixos/modules/services/misc/cgminer.nix
View File

@ -110,11 +110,12 @@ in
config = mkIf config.services.cgminer.enable { config = mkIf config.services.cgminer.enable {
users.users = optionalAttrs (cfg.user == "cgminer") (singleton users.users = optionalAttrs (cfg.user == "cgminer") {
{ name = "cgminer"; cgminer = {
uid = config.ids.uids.cgminer; uid = config.ids.uids.cgminer;
description = "Cgminer user"; description = "Cgminer user";
}); };
};
environment.systemPackages = [ cfg.package ]; environment.systemPackages = [ cfg.package ];

11
nixos/modules/services/misc/couchpotato.nix
View File

@ -29,17 +29,14 @@ in
}; };
}; };
users.users = singleton users.users.couchpotato =
{ name = "couchpotato"; { group = "couchpotato";
group = "couchpotato";
home = "/var/lib/couchpotato/"; home = "/var/lib/couchpotato/";
description = "CouchPotato daemon user"; description = "CouchPotato daemon user";
uid = config.ids.uids.couchpotato; uid = config.ids.uids.couchpotato;
}; };
users.groups = singleton users.groups.couchpotato =
{ name = "couchpotato"; { gid = config.ids.gids.couchpotato; };
gid = config.ids.gids.couchpotato;
};
}; };
} }

10
nixos/modules/services/misc/dictd.nix
View File

@ -45,18 +45,14 @@ in
# get the command line client on system path to make some use of the service # get the command line client on system path to make some use of the service
environment.systemPackages = [ pkgs.dict ]; environment.systemPackages = [ pkgs.dict ];
users.users = singleton users.users.dictd =
{ name = "dictd"; { group = "dictd";
group = "dictd";
description = "DICT.org dictd server"; description = "DICT.org dictd server";
home = "${dictdb}/share/dictd"; home = "${dictdb}/share/dictd";
uid = config.ids.uids.dictd; uid = config.ids.uids.dictd;
}; };
users.groups = singleton users.groups.dictd.gid = config.ids.gids.dictd;
{ name = "dictd";
gid = config.ids.gids.dictd;
};
systemd.services.dictd = { systemd.services.dictd = {
description = "DICT.org Dictionary Server"; description = "DICT.org Dictionary Server";

3
nixos/modules/services/misc/etcd.nix
View File

@ -186,8 +186,7 @@ in {
environment.systemPackages = [ pkgs.etcdctl ]; environment.systemPackages = [ pkgs.etcdctl ];
users.users = singleton { users.users.etcd = {
name = "etcd";
uid = config.ids.uids.etcd; uid = config.ids.uids.etcd;
description = "Etcd daemon user"; description = "Etcd daemon user";
home = cfg.dataDir; home = cfg.dataDir;

3
nixos/modules/services/misc/exhibitor.nix
View File

@ -410,8 +410,7 @@ in
sed -i 's/'"$replace_what"'/'"$replace_with"'/g' ${cfg.baseDir}/zookeeper/bin/zk*.sh sed -i 's/'"$replace_what"'/'"$replace_with"'/g' ${cfg.baseDir}/zookeeper/bin/zk*.sh
''; '';
}; };
users.users = singleton { users.users.zookeeper = {
name = "zookeeper";
uid = config.ids.uids.zookeeper; uid = config.ids.uids.zookeeper;
description = "Zookeeper daemon user"; description = "Zookeeper daemon user";
home = cfg.baseDir; home = cfg.baseDir;

10
nixos/modules/services/misc/felix.nix
View File

@ -47,14 +47,10 @@ in
###### implementation ###### implementation
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.groups = singleton users.groups.osgi.gid = config.ids.gids.osgi;
{ name = "osgi";
gid = config.ids.gids.osgi;
};
users.users = singleton users.users.osgi =
{ name = "osgi"; { uid = config.ids.uids.osgi;
uid = config.ids.uids.osgi;
description = "OSGi user"; description = "OSGi user";
home = "/homeless-shelter"; home = "/homeless-shelter";
}; };

5
nixos/modules/services/misc/folding-at-home.nix
View File

@ -42,9 +42,8 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.users = singleton users.users.${fahUser} =
{ name = fahUser; { uid = config.ids.uids.foldingathome;
uid = config.ids.uids.foldingathome;
description = "Folding@Home user"; description = "Folding@Home user";
home = stateDir; home = stateDir;
}; };

14
nixos/modules/services/misc/gitlab.nix
View File

@ -633,20 +633,14 @@ in {
# Use postfix to send out mails. # Use postfix to send out mails.
services.postfix.enable = mkDefault true; services.postfix.enable = mkDefault true;
users.users = [ users.users.${cfg.user} =
{ name = cfg.user; { group = cfg.group;
group = cfg.group;
home = "${cfg.statePath}/home"; home = "${cfg.statePath}/home";
shell = "${pkgs.bash}/bin/bash"; shell = "${pkgs.bash}/bin/bash";
uid = config.ids.uids.gitlab; uid = config.ids.uids.gitlab;
} };
];
users.groups = [ users.groups.${cfg.group}.gid = config.ids.gids.gitlab;
{ name = cfg.group;
gid = config.ids.gids.gitlab;
}
];
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
"d /run/gitlab 0755 ${cfg.user} ${cfg.group} -" "d /run/gitlab 0755 ${cfg.user} ${cfg.group} -"

