Commit graph

11034 commits

Author SHA1 Message Date
Okina Matara
9c97f37761 nixos/zeronet: Fix TOR permissions, add torAlways option 2018-09-08 12:12:11 -05:00
Michael Weiss
53ef5441bb nixos/sks: Make the webroot option optional
That way the built-in web server is usable by default but users can use
$HOME/web directly (instead of having to use a symlink), if they want to
customize the webpage.
2018-09-08 17:01:35 +02:00
Michael Weiss
eb0050ca45 nixos/sks: Use a group and don't add sks to systemPackages
Without a group the gid will default to 65534 (2^16 - 2) which maps to
"nogroup". IMO it makes more sense to explicitly set a valid group.

Adding pkgs.sks to environment.systemPackages is not required (IIRC we
want to avoid bloating environment.systemPackages). Instead it seems
like a better idea to make the relevant binaries available to the user
sks and enable useDefaultShell so that "su -l sks" can be used for
manual interaction (that way the files will always have the correct
owner).
2018-09-08 16:24:05 +02:00
Michael Weiss
a0d3d098ff nixos/sks: Add a webroot option
The module will now, by default, serve a simple webpage via the built-in
web server (instead of displaying an error message).
2018-09-08 16:24:05 +02:00
Graham Christensen
ca7391daf2
Merge pull request #46341 from obsidiansystems/fix-46320
nixpkgs module: Fix defaulting of `localSystem` and `system`
2018-09-08 09:16:41 -04:00
Yarny0
12fa95f2d6 modules: HylaFAX server configuration
This commit adds the following
* the uucp user
* options for HylaFAX server to control startup and modems
* systemd services for HylaFAX server processes
  including faxgettys for modems
* systemd services to maintain the HylaFAX spool area,
  including cleanup with faxcron and faxqclean
* default configuration for all server processes
  for a minimal working configuration

Some notes:

* HylaFAX configuration cannot be initialized with faxsetup
  (as it would be common on other Linux distributions).
  The hylafaxplus package contains a template spool area.
* Modems are controlled by faxgetty.
  Send-only configuration (modems controlled by faxq)
  is not supported by this configuration setup.
* To enable the service, one or more modems must be defined with
  config.services.hylafax.modems .
* Sending mail *should* work:
  HylaFAX will use whatever is in
  config.services.mail.sendmailSetuidWrapper.program
  unless overridden with the sendmailPath option.
* The admin has to create a hosts.hfaxd file somewhere
  (e.g. in /etc) before enabling HylaFAX.
  This file controls access to the server (see hosts.hfaxd(5) ).
  Sadly, HylaFAX does not permit account-based access
  control as is accepts connections via TCP only.
* Active fax polling should work; I can't test it.
* Passive fax polling is not supported by HylaFAX.
* Pager transmissions (with sendpage) are disabled by default.
  I have never tested or used these.
* Incoming data/voice/"extern"al calls
  won't be handled by default.
  I have never tested or used these.
2018-09-08 14:21:40 +02:00
Michael Weiss
28a46c2c6f
Merge pull request #46361 from primeos/nixos-sks
nixos/sks: Minor improvements
2018-09-08 14:16:55 +02:00
Tad Fisher
56b3c5b2dd nixos/networkmanager: fix VPN plugin service definition targets (#46201) 2018-09-08 14:10:51 +02:00
Michael Weiss
6764d41ecc nixos/sks: Update the descriptions and add meta.maintainers
TODO: Merge this module with https://github.com/NixOS/nixpkgs/pull/24516
2018-09-08 13:44:11 +02:00
Michael Weiss
a0d7b88911 nixos/sks: Add a dataDir option 2018-09-08 13:44:08 +02:00
Jan Tojnar
667e54bdb0
Merge pull request #45045 from jtojnar/rygel
Rygel
2018-09-08 06:22:37 +01:00
Jan Tojnar
60ae12f5de
nixos/rygel: init 2018-09-08 06:57:14 +02:00
John Ericson
9f9723b179 nixpkgs module: Fix defaulting of localSystem and system
Take two of #40708 (4fe2898608).

That PR attempted to bidirectionally default `config.nixpkgs.system` and
`config.nixpkgs.localSystem.system` to each be updated by the other. But
this is not possible with the way the module system works. Divergence in
certain cases in inevitable.

This PR is more conservative and just has `system` default `localSystem`
and `localSystem` make the final call as-is. This solves a number of
issues.

 - `localSystem` completely overrides `system`, just like with nixpkgs
 proper. There is no need to specify `localSystem.system` to clobber the
 old system.

 - `config.nixpkgs.localSystem` is exactly what is passed to nixpkgs. No
 spooky steps.

 - `config.nixpkgs.localSystem` is elaborated just as nixpkgs would so
 that all attributes are available, not just the ones the user
 specified.

The remaining issue is just that `config.nixpkgs.system` doesn't update
based on `config.nixpkgs.localSystem.system`. It should never be
referred to lest it is a bogus stale value because
`config.nixpkgs.localSystem` overwrites it.

Fixes #46320
2018-09-07 16:43:56 -04:00
Timo Kaufmann
e326c0156d
Merge pull request #45728 from Ma27/nixos/weechat-module
nixos/weechat: add module
2018-09-07 17:19:46 +02:00
Silvan Mosberger
00c6f85d18
Merge pull request #44341 from shmish111/riemann-options
nixos/riemann: refactor config
2018-09-07 16:41:59 +02:00
Maximilian Bosch
18d419141d
nixos/weechat: cleanup module, add module documentation
This adds several improvements the previously introduced
`services.weechat` module:

* Dropped `services.weechat.init` as the initialization script can now
  be done on package-level since 2af41719bc using the `configure`
  function.

* Added `sessionName` option to explicitly configure a name for the
  `screen` session (by default: weechat-screen).

* Added `binary` option to configure the binary name (e.g.
  `weechat-headless`).

