Commit graph

1625 commits

Author SHA1 Message Date
Maximilian Bosch
27121521b8
nixos/release-notes: mention that mongodb is unfree now 2020-03-28 21:03:15 +01:00
Yegor Timoshenko
5626cb9486
Merge pull request #82603 from emilazy/nixos-initrd-openssh
nixos/initrd-ssh: switch from Dropbear to OpenSSH
2020-03-28 09:22:02 +01:00
Maximilian Bosch
b65ff5d455
nixos/release-notes: mention mongodb update 2020-03-26 14:04:42 +01:00
Maximilian Bosch
89bcf4b7e2
Merge pull request #82353 from Ma27/nextcloud-upgrade-path
nixos/nextcloud: fix upgrade path from 19.09 to 20.03
2020-03-26 11:00:23 +01:00
Maximilian Bosch
702f645aa8
nixos/nextcloud: implement a safe upgrade-path between 19.09 and 20.03
It's impossible to move two major-versions forward when upgrading
Nextcloud. This is an issue when comming from 19.09 (using Nextcloud 16)
and trying to upgrade to 20.03 (using Nextcloud 18 by default).

This patch implements the measurements discussed in #82056 and #82353 to
improve the update process and to circumvent similar issues in the
future:

* `pkgs.nextcloud` has been removed in favor of versioned attributes
  (currently `pkgs.nextcloud17` and `pkgs.nextcloud18`). With that
  approach we can safely backport major-releases in the future to
  simplify those upgrade-paths and we can select one of the
  major-releases as default depending on the configuration (helpful to
  decide whether e.g. `pkgs.nextcloud17` or `pkgs.nextcloud18` should be
  used on 20.03 and `master` atm).

* If `system.stateVersion` is older than `20.03`, `nextcloud17` will be
  used (which is one major-release behind v16 from 19.09). When using a
  package older than the latest major-release available (currently v18),
  the evaluation will cause a warning which describes the issue and
  suggests next steps.

  To make those package-selections easier, a new option to define the
  package to be used for the service (namely
  `services.nextcloud.package`) was introduced.

* If `pkgs.nextcloud` exists (e.g. due to an overlay which was used to
  provide more recent Nextcloud versions on older NixOS-releases), an
  evaluation error will be thrown by default: this is to make sure that
  `services.nextcloud.package` doesn't use an older version by accident
  after checking the state-version. If `pkgs.nextcloud` is added
  manually, it needs to be declared explicitly in
  `services.nextcloud.package`.

* The `nixos/nextcloud`-documentation contains a
  "Maintainer information"-chapter  which describes how to roll out new
  Nextcloud releases and how to deal with old (and probably unsafe)
  versions.

Closes #82056
2020-03-25 22:07:29 +01:00
Emily
d930466b77 nixos/initrd-ssh: switch from Dropbear to OpenSSH
Dropbear lags behind OpenSSH significantly in both support for modern
key formats like `ssh-ed25519`, let alone the recently-introduced
U2F/FIDO2-based `sk-ssh-ed25519@openssh.com` (as I found when I switched
my `authorizedKeys` over to it and promptly locked myself out of my
server's initrd SSH, breaking reboots), as well as security features
like multiprocess isolation. Using the same SSH daemon for stage-1 and
the main system ensures key formats will always remain compatible, as
well as more conveniently allowing the sharing of configuration and
host keys.

The main reason to use Dropbear over OpenSSH would be initrd space
concerns, but NixOS initrds are already large (17 MiB currently on my
server), and the size difference between the two isn't huge (the test's
initrd goes from 9.7 MiB to 12 MiB with this change). If the size is
still a problem, then it would be easy to shrink sshd down to a few
hundred kilobytes by using an initrd-specific build that uses musl and
disables things like Kerberos support.

This passes the test and works on my server, but more rigorous testing
and review from people who use initrd SSH would be appreciated!
2020-03-25 08:26:50 +00:00
Eelco Dolstra
aebf9a4709
services/misc/nixos-manual.nix: Remove
Running the manual on a TTY is useless in the graphical ISOs and not
particularly useful in non-graphical ISOs (since you can also run
'nixos-help').

Fixes #83157.
2020-03-24 15:25:20 +01:00
Tor Hedin Brønner
038a8890a7
rl-2009: note gnome desktop upgrade 2020-03-24 07:11:17 +01:00
Aaron Andersen
6f0c1cdbd9 nixos/duosec: rename ikey option to integrationKey 2020-03-22 20:25:11 -04:00
Aaron Andersen
b9dca769f1 nixos/duosec: replace insecure skey option with secure secretKeyFile option 2020-03-22 20:23:55 -04:00
Florian Klink
d96bd3394b nixos/manual: fix build 2020-03-19 15:32:34 +01:00
Florian Klink
355c58e485 nixos/networkd: respect systemd.network.links also with disabled systemd-networkd
This mirrors the behaviour of systemd - It's udev that parses `.link`
files, not `systemd-networkd`.

This was originally applied in 36ef112a47,
but was reverted due to 1115959a8d causing
evaluation errors on hydra.
2020-03-19 14:15:32 +01:00
Niklas Hambüchen
0908ec4952
Merge pull request #82665 from bhipple/doc/upower
doc: update 20.03 release notes regarding upower
2020-03-18 02:44:18 +01:00
goibhniu
5241e5a193
Merge pull request #79851 from mmilata/supybot-enhancements
nixos/supybot: switch to python3, enable systemd sandboxing, add option for installing plugins
2020-03-17 19:07:41 +00:00
davidak
dc434b0704 Doc: Fix typo 2020-03-17 13:26:55 +01:00
Benjamin Hipple
90c3fa478b doc: update 20.03 release notes regarding upower
UPower works just fine in 20.03, but only if the service is enabled.

