Commit graph

523 commits

Author SHA1 Message Date
Franz Pletz
fb50cde71e
nixos/treewide: systemd.time is in manvolume 7
cc #23396
2017-03-21 08:28:53 +01:00
Robin Gloster
c808801937
nix-daemon: fix autoOptimiseStore option 2017-03-21 02:17:09 +01:00
Philipp Steinpass
68c6d90417 Added option and description for nix store auto-optimisation. 2017-03-20 19:09:19 +01:00
Joachim F
9a976c09ba Merge pull request #23963 from dtzWill/feature/irkerd
irker: init at 2017-02-12
2017-03-18 00:35:32 +01:00
Franz Pletz
9536169074
nixos/treewide: remove boolean examples for options
They contain no useful information and increase the length of the
autogenerated options documentation.

See discussion in #18816.
2017-03-17 23:36:19 +01:00
Will Dietz
2807d75dca irkerd service: init 2017-03-17 09:16:32 -05:00
Benjamin Staffin
c2b0cb5db6 nixos: nix snowflake logo for the nixos manual launcher 2017-03-16 17:48:09 -04:00
Benjamin Staffin
638e1b8243 nixos: Add a menu launcher for the NixOS manual 2017-03-14 06:04:43 -04:00
Joachim Fasting
15da23d5c1
nixos/modules: use defaultText/literalExample where applicable
Primarily to fix rendering of default values/examples but also
to avoid unnecessary work.
2017-03-07 14:06:08 +01:00
Bjørn Forsman
316e7d6764 nixos/nix-daemon: doc: use literalExample
Makes the example more readable by not squashed everything onto one
single line.
2017-03-05 14:07:23 +01:00
Eelco Dolstra
3971876585
nix-daemon: Remove a bunch of unnecessary environment variables 2017-03-03 16:50:37 +01:00
Eelco Dolstra
3070c88798
Fix incorrect $NIX_BUILD_HOOK on Nix 1.12 2017-03-03 16:50:26 +01:00
Nikolay Amiantov
2e80b50a7e cura, curaengine: 14.04 -> 2.4.0
Move old Cura to {cura,curaengine}_stable
2017-03-01 02:23:18 +03:00
Dan Peebles
8def08a56c apache-kafka.service: pass in log4j config more explicitly
The implicit behavior of pulling it out of the classpath seemed not
to work properly and could be thrown off by other things on the
classpath also providing the properties file. This guarantees that
our settings stick.
2017-02-27 18:32:12 +00:00
aszlig
08881b8cbe
taskserver: Remove taskserver from systemPackages
This is deliberate because using the taskd binary to configure
Taskserver has a good chance of messing up permissions.

The nixos-taskserver tool now can manage even manual configurations, so
there really is no need anymore to expose the taskd binary.

If people still want to use the taskd binary at their own risk they can
still add taskserver to systemPackages themselves.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-02-17 19:46:05 +01:00
aszlig
c7bbb93878
taskserver: Pass configuration via command line
Putting an include directive in the configuration file referencing a
store path with the real configuration file has the disavantage that
once we change the real configuration file the store path is also a
different one.

So we would have to replace that include directive with the new
configuration file, which is very much error-prone, because whenever
taskd modifies the configuration file on its own it generates a new one
with *only* the key/value options and without any include directives.

Another problem is that we only added the include directive on the first
initalization, so whenever there is *any* configuration change, it won't
affect anything.

We're now passing all the configuration options via command line,
because taskd treats everything in the form of --<name>=<value> to be a
configuration directive.

This also has the effect that we now no longer have extraConfig, because
configuration isn't a file anymore.

Instead we now have an attribute set that is mapped down to
configuration options.

Unfortunately this isn't so easy with the way taskd is configured,
because there is an option called "server" and also other options like
"server.cert", "server.key" and so on, which do not map very well to
attribute sets.

So we have an exception for the "server" option, which is now called
"server.listen", because it specifies the listening address.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Fixes: #22705
2017-02-17 19:45:58 +01:00
aszlig
78fe00da7c
taskserver: Allow helper tool in manual config
The helper tool so far was only intended for use in automatic PKI
handling, but it also is very useful if you have an existing CA.

One of the main advantages is that you don't need to specify the data
directory anymore and the right permissions are also handled as well.

Another advantage is that we now have an uniform management tool for
both automatic and manual config, so the documentation in the NixOS
manual now applies to the manual PKI config as well.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-02-17 19:45:55 +01:00
aszlig
32c2e8f4ae
taskserver/helpertool: Fix error message on export
The error message displays that a specific user doesn't exist in an
organisation, but uses the User object's name attribute to show which
user it was.

