Commit Graph

19 Commits

Author SHA1 Message Date
h7x4
0a37316d6c
treewide: use mkPackageOption
This commit replaces a lot of usages of `mkOption` with the package
type, to be `mkPackageOption`, in order to reduce the amount of code.
2023-11-27 01:28:36 +01:00
Maximilian Bosch
183be440fd
nixos/captive-browser: drop setcap wrapper for captive-browser
Since Linux 5.7 it's possible to set `SO_BINDTODEVICE` via `setsockopt(2)`
as unprivileged user if this operation doesn't imply escaping a VRF
interface[1].

Dropping the wrapper is actually desirable because `captive-browser`
itself doesn't drop capabilities and as a result, the capabilities are
passed on to `chromium` itself[2].

For older kernels, this is still necessary, hence the wrapper will only
be added nowadays if the kernel is older than 5.7.

[1] c427bfec18
[2] 08450562e5/bind_device_linux.go (L11-L14)
    and because our setcap wrapper makes all capabilities
    inheritable.
2023-08-10 14:06:38 +02:00
pennae
ef176dcf7e nixos/*: automatically convert option descriptions
conversions were done using https://github.com/pennae/nix-doc-munge
using (probably) rev f34e145 running

    nix-doc-munge nixos/**/*.nix
    nix-doc-munge --import nixos/**/*.nix

the tool ensures that only changes that could affect the generated
manual *but don't* are committed, other changes require manual review
and are discarded.
2022-08-31 16:32:53 +02:00
pennae
6039648c50 nixos/*: automatically convert option docs 2022-08-19 22:40:58 +02:00
pennae
8f8e101527 nixos/*: normalize <package> to <literal>
this renders the same in the manpage and a little more clearly in the
html manual. in the manpage there continues to be no distinction from
regular text, the html manual gets code-type markup (which was probably
the intention for most of these uses anyway).
2022-08-19 22:40:58 +02:00
pennae
2e751c0772 treewide: automatically md-convert option descriptions
the conversion procedure is simple:

 - find all things that look like options, ie calls to either `mkOption`
   or `lib.mkOption` that take an attrset. remember the attrset as the
   option
 - for all options, find a `description` attribute who's value is not a
   call to `mdDoc` or `lib.mdDoc`
 - textually convert the entire value of the attribute to MD with a few
   simple regexes (the set from mdize-module.sh)
 - if the change produced a change in the manual output, discard
 - if the change kept the manual unchanged, add some text to the
   description to make sure we've actually found an option. if the
   manual changes this time, keep the converted description

this procedure converts 80% of nixos options to markdown. around 2000
options remain to be inspected, but most of those fail the "does not
change the manual output check": currently the MD conversion process
does not faithfully convert docbook tags like <code> and <package>, so
any option using such tags will not be converted at all.
2022-07-30 15:16:34 +02:00
Sandro Jäckel
43d4ddf28e
treewide: remove usage of runCommandNoCC aliases 2022-06-07 16:57:06 +02:00
Peter Hoeg
80b9bfdfb1 nixos/captive-browser: add to menu bar 2022-03-13 20:22:00 +08:00
pennae
1f960e7571 nixos/captive-browser: add defaultText for browser
easiest way to do this is to move the default expression out and
abstract over what is substituted into it, using a dependent value for
the default and a descriptive value for defaultText
2021-12-09 01:42:24 +01:00
Naïm Favier
2ddc335e6f
nixos/doc: clean up defaults and examples 2021-10-04 12:47:20 +02:00
rnhmjoj
fedd7cd690
nixos: explicitely set security.wrappers ownership
This is slightly more verbose and inconvenient, but it forces you
to think about what the wrapper ownership and permissions will be.
2021-09-13 13:48:13 +02:00
Florian Klink
002cf7d42d
Merge pull request #132347 from anpandey/captive-browser-fix
captive-browser: fix empty string in interface args
2021-08-22 19:40:23 +02:00
Ankit Pandey
910f233fb7 captive-browser: fix empty string in interface args
Fixes nmcli being passed an empty string before the interface name,
which would stop captive-browser from starting up.
2021-08-01 13:46:57 -05:00
Maximilian Bosch
8c35a69a6e
nixos/captive-browser: fix startup
It seems as since Chromium 92, `chromium` crashes on startup if
`XDG_CONFIG_HOME` points to a read-only (store-)path.
2021-08-01 19:04:49 +02:00
Peter Hoeg
04e9e9e510 nixos/captive-browser: make it work without a fixed interface
nixpkgs-fmt makes this a lot noisier than it has to be
2021-02-12 14:35:51 +08:00
volth
bc0d605cf1 treewide: fix double quoted strings in meta.description
Signed-off-by: Ben Siraphob <bensiraphob@gmail.com>
2021-01-24 19:56:59 +07:00
Maximilian Bosch
f073b74c13
nixos/captive-browser: set chromium's data-dir to a XDG-compliant location
To quote the XDG specification:

     There is a single base directory relative to which user-specific
     data files should be written. This directory is defined by the\
     environment variable $XDG_DATA_HOME.

Rather than adding another directory to $HOME, I think that it's better
to follow this standard to avoid a cluttered home-dir.
2020-03-11 20:17:46 +01:00
Maximilian Bosch
d9f7bac91f
nixos/captive-browser: fix module
Fixes the broken metrics evaluation which was caused by a `trace`
warning in stdout which confused `jq` in `pkgs/top-level/metrics.nix`.

Also made the `bind-device` feature optional as suggested after the
merge.
2019-06-14 20:38:33 +02:00
volth
9498c8f443 captive-browser: init at 2019-04-14 2019-04-16 14:52:38 +00:00