Add programs.ssh.settings as a freeform DAG for OpenSSH client configuration blocks. Render Host and Match blocks directly from the new settings option while preserving ordering support.
Render known ssh_config comma-list directives from Nix lists as single comma-separated lines and known space-list directives as single whitespace-separated lines. This keeps directives like KexAlgorithms, Ciphers, MACs, HostKeyAlgorithms, ProxyJump, SendEnv, GlobalKnownHostsFile, and PermitRemoteOpen from being emitted as duplicate directives where OpenSSH may only use the first value.
Migrate legacy matchBlocks into settings, keep root SSH option redirects pointed at the new option names, and hide the deprecated matchBlocks option from generated docs.
Update SSH tests, docs references, and news coverage for the new option.
Adds `home.services`, an attribute set of nixpkgs
[modular services](https://nixos.org/manual/nixos/unstable/#modular-services)
sourced from `<nixpkgs/lib/services/lib.nix>`. Each service exposes
`process.argv` and the upstream NixOS-style systemd schema
(`systemd.lib`, `systemd.mainExecStart`, `systemd.service`,
`systemd.services`, `systemd.sockets`) by re-exporting
`nixos/modules/system/service/systemd/service.nix`. Service modules
shipped with `_class = "service"` (e.g.
`pkgs.<name>.passthru.services.default`) drop in unchanged --
service portability across module systems is the point of modular
services.
Lifted units are evaluated and translated from NixOS-style attrs
(`wantedBy`, `serviceConfig`, `unitConfig`, `environment`, ...) into
the section-based INI shape (`{ Unit; Service; Install; }`) that
home-manager's `systemd.user.{services,sockets}` consumes; only the
common keys are mapped, uncommon options remain reachable via
`unitConfig` / `serviceConfig` / `socketConfig`. Sub-services and
their units are dashed under the parent service name;
`process.argv` becomes the default `ExecStart` for the service's
primary unit, which defaults to `WantedBy=default.target`.
Mirrors the surface of nixpkgs' portable systemd module (services +
sockets only); other unit kinds home-manager supports natively
(timers etc.) are intentionally not modeled until upstream grows
them.
Each service's `configData.<name>` entries are materialized at
`$XDG_CONFIG_HOME/system-services/<service-prefix>/<name>` (mirroring
how `nixos/modules/system/service/systemd/{config-data-path,system}.nix`
lifts `configData` to `environment.etc`), with the absolute path
injected back into `configData.<name>.path` so the service can refer
to its files at a stable location.
Includes nmt tests covering: a basic `process.argv`-only service, a
service with a `configData` entry, and importing
`pkgs.ghostunnel.passthru.services.default` to assert the lifted user
unit contains the expected ExecStart flags and `LoadCredential`
entries.
Use `lib.hm.deprecations.mkStateVersionOptionDefault` to keep the legacy `.mozilla/firefox` default for existing configurations while switching new Linux configurations to `"${config.xdg.configHome}/mozilla/firefox"`.
Add focused tests for the legacy and XDG defaults plus a news entry describing the transition.
Closes#8200.
Supersedes #8716 and the earlier attempt in #8672.
Co-authored-by: Heitor <44377258+HeitorAugustoLN@users.noreply.github.com>
Add a `settings` option that allows WezTerm to be configured
declaratively using a Nix attribute set. Settings are serialized to
Lua using `lib.generators.toLua`. Raw Lua expressions such as
`wezterm.font` and `wezterm.action.*` can be embedded using
`lib.generators.mkLuaInline`.
When `settings` is set, `extraConfig` is still supported. It is
wrapped in an immediately invoked function expression so that any
`return` statement (including the common `return {}` and
`return config` patterns) is captured and merged on top of the
generated settings, preserving full backward compatibility.
The merge between `settings` and `extraConfig` is shallow: a key
returned from `extraConfig` replaces the entire corresponding value
from `settings`, including nested tables and arrays.
Closes#6047
This commit deprecates profile management from the activation script.
The profile management is instead the responsibility of the driving
software, for example, the `home-manager` tool in the case of
standalone installs.
The legacy behavior is still available for backwards compatibility but
may be removed in the future.
The new behavior resolves (or moves us closer to resolving) a number
of long standing open issues:
- `home-manager switch --rollback`, which performs a rollback to the
previous Home Manager generation before activating. While it was
previously possible to accomplish this by activating an old
generation, it did always create a new profile generation.
This option has been implemented as part of this commit.
- `home-manager switch --specialisation NAME`, which switches to the
named specialisation. While it was previously possible to accomplish
this by manually running the specialisation activate script, it did
always create a new profile generation.
This option has been implemented as part of this commit.
- `home-manager switch --test`, which activates the configuration but
does not create a new profile generation.
This option has _not_ been implemented here since it relies on the
current configuration being activated on login, which we do not
currently do.
- When using the "Home Manager as a NixOS module" installation method
we previously created an odd `home-manager` per-user "shadow
profile" for the user. This is no longer necessary.
This has been implemented as part of this commit.
Fixes#3450
Having the tests available in the main Nix Flake introduces
unnecessary evaluation for non-developer users and, worse, a
dependency on the nmt library.
Fixes#6354
This adds a Boolean option `uninstall`. When enabled this option will
reset side-effecting configurations to their "empty" state. The intent
is that this will cause the activation script to remove all managed
files and packages.
Doing it this way should hopefully be more robust than the previous
solution. It also allows a somewhat more convenient uninstall process
when using Flakes; put `uninstall = true` in your existing
configuration and then do a switch.
Also add simple uninstall test in CI test job.
The release notes used to be an appendix in the manual. After
converting to markdown that appendix got lost. This commit
reintroduces the release notes into the manual.
* home-environment: add `home.sessionVariablesPackage`
Allow the `hm-session-vars.sh` derivation to be referenced from other
modules, e.g. to translate it to fish with babelfish at build time.
* fish: use babelfish for `hm-session-vars.sh`
Translate `hm-session-vars.sh` to fish at system build time,
significantly decreasing shell startup time.
Based on https://github.com/NixOS/nixpkgs/pull/108947 by @kevingriffin.
