Commit graph

9057 commits

Author SHA1 Message Date
Jaakko Luttinen
13eaae1610 nixos/service.tt-rss: use tt_rss user
- Add tt_rss system user.
- Use tt_rss as the user by default.
- Create tt_rss user and group automatically if used.
2018-01-05 14:47:54 +01:00
Jaakko Luttinen
c9b46ccea1 nixos/service.tt-rss: fix #27048 2018-01-05 14:47:54 +01:00
rnhmjoj
c883311327
nixos/dnscrypt-wrapper: fix rotate script failing to restart the service 2018-01-05 02:37:09 +01:00
Jörg Thalheim
f29ecd56c1
Merge pull request #33372 from Mic92/memcache
nixos/memcached: make unix sockets usuable
2018-01-04 18:39:48 +01:00
Peter Hoeg
423dd6cc29
Merge pull request #33415 from peterhoeg/p/hv
hyperv-daemons: package and nixos module
2018-01-04 21:11:34 +08:00
Peter Hoeg
85e507ebea hyperv-daemons: add nixos module 2018-01-04 21:09:01 +08:00
Jörg Thalheim
2387c15d68
Merge pull request #33370 from Mic92/redis
nixos/redis: remove static uid/gid assignment
2018-01-04 09:46:24 +01:00
Jörg Thalheim
814b38541f
Merge pull request #32845 from Ma27/test-driver/allow-user-units
test-driver: support testing user units
2018-01-04 09:40:41 +01:00
Samuel Dionne-Riel
0e6346f16a doc: Obtaining NixOS: New link to section in wiki.
This adds a link to the new section in the new wiki that refers to the
same contents as the previously removed link.
2018-01-03 19:35:40 -05:00
Samuel Dionne-Riel
dd602120a0 doc: Obtaining NixOS now refers to USB media creation chapter.
This:

 * Removes contradiction with information in the later paragraph.
 * Removes a dead link to the Wiki.
2018-01-03 19:34:32 -05:00
Jörg Thalheim
c9c8a2c5b3 nixos/memcached: make unix sockets usuable
before:
  - /var/run/memcached is a bad default for a socket path, since its
    parent directory must be writeable by memcached.
  - Socket directory was not created by the module itself -> this was
    left as a burden to the user?
  - Having a static uid with a dynamic user name is not very useful.

after:
  - Replace services.memcached.socket by a boolean flag. This simplifies
    our code, since we do not have to check if the user specifies a
    path with a parent directory that should be owned by memcached
    (/run/memcached/memcached.sock -> /run/memcached).
  - Remove fixed uid/gid allocation. The only file ever owned by the
    daemon is the socket that will be recreated on every start.
    Therefore user and group ids do not need to be static.
  - only create the memcached user, if the user has not specified a
    different one. The major use case for changing option is to allow
    existing services (such as php-fpm) opening the local unix socket.
    If we would unconditionally create a user that option would be
    useless.
2018-01-03 12:33:36 +01:00
Jörg Thalheim
453e15ec91 nixos/redis: remove static uid/gid assignment
all files are chowned on startup
2018-01-03 11:18:04 +01:00
Léo Gaspard
aa241aed14 nixos/dkimproxy-out: init (#33229) 2018-01-03 01:23:02 +00:00
Ryan Trinkle
f1a6fa6eec
Merge pull request #32258 from ryantrinkle/add-nat-extraCommands
nat: add extraCommands option
2018-01-02 14:32:42 -05:00
Maximilian Bosch
e538e00404
test-driver: support testing user units
It is quite complicated to test services using the test-driver when
declaring user services with `systemd.user.services` such as many
X11-based services like `xautolock.service`.

This change adds an optional `$user` parameter to each systemd-related
function in the test-driver and runs `systemctl --user` commands using
`su -l $user -c ...` and sets the `XDG_RUNTIME_DIR` variable
accordingly and a new function named `systemctl` which is able to run a
systemd command with or without a specified user.