Resolves #82529; see issue for details.
2020-03-16 20:08:35 -04:00
Maximilian Bosch
849e16888f
nixos/doc/matrix-synapse: refactor
* Linkify all service options used in the code-examples.
* Demonstrated the use of `riot-web.override {}`.
* Moved the example how to configure a postgresql-database for
  `matrix-synapse` to this document from the 20.03 release-notes.
2020-03-16 10:39:42 +01:00
Maximilian Bosch
8be61f7a36
matrix-synapse: 1.9.1 -> 1.11.1
https://github.com/matrix-org/synapse/releases/tag/v1.10.0
https://github.com/matrix-org/synapse/releases/tag/v1.10.1
https://github.com/matrix-org/synapse/releases/tag/v1.11.0
https://github.com/matrix-org/synapse/releases/tag/v1.11.1
2020-03-15 17:09:51 +01:00
Léo Gaspard
7566b4f924
Merge pull request #82614 from Ekleog/xfce4-remove-alias
xfce4-12: remove alias
2020-03-15 12:00:20 +01:00
Florian Klink
74f451b851
Merge pull request #82413 from aanderse/authorized-keys-command
nixos/sshd: add authorizedKeysCommand and authorizedKeysCommandUser options
2020-03-14 23:58:47 +01:00
Léo Gaspard
175f9ef4f8 xfce4-12: remove alias 2020-03-14 22:05:50 +01:00
Vladimír Čunát
0729b8c55e
Revert Merge #82310: nixos/systemd: apply .link
...even when networkd is disabled

This reverts commit ce78f3ac70, reversing
changes made to dc34da0755.

I'm sorry; Hydra has been unable to evaluate, always returning
> error: unexpected EOF reading a line
and I've been unable to reproduce the problem locally.  Bisecting
pointed to this merge, but I still can't see what exactly was wrong.
2020-03-13 22:05:33 +01:00
Maximilian Bosch
7e978ca324
nixos/manual: fix build 2020-03-13 02:04:26 +01:00
Aaron Andersen
dbe59eca84 nixos/sshd: add authorizedKeysCommand and authorizedKeysCommandUser options 2020-03-12 21:00:12 -04:00
Florian Klink
ce78f3ac70
Merge pull request #82310 from flokli/systemd-network-link-no-networkd
nixos/systemd: apply .link even when networkd is disabled
2020-03-12 15:47:59 -07:00
Elis Hirwing
a04010b64a
php: 7.3.15 -> 7.4.3 2020-03-11 20:20:22 +01:00
Florian Klink
36ef112a47 nixos/networkd: respect systemd.network.links also with disabled systemd-networkd
This mirrors the behaviour of systemd - It's udev that parses `.link`
files, not `systemd-networkd`.
2020-03-11 10:21:37 +01:00
Martin Milata
57f5fb62d4 nixos/supybot: enable systemd sandboxing options 2020-03-09 23:32:54 +01:00
Vladimír Čunát
1cf4fea33f
nixos/release-notes: fix a tiny typo 2020-03-05 14:03:27 +01:00
Maximilian Bosch
f4d71e2e73
nixos/release-notes: mention fix for predictable network-interfaces in initrd 2020-03-02 17:57:05 +01:00
Michele Guerini Rocco
d54f028941
Merge pull request #81473 from pacien/riot-no-phoning-home-release-notes-20-03
riot-web: mention incompatible config change in release notes
2020-03-02 03:13:39 +01:00
pacien
6d4fd13612 riot-web: mention incompatible config change in release notes
Mention the changes introduced in commit c9e5cca.

GitHub: closes #81416
2020-03-02 00:44:51 +01:00
worldofpeace
b7b46d0184 doc/xfce: remove trailing code 2020-03-01 13:44:15 -05:00
Suwon Park
7948e6785b
nixos/manual: add environment.systemPackages option in an example
The environment.systemPackages option lacks in the example which is used in the next paragraph to explain merging of the options defined by multiple modules.
2020-02-29 12:11:42 +01:00
Maximilian Bosch
e661d071f5
Merge pull request #80666 from netixx/grafana-phantomhs2-optional
grafana: made phantomjs2 optional
2020-02-25 22:49:51 +01:00
Maximilian Bosch
7458509972
nixos/manual: fix dates for support-plan of 20.09 2020-02-25 20:52:23 +01:00
Netix (Espinet François)
9f0014b6f2
grafana: made phantomjs2 optional
On servers especially, phantomjs2 pulls graphical dependencies which is unecessary.
This pathes enable the package to be linked/installed without
phantomjs2. Phantomjs2 is disabled by default since it has been deprecated in grafana https://grafana.com/docs/grafana/latest/guides/whats-new-in-v6-4/
2020-02-25 20:36:47 +01:00
worldofpeace
2442f99d40
Revert "Theming options for Gtk and Qt" 2020-02-22 20:42:27 -05:00
Graham Christensen
75f604eb2c
nixos release process: use rev-list --count like Hydra does. 2020-02-22 09:28:03 -05:00
Michele Guerini Rocco
802a528d38
Merge pull request #71079 from gnidorah/theming
Theming options for Gtk and Qt
2020-02-21 18:52:52 +01:00
gnidorah
ffdc7dc3be nixos/doc: mention qt and gtk modules 2020-02-21 18:57:56 +03:00
Maximilian Bosch
c391343fcd
nixos/nixos-build-vms: switch to python test-driver
In 0945178b3c we decided that Perl-based
VM tests should be deprecated and will be removed between 20.03 and
20.09. So let's switch `nixos-build-vms(8)` to python as well (which is
entirely interactive, so other scripts won't break).

