diff --git a/flake.lock b/flake.lock index f5266d0f..c6d7e669 100644 --- a/flake.lock +++ b/flake.lock @@ -45,11 +45,11 @@ ] }, "locked": { - "lastModified": 1748774759, - "narHash": "sha256-4t/g+NC7UZsqQSv+GSFA6rYTgAmMCeF9XQZcsUfGEzg=", + "lastModified": 1749012650, + "narHash": "sha256-uzPwNYw58UZkU8XtqpRFfPcqSOYi86HHJzBPZ+o1PTo=", "owner": "accentor", "repo": "api", - "rev": "80fb9675961aab3758d878906d94eba69ef5913e", + "rev": "cf9e50f9f424880667be9b7b50f4d8447d266bf0", "type": "github" }, "original": { @@ -74,11 +74,11 @@ ] }, "locked": { - "lastModified": 1748774863, - "narHash": "sha256-rRk1JlZrHHftzed1RIYeeH6km6yKz8DUAmD1YG33htg=", + "lastModified": 1749012769, + "narHash": "sha256-SZypUcgPixs3TPy3x6beVEvoGWOWECI6KscIzvdgLxM=", "owner": "accentor", "repo": "web", - "rev": "e94c5f555378a7ccfea327ebc0c27a1a36b351fe", + "rev": "66542e16f24ec118768862a81e26acc99ea349aa", "type": "github" }, "original": { @@ -139,11 +139,11 @@ ] }, "locked": { - "lastModified": 1748998583, - "narHash": "sha256-X8kkfgfqdYa/sqGpMdDkrLytS6mj89PJW+x22+r29Yg=", + "lastModified": 1749012745, + "narHash": "sha256-Cax/k9ZRPKqTz18vZtmqGR45pHRXM+sDvEVd4V/3NrU=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "d46a07214fc25b6313f2ea3ba789cd7ff036aeb2", + "rev": "fa6120c32f10bd2aac9e8c9a6e71528a9d9d823b", "type": "github" }, "original": { @@ -184,11 +184,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1749003682, - "narHash": "sha256-7AZ5Jl235GGOnTciCmENWMvEfcemKocp3tzdiIgaSUA=", + "lastModified": 1749090069, + "narHash": "sha256-uN3Mp+o7IfVT9H/OuwEtJ17NktCaF4t9Ond3TKt+BE4=", "owner": "nix-community", "repo": "emacs-overlay", - "rev": "92b75bf8b4e26ae3373fbe6331f9a1c63efc1e29", + "rev": "c17506666090e412a50b01c57944386ab81d2aa8", "type": "github" }, "original": { @@ -210,11 +210,11 @@ ] }, "locked": { - "lastModified": 1748514353, - "narHash": "sha256-kpG2mIxj+18WjhcPJkGqCqmggyPf3um9ZX96Klv8HSA=", + "lastModified": 1749023534, + "narHash": "sha256-pZcoIizU6jTCA6jhCmWFkJyDmz/XaCosBtey5IHCWE0=", "ref": "refs/heads/main", - "rev": "8ea2452ba4eb5eb238edffe98cf5402bee8abee0", - "revCount": 33, + "rev": "50d87ab03ff7e463069df2af189406756455e28d", + "revCount": 34, "type": "git", "url": "https://git.chvp.be/chvp/entrance-exam" }, @@ -335,11 +335,11 @@ ] }, "locked": { - "lastModified": 1748979197, - "narHash": "sha256-mKYwYcO9RmA2AcAFIXGDBOw5iv/fbjw6adWvMbnfIuk=", + "lastModified": 1749062139, + "narHash": "sha256-gGGLujmeWU+ZjFzfMvFMI0hp9xONsSbm88187wJr82Q=", "owner": "nix-community", "repo": "home-manager", - "rev": "34a13086148cbb3ae65a79f753eb451ce5cac3d3", + "rev": "86b95fc1ed2b9b04a451a08ccf13d78fb421859c", "type": "github" }, "original": { @@ -394,11 +394,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1748693115, - "narHash": "sha256-StSrWhklmDuXT93yc3GrTlb0cKSS0agTAxMGjLKAsY8=", + "lastModified": 1748929857, + "narHash": "sha256-lcZQ8RhsmhsK8u7LIFsJhsLh/pzR9yZ8yqpTzyGdj+Q=", "owner": "nixos", "repo": "nixpkgs", - "rev": "910796cabe436259a29a72e8d3f5e180fc6dfacc", + "rev": "c2a03962b8e24e669fb37b7df10e7c79531ff1a4", "type": "github" }, "original": { @@ -426,11 +426,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1748810746, - "narHash": "sha256-1na8blYvU1F6HLwx/aFjrhUqpqZ0SCsnqqW9n2vXvok=", + "lastModified": 1748995628, + "narHash": "sha256-bFufQGSAEYQgjtc4wMrobS5HWN0hDP+ZX+zthYcml9U=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "78d9f40fd6941a1543ffc3ed358e19c69961d3c1", + "rev": "8eb3b6a2366a7095939cd22f0dc0e9991313294b", "type": "github" }, "original": { @@ -449,11 +449,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1749004151, - "narHash": "sha256-aXLR+ISfL8ue9DT3YgYEnRRanAsp3qBGxuGPFax2gAQ=", + "lastModified": 