/!\ migration à nixos 19.03 (18.03 plus mis à jour)

This reverts commit 0c47de1cb1.

Makefile

@@ -25,9 +25,10 @@ full-auto: submodules-update upgrade clean optimise
 	@date
 
 optimise:
-	$(TIME) nix-store --optimise
+	$(TIME) nix optimise-store
 
 rebuild-build:
+	nix-channel --add https://nixos.org/channels/nixos-19.03 nixos
 	$(TIME) time nixos-rebuild build --fallback  --show-trace
 
 rebuild-switch:
@@ -43,14 +44,14 @@ show-roots:
 	nix-store --gc --print-roots
 
 show-time:
-	-@$(CHRONY_STATUS)
+	-@$(CHRONY_STATUS) && $(CHRONY_STATS)
-	#CHRONY_STATUS='chronyc tracking' CHRONY_STATS='chronyc sources -v' ${CHRONY_STATS} && watch -d -n 20 "${CHRONY_STATUS} && echo "--" && ${CHRONY_STATS}"
+	-@watch -d -n 5 "$(CHRONY_STATUS) && echo "--" && $(CHRONY_STATS)"
-	-@watch -d -n 20 "$(CHRONY_STATUS) && echo "--" && $(CHRONY_STATS)"
 
 store-repair:
 	$(TIME) nix-store --verify --check-contents --repair
 
 upgrade:
+	nix-channel --add https://nixos.org/channels/nixos-19.03 nixos
 	$(TIME) nixos-rebuild switch --upgrade --fallback --show-trace
 
 ##--------- Commandes spécifiques pour NixOS -- Opérations non courantes

applications/graphical/client-internet.nix

@@ -21,7 +21,7 @@ environment.systemPackages = with pkgs; [
     clawsMail
     hexchat
     quasselClient
-    mumble
+    #mumble
     pidgin
     thunderbird
 

applications/graphical/developpement-haskell.nix

@@ -13,6 +13,6 @@ mkIf (flags.developpement-haskell && flags.graphical) {
   environment.systemPackages = with pkgs; [
   ] ++ (with pkgs.haskellPackages; [
     # Haskell lib
-    threadscope     # visualisation des threads (<bidule>.eventlog)
+    #threadscope     # visualisation des threads (<bidule>.eventlog)
   ]);
 }

applications/terminal/developpement-haskell.nix

@@ -19,8 +19,9 @@ mkIf flags.developpement-haskell {
   ] ++ (with pkgs.haskellPackages; [
     # Haskell lib
     autoproc              # ? procmail
+    #brittany              # formatteur de code
     darcs                 # gestionnaire de version éponyme
-    ghc-mod               # outil d'analyse de code haskell utilisé par IDE
+    #ghc-mod               # outil d'analyse de code haskell utilisé par IDE
     hindent               # indentation code
     hlint                 # qualite de code, analyse statique de code + astuces & bonnes pratiques
     #postgrest            # mapper HTTP <-> PostgreSQL
@@ -29,7 +30,7 @@ mkIf flags.developpement-haskell {
     turtle                # genre shell-scripting
 
     # Application perso
-    hahp
+    #hahp
     pandoc-filter-graphviz # filtre pour utiliser graphviz à partir de pandoc
   ]);
 }

configuration/environment.nix

@@ -12,7 +12,7 @@ in
   nix.buildCores = 0;
 
   # The NixOS release to be compatible with for stateful data such as databases.
-  system.stateVersion = "18.03";
+  system.stateVersion = "19.03";
 
   # copies the NixOS configuration file (usually /etc/nixos/configuration.nix) and links it from the resulting system (getting to /run/current-system/configuration.nix)
   system.copySystemConfiguration = true;
@@ -27,7 +27,8 @@ in
   boot.cleanTmpDir = true;
 
   # Activation des pages de manuel
-  programs.man.enable = true;
+  documentation.man.enable = true;
+
 
   # Paquets
   environment = {

configuration/u2f.nix

@@ -33,7 +33,7 @@ mkIf true {
   SUBSYSTEM=="usb", ATTRS{idVendor}=="0bda", ATTRS{idProduct}=="2838", GROUP="audio", MODE="0666", SYMLINK+="rtl_sdr"
   '';
 
