Commit graph

425 commits

Author SHA1 Message Date
Nicolas Pierron
5980d130c9 Check sshd.permitRootLogin values.
svn path=/nixos/trunk/; revision=16769
2009-08-19 15:04:05 +00:00
Sander van der Burg
8b229a45c3 Removed the rm -rf command and replaced symlink operations by ln -sfn so that the state of tomcat can be retained \(unless somebody messes it up manually of course\)
svn path=/nixos/trunk/; revision=16757
2009-08-18 11:50:32 +00:00
Eelco Dolstra
447c1ac34a * SLiM / ConsoleKit compatibility hack.
svn path=/nixos/trunk/; revision=16744
2009-08-17 01:35:48 +00:00
Eelco Dolstra
7ab616f659 * Added support for ConsoleKit.
* Let ConsoleKit track the current logins instead of pam_console.
  Udev now takes care of setting the device permissions to the active
  user.  This works much better, since pam_console wouldn't apply
  permissions to new (hot-plugged) devices.  Also, the udev+ConsoleKit
  approach supports user switching.  (We don't have that for X yet,
  but it already works for logins on virtual consoles: if you switch
  between different users on differents VCs with Alt+Fn, the device
  ownership will be changed automatically.)

svn path=/nixos/trunk/; revision=16743
2009-08-17 01:16:38 +00:00
Eelco Dolstra
7dbf523ddc * dbus: enable support for system services (these are programs that
the bus daemon can start on demand).  ConsoleKit and PolicyKit need
  this.  This requires a setuid wrapper for dbus-daemon-launch-helper,
  as well as a "messagebus" group.

svn path=/nixos/trunk/; revision=16736
2009-08-16 21:46:26 +00:00
Eelco Dolstra
39bffdb34c * Make the generation of /etc/pam.d more declarative. There now is an
option security.pam.services containing the list of PAM services.
  For instance, the SLiM module simply declares:

    security.pam.services = [ { name = "slim"; localLogin = true; } ];

svn path=/nixos/trunk/; revision=16729
2009-08-16 14:49:14 +00:00
Eelco Dolstra
9493ecc2a4 * Use the hal-info package.
svn path=/nixos/trunk/; revision=16693
2009-08-11 21:16:59 +00:00
Eelco Dolstra
dc093b57dd * Updates to the udev service: support persistant CD-ROM / network
interface names, use udev's own firmware loader, and dropped the
  sndMode option (udev puts all audio devices in the "audio" group, so
  users can be added to that group if necessary).

svn path=/nixos/trunk/; revision=16692
2009-08-11 21:16:15 +00:00
Eelco Dolstra
bd2fbcf9e5 * Fix the bluetoothd stop condition.
svn path=/nixos/trunk/; revision=16687
2009-08-11 21:06:17 +00:00
Sander van der Burg
e8103aa39d Implemented support for per application configuration files
svn path=/nixos/trunk/; revision=16668
2009-08-11 09:40:31 +00:00
Eelco Dolstra
89ef5c979b * New nixos-rebuild action: "nixos-rebuild build-vm" builds a virtual
machine containing a replica (minus the state) of the system
  configuration.  This is mostly useful for testing configuration
  changes prior to doing an actual "nixos-rebuild switch" (or even
  "nixos-rebuild test").  The VM can be started as follows:

  $ nixos-rebuild build-vm
  $ ./result/bin/run-*-vm

  which starts a KVM/QEMU instance.  Additional QEMU options can be
  passed through the QEMU_OPTS environment variable
  (e.g. QEMU_OPTS="-redir tcp:8080::80" to forward a host port to the
  guest).  The fileSystem attribute of the regular system
  configuration is ignored (using mkOverride), because obviously we
  can't allow the VM to access the host's block devices.  Instead, at
  startup the VM creates an empty disk image in ./<hostname>.qcow2 to
  store the VM's root filesystem.

