Merge master into staging-next (30b97b0e) · Commits · nix / nixpkgs

nixos/doc/manual/from_md/release-notes/rl-2305.section.xml

+22 −0

Original line number	Diff line number	Diff line
		@@ -37,6 +37,13 @@
		<link linkend="opt-programs.fzf.fuzzyCompletion">programs.fzf</link>.
		</para>
		</listitem>
		<listitem>
		<para>
		<link xlink:href="https://github.com/ellie/atuin">atuin</link>,
		a sync server for shell history. Available as
		<link linkend="opt-services.atuin.enable">services.atuin</link>.
		</para>
		</listitem>
		<listitem>
		<para>
		<link xlink:href="https://v2raya.org">v2rayA</link>, a Linux
		@@ -61,6 +68,14 @@
		instead.
		</para>
		</listitem>
		<listitem>
		<para>
		<literal>borgbackup</literal> module now has an option for
		inhibiting system sleep while backups are running, defaulting
		to off (not inhibiting sleep), available as
		<link linkend="opt-services.borgbackup.jobs._name_.inhibitsSleep"><literal>services.borgbackup.jobs.<name>.inhibitsSleep</literal></link>.
		</para>
		</listitem>
		<listitem>
		<para>
		The EC2 image module no longer fetches instance metadata in
		@@ -238,6 +253,13 @@
		<link xlink:href="https://search.nixos.org/packages?channel=unstable&show=utm&from=0&size=1&sort=relevance&type=packages&query=utm">package</link>.
		</para>
		</listitem>
		<listitem>
		<para>
		The new option <literal>users.motdFile</literal> allows
		configuring a Message Of The Day that can be updated
		dynamically.
		</para>
		</listitem>
		<listitem>
		<para>
		Resilio sync secret keys can now be provided using a secrets

nixos/doc/manual/release-notes/rl-2305.section.md

+6 −0

Original line number	Diff line number	Diff line
		@@ -18,6 +18,8 @@ In addition to numerous new and upgraded packages, this release has the followin

		- [fzf](https://github.com/junegunn/fzf), a command line fuzzyfinder. Available as [programs.fzf](#opt-programs.fzf.fuzzyCompletion).

		- [atuin](https://github.com/ellie/atuin), a sync server for shell history. Available as [services.atuin](#opt-services.atuin.enable).

		- [v2rayA](https://v2raya.org), a Linux web GUI client of Project V which supports V2Ray, Xray, SS, SSR, Trojan and Pingtunnel. Available as [services.v2raya](options.html#opt-services.v2raya.enable).

		## Backward Incompatibilities {#sec-release-23.05-incompatibilities}
		@@ -26,6 +28,8 @@ In addition to numerous new and upgraded packages, this release has the followin

		- `carnix` and `cratesIO` has been removed due to being unmaintained, use alternatives such as [naersk](https://github.com/nix-community/naersk) and [crate2nix](https://github.com/kolloch/crate2nix) instead.

		- `borgbackup` module now has an option for inhibiting system sleep while backups are running, defaulting to off (not inhibiting sleep), available as [`services.borgbackup.jobs.<name>.inhibitsSleep`](#opt-services.borgbackup.jobs._name_.inhibitsSleep).

		- The EC2 image module no longer fetches instance metadata in stage-1. This results in a significantly smaller initramfs, since network drivers no longer need to be included, and faster boots, since metadata fetching can happen in parallel with startup of other services.
		This breaks services which rely on metadata being present by the time stage-2 is entered. Anything which reads EC2 metadata from `/etc/ec2-metadata` should now have an `after` dependency on `fetch-ec2-metadata.service`

		@@ -70,6 +74,8 @@ In addition to numerous new and upgraded packages, this release has the followin

		- A new `virtualisation.rosetta` module was added to allow running `x86_64` binaries through [Rosetta](https://developer.apple.com/documentation/apple-silicon/about-the-rosetta-translation-environment) inside virtualised NixOS guests on Apple silicon. This feature works by default with the [UTM](https://docs.getutm.app/) virtualisation [package](https://search.nixos.org/packages?channel=unstable&show=utm&from=0&size=1&sort=relevance&type=packages&query=utm).

