Commit graph

3391 commits

Author SHA1 Message Date
Thomas Tuegel
cc058eff70 kde5_latest: merge all package sets
The three KDE package sets now have circular dependencies between them,
so they can only be built if they are merged into a single package set
during evaluation.
2015-12-16 10:22:43 -06:00
Oliver Charles
35f8952a8c Merge pull request #11338 from obadz/light-locker
light-locker (lockscreen for lightdm)
2015-12-16 13:45:05 +00:00
Spencer Whitt
3bc477e2f2 mopidy module: use buildEnv fixes #11706 2015-12-15 22:38:15 -05:00
obadz
9be012f0d4 lightdm & xserver service: add ability to spawn more than one X server
- if xserver.tty and/or display are set to null, then don't specify
  them, or the -logfile argument in the xserverArgs
- For lightdm, we set default tty and display to null and we determine
  those at runtime based on arguments passed. This is necessary because
  we run multiple X servers so they can't all be on the same display
2015-12-15 08:49:28 -06:00
aszlig
00934bb908
nixos/tests: Revert setting min_free_kbytes
This reverts commit 02b568414d.

With a5bc11f and 6353f58 in place, we really don't need this anymore.

After running about 500 VM tests on my Hydra, it still didn't improve
very much.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-12-14 17:40:28 +01:00
aszlig
6353f580f9
nixos/qemu-vm: Disable cache for $NIX_DISK_IMAGE
As @domenkozar noted in #10828, cache=writeback seems to do more harm
than good:

https://github.com/NixOS/nixpkgs/issues/10828#issuecomment-164426821

He has tested it using the openstack NixOS tests and found that
cache=none significantly improves startup performance.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-12-14 17:36:22 +01:00
aszlig
a5bc11f9eb
nixos/vm-tests: Remove msize mount option
This seems to be the root cause of the random page allocation failures
and @wizeman did a very good job on not only finding the root problem
but also giving a detailed explanation of it in #10828.

Here is an excerpt:

  The problem here is that the kernel is trying to allocate a contiguous
  section of 2^7=128 pages, which is 512 KB. This is way too much:
  kernel pages tend to get fragmented over time and kernel developers
  often go to great lengths to try allocating at most only 1 contiguous
  page at a time whenever they can.

  From the error message, it looks like the culprit is unionfs, but this
  is misleading: unionfs is the name of the userspace process that was
  running when the system ran out of memory, but it wasn't unionfs who
  was allocating the memory: it was the kernel; specifically it was the
  v9fs_dir_readdir_dotl() function, which is the code for handling the
  readdir() function in the 9p filesystem (the filesystem that is used
  to share a directory structure between a qemu host and its VM).

  If you look at the code, here's what it's doing at the moment it tries
  to allocate memory:

    buflen = fid->clnt->msize - P9_IOHDRSZ;

    rdir = v9fs_alloc_rdir_buf(file, buflen);

  If you look into v9fs_alloc_rdir_buf(), you will see that it will try
  to allocate a contiguous buffer of memory (using kzalloc(), which is a
  wrapper around kmalloc()) of size buflen + 8 bytes or so.

  So in reality, this code actually allocates a buffer of size
  proportional to fid->clnt->msize. What is this msize? If you follow
  the definition of the structures, you will see that it's the
  negotiated buffer transfer size between 9p client and 9p server. On
  the client side, it can be controlled with the msize mount option.

  What this all means is that, the reason for running out of memory is
  that the code (which we can't easily change) tries to allocate a
  contiguous buffer of size more or less equal to "negotiated 9p
  protocol buffer size", which seems to be way too big (in our NixOS
  tests, at least).

After that initial finding, @lethalman tested the gnome3 gdm test
without setting the msize parameter at all and it seems to have resolved
the problem.

