Eelco Dolstra
bb9ee6a13f
Remove some setuid wrappers for non-standard programs
2014-09-05 14:46:36 +02:00
Eelco Dolstra
cd7129a037
Revert "nixos: add setuid wrappers for some networked filesystems' helpers"
...
This reverts commit 26a4001a98
. It
breaks the NFS test:
http://hydra.nixos.org/build/13943148
Also, having more setuid programs is a bad thing security-wise.
2014-09-05 14:43:11 +02:00
Michael Fellinger
00887dc3f8
diod: fix service
2014-09-05 14:39:55 +02:00
Eelco Dolstra
1f7c775910
Remove unrar from the installation CD since it's unfree
2014-09-05 14:25:17 +02:00
Eelco Dolstra
daebba2c97
Fix container test
2014-09-05 14:08:35 +02:00
Eelco Dolstra
002b067750
Merge pull request #3953 from lethalman/combined
...
release: don't build broken packages, don't build tested on unsupported systems
2014-09-05 10:46:42 +02:00
aszlig
c9d1c0d8d1
nixos/tests: Add basic test for nsd module.
...
Currently only tests basic resource record lookup against IPv4 and IPv6.
Nothing special yet, but probably enough for most setups.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-09-05 02:54:39 +02:00
aszlig
e8c4fde22d
nixos/nsd: Improve support for journald/systemd.
...
Don't fork into the background and just log to stderr.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-09-05 02:54:39 +02:00
aszlig
141cb70d5c
nixos/networking: Fix typo in ipv6prefixLength.
...
Within the module it's referenced with an uppercase "P" and ipv6Address
also begins with an uppercase "A" after the "6", so let's make it
consistent.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-09-05 02:54:39 +02:00
aszlig
6386df1645
nixos/nsd: Fix indentation/coding style.
...
For Nix, we indent using two spaces, but in this module somehow 4 spaces
were snuck in. Other than that, remoteControl and ratelimit are just
nested attribute sets, so we don't need to make another submodule type
for no particular reason.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-09-05 02:54:39 +02:00
Michael Fellinger
d62e848cc9
virtualbox: vboxusers may use /dev/vboxnetctl
2014-09-04 22:44:38 +02:00
William A. Kennington III
c6bd6d6d89
nixos/grub: Assert devices should be absolute paths
2014-09-04 10:31:39 -07:00
William A. Kennington III
f73f7ccc6e
nixos/install-grub: Read correct mountpoints
2014-09-04 10:31:39 -07:00
Michael Raskin
a3b9bf6c87
Merge pull request #3653 from iyzsong/nixos/xfce4-mixer
...
nixos: don't set variables for gstreamer-0.10 (fix #3652 )
2014-09-04 20:54:57 +04:00
Michael Raskin
1a0d437bf3
Merge pull request #3944 from joshcartwright/gummiboot-timeout-fix
...
gummiboot/builder: fix timeout setting when unset
2014-09-04 20:17:44 +04:00
Luca Bruno
2ba523df24
nixos nat: add description to forwardPorts
2014-09-04 11:33:08 +02:00
Luca Bruno
e6ab680cbf
nixos nat: add type for sourcePort and destination of forwardPorts
2014-09-04 10:26:33 +02:00
William A. Kennington III
2de0cf2549
nixos/utils: Don't remove first character if not a /
2014-09-03 18:40:05 -07:00
Luca Bruno
a1ded5c20e
nixos-install: use absolute path when running passwd in chroot
2014-09-03 23:12:40 +02:00
Luca Bruno
59ad713288
nixos-install: set umask 0022
2014-09-03 23:12:40 +02:00
Domen Kožar
2e97c06999
nixos-option: enable all flags by default and make output a bit readable cc @nbp
2014-09-03 22:08:25 +02:00
Jaka Hudoklin
43d9f92c82
nixos: docker, create docker group
2014-09-03 21:23:30 +02:00
Michael Raskin
4155121069
Merge pull request #3926 from lethalman/fwdports
...
nixos/nat: add forwardPorts for external->internal DNAT
2014-09-03 21:54:37 +04:00
Nathan Bijnens
00ad134284
Mesos: services
2014-09-03 19:21:49 +02:00
Michael Raskin
ab023cc559
Merge pull request #3843 from wkennington/master.iffix
...
nixos/network-interfaces: Sanitize sys-subsystem device names
2014-09-03 21:15:46 +04:00
Eelco Dolstra
65ef435d7b
Merge pull request #3949 from wkennington/master.grub
...
grub2: Add localizations
2014-09-03 19:06:26 +02:00
William A. Kennington III
eee8fd89b3
nixos/install-grub: Correct store path for search
2014-09-03 10:01:00 -07:00
William A. Kennington III
1b63a1b75e
nixos/iso-image: Fix grub-mkimage requiring a prefix
2014-09-03 09:26:44 -07:00
Michael Raskin
3e841ef642
Fixing comment case
2014-09-03 20:03:15 +04:00
Eelco Dolstra
46623bfc15
Remove copy-com.nix from the module list
...