		- The new option `users.motdFile` allows configuring a Message Of The Day that can be updated dynamically.

		- Resilio sync secret keys can now be provided using a secrets file at runtime, preventing these secrets from ending up in the Nix store.

		- The `services.fwupd` module now allows arbitrary daemon settings to be configured in a structured manner ([`services.fwupd.daemonSettings`](#opt-services.fwupd.daemonSettings)).

nixos/modules/module-list.nix

+1 −0

Original line number	Diff line number	Diff line
		@@ -559,6 +559,7 @@
		./services/misc/airsonic.nix
		./services/misc/ankisyncd.nix
		./services/misc/apache-kafka.nix
		./services/misc/atuin.nix
		./services/misc/autofs.nix
		./services/misc/autorandr.nix
		./services/misc/bazarr.nix

nixos/modules/programs/streamdeck-ui.nix

+10 −4

Original line number	Diff line number	Diff line
		@@ -4,7 +4,8 @@ with lib;

		let
		cfg = config.programs.streamdeck-ui;
		in {
		in
		{
		options.programs.streamdeck-ui = {
		enable = mkEnableOption (lib.mdDoc "streamdeck-ui");

		@@ -13,15 +14,20 @@ in {
		type = types.bool;
		description = lib.mdDoc "Whether streamdeck-ui should be started automatically.";
		};

		package = mkPackageOption pkgs "streamdeck-ui" {
		default = [ "streamdeck-ui" ];
		};

		};

		config = mkIf cfg.enable {
		environment.systemPackages = with pkgs; [
		streamdeck-ui
		(mkIf cfg.autoStart (makeAutostartItem { name = "streamdeck-ui"; package = streamdeck-ui; }))
		cfg.package
		(mkIf cfg.autoStart (makeAutostartItem { name = "streamdeck-ui"; package = cfg.package; }))
		];

		services.udev.packages = with pkgs; [ streamdeck-ui ];
		services.udev.packages = [ cfg.package ];
		};

		meta.maintainers = with maintainers; [ majiir ];

nixos/modules/security/pam.nix

+18 −2

Original line number	Diff line number	Diff line
		@@ -694,7 +694,7 @@ let
		optionalString (cfg.limits != []) ''
		session required ${pkgs.pam}/lib/security/pam_limits.so conf=${makeLimitsConf cfg.limits}
		'' +
		optionalString (cfg.showMotd && config.users.motd != null) ''
		optionalString (cfg.showMotd && (config.users.motd != null \|\| config.users.motdFile != null)) ''
		session optional ${pkgs.pam}/lib/security/pam_motd.so motd=${motd}
		'' +
		optionalString (cfg.enableAppArmor && config.security.apparmor.enable) ''
		@@ -775,7 +775,9 @@ let
		};
		}));

		motd = pkgs.writeText "motd" config.users.motd;
		motd = if isNull config.users.motdFile
		then pkgs.writeText "motd" config.users.motd
		else config.users.motdFile;

		makePAMService = name: service:
		{ name = "pam.d/${name}";
		@@ -1199,12 +1201,26 @@ in
		description = lib.mdDoc "Message of the day shown to users when they log in.";
		};

		users.motdFile = mkOption {
		default = null;
		example = "/etc/motd";
		type = types.nullOr types.path;
		description = lib.mdDoc "A file containing the message of the day shown to users when they log in.";
		};
		};


		###### implementation

		config = {
		assertions = [
		{
		assertion = isNull config.users.motd \|\| isNull config.users.motdFile;
		message = ''
		Only one of users.motd and users.motdFile can be set.
		'';
		}
		];

		environment.systemPackages =
		# Include the PAM modules in the system path mostly for the manpages.

Admin message