Commit graph

11266 commits

Author SHA1 Message Date
Jörg Thalheim
2ce94fafcd
Merge pull request #48571 from spacefrogg/openafs
Openafs security updates
2018-10-18 16:08:04 +01:00
Michael Raitza
290a7d2ee9 nixos/openafs: Add defaultText to avoid evaluating packages 2018-10-18 13:11:52 +02:00
adisbladis
78c0e1aa11
nixos/pulseaudio: Add extraModules config option 2018-10-18 16:27:43 +08:00
Silvan Mosberger
77e90ef365
Merge pull request #45030 from eadwu/nvidia_x11_beta/396.51
nvidia_x11_beta: reinit at 410.57
2018-10-18 09:10:05 +02:00
Edmund Wu
21bb1fa004
nvidia_x11_beta: reinit at 410.57 2018-10-17 19:30:44 -04:00
Maximilian Bosch
13e4110650
Merge pull request #48131 from Ma27/weechat-multiuser-support
nixos/weechat: add setuid wrapper for `screen' to ensure true multiuser capabilities
2018-10-17 23:39:30 +02:00
markuskowa
ab27adc2dd
Merge pull request #47154 from ck3d/fix-nixos-lirc-socket
nixos lircd: fix deletion of lircd socket
2018-10-17 21:52:48 +02:00
Jörg Thalheim
f6ded23889
Merge pull request #48460 from Mic92/postfix-setuid
postfix: add setgid wrapper for postqueue/postdrop
2018-10-17 14:48:43 +01:00
Jean-Paul Calderone
4a71e2942c nixos/tor: better support non-anonymous services
Tor requires ``SOCKSPort 0`` when non-anonymous hidden services are
enabled.  If the configuration doesn't enable Tor client features,
generate a configuration file that explicitly includes this disabling
to allow such non-anonymous hidden services to be created (note that
doing so still requires additional configuration).  See #48622.
2018-10-17 08:56:59 -04:00
clefru
725fcdef3f Fix hostapd's place in systemd dependency tree. (#45464)
* nat/bind/dhcp.service:
  Remove. Those services have nothing to do with a link-level service.

* sys-subsystem-net-devices-${if}.device:
  Add as BindsTo dependency as this will make hostapd stop when the
  device is unplugged.

* network-link-${if}.service:
  Add hostapd as dependency for this service via requiredBy clause,
  so that the network link is only considered to be established
  only after hostapd has started.

* network.target:
  Remove this from wantedBy clause as this is already implied from
  dependencies stacked above hostapd. And if it's not implied than
  starting hostapd is not required for this particular network
  configuration.
2018-10-17 09:18:52 +02:00
Silvan Mosberger
e443bbf6fd
Merge pull request #45470 from Infinisil/znc-config
nixos/znc: More flexible module, cleanups
2018-10-17 03:01:30 +02:00
Silvan Mosberger
8319ec35b2
Merge pull request #47975 from aneeshusa/make-container-journals-available-from-host
containers: Make systemd journals available from the host
2018-10-17 02:56:05 +02:00
Eelco Dolstra
b6bac6c144
Revert "Merge pull request #48122 from zimbatm/pkg-nixos-rebuild"
This reverts commit 10addad603, reversing
changes made to 7786575c6c.

NixOS scripts should be kept in the NixOS source tree, not in
pkgs. Moving them around is just confusing and creates unnecessary
code/history churn.
2018-10-16 20:25:44 +02:00
Andrew Dunham
c3e004799c Hide useless errors when waiting for zpool to be ready 2018-10-16 02:45:25 -07:00
zimbatm
1875344542
nixos-*: init as package
Move all the nixos-* scripts from the nixos distribution as real
packages in the pkgs/ package set.

This allows non-nixos users to run the script as well. For example,
deploying a remote machine with:

    nixos-rebuild --target-host root@hostname --build-host root@hostname
2018-10-16 11:12:36 +02:00
zimbatm
b7a07313cc
move the codeName to /.codeName
Make the codeName globally accessible in the repo. The release is not
only for NixOS anymore.
2018-10-16 11:11:28 +02:00
Joachim F
205aff5a65
Merge pull request #48439 from joachifm/hardened-misc
nixos/security/misc: init
2018-10-15 21:25:42 +00:00
Joachim Fasting
f4ea22e5de
nixos/security/misc: init
A module for security options that are too small to warrant their own module.