The change can be confirmed with a simple VM declaration like this:

```
import ./nixos/tests/make-test.nix ({ pkgs, lib }:

with lib;

{
  name = "systemd-user-test";

  nodes.machine = {
    imports = [ ./nixos/tests/common/user-account.nix ];

    services.xserver.enable = true;
    services.xserver.displayManager.auto.enable = true;
    services.xserver.displayManager.auto.user = "bob";
    services.xserver.xautolock.enable = true;
  };

  testScript = ''
    $machine->start;
    $machine->waitForX;

    $machine->waitForUnit("xautolock.service", "bob");
    $machine->stopJob("xautolock.service", "bob");
    $machine->startJob("xautolock.service", "bob");
    $machine->systemctl("list-jobs --no-pager", "bob");
    $machine->systemctl("show 'xautolock.service' --no-pager", "bob");
  '';
})
```
2018-01-02 20:14:27 +01:00
Frederik Rietdijk
804285f589 Merge remote-tracking branch 'upstream/staging' into HEAD 2018-01-02 19:10:45 +01:00
Uli Schlachter
5465d6f7de awesome: Use --search instead of $LUA_PATH/$LUA_CPATH
Instead of polluting the environment with environment variables which
are inherited by processes spawned from awesome, use the command line
argument "--search" to add things to the search path.

cc #33169
2018-01-02 17:24:56 +00:00
Jörg Thalheim
310ad4345b
Merge pull request #30686 from gnidorah/keyring
pam: add optional pam_gnome_keyring integration
2018-01-02 14:58:45 +01:00
Jörg Thalheim
54b16bcd11
Merge pull request #33227 from Ekleog/fcron-opensmtpd
fcron module: be compatible with non-wrapped sendmail's, like opensmt…
2018-01-02 09:26:53 +01:00
Bas van Dijk
803077ef1c elk: add elasticsearch6, logstash6, kibana6 and the beats at v6.1.0
This change is backwards compatible since the ELK tools at version 5.x
remain unchanged.