The reason why I'm committing this without testing against all of the
NixOS VM test is basically that I think we can only go better but not
worse than the current state.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-12-14 17:26:24 +01:00
Arseniy Seroka
7bb418e02c Merge pull request #11681 from jgillich/upnpd-fw
miniupnpd: firewall config
2015-12-13 23:03:11 +03:00
Domen Kožar
3fca941aeb virtualisation.qemu.options: specify type 2015-12-13 19:06:22 +01:00
JC Brand
b5b9b03518 clamav: improvements
- Add new service for `clamd`, the ClamAV daemon.
- Replace the old upstart "jobs" section with systemd.services
- Remove unnecessary config options.
- Use `mkEnableOption`
2015-12-13 15:55:56 +00:00
Jakob Gillich
0f1de2ea9f miniupnpd: firewall config 2015-12-13 16:44:58 +01:00
JC Brand
36e1e3a8a6 clamav: Fixed indentation. 2015-12-13 15:13:12 +00:00
Nikolay Amiantov
5250582396 nixos/acme: fix timer unit 2015-12-13 17:01:59 +03:00
Nikolay Amiantov
9e0257c104 Merge branch 'feature/simp_le-service' of https://github.com/mayflower/nixpkgs into mayflower-feature/simp_le-service 2015-12-13 17:01:42 +03:00
aszlig
02b568414d
nixos/test-instrumentation: Set vm.min_free_kbytes
We hit page allocation failures a lot at random for VM tests, in case of
my own Hydra when it comes to the installer tests. The reason for this
is that once the memory of the VM gets heavily fragmented the kernel is
unable to allocate new pages.

Setting vm.min_free_kbytes to 16MB forces the kernel to keep a minimum
of 16 MB free.

I've done some testing accross repeated runs of the installer tests with
and without vm.min_free_kbytes set. So accross 30 test runs for each
settings, all of the tests with the option being set passed while 14
tests without that sysctl option triggered page allocation failures.

Sure, running 30 tests is not a guarantee that 16MB is enough, but we'll
see how it turns out in the long run across all VM tests.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-12-13 03:18:10 +01:00
Thomas Tuegel
d6e3a8e921 nixos/kde5: enable SVG icons in GTK programs
Fixes #10758.
2015-12-12 14:35:10 -06:00
Svein Ove Aas
7e86e9a048 zfs:Always import from /dev/disk/by-id 2015-12-12 20:32:38 +00:00
goibhniu
6a4b71afa5 Merge pull request #11294 from mayflower/service/shairport-sync
shairport-sync service: add module
2015-12-12 20:37:44 +01:00
Franz Pletz
6734127545 shairport-sync service: add module
Adds a new service module for shairport-sync. Tested with a local
and remote pulseaudio server. Needs to be run as a user in the pulse group
to access pulseaudio.
2015-12-12 20:30:47 +01:00
Thomas Tuegel
fac138a2f5 nixos/sddm: fix indentation 2015-12-12 11:36:45 -06:00
Thomas Tuegel
b07fa98f82 nixos/sddm: add setupScript and stopScript options
These options allow setting the start and stop scripts for the display
manager. Making these configurable is necessary to allow some hardware
configurations. Upstream ships empty scripts by default, anyway.
2015-12-12 11:31:26 -06:00
Franz Pletz
1685b9d06e nixos/acme: Add module documentation 2015-12-12 16:06:53 +01:00
Franz Pletz
9374ddb895 nixos/acme: validMin & renewInterval aren't cert-specific 2015-12-12 16:06:53 +01:00
Franz Pletz
0517d59a66 nixos/acme: Improve documentation 2015-12-12 16:06:52 +01:00
Franz Pletz
de24b00d41 nixos/simp_le: Rename to security.acme 2015-12-12 16:06:52 +01:00
Franz Pletz
e7362a877d nixos/simp_le: Use systemd for setting user and group
This is much cleaner and we don't depend on sudo.
2015-12-12 16:06:52 +01:00
Nikolay Amiantov
1641c19d0b nixos/simp_le: use /var/lib/simp_le as root dir by default
/etc on NixOS is regenerated on boot and there was movement
towards making it read-only -- so let's keep dynamic state elsewhere.
2015-12-12 16:06:52 +01:00
Nikolay Amiantov
6906baae5c nixos/simp_le: improve configuration options 2015-12-12 16:06:52 +01:00
Franz Pletz
612781e816 simp_le service: letsencrypt cert auto-renewal
This new service invokes `simp_le` for a defined set of certs on a regular
basis with a systemd timer. `simp_le` is smart enough to handle account
registration, domain validation and renewal on its own. The only thing
required is an existing HTTP server that serves the path
`/.well-known/acme-challenge` from the webroot cert parameter.

