Introduce a dedicated networking.proxy option

Following the discussion #5021:
- obsolete the nix.proxy option
- add the networking.proxy option
- open a default no_proxy environment variable
- add a rsync option
- Manual tests ok.
- Automatic tests ok.

nixos/modules/config/networking.nix

@@ -39,6 +39,28 @@ in
       '';
     };
 
+    networking.proxy = lib.mkOption {
+      type = types.str;
+      default = "";
+      description = ''
+        This option specifies the *_proxy for the users in the environment.
+        It is just exporting the http_proxy, https_proxy, ftp_proxy, rsync_proxy
+        with that value.
+        This also exports a basic no_proxy environment.
+      '';
+      example = "http://127.0.0.1:3128";
+    };
+
+    networking.envVarsProxy = mkOption {
+      type = types.attrs;
+      internal = true;
+      default = {};
+      description = ''
+        Environment variables used by networking (was specifically open for networking.proxy).
+        If you want to specify environment variables, use `nix.envVars`.
+      '';
+    };
+
   };
 
   config = {
@@ -86,6 +108,14 @@ in
             '';
       };
 
+      networking.envVarsProxy = optionalAttrs (cfg.proxy != "") {
+        http_proxy = cfg.proxy;
+        https_proxy = cfg.proxy;
+        ftp_proxy = cfg.proxy;
+        rsync_proxy = cfg.proxy;
+        no_proxy = "localhost,127.0.0.1";
+      };
+
     # The ‘ip-up’ target is started when we have IP connectivity.  So
     # services that depend on IP connectivity (like ntpd) should be
     # pulled in by this target.

nixos/modules/rename.nix

@@ -107,6 +107,9 @@ in zipModules ([]
 ++ obsolete [ "services" "xserver" "startOpenSSHAgent" ] [ "programs" "ssh" "startAgent" ]
 ++ obsolete [ "services" "xserver" "windowManager" "xbmc" ] [ "services" "xserver" "desktopManager" "xbmc" ]
 
+# proxy
+++ obsolete [ "nix" "proxy" ] [ "networking" "proxy"]
+
 # KDE
 ++ deprecated [ "kde" "extraPackages" ] [ "environment" "kdePackages" ]
 # ++ obsolete [ "environment" "kdePackages" ] [ "environment" "systemPackages" ] # !!! doesn't work!

nixos/modules/services/misc/nix-daemon.nix

@@ -193,17 +193,6 @@ in
         '';
       };
 
-      proxy = mkOption {
-        type = types.str;
-        default = "";
-        description = ''
-          This option specifies the proxy to use for fetchurl. The real effect
-          is just exporting http_proxy, https_proxy and ftp_proxy with that
-          value.
-        '';
-        example = "http://127.0.0.1:3128";
-      };
-
       # Environment variables for running Nix.
       envVars = mkOption {
         type = types.attrs;
@@ -317,17 +306,10 @@ in
         NIX_BUILD_HOOK = "${nix}/libexec/nix/build-remote.pl";
         NIX_REMOTE_SYSTEMS = "/etc/nix/machines";
         NIX_CURRENT_LOAD = "/run/nix/current-load";
-      }
-
-      # !!! These should not be defined here, but in some general proxy configuration module!
-      // optionalAttrs (cfg.proxy != "") {
-        http_proxy = cfg.proxy;
-        https_proxy = cfg.proxy;
-        ftp_proxy = cfg.proxy;
       };
 
     # Set up the environment variables for running Nix.
-    environment.sessionVariables = cfg.envVars;
+    environment.sessionVariables = cfg.envVars // config.networking.envVarsProxy;
 
     environment.extraInit =
       ''

nixos/tests/networking-proxy.nix

@@ -0,0 +1,47 @@
+# Test whether `networking.proxy' work as expected.
+
+import ./make-test.nix {
+  name = "networking-proxy";
+
+  nodes = {
+    machine =
+      { config, pkgs, ... }:
+
+      {
+        imports = [ ./common/user-account.nix ];
+
+        networking.proxy = "http://user:pass@host:port";
+        services.xserver.enable = false;
+
+        virtualisation.memorySize = 128;
+      };
+
+    machine2 =
+      { config, pkgs, ... }:
+
+      {
+        imports = [ ./common/user-account.nix ];
+
+        services.xserver.enable = false;
+
+        virtualisation.memorySize = 128;
+      };
+    };
+
+  testScript =
+    ''
+      startAll;
+
+      $machine->sleep(10);
+      print $machine->execute("env | grep -i proxy");
+      print $machine->execute("su - alice -c 'env | grep -i proxy'");
+      $machine->mustSucceed("env | grep -i proxy");
+      $machine->mustSucceed("su - alice -c 'env | grep -i proxy'");
+
+      print $machine2->execute("env | grep -i proxy");
+      print $machine2->execute("su - alice -c 'env | grep -i proxy'");
+      $machine2->mustFail("env | grep -i proxy");
+      $machine2->mustFail("su - alice -c 'env | grep -i proxy'");
+    '';
+
+}