Orivej Desh
efea96ddca
Merge pull request #31007 from yegortimoshenko/nixos-generate-config/umask
...
nixos-generate-config: enforce umask 0022, fixes #30954
2017-11-01 01:58:34 +00:00
Sander van der Burg
6d1317ab31
Merge pull request #31058 from rnhmjoj/dnschain
...
DNSChain: move expression to new nodePackages
2017-10-31 23:44:02 +01:00
Graham Christensen
2d583f7275
Merge pull request #31039 from LumiGuide/fix-graphite-api
...
graphite: fix the graphiteApi service
2017-10-31 17:53:02 -04:00
Graham Christensen
e5a44f3034
Merge pull request #31044 from LumiGuide/fix-apache-httpd
...
apache-httpd: fix nix evaluation error
2017-10-31 17:50:57 -04:00
Graham Christensen
486c125dc3
Merge pull request #31050 from pbogdan/wordpress-disable-autoupdates
...
apache-httpd/wordpress: disable built-in WordPress autoupdater
2017-10-31 17:50:02 -04:00
rnhmjoj
ea8714ecb1
nixos/dnschain: use nodePackages.dnschain
2017-10-31 22:03:38 +01:00
mingchuan
e0318379ae
nixos/ssh: fix example
2017-11-01 02:54:38 +08:00
Piotr Bogdan
3165c56db9
apache-httpd/wordpress: disable built-in WordPress autoupdater
2017-10-31 17:37:11 +00:00
Bas van Dijk
527781ebc4
apache-httpd: fix nix evaluation error
...
This only sets the timezone when it's not null to prevent:
error: cannot coerce null to a string, at
nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix:676:7
2017-10-31 17:33:54 +01:00
Bas van Dijk
04b2460eb6
graphite: fix the graphiteApi service
2017-10-31 15:49:59 +01:00
Yegor Timoshenko
f2621d4ba8
nixos-generate-config: enforce umask 0022, fixes #30954
2017-10-30 21:59:37 +00:00
lassulus
440178d729
gdm: don't start getty@tty1 if enabled
2017-10-30 21:43:10 +01:00
Bas van Dijk
07e0c0e0a2
network-interfaces-scripted: fix NixOS/nixops#640
...
Reverse the PartOf dependency between network-setup and network-addresses-*
This was joint work of: @nh2, @domenkozar, @fpletz, @aszlig and @basvandijk
at the NixCon 2017 hackathon.
2017-10-30 20:45:32 +01:00
Chris Martin
0581038e8e
nixos/acme: remove doc note about restarting nginx
...
Discussion from #30945 indicates that it is no longer true that you have
to restart nginx.
2017-10-30 13:51:35 -04:00
Márton Boros
c556c72a2e
nixos/gitlab: fix secret generation
...
This line previously produced an error and an empty secret file.
2017-10-30 12:49:27 +01:00
Márton Boros
00c03e9003
nixos/gitlab: fix preStart script
2017-10-30 12:49:27 +01:00
Márton Boros
29e80bde40
nixos/gitlab: fix hard-coded database name
2017-10-30 12:49:27 +01:00
Christopher Singley
b2c2944998
nzbget.service override nzbget.conf broken paths with current derivation
2017-10-29 19:37:56 -05:00
Christopher Singley
95dc36235c
PlexPy service
2017-10-29 19:29:25 -05:00
Jonas Schwabe
4a180dac60
gdm: fix restart of display-manager after nixos-rebuild
...
- fix restart of display-manager due to a conflict with getty@tty1
- fixes #21439
2017-10-28 15:52:03 +02:00
Joachim F
9ab20a4a04
Merge pull request #30787 from lheckemann/nixos-help-doc
...
Document nixos-help more obviously
2017-10-28 10:41:59 +00:00
zimbatm
74a2d53e0d
buildkite-agent service: add bash to the runtimePackages
...
bash is necessary for nix-shell to work properly
2017-10-26 17:44:44 +01:00
symphorien
6dfbef0ae2
nixos/crashdump: fix evaluation. ( #30415 )
...
The module would fail to evaluate:
```The option value `boot.crashDump.kernelPackages' in ... is not a package.```
Removed the option boot.crashDump.kernelPackage in favor of using
boot.kernelPatches which automatically chooses the same kernel version
as boot.kernelPackage instead of overriding it.
Added option boot.crashDump.reservedMemory to customized crash kernel
memory.
Changed the default of boot.crashDump.kernelParams as the current one
seemed to have no effect.
2017-10-25 20:00:52 +00:00
Tuomas Tynkkynen
0676d69172
sd-image-*: Include profiles/base.nix
...
This brings useful goodies like lspci and lsusb that were missing
previously.
2017-10-25 22:56:20 +03:00
Tuomas Tynkkynen
21f4a5f1b1
sd-image-aarch64.nix: Document serial ports used
...