  Building a VM in this way is efficient because the VM shares its Nix
  store with the host (through a CIFS mount).  However, because the
  Nix store of the host is mounted read-only in the guest, you cannot
  run Nix build actions inside the VM.  Therefore the VM can only be
  reconfigured by re-running "nixos-rebuild build-vm" on the host and
  restarting the VM.

svn path=/nixos/trunk/; revision=16662
2009-08-11 01:35:56 +00:00
Sander van der Burg
ebd2fbd24f Removed mod_jk option, which is obsolete
svn path=/nixos/trunk/; revision=16660
2009-08-10 20:16:33 +00:00
Eelco Dolstra
f003f6d7cd * Fixed the path to the services tree. This should be a NixOS module argument.
svn path=/nixos/trunk/; revision=16658
2009-08-10 20:07:58 +00:00
Eelco Dolstra
167ccdd537 * Move the firmware loader into a separate module.
* services.udev.addFirmware -> hardware.firmware.

svn path=/nixos/trunk/; revision=16657
2009-08-10 19:27:15 +00:00
Eelco Dolstra
b3c0061a91 * services.udev.addUdevPkgs -> services.udev.packages.
* Simplified the udev rules generation: merged nixRules into
  services.udev.extraRules, and handle services.udev.extraRules using
  services.udev.packages.

svn path=/nixos/trunk/; revision=16655
2009-08-10 19:05:20 +00:00
Sander van der Burg
0d35699507 Implemented virtual host support. Now it's possible to assign web applications to virtual host, for example:
{
  ...

  services = {
    tomcat = {
      enable = true;
      virtualHosts = [
        { name = "test1.localhost";
          webapps = [ mypkgs.HelloApp ];
        }
        { name = "test2.localhost";
          webapps = [ mypkgs.ByeApp ];
        }
      ];
    };
  };
}


svn path=/nixos/trunk/; revision=16654
2009-08-10 18:45:18 +00:00
Eelco Dolstra
b4f8f919ab * Clean up the udev module.
svn path=/nixos/trunk/; revision=16653
2009-08-10 18:41:57 +00:00
Eelco Dolstra
2331a5140d * Added a module for the bluetooth daemon.
* Refactored some other modules (dbus, hal).

svn path=/nixos/trunk/; revision=16652
2009-08-10 18:25:09 +00:00
Sander van der Burg
89810914e4 Added virtual host support, which requires some more testing
svn path=/nixos/trunk/; revision=16649
2009-08-10 15:27:25 +00:00
Sander van der Burg
8c034b988d Added a lot of modifications in order to expression a Tomcat configuration better and to perform more efficient management of various Tomcat components.
With these modifications, a user can configure a tomcat instance with web applications and web services by writing a service, such as:

...

services = {
  tomcat = {
    enable = true;
    webapps = [ mypkgs.HelloWorldWebApplication ];
    axis2 = {
      enable = true;
      services = [ mypkgs.HelloService mypkgs.HelloWorldService ];
    };
  };
};


svn path=/nixos/trunk/; revision=16619
2009-08-09 20:19:07 +00:00
Michael Raskin
c8705704e1 Add Wacom X11 driver support
svn path=/nixos/branches/modular-nixos/; revision=16569
2009-08-03 19:55:33 +00:00
Eelco Dolstra
f0f5434eaa * Add an option to enable the firewall. It should eventually be
enabled by default.

svn path=/nixos/branches/modular-nixos/; revision=16464
2009-07-26 21:27:35 +00:00
Eelco Dolstra
264b49fce7 * A very basic firewall that rejects all incoming connections except
for the ports defined in networking.firewall.allowedTCPPorts.

svn path=/nixos/branches/modular-nixos/; revision=16460
2009-07-24 23:12:52 +00:00
Eelco Dolstra
38d594deec * wpa_supplicant: start/stop automatically.
svn path=/nixos/branches/modular-nixos/; revision=16451
2009-07-24 00:31:42 +00:00
Eelco Dolstra
c4780a8953 * dhcp 4.1 requires IPv6 support.
svn path=/nixos/branches/modular-nixos/; revision=16450
2009-07-24 00:31:22 +00:00
Eelco Dolstra
32b311a0f5 * Add gzip to the $PATH of nix-daemon, otherwise distributed builds
don't work.  This is a regression wrt the trunk.

svn path=/nixos/branches/modular-nixos/; revision=16448
2009-07-23 23:25:50 +00:00
Marc Weber
dbd6ea7f63 adding daemonNiceLevel option. running biulds with niceness 0 can be annoying
svn path=/nixos/branches/modular-nixos/; revision=16420
2009-07-18 16:14:03 +00:00
Eelco Dolstra
d591559609 * A simple module for running wpa_supplicant.
svn path=/nixos/branches/modular-nixos/; revision=16409
2009-07-16 21:08:32 +00:00
Eelco Dolstra
3abf509637 * Don't try to start dhclient on the wmaster0 interface. This just
gets rid of endless dhclient log messages such as

