Loading nixos/modules/security/pam.nix +29 −0 Original line number Diff line number Diff line Loading @@ -548,6 +548,9 @@ let (let yubi = config.security.pam.yubico; in optionalString cfg.yubicoAuth '' auth ${yubi.control} ${pkgs.yubico-pam}/lib/security/pam_yubico.so mode=${toString yubi.mode} ${optionalString (yubi.challengeResponsePath != null) "chalresp_path=${yubi.challengeResponsePath}"} ${optionalString (yubi.mode == "client") "id=${toString yubi.id}"} ${optionalString yubi.debug "debug"} '') + (let dp9ik = config.security.pam.dp9ik; in optionalString dp9ik.enable '' auth ${dp9ik.control} ${pkgs.pam_dp9ik}/lib/security/pam_p9.so ${dp9ik.authserver} '') + optionalString cfg.fprintAuth '' auth sufficient ${pkgs.fprintd}/lib/security/pam_fprintd.so '' + Loading Loading @@ -913,6 +916,32 @@ in security.pam.enableOTPW = mkEnableOption (lib.mdDoc "the OTPW (one-time password) PAM module"); security.pam.dp9ik = { enable = mkEnableOption ( lib.mdDoc '' the dp9ik pam module provided by tlsclient. If set, users can be authenticated against the 9front authentication server given in {option}`security.pam.dp9ik.authserver`. '' ); control = mkOption { default = "sufficient"; type = types.str; description = lib.mdDoc '' This option sets the pam "control" used for this module. ''; }; authserver = mkOption { default = null; type = with types; nullOr string; description = lib.mdDoc '' This controls the hostname for the 9front authentication server that users will be authenticated against. ''; }; }; security.pam.krb5 = { enable = mkOption { default = config.krb5.enable; Loading nixos/modules/services/network-filesystems/ceph.nix +17 −14 Original line number Diff line number Diff line Loading @@ -9,12 +9,12 @@ let expandCamelCase = replaceStrings upperChars (map (s: " ${s}") lowerChars); expandCamelCaseAttrs = mapAttrs' (name: value: nameValuePair (expandCamelCase name) value); makeServices = (daemonType: daemonIds: makeServices = daemonType: daemonIds: mkMerge (map (daemonId: { "ceph-${daemonType}-${daemonId}" = makeService daemonType daemonId cfg.global.clusterName pkgs.ceph; }) daemonIds)); { "ceph-${daemonType}-${daemonId}" = makeService daemonType daemonId cfg.global.clusterName cfg.${daemonType}.package; }) daemonIds); makeService = (daemonType: daemonId: clusterName: ceph: makeService = daemonType: daemonId: clusterName: ceph: let stateDirectory = "ceph/${if daemonType == "rgw" then "radosgw" else daemonType}/${clusterName}-${daemonId}"; in { enable = true; Loading Loading @@ -54,9 +54,9 @@ let } // optionalAttrs ( daemonType == "mon") { RestartSec = "10"; }; }); }; makeTarget = (daemonType: makeTarget = daemonType: { "ceph-${daemonType}" = { description = "Ceph target allowing to start/stop all ceph-${daemonType} services at once"; Loading @@ -65,8 +65,7 @@ let before = [ "ceph.target" ]; unitConfig.StopWhenUnneeded = true; }; } ); }; in { options.services.ceph = { Loading Loading @@ -211,6 +210,7 @@ in to the id part in ceph i.e. [ "name1" ] would result in mgr.name1 ''; }; package = mkPackageOptionMD pkgs "ceph" { }; extraConfig = mkOption { type = with types; attrsOf str; default = {}; Loading @@ -231,6 +231,7 @@ in to the id part in ceph i.e. [ "name1" ] would result in mon.name1 ''; }; package = mkPackageOptionMD pkgs "ceph" { }; extraConfig = mkOption { type = with types; attrsOf str; default = {}; Loading @@ -251,7 +252,7 @@ in to the id part in ceph i.e. [ "name1" ] would result in osd.name1 ''; }; package = mkPackageOptionMD pkgs "ceph" { }; extraConfig = mkOption { type = with types; attrsOf str; default = { Loading Loading @@ -279,6 +280,7 @@ in to the id part in ceph i.e. [ "name1" ] would result in mds.name1 ''; }; package = mkPackageOptionMD pkgs "ceph" { }; extraConfig = mkOption { type = with types; attrsOf str; default = {}; Loading @@ -290,6 +292,7 @@ in rgw = { enable = mkEnableOption (lib.mdDoc "Ceph RadosGW daemon"); package = mkPackageOptionMD pkgs "ceph" { }; daemons = mkOption { type = with types; listOf str; default = []; Loading Loading @@ -328,16 +331,16 @@ in { assertion = cfg.global.fsid != ""; message = "fsid has to be set to a valid uuid for the cluster to function"; } { assertion = cfg.mon.enable == true -> cfg.mon.daemons != []; { assertion = cfg.mon.enable -> cfg.mon.daemons != []; message = "have to set id of atleast one MON if you're going to enable Monitor"; } { assertion = cfg.mds.enable == true -> cfg.mds.daemons != []; { assertion = cfg.mds.enable -> cfg.mds.daemons != []; message = "have to set id of atleast one MDS if you're going to enable Metadata Service"; } { assertion = cfg.osd.enable == true -> cfg.osd.daemons != []; { assertion = cfg.osd.enable -> cfg.osd.daemons != []; message = "have to set id of atleast one OSD if you're going to enable OSD"; } { assertion = cfg.mgr.enable == true -> cfg.mgr.daemons != []; { assertion = cfg.mgr.enable -> cfg.mgr.daemons != []; message = "have to set id of atleast one MGR if you're going to enable MGR"; } ]; Loading pkgs/applications/editors/lapce/default.nix +2 −14 Original line number Diff line number Diff line Loading @@ -7,8 +7,6 @@ , pkg-config , perl , fontconfig , copyDesktopItems , makeDesktopItem , glib , gtk3 , openssl Loading Loading @@ -92,7 +90,6 @@ rustPlatform.buildRustPackage rec { cmake pkg-config perl copyDesktopItems wrapGAppsHook # FIX: No GSettings schemas are installed on the system gobject-introspection ]; Loading @@ -116,19 +113,10 @@ rustPlatform.buildRustPackage rec { ]; postInstall = '' install -Dm0644 $src/extra/images/logo.svg $out/share/icons/hicolor/scalable/apps/lapce.svg install -Dm0644 $src/extra/images/logo.svg $out/share/icons/hicolor/scalable/apps/dev.lapce.lapce.svg install -Dm0644 $src/extra/linux/dev.lapce.lapce.desktop $out/share/applications/lapce.desktop ''; desktopItems = [ (makeDesktopItem { name = "lapce"; exec = "lapce %F"; icon = "lapce"; desktopName = "Lapce"; comment = meta.description; genericName = "Code Editor"; categories = [ "Development" "Utility" "TextEditor" ]; }) ]; passthru.updateScript = nix-update-script { }; meta = with lib; { Loading pkgs/applications/graphics/pineapple-pictures/default.nix +2 −2 Original line number Diff line number Diff line Loading @@ -10,13 +10,13 @@ stdenv.mkDerivation rec { pname = "pineapple-pictures"; version = "0.7.0"; version = "0.7.1"; src = fetchFromGitHub { owner = "BLumia"; repo = "pineapple-pictures"; rev = version; hash = "sha256-fNme11zoQBoFz4qJxBWzA8qHPwwxirM9rxxT36tjiQs"; hash = "sha256-6peNZc+rrQrUFSrn1AK8lZsy4RQf9DwpmXY0McfEus8="; }; nativeBuildInputs = [ Loading pkgs/applications/misc/nwg-dock/default.nix +2 −2 Original line number Diff line number Diff line Loading @@ -8,13 +8,13 @@ buildGoModule rec { pname = "nwg-dock"; version = "0.3.4"; version = "0.3.5"; src = fetchFromGitHub { owner = "nwg-piotr"; repo = pname; rev = "v${version}"; sha256 = "sha256-4cyhE9CJz/4omvzucLuTR4QLQnd5iVANCG/BI6Sdhq8="; sha256 = "sha256-kLvVP+hwv8Xgvp1YqrXZ2xpEcU92yvNMT5YCcDcg7xQ="; }; vendorHash = "sha256-WDygnKdldZda4GadfStHWsDel1KLdzjVjw0RxmnFPRE="; Loading Loading