In my experience, the test-driver isn't used most of the time, so this
patch is mainly supposed to get rid of the (probably misleading)
deprecation warning when running `nixos-build-vms`. Apart from that, the
interface for python's test-driver is way nicer.
2020-02-15 19:35:17 +01:00
worldofpeace
be01f27adc rl-2009: typo 2020-02-10 14:23:00 -05:00
worldofpeace
2ba2b0cf23 20.09 is Nightingale 2020-02-10 14:14:18 -05:00
Eelco Dolstra
0e6ceb8758
Merge pull request #68897 from edolstra/master
Flake support
2020-02-10 16:44:54 +01:00
Silvan Mosberger
e3c5d299dc
Merge pull request #78373 from serokell/yorickvp/buildkites
nixos/buildkite-agents: support multiple buildkite agents
2020-02-10 14:39:40 +01:00
Yorick van Pelt
e242eccb0b
nixos/buildkite-agents: update release notes 2020-02-10 13:36:30 +01:00
aszlig
8754986076
nixos: Fix build of manual
XML error introduced with merge commit 4e0fea3fe2.

This was probably because of wrong conflict resolution, because the
actual change (d8e697b4fc) had the close
tag of the <para/> element, but the merge commit didn't.

Signed-off-by: aszlig <aszlig@nix.build>
2020-02-10 13:33:52 +01:00
Florian Klink
4e0fea3fe2 Merge pull request #77578 from m1cr0man/master
Replace simp-le with lego and support DNS-01 challenge
2020-02-10 11:47:30 +01:00
Maximilian Bosch
dd6a291e9f
gcc-snapshot: remove
Package is marked as broken for >2 years and used a fairly old
snapshot from the gcc7-branch, so I fairly doubt that this is
somewhere used (and is also pretty misleading as you don't expect a
random snapshot from gcc7 at `pkgs.gcc-snapshot`).
2020-02-09 22:46:29 +01:00
Lucas Savva
75fa8027eb
nixos/acme: Update release note, remove redundant requires
Merge remote-tracking branch 'remotes/upstream/master'
2020-02-09 16:31:07 +00:00
Lucas Savva
d8e697b4fc
nixos/acme: update release notes for 20.03 2020-02-09 15:59:03 +00:00
Daniel Frank
73220589e0
doc: Add documentation for the new option to the Automatic Upgrades section 2020-02-08 11:44:59 +01:00
Eelco Dolstra
fb051f0dec nixos-{rebuild,container}: Use flakeref#attrpath syntax
This makes them consistent with the 'nix' command line.
2020-02-05 23:15:18 +01:00
Eelco Dolstra
cfd468adbb nixos-rebuild: Use /etc/nixos/flake.nix if it exists 2020-02-05 23:15:18 +01:00
Eelco Dolstra
7e9b745174 nixos-version: Add --json flag and show system.configurationRevision 2020-02-05 23:15:18 +01:00
Eelco Dolstra
22cc7ab78c nixos-rebuild: Add --flake option 2020-02-05 23:15:18 +01:00
Symphorien Gibol
4600fe67c5 nixos/roundcube: add release notes for #77532 2020-02-05 12:00:00 +00:00
Maximilian Bosch
294f667121
sqldeveloper: {17.4.1.054.0712,18.2.0.183.1748} -> 19.4.0.354.1759
There are no new releases of sqldeveloper v17/v18 and I don't think that
we should keep obviously unmaintained software that interacts with
database systems.

I removed `sqldeveloper_18` and `pkgs.sqldeveloper` now points to
version 19.4. Unfortunately I had to drop darwin support as JavaFX is
required for 19.4 which is part of the `oraclejdk` which isn't packaged
for darwin yet.

For further information please refer to the release notes:

https://www.oracle.com/technetwork/developer-tools/sql-developer/downloads/sqldev-relnotes-194-5908846.html
2020-02-04 13:51:52 +01:00
Marek Mahut
2abe12a39a manual.release-notes: qesteidutil is deprecated 2020-02-03 11:22:19 +01:00
worldofpeace
915060d03f rl-2003: dnscrypt-proxy2 2020-02-02 11:11:27 -05:00
Maximilian Bosch
0c960262d1
oraclejdk8: document removals in the release notes 2020-02-02 12:11:50 +01:00
worldofpeace
9cb395a4e7
Merge pull request #78838 from worldofpeace/nm-doc-update
nixos/doc/network-manager: updates
2020-02-01 18:08:48 -05:00
worldofpeace
cbce59a9cc nixos/doc/network-manager: updates
Fixes #71161
2020-02-01 18:07:10 -05:00
worldofpeace
22c56b847e
Merge pull request #79054 from worldofpeace/geary-module-note
rl-2003: add note about Geary module
2020-02-01 18:05:40 -05:00
worldofpeace
4200386fb6 rl-2003: add note about Geary module 2020-02-01 18:01:25 -05:00
Franz Pletz
e8b8e8c615
rspamd: 1.9.4 -> 2.2 2020-02-01 14:20:51 +01:00
Linus Heckemann
3af5a40fe2
Merge pull request #78843 from rnhmjoj/ipv6-privacy
nixos/networking-interfaces: change preferTempAddress to allow disabling temp addresses
2020-02-01 12:04:58 +01:00
rnhmjoj
0c19bfb8ac
nixos/docs: document preferTempAddress -> tempAddress change 2020-02-01 11:38:40 +01:00
Maximilian Bosch
7f49fa63ca
Merge pull request #75439 from Ma27/submodule-fixes-for-nixos-option
nixos/nixos-option: fix evaluator to render a full submodule entry
2020-02-01 10:00:59 +01:00
worldofpeace
8a8f03e40e
Merge pull request #78839 from worldofpeace/update-xfce-docs
Update xfce docs
2020-02-01 03:26:29 -05:00
worldofpeace
51b95565a6
Merge pull request #78713 from vcunat/p/linux_5_4-default
linuxPackages: 4.19 -> 5.4
2020-01-31 14:32:10 -05:00
Vladimír Čunát
bba954f34e
nixos release notes: document linuxPackages update 2020-01-31 15:58:46 +01:00
Maximilian Bosch
f73d725967 llvm_{3,4}: re-add attributes with an error message about their removal
With this change, expressions relying on those old LLVM versions will
fail with a meaningful error message.
2020-01-30 18:39:42 -05:00
Alyssa Ross
6ea79d2707 nixos/doc: add Mailman release notes for 20.03 2020-01-30 23:14:45 +00:00
worldofpeace
1be8ee98f5 rl-2003: fix typo
networkd on your mind 😜
2020-01-30 05:50:03 -05:00
worldofpeace
1687c355e7 nixos/doc/xfce: claiify where xfce packages are 2020-01-30 05:44:02 -05:00
worldofpeace
251f0eb90a nixos/doc/xfce: mention thunar plugins 2020-01-30 05:43:14 -05:00
worldofpeace
c5108e541d nixos/doc/xfce: remove thunar volume mention
This doesn't even make sense.
2020-01-30 05:36:51 -05:00
worldofpeace
dd229f425e nixos/doc/xfce: drop polkit mention
We install a polkit agent automatically no
2020-01-30 05:36:14 -05:00
worldofpeace
c95612a5a2 nixos/display-managers/auto: remove
This module allows root autoLogin, so we would break that for users, but
they shouldn't be using it anyways. This gives the impression like auto
is some special display manager, when it's just lightdm and special pam
rules to allow root autoLogin. It was created for NixOS's testing
so I believe this is where it belongs.
2020-01-29 19:05:46 -05:00
Maximilian Bosch
dd583e7f12
nixos/release-notes: document gcc5 removal 2020-01-28 20:23:53 +01:00
Maximilian Bosch
69d127cc81
citrix_workspace_19_3_0: mark as unsupported
Will be unsupported within the lifespan of 20.03. Also there aren't any
known issues that require this version as workaround, so a removal
should be fairly safe.
2020-01-28 11:40:20 +01:00
Danylo Hlynskyi
31601a3844 nixos/doc: add a section mentioning GitHub team for nixos release managers (#78625)
* nixos/doc: add a section mentioning GitHub team for nixos release managers

This team should be kept up-to-date with each release.

Previously this info had to be grepped from appropriate Discourse thread.

Co-authored-by: worldofpeace <worldofpeace@protonmail.ch>
2020-01-27 15:31:22 -05:00
Marek Mahut
61dbbe4121
Merge pull request #77826 from mmahut/fido2luks
FIDO2 luks support
2020-01-27 08:27:30 +01:00
Silvan Mosberger
a149202c5a
nixos/docs: Fix nixos-install --system command (#77719)
nixos/docs: Fix nixos-install --system command
2020-01-23 03:39:38 +01:00
Marek Mahut
a5798cf78e rl-2003.xml: adding note about FIDO2 luks 2020-01-22 08:38:16 +01:00
Marek Mahut
b02d479323 doc: FIDO2 luks file system 2020-01-22 08:38:16 +01:00
Florian Klink
eba10dcbcb
Merge pull request #77950 from flokli/buildkite-3
nixos/buildkite-agent: move to v3
2020-01-19 14:23:49 +01:00
Jan Tojnar
0a65c2b7e9
Merge pull request #77960 from jtojnar/declarative-check-modules
nixos/doc: suggest checking options for declarative package mgmt
2020-01-19 02:57:36 +01:00
worldofpeace
ffcfb80781
Merge pull request #77690 from gnidorah/way-cooler
way-cooler: Remove
2020-01-18 14:50:41 -05:00
Matthias Beyer
29bb16a9cd way-cooler: Remove
As of 2020-01-09, way-cooler is officially dead:

    http://way-cooler.org/blog/2020/01/09/way-cooler-post-mortem.html

hence, remove the package and the module.