* Added docs regarding `screen` session and `weechat.service`.
2018-09-07 13:45:13 +02:00
Yegor Timoshenko
b54987715b
weechat: add NixOS module 2018-09-07 13:09:08 +02:00
David Smith
1d497bbff1 nixos/riemann: refactor config
Previously it was only possible to use very simple Riemann config.
For more complicated scenarios you need a directory of clojure
files and the config file that riemann starts with should be in this
directory.
2018-09-07 09:46:46 +01:00
Franz Pletz
48f2b0c909
Merge pull request #46235 from alexshpilkin/networkd-link-multicast
nixos/networkd: support MULTICAST, fix RequiredForOnline and [Route]
2018-09-07 07:44:58 +00:00
Alexander Shpilkin
ecf73103ab
nixos/networkd: do not require gateway for routes
A route via a tunnel interface does not require a gateway to be
specified, so do not check for the Gateway= field on routes at all.
2018-09-07 02:23:12 +03:00
Alexander Shpilkin
8fdb6fba30
nixos/networkd: fix handling of RequiredForOnline 2018-09-07 02:01:21 +03:00
Alexander Shpilkin
423e46a24f
nixos/networkd: support MULTICAST flag on links
Support Multicast= option in [Link] section of network units,
introduced in systemd/systemd#9118.
2018-09-07 01:56:46 +03:00
xeji
5fc8ebdda0
Merge pull request #45784 from oxij/pull/44720-shell-env-edited
nixos/shells: Avoid overriding the environment for other child shells
2018-09-06 20:30:34 +02:00
Silvan Mosberger
aed92ec2e9
Merge pull request #44134 from dasJ/iperf
nixos/iperf: Init the module
2018-09-06 18:52:30 +02:00
Janne Heß
32a2d08b23 nixos/nullidentdmod: Init 2018-09-06 16:31:20 +02:00
John Ericson
f66257cfce doc: Add release notes for top-level {build,host,target}Platform deprecation
I forgot to do this in e51f736076.
2018-09-06 09:55:37 -04:00
John Ericson
24209d29f0
Merge pull request #46148 from obsidiansystems/plain-system-host
top-level, stdenv: Make `system` and `stdenv.system` describe the hostPlatform
2018-09-06 09:37:20 -04:00
John Ericson
8ae27030aa doc: Add changelog entry for new definition of system and stdenv.system
See the previous commit for details.
2018-09-06 09:24:08 -04:00
Shea Levy
18337f3ece
Merge branch 'no-toPath' 2018-09-06 08:09:53 -04:00
Janne Heß
9e25ebc03a nixos/iperf: Init the module 2018-09-06 12:38:30 +02:00
Eelco Dolstra
1510f324a3
nix: 2.1 -> 2.1.1 2018-09-06 01:12:03 +02:00
Maximilian Bosch
df05618f2a nixos/activation: fix activation script for non-POSIX shells (#46042)
This fixes an issue with shells like fish that are not fully POSIX
compliant. The syntax `ENV=val cmd' doesn't work properly in there.

This issue has been addressed in #45932 and #45945, however it has been
recommended to use a single shell (`stdenv.shell' which is either
`bash' or `sh') to significantly reduce the maintenance overload in the
future.

See https://github.com/NixOS/nixpkgs/issues/45897#issuecomment-417923464

Fixes #45897

/cc @FRidh @xaverdh @etu
2018-09-05 22:48:47 +02:00
xeji
f70dc57ad3
nixos/tests/opensmtpd: prevent non-deterministic failure (#46071)
A sporadic failure occured on Hydra because a request was sent
to smtpd after the systemd unit was started, but before the daemon
was actually listening. Fix by checking for open ports first.
2018-09-05 22:36:17 +02:00
Matthew Bauer
4120a9dda7
Merge pull request #42295 from avnik/libprefixed-to-multioutput/heimdal
Libprefixed to multioutput/heimdal
2018-09-05 13:50:13 -05:00
xeji
ba52f4cb76
statsd: mark broken, disable nixos test (#46097)
It's broken with node v8 and the upstream project is dead
(last commit Nov. 2016), see #45946 and
https://github.com/etsy/statsd/issues/646
2018-09-05 16:48:14 +02:00
Jan Tojnar
bf8386a411
Merge pull request #46058 from symphorien/dconf-dbus
dconf module: add dconf to services.dbus.packages
2018-09-05 14:51:06 +01:00
Uli Baum
62086c6be6 nixos/tests/novacomd: prevent non-deterministic failure
A sporadic failure occured on Hydra because a request was sent
to the daemon after the systemd unit was started, but before the
daemon was actually listening. Fix by checking for open port first.
2018-09-04 22:46:44 +02:00
Symphorien Gibol
88ae8f7d55 dconf module: add dconf to services.dbus.packages
Some programs like eog seem to need dconf accessible on dbus.
Without this change I get

(eog:1738): dconf-WARNING **: 21:20:52.770: failed to commit changes to
dconf: GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name
ca.desrt.dconf was not provided by any .service files
2018-09-04 21:19:31 +02:00
Vladimír Čunát
1428d00aa4
Merge branch 'master' into staging-next
Hydra: ?compare=1477053
2018-09-04 13:06:45 +02:00
Tim Steinbach
5fccac2b8d
kernel: Remove Copperhead
The patches are unmaintained and suggest a false sense of security
2018-09-03 11:18:11 -04:00
Eelco Dolstra
347638ccfe
nix: 2.0.4 -> 2.1 2018-09-03 01:37:55 +02:00
aszlig
4652f2f87e
nixos: Document option description changes
This adds a release notes entry to make users (and especially
developers) aware so they no longer need to use </para><para> in option
descriptions as this is now done automatically on every two consecutive
newlines.

More details can be found in the commit message of f865d0feab.

