Leon Schuermann
c61a9dfd2e
sshd: provide option to disable firewall altering
2018-01-18 22:55:28 +08:00
Rob Vermaas
38538f3206
Merge pull request #33423 from AmineChikhaoui/gce-ssh-keys
...
Fix ssh keys retrieval in GCE instances
2018-01-18 13:06:00 +01:00
Leon Schuermann
f297ddb5c9
sudo: define extra rules in Nix language ( #33905 )
2018-01-17 14:56:08 +00:00
Francesco Gazzetta
356eeb0d4f
nixos/mighttpd2: init
2018-01-16 21:04:09 +00:00
Robin Gloster
9bceb2b353
oh-my-zsh module: reword & fix manual build
...
docbook interpreted this as a tag and this sounded as if the option
defaulted to putting the cached directory into the nix store.
cc @Ma27 @fpletz
2018-01-16 21:02:54 +01:00
Maximilian Bosch
b55d4c0564
programs.zsh.ohMyZsh: add cacheDir
option ( #33150 )
...
The default cache directory set by oh-my-zsh is $ohMyZsh/cache which
lives in the Nix store in our case. This causes issues with several
completion plugins provided by oh-my-zsh.
2018-01-16 17:29:46 +00:00
Jörg Thalheim
822c949833
Merge pull request #33915 from lheckemann/remove-amd-hybrid-graphics
...
amd-hybrid-graphics module: remove
2018-01-16 15:57:37 +00:00
Leon Schuermann
22e83d2667
openvpn: add warning about world-readable credentials
2018-01-16 11:40:16 +07:00
Linus Heckemann
730f8530a8
amd-hybrid-graphics module: remove
...
This was only applicable to very specific hardware, and the only person
with an apparent interest in maintaining it (me) no longer uses the
hardware in question.
2018-01-15 23:17:12 +00:00
Leon Schuermann
e45a06ebd1
openvpn: add option to store credentials
2018-01-15 14:34:58 +07:00
Joachim F
b6c696cc6f
Merge pull request #33444 from rnhmjoj/dnscrypt-wrapper
...
nixos/dnscrypt-wrapper: fix rotate script failing to restart the service
2018-01-14 11:33:02 +00:00
Sarah Brofeldt
ee4e6ebbfa
Merge pull request #32822 from LumiGuide/elk6
...
ELK: 5.6.1 -> 5.6.5 & add ELK 6.1.0
2018-01-14 10:40:50 +01:00
Joachim F
ed250d8093
Merge pull request #27131 from richardlarocque/mosquitto_pw
...
mosquitto: Explicitly configure password file
2018-01-13 12:02:45 +00:00
Eelco Dolstra
dddcd10ecc
Don't set 'config.xorg = {}'
...
This makes memoization of Nixpkgs evaluation less effective, since
some Nixpkgs invocations may have 'config = {}' while others may have
'config = { xorg = {}; }'.
Instead set 'config = {}'.
2018-01-11 19:31:05 +01:00
zimbatm
1276a3b12a
nixos/acme: configurable TOS hash ( #33522 )
...
This hash tends to change and upstream simp_le doesn't seem to keep up
with the changes.
2018-01-11 14:19:15 +00:00
Jörg Thalheim
788c5195f3
Revert "nixos/udev: fix outdated udev rules for network devices"
...
This reverts commit 45c5a915980fbe1fa6f0ff80ab2d11b60b844d9e.
This breaks PredictableNetworkInterfaceNames on systems without networkd.
We should only include this file from systemd, when networkd is enabled.
2018-01-11 11:21:16 +00:00
Eelco Dolstra
6bbd67d45a
EC2 AMIs: 17.09.2356.cb751f9b1c3 -> 17.09.2681.59661f21be6
2018-01-10 13:16:49 +01:00
Joachim F
a6912f589e
Merge pull request #33629 from rnhmjoj/dnscrypt-proxy
...
Restore dnscrypt-proxy
2018-01-09 21:34:14 +00:00
John Ericson
eec050f395
Merge pull request #33577 from dtzWill/fix/cross-2
...
Minor cross fixes, 2
2018-01-09 12:36:53 -05:00
Vladimír Čunát
d6bf8eb71b
Merge #33614 : nixos/kresd improvements
...
The PR was extended with other fixes. All tested by me atop 17.09.
2018-01-09 17:26:31 +01:00
Ben Gamari
b2cbffae64
nixos/security-wrapper: Fix cross-compilation
2018-01-09 11:25:19 -05:00
Vladimír Čunát
4bc4c08838
nixos/kresd: service nitpicks
2018-01-09 17:25:18 +01:00
Vladimír Čunát
3ab85ed1ac
nixos/kresd: use DNSSEC root trust anchor from nixpkgs
...
in read-only way. If the cache directory is empty and you use the
very same service for system's DNS, kresd is unable to bootstrap root
trust anchors, as it would need a DNS lookup.
Also, if we don't rely on bootstrap, the extra lua deps of kresd could
be dropped by default, but let's not do that now, as the difference in
closure size is only ~4 MB, and there may be other use cases than
running the package as nixos service this way.
2018-01-09 17:24:49 +01:00
Vladimír Čunát
f312e6d993
nixos/kresd: use systemd.tmpfiles
...
Since 4e4161c212
it works on nixos-rebuild.
