Merge master into staging-next (ae736c73) · Commits · nix / nixpkgs

.github/CODEOWNERS

+1 −8

Original line number	Diff line number	Diff line
		@@ -41,7 +41,7 @@
		/pkgs/top-level/splice.nix @Ericson2314
		/pkgs/top-level/release-cross.nix @Ericson2314
		/pkgs/stdenv/generic @Ericson2314
		/pkgs/stdenv/generic/check-meta.nix @Ericson2314 @piegamesde
		/pkgs/stdenv/generic/check-meta.nix @Ericson2314
		/pkgs/stdenv/cross @Ericson2314
		/pkgs/build-support/cc-wrapper @Ericson2314
		/pkgs/build-support/bintools-wrapper @Ericson2314
		@@ -305,13 +305,6 @@ nixos/modules/services/networking/networkmanager.nix @Janik-Haag
		# terraform providers
		/pkgs/applications/networking/cluster/terraform-providers @zowoq

		# Matrix
		/pkgs/servers/heisenbridge @piegamesde
		/pkgs/servers/matrix-conduit @piegamesde
		/nixos/modules/services/misc/heisenbridge.nix @piegamesde
		/nixos/modules/services/misc/matrix-conduit.nix @piegamesde
		/nixos/tests/matrix-conduit.nix @piegamesde

		# Forgejo
		nixos/modules/services/misc/forgejo.nix @bendlas @emilylange
		pkgs/applications/version-management/forgejo @bendlas @emilylange

maintainers/maintainer-list.nix

+6 −0

Original line number	Diff line number	Diff line
		@@ -9070,6 +9070,12 @@
		githubId = 6789916;
		name = "Jason Odoom";
		};
		javaes = {
		email = "jan+dev@vanesdonk.de";
		github = "javaes";
		githubId = 1131529;
		name = "Jan van Esdonk";
		};
		javaguirre = {
		email = "contacto@javaguirre.net";
		github = "javaguirre";

nixos/doc/manual/release-notes/rl-2405.section.md

+2 −0

Original line number	Diff line number	Diff line
		@@ -380,6 +380,8 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m

		- `halloy` package was updated past 2024.5 which introduced a breaking change by switching the config format from YAML to TOML. See https://github.com/squidowl/halloy/releases/tag/2024.5 for details.

		- The `wpaperd` package has a breaking change moving to 1.0.1, previous version 0.3.0 had 2 different configuration files, one for wpaperd and one for the wallpapers. Remove the former and move the latter (`wallpaper.toml`) to `config.toml`.

		- Ada packages (libraries and tools) have been moved into the `gnatPackages` scope. `gnatPackages` uses the default GNAT compiler, `gnat12Packages` and `gnat13Packages` use the respective matching compiler version.

		- Paths provided as `restartTriggers` and `reloadTriggers` for systemd units will now be copied into the nix store to make the behavior consistent.

nixos/modules/services/home-automation/ebusd.nix

+46 −113

Original line number	Diff line number	Diff line
		@@ -4,41 +4,6 @@ with lib;

		let
		cfg = config.services.ebusd;

		package = pkgs.ebusd;

		arguments = [
		"${package}/bin/ebusd"
		"--foreground"
		"--updatecheck=off"
		"--device=${cfg.device}"
		"--port=${toString cfg.port}"
		"--configpath=${cfg.configpath}"
		"--scanconfig=${cfg.scanconfig}"
		"--log=all:${cfg.logs.all}"
		"--log=main:${cfg.logs.main}"
		"--log=network:${cfg.logs.network}"
		"--log=bus:${cfg.logs.bus}"
		"--log=update:${cfg.logs.update}"
		"--log=other:${cfg.logs.other}"
		] ++ lib.optionals cfg.readonly [
		"--readonly"
		] ++ lib.optionals cfg.mqtt.enable [
		"--mqtthost=${cfg.mqtt.host}"
		"--mqttport=${toString cfg.mqtt.port}"
		"--mqttuser=${cfg.mqtt.user}"
		"--mqttpass=${cfg.mqtt.password}"
		] ++ lib.optionals cfg.mqtt.home-assistant [
		"--mqttint=${package}/etc/ebusd/mqtt-hassio.cfg"
		"--mqttjson"
		] ++ lib.optionals cfg.mqtt.retain [
		"--mqttretain"
		] ++ cfg.extraArguments;

		usesDev = hasPrefix "/" cfg.device;

		command = concatStringsSep " " arguments;

		in
		{
		meta.maintainers = with maintainers; [ nathan-gs ];
		@@ -46,6 +11,8 @@ in
		options.services.ebusd = {
		enable = mkEnableOption "ebusd, a daemon for communication with eBUS heating systems";

		package = mkPackageOptionMD pkgs "ebusd" { };

		device = mkOption {
		type = types.str;
		default = "";
		@@ -57,7 +24,8 @@ in
		ens:DEVICE for enhanced high speed serial device (only adapter v3 and newer with firmware since 20220731),
		DEVICE for serial device (normal speed, for all other serial adapters like adapter v2 as well as adapter v3 in non-enhanced mode), or
		[udp:]IP:PORT for network device.
		https://github.com/john30/ebusd/wiki/2.-Run#device-options

		Source: <https://github.com/john30/ebusd/wiki/2.-Run#device-options>
		'';
		};

		@@ -81,7 +49,7 @@ in
		type = types.str;
		default = "https://cfg.ebusd.eu/";
		description = ''
		Read CSV config files from PATH (local folder or HTTPS URL) [https://cfg.ebusd.eu/]
		Directory to read CSV config files from. This can be a local folder or a URL.
		'';
		};

