Commit graph

5062 commits

Author SHA1 Message Date
obadz
0a9d7f0809 zerotier module: add option to join networks and open port 2018-03-28 22:18:25 +01:00
Franz Pletz
e53d195c4a
Merge pull request #38000 from ryantm/auto-update/dovecot
dovecot: 2.3.0.1 -> 2.3.1
2018-03-28 20:05:54 +00:00
Maximilian Bosch
5caa22fe0a Revert restrictive validation behavior for DM/WM defaults in the X module
The original idea behind this change (described in ticket #11064) was to
improve the assertions to avoid that users of the X server accidentally
forget to configure a DM or WM.

However this caused several issues with setups that require X, but no DM
or WM. The keymap testcases became instable as well as now disabling DMs
needs to be done explicitly.
(see https://github.com/NixOS/nixpkgs/pull/31268#issuecomment-347080036)

In the end the idea behind the change and #11064 was obviously a
mistake, so reverting it completely for now should be fine.
2018-03-28 20:34:05 +02:00
Franz Pletz
6a15c8d6f7
nixos/dovecot: set group in config
The dovecot bump to 2.3.1 caused the dovecot service to fail to start
because it would try to chgrp sockets to dovecot whereas our default
dovecot group is called dovecot2.
2018-03-28 19:16:41 +02:00
Shea Levy
05e375d710
Merge remote-tracking branch 'origin/master' into staging 2018-03-28 09:36:47 -04:00
gnidorah
30a56d72db hans: rename option 2018-03-28 10:36:04 +03:00
gnidorah
33c34aff2f hans, iodine: correct script 2018-03-28 10:34:57 +03:00
Justin Humm
169468c406
apache-httpd: fix typo in config servedFiles 2018-03-28 03:47:25 +02:00
Matthew Justin Bauer
75616ceb49
Merge pull request #37840 from matthewbauer/unixtools
Cross-platform "unixtools"
2018-03-27 18:43:03 -05:00
gnidorah
276d10dae6 nixos/iodine: passwordFile option #24288 2018-03-27 22:44:29 +03:00
gnidorah
16c5866cec nixos/hans: passwordFile option #24288 2018-03-27 22:25:31 +03:00
gnidorah
b2be363fea nixos/hans: init 2018-03-27 22:25:22 +03:00
Michishige Kaito
c515f7036e Address @yegortimoshenko review 2018-03-27 16:35:54 +01:00
Michishige Kaito
bde525aaaf Add restore service for tarsnap archives
This service will never run automatically, but it encapsulates the
necessary logic and configuration to run a restore of the latest
archive, and allows to hook more specific logic, such as loading
a database dump, via `postStart`.
2018-03-27 01:19:02 +01:00
Michishige Kaito
d462595600 Add support for tarsnap options -H and -L
A new option `explicitSymlinks` will set `-H` when creating an archive.
This option makes tarsnap follow any symlinks specified explicitly on
the commandline, but not any found inside the file tree.

A new option `followSymlinks` will set `-L` when creating an archive.
This option makes tarsnap follow any symlinks found anywhere in the file
tree instead of storing them as-is.
2018-03-27 01:19:02 +01:00
Bas van Dijk
e9de38eb61 strongswan-swanctl: actually removed the strongswan parameter files 2018-03-26 17:18:08 +02:00
Joachim F
1c889be474
Merge pull request #37827 from oxij/pull/28938-tor-control-port
nixos/tor: expose control socket
2018-03-26 13:05:27 +00:00
Nikolay Amiantov
4f0b59de9a xserver service: cleanup LD_LIBRARY_PATH
X libraries in LD_LIBRARY_PATH seem to not be needed anymore.
I've tracked this addition as far as I could
(02cef04c81) and they seem to be added for unfree
NVIDIA and ATI drivers but at least for NVIDIA they are not needed anymore. We
can add them with patchelf instead if it turns out to be the case with ATI.
2018-03-26 14:01:49 +03:00
Jaka Hudoklin
cb9c1c63c9 nixos/tor: expose control socket 2018-03-26 00:41:10 +00:00
Guillaume Maudoux
c948613a65 almir: also remove the corresponding module.
The almir package was removed in 30291227f2 at about 2017-08
This module can no more be used without it.
2018-03-25 21:41:19 +01:00
Frank Doepper
66deb3aa29 quagga service: fix service and re-enable test
adding quagga to quaggavty
reverting 8a18e1f
2018-03-25 21:26:45 +02:00
Michael Raskin
296dca019b
Merge pull request #35073 from Infinisil/fix/znapzend
nixos/znapzend: fix when no previous zetup
2018-03-25 17:29:08 +00:00
Matthew Justin Bauer
8f3091939b
Merge pull request #37752 from ryantm/fix-urls
treewide: use more HTTPS URLs
2018-03-25 00:40:17 -05:00
Ryan Mulligan
b189247ba0 treewide: use more HTTPS URLs
Uses the HTTPS url for cases where the existing URL has a permanent
redirect. For each domain, at least one fixed derivation URL was
downloaded to test the domain is properly serving downloads.

Also fixes jbake source URL, which was broken.
2018-03-24 22:04:25 -07:00
Florian Klink
6ac74d60ad networkmanager-pptp: remove package
Currently broken on NixOS due to hardcoded modprobe binary path (see
bug #30756 from Oct 2017), no activity on a proposed fix for months.
As the protocol is terribly broken anyways, let's better remove it
completely, and not talk about anymore ;-)

