Commit graph

6928 commits

Author SHA1 Message Date
volth
870375e19d all-hardware.nix: add VMware support. (#27430)
NixOS does not boot in VMware guest without these modules
2017-07-17 02:38:10 +02:00
Graham Christensen
8df6d351c4 Merge pull request #26912 from knedlsepp/fix-autoResize
nixos: Force check the filesystem before resizing
2017-07-16 16:54:54 -04:00
Graham Christensen
3d176b7ff1 Merge pull request #25670 from Mic92/cups-hardening
cups: mount private /tmp
2017-07-16 16:41:33 -04:00
Graham Christensen
6b879ef36e Merge pull request #23964 from benley/nixos-manual-launcher
nixos: nix snowflake logo for the nixos manual launcher
2017-07-16 16:28:30 -04:00
aszlig
b618843860
nixos/taskserver: Fix manual PKI management
The helper tool had a very early check whether the automatically created
CA key/cert are available and thus it would abort if the key was
unavailable even though we don't need or even want to have the CA key.

Unfortunately our NixOS test didn't catch this, because it was just
switching from a configuration with an automatically created CA to a
manual configuration without deleting the generated keys and certs.

This is done now in the tests and it's also fixed in the helper tool.

Reported-by: @jpotier
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-07-16 20:38:15 +02:00
Jörg Thalheim
c2cf696430 nixos/agetty: override upstream default
Since systemd 234 we keep default value for ExecStart in the upstream service file.
Therefor we need to override it in our module.
2017-07-16 18:29:57 +01:00
Nadrieril
65e38b7c52 bitlbee service: Add option to load libpurple plugins into bitlbee 2017-07-16 14:19:39 +01:00
Franz Pletz
951b932456 Merge pull request #27403 from rnhmjoj/nginx
nginx: make listen addresses configurable
2017-07-16 13:50:18 +02:00
Christian Kögler
e8a8f1233a snapper: add nixos module
fixes #27154
2017-07-16 10:06:42 +01:00
Florian Jacob
63bb133373 journalwatch & journalwatch service: init at 1.1.0 2017-07-16 00:14:19 +02:00
zimbatm
c93d68b6ed google-compute-image module: use google services
This adds a few google-specific services to setup the machine.

Accounts are now dynamically created using the google-accounts-daemon,
which allows to click on the "SSH" button in the console and have it
working.

The NixOS image now supports the userdata startup and shutdown scripts.

Misc:
* add all the google services from https://github.com/GoogleCloudPlatform/compute-image-packages/tree/master/google_compute_engine_init/systemd
* add udev rules for disk labels
* synched sysctl rules with https://github.com/GoogleCloudPlatform/compute-image-packages/blob/master/google_config/sysctl/11-gce-network-security.conf
2017-07-15 19:36:38 +01:00
Bjørn Forsman
b8e109d6ac nixos/libvirt: prevent OVMF path from being garbage collected
Use xmlstarlet to update the OVMF path on each startup, like we do for
<emulator>...qemu-kvm</emulator>.

A libvirt domain using UEFI cannot start if the OVMF path is garbage
collected/missing.
2017-07-14 22:07:57 +02:00
Bjørn Forsman
292827b0e0 nixos/libvirt: modify xml with xmlstarlet
Instead of grep and sed, which is brittle.

(I don't know how to preserve the comment we currently add to say that
this line is auto-updated. But I don't think it adds much value, so I'm
not spending any effort on it.)
2017-07-14 22:07:57 +02:00
rnhmjoj
e40f3bea3e
nginx: make listen addresses configurable 2017-07-14 21:26:54 +02:00
Bjørn Forsman
407b56986e nixos/lighttpd: fix indent (tab -> space) 2017-07-14 20:37:25 +02:00
Joachim Schiele
af7c7b42c1 postfix: complete remake of postfix service (#27276) 2017-07-14 16:55:53 +02:00
Bjørn Forsman
8a35f751d1 nixos/spice-vdagentd: remove needless shell 2017-07-14 16:28:25 +02:00
Daniel Fullmer
627260ddbf gnupg agent module: Only set tty for interactive shells 2017-07-14 00:22:20 +02:00
Daniel Fullmer
38e971d2e1 gnupg agent module: Fix dirmngr.enable option 2017-07-14 00:22:20 +02:00
Daniel Fullmer
3d360a5ffb gnupg agent module: Remove unnecessary unit configuration
These just seem to duplicate upstream systemd units, which are already
included in nixos configuration by systemd.packages
2017-07-14 00:22:20 +02:00
Eelco Dolstra
40cf34aaae
nix: 1.11.11 -> 1.11.12 2017-07-13 16:37:11 +02:00
florianjacob
9937f13308 resolved: use resolved's static resolv.conf (#27144)
because it is upstream's recommended mode of operation:
https://www.freedesktop.org/software/systemd/man/systemd-resolved.html#/etc/resolv.conf
2017-07-13 14:40:31 +01:00
Jörg Thalheim
b14bcd873a Merge pull request #27142 from florianjacob/resolved-multicastdns-support
networkd: Allow new MulticastDNS setting
2017-07-13 14:35:23 +01:00
Jörg Thalheim
c29b5b5a40 Merge pull request #27350 from veprbl/slurm
Bump slurm, add pyslurm
2017-07-13 09:32:51 +01:00
Dmitry Kalinkin
b917a8760e slurm: 15-08-5-1 -> 17.02.6, slurm-llnl -> slurm 2017-07-13 03:13:05 -04:00
Daniel Peebles
598d79ae7d Merge pull request #27341 from lheckemann/installer-fixes
nixos-install: quote nixos-prepare-root arguments
2017-07-13 00:31:44 -04:00
Peter Hoeg
5cb11abc9e systemd: paths and slices are supported for user units too 2017-07-13 11:55:48 +08:00
Linus Heckemann
fa5700544b nixos-install: quote nixos-prepare-root arguments
This prevents the script from breaking when channel_root is empty.
2017-07-12 21:58:25 +01:00
Charles Strahan
c79e0b2ba0 Merge pull request #26907 from volth/vault
vault: 0.6.5 -> 0.7.3 with service
2017-07-11 15:02:29 -04:00
Pascal Bach
c725924dfd gitlab-runner service: support graceful termination (#27222)
The current behavior was for gitlab-runner is to immediately terminate when there
was a restart required. This can lead to aborted builds and is annoying to users.