The impetus for adding this module is to make it more convenient to override
the behavior of the hardened profile wrt user namespaces.
Without a dedicated option for user namespaces, the user needs to
1) know which sysctl knob controls userns
2) know how large a value the sysctl knob needs to allow e.g.,
   Nix sandbox builds to work

In the future, other mitigations currently enabled by the hardened profile may
be promoted to options in this module.
2018-10-15 23:11:37 +02:00
Eelco Dolstra
0bdd0d8e04
amazon-image.nix: Disable udisks
This reduces the system closure by 89 MiB.
2018-10-15 21:54:28 +02:00
Eelco Dolstra
47dfe25e1b
ec2-amis.nix: Add 18.09 images 2018-10-15 21:43:16 +02:00
Graham Christensen
94c6f1ba0e
Merge pull request #48463 from Ekleog/release-notes-license
release-notes/18-09: add licenses marked as unfree
2018-10-15 10:33:31 -04:00
Léo Gaspard
861b70f483
nixos manual: automatic reflow 2018-10-15 23:10:55 +09:00
Léo Gaspard
2a2c99673b
release-notes/18-09: add licenses marked as unfree 2018-10-15 23:10:54 +09:00
Jörg Thalheim
91ddc9d27f
postfix: add setgid wrapper for postqueue/postdrop
Both postqueue[1] and postdrop[2] implement a subset of administration
task that are supposed to be run unprivileged users
and require the setgid bit to full-fill this task.

[1] http://www.postfix.org/postqueue.1.html
[2] http://www.postfix.org/postdrop.1.html
2018-10-15 13:14:41 +01:00
Joachim F
a179d44bd1
Merge pull request #47538 from xaverdh/kmscon-autologin
nixos/kmscon: Add autologin option
2018-10-15 11:25:19 +00:00
Pierre Bourdon
01d1f77681 tests/prometheus-exporters: add new Tor exporter
This new exporter was added in #48307.
2018-10-14 20:12:07 -05:00
Joachim Fasting
cb845123d4
nixos/hardened: add myself to maintainers 2018-10-15 01:33:33 +02:00
Joachim Fasting
e619998eb3
nixos/lock-kernel-modules: add myself to maintainers 2018-10-15 01:33:30 +02:00
Aneesh Agrawal
d85317c7b2 nixos/containers: Make systemd journals available from the host
This is set by default if using the upstream systemd-nspawn@ units.
2018-10-14 14:40:08 -07:00
Silvan Mosberger
7e31678043
nixos/znc: Add release note entry for removed options 2018-10-14 20:39:50 +02:00
Silvan Mosberger
81c3ae9492
nixos/znc: add config option
This option represents the ZNC configuration as a Nix value. It will be
converted to a syntactically valid file. This provides:
- Flexibility: Any ZNC option can be used
- Modularity: These values can be set from any NixOS module and will be
merged correctly
- Overridability: Default values can be overridden