Example:

  services.simp_le.certs."foo.example.com" = {
    webroot = "/var/www/challenges";
    extraDomains = [ "www.example.com" ];
    email = "foo@example.com";
    validMin = 2592000;
    renewInterval = "weekly";
  };

Example Nginx vhost:

  services.nginx.appendConfig = ''
    http {
      server {
        server_name _;
        listen 80;
        listen [::]:80;

        location /.well-known/acme-challenge {
          root /var/www/challenges;
        }

        location / {
          return 301 https://$host$request_uri;
        }
      }
    }
  '';
2015-12-12 16:06:51 +01:00
Thomas Tuegel
3960ecb933 Merge branch 'plasma-5.5' 2015-12-11 07:21:50 -06:00
Thomas Tuegel
b858a32d27 nixos/kde5: enable Breeze SDDM theme 2015-12-11 07:09:08 -06:00
Thomas Tuegel
78a6d62b48 sddm: wrap to include themes 2015-12-11 07:09:07 -06:00
Thomas Tuegel
8a1682ce3f nixos/kde5: reformat Phonon backend package list 2015-12-11 07:08:33 -06:00
Thomas Tuegel
92a484bdf2 nixos/kde5: install Breeze icons if available 2015-12-11 07:08:33 -06:00
Thomas Tuegel
9b7ae36087 nixos/kde5: only install Orion if Breeze GTK unavailable 2015-12-11 07:08:33 -06:00
Thomas Tuegel
521d9e5064 nixos/kde5: comment on Oxygen icons move 2015-12-11 07:08:33 -06:00
Eelco Dolstra
b67fdd2068 Merge pull request #11628 from grwlf/allproxy
set all_proxy environment variable
2015-12-11 12:57:36 +01:00
Sergey Mironov
565707c57a set all_proxy environment variable 2015-12-11 11:20:00 +03:00
Arseniy Seroka
79d0fc45a9 Merge pull request #11565 from jgillich/rkt
rkt: add service
2015-12-11 08:04:44 +03:00
Jakob Gillich
c85ada394f rkt: add service 2015-12-11 05:53:20 +01:00
Arseniy Seroka
bc8d08a511 Merge pull request #11548 from jgillich/upnpd
miniupnpd: add service
2015-12-10 23:32:51 +03:00
Nicole Angel
c840974c24 grub: fix typo in variable name (trivial) 2015-12-10 19:52:08 +01:00
Ricardo M. Correia
3f842516a1 nixos.transmission: fix apparmor profile 2015-12-10 19:00:08 +01:00
Christoph Hrdinka
3f4276369e dovecot service: refactor module 2015-12-10 01:08:50 +01:00
Evgeny Egorochkin
c16f90f515 Azure image: update ssh key type, start before the Azure agent 2015-12-09 07:42:37 +02:00
Evgeny Egorochkin
6db67186f2 Azure image: package and add azure agent 2015-12-09 07:42:37 +02:00
Jakob Gillich
29871ee2dd miniupnpd: add service 2015-12-09 00:28:41 +01:00
Bjørn Forsman
2acf59efa4 nixos/redmine: improve assert message
Give the user more context.
2015-12-08 22:52:02 +01:00
Pascal Wittmann
93d8671e2c nixos/rabbitmq: fix link to documentation 2015-12-08 20:14:33 +01:00
zimbatm
c515be4651 networkmanager: set uid/gid for the networkmanager openvpn agent
Fixes #11317
2015-12-08 16:47:56 +00:00
Jakob Gillich
80720501cb ddclient: fix ssl option 2015-12-08 11:11:14 +01:00
Gabriel Ebner
f4c01fc004 systemd: enable timedated, hostnamed, localed. 2015-12-07 20:25:53 +01:00