The test suite now both tests ELK-5 and ELK-6.
2018-01-02 01:15:29 +01:00
Franz Pletz
1a69b2029f
Merge pull request #33273 from fadenb/patch-1
lldpd module: create a lldpd user as system user
2018-01-01 23:46:50 +00:00
gnidorah
f15fad898b pam: add optional pam_gnome_keyring integration 2018-01-01 21:58:37 +03:00
Frederik Rietdijk
4cc2a38854 Merge remote-tracking branch 'upstream/master' into HEAD 2018-01-01 18:15:13 +01:00
Jörg Thalheim
0bbf671b5a
Merge pull request #31157 from sorki/lxcfs_pam_related
[wip] lxcfs,pam: disable cgmanager, enable pam_cgfs, lxcfs 2.0.7 -> 2.0.8
2018-01-01 15:42:03 +01:00
Frederik Rietdijk
1869e7e5b0 Merge remote-tracking branch 'upstream/master' into HEAD 2018-01-01 15:09:55 +01:00
Tristan Helmich
3b74349661
lldpd module: create a lldpd user as system user 2018-01-01 14:22:58 +01:00
Léo Gaspard
70a085b62f nixos/rspamd: add extraConfig parameter (#33226) 2017-12-31 15:11:15 +00:00
Vladimír Čunát
1fcd92ce92
Merge branch 'master' into staging
A few thousand rebuilds from master, again.
Hydra: ?compare=1422362
2017-12-31 09:53:49 +01:00
Orivej Desh
dac8f27f96 nixos/beegfs: fix the build of the NixOS manual 2017-12-31 07:52:32 +00:00
Markus Kowalewski
b7fdefc8a4 beegfs: init at 6.17
package, kernel module, nixos module, and nixos test
2017-12-31 07:07:02 +00:00
Yegor Timoshenko
0dd6bd214d
xfce: resolve conflict with KDE
This resolves some aspects of #33231, but GDK_PIXBUF_MODULE_FILE doesn't really belong to any DE module.
2017-12-31 05:22:15 +00:00
John Ericson
4d2b763817
Merge pull request #26805 from obsidiansystems/cross-elegant
Make cross compilation elegant
2017-12-30 22:58:02 -05:00
Orivej Desh
54d01b0e97
Merge pull request #32914 from Infinisil/znapzendzetup
znapzend service: stateless setup
2017-12-31 03:45:40 +00:00
John Ericson
a98e68676d doc: Breaking change release not for dependency propagation logic 2017-12-30 22:42:15 -05:00
John Ericson
553fd19e67 Merge branch 'ericson2314-cross-base' into staging 2017-12-30 22:39:19 -05:00
Léo Gaspard
341583b2d2
fcron module: be compatible with non-wrapped sendmail's, like opensmtpd's 2017-12-31 03:34:11 +01:00
John Ericson
fa9f0e574d
Merge pull request #33196 from obsidiansystems/bintools-release-note
doc: Breaking change release note for bintools-wrapper
2017-12-30 19:37:06 -05:00
John Ericson
d67e0921e9 doc: Breaking change release note for bintools-wrapper 2017-12-30 19:27:52 -05:00
Yegor Timoshenko
c31ac41810
libinput: disableWhileTyping = false by default 2017-12-30 22:02:16 +00:00
Frederik Rietdijk
2d0bead714 Merge remote-tracking branch 'upstream/master' into HEAD 2017-12-30 17:04:54 +01:00
Ben Gamari
b95cdd4f6c gitlab: Rename jws_private_key to openid_connect_signing_key
See
24d56df29b
2017-12-29 22:11:04 -05:00
Vladimír Čunát
a1a3e54ac9
Merge branch 'master' into staging
Haskell rebuild :-)
Hydra: ?compare=1421865
2017-12-29 18:39:36 +01:00
gnidorah
766ae1ecf9 tmux module: add secureSocket option 2017-12-29 15:05:20 +03:00
Franz Pletz
e2fe111d46
nixos/profiles/all-hardware: remove unavailable modules 2017-12-29 11:37:21 +01:00
Vladimír Čunát
0ac589246a
release-notes 18.03: fixup build after 553e8be1 2017-12-29 11:28:17 +01:00
Vladimír Čunát
f29000b002
Merge branch 'master' into staging
Hydra: ?compare=1421760
2017-12-29 10:13:33 +01:00
Nadrieril
95fde40b71 usbguard service: rules option should be of type 'lines' 2017-12-29 03:19:36 +01:00
Robin Gloster
553e8be1d9 release-notes 18.03: add MariaDB update notes 2017-12-29 02:18:35 +01:00
Robin Gloster
86c7db0ac4 mysql module: cleanup obsolete checks 2017-12-29 02:18:35 +01:00
Robin Gloster
445e3d7390 ghostOne: remove
broken and unmaintained
2017-12-29 02:18:35 +01:00
Christoph Hrdinka
3e14b2826b
nsd module: make use of NSDs configFile option
Signed-off-by: Christoph Hrdinka <c.github@hrdinka.at>
2017-12-28 14:34:06 +01:00
adisbladis
563078184e
services.xserver.desktopManager.plasma5: add qtvirtualkeyboard to systemPackages 2017-12-28 21:13:46 +08:00
Kosyrev Serge
097719147a buildkite-agent: change hooksPath type to 'path' (and prevent it from hitting the store)
(cherry picked from commit 3aec59c99ff6692468a069fa8a8d6a05000fca81)
Signed-off-by: Domen Kožar <domen@dev.si>
2017-12-28 12:16:05 +00:00
Kosyrev Serge
9f5593559b buildkite: address review suggestions 2017-12-28 12:16:05 +00:00
Kosyrev Serge
bbb6072f10 buildkite: allow configuration and actual use of agent-specific hooks
(cherry picked from commit 775e49439fe25a4cdc2a93e31dfb3968b9b02311)
Signed-off-by: Domen Kožar <domen@dev.si>
2017-12-28 12:16:05 +00:00
Silvan Mosberger
66fefb82e7
nixos/znapzend: stateless setup
This enables znapzend users to specify its full configuration through
NixOS options, without ever needing to use the stateful `znapzendzetup`
command.

This works by running znapzendzetup with the specified config in
ExecPre, just before the znapzend daemon is started.

