Loading maintainers/maintainer-list.nix +5 −0 Original line number Diff line number Diff line Loading @@ -6147,6 +6147,11 @@ githubId = 1279939; name = "Daniel Beckwith"; }; dbeley = { github = "dbeley"; githubId = 6568955; name = "David Beley"; }; dbirks = { email = "david@birks.dev"; github = "dbirks"; Loading nixos/modules/services/misc/languagetool.nix +9 −4 Original line number Diff line number Diff line Loading @@ -55,8 +55,6 @@ in ''; }; jrePackage = lib.mkPackageOption pkgs "jre" { }; jvmOptions = lib.mkOption { description = '' Extra command line options for the JVM running languagetool. Loading @@ -70,8 +68,15 @@ in }; }; config = lib.mkIf cfg.enable { imports = [ (lib.mkRemovedOptionModule [ "services" "languagetool" "jrePackage" ] "The jre is now always taken from the package's jre attribute.") ]; config = lib.mkIf cfg.enable { systemd.services.languagetool = { description = "LanguageTool HTTP server"; wantedBy = [ "multi-user.target" ]; Loading @@ -89,7 +94,7 @@ in ProtectHome = "yes"; Restart = "on-failure"; ExecStart = '' ${cfg.jrePackage}/bin/java \ ${lib.getExe cfg.package.jre} \ -cp ${cfg.package}/share/languagetool-server.jar \ ${toString cfg.jvmOptions} \ org.languagetool.server.HTTPServer \ Loading nixos/modules/services/monitoring/prometheus/exporters.nix +1 −0 Original line number Diff line number Diff line Loading @@ -101,6 +101,7 @@ let "node-cert" "nut" "nvidia-gpu" "opnsense" "pgbouncer" "php-fpm" "pihole" Loading nixos/modules/services/monitoring/prometheus/exporters/opnsense.nix 0 → 100644 +117 −0 Original line number Diff line number Diff line { config, lib, pkgs, ... }: let cfg = config.services.prometheus.exporters.opnsense; inherit (lib) mkOption types optionalString concatStringsSep concatMapStringsSep ; in { port = 9144; extraOpts = { opnsenseServerAddress = mkOption { type = types.str; default = "192.168.1.1"; example = "192.168.100.254"; description = '' Opnsense IP address of the opnsense appliance. Defaults to 192.168.1.1 ''; }; opnsenseServerProtocol = mkOption { type = types.enum [ "http" "https" ]; default = "https"; example = "http"; description = '' Opnsense metrics scraper protocol to use. Defaults to https. ''; }; apiKeyFile = mkOption { type = types.nullOr types.path; description = '' File containing the api key. ''; }; apiSecretFile = mkOption { type = types.nullOr types.path; description = '' File containing the api secret. ''; }; user = mkOption { type = types.str; default = "opnsense"; description = '' User name under which the opensense exporter shall be run. ''; }; group = mkOption { type = types.str; default = "opnsense"; description = '' Group under which the opnsense exporter shall be run. ''; }; enabledExporter = mkOption { type = types.listOf types.str; default = [ ]; example = [ "disable-openvpn" ]; description = '' Collectors to enable or disable. All collectors are enabled by default. ''; }; disabledExporter = mkOption { type = types.listOf types.str; default = [ ]; example = [ "disable-openvpn" ]; description = '' Collectors to enable or disable. All collectors are enabled by default. ''; }; }; serviceOpts = { serviceConfig = { AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ]; CapabilityBoundingSet = [ "CAP_NET_BIND_SERVICE" ]; LoadCredential = [ "${optionalString (cfg.apiKeyFile != null) "opnsense.api-key=${cfg.apiKeyFile}"}" "${optionalString (cfg.apiSecretFile != null) "opnsense.api-secret=${cfg.apiSecretFile}"}" ]; MemoryDenyWriteExecute = true; NoNewPrivileges = true; ProtectClock = true; ProtectSystem = "strict"; Restart = "on-failure"; RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ]; RestrictNamespaces = true; RestrictRealtime = true; ExecStart = '' ${lib.getExe pkgs.prometheus-opnsense-exporter} \ ${concatMapStringsSep " " (x: "--exporter." + x) cfg.enabledExporter} \ ${concatMapStringsSep " " (x: "--no-exporter." + x) cfg.disabledExporter} \ --opnsense.address ${cfg.opnsenseServerAddress} \ --opnsense.protocol ${cfg.opnsenseServerProtocol} \ --web.listen-address ${cfg.listenAddress}:${toString cfg.port} \ ${concatStringsSep " " cfg.extraFlags} ''; }; }; } nixos/modules/services/x11/xserver.nix +1 −1 Original line number Diff line number Diff line Loading @@ -832,7 +832,7 @@ in # FIXME: somehow check for unknown driver names. services.xserver.drivers = flip concatMap cfg.videoDrivers ( name: lib.optional (videoDrivers ? name) ( lib.optional (videoDrivers ? ${name}) ( { inherit name; modules = [ ]; Loading Loading
