Commit graph

7509 commits

Author SHA1 Message Date
Orivej Desh
efea96ddca
Merge pull request #31007 from yegortimoshenko/nixos-generate-config/umask
nixos-generate-config: enforce umask 0022, fixes #30954
2017-11-01 01:58:34 +00:00
Sander van der Burg
6d1317ab31
Merge pull request #31058 from rnhmjoj/dnschain
DNSChain: move expression to new nodePackages
2017-10-31 23:44:02 +01:00
Graham Christensen
2d583f7275
Merge pull request #31039 from LumiGuide/fix-graphite-api
graphite: fix the graphiteApi service
2017-10-31 17:53:02 -04:00
Graham Christensen
e5a44f3034
Merge pull request #31044 from LumiGuide/fix-apache-httpd
apache-httpd: fix nix evaluation error
2017-10-31 17:50:57 -04:00
Graham Christensen
486c125dc3
Merge pull request #31050 from pbogdan/wordpress-disable-autoupdates
apache-httpd/wordpress: disable built-in WordPress autoupdater
2017-10-31 17:50:02 -04:00
rnhmjoj
ea8714ecb1
nixos/dnschain: use nodePackages.dnschain 2017-10-31 22:03:38 +01:00
mingchuan
e0318379ae nixos/ssh: fix example 2017-11-01 02:54:38 +08:00
Piotr Bogdan
3165c56db9 apache-httpd/wordpress: disable built-in WordPress autoupdater 2017-10-31 17:37:11 +00:00
Bas van Dijk
527781ebc4 apache-httpd: fix nix evaluation error
This only sets the timezone when it's not null to prevent:

  error: cannot coerce null to a string, at
  nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix:676:7
2017-10-31 17:33:54 +01:00
Bas van Dijk
04b2460eb6 graphite: fix the graphiteApi service 2017-10-31 15:49:59 +01:00
Yegor Timoshenko
f2621d4ba8 nixos-generate-config: enforce umask 0022, fixes #30954 2017-10-30 21:59:37 +00:00
lassulus
440178d729 gdm: don't start getty@tty1 if enabled 2017-10-30 21:43:10 +01:00
Bas van Dijk
07e0c0e0a2 network-interfaces-scripted: fix NixOS/nixops#640
Reverse the PartOf dependency between network-setup and network-addresses-*

This was joint work of: @nh2, @domenkozar, @fpletz, @aszlig and @basvandijk
at the NixCon 2017 hackathon.
2017-10-30 20:45:32 +01:00
Chris Martin
0581038e8e nixos/acme: remove doc note about restarting nginx
Discussion from #30945 indicates that it is no longer true that you have
to restart nginx.
2017-10-30 13:51:35 -04:00
Márton Boros
c556c72a2e nixos/gitlab: fix secret generation
This line previously produced an error and an empty secret file.
2017-10-30 12:49:27 +01:00
Márton Boros
00c03e9003 nixos/gitlab: fix preStart script 2017-10-30 12:49:27 +01:00
Márton Boros
29e80bde40 nixos/gitlab: fix hard-coded database name 2017-10-30 12:49:27 +01:00
Christopher Singley
b2c2944998 nzbget.service override nzbget.conf broken paths with current derivation 2017-10-29 19:37:56 -05:00
Christopher Singley
95dc36235c PlexPy service 2017-10-29 19:29:25 -05:00
Jonas Schwabe
4a180dac60 gdm: fix restart of display-manager after nixos-rebuild
- fix restart of display-manager due to a conflict with getty@tty1
- fixes #21439
2017-10-28 15:52:03 +02:00
Joachim F
9ab20a4a04
Merge pull request #30787 from lheckemann/nixos-help-doc
Document nixos-help more obviously
2017-10-28 10:41:59 +00:00
zimbatm
74a2d53e0d buildkite-agent service: add bash to the runtimePackages
bash is necessary for nix-shell to work properly
2017-10-26 17:44:44 +01:00
symphorien
6dfbef0ae2 nixos/crashdump: fix evaluation. (#30415)
The module would fail to evaluate:
```The option value `boot.crashDump.kernelPackages' in ... is not a package.```

Removed the option boot.crashDump.kernelPackage in favor of using
boot.kernelPatches which automatically chooses the same kernel version
as boot.kernelPackage instead of overriding it.

Added option boot.crashDump.reservedMemory to customized crash kernel
memory.

Changed the default of boot.crashDump.kernelParams as the current one
seemed to have no effect.
2017-10-25 20:00:52 +00:00
Tuomas Tynkkynen
0676d69172 sd-image-*: Include profiles/base.nix
This brings useful goodies like lspci and lsusb that were missing
previously.
