Commit graph

8989 commits

Author SHA1 Message Date
makefu
71767ee3c7
glance: rip
part of openstack cleanup
2017-12-15 16:08:10 +01:00
makefu
d3d94992cf
keystone: rip
part of openstack cleanup
2017-12-15 16:06:44 +01:00
Bjørn Forsman
b53407461a nixos/lighttpd: update allKnownModules list
lighttpd 1.4.46+ got three new modules.
2017-12-15 07:47:45 +01:00
David Kleuker
ffc0bfa5b7 nixos/samba: increase LimitNOFILE to recommended value (#32085)
fixes warning:

    rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)

https://serverfault.com/a/641411
2017-12-14 17:12:44 +00:00
Franz Pletz
0f18f4af88
nixos/tests/jenkins: check if jenkins is available 2017-12-14 16:03:24 +01:00
Franz Pletz
2754d1a8c3
xmr-stak module: init 2017-12-14 16:03:09 +01:00
Eelco Dolstra
e4847b797e
Update NixOS 17.09 AMIs
This adds support for c5.* instances.

Fixes #32612.
2017-12-13 23:42:09 +01:00
makefu
5369400bb0
nova: rip
part of openstack cleanup
2017-12-13 18:16:29 +01:00
Florian Jacob
fc21593352 nixos/btrfs: add services.btrfs.autoScrub
for automatic regular scrubbing of mounted btrfs filesystems,
similar to what's already there for zfs.
2017-12-13 11:00:28 +01:00
Franz Thoma
9e486344a9 nixos.gnome3.at-spi2-core: Set environment variable NO_AT_BRIDGE=1 if disabled
As suggested in #16327 (https://github.com/NixOS/nixpkgs/issues/16327#issuecomment-315729994).
2017-12-13 04:55:35 +01:00
Graham Christensen
3cad1abf9e
Merge pull request #32031 from NixOS/unstable-aarch64
Aarch64 Netboot
2017-12-12 17:44:07 -05:00
Robert Helgesson
5eb4a8339c
nixos containers: remove stray , from pattern
See #31888.
2017-12-12 18:35:06 +01:00
Bas van Dijk
5572de75a0
containers: deny networkmanager from managing the ve-* and vb-* NICs
Without this, when you've enabled networkmanager and start a
nixos-container the container will briefly have its specified IP
address but then networkmanager starts managing it causing the IP
address to be dropped.
2017-12-12 18:22:15 +01:00
Eelco Dolstra
875eaf0821
nix: 1.11.15 -> 1.11.16 2017-12-12 17:46:21 +01:00
Tuomas Tynkkynen
0d27df280f build-support/vm: Use devtmpfs, not static device nodes
In 2017, there is no reason to create a static /dev.
2017-12-12 14:31:50 +02:00
Georges Savoundararadj
9724654c74 davfs2: create user/group davfs2 if not specified in the configuration
* Add options:
  - enable
  - davUser (default: "davfs2")
  - davGroup (default: "davfs2)
* Add davfs2 user or group if they are not specified in the
configuration
2017-12-11 19:30:25 -08:00
Graham Christensen
08b8bc24cb
Netboot: Add aarch64 2017-12-11 21:33:55 -05:00
Joachim F
90accc093e
Merge pull request #32216 from LumiGuide/networkmanager-strongswan
networkmanager_strongswan: fix package
2017-12-11 23:26:21 +00:00
Linus Heckemann
e4b32222a3 nixos/tests: correct comment in radicale.nix (#32574)
The secrets are in fact also stored unhashed, as part of the .drv file
which produces the htpasswd.
2017-12-11 22:09:23 +00:00
Joachim F
4792523a3d
Merge pull request #32500 from srhb/logstash-locallisten
nixos/logstash: Listen on 127.0.0.1 instead of 0.0.0.0
2017-12-11 22:00:38 +00:00
Michael Peyton Jones
638d24950d plymouth: add breeze-plymouth as default theme 2017-12-11 20:42:00 +00:00
Vladimír Čunát
e9c12f6936
Merge older staging
There are some regressions, but not that many and I want
the security update of openssl fast.
2017-12-11 09:49:56 +01:00
Orivej Desh
42973bef3f nixos/programs/bash: document that /etc/bash_completion.d is obsolete
fbd52a5e31/bash_completion (L2070-L2078)
2017-12-10 12:16:25 +00:00
Tor Hedin Brønner
9988224c2a nixos/programs/bash: Let bash-completion lazy load scripts
As described in detail here: https://github.com/NixOS/nixpkgs/issues/32533
bash will load completion scripts in $p/share/bash-completion/completions/ on
startup instead of letting bash-completion do it's lazy loading. Bash startup
will then slow down (very noticeable when bash-completion is installed in a
profile).