Markus Wotringer
9a350d5f1e cntlm: refactor to systemd service, fixes #11339 2015-12-07 15:40:43 +01:00
Jakob Gillich
6c9931c556 shout: fix preStart, fixes #11516
preStart must be a string
2015-12-07 15:24:29 +01:00
Rodney Lorrimar
b13b9489ad pump.io service: init
Pump.io runs its web server as a standalone service listening on
443. It's also possible to put the service behind a HTTP reverse proxy.
2015-12-06 13:35:21 +00:00
Tobias Geerinckx-Rice
214a9537c8 hostapd service: improve option descriptions 2015-12-05 23:42:56 +01:00
Arseniy Seroka
86c3f435d1 Merge pull request #11415 from zenhack/dwm-wm
xserver: dwm as a window manager
2015-12-05 13:49:45 +03:00
Vladimír Čunát
263fd55d4b Merge recent staging built on Hydra
http://hydra.nixos.org/eval/1231884
Only Darwin jobs seem to be queued now,
but we can't afford to wait for that single build slave.
2015-12-05 11:11:51 +01:00
Nikolay Amiantov
cf3202acac nixos/bumblebee: update for new packages 2015-12-05 00:54:09 +03:00
Nikolay Amiantov
ae7ff02081 tlp: use module_init_tools, avoid recompilation for nixos 2015-12-05 00:54:09 +03:00
Christoph Hrdinka
e2720bfb70 nsd service: use mkEnableOption 2015-12-04 16:13:02 +01:00
Moritz Ulrich
ff66ac9dd0 Fix evaluation after merge of #11450. 2015-12-04 15:40:47 +01:00
Arseniy Seroka
6d8bb1f629 Merge pull request #11450 from AndersonTorres/nixos-modules-window-managers
Getting rid of mkOption in NixOS window manager modules
2015-12-04 16:33:22 +03:00
Arseniy Seroka
0c05f14d53 Merge pull request #10535 from roblabla/feature-updateGitlab8.0.5
gitlab: 7.4.2 -> 8.0.5
2015-12-04 16:30:09 +03:00
AndersonTorres
2955b2fcf4 Getting rid of mkOption in NixOS window manager modules
Now the default way to define NixOS window manager modules is to use
mkEnableOption to describe the module itself.
In this commit, all files on nixos/modules/services/x11/window-managers
are changed.
2015-12-04 07:38:23 -02:00
Ian Denhardt
8edd15d175 xserver: dwm as a window manager 2015-12-03 21:37:55 -05:00
roblabla
b7a4231aa2 gitlab: 7.4.2 -> 8.0.5 2015-12-04 01:14:24 +01:00
Nikolay Amiantov
634c9db4c2 Merge pull request #11431 from abbradar/teamviewer
teamviewer: init at 11.0.52520, remove older versions
2015-12-03 23:59:53 +03:00
Nikolay Amiantov
f3e8bb780c nixos/kbd: make systemd-vconsole-setup work with KMS 2015-12-03 22:54:24 +03:00
Nikolay Amiantov
c3d503d33d teamviewer: init at 11.0.52520, remove older versions 2015-12-03 22:28:36 +03:00
Pascal Wittmann
33044458eb Merge pull request #11371 from tk-ecotelecom/fix-wmii
wmii.nix: fix module args
2015-12-03 17:18:33 +01:00
Domen Kožar
7402dd4197 nova-image: don't use ec2-data since it delays the bootup time 2015-12-03 11:10:32 +01:00
Augustin Borsu
c17a60b636 owncloud httpd-service: add package option
Owncloud package used can now be set in configuration.nix using
package option.