By enabling graceful mode gitlab-runner will wait for all builds to finish before
terminating. The disadvantage is that a nixos-rebuild switch needs to wait till
all jobs are done. Because of that it is not enabled by default.
2017-07-11 15:38:46 +01:00
Valentin Shirokov
d29fc731b3 Example of networking.hosts is now literalExample 2017-07-09 23:12:57 +03:00
Christian Albrecht
ebaff599ba nixos/auditd: init at 2.7.6 (#27261)
#11864 Support Linux audit subsystem
Add the auditd.service as NixOS module to be able to
generate profiles from /var/log/audit/audit.log
with apparmor-utils.

auditd needs the folder /var/log/audit to be present on start
so this is generated in ExecPreStart.

auditd starts with -s nochange so that effective audit processing
is managed by the audit.service.
2017-07-09 17:59:09 +01:00
Jörg Thalheim
e86a7e439a Merge pull request #27229 from bachp/minio-more-config
minio service: add additional config options
2017-07-09 16:38:45 +01:00
Pascal Bach
0fb8456b13 minio service: add additional config options
Set access and secret key and disable browser.
Tests extended to do real operations against minio.
2017-07-09 15:19:50 +02:00
Daiderd Jordan
8189811d3f Merge pull request #25648 from yacinehmito/custom
Make zshrc more predictable
2017-07-09 10:45:40 +02:00
Joachim F
a00a880572 Merge pull request #27055 from jfrankenau/mpd-startWhenNeeded
mpd service: Start when needed and harden
2017-07-09 09:34:31 +01:00
Valentin Shirokov
163393865f Style optimizations 2017-07-09 08:56:36 +03:00
Valentin Shirokov
2f97993992 Documentation fixes 2017-07-09 00:28:05 +03:00
Michael Raskin
0d2d5e2147 Merge pull request #27143 from florianjacob/networkmanager-support-resolved
networkmanager service: use resolved if enabled
2017-07-08 22:34:09 +02:00
Valentin Shirokov
396db6493d Style adjustments
Also dangerous typo fix
2017-07-08 23:04:47 +03:00
Valentin Shirokov
ca54c3f1aa Typo fix 2017-07-08 22:30:02 +03:00
Valentin Shirokov
5f2826fbed Added networking.hosts and networking.fqdn options 2017-07-08 21:13:16 +03:00
Frederik Rietdijk
ea5b2df865 Merge pull request #27094 from nand0p/buildbot-0.9.9
buildbot: 0.9.7 -> 0.9.9.post2
2017-07-07 17:48:29 +02:00
Fernando J Pando
f6a7b851d4 buildbot: 0.9.7 -> 0.9.9.post2
- adds grid-view plugin
- module fixup
- tested on nixos
2017-07-07 10:00:37 -04:00
Eelco Dolstra
707703185d
nixos-rebuild: Respect empty NIX_REMOTE
Fixes #11384.

Note: in Nix 1.12, you can set NIX_REMOTE to "local" to avoid
ambiguity.
2017-07-07 11:58:10 +02:00
Yacine Hmito
1f70f3801b Make zshrc more predictable
Originially, `programs.zsh` sets default values for some
initialisation scripts.
Nix resolves the case of multiple values by concatenating them all.
It is however impossible to predict where the default script will be
inserted; but we never want the default value to override the
user-specified ones.
Now, it doesn't set default values; almost everything is hardcoded at
the begining of the file.
2017-07-06 22:43:05 +02:00
Michael Raskin
05aa2a58db Merge pull request #25600 from johnramsden/nylas-mail
nylas-mail: 2.0.32
2017-07-06 02:04:24 +02:00
John Ramsden
407324faa9
Rename nylas-mail to nylas-mail-bin.
Change pkg in module, and name in pkg.
2017-07-05 16:28:01 -07:00
Florian Jacob
cd8a1a7ceb networkd: Allow new MulticastDNS setting
which gained an implementation in systemd v233
2017-07-05 13:48:18 +02:00
Vladimír Čunát
5328aac7be
Merge branch 'staging'
Comparison looks OK; I'll try some fixes on master directly.
http://hydra.nixos.org/eval/1372577?compare=1372497
2017-07-05 08:55:26 +02:00
zimbatm
4d545297d8 lib: introduce imap0, imap1 (#25543)
* lib: introduce imap0, imap1

For historical reasons, imap starts counting at 1 and it's not
consistent with the rest of the lib.

