Commit graph

3060 commits

Author SHA1 Message Date
Eelco Dolstra
7810f7f61a Build unit files locally 2013-06-20 19:39:09 +02:00
Peter Simons
8dad56384e Merge pull request #193 from offlinehacker/cgminer
Add cgminer crypto currency miner
2013-06-20 03:10:54 -07:00
Jaka Hudoklin
aa548ef803 Add cgminer crypto currency miner 2013-06-20 09:01:11 +00:00
Eelco Dolstra
0f6e9ba946 Unconditionally add ~/bin to $PATH 2013-06-19 13:56:05 +02:00
Vladimír Čunát
c4929aaf78 Merge branch 'master' into x-updates 2013-06-17 22:27:53 +02:00
Zef Hemel
a1c159bc4c Removed options that are not vital, added an extraConfig for any
additional configuration options for flexibility.
2013-06-17 14:06:02 -04:00
Jaka Hudoklin
84b5363090 Tarball should get ip from dhcp even if booting from nfs 2013-06-16 16:22:45 +00:00
Bjørn Forsman
8c3264466a lighttpd: improve module handling
lighttpd doesn't support loading a module more than once. If you attempt
to load a module again, lighttpd prints an error message:

  (plugin.c.131) Cannot load plugin mod_cgi more than once, please fix your config (we may not accept such configs in future releases

And it's not just the error message. The module isn't loaded (or is
messed up somehow) so that neither sub-service will work properly after
this.

This is bad news for the current approach to sub-services, where each
sub-service lists the needed modules in a server.modules += (...) block.
When two sub-services need the same module we get the above issue. (And,
AFAIK, there is no way to check if a module is already loaded either.)

First I thought about an approach where each sub-service specifies the
list of plugins it needs, and that a common server.modules = (...) list
is built from the union of those lists. That would loosly couple the
sub-services with the main lighttpd nixos module expression. But I think
this is a bad idea because lighttpd module loading order matters[1], and
the module order in the global server.modules = (...) list would be
somewhat cumbersome to control.

Here is an example:

Sub-service A needs mod_fastcgi. Sub-service B needs mod_auth and
mod_fastcgi. Note that mod_auth must be loaded *before* mod_fastcgi to
take effect. The union of those modules may either be ["mod_auth"
"mod_fastcgi"] or ["mod_fastcgi" "mod_auth"] depending on the evaluation
order. The first order will work, the latter will not.

So instead of the above, this commit moves the modules from
service.modules += (...) snippets in each sub-service to a global
server.modules = (...) list in the main lighttpd module expression. The
module loading order is fixed and each module is included only if any of
the sub-services that needs it is enabled.

The downside to this approach is that sub-services need a (tiny) bit of
change to the main lighttpd nixos module expression. But I think it is
the only sane way to do it (as long as lighttpd is written the way it
is).

References:
  [1] http://redmine.lighttpd.net/projects/1/wiki/Server_modulesDetails
  [2] http://redmine.lighttpd.net/issues/2337
2013-06-16 13:15:29 +02:00
Vladimír Čunát
d85ec960d1 Merge branch 'master' of git://github.com/NixOS/nixos into x-updates 2013-06-15 08:43:45 +02:00
aszlig
2fa7f63bd0
agetty: Add 57600 to the baud rate list.
This is because it's quite commonly used in the wild. Especially at some "weird"
server hosters (no names here) which doesn't allow to change the baudrate for
their serial consoles.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-06-14 17:55:37 +02:00
aszlig
3bf1210635
zabbix-server: Swap order of database population.
Starting with Zabbix 2.0 the order of data imports is important[*] and will lead
to errors if not done in the right order. Zabbix 1.8 works fine with the swapped
order as well, so this change shouldn't affect any pre-2.0 users.

[*] https://www.zabbix.com/documentation/2.0/manual/appendix/install/db_scripts

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-06-13 03:34:29 +02:00
aszlig
62d5282602
zabbix-server: Make it easier to use peer auth.
Quoting from the manual about DBHost:

```
In case of MySQL localhost or empty string results in using a socket. In case of
PostgreSQL only empty string results in attempt to use socket.
```
https://www.zabbix.com/documentation/2.0/manual/appendix/config/zabbix_server

With this commit we should avoid some race conditions in systemd, because if the
host is set to "", there is no condition that postgresql has to be started prior
to the Zabbix server.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-06-13 03:34:28 +02:00
aszlig
a5c6a36466
apache-httpd/zabbix: Set max_input_time.
At least the Zabbix 2.x web installer requires max_input_time to be set to 300
seconds. As it doesn't hurt to set it for the 1.x versions, I'm including it
here.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-06-13 02:31:35 +02:00
aszlig
8990470951
apache-httpd/zabbix: Allow custom configFile.
If option is left by its default value, behaviour is the same as before, using
the configuration file created by the web interface.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-06-13 02:28:23 +02:00
aszlig
bf28d5c109
zabbix-server: Add PID file to systemd config.
This is to avoid (in some cases) constant restarting of the Zabbix server, which
causes odds bugs and crashes in the exit handler (if it's too early during
startup).

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-06-13 01:56:09 +02:00
Eelco Dolstra
7cf23a740d Update the default binary cache URL to cache.nixos.org 2013-06-12 14:23:33 +02:00
Eelco Dolstra
4b0d6a0759 nscd: Restart if /etc/hosts changes 2013-06-11 16:15:24 +02:00
Eelco Dolstra
b3f04718cf Use stable Nix by default 2013-06-11 12:10:58 +02:00
Zef Hemel
bcf3a7bbf6 Fixed: now using the configured redis package. 2013-06-07 11:37:58 +02:00
Zef Hemel
6b4d76c2c2 Added redis service with bunch of documentation. 2013-06-07 11:34:05 +02:00
Vladimír Čunát
2451d1794b Merge branch 'master' into x-updates 2013-06-05 17:22:35 +02:00
Eelco Dolstra
365307ada1 nixos-rebuild: Handle .version-suffix not being writable
Reported by @vcunat.
2013-06-05 17:10:46 +02:00
Eelco Dolstra
d210f30fa7 Omit GRUB if boot.loader.grub.device is set to "nodev"
If we only need to generate a GRUB boot menu, we don't need GRUB
itself.  This cuts 38 MiB from EC2 system closures (in particular
because it gets rid of the need for the 32-bit Glibc).
2013-06-04 14:07:25 +02:00
Evgeny Egorochkin
2b63b67aa4 Merge pull request #174 from wizeman/apparmor-transmission
transmission: Add apparmor profile
2013-06-04 03:20:49 -07:00
Evgeny Egorochkin
6e6061e6b3 TOR: add obfsproxy support by default for TOR bridges 2013-06-04 13:03:37 +03:00
Mathijs Kwik
824b5b645a openvpn: fix type error
either use
- optional cond "target"
or
- optionals cond ["target1" "target2"]
2013-06-04 07:45:58 +02:00
Sander van der Burg
e776c0623d Fixed disnix service to use systemd's dependency facilities 2013-06-03 01:34:22 +02:00
Evgeny Egorochkin
e3bbf38ec9 Merge pull request #178 from bjornfor/lighttpd-cgit-subservice
lighttpd: add cgit sub-service
2013-06-02 14:18:21 -07:00
Evgeny Egorochkin
6ab6eeceb7 Merge pull request #179 from bjornfor/lighttpd-gitweb-improvements
lighttpd: gitweb: add extraConfig option
2013-06-02 14:09:23 -07:00
Bjørn Forsman
3d48da72a9 lighttpd: gitweb: add extraConfig option
So that we can append custom configuration text to the end of the
generated gitweb.conf file.
2013-06-02 19:26:55 +02:00
Bjørn Forsman
b1f82e428a lighttpd: add cgit sub-service
(cgit is "a hyperfast web frontend for git repositories written in C")