This is basically a very stupid chicken and egg problem and easily fixed
by using the user name provided on the command line.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-02-17 19:45:52 +01:00
Bjørn Forsman
d4e5bb34b7 nixos/geoip-updater: run as user 'geoip' instead of 'nobody'
That way 'nobody' is prevented from messing with the databases.
2017-02-15 23:25:27 +01:00
Graham Christensen
7483ba0932
Revert "nix-daemon: default useSandbox to true"
This reverts commit d0a086770a.
2017-02-14 14:13:39 -05:00
Graham Christensen
d0a086770a
nix-daemon: default useSandbox to true 2017-02-13 18:06:01 -05:00
Dan Peebles
e928cb1c63 ssm-agent NixOS module: init 2017-02-13 04:01:38 +00:00
Franz Pletz
f5a82e4714
gitlab service: fix database creation
Providing custom a username and database name was broken. They were
hardcoded to "gitlab".
2017-02-13 00:57:22 +01:00
Bjørn Forsman
824d82fa0f nixos/geoip-updater: new service
The GeoIP databases from MaxMind have no stable URLs and change every
month (or so). Our current method of packaging these database in Nix and
playing catch-up with ever-changing file hashes is a bad idea. For
instance, it makes it impossible to realize old NixOS configurations.

This patch adds a NixOS service that periodically updates the GeoIP
databases in /var/lib/geoip-databases. Moving NixOS modules over can be
done in later patches.

I tried adding MD5 check, but not all databases have them, so i skipped
it. We are downloading over HTTPS though, it should be good. I also
tried adding zip support, but the first zip file I extracted had a
different filename inside than the archive name, which breaks an
assumption in this service, so I skipped that too.

Changes v9 -> v10:
  - Pass "--max-time" to curl to set upper bound on downloads (ensures
    no indefinite hanging if there's problem with networking).
    Timeout for network connectivity check: 60s.
    Timeout for geoip database (each): 15m.

Changes v8 -> v9:
  - Mention the random timer delay in the documentation for the
    'interval' option.

Changes v7 -> v8:
  - Add "RemainAfterExit=true" for the setup service, so it won't be
    restarted needlessly. (Thanks @danbst!)

Changes v6 -> v7:
  - Add --skip-existing flag to geoip-updater, which skips updating
    existing database files. Pass that flag when we run the service on
    boot (and on any NixOS configuration change).
    (IMHO, this is somewhat a workaround for systemd persistent timers
    not being triggered immediately when a timer has never expired
    before. But it does have the nice side effect of ensuring that the
    installed databases always correspond to the configured ones, since
    the service is now always run after configuration changes.)

Changes v5 -> v6:
  - Update database files atomically (per DB)
  - If a database is removed from the configuration, it'll be removed
    from /var/lib/geoip-databases too (on next run).
  - Add NixOS module assertion so that if user inputs non- .gz or .xz
    file there will be a build time error instead of runtime.
  - Run updater as user "nobody" instead of "root".
  - Rename NixOS service from "geoip-databases" to "geoip-updater".
  - Drop RemainAfterExit, or else the timer won't trigger the unit.
  - Bring back "curl --fail", or else we won't catch and log curl
    failures.

Changes v4 -> v5:
  - Add "GeoLite2-City.mmdb.gz" to default database list.

Changes v3 -> v4:
  - Remove unneeded geoip-updater-setup.service after adding
    'wantedBy = [ "multi-user.target" ]' directly to
    geoip-updater.service
  - Drop unneeded "Service" name from service descriptions.

Changes v2 -> v3:
  - Network may be down when starting from a cold boot, so try a few
    times. Possibly, if using systemd-networkd, it'll pass on the first
    try. But with default DHCP on NixOS, the service is started before
    hostnames can be resolved and thus we need a few extra seconds.
  - Add error handling and mark service as failed if fatal error.
  - Add proper syslog log levels.
  - Add RandomizedDelaySec=3600 to the timer to not put high load on the
    MaxMind servers. Suggested by @Mic92.
  - Set RemainAfterExit on geoip-updater.service instead of
    geoip-updater-setup.service. (The latter is only a proxy that pulls
    in the former service).

