Merge staging-next into staging

.github/labeler.yml

@@ -210,6 +210,7 @@
     - changed-files:
       - any-glob-to-any-file:
         - nixos/**/*
+        - pkgs/by-name/sw/switch-to-configuration-ng/**/*
         - pkgs/os-specific/linux/nixos-rebuild/**/*
 
 "6.topic: nim":

doc/languages-frameworks/haskell.section.md

@@ -191,6 +191,10 @@ and `version` from Hackage.
 `sha256`
 : Hash to use for the default case of `src`.
 
+`sourceRoot`, `setSourceRoot`
+: Passed to `stdenv.mkDerivation`; see [“Variables controlling the unpack
+phase”](#variables-controlling-the-unpack-phase).
+
 `revision`
 : Revision number of the updated cabal file to fetch from Hackage.
 If `null` (which is the default value), the one included in `src` is used.

lib/licenses.nix

@@ -1295,6 +1295,15 @@ lib.mapAttrs mkLicense ({
   watcom = {
     spdxId = "Watcom-1.0";
     fullName = "Sybase Open Watcom Public License 1.0";
+    # Despite being OSI‐approved, this licence is not considered FOSS
+    # by Debian, Fedora, or the FSF, due to an onerous restriction that
+    # requires publication of even privately‐deployed modifications.
+    # This violates the FSF’s freedom 3 and Debian’s “desert island
+    # test” and “dissident test”.
+    #
+    # See: <https://en.wikipedia.org/wiki/Sybase_Open_Watcom_Public_License>
+    free = false;
+    redistributable = true;
   };
 
   w3c = {

maintainers/maintainer-list.nix

@@ -16150,6 +16150,12 @@
     githubId = 1538622;
     name = "Michael Reilly";
   };
+  ondt = {
+    name = "Ondrej Telka";
+    email = "[email protected]";
+    github = "ondt";
+    githubId = 20520951;
+  };
   onedragon = {
     name = "YiLong Liu";
     email = "[email protected]";

nixos/modules/programs/openvpn3.nix

@@ -1,43 +1,108 @@
 { config, lib, pkgs, ... }:
 
 let
+  json = pkgs.formats.json { };
   cfg = config.programs.openvpn3;
-in
-{
+
+  inherit (lib) mkEnableOption mkPackageOption mkOption literalExpression max options lists;
+  inherit (lib.types) bool submodule ints;
+in {
   options.programs.openvpn3 = {
-    enable = lib.mkEnableOption "the openvpn3 client";
-    package = lib.mkOption {
-      type = lib.types.package;
-      default = pkgs.openvpn3.override {
-        enableSystemdResolved = config.services.resolved.enable;
+    enable = mkEnableOption "the openvpn3 client";
+    package = mkPackageOption pkgs "openvpn3" { };
+    netcfg = mkOption {
+      description = "Network configuration";
+      default = { };
+      type = submodule {
+        options = {
+          settings = mkOption {
+            description = "Options stored in {file}`/etc/openvpn3/netcfg.json` configuration file";
+            default = { };
+            type = submodule {
+              freeformType = json.type;
+              options = {
+                systemd_resolved = mkOption {
+                  type = bool;
+                  description = "Whether to use systemd-resolved integration";
+                  default = config.services.resolved.enable;
+                  defaultText = literalExpression "config.services.resolved.enable";
+                  example = false;
+                };
+              };
+            };
+          };
+        };
+      };
+    };
+    log-service = mkOption {
+      description = "Log service configuration";
+      default = { };
+      type = submodule {
+        options = {
+          settings = mkOption {
+            description = "Options stored in {file}`/etc/openvpn3/log-service.json` configuration file";
+            default = { };
+            type = submodule {
+              freeformType = json.type;
+              options = {
+                journald = mkOption {
+                  description = "Use systemd-journald";
+                  type = bool;
+                  default = true;
+                  example = false;
+                };
+                log_dbus_details = mkOption {
+                  description = "Add D-Bus details in log file/syslog";
+                  type = bool;
+                  default = true;
+                  example = false;
+                };
+                log_level = mkOption {
+                  description = "How verbose should the logging be";
+                  type = (ints.between 0 7) // {
+                    merge = _loc: defs:
+                      lists.foldl max 0 (options.getValues defs);
+                  };
+                  default = 3;
+                  example = 6;
+                };
+                timestamp = mkOption {
+                  description = "Add timestamp log file";
+                  type = bool;
+                  default = false;
+                  example = true;
+                };
+              };
+            };
+          };
+        };
       };
-      defaultText = lib.literalExpression ''pkgs.openvpn3.override {
-        enableSystemdResolved = config.services.resolved.enable;
-      }'';
-      description = ''
-        Which package to use for `openvpn3`.
-      '';
     };
   };
 