10
nixos/modules/services/misc/gpsd.nix
View File

@ -86,17 +86,13 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.users = singleton users.users.gpsd =
{ name = "gpsd"; { inherit uid;
inherit uid;
description = "gpsd daemon user"; description = "gpsd daemon user";
home = "/var/empty"; home = "/var/empty";
}; };
users.groups = singleton users.groups.gpsd = { inherit gid; };
{ name = "gpsd";
inherit gid;
};
systemd.services.gpsd = { systemd.services.gpsd = {
description = "GPSD daemon"; description = "GPSD daemon";

24
nixos/modules/services/misc/headphones.nix
View File

@ -59,19 +59,19 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.users = optionalAttrs (cfg.user == name) (singleton { users.users = optionalAttrs (cfg.user == name) {
name = name; ${name} = {
uid = config.ids.uids.headphones; uid = config.ids.uids.headphones;
group = cfg.group; group = cfg.group;
description = "headphones user"; description = "headphones user";
home = cfg.dataDir; home = cfg.dataDir;
createHome = true; createHome = true;
}); };
};
users.groups = optionalAttrs (cfg.group == name) (singleton { users.groups = optionalAttrs (cfg.group == name) {
name = name; ${name}.gid = config.ids.gids.headphones;
gid = config.ids.gids.headphones; };
});
systemd.services.headphones = { systemd.services.headphones = {
description = "Headphones Server"; description = "Headphones Server";

13
nixos/modules/services/misc/matrix-synapse.nix
View File

@ -657,19 +657,18 @@ in {
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.users = [ users.users.matrix-synapse =
{ name = "matrix-synapse"; { name = "";
group = "matrix-synapse"; group = "matrix-synapse";
home = cfg.dataDir; home = cfg.dataDir;
createHome = true; createHome = true;
shell = "${pkgs.bash}/bin/bash"; shell = "${pkgs.bash}/bin/bash";
uid = config.ids.uids.matrix-synapse; uid = config.ids.uids.matrix-synapse;
} ]; };
users.groups = [ users.groups.matrix-synapse = {
{ name = "matrix-synapse"; gid = config.ids.gids.matrix-synapse;
gid = config.ids.gids.matrix-synapse; };
} ];
services.postgresql = mkIf (usePostgresql && cfg.create_local_database) { services.postgresql = mkIf (usePostgresql && cfg.create_local_database) {
enable = mkDefault true; enable = mkDefault true;

24
nixos/modules/services/misc/mediatomb.nix
View File

@ -266,19 +266,19 @@ in {
serviceConfig.User = "${cfg.user}"; serviceConfig.User = "${cfg.user}";
}; };
users.groups = optionalAttrs (cfg.group == "mediatomb") (singleton { users.groups = optionalAttrs (cfg.group == "mediatomb") {
name = "mediatomb"; mediatomb.gid = gid;
gid = gid; };
});
users.users = optionalAttrs (cfg.user == "mediatomb") (singleton { users.users = optionalAttrs (cfg.user == "mediatomb") {
name = "mediatomb"; mediatomb = {
isSystemUser = true; isSystemUser = true;
group = cfg.group; group = cfg.group;
home = "${cfg.dataDir}"; home = "${cfg.dataDir}";
createHome = true; createHome = true;
description = "Mediatomb DLNA Server User"; description = "Mediatomb DLNA Server User";
}); };
};
networking.firewall = { networking.firewall = {
allowedUDPPorts = [ 1900 cfg.port ]; allowedUDPPorts = [ 1900 cfg.port ];

10
nixos/modules/services/misc/nix-daemon.nix
View File

@ -12,8 +12,9 @@ let
isNix23 = versionAtLeast nixVersion "2.3pre"; isNix23 = versionAtLeast nixVersion "2.3pre";
makeNixBuildUser = nr: makeNixBuildUser = nr: {
{ name = "nixbld${toString nr}"; name = "nixbld${toString nr}";
value = {
description = "Nix build user ${toString nr}"; description = "Nix build user ${toString nr}";
/* For consistency with the setgid(2), setuid(2), and setgroups(2) /* For consistency with the setgid(2), setuid(2), and setgroups(2)
@ -23,8 +24,9 @@ let
group = "nixbld"; group = "nixbld";
extraGroups = [ "nixbld" ]; extraGroups = [ "nixbld" ];
}; };
};
nixbldUsers = map makeNixBuildUser (range 1 cfg.nrBuildUsers); nixbldUsers = listToAttrs (map makeNixBuildUser (range 1 cfg.nrBuildUsers));
nixConf = nixConf =
assert versionAtLeast nixVersion "2.2"; assert versionAtLeast nixVersion "2.2";
@ -445,7 +447,7 @@ in
users.users = nixbldUsers; users.users = nixbldUsers;
services.xserver.displayManager.hiddenUsers = map ({ name, ... }: name) nixbldUsers; services.xserver.displayManager.hiddenUsers = attrNames nixbldUsers;
system.activationScripts.nix = stringAfter [ "etc" "users" ] system.activationScripts.nix = stringAfter [ "etc" "users" ]
'' ''