2015-12-02 20:37:41 +01:00
Augustin Borsu
9d5bf282c7 owncloud httpd-service: fix trusted_domain when unset
When an empty string was given as trusted_domain, the trusted
domain was set to be empty string instead of not beeing set.
2015-12-02 20:37:33 +01:00
Augustin Borsu
16fd6c1cf0 owncloud: 7.0.5 -> 7.0.10 +
Commit changes default version to 7.0.10, 7.0.5 version is kept for
people reluctant to update. Needed info has also been added for
versions 8.0, 8.1 and 8.2 only the latest minor version of each
major version is included.
2015-12-02 20:36:40 +01:00
Augustin Borsu
e08ffc472c owncloud httpd-service: add urlPrefix option
This option allows user to specify a url prefix for owncloud.
By default it is set to "" and the document root will be set
to owncloud's dir.
If a prefix is set, e.g. urlPrefix = "/owncloud"
an alias will be created using that prefix to point to owncloud's
dir and owncloud will be available at http://localhost/owncloud
2015-12-02 20:36:26 +01:00
Arseniy Seroka
7afc077139 Merge pull request #11351 from basvandijk/strongswan-modprobe
strongswan service: use config.system.sbin.modprobe instead of kmod
2015-12-01 23:01:15 +03:00
Timofei Kushnir
8b1fc9ca75 wmii.nix: fix module args 2015-12-01 09:08:20 +03:00
Timo Meijer
12ec6223f4 lightdm-gtk-greeter module: Fix error when lightdm disabled 2015-11-30 21:11:25 +01:00
Oliver Charles
7f7b0dc3f2 Merge pull request #11336 from TimoMeijer/fix/nixos-modules-lightdm
lightdm module: Extract greeter configuration and add theme options
2015-11-30 13:08:05 +00:00
Timo Meijer
a621fd76c2 lightdm-gtk-greeter module: Add configuration options for theme and iconTheme 2015-11-30 12:58:13 +00:00
Timo Meijer
59c6fba342 lightdm module: extract greeter configuration 2015-11-30 12:58:05 +00:00
Bas van Dijk
db43a79f10 strongswan service: use config.system.sbin.modprobe instead of kmod
Fixes: #8343
2015-11-30 01:50:57 +01:00
Aristid Breitkreuz
0b9c4af74a Merge pull request #11342 from basvandijk/wordpress-4.3.1
wordpress: 4.3 -> 4.3.1
2015-11-29 20:51:57 +01:00
Arseniy Seroka
a9056371a0 Merge pull request #9701 from basvandijk/wordpress-fix
wordpress: use the correct mysql pidDir
2015-11-29 18:22:33 +03:00
lethalman
072aa5000f Merge pull request #11329 from ctheune/submit/pkg-syncthing-update-0.12.4
syncthing: 0.11 -> 0.12
2015-11-29 15:51:00 +01:00
Bas van Dijk
af500630e8 wordpress: use the correct mysql pidDir 2015-11-29 15:46:43 +01:00
lethalman
b97f5e8b33 Merge pull request #7993 from wavewave/extra-binds
nixos-container: support user-defined extra binds
2015-11-29 15:42:58 +01:00
Bas van Dijk
3ac171cefb graphite service: store PID files under /run and configure systemd to use them
The advantage of putting the PID file under the ephemeral /run is that
when the machine crashes /run gets cleared allowing graphite to start
once the machine is rebooted.

