Commit graph

11009 commits

Author SHA1 Message Date
Maximilian Bosch
1e211a70cb nixos/zsh: use `escapeShelLArg' for shell aliases (#47471)
Previously single quotes were used by default for aliases and the module
never warned about possible collisions when having a shell alias which
relies on single quotes.

Adding `escapeShellArg` works around this fixes the issue and ensures that a
properly quoted value is written to `/etc/zshrc`.
2018-09-28 23:42:55 +02:00
xeji
f7c434b2a6
Merge pull request #47449 from griff/remove-rspamd-socket-activation
nixos/rspamd: Remove non-working socket activation
2018-09-28 21:03:04 +02:00
Brian Olsen
783a58f363
nixos/rspamd: Remove non-working socket activation
The socket activation I added to the rspamd module doesn't actually work
and can't be made to work without changes to rspamd.

See: #47421
See: rspamd/rspamd#2035
2018-09-28 19:43:34 +02:00
aszlig
fd8bca45c9
nixos/kexec: Fix typo in meta.platforms
Evaluation error introduced in 599c4df46a.

There is only a "platformS" attribute in kexectools.meta, so let's use
this and from the code in the kexec module it operates on a list,
matching the corresponding platforms, so this seems to be the attribute
the original author intended.

Tested by building nixos/tests/kexec.nix on x86_64-linux and while it
evaluates now, the test still fails by timing out shortly after the
kexec:

machine: waiting for the VM to finish booting
machine# Cannot find the ESP partition mount point.

This however seems to be an unrelated issue and was also the case before
the commit mentioned above.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @edolstra, @dezgeg
2018-09-28 17:44:42 +02:00
Tuomas Tynkkynen
599c4df46a nixos/kexec: Replace meta.available checks
This sort of code breaks config.{allowBroken, allowUnsupportedSystem} =
true by making them do unpredictable things.
2018-09-28 15:01:00 +03:00
Jörg Thalheim
1d65e473e7
Merge pull request #47462 from Mic92/fix-logind-user-temp
systemd: don't restart user-runtime-dir@ on upgrades
2018-09-28 12:10:02 +01:00
Jörg Thalheim
aa69bb5743 systemd: don't restart user-runtime-dir@ on upgrades
Likewise logind we should not try to restart this service after upgrade,
the user's current session depends on it.
2018-09-28 11:37:20 +01:00
Tuomas Tynkkynen
d6e3db44cf Add ssh backdoor to VM tests infrastructure.
Thanks to @dezgeg for prototype implementation, I've
cleaned it up and added documentation.
2018-09-28 10:53:08 +01:00
Jörg Thalheim
2dc1d75eb4
Merge pull request #35690 from griff/rspamd-socketruntime
nixos/rspamd: Preserve runtime directory when using socket activation
2018-09-27 14:09:12 +01:00
Franz Pletz
e7ca9af4cc
shairport-sync: fix pulseaudio support & default arguments 2018-09-26 18:12:02 +02:00
Domen Kožar
82feb4b66e
postgresql: give postgres user a shell 2018-09-26 12:11:40 +01:00
zimbatm
9fb79868ab google-compute-engine: 20180510 -> 20180905
The list of corresponding NixOS services are also updated
2018-09-26 11:48:16 +02:00
aszlig
9bfd864c59
Merge reording asserts in NixOS eval (#47293)
Changes the evaluation order in that it evaluates assertions before
warnings, so that eg. the following would work:

  { config, lib, ... }:

  {
    options.foo = lib.mkOption {
      type = lib.types.bool;
      default = true;
      description = "...";
    };

    options.bar = lib.mkOption {
      type = lib.types.bool;
      default = false;
      description = "...";
    };

    config = lib.mkMerge [
      (lib.mkIf config.bar {
        system.build.bar = "foobar";
      })
      (lib.mkIf config.foo {
        assertions = lib.singleton {
          assertion = config.bar;
          message = "Bar needs to be enabled";
        };
        systemd.services.foo = {
          description = "Foo";
          serviceConfig.ExecStart = config.system.build.bar;
        };
      })
    ];
  }

This is because the systemd module includes definitions for warnings
that would trigger evaluation of the config.system.build.bar definition.

The original pull request references a breakage due to the following:

  {
    services.nixosManual.enable = false;
    services.nixosManual.showManual = true;
  }

However, changing the eval order between asserts and warnings clearly is
a corner case here and it only happens because of the aforementioned
usage of warnings in the systemd module and needs more discussion.

Nevertheless, this is still useful because it lowers the evaluation time
whenever an assertion is hit, which is a hard failure anyway.
2018-09-26 01:18:41 +02:00
aszlig
c5bb43188d
nixos: Fix eval error for documentation.nixos
Introduced by 0f3b89bbed.

