Commit graph

5351 commits

Author SHA1 Message Date
Silvan Mosberger
565479374b
Merge pull request #42469 from ghuntley/patch-4
zerotier: added option to customise the port used
2018-08-08 17:02:25 +02:00
Geoffrey Huntley
5b66ddb943 nixos/zerotier: added option to customise the port used 2018-08-09 00:00:12 +10:00
Jan Tojnar
83a18e14d9
Merge pull request #39792 from Moredread/fwupd
WIP fwupd: 1.0.5 -> 1.1.0
2018-08-08 11:57:39 +02:00
Vincent Bernat
57840dbffb nixos/cloud-init: order after network-online.target (#44633)
Some modules of cloud-init can cope with a network not immediately
available (notably, the EC2 module), but some others won't retry if
network is not available (notably, the Cloudstack module).
network.target doesn't give much guarantee about the network
availability. Applications not able to start without a fully
configured network should be ordered after network-online.target.

Also see #44573 and #44524.
2018-08-08 00:09:00 +02:00
André-Patrick Bubel
08547ff642
fwupd: 1.0.5 -> 1.1.0
We override the ESP mount point in the config file /etc/fwupd/uefi.conf
(available since version 1.0.6), as it is set to a path in the nix store
during build time.

Tests are disabled as it needs /etc/os-release, which is not available
when building with sandboxing enabled.
2018-08-07 23:25:22 +02:00
Thomas Bach
31e11bdd60 cassandra: rewrote service from scratch
Adds a replacement for the previously broken
`services.database.cassandra` with tests for a multi-node setup.
2018-08-07 14:48:43 +00:00
adisbladis
8f36a3185f
Merge pull request #44544 from bkchr/plasma_activation_script_use_absolute_path
services.plasma5: Make activationscript use absolute path to
2018-08-07 17:56:54 +08:00
Bastian Köcher
60e1e81201 services.plasma5: Make activationscript use absolute path to
`kbuildsyscoca5`
2018-08-06 17:15:53 +02:00
Robin Gloster
cb9d784e49 docker-registry: Revert "[bot]: remove unreferenced code"
This code was referenced.

This reverts commit 87f5930c3f.

cc @volth
2018-08-06 16:31:33 +02:00
Sander van der Burg
9748d7c60b nixos/disnix: undo dysnomia rename to fix disnix and retain compatibility with previous release 2018-08-06 01:25:38 +02:00
Austin Seipp
d5eccebda5 nixos/manual: wordsmithing on fdb chapter
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-08-05 08:42:43 -05:00
Jesper
0254ae4e80 netdata: 1.9.0 -> 1.10.0 (#44472)
The web_access.patch would no longer apply.
It disabled a check that required the static files
for the web UI to be owned by the user the daemon runs as
(not root, so it doesn't work well with nix).

Besides updating netdata, this commit removes that patch,
changes the netdata service config to set the "web files owner/group"
option to "root" and adds a test that checks that the web UI is being served.

This allows the web files to be owned by root without patching.
2018-08-05 00:05:48 +02:00
Austin Seipp
f42f0a1c48 nixos/foundationdb: show an example python script in the documentation
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-08-04 16:56:16 -05:00
Austin Seipp
aa79ae0c64 foundationdb: install python bindings
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-08-04 16:56:16 -05:00
Bas van Dijk
5a43f6ffeb graphite: make systemd create /run directory for us (#44392) 2018-08-04 20:55:59 +02:00
xeji
1258e6dd3a
Merge pull request #43421 from rembo10/lightdm-gtk-greeter
nixos/lightdm-gtk-greeter: svg icon support
2018-08-04 17:55:54 +02:00
Daiderd Jordan
e2a32b747f
Revert "nixos/disnix: fix broken service because of rename"
Broke evaluation of the nixos options.

  The option `services.dysnomia' defined in `.../nixos/modules/rename.nix' does not exist.

