Commit graph

16115 commits

Author SHA1 Message Date
Maximilian Bosch
a0fd819a4a
nixos/networkd: add test for VRF configurations 2020-01-25 17:38:15 +01:00
Maximilian Bosch
bc130855a7
nixos/networkd: add vrfConfig option to netdevs 2020-01-25 17:38:15 +01:00
Aaron Andersen
0e0b8f2feb
Merge pull request #77983 from aanderse/solr
solr: 8.4.0 -> 8.4.1
2020-01-25 11:11:13 -05:00
Marek Mahut
942568b8ea
Merge pull request #77830 from 1000101/dokuwiki
nixos/dokuwiki: init module
2020-01-25 10:08:14 +01:00
snicket2100
a5ab947003 irqbalance: systemd service config aligned with upstream
Aligned systemd service config with the definition in the upstream repo:
https://github.com/Irqbalance/irqbalance/blob/master/misc/irqbalance.service#L7.

Other than adding some level of sandboxing it also fixes the "Daemon
couldn't be bound to the file-based socket." warning reported on
irqbalance startup due to the fact that the "/run/irqbalance" directory
didn't exist. The "RuntimeDirectory" property makes sure it gets
created. The aforementioned warning didn't cause any problems I could
spot though.

I have verified that both `irqbalance` as well as `irqbalance-ui` work
fine with this new systemd service config.
2020-01-25 00:28:25 +01:00
lewo
adcbe7baeb
Merge pull request #78427 from serokell/yorickvp/vault-reload
nixos/vault: add ExecReload entry
2020-01-24 20:02:13 +01:00
Yorick van Pelt
15e98e7428
nixos/vault: add ExecReload entry 2020-01-24 18:59:13 +01:00
Silvan Mosberger
342bc51089
Merge pull request #78358 from serokell/yorickvp/alertmanager-secret
nixos/alertmanager: add environmentFile, envsubst for secrets
2020-01-24 18:48:59 +01:00
Jörg Thalheim
3ef5115963
nixos/systemd: add all systemd tmpfiles files
Especially tmp.conf is important to create /tmp and /var/tmp with the correct
permissions.
2020-01-24 17:20:54 +00:00
Yorick van Pelt
ed6e4a936c
nixos/alertmanager: provide example of envsubst usage 2020-01-24 18:07:24 +01:00
edef
bfe1c69ede nixos/gnupg: actually use the configured gpg package
Previously, this would ignore the `package` option if `pinentryFlavor`
was set.
2020-01-24 15:54:57 +00:00
worldofpeace
966e56cdfb nixos/xfce: use sessionPackages 2020-01-24 10:47:55 -05:00
Nathan Hawkins
b0208cb80f nixos/unifi: use systemd tmpfiles instead of preStart 2020-01-24 10:06:29 -05:00
Franz Pletz
402b97fa1e
Merge pull request #78058 from mayflower/nixos/version-gitdir-symlink
nixos/version: fix case where .git is a symlink
2020-01-24 14:58:31 +00:00
Jan Hrnko
8bab2dec10 nixos/dokuwiki: init module at 2018-04-22b 2020-01-24 13:27:10 +01:00
Aaron Andersen
ae9980040f nixos/httpd: add services.httpd.virtualHosts.<name>.locations option to match nginx 2020-01-23 21:03:15 -05:00
Jörg Thalheim
2685806371
nixos/kresd: add listenDoH option 2020-01-23 23:22:37 +00:00
Jörg Thalheim
bfa278ee5a
nixos/knot: set defaultText for package option
the package attributes looks nicer in the manual
2020-01-23 23:17:04 +00:00
Silvan Mosberger
3a4e550944
nixos/amazon-init.nix: add git/tar/gz, fix AMI configuration (#78363)
nixos/amazon-init.nix: add git/tar/gz, fix AMI configuration
2020-01-23 23:05:27 +01:00
Aaron Andersen
b8cf3411d9
Merge pull request #78378 from Izorkin/unit-fix
nixos/unit: fix attrs
2020-01-23 15:46:23 -05:00
Profpatsch
166d8247d0 modules/at-spi2-core: add debugging help to description
This makes the error message greppable.
2020-01-23 19:31:05 +01:00
Izorkin
f2c9bcf009 nixos/unit: fix attrs 2020-01-23 20:40:49 +03:00
Michael Weiss
5a4b93e33c
Merge pull request #76787 from primeos/sway
sway: 1.2 -> 1.4, wlroots: 0.8.1 -> 0.10.0
2020-01-23 14:19:59 +01:00
Christian Höppner
4da3513960
Pass on nixos configuration to amazonImage 2020-01-23 14:16:25 +01:00
Christian Höppner
94899871b8
nixos/amazon-init.nix: Add gzip to amazon-init path 2020-01-23 14:15:26 +01:00
Christian Höppner
6d68699809
nixos/amazon-init.nix: Add gnutar to amazon-init PATH 2020-01-23 14:15:25 +01:00
Christian Höppner
52d5ce38fb
nixos/amazon-init.nix: add git to amazon-init script PATH 2020-01-23 14:15:18 +01:00
Yorick van Pelt
23d5d9bbe9
nixos/alertmanager: add environmentFile, envsubst for secrets 2020-01-23 13:51:00 +01:00
Silvan Mosberger
78d83650df
nixos/desktop-manager: Don't fall back to black background
Previously if ~/.background-image wasn't present, the background would
be set to black, which would override what the user could
set in e.g. services.xserver.windowManager.i3.extraSessionCommands
2020-01-23 05:01:39 +01:00
Silvan Mosberger
a149202c5a
nixos/docs: Fix nixos-install --system command (#77719)
nixos/docs: Fix nixos-install --system command
2020-01-23 03:39:38 +01:00
Silvan Mosberger
7a7b8d904b
nixos/desktop-managers: Remove needBGPackages thing
This value isn't used since 71a8dbb956
2020-01-23 02:35:01 +01:00
Andrew Dunham
2c9bff9f6f nixosTests.systemd: port to Python 2020-01-22 16:11:15 -08:00
Graham Christensen
ebb644a980
Merge pull request #76585 from serokell/mkaito/amazon-userdata-multiple-channels
virtualization/amazon-init: log multiple nix channels, fix nix path.
2020-01-22 19:02:44 -05:00
Maximilian Bosch
2d9e51adc3
Merge pull request #77532 from symphorien/roundcube
nixos/roundcube: security improvements
2020-01-22 21:58:25 +01:00
Michael Weiss
e99b32d27f
nixos/sway: Install the new default terminal emulator
The default changed in Sway 1.3 from rxvt_unicode to alacritty. For
backward compatibility we'll install both terminal emulators by default.
2020-01-22 21:38:01 +01:00
Marek Mahut
c4d75cbb0c boot.initrd.luks: adding a warning when using FIDO2 with kernel ≤ 5.4 2020-01-22 16:00:40 +01:00
Patrick Hilhorst
593e11fd94
treewide: fix redirected urls
According to https://repology.org/repository/nix_unstable/problems, we have a
lot of packages that have http links that redirect to https as their homepage.
This commit updates all these packages to use the https links as their
homepage.

The following script was used to make these updates:

```

curl https://repology.org/api/v1/repository/nix_unstable/problems \
    | jq '.[] | .problem' -r \
    | rg 'Homepage link "(.+)" is a permanent redirect to "(.+)" and should be updated' --replace 's@$1@$2@' \
    | sort | uniq > script.sed

find -name '*.nix' | xargs -P4 -- sed -f script.sed -i
```
2020-01-22 11:26:22 +01:00
Matt Layher
50c661c447 nixos/corerad: update test for new configuration 2020-01-22 01:19:35 -08:00
Marek Mahut
a5798cf78e rl-2003.xml: adding note about FIDO2 luks 2020-01-22 08:38:16 +01:00
Marek Mahut
b02d479323 doc: FIDO2 luks file system 2020-01-22 08:38:16 +01:00
Marek Mahut
dea2fe9f39 boot.initrd.luks: Adding FIDO2 support 2020-01-22 08:38:16 +01:00
Florian Klink
dea2d64c35
Merge pull request #78134 from NinjaTrappeur/nin-harden-syncthing
nixos/syncthing.nix: Sandbox the systemd service.
2020-01-21 22:30:04 +01:00
Florian Klink
a3d67f417e
Merge pull request #77665 from zaninime/ifxfrm
systemd-networkd: add configuration for XFRM interfaces
2020-01-21 22:14:53 +01:00
Florian Klink
0daae2e08c nixos/buildkite: drop user option (#78160)
* nixos/buildkite: drop user option

This reverts 8c6b1c3eaa.