Closes #30756.
2018-03-23 22:24:50 +01:00
Matthew Justin Bauer
779c25b2fe
Merge pull request #34053 from thpham/serviio
serviio: init at 1.9
2018-03-22 11:11:17 -05:00
Robin Gloster
fda705527d
nixbot: remove
obsoleted mostly by ofborg
2018-03-22 16:17:12 +01:00
WilliButz
c54aa1f293
nixos/prometheus-exporters: add postfix exporter & documentation 2018-03-22 14:52:23 +01:00
WilliButz
f4d03b5c9c
nixos/prometheus-exporters: rewrite and restructure
- prometheus exporters are now configured with
  `services.prometheus.exporters.<name>`
- the exporters are now defined by attribute sets
  from which the options for each exporter are generated
- most of the exporter definitions are used unchanged,
  except for some changes that should't have any impact
  on the functionality.
2018-03-22 14:46:17 +01:00
Robin Gloster
76ea0e1b2e
Merge pull request #32960 from florianjacob/prosody-0.10
Prosody 0.10.0
2018-03-22 14:12:57 +01:00
Robin Gloster
0a80f2c0f4
prosody: improve module handling 2018-03-22 03:40:46 +01:00
Franz Pletz
e5a854e740
gitlab service: use recommended unicorn config 2018-03-22 02:29:28 +01:00
Simon Lackerbauer
1b55905806
gitlab: 10.3.4 -> 10.5.4 2018-03-22 02:29:28 +01:00
Robin Gloster
31d77fd4f3
gitlab-shell: fix config path finding
and remove TimeoutSec for gitlab
2018-03-22 02:29:27 +01:00
Robin Gloster
fa347164b6
graylog: use jre_headless 2018-03-22 02:29:27 +01:00
Dan Peebles
6fa9d9cdbd hologram-server module: add cache timeout option
The version of hologram we're using has supported this option for a
while, but we didn't expose it through the NixOS module
2018-03-21 12:58:25 -04:00
Thomas Karolski
e5073bcb80
Fix permission on working directory
The working directory needs the x flag, otherwise executors (e.g. sparks executor) are unable to cd into their sandbox and create e.g. temporary files.
2018-03-21 02:26:04 +01:00
Eelco Dolstra
7db841512a
Remove obsolete /nix/var/nix/{manifests,channel-cache} 2018-03-20 18:26:13 +01:00
Jörg Thalheim
35eddf5ef1
Merge pull request #37412 from volth/varnish456
varnish4: init at 4.1.9; varnish6: init at 6.0.0
2018-03-20 07:55:52 +00:00
Joel Thompson
fe2e4d6fb9 hologram: Enable configuring LDAP authorization
In AdRoll/hologram#62 support was added to hologram to configure
LDAP-based authorization of which roles a user was allowed to get
credentials for. This adds the ability to configure that.

Additionally, AdRoll/hologram/#94 added support to customize the LDAP
group query, so this also feeds that configuration through.

fixes #37393
2018-03-20 07:36:23 +00:00
volth
002b460822 varnish4: init at 4.1.9; varnish6: init at 6.0.0 2018-03-20 07:10:36 +00:00
Robert Schütz
c484079ac7
Merge pull request #36927 from dotlambda/borg-module
nixos/borgbackup: init
2018-03-19 20:30:32 +01:00
WilliButz
ca7b29050f grafana: 5.0.2 -> 5.0.3, fix headless phantomjs 2018-03-19 19:59:10 +01:00
Robert Schütz
fdf0f037be nixos/borgbackup: init 2018-03-19 13:12:47 +01:00
Peter Hoeg
2859483fe9 nixos home-assistant: a couple of fixes (#36338)
a) set path to /run/wrappers so ping works
b) run via a target so we can easily inject other components (config copier,
appdaemon)
2018-03-18 12:46:36 +01:00
Jörg Thalheim
5c1c4fbb06
Merge pull request #37084 from herrwiese/evilwm
nixos/window-managers: actually add evilwm to default.nix
2018-03-18 11:13:23 +00:00
Elis Hirwing
fa76c9a385
gitea: fix usage over ssh
Using gitea over ssh had two isses:
 1. No shell was set for the user
 2. Gitea tried to write logs to
 /nix/store/x83q12kyd9gw1pay036dxz2dq0apf17h-gitea-1.3.2-bin/log when
 serving the ssh usage.
2018-03-18 10:11:02 +01:00
Corey O'Connor
28a55f5bd6 jenkins: Add "java.awt.headless=true" to JDK options.
This is consistent with the recommended jenkins startup script. See:

* https://wiki.jenkins.io/display/JENKINS/JenkinsLinuxStartupScript
2018-03-17 22:16:59 -07:00
Corey O'Connor
241160aacc jenkins: Include Deja-Vu fonts in system environment to silence jenkins warning. 2018-03-17 22:16:26 -07:00
Tuomas Tynkkynen
ef64208eba Merge commit '3ab2949' from staging into master
Conflicts:
	pkgs/development/compilers/llvm/6/llvm.nix
	pkgs/servers/home-assistant/component-packages.nix
2018-03-15 22:30:56 +02:00
Elis Hirwing
1ad75d0c50
gitea: enable and configure postgres service if selected as database 2018-03-15 18:34:54 +01:00
Andreas Wiese
c7e1dff94e nixos/window-managers: actually add evilwm to default.nix
Commit 1f2b938 introduced a module for evilwm as a window-manager, but
did not actually add this module to window-manager's default.nix which
renders it useless.
2018-03-15 10:22:53 +01:00
Tuomas Tynkkynen
2fec9c6e29 Merge remote-tracking branch 'upstream/master' into staging
Conflicts:
	pkgs/development/tools/build-managers/conan/default.nix
2018-03-13 23:04:18 +02:00
Florian Jacob
226965da67 prosody: 0.9.12 -> 0.10.0
updating config options, removing luazlib as mod_compression was removed
for security reasons.
2018-03-12 20:19:03 +01:00
Silvan Mosberger
86ca617948
resilio: Adjust option description to 3d17573 2018-03-11 01:18:34 +01:00
Jan Malakhovski
7079e744d4 Merge branch 'master' into staging
Resolved the following conflicts (by carefully applying patches from the both
branches since the fork point):