    Jul 16 19:09:30 dutibo dhclient: DHCPDISCOVER on wmaster0 to 255.255.255.255 port 67 interval 19
    Jul 16 19:09:30 dutibo dhclient: send_packet: Network is down

svn path=/nixos/branches/modular-nixos/; revision=16407
2009-07-16 17:25:50 +00:00
Eelco Dolstra
b58682401e * Give a type to networking.interfaces.
* Simplified the pre-start script of the network-interfaces module.
* Removed wireless support from the network-interfaces module.  It
  only worked for static WEP configurations anyway, and AFAIK nobody
  used it.

svn path=/nixos/branches/modular-nixos/; revision=16406
2009-07-16 17:18:54 +00:00
Eelco Dolstra
2cd3e205f4 svn path=/nixos/branches/modular-nixos/; revision=16397 2009-07-16 15:01:56 +00:00
Eelco Dolstra
6119c399d8 * Support tasks in the new Upstart formalism.
* Swap task: fixed removing disabled swap devices.
* Swap task: specified the type of swapDevices.

svn path=/nixos/branches/modular-nixos/; revision=16396
2009-07-16 14:51:49 +00:00
Eelco Dolstra
7cb4503ad6 * More Upstart refactoring.
svn path=/nixos/branches/modular-nixos/; revision=16394
2009-07-16 13:55:11 +00:00
Eelco Dolstra
889311f4ca * Refactored the sshd module.
svn path=/nixos/branches/modular-nixos/; revision=16377
2009-07-15 15:53:39 +00:00
Eelco Dolstra
c45cf3a28e * In the jobs attribute, support a more high-level way of specifying
jobs, e.g. (from the nscd job)

    { name = "nscd";

      description = "Name Service Cache Daemon";

      startOn = "startup";
      stopOn = "shutdown";

      environment = { LD_LIBRARY_PATH = nssModulesPath; };
        
      preStart =
        ''
          mkdir -m 0755 -p /var/run/nscd
          mkdir -m 0755 -p /var/db/nscd
        '';

      exec = "${pkgs.glibc}/sbin/nscd -f ${./nscd.conf} -d 2> /dev/null";
    };

  The Upstart job is generated from this.  The main goal is to provide
  some abstraction from the Upstart syntax.  For instance, this should
  make it easier to upgrade to newer versions of Upstart, to switch to
  an entirely different process management system (e.g. initng or
  launchd), or to test a job independantly from Upstart.  (However the
  startOn and stopOn attributes are tied to Upstart's event model.)

svn path=/nixos/branches/modular-nixos/; revision=16376
2009-07-15 15:24:11 +00:00
Eelco Dolstra
9d1e31117f * Get rid of the "users" and "groups" fields in jobs.
svn path=/nixos/branches/modular-nixos/; revision=16371
2009-07-15 11:34:55 +00:00
Eelco Dolstra
ca8e00cafa * Got rid of the extraPath field in jobs (use
environment.systemPackages instead).  Also renamed
  services.extraJobs to jobs.

svn path=/nixos/branches/modular-nixos/; revision=16370
2009-07-15 11:19:11 +00:00
Eelco Dolstra
118418ba31 * Refactoring the Upstart module. Got rid of job.extraEtc, it's
redundant now (modules can just define environment.etc).

svn path=/nixos/branches/modular-nixos/; revision=16367
2009-07-15 09:06:36 +00:00
Eelco Dolstra
da996583ee * Include the NixOS manpages in the system environment. Actually
there is only one currently: configuration.nix(5), which contains a
  list of all the options.

svn path=/nixos/branches/modular-nixos/; revision=16360
2009-07-14 16:27:46 +00:00
Lluís Batlle i Rossell
c331fd106b Updated the xserver video drivers list, removing the old via, and putting the new openchrome.
svn path=/nixos/branches/modular-nixos/; revision=16330
2009-07-11 10:33:42 +00:00
Marc Weber
d4a37c2f1b fix copy paste error
svn path=/nixos/branches/modular-nixos/; revision=16278
2009-07-09 14:35:03 +00:00
Michael Raskin
9a66d59786 Fixing wrong assertion sign
svn path=/nixos/branches/modular-nixos/; revision=16236
2009-07-08 09:10:26 +00:00
Michael Raskin
1118c4b6d1 Fix service tree paths
svn path=/nixos/branches/modular-nixos/; revision=16235
2009-07-08 09:09:57 +00:00
Ludovic Courtès
1f9d8f45ea lshd: Fix typo; comment on the seed generation.
svn path=/nixos/branches/modular-nixos/; revision=16142
2009-07-02 14:05:01 +00:00
Ludovic Courtès
74738de1f8 Make NSS modules visible to `avahi-daemon'.
It allows it to know whether `libnss-mdns' is available, which clients
can ask via the `IsNSSSupportAvailable' D-Bus method.