This reverts commit 5c897b4eff.
2018-08-04 00:26:34 +02:00
Sander van der Burg
5c897b4eff nixos/disnix: fix broken service because of rename 2018-08-03 22:01:56 +02:00
xeji
c9f3382a39
Merge pull request #43934 from jfrankenau/mpd-smb
mpd: add nfs and smb support
2018-08-03 21:59:30 +02:00
Johannes Frankenau
b9234ea49c nixos/mpd: allow storage plugins in musicDirectory 2018-08-03 21:36:38 +02:00
Okina Matara
36ab89900b nixos/meguca: Various fixes 2018-08-03 10:59:06 -05:00
Okina Matara
d49b5bdfb9 nixos/hydron: Various fixes, create db_conf.json and link to it 2018-08-03 10:43:53 -05:00
Silvan Mosberger
fcb4254276
Merge pull request #43610 from jfrankenau/fix-pulse-module-x11-publish
nixos/display-managers: fix loading of module-x11-publish
2018-08-03 17:00:14 +02:00
Silvan Mosberger
d31f89df44
Merge pull request #44127 from johanot/nixos-cfssl
nixos/cfssl: Add new module for cfssl
2018-08-03 16:39:12 +02:00
Franz Pletz
cb691b987f
Merge pull request #44394 from mayflower/exporter-firewall-fix
nixos/prometheus-exporters: use nixos-fw chain
2018-08-03 13:21:00 +00:00
Jan Tojnar
f735d6a38d
Merge pull request #43992 from jtojnar/upstream-sessions
Upstream sessions
2018-08-03 14:23:17 +02:00
WilliButz
9216da8928
nixos/prometheus-exporters: use nixos-fw chain
Use nixos-fw chain instead of INPUT so that the rules don't keep
stacking everytime the firewall is reloaded.
This also adds a comment to each rule about the associated exporter.
2018-08-03 13:20:53 +02:00
Johannes Frankenau
b7ce7d5b3f nixos/display-managers: fix loading of module-x11-publish
module-x11-publish is only provided by the pulseaudioFull package.
2018-08-03 12:22:28 +02:00
Johan Thomsen
7d7c36f8be nixos/cfssl: init
- based on module originally written by @srhb
- complies with available options in cfssl v1.3.2
- uid and gid 299 reserved in ids.nix
- added simple nixos test case
2018-08-03 09:40:32 +02:00
Silvan Mosberger
150f4fe9c4
Merge pull request #44371 from pvgoran/tomcat-webapps-listOfPaths
nixos/tomcat: allow non-package paths in services.tomcat.webapps
2018-08-02 23:32:33 +02:00
Silvan Mosberger
6b20531d7a
Merge pull request #44365 from pvgoran/tomcat-correct-virtualHosts
nixos/tomcat: correct type specification for virtualHosts
2018-08-02 23:32:09 +02:00
Pavel Goran
7fb40c6503 nixos/tomcat: correct type specification for virtualHosts
The wrong specification was introduced as part of commit 472f16d.

Fixes #44361.
2018-08-02 23:37:09 +07:00
Pavel Goran
b2b5b97468 nixos/tomcat: allow non-package paths in services.tomcat.webapps
Resolves #44370.
2018-08-02 23:26:21 +07:00
Bas van Dijk
0aae3fda06 graphite: 1.0.2 -> 1.1.3 & moved dependencies to python-modules (#44276)
Fixes #30891

* Upgrade `graphite-web`, `carbon` and `whisper` from 1.0.2 -> 1.1.3.

* Replaced the deprecated `pythonPackages.graphite_influxdb` with
  `pythonPackages.influxgraph.`

* Renamed `pythonPackages.graphite_web` to `pythonPackages.graphite-web`
  to be consistent with the Python package name.

* Replaced the unmaintained `pythonPackages.graphite_pager` with
  `pythonPackages.graphitepager`

* Moved all new packages from `python-packages.nix` to
  `pkgs/development/python-modules`
2018-08-02 16:39:57 +02:00
Matthew Bauer
eb1afe452a
Merge pull request #44332 from jerith666/restic-s3-default
restic: add missing default for s3CredentialsFile
2018-08-01 22:56:12 -04:00
Matt McHenry
016922f88b restic: add missing default for s3CredentialsFile 2018-08-01 22:53:14 -04:00
Maximilian Bosch
cd5e01edd9 ocserv: init at 0.12.1 (#42871)
`ocserv` is a VPN server which follows the openconnect protocol
(https://github.com/openconnect/protocol). The packaging is slightly
inspired by the AUR version
(https://aur.archlinux.org/packages/ocserv/).

This patch initializes the package written in C, the man pages and a
module for a simple systemd unit to run the VPN server. The package
supports the following authentication methods for the server:

* `plain` (mostly username/password)
* `pam`

The third method (`radius`) is currently not supported since `nixpkgs`
misses a packaged client.