   pkgs/development/libraries/epoxy/default.nix
   pkgs/development/libraries/gtk+/3.x.nix
   pkgs/development/python-modules/asgiref/default.nix
   pkgs/development/python-modules/daphne/default.nix
   pkgs/os-specific/linux/systemd/default.nix
2018-03-10 20:38:13 +00:00
Jörg Thalheim
196e21a160 nixos/tomcat: add types + proper systemd integration
fixes #35443
2018-03-08 09:09:42 +00:00
Benjamin Smith
024220bd7f nixos/tomcat: add serverXml, environment files and log directories
* add serverXml verbatim override
* add environment file
* add log directory creation
2018-03-08 09:09:42 +00:00
Ales Huzik
0555f247dc nixos/bluetooth: allow to specify custom bluez package 2018-03-08 13:56:47 +11:00
Vladyslav M
2a147bea02 iwd: 2017-12-14 -> 0.1 2018-03-07 20:28:12 +02:00
Yegor Timoshenko
5905fe069b
tt-rss: use proper user and package for MySQL 2018-03-06 03:10:24 +00:00
volth
30877b1ed8 nix-serve: nix 2.0 fixes 2018-03-05 19:32:42 +00:00
Will Fancher
6b9a99e55d LightDM: Set default user session when possible. 2018-03-04 23:54:09 +00:00
Vladimír Čunát
2069a2a002
Merge #35454: nixos/pump.io: remove 2018-03-04 10:49:25 +01:00
Tuomas Tynkkynen
1e107443ad Merge commit '618ac29687a650d854c8bea7efd4490387589ce2' into staging 2018-03-03 22:40:32 +02:00
Jörg Thalheim
6749f6e26e
Merge pull request #36249 from Ekleog/openldap-module-declarative-contents
Openldap module declarative contents
2018-03-03 19:00:13 +00:00
Vladimír Čunát
b70c93f211
Merge branch 'master' into nix-2.0 2018-03-03 18:02:35 +01:00
Jörg Thalheim
9936ed4920
Merge pull request #31019 from teto/strongswan_rebased
[RFC/RDY] make l2tp work with Strongswan
2018-03-03 15:56:05 +00:00
Léo Gaspard
aeef7c91f1
openldap module: allow defining contents declaratively 2018-03-03 15:33:23 +01:00
Léo Gaspard
cca9ec2a66
openldap module: cleanup 2018-03-03 15:33:01 +01:00
Jan Tojnar
618ac29687
cantarell-fonts: rename from cantarell_fonts 2018-03-03 00:36:38 +01:00
wucke13
9580f22115 Solving #30396 2018-03-02 09:30:19 +01:00
Bjørn Forsman
5de8f99f03 nixos/jenkins: ensure postStart follows redirects
Pass the -L flag to curl to make it follow redirects. This fixes an
issue I found when setting up reverse proxy for Jenkins. Without this
fix, the returned HTTP code was stuck at 302, making postStart fail the
service (it expects 200 or 403).
2018-03-02 08:48:38 +01:00
Shea Levy
95579af5ec
Merge remote-tracking branch 'origin/staging' into cross-nixos 2018-03-01 14:56:58 -05:00
Shea Levy
fec543436d
nixos: Move uses of stdenv.shell to runtimeShell. 2018-03-01 14:38:53 -05:00
Frederik Rietdijk
810dd0f984 Merge remote-tracking branch 'upstream/master' into HEAD 2018-03-01 20:00:42 +01:00
WilliButz
5ea2c87464
grafana: 4.6.3 -> 5.0.0 2018-03-01 17:50:09 +01:00
lejonet
565f22d27a nixos/ceph: init module (#35299)
All 5 daemon types can be enabled and configured through the module and the module both creates the ceph.conf required but also creates and enables specific services for each daemon, based on the systemd service files that upstream provides.
2018-03-01 11:47:13 +00:00
Tuomas Tynkkynen
b8b2225f6b Merge remote-tracking branch 'upstream/master' into staging 2018-03-01 06:09:20 +02:00
Shea Levy
4d5be58a8f
Merge remote-tracking branch 'origin/master' into cross-nixos 2018-02-28 17:07:13 -05:00
Shea Levy
5ff15fbf7d
Merge branch 'nix-ssh-ng' 2018-02-28 17:04:19 -05:00
Shea Levy
4de72b90f3
nixos: nix.sshServe: Support ssh-ng. 2018-02-28 16:55:00 -05:00
Frederik Rietdijk
cf0c20e0de
Merge pull request #35892 from Nadrieril/update-usbguard
usbguard: 0.7.0 -> 0.7.2
2018-02-28 20:30:30 +00:00
Sander van der Burg
8fbfd67f1f disnix module: make dbus service configurable 2018-02-28 21:29:24 +01:00
Shea Levy
c0e814a434
nixos: udev: Generate hwdb with build-native udevadm. 2018-02-28 15:01:31 -05:00
Bas van Dijk
85abad9e1c strongswan-swanctl: fixed type of 'file' options 2018-02-28 12:01:31 +01:00
Bas van Dijk
018f66020f strongswan-swanctl: disable the structured strongswan config for now in favour of a literal config
This reduces the number of option by over 600.
2018-02-28 11:44:22 +01:00
Bas van Dijk
592a89befc strongswan-swanctl: support strongswan-5.6.2 configuration options 2018-02-28 11:04:41 +01:00
Bas van Dijk
7c94804680 strongswan-swanctl: don't generate options for charon
This reduces the number of options from 1152 to 756.
2018-02-28 10:41:54 +01:00
Bas van Dijk
7cc5ee2354 strongswan-swanctl: support strongswan-5.6.1 configuration options
I determined which options got changed by executing the following
commands in the strongswan repository:

  git diff -U20 5.6.0..5.6.1 src/swanctl/swanctl.opt
  git diff -U20 5.6.0..5.6.1 conf
2018-02-28 10:41:54 +01:00
Bas van Dijk
bd24b3addd nixos: add the strongswan-swanctl service
The strongswan-swanctl systemd service starts charon-systemd. This implements a IKE daemon
very similar to charon, but it's specifically designed for use with systemd. It uses the
systemd libraries for a native integration.

Instead of using starter and an ipsec.conf based configuration, the daemon is directly
managed by systemd and configured with the swanctl configuration backend.