If services.nixosManual.showManual is enabled and
documentation.nixos.enable is not, there is no
config.system.build.manual available, so evaluation fails. For example
this is the case for the installer tests.

There is however an assertion which should catch exactly this, but it
isn't thrown because the usage of config.system.build.manual is
evaluated earlier than the assertions.

So I split the assertion off into a separate mkIf to make sure it is
shown appropriately and also fixed the installation-device profile to
enable documentation.nixos.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @oxij
2018-09-25 23:39:44 +02:00
Alexey Lebedeff
afa2be4464 rabbitmq module: modernize after package upgrade
- Use socket-activated epmd - that way there won't be any trouble when
  more than one erlang system is used within a single host.
- Use new automation-friendly configuration file format
- Use systemd notifications instead of buggy 'rabbitmqctl wait' for
  confirming successful server startup.
  'wait' bug: https://github.com/rabbitmq/rabbitmq-server/issues/463
- Use 'rabbitmqctl shutdown' instead of 'stop', because it's not
  pid-file based
- Use sane systemd unit defaults from RabbitMQ repo:
  https://github.com/rabbitmq/rabbitmq-server/blob/master/docs/rabbitmq-server.service.example
- Support for external plugins
2018-09-25 11:19:23 +02:00
Alexey Lebedeff
a6ff5865d1 rabbitmq-server: 3.6.10 -> 3.7.8
- New dependency on 'getconf' binary for
  3aa619e9ef/src/vm_memory_monitor.erl (L448)
- New dependency on 'socat' for systemd notifications
  4a3ee3a336/src/rabbit.erl (L361)
- elixir_1_6 for a new 'rabbitmqctl' tool
- Replace patching with providing custom PATH, as we already have some
  other things here
- Renamed package in all-packages.nix from a legacy spelling
2018-09-25 11:19:23 +02:00
Sarah Brofeldt
ded8f28c3a Revert "virtualization/qemu-vm: fix and improve virtio/scsi switching"
This reverts commit f777d2b719.
cc #34409
This breaks evaluation of the tested job:
attribute 'diskInterface' missing, at /nix/store/5k9kk52bv6zsvsyyvpxhm8xmwyn2yjvx-source/pkgs/build-support/vm/default.nix:316:24
2018-09-25 11:10:10 +02:00
Michael Raskin
61abf3bbd9
Merge pull request #47298 from oxij/nixos/doc-in-installer
nixos: fix fallout from #46193
2018-09-25 09:00:43 +00:00
WilliButz
78ad8d4a62 nixos/gitlab: rebuild authorized_keys during preStart
This updates the path to the 'gitlab-shell' to the
correct store path when gitlab is restarted.
2018-09-25 03:53:32 +02:00
Robin Gloster
dc915565ba gitlab module: workhorse may start before gitlab 2018-09-25 03:53:32 +02:00
Kristoffer Thømt Ravneberg
f17f59ca8e nixos/gitlab: avoid creating recursive symlinks, add gitlab-rake deps 2018-09-25 03:53:32 +02:00
xeji
bc22265e65
Merge pull request #47296 from matthewbauer/closure-size-reductions
ISO/OVA closure size reductions
2018-09-24 23:21:02 +02:00
Jan Malakhovski
1a6ce11518 nixos: doc: fix minimal profile and installer configs 2018-09-24 21:07:59 +00:00
Jan Malakhovski
3c0cced272 nixos: doc: nixos-manual: fix assert 2018-09-24 21:07:55 +00:00
Austin Seipp
0ce90d58cc nixos/chrony: clean up, rework to be a little closer to upstream
Most importantly, this sets PrivateTmp, ProtectHome, and ProtectSystem
so that Chrony flaws are mitigated, should they occur.

Moving to ProtectSystem=full however, requires moving the chrony key
files under /var/lib/chrony -- which should be fine, anyway.