Turns out, buildkite-agent has logic to write .ssh/known_hosts files and
only really works when $HOME and the user homedir are in sync.

On top of that, we provision ssh keys in /var/lib/buildkite-agent, which
doesn't work if that other users' homedir points elsewhere (we can cheat
by setting $HOME, but then getent and $HOME provide conflicting
results).

So after all, it's better to only run the system-wide buildkite agent as
the "buildkite-agent" user only - if one wants to run buildkite as
different users, systemd user services might be a better fit.

* nixosTests.buildkite-agent: add node with separate user and no ssh key
2020-01-21 13:21:57 +00:00
zimbatm
ab10bac1b1
nixos-rebuild: fix the maybeSudo usage
* properly expand the command using arrays instead of strings
* also handle sudo on the localhost
2020-01-21 13:17:38 +01:00
zimbatm
93204f1d8a
nixos/matterbridge: fix package access
was broken by 4371ecb8a6 due to the
switch to buildGoModule
2020-01-21 13:17:18 +01:00
zimbatm
b54c60b689
nixos/zerotierone: simplify the unit
There is no need to stop/start the unit when the machine is online or
offline.

This should fix the shutdown locking issues.

nixos zerotier: sometimes it doesn't shutdown
2020-01-21 13:14:38 +01:00
Jörg Thalheim
71c19d3efa
Merge pull request #76537 from Izorkin/unit
unit: 1.13.0 -> 1.14.0
2020-01-21 11:39:41 +00:00
worldofpeace
348e48fdcc
Merge pull request #78004 from worldofpeace/mtrack-remove
nixos/multitouch: remove (properly known as mtrack)
2020-01-20 17:07:59 -05:00
Silvan Mosberger
3929a0fbca
nixos/traceroute: init (#77953)
nixos/traceroute: init
2020-01-20 22:32:33 +01:00
worldofpeace
afe27e517b nixos/multitouch: remove
On numerous occasions I have seen users mistake this
module as libinput because it being called "multitouch"
and them being unaware that the actually module they want
is libinput. They then run into several decrepit bugs due
to the completely out-of-date nature of the underlying package.
The underlying package hasn't been changed to an up-to-date
fork in a period of 8 years. I don't consider this to be production quality.
However, I'm not opposed for the module being readded to NixOS
with new packaging, and a better name.
2020-01-20 16:09:29 -05:00
Félix Baylac-Jacqué
ff8f2928ee
nixos/syncthing.nix: Sandbox the systemd service.
Using systemd sandboxing features to harden the syncthing service.
2020-01-20 21:48:48 +01:00
zimbatm
e20de6b57a
Merge pull request #78045 from flokli/buildkite-agent-user-runtime-test
nixos/buildkite: add option to configure user, add nix-required packages to runtime, add test
2020-01-20 13:50:10 +00:00
Florian Klink
4b73d3c444 nixos/buildkite: make privateSshKeyPath optional
When only cloning public repos, or when the ssh key is provided by
different means, we don't need to manage it here.
2020-01-20 11:10:56 +01:00
Florian Klink
a208e6eb99 nixosTests.buildkite: add test 2020-01-20 10:30:24 +01:00
Florian Klink
70308a7daf nixos/buildkite-agent: add gnutar, gzip and git to runtimePackages
These are required for nix to do builtins.fetchTarball and
builtins.fetchGit, so most likely we want them to be around.
2020-01-20 10:30:24 +01:00
Florian Klink
7838f00824 nixos/buildkite: stop using deprecated option 2020-01-20 10:30:22 +01:00
Franz Pletz
46773a15b3
nixos/version: fix case where .git is a symlink
Before c9214c394b and
9d396d2e42 if .git is symlink the version
would gracefully default to no git revision. With those changes an
exception is thrown instead.

This introduces a new function `pathIsGitRepo` that checks if
`commitIdFromGitRepo` fails without error so we don't have to
reimplement this logic again and can fail gracefully.
2020-01-20 00:53:44 +01:00
Alexey Lebedeff
ed16f830b0 rabbitmq: make all dependencies explicit
Some things were provided by default, some by systemd unit and some
were just miraculously working. This turns them into explicit
dependencies of the package itself, making everything properly
overrideable.

+ providing glibcLocales fixes elixir compile warnings

+ providing systemd dependency allows rabbit to use systemctl for unit
  activation check instead of falling back to sleep. This was seen as
  a warning during startup.
2020-01-19 23:24:27 +01:00
Florian Klink
764aba4c1b
Merge pull request #77587 from singron/fix-shared
test-driver.py: Share the shared dir between VMs
2020-01-19 22:07:31 +01:00
Florian Klink
8c6b1c3eaa nixos/buildkite-agent: add "user" option
This allows buildkite-agent to run as another user.

It'll still run builds from /var/lib/buildkite-agent and setup things in
there.
2020-01-19 21:21:15 +01:00
Florian Klink
5ed3474ca5
Merge pull request #77540 from singron/fix-certmgr-test
nixos/tests/certmgr: Fix file permissions
2020-01-19 19:50:41 +01:00
Eric Culp
6795a4002c test-driver.py: Use /tmp/shared for copy_from_vm
The docstring says it uses a directory shared among all vms, although
that doesn't seem necessary for the functionality. However, it does need
to be consistent between the guest and host.
2020-01-19 10:33:46 -08:00
Lucas Savva
769fbf9254 nixos/acme: fix some descriptions, default acceptTerms to false 2020-01-19 18:24:04 +00:00
Florian Klink
eba10dcbcb
Merge pull request #77950 from flokli/buildkite-3
nixos/buildkite-agent: move to v3
2020-01-19 14:23:49 +01:00
Florian Klink
b32b29963f
Merge pull request #78018 from rnhmjoj/typo
nixos/unclutter: fix old typo
2020-01-19 14:19:32 +01:00
Markus S. Wamser
d4718f180b minidlna: provide configuration option for announce interval
Signed-off-by: Markus S. Wamser <github-dev@mail2013.wamser.eu>
2020-01-19 14:06:27 +01:00
rnhmjoj
bac3e6841b
nixos/unclutter: fix old typo 2020-01-19 10:09:12 +01:00
Cole Mickens
90d297c4cd nixos: home-assistant: can dial out 2020-01-19 00:03:44 -08:00
Antonio Nuno Monteiro
e2c11ad3c0 nixos/kubernetes: allow configuring cfssl API server SANs 2020-01-18 23:39:21 -08:00
Jan Tojnar
0a65c2b7e9
Merge pull request #77960 from jtojnar/declarative-check-modules
nixos/doc: suggest checking options for declarative package mgmt
2020-01-19 02:57:36 +01:00
worldofpeace
765afd38fa
Merge pull request #76985 from Elyhaka/gdm_hides_gnome
gdm: refactor to properly handle wayland sessions
2020-01-18 20:39:07 -05:00
worldofpeace
c6022f7abf nixos/gnome3: add gnome-shell to systemd.packages
This actually gets added via xdg.portal having gnome-shell.
However, that could change and it still for sure should be here.
2020-01-18 20:26:45 -05:00
worldofpeace
ffcfb80781
Merge pull request #77690 from gnidorah/way-cooler
way-cooler: Remove
2020-01-18 14:50:41 -05:00
Matthias Beyer
29bb16a9cd way-cooler: Remove
As of 2020-01-09, way-cooler is officially dead:

    http://way-cooler.org/blog/2020/01/09/way-cooler-post-mortem.html

hence, remove the package and the module.

Signed-off-by: Matthias Beyer <mail@beyermatthias.de>

docs/release-notes: remove way-cooler

way-cooler: show warnings about removal

Apply suggestions from code review

Co-Authored-By: worldofpeace <worldofpeace@protonmail.ch>

way-cooler: add suggestion by @Infinisil
2020-01-18 18:25:01 +03:00
Symphorien Gibol
b5d692e123 nixos/roundcube: provide path to mime.types file
fixes this warning:
WARNING: Mimetype to file extension mapping doesn't work properly!
2020-01-18 16:12:50 +01:00
Symphorien Gibol
b6e6bec57c nixos/roundcube: don't use the default and insecure des_key
The php installer creates a random one, but we bypass it, so we have
to create one ourselves.

This should be backward compatible as encryption is used for session
cookies only: users at the time of the upgrade will be logged out but
nothing more.

259b7fa065/config/config.inc.php.sample (L73)
2020-01-18 16:12:50 +01:00
Symphorien Gibol
52cf727a53 nixos/roundcube: do not write passwords to the store nor run php as root
If the database is local, use postgres peer authentication.
Otherwise, use a password file.