We also set the PIDFile systemd option so that systemd knows the correct
PID and enables systemd to remove the file after service shut down.
2015-11-29 14:17:23 +01:00
Bas van Dijk
f48f916fd1 wordpress: 4.3 -> 4.3.1 2015-11-29 12:50:00 +01:00
Christian Theune
f6627a9402 syncthing: 0.11 -> 0.12
Also, keep 0.11 around (in an updated version) and make the
pkg an option to the service module.
2015-11-28 20:17:49 +01:00
Rok Garbas
2de0dc1a18 statsd: updated package and nixos service
* package statsd node packages separatly since they actually require
  nodejs-0.10 or nodejs-0.12 to work (which is ... well old)

* remove statsd packages and its backends from "global" node-packages.json.
  i did not rebuild it since for some reason npm2nix command fails. next time
  somebody will rerun npm2nix statsd packages are going to be removed.

* statsd service: backends are now provided as strings and not anymore as
  packages.
2015-11-27 21:42:21 +01:00
Sander van der Burg
a744aa74aa disnix: add a target for services activated and deactivated by dysnomia 2015-11-26 17:21:19 +00:00
Kovacsics Robert (NixOS)
912f60c1e7 Revert part of #9982 to be in line with #9925
When creating PR #9982, I undid a line of PR #9925, that was some
cleanups and fixes, so this undoes that damage.
2015-11-26 14:40:31 +00:00
ts468
acb362b8c1 Merge pull request #11195 from obadz/pam-reorg
PAM: reorganize the way pam_ecryptfs and pam_mount get their password
2015-11-26 13:50:42 +01:00
goibhniu
cc63832981 Merge pull request #8758 from fpletz/package/chrony
chrony: 2.1.1 -> 2.2 & service improvements
2015-11-26 13:22:33 +01:00
Spencer Whitt
bf14849534 zsh module: add /share/zsh to pathsToLink
Needed for completion functions
abbradar: replaced optionals with optional
2015-11-26 04:33:07 +03:00
Jan Malakhovski
244fba351c nixos: use w3m-nox for the manual 2015-11-26 00:34:10 +00:00
Spencer Whitt
ff58711bda zsh module: add enableCompletion option 2015-11-25 10:32:58 -05:00
Arseniy Seroka
13426c1451 Merge pull request #10512 from makefu/bepasty-init-dev
services/misc/bepasty: init at 2015-10-21
2015-11-24 19:35:08 +03:00
Rickard Nilsson
38196171e8 Merge pull request #10773 from rvl/longview
Linode Longview package and module
2015-11-24 13:16:30 +01:00
lethalman
8099d8189b Merge pull request #11108 from ericsagnes/ibus-dconf
ibus: fix dconf dependency
2015-11-24 10:16:08 +01:00
Raymond Gauthier
662bbb526c thunar: improvements (close #10306)
Add the possibility to specify plugin set to
be used as overridable `thunar` derivation argument.

New nixos config attribute:
`services.xserver.desktopManager.xfce.thunarPlugins`
that allows user to specify plugins in the context
of nixos.

Tests:

 -  With and without plugins.
 -  Using the nixos attributes.
2015-11-24 09:51:39 +01:00
makefu
0bdc5e269b services/misc/bepasty: init at 2015-10-21
This module implements a way to start one or more bepasty servers.
It supports configuring the listen address of gunicorn and how bepasty
behaves internally.

Configuring multiple bepasty servers provides a way to serve pastes externally
without authentication and provide creating,listing,deleting pastes interally.
nginx can be used to provide access via hostname + listen address.

`configuration.nix`:

    services.bepasty = {
      enable = true;
      servers = {

        internal = {
          defaultPermissions = "admin,list,create,read,delete";
          secretKey = "secret";
          bind = "127.0.0.1:8000";
        };

        external = {
          defaultPermissions = "read";
          bind = "127.0.0.1:8001";
          secretKey = "another-secret";
        };
      };
    };
2015-11-23 22:10:14 +01:00
Thomas Tuegel
56b407f0e7 nixos/kde5: correctly locate oxygen-icons 2015-11-23 13:46:10 -06:00
Ollie Charles
52f872ec27 services.xserver: Disable Ctrl+Alt+Backspace by default
Ctrl+Alt+Backspace is usually enabled by default under X, and is a
keyboard shortcut that forcefully kills the current X server. This can
lead to data loss by users if accidentally pressed. This commit
introduces a new option, services.xserver.enableCtrlAltBackspace, that
is *disabled* by default. If set to true, the previous behavior can be
restored.

A similar decision was made by the Ubuntu team, and is documented here:
https://wiki.ubuntu.com/XorgCtrlAltBackspace
2015-11-23 14:48:56 +00:00
Thomas Tuegel
38bf645266 nixos/kde5: plasma-5.5 update 2015-11-23 06:39:09 -06:00
lethalman
ff36329af9 Merge pull request #11214 from spacefrogg/pam_env-fix
display-managers: fix pam_env.so usage
2015-11-23 10:28:58 +01:00
Michael Raitza
338576cace display-managers: fix pam_env.so usage
Fixed usage of pam_env.so PAM module in lightDM and GDM.
2015-11-22 21:25:11 +01:00
Edward Tjörnhammar
bfcde5cc38 i2pd: patch to enable tunnelcfg usage
nixos: i2pd service, use tunnelscfg to pass nix tunnel specifications
2015-11-22 20:35:59 +01:00
Unai Zalakain
09bdfd5c35 nixos/transmission: create user-provided download-dir, incomplete-dir
Currently only the hardcoded default directories are created, not the
directories that the user may have provided. Fix that.

