Commit graph

2718 commits

Author SHA1 Message Date
Evgeny Egorochkin
791c758b41 Encrypted root support via LUKS
svn path=/nixos/trunk/; revision=24459
2010-10-25 00:57:30 +00:00
Evgeny Egorochkin
88fb000fc1 Fix UID and GID clash between diferent packages
svn path=/nixos/trunk/; revision=24417
2010-10-22 13:18:26 +00:00
Evgeny Egorochkin
2118288557 KDE4: mp3 playback out of the box
svn path=/nixos/trunk/; revision=24416
2010-10-22 13:18:22 +00:00
Sander van der Burg
9c722e474d - Added nixos-build-vms command, which builds a virtual network from a network.nix expression (also used by nixos-deploy-network)
- Added a backdoor option to the interactive run-vms script. This allows me to intergrate the virtual network approach with Disnix
- Small documentation fixes

Some explanation:

The nixos-build-vms command line tool can be used to build a virtual network of a network.nix specification.
For example, a network configuration (network.nix) could look like this:

{
  test1 = 
    {pkgs, config, ...}:
 
    {
      services.openssh.enable = true;
      ...
    };

  test2 =
    {pkgs, config, ...}:
    
    {
      services.openssh.enable = true;
      services.xserver.enable = true;
    }

    ;
}

By typing the following instruction:

$ nixos-build-vms -n network.nix

a virtual network is built, which can be started by typing:

$ ./result/bin/run-vms

It is also possible to enable a backdoor. In this case *.socket files are stored in the current directory
which can be used by the end-user to invoke remote instruction on a VM in the network through a Unix
domain socket.

For example by building the network with the following instructions:

$ nixos-build-vms -n network.nix --use-backdoor

and launching the virtual network:

$ ./result/bin/run-vms

You can find two socket files in your current directory, namely: test1.socket and test2.socket.
These Unix domain sockets can be used to remotely administer the test1 and test2 machine
in the virtual network.

For example by running:

$ socat ./test1.socket stdio
ls /root

You can retrieve the contents of the /root directory of the virtual machine with identifier test1


svn path=/nixos/trunk/; revision=24410
2010-10-21 22:50:12 +00:00
Michael Raskin
f6bc3d61cf To prevent glibc bug exploitation, make setuid-wrappers unreadable to non-root users
svn path=/nixos/trunk/; revision=24378
2010-10-20 09:29:02 +00:00
Eelco Dolstra
baaf7bd6e3 * Updated the Compiz module: add the plugins, put ccsm in the PATH,
and don't use GConf anymore.

svn path=/nixos/trunk/; revision=24374
2010-10-19 23:25:53 +00:00
Sander van der Burg
936e4e73d7 Modified the nixos-deploy-network script to use a 2PC-like approach illustrated in the Disnix HotSWUp paper for system configurations
svn path=/nixos/trunk/; revision=24352
2010-10-18 19:47:46 +00:00
Eelco Dolstra
341698c367 * OpenVPN: add it to the system path when enabled.
svn path=/nixos/trunk/; revision=24343
2010-10-18 10:40:08 +00:00
Eelco Dolstra
2bb4a618e2 * Added an option "services.openssh.extraConfig" that allows
setting arbitrary options in sshd_config, e.g.,

    services.openssh.extraConfig = "PermitTunnel yes";

svn path=/nixos/trunk/; revision=24341
2010-10-18 10:31:41 +00:00
Nicolas Pierron
40df597205 Enables the following renaming A -> C & B -> C and A -> B & B -> C.
svn path=/nixos/trunk/; revision=24295
2010-10-14 18:18:38 +00:00
Eelco Dolstra
1b55007d63 * Don't use environment.kdePackages; environment.systemPackages works
just as well.