This commit leaves loading of scripts in the hands of bash-completion,
improving startup time for everyone using `enableCompletion`.

fixes #32533
2017-12-10 10:15:41 +01:00
Andreas Rammhold
104de603cb networkmanager: remove restart after suspend from resume
In commit ec9dc73 restarting NetworkManager after resume from
suspend/hibernate was introduced.

When I initially switch to NixOS I started noticing a high delay between
wakeup and re-connecting to WiFi & wired networks. The delay increased
from a few seconds (on my previous distro, same software stack) to
almost half a minute with NixOS.

I (locally) applied the change in this commit a few weeks ago and tested
since then. The notebook/mobile device experience has improved a lot.
Reconnects are as before switching to NixOS.

Issue #24401 could be related to this. Since I am not using KDE/plasma5
I can only guess…
2017-12-10 00:19:15 +01:00
Vladimír Čunát
2309acf723
Merge branch 'master' into staging 2017-12-09 21:00:07 +01:00
Sarah Brofeldt
b694fa0054 nixos/logstash: Listen on 127.0.0.1 instead of 0.0.0.0 2017-12-09 11:32:14 +01:00
Orivej Desh
40950f6a2d
Merge pull request #31006 from florianjacob/prosody
Improvements for Prosody
2017-12-09 09:19:24 +00:00
Joachim F
1541211c31
Merge pull request #32261 from erictapen/osrm-module
osrm service: init
2017-12-07 21:32:42 +00:00
Jan Malakhovski
3be0e1bd72 nixos/xen-dom0: add related packages, make it play well with them 2017-12-07 21:27:32 +00:00
Jan Malakhovski
f56b5824ad nixos/tmux: use related packages 2017-12-07 21:27:28 +00:00
Jan Malakhovski
67ec6371d5 nixos, lib: implement relatedPackages option
This allows one to specify "related packages" in NixOS that get rendered into
the configuration.nix(5) man page. The interface philosophy is pretty much
stolen from TeX bibliography.
2017-12-07 21:26:35 +00:00
Jan Malakhovski
182463dc79 nixos/doc: push all the enable*' and package*` options to the top of their option group
Why? Because this way configuration.nix(5) can be read linearly.

Before:

> virtualisation.xen.bootParams
> ...
> virtualisation.xen.enable
> ...
> virtualisation.xen.package
> ...

After:

> virtualisation.xen.enable
> virtualisation.xen.package
> virtualisation.xen.bootParams
> ...
2017-12-07 21:26:34 +00:00
Justin Humm
bfc3844a15 osrm service: init 2017-12-07 18:51:39 +01:00
Peter Hoeg
e5715d9464 cups: 2.2.2 -> 2.2.6 2017-12-07 07:22:39 +00:00
Ryan Trinkle
ab2b3a5d0a nat: add extraCommands and extraStopCommands options 2017-12-06 11:17:38 -05:00
Tuomas Tynkkynen
b2e315f97f nixos/qemu-vm: Pass gic-version=host for AArch64
This is required on the ThunderX CPUs on the Packet.net Type-2A
machines that have a GICv3. For some reason the default is to create a
GICv2 independent of the host hardware...
2017-12-06 17:29:09 +02:00
Peter Hoeg
40af7718f8 tests: logToJournal has been renamed 2017-12-06 17:45:40 +08:00
Pierre-Etienne Meunier
3b79220a41 nixos/gollum: enable emoji and file uploads (#32373) 2017-12-06 09:10:54 +00:00
Pierre Carrier
5a5325d11f nixos/modules/services/hardware/u2f: init 2017-12-06 07:37:44 +01:00
Pierre-Etienne Meunier
8e97f8fac4 nixos/gollum: Add optional MathJax support (#32338) 2017-12-05 12:20:31 +00:00
Orivej Desh
81e5b51a2c
Merge pull request #32308 from orivej/static-resolv-conf
nixos/networking: support static resolv.conf
2017-12-04 16:07:21 +00:00
Maximilian Bosch
af75b48b51 services.statsd: add simple test 2017-12-04 16:56:16 +01:00
Maximilian Bosch
aaf1e1c4fb statsd: restore support for {influx,librato,stackdriver} backends
These packages will be placed into an environment using
`backendsToPackages`. This function explicitly maps backends to
`pkgs.nodePackages.${type}` unless it's a builtin. This ensures that only
valid backends that work on NixOS are used (if not, the build already
breaks at evaluation time).