14
nixos/modules/services/misc/octoprint.nix
View File

@ -86,16 +86,16 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.users = optionalAttrs (cfg.user == "octoprint") (singleton users.users = optionalAttrs (cfg.user == "octoprint") {
{ name = "octoprint"; octoprint = {
group = cfg.group; group = cfg.group;
uid = config.ids.uids.octoprint; uid = config.ids.uids.octoprint;
}); };
};
users.groups = optionalAttrs (cfg.group == "octoprint") (singleton users.groups = optionalAttrs (cfg.group == "octoprint") {
{ name = "octoprint"; octoprint.gid = config.ids.gids.octoprint;
gid = config.ids.gids.octoprint; };
});
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
"d '${cfg.stateDir}' - ${cfg.user} ${cfg.group} - -" "d '${cfg.stateDir}' - ${cfg.user} ${cfg.group} - -"

14
nixos/modules/services/misc/redmine.nix
View File

@ -367,17 +367,17 @@ in
}; };
users.users = optionalAttrs (cfg.user == "redmine") (singleton users.users = optionalAttrs (cfg.user == "redmine") {
{ name = "redmine"; redmine = {
group = cfg.group; group = cfg.group;
home = cfg.stateDir; home = cfg.stateDir;
uid = config.ids.uids.redmine; uid = config.ids.uids.redmine;
}); };
};
users.groups = optionalAttrs (cfg.group == "redmine") (singleton users.groups = optionalAttrs (cfg.group == "redmine") {
{ name = "redmine"; redmine.gid = config.ids.gids.redmine;
gid = config.ids.gids.redmine; };
});
warnings = optional (cfg.database.password != "") warnings = optional (cfg.database.password != "")
''config.services.redmine.database.password will be stored as plaintext ''config.services.redmine.database.password will be stored as plaintext

5
nixos/modules/services/misc/ripple-data-api.nix
View File

@ -185,9 +185,8 @@ in {
]; ];
}; };
users.users = singleton users.users.ripple-data-api =
{ name = "ripple-data-api"; { description = "Ripple data api user";
description = "Ripple data api user";
uid = config.ids.uids.ripple-data-api; uid = config.ids.uids.ripple-data-api;
}; };
}; };

5
nixos/modules/services/misc/rippled.nix
View File

@ -406,9 +406,8 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.users = singleton users.users.rippled =
{ name = "rippled"; { description = "Ripple server user";
description = "Ripple server user";
uid = config.ids.uids.rippled; uid = config.ids.uids.rippled;
home = cfg.databasePath; home = cfg.databasePath;
createHome = true; createHome = true;

13
nixos/modules/services/misc/serviio.nix
View File

@ -63,20 +63,15 @@ in {
}; };
}; };
users.users = [ users.users.serviio =
{ { group = "serviio";
name = "serviio";
group = "serviio";
home = cfg.dataDir; home = cfg.dataDir;
description = "Serviio Media Server User"; description = "Serviio Media Server User";
createHome = true; createHome = true;
isSystemUser = true; isSystemUser = true;
} };
];
users.groups = [ users.groups.serviio = { };
{ name = "serviio";}
];
networking.firewall = { networking.firewall = {
allowedTCPPorts = [ allowedTCPPorts = [

24
nixos/modules/services/misc/sickbeard.nix
View File

@ -63,19 +63,19 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.users = optionalAttrs (cfg.user == name) (singleton { users.users = optionalAttrs (cfg.user == name) {
name = name; ${name} = {
uid = config.ids.uids.sickbeard; uid = config.ids.uids.sickbeard;
group = cfg.group; group = cfg.group;
description = "sickbeard user"; description = "sickbeard user";
home = cfg.dataDir; home = cfg.dataDir;
createHome = true; createHome = true;
}); };
};
users.groups = optionalAttrs (cfg.group == name) (singleton { users.groups = optionalAttrs (cfg.group == name) {
name = name; ${name}.gid = config.ids.gids.sickbeard;
gid = config.ids.gids.sickbeard; };
});
systemd.services.sickbeard = { systemd.services.sickbeard = {
description = "Sickbeard Server"; description = "Sickbeard Server";

3
nixos/modules/services/misc/siproxd.nix
View File

@ -161,8 +161,7 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.users = singleton { users.users.siproxyd = {
name = "siproxyd";
uid = config.ids.uids.siproxd; uid = config.ids.uids.siproxd;
}; };

16
nixos/modules/services/misc/taskserver/default.nix
View File

@ -368,16 +368,16 @@ in {
(mkIf cfg.enable { (mkIf cfg.enable {
environment.systemPackages = [ nixos-taskserver ]; environment.systemPackages = [ nixos-taskserver ];
users.users = optional (cfg.user == "taskd") { users.users = optionalAttrs (cfg.user == "taskd") {
name = "taskd"; taskd = {
uid = config.ids.uids.taskd; uid = config.ids.uids.taskd;
description = "Taskserver user"; description = "Taskserver user";
group = cfg.group; group = cfg.group;
};
}; };
users.groups = optional (cfg.group == "taskd") { users.groups = optionalAttrs (cfg.group == "taskd") {
name = "taskd"; taskd.gid = config.ids.gids.taskd;
gid = config.ids.gids.taskd;
}; };
services.taskserver.config = { services.taskserver.config = {