Signed-off-by: aszlig <aszlig@nix.build>
2018-09-03 01:14:46 +02:00
Samuel Dionne-Riel
e144899b74 release-notes: Adds 19.03 — Koi 2018-09-02 17:47:24 -04:00
Graham Christensen
14b0456686
Merge pull request #45930 from aszlig/option-description-parbreak
nixos: Split paras by \n\n in option descriptions
2018-09-02 16:08:06 -04:00
Graham Christensen
61deecdc34
nixos docs: more IDs 2018-09-02 15:56:24 -04:00
Graham Christensen
ff23dd110b
nixos docs: more IDs 2018-09-02 15:47:59 -04:00
Samuel Dionne-Riel
a92cfb5725
Merge pull request #45912 from xeji/p/dhcpcd
dhcpcd: 6.11.5 -> 7.0.8
2018-09-02 15:28:15 -04:00
Christopher Birkbeck
0dd7a0f266 Added an example for environment.variable. (#45956) 2018-09-02 21:21:14 +02:00
Graham Christensen
146f8bac7e
Merge pull request #45911 from samueldr/fix/nixos-help-browser
nixos/manual: nixos-help knows about colon-separated BROWSER
2018-09-02 14:30:22 -04:00
Graham Christensen
f14b6cb6ec
Merge pull request #44526 from samueldr/feature/actiavation-failure-identification
nixos/activation: Identifies the snippet that failed
2018-09-02 14:28:10 -04:00
Yorick
1ee3ad6732 wireguard: change preStop to postStop, require network.target (#45569)
* wireguard: change preStop to postStop, require network.target

* wireguard service: network.target -> network-online.target
2018-09-02 17:07:55 +02:00
volth
a9a8043b9b install-grub.pl: avoid double '/' in menu.lst and grub.conf (#45907)
Although double '/' in paths is not a problem for GRUB supplied with nixpkgs, sometimes NixOS's grub.conf read by external GRUB and there are versions of GRUB which fail
2018-09-02 14:34:55 +02:00
Uli Baum
13c3986b7a nixos/tests/networking.*.macvlan: disable reverse path check
Generated reverse path filtering rules for the macvlan interface
seem to be incorrect, causing the test to fail - sometimes or always,
depending on the dhcpcd version used.
- Disable reverse path checking temporarily to avoid blocking the channel
- Print more diagnostic information for debugging
2018-09-02 12:26:28 +02:00
Frederik Rietdijk
b910b697f6 Merge master into staging 2018-09-02 12:10:33 +02:00
xeji
224a5503ca
nixos/release.nix: disable blivet test (#45931)
- has been broken since 2017-07-24
- no attempts to fix it
- it tests an outdated blivet version (Oct 2014)
2018-09-02 09:37:48 +02:00
Uli Baum
5f72169b03 nixos/displayManagers/auto: allow root auto-login
The switch from slim to lightdm in #30890 broke some nixos tests
because lightdm by default doesn't permit auto-login for root.
Override /etc/pam.d/lightdm-autologin to allow it.
2018-09-02 08:18:10 +02:00
aszlig
f865d0feab
nixos: Split paras by \n\n in option descriptions
What annoyed me for a long time was the fact, that in order to break
into a new paragraph, you need to insert </para><para> in the
description attribute of an option.

Now we will automatically create <para/> elements for every block that
is separated by two consecutive newlines.

I first tried to do this within options-to-docbook.xsl, but it turns
out[1] that this isn't directly possible with XSLT 1.0, so I added
another XSLT file that postprocesses the option descriptions that are
now enclosed in <nixos:option-description/> by options-to-docbook.xsl.

The splitting itself is a bit more involved, because we can't simply
split on every \n\n because we'd also split text nodes of elements, for
example:

  <screen><![CDATA[

    one line

    another one

  ]]></screen>

This would create one <para/> element for "one line" and another for
"another line", which we obviously don't want because <screen/> is used
to display verbatim contents of what a user is seeing on the screen.

So what we do instead is splitting *only* the top-level text nodes
within the outermost <para/> and leave all elements as-is. If there are
more than one <para/> elements at the top-level, we simply don't process
it at all, because the description then already contains </para><para>.

https://www.mhonarc.org/archive/html/xsl-list/2012-09/msg00319.html

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @edolstra, @domenkozar
2018-09-02 08:10:37 +02:00
Florian Klink
953b77f07b bird: set reloadIfChanged to true (#45924)
This will trigger the reload instead of restart command if a definition
changes, which is much more desireable for a routing daemon.
2018-09-02 06:51:32 +02:00
Samuel Dionne-Riel
ca47cc90c2
Merge pull request #39142 from teto/nm_dispatchers
[RDY] networkmanager: enrich dispatcher PATH
2018-09-01 23:26:36 -04:00
Graham Christensen
2d5f599b35
Merge pull request #44347 from zhangyoufu/patch-28620
fix vlan interface bring up on boot
2018-09-01 21:28:31 -04:00
Uli Baum
7e9bd2dae1 nixos/tests/flatpak: explicitly disable gdm to fix eval
The switch to lightdm as default display manager in #30890
broke eval of the flatpak test. Since the test uses the
auto display manager (lightdm), gdm must now be explicitly disabled.
2018-09-02 01:57:20 +02:00
Uli Baum
15e6e1ff6f nixos/nginx: fix type of sslTrustedCertificate option
The option was added in 1251b34b5b
with type `types.path` but default `null`, so eval failed with
the default setting. This broke the acme and certmgr tests.