svn path=/nixos/trunk/; revision=24290
2010-10-14 14:57:38 +00:00
Eelco Dolstra
5e11683abc * Remove the useless "to" function. This ain't COBOL.
svn path=/nixos/trunk/; revision=24289
2010-10-14 13:57:15 +00:00
Evgeny Egorochkin
6cd14e3784 Intel 2100 wifi firmware: packaged
svn path=/nixos/trunk/; revision=24285
2010-10-14 12:33:20 +00:00
Eelco Dolstra
f9a62453b0 * Set KDEDIRS in kdm, otherwise it can't find the wallpaper.
svn path=/nixos/trunk/; revision=24282
2010-10-14 12:11:37 +00:00
Eelco Dolstra
9def3a8dbc * Use mkOverride.
svn path=/nixos/trunk/; revision=24255
2010-10-12 22:04:10 +00:00
Eelco Dolstra
52a8a529b3 * Fix indentation.
svn path=/nixos/trunk/; revision=24254
2010-10-12 22:03:50 +00:00
Eelco Dolstra
fa04ae9738 * It's "tun", not "tap".
svn path=/nixos/trunk/; revision=24217
2010-10-11 17:06:49 +00:00
Nicolas Pierron
1c2a5b495d Make Hydra check that CD configuration can be updated without any connection.
svn path=/nixos/trunk/; revision=24211
2010-10-10 22:55:42 +00:00
Ludovic Courtès
4695f790cf test-driver: Add `startJob' method.
svn path=/nixos/trunk/; revision=24210
2010-10-10 22:37:45 +00:00
Ludovic Courtès
26bae39a1f Have Hydra execute the Avahi test.
svn path=/nixos/trunk/; revision=24209
2010-10-10 22:37:41 +00:00
Eelco Dolstra
968437c5d0 * Enable xfce4-mixer.
svn path=/nixos/trunk/; revision=24208
2010-10-10 22:35:18 +00:00
Lluís Batlle i Rossell
098a593fb4 Removing a nixos module reference I commited by error.
svn path=/nixos/trunk/; revision=24202
2010-10-10 11:50:50 +00:00
Lluís Batlle i Rossell
79ded36abf Making cron/fcron set their setuid wrappers. And made fcron use the nixos systemCrontabJobs by
default.
It does not look very modular, and the manual may not look very good, but I think it
works better than before. And setting cron.enable = false and fcron.enable = true works fine.


svn path=/nixos/trunk/; revision=24199
2010-10-10 11:35:15 +00:00
Lluís Batlle i Rossell
dc11ce585f Making vixie cron have the usual enable/disable nixos service option.
svn path=/nixos/trunk/; revision=24198
2010-10-10 11:14:02 +00:00
Lluís Batlle i Rossell
70a2ad7898 Requiring nixpkgs 24196, I made nixos set the sendmail path to vixie cron, so
now vixie cron can send mail properly, for example if a user enabled the
'postfix' service.


svn path=/nixos/trunk/; revision=24197
2010-10-10 11:08:10 +00:00
Lluís Batlle i Rossell
a069fcffc6 Making a nixos option about the system 'sendmail', which postfix sets, for example.
svn path=/nixos/trunk/; revision=24193
2010-10-10 10:43:28 +00:00
Eelco Dolstra
f9d4df1e04 svn path=/nixos/trunk/; revision=24185 2010-10-08 12:57:21 +00:00
Ludovic Courtès
8d88e37b27 avahi-daemon: Remove outdated and confusing comment.
svn path=/nixos/trunk/; revision=24152
2010-10-07 20:10:49 +00:00
Ludovic Courtès
5e6186418e Avahi test: Use getent hosts' instead of ping -c1'.
svn path=/nixos/trunk/; revision=24151
2010-10-07 20:10:45 +00:00
Ludovic Courtès
dc18e5488a NSS-mDNS: Allow both IPv4 and IPv6 address resolution.
svn path=/nixos/trunk/; revision=24150
2010-10-07 20:10:40 +00:00
Ludovic Courtès
2b2b7820a9 Add an Avahi (mDNS/DNS-SD) and NSS-mDNS test.
svn path=/nixos/trunk/; revision=24148
2010-10-07 16:58:07 +00:00
Sander van der Burg
122e125d6b Added the nixos-deploy-network tool. With this tool you can write a network of NixOS configurations, e.g.:
{
  test1 = {pkgs, config, ...}:
    {
       # NixOS config of machine test1
       ...
    };

  test2 = {pkgs, config, ...}:
    {
       # NixOS config of machine test2
       ...
    };
}

And an infrastructure expression, e.g:

{
  test1 = {
    hostName = "test1.example.org";
    system = "i686-linux";
  };
  test2 = {
    hostName = "test2.example.org";
    system = "x86_64-linux";
  };
}

