Merge branch 'nix-darwin:master' into master

Author: orzklv

modules/networking/applicationFirewall.nix

@@ -13,6 +13,7 @@ in
 {
   meta.maintainers = [
     (lib.maintainers.prince213 or "prince213")
+    (lib.maintainers.ryanccn or "ryanccn")
   ];
 
   options.networking.applicationFirewall = {
@@ -22,27 +23,51 @@ in
       example = true;
       description = "Whether to enable application firewall.";
     };
-    blockAllIncoming = lib.mkEnableOption "blocking all incoming connections";
-    allowSigned = lib.mkEnableOption "built-in software to receive incoming connections" // {
-      default = true;
+
+    blockAllIncoming = lib.mkOption {
+      type = lib.types.nullOr lib.types.bool;
+      default = null;
+      example = true;
+      description = "Whether to block all incoming connections.";
+    };
+
+    allowSigned = lib.mkOption {
+      type = lib.types.nullOr lib.types.bool;
+      default = null;
+      example = true;
+      description = "Whether to allow built-in software to receive incoming connections.";
+    };
+
+    allowSignedApp = lib.mkOption {
+      type = lib.types.nullOr lib.types.bool;
+      default = null;
+      example = true;
+      description = "Whether to allow downloaded signed software to receive incoming connections.";
+    };
+
+    enableStealthMode = lib.mkOption {
+      type = lib.types.nullOr lib.types.bool;
+      default = null;
+      example = true;
+      description = "Whether to enable stealth mode.";
     };
-    allowSignedApp =
-      lib.mkEnableOption "downloaded signed software to receive incoming connections"
-      // {
-        default = true;
-      };
-    enableStealthMode = lib.mkEnableOption "stealth mode";
   };
 
   config = {
     system.activationScripts.networking.text = ''
       echo "configuring application firewall..." >&2
 
       ${lib.optionalString (cfg.enable != null) (socketfilterfw "setglobalstate" cfg.enable)}
-      ${lib.optionalString (cfg.enable == true) (socketfilterfw "setblockall" cfg.blockAllIncoming)}
-      ${socketfilterfw "setallowsigned" cfg.allowSigned}
-      ${socketfilterfw "setallowsignedapp" cfg.allowSignedApp}
-      ${socketfilterfw "setstealthmode" cfg.enableStealthMode}
+      ${lib.optionalString (cfg.blockAllIncoming != null) (
+        socketfilterfw "setblockall" cfg.blockAllIncoming
+      )}
+      ${lib.optionalString (cfg.allowSigned != null) (socketfilterfw "setallowsigned" cfg.allowSigned)}
+      ${lib.optionalString (cfg.allowSignedApp != null) (
+        socketfilterfw "setallowsignedapp" cfg.allowSignedApp
+      )}
+      ${lib.optionalString (cfg.enableStealthMode != null) (
+        socketfilterfw "setstealthmode" cfg.enableStealthMode
+      )}
     '';
   };
 }

modules/programs/vim.nix

@@ -77,7 +77,7 @@ in
   config = mkIf cfg.enable {
 
     environment.systemPackages =
-      [ # Include vim_configurable package.
+      [ # Include vim-full package.
         cfg.package
       ];
 
@@ -92,7 +92,7 @@ in
       endif
     '';
 
-    programs.vim.package = pkgs.vim_configurable.customize {
+    programs.vim.package = pkgs.vim-full.customize {
       name = "vim";
       vimrcConfig.customRC = config.environment.etc."vimrc".text;
       vimrcConfig.vam = {

modules/services/dnsmasq.nix

@@ -69,13 +69,15 @@ in
     environment.systemPackages = [ cfg.package ];
 
     launchd.daemons.dnsmasq = {
-      serviceConfig.ProgramArguments = [
-        "${cfg.package}/bin/dnsmasq"
-        "--listen-address=${cfg.bind}"
-        "--port=${toString cfg.port}"
-        "--keep-in-foreground"
-      ] ++ (mapA (domain: addr: "--address=/${domain}/${addr}") cfg.addresses)
-        ++ (map (server: "--server=${server}") cfg.servers);
+      command = let
+        args = [
+          "--listen-address=${cfg.bind}"
+          "--port=${toString cfg.port}"
+          "--keep-in-foreground"
+        ] ++ (mapA (domain: addr: "--address=/${domain}/${addr}") cfg.addresses)
+          ++ (map (server: "--server=${server}") cfg.servers);
+      in
+        "${cfg.package}/bin/dnsmasq ${concatStringsSep " " args}";
 
       serviceConfig.KeepAlive = true;
       serviceConfig.RunAtLoad = true;

modules/system/defaults/dock.nix

@@ -197,16 +197,93 @@ in {
     };
 