Leave database initialisation to postgresql.ensure*.
Leave /var/lib/roundcube creation to systemd.
Run php upgrade script as unpriviledged user.
2020-01-18 15:27:45 +01:00
Aaron Andersen
acd9e87ebe solr: drop 7.x series 2020-01-18 08:50:35 -05:00
Elyhaka
d18ac2bca1 gdm: refactor to properly handle wayland sessions 2020-01-18 10:56:11 +01:00
Jan Tojnar
6b3c3c817a
nixos/doc: suggest checking options for declarative package mgmt
Some programs might not work without systemd services registered or do not work at full capacity without NixOS module.
2020-01-18 02:17:36 +01:00
Florian Klink
b9182529b4 nixos/buildkite: add release notes 2020-01-17 23:11:26 +01:00
Florian Klink
63c310c07e nixos/buildkite-agent: change option meta-data into tags attrset
This is called tags in the buildkite 3.
2020-01-17 23:11:26 +01:00
volth
d5d1293fe3 nixos/traceroute: init 2020-01-17 21:28:54 +00:00
worldofpeace
b3c8534911
Merge pull request #77294 from worldofpeace/systemd-packages-duplicates
nixos/systemd-lib: don't fail on systemd.packages duplicates
2020-01-17 13:16:59 -05:00
Yorick van Pelt
e1ad9d1685 nixos/buildkite-agent: add a shell attribute to specify the shell being used
This gets passed to BUILDKITE_SHELL, which will specify the shell being
used to executes script in.

Defaults to `${pkgs.bash}/bin/bash -e -c`, matching how buildkite
behaves on other distros.
2020-01-17 18:40:11 +01:00
Florian Klink
99d0f4c380 nixos/buildkite-agent: tweak TimeoutStopSec and KillMode
This improves behaviour when the service is being stopped.
2020-01-17 18:40:11 +01:00
Florian Klink
9237767277 nixos/buildkite-agent: actually use services.buildkite-agent.package
We were currently just using pkgs.buildkite-agent, no matter what was
configured in services.buildkite-agent.package
2020-01-17 18:40:11 +01:00
Florian Klink
c154dd5101 nixos/buildkite-agent: stop deploying public keys, make ssh private key optional.
SSH public keys aren't needed to clone private repos, and if we only
need to configure a single attribute, there's no need for the "openssh"
attrset anymore.
2020-01-17 18:40:11 +01:00
Florian Klink
ed0b5b6133
Merge pull request #77662 from marijanp/verbose-python-test-driver
nixos/test: added verbose output for failed tests
2020-01-17 13:50:49 +01:00
Matt Layher
5089214a3d nixos/corerad: init 2020-01-16 12:38:36 -08:00
Maximilian Bosch
d77b68e487
nixos/liboping: add module
This creates setcap wrappers for oping and noping to allow unprivileged
users to use those as well.
2020-01-16 18:09:35 +01:00
Aaron Andersen
fc1bee555e
Merge pull request #75602 from vanyaklimenko/nginx-gitweb-more-options
nixos/nginx/gitweb: add some (crucial) options
2020-01-15 21:16:24 -05:00
Aaron Andersen
7260d2eb13
Merge pull request #77326 from aanderse/apacheHttpd
nixos/httpd: symlink apache configuration to /etc/httpd/httpd.conf for use in the apachectl command
2020-01-15 21:02:05 -05:00
volth
2bd296a7e9 runInLinuxVM, test-driver: pass host's cpu type to guest vm
'kvm64' is the most generic CPU, which does not support SSE4.2, AVX and other ISA extentions.
2020-01-15 23:35:00 +00:00
Mark Karpov
a8cdfd30ff
Make buildkite agent service compatible with buildkite-agent3 2020-01-15 17:16:44 +01:00
Lucas Savva
61665e3363 nixos/acme: ignore tmpfiles rules for null webroots 2020-01-15 09:17:11 +00:00
Nikola Knezevic
900e288d22 Enable elasticsearch-curator on elasticsearch 7
The current nixpkgs use elasticsearch-curator 5.8.1. As of version 5.7.0,
elasticsearch-curator supports elasticsearch 7, thus this change enables tests
with ES 7.
2020-01-15 10:12:19 +01:00
Bas van Dijk
b0b37569a7
Merge pull request #77669 from basvandijk/hydra-sync-buildMachinesFiles-with-upstream
hydra: only set buildMachinesFiles when nix.buildMachines is defined
2020-01-15 09:39:25 +01:00
Bas van Dijk
b517409c6b
Merge pull request #77668 from basvandijk/hydra-rm-option-build-use-substitutes
hydra: remove the build-use-substitutes option
2020-01-15 09:30:18 +01:00
Silvan Mosberger
241e9c10ba
nixos/docs: Fix nixos-install --system command 2020-01-15 05:39:12 +01:00
Florian Klink
4b4e59b18d
Merge pull request #77664 from tfc/transmission-torrent-test-fix
nixos/transmisison: Transmission torrent test fix
2020-01-15 00:58:31 +01:00
Erik Arvstedt
5bdb653baf test-driver.py: fix decoding of VM output
The codec format 'unicode_escape' was introduced in 52ee102 to handle
undecodable bytes in boot menus.

This made the problem worse as unicode chars outside of iso-8859-1
produce garbled output and valid utf-8 strings (such as "\x" ) trigger
decoding errors.

Fix this by using the default 'utf-8' codec and by explicitly ignoring
decoding errors.
2020-01-14 15:52:44 -08:00
Erik Arvstedt
caa435fd1d test-driver.py: specify coreutils dependency
Otherwise the driver script fails when coreutils are not in PATH.
2020-01-14 15:52:44 -08:00
Susan Potter
16fc4dd77d
nixos/doc+manual: update copyright year range end 2019->2020 2020-01-14 07:01:39 -06:00
Bas van Dijk
ad554b3e4e hydra: only set buildMachinesFiles when nix.buildMachines is defined
This applies [hydra PR #432](https://github.com/NixOS/hydra/pull/432)
to the NixOS module in nixpkgs:

```
commit 4efd078977e5ea20e1104783efc324cba11690bc
Author: Bas van Dijk <v.dijk.bas@gmail.com>
Date:   Sun Dec 11 15:35:38 2016 +0100

    Only set buildMachinesFiles when nix.buildMachines is defined
```
2020-01-14 12:32:40 +01:00
Bas van Dijk
f34aaa6646 hydra: remove the build-use-substitutes option
The following commit from 2016 in hydra removed the `--option
build-use-substitutes` from the hydra-queue-runner service:

```
commit ee2e9f5335c8c0288c102975b506f6b275793cfe
Author: Eelco Dolstra <edolstra@gmail.com>
Date:	Fri Oct 7 20:23:05 2016 +0200

    Update to reflect BinaryCacheStore changes

    BinaryCacheStore no longer implements buildPaths() and ensurePath(),
    so we need to use copyPath() / copyClosure().
```

It would be better if the hydra module in NixOS matches the upstream
module.
2020-01-14 12:14:25 +01:00
Francesco Zanini
9974bb16b0 systemd-networkd: add configuration for XFRM interfaces 2020-01-14 11:33:18 +01:00
Jacek Galowicz
adf5642ba6 nixosTests.bittorrent: Refactor declarative part 2020-01-14 10:22:46 +01:00
Jacek Galowicz
e1b1f5a484 nixosTests.bittorrent: Fix declarative httpd description 2020-01-14 10:11:57 +01:00
Jacek Galowicz
7f69fdd182 nixos/transmission: Fix module code 2020-01-14 10:10:45 +01:00
Marijan Petričević
61c61f80e5 nixos/test: added verbose output for failed tests 2020-01-14 09:33:10 +01:00
Peter Hoeg
41d333e024
Merge pull request #60981 from thefloweringash/usb-modeswitch
usb_modeswitch: fixes
2020-01-14 10:48:45 +08:00
Vanya Klimenko
ed52a6567c nixos/nginx/gitweb: add some (crucial) options
This replaces some hardcoded values in nginx's VirtualHosts's
configuration with customizable options. Previous values are kept as
default, so nothing should break for existing users.

