Commit graph

17786 commits

Author SHA1 Message Date
Jan Tojnar
2bfa6aa848
nixosTests.installed-tests: Add the test data to VM closure
Flatpak’s installed tests build Flatpak runtimes, among other things.
Upstream code does this by copying some programs on `PATH`
as well as some possible dependencies from host’s /usr.
We patch the code to use `nix-store --query --requisites`
to make the dependency discovery easier.

The Flatpak’s installed tests add `socat` to `PATH` and later run
`nix-store --query --requisites` on its location but it was failing with

    error: path '/nix/store/qcyf7nq5vvfw32967sv4j6z190inrbrc-socat-1.7.3.4' is not valid

The issue occurred because, while the host Nix store is bind mounted into the test VM,
the VM’s store uses its own database that only contains the packages in the VM’s closure.
Since the test commands are not actually part of the VM but only passed through PTY,
the `flatpak.installedTests` derivation was not part of the VM’s closure, so `nix-store`
in the VM could not get information about its dependency `socat`.

Let’s make the `installedTests` of the tested package part of the test VM’s closure
by passing it as a global environment variable. This will also have the added benefit
that user no longer has to type the path when running the installed tests manually in the VM;
they can just use `gnome-desktop-testing-runner -d $TESTED_PACKAGE_INSTALLED_TESTS`,
which is much more conducive to tab completion.
2020-07-24 16:30:49 +02:00
Olli Helenius
2d8311dac9
nixos/manual: Fix reference to copy_from_host 2020-07-18 14:26:44 +03:00
Jörg Thalheim
eb66a32a56
Merge pull request #76487 from ryneeverett/lockkernelmodules-docker 2020-07-18 10:35:34 +01:00
Daniël de Kok
cace440c15
Merge pull request #93290 from danieldk/manual-opencl-amd
nixos/manual: add a section about enabling OpenCL for AMD GPUs
2020-07-18 08:34:07 +02:00
ryneeverett
f12581a7a3 nixos/docker: explicitly load kernel modules
This is analogous to #70447.

With security.lockKernelModules=true, docker commands result in the following
error without at least loading veth:

$ docker run hello-world
/nix/store/mr50kaan2vs4gc40ymwncb2vci25aq7z-docker-19.03.2/libexec/docker/docker: Error response from daemon: failed to create endpoint epic_kare on network bridge: failed to add the host (veth8b381f3) <=> sandbox (veth348e197) pair interfaces: operation not supported.
ERRO[0003] error waiting for container: context canceled
2020-07-18 02:31:25 +00:00
WilliButz
c8a29f640a
Merge pull request #93291 from mdlayher/mdl-mmexporter
prometheus-modemmanager-exporter: init at 0.1.0, add NixOS module
2020-07-17 20:02:56 +02:00
Matt Layher
a58346a5ee
nixos/prometheus-modemmanager-exporter: new module
Signed-off-by: Matt Layher <mdlayher@gmail.com>
2020-07-17 13:54:58 -04:00
Lassulus
b6eca9a2af
Merge pull request #93104 from Kloenk/moodle-plugins
nixos/moodle: add plugins
2020-07-17 17:47:11 +02:00
claudiiii
2d468be964 nixos/matrix-synapse: update documentation 2020-07-17 16:28:12 +02:00
Daniël de Kok
45edd3b418 nixos/manual: add a section about enabling OpenCL for AMD GPUs
- Begin a new chapter "GPU Acceleration", this should also cover
  VA-API, OpenGL, Vulkan, etc.
- Add a general blurb about OpenCL and how to check whether OpenCL
  devices are found.
- Add a section about enabling OpenCL for AMD GPUs specifically.
2020-07-17 13:35:49 +02:00
Finn Behrens
832d2289c3
moodle: update to 3.9.1
use phpEnv to provide xmlrpc
2020-07-16 23:48:08 +02:00
Robert Hensing
c1908bf802
Merge pull request #92934 from hercules-ci/dockerTools-set-imageTag
dockerTools: Always set imageTag attribute
2020-07-16 17:05:58 +02:00
Daniël de Kok
aa94e5f2c2
Merge pull request #93210 from zowoq/podman
podman updates
2020-07-16 09:20:01 +02:00
Sarah Brofeldt
7ab42c176c nixos/tests/kubernetes: Don't re-import <nixpkgs> 2020-07-16 08:44:04 +02:00
zowoq
805f7676bc Revert "nixos/podman: use cgroupfs for rootless crun test"
This reverts commit 033ba9c73d.
2020-07-16 12:11:09 +10:00
Graham Christensen
0c10b75288
Merge pull request #93110 from grahamc/systemd-executable
stage-2: parameterized systemd executable
2020-07-14 15:45:00 -04:00
Florian Klink
e99389a942
Merge pull request #93001 from aanderse/gitolite
nixos/gitolite: provision data directory only before service begins
2020-07-14 20:40:35 +02:00
Florian Klink
b6c53e3ac5
Merge pull request #92791 from johanot/ceph-15
ceph: 14.2.10 -> 15.2.4
2020-07-14 20:10:23 +02:00
Graham Christensen
64dd9c1d6a
stage-2: parameterized systemd executable
This lets users do sneaky things before systemd starts, and
permanently affect the environment in which systemd runs. For example,
we could start systemd in a non-default network namespace by setting
the systemdExecutable to a wrapper script containing:

    #!/bin/sh
    ip netns add virtual
    touch /var/run/netns/physical
    mount -o bind /proc/self/ns/net /var/run/netns/physical
    exec ip netns exec virtual systemd

_note: the above example does literally work, but there are unresolved
problems with udev and dhcp._
2020-07-14 13:18:14 -04:00
worldofpeace
97054ce880
Merge pull request #93089 from jtojnar/debug-gnome-tests
nixosTests.gnome3: enable debug mode
2020-07-14 12:43:56 -04:00
Atemu
206dc0cfac spotifyd: make option link clickable 2020-07-14 08:34:28 +02:00
Jan Tojnar
13e22e4607
nixosTests.gnome3: enable debug mode
The tests fail too often on Hydra without much of a hint what went wrong. Hopefully, this will provide some clue.
2020-07-14 04:35:15 +02:00
Florian Klink
2e2cd5c018
Merge pull request #93077 from RomanSharapov/add-configurable-keepalive
nixos/buildbot: enable configurable keepalive for buildbot worker
2020-07-13 21:21:23 +02:00
Roman Sharapov
d53d13b6ee nixos/buildbot: enable configurable keepalive for buildbot worker
In the current implementation, there's no possibility to modify the default
parameter for keepalive. This is a number that indicates how frequently
keepalive messages should be sent from the worker to the buildmaster,
expressed in seconds. The default (600) causes a message to be sent to
the buildmaster at least once every 10 minutes.

If the worker is behind a NAT box or stateful firewall, these messages
may help to keep the connection alive: some NAT boxes tend to forget about
a connection if it has not been used in a while. When this happens, the
buildmaster will think that the worker has disappeared, and builds will
time out. Meanwhile the worker will not realize than anything is wrong.
2020-07-13 13:07:20 -04:00
adisbladis
ce49f8cbd0
nixos/doc/manual/release-notes: Add release notes for subuid/subgid mappings 2020-07-13 13:22:53 +02:00
adisbladis
5733967290
nixos.users-groups: Set up subuid/subgid mappings for all normal users
This is required by (among others) Podman to run containers in rootless mode.

Other distributions such as Fedora and Ubuntu already set up these mappings.

The scheme with a start UID/GID offset starting at 100000 and increasing in 65536 increments is copied from Fedora.
2020-07-13 13:15:02 +02:00
Niklas Hambüchen
45325b1d24
install-grub.pl: Fix GRUB always reinstalling. (#92756)
See https://github.com/NixOS/nixpkgs/pull/92520#issuecomment-655157990.