So for now we split imap into imap0 that starts counting at zero and
imap1 that starts counting at 1. And imap is marked as deprecated.

See c71e2d4235 (commitcomment-21873221)

* replace uses of lib.imap

* lib: move imap to deprecated.nix
2017-07-04 23:29:23 +01:00
Florian Jacob
12f54a5746 networkmanager service: use resolved if enabled 2017-07-04 23:50:56 +02:00
Johannes Frankenau
c4528eb4cc mpd service: Start when needed and harden 2017-07-04 09:50:34 +02:00
Valentin Shirokov
f9ec52dedc Added networking.extraLocalHosts option
It adds its contents to '127.0.0.1' line of /etc/hosts
It makes possible to point multiple domains to localhost in correct way
2017-07-04 02:19:11 +03:00
Volth
334e85e75a vault: do not restart the service on "nixos-rebuild switch" 2017-07-03 19:46:02 +00:00
Vladimír Čunát
d1a89ae9d7
Merge branch 'master' into staging 2017-07-03 09:48:58 +02:00
aszlig
69da1807f0
nixos/xserver: Allow more than one keyboard layout
Regression introduced by 44c64fef16.

The services.xserver.layout option allows to specify more than one
layout separated by comma, which the commit above didn't take into
account.

This is very similar to @lheckemann's pull request (#26984) but differs
in the following ways:

  * Print out the full list available layouts (as suggested by @0xABAB
    in [1]).
  * Loop over $layout using the default IFS (and thus no need for
    escaping ${cfg.layout}), because the layouts won't contain white
    spaces.
  * Re-do the error message, which now uses multiple echos instead of a
    heredoc, so the line is wrapped according to the viewers terminal
    width.

I've tested this with several good and bad layouts and also against the
keymap NixOS VM subtests.

[1]: https://github.com/NixOS/nixpkgs/pull/26984#discussion_r125146700

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Fixes: #26961
Closes: #26984
2017-07-03 08:29:20 +02:00
aszlig
d97cdfc591
nixos/xserver: Document the layouts sed expression
This was brought up by @0xABAB in #26984 by the following comment:

https://github.com/NixOS/nixpkgs/pull/26984#discussion_r125146405

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-07-03 08:29:16 +02:00
Joachim F
e4ca35a4f6 Merge pull request #26990 from jfrankenau/mpd-create-playlistDir
mpd service: Create playlist directory
2017-07-02 14:23:53 +01:00
Joachim F
c2576ac2d3 Merge pull request #26978 from volth/lighttpd-collectd-submodule
lighttpd: add collectd submodule
2017-07-02 11:49:06 +01:00
Joachim F
e20364a937 Merge pull request #26980 from volth/collectd-service-minor-refactoring
collectd service: minor refactoring
2017-07-02 11:48:56 +01:00
Joachim F
c0086b8996 Merge pull request #27019 from fadenb/heartbeat_service
heartbeat service: init
2017-07-02 11:42:54 +01:00
Tristan Helmich
97e8422541 heartbeat service: init 2017-07-02 10:45:59 +02:00
Frederik Rietdijk
6b5150d29d Merge pull request #27030 from Infinisil/luks-typo
luksroot: fix typo
2017-07-02 10:37:01 +02:00
Silvan Mosberger
cf07fc6b16 luksroot: fix typo 2017-07-02 04:37:51 +02:00
Joachim F
4e548d2717 Merge pull request #26964 from romildo/upd.lumina
lumina: 1.2.0-p1 -> 1.3.0
2017-07-01 12:51:14 +01:00
Jörg Thalheim
343ad1697d Merge pull request #26897 from layus/nixos-terminfo
terminfo: symlink terminfo to /etc for ncurses
2017-07-01 09:27:24 +01:00
Johannes Frankenau
0dd204ebfe mpd service: Create playlist directory 2017-07-01 09:13:49 +02:00
Balletie
44fadbb9bd
pulseaudio: Resolve conflicting asound.conf of pulseaudio and alsa
Fixes issue #25790.
2017-07-01 00:06:34 +02:00
Joachim F
74b3a8f5ae Merge pull request #26541 from dermetfan/browserpass
browserpass: 2017-04-11 -> 1.0.5
2017-06-30 20:58:37 +01:00
Joachim F
a8ba50db3e Merge pull request #26492 from michalpalka/new-xen
xen_4_8: init at 4.8.1
2017-06-30 20:27:04 +01:00
Vladimír Čunát
ddf864f8aa
Merge branch 'master' into staging
Mass rebuilds from master (>7k on x86_64-linux).
2017-06-30 18:16:58 +02:00
Volth
a1212c7784 collectd service: removed insecure AmbientCapabilities 2017-06-30 11:57:46 +00:00
Robin Stumm
4540eaf578 browserpass: 2017-04-11 -> 1.0.5 2017-06-30 13:32:45 +02:00
Guillaume Maudoux
bd562949cf terminfo: symlink terminfo to /etc for ncurses 2017-06-30 11:17:11 +02:00
Jörg Thalheim
1266c8f935 Merge pull request #26967 from florianjacob/fix-systemd-resolved-nsswitch-loading
Fix systemd resolved nsswitch loading and clearly state NSS module's dependency on nscd
2017-06-30 09:26:18 +01:00
Volth
67340baa9b collectd service: minor refactoring
* removed pid-file support, it is needless to run collectd as systemd service
* removed static user id, as all the files reowned on the service start
* added ambient capabilities for ping and smart (hdd health) functions
2017-06-30 00:52:22 +00:00
Florian Jacob
e370e97f3d nsswitch: only add modules to nsswitch.conf if they can be loaded 2017-06-30 02:44:23 +02:00
Florian Jacob
7410b0c82c nsswitch: add assertions for enabled nscd 2017-06-30 02:44:22 +02:00
Florian Jacob
63fa3e7c62 nsswitch: fix typo specifying nss-resolve module
this had the effect of not being able to load nss-resolve
and falling back to dns module in all cases.
2017-06-30 02:40:49 +02:00
Volth
99b8d5ebe6 lighttpd: add collectd submodule 2017-06-29 22:41:22 +00:00
Volth
68bf28adaf vault: services.vault.storagePath for the file backend 2017-06-29 21:10:56 +00:00
romildo
c5ff68b3c2 lumina: 1.2.0-p1 -> 1.3.0
- Update to version 1.3.0