The log will be redirected to `stdout` to be able to watch the entire
output using `journalctl`.

Configuration parameters for the backends need to be set using
`services.statsd.extraConfig` as each backend has its own options and
all of them shouldn't be validated and checked explicitly and manually.
2017-12-04 16:56:16 +01:00
Orivej Desh
d5facd5df3 nixos/networking: support static resolv.conf 2017-12-04 13:58:54 +00:00
zimbatm
3807408c38
Merge pull request #32212 from ryantrinkle/nat-port-forwarding-ranges
Nat port forwarding ranges
2017-12-04 12:05:05 +00:00
Daiderd Jordan
852fe55822
Merge pull request #32304 from LnL7/vault-test
vault: add nixos test
2017-12-04 13:04:13 +01:00
Daiderd Jordan
6a20b88cec
vault: add nixos test 2017-12-04 12:59:52 +01:00
Ryan Trinkle
4f8a65a163 nixos/nat: add dmzHost option (#32257) 2017-12-04 09:21:58 +00:00
Jaka Hudoklin
bc557912a1
Merge pull request #28939 from xtruder/nixos/tor/trans_proxy
tor module: add support for transparent proxy and dns
2017-12-03 21:47:11 +01:00
Domen Kožar
d64ba1c060
Add localtime package and nixos module
Simple daemon for keeping system timezone up-to-date via geoclue2.

Sadly i3 status needs to be restarted for timezone changes.
2017-12-03 11:42:51 +01:00
Joachim F
58e4f8a14b
Merge pull request #32186 from jbboehr/patch-1
nixos/i2pd: tunnel configuration fixes
2017-12-03 07:58:36 +00:00
Bert Moens
a5398a7663 nixos/doc/x-windows: update touchpad to libinput 2017-12-03 05:05:21 +02:00
volth
af6fc78f5d
initrd-ssh: generate hostkeys if absent 2017-12-03 02:27:29 +00:00
Tuomas Tynkkynen
574526d510 make-squashfs: Hack to avoid building images where nixos-install won't run
https://github.com/NixOS/nixpkgs/issues/32242
2017-12-03 03:37:45 +02:00
Ryan Trinkle
a8f1ebf52c nat: support port ranges in networking.nat.forwardPorts 2017-12-02 13:28:01 -05:00
Ryan Trinkle
83048c4fe0 nixpkgs.lib: Add types.strMatching 2017-12-02 13:28:00 -05:00
John Boehr
67c3f7f65f nixos/i2pd: tunnel config fixes
Tunnel configuration has no member named "host" - i2pd does but it's called "address" in the options. As a result, no tunnel configuration is generated.

* Fix attribute check in inTunnels
* Fix integer to string coercion in inTunnels
* Add destinationPort option for outTunnels
2017-11-30 17:13:42 -08:00
Orivej Desh
dd7738d13f
Merge pull request #32203 from jtojnar/xorg-localectl
nixos/xserver: Move the keyboard configuration to 00-keyboard.conf
2017-12-01 00:29:47 +00:00
Bas van Dijk
460a4b0832 networkmanager_strongswan: fix package
Added the boolean option:

  networking.networkmanager.enableStrongSwan

which enables the networkmanager_strongswan plugin and adds
strongswanNM to the dbus packages.

This was contributed by @wucke13, @eqyiel and @globin.

Fixes: #29873
2017-11-30 23:03:32 +01:00
Jan Tojnar
1d868aa8de
nixos/xserver: Move the keyboard configuration to 00-keyboard.conf
localectl looks for keyboard settings in /X11/xorg.conf.d/00-keyboard.conf

Closes: #29959, #14318
2017-11-30 14:10:34 +01:00
Eelco Dolstra
949a6e3ec5
Merge pull request #32188 from NixOS/copumpkin-aws-ntp
amazon-image: use NTP provided by the hypervisor
2017-11-30 13:06:25 +01:00
Orivej Desh
905672f524 nixos/pulseaudio: document audio group for system wide access 2017-11-30 06:37:01 +00:00
Daniel Peebles
5fd528d043
amazon-image: use NTP provided by the hypervisor
See http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/set-time.html for more information.