cgit is enabled like this (assuming lighttpd is already enabled):

  services.lighttpd.cgit.enable = true;

and configured verbatim like this (contents of the cgitrc file):

  services.lighttpd.cgit.configText = ''
    cache-size=1000
    scan-path=/srv/git
  '';

cgit will be available from this URL: http://yourserver/cgit

In lighttpd, I've ensured that the cache dir for cgit is created if cgit
is enabled.
2013-06-02 18:41:18 +02:00
Lluís Batlle i Rossell
70fd5422a7 Adding iw to systemPackages. 2013-06-02 14:27:39 +02:00
Peter Simons
08eba4c114 atd: don't enable at daemon by default
The at daemon doesn't work on NixOS [1], so enabling it by default
doesn't seem useful. I'd argue that it shouldn't be enabled by default
even if it worked, actually.

[1] http://lists.science.uu.nl/pipermail/nix-dev/2013-April/011048.html
2013-06-01 11:39:09 +02:00
Evgeny Egorochkin
3bb97667b8 Merge pull request #167 from wizeman/domain
Set the domain name of the machine
2013-05-30 09:14:25 -07:00
Vladimír Čunát
a5a7c8ad78 Merge branch 'master' into x-updates 2013-05-29 23:32:05 +02:00
Vladimír Čunát
40d61bfe36 Revert "networkmanager: clean some attrs missing in nixpkgs x-updates"
This reverts commit a649bbea4e.
2013-05-29 23:31:47 +02:00
Evgeny Egorochkin
421fb9d585 Merge pull request #173 from wizeman/apparmor-service
Apparmor service fixes
2013-05-28 16:46:30 -07:00
Evgeny Egorochkin
a518e09ec3 Merge pull request #172 from wizeman/apparmor-ping
apparmor: Fix broken iputils/ping profile
2013-05-28 16:37:11 -07:00
Domen Kozar
53390a2da9 add networkmanager_openvpn to systemPackages 2013-05-29 00:38:50 +02:00
Ricardo M. Correia
0a0beadecd transmission: Add apparmor service dependency 2013-05-28 18:00:21 +00:00
Ricardo M. Correia
531b581636 apparmor: Fix service stop
When stopping the apparmor service, the profile removal failed with
parsing errors due to not including the
${pkgs.apparmor}/etc/apparmor.d directory.
2013-05-28 17:49:52 +00:00
Ricardo M. Correia
84c0af80d7 apparmor: Fix loading multiple profiles
apparmor's systemd service wasn't working when multiple profiles were
defined, due to the ExecStart commands in the service file being
broken into multiple lines, instead of being separated by ';'.
2013-05-28 17:21:22 +00:00
Ricardo M. Correia
2e61811284 transmission: Add apparmor profile 2013-05-28 17:19:15 +00:00
Ricardo M. Correia
eb01d87b31 apparmor: Fix broken iputils/ping profile 2013-05-28 14:17:29 +00:00
Eelco Dolstra
2ec6759f5f openvpn.nix: Use systemd.*
Also add an option ‘autoStart’ to configure whether an OpenVPN
instance should be started automatically.  And don't log to
/var/log/openvpn-* anymore.
2013-05-28 14:39:48 +02:00
Ricardo M. Correia
7f9fc8d817 Set the domain name of the machine
The domain name was not being set before, even if the administrator
properly configured the networking.domain option in
/etc/nixos/configuration.nix.
2013-05-28 08:49:14 +00:00
Lluís Batlle i Rossell
f60393975f gnunet: it was missing extraGroups 2013-05-28 10:19:59 +02:00
Peter Simons
717dc3b858 Merge pull request #169 from wizeman/chrony
Add chrony service
2013-05-25 02:25:57 -07:00
Ricardo M. Correia
76046850fe atop: Add basic config option for /etc/atoprc 2013-05-23 11:14:24 +00:00
Ricardo M. Correia
6336048c58 chrony: properly set rtconutc option, and add a few more options 2013-05-23 03:00:09 +00:00
Ricardo M. Correia
02d9a8066a Add chrony service
Also, do not build and add ntp to the system unless it is enabled.
2013-05-23 02:07:49 +00:00
Rickard Nilsson
70586f03fe systemd.sockets: Add listenStreams option for specifying several sockets 2013-05-20 16:26:24 +02:00
Domen Kozar
a29c306958 bacula: add ExecReload 2013-05-18 13:29:54 +02:00
Domen Kozar
000d5a62aa bacula: file daemon needs to run as root 2013-05-18 12:29:14 +02:00
Eelco Dolstra
07406231e3 zabbix: Don't set the mbstring.func_overload option
This breaks MediaWiki running in the same web server.  Zabbix no
longer seems to need it anyway.
2013-05-17 15:34:26 +02:00
Eelco Dolstra
97689f9062 mediawiki: Update to 1.20.5 2013-05-17 13:38:20 +02:00
Mathijs Kwik
0e9a963b42 kde4: use udisks2 for kde versions that support it.
Currently, none do, although kde 4.10 is supposed to be able to use it.
2013-05-17 09:33:00 +02:00
Mathijs Kwik
4630ad4d26 filesystems: add priority option for swap devices.
Useful for setting up raid0-like load balancing for swap.
By giving multiple swap devices the same prio.
2013-05-17 09:22:07 +02:00
Mathijs Kwik
085ccc8199 btrfs: btrfsck is now actually the same binary as "btrfs"
symlinked to save space.
2013-05-17 09:22:07 +02:00
Vladimír Čunát
a13d1c3363 mesa WIP: fix bad symlinking, thanks to jack_c on IRC 2013-05-16 23:52:17 +02:00
Domen Kozar
40fb90a295 bacula: generate bconsole config 2013-05-16 21:58:24 +02:00
Vladimír Čunát
a649bbea4e networkmanager: clean some attrs missing in nixpkgs x-updates
Just temporary hack.
2013-05-16 17:24:26 +02:00
Vladimír Čunát
0ad87ab46e WARNING: history will change from now on (mesa updates)
Fix some paths set, drivers in mesa_drivers now, WIP.
2013-05-16 17:23:31 +02:00
Evgeny Egorochkin
da7d6a4cce Merge pull request #125 from MarcWeber/submit/when-enabling-wacom-add-xsetwacom-to-path
When enabling wacom put xsetwacom in PATH.
2013-05-15 09:51:17 -07:00
Rob Vermaas
3b00eca8e9 Add varnish to module-list.nix 2013-05-15 14:36:17 +02:00
Eelco Dolstra
0277126699 Return exit code 127 if a command is not found 2013-05-15 12:52:15 +02:00
Eelco Dolstra
95d02c0c40 initrd: Remove serio and atkbd
These modules don't exist as far as I can tell.
2013-05-15 12:52:15 +02:00
Eelco Dolstra
b3ae70ddb6 initrd: Add ehci_pci and hid_generic
These are required to get some (all?) USB keyboards to work in recent
kernels.
2013-05-15 12:52:14 +02:00
Eelco Dolstra
f5233bbf82 Remove tabs 2013-05-15 12:52:14 +02:00
Shea Levy
2c4db1a6cf Don't copy libz and liblzo2 twice to the initrd
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-05-14 23:35:10 -04:00
Shea Levy
51bc82960a btrfsck doesn't respect any flags
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-05-13 14:25:48 -04:00
Shea Levy
9b4991d3f4 Fix btrfs in the initrd.
With NixOS/nixpkgs@7761952d06 , btrfs requires libz and liblzo2