     system.defaults.dock.persistent-others = mkOption {
-      type = types.nullOr (types.listOf (types.either types.path types.str));
+      type = let
+        folderType = types.submodule {
+          options.path = mkOption {
+            description = "Path to a folder to be added to the dock.";
+            type = types.str;
+          };
+          options.arrangement = mkOption {
+            description = "Sort order for files in folder when clicked.";
+            type = types.enum ["name" "date-added" "date-modified" "date-created" "kind"];
+            default = "name";
+          };
+          options.displayas = mkOption {
+            description = "How to display the folder before clicked.  stack: Stack of file previews.  folder: A folder icon";
+            type = types.enum ["stack" "folder"];
+            default = "stack";
+          };
+          options.showas = mkOption {
+            description = "Effect to show files when clicked.  fan: fan-out effect, grid: box, list: list";
+            type = types.enum ["automatic" "fan" "grid" "list"];
+            default = "automatic";
+          };
+        };
+        taggedType = types.attrTag {
+          file = mkOption {
+            description = "A file to be added to the dock.";
+            type = types.str;
+          };
+          folder = mkOption {
+            description = "A folder to be added to the dock.";
+            type = types.coercedTo types.str (str: { path = str; }) folderType;
+          };
+        };
+        simpleType = types.either types.str types.path;
+        # Below to NOT break exisiting config
+        toTagged = _path: let path = builtins.toString _path; in if strings.hasInfix "." (last (splitString "/" path)) then { file = path; } else { folder = path; };
+        # toTagged = path: { folder = path; }; # or this to be consistent with persistent-apps
+      in
+        types.nullOr (types.listOf (types.coercedTo simpleType toTagged taggedType));
       default = null;
-      example = [ "~/Documents" "~/Downloads" ];
+      example = lib.literalExpression ''
+      [
+        ./flake.nix
+        "/Volumes"
+        { folder = "/Users/@username@/Downloads"; }
+        { folder = { path = "/Users/@username@/.emacs.d"; showas = "grid"; }; }
+        { file = "/Users/@username@/Desktop/this_is_a_file"; }      
+      ]'';
       description = ''
-        Persistent folders in the dock.
+        Persistent files, and folders in the dock.
       '';
-      apply = value:
-        if !(isList value)
-        then value
-        else map (folder: { tile-data = { file-data = { _CFURLString = "file://" + folder; _CFURLStringType = 15; }; }; tile-type = if strings.hasInfix "." (last (splitString "/" folder)) then "file-tile" else "directory-tile"; }) value;
+      apply = let
+        arrangementMap = {
+          name          = 1;
+          date-added    = 2;
+          date-modified = 3;
+          date-created  = 4;
+          kind          = 5;
+        };
+        displayasMap = {
+          stack  = 0;
+          folder = 1;
+        };
+        showasMap = {
+          automatic = 0;
+          fan       = 1;
+          grid      = 2;
+          list      = 3;
+        };
+        parseFolder = (folder:
+          builtins.mapAttrs (name: val:
+            if name == "arrangement" then arrangementMap.${val}
+            else if name == "displayas" then displayasMap.${val}
+            else if name == "showas" then showasMap.${val}
+            else val
+          ) folder
+        );
+        toTile = item: {
+          tile-data = {
+            file-data = {
+              _CFURLString = "file://" + (if item ? folder then item.folder.path else item.file);
+              _CFURLStringType = 15;
+            };
+          } // (if item ? folder then {inherit (parseFolder item.folder) arrangement displayas showas;} else {});
+          tile-type = if item ? folder then "directory-tile" else "file-tile";
+        };
+      in
+        value: if value == null then null else map toTile value;
     };
 
     system.defaults.dock.scroll-to-open = mkOption {
@@ -217,6 +294,38 @@ in {
       '';
     };
 
+    system.defaults.dock.showAppExposeGestureEnabled = mkOption {
+      type = types.nullOr types.bool;
+      default = null;
+      description = ''
+        Whether to enable trackpad gestures (three- or four-finger vertical swipe) to show App Exposé. The default is false. This feature interacts with `system.defaults.trackpad.TrackpadFourFingerVertSwipeGesture` and `system.defaults.trackpad.TrackpadThreeFingerVertSwipeGesture` to determine which gesture triggers App Exposé.
+      '';
+    };
+
+    system.defaults.dock.showDesktopGestureEnabled = mkOption {
+      type = types.nullOr types.bool;
+      default = null;
+      description = ''
+        Whether to enable four-finger spread gesture to show the Desktop. The default is false. 
+      '';
+    };
+
+    system.defaults.dock.showLaunchpadGestureEnabled = mkOption {
+      type = types.nullOr types.bool;
+      default = null;
+      description = ''
+        Whether to enable four-finger pinch gesture to show the Launchpad. The default is false. 
+      '';
+    };
+
+    system.defaults.dock.showMissionControlGestureEnabled = mkOption {
+      type = types.nullOr types.bool;
+      default = null;
+      description = ''
+        Whether to enable trackpad gestures (three- or four-finger vertical swipe) to show Mission Control. The default is false. This feature interacts with `system.defaults.trackpad.TrackpadFourFingerVertSwipeGesture` and `system.defaults.trackpad.TrackpadThreeFingerVertSwipeGesture` to determine which gesture triggers Mission Control.
+      '';
+    };
+
     system.defaults.dock.show-process-indicators = mkOption {
       type = types.nullOr types.bool;
       default = null;
@@ -367,3 +476,4 @@ in {
 
     };
 }
+