-  security.pam.enableU2F = true;
+  security.pam.u2f.enable = true;
 
   environment.systemPackages = with pkgs; [
     libu2f-host

module-template.nix

@@ -22,4 +22,11 @@ mkIf true {
     allowedUDPPorts = [
     ];
   };
+} // {
+  assertions = [
+    {
+      assertion = true;
+      message = "Assetion toujours valide.";
+    }
+  ];
 }

options.nix

@@ -62,10 +62,10 @@ let
       configurationOptions = {
 
       ipAddress = mkOption {
-        description = "Adresse IP";
+        description = "Adresse IP.";
         type = lib.types.string;
       };
-      nix-serve-server = mkEnableOption "nix-serve server";
+      nix-serve-server = mkEnableOption "nix-serve server.";
       nix-serve-client = {
         enable =  mkEnableOption "nix-serve client";
         servers = mkOption {
@@ -76,7 +76,7 @@ let
       };
 
       tinc = {
-        enable = mkEnableOption "Enable tinc service";
+        enable = mkEnableOption "Enable tinc service.";
         dnsFQDN = mkOption {
           example = "device.example.net.";
           description = "DNS name of host pointing to tunnel IP.";

services/docker.nix

@@ -13,7 +13,7 @@ mkIf flags.docker {
   environment.systemPackages = with pkgs; [
     # Ecosystème Docker
     docker
-    python36Packages.docker_compose
+    docker-compose
   ];
 
   virtualisation.docker.enable = true;

services/monitoring-munin.nix

@@ -48,9 +48,22 @@ mkIf flags.munin {
     hosts = ''
       [${config.networking.hostName}]
         address 127.0.0.1
+        df._dev_sda2.warning 35
+        use_node_name yes
+        #contacts syslog
+        contacts email
     '';
+    # http://sametmax.com/monitorez-vos-serveurs-avec-munin-et-notifications-par-email/
+    # http://guide.munin-monitoring.org/en/latest/tutorial/alert.html#syntax-of-warning-and-critical
     extraGlobalConfig = ''
-      contact.email.command ${pkgs.mutt}/bin/mutt -F /etc/nixos/base/services/munin-muttrc -s "Munin notification for ''${var:host}" root@prunetwork.fr
+      #---
+      #contact.email.command ${pkgs.mutt}/bin/mutt -F /etc/nixos/base/services/munin-muttrc  -s "Munin notification for ${config.networking.hostName}" root@ocean.prunetwork.fr
+      contact.email.command  /run/current-system/sw/bin/mutt -F /etc/nixos/base/services/munin-muttrc  -s "Munin notification for ${config.networking.hostName}" root@ocean.prunetwork.fr
+      contact.syslog.command /run/current-system/sw/bin/logger -p user.crit                 -t "Munin notification for ${config.networking.hostName}"
+
+      #---
+      contact.email.always_send ok,warning,critical,unknown
+      contact.syslog.always_send ok,warning,critical,unknown
     '';
   };
 

services/scanner.nix

@@ -11,11 +11,20 @@ mkIf flags.scanner {
 
   # Paquets
   environment.systemPackages = with pkgs; [
+    # Driver
+    hplip                     # Scanner HP
+    python27Packages.pyqt4    # dépendance hplip
+
+    # Outils pour exploiter les scanners
     simple-scan
   ];
 
   # Services
   hardware.sane.enable = true;
+  services.saned = {
+    enable = true;
+    extraConfig = "192.168.0.0/24";
+  };
 
   # Réseau
   networking.firewall = {

services/ssh.nix

@@ -26,6 +26,9 @@ mkIf true {
       # Use kernel sandbox mechanisms where possible in unprivilegied processes
       # Systrace on OpenBSD, Seccomp on Linux, seatbelt on MacOSX/Darwin, rlimit elsewhere.
       UsePrivilegeSeparation sandbox
+
+      # Permet de gérer le nombre de connexions multiplexées en simultané
+      MaxSessions 200
     '';
   };
 }

services/yubikey.nix

@@ -33,7 +33,7 @@ mkIf true {
     gnupg opensc pcsctools libu2f-host yubikey-personalization
   ];
 
-  security.pam.enableU2F = true;
+  security.pam.u2f.enable = true;
 
   /*users.extraUsers.joko = {
     isNormalUser = true;