Fixes #32187
2017-11-29 22:48:00 -05:00
James Earl Douglas
00cda0d18d nixos/nexus: fix typo
Nexus is produced by [Sonatype][1], not SonarType.

[1]: https://www.sonatype.org/
2017-11-29 22:39:37 +01:00
Philipp Hausmann
5f59913c74 FusionInventory: 3.18 -> 3.21 2017-11-29 14:58:36 +00:00
Vladimír Čunát
5f020d5627
Merge branch 'staging'
There are security fixes in multiple packages /cc #32117,
so I'm merging a little earlier, with a few thousand jobs
still not finished on Hydra for x86_64-darwin and aarch64-linux.
2017-11-29 10:02:40 +01:00
Orivej Desh
0e6ca9e85d
Merge pull request #31970 from The-M1k3y/master
nixos/factorio: add stateDir and requireUserVerification option
2017-11-29 08:36:52 +00:00
Orivej Desh
b8ddde411c
Merge pull request #32060 from elitak/ipfs
ipfs: add swarmAddress option
2017-11-29 01:59:08 +00:00
Orivej Desh
7d69f11293
Merge pull request #32141 from yellowgh0st/compton
compton: adding missing xr_glx_hybrid backend
2017-11-28 23:28:56 +00:00
Vladimír Čunát
addd20e6f9
Merge branch 'master' into staging 2017-11-28 18:19:34 +01:00
Yell0w Ghost
57475d12ad
compton: adding missing xr_glx_hybrid backend
Compton can run with xr_glx_hybrid backend too.
Adding this missing option.
2017-11-28 14:02:48 +01:00
Léo Gaspard
652842d82e clamav module: make services.clamav.daemon.enable actually work 2017-11-28 13:45:13 +01:00
Ollie Charles
6ece306812 nixos/grafana: Fix type of database.type option
If you want to use grafana with PostgreSQL, the type is `postgres`,
not `postgresql`.
2017-11-28 11:57:35 +00:00
Vladimír Čunát
6705f30e2c
Merge branch 'master' into staging 2017-11-27 15:09:53 +01:00
Vladimír Čunát
6345089ca0
Merge #29392: gnome3: 3.24 -> 3.26
It might be slightly confusing that a couple of the changes will be twice
in the history, but let's merge this way.
2017-11-27 12:19:01 +01:00
rnhmjoj
13bb5ff402
nixos/xserver: fix X.org session script logging 2017-11-27 11:29:37 +01:00
Tuomas Tynkkynen
dc5cd7800a tests/initrd-network-ssh: Don't build during evaluation
Issue #29774
2017-11-27 12:08:57 +02:00
Tuomas Tynkkynen
cb008da167 owncloud: Don't build during evaluation
Issue #29774
2017-11-27 12:08:57 +02:00
Vladimír Čunát
337e900c3d
Merge #31683: glib: Add variable for overriding schemas 2017-11-27 10:54:19 +01:00
Peter Hoeg
80c5cf80f2
pulseaudio/nixos: set it as default for openal/libao if enabled (#32078)
- /var/run -> /run as the former is deprecated
- configure openal to use pulseaudio if pulseaudio is enabled
- configure libao to use pulseaudio if pulseaudio is enabled
2017-11-27 15:49:38 +08:00
Tuomas Tynkkynen
f3794bb8cb nixos/qemu-guest: Ensure virtio_mmio is available in initrd
ARM and AArch64 might use virtio_mmio in some cases.
2017-11-26 11:22:39 +02:00
Tuomas Tynkkynen
8762490337 nixos/qemu: Add virtio-rng-pci to test-driver
Otherwise AArch64 KVM guests don't have enough entropy at boot.
2017-11-26 11:13:21 +02:00
Tuomas Tynkkynen
e56da6a464 nixos/qemu-vm: Use different serial port on ARM/AArch64 2017-11-26 11:13:21 +02:00
Tuomas Tynkkynen
0a2eda7a7e nixos/qemu-vm: Don't try enabling graphics/mouse on non-x86
Needs to be figured out some day, just disable them for now.
2017-11-26 11:13:21 +02:00
Tuomas Tynkkynen
43cb964e17 nixos/qemu-vm: Set QEMU command line depending on architecture 2017-11-26 11:13:21 +02:00
Eric Litak
d0b9d13618 ipfs: add swarmAddress option 2017-11-25 22:56:07 -08:00
Jan Tojnar
1566de20c7
nixos/gnome3: override schemas using env variable
For some reason, the GNOME 3.26 update broke the overrides. It turns
out the overrides now need to come before the overridden schemas in the
XDG_DATA_DIRS variable. This is not possible in general due to applications
prefixing the variable (e.g. in wrapGAppsHook).