cc: @vincentbernat @fpletz
2018-09-02 01:35:59 +02:00
Graham Christensen
53c77e64fe
nixos docs: footnotes: give IDs 2018-09-01 16:24:37 -04:00
Graham Christensen
73bff467d2
makefile: auto-format xml docs outside of the doc subdir 2018-09-01 16:20:49 -04:00
Graham Christensen
34d2ec7c09
nixos docs: give IDs to things 2018-09-01 16:20:49 -04:00
Graham Christensen
18fd616351
nixos docs: Give sections IDs 2018-09-01 16:20:49 -04:00
Uli Baum
d660428f85 nixos-generate-config.pl: remove executable bit
it was erroneously set in cb1ca42009
although this file isn't executable before patching shebangs.
2018-09-01 21:29:30 +02:00
volth
2413fcdfeb services.xserver.windowManager.session: handle duplicate names (#37690) 2018-09-01 21:27:17 +02:00
Vladimír Čunát
37a45e5a97
nixos-generate-config: fix perl quoting after cb1ca42 2018-09-01 21:13:54 +02:00
volth
0fa04d646d alternative for iproute module (#41801) 2018-09-01 20:28:23 +02:00
Samuel Dionne-Riel
4ff5f304b9 nixos/manual: nixos-help knows about colon-separated BROWSER
This is the semantics as understood by `xdg-open`. Using these semantics
on a non-colon-separated variable works because it acts as if it was a
one element long list.

This fixes an issue where it would try to exec
`google-chrome-beta:google-chrome:chromium:firefox` on a system
configured with these semantics in mind.
2018-09-01 13:48:49 -04:00
Vladimír Čunát
0e7ba35ddc
Merge #45910: Fix i686 installer iso build 2018-09-01 19:15:39 +02:00
Samuel Dionne-Riel
3aae9fc3f9 nixos/iso-image.nix: fixes i686 installer iso build.
Fixes #45908
2018-09-01 13:00:58 -04:00
Vladimír Čunát
2d6179d1e8
Merge branch 'master' into staging
A few trivial conflicts due to *Platforms mass replace.
2018-09-01 17:38:18 +02:00
Vladimír Čunát
2e7cb61cfb
Merge #45720: coreutils: split a coreutils-full version 2018-09-01 17:03:49 +02:00
Venkateswara Rao Mandela
cb1ca42009 nixos/doc: add instructions for installation behind a proxy (#45854)
The instructions to install nixos behind a proxy were not clear. While
one could guess that setting http_proxy variables can get the install
rolling, one could end up with an installed system where the proxy
settings for the nix-daemon are not configured.

This commit updates the documentation with

1. steps to install behind a proxy

2. configure the global proxy settings so that nix-daemon can access
internet.

3. Pointers to use nesting.clone in case one has to use different proxy
settings on different networks.
2018-09-01 16:12:35 +02:00
xeji
ff679f86a2
Merge pull request #30890 from Lassulus/slim-lightdm
display-managers: make lightdm the default
2018-09-01 16:11:38 +02:00
volth
2c072b9ddc stage-1-init.sh: do not check mounted filesystems (#45891)
fsck of a mounted filesystems fails with error code 8 "Operational error" and halts the boot processing
2018-09-01 15:26:16 +02:00
Jörg Thalheim
58c29e9e75
Merge pull request #45875 from wizeman/u/fix-transmission-mod2
nixos/transmission: fix AppArmor profile to include keyutils
2018-09-01 12:13:22 +01:00
Uli Baum
43e30b1ead nixos/tests/installer: add missing system.extraDependencies
Since 1b11fdd0df the test VM
depends on some extra packages to build the system to be installed.
This broke the installer test as it tried to download/build these
packages in a sandbox.
2018-09-01 11:50:02 +02:00
Vladimír Čunát
9b0649ae3e
Merge #45774: linux_testing_bcachefs: upgrade, add tests 2018-09-01 11:06:29 +02:00
Vladimír Čunát
0473466ba5
Merge #45731: artwork update (replacing old logo) 2018-09-01 10:43:20 +02:00
Okina Matara
3d1fecd5bd nixos/tests/bcachefs: init 2018-08-31 21:19:53 -05:00
Graham Christensen
4477cf04b6
Document running nixos-rebuild switch to clear /boot space 2018-08-31 21:37:07 -04:00
lassulus
fc035da4a4 xserver.displayManager: change default
Switch from slim to lightdm as the display-manager.
    If plasma5 is used as desktop-manager use sdddm.
    If gnome3 is used as desktop-manager use gdm.

    Based on #12516
2018-08-31 17:57:39 +02:00
Ricardo M. Correia
6376c5df87 nixos/transmission: fix AppArmor profile to include keyutils 2018-08-31 17:19:29 +02:00
Tobias Happ
8f0bafcaff nixos/gitea: fix pre start script (#44979)
The gitea path is hardcoded in hooks directory in files of paths like:
    repositories/<user>/<repo>.git/hooks/update.d/gitea
2018-08-31 16:39:58 +02:00
John Ericson
2c4a75e9ef
Merge pull request #45820 from obsidiansystems/dont-use-obsolete-platform-aliases
treewide: Dont use obsolete platform aliases
2018-08-31 09:56:10 -04:00
xeji
4db15ba7b8
Merge pull request #45748 from xeji/p/nfs-232
nfs-utils: 2.1.1 -> 2.3.2, integrate libnfsidmap
2018-08-31 14:23:56 +02:00
チルノ
17564e0ed9 nixos/zeronet: init (#44842) 2018-08-31 11:40:23 +01:00
Sarah Brofeldt
bb321a2624
Merge pull request #45811 from Nadrieril/fix-usbguard-auditfile
nixos/usbguard: ensure the audit log file can be created 
nixos/usbguard: disable debug output
2018-08-31 11:40:13 +02:00
Franz Pletz
1cc916b5b2
Merge pull request #45810 from vincentbernat/fix/nginx-stapling
nixos/nginx: ensure TLS OCSP stapling works out of the box with LE
2018-08-31 07:18:40 +00:00
Jan Tojnar
f0136e4bc8
Merge pull request #45638 from aanderse/incron
incron: init at 0.5.12
2018-08-31 06:54:58 +01:00
Aaron Andersen
9b12db6928 changed from forking to simple as recommended by @aszlig 2018-08-31 03:03:04 +00:00
Aaron Andersen
d7d7533c18 changes as per requested by @aszlig 2018-08-31 02:52:49 +00:00
Aaron Andersen
7bc2a0dd64 removed quotes when not needed as suggested by @aszlig 2018-08-31 02:17:38 +00:00
John Ericson
2c2f1e37d4 reewide: Purge all uses stdenv.system and top-level system
It is deprecated and will be removed after 18.09.
2018-08-30 17:20:32 -04:00
Nadrieril
9b9ba8405b nixos/usbguard: ensure the audit log file can be created
Since version 0.7.3, usbguard-daemon won't start if the file cannot be opened.
2018-08-30 21:54:22 +01:00
Nadrieril
08148a746a nixos/usbguard: disable debug output 2018-08-30 21:54:22 +01:00
Vincent Bernat
1251b34b5b nixos/nginx: ensure TLS OCSP stapling works out of the box with LE
The recommended TLS configuration comes with `ssl_stapling on` and
`ssl_stapling_verify on`. However, this last directive also requires
the use of `ssl_trusted_certificate` to verify the received answer.
When using `enableACME` or similar, we can help the user by providing
the correct value for the directive.