Signed-off-by: Matthias Beyer <mail@beyermatthias.de>

docs/release-notes: remove way-cooler

way-cooler: show warnings about removal

Apply suggestions from code review

Co-Authored-By: worldofpeace <worldofpeace@protonmail.ch>

way-cooler: add suggestion by @Infinisil
2020-01-18 18:25:01 +03:00
Jan Tojnar
6b3c3c817a
nixos/doc: suggest checking options for declarative package mgmt
Some programs might not work without systemd services registered or do not work at full capacity without NixOS module.
2020-01-18 02:17:36 +01:00
Florian Klink
b9182529b4 nixos/buildkite: add release notes 2020-01-17 23:11:26 +01:00
Silvan Mosberger
241e9c10ba
nixos/docs: Fix nixos-install --system command 2020-01-15 05:39:12 +01:00
Susan Potter
16fc4dd77d
nixos/doc+manual: update copyright year range end 2019->2020 2020-01-14 07:01:39 -06:00
Robert Hensing
9884cb3ed0
Merge pull request #76861 from Infinisil/paths-as-submodules
lib/types: Allow paths as submodule values
2020-01-12 14:19:04 +01:00
Silvan Mosberger
b48717d1eb
lib/types: Introduce lazyAttrsOf
The standard attrsOf is strict in its *values*, meaning it's impossible to
access only one attribute value without evaluating all others as well.
lazyAttrsOf is a version that doesn't have that problem, at the expense
of conditional definitions not properly working anymore.
2020-01-10 16:19:55 +01:00
Silvan Mosberger
d5a2922641
nixos/doc: Note that attrsOf is strict in its values 2020-01-10 16:19:54 +01:00
Silvan Mosberger
e9c16ec186
Merge pull request #76857 from Infinisil/recursive-disableModules
Apply `disabledModules` recursively
2020-01-09 18:20:12 +01:00
Silvan Mosberger
a6462a4a8b
nixos/doc: Extend disabledModules docs to indicate recursive disabling 2020-01-09 17:26:08 +01:00
Silvan Mosberger
9d4b59b549
nixos/doc: Add incompatibility note for either submodule path
Co-Authored-By: Robert Hensing <roberth@users.noreply.github.com>
2020-01-09 16:47:53 +01:00
Silvan Mosberger
6525da6321
lib/types: Allow paths as submodule values 2020-01-08 23:54:45 +01:00
rnhmjoj
fa3919de5f
nixos/doc: document the loaOf type deprecation 2020-01-08 00:47:59 +01:00
adisbladis
c4f6aff9dd
nixos/doc: Fix manual build after renaming compton to picom 2020-01-03 13:09:40 +00:00
Gwendolyn Quasebarth
6dca2312ce nixos-install: add documentation for --channel, --no-channel-copy 2020-01-03 11:33:22 +01:00
Silvan Mosberger
c7ade6844f
Revert "lib/types: Allow paths as submodule values"
This reverts commit eec83d41e3.

This broke hydra evaluation because with this commit submodule values
are allowed to be paths, however the certmgr module uses `either
(submodule ...) path` in its type, meaning it already used paths for
something else which would now be interpreted as a submodule.
2020-01-03 05:21:01 +01:00
Silvan Mosberger
cdf79db19d
Module system improvements for NixOS as a submodule (#75031)
Module system improvements for NixOS as a submodule
2020-01-02 20:38:45 +01:00
Silvan Mosberger
eec83d41e3
lib/types: Allow paths as submodule values 2020-01-02 09:59:35 +01:00
Silvan Mosberger
90c82bfee7
nixos/docs: Add docs for types.submoduleWith 2020-01-02 09:59:32 +01:00
Linus Heckemann
b9bf846080
Merge pull request #76189 from Ma27/nixos-install-verbosity-level
nixos/nixos-installer: add flags for verbosity and build logs
2019-12-28 11:50:25 +01:00
Vladimír Čunát
c3d4998e41
Merge #75803: kresd service: unify listen declarations 2019-12-27 15:55:38 +01:00
Aaron Andersen
4d2dd15546
Merge pull request #73113 from aanderse/httpd-vhost
nixos/httpd: support overridable virtual hosts
2019-12-26 08:09:08 -05:00
Dima
2467edf80c nixos/manual: fixing links for awstats release note (#76500)
`linkend` attribute needs to point to an option.
2019-12-25 21:06:18 +02:00
Aaron Andersen
79215f0df1 nixos/httpd: limit serving web content to virtual hosts, convert virtualHosts option type from listOf to attrsOf, add ACME integration 2019-12-24 20:27:48 -05:00
Ben Harper
dade94cdb9 nixos/awstats: refactor module 2019-12-24 12:20:52 -05:00
Maximilian Bosch
1fc248afcc
nixos/nixos-installer: add flags for verbosity and build logs
When installing a fresh NixOS system it occasionally happens that you
encounter issues that are rather hard to track down since
`nixos-install(8)` doesn't provide any debugging flags.

This patch adds `-L` to force `nix build` to display the build-log on
stderr and `-v` to increase the log-level of Nix.
2019-12-22 22:46:58 +01:00
Maximilian Bosch
b72661749b
nixos/python-test-driver: add an option to disable python linter
While it's a good idea to automate the linting of the python code used
for our tests, I think that it can be quite distracting when hacking on
a NixOS test.

I figured that it might be more convenient to add an option as a
shortcut for this to avoid that everyone needs to dig into the test
driver again.
2019-12-22 19:27:43 +01:00
Florian Klink
0a41dae98b
Merge pull request #56255 from Izorkin/nginx-temp1
nginx: do not run anything as root
2019-12-20 23:34:55 +01:00
rnhmjoj
9802bc5b32
docs/release-notes: fix indentation 2019-12-20 00:27:35 +01:00
rnhmjoj
bce1437493
docs/release-notes: document console related changes 2019-12-20 00:27:34 +01:00
Chuck
ed51fd0033 nixos/nixos-option: Convert --all into -r 2019-12-19 15:00:43 +01:00
Maximilian Bosch
4b51d1391e
Merge pull request #75787 from chkno/see-also-man-configuration-dot-nix
nixos/nixos-option: "See also configuration.nix manpage" in nixos-option manpage
2019-12-19 01:38:55 +01:00
Jan Tojnar
6be14ee97b
Merge pull request #53843 from hedning/session-default
nixos/displayManager: introduce defaultSession
2019-12-18 21:16:06 +01:00
Chuck
55eb76a783 nixos/nixos-option: "See also configuration.nix manpage" in nixos-option manpage 2019-12-18 12:03:35 -08:00
Dustin Frisch
f886a14dbd
kresd: Unified listen declarations
Deperecates the interfaces option which was used to generate a host:port
list whereas the port was always hardcoded to 53. This unifies the
listen configuration for plain and TLS sockets and allows to specify a
port without an address for wildcard binds.
2019-12-17 12:44:24 +01:00
Danylo Hlynskyi
d206f2304f
nixos containers: disable NixOS manual in container config. (#75659)
This makes ~2.5x speed up of an empty container instantiate, hence reduces
rebuild time of system with many declarative containers.

