Commit graph

7233 commits

Author SHA1 Message Date
Andreas Rammhold
4e60699fa7
Merge pull request #67858 from flokli/local-fs-target-services
nixos: remove dependencies on local-fs.target
2019-09-02 09:16:41 +02:00
worldofpeace
b1326ffc81 nixos/pantheon: add onboard
It's used as an on-screen keyboard.
Hopefully in future they can ship their native app [0]

[0]: https://github.com/elementary/keyboard
2019-09-02 00:15:30 -04:00
worldofpeace
9b13731b72
Merge pull request #67522 from worldofpeace/gnome3/harmonize-defaults
Harmonize Gnome3 Defaults
2019-09-01 18:33:00 -04:00
adisbladis
f140dfb161
nixos/desktop-managers/xterm: Disable by default
It's a confusing default for some display managers that will default
to it even when you have defined another display manager.
2019-09-01 22:17:35 +01:00
Maximilian Bosch
d8d759bb90
Merge pull request #67877 from WilliButz/fix/67874
nixos/prometheus-exporters: fix user generation
2019-09-01 21:15:35 +02:00
Florian Klink
f74735c9d7 nixos: remove dependencies on local-fs.target
Since https://github.com/NixOS/nixpkgs/pull/61321, local-fs.target is
part of sysinit.target again, meaning units without
DefaultDependencies=no will automatically depend on it, and the manual
set dependencies can be dropped.
2019-09-01 19:06:38 +02:00
Florian Klink
8e7c47bf9e
Merge pull request #67888 from aanderse/deluge
nixos/deluge: fix directory creation errors
2019-09-01 19:03:20 +02:00
Aaron Andersen
c6b3ed4bfc nixos/deluge: fix directory creation errors 2019-09-01 10:20:42 -04:00
Florian Klink
ff2fd6c4e5 nixos/redis: unbreak module
The redis module currently fails to start up, most likely due to running
a chown as non-root in preStart.

While at it, I hardcoded it to use systemd's StateDirectory and
DynamicUser to manage directory permissions, removed the unused
appendOnlyFilename option, and the pidFile option.

We properly tell redis now it's daemonized, and it'll use notify support
to signal readiness.
2019-09-01 14:08:42 +02:00
WilliButz
7786d0718c
nixos/prometheus-exporters: fix user generation 2019-09-01 12:51:39 +02:00
worldofpeace
d64d6c520e
Merge pull request #67473 from worldofpeace/wingpanel/fix-network-indicator
nixos/pantheon: fix launching nm-applet components
2019-09-01 04:36:06 -04:00
Peter Simons
fa49f7ce6b nixos/redis: drop unnecessary dependencies from systemd unit 2019-09-01 09:04:11 +02:00
Peter Simons
0808f5ad1d
Merge pull request #67768 from peti/t/redis
nixos/redis: disable transparent huge pages (TLP) before starting Redis
2019-09-01 08:49:25 +02:00
Aaron Andersen
3ee1adcf6e
Merge pull request #67818 from xvapx/remove/crashplan
Remove/crashplan
2019-08-31 21:47:27 -04:00
Marti Serra
d3de35967a crashplan, crashplan-small-business: remove pkg and module 2019-09-01 03:25:19 +02:00
Silvan Mosberger
478e7184f8
nixos/modules: Remove all usages of types.string
And replace them with a more appropriate type

Also fix up some minor module problems along the way
2019-08-31 18:19:00 +02:00
Marek Mahut
3059cd038c
Merge pull request #67777 from mmahut/altcoins
nixos/{namecoind,bitcoind}: removing the altcoin prefix
2019-08-31 10:33:44 +02:00
Marek Mahut
74d7ce4248 nixos/{namecoind,bitcoind}: removing the altcoin prefix 2019-08-31 10:15:03 +02:00
worldofpeace
7820be7a8f nixos/gnome3: additions to core-shell
Adds:

- gnome-color-manager
- services.avahi
  It appears that GeoClue requires its daemon and IIRC has
  been default enabled in other distros for a while.
- orca
  It's the default screen-reader.
2019-08-30 20:42:01 -04:00
worldofpeace
dcbad82b28 nixos/gnome3: cleanup core-utilities
core-utilities is meant to be the base utilities for a GNOME system.

