Loading nixos/modules/security/apparmor.nix +4 −6 Original line number Diff line number Diff line { options, config, lib, pkgs, Loading @@ -10,11 +11,6 @@ let cfg = config.security.apparmor; enabledPolicies = lib.filterAttrs (n: p: p.state != "disable") cfg.policies; buildPolicyPath = n: p: lib.defaultTo (pkgs.writeText n p.profile) p.path; # Accessing submodule options when not defined results in an error thunk rather than a regular option object # We can emulate the behavior of `<option>.isDefined` by attempting to evaluate it instead # This is required because getting isDefined on a submodule is not possible in global module asserts. submoduleOptionIsDefined = value: (builtins.tryEval value).success; in { Loading Loading @@ -130,7 +126,9 @@ in # which does not recurse into sub-directories. } { assertion = lib.xor (policyCfg.path != null) (submoduleOptionIsDefined policyCfg.profile); assertion = lib.xor (policyCfg.path != null) options.security.apparmor.policies.valueMeta.attrs.${policyName}.configuration.options.profile.isDefined; message = "`security.apparmor.policies.\"${policyName}\"` must define exactly one of either path or profile."; } ]) cfg.policies Loading nixos/modules/services/torrent/transmission.nix +29 −10 Original line number Diff line number Diff line Loading @@ -19,6 +19,8 @@ let optionalString optional mkDefault mkOptionDefault versionOlder escapeShellArgs optionalAttrs mkMerge Loading Loading @@ -176,17 +178,12 @@ in }; umask = mkOption { type = types.either types.int types.str; default = if cfg.package == pkgs.transmission_3 then 18 else "022"; defaultText = literalExpression "if cfg.package == pkgs.transmission_3 then 18 else \"022\""; default = "022"; description = '' Sets transmission's file mode creation mask. See the {manpage}`umask(2)` manpage for more information. Users who want their saved torrents to be world-writable may want to set this value to 0/`"000"`. Keep in mind, that if you are using Transmission 3, this has to be passed as a base 10 integer, whereas Transmission 4 takes an octal number in a string instead. ''; }; utp-enabled = mkOption { Loading Loading @@ -222,9 +219,18 @@ in }; }; package = mkPackageOption pkgs "transmission" { default = "transmission_3"; package = mkPackageOption pkgs "transmission" { default = "transmission_4"; example = "pkgs.transmission_4"; } // { defaultText = '' if lib.versionAtLeast config.system.stateVersion "25.11" then pkgs.transmission_4 else «error message» ''; }; downloadDirPermissions = mkOption { Loading Loading @@ -331,6 +337,19 @@ in }; config = mkIf cfg.enable { services.transmission.package = mkIf (versionOlder config.system.stateVersion "25.11") ( mkOptionDefault (throw '' `services.transmission.package` previously defaulted to `pkgs.transmission_3`, which has been removed in favour of `pkgs.transmission_4`. Please set `services.transmission.package` to `pkgs.transmission_4` explicitly. Note that upgrade caused data loss for some users so backup is recommended (see NixOS 24.11 release notes for details) '') ); # Note that using systemd.tmpfiles would not work here # because it would fail when creating a directory # with a different owner than its parent directory, by saying: Loading nixos/tests/all-tests.nix +1 −2 Original line number Diff line number Diff line Loading @@ -1544,8 +1544,7 @@ in traefik = runTestOn [ "aarch64-linux" "x86_64-linux" ] ./traefik.nix; trafficserver = runTest ./trafficserver.nix; transfer-sh = runTest ./transfer-sh.nix; transmission_3 = handleTest ./transmission.nix { transmission = pkgs.transmission_3; }; transmission_4 = handleTest ./transmission.nix { transmission = pkgs.transmission_4; }; transmission_4 = handleTest ./transmission.nix { }; trezord = runTest ./trezord.nix; trickster = runTest ./trickster.nix; trilium-server = runTestOn [ "x86_64-linux" ] ./trilium-server.nix; Loading nixos/tests/bittorrent.nix +3 −4 Original line number Diff line number Diff line Loading @@ -6,12 +6,12 @@ # which only works if the first client successfully uses the UPnP-IGD # protocol to poke a hole in the NAT. { pkgs, ... }: { lib, hostPkgs, ... }: let # Some random file to serve. file = pkgs.hello.src; file = hostPkgs.hello.src; internalRouterAddress = "192.168.3.1"; internalClient1Address = "192.168.3.2"; Loading @@ -23,7 +23,6 @@ let transmissionConfig = { pkgs, ... }: { environment.systemPackages = [ pkgs.transmission_3 ]; services.transmission = { enable = true; settings = { Loading @@ -37,7 +36,7 @@ in { name = "bittorrent"; meta = with pkgs.lib.maintainers; { meta = with lib.maintainers; { maintainers = [ rob bobvanderlinden Loading nixos/tests/transmission.nix +1 −2 Original line number Diff line number Diff line import ./make-test-python.nix ( { pkgs, transmission, ... }: { pkgs, ... }: { name = "transmission"; meta = with pkgs.lib.maintainers; { Loading @@ -16,7 +16,6 @@ import ./make-test-python.nix ( security.apparmor.enable = true; services.transmission.enable = true; services.transmission.package = transmission; }; testScript = '' Loading Loading