There is also the `pure` option which will clear all previous znapzend setups,
making it as stateless as can get, as only the setup declared in
configuration.nix will be persisted.
2017-12-28 01:40:01 +01:00
Peter Hoeg
7798051817
Merge pull request #32927 from peterhoeg/u/kdeapp
kde-applications: 17.08.3 -> 17.12.0
2017-12-28 08:22:27 +08:00
Christoph Hrdinka
d890212ac8 nginx module: only turn on HTTP2 when SSL is enabled
Signed-off-by: Christoph Hrdinka <c.github@hrdinka.at>
2017-12-28 00:32:24 +01:00
gnidorah
c955c131f7 rootston module, orbment/bemenu: change my maintainership 2017-12-27 10:21:34 +03:00
gnidorah
ececaafee1 rootston module: better defaults 2017-12-26 23:31:38 +03:00
Jörg Thalheim
f1c236a987
Merge pull request #33035 from corpix/feature/ssh-systemd-deps
sshd: Start after network target
2017-12-26 09:11:04 +01:00
Robin Gloster
c4036762b2
gitlab: remove unnecessary assertion
It also gives less information than the error from the module system.
2017-12-26 01:11:16 +01:00
José Romildo Malaquias
6e0387a1e6 mate: fix XDG_MENU_PREFIX 2017-12-25 07:15:07 +01:00
José Romildo Malaquias
248e3983b0 gnome3: fix XDG_MENU_PREFIX 2017-12-25 07:15:07 +01:00
José Romildo Malaquias
1e147fee02 enlightenment: fix XDG_MENU_PREFIX 2017-12-25 07:15:07 +01:00
Michael Weiss
4be298bf6d nixos/sway: Extend the descriptions and examples
This'll hopefully make it a bit easier to get started with Sway and make
some things about the module more obvious.
2017-12-25 00:15:06 +01:00
Dmitry Moskowski
ed26bc5931
sshd: Start after network target 2017-12-24 14:57:14 +00:00
Yegor Timoshenko
b792b3ca61
thinkfan: proper case in IBM, Lenovo, ThinkPad 2017-12-24 12:54:43 +00:00
Jörg Thalheim
b65f942eae
Merge pull request #28022 from volth/ccache
nixos/ccache: init
2017-12-24 13:41:48 +01:00
gnidorah
22596e8995 breeze-qt4: drop 2017-12-24 12:54:04 +03:00
Michael Weiss
b322cad42b nixos/rootston: Init
Probably only relevant for a quick testing setup and NixOS VM tests.
2017-12-23 17:34:29 +01:00
Orivej Desh
c3cfdc17bf
Merge pull request #32983 from flokli/virtualbox-5.2.4
virtualbox: 5.2.2 -> 5.2.4
2017-12-23 16:29:59 +00:00
Yegor Timoshenko
f89bc2718b
Merge pull request #32995 from NixOS/yegortimoshenko-patch-1
mbpfan: improve description, resolves #32266
2017-12-23 17:31:13 +03:00
Yegor Timoshenko
ca7472b1a7
mbpfan: improve description, resolves #32266 2017-12-23 14:28:37 +00:00
Yegor Timoshenko
108f76c927
Merge pull request #31668 from rycee/doc/naming
docs: clarify package and module option naming
2017-12-23 17:12:29 +03:00
Graham Christensen
b5a61f2c59
Revert "nixos: doc: implement related packages in the manual" 2017-12-23 07:19:45 -05:00
Florian Klink
0543dc77b1 nixos/tests/virtualbox: remove mknod /dev/vda1 call
With devtmpfs introduced in 0d27df280f it is
created automatically.

See https://github.com/NixOS/nixpkgs/pull/32983#issuecomment-353703083
2017-12-23 03:16:18 +00:00
Silvan Mosberger
0b0df8f9cf nixos/logkeys: fix evaluation 2017-12-23 01:44:14 +00:00
Arseniy Seroka
36e02645eb
Merge pull request #32424 from oxij/nixos/related-packages
nixos: doc: implement related packages in the manual
2017-12-23 03:34:58 +03:00
Evgeny Egorochkin
ab623d8467 luksRoot: add the missing ECB dependency to fix XTS support, resolves #30940 2017-12-22 07:50:09 +02:00
gnidorah
b9851a975e Make less known wayland compositors usable (#32285)
* bemenu: init at 2017-02-14

* velox: 2015-11-03 -> 2017-07-04

* orbment, velox: don't expose subprojects

the development of orbment and velox got stuck
their subprojects (bemenu, dmenu-wayland, st-wayland) don't work correctly outside of parent projects
so hide them to not confuse people
swc and wld libraries are unpopular and unlike wlc are not used by anything except velox

* pythonPackages.pydbus: init at 0.6.0

* way-cooler: 0.5.2 -> 0.6.2

* nixos/way-cooler: add module

* dconf module: use for wayland

non-invasive approach for #31293
see discussion at #32210

* sway: embed LD_LIBRARY_PATH for #32755

* way-cooler: switch from buildRustPackage to buildRustCrate #31150
2017-12-21 16:16:19 +00:00
Bjørn Forsman
7c481aa7c1 nixos/gitolite: copy hooks with force
This makes the commonHook option work also for (read-only) Nix store
paths. Currently it fails on the second activation, because the
destination is read-only.
2017-12-21 08:41:59 +01:00
volth
363cdde475 nixos/libvirt: remove 'virtualisation.libvirtd.enableKVM' option 2017-12-21 03:56:41 +00:00
volth
a52aa6aafb nixos/libvirt: avoid dependency on two qemu packages
Currently libvirt requires two qemu derivations: qemu and qemu_kvm which is just a truncated version of qemu (defined as qemu.override { hostCpuOnly = true; }).