To fix this, a new environment variable NIX_GSETTINGS_OVERRIDES_DIR
was introduced. It has greater priority than XDG_DATA_DIRS but lower
than GSETTINGS_SCHEMA_DIR. A separate variable was chosen in order not
to block the built-in one for users.
2017-11-26 03:11:00 +01:00
Jan Tojnar
6e0fc275d6
nixos/tracker-miners: init 2017-11-26 03:10:56 +01:00
Kosyrev Serge
3fa4e1e3ee buildkite-agent: secrecy improvements: non-store, non-Nix provisioning of secrets 2017-11-25 17:52:19 +00:00
Jörg Thalheim
3ea493430a
Merge pull request #31283 from michalrus/per-user-profiles-buildEnv
users-groups module: use `buildEnv` in per-user profiles
2017-11-25 15:28:58 +00:00
Joachim F
822342ffdf
Merge pull request #31048 from LumiGuide/fix-owncloud
Fix some but not all errors in owncloud
2017-11-25 12:43:29 +00:00
Orivej Desh
6d9ad27103
Merge pull request #31995 from jtojnar/xserver-libinput
Use libinput for all input devices when enabled
2017-11-25 10:33:39 +00:00
Jan Tojnar
c177b838df nixos/xserver: let X choose the xkb rules
With libinput used for keyboard, base rules produce incorrect keyboard
layouts. We are removing the option as recommended in the XKB configuration
guide [1] to let X server choose the ruleset. It looks like it chooses
evdev rules which seem to work for some reason

[1]: https://www.x.org/releases/X11R7.6/doc/xorg-docs/input/XKB-Config.html#id2521360
2017-11-25 10:27:31 +00:00
Kjetil Orbekk
bd3e49a80e nixos/munin: fix broken plugin wrappers
The munin-node service used wrapProgram to inject environment variables.
This doesn't work because munin plugins depend on argv[0], which is
overwritten when the executable is a script with a shebang line (example
below).

This commit removes the wrappers and instead passes the required
environment variables to munin-node.

Eliminating the wrappers resulted in some broken plugins, e.g., meminfo
and hddtemp_smartctl. That was fixed with the per-plugin configuration.

Example:

  The plugin if_eth0 is a symlink to /.../plugins/if_, which uses $0
  to determine that it should monitor traffic on the eth0 interface.

  if_ is a wrapped program, and runs `exec -a "$0" .if_-wrapped`

  .if_-wrapped has a "#!/nix/.../bash" line, which results in bash
  changing $0, and as a result the plugin thinks my interface
  is called "-wrapped".
2017-11-25 11:23:56 +01:00
Orivej Desh
2f1a818d00 nixos/fwupd: disable by default
It causes building during evaluation when enabled, and it is hardly useful
without GNOME or the awareness of the system operator.
2017-11-25 06:49:38 +00:00
Vladimír Čunát
474c1ce799
nixos.tests.installer.swraid: increase drive size
The latest staging caused this test not to fit anymore.
I'm all for keeping closure sizes under control,
but I don't think *this* is a good place.
2017-11-25 07:46:28 +01:00
Vladimír Čunát
7dfa97969a
Merge branch 'staging' (older one)
Hydra seems OK-ish, except that some aarch64 jobs need restarting
after qt4 timing out for the first time:
https://hydra.nixos.org/eval/1412641?compare=1412561
2017-11-24 18:36:54 +01:00
Franz Pletz
3ad0845fb0
Merge pull request #31371 from gnidorah/sway
sway module: passthrough sway binary when needed
2017-11-24 10:03:41 +01:00
Franz Pletz
a59864c3c5
Merge pull request #31839 from bluescreen303/fix-rpfilter
firewall: fix rpfilter blocking dhcp offers when no ip was bound yet
2017-11-24 09:39:05 +01:00
Jan Tojnar
193c4c5701
Merge pull request #30252 from jtojnar/fwupd
fwupd: 0.9.6 → 1.0.1
2017-11-24 04:07:52 +01:00
Jan Tojnar
ed9dc1f187
nixos/libinput: load configuration file
In order for libinput to be used with Xorg, its configuration file
needs to be added to environment similarly to how evdev one’s is.