   config = lib.mkIf cfg.enable {
-    services.dbus.packages = [
-      cfg.package
-    ];
+    services.dbus.packages = [ cfg.package ];
 
     users.users.openvpn = {
       isSystemUser = true;
       uid = config.ids.uids.openvpn;
       group = "openvpn";
     };
 
-    users.groups.openvpn = {
-      gid = config.ids.gids.openvpn;
+    users.groups.openvpn = { gid = config.ids.gids.openvpn; };
+
+    environment = {
+      systemPackages = [ cfg.package ];
+      etc = {
+        "openvpn3/netcfg.json".source =
+          json.generate "netcfg.json" cfg.netcfg.settings;
+        "openvpn3/log-service.json".source =
+          json.generate "log-service.json" cfg.log-service.settings;
+      };
     };
 
-    environment.systemPackages = [
-      cfg.package
-    ];
+    systemd.packages = [ cfg.package ];
   };
 
+  meta.maintainers = with lib.maintainers; [ shamilton progrm_jarvis ];
 }

nixos/modules/services/databases/surrealdb.nix

@@ -14,9 +14,9 @@ in {
         type = lib.types.str;
         description = ''
           The path that surrealdb will write data to. Use null for in-memory.
-          Can be one of "memory", "file://:path", "tikv://:addr".
+          Can be one of "memory", "rocksdb://:path", "surrealkv://:path", "tikv://:addr", "fdb://:addr".
         '';
-        default = "file:///var/lib/surrealdb/";
+        default = "rocksdb:///var/lib/surrealdb/";
         example = "memory";
       };
 
@@ -41,10 +41,9 @@ in {
       extraFlags = lib.mkOption {
         type = lib.types.listOf lib.types.str;
         default = [];
-        example = [ "--allow-all" "--auth" "--user root" "--pass root" ];
+        example = [ "--allow-all" "--user" "root" "--pass" "root" ];
         description = ''
-          Specify a list of additional command line flags,
-          which get escaped and are then passed to surrealdb.
+          Specify a list of additional command line flags.
         '';
       };
     };
@@ -61,7 +60,7 @@ in {
       after = [ "network.target" ];
 
       serviceConfig = {
-        ExecStart = "${cfg.package}/bin/surreal start --bind ${cfg.host}:${toString cfg.port} ${lib.escapeShellArgs cfg.extraFlags} -- ${cfg.dbPath}";
+        ExecStart = "${cfg.package}/bin/surreal start --bind ${cfg.host}:${toString cfg.port} ${lib.strings.concatStringsSep " " cfg.extraFlags} -- ${cfg.dbPath}";
         DynamicUser = true;
         Restart = "on-failure";
         StateDirectory = "surrealdb";

nixos/modules/services/hardware/triggerhappy.nix

@@ -1,40 +1,63 @@
-{ config, lib, pkgs, ... }:
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
 let
 
   cfg = config.services.triggerhappy;
 
   socket = "/run/thd.socket";
 
   configFile = pkgs.writeText "triggerhappy.conf" ''
-    ${lib.concatMapStringsSep "\n"
-      ({ keys, event, cmd, ... }:
-        ''${lib.concatMapStringsSep "+" (x: "KEY_" + x) keys} ${toString { press = 1; hold = 2; release = 0; }.${event}} ${cmd}''
-      )
-      cfg.bindings}
+    ${lib.concatMapStringsSep "\n" (
+      {
+        keys,
+        event,
+        cmd,
+        ...
+      }:
+      ''${lib.concatMapStringsSep "+" (x: "KEY_" + x) keys} ${
+        toString
+          {
+            press = 1;
+            hold = 2;
+            release = 0;
+          }
+          .${event}
+      } ${cmd}''
+    ) cfg.bindings}
     ${cfg.extraConfig}
   '';
 