1749092205, + "narHash": "sha256-2QTM4E7QljCYsGNnCiibgFjx/K5hvQ7VkCHDY05rU4Y=", "owner": "nix-community", "repo": "NUR", - "rev": "3dc37c85b1d923b2c20b4be07e39e30e4f43f50e", + "rev": "bf9746362fc9a50cdf053883f0c06a4d9b93e3ca", "type": "github" }, "original": { @@ -511,11 +511,11 @@ ] }, "locked": { - "lastModified": 1748770758, - "narHash": "sha256-2mWcL/Nd2sXl7vPnMC059wDatzPXpjTnnWK0pi6VF0A=", + "lastModified": 1749012525, + "narHash": "sha256-SgHx9B3WM1miouDqzcakLUzBBCsFH6ZZnM6v8jSZrsE=", "owner": "chvp", "repo": "tetris", - "rev": "0649cd8fabe55d210080cd9cb62d549821c2abdf", + "rev": "1d99a2611fcca7fb5bbb973bb2a0b5e4e0e2f644", "type": "github" }, "original": { @@ -561,11 +561,11 @@ ] }, "locked": { - "lastModified": 1748770588, - "narHash": "sha256-hbmgx83bO0LoHdE/dzM2ECjAa20N2gC4oaxozoLC4+4=", + "lastModified": 1749011816, + "narHash": "sha256-dId6O9HUL9fs40X70yu65GYNwgqZBExKRqLjXuv0voM=", "ref": "refs/heads/main", - "rev": "751eb9bc844e1aa9f144b1e7eae85d453f7d84fc", - "revCount": 133, + "rev": "f0fbb330a1451fcce514f0f33f3dc925f3330458", + "revCount": 134, "type": "git", "url": "https://git.chvp.be/chvp/www.chvp.be" }, diff --git a/patches/413495.patch b/patches/413495.patch new file mode 100644 index 00000000..8bca4b08 --- /dev/null +++ b/patches/413495.patch @@ -0,0 +1,455 @@ +diff --git a/nixos/modules/services/networking/murmur.nix b/nixos/modules/services/networking/murmur.nix +index 8ff4c811063861..aa205d1f60b44a 100644 +--- a/nixos/modules/services/networking/murmur.nix ++++ b/nixos/modules/services/networking/murmur.nix +@@ -5,6 +5,8 @@ + ... + }: + ++with lib; ++ + let + cfg = config.services.murmur; + forking = cfg.logFile != null; +@@ -12,53 +14,68 @@ let + database=${cfg.stateDir}/murmur.sqlite + dbDriver=QSQLITE + +- autobanAttempts=${lib.toString cfg.autobanAttempts} +- autobanTimeframe=${lib.toString cfg.autobanTimeframe} +- autobanTime=${lib.toString cfg.autobanTime} ++ autobanAttempts=${toString cfg.autobanAttempts} ++ autobanTimeframe=${toString cfg.autobanTimeframe} ++ autobanTime=${toString cfg.autobanTime} + +- logfile=${lib.optionalString (cfg.logFile != null) cfg.logFile} +- ${lib.optionalString forking "pidfile=/run/murmur/murmurd.pid"} ++ logfile=${optionalString (cfg.logFile != null) cfg.logFile} ++ ${optionalString forking "pidfile=/run/murmur/murmurd.pid"} + + welcometext="${cfg.welcometext}" +- port=${lib.toString cfg.port} ++ port=${toString cfg.port} + +- ${lib.optionalString (cfg.hostName != "") "host=${cfg.hostName}"} +- ${lib.optionalString (cfg.password != "") "serverpassword=${cfg.password}"} ++ ${optionalString (cfg.hostName != "") "host=${cfg.hostName}"} ++ ${optionalString (cfg.password != "") "serverpassword=${cfg.password}"} + +- bandwidth=${lib.toString cfg.bandwidth} +- users=${lib.toString cfg.users} ++ bandwidth=${toString cfg.bandwidth} ++ users=${toString cfg.users} + +- textmessagelength=${lib.toString cfg.textMsgLength} +- imagemessagelength=${lib.toString cfg.imgMsgLength} +- allowhtml=${lib.boolToString cfg.allowHtml} +- logdays=${lib.toString cfg.logDays} +- bonjour=${lib.boolToString cfg.bonjour} +- sendversion=${lib.boolToString cfg.sendVersion} ++ textmessagelength=${toString cfg.textMsgLength} ++ imagemessagelength=${toString cfg.imgMsgLength} ++ allowhtml=${boolToString cfg.allowHtml} ++ logdays=${toString cfg.logDays} ++ bonjour=${boolToString cfg.bonjour} ++ sendversion=${boolToString cfg.sendVersion} + +- ${lib.optionalString (cfg.registerName != "") "registerName=${cfg.registerName}"} +- ${lib.optionalString (cfg.registerPassword != "") "registerPassword=${cfg.registerPassword}"} +- ${lib.optionalString (cfg.registerUrl != "") "registerUrl=${cfg.registerUrl}"} +- ${lib.optionalString (cfg.registerHostname != "") "registerHostname=${cfg.registerHostname}"} ++ ${optionalString (cfg.registerName != "") "registerName=${cfg.registerName}"} ++ ${optionalString (cfg.registerPassword != "") "registerPassword=${cfg.registerPassword}"} ++ ${optionalString (cfg.registerUrl != "") "registerUrl=${cfg.registerUrl}"} ++ ${optionalString (cfg.registerHostname != "") "registerHostname=${cfg.registerHostname}"} + +- certrequired=${lib.boolToString cfg.clientCertRequired} +- ${lib.optionalString (cfg.sslCert != "") "sslCert=${cfg.sslCert}"} +- ${lib.optionalString (cfg.sslKey != "") "sslKey=${cfg.sslKey}"} +- ${lib.optionalString (cfg.sslCa != "") "sslCA=${cfg.sslCa}"} ++ certrequired=${boolToString cfg.clientCertRequired} ++ ${optionalString (cfg.sslCert != "") "sslCert=${cfg.sslCert}"} ++ ${optionalString (cfg.sslKey != "") "sslKey=${cfg.sslKey}"} ++ ${optionalString (cfg.sslCa != "") "sslCA=${cfg.sslCa}"} + +- ${lib.optionalString (cfg.dbus != null) "dbus=${cfg.dbus}"} ++ ${optionalString (cfg.dbus != null) "dbus=${cfg.dbus}"} + + ${cfg.extraConfig} + ''; + in + { ++ imports = [ ++ (mkRenamedOptionModule [ "services" "murmur" "welcome" ] [ "services" "murmur" "welcometext" ]) ++ (mkRemovedOptionModule [ "services" "murmur" "pidfile" ] "Hardcoded to /run/murmur/murmurd.pid now") ++ ]; ++ + options = { + services.murmur = { +- enable = lib.mkEnableOption "Mumble server"; ++ enable = mkOption { ++ type = types.bool; ++ default = false; ++ description = "If enabled, start the Murmur Mumble server."; ++ }; + +- openFirewall = lib.mkEnableOption "opening ports in the firewall for the Mumble server"; ++ openFirewall = mkOption { ++ type = types.bool; ++ default = false; ++ description = '' ++ Open ports in the firewall for the Murmur Mumble server. ++ ''; ++ }; + +- user = lib.mkOption { +- type = lib.types.str; ++ user = mkOption { ++ type = types.str; + default = "murmur"; + description = '' + The name of an existing user to use to run the service. +@@ -66,8 +83,8 @@ in + ''; + }; + +- group = lib.mkOption { +- type = lib.types.str; ++ group = mkOption { ++ type = types.str; + default = "murmur"; + description = '' + The name of an existing group to use to run the service. +@@ -75,16 +92,16 @@ in + ''; + }; + +- stateDir = lib.mkOption { +- type = lib.types.path; ++ stateDir = mkOption { ++ type = types.path; + default = "/var/lib/murmur"; + description = '' + Directory to store data for the server. + ''; + }; + +- autobanAttempts = lib.mkOption { +- type = lib.types.int; ++ autobanAttempts = mkOption { ++ type = types.int; + default = 10; + description = '' + Number of attempts a client is allowed to make in +@@ -93,8 +110,8 @@ in + ''; + }; + +- autobanTimeframe = lib.mkOption { +- type = lib.types.int; ++ autobanTimeframe = mkOption { ++ type = types.int; + default = 120; + description = '' + Timeframe in which a client can connect without being banned +@@ -102,47 +119,47 @@ in + ''; + }; + +- autobanTime = lib.mkOption { +- type = lib.types.int; ++ autobanTime = mkOption { ++ type = types.int; + default = 300; + description = "The amount of time an IP ban lasts (in seconds)."; + }; + +- logFile = lib.mkOption { +- type = lib.types.nullOr lib.types.path; ++ logFile = mkOption { ++ type = types.nullOr types.path; + default = null; + example = "/var/log/murmur/murmurd.log"; + description = "Path to the log file for Murmur daemon. Empty means log to journald."; + }; + +- welcometext = lib.mkOption { +- type = lib.types.str; ++ welcometext = mkOption { ++ type = types.str; + default = ""; + description = "Welcome message for connected clients."; + }; + +- port = lib.mkOption { +- type = lib.types.port; ++ port = mkOption { ++ type = types.port; + default = 64738; + description = "Ports to bind to (UDP and TCP)."; + }; + +- hostName = lib.mkOption { +- type = lib.types.str; ++ hostName = mkOption { ++ type = types.str; + default = ""; + description = "Host to bind to. Defaults binding on all addresses."; + }; + +- package = lib.mkPackageOption pkgs "murmur" { }; ++ package = mkPackageOption pkgs "murmur" { }; + +- password = lib.mkOption { +- type = lib.types.str; ++ password = mkOption { ++ type = types.str; + default = ""; + description = "Required password to join server, if specified."; + }; + +- bandwidth = lib.mkOption { +- type = lib.types.int; ++ bandwidth = mkOption { ++ type = types.int; + default = 72000; + description = '' + Maximum bandwidth (in bits per second) that clients may send +@@ -150,26 +167,26 @@ in + ''; + }; + +- users = lib.mkOption { +- type = lib.types.int; ++ users = mkOption { ++ type = types.int; + default = 100; + description = "Maximum number of concurrent clients allowed."; + }; + +- textMsgLength = lib.mkOption { +- type = lib.types.int; ++ textMsgLength = mkOption { ++ type = types.int; + default = 5000; + description = "Max length of text messages. Set 0 for no limit."; + }; + +- imgMsgLength = lib.mkOption { +- type = lib.types.int; ++ imgMsgLength = mkOption { ++ type = types.int; + default = 131072; + description = "Max length of image messages. Set 0 for no limit."; + }; + +- allowHtml = lib.mkOption { +- type = lib.types.bool; ++ allowHtml = mkOption { ++ type = types.bool; + default = true; + description = '' + Allow HTML in client messages, comments, and channel +@@ -177,8 +194,8 @@ in + ''; + }; + +- logDays = lib.mkOption { +- type = lib.types.int; ++ logDays = mkOption { ++ type = types.int; + default = 31; + description = '' + How long to store RPC logs for in the database. Set 0 to +@@ -186,16 +203,23 @@ in + ''; + }; + +- bonjour = lib.mkEnableOption "Bonjour auto-discovery, which allows clients over your LAN to automatically discover Mumble servers"; ++ bonjour = mkOption { ++ type = types.bool; ++ default = false; ++ description = '' ++ Enable Bonjour auto-discovery, which allows clients over ++ your LAN to automatically discover Murmur servers. ++ ''; ++ }; + +- sendVersion = lib.mkOption { +- type = lib.types.bool; ++ sendVersion = mkOption { ++ type = types.bool; + default = true; + description = "Send Murmur version in UDP response."; + }; + +- registerName = lib.mkOption { +- type = lib.types.str; ++ registerName = mkOption { ++ type = types.str; + default = ""; + description = '' + Public server registration name, and also the name of the +@@ -204,8 +228,8 @@ in + ''; + }; + +- registerPassword = lib.mkOption { +- type = lib.types.str; ++ registerPassword = mkOption { ++ type = types.str; + default = ""; + description = '' + Public server registry password, used authenticate your +@@ -214,14 +238,14 @@ in + ''; + }; + +- registerUrl = lib.mkOption { +- type = lib.types.str; ++ registerUrl = mkOption { ++ type = types.str; + default = ""; + description = "URL website for your server."; + }; + +- registerHostname = lib.mkOption { +- type = lib.types.str; ++ registerHostname = mkOption { ++ type = types.str; + default = ""; + description = '' + DNS hostname where your server can be reached. This is only +@@ -231,36 +255,40 @@ in + ''; + }; + +- clientCertRequired = lib.mkEnableOption "requiring clients to authenticate via certificates"; ++ clientCertRequired = mkOption { ++ type = types.bool; ++ default = false; ++ description = "Require clients to authenticate via certificates."; ++ }; + +- sslCert = lib.mkOption { +- type = lib.types.str; ++ sslCert = mkOption { ++ type = types.str; + default = ""; + description = "Path to your SSL certificate."; + }; + +- sslKey = lib.mkOption { +- type = lib.types.str; ++ sslKey = mkOption { ++ type = types.str; + default = ""; + description = "Path to your SSL key."; + }; + +- sslCa = lib.mkOption { +- type = lib.types.str; ++ sslCa = mkOption { ++ type = types.str; + default = ""; + description = "Path to your SSL CA certificate."; + }; + +- extraConfig = lib.mkOption { +- type = lib.types.lines; ++ extraConfig = mkOption { ++ type = types.lines; + default = ""; + description = "Extra configuration to put into murmur.ini."; + }; + +- environmentFile = lib.mkOption { +- type = lib.types.nullOr lib.types.path; ++ environmentFile = mkOption { ++ type = types.nullOr types.path; + default = null; +- example = lib.literalExpression ''"''${config.services.murmur.stateDir}/murmurd.env"''; ++ example = literalExpression ''"''${config.services.murmur.stateDir}/murmurd.env"''; + description = '' + Environment file as defined in {manpage}`systemd.exec(5)`. + +@@ -283,8 +311,8 @@ in + ''; + }; + +- dbus = lib.mkOption { +- type = lib.types.enum [ ++ dbus = mkOption { ++ type = types.enum [ + null + "session" + "system" +@@ -295,19 +323,19 @@ in + }; + }; + +- config = lib.mkIf cfg.enable { +- users.users.murmur = lib.mkIf (cfg.user == "murmur") { ++ config = mkIf cfg.enable { ++ users.users.murmur = mkIf (cfg.user == "murmur") { + description = "Murmur Service user"; + home = cfg.stateDir; + createHome = true; + uid = config.ids.uids.murmur; + group = cfg.group; + }; +- users.groups.murmur = lib.mkIf (cfg.group == "murmur") { ++ users.groups.murmur = mkIf (cfg.group == "murmur") { + gid = config.ids.gids.murmur; + }; + +- networking.firewall = lib.mkIf cfg.openFirewall { ++ networking.firewall = mkIf cfg.openFirewall { + allowedTCPPorts = [ cfg.port ]; + allowedUDPPorts = [ cfg.port ]; + }; +@@ -325,8 +353,8 @@ in + serviceConfig = { + # murmurd doesn't fork when logging to the console. + Type = if forking then "forking" else "simple"; +- PIDFile = lib.mkIf forking "/run/murmur/murmurd.pid"; +- EnvironmentFile = lib.mkIf (cfg.environmentFile != null) cfg.environmentFile; ++ PIDFile = mkIf forking "/run/murmur/murmurd.pid"; ++ EnvironmentFile = mkIf (cfg.environmentFile != null) cfg.environmentFile; + ExecStart = "${cfg.package}/bin/mumble-server -ini /run/murmur/murmurd.ini"; + Restart = "always"; + RuntimeDirectory = "murmur"; +@@ -362,7 +390,7 @@ in + + # currently not included in upstream package, addition requested at + # https://github.com/mumble-voip/mumble/issues/6078 +- services.dbus.packages = lib.mkIf (cfg.dbus == "system") [ ++ services.dbus.packages = mkIf (cfg.dbus == "system") [ + (pkgs.writeTextFile { + name = "murmur-dbus-policy"; + text = '' +@@ -404,19 +432,19 @@ in + r /run/murmur/murmurd.ini, + r ${configFile}, + '' +- + lib.optionalString (cfg.logFile != null) '' ++ + optionalString (cfg.logFile != null) '' + rw ${cfg.logFile}, + '' +- + lib.optionalString (cfg.sslCert != "") '' ++ + optionalString (cfg.sslCert != "") '' + r ${cfg.sslCert}, + '' +- + lib.optionalString (cfg.sslKey != "") '' ++ + optionalString (cfg.sslKey != "") '' + r ${cfg.sslKey}, + '' +- + lib.optionalString (cfg.sslCa != "") '' ++ + optionalString (cfg.sslCa != "") '' + r ${cfg.sslCa}, + '' +- + lib.optionalString (cfg.dbus != null) '' ++ + optionalString (cfg.dbus != null) '' + dbus bus=${cfg.dbus} + '' + + ''