- Remove dependency on `oxygen-icons5`, as Lumina desktop now distributes
it’s own "material-design-[light/dark]" icon themes and uses them as the
default icon sets.
2017-06-29 08:13:09 -03:00
John Ramsden
9f4c3b2efd
Add keyring enable option and add Nylas to systemPackages 2017-06-28 16:13:10 -07:00
John Ramsden
3fddb48020
Add Nylas mail module. Still needs keyring configuration 2017-06-28 15:56:41 -07:00
Volth
2056c7e395 removed generation of self-signed certificate 2017-06-28 22:22:53 +00:00
Volth
519f17035f vault: add unitConfig.RequiresMountsFor to systemd config 2017-06-28 21:16:04 +00:00
aszlig
e82d126212
nixos/xserver: Don't use exec in xkb-layouts-exist
First of all, thanks to @pbogdan for getting this problem reproduced:

https://github.com/NixOS/nixpkgs/commit/2014db3efcd2a#commitcomment-22815396

Also thanks to @vcunat for bringing this to my attention:

https://github.com/NixOS/nixpkgs/commit/44c64fef16ed5#commitcomment-22813503

Although it is not entirely clear why Nix has killed the build prior to
finishing, it seems to be related to the process substition I was using.

So instead of using "exec touch", let's wrap this inside an if so we
don't exit too early.

Tested this against all sub-tests in nixos/tests/keymap.nix and also a
few configurations with wrong keyboard layout definitions.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-06-28 21:39:19 +02:00
Vladimír Čunát
2014db3efc
nixos xkb-layouts-exist: try to debug on Hydra
I hate having to do this.  We're unable to reproduce the problem locally.
2017-06-28 19:47:51 +02:00
Rickard Nilsson
a6cf6367e2 network-manager: hostname option is deprecated
From log:
<warn>  [1498639184.8965] keyfile: 'hostname' option is deprecated and has no effect
2017-06-28 10:56:31 +02:00
Volth
7330e80456 vault: start after consul if consul is used as storage backend 2017-06-28 00:58:19 +00:00
Volth
d016ef1f5b create directory only for "file" storage 2017-06-27 20:22:53 +00:00
Josef Kemetmueller
899e2b5748 Force check the filesystem before resizing
The message buffer of the kernel lists
> Please run 'e2fsck -f /dev/disk/by-label/nixos' first.
as the output of the command `resize2fs "$device"`.
This fixes NixOS/nixpkgs#26910.
2017-06-27 22:13:51 +02:00
Joachim F
767a8b2e9a Merge pull request #26073 from florianjacob/piwik-package
piwik & piwik service: init at 3.0.4
2017-06-27 20:51:16 +01:00
Volth
4c428b4a6f vault: run as an unpivileged user 2017-06-27 19:34:12 +00:00
Katyucha
cad450e6d6 delete lines 2017-06-27 19:34:12 +00:00
Katyucha
442f76d72a Vault: 0.6.5 -> 0.7.2 with services 2017-06-27 19:34:12 +00:00
Joachim F
8791cad96b Merge pull request #26598 from moretea/mysql-add-bind-option
mysql module: add option to bind to an address
2017-06-27 19:43:41 +01:00
Domen Kožar
4dadb12a63
hydra: restart daemons on config change
https://github.com/NixOS/hydra/pull/491
2017-06-27 17:09:13 +02:00
Michał Pałka
9e6bfbb2f9 xen_4_8: init at 4.8.1
This commit adds the xen_4_8 package to be used instead of
xen (currently at 4.5.5):
 * Add packages xen_4_8, xen_4_8-slim and xen_4_8-light
 * Add packages qemu_xen_4_8 and qemu_xen_4_8-light to be used
   with xen_4_8-slim and xen_4_8-light respectively.
 * Add systemd to buildInputs of xen (it is required by oxenstored)
 * Adapt xen service to work with the new version of xen
 * Use xen-init-dom0 to initlilise dom0 in xen-store
 * Currently, the virtualisation.xen.stored option is ignored
   if xen 4.8 is used
2017-06-27 12:01:53 +00:00
Calvin Cheng
3270545094 rethinkdb service: initial implementation 2017-06-27 02:09:15 +02:00
Franz Pletz
271d3f7a43
prometheus service: globalConfig.labels is obsolete
Due to the version bump in e60c958811.
2017-06-27 01:53:03 +02:00
Peter Simons
003cd41310 zsh: extend default $fpath configured by NixOS to find "vendor-completions" 2017-06-26 10:50:52 +02:00
tv
ea44ca47f3 security-wrapper: run activation script after specialfs
Ensures that parentWrapperDir exists before it is used.

