Merge master into staging-next (cc5ae613) · Commits · nix / nixpkgs

doc/languages-frameworks/dhall.section.md

+6 −5

Original line number	Diff line number	Diff line
		@@ -303,11 +303,8 @@ You can use the `dhall-to-nixpkgs` command-line utility to automate
		packaging Dhall code. For example:

		```ShellSession
		$ nix-env --install --attr haskellPackages.dhall-nixpkgs

		$ nix-env --install --attr nix-prefetch-git # Used by dhall-to-nixpkgs

		$ dhall-to-nixpkgs github https://github.com/Gabriella439/dhall-semver.git
		$ nix-shell -p haskellPackages.dhall-nixpkgs nix-prefetch-git
		[nix-shell]$ dhall-to-nixpkgs github https://github.com/Gabriella439/dhall-semver.git
		{ buildDhallGitHubPackage, Prelude }:
		buildDhallGitHubPackage {
		name = "dhall-semver";
		@@ -325,6 +322,10 @@ $ dhall-to-nixpkgs github https://github.com/Gabriella439/dhall-semver.git
		}
		```

		:::{.note}
		`nix-prefetch-git` has to be in `$PATH` for `dhall-to-nixpkgs` to work.
		:::

		The utility takes care of automatically detecting remote imports and converting
		them to package dependencies. You can also use the utility on local
		Dhall directories, too:

maintainers/maintainer-list.nix

+10 −0

Original line number	Diff line number	Diff line
		@@ -4558,6 +4558,16 @@
		fingerprint = "4749 0887 CF3B 85A1 6355 C671 78C7 DD40 DF23 FB16";
		}];
		};
		dpc = {
		email = "dpc@dpc.pw";
		github = "dpc";
		githubId = 9209;
		matrix = "@dpc:matrix.org";
		name = "Dawid Ciężarkiewicz";
		keys = [{
		fingerprint = "0402 11D2 0830 2D71 5792 8197 86BB 1D5B 5575 7D38";
		}];
		};
		DPDmancul = {
		name = "Davide Peressoni";
		email = "davide.peressoni@tuta.io";

nixos/modules/services/networking/unifi.nix

+6 −2

Original line number	Diff line number	Diff line
		@@ -5,6 +5,10 @@ let
		stateDir = "/var/lib/unifi";
		cmd = ''
		@${cfg.jrePackage}/bin/java java \
		${optionalString (lib.versionAtLeast (lib.getVersion cfg.jrePackage) "16")
		"--add-opens java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.time=ALL-UNNAMED "
		+ "--add-opens java.base/sun.security.util=ALL-UNNAMED --add-opens java.base/java.io=ALL-UNNAMED "
		+ "--add-opens java.rmi/sun.rmi.transport=ALL-UNNAMED"} \
		${optionalString (cfg.initialJavaHeapSize != null) "-Xms${(toString cfg.initialJavaHeapSize)}m"} \
		${optionalString (cfg.maximumJavaHeapSize != null) "-Xmx${(toString cfg.maximumJavaHeapSize)}m"} \
		-jar ${stateDir}/lib/ace.jar
		@@ -24,8 +28,8 @@ in

		services.unifi.jrePackage = mkOption {
		type = types.package;
		default = if (lib.versionAtLeast (lib.getVersion cfg.unifiPackage) "7.3") then pkgs.jdk11 else pkgs.jre8;
		defaultText = literalExpression ''if (lib.versionAtLeast (lib.getVersion cfg.unifiPackage) "7.3" then pkgs.jdk11 else pkgs.jre8'';
		default = if (lib.versionAtLeast (lib.getVersion cfg.unifiPackage) "7.5") then pkgs.jdk17_headless else if (lib.versionAtLeast (lib.getVersion cfg.unifiPackage) "7.3") then pkgs.jdk11 else pkgs.jre8;
		defaultText = literalExpression ''if (lib.versionAtLeast (lib.getVersion cfg.unifiPackage) "7.5") then pkgs.jdk17_headless else if (lib.versionAtLeast (lib.getVersion cfg.unifiPackage) "7.3" then pkgs.jdk11 else pkgs.jre8'';
		description = lib.mdDoc ''
		The JRE package to use. Check the release notes to ensure it is supported.
		'';

nixos/modules/services/security/usbguard.nix

+15 −6

Original line number	Diff line number	Diff line
		@@ -7,10 +7,8 @@ let
		# valid policy options
		policy = (types.enum [ "allow" "block" "reject" "keep" "apply-policy" ]);

		defaultRuleFile = "/var/lib/usbguard/rules.conf";

		# decide what file to use for rules
		ruleFile = if cfg.rules != null then pkgs.writeText "usbguard-rules" cfg.rules else defaultRuleFile;
		ruleFile = if cfg.rules != null then pkgs.writeText "usbguard-rules" cfg.rules else cfg.ruleFile;

		daemonConf = ''
		# generated by nixos/modules/services/security/usbguard.nix
		@@ -51,6 +49,19 @@ in
		'';
		};

		ruleFile = mkOption {
		type = types.nullOr types.path;
		default = /var/lib/usbguard/rules.conf;
		example = /run/secrets/usbguard-rules;
		description = lib.mdDoc ''
		This tells the USBGuard daemon which file to load as policy rule set.

		The file can be changed manually or via the IPC interface assuming it has the right file permissions.

		For more details see {manpage}`usbguard-rules.conf(5)`.
		'';

		};
		rules = mkOption {
		type = types.nullOr types.lines;
		default = null;
		@@ -63,8 +74,7 @@ in
		be changed by the IPC interface.

		If you do not set this option, the USBGuard daemon will load
		it's policy rule set from `${defaultRuleFile}`.
		This file can be changed manually or via the IPC interface.
		it's policy rule set from the option configured in `services.usbguard.ruleFile`.

		Running `usbguard generate-policy` as root will
		generate a config for your currently plugged in devices.
		@@ -248,7 +258,6 @@ in
		'';
		};
		imports = [
		(mkRemovedOptionModule [ "services" "usbguard" "ruleFile" ] "The usbguard module now uses ${defaultRuleFile} as ruleFile. Alternatively, use services.usbguard.rules to configure rules.")
		(mkRemovedOptionModule [ "services" "usbguard" "IPCAccessControlFiles" ] "The usbguard module now hardcodes IPCAccessControlFiles to /var/lib/usbguard/IPCAccessControl.d.")
		(mkRemovedOptionModule [ "services" "usbguard" "auditFilePath" ] "Removed usbguard module audit log files. Audit logs can be found in the systemd journal.")
		(mkRenamedOptionModule [ "services" "usbguard" "implictPolicyTarget" ] [ "services" "usbguard" "implicitPolicyTarget" ])

nixos/modules/services/web-apps/honk.nix

+1 −1

Original line number	Diff line number	Diff line
		@@ -116,7 +116,7 @@ in
		unitConfig = {
		ConditionPathExists = [
		# Skip this service if the database already exists
		"!$STATE_DIRECTORY/honk.db"
		"!%S/honk/honk.db"
		];
		};
		};

Admin message