Also done:
Remove unused/unneeded options, mkRemovedOptionModule unfortunately doesn't work
inside submodules (yet). The options userName and modulePackages were never used
to begin with
2018-10-14 20:39:42 +02:00
Janne Heß
7748c3da1b nixos/nixos-install: Unset system
The system variable is used from the (possibly polluted) shell
environment.
This causes nixos-install to fail in a nix-shell because the system
shell variable is automatically set to the current system (e.g.
x86_64-linux).
2018-10-14 20:12:08 +02:00
Silvan Mosberger
0ea64098dc
Merge pull request #48006 from NickHu/psd
profile-sync-daemon: add missing path to systemd service
2018-10-14 14:10:03 +02:00
Nick Hu
9cd21807c8 nixos/profile-sync-daemon: add missing path to systemd service 2018-10-14 13:02:33 +01:00
Peter Hoeg
abe0e22e20
Merge pull request #48119 from mrVanDalo/update_syncthing
nixos/modules: services.syncthing add guiAddress parameter
2018-10-14 18:47:51 +08:00
Ingolf Wagner
d2e1dd7fc7
nixos/modules: services.syncthing use types.str instead of types.string
As Infinisil mentioned in https://github.com/NixOS/nixpkgs/pull/48119#discussion_r224974201
2018-10-14 06:46:42 +02:00
Ingolf Wagner
fa6c8ec2a7
nixos/modules: services.syncthing add guiAddress parameter 2018-10-14 00:52:25 +02:00
Silvan Mosberger
d4f2f4c79d
Merge pull request #44441 from mnacamura/shell-aliases
environment.shellAliases: change default behavior
2018-10-13 17:46:11 +02:00
Yegor Timoshenko
6e4d0c4a8a
Merge pull request #47691 from florianjacob/matomo-choose-package
nixos/matomo: introduce services.matomo.package option
2018-10-13 15:27:00 +00:00
Florian Jacob
a1825aecfc
nixos/matomo: introduce services.matomo.package option 2018-10-13 15:25:12 +00:00
Mitsuhiro Nakamura
c941577dcb nixos/shells: enable to nullify already defined aliases 2018-10-14 00:14:49 +09:00
Mitsuhiro Nakamura
3b5449b80c nixos/shells: programs.*sh.shellAliases override environment.shellAliases 2018-10-14 00:14:09 +09:00
Mitsuhiro Nakamura
e4e160cc39 nixos/shells: do not override user-defined shell aliases 2018-10-14 00:13:13 +09:00
Yegor Timoshenko
605eb4098f
Merge pull request #47696 from Ma27/dont-run-thefuck-on-bash
nixos/thefuck: don't run thefuck on `environment.shellInit'
2018-10-13 15:12:50 +00:00
Alexey Shmalko
df2696c430
Merge pull request #48307 from delroth/prom-tor
prometheus-tor-exporter: init at 0.3
2018-10-13 17:59:23 +03:00
Silvan Mosberger
4eee2cd0e0
nixos/znc: move to own folder
Move legacy options to separate file
2018-10-13 15:04:53 +02:00
Jörg Thalheim
b899df4f3f
Merge pull request #48292 from jslight90/gitlab
nixos/gitlab: add custom hooks directory for gitlab-shell
2018-10-13 10:55:42 +01:00
Pierre Bourdon
86d644f8cc prometheus-tor-exporter: init at 0.3
Upstream: https://github.com/atx/prometheus-tor_exporter
2018-10-13 10:10:29 +02:00
volth
0d44d639f6 nixos/qemu-guest-agent: pkgs.{kvm -> qemu} (#48293)
there is no top-level pkgs.kvm
2018-10-13 00:41:46 +02:00
Jörg Thalheim
6a5e62e5e6
Merge pull request #48248 from volth/environment.extraSetup
use buildPackages in environment.extraSetup
2018-10-12 22:35:11 +01:00
Jörg Thalheim
156d2fbf5d
Merge pull request #48272 from avnik/fix/rmilter
nixos/rmilter: don't enable by default, if rspamd enabled
2018-10-12 22:34:08 +01:00
Jeff Slight
7bafe25553 add custom hooks directory to gitlab-shell
Add custom_hooks_dir to gitlab-shell yml config file.
2018-10-12 09:33:37 -07:00
Alexander V. Nikolaev
b61dd2bcb7 nixos/rmilter: don't enable by default, if rspamd enabled 2018-10-12 17:39:06 +03:00
Jan Tojnar
a112f16a75
Merge pull request #42562 from ambrop72/gdk-pixbuf-fix
Use a NixOS module for generating the gdk-pixbuf loaders cache.
2018-10-12 15:52:06 +02:00
Jörg Thalheim
6bd73e860b
Merge pull request #48245 from volth/patch-258
bootStage1: fix cross build
2018-10-12 14:42:43 +01:00
Silvan Mosberger
c26d6001ed
Merge pull request #45890 from lopsided98/buildbot-python3
buildbot: Python 3 support and other improvements
2018-10-12 14:06:41 +02:00
volth
b3dff39105
bootStage1: fix cross build (@matthewbauer's solution) 2018-10-12 09:24:00 +00:00
Ben Wolsieffer
73c523a605 buildbot: add Python 3 support 2018-10-11 21:39:11 -04:00
volth
dbb445736f use buildPackages in environment.extraSetup 2018-10-12 01:16:50 +00:00
volth
9dd5dc57a7
bootStage1: fix cross build 2018-10-12 00:45:59 +00:00
Franz Pletz
a1802fc115
Merge pull request #48229 from lopsided98/luks-ssh-fix
nixos: initrd/luks: fix detection of devices by UUID
2018-10-11 21:56:41 +00:00
Ben Wolsieffer
76977590fa nixos: initrd/luks: fix detection of devices by UUID 2018-10-11 16:02:41 -04:00
Ben Wolsieffer
264cb7407c nixos: initrd/luks: make script indentation consistent 2018-10-11 15:53:53 -04:00
Silvan Mosberger
c81ca5491f
Merge pull request #46041 from nh2/issue-46038-nix-daemon-ssh-path
nix-daemon service: Ensure `ssh` is on PATH. Fixes #46038.
2018-10-11 21:51:37 +02:00
Silvan Mosberger
c881a04a5d
Merge pull request #47902 from pvgoran/correct-mkEnableOption-uses
nixos: correct improper uses of mkEnableOption, clarify service descr…
2018-10-11 21:31:32 +02:00
Silvan Mosberger
a232e5f13c
Merge pull request #48026 from mnacamura/fish-escapeshellarg
nixos/fish: use 'escapeShellArg' for shell aliases
2018-10-11 21:14:39 +02:00
Michael Raskin
a29603344a
Merge pull request #48189 from aanderse/redmine
redmine: refactor, cleanup, bug fix, and add functionality
2018-10-11 15:32:43 +00:00
Victor SENE
2dcd512e74 nixos/nextcloud: add poolConfig option (#48094) 2018-10-11 14:13:23 +00:00
Franz Pletz
0aabc77a03
Merge pull request #48055 from WilliButz/add-exporter-tests
nixos/tests: add test for prometheus exporters
2018-10-11 13:58:14 +00:00
xeji
e7f67f97f2
Merge pull request #47252 from xeji/p/fix-47210
nixos/network-interfaces-scripted: fix a container networking bug
2018-10-11 14:55:33 +02:00
Aaron Andersen
9ea9d86126 switched from builtins.fetchurl to pkgs.fetchurl 2018-10-11 08:32:00 -04:00
Aaron Andersen
975f476cd2 quoting stateDir path in case it includes spaces 2018-10-11 08:04:47 -04:00
obadz
6fca3c5700 cups-googlecloudprint: init at 20160502 2018-10-11 09:19:58 +01:00
Aaron Andersen
72635ba359 added test to nixos/release.nix so it will be run on hydra 2018-10-10 21:16:42 -04:00
Aaron Andersen
1cb5b509f1 redmine: refactor, cleanup, bug fix, and add functionality
- added package option to specify which version of redmine
- added themes option back in to allow specifying redmine themes
- added plugins option back in to allow specifying redmine plugins
- added database.socket option to allow mysql unix socket authentication
- added port option to allow specifying the port rails runs on