Closes #26851
2017-06-26 09:26:16 +02:00
Christian Albrecht
3584707638
nixos/boot/stage-1: fix failing nixos-rebuild switch because of blkid output
old version of blkid used to output version information including libblkid version
when invoked with --help parameter

new version does not output libblkid version when invoked with --help parameter

fix is to invoke blkid with -V parameter to output version including libblkid in both cases
2017-06-26 09:15:44 +02:00
Pascal Bach
aa66c9ad37 minio service: add inital service
features:
- change listen port and address
- configure config and data directory
- basic test to check if minio server starts
2017-06-26 04:07:37 +02:00
michael bishop
bb16bced36
toxvpn: 20161230 -> 2017-06-25 2017-06-25 20:17:20 -03:00
Kai
9929e83607 systemd-boot-builder.py: add support for profiles (#26318)
* systemd-boot-builder.py: add support for profiles

This will also list the generations of other profiles than `system` in
the boot menu. See the documentation of the `--profile-name` option of
nixos-rebuild for more information on profiles.

* Fix errors introduced by previous commit
2017-06-24 20:33:34 +01:00
Daiderd Jordan
c0cdf58807
plex: fix preStart permissions 2017-06-24 18:48:47 +02:00
Samuel Leathers
5d7fd7e7fa mailhog: init at 1.0.0 (#26821)
* mailhog: init at 1.0.0

* formatting nitpicks
2017-06-24 17:05:34 +01:00
André-Patrick Bubel
d859769f26 nixos: replaced "userns" with "user namespaces" for clarity
"userns" wasn't introduces as an abbreviation elsewhere as far as I can see, and I wasn't sure what was meant at first.
2017-06-22 22:04:34 +02:00
Joachim Schiele
3d52203ab2 sshd.nix: Added nixops usage warning of openssh.authorizedKeys.keys usage 2017-06-22 11:50:09 +02:00
aszlig
44c64fef16
nixos/xserver: Improve checking keyboard layout
Enumerating the symbols directory doesn't include variants, so we're now
basically doing what "localectl list-x11-keymap-layouts" does but we use
sed instead.

The reason I'm not using localectl directly is because the path to
rules/base.lst is hardcoded in the systemd source.

Of course, the XKB specification allows for much more complicated rules,
but at least this should cover the most basic ones including variants.

So the sed expression itself is just for listing the available layouts
and variants and we use a grep with -xF to match only full lines without
interpreting regular expressions.