Changes v1 -> v2:
From Данило Глинський (Danylo Hlynskyi) <abcz2.uprola@gmail.com>:
  nixos/geoip-databases: add `databases` option and fix initial setup

  There were two great issues when using this service:
  - When you just enable service, databases aren't downloaded, they are
    downloaded when timer triggers. Fixed this with automatic download on
    first system activation.
  - When there is no internet, updater outputs nothing to logs, which is
    IMO misbehavior. Fixed this with removing `--fail` option, better be
    explicit here.
2017-02-12 15:07:34 +01:00
Peter Simons
bfd7fe8ba5 nixos: fix taskserver module to evaluate properly when keys are managed manually 2017-02-07 18:35:41 +01:00
Tim Jaeger
83241c091d
gogs: fix error on push
Pushing to gogs only works if the `gogs` user's shell is `bash`. For error and
solution, refer to [this SO thread](http://stackoverflow.com/a/22315659)
2017-02-04 12:16:37 +01:00
Peter Simons
10349e72b9 nixos: drop unused 'haskellPackages' option from ihaskell service
Closes https://github.com/NixOS/nixpkgs/issues/19039.
2017-01-31 22:38:01 +01:00
Dan Peebles
eebee95176 apache-kafka service: change default brokerId to -1
A default of 0 means that if you deploy two NixOS boxes with the default
configuration, the second will fail because the brokerId was already in
use. Using -1 instead tells it to pick one automatically at first start.
2017-01-24 12:32:22 -05:00
Charles Strahan
d298a961f1 Merge pull request #21416 from cstrahan/mesos-1.1.0
mesos: 1.0.1 -> 1.1.0
2017-01-21 19:05:18 -05:00
schneefux
67c4512060
gogs service: init 2017-01-21 13:38:24 +01:00
Tristan Helmich
e5f353d5cd couchpotato module: init 2017-01-16 12:54:43 +01:00
Alexander Kahl
61d125b842 sssd: init at 1.14.2
perlPackages.TextWrapI18N: init at 0.06
perlPackages.Po4a: init at 0.47
jade: init at 1.2.1
ding-libs: init at 0.6.0

Switch nscd to no-caching mode if SSSD is enabled.

abbradar: disable jade parallel building.

Closes #21150
2017-01-04 03:07:20 +03:00
Chris Martin
6a7664e6cd Add some more details about useSandbox 2017-01-03 14:24:49 -05:00
Charles Strahan
7ebcada020
mesos: 1.0.1 -> 1.1.0 2016-12-29 20:09:46 -05:00
Jörg Thalheim
f4e58c2eb2 Merge pull request #21395 from jerith666/plex-firewall
plex: add config option to open recommended network ports
2016-12-24 23:31:04 +01:00
Matt McHenry
b64214f66f plex: add config option to open recommended network ports
as prescribed at https://support.plex.tv/hc/en-us/articles/201543147-What-network-ports-do-I-need-to-allow-through-my-firewall-
2016-12-24 15:36:52 -05:00
Matt McHenry
3c10e68c40
plex: fix a minor syntax issue in systemd ExecStart 2016-12-23 08:02:08 -05:00
Franz Pletz
3000ae8602
gitlab service: fix sidekiq queue config 2016-11-29 17:42:46 +01:00
Ruben Maher
9c9a21d525 matrix-synapse service: Make url_preview_enabled optional (#20609) 2016-11-28 03:33:48 +01:00
Joachim Fasting
f9f354faad
nixos/modules: use defaultText where applicable
Primarily to fix rendering of these default values in the manual but
it's also nice to avoid having to eval these things just to build the
manual.
2016-11-21 16:35:15 +01:00
Nikolay Amiantov
6bb292d42b parsoid service: update, use declarative configuration
Old configuration format is disabled now (it can still be used, but with
additional steps). This is a backwards incompatible change.
2016-11-20 19:12:14 +03:00
Michael Stapelberg
9cbf8a0652 Fix buildMachines example: use lists, not string (#20361)
Using the example before this commit resulted in the following error:

```
error: value is a string while a list was expected, at /nix/var/nix/profiles/per-user/root/channels/nixos/nixpkgs/nixos/modules/services/misc/nix-daemon.nix:349:37
```
2016-11-15 07:04:32 +01:00
Robin Gloster
f422afd07d
errbot service: fix import config in plugins 2016-11-08 17:44:52 +01:00
Joachim Schiele
47d81ed347 leaps: 0.5.1 + add a service + test 2016-11-06 10:34:42 +01:00
Eric Sagnes
1fe1cdecb2 types: loeOf -> listOf 2016-11-05 21:46:42 +01:00
Nikolay Amiantov
5187c28f91 parsoid service: don't run as a superuser 2016-11-03 19:20:19 +03:00
Nikolay Amiantov
0fa07f1b20 parsoid service: fix for new parsoid 2016-11-03 19:20:19 +03:00
Ruben Maher
08d7fbb42d
matrix-synapse: Allow keys to be generated
The matrix-synapse user has `createHome = true;` which runs before the
`preStart` script, so the home directory will always exist and the block
will never execute.