-  bindingCfg = { ... }: {
-    options = {
-
-      keys = lib.mkOption {
-        type = lib.types.listOf lib.types.str;
-        description = "List of keys to match.  Key names as defined in linux/input-event-codes.h";
-      };
-
-      event = lib.mkOption {
-        type = lib.types.enum ["press" "hold" "release"];
-        default = "press";
-        description = "Event to match.";
-      };
+  bindingCfg =
+    { ... }:
+    {
+      options = {
+
+        keys = lib.mkOption {
+          type = lib.types.listOf lib.types.str;
+          description = "List of keys to match.  Key names as defined in linux/input-event-codes.h";
+        };
+
+        event = lib.mkOption {
+          type = lib.types.enum [
+            "press"
+            "hold"
+            "release"
+          ];
+          default = "press";
+          description = "Event to match.";
+        };
+
+        cmd = lib.mkOption {
+          type = lib.types.str;
+          description = "What to run.";
+        };
 
-      cmd = lib.mkOption {
-        type = lib.types.str;
-        description = "What to run.";
       };
-
     };
-  };
 
 in
 
@@ -65,9 +88,9 @@ in
 
       bindings = lib.mkOption {
         type = lib.types.listOf (lib.types.submodule bindingCfg);
-        default = [];
+        default = [ ];
         example = lib.literalExpression ''
-          [ { keys = ["PLAYPAUSE"];  cmd = "''${pkgs.mpc-cli}/bin/mpc -q toggle"; } ]
+          [ { keys = ["PLAYPAUSE"];  cmd = "''${lib.getExe pkgs.mpc} -q toggle"; } ]
         '';
         description = ''
           Key bindings for {command}`triggerhappy`.
@@ -86,7 +109,6 @@ in
 
   };
 
-
   ###### implementation
 
   config = lib.mkIf cfg.enable {
@@ -101,18 +123,22 @@ in
       wantedBy = [ "multi-user.target" ];
       description = "Global hotkey daemon";
       serviceConfig = {
-        ExecStart = "${pkgs.triggerhappy}/bin/thd ${lib.optionalString (cfg.user != "root") "--user ${cfg.user}"} --socket ${socket} --triggers ${configFile} --deviceglob /dev/input/event*";
+        ExecStart = "${pkgs.triggerhappy}/bin/thd ${
+          lib.optionalString (cfg.user != "root") "--user ${cfg.user}"
+        } --socket ${socket} --triggers ${configFile} --deviceglob /dev/input/event*";
       };
     };
 
-    services.udev.packages = lib.singleton (pkgs.writeTextFile {
-      name = "triggerhappy-udev-rules";
-      destination = "/etc/udev/rules.d/61-triggerhappy.rules";
-      text = ''
-        ACTION=="add", SUBSYSTEM=="input", KERNEL=="event[0-9]*", ATTRS{name}!="triggerhappy", \
-          RUN+="${pkgs.triggerhappy}/bin/th-cmd --socket ${socket} --passfd --udev"
-      '';
-    });
+    services.udev.packages = lib.singleton (
+      pkgs.writeTextFile {
+        name = "triggerhappy-udev-rules";
+        destination = "/etc/udev/rules.d/61-triggerhappy.rules";
+        text = ''
+          ACTION=="add", SUBSYSTEM=="input", KERNEL=="event[0-9]*", ATTRS{name}!="triggerhappy", \
+            RUN+="${pkgs.triggerhappy}/bin/th-cmd --socket ${socket} --passfd --udev"
+        '';
+      }
+    );
 
   };
 

nixos/modules/system/boot/networkd.nix

@@ -915,7 +915,9 @@ let
           "UseAddress"
           "UseDNS"
           "UseNTP"
+          "SendHostname"
           "UseHostname"
+          "Hostname"
           "UseDomains"
           "RouteMetric"
           "RapidCommit"
@@ -936,6 +938,7 @@ let
         (assertValueOneOf "UseAddress" boolValues)
         (assertValueOneOf "UseDNS" boolValues)
         (assertValueOneOf "UseNTP" boolValues)
+        (assertValueOneOf "SendHostname" boolValues)
         (assertValueOneOf "UseHostname" boolValues)
         (assertValueOneOf "UseDomains" (boolValues ++ ["route"]))
         (assertInt "RouteMetric")