The following are removed and the gnome3 module will no longer include:
- accerciser
- gnome-nettool
- gnome-power-manager
- gucharmap
- nautilus-sendto
  See https://gitlab.gnome.org/GNOME/gnome-build-meta/merge_requests/246
- gnome-usage
- vinagre
- gnome-documents
  See https://gitlab.gnome.org/GNOME/gnome-build-meta/merge_requests/157
- dconf-editor
- gnome-todo
- gnome-tweaks
- evolution

The following were added:
- cheese
- geary
2019-08-30 20:42:01 -04:00
worldofpeace
90319d5e33 nixos/seahorse: move to programs 2019-08-30 20:42:01 -04:00
Peter Simons
eedf3dc6e2 nixos/mailman: decouple the mailman module from the postfix module
https://github.com/NixOS/nixpkgs/pull/67708#discussion_r319579987 suggested
that simply appending the necessary maps to the appropriate attributes in
services.postfix.config gets the job done; we don't special support in the
postfix module to accomplish that.
2019-08-30 18:44:47 +02:00
adisbladis
f7b5be81a8
Merge pull request #66301 from adisbladis/emacspackages-deprecated-drop
emacs-packages: Drop deprecated package sets
2019-08-30 17:18:20 +01:00
Peter Simons
afd448a9fa nixos/redis: disable transparent huge pages (TLP) before starting Redis 2019-08-30 18:10:06 +02:00
Peter Simons
6b87772ca4 nixos/mailman: don't reserve a static uid in the system
Any system uid will do, so we let the system allocate
one for us. The 'mailman' group is gone entirely since
we don't need it. Users who wish to run the 'mailman'
administration utility can do so via 'sudo':

    $ sudo -u mailman mailman info

Also, simplify the syntax of our user.users entry to
rely on an attribute set rather than a list.
2019-08-30 18:00:36 +02:00
worldofpeace
da456aff25
Merge pull request #67702 from mweinelt/pr/fwupd-cfg.package
nixos/fwupd: add package option
2019-08-30 11:54:42 -04:00
adisbladis
41d1b8fa88
emacsPackages: Drop old emacsPackages (non-NG) sets
These have been deprecated for a long time now and has not seen much maintenance.
2019-08-30 16:43:16 +01:00
Peter Simons
28dee92fff nixos/redis: move 'redis_init.service' into the preStart hook of 'redis.service' 2019-08-30 15:39:50 +02:00
Peter Simons
5a81797119 nixos/mailman: cosmetic 2019-08-30 15:38:43 +02:00
Martin Weinelt
af1c07b679 nixos/fwupd: add package option 2019-08-29 20:45:22 +02:00
Peter Simons
c1c1ce7221 mailman: add NixOS module to install and deploy the mailing list server 2019-08-29 20:29:35 +02:00
Arian van Putten
604b7c139f Fix letsencrypt (#60219)
* nixos/acme: Fix ordering of cert requests

When subsequent certificates would be added, they would
not wake up nginx correctly due to target units only being triggered
once. We now added more fine-grained systemd dependencies to make sure
nginx always is aware of new certificates and doesn't restart too early
resulting in a crash.

Furthermore, the acme module has been refactored. Mostly to get
rid of the deprecated PermissionStartOnly systemd options which were
deprecated. Below is a summary of changes made.

* Use SERVICE_RESULT to determine status
This was added in systemd v232. we don't have to keep track
of the EXITCODE ourselves anymore.

* Add regression test for requesting mutliple domains

* Deprecate 'directory' option
We now use systemd's StateDirectory option to manage
create and permissions of the acme state directory.

* The webroot is created using a systemd.tmpfiles.rules rule
instead of the preStart script.

* Depend on certs directly

By getting rid of the target units, we make sure ordering
is correct in the case that you add new certs after already
having deployed some.

Reason it broke before:  acme-certificates.target would
be in active state, and if you then add a new cert, it
would still be active and hence nginx would restart
without even requesting a new cert. Not good!  We
make the dependencies more fine-grained now. this should fix that

* Remove activationDelay option

It complicated the code a lot, and is rather arbitrary. What if
your activation script takes more than activationDelay seconds?