This is proprietary software, and NixOS is intended as a free software
distribution. We currently don't have a mechanism like allowUnfree for
NixOS modules, so it's better to leave out modules for such
packages. Of couse, they can still be activated by doing:
imports = [ <nixpkgs/nixos/services/networking/copy-com.nix ];
2014-09-03 17:09:00 +02:00
Michael Raskin
c4d85240e5
Merge pull request #3267 from Mathnerd314/cpufreq_noise
...
Remove non-cpufreq_* modules since they are loaded by udev
2014-09-03 18:46:01 +04:00
Michael Raskin
94a131b95a
Fix forgotten unit entry
2014-09-03 15:47:53 +04:00
Strahinja Popovic
fe3f7716f0
Enabled access to binaries of needed tools, and worker daemons can be enabled for phabricator #3306
2014-09-03 15:46:59 +04:00
Rickard Nilsson
66ee6e03e7
pulseaudio: Use group audio instead of pulse-access
2014-09-03 13:24:47 +02:00
Luca Bruno
e5b7b97a67
nixos tested: only build on supportedSystems
2014-09-03 12:51:10 +02:00
Sergey Mironov
2b72edad9b
yandex-disk: fix the url; introduce systemd.service #2228
2014-09-03 12:36:29 +04:00
Rickard Nilsson
56102642fa
pulseaudio: Add pulse-access group, controlling access to the system-wide PA daemon
2014-09-03 10:25:36 +02:00
Cray Elliott
4efc03f46f
Delete nixos/modules/module-list.nix.orig, extraneous file
2014-09-03 01:20:56 -07:00
Michael Raskin
d1ae15b680
Merge pull request #3804 from ehmry/unbound
...
unbound: run in chroot
2014-09-03 11:45:20 +04:00
Michael Raskin
7a47d21aec
Merge pull request #3943 from wkennington/master.grub
...
Fix grub zfs build and typo
2014-09-03 11:39:35 +04:00
William A. Kennington III
d48a7a17df
nixos/network-interfaces: Sanitize sys-subsystem device names
...
Currently, nixos will allow for interface names with special characters
such as the hyphen to be used. This presents a problem when using
systemd device names as the namespace paths are separated using hyphens.
Within systemd, if a device name has a hyphen it should be replaced with
the escape sequence \x2d.
This patch sanitizes all interface names before they are used in a
systemd device string.
2014-09-03 00:31:38 -07:00
Michael Raskin
c3e7588367
Merge pull request #3747 from wkennington/master.explicit
...
nixos/network-interfaces: Allow explicit virtual interface type setting
2014-09-03 11:25:28 +04:00
Nathan Bijnens
33a3f76ee4
Copy.com: client #3617
2014-09-03 11:31:51 +04:00
Michael Raskin
8e968b18e4
Merge pull request #2952 from edwtjo/cups-syswide-clientconf
...
CUPS system wide client side remote printing.
2014-09-03 10:51:49 +04:00
Michael Raskin
a82c623c26
Merge pull request #3940 from wkennington/master.dnsmasq
...
nixos/dnsmasq: Fix regressions during the systemd update
2014-09-03 10:06:26 +04:00
Josh Cartwright
626a666da5
gummiboot/builder: fix timeout setting when unset
...
The gummiboot-builder.py script is expecting the @timeout@ metavar to be
substituted for either an empty string (in the case where a user has
left the timeout unset) or the actual value set in the system
configuration.
However, the config.boot.loader.gummiboot.timeout option defaults to
'null', and due to the way pkgs.substituteAll works, the substitution
for '@timeout@' is _never_ set to the empty string. This causes the
builder script to put a bogus line into /boot/loader/loader.conf:
timeout @timeout@
Fix this by explicitly setting 'timeout' to the empty string when it's
unset in the system configuration.