Closes: #31670
2017-11-24 02:18:38 +01:00
Graham Christensen
0726cd6f0c
Merge pull request #31972 from bkchr/copyfilefromhost_missing_documentation
Adds missing documentation for copyFileFromHost in NixOS tests
2017-11-23 19:50:39 -05:00
Bastian Köcher
1200f9b9e2 Adds missing documentation for copyFileFromHost in NixOS tests 2017-11-23 15:50:54 +01:00
Graham Christensen
8443352ffa
Merge pull request #31973 from grahamc/options-fix-inginious
inginious: fix options eval
2017-11-23 09:43:23 -05:00
Graham Christensen
2bbdd70b99
inginious: fix options eval 2017-11-23 09:33:59 -05:00
Jörg Thalheim
487c4a6f6e
Merge pull request #27513 from lukeadams/prl-tools-fix
[NixOS] Fix + update `hardware.parallels` config option
2017-11-23 14:10:21 +00:00
The-M1k3y
7dcd299e9a nixos/factorio: add stateDir and requireUserVerification option 2017-11-23 13:50:19 +01:00
Jörg Thalheim
d541d0c7bf
Merge pull request #31941 from Rovanion/master
user-mgmt.xml: extraUsers => users
2017-11-23 10:28:47 +00:00
Rovanion Luckey
99864c4a79 nixos/manual: extraUsers -> users in user-mgmt.xml
Changed extraUsers -> users and one case of extraGroups -> groups in nixos manual chapter 7.

According to chatter on IRC these are the proper names for these configuration options nowadays.

Modified based on feedback from Jörg Talheim.
2017-11-23 10:22:00 +01:00
Jan Tojnar
c49522edb7
nixos/services.fwupd: allow adding trusted keys 2017-11-23 00:53:50 +01:00
Profpatsch
f09f49d483 nixos/doc/manual: print context on failing xmllint validation
Previously only the line numbers of a giant, internally generated XML file were
printed, without any kind of debuggability.
Now at least the mentioned lines are printed with a little bit of surrounding
context (to have something to grep for).

```
manual-combined.xml:4863: element para: Relax-NG validity error : Did not expect element para there
  4859	<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xi="http://www.w3.org/2001/XInclude" version="5.0" xml:id="sec-writing-modules">
  4860
  4861	<title>Writing NixOS Modules</title>
  4862
  4863	<para>NixOS has a modular system for declarative configuration.  This
  4864	system combines multiple <emphasis>modules</emphasis> to produce the
  4865	full system configuration.  One of the modules that constitute the
```
2017-11-22 21:27:05 +01:00
Domen Kožar
ad492e6f33
hydra: 2017-10-26 -> 2017-11-21 2017-11-22 17:24:55 +00:00
Thomas Strobel
67ce1357fa nixos: init module: restya-board 2017-11-22 12:14:24 +01:00
Thomas Strobel
2128d8ce4e ixos ids: reserve restya-board 2017-11-22 12:14:24 +01:00
Joachim F
1f2b938734
Merge pull request #31850 from herrwiese/evilwm
evilwm: implement NixOS WM module
2017-11-21 22:56:22 +00:00
Orivej Desh
b8e1e7191e Merge branch 'master' into staging
* master: (80 commits)
  lkl: Supports aarch64
  wimlib: nitpicks
  gitAndTools.git-codeowners: 0.1.1 -> 0.1.2
  wimlib: init at 1.12.0
  kernel: improve modDirVersion error message
  releaseTools.sourceTarball: Clean up temporary files
  dotnetPackages.SmartIrc4net: rehash source
  migmix: make it a fixed-output derivation
  vm: Create /dev/full
  samba: 4.6.8 -> 4.6.11 to address CVEs CVE-2017-14746 & CVE-2017-15275
  microcodeIntel: 20170707 -> 20171117
  sshd: Remove ripemd160 MACs
  kernel config: Enable MEDIA_CONTROLLER
  linux: 4.4.99 -> 4.4.100
  linux: 4.9.63 -> 4.9.64
  nix-bash-completions: 0.4 -> 0.5
  linux: 4.14 -> 4.14.1
  linux: 4.13.14 -> 4.13.15
  nix-zsh-completions: 0.3.3 -> 0.3.5
  dns-root-data: use a stable URL that I maintain anyway
  ...
2017-11-21 22:48:36 +00:00
Tim Steinbach
48252b15b9
sshd: Remove ripemd160 MACs
They are invalid for our OpenSSH
2017-11-21 09:36:51 -05:00
Graham Christensen
3c9b356e10
Merge pull request #31860 from rycee/nixos/bash/fix/inputrc
nixos/bash: mark `inputrc` etc file as default
2017-11-20 21:46:54 -05:00
Tim Steinbach
861fef71f4
Merge pull request #31763 from jeaye/harden-ssh-config
Harden ssh config defaults and remove old host key support
2017-11-20 20:13:21 +00:00
Robert Helgesson
101d56cb0c
nixos/bash: mark inputrc etc file as default
The bash module currently sets the `/etc/inputrc` unconditionally,
which prevents easy user override. This commit lowers the priority of
the setting to "option default" level, which allows a user to override
the value using either