In #85895 I accidentally introduced a comparison between an array reference
and an array, which can never be true. Fixed by dereferencing.
2020-07-13 02:16:43 +02:00
Aaron Andersen
5e32ec39ca nixos/gitolite: provision data directory only before service begins 2020-07-12 09:19:00 -04:00
Florian Klink
3b2b3f7c53 nixos/systemd: add missing defaults, make options nullable
Otherwise evaluation will fail if these are not set.
2020-07-12 12:16:26 +02:00
Florian Klink
b7ff71a90c
Merge pull request #92933 from RaghavSood/bug/92910
nixos/users-groups: fix mkChangedOptionModule for root password hash
2020-07-12 10:11:43 +02:00
Florian Klink
94dc0c006e
Merge pull request #92759 from mdlayher/mdl-systemd-watchdog
nixos/systemd: add options for hardware watchdog management
2020-07-12 09:35:25 +02:00
Raghav Sood
23e259cf7d
nixos/users-groups: fix mkChangedOptionModule for root password hash 2020-07-12 02:06:22 +00:00
Florian Klink
8c0708f0bb
Merge pull request #91424 from i077/restic-rclone-opts
nixos/restic: Add rclone options
2020-07-11 23:57:47 +02:00
Franz Pletz
a8fd3c7edd
Merge pull request #85074 from Emantor/fix/boot_kernel_module
boot.initrd.luks: remove x86_64/i586 AES modules
2020-07-11 19:20:32 +02:00
Maximilian Bosch
3d9c143b77
Merge pull request #91895 from kristoff3r/jupyter-service
Improve jupyter service
2020-07-11 18:03:31 +02:00
Justin Humm
ce111fcc26
Merge pull request #92225 from bachp/unifi-5.13.32
unifiStable: 5.13.29 -> 5.13.32
2020-07-11 17:14:19 +02:00
Robert Hensing
8c0459f611 dockerTools: Always set imageTag attribute
The image tag can be specified or generated from the output hash.
Previously, a generated tag could be recovered from the evaluated
image with some string operations.

However, with the introduction of streamLayeredImage, it's not
feasible to compute the generated tag yourself.

With this change, the imageTag attribute is set unconditionally,
for the buildImage, buildLayeredImage, streamLayeredImage functions.
2020-07-11 16:58:25 +02:00
Johan Thomsen
4f39f93d8e nixos/ceph: (test) ceph now has device monitoring and pg_autoscaler enabled by default
- the pg_autoscaler will force new empty pools down to 32 pgs
- device monitoring metrics consumes 1 pool with 1 pg
2020-07-11 14:12:42 +02:00
Edmund Wu
3b0608d679
nixos/networkd: correct DHCPv6 UseDNS field 2020-07-10 21:47:51 -04:00
lassulus
8d05772134
nixos make-disk-image: fix permissions of /build
This was broken in 460c0d6 (PR #90431); now the nixos-unstable channel
should get unblocked.
vcunat modified this commit to use env-var instead of hardcoding /build
2020-07-10 10:31:26 +02:00
Mario Rodas
926e93be73
Merge pull request #92692 from c0deaddict/fix/docker-layer-created-now
dockerTools.buildLayeredImage: fix created=now
2020-07-10 00:05:35 -05:00
worldofpeace
747fb48c72
Merge pull request #85065 from worldofpeace/autologin-unified
nixos/displayManager: make autoLogin options independent of DM type
2020-07-10 00:04:41 -04:00
worldofpeace
490cd7889e nixos/displayManager: make autoLogin options independent of DM type
Co-authored-by: volth <volth@volth.com>
2020-07-09 21:15:35 -04:00
lewo
9534da25bf
Merge pull request #90115 from asbachb/postfix-tls
postfix: Replaced config key by recommendation and introduced usage of system trust store
2020-07-09 20:29:49 +02:00
markuskowa
6ce044250b
Merge pull request #92048 from markuskowa/add-pmix
pmix: init at 3.1.5, add support to slurm, openmpi
2020-07-09 11:41:00 +02:00
Jos van Bakel
66737168a4
dockerTools.buildLayeredImage: fix created=now 2020-07-09 09:34:18 +02:00
Matt Layher
f9ea9c7299 nixos/systemd: add options for hardware watchdog management 2020-07-08 21:43:12 -04:00
Graham Christensen
84ecbc9a19
libvirtd: don't start libvirtd-tcp.socket by default
Per upstream:

> libvirtd-tcp.socket - the unit file corresponding to the TCP 16509
> port for non-TLS remote access. This socket should not be configured
> to start on boot until the administrator has configured a suitable
> authentication mechanism.
2020-07-08 19:50:23 -04:00
Florian Klink
9e5f550af9 nixos/networkd: fix systemd.network.netdevs.<name>.vlanConfig.Id example
This is passed as integer, not string.

Closes https://github.com/NixOS/nixpkgs/issues/91172.
2020-07-08 20:43:17 +02:00
Eelco Dolstra
046427570e
nix: 2.3.6 -> 2.3.7 2020-07-08 16:58:54 +02:00