Note that this doesn't affect production systems much, becaseu those most
likely already include `minimal.nix` profile.
2019-12-15 18:21:52 +02:00
Izorkin
2a413da57e nixos/nginx: do not run anything as root 2019-12-15 11:21:08 +03:00
Jan Tojnar
8dc5ff7dcf
nixos/displayManager: deprecate separate options for default wm/dm
The upstream session files display managers use have no concept of sessions being composed from
desktop manager and window manager. To be able to set upstream session files as default
session, we need a single option. Having two different ways to set default session would be confusing,
though, so we decided to deprecate the old method.

We also created separate script for each session, just like we already had a separate desktop
file for each one, and started using displayManager.sessionPackages mechanism to make the
session handling more uniform.
2019-12-15 04:16:20 +01:00
Frederik Rietdijk
dfdf1597a7 Merge master into staging-next 2019-12-13 11:43:39 +01:00
Mateusz Piotrowski
b7c217328e Fix a typo 2019-12-10 19:26:27 -08:00
Frederik Rietdijk
f3618342ec Merge staging-next into staging 2019-12-10 19:01:27 +01:00
worldofpeace
efc1c027ad nixos/polkit: remove root from adminIdentities
Fixes https://github.com/NixOS/nixpkgs/issues/75075.

To summarize the report in the aforementioned issue, at a glance,
it's a different default than what upstream polkit has. Apparently
for 8+ years polkit defaults admin identities as members of
the wheel group [0]. This assumption would be appropriate on NixOS, where
every member of group 'wheel' is necessarily privileged.

[0]: 763faf434b
2019-12-09 19:11:09 -05:00
Renaud
f640cf49d1
rdf4store: remove pkg and service modules
(#74214)
2019-12-08 20:33:51 +01:00
Renaud
421e9248c1
doc/rl-2003: fix typo 2019-12-08 18:34:47 +01:00
Frederik Rietdijk
c9a19b5f7e Merge staging-next into staging 2019-12-05 10:19:54 +01:00
worldofpeace
b12aef05a4
Merge pull request #73968 from mat8913/upower-config-master
nixos/upower: Allow customization of UPower.conf
2019-12-05 05:25:00 +00:00
Matthew Harm Bekkema
aecfea098e nixos/upower: Allow customization of UPower.conf
Documentation of options and default values taken from the upstream
UPower.conf. The documentation was modified slightly to make more sense
when displayed on https://nixos.org/nixos/options.html.

A copy of upstream UPower.conf can be found here:
https://cgit.freedesktop.org/upower/tree/etc/UPower.conf?id=28bd86c181e2510ef6a1dc7cfa26f97803698a79
2019-12-04 12:26:30 +11:00
Jan Tojnar
77b605546c
Merge branch 'staging-next' into staging 2019-12-03 16:52:44 +01:00
Eelco Dolstra
946c5fb8f7
Tweag releaase notes 2019-12-03 15:09:55 +01:00
Eelco Dolstra
56588e9eaa
Merge pull request #74850 from davidak/PRETTY_NAME
nixos/version: PRETTY_NAME in /etc/os-release uses the release now
2019-12-03 15:08:52 +01:00
davidak
0ba3761ba8 nixos/version: PRETTY_NAME in /etc/os-release uses the release now instead of full version
to be more suitable for presentation to the user
2019-12-02 20:04:44 +01:00
Arnout Engelen
89ed88f86f Spell out you need to enable wifi explicitly at install time 2019-12-02 17:50:22 +01:00
Daniël de Kok
02553c114d rl-2003: mention the removal of dump1090's internal web server 2019-12-02 14:47:19 +01:00
Dima
c25d4abc21 release-notes: adding pango font loading deprecation 2019-12-02 02:32:05 +01:00
rnhmjoj
1598f3d257
nixos/bluetooth: don't install obex tools by default 2019-11-29 21:08:58 +01:00
Andreas Rammhold
059faab65a
Merge pull request #73803 from andir/buildRustCrate-lib-output
buildRustCrate: add lib output
2019-11-28 15:36:45 +01:00
talyz
86223aade7 rl-2003: Fix typo
Fix a typo introduced in a06529b7ad which prevents the manual from building.
2019-11-26 17:04:59 +01:00
Andreas Rammhold
1b748554d5
buildRustCrate: add lib output
This cuts down the dependency tree on some rust builds where a crate not
just exposes a binary but also a library. `$out/lib` contained a bunch
of extra support files that among other information carry linker flags
(including the full path to link-time dependencies). Worst case this led
to some binary outputs depending on the full build closure of rust
crates.

Moving all the `$out/lib` files to `$lib/lib` solves this nicely.