24
nixos/modules/services/misc/uhub.nix
View File

@ -41,31 +41,31 @@ in
enable = mkOption { enable = mkOption {
type = types.bool; type = types.bool;
default = false; default = false;
description = "Whether to enable the uhub ADC hub."; description = "Whether to enable the uhub ADC hub.";
}; };
port = mkOption { port = mkOption {
type = types.int; type = types.int;
default = 1511; default = 1511;
description = "TCP port to bind the hub to."; description = "TCP port to bind the hub to.";
}; };
address = mkOption { address = mkOption {
type = types.str; type = types.str;
default = "any"; default = "any";
description = "Address to bind the hub to."; description = "Address to bind the hub to.";
}; };
enableTLS = mkOption { enableTLS = mkOption {
type = types.bool; type = types.bool;
default = false; default = false;
description = "Whether to enable TLS support."; description = "Whether to enable TLS support.";
}; };
hubConfig = mkOption { hubConfig = mkOption {
type = types.lines; type = types.lines;
default = ""; default = "";
description = "Contents of uhub configuration file."; description = "Contents of uhub configuration file.";
}; };
aclConfig = mkOption { aclConfig = mkOption {
@ -77,11 +77,11 @@ in
plugins = { plugins = {
authSqlite = { authSqlite = {
enable = mkOption { enable = mkOption {
type = types.bool; type = types.bool;
default = false; default = false;
description = "Whether to enable the Sqlite authentication database plugin"; description = "Whether to enable the Sqlite authentication database plugin";
}; };
file = mkOption { file = mkOption {
type = types.path; type = types.path;
example = "/var/db/uhub-users"; example = "/var/db/uhub-users";
@ -161,14 +161,8 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
users = { users = {
users = singleton { users.uhub.uid = config.ids.uids.uhub;
name = "uhub"; groups.uhub.gid = config.ids.gids.uhub;
uid = config.ids.uids.uhub;
};
groups = singleton {
name = "uhub";
gid = config.ids.gids.uhub;
};
}; };
systemd.services.uhub = { systemd.services.uhub = {

3
nixos/modules/services/misc/zookeeper.nix
View File

@ -146,8 +146,7 @@ in {
''; '';
}; };
users.users = singleton { users.users.zookeeper = {
name = "zookeeper";
uid = config.ids.uids.zookeeper; uid = config.ids.uids.zookeeper;
description = "Zookeeper daemon user"; description = "Zookeeper daemon user";
home = cfg.dataDir; home = cfg.dataDir;

7
nixos/modules/services/monitoring/collectd.nix
View File

@ -129,9 +129,10 @@ in {
}; };
}; };
users.users = optional (cfg.user == "collectd") { users.users = optionalAttrs (cfg.user == "collectd") {
name = "collectd"; collectd = {
isSystemUser = true; isSystemUser = true;
};
}; };
}; };
} }

21
nixos/modules/services/monitoring/datadog-agent.nix
View File

@ -22,9 +22,9 @@ let
# Generate Datadog configuration files for each configured checks. # Generate Datadog configuration files for each configured checks.
# This works because check configurations have predictable paths, # This works because check configurations have predictable paths,
# and because JSON is a valid subset of YAML. # and because JSON is a valid subset of YAML.
makeCheckConfigs = entries: mapAttrsToList (name: conf: { makeCheckConfigs = entries: mapAttrs' (name: conf: {
source = pkgs.writeText "${name}-check-conf.yaml" (builtins.toJSON conf); name = "datadog-agent/conf.d/${name}.d/conf.yaml";
target = "datadog-agent/conf.d/${name}.d/conf.yaml"; value.source = pkgs.writeText "${name}-check-conf.yaml" (builtins.toJSON conf);
}) entries; }) entries;
defaultChecks = { defaultChecks = {
@ -34,10 +34,11 @@ let
# Assemble all check configurations and the top-level agent # Assemble all check configurations and the top-level agent
# configuration. # configuration.
etcfiles = with pkgs; with builtins; [{ etcfiles = with pkgs; with builtins;
source = writeText "datadog.yaml" (toJSON ddConf); { "datadog-agent/datadog.yaml" = {
target = "datadog-agent/datadog.yaml"; source = writeText "datadog.yaml" (toJSON ddConf);
}] ++ makeCheckConfigs (cfg.checks // defaultChecks); };
} // makeCheckConfigs (cfg.checks // defaultChecks);
# Apply the configured extraIntegrations to the provided agent # Apply the configured extraIntegrations to the provided agent
# package. See the documentation of `dd-agent/integrations-core.nix` # package. See the documentation of `dd-agent/integrations-core.nix`
@ -204,7 +205,7 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
environment.systemPackages = [ datadogPkg pkgs.sysstat pkgs.procps pkgs.iproute ]; environment.systemPackages = [ datadogPkg pkgs.sysstat pkgs.procps pkgs.iproute ];
users.extraUsers.datadog = { users.users.datadog = {
description = "Datadog Agent User"; description = "Datadog Agent User";
uid = config.ids.uids.datadog; uid = config.ids.uids.datadog;
group = "datadog"; group = "datadog";
@ -212,7 +213,7 @@ in {
createHome = true; createHome = true;
}; };
users.extraGroups.datadog.gid = config.ids.gids.datadog; users.groups.datadog.gid = config.ids.gids.datadog;
systemd.services = let systemd.services = let
makeService = attrs: recursiveUpdate { makeService = attrs: recursiveUpdate {
@ -224,7 +225,7 @@ in {
Restart = "always"; Restart = "always";
RestartSec = 2; RestartSec = 2;
}; };
restartTriggers = [ datadogPkg ] ++ map (etc: etc.source) etcfiles; restartTriggers = [ datadogPkg ] ++ attrNames etcfiles;
} attrs; } attrs;
in { in {
datadog-agent = makeService { datadog-agent = makeService {