Co-Authored-By: Florian Klink <flokli@flokli.de>
2020-01-14 00:11:10 +00:00
Silvan Mosberger
55b0129a14
Merge pull request #76178 from 0x4A6F/master-xandikos
xandikos: add tests and module
2020-01-13 23:48:22 +01:00
Martin Milata
d9319e8e87 nixos/ndppd: enable systemd sandboxing 2020-01-13 11:11:32 +00:00
Robin Gloster
8305186bb4
Merge pull request #77554 from lheckemann/fix-wpa-multiple1
nixos/wpa_supplicant: fix use with multiple interfaces
2020-01-13 12:07:54 +01:00
Linus Heckemann
247c25d302
Merge pull request #77473 from mayflower/worktrees
lib.commitIdFromGitRepo: support git-worktree
2020-01-13 12:01:49 +01:00
markuskowa
9bedc18507
Merge pull request #77553 from c0deaddict/fix/gitea-typo
nixos/gitea: fix typo
2020-01-13 09:29:08 +01:00
Andrew Childs
e4fa8192da nixos/tests/ec2: return to passing state
Updates required:

- Use vpc image format (new default, supported by Amazon)
- Pass full image filename to makeEc2Test
- Increase memory allocation for nixos-rebuild
- Set a networking.hostName for services.httpd
- Add appropriate escaping in literal userdata

While I'm here, try to make it fail fast.
2020-01-13 15:52:37 +09:00
Erik Arvstedt
9ed03f2103 nixos/paperless: fix tmpfiles rules
Previously, the service expected the paperless user to have a group with
the user's name. This is not necessarily the case for custom users.
2020-01-13 02:01:23 +00:00
Erik Arvstedt
5ad5d2321f nixos/paperless: don't use deprecated types.loaOf
This removes a warning.
2020-01-13 02:01:23 +00:00
Eric Culp
21f567bdd9 test-driver.py: Share the shared dir between VMs
This changes the python test driver to match the behavior of the perl
test driver.  I.e. the directory mounted into /tmp/shared should be the
same for all machines.

This probably fixes many tests, but I found this while investigating
failures in nixos/tests/ceph-multi-node.nix.
2020-01-12 15:49:17 -08:00
Lucas Savva
9467f2ba2c nixos/acme: Add logic to select right email address 2020-01-12 21:52:28 +00:00
Lucas Savva
1e3607d331 nixos/acme: replace simp-le with lego client
Lego allows users to use the DNS-01 challenge to validate their
certificates. It is mostly backwards compatible, with a few
caveats.

 - extraDomains can no longer have different webroots to the
   main webroot for the cert.
 - An email address is now mandatory for account creation

The following other changes were required:
 - Deprecate security.acme.certs.<name>.plugins, as this was
   specific to simp-le
 - Rename security.acme.validMin to validMinDays, to avoid
   confusion and errors. Lego requires the TTL to be specified in
   days
 - Add options to cover DNS challenge (dnsProvider,
   credentialsFile, dnsPropagationCheck)
 - A shared state directory is now used (/var/lib/acme/.lego)
   to avoid account creation rate limits and share credentials
   between certs
2020-01-12 21:28:53 +00:00
worldofpeace
d04c6e0c26
Merge pull request #77324 from worldofpeace/buildbot-eval
nixos/buildbot: fix eval, and some twin issues
2020-01-12 15:17:19 -05:00
worldofpeace
2af959e579 nixos/jenkins/slave: fix eval 2020-01-12 15:17:05 -05:00
Jan Tojnar
61cf52bc17
Merge pull request #77501 from jtojnar/more-loaof-fxes
tree-wide: fix more warning related to loaOf deprecation
2020-01-12 18:47:34 +01:00
Franz Pletz
23bdc67f8b
Merge pull request #77561 from Mic92/openldap
nixos/openldap: check configuration with slaptest
2020-01-12 16:33:34 +00:00
Silvan Mosberger
d6ad9ce105
nixos/usbmuxd: Fix users.groups assignment
A mistake was introduced in https://github.com/NixOS/nixpkgs/pull/63103
2020-01-12 16:53:27 +01:00
Jörg Thalheim
382b0aa52d
nixos/openldap: check configuration with slaptest
slapd does only print the error and not the line number.
Sometimes it is not even clear that it fails to start
due to an incorrect configuration file.

Example output of slaptest:

5e1b2179 /nix/store/gbn2v319d4qgw851sg41mcmjm5dpn39i-slapd.conf: line 134 objectClass: Missing closing parenthesis before end of input
ObjectClassDescription = "(" whsp
  numericoid whsp                 ; ObjectClass identifier
  [ "NAME" qdescrs ]
  [ "DESC" qdstring ]
  [ "OBSOLETE" whsp ]
  [ "SUP" oids ]                ; Superior ObjectClasses
  [ ( "ABSTRACT" / "STRUCTURAL" / "AUXILIARY" ) whsp ]
                                  ; default structural
  [ "MUST" oids ]               ; AttributeTypes
  [ "MAY" oids ]                ; AttributeTypes
  whsp ")"
slaptest: bad configuration file!
2020-01-12 14:25:49 +00:00
Robert Hensing
9884cb3ed0
Merge pull request #76861 from Infinisil/paths-as-submodules
lib/types: Allow paths as submodule values
2020-01-12 14:19:04 +01:00
Linus Heckemann
bbd6d219e4 nixos/wpa_supplicant: fix #61391 2020-01-12 14:14:16 +01:00
Jos van Bakel
a171244455
nixos/gitea: fix typo 2020-01-12 12:51:01 +01:00
Eric Culp
dc6451f08c nixos/tests/certmgr: Fix file permissions
This test has been broken since 2a413da57e, which stopped running the
nginx master process as root.
2020-01-11 16:18:10 -08:00
volth
6abba2294d nixos/nat: use nixos-nat-out instead of OUTPUT 2020-01-12 00:06:49 +01:00
snicket2100
1657acd5d4 actkbd: fixed the description of the services.actkbd.bindings option
The description referred to `<option>sound.enableMediaKeys</option>`,
which is actually called `<option>sound.mediaKeys.enable</option>`.
2020-01-11 13:07:19 -08:00
0x4A6F
c9ca370e32
nixos/xandikos: init 2020-01-11 16:08:45 +01:00
0x4A6F
78aec9cfcb
nixosTests.xandikos: init 2020-01-11 16:08:44 +01:00
Lennart
4e6e94417c nixos/nextcloud: added trusted_proxies setting (#77480) 2020-01-11 15:43:43 +01:00
Michael Weiss
0608d78f3c
Merge pull request #76437 from gnidorah/sway
nixos/sway: add programs.sway.extraOptions
2020-01-11 12:16:34 +01:00
Jan Tojnar
e85b34c484
tree-wide: fix more warning related to loaOf deprecation 2020-01-11 08:09:56 +01:00
Tim Steinbach
ada59cfd43
kafka: Add 2.4 2020-01-10 21:02:03 -05:00
Alyssa Ross
59c4035e58 nixos/spamassassin: allow initPreConf to be a path
Supporting a path here is important because it allows e.g. fetching a
configuration from a URL.  To do this and provide the configuration as
a string, IFD would be necessary.  It's just written into a path
anyway.
2020-01-10 21:49:06 +00:00
elseym
c9214c394b
lib.commitIdFromGitRepo: support git-worktree
lib.commitIdFromGitRepo now resolves the refs from the
parent repository in case the supplied path is a file
containing the path to said repository. this adds support
for git-worktree and things alike. see gitrepository-layout(5).