See: https://wiki.strongswan.org/projects/strongswan/wiki/Charon-systemd

Note that the strongswan.conf and swantctl.conf configuration files are automatically
generated based on NixOS options under services.strongswan-swanctl.strongswan and
services.strongswan-swanctl.swanctl respectively.
2018-02-28 10:41:54 +01:00
Eelco Dolstra
212dd84dd2
Cleanup 2018-02-27 20:03:12 +01:00
Nadrieril
297fac40ca nixos/usbguard: Do not check permissions on rules file (using undocumented -P flag) 2018-02-27 18:34:02 +00:00
Rodney Lorrimar
21dcead5f0
nixos/pump.io: remove
This would probably be better maintained in a separate repo as an
external NixOS module which gets imported into user's configuration.
2018-02-27 12:52:51 +00:00
Frederik Rietdijk
4f08b0fbac Merge remote-tracking branch 'upstream/master' into HEAD 2018-02-26 10:50:18 +01:00
Franz Pletz
37c009ca74
Merge pull request #34028 from florianjacob/matomo
piwik is now matomo
2018-02-26 06:53:58 +00:00
Peter Hoeg
f9cc3c08e2
Merge pull request #35432 from timokau/syncthing-deprecate-inotify
syncthing,qsyncthingtray: remove syncthing-inotify
2018-02-26 11:04:33 +08:00
Jan Tojnar
a31d98f312
tree-wide: autorename gnome packages to use dashes 2018-02-25 17:41:16 +01:00
Sarah Brofeldt
2ea8f8acdf nixos/mysql: Unbreak initial database creation 2018-02-24 20:07:55 +01:00
Timo Kaufmann
5643128ff2 syncthing,qsyncthingtray: remove syncthing-inotify
syncthing-inotify is replaced by the new syncthing "fswatcher" feature.
2018-02-24 01:08:44 +01:00
Tuomas Tynkkynen
ae9d4faff9 Merge remote-tracking branch 'upstream/master' into staging 2018-02-24 02:05:30 +02:00
Aristid Breitkreuz
e349ccc77f nixos/alsa: Do not make sound.enable conditional on stateVersion.
Eelco Dolstra wrote:

Hm, this is not really the intended use of stateVersion. From the description:

        Every once in a while, a new NixOS release may change
        configuration defaults in a way incompatible with stateful
        data. For instance, if the default version of PostgreSQL
        changes, the new version will probably be unable to read your
        existing databases. To prevent such breakage, you can set the
        value of this option to the NixOS release with which you want
        to be compatible. The effect is that NixOS will option
        defaults corresponding to the specified release (such as using
        an older version of PostgreSQL).

So this is only intended for options that have some corresponding on-disk state. AFAICT this is not the case for sound. In any case stateVersion is a necessary evil that only exists because we can't just upgrade Postgres databases or change SSH host keys. It's not necessary for things like whether sound is enabled. (If the user discovers that sound is suddenly disabled, they can just enable it.)

I had some vague recollection that we also had a configVersion option setting to control the defaults for non-state-related options, but I can't find it so maybe it was only discussed.
2018-02-23 23:14:42 +01:00
Tom Bereknyei
034d3fae3d tinc: enable invitations 2018-02-23 11:59:37 -05:00
Jan Tojnar
3b512ca185
Merge pull request #35065 from jtojnar/fwupd-1.0.5
fwupd: 1.0.5 update & cleanups
2018-02-23 17:22:47 +01:00
Nikolay Amiantov
9c1c424e52 cups service: fix client sockets
Use systemd to create the directory for UNIX socket. Also use localhost instead
of 127.0.0.1 as is done in default cupsd.conf so that IPv6 is enabled when
available.
2018-02-23 18:51:39 +03:00
Nikolay Amiantov
cc52eff6c6 Revert "cups service: fix client sockets"
This reverts commit cf4c077343.
2018-02-23 18:47:43 +03:00
Nikolay Amiantov
cf4c077343 cups service: fix client sockets
Use systemd to create the directory for UNIX socket. Also use localhost instead
of 127.0.0.1 as is done in default cupsd.conf so that IPv6 is enabled when
available.
2018-02-23 18:43:51 +03:00
Jörg Thalheim
df4963daca
Merge pull request #35343 from gnidorah/softether
softether module: fix dataDir option
2018-02-23 12:38:11 +00:00
Franz Pletz
6180eda1e4
Merge pull request #35026 from alesguzik/acpid_log_events
nixos/acpid: add option to log events
2018-02-23 04:36:33 +00:00
volth
985a4bb87c
nixos/tox-bootstrapd: new command line format 2018-02-23 03:26:18 +00:00
Franz Pletz
0dcf5df0ed
Merge pull request #34470 from WilliButz/fix-xautolock
nixos/xautolock: fix default defaults/examples, add assertions
2018-02-22 23:10:03 +00:00
Aristid Breitkreuz
a43e33d0e4 nixos: disable sound by default, if stateVersion >= 18.03 (#35355) 2018-02-22 22:06:31 +00:00
Florian Jacob
885e762d47 nixos/matomo: improve serverName default
when we need to change it anyway for the rename.
2018-02-22 22:03:55 +01:00
Florian Jacob
48e449ee70 nixos/piwik: rename to matomo 2018-02-22 22:03:55 +01:00
Frederik Rietdijk
d328ba753e
Merge pull request #35243 from FRidh/postgis
postgis: get rid of composableDerivation
2018-02-22 16:49:56 +00:00
gnidorah
fbeb32994b softether module: fix dataDir option 2018-02-22 18:37:59 +03:00
Jan Tojnar
30cc156c8c
nixos/fwupd: use manual list of etc files
Closes: #32142
2018-02-22 13:18:23 +01:00
Markus Hauck
1c3c80360b logkeys.service: Add 'device' option 2018-02-21 18:16:14 +01:00
Ales Huzik
444cdf0454 nixos/acpid: add option to log events 2018-02-21 22:17:33 +11:00
Marti Serra
30f27c49b9 crashplan-small-business: remove unneeded function 2018-02-21 09:25:58 +01:00
Frederik Rietdijk
b2f53c76f8 postgis: get rid of composableDerivation
In this change composableDerivation is removed in favor of
stdenv.mkDerivation.
2018-02-20 22:17:16 +01:00
Will Dietz
ce3de0399b
Merge pull request #30057 from dtzWill/feature/webos-novacomd
webos: init novacom, novacomd, cmake-modules; add nixos service
2018-02-20 13:49:06 -06:00
Joachim F
46afc63b6f
Merge pull request #32062 from volth/patch-73
nixos/varnish: check .vcl syntax at compile time
2018-02-20 19:22:28 +00:00
Joachim F
b30fae01cd
Merge pull request #32761 from xvapx/crashplan-small-business
crashplan-small-business: init at 6.6.0
2018-02-20 19:19:22 +00:00
Will Dietz
e5e29284a9 webos: init novacom, novacomd, cmake-modules; add nixos service 2018-02-20 10:34:19 -06:00
Franz Pletz
3942cbea67
Merge pull request #35161 from volth/patch-92
nixos/nat: support nat reflection
2018-02-20 16:26:26 +00:00
Franz Pletz
17952ee589
Merge pull request #35141 from abbradar/dhcpcd-order
dhcpcd service: fix service dependencies when default gateways are set
2018-02-20 16:07:49 +00:00
zimbatm
3b30e4355b
Merge pull request #35129 from rvl/buildkite-agent-hooks
buildkite-agent service: declarative hooks and extraConfig option
2018-02-20 11:28:42 +00:00
Richard Marko
7367918f44 nixos/nixops-dns: init (#34511) 2018-02-20 10:14:55 +00:00
Rodney Lorrimar
e552633c20
nixos/buildkite-agent: add coreutils to PATH of service
This simplifies the service script and it's probable that many builds
will need coreutils anyway.
2018-02-20 08:17:14 +00:00
Rodney Lorrimar
21e9a3eb6f
nixos/buildkite-agent: add a default value for name option
Use the default name value from:
https://buildkite.com/docs/agent/configuration
2018-02-20 08:17:14 +00:00
Rodney Lorrimar
8132b24cdf
nixos/buildkite-agent: remove obsolete config setting
Newer versions of buildkite-agent can find the bootstrap script
themselves.
2018-02-20 08:17:13 +00:00
Rodney Lorrimar
cf6463aa8c
nixos/buildkite-agent: enhance documentation for meta-data option
I assumed they were space-separated, which was wrong.