And by executing:

nixos-deploy-network -n network.nix -i infrastructure.nix

The system configurations in the network expression are built, transferred to the machines in the network and finally activated. 


svn path=/nixos/trunk/; revision=24146
2010-10-07 14:30:52 +00:00
Rob Vermaas
d556b86f75 hydra-mirror: enable binary patches
svn path=/nixos/trunk/; revision=24133
2010-10-07 12:46:26 +00:00
Eelco Dolstra
81dbac4af3 * Don't run ntpd in DomU.
svn path=/nixos/trunk/; revision=24125
2010-10-06 20:22:36 +00:00
Eelco Dolstra
cda2e41c01 * Added a "xendomains" job to automatically start the domains defined
in /etc/xen/auto at boot time, to save all running domains during
  shutdown, and to restore all saved domains at boot time.

svn path=/nixos/trunk/; revision=24121
2010-10-06 16:07:16 +00:00
Eelco Dolstra
102a1e15ba * Use the "iburst" flag. This makes ntpd synchronise in a few seconds rather than
a few minutes by sending an initial burst of messages to the time servers.

svn path=/nixos/trunk/; revision=24119
2010-10-06 16:03:37 +00:00
Rob Vermaas
f2f048db4d mercurial/apache: put PYTHONPATH in globalEnvVars
svn path=/nixos/trunk/; revision=24115
2010-10-06 12:38:37 +00:00
Rob Vermaas
8d60cad42a mercurial: initial version for hgweb apache module
svn path=/nixos/trunk/; revision=24111
2010-10-06 11:21:15 +00:00
Eelco Dolstra
aeb89fc753 * Set /proc/sys/kernel/poweroff_cmd to Upstart's poweroff command
(rather than /sbin/poweroff).  Xen's "xm shutdown" needs this to
  enable the host to cleanly shutdown the guest.

svn path=/nixos/trunk/; revision=24094
2010-10-05 17:58:58 +00:00
Eelco Dolstra
8b5fba4942 * Added a module that provides common configuration for DomU
machines.

svn path=/nixos/trunk/; revision=24084
2010-10-05 15:44:40 +00:00
Eelco Dolstra
35562ea4a3 * Don't daemonize; otherwise Upstart will respawn it.
svn path=/nixos/trunk/; revision=24081
2010-10-05 15:17:09 +00:00
Eelco Dolstra
c5b39e70ef * Rename the xen module to xen-dom0.
svn path=/nixos/trunk/; revision=24078
2010-10-05 14:23:12 +00:00
Eelco Dolstra
c8fc492acf * Start atd when udev has finished completely. Hopefully this fixes
the random atd failures at boot time, which seem to be caused by a
  race with the creation of /dev/null or something.

svn path=/nixos/trunk/; revision=24077
2010-10-05 14:22:06 +00:00
Eelco Dolstra
17213c4f2a * When generating a GRUB 1 menu, don't use the "module" command to
load the initrd, because pv-grub doesn't like it.

svn path=/nixos/trunk/; revision=24068
2010-10-05 13:11:30 +00:00
Evgeny Egorochkin
ac7ef33e4a Tor: socksListenAddress must always be in ip:port format
svn path=/nixos/trunk/; revision=24022
2010-10-02 02:19:17 +00:00
Rob Vermaas
7468ad50e0 nixos-option.sh: fix typo
svn path=/nixos/trunk/; revision=24015
2010-10-01 06:31:27 +00:00
Russell O'Connor
2811c7270a Replacing tsocks with torsocks.
tsocks leaks DNS requests and is less secure than torsocks.

torsocks is a fork of tsocks that is patched specifically for Tor.


svn path=/nixos/trunk/; revision=24012
2010-10-01 03:41:43 +00:00
Eelco Dolstra
ab8a6d43c4 svn path=/nixos/trunk/; revision=23998 2010-09-30 13:53:30 +00:00
Evgeny Egorochkin
02f2b1f640 Fix lots of KDE functionality
svn path=/nixos/trunk/; revision=23992
2010-09-30 05:08:33 +00:00
Rob Vermaas
8a37500355 initial try for a nixos module for hydra channel mirroring
svn path=/nixos/trunk/; revision=23990
2010-09-29 11:31:09 +00:00