Signed-off-by: Shea Levy <shea@shealevy.com>
2013-05-13 14:16:53 -04:00
Shea Levy
7f7ada53cf Add a basic (currently failing) sanity check for btrfsProgs-in-initrd
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-05-13 14:07:38 -04:00
Domen Kozar
edd77af3fe add openvpn config file to networkmanager service 2013-05-13 17:52:26 +02:00
Eelco Dolstra
4e6f6d0215 Use pam_loginuid
This set the loginuid property of processes for auditing.
2013-05-13 11:27:21 +02:00
roconnor
aa1289dd91 Merge pull request #159 from NixOS/nginx-fullWebDAV
Add options for user and group to run nginx as.
2013-05-12 15:32:59 -07:00
Rob Vermaas
0f930a00f8 Add varnish module 2013-05-12 20:32:25 +02:00
Jaka Hudoklin
b345417bc5 Fix pxe network boot 2013-05-11 19:42:19 +00:00
Domen Kozar
078130767d add openvpn plugin to networkmanager 2013-05-11 19:25:14 +02:00
Bjørn Forsman
09a7d18cc3 transmission.service: fix ignored ExecReload setting
This is what currently happens (from the journal log):

  [/nix/store/HASH-unit/transmission.service:27] Executable path is not absolute, ignoring: kill -HUP $MAINPID

Fix it by using absolute path to kill.
2013-05-11 12:15:35 +02:00
Evgeny Egorochkin
748ab74d1f AppArmor profiles for SUID binaries. At this moment only for ping. 2013-05-11 08:41:36 +03:00
Evgeny Egorochkin
d7cc2415ea AppArmor: try converting to a systemd unit 2013-05-11 08:40:45 +03:00
Evgeny Egorochkin
a9e4eca8bf Apparmor: check that we are running an AppArmor-enabled kernel. 2013-05-10 16:07:56 +03:00
Evgeny Egorochkin
44eb1bac65 Apparmor: add a warning 2013-05-10 14:57:48 +03:00
Eelco Dolstra
ffb581c739 Fix suspend in systemd
Systemd 203 expects the file /etc/systemd/sleep.conf to exist,
otherwise suspend doesn't work.
2013-05-09 16:26:13 +02:00
Eelco Dolstra
ebac0220d1 systemd.nix: Use environment.etc attribute syntax 2013-05-09 16:26:12 +02:00
Lluís Batlle i Rossell
4e38d152ed Adding synclient to systemPackages if synaptics is enabled. 2013-05-09 15:01:16 +02:00
Lluís Batlle i Rossell
4f71bce691 Adding miniupnpc to gnunet path, to be able to use upnp 2013-05-07 18:53:28 +02:00
Eelco Dolstra
6089b5b50c Increase PostgreSQL's shutdown timeout to 3 minutes
1 minute is too short, given that the autovacuum launcher often seems
to require exactly 1 minute to shut down.  (This might be a bug
related to autovacuum_naptime.)
2013-05-07 15:00:36 +02:00
Eelco Dolstra
8af81ad66b Don't start nscd if it's not already running
"systemctl restart" will start a service if it's not already
running...
2013-05-07 14:22:35 +02:00
Russell O'Connor
9c62645273 Add braces to fix compilation errors.
I don't understand how Apache gets away without them.
2013-05-06 11:11:04 -04:00
Russell O'Connor
76b7dea805 Make nginx uid and gid optional. 2013-05-06 10:49:23 -04:00
Evgeny Egorochkin
dc389c5d1e lighttpd: add gitweb as a sub-service
Now you can access gitweb at http://yourserver/gitweb by simply adding
this to configuration.nix (assuming services.lighttpd.enable = true);

  services.lighttpd.gitweb.enable = true;

The path to all bare repositories served by gitweb can be set with this
option (default value below):

  services.lighttpd.gitweb.projectroot = "/srv/git";

Based on patch contributed by Bjørn Forsman.
2013-05-06 13:51:09 +03:00
Evgeny Egorochkin
161086b205 lighttpd: add services.lighttpd.mod_status option
If true, show server status overview at /server-status, statistics at
/server-statistics and list of loaded modules at /server-config.

Patch contributed by Bjørn Forsman.
2013-05-06 13:51:09 +03:00
Evgeny Egorochkin
4b435b173f lighttpd: add services.lighttpd.mod_userdir option
If true, requests in the form /~user/page.html are rewritten to take
the file public_html/page.html from the home directory of the user.

Default is off.