`lib` might be a bit weird here as they are most of the time just rlib
files (rust libraries). Those are essential only required during
compilation but they can also be shared objects (like with traditional
C-style packages). Which is why I went with `lib` for the new output.

One of the caveats we are running into here is that we do not (always)
know ahead of time of a crate produces just a library or just a binary.
Cargo allows for some ambiguity regarding whether or not a crate
provides one, two, … binaries and libraries as it's outputs. Ideally we
would be able to rely on the `crateType` entirely but so far that isn't
the case. More work on that area might show how difficult that actually
is.
2019-11-26 15:05:01 +01:00
Andreas Rammhold
a06529b7ad
nixos: default environment.homeBinInPath to false
This is a more sane default since we do not magically (without opt-in)
pull in binaries from `~/bin`. That is not really an expected behavior
for many users. Users that still want that behavior can now just flip
that switch.
2019-11-26 12:44:12 +01:00
Florian Klink
02f869ff30 osquery: remove
osquery was marked as broken since April.

If somebody steps up to fix it, we can always revive it from the
histroy, but there's not much value in shipping completely broken things
in current master.

cc @ma27
2019-11-24 22:38:07 +01:00
Florian Klink
c3e17efaab nixos/beegfs: remove module
packages are marked as broken for quite some time.
2019-11-24 17:33:51 +01:00
Jan Tojnar
77661f8cfd
nixos/plasma5: drop enableQt4Support option
Phonon no longer supports Qt4 so this is useless.
2019-11-22 09:01:05 +01:00
Florian Klink
4321a88f44 nixos/phpfpm: enable PrivateTmp=true
This seems to be mostly a pre - #57677 relict. As postgresql sockets now
are not in /tmp anymore, isolate /tmp.
2019-11-21 23:31:19 +01:00
Vladimír Čunát
e32d557967
Merge #45957: nixos manual: releases workflow improvements
Let's merge NOW; I'm not doing the same mistake again.
2019-11-20 13:31:24 +01:00
Vladimír Čunát
be6e0bf5c3
nixos manual: releases workflow nitpicks
Co-Authored-By: asymmetric <lorenzo@mailbox.org>
2019-11-20 13:29:06 +01:00
Robin Gloster
844625708e
nixos/manual: reword installation section
Sounded a bit unprofessional and pessimistic. Was actually called out on
twitter.
2019-11-20 10:30:49 +01:00
Frederik Rietdijk
65edeb8633 Merge master into staging-next 2019-11-20 10:01:49 +01:00
worldofpeace
0c56d05643 rl-2003: add release note about one Xfce package-set 2019-11-19 18:47:03 -05:00
Frederik Rietdijk
f6b39f852e Merge master into staging-next 2019-11-19 10:53:44 +01:00
Franz Pletz
622e12330b
nixos/manual: fix xml syntax error 2019-11-18 02:26:17 +01:00
Thomas Depierre
8de4654d4b beam-modules/hex-snapshot: remove
The package set is not maintained. It is also not used by most of the
BEAM community. Removing it to allow a more useful set of tools fit to
the BEAM community in Nixpkgs.
2019-11-17 13:45:57 +01:00
Tom F
a21cb75242 nixos/manual: fix IDs on docs for running tests (#73526) 2019-11-17 11:47:28 +01:00
Frederik Rietdijk
be7125dde7 Merge master into staging-next 2019-11-16 11:45:07 +01:00
worldofpeace
4583e293fd
Merge pull request #73251 from worldofpeace/remove-slim
nixos/slim: remove
2019-11-15 15:56:48 +00:00
Sascha Grunert
7f358a5f3b
nixos/kubernetes: Module and test compatibility with kubernetes 1.16
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
2019-11-15 05:58:35 +01:00
David Kleuker
d793d53b0d doc/rl-1909: fix language
(#71516)
2019-11-15 00:32:09 +01:00
Wout Mertens
3202f64465
nixos doc: clarify role of boot.debug1devices
Co-Authored-By: Jörg Thalheim <Mic92@users.noreply.github.com>
2019-11-13 20:39:11 +01:00
Wout Mertens
89c8338b51
nixos boot doc: document boot.debug1devices 2019-11-13 16:35:00 +01:00
worldofpeace
9c7db09e48 rl-2003: add note about slim 2019-11-11 17:10:41 -05:00
worldofpeace
3d256326ab nixos/doc: remove refs to slim 2019-11-11 17:10:41 -05:00
Frederik Rietdijk
73b88e17dd Merge staging-next into staging 2019-11-11 12:09:26 +01:00
Matthew Bauer
43c940f2d4
Merge pull request #70886 from allgreed/add-vbox-docs-hint
[Docs] Add a hint on Virtualbox machine setup
2019-11-07 17:24:14 -05:00
Bjørn Forsman
2c09cfc097 nixos-rebuild: add explicit option to enable (remote) sudo
Add --use-remote-sudo option. When set, remote commands will be prefixed
with 'sudo'. This allows using sudo remotely _without_ having to use
sudo locally (when using --build-host/--taget-host).
2019-11-07 17:03:12 +01:00
Frederik Rietdijk
c4e30cf98c Merge staging-next into staging 2019-11-05 14:18:08 +01:00
Jacek Galowicz
7d19c5aaa7 nixos/test: Pythonify documentation 2019-11-04 23:50:50 +01:00
Robin Gloster
754e315fb5 release-notes 20.03: added notice for rewritten nixos-option 2019-11-04 15:14:42 +01:00
Chuck
59c5bfc86b nixos/nixos-option: Rewrite in a more suitable language
Also add --all, which shows the value of all options.  Diffing the --all
output on either side of contemplated changes is a lovely way to better
understand what's going on inside nixos.
2019-11-04 15:11:44 +01:00
John Ericson
9df7efe0c6 stdenv: Don't stop set -u-ing
Before, we very carefully unapplied and reapplied `set -u` so the rest
of Nixpkgs could continue to not fail on undefined variables. Let's rip
off the band-aid.
2019-11-01 22:03:47 +00:00
Frederik Rietdijk
91a714000a nixos manual: refer to nix and nixpkgs manuals 2019-10-30 10:25:09 +01:00
Frederik Rietdijk
70bb2e4151 nixos manual: have a toc for each part and chapter
to be inline with the Nixpkgs manual. This makes navigating to
particular sections easier.
2019-10-30 10:25:09 +01:00
Frederik Rietdijk
d727754d9a nixos manual: move preface into own file 2019-10-30 10:25:09 +01:00
Frederik Rietdijk
227dff4e70 nixos manual: reduce toc depth
to reduce the amount of information presented.
2019-10-30 10:25:09 +01:00
Vladimír Čunát
d9c5d584cd Merge branch 'master' into release-docs
It's been a very long time, so I think a merge will be better than
a rebase.  There was only one simple conflict.
2019-10-27 10:29:58 +01:00
Frederik Rietdijk
09c9a2de7e Merge master into staging-next 2019-10-23 16:50:09 +02:00
Florian Klink
c3098d182d nixos/network: remove 99-main.network
Just maching all network interfaces caused many breakages, see #18962
and #71106.