[Bjørn: fix small typo (%{settingsDir} => ${settingsDir}) and change
commit message.]
2015-11-22 14:56:54 +01:00
Rodney Lorrimar
33f869ba1e longview nixos module: improve description for mysql password config options 2015-11-22 12:37:00 +00:00
Rodney Lorrimar
33c2b8a1f1 longview nixos module: add config options for service monitoring 2015-11-22 12:37:00 +00:00
Rodney Lorrimar
bc3fb79619 longview nixos module: init 2015-11-22 12:37:00 +00:00
obadz
a05a340e26 PAM: reorganize the way pam_ecryptfs and pam_mount get their password
Run pam_unix an additional time rather than switching it from sufficient
to required. This fixes a potential security issue for
ecryptfs/pam_mount users as with pam_deny gone, if cfg.unixAuth = False
then it is possible to login without a password.
2015-11-21 21:10:40 +00:00
Roger Qiu
1ddbc20dac Change the preset networking.hostId to use mkDefault so it can be easily changed by the user later 2015-11-22 01:03:16 +11:00
Luca Bruno
a6c42b5945 nixos/docker: enable socketActivation by default 2015-11-20 23:01:59 +01:00
Nicolas B. Pierron
4e61fc89d2 Merge pull request #11106 from nbp/nixos-reentry
Add a way to pin a NixOS version within the module system.
2015-11-20 20:11:21 +00:00
Nicolas B. Pierron
a5992ad61b Add a way to pin a NixOS version within the module system.
This modification add a way to re-evaluate the module system with a
different version of NixOS, or with a different set of arguments.
2015-11-19 20:58:45 +00:00
Eelco Dolstra
dec09c2220 services.cron.enable: Remove misleading default
Elsewhere we set it to "mkDefault (allFiles != [])" to the default has
no effect.
2015-11-19 14:25:16 +01:00
Jonas D
5ffbc9755a Add focus_password if defaultUser is set
Add 'focus_password yes' if defaultUser is set, to reflect the description of defaultUser.
2015-11-18 23:49:39 +01:00
Arseniy Seroka
54119cc48c slim service: update default theme 2015-11-19 01:30:24 +03:00
Jaka Hudoklin
22c61d3bfc Merge pull request #10218 from offlinehacker/nixos/format_options
add support for auto format, format options
2015-11-18 22:33:01 +01:00
Jaka Hudoklin
cbca877b01 Merge pull request #11056 from offlinehacker/nixos/systemd/onfailure
systemd module: Add OnFailure to systemd common unit options
2015-11-18 22:30:07 +01:00
Peter Simons
0ccc515b48 nixos: remove debug code accidentally checked in with 833a597156 2015-11-18 16:37:38 +01:00
Peter Simons
833a597156 nixos: configure bash prompt in Emacs' shell-mode, even if TERM=dumb
The idea that the interactive bash prompt isn't set in case of TERM=dumb
is intended to fix problems when other machines log remotely into a
NixOS installation via Tramp. A side-effect that change was, however,
that Emacs' shell-mode no longer had a correct prompt. I suppose the
presence of