    environment.etc."inputrc".text = …

or

    environment.etc."inputrc".source = …
2017-11-20 12:32:01 +01:00
Orivej Desh
ab0d141f44 Merge branch 'master' into staging
* master: (23 commits)
  silver-searcher: patch bash completions location
  shairplay: init at 2016-01-01
  ocamlPackages.rope: 0.5 -> 0.6
  ocamlPackages.ocaml_gettext: 0.8.7 -> 0.8.8
  mupdf: Patch openjpeg version
  nextcloud-client: fix build after qt updates
  gstreamer.gst-plugins-bad: Patch openjpeg version
  silver-searcher: move bash completion to etc/bash-completion.d/
  neomutt: use mime.types from dedicated mime-types derivation
  mime_types: rename to mime-types
  XMLLibXML: 2.0129 -> 2.0132 fixes failing tests & CVE-2017-10672
  nixos/matrix-synapse: remove unused log_file config
  nixos: run parted with --script option (3rd)
  nixos: run parted with --script option (2nd)
  nixos/release: add nixos/tests/switch-test.nix to tested job
  nixos/system: make switch-to-configuration script pure.
  nixos/release: include mutableUsers test to release tests.
  nixos/tests: Add a test for config.users.mutableUsers.
  corebird: 1.7.2 -> 1.7.3
  nixos/matrix-synapse: make home directory configurable
  ...
2017-11-20 09:21:51 +00:00
Franz Pletz
0ed7d4d0e8
Merge pull request #31812 from eqyiel/matrix-synapse-configurable-home
nixos/matrix-synapse: make home directory configurable
2017-11-20 09:35:57 +01:00
Andreas Wiese
f5f601a7f2 nixos/evilwm: allow enabling evilwm through services.xserver.windowManager.evilwm.* 2017-11-20 07:50:28 +01:00
Ruben Maher
50777e5702 nixos/matrix-synapse: remove unused log_file config 2017-11-20 09:29:45 +10:30
Bjørn Forsman
aedba5c2af nixos: run parted with --script option (3rd)
Doh, should have included this in previous commit.