Patch contributed by Bjørn Forsman.
2013-05-06 13:51:08 +03:00
Evgeny Egorochkin
5e32c9c8eb lighttpd: generate a default config file
Instead of forcing users to configure lighttpd manually, make it an
option. The current services.lighttpd.configText option can still be
used for manual configuration, but if it is left blank (default) we'll
use the new generated config file.

The generated config file ensures that the server drops root priveleges
and runs as the "lighttpd" user. It pulls in some new config params that
can be set in configuration.nix (here with default values):

  services.lighttpd.document-root = "/srv/www"
  services.lighttpd.port = 80
  services.lighttpd.extraConfig = ""  # appended to the generated file

And it enables access and error logging to the systemd journal.

Patch contributed by Bjørn Forsman.
2013-05-06 13:51:08 +03:00
Evgeny Egorochkin
39ba755873 Move lighttpd.nix to lighttpd/default.nix
So that we later can add sub-services for lighttpd without polluting the
web-servers/ directory.
2013-05-06 13:51:08 +03:00
Russell O'Connor
7c8c1dade5 Add options for user and group to run nginx as.
Add option to compile in full WebDAV support.
2013-05-05 15:44:06 -04:00
Phreedom
fc06f1ec60 Merge pull request #145 from maggesi/xen-updates
Remove obsolete option in Xen domU module
2013-05-05 09:38:19 -07:00
Phreedom
6c988a593a Merge pull request #136 from MarcWeber/submit/grubDevice
s/boot.grubDevice/boot.loader.grub.device/ to shut down warnings
2013-05-05 07:41:22 -07:00
Evgeny Egorochkin
d6df27277b ZFS: automatically import zpools and mount zfs filesystems.
Patch contributed by Jack Cummings.
2013-05-05 16:36:08 +03:00
Shea Levy
17f10f70ad Include xhci_hcd in the initrd for usb3 devices
Fixes #158, I don't think there is an `xhci' module

Signed-off-by: Shea Levy <shea@shealevy.com>
2013-05-04 11:35:01 -04:00
Shea Levy
faa064dbc7 32-bit gummiboot uses lower-case ia32
Thanks to iElectric in the channel for pointing it out

Signed-off-by: Shea Levy <shea@shealevy.com>
2013-05-04 11:26:56 -04:00
Phreedom
7190c867d6 Merge pull request #156 from modulistic/master
typo in networking.dnsSingleRequest documentation
2013-05-04 02:34:28 -07:00
modulistic
bdb22d37f1 typo in networking.dnsSingleRequest documentation 2013-05-04 11:26:56 +02:00
Evgeny Egorochkin
4b69de4a3d VirtualBox: udev rule to populate /dev/vboxusb.
After Linux 3.2(?), /proc/bus/usb (and usbfs (or usbdevfs?)) went away,
leaving virtualbox no way to determine what USB devices were connected
to the system. The solution was to add some virtualbox specific udev
rules to populate /dev/vboxusb with what was in /proc/bus/usb before.

Patch contributed by Jack Cummings.
2013-05-04 12:20:46 +03:00
Domen Kožar
01887f2c86 Merge pull request #100 from jcumming/hostapd.130224
proper hostapd dependencies
2013-05-04 01:38:45 -07:00
Rok Garbas
f5e720aba8 adding sensor option to thinkfan 2013-05-03 03:28:04 +02:00
Shea Levy
2415787040 gummiboot: Fix bug where old conf scripts for single-digit generations weren't removed
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-04-30 13:03:14 -04:00
Shea Levy
9bc021ceda Set the firmware_class path in modprobe.d
Activation scripts are run before systemd is started, so unless users
are loading firmware in the initrd (which AFAICT we currently have no
support for) the previous /sys-based setting of firmware_class was
ineffective on boot.

Signed-off-by: Shea Levy <shea@shealevy.com>
2013-04-30 11:46:34 -04:00
Peter Simons
ebb9f0e3fc atd: add "batch" to the list of programs that need a setuid wrapper 2013-04-27 22:42:19 +02:00
Lluís Batlle i Rossell
4637f6d878 Removing unneded imports for the display-manager.
Discussed in
2e088aa277 (commitcomment-3074283)
2013-04-28 00:19:04 +04:00
Domen Kožar
f34d79c351 Merge pull request #150 from bjornfor/nixos-install-fix-errormsg
nixos-install: fix error message consistency
2013-04-27 09:14:50 -07:00
Domen Kožar
c4ead79dd6 Merge pull request #149 from NixOS/networkmanager_suspend
restart networkmanager on suspend resume
2013-04-27 09:13:15 -07:00
Marc Weber
5f612ddfdc fix wacom hotplug and all Intuos 5 issues
- drop custom config:
  (please wacom using folks review this part and think
  about how to get it back if its important to you)

- put default config shipping with  xf86_input_wacom
  into /etc/X11/xorg.conf.d/
  which seems to be interpreted again when
  devices are hot plugged

- when starting x11, also provide xinput
  .. you never know when you need it

This fixes all problems I had:
- device only worked when plugged in, then xorg was started
(an alternative quick fix is switching to terminal by ctrl-alt-F1 and back)
- I had to disable some devices, because eg myaint switched input
device many times a sec rendering it unusable otherwise, some of those devices
configured did not work.

Details:
http://sourceforge.net/apps/mediawiki/linuxwacom/index.php?title=FAQ#Is_hotplugging_supported_for_my_USB_tablet.3F
See 12 -> HAL or xorg.conf.d
2013-04-27 03:37:47 +02:00
Lluís Batlle i Rossell
af0e751ee9 Making gnunet start properly (calling gnunet-service-arm directly) 2013-04-24 20:17:14 +04:00
Lluís Batlle i Rossell
f50014339a Putting the gnunet module up to date. It still doesn't start gnunet though.
No idea why.
2013-04-24 19:03:29 +04:00
Bjørn Forsman
ec13407807 nixos-install: fix error message consistency
The test is for path A but the error message says path B. Fix it.
2013-04-22 22:06:27 +02:00
Lluís Batlle i Rossell
b4af56d376 lightdm: improving a bit the indentation. 2013-04-22 23:32:11 +04:00
Oliver Charles
2e088aa277 lightdm: Initial expression for lightdm as the display-manager service (using default GTK greeter) 2013-04-22 23:32:10 +04:00
Domen Kozar
ec9dc730ec restart networkmanager on suspend resume 2013-04-22 19:36:14 +02:00
Eelco Dolstra
447691836a Create a /etc/zoneinfo symlink and use it in $TZDIR
Setting $TZDIR to ${pkgs.tzdata}/share/zoneinfo can cause logged-in
sessions to refer to a garbage-collected zoneinfo directory.  So use
/etc/zoneinfo instead.
2013-04-22 19:08:16 +02:00
Eelco Dolstra
945849b86f Don't set $TZ
We don't need to set $TZ, because we have /etc/localtime.  In fact,
setting $TZ without $TZDIR doesn't work anymore since Glibc no longer
contains zone info.
2013-04-22 18:56:19 +02:00
Evgeny Egorochkin
fa0f5bf72f Freenet: fix 2 typos 2013-04-22 16:50:58 +03:00
Mathijs Kwik
ae2f280b67 cron: set TZDIR so cron is able to find the TZ 2013-04-22 14:24:15 +02:00
Mathijs Kwik
006f328877 virtual network interfaces: make systemd aware of the relation between device and service
If I want to bring down tap0.service (or systemd wants to do this
during a configuration-change which changes the path to tunctl),
openvpn (or other services using tap0) need to be brought down as
well, otherwise tunctl -d is not able to remove the tap0 device,
leaving it in a failed (but "up") state.
2013-04-22 14:24:15 +02:00
Mathijs Kwik
8de00c328a systemd: add "requiredBy" option.
"require" is a stronger version of "want",
and just like wantedBy allows you to specify this relation in reverse,
requiredBy does the same.