60
nixos/modules/services/monitoring/dd-agent/dd-agent.nix
View File

@ -78,37 +78,35 @@ let
etcfiles = etcfiles =
let let
defaultConfd = import ./dd-agent-defaults.nix; defaultConfd = import ./dd-agent-defaults.nix;
in (map (f: { source = "${pkgs.dd-agent}/agent/conf.d-system/${f}"; in
target = "dd-agent/conf.d/${f}"; listToAttrs (map (f: {
}) defaultConfd) ++ [ name = "dd-agent/conf.d/${f}";
{ source = ddConf; value.source = "${pkgs.dd-agent}/agent/conf.d-system/${f}";
target = "dd-agent/datadog.conf"; }) defaultConfd) //
} {
{ source = diskConfig; "dd-agent/datadog.conf".source = ddConf;
target = "dd-agent/conf.d/disk.yaml"; "dd-agent/conf.d/disk.yaml".source = diskConfig;
} "dd-agent/conf.d/network.yaml".source = networkConfig;
{ source = networkConfig; } //
target = "dd-agent/conf.d/network.yaml"; (optionalAttrs (cfg.postgresqlConfig != null)
} ] ++ {
(optional (cfg.postgresqlConfig != null) "dd-agent/conf.d/postgres.yaml".source = postgresqlConfig;
{ source = postgresqlConfig; }) //
target = "dd-agent/conf.d/postgres.yaml"; (optionalAttrs (cfg.nginxConfig != null)
}) ++ {
(optional (cfg.nginxConfig != null) "dd-agent/conf.d/nginx.yaml".source = nginxConfig;
{ source = nginxConfig; }) //
target = "dd-agent/conf.d/nginx.yaml"; (optionalAttrs (cfg.mongoConfig != null)
}) ++ {
(optional (cfg.mongoConfig != null) "dd-agent/conf.d/mongo.yaml".source = mongoConfig;
{ source = mongoConfig; }) //
target = "dd-agent/conf.d/mongo.yaml"; (optionalAttrs (cfg.processConfig != null)
}) ++ {
(optional (cfg.processConfig != null) "dd-agent/conf.d/process.yaml".source = processConfig;
{ source = processConfig; }) //
target = "dd-agent/conf.d/process.yaml"; (optionalAttrs (cfg.jmxConfig != null)
}) ++ {
(optional (cfg.jmxConfig != null) "dd-agent/conf.d/jmx.yaml".source = jmxConfig;
{ source = jmxConfig;
target = "dd-agent/conf.d/jmx.yaml";
}); });
in { in {

3
nixos/modules/services/monitoring/fusion-inventory.nix
View File

@ -46,8 +46,7 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.users = singleton { users.users.fusion-inventory = {
name = "fusion-inventory";
description = "FusionInventory user"; description = "FusionInventory user";
isSystemUser = true; isSystemUser = true;
}; };

3
nixos/modules/services/monitoring/graphite.nix
View File

@ -632,8 +632,7 @@ in {
cfg.web.enable || cfg.api.enable || cfg.web.enable || cfg.api.enable ||
cfg.seyren.enable || cfg.pager.enable || cfg.beacon.enable cfg.seyren.enable || cfg.pager.enable || cfg.beacon.enable
) { ) {
users.users = singleton { users.users.graphite = {
name = "graphite";
uid = config.ids.uids.graphite; uid = config.ids.uids.graphite;
description = "Graphite daemon user"; description = "Graphite daemon user";
home = dataDir; home = dataDir;

3
nixos/modules/services/monitoring/heapster.nix
View File

@ -49,8 +49,7 @@ in {
}; };
}; };
users.users = singleton { users.users.heapsterrs = {
name = "heapster";
uid = config.ids.uids.heapster; uid = config.ids.uids.heapster;
description = "Heapster user"; description = "Heapster user";
}; };

10
nixos/modules/services/monitoring/munin.nix
View File

@ -317,18 +317,16 @@ in
environment.systemPackages = [ pkgs.munin ]; environment.systemPackages = [ pkgs.munin ];
users.users = [{ users.users.munin = {
name = "munin";
description = "Munin monitoring user"; description = "Munin monitoring user";
group = "munin"; group = "munin";
uid = config.ids.uids.munin; uid = config.ids.uids.munin;
home = "/var/lib/munin"; home = "/var/lib/munin";
}]; };
users.groups = [{ users.groups.munin = {
name = "munin";
gid = config.ids.gids.munin; gid = config.ids.gids.munin;
}]; };
}) (mkIf nodeCfg.enable { }) (mkIf nodeCfg.enable {

6
nixos/modules/services/monitoring/nagios.nix
View File

@ -184,11 +184,7 @@ in
# This isn't needed, it's just so that the user can type "nagiostats # This isn't needed, it's just so that the user can type "nagiostats
# -c /etc/nagios.cfg". # -c /etc/nagios.cfg".
environment.etc = [ environment.etc."nagios.cfg".source = nagiosCfgFile;
{ source = nagiosCfgFile;
target = "nagios.cfg";
}
];
environment.systemPackages = [ pkgs.nagios ]; environment.systemPackages = [ pkgs.nagios ];
systemd.services.nagios = { systemd.services.nagios = {