The result can be tested with:

    openssl s_client -connect web.example.com:443 -status 2> /dev/null

Without OCSP stapling, we get:

    OCSP response: no response sent

After this change, we get:

    OCSP Response Data:
        OCSP Response Status: successful (0x0)
        Response Type: Basic OCSP Response
        Version: 1 (0x0)
        Responder Id: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
        Produced At: Aug 30 20:46:00 2018 GMT
2018-08-30 22:47:41 +02:00
Uli Baum
e0ca51c367 nixos/tests/nfs: fix nfs4 client mount path
nfs4 exports from a virtual filesystem root,
so the client mount path differs from nfs3
2018-08-30 19:57:39 +02:00
Samuel Dionne-Riel
aa0556415b
Merge pull request #45779 from grahamc/bump-nix-version
Nix minimal version: 1.11 -> 2.0
2018-08-30 11:39:18 -04:00
Jan Tojnar
8a8056c302
Merge pull request #45058 from michaelpj/imp/freedesktop-modules
freedesktop modules: init
2018-08-30 16:14:35 +01:00
Vladimír Čunát
6f2f91f307
Merge #42880: libinput: split .bin output 2018-08-30 15:29:32 +02:00
Vladimír Čunát
ab539ab863
libinput: make .bin the first output
That's the convention:
2018-08-30 15:27:26 +02:00
Jan Malakhovski
8952375b48 nixos/shells: fix indent everywhere
to comply with `doc/coding-conventions.xml`
2018-08-30 13:20:39 +00:00
Tor Hedin Brønner
d273db48c6 nixos/shells: avoid overriding the environment for child shells
A shared exported guard `__NIXOS_SET_ENVIRONMENT_DONE` is introduced that can
be used to prevent child shells from sourcing `system.build.setEnvironment`
the second time.

This fixes e.g. `nix run derivation` when run from e.g. ZSH through the console or
ssh. Before this Bash would resource the common environment resetting the `PATH`
environment variable.

We also export `system.build.setEnvironment` to `/etc/set-environment` making it
easy to reset the common environment with `. /etc/set-environment` when
needed and to grep for environment variables in `/etc` (which was the
motivation of #30418).

This reverts changes made in b00a3fc6fd
(the original #30418).
2018-08-30 13:20:39 +00:00
Graham Christensen
18f9539655
nixos docs: add release notes for nix 2.0 requiremnt bump 2018-08-30 08:52:43 -04:00
Bjørn Forsman
ee56a2cc19 treewide: fix typo: asumed -> assumed 2018-08-30 10:19:20 +02:00
Johannes Lötzsch
bb08d1c13f nixos/zabbix: fix initial database creation (#45750)
without this fix the database setup fails with „could not connect to database postgres: FATAL:  role "root" does not exist“
2018-08-30 08:25:13 +01:00
Graham Christensen
a141b3aad8
Merge pull request #33686 from samueldr/artwork/iso
(Installation media) Bootloader artwork refresh
2018-08-29 15:31:13 -04:00
Nikolay Amiantov
69407cb013 firewall service: respect marks in rpfilter (#39054)
This allows one to add rules which change a packet's routing table:

iptables -t raw -I PREROUTING 1 -m set --match-set myset src -j MARK --set-mark 2
ip rule add fwmark 2 table 1 priority 1000
ip route add default dev wg0 table 1

to the beginning of raw table PREROUTING chain, and still have rpfilter.
2018-08-29 20:50:53 +02:00
xeji
70b3ac8378
nixos/tests/i3wm: prevent non-deterministic failure (#45759)
Test failed sporadically on Hydra, probably due to timing issues.
These changes should make that less likely to occur.
2018-08-29 19:38:35 +02:00
xeji
ff6a61ad1b
nixos/tests/mesos: fix test (#45758)
fallout from 39e678e24e :
dockerTools.buildImage no longer applies default tag "latest"
2018-08-29 19:38:00 +02:00
Brian Olsen
9540b1c535 nixos/tests: Set DefaultTimeoutStartSec very high (#44916)
DefaultTimeoutStartSec is normally set to 90 seconds and works fine. But
when running NixOS tests on a very slow machine (like a VM without
nested virtualisation support) this default is to low and causes
systemd units to fail spuriously. One symptom of this issue are tests
at times failing with "timed out waiting for the VM to connect".

Since the VM connect timeout is 300 seconds I also set
DefaultTimeoutStartSec to this which is ridiculously high.
2018-08-29 12:12:12 +02:00
Samuel Dionne-Riel
01259ef98f nixos/grub: Uses the new artwork as the default option.
This also includes a set of defaults *for this option*, where when not
used, other saner defaults are used.
2018-08-29 00:04:58 -04:00
Samuel Dionne-Riel
e8406f937e nixos/grub: Adds background color and mode options
The background color option is self-explanatory.