Also don't include default path to keys in the configuration file,
because synapse will choke if it tries to open them before they
exist (even with `--generate-keys`).
2016-11-02 10:10:46 +01:00
Edward Tjörnhammar
f7ad0c0fd5 Merge pull request #19675 from edwtjo/dictd-touchup
Dictd touchup
2016-10-31 13:08:57 +01:00
Joachim F
bdc4397303 Merge pull request #19805 from joachifm/startAt-fixups
Fixup remaining uses of startAt
2016-10-23 20:39:53 +02:00
Emery Hemingway
7c6a4e6c35 nixos/octoprint: fixup extraConfig 2016-10-23 19:47:28 +02:00
Emery Hemingway
b675619391 nixos: use types.lines for extraConfig 2016-10-23 19:41:43 +02:00
Joachim Fasting
4c41c412a0
nix gc service: fix use of startAt
`startAt = ""` as in `startAt = optionalString false ...` results
in an invalid timer unit (due to "" being promoted to a singleton
list and not filtered out).

Ref: c9941c4b5e
2016-10-23 17:56:49 +02:00
Joachim F
858f54dd88 Merge pull request #19664 from eqyiel/revert-19591-master
Revert "matrix-synapse: Pass required --report-stats opt"
2016-10-21 01:47:12 +02:00
Tim Steinbach
99d9d32899 Merge pull request #19668 from groxxda/timers
systemd.timers: automatically convert string to list
2016-10-20 17:37:28 -04:00
Robin Gloster
c2eb39faba
gitlab: start sidekiq when starting gitlab 2016-10-20 11:18:21 +02:00
Edward Tjörnhammar
eacb020a0c
nixos: dictd, make wiktionary and wordnet default dicts 2016-10-19 08:43:30 +02:00
Edward Tjörnhammar
642366d103
nixos: dictd config location; bind to cfg 2016-10-19 08:43:30 +02:00
Alexander Ried
89ef1a1756 nix-optimise module: fix startAt 2016-10-19 02:22:12 +02:00
Ruben Maher
2e0d0af1c8 Revert "matrix-synapse: Pass required --report-stats opt" 2016-10-19 08:28:38 +10:30
Ruben Maher
443d833947 matrix-synapse: Pass required --report-stats opt 2016-10-16 18:12:54 +10:30
Frederik Rietdijk
ad33e71c55 Merge pull request #19490 from regnat/taskserver
taskserver : use pythonPackage.buildPythonPackage
2016-10-12 18:24:43 +02:00
regnat
f697486122 taskserver : use pythonPackage.buildPythonPackage 2016-10-12 18:09:13 +02:00
Robin Gloster
dabcd7d4c8 dockerRegistry module: re-init with new underlying software 2016-10-12 14:05:09 +02:00
Robin Gloster
a0e791a14c errbot module: init 2016-10-12 13:17:46 +02:00
Andrew Scott
05b7aaae74 nix.optimise.dates should be list 2016-10-04 11:31:51 +01:00
Tristan Helmich
81ff763541 emby: use makeWrapper to supply ffmpeg/probe paths
Fixes NixOS/nixpkgs#19118
2016-10-03 12:23:44 +02:00
Joachim F
0906a0f197 Merge pull request #18491 from groxxda/network-interfaces
Replace Network-interfaces.target
2016-10-02 16:34:37 +02:00
Joachim F
7e80c42b0e Merge pull request #18511 from ericsagnes/feat/remove-optionSet
modules: optionSet -> submodule
2016-10-01 17:57:45 +02:00
Jörg Thalheim
f2f7420e2b Merge pull request #19115 from Ralith/matrix-synapse
matrix-synapse: 0.17.1 -> 0.18.0
2016-10-01 14:54:41 +02:00
Pascal Bach
7d6c02d45a confd service: change default etcd port 4001 -> 2379
New versions of etcd listen on 2379 by default.
This is also the official IANA assigned port.
2016-09-28 23:35:54 +02:00
Franz Pletz
77779323c5
gitlab: 8.11.2 -> 8.12.1 2016-09-27 18:41:02 +02:00
Matt McHenry
de9546307f
nix-optimise service: init
Closes https://github.com/NixOS/nixpkgs/pull/18378
2016-09-23 16:08:03 +02:00
Robin Gloster
0fa64b718f
gitlab module: enable postgres pg_trgm extension 2016-09-20 17:45:23 +02:00
Benjamin Saunders
0b4f8b93e6 matrix-synapse: 0.17.1 -> 0.18.0 2016-09-19 21:00:51 -07:00
Bjørn Forsman
4fdc9fa7d9 nixos/autofs: fix typo afuese -> afuse 2016-09-19 13:49:47 +02:00
Alexander Ried
5481831263 misc.etcd: get closer to upstream service definition
taken from
https://github.com/coreos/etcd/blob/master/contrib/systemd/etcd.service