11
nixos/modules/services/monitoring/netdata.nix
View File

@ -179,13 +179,14 @@ in {
{ domain = "netdata"; type = "hard"; item = "nofile"; value = "30000"; } { domain = "netdata"; type = "hard"; item = "nofile"; value = "30000"; }
]; ];
users.users = optional (cfg.user == defaultUser) { users.users = optionalAttrs (cfg.user == defaultUser) {
name = defaultUser; ${defaultUser} = {
isSystemUser = true; isSystemUser = true;
};
}; };
users.groups = optional (cfg.group == defaultUser) { users.groups = optionalAttrs (cfg.group == defaultUser) {
name = defaultUser; ${defaultUser} = { };
}; };
}; };

3
nixos/modules/services/monitoring/statsd.nix
View File

@ -125,8 +125,7 @@ in
message = "Only builtin backends (graphite, console, repeater) or backends enumerated in `pkgs.nodePackages` are allowed!"; message = "Only builtin backends (graphite, console, repeater) or backends enumerated in `pkgs.nodePackages` are allowed!";
}) cfg.backends; }) cfg.backends;
users.users = singleton { users.use.statsdrs = {
name = "statsd";
uid = config.ids.uids.statsd; uid = config.ids.uids.statsd;
description = "Statsd daemon user"; description = "Statsd daemon user";
}; };

5
nixos/modules/services/monitoring/telegraf.nix
View File

@ -63,10 +63,9 @@ in {
}; };
}; };
users.users = [{ users.users.telegraf = {
name = "telegraf";
uid = config.ids.uids.telegraf; uid = config.ids.uids.telegraf;
description = "telegraf daemon user"; description = "telegraf daemon user";
}]; };
}; };
} }

43
nixos/modules/services/monitoring/ups.nix
View File

@ -214,14 +214,12 @@ in
environment.NUT_STATEPATH = "/var/lib/nut/"; environment.NUT_STATEPATH = "/var/lib/nut/";
}; };
environment.etc = [ environment.etc = {
{ source = pkgs.writeText "nut.conf" "nut/nut.conf".source = pkgs.writeText "nut.conf"
'' ''
MODE = ${cfg.mode} MODE = ${cfg.mode}
''; '';
target = "nut/nut.conf"; "nut/ups.conf".source = pkgs.writeText "ups.conf"
}
{ source = pkgs.writeText "ups.conf"
'' ''
maxstartdelay = ${toString cfg.maxStartDelay} maxstartdelay = ${toString cfg.maxStartDelay}
@ -229,25 +227,15 @@ in
"} "}
''; '';
target = "nut/ups.conf"; "nut/upssched.conf".source = cfg.schedulerRules;
}
{ source = cfg.schedulerRules;
target = "nut/upssched.conf";
}
# These file are containing private informations and thus should not # These file are containing private informations and thus should not
# be stored inside the Nix store. # be stored inside the Nix store.
/* /*
{ source = ; "nut/upsd.conf".source = "";
target = "nut/upsd.conf"; "nut/upsd.users".source = "";
} "nut/upsmon.conf".source = "";
{ source = ;
target = "nut/upsd.users";
}
{ source = ;
target = "nut/upsmon.conf;
}
*/ */
]; };
power.ups.schedulerRules = mkDefault "${pkgs.nut}/etc/upssched.conf.sample"; power.ups.schedulerRules = mkDefault "${pkgs.nut}/etc/upssched.conf.sample";
@ -259,21 +247,16 @@ in
/* /*
users.users = [ users.users.nut =
{ name = "nut"; { uid = 84;
uid = 84;
home = "/var/lib/nut"; home = "/var/lib/nut";
createHome = true; createHome = true;
group = "nut"; group = "nut";
description = "UPnP A/V Media Server user"; description = "UPnP A/V Media Server user";
} };
];
users.groups = [ users.groups."nut" =
{ name = "nut"; { gid = 84; };
gid = 84;
}
];
*/ */
}; };

7
nixos/modules/services/network-filesystems/ceph.nix
View File

@ -371,15 +371,14 @@ in
in in
generators.toINI {} totalConfig; generators.toINI {} totalConfig;
users.users = singleton { users.users.ceph = {
name = "ceph";
uid = config.ids.uids.ceph; uid = config.ids.uids.ceph;
description = "Ceph daemon user"; description = "Ceph daemon user";
group = "ceph"; group = "ceph";
extraGroups = [ "disk" ]; extraGroups = [ "disk" ];
}; };
users.groups = singleton {
name = "ceph"; users.groups.ceph = {
gid = config.ids.gids.ceph; gid = config.ids.gids.ceph;
}; };

23
nixos/modules/services/network-filesystems/davfs2.nix
View File

@ -57,18 +57,19 @@ in
environment.systemPackages = [ pkgs.davfs2 ]; environment.systemPackages = [ pkgs.davfs2 ];
environment.etc."davfs2/davfs2.conf".source = cfgFile; environment.etc."davfs2/davfs2.conf".source = cfgFile;
users.groups = optionalAttrs (cfg.davGroup == "davfs2") (singleton { users.groups = optionalAttrs (cfg.davGroup == "davfs2") {
name = "davfs2"; davfs2.gid = config.ids.gids.davfs2;
gid = config.ids.gids.davfs2; };
});
users.users = optionalAttrs (cfg.davUser == "davfs2") {
davfs2 = {
createHome = false;
group = cfg.davGroup;
uid = config.ids.uids.davfs2;
description = "davfs2 user";
};
};
users.users = optionalAttrs (cfg.davUser == "davfs2") (singleton {
name = "davfs2";
createHome = false;
group = cfg.davGroup;
uid = config.ids.uids.davfs2;
description = "davfs2 user";
});
}; };
} }

