+3

nixos/doc/manual/release-notes/rl-2411.section.md

reviewed

··· 85 85 86 86 - [Proton Mail bridge](https://proton.me/mail/bridge), a desktop application that runs in the background, encrypting and decrypting messages as they enter and leave your computer. It lets you add your Proton Mail account to your favorite email client via IMAP/SMTP by creating a local email server on your computer. 87 87 88 88 + - [chromadb](https://www.trychroma.com/), an open-source AI application 89 89 + database. Batteries included. Available as [services.chromadb](options.html#opt-services.chromadb.enable). 90 90 + 88 91 ## Backward Incompatibilities {#sec-release-24.11-incompatibilities} 89 92 90 93 - `transmission` package has been aliased with a `trace` warning to `transmission_3`. Since [Transmission 4 has been released last year](https://github.com/transmission/transmission/releases/tag/4.0.0), and Transmission 3 will eventually go away, it was decided perform this warning alias to make people aware of the new version. The `services.transmission.package` defaults to `transmission_3` as well because the upgrade can cause data loss in certain specific usage patterns (examples: [#5153](https://github.com/transmission/transmission/issues/5153), [#6796](https://github.com/transmission/transmission/issues/6796)). Please make sure to back up to your data directory per your usage:

+1

nixos/modules/module-list.nix

reviewed

··· 457 457 ./services/continuous-integration/woodpecker/server.nix 458 458 ./services/databases/aerospike.nix 459 459 ./services/databases/cassandra.nix 460 460 + ./services/databases/chromadb.nix 460 461 ./services/databases/clickhouse.nix 461 462 ./services/databases/cockroachdb.nix 462 463 ./services/databases/couchdb.nix

+107

nixos/modules/services/databases/chromadb.nix

reviewed

··· 1 1 + { 2 2 + config, 3 3 + pkgs, 4 4 + lib, 5 5 + ... 6 6 + }: 7 7 + 8 8 + let 9 9 + cfg = config.services.chromadb; 10 10 + inherit (lib) 11 11 + mkEnableOption 12 12 + mkOption 13 13 + mkIf 14 14 + types 15 15 + literalExpression 16 16 + ; 17 17 + in 18 18 + { 19 19 + 20 20 + meta.maintainers = with lib.maintainers; [ drupol ]; 21 21 + 22 22 + options = { 23 23 + services.chromadb = { 24 24 + enable = mkEnableOption "ChromaDB, an open-source AI application database."; 25 25 + 26 26 + package = mkOption { 27 27 + type = types.package; 28 28 + example = literalExpression "pkgs.python3Packages.chromadb"; 29 29 + default = pkgs.python3Packages.chromadb; 30 30 + defaultText = "pkgs.python3Packages.chromadb"; 31 31 + description = "ChromaDB package to use."; 32 32 + }; 33 33 + 34 34 + host = mkOption { 35 35 + type = types.str; 36 36 + default = "127.0.0.1"; 37 37 + description = '' 38 38 + Defines the IP address by which ChromaDB will be accessible. 39 39 + ''; 40 40 + }; 41 41 + 42 42 + port = mkOption { 43 43 + type = types.port; 44 44 + default = 8000; 45 45 + description = '' 46 46 + Defined the port number to listen. 47 47 + ''; 48 48 + }; 49 49 + 50 50 + logFile = mkOption { 51 51 + type = types.path; 52 52 + default = "/var/log/chromadb/chromadb.log"; 53 53 + description = '' 54 54 + Specifies the location of file for logging output. 55 55 + ''; 56 56 + }; 57 57 + 58 58 + dbpath = mkOption { 59 59 + type = types.str; 60 60 + default = "/var/lib/chromadb"; 61 61 + description = "Location where ChromaDB stores its files"; 62 62 + }; 63 63 + 64 64 + openFirewall = mkOption { 65 65 + type = types.bool; 66 66 + default = false; 67 67 + description = '' 68 68 + Whether to automatically open the specified TCP port in the firewall. 69 69 + ''; 70 70 + }; 71 71 + }; 72 72 + }; 73 73 + 74 74 + config = mkIf cfg.enable { 75 75 + systemd.services.chromadb = { 76 76 + description = "ChromaDB"; 77 77 + after = [ "network.target" ]; 78 78 + wantedBy = [ "multi-user.target" ]; 79 79 + serviceConfig = { 80 80 + Type = "simple"; 81 81 + StateDirectory = "chromadb"; 82 82 + WorkingDirectory = "/var/lib/chromadb"; 83 83 + LogsDirectory = "chromadb"; 84 84 + ExecStart = "${lib.getExe cfg.package} run --path ${cfg.dbpath} --host ${cfg.host} --port ${toString cfg.port} --log-path ${cfg.logFile}"; 85 85 + Restart = "on-failure"; 86 86 + ProtectHome = true; 87 87 + ProtectSystem = "strict"; 88 88 + PrivateTmp = true; 89 89 + PrivateDevices = true; 90 90 + ProtectHostname = true; 91 91 + ProtectClock = true; 92 92 + ProtectKernelTunables = true; 93 93 + ProtectKernelModules = true; 94 94 + ProtectKernelLogs = true; 95 95 + ProtectControlGroups = true; 96 96 + NoNewPrivileges = true; 97 97 + RestrictRealtime = true; 98 98 + RestrictSUIDSGID = true; 99 99 + RemoveIPC = true; 100 100 + PrivateMounts = true; 101 101 + DynamicUser = true; 102 102 + }; 103 103 + }; 104 104 + 105 105 + networking.firewall.allowedTCPPorts = lib.optionals cfg.openFirewall [ cfg.port ]; 106 106 + }; 107 107 + }

+1

nixos/tests/all-tests.nix

reviewed

··· 192 192 cfssl = handleTestOn ["aarch64-linux" "x86_64-linux"] ./cfssl.nix {}; 193 193 cgit = handleTest ./cgit.nix {}; 194 194 charliecloud = handleTest ./charliecloud.nix {}; 195 195 + chromadb = runTest ./chromadb.nix; 195 196 chromium = (handleTestOn ["aarch64-linux" "x86_64-linux"] ./chromium.nix {}).stable or {}; 196 197 chrony = handleTestOn ["aarch64-linux" "x86_64-linux"] ./chrony.nix {}; 197 198 chrony-ptp = handleTestOn ["aarch64-linux" "x86_64-linux"] ./chrony-ptp.nix {};

+26

nixos/tests/chromadb.nix

reviewed

··· 1 1 + { lib, pkgs, ... }: 2 2 + 3 3 + let 4 4 + lib = pkgs.lib; 5 5 + 6 6 + in 7 7 + { 8 8 + name = "chromadb"; 9 9 + meta.maintainers = [ lib.maintainers.drupol ]; 10 10 + 11 11 + nodes = { 12 12 + machine = 13 13 + { pkgs, ... }: 14 14 + { 15 15 + services.chromadb = { 16 16 + enable = true; 17 17 + }; 18 18 + }; 19 19 + }; 20 20 + 21 21 + testScript = '' 22 22 + machine.start() 23 23 + machine.wait_for_unit("chromadb.service") 24 24 + machine.wait_for_open_port(8000) 25 25 + ''; 26 26 + }