Ref. 0ff4bb5f87
("nixos: run parted with --script option").
2017-11-19 22:55:12 +01:00
Bjørn Forsman
bf338ab9ee nixos: run parted with --script option (2nd)
Ref. 0ff4bb5f87
("nixos: run parted with --script option")
2017-11-19 22:50:24 +01:00
Mathijs Kwik
05761e9504 firewall: fix rpfilter blocking dhcp offers when no ip was bound yet 2017-11-19 22:24:56 +01:00
Franz Pletz
bdbaaad7de
Merge pull request #29269 from Moredread/test_crypt_with_keyfile
Test opening encrypted filesystem with keyfile
2017-11-19 20:30:59 +01:00
obadz
edcf51a359
Merge pull request #31805 from gleber/make-switch-to-configuration-pure
nixos/system: make switch-to-configuration script pure
2017-11-19 19:03:52 +00:00
Franz Pletz
f367bb4d6d
Merge pull request #31569 from gleber/add-mutable-users-test
nixos/tests: add a test for config.users.mutableUsers.
2017-11-19 19:54:28 +01:00
Gleb Peregud
f8fb6a679e nixos/release: add nixos/tests/switch-test.nix to tested job 2017-11-19 19:50:08 +01:00
Gleb Peregud
2f6148c743 nixos/system: make switch-to-configuration script pure.
Fixes #28443

Fixed few invocations to `systemctl` to have an absolute path. Additionally add
LOCALE_ARCHIVE so that perl stops spewing warning messages.
2017-11-19 19:42:54 +01:00
Franz Pletz
fa824e6c58
Merge branch 'master' into staging 2017-11-19 19:39:04 +01:00
Pierre Chevalier
c46d4dab96 gdm: remove old workaround for conflicts with getty
- There used to be a conflict between gdm and getty both trying to
  access tty1
- This conflict was fixed by running gdm on tty7 instead
2017-11-19 19:35:37 +01:00
Pierre Chevalier
aed114ecb9 Revert "gdm: don't start getty@tty1 if enabled"
This commit isn't needed anymore since we now run gdm on tty7.

This reverts commit 440178d729.
2017-11-19 19:35:37 +01:00
Gleb Peregud
cea8302182 nixos/release: include mutableUsers test to release tests. 2017-11-19 19:20:50 +01:00
Gleb Peregud
1dd0379ba8 nixos/tests: Add a test for config.users.mutableUsers.
It's in preparation to add an assertion for #4990.
2017-11-19 19:11:19 +01:00
Franz Pletz
71b8437e2c
nixos/tests: add couchdb test 2017-11-19 17:39:36 +01:00
Orivej Desh
50d8720d2a nixos/testing: fix after --set ceased to evaluate the value 2017-11-19 14:15:19 +00:00
Ruben Maher
86e161ff47 nixos/matrix-synapse: make home directory configurable 2017-11-19 13:48:29 +10:30
jeaye
03f7adfdd1
nixos/ssh: Update 18.03 release notes
Since ssh-dss is no longer supported by default, users relying on those
keys for their login may be locked out. They should ideally use stronger
keys, but adding the support for ssh-dss back in can also be done
through extraConfig.
2017-11-18 15:35:56 -08:00
Pierre Chevalier
b3de3893d0 nixos/zsh: add the type for enableAutosuggestions option
Simply a small inconsistency I picked up when reading that file.

fixes #31795
2017-11-18 21:27:12 +00:00
Tuomas Tynkkynen
931aa5f9e2 U-Boot: 2017.03 -> 2017.11
Also move patches from sd-image-aarch64.nix, they might be useful for
the older raspberries as well.
2017-11-18 13:57:17 +02:00
Orivej Desh
89912165e1
Merge pull request #31378 from michaelpj/imp/plymouth-nixos-branding
breeze-plymouth: add optional nixos branding, enable for plasma5
2017-11-18 10:37:26 +00:00
Michael Peyton Jones
eec4c31d89 plasma5: enable NixOS branding in plymouth theme 2017-11-18 10:36:23 +00:00
Jan Tojnar
c47ea8ca4e
nixos/services.fwupd: init 2017-11-17 18:54:45 +01:00
Bjørn Forsman
3f36f167e6 nixos/pam: fix docs about path to u2f_keys file
Looking at upstream git repo (git://github.com/Yubico/pam-u2f.git) the
docs initially said the path was ~/.yubico/u2f_keys, but it was later
changed to ~/.config/Yubico/u2f_keys (in 2015).

I have run pam_u2f.so with "debug" option and observed that the correct
path indeed is ~/.config/Yubico/u2f_keys.
2017-11-17 17:50:40 +01:00
Franz Pletz
00056e76d0
nixos/tests/acme: update terms of service to fix test 2017-11-17 16:05:13 +01:00
Oliver Charles
560400773c nixos/prometheus: Correct documentation for external_labels
As description is literal XML, I need to escape < and > by hand.
2017-11-17 11:06:03 +00:00