Signed-off-by: Josh Cartwright <joshc@eso.teric.us>
2014-09-03 05:36:45 +02:00
William A. Kennington III
ccc758f414
nixos/install-grub: Fix typo
2014-09-02 18:56:53 -07:00
Michael Fellinger
e805c78ed3
diod: remove redundant default doc
2014-09-03 02:55:00 +02:00
Michael Fellinger
0bf05a02f4
diod: add systemd service and config
2014-09-03 02:30:04 +02:00
William A. Kennington III
9659d0f4fb
nixos/dnsmasq: Fix regressions during the systemd update
2014-09-02 17:23:55 -07:00
William A. Kennington III
961e9867b3
nixos/generate-config: Only add store search path when kernels are not copied
2014-09-02 09:16:13 -07:00
William A. Kennington III
9467937639
nixos/install-grub: Only check for /nix to be the mountPoint for the store
2014-09-02 09:16:13 -07:00
William A. Kennington III
61908bdd80
nixos/install-grub: Always copy kernels for different devices
2014-09-02 09:16:13 -07:00
William A. Kennington III
4eff4afa3c
nixos/installer-test: Use nested subvolumes for root to test detection
2014-09-02 09:16:13 -07:00
William A. Kennington III
87b6232f3a
nixos/generate-config: Don't interpret btrfs subvols as bind mounts
2014-09-02 09:16:13 -07:00
William A. Kennington III
3944239362
nixos/tests-installer: Add a test for btrfs default volumes and bind mounts
2014-09-02 09:16:13 -07:00
William A. Kennington III
01ab1d57a3
nixos/install-grub: Detect nested btrfs subvolumes
2014-09-02 09:16:13 -07:00
William A. Kennington III
7fae423522
nixos/generate-config: Support detecting nested subvolumes
2014-09-02 09:16:13 -07:00
William A. Kennington III
0b66483c9a
nixos/install-grub: Store path should be /nix/store not /nix
2014-09-02 09:16:13 -07:00
William A. Kennington III
36614ff3e2
Revert "Revert "Merge pull request #2449 from wkennington/master.grub""
...
This reverts commit 94205f5f21
.
Conflicts:
nixos/modules/system/boot/loader/grub/install-grub.pl
2014-09-02 09:16:13 -07:00
Peter Simons
1c0d15b90e
Merge branch 'origin/master' into staging.
...
Conflicts:
pkgs/development/libraries/ffmpeg/2.x.nix
pkgs/development/libraries/serf/default.nix
2014-09-02 12:31:03 +02:00
lethalman
a3e91bbfa3
Merge pull request #3901 from vlstill/ssh_ip
...
Allow binding sshd to specified addresses.
2014-09-02 10:38:16 +02:00
Vladimir Still
13bbce96c3
sshd: Fix typo in assetion.
2014-09-02 10:06:04 +02:00
Michael Raskin
3ad91106f1
Merge pull request #3704 from sfultong/upstream-master
...
tomcat: update to upstream master
2014-09-02 02:09:18 +04:00
Michael Raskin
fa55a99701
Load EHCI befor OHCI and UHCI; from patch by Mathnerd314
2014-09-02 02:12:46 +04:00
Chris Farmiloe
08534000a4
Ensure libvirtd is started after vswitch and add ability to configure how libvirtd guests are shutdown
2014-09-02 01:48:50 +04:00
Chris Farmiloe
76a4de68c1
formatting/retab
2014-09-02 01:48:50 +04:00
Chris Farmiloe
8ef11bb0ee
add openvswitch package + basic nixos module to enable it
2014-09-02 01:48:50 +04:00
Michael Raskin
2a1a814e53
Make console-getty only used inside container by default
2014-09-02 01:36:10 +04:00
Michael Raskin
d140851472
Merge pull request #3779 from offlinehacker/docker
...
full nixos inside docker
2014-09-02 01:04:05 +04:00
Michael Raskin
419031bcfc
Merge pull request #2644 from lethalman/pam_tally
...
pam: Add logFailures option for adding pam_tally to su
2014-09-02 00:58:30 +04:00
Vladimir Still
a2394f09c7
sshd: Add note about listening on port 22 to listenAddresses.
2014-09-01 22:56:35 +02:00
Vladimir Still
ac39d839c3
sshd: Add note about firewall and listenAddresses.
2014-09-01 22:56:35 +02:00
Vladimir Still
e12337156c
sshd: Allow to specify ListenAddress.
2014-09-01 22:56:35 +02:00
Michael Raskin
5bbeba3d97
Merge pull request #3911 from vlstill/nfs-port_pullreq
...
nfsd: Make it possible to fix rpc.{mountd,statd,lockd} ports.