nixos/modules/security/pam.nix +29 −0 Original line number Diff line number Diff line Loading @@ -548,6 +548,9 @@ let (let yubi = config.security.pam.yubico; in optionalString cfg.yubicoAuth '' auth ${yubi.control} ${pkgs.yubico-pam}/lib/security/pam_yubico.so mode=${toString yubi.mode} ${optionalString (yubi.challengeResponsePath != null) "chalresp_path=${yubi.challengeResponsePath}"} ${optionalString (yubi.mode == "client") "id=${toString yubi.id}"} ${optionalString yubi.debug "debug"} '') + (let dp9ik = config.security.pam.dp9ik; in optionalString dp9ik.enable '' auth ${dp9ik.control} ${pkgs.pam_dp9ik}/lib/security/pam_p9.so ${dp9ik.authserver} '') + optionalString cfg.fprintAuth '' auth sufficient ${pkgs.fprintd}/lib/security/pam_fprintd.so '' + Loading Loading @@ -913,6 +916,32 @@ in security.pam.enableOTPW = mkEnableOption (lib.mdDoc "the OTPW (one-time password) PAM module"); security.pam.dp9ik = { enable = mkEnableOption ( lib.mdDoc '' the dp9ik pam module provided by tlsclient. If set, users can be authenticated against the 9front authentication server given in {option}`security.pam.dp9ik.authserver`. '' ); control = mkOption { default = "sufficient"; type = types.str; description = lib.mdDoc '' This option sets the pam "control" used for this module. ''; }; authserver = mkOption { default = null; type = with types; nullOr string; description = lib.mdDoc '' This controls the hostname for the 9front authentication server that users will be authenticated against. ''; }; }; security.pam.krb5 = { enable = mkOption { default = config.krb5.enable; Loading
nixos/modules/services/network-filesystems/ceph.nix +17 −14 Original line number Diff line number Diff line Loading @@ -9,12 +9,12 @@ let expandCamelCase = replaceStrings upperChars (map (s: " ${s}") lowerChars); expandCamelCaseAttrs = mapAttrs' (name: value: nameValuePair (expandCamelCase name) value); makeServices = (daemonType: daemonIds: makeServices = daemonType: daemonIds: mkMerge (map (daemonId: { "ceph-${daemonType}-${daemonId}" = makeService daemonType daemonId cfg.global.clusterName pkgs.ceph; }) daemonIds)); { "ceph-${daemonType}-${daemonId}" = makeService daemonType daemonId cfg.global.clusterName cfg.${daemonType}.package; }) daemonIds); makeService = (daemonType: daemonId: clusterName: ceph: makeService = daemonType: daemonId: clusterName: ceph: let stateDirectory = "ceph/${if daemonType == "rgw" then "radosgw" else daemonType}/${clusterName}-${daemonId}"; in { enable = true; Loading Loading @@ -54,9 +54,9 @@ let } // optionalAttrs ( daemonType == "mon") { RestartSec = "10"; }; }); }; makeTarget = (daemonType: makeTarget = daemonType: { "ceph-${daemonType}" = { description = "Ceph target allowing to start/stop all ceph-${daemonType} services at once"; Loading @@ -65,8 +65,7 @@ let before = [ "ceph.target" ]; unitConfig.StopWhenUnneeded = true; }; } ); }; in { options.services.ceph = { Loading Loading @@ -211,6 +210,7 @@ in to the id part in ceph i.e. [ "name1" ] would result in mgr.name1 ''; }; package = mkPackageOptionMD pkgs "ceph" { }; extraConfig = mkOption { type = with types; attrsOf str; default = {}; Loading @@ -231,6 +231,7 @@ in to the id part in ceph i.e. [ "name1" ] would result in mon.name1 ''; }; package = mkPackageOptionMD pkgs "ceph" { }; extraConfig = mkOption { type = with types; attrsOf str; default = {}; Loading @@ -251,7 +252,7 @@ in to the id part in ceph i.e. [ "name1" ] would result in osd.name1 ''; }; package = mkPackageOptionMD pkgs "ceph" { }; extraConfig = mkOption { type = with types; attrsOf str; default = { Loading Loading @@ -279,6 +280,7 @@ in to the id part in ceph i.e. [ "name1" ] would result in mds.name1 ''; }; package = mkPackageOptionMD pkgs "ceph" { }; extraConfig = mkOption { type = with types; attrsOf str; default = {}; Loading @@ -290,6 +292,7 @@ in rgw = { enable = mkEnableOption (lib.mdDoc "Ceph RadosGW daemon"); package = mkPackageOptionMD pkgs "ceph" { }; daemons = mkOption { type = with types; listOf str; default = []; Loading Loading @@ -328,16 +331,16 @@ in { assertion = cfg.global.fsid != ""; message = "fsid has to be set to a valid uuid for the cluster to function"; } { assertion = cfg.mon.enable == true -> cfg.mon.daemons != []; { assertion = cfg.mon.enable -> cfg.mon.daemons != []; message = "have to set id of atleast one MON if you're going to enable Monitor"; } { assertion = cfg.mds.enable == true -> cfg.mds.daemons != []; { assertion = cfg.mds.enable -> cfg.mds.daemons != []; message = "have to set id of atleast one MDS if you're going to enable Metadata Service"; } { assertion = cfg.osd.enable == true -> cfg.osd.daemons != []; { assertion = cfg.osd.enable -> cfg.osd.daemons != []; message = "have to set id of atleast one OSD if you're going to enable OSD"; } { assertion = cfg.mgr.enable == true -> cfg.mgr.daemons != []; { assertion = cfg.mgr.enable -> cfg.mgr.daemons != []; message = "have to set id of atleast one MGR if you're going to enable MGR"; } ]; Loading
pkgs/applications/editors/lapce/default.nix +2 −14 Original line number Diff line number Diff line Loading @@ -7,8 +7,6 @@ , pkg-config , perl , fontconfig , copyDesktopItems , makeDesktopItem , glib , gtk3 , openssl Loading Loading @@ -92,7 +90,6 @@ rustPlatform.buildRustPackage rec { cmake pkg-config perl copyDesktopItems wrapGAppsHook # FIX: No GSettings schemas are installed on the system gobject-introspection ]; Loading @@ -116,19 +113,10 @@ rustPlatform.buildRustPackage rec { ]; postInstall = '' install -Dm0644 $src/extra/images/logo.svg $out/share/icons/hicolor/scalable/apps/lapce.svg install -Dm0644 $src/extra/images/logo.svg $out/share/icons/hicolor/scalable/apps/dev.lapce.lapce.svg install -Dm0644 $src/extra/linux/dev.lapce.lapce.desktop $out/share/applications/lapce.desktop ''; desktopItems = [ (makeDesktopItem { name = "lapce"; exec = "lapce %F"; icon = "lapce"; desktopName = "Lapce"; comment = meta.description; genericName = "Code Editor"; categories = [ "Development" "Utility" "TextEditor" ]; }) ]; passthru.updateScript = nix-update-script { }; meta = with lib; { Loading
pkgs/applications/graphics/pineapple-pictures/default.nix +2 −2 Original line number Diff line number Diff line Loading @@ -10,13 +10,13 @@ stdenv.mkDerivation rec { pname = "pineapple-pictures"; version = "0.7.0"; version = "0.7.1"; src = fetchFromGitHub { owner = "BLumia"; repo = "pineapple-pictures"; rev = version; hash = "sha256-fNme11zoQBoFz4qJxBWzA8qHPwwxirM9rxxT36tjiQs"; hash = "sha256-6peNZc+rrQrUFSrn1AK8lZsy4RQf9DwpmXY0McfEus8="; }; nativeBuildInputs = [ Loading
pkgs/applications/misc/nwg-dock/default.nix +2 −2 Original line number Diff line number Diff line Loading @@ -8,13 +8,13 @@ buildGoModule rec { pname = "nwg-dock"; version = "0.3.4"; version = "0.3.5"; src = fetchFromGitHub { owner = "nwg-piotr"; repo = pname; rev = "v${version}"; sha256 = "sha256-4cyhE9CJz/4omvzucLuTR4QLQnd5iVANCG/BI6Sdhq8="; sha256 = "sha256-kLvVP+hwv8Xgvp1YqrXZ2xpEcU92yvNMT5YCcDcg7xQ="; }; vendorHash = "sha256-WDygnKdldZda4GadfStHWsDel1KLdzjVjw0RxmnFPRE="; Loading
![github-actions[bot]'s avatar](https://secure.gravatar.com/avatar/e7cd911927c7d1acf6281b69d385990d8fadcd26871048bbcdbff2e88da7f607?s=48&d=identicon "github-actions[bot]")