I intentionally kept "After = network.target" because I think it's
missing upstream (https://github.com/coreos/etcd/pull/6388)
2016-09-13 11:19:22 +02:00
Joachim Fasting
c2d007e0f7 zookeeper service: network-interfaces.target -> network.target 2016-09-13 11:19:22 +02:00
Joachim Fasting
4c7f53e9b4 svnserve service: network-interfaces.target -> network.target 2016-09-13 11:19:22 +02:00
Joachim Fasting
9b1177f69d mesos-slave service: network-interfaces.target -> network.target 2016-09-13 11:19:22 +02:00
Joachim Fasting
2d48f1c487 mesos-master service: network-interfaces.target -> network.target 2016-09-13 11:19:22 +02:00
Joachim Fasting
ebc8e082e9 folding-at-home service: network-interfaces.target -> network.target 2016-09-13 11:19:22 +02:00
Joachim Fasting
5a085caea3 apache-kafka service: network-interfaces.target -> network.target 2016-09-13 11:19:22 +02:00
Eric Sagnes
ef04462ea9 rippled module: optionSet -> submodule 2016-09-13 12:53:10 +09:00
Domen Kožar
fed3501b07 Remove docker-registry as it's deprecated #18209 2016-09-09 18:50:42 +02:00
Jaka Hudoklin
c083ab99b2 Merge pull request #17969 from offlinehacker/pkgs/etcd/update-3.0.6
Update etcd, improve nixos module, fix nixos tests
2016-09-04 16:31:50 +02:00
Domen Kožar
da421bc75f Fix #4210: Remove builderDefs
This was one of the ways to build packages, we are trying
hard to minimize different ways so it's easier for newcomers
to learn only one way.

This also:

- removes texLive (old), fixes #14807
- removed upstream-updater, if that code is still used it should be in
  separate repo
- changes a few packages like gitit/mit-scheme to use new texlive
2016-08-31 11:34:46 +02:00
Eelco Dolstra
2755bcfa7c In $NIX_PATH, use nixpkgs=...
This is required by the "nix" command to find Nixpkgs.
2016-08-29 17:50:25 +02:00
Domen Kožar
e01e92f12f Merge pull request #15025 from ericsagnes/modules/manual
manual: automatically generate modules documentation
2016-08-28 13:57:34 +02:00
Franz Pletz
eba0098eab
nixos/doc/gitlab: fix build 2016-08-26 15:47:39 +02:00
Franz Pletz
d70f83e7e9
gitlab: 8.10.6 -> 8.11.2 2016-08-26 15:03:19 +02:00
Jaka Hudoklin
0630233afa etcd module: add test for simple one node etcd service 2016-08-25 14:42:22 +02:00
Jaka Hudoklin
8256c07fc0 etcd module: add support for ssl, better defaults, fix tests 2016-08-24 20:12:24 +02:00
Joachim Fasting
f3ef4383c6
nix-daemon service: fix unbalanced parens in description 2016-08-23 13:06:25 +02:00
Tuomas Tynkkynen
74a3a2cd7e treewide: Use makeBinPath 2016-08-23 01:18:10 +03:00
Franz Pletz
131bc22b84 gitlab service: add option for db_key_base secret 2016-08-17 13:17:47 +02:00
Nikolay Amiantov
4a35d08970 autofs service: make service more like upstream one 2016-08-14 22:39:23 +03:00
Franz Pletz
e082cfcaaa gitlab module: restart services on failure
Sidqkiq regularly dies due to memory leaks.
2016-08-12 19:18:23 +02:00
Eric Sagnes
4cdfeb78f9 modules: move meta at top level 2016-08-11 00:29:48 +09:00
Eric Sagnes
898435d16e manual: automatically generate modules entries 2016-08-11 00:24:41 +09:00