maintainers/maintainer-list.nix +5 −0 Original line number Diff line number Diff line Loading @@ -6147,6 +6147,11 @@ githubId = 1279939; name = "Daniel Beckwith"; }; dbeley = { github = "dbeley"; githubId = 6568955; name = "David Beley"; }; dbirks = { email = "david@birks.dev"; github = "dbirks"; Loading
nixos/modules/services/misc/languagetool.nix +9 −4 Original line number Diff line number Diff line Loading @@ -55,8 +55,6 @@ in ''; }; jrePackage = lib.mkPackageOption pkgs "jre" { }; jvmOptions = lib.mkOption { description = '' Extra command line options for the JVM running languagetool. Loading @@ -70,8 +68,15 @@ in }; }; config = lib.mkIf cfg.enable { imports = [ (lib.mkRemovedOptionModule [ "services" "languagetool" "jrePackage" ] "The jre is now always taken from the package's jre attribute.") ]; config = lib.mkIf cfg.enable { systemd.services.languagetool = { description = "LanguageTool HTTP server"; wantedBy = [ "multi-user.target" ]; Loading @@ -89,7 +94,7 @@ in ProtectHome = "yes"; Restart = "on-failure"; ExecStart = '' ${cfg.jrePackage}/bin/java \ ${lib.getExe cfg.package.jre} \ -cp ${cfg.package}/share/languagetool-server.jar \ ${toString cfg.jvmOptions} \ org.languagetool.server.HTTPServer \ Loading
nixos/modules/services/monitoring/prometheus/exporters.nix +1 −0 Original line number Diff line number Diff line Loading @@ -101,6 +101,7 @@ let "node-cert" "nut" "nvidia-gpu" "opnsense" "pgbouncer" "php-fpm" "pihole" Loading
nixos/modules/services/monitoring/prometheus/exporters/opnsense.nix 0 → 100644 +117 −0 Original line number Diff line number Diff line { config, lib, pkgs, ... }: let cfg = config.services.prometheus.exporters.opnsense; inherit (lib) mkOption types optionalString concatStringsSep concatMapStringsSep ; in { port = 9144; extraOpts = { opnsenseServerAddress = mkOption { type = types.str; default = "192.168.1.1"; example = "192.168.100.254"; description = '' Opnsense IP address of the opnsense appliance. Defaults to 192.168.1.1 ''; }; opnsenseServerProtocol = mkOption { type = types.enum [ "http" "https" ]; default = "https"; example = "http"; description = '' Opnsense metrics scraper protocol to use. Defaults to https. ''; }; apiKeyFile = mkOption { type = types.nullOr types.path; description = '' File containing the api key. ''; }; apiSecretFile = mkOption { type = types.nullOr types.path; description = '' File containing the api secret. ''; }; user = mkOption { type = types.str; default = "opnsense"; description = '' User name under which the opensense exporter shall be run. ''; }; group = mkOption { type = types.str; default = "opnsense"; description = '' Group under which the opnsense exporter shall be run. ''; }; enabledExporter = mkOption { type = types.listOf types.str; default = [ ]; example = [ "disable-openvpn" ]; description = '' Collectors to enable or disable. All collectors are enabled by default. ''; }; disabledExporter = mkOption { type = types.listOf types.str; default = [ ]; example = [ "disable-openvpn" ]; description = '' Collectors to enable or disable. All collectors are enabled by default. ''; }; }; serviceOpts = { serviceConfig = { AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ]; CapabilityBoundingSet = [ "CAP_NET_BIND_SERVICE" ]; LoadCredential = [ "${optionalString (cfg.apiKeyFile != null) "opnsense.api-key=${cfg.apiKeyFile}"}" "${optionalString (cfg.apiSecretFile != null) "opnsense.api-secret=${cfg.apiSecretFile}"}" ]; MemoryDenyWriteExecute = true; NoNewPrivileges = true; ProtectClock = true; ProtectSystem = "strict"; Restart = "on-failure"; RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ]; RestrictNamespaces = true; RestrictRealtime = true; ExecStart = '' ${lib.getExe pkgs.prometheus-opnsense-exporter} \ ${concatMapStringsSep " " (x: "--exporter." + x) cfg.enabledExporter} \ ${concatMapStringsSep " " (x: "--no-exporter." + x) cfg.disabledExporter} \ --opnsense.address ${cfg.opnsenseServerAddress} \ --opnsense.protocol ${cfg.opnsenseServerProtocol} \ --web.listen-address ${cfg.listenAddress}:${toString cfg.port} \ ${concatStringsSep " " cfg.extraFlags} ''; }; }; }
nixos/modules/services/x11/xserver.nix +1 −1 Original line number Diff line number Diff line Loading @@ -832,7 +832,7 @@ in # FIXME: somehow check for unknown driver names. services.xserver.drivers = flip concatMap cfg.videoDrivers ( name: lib.optional (videoDrivers ? name) ( lib.optional (videoDrivers ? ${name}) ( { inherit name; modules = [ ]; Loading
![nixpkgs-ci[bot]'s avatar](https://secure.gravatar.com/avatar/21d9e4256a026824783d9069d7622ceb22d44398fd318ddfee596c72e5556369?s=48&d=identicon "nixpkgs-ci[bot]")