This should again allow to set "dvorak" as the layout option.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @lheckemann
Fixes: #25526
2017-06-22 03:24:28 +02:00
Domen Kožar
7bd918b364
hydra-evaluator: depend on jq 2017-06-21 15:35:07 +02:00
James
c9fdf3f4db coturn: allow use of ports < 1024 2017-06-20 09:17:24 +01:00
Eelco Dolstra
5446934b41
nix: 1.11.10 -> 1.11.11
(cherry picked from commit 7b1e936b24ca60810cdb6d46b68300cd179836f1)
2017-06-19 19:03:39 +02:00
Florian Jacob
55844c8380 piwik & piwik service: init at 3.0.4 2017-06-19 16:00:17 +02:00
Franz Pletz
ba1330b12e Merge pull request #26605 from mayflower/disable-ssh-agent
ssh module: disable agent by default
2017-06-18 22:03:59 +02:00
Jörg Thalheim
96eaad8fd4 Merge pull request #26697 from kirelagin/nsd-stderr
nsd: Send stderr to /dev/null
2017-06-18 16:53:36 +01:00
Jörg Thalheim
f36cdf1171 Merge pull request #26675 from kirelagin/bind-rndc
bind: Use rndc to control the daemon
2017-06-18 16:30:02 +01:00
Kirill Elagin
13d026e219 bind: Use rndc to control the daemon 2017-06-18 17:29:29 +03:00
Thomas Tuegel
dab7700f6c
qt58: determine plugin and import paths from PATH
Plugin and QML import paths were previously determined by NIX_PROFILES. Using
PATH instead allows Qt applications to work under nix-shell without further
modification.
2017-06-18 08:44:47 -05:00
Thomas Tuegel
faf0d3e91d
kdeFrameworks: fixup inputs and outputs
- Reduce environment pollution with a separate $bin output containing programs,
  plugins, and shared data. Libraries remain in $out and are not installed into
  the environment.
- Only propagate build inputs as required.
2017-06-18 08:44:45 -05:00
Thomas Tuegel
870c07cc2b
sddm: take themes from system environment 2017-06-18 08:43:39 -05:00
Thomas Tuegel
be7b7d908f
Remove kdeWrapper 2017-06-18 08:43:39 -05:00
Thomas Tuegel
3f3d33a078
qt5: use distinct lib/qt-5.x prefix for each minor version
Using a distinct prefix for plugins and QML libraries allows multiple Qt 5 minor
versions to coexist in the same environment.
2017-06-18 08:41:57 -05:00
Kirill Elagin
e66d2753f3 nsd: Send stderr to /dev/null
nsd by default logs _both_ to syslog and to standard error which results
in all the messages ending up in the journal twice, the ones from stderr
with an ugly timestamp sticked in front of them.
2017-06-18 15:31:34 +03:00
Joachim F
0b7c4c1900 Merge pull request #26170 from kirelagin/wlan-fix
wirelessInterfaces: Add a missing parameter
2017-06-17 15:31:22 +01:00
Vladimír Čunát
c416641d4d
Merge #26657: nixos security.wrappers: fix a typo
Fixes #26611.
2017-06-17 10:00:52 +02:00
Niklas Hambüchen
aa645b51ba jenkins service: Add extraJavaOptions.
This is useful for the common case of passing arguments to
the JVM that runs Jenkins.
2017-06-16 09:23:11 +02:00
Parnell Springmeyer
5ca644c228
Fixing attribute name mistake: setguid => setgid 2017-06-15 19:25:43 -07:00
Roger Qiu
1b6176e45b gnupg module: Added extra and browser sockets (#26295)
Also added dirmngr and made SSH support false by default
due to programs.ssh.startAgent defaulting to true.
2017-06-15 19:40:09 +02:00
Franz Pletz
994ffc01a0
ssh module: disable agent by default 2017-06-15 19:27:01 +02:00
Maarten Hoogendoorn
d847b5c763 mysql module: add option to bind to an address 2017-06-15 16:08:15 +02:00
Ekaterina Vaartis
c0df448d54 apache-httpd: fix mod_perl by refering to apacheHttpdPackages (#26579) 2017-06-15 13:07:14 +02:00
Pascal Bach
c9802321c1 cntlm service: cleanup non working config options (#26578)
- extraConfig was not working
- add possibility to add cntlm.conf in verbatime form
- create cntlm user as system user
- add no proxy option
2017-06-15 12:11:48 +02:00
Edward Tjörnhammar
3dcecf09fc
Remove aiccu package and service due to sunsetting.
https://www.sixxs.net/main/
2017-06-15 06:58:08 +02:00
Joachim Schiele
ca17f3b8ef hostapd dependency fix for https://github.com/nixos/nixpkgs/issues/16090 (#26573) 2017-06-14 16:44:46 +02:00
Maximilian Bosch
3803864ca6 thefuck: init at 3.18 (#26529) 2017-06-14 09:57:38 +01:00
Joachim F
631ec734eb Merge pull request #26460 from romildo/fix.nixos-artwork
nixos-artwork: add more wallpapers
2017-06-13 23:20:52 +01:00
Bas van Dijk
2444eab485 ELK: update kibana and the elastic beats to 5.4 (#26252)
* Add kibana5 and logstash5
* Upgrade the elastic beats to 5.4
* Make sure all elastic products use the same version
  (see elk5Version)
* Add a test for the ELK stack
2017-06-13 22:36:08 +02:00
Taylor "Nekroze" Lawson
9fb87f9c9d Kubernetes ABAC policy file fix (#26499)
Fix the incorrect nix map that generates the Kubernetes policy file
2017-06-13 21:54:36 +02:00
Franz Pletz
ac5258edb2
caddy service: don't use extra dotdir in dataDir 2017-06-13 21:21:59 +02:00
Franz Pletz
071815cb24
caddy service: sync with upstream systemd unit
Increases security and fixes minor issues.
2017-06-13 21:21:59 +02:00
Joachim F
76430ecd9f Merge pull request #25701 from mayflower/elasticsearch_postStart_script_removal
elasticsearch service: remove postStart script
2017-06-13 00:13:05 +01:00
Eelco Dolstra
0bffe03828
nix: 1.11.9 -> 1.11.10 2017-06-12 20:13:27 +02:00
Robin Gloster
c5467a16c4
errbot module: needs network-online to connect properly 2017-06-12 17:44:42 +02:00
Vladimír Čunát
32916ab1de
Merge older staging
Enough rebuilds have finished on Hydra now.
2017-06-11 09:01:08 +02:00
Bjørn Forsman
5b48368386 nixos/bcache: add services.udev.packages = [ bcache-tools ]
Adds /dev/disk/by-{id,label}/* symlinks for bcache device nodes, in the
final rootfs.

Symlinks will only be created for bcache devices that contain
filesystems. So if you have a blank bcache device or run LVM on top of
bcache you will not get this kind of symlink.
2017-06-10 17:10:49 +02:00
Bjørn Forsman
581226cfb4 nixos/bcache: /bin/sh -> ${bash}/bin/sh
Or else `services.udev.packages = [ bcache-tools ]` cannot be used.

To not break bcache in the initrd I'm modifying this in stage-1.nix:

  -  --replace /bin/sh ${extraUtils}/bin/sh
  +  --replace ${bash}/bin/sh ${extraUtils}/bin/sh

Reasoning behind that change:

* If not modifying the /bin/sh pattern in any way, it will also match
  ${bash}/bin/sh, creating a broken path like
  /nix/store/HASH-bash/nix/store/HASH-bash/bin/sh in the udev rule file.

* The addition of /bin/sh was done in 775f381a9e
  ("stage-1: add bcache support"). It seems somewhat plausible that
  no new users have appeared since then and we can take this opportunity
  to back out of this change without much fear of regressions.