this also:
- adds a new boolean function lib.pathIsRegularFile to
  check whether a path is a regular file
- patches lib.revisionWithDefault and
  the revision and versionSuffix attributes in
  config.system.nixos in order to support git-worktrees
2020-01-10 22:29:48 +01:00
Florian Klink
47e0ce7f1a
Merge pull request #77303 from tfc/port-elk-initdb-kafka
Port elk initdb kafka
2020-01-10 17:05:04 +01:00
Silvan Mosberger
5239b328f8
lib/types: Introduce lazyAttrsOf (#70138)
lib/types: Introduce lazyAttrsOf
2020-01-10 16:35:25 +01:00
Jörg Thalheim
a69d3f33d4
nixos/powertop: wait for hardware to initialize (#77364)
nixos/powertop: wait for hardware to initialize
2020-01-10 15:25:51 +00:00
Silvan Mosberger
b48717d1eb
lib/types: Introduce lazyAttrsOf
The standard attrsOf is strict in its *values*, meaning it's impossible to
access only one attribute value without evaluating all others as well.
lazyAttrsOf is a version that doesn't have that problem, at the expense
of conditional definitions not properly working anymore.
2020-01-10 16:19:55 +01:00
Silvan Mosberger
d5a2922641
nixos/doc: Note that attrsOf is strict in its values 2020-01-10 16:19:54 +01:00
Niklas Hambüchen
902d102c85
Merge pull request #77279 from maralorn/stateVersion-docs
Improve documentation for stateVersion
2020-01-10 14:42:27 +01:00
Milan Pässler
fb9645656b nixos/geary: init 2020-01-10 02:00:08 +01:00
Jacek Galowicz
abebf8cdb3 nixosTests.initdb: Move code to existing postgres test 2020-01-09 23:21:51 +01:00
Jacek Galowicz
fff1c2867f nixosTests.postgres: Refactor code 2020-01-09 23:21:08 +01:00
gnidorah
ad8a430a3a
nixos/sway: add programs.sway.extraOptions 2020-01-09 22:25:01 +01:00
Alyssa Ross
65dcd244bc maintainers/create-azure.sh: run from anywhere
I'm not really sure how the line directly after ended up with this,
but this line didn't...
2020-01-09 20:54:28 +00:00
markuskowa
2913973aa7
Merge pull request #76938 from lourkeur/fix_76184_gnunet
nixos/gnunet: Add types to the options
2020-01-09 21:33:50 +01:00
markuskowa
59670b0c56
Merge pull request #76939 from lourkeur/fix_76184_tsocks
nixos/tsocks: Add types to the options
2020-01-09 21:33:18 +01:00
Florian Klink
2603d15a4d
Merge pull request #77167 from srhb/ceph-14_2_5
ceph: 14.2.4 -> 14.2.5
2020-01-09 18:39:05 +01:00
Silvan Mosberger
e9c16ec186
Merge pull request #76857 from Infinisil/recursive-disableModules
Apply `disabledModules` recursively
2020-01-09 18:20:12 +01:00
Silvan Mosberger
a6462a4a8b
nixos/doc: Extend disabledModules docs to indicate recursive disabling 2020-01-09 17:26:08 +01:00
Silvan Mosberger
7167985e34
nixos/documentation: Fix disabledModules being rendered
Previously disabledModules would not be disabled for the manual
2020-01-09 17:26:08 +01:00
Florian Klink
5a523d70f6
Merge pull request #77158 from aanderse/mysql
nixos/mysql: restart systemd service on abort
2020-01-09 17:04:40 +01:00
Silvan Mosberger
9d4b59b549
nixos/doc: Add incompatibility note for either submodule path
Co-Authored-By: Robert Hensing <roberth@users.noreply.github.com>
2020-01-09 16:47:53 +01:00
Denys Pavlov
90b6823373 nixos/powertop: wait for hardware to initialize
We should wait until after `multi-user.target` is triggered to allow
hardware to finish initializing, such as network devices and USB drives.
This ensures `powertop --auto-tune` sets more tunables to "Good".

Fixes #66820
2020-01-09 19:45:41 +08:00
Jörg Thalheim
5121edc703
home-assistant: 0.100.3 -> 0.103.2 (#76088)
home-assistant: 0.100.3 -> 0.103.2
2020-01-09 11:29:04 +00:00
Florian Klink
959034d8e9
Merge pull request #77355 from andersk/gdm-tmpfiles
nixos/gdm: Fix tmpfiles configuration syntax
2020-01-09 12:12:57 +01:00
Oleksii Filonenko
25b75b8fb5
nixosTests.home-assistant: port to python 2020-01-09 10:39:50 +00:00
Jörg Thalheim
283e3e7218
nixos/home-assistant: support for secrets 2020-01-09 10:39:50 +00:00
Jörg Thalheim
ff5ddd04f3
nixos/pam: cleanup services (#76885)
nixos/pam: cleanup services
2020-01-09 10:09:13 +00:00
Sarah Brofeldt
59233d67b1 nixos/tests/ceph: Use 3 osds, the default minimum 2020-01-09 08:00:19 +01:00
Anders Kaseorg
07ccbc099a nixos/gdm: Fix tmpfiles configuration syntax
Fixes this error from `nixos-rebuild switch` introduced by #75893:

setting up tmpfiles
[/etc/tmpfiles.d/nixos.conf:7] Invalid age 'yes'.
warning: error(s) occurred while switching to the new configuration

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2020-01-08 19:51:32 -08:00
Léo Gaspard
b31660e5bb
Merge branch 'master' into ihatemoney 2020-01-09 03:49:03 +01:00
Silvan Mosberger
6525da6321
lib/types: Allow paths as submodule values 2020-01-08 23:54:45 +01:00
Silvan Mosberger
228a7b173e
nixos/certmgr: Flip either submodule path type
For upcoming allowance of paths as submodules
2020-01-08 23:54:45 +01:00
Pascal Bach
0319241132 nixos/mxisd: fix empty user name 2020-01-08 23:18:26 +01:00
Pascal Bach
76506ae42f nixos/matrix-synapse: fix empty user name 2020-01-08 23:18:26 +01:00
Aaron Andersen
336a6f471f nixos/httpd: symlink apache configuration to /etc/httpd/httpd.conf for use in the apachectl command 2020-01-08 10:37:46 -05:00
worldofpeace
79de730e77 nixos/buildbot: fix eval
Fixes https://github.com/NixOS/nixpkgs/issues/77309
2020-01-08 10:06:08 -05:00
worldofpeace
a408bcbe44
Merge pull request #73938 from worldofpeace/port-gnome3-xorg-test
nixosTests.gnome3-xorg: port to python/rewrite
2020-01-08 09:38:29 -05:00
Jacek Galowicz
f7b274d957 nixosTests.kafka: port to python 2020-01-08 10:51:57 +01:00
Jacek Galowicz
8ecd07f9e3 nixosTests.elk: port to python 2020-01-08 10:51:57 +01:00
worldofpeace
1c2e27e4d5 nixos/systemd-lib: don't fail on systemd.packages duplicates
In some cases like we've noticed in https://github.com/NixOS/nixpkgs/issues/76169,
having duplicate packages in systemd.packages like
```
systemd.packages = [ gnome-shell gnome-shell gnome-session ];
```
breaks.

Here we use an associative array to ensure no
duplicate paths when we symlink all the units listed
in systemd.packages.
2020-01-07 21:42:14 -05:00
Silvan Mosberger
32104e7c77
nixos/doc: document the loaOf type deprecation (#77109)
nixos/doc: document the loaOf type deprecation
2020-01-08 03:25:51 +01:00
rnhmjoj
fa3919de5f
nixos/doc: document the loaOf type deprecation 2020-01-08 00:47:59 +01:00
Malte Brandy
c1d7850f85
Improve documentation for stateVersion
The meaning of stateVersion often leads to a lot of confusion. This
commit trys to improve that situation.
2020-01-07 22:27:03 +01:00
Jacek Galowicz
c44331dd5d nixosTests.initdb: port to python 2020-01-07 20:52:24 +01:00
Rickard Nilsson
6edbe844b2 nixos/tests/chromium: Fix nixos-hex.svg hash 2020-01-07 19:42:52 +01:00
Milan Pässler
2a31a6a412 tree-wide: fix errors and warning related to loaOf deprecation 2020-01-07 06:23:28 +01:00
Aaron Andersen
df059f89e6 nixos/mysql: restart systemd service on abort 2020-01-06 20:08:51 -05:00
Silvan Mosberger
ff16d17b42
nixos/systemd: Explicitly put default path packages after othe… (#77088)
nixos/systemd: Explicitly put default path packages after others
2020-01-06 21:51:04 +01:00
worldofpeace
c496b1b102
Merge pull request #63103 from rnhmjoj/loaof
Deprecate types.loaOf [WIP]
2020-01-06 11:00:17 -05:00
WilliButz
482b39a7e5
nixos/oxidized: add missing slash to PIDFile path 2020-01-06 16:58:54 +01:00
rnhmjoj
1d61efb7f1 treewide: use attrs instead of list for types.loaOf options 2020-01-06 10:39:18 -05:00
Silvan Mosberger
9327e1c6ba
nixos/systemd: Explicitly put default path packages after others
This fixes the dhcpcd issue in https://github.com/NixOS/nixpkgs/issues/76969,
which was exposed by https://github.com/NixOS/nixpkgs/pull/75031
introducing changes in the module ordering and therefore option ordering
too.