2017-10-25 22:56:20 +03:00
Tuomas Tynkkynen
21f4a5f1b1 sd-image-aarch64.nix: Document serial ports used
Also drop boot.consoleLogLevel which already comes from
installation-device.nix
2017-10-25 22:56:20 +03:00
Tuomas Tynkkynen
a3b11bd056 sd-image-armv7l-multiplatform.nix: Document serial consoles used 2017-10-25 22:56:20 +03:00
gnidorah
130c61f8f2 sway module: better defaults 2017-10-25 20:53:44 +01:00
Jörg Thalheim
cb217f87a0 Merge pull request #30800 from gnidorah/sway
sway module: make it useful to end user
2017-10-25 20:20:50 +01:00
gnidorah
e18afa63b7 sway module: more options 2017-10-25 21:52:02 +03:00
Franz Pletz
a26b6c4290
prometheus-node-exporter service: delete dead code 2017-10-25 20:18:33 +02:00
Franz Pletz
ce301ef21a
prometheus-node-exporter service: add disabledCollectors option 2017-10-25 20:10:20 +02:00
Drew Hess
ad933bb096 postfix: add relayPort option. (#30520) 2017-10-25 19:11:55 +02:00
Franz Pletz
63bbada520
prometheus-node-exporter service: run as nobody again
Using DynamicUser breaks the systemd and logind collectors.

cc #30535
2017-10-25 17:49:40 +02:00
Eelco Dolstra
8f349a3bf3
Add function closureInfo to replace pathsFromGraph
Unlike pathsFromGraph, on Nix 1.12, this function produces a
registration file containing correct NAR hash/size information.

https://hydra.nixos.org/build/62832723
2017-10-25 15:38:14 +02:00
Linus Heckemann
b2c5075e8a nixos-manual service: show nixos-help option
Part of improving accessibility (#30760). Makes the manual easier to
access e.g. on serial consoles.
2017-10-25 10:16:15 +01:00
Franz Pletz
666d9c09c1 Merge pull request #30339 from pvgoran/fileSystems-silentFormatOptions
filesystems: use non-interactive formatOptions by default
2017-10-25 10:46:46 +02:00
Franz Pletz
f561dab0ad Merge pull request #30774 from plutotulp/plymouth-defaults
plymouth service: fix symlink to defaults
2017-10-25 10:06:17 +02:00
Franz Pletz
fd9ae9226d Merge pull request #30319 from peterhoeg/f/dnsmasq
dnsmasq nixos: make sure it always runs
2017-10-25 04:07:27 +02:00
Rickard Nilsson
2fd11b762f nixos/elasticsearch: Do not try to run sysctl if running in container, since it fails 2017-10-24 22:31:06 +02:00
Erlend Pedersen
3f013b806b plymouth service: fix symlink to defaults
Symlink for plymouthd.defaults was pointing to nonexisting target
because of a spelling error.
2017-10-24 20:10:13 +02:00
Franz Pletz
de917326a9
atlassian-crowd service: run crowd in foreground 2017-10-24 14:21:05 +02:00
Ryan Hendrickson
c522aaafde nixos/postfix: allow dollar parameters in lists (#30612) 2017-10-23 17:57:20 +02:00
joachim schiele
61089ddcee opendkim: automated key generation (no manual changes for service initialization required anymore) 2017-10-23 15:53:55 +02:00
Jan Tojnar
3c48a1e06d nixos/services.nginx: Fix globalRedirect example
Virtual host globalRedirect attribute accepts a hostname not a URL

09a9a472ee/nixos/modules/services/web-servers/nginx/default.nix (L167)
2017-10-22 15:38:08 +02:00
Martin Potier
ff562459cc nixos/libreswan: add missing runtime dependencies 2017-10-22 15:36:26 +02:00
Márton Boros
a89b28f8b7 nixos/gitlab: fix startup script
The preStart script used a hardcoded "git" user instead of the cfg value.
2017-10-22 15:23:25 +02:00
Pascal Bach
0f0f0cbc6f prometheus-node-exporter service: update for new arguments handling
The behaviour have changed again. Listed collectors are now enabled in
addition to the default one.

Also run as DynmicUser instead of user nobody as the exporter doesn't need
any state.
2017-10-22 14:45:48 +02:00
Simon Lackerbauer
414720709b
gitlab-module: fix hooks links for older repositories 2017-10-22 14:28:56 +02:00
Michael Peyton Jones
0966f8282a plasma5: use mkDefault for a few options that users might want to set 2017-10-22 00:18:21 +02:00
Michael Peyton Jones
e6a199b95d plasma5: set default theme for plymouth 2017-10-21 22:45:48 +01:00
Michael Peyton Jones
2ac89a612c redshift: allow using geoclue2 loation provider 2017-10-21 22:34:14 +01:00
Michael Peyton Jones
d96b0ac7f7 geoclue2: fix typo 2017-10-21 22:34:14 +01:00
Michael Peyton Jones
18d286b6c9 plymouth: try to remove more references in themes 2017-10-21 22:29:45 +01:00
Florian Jacob
43f94ff5a9 nixos/munin: move munin-cron to systemd.tmpfiles
to match with munin-node.