  INSIDE_EMACS=24.5.2,comint

is a sufficiently unique indication that the current interactive shell
is running inside of an Emacs and that the prompt can thus be configured
safely.
2015-11-18 16:27:41 +01:00
Ollie Charles
013b848346 devmon: Non-root user, set PATH, require udisks2
devmon refuses to run as root. Instead, we now run it as a user service,
and enable udisks2 in order to perform the mounts.
2015-11-18 11:30:08 +00:00
Eric Sagnes
7cead2e990 ibus: fix dconf dependency 2015-11-18 11:29:31 +09:00
Jaka Hudoklin
be067811ff Merge pull request #11048 from offlinehacker/pkgs/influxdb/update_0.9.4
influxdb: 0.8.3 -> 0.9.4, fix module
2015-11-17 17:18:24 +01:00
Jaka Hudoklin
7955be7a82 Merge pull request #11051 from offlinehacker/pkgs/bosun/update_0.5.0
bosun: 0.3.0 -> 0.5.0-alpha, udpate module
2015-11-17 17:17:44 +01:00
Jaka Hudoklin
0667fe29c9 Merge pull request #11061 from offlinehacker/nixos/heapster/add
heapster module: init
2015-11-17 17:17:01 +01:00
Jaka Hudoklin
dfd1f14ca5 Merge pull request #11058 from offlinehacker/nixos/kubernetes1/git
kubernetes module: kubelet add git and ssh to path
2015-11-17 17:14:44 +01:00
Jaka Hudoklin
69a1b3977b Merge pull request #11055 from offlinehacker/pkgs/grafana/update_2.5.0
grafana: 2.0.0-beta1 -> 2.5.0
2015-11-17 17:14:23 +01:00
Jaka Hudoklin
aa4bad4c17 heapster module: init 2015-11-16 16:58:10 +01:00
Jaka Hudoklin
dd1f8b2693 kubernetes module: kubelet add git and ssh to path 2015-11-16 15:19:56 +01:00
Jaka Hudoklin
b9291616a6 systemd module: Add OnFailure to systemd common unit options 2015-11-16 15:12:28 +01:00
Jaka Hudoklin
9671d36011 grafana module: update 2015-11-16 14:59:25 +01:00
Jaka Hudoklin
0775a89c11 bosun module: update module 2015-11-16 14:24:02 +01:00
Jaka Hudoklin
9c1943fb6f influxdb: 0.8.3 -> 0.9.4, fix module 2015-11-16 14:22:08 +01:00
Domen Kožar
0567714b99 Merge pull request #10610 from joachifm/scsi-link-pm
nixos: set scsi link power policy using udev
2015-11-16 13:21:36 +01:00
Domen Kožar
b76519069d Merge pull request #9733 from basvandijk/wordpress-fix-extraConfig
wordpress: execute the extraConfig before loading wp-settings.php
2015-11-16 13:16:10 +01:00
Rickard Nilsson
3e18ddae49 Merge pull request #11005 from robbinch/fix-nix-serve
Change argument --port to --listen in nix-serve.nix
2015-11-16 11:43:31 +01:00
William A. Kennington III
4ead61ca39 Merge remote-tracking branch 'upstream/master' into master.upstream 2015-11-14 12:33:53 -08:00
William A. Kennington III
6602f49495 Revert "Revert "Merge pull request #9543 from NixOS/staging.post-15.06""
This reverts commit 741bf840da.

This reverts the fallout from reverting the major changes.
2015-11-14 12:32:51 -08:00
Guillaume Maudoux
60ba5ad479 lighttpd: fix mod_rewrite appearing twice 2015-11-14 15:52:25 +01:00
William A. Kennington III
9579c9ec7f Merge commit 'cb21b77' into master.upstream
This is a partial merge of staging for builds which are working
2015-11-13 15:53:10 -08:00
Lengyel Balázs
162542bf8f fix: ihaskell's and xmonad's dependence on haskell-ng 2015-11-13 19:14:40 +01:00
Arseniy Seroka
9dd3e5fd3f Merge pull request #10993 from oxij/nixos-actkbd-tinyfix
[trivial] nixos: add actkbd package to environment in actkbd module
2015-11-13 17:39:44 +03:00
Robbin C
c75d1e761a Change argument --port to --listen in nix-serve.nix 2015-11-13 21:25:50 +08:00
James Cook
225642e25a Update comment for gdm service.
Emphasize experimental nature slightly less, but say it's only really
tested with Gnome.
2015-11-12 20:58:43 -08:00