It may seem pointless to be able to specify these stronger relations in
reverse, because if something is really required, you would expect the
other unit to specify this himself.

However, this is still useful for virtual/automatic units (like
devices) that are created by systemd on demand and hence have no unit
file you can alter.
2013-04-22 14:24:15 +02:00
Jaka Hudoklin
b230153cfd Merge branch 'master' of https://github.com/NixOS/nixos into nameservers
Conflicts:
	modules/tasks/network-interfaces.nix
2013-04-21 20:02:26 +02:00
Jaka Hudoklin
7427639b84 Static nameservers have precedence 2013-04-21 19:48:15 +02:00
Lluís Batlle i Rossell
7a71320a9c Adding freenet module 2013-04-21 11:27:41 +04:00
Vladimír Čunát
41ccade531 Merge pull request #132 from ierton/udisks2-v2
add udisks2 for Xfce
2013-04-20 01:36:14 -07:00
Shea Levy
e32774c270 rabbitmq.nix: Set SYS_PREFIX empty so files live in /var
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-04-19 10:49:46 -04:00
viric
204f5a3f4c Merge pull request #143 from viric/grub_all
Making grub display 'All configurations', not 'Old'
2013-04-17 08:05:09 -07:00
Lluís Batlle i Rossell
1caa1b96cb network-interfaces: fixing a cat/EOF piping confusion 2013-04-17 09:10:41 +02:00
Lluís Batlle i Rossell
927a3e3ff2 fcron: fixing the startOn, since upstart times. 2013-04-17 00:21:19 +02:00
Marco Maggesi
04415eb582 Remove obsolete option in Xen domU module 2013-04-16 19:46:22 +02:00
Shea Levy
cc1ae918bd Fix cut-off comment in generated configuration.nix
Pointed out by Mathnerd626 on irc

Signed-off-by: Shea Levy <shea@shealevy.com>
2013-04-16 13:34:37 -04:00
Moritz Ulrich
89cf51f2a4 Forgot semicolon. (M)
Signed-off-by: Moritz Ulrich <moritz@tarn-vedra.de>
2013-04-16 17:37:36 +02:00
Moritz Ulrich
4be036ca64 ssmtp: Add AuthUser and AuthPass options.
Signed-off-by: Moritz Ulrich <moritz@tarn-vedra.de>
2013-04-16 17:01:35 +02:00
Lluís Batlle i Rossell
3be4fd3f38 Making grub display 'All configurations', not 'Old'
That confused some people, as the first generation shown is
the 'current'.
2013-04-16 11:09:25 +02:00
viric
7d2ec75ae7 Merge pull request #128 from pSub/bitlbee
Bitlbee: updated for systemd; added more options like AuthMode
2013-04-14 12:49:18 -07:00
orbitz
388d83c586 Set required nginx options and sane default 2013-04-14 11:17:16 +02:00
orbitz
8e7bb847c6 Cleanup whitespaces 2013-04-14 11:14:27 +02:00
Jack Cummings
edc12de8c9 add wantedBy network.target so that hostapd starts by default 2013-04-12 23:25:32 -07:00
Shea Levy
ce8c145a98 nixos-install: Include nix's perl libs in perl's INC
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-04-11 16:18:24 -04:00
Shea Levy
6e0723bac6 nixos-install: Mound nixos and nixpkgs src directly
Previously nixos-install would fail if nixos and nixpkgs weren't on the same mountpoint as /

Signed-off-by: Shea Levy <shea@shealevy.com>
2013-04-11 16:12:43 -04:00
Eelco Dolstra
e28b0453bf MediaWiki: Update to 1.20.3 2013-04-11 17:29:34 +02:00
Eelco Dolstra
56e678725d Remove Upstart reference 2013-04-11 17:29:34 +02:00
Peter Simons
e627d309fd bash-completion: support the "$out/share/bash-completion" location used by modern packages 2013-04-11 00:48:58 +02:00
Marc Weber
9bf073b58b s/boot.grubDevice/boot.loader.grub.device/ to shut down warnings 2013-04-10 23:54:37 +02:00
Shea Levy
a215600335 nixos-install: Unmount efivars if mounted
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-04-10 15:08:33 -04:00
Shea Levy
6a1e1fa108 nixos-install: Bind-mount efivars if it exists
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-04-10 09:15:54 -04:00
Rickard Nilsson
bf2707d359 unionfs-fuse: Fix conditional expressions 2013-04-10 14:06:29 +02:00
Rickard Nilsson
c59761e994 openldap: Adjust to systemd 2013-04-09 22:48:13 +02:00
Rickard Nilsson
0ccc107300 nslcd: Start after network.target (but don't require network) 2013-04-09 22:47:59 +02:00
Rickard Nilsson
b2b221d533 Add unionfs-fuse to system.fsPackages if needed 2013-04-09 16:44:14 +02:00
Eelco Dolstra
86f11dadaa switch-to-configuration: Use full path to sync 2013-04-08 17:34:14 +02:00
Domen Kozar
8d5c252ae1 add thinkfan service 2013-04-06 23:35:04 +02:00
Florian Friesdorf
92ad293d02 iso_minimal_new_kernel 2013-04-06 18:24:50 +02:00
Shea Levy
52fc087296 Revert "postgresql: version the dataDir by default"
This reverts commit 7f1e728606.

This would have been nice if we had had it from the start, but now it
just breaks things for existing users. Maybe we can add it conditionally
when new postgres versions come out.