This also ensures ConditionCapability=CAP_SYS_TIME is set, ensuring
that chronyd will only be launched in an environment where such a
capability can be granted.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-09-24 15:42:44 -05:00
Michael Raskin
ce411911e8
Merge pull request #47289 from 1000101/master
trezord: 2.0.14 -> 2.0.19 and nixos/trezord: revised and updated udev rules
2018-09-24 20:08:44 +00:00
Matthew Bauer
2b7d6e463e nixos: don’t enableQt4Support for installer profile
This is already done in
installer/cd-dvd/installation-cd-graphical-kde.nix but not in
profiles/graphical.nix. Related to #47256.
2018-09-24 15:07:25 -05:00
Jan Malakhovski
563d5b1c87 nixos: top-level: indent 2018-09-24 19:45:16 +00:00
Jan Malakhovski
fece91537b nixos: top-level: evaluate assertions before warnings
or else at least the following config will fail with an evaluation error
instead of an assert

```
{
  services.nixosManual.enable = false;
  services.nixosManual.showManual = true;
}
```
2018-09-24 19:45:15 +00:00
Domen Kožar
6eacc17157
nixos tests: move common configuration into separate file
This allows tests outside nixos to use acme setup.
2018-09-24 20:07:33 +01:00
1000101
082bf52e31 nixos/trezord: revised and updated udev rules
nixos/trezord: revised and updated udev rules
2018-09-24 19:55:14 +02:00
xeji
9163c057e7
Merge pull request #47155 from xeji/p/installer-tests
nixos/tests/installer: prevent race between parted and udev
2018-09-24 18:59:50 +02:00
xeji
c525111133
nixos/tests/hound: fix non-deterministic failure (#47152)
The test failed on Hydra in one instance because a request to the
server was sent before indexing was finished.
Retry the request until it succeeds (or times out).
2018-09-24 17:31:46 +02:00
Edward Tjörnhammar
8ab4cbdac3 nixos: initrd/luks: make uuid specified devices discoverable 2018-09-24 16:35:46 +02:00
Jörg Thalheim
21b29cdd43
Merge pull request #34409 from steveeJ/steveej-qemu-vm-fixes
qemu-vm: fix script syntax and VM args
2018-09-24 11:59:52 +01:00
Eelco Dolstra
9c53116d49
Revert "nixos: set nixos in nixPath"
This reverts commit 67c8c49177.

'nix run nixos.firefox' is *not* supposed to work - the Nix 2.x
interface attempts to standardize on nixpkgs.*, to get rid of the
nixos/nixpkgs confusion that existed with the channels interface. So
let's not bring that confusion back.
2018-09-24 10:42:01 +02:00
Samuel Dionne-Riel
ebf041d4bd
Merge pull request #46193 from oxij/nixos/manual-to-doc
nixos: doc: implement #12542
2018-09-24 00:09:23 -04:00
Jörg Thalheim
5e5cd96189
Merge pull request #47180 from avnik/fix/rmilter
Fix rmilter socket path, add deprecation notice
2018-09-24 01:40:13 +01:00
Matthew Bauer
cc72143f7d
Merge pull request #47206 from matthewbauer/add-nixos-to-nixpath
nixos: set nixos in nixPath
2018-09-23 18:47:44 -05:00
Matthew Bauer
1f0626a789
Merge pull request #47205 from matthewbauer/add-kdoctools
kde: add kdoctools to default environment
2018-09-23 18:46:36 -05:00
Matthew Bauer
eb1b55b38f
Merge pull request #47204 from matthewbauer/make-firefox-default
nixos: make firefox the default browser
2018-09-23 18:45:03 -05:00
Jan Malakhovski
0f3b89bbed nixos: doc: move non-service parts of service.nixosManual to documentation.nixos 2018-09-23 20:50:47 +00:00
Jan Malakhovski
fe744d3fb1 nixos: doc: rename manual to manualHTML, cleanup references
Because when I see "config.system.build.manual.manual" after I forgot
what it means I ask "Why do I need that second `.manual` there again?".
Doesn't happen with `config.system.build.manual.manualHTML`.
2018-09-23 20:47:58 +00:00
Will Dietz
7c74bc002f 19.03: fix section id 2018-09-23 15:25:16 -05:00
Matthew Bauer
611cc31aa4 kde: add kdoctools to default environment
khelpcenter needs meinproc5 to work properly. Hopefully doesn’t effect
closure sizes too much - kdoctools is rather small.

Fixes #46539

/cc @ttuegel
2018-09-23 13:38:50 -05:00
Sarah Brofeldt
7ac9e75583
Merge pull request #46959 from worldofpeace/emby/correct-permission
nixos/emby: ensure plugins are writeable
2018-09-23 20:33:29 +02:00
Sarah Brofeldt
7fb0194d41
Merge pull request #45161 from Gerschtli/update/ts3
teamspeak_server: 3.0.13.6 -> 3.3.0
2018-09-23 20:24:48 +02:00
John Ericson
1146ae1a71 release-notes/19.03: add release notes for nix 2.0 requirement bump
This is taken from the 18.09 change, which was reverted on release-18.09
but not master. The now-false 18.09 release notes were just removed from
master in 29854e2426, but since the
underlying change is still there, release notes for 19.03 are warranted.
This commit takes the now-reverted release notes and reuses them for
that.
2018-09-23 12:01:58 -04:00
John Ericson
fe20b58d66 release-notes: Add missing "Backward Incompatibilities" section
This has been part of every release since 17.03. I think the template
for new releases should be updated to contain this.
2018-09-23 12:01:49 -04:00
Alexander V. Nikolaev
868040ee22 rmilter: deprecation notice 2018-09-23 18:51:40 +03:00