The dhcpcd issue would also be fixable by explicitly putting
dhcpcd's paths before others, however it makes more sense for systemd's
default paths to be after all others by default, since they should only
be a fallback, which is how binary finding will work if they come after.
2020-01-06 15:58:06 +01:00
worldofpeace
00c813a636
Merge pull request #75893 from worldofpeace/gdm-tmpfiles
nixos/gdm: use systemd tmpfiles instead of preStart
2020-01-06 09:51:59 -05:00
Jan Tojnar
04a71194a8
Merge pull request #76683 from wakira/nixos/ibus
nixos/ibus: fix missing dconf profile
2020-01-06 12:59:00 +01:00
Sheng Wang
c71339fbe5 nixos/ibus: fix missing dconf profile
Fix ibus user preferences not being saved. ibus-daemon was falling back on null configuration due to missing "ibus" dconf profile.
2020-01-06 20:30:37 +09:00
Robert Hensing
e1ce60ae7a
Merge pull request #76947 from juliancoffee/master
Fix example for xkbOptions
2020-01-05 23:35:27 +01:00
Robert Hensing
933003e684
Merge pull request #73394 from pasqui23/xkbopt
nixos/xserver:services.xserver.xkbOptions is now commas
2020-01-05 23:34:59 +01:00
Eelco Dolstra
3b15451291
nix: 2.3.1 -> 2.3.2 2020-01-05 20:35:43 +01:00
Symphorien Gibol
665fee312a nixos/tests/ihatemoney.nix: run nixpkgs-fmt
now indentation is perfect
2020-01-05 12:00:00 +00:00
symphorien
b8b9e7be6d
Update nixos/tests/ihatemoney.nix
Co-Authored-By: Léo Gaspard <github@leo.gaspard.ninja>
2020-01-05 22:04:42 +00:00
symphorien
54b0ab0ac6
Update nixos/tests/ihatemoney.nix
Co-Authored-By: Léo Gaspard <github@leo.gaspard.ninja>
2020-01-05 22:04:32 +00:00
Louis Bettens
caa9ce1caa nixos/tsocks: Add types to the options 2020-01-05 00:15:26 +01:00
Louis Bettens
d49737836a nixos/gnunet: Add types to the options 2020-01-05 00:07:50 +01:00
Danylo Hlynskyi
cef68c4580
nixos/nginx: don't hide nginx config errors on nixos-rebuild --switch with reload enabled (#76179)
nixos/nginx: don't hide nginx config errors on nixos-rebuild --switch
with reload enabled

Closes https://github.com/NixOS/nixpkgs/issues/73455
2020-01-05 00:39:23 +02:00
Illia Denysenko
73b38ff7c5
Fix example for xkbOptions
###### Motivation for this change
With space between two options, multiple options just don't work
Looks like xkbOptions then used for generation of xorg.conf.d/00-keyboard.conf.
kbd's man says XkbOptions must be comma-separated without spaces.
https://linux.die.net/man/4/kbd

###### Things done

<!-- Please check what applies. Note that these are not hard requirements but merely serve as information for reviewers. -->

- [ ] Tested using sandboxing ([nix.useSandbox](http://nixos.org/nixos/manual/options.html#opt-nix.useSandbox) on NixOS, or option `sandbox` in [`nix.conf`](http://nixos.org/nix/manual/#sec-conf-file) on non-NixOS linux)
- Built on platform(s)
   - [ ] NixOS
   - [ ] macOS
   - [ ] other Linux distributions
- [ ] Tested via one or more NixOS test(s) if existing and applicable for the change (look inside [nixos/tests](https://github.com/NixOS/nixpkgs/blob/master/nixos/tests))
- [ ] Tested compilation of all pkgs that depend on this change using `nix-shell -p nixpkgs-review --run "nixpkgs-review wip"`
- [ ] Tested execution of all binary files (usually in `./result/bin/`)
- [ ] Determined the impact on package closure size (by running `nix path-info -S` before and after)
- [ ] Ensured that relevant documentation is up to date
- [ ] Fits [CONTRIBUTING.md](https://github.com/NixOS/nixpkgs/blob/master/.github/CONTRIBUTING.md).

###### Notify maintainers

cc @
2020-01-04 20:54:19 +02:00
Jörg Thalheim
9458ec4115
pam: remove unused ftp service
vsftpd is the only ftp server module and defines its own pam service.
2020-01-03 15:24:36 +00:00
Jörg Thalheim
2591fc7ede
pam: remove cups service
The cups module itself already defines this.
2020-01-03 15:24:34 +00:00
Jörg Thalheim
900aaa5a98
screen: move pam service to module 2020-01-03 15:24:32 +00:00
adisbladis
c4f6aff9dd
nixos/doc: Fix manual build after renaming compton to picom 2020-01-03 13:09:40 +00:00
Maximilian Bosch
a90452b2c9
Merge pull request #76871 from laikq/master
nixos-install: add documentation for --channel, --no-channel-copy
2020-01-03 13:56:01 +01:00
adisbladis
aec68f4e7e
nixos/compton: Rename module to picom
With a backwards compatibility alias
2020-01-03 12:52:02 +00:00
Gwendolyn Quasebarth
6dca2312ce nixos-install: add documentation for --channel, --no-channel-copy 2020-01-03 11:33:22 +01:00
Frederik Rietdijk
7aa2b0215b Merge master into staging-next 2020-01-03 10:25:14 +01:00
Silvan Mosberger
c7ade6844f
Revert "lib/types: Allow paths as submodule values"
This reverts commit eec83d41e3.

This broke hydra evaluation because with this commit submodule values
are allowed to be paths, however the certmgr module uses `either
(submodule ...) path` in its type, meaning it already used paths for
something else which would now be interpreted as a submodule.
2020-01-03 05:21:01 +01:00
Bernardo Meurer
d80570f3f5
rogue: boot.extraTTYs -> console.extraTTYs 2020-01-02 16:59:43 -08:00
Bernardo Meurer
992245f844
nixos-manual: boot.extraTTYs -> console.extraTTYs 2020-01-02 16:53:15 -08:00
aszlig
845e92835d
Merge Last-Modified fix for nginx (#76697)
This fixes the patch for nginx to clear the Last-Modified header if a
static file is served from the Nix store.

So far we only used the ETag from the store path, but if the
Last-Modified header is always set to "Thu, 01 Jan 1970 00:00:01 GMT",
Firefox and Chrome/Chromium seem to ignore the ETag and simply use the
cached content instead of revalidating.

Alongside the fix, this also adds a dedicated NixOS VM test, which uses
WebDriver and Firefox to check whether the content is actually served
from the browser's cache and to have a more real-world test case.
2020-01-02 21:41:59 +01:00
Frederik Rietdijk
f08e3e38d4 Merge master into staging-next 2020-01-02 21:41:13 +01:00
Christian Kauhaus
129c73802f
Merge pull request #76153 from arcnmx/connman-iwd
nixos/connman: optional iwd backend
2020-01-02 21:35:54 +01:00
Florian Klink
03212a7f03
Merge pull request #76606 from flokli/mysql-tests
nixosTests.mysql: add more tests
2020-01-02 21:30:55 +01:00
Matthew Bauer
81daa1e5dc
Merge pull request #76546 from matthewbauer/nvidia-fix-udev-rules
nvidia: fix $ substitution in udev rules
2020-01-02 15:04:33 -05:00
Silvan Mosberger
cdf79db19d
Module system improvements for NixOS as a submodule (#75031)
Module system improvements for NixOS as a submodule
2020-01-02 20:38:45 +01:00
Marek Mahut
7d90e34e9f
Merge pull request #76817 from misuzu/3proxy-test-python
nixosTests.3proxy: port test to python
2020-01-02 18:19:43 +01:00
Aaron Andersen
ebf58a3404
Merge pull request #76709 from aanderse/httpd-ssl
nixos/httpd: update default ssl protocols
2020-01-02 11:28:25 -05:00
misuzu
9980eb8734 nixosTests.3proxy: port test to python 2020-01-02 14:25:20 +02:00
Silvan Mosberger
eec83d41e3
lib/types: Allow paths as submodule values 2020-01-02 09:59:35 +01:00
Silvan Mosberger
bc42515736
nixos/syncthing: Fix submodule name usage
Module arguments should be taken from the arguments directly. This
allows evalModule's specialArgs to override them if necessary
2020-01-02 09:59:35 +01:00
Silvan Mosberger
90c82bfee7
nixos/docs: Add docs for types.submoduleWith 2020-01-02 09:59:32 +01:00
Atemu
a461f3fa9c Consider the exit status of docker run in ExecStop (#76444)
We don't need to stop the container if it already exited sucessfully
2020-01-01 18:28:46 -05:00
Tom Bereknyei
e5208af780 bash-my-aws: init at 20191231
Create bma-init
2020-01-01 14:53:15 -05:00
Florian Klink
2393fa23f2
Merge pull request #76560 from nh2/kexec-test-python
nixosTests.kexec: port to python and mark as broken
2020-01-01 19:05:09 +01:00
Tim J. Baumann
36b98fdf26 networkmanager: fix dispatcherScripts example
Before, the example script didn't actually exit when the event type
didn't match "up".
2020-01-01 15:32:15 +01:00
Jörg Thalheim
a82f07cecf
netdata: 1.18.1 -> 1.19.0 (#75173)
netdata: 1.18.1 -> 1.19.0
2020-01-01 12:52:29 +00:00
zimbatm
5f5df51bf0
Merge pull request #76758 from alyssais/ruby_2_7
Some Ruby 2.7 updates and fixes
2020-01-01 11:29:44 +00:00
Silvan Mosberger
fd7a019c70
nixosTests.haka: port to python (#76707)
nixosTests.haka: port to python
2020-01-01 03:31:11 +01:00
zimbatm
ab64518d0f
nixos/redmine: update example to more recent Ruby 2020-01-01 00:27:14 +00:00
Frederik Rietdijk
555037a667 Merge master into staging-next 2019-12-31 16:35:53 +01:00
Jörg Thalheim
a45447a3d5
bandwhich: init at 0.6.0 (#76689)
bandwhich: init at 0.6.0
2019-12-31 14:23:19 +00:00
Jakub Sokołowski
3238beab0a nixos/transmission: fix from where service loads config
Currently if you specify home to be someplace else than ~/ for user
then Transmissions always attempts to load the config from the
default location which is $HOME/.config/transmission-daemon based on documentation:
https://github.com/transmission/transmission/wiki/Configuration-Files