In future it might be better to allow specifying an attrset of strings
for the option.
2018-02-20 08:17:13 +00:00
Rodney Lorrimar
66586c86b9
nixos/buildkite-agent: declarative hooks configuration
Instead of having to set up a directory containing hook scripts, you
can now directly set module options to add hooks.
2018-02-20 08:17:12 +00:00
Rodney Lorrimar
efefba7c9b
nixos/buildkite-agent: add extraConfig option
This is useful for things like enabling debugging and increasing agent
priority, which don't warrant extra module options.
2018-02-20 08:17:12 +00:00
Nikolay Amiantov
5ff25fcd7e dhcpcd service: want for both IP stacks
We want to wait for both stacks to be active before declaring that network is active.
So either both default gateways must be specified or only IPv4 if IPv6 is disabled to
avoid dhcpcd for network-online.target.
2018-02-19 23:33:54 +03:00
Nikolay Amiantov
996ed0830e dhcpcd service: always want by multi-user
When default gateways were specified the service wasn't wanted by anything at
all before.
2018-02-19 23:31:45 +03:00
Michael Raskin
1e23a5a6e9
Merge pull request #34795 from oxij/os/nixosLabel-pt2
nixos: labels part 2
2018-02-19 14:45:17 +00:00
Michael Raskin
10b3f7d356
Merge pull request #27688 from rnhmjoj/routes
nixos/networking-interfaces: make static routes configurable
2018-02-19 14:12:58 +00:00
volth
328f8a6cba nixos/nat: support nat reflection 2018-02-19 13:16:09 +00:00
Jan Malakhovski
2e6b796761 nixos: rename config.system.nixos* -> config.system.nixos.* 2018-02-18 12:56:30 +00:00
Bjørn Forsman
d84f18e288 nixos/postfix: document that *Alias options support comma separated values
For the longest time I thought there could be only one rootAlias.
2018-02-18 13:04:08 +01:00
Silvan Mosberger
c2b8d14b56
nixos/znapzend: fix when no previous zetup
When the znapzend module was enabled for the first time with pure =
true; then the list of previous entries is empty, but xargs still tried
to execute a znapzendzetup delete command with no arguments, which made
it fail
2018-02-17 15:50:48 +01:00
rnhmjoj
e81811a579
nixos/modules: rename IP addresses/routes options 2018-02-17 14:57:07 +01:00
rnhmjoj
c1bed05e34
nixos/networking-interfaces: rename IP addresses/routes options 2018-02-17 14:01:24 +01:00
Alexei Robyn
ab45e13e07 nixos/dante: order after network-online.target (#34435)
network-online.target properly depends on the underlying network
management tool (e.g. NixOS static configuration scripts, dhcpcd,
NetworkManager, networkd) signalling that all interfaces are up and
appropriately configured (to whatever degree possible/required), whereas
network.target only indicates that the network management tool itself
has started.
2018-02-17 10:18:05 +00:00
Joachim F
faf072166b
Merge pull request #29869 from Nadrieril/syncserver-fup
syncserver service: follow-up of #28189
2018-02-17 10:09:42 +00:00
Niklas Hambüchen
f00a1514f9 nixos/nginx: validate config syntax in preStart (#24664) 2018-02-17 09:45:25 +00:00
Joachim F
71a32c36fe
Merge pull request #34587 from netixx/add-freeradius-service
nixos/freeradius : init - Added freeradius service
2018-02-17 09:17:35 +00:00
Tim Steinbach
87559028ef
Merge pull request #33954 from kuznero/pr/kubernetes
kubernetes: 1.7.9 -> 1.9.1
2018-02-16 13:56:59 +00:00
Vladimír Čunát
b5aaaf87a7
Merge staging and PR #35021
It's the last staging commit (mostly) built on Hydra,
and a minimal fix for Darwin regression in pysqlite.
2018-02-16 09:13:12 +01:00
Herwig Hochleitner
b7b2a4ffa4 connmand: add extraFlags option to service 2018-02-15 23:37:12 +01:00
Franz Pletz
79e7f7af9a
radvd service: fix due to systemd upgrade
After the systemd 237 upgrade, radvd wouldn't start anymore because the
PID file cannot be written. It seems that directories in /run has to be
explicitely defined as RuntimeDirectory now. The PID file isn't needed
due to systemd, though, so it was removed along with forking and loggia
via syslog.