		@@ -95,65 +63,21 @@ in
		'';
		};

		logs = {
		main = mkOption {
		type = types.enum [ "none" "error" "notice" "info" "debug"];
		default = "info";
		description = ''
		Only write log for matching AREAs (main\|network\|bus\|update\|other\|all) below or equal to LEVEL (none\|error\|notice\|info\|debug) [all:notice].
		'';
		};

		network = mkOption {
		type = types.enum [ "none" "error" "notice" "info" "debug"];
		default = "info";
		description = ''
		Only write log for matching AREAs (main\|network\|bus\|update\|other\|all) below or equal to LEVEL (none\|error\|notice\|info\|debug) [all:notice].
		'';
		};

		bus = mkOption {
		type = types.enum [ "none" "error" "notice" "info" "debug"];
		default = "info";
		logs = let
		# "all" must come first so it can be overridden by more specific areas
		areas = [ "all" "main" "network" "bus" "update" "other" ];
		levels = [ "none" "error" "notice" "info" "debug" ];
		in listToAttrs (map (area: nameValuePair area (mkOption {
		type = types.enum levels;
		default = "notice";
		example = "debug";
		description = ''
		Only write log for matching AREAs (main\|network\|bus\|update\|other\|all) below or equal to LEVEL (none\|error\|notice\|info\|debug) [all:notice].
		Only write log for matching `AREA`s (${concatStringsSep "\|" areas}) below or equal to `LEVEL` (${concatStringsSep "\|" levels})
		'';
		};

		update = mkOption {
		type = types.enum [ "none" "error" "notice" "info" "debug"];
		default = "info";
		description = ''
		Only write log for matching AREAs (main\|network\|bus\|update\|other\|all) below or equal to LEVEL (none\|error\|notice\|info\|debug) [all:notice].
		'';
		};

		other = mkOption {
		type = types.enum [ "none" "error" "notice" "info" "debug"];
		default = "info";
		description = ''
		Only write log for matching AREAs (main\|network\|bus\|update\|other\|all) below or equal to LEVEL (none\|error\|notice\|info\|debug) [all:notice].
		'';
		};

		all = mkOption {
		type = types.enum [ "none" "error" "notice" "info" "debug"];
		default = "info";
		description = ''
		Only write log for matching AREAs (main\|network\|bus\|update\|other\|all) below or equal to LEVEL (none\|error\|notice\|info\|debug) [all:notice].
		'';
		};
		};
		})) areas);

		mqtt = {

		enable = mkOption {
		type = types.bool;
		default = false;
		description = ''
		Adds support for MQTT
		'';
		};
		enable = mkEnableOption "support for MQTT";

		host = mkOption {
		type = types.str;
		@@ -179,13 +103,7 @@ in
		'';
		};

		retain = mkOption {
		type = types.bool;
		default = false;
		description = ''
		Set the retain flag on all topics instead of only selected global ones
		'';
		};
		retain = mkEnableOption "set the retain flag on all topics instead of only selected global ones";

		user = mkOption {
		type = types.str;
		@@ -200,7 +118,6 @@ in
		The MQTT password.
		'';
		};

		};

		extraArguments = mkOption {
		@@ -210,25 +127,44 @@ in
		Extra arguments to the ebus daemon
		'';
		};

		};

		config = mkIf (cfg.enable) {

		config = let
		usesDev = hasPrefix "/" cfg.device;
		in mkIf cfg.enable {
		systemd.services.ebusd = {
		description = "EBUSd Service";
		wantedBy = [ "multi-user.target" ];
		after = [ "network.target" ];
		serviceConfig = {
		ExecStart = command;
		ExecStart = let
		args = cli.toGNUCommandLineShell { } (foldr (a: b: a // b) { } [
		{
		inherit (cfg) device port configpath scanconfig readonly;
		foreground = true;
		updatecheck = "off";
		log = mapAttrsToList (name: value: "${name}:${value}") cfg.logs;
		mqttretain = cfg.mqtt.retain;
		}
		(optionalAttrs cfg.mqtt.enable {
		mqtthost = cfg.mqtt.host;
		mqttport = cfg.mqtt.port;
		mqttuser = cfg.mqtt.user;
		mqttpass = cfg.mqtt.password;
		})
		(optionalAttrs cfg.mqtt.home-assistant {
		mqttint = "${cfg.package}/etc/ebusd/mqtt-hassio.cfg";
		mqttjson = true;
		})
		]);
		in "${cfg.package}/bin/ebusd ${args} ${escapeShellArgs cfg.extraArguments}";

		DynamicUser = true;
		Restart = "on-failure";

		# Hardening
		CapabilityBoundingSet = "";
		DeviceAllow = lib.optionals usesDev [
		cfg.device
		] ;
		DeviceAllow = optionals usesDev [ cfg.device ];
		DevicePolicy = "closed";
		LockPersonality = true;
		MemoryDenyWriteExecute = false;
		@@ -254,9 +190,7 @@ in
		RestrictNamespaces = true;
		RestrictRealtime = true;
		RestrictSUIDSGID = true;
		SupplementaryGroups = [
		"dialout"
		];
		SupplementaryGroups = [ "dialout" ];
		SystemCallArchitectures = "native";
		SystemCallFilter = [
		"@system-service @pkey"
		@@ -265,6 +199,5 @@ in
		UMask = "0077";
		};
		};

		};
		}

nixos/modules/services/logging/promtail.nix

+4 −0

Original line number	Diff line number	Diff line
		@@ -41,6 +41,10 @@ in {
		wantedBy = [ "multi-user.target" ];
		stopIfChanged = false;

		preStart = ''
		${lib.getExe pkgs.promtail} -config.file=${prettyJSON cfg.configuration} -check-syntax
		'';

		serviceConfig = {
		Restart = "on-failure";
		TimeoutStopSec = 10;