Skip to content

Commit

Permalink
Merge staging-next into staging
Browse files Browse the repository at this point in the history
  • Loading branch information
@github-actions
github-actions[bot] authored Oct 7, 2024
2 parents 80da1df + ab0e8e5 commit 7306ea4
Show file tree
Hide file tree
Showing 57 changed files with 826 additions and 2,057 deletions.
6 changes: 3 additions & 3 deletions lib/licenses.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -670,7 +670,7 @@ lib.mapAttrs mkLicense ({
# Intel's license, seems free
iasl = {
spdxId = "Intel-ACPI";
fullName = "iASL";
fullName = "Intel ACPI Software License Agreement";
url = "https://old.calculate-linux.org/packages/licenses/iASL";
};

Expand Down Expand Up @@ -889,7 +889,7 @@ lib.mapAttrs mkLicense ({
spdxId = "MIT";
fullName = "MIT License";
};
# https://spdx.org/licenses/MIT-feh.html

mit-feh = {
spdxId = "MIT-feh";
fullName = "feh License";
Expand Down Expand Up @@ -1097,7 +1097,7 @@ lib.mapAttrs mkLicense ({
};

purdueBsd = {
fullName = " Purdue BSD-Style License"; # also know as lsof license
fullName = "Purdue BSD-Style License"; # also known as lsof license
url = "https://enterprise.dejacode.com/licenses/public/purdue-bsd";
};

Expand Down
9 changes: 8 additions & 1 deletion maintainers/maintainer-list.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8832,6 +8832,13 @@
name = "Luna Perego";
keys = [ { fingerprint = "09E4 B981 9B93 5B0C 0B91 1274 0578 7332 9217 08FF"; } ];
};
hustlerone = {
email = "[email protected]";
matrix = "@hustlerone:matrix.org";
github = "hustlerone";
name = "Hustler One";
githubId = 167621692;
};
huyngo = {
email = "[email protected]";
github = "Huy-Ngo";
Expand Down Expand Up @@ -11192,7 +11199,7 @@
name = "kintrix";
};
kinzoku = {
email = "[email protected]";
email = "[email protected]";
github = "kinzoku-dev";
githubId = 140647311;
name = "Ayman Hamza";
Expand Down
2 changes: 2 additions & 0 deletions nixos/doc/manual/release-notes/rl-2411.section.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -468,6 +468,8 @@

- `programs.vim.defaultEditor` now only works if `programs.vim.enable` is enabled.

- `services.mautrix-meta` was updated to [0.4](https://github.com/mautrix/meta/releases/tag/v0.4.0). This release makes significant changes to the settings format. If you have custom settings you should migrate them to the new format. Unfortunately upstream provides little guidance for how to do this, but [the auto-migration code](https://github.com/mautrix/meta/blob/f5440b05aac125b4c95b1af85635a717cbc6dd0e/cmd/mautrix-meta/legacymigrate.go#L23) may serve as a useful reference. The NixOS module should warn you if you still have any old settings configured.

- The `indi-full` package no longer contains non-free drivers.
To get the old collection of drivers use `indi-full-nonfree` or create your own collection of drivers by overriding indi-with-drivers.
E.g.: `pkgs.indi-with-drivers.override {extraDrivers = with pkgs.indi-3rdparty; [indi-gphoto];}`
Expand Down
11 changes: 7 additions & 4 deletions nixos/modules/hardware/usb-storage.nix
View file
Original file line number Diff line number Diff line change
@@ -1,18 +1,21 @@
{ config, lib, pkgs, ... }:

{
options.hardware.usbStorage.manageStartStop = lib.mkOption {
options.hardware.usbStorage.manageShutdown = lib.mkOption {
type = lib.types.bool;
default = true;
default = false;
description = ''
Enable this option to gracefully spin-down external storage during shutdown.
If you suspect improper head parking after poweroff, install `smartmontools` and check
for the `Power-Off_Retract_Count` field for an increment.
'';
};

config = lib.mkIf config.hardware.usbStorage.manageStartStop {
config = lib.mkIf config.hardware.usbStorage.manageShutdown {
services.udev.extraRules = ''
ACTION=="add|change", SUBSYSTEM=="scsi_disk", DRIVERS=="usb-storage", ATTR{manage_system_start_stop}="1"
ACTION=="add|change", SUBSYSTEM=="scsi_disk", DRIVERS=="usb-storage|uas", ATTR{manage_shutdown}="1"
'';
};

imports = [(lib.mkRenamedOptionModule [ "hardware" "usbStorage" "manageStartStop" ] [ "hardware" "usbStorage" "manageShutdown" ])];
}
109 changes: 63 additions & 46 deletions nixos/modules/services/matrix/mautrix-meta.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,11 +69,6 @@ in {
appservice = {
id = "";

database = {
type = "sqlite3-fk-wal";
uri = "file:${fullDataDir config}/mautrix-meta.db?_txlock=immediate";
};

bot = {
username = "";
};
Expand All @@ -83,37 +78,43 @@ in {
address = "http://${config.settings.appservice.hostname}:${toString config.settings.appservice.port}";
};

meta = {
mode = "";
};

bridge = {
# Enable encryption by default to make the bridge more secure
encryption = {
allow = true;
default = true;
require = true;
permissions = {};
};

# Recommended options from mautrix documentation
# for additional security.
delete_keys = {
dont_store_outbound = true;
ratchet_on_decrypt = true;
delete_fully_used_on_decrypt = true;
delete_prev_on_new_session = true;
delete_on_device_delete = true;
periodically_delete_expired = true;
delete_outdated_inbound = true;
};
database = {
type = "sqlite3-fk-wal";
uri = "file:${fullDataDir config}/mautrix-meta.db?_txlock=immediate";
};

verification_levels = {
receive = "cross-signed-tofu";
send = "cross-signed-tofu";
share = "cross-signed-tofu";
};
# Enable encryption by default to make the bridge more secure
encryption = {
allow = true;
default = true;
require = true;

# Recommended options from mautrix documentation
# for additional security.
delete_keys = {
dont_store_outbound = true;
ratchet_on_decrypt = true;
delete_fully_used_on_decrypt = true;
delete_prev_on_new_session = true;
delete_on_device_delete = true;
periodically_delete_expired = true;
delete_outdated_inbound = true;
};

permissions = {};
# TODO: This effectively disables encryption. But this is the value provided when a <0.4 config is migrated. Changing it will corrupt the database.
# https://github.com/mautrix/meta/blob/f5440b05aac125b4c95b1af85635a717cbc6dd0e/cmd/mautrix-meta/legacymigrate.go#L24
# If you wish to encrypt the local database you should set this to an environment variable substitution and reset the bridge or somehow migrate the DB.
pickle_key = "mautrix.bridge.e2ee";

verification_levels = {
receive = "cross-signed-tofu";
send = "cross-signed-tofu";
share = "cross-signed-tofu";
};
};

logging = {
Expand All @@ -124,6 +125,10 @@ in {
time_format = " ";
};
};

network = {
mode = "";
};
};
defaultText = ''
{
Expand Down Expand Up @@ -261,7 +266,7 @@ in {
description = ''
Configuration of multiple `mautrix-meta` instances.
`services.mautrix-meta.instances.facebook` and `services.mautrix-meta.instances.instagram`
come preconfigured with meta.mode, appservice.id, bot username, display name and avatar.
come preconfigured with network.mode, appservice.id, bot username, display name and avatar.
'';