We already don't support the global networking.useDHCP,
networking.defaultGateway(6) options if networking.useNetworkd is
enabled, but direct users to configure the per-device
networking.interfaces.<name?>.… options.
2019-10-23 11:39:27 +02:00
Frederik Rietdijk
a456fbfeed Merge staging-next into staging 2019-10-22 09:20:03 +02:00
Florian Klink
f24b4fb411
nixos/networkmanager: remove networking.networkmanager.dynamic… (#71337)
nixos/networkmanager: remove networking.networkmanager.dynamicHosts
2019-10-21 02:33:28 +02:00
Vladimír Čunát
9a54d17799 nixos release notes: interfaces might get renamed
Fixes #71086.
2019-10-20 20:12:03 -04:00
worldofpeace
18ea428e76 rl-1909: add note for blueman 2019-10-20 19:37:13 -04:00
Dima
a16de399a1 release-notes 19.09: removal of non-LTS kernel attrs
Even though the release obviously already happened, I think it might
still make sense to add a short note about the attributes not being
supported any longer (and going forward).

(cherry picked from commit 7163d3a9df35904d0c9acc9f643fd70ee3108539)
(cherry picked from commit a64b8c3c191af1317cfdc1ea4f4e5f881c4cf503)
2019-10-20 19:35:22 -04:00
Florian Klink
ca6c91e395 nixos/networkmanager: remove networking.networkmanager.dynamicHosts
This option was removed because allowing (multiple) regular users to
override host entries affecting the whole system opens up a huge attack
vector. There seem to be very rare cases where this might be useful.
Consider setting system-wide host entries using networking.hosts,
provide them via the DNS server in your network, or use
networking.networkmanager.appendNameservers to point your system to
another (local) nameserver to set those entries.
2019-10-20 16:37:41 +02:00
edef
5b1f864242
Merge pull request #59806
openssh: 7.9p1 -> 8.1p1
2019-10-19 12:16:08 +00:00
Will Dietz
6db7c9cf1d nixos: add release note for openssh upgrade \o/ 2019-10-19 12:05:27 +00:00
Eelco Dolstra
5b324c1825
Remove references to the nixpkgs-channels repo
Channel branches are now provided in the nixpkgs repo.

Issue #71176.
2019-10-17 19:44:03 +02:00
Franz Pletz
3d832dee59 gnupg: disable gui/pinentry support by default
This solves the dependency cycle in gcr alternatively so there won't be
two gnupg store paths in a standard NixOS system which has udisks2 enabled
by default.

NixOS users are expected to use the gpg-agent user service to pull in the
appropriate pinentry flavour or install it on their systemPackages and set
it in their local gnupg agent config instead.

Co-authored-by: Florian Klink <flokli@flokli.de>
2019-10-16 20:31:16 -04:00
worldofpeace
2fbccbc728 Revert "Merge pull request #71095 from flokli/pinentry-cleanup"
This reverts commit 823da4d492, reversing
changes made to b75c8ee3bc.
2019-10-16 20:28:21 -04:00
Franz Pletz
b5bea4ce32 gnupg: disable gui/pinentry support by default
This solves the dependency cycle in gcr alternatively so there won't be
two gnupg store paths in a standard NixOS system which has udisks2 enabled
by default.

NixOS users are expected to use the gpg-agent user service to pull in the
appropriate pinentry flavour or install it on their systemPackages and set
it in their local gnupg agent config instead.

Co-authored-by: Florian Klink <flokli@flokli.de>
2019-10-16 19:56:50 -04:00
Arian van Putten
8fb23f6117
Fix typo in 19.09 release notes 2019-10-14 23:30:09 +02:00
Jörg Thalheim
d633ec9787
Merge pull request #70601 from Mic92/zfs-trim
nixos/zfs: only enable trim if zfs is enabled
2019-10-14 11:04:35 +01:00