  If there _are_ regressions, they should be in the form of build time
  errors, not runtime (boot), due to how the udev rule output is checked
  for invalid path references. So low risk, IMHO.

* An alternative approach could be to copy the /bin/sh substitute rule
  over to the non-initrd udev rules implementation in NixOS, but I think
  this way is better:
  - The rules file comes with a working path out of the box.
  - We can use more precise pattern matching when modifying the udev
    rules for the initrd.
2017-06-10 17:10:49 +02:00
Benjamin Staffin
700e22f7bf nixos: Add support for scalable fonts in Grub menus (#26227)
The default font is unreadably small on some hidpi displays. This
makes it possible to specify a TrueType or OpenType font at any point
size, and it will automatically be converted to the format the Grub
uses.
2017-06-10 09:53:24 -04:00
Jörg Thalheim
9c0577447c Merge pull request #26191 from romildo/fix.mlocate
locate: fix creation of parent dir of database
2017-06-10 11:56:26 +01:00
David Tulig
bb6cf349ff bind service: add listen-on options (#26430)
This adds configuration options for the bind package so that the
interfaces that bind listens on can be configured rather than just
hardcoded as any. The default values preserve the old behavior to be
backwards compatible.
2017-06-10 12:19:07 +02:00
Jörg Thalheim
fbe658eea0 Merge pull request #26296 from gnidorah/master3
autorandr: 855c18b -> 1.1
2017-06-10 11:00:53 +01:00
Vladimír Čunát
cb9f953c92
Merge branch 'master' into staging
More larger rebuilds.
2017-06-10 10:07:33 +02:00
Joachim Schiele
507c207958 spamassassin: major service fixes -> added more perl packages to spamassassin and abstracted service to not use /etc/spamassassin, also running sa-update as spamd user periodically (#26470)
thanks @grahamc for IRC comments
2017-06-10 09:35:35 +02:00
Bjørn Forsman
6a55fda61e nixos/acme: improve documentation
* Use literalExample for better readability
* Clarify a bit wrt. 'webroot' and 'allowKeysForGroup'
2017-06-09 19:35:17 +02:00
Bjørn Forsman
7a0e958b97 nixos/acme: support "full.pem" (for lighttpd)
* Create "full.pem" from selfsigned certificate
* Tell simp_le to create "full.pem"
* Inject service dependency between lighttpd and the generation of certificates

Side note: According to the internet these servers also use the
"full.pem" format: pound, ejabberd, pure-ftpd.
2017-06-09 19:35:17 +02:00
romildo
aa8018103c nixos-artwork: add more wallpapers
Restructure the nixos-artwork to make it easy to selectively
incorporate other components from upstream without needing to download
the full package.

Until now only the Gnome_Dark wallpaper was included. Add other
wallpapers available in the package repository.
2017-06-07 18:00:58 -03:00
gnidorah
5c9f0d00c3 autorandr: 855c18b -> 1.1 2017-06-07 13:23:36 +03:00
Eelco Dolstra
338cdea332
Merge branch 'master2' of https://github.com/gnidorah/nixpkgs into staging 2017-06-07 11:46:17 +02:00
roblabla
c18c50a42e cyrus-sasl: Add saslauthd service support 2017-06-06 12:59:47 +02:00
Joachim F
602a492bb7 Merge pull request #26277 from avnik/fix/qtile
qtile: Fix using qtile together with desktop
2017-06-05 19:05:58 +01:00
Daniel Fullmer
b8ebc60abd programs.zsh.syntaxHighlighting: Fix default value for patterns 2017-06-04 15:30:35 -04:00
Jörg Thalheim
d07ad26bfd Merge pull request #26229 from Ma27/refactor/use-attr-set-for-syntax-highlighting-patterns
programs.zsh.syntaxHighlighting: refactor to use attr sets rather than recursive lists for patterns
2017-06-03 19:28:17 +01:00
Mateusz Kowalczyk
dcf171bc79 Revert "dd-agent: 5.11.2 -> 5.13.2 + service rework"
This reverts commit af096c8bff.
2017-06-03 12:27:56 +01:00
Mateusz Kowalczyk
668556331b Revert "datadog: Properly use configured package."
This reverts commit 50f53da9ef.
2017-06-03 12:27:43 +01:00
rnhmjoj
2606d395fc
dnschain: allow different bind and external addresses 2017-06-03 12:24:04 +02:00
Jörg Thalheim
3d17573cd4
resilio: remove systemd user service
this used to be part of the upstream btsync package