2017-10-21 11:27:42 +01:00
Florian Jacob
3338985aab nixos/munin: Create MUNIN_PLUGSTATE dir to fix munin_stats plugin 2017-10-21 11:27:42 +01:00
zimbatm
96b339fbc9 buildkite-agent: 2.1.13 -> 2.6.6
Build the package from source

Re-organise the module a bit to allow custom version of the package
2017-10-21 11:23:30 +01:00
Danylo Hlynskyi
dab7ecc054 nixos-generate-config: lessen priority for cpuFreqGovernor (#30221)
In particular, it conflicts with `services.tlp.enable` option.

There exists workaround:
```
  powerManagement.cpuFreqGovernor = lib.mkForce null;
  services.tlp.enable = true;
```
But should it?
2017-10-20 19:59:31 +00:00
edef
ea35bc94bf nixos/ecryptfs: init
Currently, ecryptfs support is coupled to `security.pam.enableEcryptfs`, but one
might want to use ecryptfs without enabling the PAM functionality. This commit
splits it out into a `boot.supportedFilesystems` switch.
2017-10-20 17:42:04 +01:00
gnidorah
7867b50881 nixos/pam: add swaylock (#29919) 2017-10-20 16:30:28 +00:00
Joachim F
815bebf9e8 Merge pull request #30173 from dmjio/patch-1
oauth2_proxy: default address updated
2017-10-20 16:28:40 +00:00
Joachim F
6991438df9 Merge pull request #30486 from rnhmjoj/compton
nixos/compton: default to xrender backend
2017-10-20 15:49:40 +00:00
Thomas Tuegel
ae8d9cbf71 Merge pull request #30610 from ttuegel/plasma-wayland
Plasma: Experimental Wayland support
2017-10-20 09:47:14 -05:00
Thomas Tuegel
ebcccaf754
plasma-workspace: enable Wayland session support 2017-10-20 09:28:56 -05:00
Joachim F
3c62474d08 Merge pull request #30528 from disassembler/gitea
gitea: init at 1.2.1
2017-10-20 14:01:54 +00:00
Joachim F
5f1d6bc5c7 Merge pull request #30563 from michaelpj/imp/tzupdate
tzupdate: init at 1.2.0 (+ service)
2017-10-20 13:55:09 +00:00
James Earl Douglas
aae32e15af
nixos/jenkins: add an option for the package
This allows NixOS configuration to specify the desired Jenkins package.
2017-10-20 01:16:12 +02:00
Jörg Thalheim
e09f070951 Merge pull request #30493 from disassembler/sway
sway: 0.13.0 -> 0.14.0
2017-10-19 16:28:12 +01:00
Joerg Thalheim
f8085cb1dd nixos/sway: add module 2017-10-19 10:46:31 -04:00
Thomas Tuegel
dae260034c
nixos/sddm: delete QML cache
Prior to Qt 5.9.2, there is a QML cache invalidation bug which causes SDDM to
segfault when upgrading Plasma.

See also: https://bugreports.qt.io/browse/QTBUG-62302
2017-10-19 07:09:01 -05:00
Michael Peyton Jones
281bf1dded tzupdate service: init 2017-10-19 05:15:32 +01:00
Samuel Leathers
66201d49bb gitea: add nixos service module 2017-10-18 12:50:36 -04:00
Peter Simons
757a759005 Merge pull request #30166 from LumiGuide/graphite-1.0.2
Fix graphite crash by upgrading from 0.9.15 -> 1.0.2
2017-10-18 12:58:55 +01:00
Jörg Thalheim
9aa6337c3d Merge pull request #30467 from adisbladis/display-managers-session/sessionvars
display-managers: Import DBUS session bus address & Xauthority
2017-10-17 11:32:26 +01:00
Robert Helgesson
c4088dd0af
nixos/resolved: clean up option descriptions
Also change LLMNR RFC to the correct id 4795.