The mode is either `normal` or `stretch`, they are as defined by GRUB,
where normal will put the image in the top-left corner of the menu, and
stretch is the default, where it stretches the image without
consideration for the aspect ratio.

 * https://www.gnu.org/software/grub/manual/grub/grub.html#background_005fimage
2018-08-29 00:04:58 -04:00
Samuel Dionne-Riel
bc5b26b4ab Reviews use of old nixos wallpaper to use one with the new logo.
The wallpaper used is *structurally compatible* with the other one,
meaning that the logo is at the same location, and not bigger.

It has one drawback: the logo is brighter, which clashes with the grub
usage. This is to be fixed with new options in grub.
2018-08-29 00:04:58 -04:00
Aaron Andersen
d9943e6bba added option to specify which packages are available to the system incrontab
recommendation by @jtojnar and @maurer
2018-08-29 00:43:28 +00:00
Aaron Andersen
3d1091eb5b added a check to make sure a situation where a defined configuration wouldn't be unused as per recommended by @maurer 2018-08-28 23:50:55 +00:00
Ben Wolsieffer
442681cc2a nixos/networkd: fix range assertions on 32 bit Nix 2018-08-28 19:31:10 -04:00
Dennis Gosnell
7d23ffb736 virtualbox: Change the virtualbox tests to not build the unfree tests by default. (#45415) 2018-08-28 22:28:47 +02:00
Vladimír Čunát
fd3927ac29
coreutils: split a coreutils-full version
- default coreutils is stripped of /share/ (11 -> 2 MiB)
- coreutils-full retains /share/ and adds openssl for faster *sum tools
- NixOS systemPackages contains coreutils-full
- *Support parameter defaults are moved inside
  (it seemed confusing to have `? false` and "at once" with `? isLinux`)

Closure considerations:
+ typical build-time closure will get lighter by ~9 MiB
- typical closure of NixOS installation will grow by ~2 MiB,
  due to referring to both versions.  I think it would be possible to
  re-use most of the utils between the two versions, but the expression
  would get much more complex.

I considered having stdenv with minimal coreutils and the default
`coreutils` attribute being full, but it turned out there were too many
trivial references in nixpkgs, so it didn't seem easy to keep rebuild
impact of openssl from growing significantly.
2018-08-28 22:17:07 +02:00
Matt McHenry
94a906b59a systemd: ensure fsck Requires/After links are created in mount units
systemd-fsck-generator only produces these lines if it can find the
necessary fsck executable in its PATH.

fixes #29139.
2018-08-28 17:12:49 +02:00
Tuomas Tynkkynen
69b4f427b6 nixos/zabbix-agent: Make the Zabbix package user-configurable 2018-08-28 17:43:12 +03:00
Eelco Dolstra
c251ec691a
virtualization.growPartition -> virtualisation.growPartition
There never was a 'virtualization.growPartition'. This got messed up
in eddf30cc93.

Issue #36590.
2018-08-28 14:24:39 +02:00
Jörg Thalheim
6a0a12a921
Merge pull request #45659 from vincentbernat/fix/nginx-gzip
Small nginx tweaks
2018-08-28 09:35:58 +01:00
Aaron Andersen
b77f38c3cd added a comment about the PATH variable under which incrontab commands will run 2018-08-27 21:31:55 +00:00
Aaron Andersen
7840d00532 clarified the descriptions of the allow and deny options 2018-08-27 21:15:03 +00:00
Aaron Andersen
fc1f33bc2c fixed issue with system jobs 2018-08-27 15:23:19 +00:00
Jörg Thalheim
a6ced42c60
Merge pull request #44990 from Ma27/reload-user-units-during-activation
nixos/switch-to-configuration: reload user units
2018-08-27 11:12:42 +01:00
Jörg Thalheim
831ecca60f
Merge pull request #45281 from Gerschtli/zsh-completion
nixos/zsh: Adds enableGlobalCompInit option
2018-08-27 10:45:29 +01:00
Jörg Thalheim
4e365aa453 nixos/zsh: make enableGlobalCompInit description less ambiguous 2018-08-27 10:43:31 +01:00
Vincent Bernat
bd075eb914 nginx: add more gzipped MIME types
The additions are:

 - image/svg+xml for SVG images
 - application/atom+xml for Atom feeds

These types are also present in mime.types. For better readability,
the list is sorted and formatted with one type per line.
2018-08-26 21:48:55 +02:00
Vincent Bernat
06a5fb2ada nginx: use a compression level of 5 in recommended configuration
While there is little gain of space to use a compression level of 9,
the CPU usage is significant. Many experiments point to use something
between 4 and 6. For example:

 - https://mjanja.ch/2015/03/finding-the-nginx-gzip_comp_level-sweet-spot/
 - 3bda5b93ed/nginx.conf (L93)
2018-08-26 21:43:34 +02:00
Jörg Thalheim
a78b364ed4
Merge pull request #44890 from dywedir/iwd
iwd: 0.4 -> 0.7
2018-08-26 17:25:42 +01:00
Jörg Thalheim
b7d7e20b3d
Merge pull request #45647 from xeji/p/netdata-test
nixos/tests/netdata: fix non-deterministic failure
2018-08-26 13:50:10 +01:00
Jörg Thalheim
b1aa9cbdbf
Merge pull request #45649 from xeji/p/networking-tests
nixos/tests/networking: fix routes and virtual tests
2018-08-26 13:45:55 +01:00
Uli Baum
3f8756ce10 nixos/tests/networking: fix "virtual" tests
`ip route` now displays extended tun attributes, so the expected
output of this test changed.

