Merge master into staging-next (2c3dde0b) · Commits · nix / nixpkgs

nixos/modules/hardware/hackrf.nix

+1 −0

Original line number	Diff line number	Diff line
		@@ -12,6 +12,7 @@ in
		description = ''
		Enables hackrf udev rules and ensures 'plugdev' group exists.
		This is a prerequisite to using HackRF devices without being root, since HackRF USB descriptors will be owned by plugdev through udev.
		Ensure your user is a member of the 'plugdev' group after enabling.
		'';
		};
		};

nixos/modules/programs/wayland/sway.nix

+3 −2

Original line number	Diff line number	Diff line
		@@ -85,9 +85,10 @@ in

		extraPackages = lib.mkOption {
		type = with lib.types; listOf package;
		default = with pkgs; [ swaylock swayidle foot dmenu wmenu ];
		# Packages used in default config
		default = with pkgs; [ brightnessctl foot grim pulseaudio swayidle swaylock wmenu ];
		defaultText = lib.literalExpression ''
		with pkgs; [ swaylock swayidle foot dmenu wmenu ];
		with pkgs; [ brightnessctl foot grim pulseaudio swayidle swaylock wmenu ];
		'';
		example = lib.literalExpression ''
		with pkgs; [ i3status i3status-rust termite rofi light ]

nixos/modules/programs/zsh/oh-my-zsh.nix

+1 −1

Original line number	Diff line number	Diff line
		@@ -93,7 +93,7 @@ in
		default = "";
		description = ''
		Shell commands executed before the `oh-my-zsh` is loaded.
		For example, to disable async git prompt write `zstyle ':omz:alpha:lib:git' async-prompt force` (more information https://github.com/ohmyzsh/ohmyzsh?tab=readme-ov-file#async-git-prompt)
		For example, to disable async git prompt write `zstyle ':omz:alpha:lib:git' async-prompt no` (more information https://github.com/ohmyzsh/ohmyzsh?tab=readme-ov-file#async-git-prompt)
		'';
		};
		};

nixos/modules/services/continuous-integration/hydra/default.nix

+7 −7

Original line number	Diff line number	Diff line
		@@ -330,12 +330,12 @@ in

		ln -sf ${hydraConf} ${baseDir}/hydra.conf

		mkdir -m 0700 -p ${baseDir}/www
		mkdir -m 0700 ${baseDir}/www \|\| true
		chown hydra-www:hydra ${baseDir}/www

		mkdir -m 0700 -p ${baseDir}/queue-runner
		mkdir -m 0750 -p ${baseDir}/build-logs
		mkdir -m 0750 -p ${baseDir}/runcommand-logs
		mkdir -m 0700 ${baseDir}/queue-runner \|\| true
		mkdir -m 0750 ${baseDir}/build-logs \|\| true
		mkdir -m 0750 ${baseDir}/runcommand-logs \|\| true
		chown hydra-queue-runner:hydra \
		${baseDir}/queue-runner \
		${baseDir}/build-logs \
		@@ -362,8 +362,8 @@ in

		# Move legacy hydra-www roots.
		if [ -e /nix/var/nix/gcroots/per-user/hydra-www/hydra-roots ]; then
		find /nix/var/nix/gcroots/per-user/hydra-www/hydra-roots/ -type f \
		\| xargs -r mv -f -t ${cfg.gcRootsDir}/
		find /nix/var/nix/gcroots/per-user/hydra-www/hydra-roots/ -type f -print0 \
		\| xargs -0 -r mv -f -t ${cfg.gcRootsDir}/
		rmdir /nix/var/nix/gcroots/per-user/hydra-www/hydra-roots
		fi

		@@ -520,7 +520,7 @@ in
		elif [[ $compression == zstd ]]; then
		compression="zstd --rm"
		fi
		find ${baseDir}/build-logs -type f -name "*.drv" -mtime +3 -size +0c \| xargs -r "$compression" --force --quiet
		find ${baseDir}/build-logs -type f -name "*.drv" -mtime +3 -size +0c -print0 \| xargs -0 -r "$compression" --force --quiet
		'';
		startAt = "Sun 01:45";
		serviceConfig.Slice = "system-hydra.slice";

nixos/modules/services/networking/murmur.nix

+38 −12

Original line number	Diff line number	Diff line
		@@ -6,7 +6,7 @@ let
		cfg = config.services.murmur;
		forking = cfg.logFile != null;
		configFile = pkgs.writeText "murmurd.ini" ''
		database=/var/lib/murmur/murmur.sqlite
		database=${cfg.stateDir}/murmur.sqlite
		dbDriver=QSQLITE

		autobanAttempts=${toString cfg.autobanAttempts}
		@@ -69,6 +69,32 @@ in
		'';
		};

		user = mkOption {
		type = types.str;
		default = "murmur";
		description = ''
		The name of an existing user to use to run the service.
		If not specified, the default user will be created.
		'';
		};

		group = mkOption {
		type = types.str;
		default = "murmur";
		description = ''
		The name of an existing group to use to run the service.
		If not specified, the default group will be created.
		'';
		};

		stateDir = mkOption {
		type = types.path;
		default = "/var/lib/murmur";
		description = ''
		Directory to store data for the server.
		'';
		};

		autobanAttempts = mkOption {
		type = types.int;
		default = 10;
		@@ -257,7 +283,7 @@ in
		environmentFile = mkOption {
		type = types.nullOr types.path;
		default = null;
		example = "/var/lib/murmur/murmurd.env";
		example = literalExpression ''"''${config.services.murmur.stateDir}/murmurd.env"'';
		description = ''
		Environment file as defined in {manpage}`systemd.exec(5)`.

		@@ -289,14 +315,14 @@ in
		};

		config = mkIf cfg.enable {
		users.users.murmur = {
		users.users.murmur = mkIf (cfg.user == "murmur") {
		description = "Murmur Service user";
		home = "/var/lib/murmur";
		home = cfg.stateDir;
		createHome = true;
		uid = config.ids.uids.murmur;
		group = "murmur";
		group = cfg.group;
		};
		users.groups.murmur = {
		users.groups.murmur = mkIf (cfg.group == "murmur") {
		gid = config.ids.gids.murmur;
		};

		@@ -324,8 +350,8 @@ in
		Restart = "always";
		RuntimeDirectory = "murmur";
		RuntimeDirectoryMode = "0700";
		User = "murmur";
		Group = "murmur";
		User = cfg.user;
		Group = cfg.group;

		# service hardening
		AmbientCapabilities = "CAP_NET_BIND_SERVICE";
		@@ -362,7 +388,7 @@ in
		"-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
		"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
		<busconfig>
		<policy user="murmur">
		<policy user="${cfg.user}">
		<allow own="net.sourceforge.mumble.murmur"/>
		</policy>

		@@ -387,9 +413,9 @@ in

		r ${config.environment.etc."os-release".source},
		r ${config.environment.etc."lsb-release".source},
		owner rwk /var/lib/murmur/murmur.sqlite,
		owner rw /var/lib/murmur/murmur.sqlite-journal,
		owner r /var/lib/murmur/,
		owner rwk ${cfg.stateDir}/murmur.sqlite,
		owner rw ${cfg.stateDir}/murmur.sqlite-journal,
		owner r ${cfg.stateDir}/,
		r /run/murmur/murmurd.pid,
		r /run/murmur/murmurd.ini,
		r ${configFile},