6
nixos/modules/services/network-filesystems/drbd.nix
View File

@ -47,10 +47,8 @@ let cfg = config.services.drbd; in
options drbd usermode_helper=/run/current-system/sw/bin/drbdadm options drbd usermode_helper=/run/current-system/sw/bin/drbdadm
''; '';
environment.etc = singleton environment.etc.drbd.conf =
{ source = pkgs.writeText "drbd.conf" cfg.config; { source = pkgs.writeText "drbd.conf" cfg.config; };
target = "drbd.conf";
};
systemd.services.drbd = { systemd.services.drbd = {
after = [ "systemd-udev.settle.service" "network.target" ]; after = [ "systemd-udev.settle.service" "network.target" ];

5
nixos/modules/services/networking/bind.nix
View File

@ -178,9 +178,8 @@ in
networking.resolvconf.useLocalResolver = mkDefault true; networking.resolvconf.useLocalResolver = mkDefault true;
users.users = singleton users.users.${bindUser} =
{ name = bindUser; { uid = config.ids.uids.bind;
uid = config.ids.uids.bind;
description = "BIND daemon user"; description = "BIND daemon user";
}; };

3
nixos/modules/services/networking/bitlbee.nix
View File

@ -161,8 +161,7 @@ in
config = mkMerge [ config = mkMerge [
(mkIf config.services.bitlbee.enable { (mkIf config.services.bitlbee.enable {
users.users = singleton { users.users.bitlbee = {
name = "bitlbee";
uid = bitlbeeUid; uid = bitlbeeUid;
description = "BitlBee user"; description = "BitlBee user";
home = "/var/lib/bitlbee"; home = "/var/lib/bitlbee";

6
nixos/modules/services/networking/charybdis.nix
View File

@ -71,15 +71,13 @@ in
config = mkIf cfg.enable (lib.mkMerge [ config = mkIf cfg.enable (lib.mkMerge [
{ {
users.users = singleton { users.users.${cfg.user} = {
name = cfg.user;
description = "Charybdis IRC daemon user"; description = "Charybdis IRC daemon user";
uid = config.ids.uids.ircd; uid = config.ids.uids.ircd;
group = cfg.group; group = cfg.group;
}; };
users.groups = singleton { users.groups.${cfg.group} = {
name = cfg.group;
gid = config.ids.gids.ircd; gid = config.ids.gids.ircd;
}; };

14
nixos/modules/services/networking/coturn.nix
View File

@ -294,16 +294,14 @@ in {
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.users = [ users.users.turnserver =
{ name = "turnserver"; { uid = config.ids.uids.turnserver;
uid = config.ids.uids.turnserver;
description = "coturn TURN server user"; description = "coturn TURN server user";
} ]; };
users.groups = [ users.groups.turnserver =
{ name = "turnserver"; { gid = config.ids.gids.turnserver;
gid = config.ids.gids.turnserver;
members = [ "turnserver" ]; members = [ "turnserver" ];
} ]; };
systemd.services.coturn = { systemd.services.coturn = {
description = "coturn TURN server"; description = "coturn TURN server";

6
nixos/modules/services/networking/dhcpcd.nix
View File

@ -185,11 +185,7 @@ in
environment.systemPackages = [ dhcpcd ]; environment.systemPackages = [ dhcpcd ];
environment.etc = environment.etc."dhcpcd.exit-hook".source = exitHook;
[ { source = exitHook;
target = "dhcpcd.exit-hook";
}
];
powerManagement.resumeCommands = mkIf config.systemd.services.dhcpcd.enable powerManagement.resumeCommands = mkIf config.systemd.services.dhcpcd.enable
'' ''

3
nixos/modules/services/networking/dnschain.nix
View File

@ -147,8 +147,7 @@ in
''; '';
}; };
users.users = singleton { users.users.${username} = {
name = username;
description = "DNSChain daemon user"; description = "DNSChain daemon user";
home = dataDir; home = dataDir;
createHome = true; createHome = true;

3
nixos/modules/services/networking/dnsmasq.nix
View File

@ -86,8 +86,7 @@ in
services.dbus.packages = [ dnsmasq ]; services.dbus.packages = [ dnsmasq ];
users.users = singleton { users.users.dnsmasq = {
name = "dnsmasq";
uid = config.ids.uids.dnsmasq; uid = config.ids.uids.dnsmasq;
description = "Dnsmasq daemon user"; description = "Dnsmasq daemon user";
}; };

14
nixos/modules/services/networking/ejabberd.nix
View File

@ -94,18 +94,18 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
environment.systemPackages = [ cfg.package ]; environment.systemPackages = [ cfg.package ];
users.users = optionalAttrs (cfg.user == "ejabberd") (singleton users.users = optionalAttrs (cfg.user == "ejabberd") {
{ name = "ejabberd"; ejabberd = {
group = cfg.group; group = cfg.group;
home = cfg.spoolDir; home = cfg.spoolDir;
createHome = true; createHome = true;
uid = config.ids.uids.ejabberd; uid = config.ids.uids.ejabberd;
}); };
};
users.groups = optionalAttrs (cfg.group == "ejabberd") (singleton users.groups = optionalAttrs (cfg.group == "ejabberd") {
{ name = "ejabberd"; ejabberd.gid = config.ids.gids.ejabberd;
gid = config.ids.gids.ejabberd; };
});
systemd.services.ejabberd = { systemd.services.ejabberd = {
description = "ejabberd server"; description = "ejabberd server";