This fixes the ipv6 NixOS test.
2018-02-15 07:02:08 +01:00
Jan Tojnar
640916d55d
nixos/fwupd: add maintainers 2018-02-15 01:11:13 +01:00
Frederik Rietdijk
177cfe3370
Merge pull request #34974 from dotlambda/prosody
nixos/prosody: add package option
2018-02-14 20:35:01 +00:00
Lassulus
8acde7b612 nixos/gnunet: set private TMPDIR (#34945) 2018-02-14 15:35:30 +00:00
Robert Schütz
de74ffb8f8 nixos/prosody: add package option 2018-02-14 14:56:00 +01:00
adisbladis
1de98e8568
plasma: 5.11.5 -> 5.12.1 2018-02-14 17:24:20 +08:00
Jan Tojnar
44695e7045
Merge pull request #34507 from jtojnar/pipewire
pipewire: init at 0.1.8
2018-02-14 02:29:39 +01:00
Jörg Thalheim
67b1d6a16d
Merge pull request #34905 from vcunat/p/kresd-TLS
kresd service: add listenTLS option
2018-02-13 10:41:52 +00:00
Ruben Maher
ac52cb3aed nixos/prometheus/alertmanager: double hyphenate long opts (#34914)
Alertmanager 0.13.0 doesn't support single dash long options, so '-config.file'
for example is parsed as '-c', which leads to the service not starting.
2018-02-12 18:02:38 -05:00
Vladimír Čunát
05d6a7edb6
kresd service: add listenTLS option
Also fix some deficiencies in the systemd multi-socket stuff.
2018-02-12 20:48:25 +01:00
Franz Pletz
74736f26c2
bird2: init at 2.0.1 2018-02-11 23:35:05 +01:00
Vladimír Čunát
968b866dcc
Merge #32774: slurm-spank-x11: init at 0.2.5 2018-02-10 22:48:22 +01:00
Daniel Schaefer
713a69d083 nixos/acpid: pass event parameters to handler (#34190)
Previously the parameters were just dropped. Now they can be read
from within the handler script. An example to show this is added.

Makes use of the new writeShellScript function as suggested in:
issue #21557

resolves:  #21557
2018-02-10 13:26:05 +00:00
Jörg Thalheim
2cab78bc1d
Merge pull request #34384 from gnidorah/nvidia-optimus
modules/nvidia-optimus: fix module blacklisting
2018-02-10 12:14:21 +00:00
Jörg Thalheim
9fab083b79
Merge pull request #34524 from Infinisil/physlock-allowAnyUser
nixos/physlock: add allowAnyUser option
2018-02-10 09:58:36 +00:00
Jörg Thalheim
7914e6be3e
Merge pull request #34655 from markus1189/zookeeper-package-option
zookeeper.service: option for package and add to environment
2018-02-10 09:54:12 +00:00
Netix (Espinet François)
2a2e885cd0 nixos/freeradius : init - Added freeradius service
Inspired from the dhcpd service implementation
Only 2 configurations options at the moment:
- enabled
- path to config directory (defaults to /etc/raddb)

Implementation was also inspired from ArchLinux
systemd file and corrected with @dotlambda and
@fpletz help.
2018-02-10 09:59:01 +01:00
Jörg Thalheim
5be14cce39
Merge pull request #34753 from noqqe/master
Multiple users with hashedPassword is broken in mosquitto
2018-02-10 07:59:49 +00:00
markuskowa
bf53dc68c2 nixos/rdma-core: add module for soft RoCE and test (#34607) 2018-02-10 07:52:03 +00:00
Andreas Rammhold
04051ee9d0
Merge pull request #34562 from griff/rspamd-workers
nixos/rspamd: worker configuration, socket activation and tests
2018-02-09 14:45:54 +01:00
Andreas Rammhold
7ae9699e1c
Merge pull request #34759 from dotlambda/dovecot
nixos/dovecot: no " in mailbox.name
2018-02-09 12:43:03 +01:00
Robert Schütz
6ceece6b59 nixos/dovecot: no " in mailbox.name 2018-02-09 12:20:55 +01:00
Hamish
3a2b0cdf5c nixos/traefik: make group configurable for docker support (#34749) 2018-02-09 09:37:29 +00:00
Brian Olsen
908fc5e14b
nixos/rspamd: options for worker configuration and socket activation 2018-02-09 06:19:03 +01:00
Florian Baumann
7e76b127cd
Multiple users with hashedPassword is broken in mosquitto
If you have more than 1 User with hasedPassword Option set it generates 

```
rm -f /var/lib/mosquitto/passwd
touch /var/lib/mosquitto/passwd
echo 'user1:$6$xxx' > /var/lib/mosquitto/passwd
echo 'user2:$6$xxx' > /var/lib/mosquitto/passwd
```

Which ends up in only having 1 user.
2018-02-08 22:46:06 +01:00
Joachim F
65e6fbf2b5
Merge pull request #34690 from dotlambda/tor
nixos/tor: add hiddenServices.<name>.authorizeClient
2018-02-08 17:08:44 +00:00
Eric Bailey
6b45dbd99c services.mysql: properly quote database.name 2018-02-08 17:32:41 +01:00
Eelco Dolstra
6bc889205a
sshd: Remove UsePrivilegeSeparation option
This option is deprecated, see https://www.openssh.com/txt/release-7.5.
2018-02-08 13:32:55 +01:00
Frederik Rietdijk
c0f6aac818
Merge pull request #34574 from dotlambda/home-assistant
nixos/home-assistant: support platform=... scheme for autoExtraComponents
2018-02-08 10:53:35 +00:00
Robert Schütz
355de06fe4 nixos/tor: add hiddenServices.<name>.authorizeClient 2018-02-08 10:02:22 +01:00
Thomas Pham
f0bafef6a1 add Serviio Media server package and service 2018-02-07 20:45:30 +01:00
rnhmjoj
5118b86800 nixos/monero: init 2018-02-07 08:04:36 -05:00
Matthieu Coudron
fe4f4de1c9 strongswan module: make it work with ipsec l2tp
l2tp saves its secrets into /etc/ipsec.d but strongswan would not read
them. l2tp checks for /etc/ipsec.secrets includes /etc/ipsec.d and if
not tries to write into it.

Solution:
Have the strongswan module create /etc/ipsec.d and /etc/ipsec.secrets
when networkmanager_l2tp is installed.
Include /etc/ipsec.secrets in
/nix/store/hash-strongswan/etc/ipsec.secrets so that it can find l2tp
secrets.