Signed-off-by: Shea Levy <shea@shealevy.com>
2013-04-05 09:20:50 -04:00
Shea Levy
56a60c7fe6 Revert "Fix nixos evaluation on systems that haven't set postgresql.package"
This reverts commit 1e543984bc.

This would have been nice if we had had it from the start, but now it
just breaks things for existing users. Maybe we can add it conditionally
when new postgres versions come out.

Signed-off-by: Shea Levy <shea@shealevy.com>
2013-04-05 09:19:23 -04:00
Shea Levy
1e543984bc Fix nixos evaluation on systems that haven't set postgresql.package
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-04-05 08:01:06 -04:00
Shea Levy
7f1e728606 postgresql: version the dataDir by default
Among other things, this will make migrating between versions easier

Signed-off-by: Shea Levy <shea@shealevy.com>
2013-04-05 07:55:02 -04:00
Mathijs Kwik
58240e2304 add e17 desktop manager
desktop-manager is a bit misleading in this case as there is no
session yet and most apps are still missing. This can eventually
grow further once more e17 apps get packaged for nix.

However, for now, I need to initialize some e17 dbus services to
have the "terminology" terminal emulator provide gfx previews.
2013-04-04 22:19:22 +02:00
Mathijs Kwik
57dc4b9188 xsession: add config option to let systemd handle lid/power events 2013-04-04 22:19:22 +02:00
Mathijs Kwik
fd6b48783d remove redundant if 2013-04-04 22:19:22 +02:00
Mathijs Kwik
3c8d95f726 xsession: remove duplicate sourcing of /etc/profile 2013-04-04 22:19:22 +02:00
Eelco Dolstra
a446fa9099 PostgreSQL: Don't specify a default PostgreSQL package
The user should specify which major version to use
(e.g. "services.postgresql.package = pkgs.postgresql92").  We can't
really provide a sensible default, because such a default would have
to be updated from time to time, and there is no automated upgrade
procedure.  So leave upgrading to the user.
2013-04-04 18:21:51 +02:00
Sergey Mironov
303794e0d7 Xfce: use udisks2 instead of udisks
Enabling udisks2 allows gvfs (which should be built with udisks support) to
perform mount/unmount operations on removable drives. It affects Thunar and
probably other Gtk-based file managers.

Gvfs doesn't supports earlier versions of udisks.
2013-04-04 12:09:26 +04:00
Sergey Mironov
4b504d8bba udisks2: add udisks2 service
Udisks2 is a Dbus service started by systemd on demand.
2013-04-04 12:06:34 +04:00
Rickard Nilsson
3d93fb9243 xbmc: Use /var/run/lirc/lircd as lirc socket
The latest version of the lirc daemon uses /var/run/lirc/lircd, not
/dev/lircd that xbmc uses as default.
2013-04-03 23:16:27 +02:00
Shea Levy
1def5bad35 Revert "Use the new net.ifnames kernel command line flag to disable persistent interface names"
As @edolstra pointed out, this behavior is not equivalent to what we had
before as the kernel command line parameter won't take effect until the
next boot. Probably it's not likely that someone will make this change
and then add a network card before rebooting, but might as well support
that since we can.

This reverts commit f7563698df.

Signed-off-by: Shea Levy <shea@shealevy.com>
2013-04-03 07:37:04 -04:00
Eelco Dolstra
ee29054da1 Create an empty /etc/resolv.conf to shut up nscd 2013-04-03 13:27:41 +02:00
Eelco Dolstra
fef5a18587 Enable sudoedit 2013-04-03 13:27:41 +02:00
Peter Simons
0139f015be modules/config/networking.nix: strip trailing whitespace 2013-04-03 12:48:36 +02:00
Peter Simons
e2eaae1155 Let resolvconf 'restart' the nscd service instead of 'reload'ing it.
Sometimes nscd starts up before a /etc/resolv.conf file has been written, and
apparently triggering a cache flush (reload) is not good enough to make it
recover from that problem. To remedy the issue, we restart the service instead.
See <https://github.com/NixOS/nixos/issues/34> for further details.
2013-04-03 12:48:25 +02:00
Pascal Wittmann
c4b3b71917 Bitlbee: create homedir; do not use /etc/bitlbee.conf 2013-04-02 00:08:17 +02:00
Shea Levy
cf3ef6a1fc Merge branch 'lighttpd' of git://github.com/bjornfor/nixos into upstream-master
Moves config file into the store rather than polluting etc, which has a
number of benefits

Signed-off-by: Shea Levy <shea@shealevy.com>
2013-04-01 13:09:23 -04:00
Shea Levy
f7563698df Use the new net.ifnames kernel command line flag to disable persistent interface names
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-04-01 07:03:00 -04:00
Shea Levy
863c6f2490 Fix missed kernel->kernelDev change
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-04-01 06:08:30 -04:00
Domen Kozar
969c577173 fixes #127 2013-03-31 21:18:57 +02:00
Bjørn Forsman
395bc5d05c lighttpd: restart service if config changes
Using /etc/lighttpd.conf "hides" the config file from NixOS so that it
will not automatically restart the service when its config file changes.
So don't do that.
2013-03-31 18:06:43 +02:00
Eelco Dolstra
f40a38b2c8 Remove /etc lock files at boot time 2013-03-31 15:40:13 +02:00
Lluís Batlle i Rossell
86c1e10a43 Setting pam otpw *after* pam_unix, for dovecot failed auth messages.
I think it's nice that it first asks the usual password, and then offers the
otpw one if enabled. That enables dovecot to show the last pam prompt.

