···

       
171
       
171
       
 
       


     

       
172
       
172
       
 
       
- [Recyclarr](https://github.com/recyclarr/recyclarr) a TRaSH Guides synchronizer for Sonarr and Radarr. Available as [services.recyclarr](#opt-services.recyclarr.enable).

     

       
173
       
173
       
 
       


     

       
174
       
174
       
+
       
- [Rebuilderd](https://github.com/kpcyrd/rebuilderd) an independent verification of binary packages - Reproducible Builds. Available as [services.rebuilderd](#opt-services.rebuilderd.enable).

     

       
175
       
175
       
+
       


     

       
174
       
176
       
 
       
<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->

     

       
175
       
177
       
 
       


     

       
176
       
178
       
 
       
## Backward Incompatibilities {#sec-release-25.05-incompatibilities}

     

···

       
868
       
868
       
 
       
  ./services/misc/radicle.nix

     

       
869
       
869
       
 
       
  ./services/misc/readarr.nix

     

       
870
       
870
       
 
       
  ./services/misc/realmd.nix

     

       
871
       
871
       
+
       
  ./services/misc/rebuilderd.nix

     

       
871
       
872
       
 
       
  ./services/misc/recyclarr.nix

     

       
872
       
873
       
 
       
  ./services/misc/redlib.nix

     

       
873
       
874
       
 
       
  ./services/misc/redmine.nix

     

···

       
1
       
1
       
+
       
{

     

       
2
       
2
       
+
       
  config,

     

       
3
       
3
       
+
       
  pkgs,

     

       
4
       
4
       
+
       
  lib,

     

       
5
       
5
       
+
       
  ...

     

       
6
       
6
       
+
       
}:

     

       
7
       
7
       
+
       


     

       
8
       
8
       
+
       
let

     

       
9
       
9
       
+
       
  inherit (lib) mkEnableOption mkIf mkPackageOption;

     

       
10
       
10
       
+
       
  cfg = config.services.rebuilderd;

     

       
11
       
11
       
+
       


     

       
12
       
12
       
+
       
  format = pkgs.formats.toml { };

     

       
13
       
13
       
+
       
  settings = lib.attrsets.filterAttrs (n: v: v != null) cfg.settings;

     

       
14
       
14
       
+
       
  configFile = format.generate "rebuilderd.conf" settings;

     

       
15
       
15
       
+
       
in

     

       
16
       
16
       
+
       
{

     

       
17
       
17
       
+
       
  options.services.rebuilderd = {

     

       
18
       
18
       
+
       
    enable = mkEnableOption "rebuilderd service for independent verification of binary packages";

     

       
19
       
19
       
+
       
    package = mkPackageOption pkgs "rebuilderd" { };

     

       
20
       
20
       
+
       
    settings = lib.mkOption {

     

       
21
       
21
       
+
       
      type = lib.types.submodule {

     

       
22
       
22
       
+
       
        freeformType = format.type;

     

       
23
       
23
       
+
       
      };

     

       
24
       
24
       
+
       
      default = { };

     

       
25
       
25
       
+
       
      description = ''

     

       
26
       
26
       
+
       
        Configuration for rebuilderd (rebuilderd.conf)

     

       
27
       
27
       
+
       
      '';

     

       
28
       
28
       
+
       
    };

     

       
29
       
29
       
+
       
  };

     

       
30
       
30
       
+
       


     

       
31
       
31
       
+
       
  config = mkIf cfg.enable {

     

       
32
       
32
       
+
       
    systemd.services.rebuilderd = {

     

       
33
       
33
       
+
       
      description = "Independent verification of binary packages";

     

       
34
       
34
       
+
       
      wantedBy = [ "multi-user.target" ];

     

       
35
       
35
       
+
       
      environment = {

     

       
36
       
36
       
+
       
        REBUILDERD_COOKIE_PATH = "/var/lib/rebuilderd/auth-cookie";

     

       
37
       
37
       
+
       
      };

     

       
38
       
38
       
+
       
      after = [

     

       
39
       
39
       
+
       
        "network.target"

     

       
40
       
40
       
+
       
      ];

     

       
41
       
41
       
+
       
      serviceConfig = {

     

       
42
       
42
       
+
       
        ExecStart = "${cfg.package}/bin/rebuilderd --config ${configFile}";

     

       
43
       
43
       
+
       
        DynamicUser = true;

     