svn path=/nixos/branches/modular-nixos/; revision=16125
2009-07-01 12:27:35 +00:00
Ludovic Courtès
e2e373b89c bitlbee: Fix `systemPackages' attribute.
svn path=/nixos/branches/modular-nixos/; revision=16090
2009-06-30 08:01:14 +00:00
Ludovic Courtès
6566bc4882 gpsd: Fix UID/GID declaration.
svn path=/nixos/branches/modular-nixos/; revision=16089
2009-06-30 07:56:08 +00:00
Nicolas Pierron
5f59ac0447 Fix a bad use of pkgs.lib.optional. (detect with bad type error on x11Packages)
svn path=/nixos/branches/modular-nixos/; revision=16053
2009-06-26 12:14:02 +00:00
Eelco Dolstra
0d5ea86748 * Merge some stuff from the trunk.
svn path=/nixos/branches/modular-nixos/; revision=16051
2009-06-26 11:36:38 +00:00
Nicolas Pierron
f61a3ebd2c Generate hal configuration file form the xserver settings.
svn path=/nixos/branches/modular-nixos/; revision=16046
2009-06-25 23:29:49 +00:00
Nicolas Pierron
0bd210bb78 Fix typos in type names. (types.packages -> types.package)
svn path=/nixos/branches/modular-nixos/; revision=16045
2009-06-25 22:49:05 +00:00
Nicolas Pierron
6e802e5d75 Replace extraPackages by x11Packages for all windows/desktop managers.
-> No longer install graphical packages if the xserver is disabled.
-> avoid duplication of "mkIf config.services.xserver.enable".

svn path=/nixos/branches/modular-nixos/; revision=16044
2009-06-25 22:08:03 +00:00
Eelco Dolstra
b701207ead * Typo.
svn path=/nixos/branches/modular-nixos/; revision=16039
2009-06-24 22:27:54 +00:00
Eelco Dolstra
2346754f5e * Don't add xterm and feh to the system path if the X server is
disabled.  Other desktop/display/window manager modules should be
  conditional on config.services.xserver.enable as well, but at least
  they're disabled by default due to other options.

svn path=/nixos/branches/modular-nixos/; revision=16031
2009-06-22 20:34:51 +00:00
Eelco Dolstra
d06556e274 * Get rid of the `experimental' flag.
svn path=/nixos/branches/modular-nixos/; revision=16010
2009-06-19 14:27:43 +00:00
Eelco Dolstra
262ddf0854 * Move the manual/Rogue from virtual consoles 7/8 to 8/9
respectively so that the X server can run on 7.

svn path=/nixos/branches/modular-nixos/; revision=15924
2009-06-10 12:53:45 +00:00
Eelco Dolstra
463cf8efdd * Provide a /etc/nixos/configuration.nix in the booted CD to make
nixos-rebuild work.  This makes it a true live CD.

svn path=/nixos/branches/modular-nixos/; revision=15922
2009-06-10 12:34:58 +00:00
Eelco Dolstra
b7cad3c059 * Style fix.
svn path=/nixos/branches/modular-nixos/; revision=15896
2009-06-08 22:44:59 +00:00
Eelco Dolstra
42513650d8 svn path=/nixos/branches/modular-nixos/; revision=15895 2009-06-08 22:44:05 +00:00
Eelco Dolstra
f4b5a21d59 * Fix building the manual.
svn path=/nixos/branches/modular-nixos/; revision=15877
2009-06-05 15:04:58 +00:00
Eelco Dolstra
021c65da98 * Quick hack in the X server job: wait until udev is running, since we
need some devices.  In particular this fixes the "Cannot open
  virtual console 7" errors in VirtualBox.  (There's nothing special
  about VirtualBox, but the different timing makes it more likely to
  trigger this bug.)