Upstream change: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=118eda77d6602616bc523a17ee45171e879d1818
2018-08-26 14:24:07 +02:00
Uli Baum
f021702d21 nixos/tests/networking: fix routes tests
The output format of `ip route` changed, it now explicitly
shows "proto static" for static routes.
2018-08-26 14:15:15 +02:00
Uli Baum
a44469d7b6 nixos/tests/netdata: fix non-deterministic failure
The test sporadically failed on hydra when a request was made
before the service was actually listening on its port.
Explicitly wait for the port to open.
2018-08-26 13:38:58 +02:00
Augustin Borsu
4d3ce5ca36 nixos/jupyter: init service 2018-08-26 12:00:54 +02:00
xeji
3050406388
nixos/tests/matrix-synapse: fix test (#45596)
Since matrix-synapse 0.33.0 underscores in server names are rejected
by server name validation, causing the test to fail:
  valueError: Server name 'server_sqlite' contains invalid characters
Relevant upstream change:
546bc9e28b
2018-08-26 10:38:52 +02:00
Bas van Dijk
a144c798e5
Merge pull request #44340 from shmish111/es-curator
nixos/curator: init elasticsearch curator
2018-08-26 01:33:34 +02:00
xeji
b2dc75cd03
Merge pull request #43736 from volth/patch-208
qemu: 2.12.1 -> 3.0.0
2018-08-26 01:28:12 +02:00
Aaron Andersen
fc03a9f5b7 initial work on incron service 2018-08-25 18:08:24 -04:00
Bas van Dijk
228705fc33 elasticsearch-curator: add note to the NixOS release notes 2018-08-25 18:59:32 +02:00
Bas van Dijk
241377ee76 nixos/tests/elk.nix: make sure the test doesn't wait for too long on elasticsearch-curator 2018-08-25 18:53:10 +02:00
Bas van Dijk
32200033a6 elasticsearch-curator: include the module in the module-list & fix bug 2018-08-25 18:53:10 +02:00
David Smith
842000566b elasticsearch-curator: add test 2018-08-25 18:53:10 +02:00
David Smith
2ec33f527b elasticsearch-curator: don't need to add enable to elasticsearch-curator service 2018-08-25 18:53:10 +02:00
David Smith
3744467589 nixos/curator: init elasticsearch curator
https://www.elastic.co/guide/en/elasticsearch/client/curator/5.5/index.html
2018-08-25 18:53:10 +02:00
Bas van Dijk
7d04961c95
Merge pull request #44389 from Mic92/es6
elasticsearch: use 6.x as default version, remove unsupported releases
2018-08-25 17:04:07 +02:00
Uli Baum
268bb4ea3c nixos/tests/munin: fix non-deterministic failure
- wait for node to listen before starting munin-cron
- increase timeout for munin-cron startup
- disable a failing plugin to remove irrelevant error message
2018-08-25 14:27:41 +02:00
Vladyslav Mykhailichenko
d73fd69952 iwd: 0.4 -> 0.7 2018-08-25 15:26:52 +03:00
adisbladis
dff43f10f6
Merge pull request #45608 from etu/fix-gitea-locale-updates
nixos/gitea: Symlink gitea locales to match running gitea version
2018-08-25 15:25:27 +08:00
Elis Hirwing
a098cc98d9
nixos/gitea: Symlink gitea locales to match running gitea version
This prevents issues when gitea adds new locales etc. And if they
change locale values in future versions. Or if you rollback to a
previous version of gitea it might be a good idea to use the previous
locale files.
2018-08-25 09:19:53 +02:00
Eric Wolf
7f8b1dd32f systemd: added groups kvm, render
they need to exist according to the README of systemd
2018-08-25 05:18:53 +03:00
Sarah Brofeldt
8f61e96c1e nixos/datadog-agent: Fix type of use_dogstatsd (#45587) 2018-08-25 00:18:59 +02:00
Samuel Dionne-Riel
41e7de42de Use a themed grub for the installer image
This replaces systemd-boot with grub, it is at feature parity, as in it
can do everything systemd-boot did in the previous commit.
2018-08-24 13:04:56 -04:00
Samuel Dionne-Riel
2f7d9c9f78 Adds refind to the installer image.
This is a 277K (as of right now) addition that can greatly help in some
last recourse scenarios. The specific rEFInd setup will not be able to
boot the installer image, but this is not why it has been added. It has
been added to make use of its volumes scanning capabilities to boot
existing EFI images on the target computer, which is sometimes necessary
with buggy EFI. While is isn't NixOS's job to fix buggy EFI, shipping
this small bit with the installer will help the unlucky few.

Example scenario: two wildly different EFI implementation I have
encountered have fatal flaws in which they sometimes will lose all the
settings, this includes boot configuration. This is compounded by the
fact that the two specific and distinct implementation do not allow
manually adding ESP paths from their interface. The only recourse is to
let the EFI boot the default paths, EFI/boot/boot{platform}.efi, which
is not a default location used by the NixOS bootloaders. rEFInd is able
to scan the volumes and detect the existing efi bootloaders, and boot
them successfully.
2018-08-24 13:04:56 -04:00
Samuel Dionne-Riel
853475fed7 Fixes isolinux configuration for new artwork. 2018-08-24 13:04:56 -04:00
Uli Baum
672a0ebd80 nixos/tests/wordpress: fix test
- explicitly add dbHost to fix test
- remove unnecessary options that are set by default anyway
2018-08-24 15:48:39 +02:00
Bas van Dijk
551fec4467 Merge branch 'master' into es6 2018-08-23 23:41:27 +02:00
Ryan Mulligan
5c5baaf17d treewide: remove mailing list references 2018-08-23 09:24:44 -07:00
volth
d4ef7c6772 usb-storage -> uas
Following up https://github.com/NixOS/nixpkgs/pull/23665