I also add the dovecot option for that.
2013-03-30 22:25:19 +01:00
Lluís Batlle i Rossell
c53bd1b279 pam: adding otpw optional, default false 2013-03-30 21:06:23 +01:00
Pascal Wittmann
8d0a7cb6d2 Bitlbee: tabs to spaces 2013-03-29 12:51:47 +01:00
Pascal Wittmann
e33af28567 Bitlbee: hardcode username and configdir; homedir == configdir 2013-03-29 12:37:06 +01:00
Pascal Wittmann
4af26d582c Bitlbee: updated for systemd; added more options like AuthMode 2013-03-29 10:28:54 +01:00
Eelco Dolstra
fbde5e027e Sync after installing the boot loader
Previously we synced just before calling switch-to-configuration.
That prevents corruption of the Nix store, but it can leave the boot
loader configuration and kernel files in /boot corrupted.  So do the
sync after installing the boot loader.
2013-03-28 16:11:54 +01:00
Eelco Dolstra
9000fd81d5 Hack: force timers.target to be started
Usually timers.target is pulled in by basic.target, but we don't
restart basic.target.  So timers.target wouldn't be started when
coming from an older systemd.
2013-03-28 15:02:11 +01:00
Eelco Dolstra
c2977f134e nix-gc.timer: Fix the start time 2013-03-28 13:35:07 +01:00
Eelco Dolstra
7ad91f31d6 Add support for systemd timers 2013-03-28 11:54:19 +01:00
Eelco Dolstra
9c3a31ff4c Clear /proc/sys/kernel/hotplug again
Otherwise the kernel will pointlessly try to invoke /sbin/hotplug all
the time.  Another feature lost in the systemd switch.
2013-03-27 23:03:37 +01:00
Eelco Dolstra
c039e286b9 Set the kernel.poweroff_cmd sysctl
This allows Xen (and EC2) to power off an instance properly.  We had
this before (see aeb89fc753), but it got
lost in the systemd migration.
2013-03-27 23:03:37 +01:00
Eelco Dolstra
f3bea050f8 Updates for systemd 198/199 2013-03-27 23:03:37 +01:00
Eelco Dolstra
8b9216fdcb Don't set the firmware path in 3 different places 2013-03-27 23:03:37 +01:00
Domen Kozar
c52cb9bb65 add almir service 2013-03-27 11:47:28 +01:00
Shea Levy
6c6b0be503 iso_efi: Fix build
Thanks to mwc in irc for pointing it out

Signed-off-by: Shea Levy <shea@shealevy.com>
2013-03-26 14:36:53 -04:00
Shea Levy
652e2ab610 "Maintain" the tested job so I get notifications when it fails
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-03-26 12:35:28 -04:00
Shea Levy
89dd7b0f69 Revert "Don't mount /nix/store ro if it's a mountpoint"
Now that nixUnstable supports remounting in the "/nix/store is a
mountpoint" case, this is no longer necessary.

This reverts commit f1d48aec43.

Signed-off-by: Shea Levy <shea@shealevy.com>
2013-03-26 12:20:06 -04:00
Eelco Dolstra
991a78dd8b Use nixUnstable 2013-03-26 15:58:38 +01:00
Lluis Batlle
8881d1a920 Fixing the system tarball for the sheevaplug 2013-03-25 21:57:18 +01:00
Eelco Dolstra
1568b6858d Use programs.sqlite from the NixOS channel 2013-03-25 14:14:55 +01:00
Mathijs Kwik
b5e2ff4bed mongodb: v8 is the default javascript engine now 2013-03-25 08:10:36 +01:00
Eelco Dolstra
cc6bd6d7bb Fix evaluation if driSupport32Bit is enabled on NVIDIA 2013-03-24 22:08:01 +01:00
Marc Weber
bfc290421d When enabling wacom put xsetwacom in PATH.
I know that gnome/kde may have their own way to configure wacom tablets
2013-03-24 18:31:31 +01:00
Nicolas B. Pierron
8b2256686b Merge pull request #123 from MarcWeber/feed-upstream/toList
replace list by listOf using same style as for attrsOf
2013-03-23 16:21:21 -07:00
Domen Kozar
b8a1ccd16a Add bacula service 2013-03-23 01:23:59 +01:00
Peter Simons
c5ba924143 Revert "Add /run/nss to LD_LIBRARY_PATH".
Commit c948494342 exports too many shared
objects into the LD_LIBRARY_PATH, which causes problems with mplayer.
2013-03-21 11:25:25 +01:00
Peter Simons
83e7689d02 Merge pull request #107 from Davorak/fixXorgVMware
Fix Xorg-server on vmware inconjunction with
2013-03-21 03:18:05 -07:00
Rob Vermaas
ef28e8e70e Add WorkingDirectory default configuration value for rsyslog. 2013-03-17 21:36:25 +01:00
Rob Vermaas
9a9b53aa9f Add module for rsyslog. Although rsyslog is supposed to be a drop-in
replacement for sysklogd, it lacks some support for certain arguments
used in the default syslog module of NixOS.
2013-03-15 12:55:49 +01:00
Rickard Nilsson
be698e93a4 Merge hardware.pulseaudio and services.pulseaudio
More specifically, this removes services.pulseaudio and adds the option
hardware.pulseaudio.systemWide which defaults to false but can be used to turn
on the system-wide PulseAudio server (previously defined in
services.pulseaudio). Since the two PulseAudio modes are mutually exclusive
anyway (maybe not strictly true, but I don't think is a good idea combining
them) its nicer to be able to reuse server and ALSA configuration between them.

Also the system-wide PulseAudio service has been adjusted to systemd, and a few
things has been fixed (there was no alsa.conf before, for example).

The bottomline is that people that was using hardware.pulseaudio before should
be able to keep doing it in exactly the same way, and people that used
services.pulseaudio must switch over to hardware.pulseaudio.systemWide instead.
2013-03-14 23:33:45 +01:00
Marc Weber
f3e6b42258 replace list by listOf using same style as for attrsOf 2013-03-14 17:09:21 +01:00
Shea Levy
6e20c697cd alsa-store.service: Avoid unnecessary shell
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-03-13 19:58:35 -04:00
Shea Levy
7bbf034f93 alsa-store.service: Ensure /var/lib/alsa exists
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-03-13 19:48:58 -04:00
Peter Simons
8f679fef5b Merge pull request #116 from rickynils/nss
Add /run/nss to LD_LIBRARY_PATH
2013-03-13 02:57:32 -07:00
Rob Vermaas
28f3d02c29 symlink /etc/localtime was broken, /etc/localtime now points to a location in tzdata in stead of glibc 2013-03-12 10:56:43 +01:00
Shea Levy
d67d3b5b6a extraModprobeConfig: set type to types.lines
This makes it so multiple definitions are merged by adding a newline
between each entry, to avoid the need to add a newline to the end of
every definition of extraModprobeConfig. See #119 for an example of an
issue this has caused.

Signed-off-by: Shea Levy <shea@shealevy.com>
2013-03-12 05:51:45 -04:00
Rickard Nilsson
78f3da65ec Revert "nslcd: Require network.target"
This reverts commit af152556e3.