This patch exposes an option virtualisation.libvirtd.qemuPackage which allows to choose which package to use:

 * pkgs.qemu_kvm if all your guests have the same CPU as host, or
 * pkgs.qemu which allows to emulate alien architectures (for example ARMV7L on X86_64), or
 * a custom derivation

virtualisation.libvirtd.enableKVM option is vague and could be deprecate in favor of virtualisation.libvirtd.qemuPackage, anyway it does allow to enable/disable kvm.
2017-12-21 03:56:40 +00:00
Yegor Timoshenko
71a8dbb956 nixos/desktop-managers: do not leak feh to PATH
(originally from f9415cb621)

feh is used to set background image for desktop managers that do not
support it directly, however there is no need to include it in PATH.

Fixes #17450.
2017-12-21 01:43:38 +00:00
Orivej Desh
b679079045
Merge pull request #32540 from rnhmjoj/portrange
nixos/doc: document the firewall port ranges options
2017-12-20 23:51:08 +00:00
rnhmjoj
63af1f7807
nixos/doc: document the firewall port ranges options 2017-12-21 00:46:34 +01:00
Graham Christensen
9f31fe81aa
nixos: zfs: correct the networking.hostId error message
Users were confused that the error message said config.networking.hostId, and indeed that did nothing to fix their problem.

Update the error message to specify the option they should actually set.
2017-12-20 17:56:03 -05:00
Sander van der Burg
9cee2e5c95 dysnomia module: use postgres as default user and always publish container properties 2017-12-20 21:45:07 +01:00
Eelco Dolstra
014800706a
create-amis.sh: Ass eu-west-3 2017-12-20 16:35:22 +01:00
Tuomas Tynkkynen
758b4c1ea4 make-disk-image.nix: Really fix write permissions in the store
I think the current one applies the -exec only to those that match
'-type d'. Let's switch it to something that humans can understand...
2017-12-20 17:28:46 +02:00
Eelco Dolstra
3c82e6fc82
Add AMI for eu-west-3 2017-12-20 16:19:33 +01:00
Franz Pletz
cf12bc44b6
Merge pull request #32858 from nh2/nginx-add-http2-option
nginx service: Make http2 an option.
2017-12-20 11:18:33 +00:00
Yurii Rashkovskii
26a59f70a2 nixos/tarsnap: update doc for printStats
after the change made in 15567e6d8e
2017-12-20 10:16:10 +00:00
Yegor Timoshenko
a0aeb2381e doc: system.environmentPackages -> environment.systemPackages 2017-12-20 02:19:43 +00:00
Jörg Thalheim
ba007d32c9
Merge pull request #32829 from flokli/input_leds
boot.initrd.luks: add input_leds module
2017-12-19 21:36:51 +00:00
Wei Tang
62a974bbbf xfce: delay package selection for pulseaudio volume to nixos modules (#23382)
Now there are separate `xfce4.xfce4mixer_pulse` and `xfce4.xfcevolumed_pulse` attributes for PulseAudio versions of these packages, instead of relying on Nixpkgs option. Mind that xfce4-volumed and xfce4-volumed-pulse are actually two separate programs without much overlap.
2017-12-19 22:28:12 +03:00
Niklas Hambüchen
afa97cb981 nginx service: Make http2 an option.
HTTP 2 can break some things, for example due to this Chrome bug:

  https://bugs.chromium.org/p/chromium/issues/detail?id=796199

So the service hardcoding it to be enabled is not helpful.

This commit adds an option so you can turn it off.
2017-12-19 19:59:15 +01:00
Kevin Hanselman
65fb15aaf8 nixos/smartd: allow extra cli options for daemon
This enables further customization of smartd.
2017-12-19 18:43:49 +01:00
Florian Klink
f2a9f9aeab boot.initrd.luks: add input_leds module
To get working caps lock lights already at stage 1, the input_leds
module needs to be loaded.

Closes #12456.
2017-12-19 01:07:37 +01:00