svn path=/nixos/branches/modular-nixos/; revision=15836
2009-06-03 08:14:54 +00:00
Eelco Dolstra
116306c8dc * Restart ntpd when we get a new DHCP lease. Without this, if ntpd
previously failed to resolve the NTP server hostnames in its config
  file, it will happily sit in a loop forever doing nothing.

svn path=/nixos/branches/modular-nixos/; revision=15830
2009-06-02 19:42:31 +00:00
Eelco Dolstra
674d63e212 * Don't do a separate "ntp -q -g" to reset the system time in the ntp
start script.  It's probably not necessary, but more importantly, it
  can hang forever if the network is down.  (Actually it will sit in a
  loop waiting for UDP packets that will never arrive.)  This causes
  the NixOS reboot to hang, since Upstart can't kill jobs stuck in
  their start script.

svn path=/nixos/branches/modular-nixos/; revision=15829
2009-06-02 19:40:14 +00:00
Eelco Dolstra
720d51179e * kdm needs the "kde" PAM module, but you only get it when KDE is
enabled as a session type.  Since I'm lazy, provide it
  unconditionally.  Also have it include "common-console" to set
  device ownership when logging in.

svn path=/nixos/branches/modular-nixos/; revision=15800
2009-05-29 14:57:31 +00:00
Eelco Dolstra
dba1d48b78 * Move the uid/gid mappings into a module. This allows other modules
to use it through config.ids.{uids,gids} rather than `import
  relative-path/ids.nix'.

svn path=/nixos/branches/modular-nixos/; revision=15796
2009-05-29 14:25:56 +00:00
Eelco Dolstra
fdbe09e914 * Moved the guest-users.nix module to modules/config. Clearing the
passwords is now done in an activation scriptlet rather than an
  Upstart job (not tested).  BTW, we should get rid of this module and
  add support to the users-groups.nix module for creating accounts
  with an empty password.

svn path=/nixos/branches/modular-nixos/; revision=15769
2009-05-28 14:37:30 +00:00
Eelco Dolstra
de7aae5d5e * Move the generation of /etc/nix.machines to the nix-daemon module.
svn path=/nixos/branches/modular-nixos/; revision=15765
2009-05-28 12:56:56 +00:00
Eelco Dolstra
3badebea95 * Move /etc/issue to the mingetty module.
svn path=/nixos/branches/modular-nixos/; revision=15758
2009-05-28 11:34:46 +00:00
Eelco Dolstra
05a08adf91 * Move the dhclient exit hooks file to the dhclient module, where it
belongs.

svn path=/nixos/branches/modular-nixos/; revision=15755
2009-05-27 23:30:29 +00:00
Eelco Dolstra
3c6ae39a0d * Refactoring: moved some options out of system/options.nix (almost
empty now), do more of bashrc.sh declaratively, and moved nsswitch
  generation to modules/config/nsswitch.nix.

svn path=/nixos/branches/modular-nixos/; revision=15754
2009-05-27 23:14:38 +00:00
Nicolas Pierron
e6ae383b9b Add a temporary work-around to be able to use non-us keyboard layout.
xkbcomp does not look inside the directory specified with the option -xkbdir.

svn path=/nixos/branches/modular-nixos/; revision=15752
2009-05-27 20:27:59 +00:00
Eelco Dolstra
60b3f95ad8 * Move the definition of the set of system packages to
modules/config/system-path.nix.  system/system.nix is now almost
  empty.
* Removed the cleanStart option - it should be possible to get the
  same functionality by overriding config.system.path (or defining
  config.system.systemPackages with a higher priority - don't know if
  that works though).

svn path=/nixos/branches/modular-nixos/; revision=15727
2009-05-25 17:41:03 +00:00
Eelco Dolstra
6e066c8e1d * Idem.
svn path=/nixos/branches/modular-nixos/; revision=15724
2009-05-25 13:55:36 +00:00
Eelco Dolstra
f1fb3b45cf * No camelCase in filenames. Also pluralise the *-manager directories
for consistency.

svn path=/nixos/branches/modular-nixos/; revision=15719
2009-05-25 09:02:29 +00:00
Eelco Dolstra
5ebdee3577 * Continued refactoring the tree: moved most Upstart jobs (namely
those that run daemons) to modules/services.  This probably broke
  some things since there are a few relative paths in modules
  (e.g. imports of system/ids.nix).
* Moved some PAM modules out of etc/pam.d to the directories of NixOS
  modules that use them.

svn path=/nixos/branches/modular-nixos/; revision=15717
2009-05-24 23:13:23 +00:00