The network target is probably not really required, needs
further testing.
2013-03-12 09:38:22 +01:00
Jack Cummings
60e408dd6b need a newline in extraModprobeConfig 2013-03-11 02:02:10 -07:00
Peter Simons
415ff3c39a smartd: change 'devices' option from "list of strings" to "list of attribute sets"
The smartd used to expect a list of devices to monitor. After this patch, it
expects a list of attribute sets, which may have two attributes:

 - device: path to the device (required)
 - options: smartd options to apply to this particular device (optional)

A concrete example configuration would be:

  services.smartd = {
    enable = true;
    devices = [ { device = "/dev/sda"; } { device = "/dev/sdb"; options = "-d sat"; } ];
  };

Furthermore, the config option 'deviceOpts' can be used to configure options
that are applied to *every* device.
2013-03-10 01:19:44 +01:00
Shea Levy
763835e770 Console key map: Make option uniq
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-03-09 06:27:27 -05:00
Vladimír Čunát
a3d8e6eeba xfce: update the xinitrc path 2013-03-09 10:55:57 +01:00
Bjørn Forsman
d89ba0697f Add Transmission BitTorrent service
Enable it with

  services.transmission.enable = true;

and optionally configure it

  services.transmission.settings =
    {
      download-dir = "/srv/torrents/";
      incomplete-dir = "/srv/torrents/.incomplete/";
      incomplete-dir-enabled = true;
      rpc-whitelist = "127.0.0.1,192.168.*.*";
      # for users in group "transmission" to have access to torrents
      umask = 2;
    };

The above settings are written/merged into settings.json each time the
service is about to start.
2013-03-08 16:47:09 +01:00
Shea Levy
f1d48aec43 Don't mount /nix/store ro if it's a mountpoint
In principle this could work, but the current remount logic in nix fails
to remount mountpoints that are root in their own filesystem (as would
be the case with bind-mounting a mountpoint over itself). nixos/nix#98
is aimed at fixing this.

Signed-off-by: Shea Levy <shea@shealevy.com>
2013-03-08 10:42:34 -05:00
Shea Levy
bc21ccc981 readonly-mountpoint: Remove unusued variable 2013-03-07 19:05:54 -05:00
Shea Levy
6d6d3d4228 readOnlyStore: Don't do a read-only bind-mount of an already read-only store.
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-03-07 19:00:21 -05:00
Rickard Nilsson
c948494342 Add /run/nss to LD_LIBRARY_PATH
This fixes issues with glibc-binaries (getent for example) that can't
find NSS modules that are not distributed with glibc.

See this discussion:
http://comments.gmane.org/gmane.linux.distributions.nixos/9940
2013-03-07 16:54:42 +01:00
Shea Levy
35093b8a28 Silence a harmless warning on kernels without the 'path' parameter for firmware_class. 2013-03-05 20:33:41 -05:00
Rickard Nilsson
af152556e3 nslcd: Require network.target 2013-03-05 19:45:27 +01:00
Mathijs Kwik
09680dec6a read-only-store functionality should apply even when /nix/store is on a separate filesystem 2013-03-04 22:46:06 +01:00
Mathijs Kwik
134750f6ac gummiboot: fix typo 2013-03-04 22:46:06 +01:00
Mathijs Kwik
e05a37d736 rename deprecated option 2013-03-04 22:46:06 +01:00
Lluís Batlle i Rossell
a9b3dbf8ea Fixing the vaapiDrivers; it didn't work, with only one driver 2013-03-04 22:35:33 +01:00
Shea Levy
bfe6c13f09 D'oh! 2013-03-04 10:03:01 -05:00
Shea Levy
0a81724a88 systemd-sysctl.service: Don't depend on basic.target 2013-03-04 09:57:24 -05:00
Shea Levy
70378ad2b7 Add our firmware path to the in-kernel lookup path
Newer kernels (since torvalds/linux@abb139e75c) try to
read firmware directly from the filesystem before falling back to a
userspace helper (udev) if firmware cannot be found (in even newer
kernels, the fallback path can be disabled altogether). By default, only
certain paths in /lib/firmware* are searched, so this was initially not
helpful for NixOS.

Since torvalds/linux@2760284206 (which,
based on the commit message, was implemented just for NixOS, go us!),
though, an extra path can be dynamically prepended to the search path.
So do that, in three ways:

1. Pass a kernel command line option in case the module is built-in
2. Add a line to modprobe.conf in case the module isn't yet loaded by
activation-time
3. Add an activation script to set the option in /sys in case the module
is already loaded by activation-time.
2013-03-04 09:42:03 -05:00
Rickard Nilsson
5737604b13 xfce: Set GTK_PATH to system.path/lib/gtk-2.0, so xfce can find all theme engines. 2013-03-04 10:51:33 +01:00
Bjørn Forsman
61c07244e8 Add lighttpd web server module 2013-03-03 20:16:44 +01:00
Domen Kozar
854a37aa7e add most basic nginx service 2013-03-03 12:12:17 +01:00
Eelco Dolstra
d99fce2631 installation-cd-base.nix: Use boot.kernel.sysctl 2013-03-02 20:06:02 +01:00
Eelco Dolstra
7f7e18cfce Enable hardlink and symlink restrictions
This prevents many time-of-check-time-of-use security bugs.  Ubuntu
enables these by default as well so they shouldn't cause many
problems.
2013-03-02 20:06:02 +01:00
Eelco Dolstra
080bf5614f Add a module for setting sysctl parameters
This adds an option ‘boot.kernel.sysctl’ and generates a file
/etc/sysctl/nixos.conf read by systemd-sysctl.service.
2013-03-02 20:06:02 +01:00
Bjørn Forsman
ec2378f07b systemd-logind: fix config file header: [Logind] => [Login]
man logind.conf clearly states that the header is [Login] (no 'd').
Without this fix services.logind.extraConfig does not take effect
because logind ignores the invalidly named section.
2013-03-02 19:45:47 +01:00
Shea Levy
7e10bcb4fd modules/testing/minimal-kernel: linuxPackagesFor no longer takes a 'self' argument 2013-03-02 09:10:58 -05:00
David Guibert
ed6e0262e0 bring bridge interfaces up
The bridge is not becoming operational until it is brought into the UP state.
When the bridge is statically configured, this is mandatory.
2013-03-02 10:24:46 +01:00
Bjørn Forsman
08c9a0ad5e Add service.logind.extraConfig option
So that we can customize systemd-logind in configuration.nix.

Example:
  services.logind.extraConfig = "HandleLidSwitch=ignore";

See man logind.conf for available options.
2013-03-02 00:24:34 +01:00
Patrick Wheeler
fc7c7ae91a Remove vmware comment 2013-03-01 11:05:00 -06:00
Patrick John Wheeler
ea3eb991b7 Fix Xorg-server on vmware inconjunction with fix to
xf86videovmware[1].

Adds "vmware" to list of default options of
services.xerver.videoDrivers.

new default:
 [ "ati" "cirrus" "intel" "vesa" "vmware" ]

old default:
 [ "ati" "cirrus" "intel" "vesa" ]

[1] Pull request for xf86videovmware found at
https://github.com/NixOS/nixpkgs/pull/338.
2013-03-01 02:53:08 +01:00