`SSH_AUTH_SOCK` is exported in shells only, which systemd does not
inherit from. With this commit, it is also set in systemd such that
systemd-managed applications can access the SSH agent by declaring
dependencies onto 'sshAuthSock.systemd.socketProviderUnit'.
Closes#7971.
Move local render helpers closer to their generated outputs and split xdg.configFile construction into named builders.
Keep luaFiles behavior in the preceding feature commit; this only reduces duplicated predicates and makes the module layout easier to scan.
Allow Lua configs to be split across managed files under XDG_CONFIG_HOME/hypr.
Treat extraLuaFiles attribute names as Lua module names, so dotted names such as lib.helpers write lib/helpers.lua while autoloading with require("lib.helpers").
Add assertions for invalid configType usage, generated hyprland.lua collisions, and duplicate resolved Lua file targets.
On Darwin, `services.podman` mounts `~/.config/containers` into the Fedora CoreOS VM, but this did not work correctly for two reasons:
* `xdg.configFile` creates symlinks into `/nix/store`, which are broken inside the guest.
* The mount target `~/\.config/containers` is not canonical on Fedora CoreOS, so Podman rejects it.
To fix this, we now:
* materialize the generated Podman config files as real files with `runCommand`
* sync them into `~/.config/containers` during activation, between `linkGeneration` and `podmanMachines`
* use the canonical guest path `/var/home/<user>/.config/containers`
Because adding the config directory to the volume mounts overrides the defaults, we also restore the default Podman volumes as the defaults for the `machines.<machine>.volumes` attribute while still allowing full overrides.
This change does not affect Linux: `xdg.configFile` still produces store symlinks there.
Closes#9327.
Specifically, the machine initialization command `podman machine init`
requires `ssh-keygen` to generate keys, but `openssh` may not be
available in the system `PATH` by default. This change ensures
`openssh` is available before attempting to create podman machines.
Resolves#9325
Syncthing still supports existing Linux installations that keep config.xml under XDG_CONFIG_HOME/syncthing. Resolve the runtime directory from the generated scripts so Home Manager waits on and copies keys into the existing legacy directory when no state-dir config exists.
Fixes#6933
Add an option to order Walker's user service after elephant.service and add a systemd Requires= dependency when enabled.
The option defaults to services.elephant.enable, so Home Manager-managed Elephant setups work automatically while users can still enable the dependency for an externally managed elephant.service.
Add a service module for Elephant with package installation, provider selection, TOML config generation, and a systemd user service.
This gives Elephant its own configuration surface instead of wiring it through Walker.
`literalExpression` is intended just to signify code that needs to stay
a string that gets represented exactly as-is for docs. It has been
misused heavily and people get confused repeatedly on when or not to use
it because of the rampant misuse.
Quote generated Quadlet key-value entries when attrset-backed values contain whitespace, preserving the value as a single systemd/Quadlet field.
Without quoting, label values such as Traefik rules are split by podman-system-generator into multiple invalid --label arguments.
Extend the container NMT fixture with a label containing spaces and assert the generated service preserves it as one label.
Updated links to the Hyprland wiki in the module documentation for the following pages: XWayland and Submaps.
This change was needed due to a new wiki structure introduced in commit [e99eac80a63d68e050623af2f69629f9423befdb](e99eac80a6.patch), rendering the current links unaivailable.
I do not use kanshi anymore and thus cannot meaningfully test changes.
Since it is my only maintained module, also remove myself from the
maintainer lists.
This option works with the NixOS version of the module as host services
have different user namespace permissions to user services. Programs
like ssh get confused when certain config files aren't owned by root.
The gui address option always has a default value, so #8644 ended up
making syncthing-init run for every enabled Syncthing setup.
Treat the default gui address as unset for updater purposes so the init
unit is only generated when Home Manager is actually managing Syncthing
configuration. Add regression tests for the default and explicit
guiAddress cases.
Migrate the preSwitchCommands default to
lib.hm.deprecations.mkStateVersionOptionDefault instead of using a
null sentinel.
Keep the legacy flake update behavior for older state versions and add
tests for the explicit, legacy, and current flake paths.
Add a flags option for passing extra arguments to home-manager
switch and a preSwitchCommands option for running commands before the
switch.
Preserve the legacy flake update behavior behind a deprecation warning,
clean up the shell script, and cover the flake path in tests.
Syncthing's web GUI will only require login credentials if both a
username and password are configured. Expose both of these through a
new services.syncthing.guiCredentials submodule, and require migration
to the new configuration to catch anyone who has only configured a
password using the old services.syncthing.passwordFile option.
Additionally, make sure that the syncthing-init script to set
configuration using the API is enabled if there is any such
configuration that needs setting. Without this fix, configuration that
was set using the API, notably guiCredentials/passwordFile and
guiAddress, would not be set at all if there wasn't also something to
configure under services.syncthing.settings.
Co-authored-by: Robert Helgesson <robert@rycee.net>