Also when the ppp 'nopeerdns' option is used, the DNS resolver tries to
write into an alternate file /etc/ppp/resolv.conf. This fails when
/etc/ppp does not exist so the module creates it by default.
2018-02-07 13:21:49 +09:00
Joachim F
97ab8d8981
Merge pull request #17106 from spacefrogg/openafs
openafs: Refactor and introduce server module
2018-02-06 14:43:55 +00:00
Markus Hauck
77218de812 zookeeper.service: option for package and add to environment 2018-02-06 09:59:01 +01:00
Philipp Dörfler
35441b52d9
Wrapped ${mailbox.name} in "s to allow for space in mailbox names. 2018-02-05 17:06:49 +01:00
David McFarland
fbba0d0ee5 matrix-synapse: default server_name to hostname 2018-02-04 21:22:55 -04:00
David McFarland
a4b7de74a5 matrix-synapse: default to postgresql on 18.03 2018-02-04 21:22:55 -04:00
David McFarland
1472fa8685 matrix-synapse: create and connect to local postgresql db 2018-02-04 21:22:54 -04:00
Thomas Tuegel
4688dd0cf5
Merge pull request #34526 from ttuegel/bugfix/plasma-integration/font-style
plasma-integration: Fix font style name bug with Qt >= 5.8
2018-02-04 17:41:50 -06:00
Sarah Brofeldt
bf58890a5a nixos/k8s: Enable Node authorizer and NodeRestriction by default 2018-02-04 21:23:36 +01:00
Thomas Tuegel
77a607aa88
nixos/plasma5: Fix font style names in kdeglobals 2018-02-04 13:31:04 -06:00
Robert Schütz
59eb19224b nixos/home-assistant: support platform=... scheme for autoExtraComponents
See https://home-assistant.io/components/sensor.luftdaten/ for an example component using that scheme.
2018-02-04 11:09:55 +01:00
adisbladis
7ebb82e04f
home-assistant: Fix incorrect xml closing tag 2018-02-03 16:54:02 +08:00
Frederik Rietdijk
db58049f75
Merge pull request #34494 from dotlambda/home-assistant
home-assistant: compute extraComponents from config
2018-02-03 08:01:50 +00:00
Jörg Thalheim
a4170403e6
Merge pull request #33897 from rnhmjoj/digits
Avoid package attributes starting with a digit
2018-02-02 19:30:23 +00:00
Michael Raitza
d0ebdbd308 nixos/openafsServer: OpenAFS server nixos module 2018-02-02 16:43:44 +01:00
Vladimír Čunát
bbfca0f371
knot-resolver: 1.5.3 -> 2.0.0 (feature update)
Also split extraFeatures into a wrapper derivation.
So far, no changes like user renaming nor systemd unit rework.
2018-02-02 15:26:36 +01:00
Silvan Mosberger
cfd22b733b
physlock: add allowAnyUser option 2018-02-02 14:03:00 +01:00
Robert Schütz
78c2ca326e home-assistant: compute extraComponents from config 2018-02-02 09:48:50 +01:00
Jan Tojnar
dfe7a54d19
nixos/pipewire: init 2018-02-01 22:40:51 +01:00
Michael Raitza
ce74e1cc36 nixos/openafsClient: Extend client service functionality
Add a lot of options to the client to make it more usable and compatible
with the OpenAFS server module.
2018-02-01 16:35:24 +01:00
Michael Raitza
c389d705f3 nixos/openafsClient: relocate nixos module 2018-02-01 16:35:18 +01:00
Frederik Rietdijk
d30735f889
Merge pull request #34188 from dotlambda/home-assistant
home-assistant: init at 0.62.1
2018-02-01 08:44:48 +00:00
Eelco Dolstra
700e21d6da nix-daemon.nix: Updates for Nix 2.0
* The environment variables NIX_CONF_DIR, NIX_BUILD_HOOK and
  NIX_REMOTE are no longer needed.

* A /bin/sh (from busybox) is provided by default in sandboxes.

* Various options were renamed.
2018-01-31 22:26:05 +01:00
WilliButz
c2fa5f1729
nixos/xautolock: fix default defaults/examples, add assertions
see issue #34371
2018-01-31 21:43:23 +01:00
Robert Schütz
bacbc48cfe home-assistant: add NixOS module 2018-01-31 12:30:31 +01:00
Peter Hoeg
dc52fc6dda aria2 (nixos): actually load the module
Fixes #33991
2018-01-31 09:42:03 +08:00
gnidorah
7b2482ea54 modules/nvidia-optimus: fix module blacklisting 2018-01-29 15:46:15 +03:00
Jan Tojnar
0f21306ca3
Merge pull request #33900 from jtojnar/nginx-acme
nixos/nginx: allow using existing ACME certificate
2018-01-29 01:38:45 +01:00
Luke Adams
1537ce9dc7 samba4/sambaMaster: Modify services to align with Samba project usage 2018-01-26 22:37:17 +01:00
Franz Pletz
cb7fe51ee6
nixos/postfix: separate list option elements with commas 2018-01-26 14:10:17 +01:00
Markus Kowalewski
85ca8f121b slurm-spank-x11: init at 0.2.5 2018-01-25 13:58:14 -08:00
WilliButz
9bd7798d9c
nixos/postfix: fix default postfix config
`services.postfix.config` is now correctly merged with the default attrset
specified in the module. Some options that are lists in postfix also
have to be lists in nix to be merged correctly. Other default options are
now set with `mkDefault` so they can be overridden via the module system.
2018-01-24 23:35:28 +01:00
Michael Raitza
8a77ae81ad openafsClient: rename to openafs 2018-01-24 13:20:47 +01:00
Leon Schuermann
04c4c01089 nixos/stunnel: add module (#33151) 2018-01-21 11:23:07 +00:00
Sarah Brofeldt
ed792d3a45
Merge pull request #33842 from mimadrid/fix/resilio-sync
resilio-sync: fixed typo knownHosts -> entry.knownHosts
2018-01-21 12:11:29 +01:00
Vladimír Čunát
5402412b97
Merge #33600: xfce: cleanup, hyphenate attributes 2018-01-21 09:52:58 +01:00
Jörg Thalheim
dfa6a81a31
Merge pull request #33331 from cransom/netdata-module
netdata service: fix permissions for apps.plugin
2018-01-19 23:19:29 +00:00
Jan Tojnar
d2d1a2dfba
Merge pull request #28882 from jtojnar/chrome-gnome-shell
chrome-gnome-shell: refactor
2018-01-19 13:40:42 +01:00
Leon Schuermann
c61a9dfd2e
sshd: provide option to disable firewall altering 2018-01-18 22:55:28 +08:00
Roman Kuznetsov
f63604a598
kubernetes-dashboard (module): 1.6.3 -> 1.8.2 2018-01-17 09:01:32 +01:00
Francesco Gazzetta
356eeb0d4f nixos/mighttpd2: init 2018-01-16 21:04:09 +00:00
rnhmjoj
c946c101d6
avoid package attributes starting with a digit 2018-01-16 21:13:16 +01:00
Jörg Thalheim
822c949833
Merge pull request #33915 from lheckemann/remove-amd-hybrid-graphics
amd-hybrid-graphics module: remove
2018-01-16 15:57:37 +00:00
Leon Schuermann
22e83d2667 openvpn: add warning about world-readable credentials 2018-01-16 11:40:16 +07:00
Linus Heckemann
730f8530a8 amd-hybrid-graphics module: remove
This was only applicable to very specific hardware, and the only person
with an apparent interest in maintaining it (me) no longer uses the
hardware in question.
2018-01-15 23:17:12 +00:00
Jan Tojnar
41d252d7a4
nixos/nginx: allow using existing ACME certificate
When a domain has a lot of subdomains, it is quite easy to hit the rate limit:

https://letsencrypt.org/docs/rate-limits/

Instead you can define the certificate manually in `security.acme.certs` and list the subdomains in the `extraDomains` option.
2018-01-15 13:48:45 +01:00
Leon Schuermann
e45a06ebd1 openvpn: add option to store credentials 2018-01-15 14:34:58 +07:00
Joachim F
b6c696cc6f
Merge pull request #33444 from rnhmjoj/dnscrypt-wrapper
nixos/dnscrypt-wrapper: fix rotate script failing to restart the service
2018-01-14 11:33:02 +00:00
Sarah Brofeldt
ee4e6ebbfa
Merge pull request #32822 from LumiGuide/elk6
ELK: 5.6.1 -> 5.6.5 & add ELK 6.1.0
2018-01-14 10:40:50 +01:00
Miguel Madrid Mencía
22341c42e7
resilio-sync: fixed typo knownHosts -> entry.knownHosts 2018-01-13 23:44:39 +01:00
Jan Tojnar
38b6d7b60e
nixos/chrome-gnome-shell: init 2018-01-13 15:19:19 +01:00
Joachim F
ed250d8093
Merge pull request #27131 from richardlarocque/mosquitto_pw
mosquitto: Explicitly configure password file
2018-01-13 12:02:45 +00:00
Eelco Dolstra
dddcd10ecc
Don't set 'config.xorg = {}'
This makes memoization of Nixpkgs evaluation less effective, since
some Nixpkgs invocations may have 'config = {}' while others may have
'config = { xorg = {}; }'.

Instead set 'config = {}'.
2018-01-11 19:31:05 +01:00
Jörg Thalheim
788c5195f3 Revert "nixos/udev: fix outdated udev rules for network devices"
This reverts commit 45c5a915980fbe1fa6f0ff80ab2d11b60b844d9e.

This breaks PredictableNetworkInterfaceNames on systems without networkd.
We should only include this file from systemd, when networkd is enabled.
2018-01-11 11:21:16 +00:00
Joachim F
a6912f589e
Merge pull request #33629 from rnhmjoj/dnscrypt-proxy
Restore dnscrypt-proxy
2018-01-09 21:34:14 +00:00
Vladimír Čunát
d6bf8eb71b
Merge #33614: nixos/kresd improvements
The PR was extended with other fixes.  All tested by me atop 17.09.
2018-01-09 17:26:31 +01:00
Vladimír Čunát
4bc4c08838
nixos/kresd: service nitpicks 2018-01-09 17:25:18 +01:00
Vladimír Čunát
3ab85ed1ac
nixos/kresd: use DNSSEC root trust anchor from nixpkgs
in read-only way.  If the cache directory is empty and you use the
very same service for system's DNS, kresd is unable to bootstrap root
trust anchors, as it would need a DNS lookup.

Also, if we don't rely on bootstrap, the extra lua deps of kresd could
be dropped by default, but let's not do that now, as the difference in
closure size is only ~4 MB, and there may be other use cases than
running the package as nixos service this way.
2018-01-09 17:24:49 +01:00
Vladimír Čunát
f312e6d993
nixos/kresd: use systemd.tmpfiles
Since 4e4161c212 it works on nixos-rebuild.
2018-01-09 17:11:36 +01:00
José Romildo Malaquias
8b416450ea mate: let caja find extensions and gsettings schemas 2018-01-09 02:40:04 +02:00
José Romildo Malaquias
598c6c13f0 mate-panel: let mate-panel find applets in config system path 2018-01-09 02:40:04 +02:00
José Romildo Malaquias
ca27392d9c mate-control-center: add gsettings schemas path to XDG vars
mate-control-center depends on mate-settings-daemon, but the later needs
gsettings schemas  provided by the former. To fix this the gsettings schema
path from mate-control-center is added to XDG_DATA_DIRS at session
startup.
2018-01-09 02:40:04 +02:00
José Romildo Malaquias
1bacb88c6a mate-session-manager: add debug option to mate service 2018-01-09 02:40:04 +02:00
Andreas Rammhold
637d5dd00c tomcat9: 9.0.0.M17 -> 9.0.2
also renamed from tomcatUnstable to tomcat9
2018-01-09 01:31:06 +01:00
rnhmjoj
94d28f3672
nixos/dnscrypt-proxy: use new dyne.org repository 2018-01-09 00:33:19 +01:00
Jörg Thalheim
71cce26342 nixos/udev: fix outdated udev rules for network devices
Udev changed its internal naming, so this rule file no longer applied correctly.
Therefore some properties such as network driver no longer matched in
systemd-networkd.

After updating we have more properties in systemd-networkd:

$ sudo networkctl status wlp3s0
...
   Driver: iwlwifi
...

To prevent this in future, the file is no copied from systemd directly
2018-01-08 16:59:33 +01:00