2018-01-09 17:11:36 +01:00
José Romildo Malaquias
8b416450ea
mate: let caja find extensions and gsettings schemas
2018-01-09 02:40:04 +02:00
José Romildo Malaquias
598c6c13f0
mate-panel: let mate-panel find applets in config system path
2018-01-09 02:40:04 +02:00
José Romildo Malaquias
ca27392d9c
mate-control-center: add gsettings schemas path to XDG vars
...
mate-control-center depends on mate-settings-daemon, but the later needs
gsettings schemas provided by the former. To fix this the gsettings schema
path from mate-control-center is added to XDG_DATA_DIRS at session
startup.
2018-01-09 02:40:04 +02:00
José Romildo Malaquias
1bacb88c6a
mate-session-manager: add debug option to mate service
2018-01-09 02:40:04 +02:00
Andreas Rammhold
637d5dd00c
tomcat9: 9.0.0.M17 -> 9.0.2
...
also renamed from tomcatUnstable to tomcat9
2018-01-09 01:31:06 +01:00
rnhmjoj
94d28f3672
nixos/dnscrypt-proxy: use new dyne.org repository
2018-01-09 00:33:19 +01:00
Jörg Thalheim
71cce26342
nixos/udev: fix outdated udev rules for network devices
...
Udev changed its internal naming, so this rule file no longer applied correctly.
Therefore some properties such as network driver no longer matched in
systemd-networkd.
After updating we have more properties in systemd-networkd:
$ sudo networkctl status wlp3s0
...
Driver: iwlwifi
...
To prevent this in future, the file is no copied from systemd directly
2018-01-08 16:59:33 +01:00
Andrey Golovizin
f19d959ef1
nixos/kresd: fix systemd dependency cycle
...
The unnecessary dependency of sockets.target on kresd.service causes a
dependency cycle preventing kresd.service from starting at boot:
sockets.target -> kresd.service -> basic.target -> sockets.target
2018-01-08 15:52:26 +01:00
Yegor Timoshenko
85b84527f6
mopidy: fix, resolves #32234
2018-01-08 14:32:36 +00:00
rnhmjoj
4ebb9621f4
Revert "nixos/dnscrypt-proxy: remove"
...
This reverts commit 5dc2853981
.
The project has a new maintainer.
2018-01-08 15:09:33 +01:00
Johannes Bornhold
a88b4d4db1
nixos/matrix-synapse: Add module parameter extraConfigFiles ( #33276 )
...
This allows to configure additional configuration files for Synapse. This way
secrets can be kept in a secure place on the file system without a need to go
through the Nix store.
2018-01-07 20:13:48 +00:00
Joachim Fasting
5dc2853981
nixos/dnscrypt-proxy: remove
...
The upstream project ceased.
See https://github.com/NixOS/nixpkgs/issues/33540
2018-01-07 17:00:32 +01:00
Robin Gloster
e606bb252b
gitlab module: config changes for gitlab 10.3
2018-01-07 05:02:56 +01:00
Robin Gloster
69c396f273
gitlab module: gitaly fixes
2018-01-07 05:02:35 +01:00
Graham Christensen
013580caf0
Merge pull request #30518 from Infinisil/usbmuxd-service
...
usbmuxd service: init
2018-01-06 15:53:42 -05:00
Jaakko Luttinen
eeaa82bde1
nixos/availableKernelModules: add logitech hid
...
This adds support for Logitech (wireless) USB keyboards at boot
2018-01-06 17:11:30 +00:00
Léo Gaspard
7b878a443a
nixos/clamav: replace mkIf [] with optional
2018-01-06 16:52:14 +01:00
Léo Gaspard
cb506e6e2e
nixos/clamsmtp: init
2018-01-06 16:08:54 +01:00
zimbatm
eddf30cc93
nixos: introduce boot.growPartition ( #33521 )
...
Move it from being a profile
2018-01-06 13:52:51 +00:00
Orivej Desh
b249907d04
Merge pull request #33197 from bgamari/gitlab-jws-fix
...
gitlab: Rename jws_private_key to openid_connect_signing_key
2018-01-06 03:08:57 +00:00
José Romildo Malaquias
d0eb40b311
lightdm-gtk-greater: add configuration options for clock format and indicators
2018-01-06 02:20:53 +00:00
zimbatm
80f13dc31d
fixup! buildkite-agent: change hooksPath type to 'path' (and prevent it from hitting the store)
2018-01-05 22:55:20 +00:00
Robin Gloster
cfed96ca51
nixos/service.tt-rss: improve pgsql support, do not use static uid/gid
2018-01-05 14:47:54 +01:00
Jaakko Luttinen
c26ff43905
nixos/service.tt-rss: improve mysql automatic setup
...
If the user chooses MySQL, it is enabled by default. Also, the used database is
created automatically along with the user and permissions.
2018-01-05 14:47:54 +01:00
Jaakko Luttinen
68855595ce
nixos/service.tt-rss: enable nginx automatically
2018-01-05 14:47:54 +01:00
Jaakko Luttinen
13eaae1610
nixos/service.tt-rss: use tt_rss user
...
- Add tt_rss system user.
- Use tt_rss as the user by default.
- Create tt_rss user and group automatically if used.
2018-01-05 14:47:54 +01:00