Instead, one should use systemd dependencies to make sure some
action happens before setting the certificate live.

e.g. If you want to wait until your cert is published in DNS DANE /
TLSA, you could create a unit that blocks until it appears in DNS:

```
RequiredBy=acme-${cert}.service
After=acme-${cert}.service
ExecStart=publish-wait-for-dns-script
```
2019-08-29 16:32:59 +02:00
Florian Klink
132a8382b0
Merge pull request #66922 from davidak/netdata_enableCgroupAccounting
netdata: enable cgroup accounting
2019-08-29 11:56:57 +02:00
Jaka Hudoklin
8d1510abfb
Merge pull request #67606 from endocrimes/r-vault-1.2.2
vault: 1.0.2 -> 1.2.2
2019-08-29 07:07:09 +00:00
Pascal Bach
02ed974bba nixos/gitlab-runner: add missing HOME to environment (#67450)
Gitlab runner fails to start if HOME is not set.
2019-08-28 20:27:28 +00:00
Danielle Lancashire
4b99f9ba0b
vault: add raft backend to vault service 2019-08-28 18:42:18 +02:00
Silvan Mosberger
6233291d95
Merge pull request #64738 from rnhmjoj/magnetico
magnetico: init package and service
2019-08-28 18:39:21 +02:00
Matthew Bauer
b8f9e09ad1
Merge pull request #67260 from pstch/fix/xsession-allow-session-choice
nixos/x11: provide selected session to custom session
2019-08-28 11:07:19 -04:00
Hugo Geoffroy
a23798e478 nixos/x11: provide selected session to custom session
The custom session script is always executed (when it exists). This change
passes the selected session script and select session name to the custom session
script, so that it can defer to the selected session script based on the value
of the selected session name.
2019-08-28 16:58:12 +02:00
rnhmjoj
182830f542
nixos/magnetico: init service 2019-08-28 14:19:24 +02:00
Linus Heckemann
5e2f89bbce
Merge pull request #67394 from Ma27/drop-keys.target-dependency
nixos/treewide: drop dependencies to `keys.target`
2019-08-28 12:01:22 +02:00
worldofpeace
27a4afefbe
Merge pull request #66859 from worldofpeace/xfce4-14-module
nixos/xfce4-14: init
2019-08-27 22:37:03 -04:00
Eelco Dolstra
35c1c170d7 nix.conf: Set sandbox-fallback = false
For security, we don't want the sandbox to be disabled silently.
2019-08-27 21:17:20 +02:00
worldofpeace
156f335161
Merge pull request #67549 from worldofpeace/gnome-control-center/fix-sharing
Fix sharing in gnome-control-center
2019-08-27 14:28:15 -04:00
Maximilian Bosch
56a7bc05e1
nixos/treewide: drop dependencies to keys.target
The `keys.target` is used to indicate whether all NixOps keys were
successfully uploaded on an unattended reboot. However this can cause
startup issues e.g. with NixOS containers (see #67265) and can block
boots even though this might not be needed (e.g. with a dovecot2
instance running that doesn't need any of the NixOps keys).

As described in the NixOps manual[1], dependencies to keys should be
defined like this now:

``` nix
{
  systemd.services.myservice = {
    after = [ "secret-key.service" ];
    wants = [ "secret-key.service" ];
  };
}
```

However I'd leave the issue open until it's discussed whether or not to
keep `keys.target` in `nixpkgs`.

[1] https://nixos.org/nixops/manual/#idm140737322342384
2019-08-27 18:55:55 +02:00
Marek Mahut
b40ee82685
Merge pull request #67556 from mmahut/matomo
nixos/matomo: fixing the configuration path
2019-08-27 16:13:34 +02:00
rnhmjoj
05ddde928d
nixos/dnschain: disable DNSSEC for namecoin TLDs 2019-08-27 14:42:06 +02:00
Silvan Mosberger
210756a450
nixos/pdns-recursor: implement a settings option (#67251)
nixos/pdns-recursor: implement a `settings` option
2019-08-27 14:34:32 +02:00
Marek Mahut
3a9d17ef04 nixos/matomo: fixing the configuration path 2019-08-27 11:44:34 +02:00
worldofpeace
8a24bc2e08 nixos/gnome-user-share: cleanup
* No sessionPath!

* add to systemd.packages
  This is for the gnome-user-share-webdav.service.

* Update option description
2019-08-27 03:07:57 -04:00