2017-10-17 10:11:19 +02:00
adisbladis
40f402cf65
display-managers: Import DBUS session bus address & Xauthority in systemd user session 2017-10-17 10:06:05 +08:00
Graham Christensen
ab8b14cf92 Merge pull request #30397 from grahamc/nix-help
nix-info: init
2017-10-16 21:37:00 -04:00
rnhmjoj
3918385f29
nixos/compton: use xrender by default 2017-10-17 00:50:34 +02:00
rnhmjoj
36bbc3cfda
nixos/compton: improve options type-checking 2017-10-17 00:50:34 +02:00
Jörg Thalheim
6838762997 Merge pull request #30477 from Lassulus/encrypted-devices
Encrypted devices: don't override crytpoModules, fix example
2017-10-16 19:00:41 +01:00
Bjørn Forsman
497108b456 nixos/atd: remove "batch" from setuid wrappers
"batch" is a shell script so invoking it via setuid wrapper never worked
anyway. (The kernel drops perms on executables with shebang.) A previous
nixpkgs commit made "batch" invoke the NixOS setuid "at" wrapper to gain
needed privileges.

Thanks to @yesbox for noticing.
2017-10-16 19:08:19 +02:00
lassulus
77be4d91f7 encrypted devices: provide working example 2017-10-16 17:46:46 +02:00
lassulus
f804a8ff98 encrypted devices: don't override default cryptoModules 2017-10-16 17:46:06 +02:00
Jason A. Donenfeld
f6d8a96993 nsswitch: use [NOTFOUND=return] for mdns
Commit 987aac7 and issue #18183 were intended to fix support for other
things, but in the process, changed mdns_minimal to use the wrong return
setting, resulting in permanent failures in early boot, affecting things
like issue #30459.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-16 15:11:58 +02:00
Markus Mueller
60b0db0e08
gitlab: link tmp/ directory to writable path 2017-10-16 14:58:02 +02:00
Markus Mueller
f250015ea3
nixos/gitlab: fix uploades directory permissions 2017-10-16 14:58:02 +02:00
Graham Christensen
b16f3b2131
nix-info: include in nixos' default system-path, nixpkgs's channel 2017-10-14 22:01:30 -04:00
Graham Christensen
55bc53d1dd Merge pull request #30258 from srhb/tz-nospace
nixos/config/timezone: Disallow spaces
2017-10-14 10:27:09 -04:00
Bjørn Forsman
0ff4bb5f87 nixos: run parted with --script option
-s, --script: never prompts for user intervention

Sometimes the NixOS installer tests fail when they invoke parted, e.g.
https://hydra.nixos.org/build/62513826/nixlog/1. But instead of exiting
right there, the tests hang until the Nix builder times out (and kills
the build). With this change the tests would instead fail immediately,
which is preferred.

While at it, use "parted --script" treewide, so nobody gets build
timeout due to parted error (or misuse). (Only nixos/ use it, and only
non-interactive.)

A few instances already use the short option "-s", convert them to long
option "--short".
2017-10-14 15:29:02 +02:00
Peter Hoeg
07bc859e9a Revert "ssh: deprecate use of old DSA keys"
This reverts commit 65b73d71cb.
2017-10-14 14:42:49 +08:00
Peter Hoeg
bdbba026f3 Revert "dnsmasq nixos: make sure it always runs"
This reverts commit 1917e69b54.
2017-10-14 14:42:49 +08:00
Peter Hoeg
e01bb0c0d0 Revert "smartd: set drive timeout"
This reverts commit 41306ca505.
2017-10-14 14:42:49 +08:00
Peter Hoeg
b366760cf5 Revert "hyperv-daemons: add nixos module"
This reverts commit 0944d44f1b.
2017-10-14 14:42:49 +08:00
Peter Hoeg
6fd4209594 Revert "networking: add option to toggle the wait-online service"
This reverts commit 8758f476b3.
2017-10-14 14:42:49 +08:00
Peter Hoeg
0f486c46b2 Revert "networkd: only wait for network to be online if configured to do so"
This reverts commit 8f21e089a8.
2017-10-14 14:42:49 +08:00
Peter Hoeg
2cd4ebfe93 Revert "display-manager: systemd-udev-settle serves no purpose"
This reverts commit 3571163858.
2017-10-14 14:42:49 +08:00
Peter Hoeg
3211098632 Revert "sshguard: make it run"
This reverts commit 69d8b81b4b.
2017-10-14 14:42:49 +08:00
Peter Hoeg
2b5aab4b0f Revert "sensu: nixos module"
This reverts commit 707c3ac435.
2017-10-14 14:42:49 +08:00
Peter Hoeg
279ca5738a Revert "nixos: kodi user"
This reverts commit 1faa5b6b36.
2017-10-14 14:42:49 +08:00
Peter Hoeg
8df1c9ac17 Revert "firewalld: init at 0.4.4.4"
This reverts commit 178a96f99b.
2017-10-14 14:42:48 +08:00
Peter Hoeg
ff3fd1027c Revert "networkmanager: dns and extraConfig"
This reverts commit 0dd25e585f.
2017-10-14 14:42:48 +08:00