Commit graph

2810 commits

Author SHA1 Message Date
Ricardo M. Correia
531b581636 apparmor: Fix service stop
When stopping the apparmor service, the profile removal failed with
parsing errors due to not including the
${pkgs.apparmor}/etc/apparmor.d directory.
2013-05-28 17:49:52 +00:00
Ricardo M. Correia
84c0af80d7 apparmor: Fix loading multiple profiles
apparmor's systemd service wasn't working when multiple profiles were
defined, due to the ExecStart commands in the service file being
broken into multiple lines, instead of being separated by ';'.
2013-05-28 17:21:22 +00:00
Lluís Batlle i Rossell
f60393975f gnunet: it was missing extraGroups 2013-05-28 10:19:59 +02:00
Peter Simons
717dc3b858 Merge pull request #169 from wizeman/chrony
Add chrony service
2013-05-25 02:25:57 -07:00
Ricardo M. Correia
76046850fe atop: Add basic config option for /etc/atoprc 2013-05-23 11:14:24 +00:00
Ricardo M. Correia
6336048c58 chrony: properly set rtconutc option, and add a few more options 2013-05-23 03:00:09 +00:00
Ricardo M. Correia
02d9a8066a Add chrony service
Also, do not build and add ntp to the system unless it is enabled.
2013-05-23 02:07:49 +00:00
Rickard Nilsson
70586f03fe systemd.sockets: Add listenStreams option for specifying several sockets 2013-05-20 16:26:24 +02:00
Domen Kozar
a29c306958 bacula: add ExecReload 2013-05-18 13:29:54 +02:00
Domen Kozar
000d5a62aa bacula: file daemon needs to run as root 2013-05-18 12:29:14 +02:00
Eelco Dolstra
07406231e3 zabbix: Don't set the mbstring.func_overload option
This breaks MediaWiki running in the same web server.  Zabbix no
longer seems to need it anyway.
2013-05-17 15:34:26 +02:00
Eelco Dolstra
97689f9062 mediawiki: Update to 1.20.5 2013-05-17 13:38:20 +02:00
Mathijs Kwik
0e9a963b42 kde4: use udisks2 for kde versions that support it.
Currently, none do, although kde 4.10 is supposed to be able to use it.
2013-05-17 09:33:00 +02:00
Mathijs Kwik
4630ad4d26 filesystems: add priority option for swap devices.
Useful for setting up raid0-like load balancing for swap.
By giving multiple swap devices the same prio.
2013-05-17 09:22:07 +02:00
Mathijs Kwik
085ccc8199 btrfs: btrfsck is now actually the same binary as "btrfs"
symlinked to save space.
2013-05-17 09:22:07 +02:00
Domen Kozar
40fb90a295 bacula: generate bconsole config 2013-05-16 21:58:24 +02:00
Evgeny Egorochkin
da7d6a4cce Merge pull request #125 from MarcWeber/submit/when-enabling-wacom-add-xsetwacom-to-path
When enabling wacom put xsetwacom in PATH.
2013-05-15 09:51:17 -07:00
Rob Vermaas
3b00eca8e9 Add varnish to module-list.nix 2013-05-15 14:36:17 +02:00
Eelco Dolstra
0277126699 Return exit code 127 if a command is not found 2013-05-15 12:52:15 +02:00
Eelco Dolstra
95d02c0c40 initrd: Remove serio and atkbd
These modules don't exist as far as I can tell.
2013-05-15 12:52:15 +02:00
Eelco Dolstra
b3ae70ddb6 initrd: Add ehci_pci and hid_generic
These are required to get some (all?) USB keyboards to work in recent
kernels.
2013-05-15 12:52:14 +02:00
Eelco Dolstra
f5233bbf82 Remove tabs 2013-05-15 12:52:14 +02:00
Shea Levy
2c4db1a6cf Don't copy libz and liblzo2 twice to the initrd
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-05-14 23:35:10 -04:00
Shea Levy
51bc82960a btrfsck doesn't respect any flags
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-05-13 14:25:48 -04:00
Shea Levy
9b4991d3f4 Fix btrfs in the initrd.
With NixOS/nixpkgs@7761952d06 , btrfs requires libz and liblzo2

Signed-off-by: Shea Levy <shea@shealevy.com>
2013-05-13 14:16:53 -04:00
Shea Levy
7f7ada53cf Add a basic (currently failing) sanity check for btrfsProgs-in-initrd
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-05-13 14:07:38 -04:00
Domen Kozar
edd77af3fe add openvpn config file to networkmanager service 2013-05-13 17:52:26 +02:00
Eelco Dolstra
4e6f6d0215 Use pam_loginuid
This set the loginuid property of processes for auditing.
2013-05-13 11:27:21 +02:00
roconnor
aa1289dd91 Merge pull request #159 from NixOS/nginx-fullWebDAV
Add options for user and group to run nginx as.
2013-05-12 15:32:59 -07:00
Rob Vermaas
0f930a00f8 Add varnish module 2013-05-12 20:32:25 +02:00
Jaka Hudoklin
b345417bc5 Fix pxe network boot 2013-05-11 19:42:19 +00:00
Domen Kozar
078130767d add openvpn plugin to networkmanager 2013-05-11 19:25:14 +02:00
Bjørn Forsman
09a7d18cc3 transmission.service: fix ignored ExecReload setting
This is what currently happens (from the journal log):