       
44
       
44
       
+
       
        StateDirectory = "rebuilderd";

     

       
45
       
45
       
+
       
        WorkingDirectory = "/var/lib/rebuilderd";

     

       
46
       
46
       
+
       
      };

     

       
47
       
47
       
+
       
    };

     

       
48
       
48
       
+
       
  };

     

       
49
       
49
       
+
       
}

     

···

       
953
       
953
       
 
       
  readarr = handleTest ./readarr.nix {};

     

       
954
       
954
       
 
       
  realm = handleTest ./realm.nix {};

     

       
955
       
955
       
 
       
  readeck = runTest ./readeck.nix;

     

       
956
       
956
       
+
       
  rebuilderd = runTest ./rebuilderd.nix;

     

       
956
       
957
       
 
       
  redis = handleTest ./redis.nix {};

     

       
957
       
958
       
 
       
  redlib = handleTest ./redlib.nix {};

     

       
958
       
959
       
 
       
  redmine = handleTestOn [ "x86_64-linux" "aarch64-linux" ] ./redmine.nix {};

     

···

       
1
       
1
       
+
       
{ lib, ... }:

     

       
2
       
2
       
+
       


     

       
3
       
3
       
+
       
{

     

       
4
       
4
       
+
       
  name = "rebuilderd";

     

       
5
       
5
       
+
       


     

       
6
       
6
       
+
       
  nodes = {

     

       
7
       
7
       
+
       
    machine =

     

       
8
       
8
       
+
       
      { pkgs, ... }:

     

       
9
       
9
       
+
       
      {

     

       
10
       
10
       
+
       
        services.rebuilderd = {

     

       
11
       
11
       
+
       
          enable = true;

     

       
12
       
12
       
+
       
        };

     

       
13
       
13
       
+
       
      };

     

       
14
       
14
       
+
       


     

       
15
       
15
       
+
       
    machine_custom_config =

     

       
16
       
16
       
+
       
      { pkgs, ... }:

     

       
17
       
17
       
+
       
      {

     

       
18
       
18
       
+
       
        services.rebuilderd = {

     

       
19
       
19
       
+
       
          enable = true;

     

       
20
       
20
       
+
       
          settings = {

     

       
21
       
21
       
+
       
            http.bind_addr = "0.0.0.0:1234";

     

       
22
       
22
       
+
       
          };

     

       
23
       
23
       
+
       
        };

     

       
24
       
24
       
+
       
      };

     

       
25
       
25
       
+
       
  };

     

       
26
       
26
       
+
       


     

       
27
       
27
       
+
       
  testScript = ''

     

       
28
       
28
       
+
       
    machine.start()

     

       
29
       
29
       
+
       
    machine.wait_for_unit("rebuilderd.service")

     

       
30
       
30
       
+
       
    machine.wait_for_open_port(8484)

     

       
31
       
31
       
+
       


     

       
32
       
32
       
+
       
    machine_custom_config.start()

     

       
33
       
33
       
+
       
    machine_custom_config.wait_for_unit("rebuilderd.service")

     

       
34
       
34
       
+
       
    machine_custom_config.wait_for_open_port(1234)

     

       
35
       
35
       
+
       
  '';

     

       
36
       
36
       
+
       


     

       
37
       
37
       
+
       
  meta.maintainers = [ lib.maintainers.drupol ];

     

       
38
       
38
       
+
       
}

     

···

       
15
       
15
       
 
       
  darwin,

     

       
16
       
16
       
 
       
  buildPackages,

     

       
17
       
17
       
 
       
  versionCheckHook,

     

       
18
       
18
       
+
       
  nixosTests,

     

       
18
       
19
       
 
       
  nix-update-script,

     

       
19
       
20
       
 
       
}:

     

       
20
       
21
       
 
       


     
···

       
108
       
109
       
 
       
  ];

     

       
109
       
110
       
 
       
  versionCheckProgramArg = [ "--version" ];

     

       
110
       
111
       
 
       
  doInstallCheck = true;

     

       
112
       
112
       
+
       


     

       
113
       
113
       
+
       
  passthru.tests = {

     

       
114
       
114
       
+
       
    rebuilderd = nixosTests.rebuilderd;

     

       
115
       
115
       
+
       
  };

     

       
111
       
116
       
 
       


     

       
112
       
117
       
 
       
  passthru.updateScript = nix-update-script { };

     

       
113
       
118