Bootable USB-drives are not limited to ISO-images, there can be "normal" MBR/GPT-partitioned disk connected via USB-rack.
Also, "uas" implies "usb-storage", so there is no need to mention both.
2018-08-23 01:42:34 +00:00
Samuel Dionne-Riel
05310e3172
Merge pull request #44919 from Vodurden/init-undervolt
undervolt: init at 0.2.8
2018-08-22 10:13:55 -04:00
Sarah Brofeldt
4c6171c173 nixos/dhcpcd: Wait for devices to settle 2018-08-22 00:20:28 +02:00
Ben Wolsieffer
6897945879 nixos/networkd: replace range with assertRange 2018-08-22 00:11:14 +02:00
xeji
d9e5447e7f
Merge pull request #45405 from NixOS/nixos-netboot-dedup
nixos/netboot: Remove redundant setting
2018-08-21 23:24:27 +02:00
Sarah Brofeldt
f8306941b7
Merge pull request #45441 from lopsided98/cfssl-user-fix
nixos/cfssl: don't create user/group unless service is enabled
2018-08-21 22:42:29 +02:00
Ben Wolsieffer
c6191c8abf nixos/cfssl: don't create user/group unless service is enabled 2018-08-21 16:24:31 -04:00
Robert Schütz
33be3c4630 home-assistant: 0.75.2 -> 0.76.1
Also simplify the way overrides are defined for better readability
and use the opportunity to introduce a packageOverrides option.
2018-08-21 19:26:54 +02:00
Samuel Dionne-Riel
73d348c8eb
Merge pull request #45215 from srhb/no-password-install
nixos/doc: New installer note on unattended installs
2018-08-21 10:25:08 -04:00
Michael Raskin
980cbff93c
Merge pull request #45353 from aanderse/redmine
redmine: 2.5.2 -> 3.4.6
2018-08-21 14:04:02 +00:00
Will Fancher
f0957b9477 sd-image: Fix cross compiling 2018-08-21 14:05:23 +03:00
Will Fancher
47d2f92a05 make-ext4-fs: Fix cross compiling 2018-08-21 14:05:23 +03:00
volth
341250fa10 qemu: 2.12.1 -> 3.0.0 2018-08-20 22:02:02 +00:00
John Ericson
85cbf2e6e7
nixos/netboot: Remove redundant setting
@volth tells me that is the default for `system.boot.loader.kernelFile` anyways.
2018-08-20 16:52:24 -04:00
Joachim F
69d3bdfa16
Merge pull request #44631 from dasJ/terraria
nixos/terraria: Wait for daemon to stop
2018-08-20 20:23:34 +00:00
Janne Heß
943786eccf nixos/terraria: Wait for daemon to stop 2018-08-20 21:41:29 +02:00
John Ericson
7d85ade0cc treewide: Purge stdenv.platform and top-level platform
Progress towards #27069
2018-08-20 15:22:46 -04:00
John Ericson
f0d6e22b7f
Merge pull request #45397 from volth/patch-233
$toplevel/system: buildPlatform.system -> hostPlatform.system
2018-08-20 14:36:13 -04:00
volth
72f5078beb
top-level.nix: stdenv.platform -> stdenv.hostPlatform.platform
because stdenv.platform is stdenv.buildPlatform.platform
2018-08-20 18:20:57 +00:00
volth
6efaa88fcc
$toplevel/system: buildPlatform.system -> hostPlatform.system 2018-08-20 18:12:13 +00:00
Jake Woods
4142020e45 nixos/undervolt: adding undervolt module
We want to be able to configure persistent undervolting
in the NixOS configuration
2018-08-20 21:01:19 +10:00
Michael Peyton Jones
854ebed789
system-path: fix default option value 2018-08-20 09:23:11 +01:00
Aaron Andersen
c93c0f3ae4 removed some local development stuff 2018-08-19 16:41:49 -04:00
Aaron Andersen
bb7568daf7 reworked the redmine service
added some security features like database.passwordFile
2018-08-19 16:29:44 -04:00
Sarah Brofeldt
05d85a267f nixos/doc: New installer note on unattended installs 2018-08-19 19:54:10 +02:00
Aaron Andersen
5984ed283f started working on bringing the redmine package back to life using gitlab as an example 2018-08-19 08:09:38 -04:00
Tobias Happ
17876c2cf1 nixos/zsh: Adds enableGlobalCompInit option 2018-08-19 12:57:06 +02:00
Jake Woods
64223a2c1b nixos/thermald: add manual config file
thermald has two modes: zero-config and manual. Sometimes it is useful
to manually configure thermald to achieve better thermal results or to give
thermald a hand when detecting possible cooling options.
2018-08-19 15:54:42 +10:00
Silvan Mosberger
eacaaa2161
Merge pull request #44880 from srghma/build-max-jobs-auto
nixos/nix-daemon: build-max-jobs, add support to auto
2018-08-18 16:46:08 +02:00
srghma
37e2ebdfbc nixos/nix-daemon: build-max-jobs, add support to auto 2018-08-18 14:45:12 +03:00
Vladimír Čunát
cbabebcc2e
Merge branch 'master' into staging-next
Hydra: ?compare=1473892
2018-08-17 13:45:21 +02:00
Tuomas Tynkkynen
58dc26180f nixos: Fix iso_graphical evaluation
I broke it:
in job ‘nixos.iso_graphical.x86_64-linux’:
The option `services.udisks2.enable' has conflicting definitions, in `/nix/store/bwcjw1ddj94q83vbbnq1nnrs5aisaw59-source/nixos/modules/profiles/installation-device.nix' and `/nix/store/bwcjw1ddj94q83vbbnq1nnrs5aisaw59-source/nixos/modules/services/x11/desktop-managers/plasma5.nix'.
2018-08-17 07:43:58 +03:00
Tuomas Tynkkynen
571fb74f44 installer: Disable udisks
Due to whoever-knows-what, udisks nowadays pulls in GTK+ et al. But it
shouldn't be needed anyway in the installer, so disable it.
2018-08-17 06:56:51 +03:00
Tobias Happ
ca3e9a7096 teamspeak_server: 3.0.13.6 -> 3.3.0 2018-08-17 00:25:31 +02:00
Michael Peyton Jones
1b11fdd0df
system-path: allow other modules to provide setup fragments 2018-08-16 21:23:34 +01:00