- cleaned up Gemfile so it is much less hacky
- switched to ruby version 2.4 by default as suggested by documentation http://www.redmine.org/projects/redmine/wiki/redmineinstall#Installing-Redmine
- fixed an annoyance (bug) in the service causing recursive symlinks
- fixed ownership bug on log files generated by redmine
- updates reflecting renames in nixos options

- added a nixos test
2018-10-10 21:04:08 -04:00
xeji
af6e2464bb
nixos/display-managers/startx: init (#47773)
Dummy display manager that allows running X as a normal user.
The X server is started manually from a vt using `startx`.
Session startup commands must be provided by the user
in ~/.xinitrc, which is NOT automatically generated.
2018-10-10 23:07:44 +02:00
WilliButz
cf47423650 nixos/tests: fix non-determinism for good 2018-10-10 14:57:43 +02:00
Peter Hoeg
98649aea0f
Merge pull request #48098 from peterhoeg/f/opti
nix-optimise: do not run in container
2018-10-10 20:57:10 +08:00
Renaud
d3b79965df
Revert "Increase Virtualbox disk image size" (#48151) 2018-10-10 12:53:48 +02:00
Maximilian Bosch
018573b757
nixos/weechat: add setuid wrapper for `screen' to ensure true multiuser capabilities
Previously you either had to set the setuid bit yourself or workaround
`isSystemUser = true` (for a loginable shell) to access the weechat
screen.