Which means that the changes done to the config under settingsDir in
ExecPreStart have no effect because they are modifying a file that is never loaded.

I've added an explicit --config-dir ${settingsDir} to make sure
that Transmission loads the correct config file even when home is changed.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2019-12-31 15:21:29 +01:00
Florian Klink
d6bbe6c0f5
Merge pull request #76719 from flokli/containers-poweroff
nixos/containers: use machinectl poweroff
2019-12-31 14:41:58 +01:00
Daniel Frank
6d671372b5
nextcloud module: https is important not only for proxies 2019-12-31 13:01:46 +01:00
Oleksii Filonenko
1a477dc895
bandwhich: 0.5.1 -> 0.6.0
- Rename from `what` to `bandwhich`
- Add Security for darwin
2019-12-31 10:20:07 +02:00
Jonathan Ringer
d72c4791bc Merge remote-tracking branch 'origin' into staging-next 2019-12-30 14:36:16 -08:00
Florian Klink
90a3908ec3 nixos/containers: use machinectl poweroff
Previously, we were storing the leader pid in a runtime file and
signalled SIGRTMIN+4 manually.

In systemd 219, the `machinectl poweroff` command was introduced, which
does that for us.
2019-12-30 22:28:53 +01:00
Aaron Andersen
66bf75415f
Merge pull request #76551 from symphorien/nagios2
nagios: various improvements
2019-12-30 14:21:03 -05:00
Matthew Bauer
b43479d49f nixos/nvidia: add nvidia-uvm-tools device
Related to https://bugs.launchpad.net/ubuntu/+source/nvidia-graphics-drivers-390/+bug/1767777
2019-12-30 13:15:10 -05:00
Jonathan Ringer
446fec8c2d
Merge branch 'master' of github.com:NixOS/nixpkgs into staging-next 2019-12-30 10:14:18 -08:00
Ryan Mulligan
3a644e30b9
Merge pull request #46131 from ju1m/shorewall
shorewall: init at 5.2.3.3
2019-12-30 10:04:31 -08:00
Julien Moutinho
56a73dfb35 shorewall: init at 5.2.3.3
nixos/shorewall: init
2019-12-30 09:42:03 -08:00
Aaron Andersen
6777926911 nixos/httpd: update default ssl protocols 2019-12-30 11:24:11 -05:00
Aaron Andersen
7c8d98f8df nixos/sysstat: provide a type for each module option 2019-12-30 17:10:53 +01:00
Oleksii Filonenko
ab63902d1f
nixosTests.haka: port to python 2019-12-30 17:57:00 +02:00
Symphorien Gibol
cb38bf33e7 nagios: add nixos test 2019-12-30 16:41:18 +01:00
symphorien+git@xlumurb.eu
be25e45fc8 nagios: various improvements
* structured config for main config file allows to launch nagios in
debug mode without having to write the whole config file by hand
* build time syntax check
* all options have types, one more example
* I find it misleading that the main nagios config file is linked in
/etc but that if you change the link in /etc/ and restart nagios, it
has no effect. Have nagios use /etc/nagios.cfg
* fix paths in example nagios config files, which allows to reuse it:
  services.nagios.objectDefs =
   (map (x: "${pkgs.nagios}/etc/objects/${x}.cfg")
   [ "templates" "timeperiods" "commands" ]) ++ [ ./main.cfg ]
* for the above reason, add mailutils to default plugins

Co-Authored-By: Aaron Andersen <aaron@fosslib.net>
2019-12-30 16:40:52 +01:00
aszlig
ccf55bead1
nginx: Clear Last-Modified if ETag is from store
This is what I've suspected a while ago[1]:

> Heads-up everyone: After testing this in a few production instances,
> it seems that some browsers still get cache hits for new store paths
> (and changed contents) for some reason. I highly suspect that it might
> be due to the last-modified header (as mentioned in [2]).
>
> Going to test this with last-modified disabled for a little while and
> if this is the case I think we should improve that patch by disabling
> last-modified if serving from a store path.

Much earlier[2] when I reviewed the patch, I wrote this:

> Other than that, it looks good to me.
>
> However, I'm not sure what we should do with Last-Modified header.
> From RFC 2616, section 13.3.4:
>
> - If both an entity tag and a Last-Modified value have been
>   provided by the origin server, SHOULD use both validators in
>   cache-conditional requests. This allows both HTTP/1.0 and
>   HTTP/1.1 caches to respond appropriately.
>
> I'm a bit nervous about the SHOULD here, as user agents in the wild
> could possibly just use Last-Modified and use the cached content
> instead.

Unfortunately, I didn't pursue this any further back then because
@pbogdan noted[3] the following:

> Hmm, could they (assuming they are conforming):
>
>  * If an entity tag has been provided by the origin server, MUST
>    use that entity tag in any cache-conditional request (using If-
>    Match or If-None-Match).

Since running with this patch in some deployments, I found that both
Firefox and Chrome/Chromium do NOT re-validate against the ETag if the
Last-Modified header is still the same.

So I wrote a small NixOS VM test with Geckodriver to have a test case
which is closer to the real world and I indeed was able to reproduce
this.

Whether this is actually a bug in Chrome or Firefox is an entirely
different issue and even IF it is the fault of the browsers and it is
fixed at some point, we'd still need to handle this for older browser
versions.

Apart from clearing the header, I also recreated the patch by using a
plain "git diff" with a small description on top. This should make it
easier for future authors to work on that patch.

[1]: https://github.com/NixOS/nixpkgs/pull/48337#issuecomment-495072764
[2]: https://github.com/NixOS/nixpkgs/pull/48337#issuecomment-451644084
[3]: https://github.com/NixOS/nixpkgs/pull/48337#issuecomment-451646135

Signed-off-by: aszlig <aszlig@nix.build>
2019-12-30 14:30:36 +01:00
Oleksii Filonenko
bf17262578
nixos/what: init 2019-12-30 13:59:52 +02:00
Merijn Broeren
133103d709
treewide: replace make/build/configure/patchFlags with nix lists 2019-12-30 12:58:11 +01:00
Jan Tojnar
480fc1856a
Merge branch 'master' into staging-next 2019-12-30 05:22:23 +01:00
lewo
885c4cc97c
Merge pull request #76151 from Ma27/bump-hydra
hydra: 2019-08-30 -> 2019-11-13
2019-12-29 10:28:44 +01:00
Frederik Rietdijk
fb66525297 Merge master into staging-next 2019-12-29 10:19:39 +01:00
Tor Hedin Brønner
3d70d4ba0b
nixos/displayManager: fix typo in legacy sessions (#76626)
xsession gets passed `dm` `wm`, so the desktop manager would be launched
before the window manager resulting in a regular desktop manager
session.