Also drop boot.consoleLogLevel which already comes from
installation-device.nix
2017-10-25 22:56:20 +03:00
Tuomas Tynkkynen
a3b11bd056
sd-image-armv7l-multiplatform.nix: Document serial consoles used
2017-10-25 22:56:20 +03:00
gnidorah
130c61f8f2
sway module: better defaults
2017-10-25 20:53:44 +01:00
Jörg Thalheim
cb217f87a0
Merge pull request #30800 from gnidorah/sway
...
sway module: make it useful to end user
2017-10-25 20:20:50 +01:00
gnidorah
e18afa63b7
sway module: more options
2017-10-25 21:52:02 +03:00
Franz Pletz
a26b6c4290
prometheus-node-exporter service: delete dead code
2017-10-25 20:18:33 +02:00
Franz Pletz
ce301ef21a
prometheus-node-exporter service: add disabledCollectors option
2017-10-25 20:10:20 +02:00
Drew Hess
ad933bb096
postfix: add relayPort option. ( #30520 )
2017-10-25 19:11:55 +02:00
Franz Pletz
63bbada520
prometheus-node-exporter service: run as nobody again
...
Using DynamicUser breaks the systemd and logind collectors.
cc #30535
2017-10-25 17:49:40 +02:00
Eelco Dolstra
8f349a3bf3
Add function closureInfo to replace pathsFromGraph
...
Unlike pathsFromGraph, on Nix 1.12, this function produces a
registration file containing correct NAR hash/size information.
https://hydra.nixos.org/build/62832723
2017-10-25 15:38:14 +02:00
Linus Heckemann
b2c5075e8a
nixos-manual service: show nixos-help option
...
Part of improving accessibility (#30760 ). Makes the manual easier to
access e.g. on serial consoles.
2017-10-25 10:16:15 +01:00
Franz Pletz
666d9c09c1
Merge pull request #30339 from pvgoran/fileSystems-silentFormatOptions
...
filesystems: use non-interactive formatOptions by default
2017-10-25 10:46:46 +02:00
Franz Pletz
f561dab0ad
Merge pull request #30774 from plutotulp/plymouth-defaults
...
plymouth service: fix symlink to defaults
2017-10-25 10:06:17 +02:00
Franz Pletz
fd9ae9226d
Merge pull request #30319 from peterhoeg/f/dnsmasq
...
dnsmasq nixos: make sure it always runs
2017-10-25 04:07:27 +02:00
Rickard Nilsson
2fd11b762f
nixos/elasticsearch: Do not try to run sysctl if running in container, since it fails
2017-10-24 22:31:06 +02:00
Erlend Pedersen
3f013b806b
plymouth service: fix symlink to defaults
...
Symlink for plymouthd.defaults was pointing to nonexisting target
because of a spelling error.
2017-10-24 20:10:13 +02:00
Franz Pletz
de917326a9
atlassian-crowd service: run crowd in foreground
2017-10-24 14:21:05 +02:00
Ryan Hendrickson
c522aaafde
nixos/postfix: allow dollar parameters in lists ( #30612 )
2017-10-23 17:57:20 +02:00
joachim schiele
61089ddcee
opendkim: automated key generation (no manual changes for service initialization required anymore)
2017-10-23 15:53:55 +02:00
Jan Tojnar
3c48a1e06d
nixos/services.nginx: Fix globalRedirect example
...
Virtual host globalRedirect attribute accepts a hostname not a URL
09a9a472ee/nixos/modules/services/web-servers/nginx/default.nix (L167)
2017-10-22 15:38:08 +02:00
Martin Potier
ff562459cc
nixos/libreswan: add missing runtime dependencies
2017-10-22 15:36:26 +02:00
Márton Boros
a89b28f8b7
nixos/gitlab: fix startup script
...
The preStart script used a hardcoded "git" user instead of the cfg value.
2017-10-22 15:23:25 +02:00
Pascal Bach
0f0f0cbc6f
prometheus-node-exporter service: update for new arguments handling
...
The behaviour have changed again. Listed collectors are now enabled in
addition to the default one.
Also run as DynmicUser instead of user nobody as the exporter doesn't need
any state.
2017-10-22 14:45:48 +02:00
Simon Lackerbauer
414720709b
gitlab-module: fix hooks links for older repositories
2017-10-22 14:28:56 +02:00
Michael Peyton Jones
0966f8282a
plasma5: use mkDefault for a few options that users might want to set
2017-10-22 00:18:21 +02:00
Michael Peyton Jones
e6a199b95d
plasma5: set default theme for plymouth
2017-10-21 22:45:48 +01:00
Michael Peyton Jones
2ac89a612c
redshift: allow using geoclue2 loation provider
2017-10-21 22:34:14 +01:00
Michael Peyton Jones
d96b0ac7f7
geoclue2: fix typo
2017-10-21 22:34:14 +01:00
Michael Peyton Jones
18d286b6c9
plymouth: try to remove more references in themes
2017-10-21 22:29:45 +01:00
Florian Jacob
43f94ff5a9
nixos/munin: move munin-cron to systemd.tmpfiles
...
to match with munin-node.