5
nixos/modules/services/networking/gale.nix
View File

@ -104,14 +104,13 @@ in
systemPackages = [ pkgs.gale ]; systemPackages = [ pkgs.gale ];
}; };
users.users = [{ users.users.${cfg.user} = {
name = cfg.user;
description = "Gale daemon"; description = "Gale daemon";
uid = config.ids.uids.gale; uid = config.ids.uids.gale;
group = cfg.group; group = cfg.group;
home = home; home = home;
createHome = true; createHome = true;
}]; };
users.groups = [{ users.groups = [{
name = cfg.group; name = cfg.group;

12
nixos/modules/services/networking/git-daemon.nix
View File

@ -104,16 +104,16 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.users = if cfg.user != "git" then {} else singleton users.users = optionalAttrs (cfg.user != "git") {
{ name = "git"; git = {
uid = config.ids.uids.git; uid = config.ids.uids.git;
description = "Git daemon user"; description = "Git daemon user";
}; };
};
users.groups = if cfg.group != "git" then {} else singleton users.groups = optionalAttrs (cfg.group != "git") {
{ name = "git"; git.gid = config.ids.gids.git;
gid = config.ids.gids.git; };
};
systemd.services.git-daemon = { systemd.services.git-daemon = {
after = [ "network.target" ]; after = [ "network.target" ];

3
nixos/modules/services/networking/hans.nix
View File

@ -135,8 +135,7 @@ in
}; };
}; };
users.users = singleton { users.users.${hansUser} = {
name = hansUser;
description = "Hans daemon user"; description = "Hans daemon user";
isSystemUser = true; isSystemUser = true;
}; };

18
nixos/modules/services/networking/i2pd.nix
View File

@ -158,10 +158,10 @@ let
(sec "addressbook") (sec "addressbook")
(strOpt "defaulturl" cfg.addressbook.defaulturl) (strOpt "defaulturl" cfg.addressbook.defaulturl)
] ++ (optionalEmptyList "subscriptions" cfg.addressbook.subscriptions) ] ++ (optionalEmptyList "subscriptions" cfg.addressbook.subscriptions)
++ (flip map ++ (flip mapAttrs
(collect (proto: proto ? port && proto ? address && proto ? name) cfg.proto) (collect (name: proto: proto ? port && proto ? address && proto ? name) cfg.proto)
(proto: let protoOpts = [ (proto: let protoOpts = [
(sec proto.name) (sec name)
(boolOpt "enabled" proto.enable) (boolOpt "enabled" proto.enable)
(strOpt "address" proto.address) (strOpt "address" proto.address)
(intOpt "port" proto.port) (intOpt "port" proto.port)
@ -181,10 +181,10 @@ let
tunnelConf = let opts = [ tunnelConf = let opts = [
notice notice
(flip map (flip mapAttrs
(collect (tun: tun ? port && tun ? destination) cfg.outTunnels) (collect (name: tun: tun ? port && tun ? destination) cfg.outTunnels)
(tun: let outTunOpts = [ (tun: let outTunOpts = [
(sec tun.name) (sec name)
"type = client" "type = client"
(intOpt "port" tun.port) (intOpt "port" tun.port)
(strOpt "destination" tun.destination) (strOpt "destination" tun.destination)
@ -204,10 +204,10 @@ let
++ (if tun ? crypto.tagsToSend then ++ (if tun ? crypto.tagsToSend then
optionalNullInt "crypto.tagstosend" tun.crypto.tagsToSend else []); optionalNullInt "crypto.tagstosend" tun.crypto.tagsToSend else []);
in concatStringsSep "\n" outTunOpts)) in concatStringsSep "\n" outTunOpts))
(flip map (flip mapAttrs
(collect (tun: tun ? port && tun ? address) cfg.inTunnels) (collect (name: tun: tun ? port && tun ? address) cfg.inTunnels)
(tun: let inTunOpts = [ (tun: let inTunOpts = [
(sec tun.name) (sec name)
"type = server" "type = server"
(intOpt "port" tun.port) (intOpt "port" tun.port)
(strOpt "host" tun.address) (strOpt "host" tun.address)

3
nixos/modules/services/networking/iodine.nix
View File

@ -147,8 +147,7 @@ in
}; };
}; };
users.users = singleton { users.users.${iodinedUser} = {
name = iodinedUser;
uid = config.ids.uids.iodined; uid = config.ids.uids.iodined;
description = "Iodine daemon user"; description = "Iodine daemon user";
}; };

5
nixos/modules/services/networking/ircd-hybrid/default.nix
View File

@ -112,9 +112,8 @@ in
config = mkIf config.services.ircdHybrid.enable { config = mkIf config.services.ircdHybrid.enable {
users.users = singleton users.users.ircd =
{ name = "ircd"; { description = "IRCD owner";
description = "IRCD owner";
group = "ircd"; group = "ircd";
uid = config.ids.uids.ircd; uid = config.ids.uids.ircd;
}; };

Some files were not shown because too many files have changed in this diff Show More