nixos/modules/security/apparmor.nix +4 −6 Original line number Diff line number Diff line { options, config, lib, pkgs, Loading @@ -10,11 +11,6 @@ let cfg = config.security.apparmor; enabledPolicies = lib.filterAttrs (n: p: p.state != "disable") cfg.policies; buildPolicyPath = n: p: lib.defaultTo (pkgs.writeText n p.profile) p.path; # Accessing submodule options when not defined results in an error thunk rather than a regular option object # We can emulate the behavior of `<option>.isDefined` by attempting to evaluate it instead # This is required because getting isDefined on a submodule is not possible in global module asserts. submoduleOptionIsDefined = value: (builtins.tryEval value).success; in { Loading Loading @@ -130,7 +126,9 @@ in # which does not recurse into sub-directories. } { assertion = lib.xor (policyCfg.path != null) (submoduleOptionIsDefined policyCfg.profile); assertion = lib.xor (policyCfg.path != null) options.security.apparmor.policies.valueMeta.attrs.${policyName}.configuration.options.profile.isDefined; message = "`security.apparmor.policies.\"${policyName}\"` must define exactly one of either path or profile."; } ]) cfg.policies Loading
nixos/modules/services/torrent/transmission.nix +29 −10 Original line number Diff line number Diff line Loading @@ -19,6 +19,8 @@ let optionalString optional mkDefault mkOptionDefault versionOlder escapeShellArgs optionalAttrs mkMerge Loading Loading @@ -176,17 +178,12 @@ in }; umask = mkOption { type = types.either types.int types.str; default = if cfg.package == pkgs.transmission_3 then 18 else "022"; defaultText = literalExpression "if cfg.package == pkgs.transmission_3 then 18 else \"022\""; default = "022"; description = '' Sets transmission's file mode creation mask. See the {manpage}`umask(2)` manpage for more information. Users who want their saved torrents to be world-writable may want to set this value to 0/`"000"`. Keep in mind, that if you are using Transmission 3, this has to be passed as a base 10 integer, whereas Transmission 4 takes an octal number in a string instead. ''; }; utp-enabled = mkOption { Loading Loading @@ -222,9 +219,18 @@ in }; }; package = mkPackageOption pkgs "transmission" { default = "transmission_3"; package = mkPackageOption pkgs "transmission" { default = "transmission_4"; example = "pkgs.transmission_4"; } // { defaultText = '' if lib.versionAtLeast config.system.stateVersion "25.11" then pkgs.transmission_4 else «error message» ''; }; downloadDirPermissions = mkOption { Loading Loading @@ -331,6 +337,19 @@ in }; config = mkIf cfg.enable { services.transmission.package = mkIf (versionOlder config.system.stateVersion "25.11") ( mkOptionDefault (throw '' `services.transmission.package` previously defaulted to `pkgs.transmission_3`, which has been removed in favour of `pkgs.transmission_4`. Please set `services.transmission.package` to `pkgs.transmission_4` explicitly. Note that upgrade caused data loss for some users so backup is recommended (see NixOS 24.11 release notes for details) '') ); # Note that using systemd.tmpfiles would not work here # because it would fail when creating a directory # with a different owner than its parent directory, by saying: Loading
nixos/tests/all-tests.nix +1 −2 Original line number Diff line number Diff line Loading @@ -1544,8 +1544,7 @@ in traefik = runTestOn [ "aarch64-linux" "x86_64-linux" ] ./traefik.nix; trafficserver = runTest ./trafficserver.nix; transfer-sh = runTest ./transfer-sh.nix; transmission_3 = handleTest ./transmission.nix { transmission = pkgs.transmission_3; }; transmission_4 = handleTest ./transmission.nix { transmission = pkgs.transmission_4; }; transmission_4 = handleTest ./transmission.nix { }; trezord = runTest ./trezord.nix; trickster = runTest ./trickster.nix; trilium-server = runTestOn [ "x86_64-linux" ] ./trilium-server.nix; Loading
nixos/tests/bittorrent.nix +3 −4 Original line number Diff line number Diff line Loading @@ -6,12 +6,12 @@ # which only works if the first client successfully uses the UPnP-IGD # protocol to poke a hole in the NAT. { pkgs, ... }: { lib, hostPkgs, ... }: let # Some random file to serve. file = pkgs.hello.src; file = hostPkgs.hello.src; internalRouterAddress = "192.168.3.1"; internalClient1Address = "192.168.3.2"; Loading @@ -23,7 +23,6 @@ let transmissionConfig = { pkgs, ... }: { environment.systemPackages = [ pkgs.transmission_3 ]; services.transmission = { enable = true; settings = { Loading @@ -37,7 +36,7 @@ in { name = "bittorrent"; meta = with pkgs.lib.maintainers; { meta = with lib.maintainers; { maintainers = [ rob bobvanderlinden Loading
nixos/tests/transmission.nix +1 −2 Original line number Diff line number Diff line import ./make-test-python.nix ( { pkgs, transmission, ... }: { pkgs, ... }: { name = "transmission"; meta = with pkgs.lib.maintainers; { Loading @@ -16,7 +16,6 @@ import ./make-test-python.nix ( security.apparmor.enable = true; services.transmission.enable = true; services.transmission.package = transmission; }; testScript = '' Loading