  [/nix/store/HASH-unit/transmission.service:27] Executable path is not absolute, ignoring: kill -HUP $MAINPID

Fix it by using absolute path to kill.
2013-05-11 12:15:35 +02:00
Evgeny Egorochkin
748ab74d1f AppArmor profiles for SUID binaries. At this moment only for ping. 2013-05-11 08:41:36 +03:00
Evgeny Egorochkin
d7cc2415ea AppArmor: try converting to a systemd unit 2013-05-11 08:40:45 +03:00
Evgeny Egorochkin
a9e4eca8bf Apparmor: check that we are running an AppArmor-enabled kernel. 2013-05-10 16:07:56 +03:00
Evgeny Egorochkin
44eb1bac65 Apparmor: add a warning 2013-05-10 14:57:48 +03:00
Eelco Dolstra
ffb581c739 Fix suspend in systemd
Systemd 203 expects the file /etc/systemd/sleep.conf to exist,
otherwise suspend doesn't work.
2013-05-09 16:26:13 +02:00
Eelco Dolstra
ebac0220d1 systemd.nix: Use environment.etc attribute syntax 2013-05-09 16:26:12 +02:00
Lluís Batlle i Rossell
4e38d152ed Adding synclient to systemPackages if synaptics is enabled. 2013-05-09 15:01:16 +02:00
Lluís Batlle i Rossell
4f71bce691 Adding miniupnpc to gnunet path, to be able to use upnp 2013-05-07 18:53:28 +02:00
Eelco Dolstra
6089b5b50c Increase PostgreSQL's shutdown timeout to 3 minutes
1 minute is too short, given that the autovacuum launcher often seems
to require exactly 1 minute to shut down.  (This might be a bug
related to autovacuum_naptime.)
2013-05-07 15:00:36 +02:00
Eelco Dolstra
8af81ad66b Don't start nscd if it's not already running
"systemctl restart" will start a service if it's not already
running...
2013-05-07 14:22:35 +02:00
Russell O'Connor
9c62645273 Add braces to fix compilation errors.
I don't understand how Apache gets away without them.
2013-05-06 11:11:04 -04:00
Russell O'Connor
76b7dea805 Make nginx uid and gid optional. 2013-05-06 10:49:23 -04:00
Evgeny Egorochkin
dc389c5d1e lighttpd: add gitweb as a sub-service
Now you can access gitweb at http://yourserver/gitweb by simply adding
this to configuration.nix (assuming services.lighttpd.enable = true);

  services.lighttpd.gitweb.enable = true;

The path to all bare repositories served by gitweb can be set with this
option (default value below):

  services.lighttpd.gitweb.projectroot = "/srv/git";

Based on patch contributed by Bjørn Forsman.
2013-05-06 13:51:09 +03:00
Evgeny Egorochkin
161086b205 lighttpd: add services.lighttpd.mod_status option
If true, show server status overview at /server-status, statistics at
/server-statistics and list of loaded modules at /server-config.

Patch contributed by Bjørn Forsman.
2013-05-06 13:51:09 +03:00
Evgeny Egorochkin
4b435b173f lighttpd: add services.lighttpd.mod_userdir option
If true, requests in the form /~user/page.html are rewritten to take
the file public_html/page.html from the home directory of the user.

Default is off.

Patch contributed by Bjørn Forsman.
2013-05-06 13:51:08 +03:00
Evgeny Egorochkin
5e32c9c8eb lighttpd: generate a default config file
Instead of forcing users to configure lighttpd manually, make it an
option. The current services.lighttpd.configText option can still be
used for manual configuration, but if it is left blank (default) we'll
use the new generated config file.

The generated config file ensures that the server drops root priveleges
and runs as the "lighttpd" user. It pulls in some new config params that
can be set in configuration.nix (here with default values):

  services.lighttpd.document-root = "/srv/www"
  services.lighttpd.port = 80
  services.lighttpd.extraConfig = ""  # appended to the generated file

And it enables access and error logging to the systemd journal.

Patch contributed by Bjørn Forsman.
2013-05-06 13:51:08 +03:00
Evgeny Egorochkin
39ba755873 Move lighttpd.nix to lighttpd/default.nix
So that we later can add sub-services for lighttpd without polluting the
web-servers/ directory.
2013-05-06 13:51:08 +03:00