fixes #26303
2017-06-02 21:25:21 +01:00
Jörg Thalheim
c611d03842
resilio: generate configuration with toJSON 2017-06-02 21:25:07 +01:00
Kjartan Ovmilk
919b39bb7c
resilio service: replaces btsync service, which is no longer supported upstream. 2017-06-02 21:24:49 +01:00
Peter Hoeg
a087081ebb network-manager: add support for internal DHCP 2017-06-02 19:21:46 +08:00
Mateusz Kowalczyk
50f53da9ef datadog: Properly use configured package. 2017-06-02 08:16:47 +01:00
Zetok Zalbavar
92b923b378
i2pd: correct docs about bandwidth setting 2017-06-02 06:31:39 +02:00
Frederik Rietdijk
87ee5896fb Merge pull request #25709 from nh2/25620-glusterfs-fix-python-import-errors
Fix: GlusterFS python tools all have import errors
2017-06-01 22:06:21 +02:00
Mateusz Kowalczyk
af096c8bff dd-agent: 5.11.2 -> 5.13.2 + service rework 2017-06-01 15:08:50 +01:00
Jörg Thalheim
859267f627
systemd-resolved: fix case when dnsmasq is used as local resolver
fixes #25706
2017-05-31 23:30:35 +01:00
Maximilian Bosch
c4e4071ed1
programs.zsh.syntax-highlighting: simplify enable option by using mkEnableOption 2017-05-31 21:52:05 +02:00
Maximilian Bosch
0925f79d56
programs.zsh.syntaxHighlighting: refactor to use attr sets rather than recursive lists for patterns
The idea has been described here: https://github.com/NixOS/nixpkgs/pull/25323#issuecomment-298677369
2017-05-31 21:52:04 +02:00
Alexander V. Nikolaev
ff52233bca qtile: Fix using qtile together with desktop
Funny bug, which prevent qtile to co-exists with desktop manager
(or program pretending to be DE)
2017-05-31 18:37:47 +03:00
Nikolay Amiantov
d09e3535f5 nvidia module: link proper output as OpenGL drivers 2017-05-31 16:30:21 +03:00
Albert Peschar
47d038c21d elasticsearch: add 5.x package, service 2017-05-31 02:06:29 +02:00
Albert Peschar
39a121303f services.graphite: chmod -R entire dataDir 2017-05-31 01:25:04 +02:00
Pascal Bach
de52d2450e Cleanup PostgreSQL for state version 17.09 (#25753)
* postgresql service: make 9.6 the default version for 17.09

* postgresql service: change default superuser for 17.09

Change the default superuser from `root` to `postgres` for state
version 17.09

* postgresql service: change default data directory for 17.09

The new directory includes the schema version of the database.
This makes upgrades easier and is more consistent with other distros.

* updated nixos release notes
2017-05-30 21:05:39 +01:00
Vladimír Čunát
bc7b895aa5
nvidia module: allow .persistenced == null
Fixes #26250.  This is fallout from PR #22304.
It's null for 304 and 173 legacy drivers.
2017-05-30 20:58:16 +02:00
gnidorah
a996fe849f fstrim: Add service 2017-05-30 16:39:27 +03:00
Franz Pletz
a49c2366ef
nixos/firewall: clean up rpfilter rules properly
The rpfilter rules wouldn't be removed if it was previously enabled
but disabled in a new generation.
2017-05-29 17:26:34 +02:00
Graham Christensen
fde29b2b06 Merge pull request #25931 from bachp/mysql-17.09
mysql service: change default data directory for 17.09
2017-05-29 10:22:07 -04:00
Franz Pletz
04158d9aba
gnupg agent module: init
Creates a systemd user service and updates the tty on new logins so
that gpg-agent may find the current tty even if the SSH agent mode
is used.
2017-05-29 15:05:29 +02:00
Franz Pletz
1e95e114e5
nixos/xsession: use graphical systemd user target
While systemd suggests using the pre-defined graphical-session user
target, I found that this interface is difficult to use. Additionally,
no other major distribution, even in their unstable versions, currently
use this mechanism.

The window or desktop manager is supposed to run in a systemd user service
which activates graphical-session.target and the user services that are
binding to this target. The issue is that we can't elegantly pass the
xsession environment to the window manager session, in particular
whereas the PassEnvironment option does work for DISPLAY, it for some
mysterious reason won't for PATH.

This commit implements a new graphical user target that works just like
default.target. Services which should be run in a graphical session just
need to declare wantedBy graphical.target. The graphical target will be
activated in the xsession before executing the window or display manager.

Fixes #17858.
2017-05-29 15:05:28 +02:00
romildo
6ef6484dd6 locate: does not use localuser for mlocate 2017-05-28 15:22:46 -03:00
romildo
c06a10e05f locate: fix creation of the parent directory of of locate database 2017-05-28 15:21:57 -03:00
Kirill Elagin
b1f56b8b0c wirelessInterfaces: Add a missing parameter 2017-05-28 09:34:43 +03:00
Niklas Hambüchen
19c298e973 tinc: Mention in docs that the host name may not be used verbatim. (#26157)
* tinc: Mention in docs that the host name may not be used verbatim.

Source:

  5c344f2976/src/net_setup.c (L341)

* tinc: also replaces non-alphanumeric characters.
2017-05-27 16:31:25 +01:00
Jörg Thalheim
08dd6779f4
systemd-nspawn: relax PrivateUsers check
this options allows two colon-separated number as value, for instances which
is quite difficult to check.
2017-05-27 08:27:47 +01:00
Jörg Thalheim
522c16bd86
systemd-nspawn: fixes evaluation error
fixes #25097
2017-05-27 08:27:39 +01:00
Franz Pletz
8ab0501865 Merge pull request #25565 from KaiHa/nitrokey-app-1.0
nitrokey-app: 0.6.3 -> 1.1
2017-05-27 02:43:22 +02:00
Dan Peebles
7c3253e519 Simple proof of concept for how to do other types of services 2017-05-26 18:14:31 -04:00
Emery Hemingway
12b6c4d4de u9fs service: grant capabilities for running as nobody 2017-05-26 11:41:10 -05:00
Tom Smeets
5886b7fd72 desktopManager service: Document background image location 2017-05-26 14:43:33 +00:00