Fixes https://github.com/NixOS/nixpkgs/issues/76625
2019-12-29 02:02:24 +01:00
Jan Tojnar
332cfab4ce
Merge pull request #76591 from lourkeur/set_XKB_CONFIG_ROOT
Fix services.xserver.extraLayouts under GNOME 3
2019-12-28 20:34:56 +01:00
Izorkin
192df19a7c nixos/unit: fix typo 2019-12-28 22:12:45 +03:00
Robert Hensing
71358c4f1e swapDevices.<name>.device can be a swap file. 2019-12-28 20:00:50 +01:00
Christian Höppner
76ad649dd8
virtualization/amazon-init: fix logging, nix path
The missing `\n` in the printf format string prevented multiple channels from
being logged.

The missing `nixpkgs=` in the `NIX_PATH` prevented `nixos-rebuild` from working
if the system configuration has any reference to `nixpkgs`.

Additionally:

* Use process substitution instead of piping printf to avoid creating a subshell.
* Set an empty `IFS` to avoid word splitting.
* Add the `-r` flag to `read` to avoid mangling backslashes.
2019-12-28 16:58:46 +00:00
Florian Klink
bf7841aae1 nixosTests.mysql: add additional test{db,user}2
Test that other users are not able to access the mysql database, and
unix socket auth actually works.
2019-12-28 15:31:12 +01:00
Florian Klink
7d64f7a534 nixosTests.mysql: add missing () to start_all()
Because mysql.wait_for_unit() starts the vm as well, we didn't notice
that.
2019-12-28 15:31:12 +01:00
Louis Bettens
636dabcf80 nixos/xserver: set $XKB_CONFIG_ROOT 2019-12-28 12:34:56 +01:00
Linus Heckemann
b9bf846080
Merge pull request #76189 from Ma27/nixos-install-verbosity-level
nixos/nixos-installer: add flags for verbosity and build logs
2019-12-28 11:50:25 +01:00
Aaron Andersen
c95aef92b9 nixos/awstats: add missing description to extraConfig option (#76575) 2019-12-28 01:09:47 +02:00
Vladimír Čunát
c3d4998e41
Merge #75803: kresd service: unify listen declarations 2019-12-27 15:55:38 +01:00
Niklas Hambüchen
ad339ad445 nixosTests.graphite: port to python.
The test did not succeed for me before this commit because
the dependencies fail their tests (see added comment).
2019-12-27 01:23:45 +01:00
Niklas Hambüchen
12e35035f6 nixosTests.kexec: port to python.
The test did not succeed for me before this commit
(the Perl test hung forever), and this translation exhibits
the same problem.
2019-12-27 01:22:35 +01:00
Matthew Bauer
6689a385d1 nvidia: fix $ substitution in udev rules
This fixes a harmless error from systemd-udevd that looks like:

  Dec 23 15:35:23 dellbook systemd-udevd[696]:
  /nix/store/iixya3ni5whybpq9zz1h7f4pyw7nhd19-udev-rules/99-local.rules:25
  Invalid value "..." for RUN (char 101: invalid substitution type),
  ignoring, but please fix it.

Using $$ fixes it using the escaping documented at https://www.freedesktop.org/software/systemd/man/udev.html.
2019-12-26 12:54:43 -05:00
Maximilian Bosch
c5c7ccf022
nixos/nginx: fix test
When using format-strings, curly brackets need to be escaped using `{{`
to avoid errors from python.

And apparently, Perl's `==` is used to compare substrings[1] which is why
the translation to `assert http_code == "304"` failed as the string
contains several headers from curl.

[1] Just check `perl <(echo 'die "alarm" if "foo\n304" == 304')`
2019-12-26 18:50:38 +01:00
Maximilian Bosch
495b0b581c
nixos/tests/nginx-sso: add subtests for each assertion 2019-12-26 17:59:25 +01:00
Robin Gloster
abbce768dc
nixosTests.nginx*: review fixes
Co-Authored-By: Florian Klink <flokli@flokli.de>
2019-12-26 17:59:25 +01:00
Robin Gloster
1c2781d39c
nixosTests.nginx*: port to python 2019-12-26 17:59:25 +01:00
Aaron Andersen
4d2dd15546
Merge pull request #73113 from aanderse/httpd-vhost
nixos/httpd: support overridable virtual hosts
2019-12-26 08:09:08 -05:00
danbst
50d6e93dc8 nixos/nginx: fixup permissions for Nginx state dir
The commit b0bbacb521 was a bit too fast
It did set executable bit for log files.

Also, it didn't account for other directories in state dir:
```
 # ls -la /var/spool/nginx/
total 32
drwxr-x--- 8 nginx nginx 4096 Dec 26 12:00 .
drwxr-xr-x 4 root  root  4096 Oct 10 20:24 ..
drwx------ 2 root  root  4096 Oct 10 20:24 client_body_temp
drwx------ 2 root  root  4096 Oct 10 20:24 fastcgi_temp
drwxr-x--- 2 nginx nginx 4096 Dec 26 12:00 logs
drwx------ 2 root  root  4096 Oct 10 20:24 proxy_temp
drwx------ 2 root  root  4096 Oct 10 20:24 scgi_temp
drwx------ 2 root  root  4096 Oct 10 20:24 uwsgi_temp
```

With proposed change, only ownership is changed for state files, and mode is left as is
except that statedir/logs is now group accessible.
2019-12-26 14:16:29 +02:00
Yurii Izorkin
b0bbacb521 nixos/nginx: recursively change logs directory owner/group (#76174)
This change brings pre-existing installations (where the logfiles
are owned by root) in line with the new permssions (where logfiles
are owned by the nginx user)
2019-12-26 13:51:10 +02:00
Jörg Thalheim
c5aacb2350
Merge pull request #76514 from Thra11/fix-udev-hwdb-description
udev: fix option description
2019-12-26 06:43:02 +00:00
Yorick van Pelt
470c8a2a36 nixos/borgbackup: install job wrappers to systemPackages for easy borg access
Currently to run borg job manually, you have to use systemctl:
```
$ systemctl start borgbackup-job-jobname.service
```

This commit makes wrappers around borg jobs available in $PATH, which have
BORG_REPO and connection args set correctly:
```
$ borg-job-jobname list
$ borg-job-jobname mount ::jobname-archive-2019-12-25T00:01:29 /mnt/some-path
$ borg-job-jobname create ::test /some/path
```

Closes: https://github.com/NixOS/nixpkgs/pull/64888
Co-authored-by: Danylo Hlynskyi <abcz2.uprola@gmail.com>
2019-12-26 07:50:03 +02:00
Maximilian Bosch
ec253e16cd
Merge pull request #76410 from nh2/mumble-test-python
nixosTests.mumble: port to python
2019-12-26 02:33:43 +01:00
Silvan Mosberger
5dc7050bd6
Merge pull request #75400 from nand0p/ethminer-v18
ethminer: 0.18.0-rc.0 -> 0.18.0
2019-12-25 23:56:24 +01:00
Tom Hall
08d31b74ec udev: fix option description
The two file paths were changed from 10-local to 99-local, but only one
of the descriptions was changed.
2019-12-25 20:51:01 +00:00
Dima
2467edf80c nixos/manual: fixing links for awstats release note (#76500)
`linkend` attribute needs to point to an option.
2019-12-25 21:06:18 +02:00
Fernando J Pando
90ee16dbfc nixos/ethminer: always restart 2019-12-25 10:33:50 -05:00
Pavol Rusnak
4899c6992c
nixos-generate-config: i18n.consoleFont has been renamed to console.font
fixes #76391
2019-12-25 15:02:58 +01:00
Jörg Thalheim
89c55c0a6d
net-snmp: split outputs (#76155)
net-snmp: split outputs
2019-12-25 06:27:55 +00:00
Aaron Andersen
79215f0df1 nixos/httpd: limit serving web content to virtual hosts, convert virtualHosts option type from listOf to attrsOf, add ACME integration 2019-12-24 20:27:48 -05:00
Aaron Andersen
08bd639a92
Merge pull request #73959 from aristaeus/awstats
nixos/awstats: refactor module
2019-12-24 18:57:00 -05:00
markuskowa
0b41391890
Merge pull request #76425 from r-ryantm/auto-update/slurm
slurm: 19.05.4.1 -> 19.05.5.1
2019-12-24 20:19:50 +01:00
Markus Kowalewski
5041e1d848
nixos/slurm: fix perl->python conversion bug 2019-12-24 19:51:18 +01:00
Ben Harper
dade94cdb9 nixos/awstats: refactor module 2019-12-24 12:20:52 -05:00
Niklas Hambüchen
c6a032ecf6 nixosTests.mumble: port to python 2019-12-24 16:10:34 +01:00
Tad Fisher
b4bacff13f nixos/keybase, nixos/kbfs: update service configs; add redirector 2019-12-23 22:55:06 -08:00