2017-10-21 11:27:42 +01:00
Florian Jacob
3338985aab
nixos/munin: Create MUNIN_PLUGSTATE dir to fix munin_stats plugin
2017-10-21 11:27:42 +01:00
zimbatm
96b339fbc9
buildkite-agent: 2.1.13 -> 2.6.6
...
Build the package from source
Re-organise the module a bit to allow custom version of the package
2017-10-21 11:23:30 +01:00
Danylo Hlynskyi
dab7ecc054
nixos-generate-config: lessen priority for cpuFreqGovernor ( #30221 )
...
In particular, it conflicts with `services.tlp.enable` option.
There exists workaround:
```
powerManagement.cpuFreqGovernor = lib.mkForce null;
services.tlp.enable = true;
```
But should it?
2017-10-20 19:59:31 +00:00
edef
ea35bc94bf
nixos/ecryptfs: init
...
Currently, ecryptfs support is coupled to `security.pam.enableEcryptfs`, but one
might want to use ecryptfs without enabling the PAM functionality. This commit
splits it out into a `boot.supportedFilesystems` switch.
2017-10-20 17:42:04 +01:00
gnidorah
7867b50881
nixos/pam: add swaylock ( #29919 )
2017-10-20 16:30:28 +00:00
Joachim F
815bebf9e8
Merge pull request #30173 from dmjio/patch-1
...
oauth2_proxy: default address updated
2017-10-20 16:28:40 +00:00
Joachim F
6991438df9
Merge pull request #30486 from rnhmjoj/compton
...
nixos/compton: default to xrender backend
2017-10-20 15:49:40 +00:00
Thomas Tuegel
ae8d9cbf71
Merge pull request #30610 from ttuegel/plasma-wayland
...
Plasma: Experimental Wayland support
2017-10-20 09:47:14 -05:00
Thomas Tuegel
ebcccaf754
plasma-workspace: enable Wayland session support
2017-10-20 09:28:56 -05:00
Joachim F
3c62474d08
Merge pull request #30528 from disassembler/gitea
...
gitea: init at 1.2.1
2017-10-20 14:01:54 +00:00
Joachim F
5f1d6bc5c7
Merge pull request #30563 from michaelpj/imp/tzupdate
...
tzupdate: init at 1.2.0 (+ service)
2017-10-20 13:55:09 +00:00
James Earl Douglas
aae32e15af
nixos/jenkins: add an option for the package
...
This allows NixOS configuration to specify the desired Jenkins package.
2017-10-20 01:16:12 +02:00
Jörg Thalheim
e09f070951
Merge pull request #30493 from disassembler/sway
...
sway: 0.13.0 -> 0.14.0
2017-10-19 16:28:12 +01:00
Joerg Thalheim
f8085cb1dd
nixos/sway: add module
2017-10-19 10:46:31 -04:00
Thomas Tuegel
dae260034c
nixos/sddm: delete QML cache
...
Prior to Qt 5.9.2, there is a QML cache invalidation bug which causes SDDM to
segfault when upgrading Plasma.
See also: https://bugreports.qt.io/browse/QTBUG-62302
2017-10-19 07:09:01 -05:00
Michael Peyton Jones
281bf1dded
tzupdate service: init
2017-10-19 05:15:32 +01:00
Samuel Leathers
66201d49bb
gitea: add nixos service module
2017-10-18 12:50:36 -04:00
Peter Simons
757a759005
Merge pull request #30166 from LumiGuide/graphite-1.0.2
...
Fix graphite crash by upgrading from 0.9.15 -> 1.0.2
2017-10-18 12:58:55 +01:00
Jörg Thalheim
9aa6337c3d
Merge pull request #30467 from adisbladis/display-managers-session/sessionvars
...
display-managers: Import DBUS session bus address & Xauthority
2017-10-17 11:32:26 +01:00
Robert Helgesson
c4088dd0af
nixos/resolved: clean up option descriptions
...
Also change LLMNR RFC to the correct id 4795.
2017-10-17 10:11:19 +02:00
adisbladis
40f402cf65
display-managers: Import DBUS session bus address & Xauthority in systemd user session
2017-10-17 10:06:05 +08:00
Graham Christensen
ab8b14cf92
Merge pull request #30397 from grahamc/nix-help
...
nix-info: init
2017-10-16 21:37:00 -04:00
rnhmjoj
3918385f29
nixos/compton: use xrender by default
2017-10-17 00:50:34 +02:00
rnhmjoj
36bbc3cfda
nixos/compton: improve options type-checking
2017-10-17 00:50:34 +02:00
Jörg Thalheim
6838762997
Merge pull request #30477 from Lassulus/encrypted-devices
...