`programs.screen` shouldn't do this by default to avoid taking too much
assumptions about the setup, however `services.weechat` explicitly
requires tihs.

See #45728
2018-10-10 11:11:34 +02:00
Samuel Dionne-Riel
c3c4a9249d
Merge pull request #48025 from samueldr/fix/actually-fix-partitioning-instructions
nixos/doc: Actually fix partitioning instructions.
2018-10-09 23:00:46 -04:00
Jörg Thalheim
af7c57232b
Merge pull request #48080 from Lassulus/gnome-gdm
nixos/gnome3: don't autoenable gdm
2018-10-09 23:22:41 +01:00
Vincent Ambo
5ead27394d journaldriver: 1.0.0 -> 1.1.0 (#48106)
Included changes:

* upstream repository has moved, URLs changed accordingly
* journaldriver bumped to new upstream release

The new release includes an important workaround for an issue that
could cause log-forwarding to fail after service restarts due to
invalid journal cursors being persisted.
2018-10-09 23:45:43 +02:00
Joachim F
5fc62fa49c
Merge pull request #48043 from Vskilet/emby
nixos/emby : use the dataDir option
2018-10-09 08:54:07 +00:00
lassulus
5a752ad879 nixos/gnome3: don't autoenable gdm
This seems to cause problems if people have other display-managers
enabled
2018-10-08 23:05:18 +02:00
Samuel Dionne-Riel
7fb45271b2
Merge pull request #47917 from arianvp/fix-imperative-containers
Fix imperative containers
2018-10-08 16:55:38 -04:00
Timo Kaufmann
a88dad2684
Merge pull request #48039 from lheckemann/murmur-mention-mumble
murmur: mention mumble in description
2018-10-08 21:46:38 +02:00
Matthew Bauer
dd6f6951cf
Merge pull request #45109 from jfrankenau/module-triggerhappy
nixos/triggerhappy: add module for triggerhappy hotkey daemon
2018-10-08 14:42:59 -05:00
Matthew Bauer
7432fde1ad
Merge pull request #44920 from eadwu/init/lightdm-enso-os-greeter
lightdm-enso-os-greeter: init at 0.2.1
2018-10-08 13:54:31 -05:00
Matthew Bauer
52ed0526fe
Merge pull request #45978 from fgaz/patch-1
nixos docs: system restart to apply containers nat
2018-10-08 13:48:14 -05:00
Samuel Dionne-Riel
467bec34bb nixos/doc: Actually fix partitioning instructions.
The previous tentative to the fix got the order mixed up a bit. This
new fix has been re-verified to get them in the good order as per the
instructions in the following chapters.
2018-10-08 12:35:04 -04:00
WilliButz
0febc64ed1
nixos/tests: add test for prometheus exporters 2018-10-08 17:21:49 +02:00
WilliButz
fbb7e0c82f
nixos/prometheus-exporters: fix unapplied service config
Prior to this commit, the default values for `Restart`, `PrivateTmp` and
`WorkingDirectory` were falsely ignored.

I also added myself as maintainer.
2018-10-08 17:21:49 +02:00
WilliButz
24320f4a9e
nixos/prometheus-varnish-exporter: avoid crash on restart 2018-10-08 17:21:48 +02:00
Victor SENE
7d43e2a861 nixos/emby : use the dataDir option 2018-10-08 14:49:09 +02:00
Linus Heckemann
68a2fceed5 nixos/murmur: mention mumble in description
This makes the option easier to find with the options search or in the
manpage.
2018-10-08 13:33:36 +02:00
Arian van Putten
0668906e84 nixos/containers: Add regression test for #40355 2018-10-08 10:55:42 +02:00
Mitsuhiro Nakamura
fb0b3ac721 nixos/fish: use 'escapeShellArg' for shell aliases 2018-10-08 09:28:53 +09:00
lassulus
99c8dc4a11 charybdis service: bin/charybdis-ircd -> bin/charybdis 2018-10-07 13:10:50 +02:00
Andrew Childs
c477d6658c nixos/prometheus-snmp-exporter: fix command line argument format 2018-10-07 11:35:55 +09:00