example = ''
Expand All @@ -283,7 +288,7 @@ in {
messenger = {
enable = true;
settings = {
meta.mode = "messenger";
network.mode = "messenger";
homeserver.domain = "example.com";
appservice = {
id = "messenger";
Expand Down Expand Up @@ -313,9 +318,9 @@ in {
'';
}
{
assertion = builtins.elem cfg.settings.meta.mode [ "facebook" "facebook-tor" "messenger" "instagram" ];
assertion = builtins.elem cfg.settings.network.mode [ "facebook" "facebook-tor" "messenger" "instagram" ];
message = ''
The option `services.mautrix-meta.instances.${name}.settings.meta.mode` has to be set
The option `services.mautrix-meta.instances.${name}.settings.network.mode` has to be set
to one of: facebook, facebook-tor, messenger, instagram.
This configures the mode of the bridge.
'';
Expand All @@ -338,6 +343,24 @@ in {
The option `services.mautrix-meta.instances.${name}.settings.appservice.bot.username` has to be set.
'';
}
{
assertion = !(cfg.settings ? bridge.disable_xma);
message = ''
The option `bridge.disable_xma` has been moved to `network.disable_xma_always`. Please [migrate your configuration](https://github.com/mautrix/meta/releases/tag/v0.4.0). You may wish to use [the auto-migration code](https://github.com/mautrix/meta/blob/f5440b05aac125b4c95b1af85635a717cbc6dd0e/cmd/mautrix-meta/legacymigrate.go#L23) for reference.
'';
}
{
assertion = !(cfg.settings ? bridge.displayname_template);
message = ''
The option `bridge.displayname_template` has been moved to `network.displayname_template`. Please [migrate your configuration](https://github.com/mautrix/meta/releases/tag/v0.4.0). You may wish to use [the auto-migration code](https://github.com/mautrix/meta/blob/f5440b05aac125b4c95b1af85635a717cbc6dd0e/cmd/mautrix-meta/legacymigrate.go#L23) for reference.
'';
}
{
assertion = !(cfg.settings ? meta);
message = ''
The options in `meta` have been moved to `network`. Please [migrate your configuration](https://github.com/mautrix/meta/releases/tag/v0.4.0). You may wish to use [the auto-migration code](https://github.com/mautrix/meta/blob/f5440b05aac125b4c95b1af85635a717cbc6dd0e/cmd/mautrix-meta/legacymigrate.go#L23) for reference.
'';
}
]) enabledInstances));

users.users = lib.mapAttrs' (name: cfg: lib.nameValuePair "mautrix-meta-${name}" {
Expand Down Expand Up @@ -518,11 +541,7 @@ in {
in {
instagram = {
settings = {
meta.mode = mkDefault "instagram";

bridge = {
username_template = mkDefault "instagram_{{.}}";
};
network.mode = mkDefault "instagram";

appservice = {
id = mkDefault "instagram";
Expand All @@ -532,16 +551,13 @@ in {
displayname = mkDefault "Instagram bridge bot";
avatar = mkDefault "mxc://maunium.net/JxjlbZUlCPULEeHZSwleUXQv";
};
username_template = mkDefault "instagram_{{.}}";
};
};
};
facebook = {
settings = {
meta.mode = mkDefault "facebook";

bridge = {
username_template = mkDefault "facebook_{{.}}";
};
network.mode = mkDefault "facebook";

appservice = {
id = mkDefault "facebook";
Expand All @@ -551,12 +567,13 @@ in {
displayname = mkDefault "Facebook bridge bot";
avatar = mkDefault "mxc://maunium.net/ygtkteZsXnGJLJHRchUwYWak";
};
username_template = mkDefault "facebook_{{.}}";
};
};
};
};
}
];

meta.maintainers = with lib.maintainers; [ rutherther ];
meta.maintainers = with lib.maintainers; [ ];
}
12 changes: 12 additions & 0 deletions nixos/modules/services/monitoring/scrutiny.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -177,6 +177,18 @@ in
SCRUTINY_WEB_DATABASE_LOCATION = "/var/lib/scrutiny/scrutiny.db";
SCRUTINY_WEB_SRC_FRONTEND_PATH = "${cfg.package}/share/scrutiny";
};
postStart = ''
for i in $(seq 300); do
if "${lib.getExe pkgs.curl}" --fail --silent --head "http://${cfg.settings.web.listen.host}:${toString cfg.settings.web.listen.port}" >/dev/null; then
echo "Scrutiny is ready (port is open)"
exit 0
fi
echo "Waiting for Scrutiny to open port..."
sleep 0.2
done
echo "Timeout waiting for Scrutiny to open port" >&2
exit 1
'';
serviceConfig = {
DynamicUser = true;
ExecStart = "${getExe cfg.package} start --config ${settingsFormat.generate "scrutiny.yaml" cfg.settings}";
Expand Down
Loading

0 comments on commit 7306ea4

Please sign in to comment.