Encrypted devices: don't override crytpoModules, fix example
2017-10-16 19:00:41 +01:00
Bjørn Forsman
497108b456
nixos/atd: remove "batch" from setuid wrappers
...
"batch" is a shell script so invoking it via setuid wrapper never worked
anyway. (The kernel drops perms on executables with shebang.) A previous
nixpkgs commit made "batch" invoke the NixOS setuid "at" wrapper to gain
needed privileges.
Thanks to @yesbox for noticing.
2017-10-16 19:08:19 +02:00
lassulus
77be4d91f7
encrypted devices: provide working example
2017-10-16 17:46:46 +02:00
lassulus
f804a8ff98
encrypted devices: don't override default cryptoModules
2017-10-16 17:46:06 +02:00
Jason A. Donenfeld
f6d8a96993
nsswitch: use [NOTFOUND=return] for mdns
...
Commit 987aac7
and issue #18183 were intended to fix support for other
things, but in the process, changed mdns_minimal to use the wrong return
setting, resulting in permanent failures in early boot, affecting things
like issue #30459 .
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-16 15:11:58 +02:00
Markus Mueller
60b0db0e08
gitlab: link tmp/ directory to writable path
2017-10-16 14:58:02 +02:00
Markus Mueller
f250015ea3
nixos/gitlab: fix uploades directory permissions
2017-10-16 14:58:02 +02:00
Graham Christensen
b16f3b2131
nix-info: include in nixos' default system-path, nixpkgs's channel
2017-10-14 22:01:30 -04:00
Graham Christensen
55bc53d1dd
Merge pull request #30258 from srhb/tz-nospace
...
nixos/config/timezone: Disallow spaces
2017-10-14 10:27:09 -04:00
Bjørn Forsman
0ff4bb5f87
nixos: run parted with --script option
...
-s, --script: never prompts for user intervention
Sometimes the NixOS installer tests fail when they invoke parted, e.g.
https://hydra.nixos.org/build/62513826/nixlog/1 . But instead of exiting
right there, the tests hang until the Nix builder times out (and kills
the build). With this change the tests would instead fail immediately,
which is preferred.
While at it, use "parted --script" treewide, so nobody gets build
timeout due to parted error (or misuse). (Only nixos/ use it, and only
non-interactive.)
A few instances already use the short option "-s", convert them to long
option "--short".
2017-10-14 15:29:02 +02:00
Peter Hoeg
07bc859e9a
Revert "ssh: deprecate use of old DSA keys"
...
This reverts commit 65b73d71cb
.
2017-10-14 14:42:49 +08:00
Peter Hoeg
bdbba026f3
Revert "dnsmasq nixos: make sure it always runs"
...
This reverts commit 1917e69b54
.
2017-10-14 14:42:49 +08:00
Peter Hoeg
e01bb0c0d0
Revert "smartd: set drive timeout"
...
This reverts commit 41306ca505
.
2017-10-14 14:42:49 +08:00
Peter Hoeg
b366760cf5
Revert "hyperv-daemons: add nixos module"
...
This reverts commit 0944d44f1b
.
2017-10-14 14:42:49 +08:00
Peter Hoeg
6fd4209594
Revert "networking: add option to toggle the wait-online service"
...
This reverts commit 8758f476b3
.
2017-10-14 14:42:49 +08:00
Peter Hoeg
0f486c46b2
Revert "networkd: only wait for network to be online if configured to do so"
...
This reverts commit 8f21e089a8
.
2017-10-14 14:42:49 +08:00
Peter Hoeg
2cd4ebfe93
Revert "display-manager: systemd-udev-settle serves no purpose"
...
This reverts commit 3571163858
.
2017-10-14 14:42:49 +08:00
Peter Hoeg
3211098632
Revert "sshguard: make it run"
...
This reverts commit 69d8b81b4b
.
2017-10-14 14:42:49 +08:00
Peter Hoeg
2b5aab4b0f
Revert "sensu: nixos module"
...
This reverts commit 707c3ac435
.
2017-10-14 14:42:49 +08:00
Peter Hoeg
279ca5738a
Revert "nixos: kodi user"
...
This reverts commit 1faa5b6b36
.
2017-10-14 14:42:49 +08:00
Peter Hoeg
8df1c9ac17
Revert "firewalld: init at 0.4.4.4"
...
This reverts commit 178a96f99b
.
2017-10-14 14:42:48 +08:00
Peter Hoeg
ff3fd1027c
Revert "networkmanager: dns and extraConfig"
...
This reverts commit 0dd25e585f
.
2017-10-14 14:42:48 +08:00