2014-09-02 00:53:52 +04:00
Michael Raskin
a6dfb4dc28
Merge pull request #3241 from ehmry/cjdns
...
cjdns declarative configuration
2014-09-02 00:53:18 +04:00
Michael Raskin
8c167b22a5
Merge pull request #3918 from robberer/pkgs/clamav
...
clamav: update to version 0.98.4 and run freshclam in daemon mode
2014-09-02 00:46:25 +04:00
Luca Bruno
b21ac60290
nixos/nat: add forwardPorts for external->internal DNAT
2014-09-01 22:31:56 +02:00
Luca Bruno
31b7cae018
nixos/znc: fix immutable config.
...
Fix references to coreutils echo and rm.
Make config writable even if immutable because of
https://github.com/znc/znc/blob/master/src/znc.cpp#L964 .
2014-09-01 16:21:12 +02:00
aszlig
29f4642284
nixos: Add new service for OpenNTPd.
...
This conflicts with the existing reference NTP daemon, so we're using
services.ntp.enable = mkForce false here to make sure both services
aren't enabled in par.
I was already trying to merge the module with services.ntp, but it would
have been quite a mess with a bunch of conditions on the package name.
They both have a bit in common if it comes to the configuration files,
but differ in handling of the state dir (for example, OpenNTPd doesn't
allow it to be owned by anything other than root).
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-09-01 16:07:28 +02:00
William A. Kennington III
3e834e1783
nixos/tests: Fix usage of head function without pkgs.lib
2014-09-01 04:39:45 -07:00
Longrin Wischnewski
28fd7ea190
clamav: run freshclam in daemon mode
2014-09-01 09:41:19 +02:00
Emery Hemingway
f5b4eacad6
uhub: initial service expression
2014-09-01 10:53:19 +04:00
Michael Raskin
a49caa77e7
Add IDs for uhub service
2014-09-01 10:53:19 +04:00
Michael Raskin
9e3d1b1a8f
Merge pull request #3908 from wkennington/master.ip
...
Reapply the multi-ip code
2014-09-01 10:28:54 +04:00
Jan Malakhovski
26a4001a98
nixos: add setuid wrappers for some networked filesystems' helpers
...
So that `user` mount option would work allowing normal users to mount
and umount stuff marked with it in `fileSystems.<name>.options`.
2014-09-01 10:33:48 +04:00
Jan Malakhovski
8c9b6d932a
nixos: add dhcpcd.persistent option
2014-09-01 10:33:48 +04:00
Jan Malakhovski
99243a5c51
nixos: add atftpd service
2014-09-01 10:33:48 +04:00
Jan Malakhovski
8f50d803ef
nixos: add support for mkhomedir in PAM
2014-09-01 10:33:48 +04:00
Emery Hemingway
f60ac82cac
cjdns: new declarative service expression
...
systemd service wants network-interfaces.target rather than network.target
assertion on config.networking.enableIPv6
2014-08-31 18:14:16 -04:00
Vladimir Still
a735c308b6
nfsd: Make it possible to fix rpc.{mountd,statd,lockd} ports.
2014-08-31 22:00:16 +02:00
Vladimir Still
5588ad472b
vpnc: Fix building of system config.
2014-08-31 21:39:03 +02:00
Sam Griffin
ec8e4d23f1
cleanup per Lethalman's suggestions
2014-08-31 13:01:20 -04:00
William A. Kennington III
02ecc98e87
nixos/network-interfaces: Fix bug in converting old ipAddresses
2014-08-31 09:47:18 -07:00
William A. Kennington III
9a697d775a
Revert "Revert "Fix syntax error in nixos/lib/build-vms.nix, introduced by 86c0f8c""
...
This reverts commit 2f697bf693
.
2014-08-31 09:46:26 -07:00
William A. Kennington III
3d037ebb94
Revert "Revert "Merge pull request #3182 from wkennington/master.ipv6""
...
This reverts commit ea8910652f
.
2014-08-31 09:46:16 -07:00
Sam Griffin
0667d67c95
Adding vpnc configuration module
2014-08-31 12:44:13 -04:00
Longrin Wischnewski
196c6260be
grub: fix grub merge error
2014-08-31 12:29:13 +02:00
Rob Vermaas
ea8910652f
Revert "Merge pull request #3182 from wkennington/master.ipv6"
...
This reverts commit b23fd65854
, reversing
changes made to 43654cba2c
.
2014-08-31 10:58:54 +02:00
Rob Vermaas
2f697bf693
Revert "Fix syntax error in nixos/lib/build-vms.nix, introduced by 86c0f8c"
...
This reverts commit 704e91bab0
.
2014-08-31 10:58:50 +02:00