The module can be used like this:

``` nix
{
  services.ocserv = {
    enable = true;
    config = ''
      ...
    '';
  };
}
```

The option `services.ocserv.config` is required on purpose to
ensure that nobody just enables the service and experiences unexpected
side-effects on the system. For a full reference, please refer to the
man pages, the online docs or the example value.

The docs recommend to simply use `nobody` as user, so no extra user has
been added to the internal user list. Instead a configuration like
this can be used:

```
run-as-user = nobody
run-as-group = nogroup
```

/cc @tenten8401
Fixes #42594
2018-08-01 21:39:09 +02:00
Jan Tojnar
62e665e1ec
nixos/gnome3: warn against sessionPath 2018-08-01 20:36:25 +02:00
Tor Hedin Brønner
9cd6342008
nixos/gnome3: Add back debug 2018-08-01 19:14:33 +02:00
Tor Hedin Brønner
ee34f2537a
nixos/gnome3: Add back sessionPath
Implement through `services.xserver.displayManager.sessionCommands`.
2018-08-01 19:14:33 +02:00
Tor Hedin Brønner
efa27d33cf
nixos/desktopManager: Only trace if the default session isn't found
The default session might be found in `extraSessionFilePackages`, but it's not
viable to detect at evaluation time, so emit a warning.

In LightDM instead of checking `defaultSessionName` against
`displayManager.session.names` we rely on the assertions in
`desktopManager` and `windowMananger` and just check that there's at least one
default set. The second assertion could never actually be triggered.
2018-08-01 19:14:32 +02:00
Tor Hedin Brønner
9fad9fb869
nixos/displayManager: Create a common environment wrapper for all dms
This makes it easier to support a wider variety of .desktop session files. In
particular this makes it possible to use both the «legacy» sessions and upstream
session files.

We separate `xsession` into two parts, `xsessionWrapper` and `xsession`.
`xsessionWrapper` sets up the correct environment and then lauches the session's
Exec command (from the .desktop file), falling back to launching the default
window/desktopManager through the `xsession` script (required by at least some
nixos tests).

`xsession` then _only_ handles launching desktop-managers/window-managers defined
through `services.xserver.desktopManager.session`.
2018-08-01 19:14:32 +02:00
Jan Tojnar
e6056c72d1
nixos/gnome3: use upstream session file
Pass gnome-session to extraSessionFilePackages, remove unnecessary environment variables, move the rest out of old session option, and then drop the option.
2018-08-01 19:14:31 +02:00
Jan Tojnar
eb65e5ce56
nixos/gnome3: remove session path
Global environment variables are not very Nix-y.
2018-08-01 19:14:31 +02:00
Jan Tojnar
f63d94eba3
gnome3.gpaste: hard-code paths
GPaste GNOME Shell extension uses GPaste library generated via introspection. Previously, we added the gpaste package to services.xserver.desktopManager.gnome3.sessionPath option, which
added its typelib directory to GI_TYPELIB_PATH environment variable globally, in order for GNOME Shell to be able to find it. This is not very Nix-y, though, so we have decided to patch the code to
append the path to the GI repository search path.

Additionally, the code relies on GPaste’s GSettings schemas, so we had to hard-code the paths to them as well. We ignored the GNOME Shell’s schemas, since they will already be available for the
extension inside GNOME Shell program.
2018-08-01 19:14:30 +02:00
Jan Tojnar
0e1c01451f
nixos/gnome3: rely on xdg autostart for xdg-user-dirs 2018-08-01 19:14:30 +02:00
Jan Tojnar
cc6d77c83f
gnome3.gdm: add upstream xsession 2018-08-01 19:14:30 +02:00
Jan Tojnar
83fc9a9825
nixos/display-manager.default: add extraSessionFilePackages option 2018-08-01 19:14:30 +02:00
Jan Tojnar
a8c6489fd4
nixos/services.xserver.displayManager: move X sessions to a subdirectory
Previously, the mkDesktops function produced a flat package containing
session files in the top level. As a preparation for introduction of
Wayland sessions, the files will now be placed to $out/share/xsessions.
2018-08-01 19:14:29 +02:00
Andreas Rammhold
17ee0a8662
Merge pull request #44190 from andir/nixos/default-enable-sandboxing
nixos/nix-daemon: default `nix.useSandbox` to `true`.
2018-08-01 19:10:45 +02:00