Commit graph

2495 commits

Author SHA1 Message Date
Rickard Nilsson
bdbdaee3c0 scollector module: Add extraOpts option 2015-03-18 21:16:31 +01:00
Christoph Hrdinka
6db8155e37 nsd: Update from 4.1.0 -> 4.1.1 2015-03-18 21:01:35 +01:00
Luca Bruno
b94b08488f nixos/pulseaudio: don't put 32bit libs in systemPackages
Fixes the useless collisions in the system path.
The 64bit and 32bit variants have the same files, hence
it's pointless to put the 32bit pulseaudio in systemPackages.
2015-03-18 14:10:02 +00:00
Luca Bruno
cb45b7ec3e Revert "nixos: Multiple service instances, apply to nginx. See #6784"
This reverts commit 7ef59c4fe2.

Wrong push! Sorry!
2015-03-18 14:09:24 +00:00
Luca Bruno
7ef59c4fe2 nixos: Multiple service instances, apply to nginx. See #6784 2015-03-18 14:07:29 +00:00
Jaka Hudoklin
2482b75eae kubernetes: update to 0.12.1, fix module 2015-03-18 14:37:03 +01:00
Jaka Hudoklin
079520ced5 panamax: update, fix module 2015-03-18 14:35:24 +01:00
Jaka Hudoklin
536694bcd4 nixos/cadvisor: fixes
- run as non root user, because of docker
- run docker by default
2015-03-18 14:31:08 +01:00
Joachim Fasting
532337d673 Cleanup AppArmor module
Remove excessive whitespace & comment sections
2015-03-18 12:07:43 +01:00
Eelco Dolstra
224d0d5302 Set stricter permissions on /nix/store
The nixbld group doesn't need read permission, it only needs write and
execute permission.

(cherry picked from commit 066758758e7c0768ff8da51d208cdae0f33b368c)
2015-03-18 10:58:08 +01:00
lethalman
cdbeb7143c Merge pull request #6832 from k0ral/icecast
Added icecast module
2015-03-17 16:43:02 +01:00
koral
54857abfc9 Added icecast module. 2015-03-17 14:21:57 +00:00
lethalman
c91ccb4b9c Merge pull request #6842 from philandstuff/hash-owncloud-admin-password
owncloud: don't store plaintext adminPassword in nix store
2015-03-17 12:59:58 +01:00
lethalman
70b059fb59 Merge pull request #5936 from j-keck/nixos-container-usage
nixos-container: add missing 'nixos-container update' in usage
2015-03-17 12:43:29 +01:00
lethalman
359bc60ec8 Merge pull request #6448 from eduarrrd/ddclient
ddclient module: fix module
2015-03-17 12:38:12 +01:00
Philip Potter
7ad6dac43b owncloud: don't store plaintext adminPassword in nix store
Rather than using openssl to hash the password at build time, and hence
leaving the plaintext password world-readable in the nix store, we can
instead hash the password in the nix expression itself using
builtins.hashString.
2015-03-16 22:42:22 +00:00
Peter Simons
56bb114905 Merge pull request #6722 from joachifm/fix-id-mismatches
Fix id mismatches
2015-03-16 18:46:38 +01:00
Joachim Fasting
3518b761ba TCSD: use tss user/group instead of nginx
For some reason TCSD is configured to use the nginx uid/gid.
Use the newly created tss uid/gid instead.
2015-03-16 09:58:16 +01:00
Joachim Fasting
e9cd877921 nixos: resolve uid/gid conflicts
This patch resolves all uid/gid conflicts except for nobody/nogroup (seems
to make sense that these are the same).
All conflicts where determined mechanically, but resolutions were manual.
This patch also marks uids/gids with no corresponding group/user as "unused"
(aka. reserved).

Briefly,

- tss group conflicts with dhcpcd
  The tss group id conflicts with dhcpcd: assign
  a new number and add a corresponding tss user.
- elasticsearch uid conflicts with haproxy gid
- resolve firebird/munin conflict
- fix fourstorehttp{,d} typo
- fix ghostOne typo: the service module refers to gids.ghostone, so use that
  in ids
- memcached uid conflicts with users gid
- nagios uid conflicts with disks gid
- nscd uid conflicts with wheel gid
- ntp uid conflicts with tty gid
- resolve postfix/postdrop id uid
- redis uid conflicts with keys gid
- sshd uid conflicts with kmem gid
- tcryptd uid conflicts with openldap gid
- unifi uid conflicts with docker gid
- uptimed uid conflicts with utmp gid
- zope2 uid conflicts with connman gid
- tomcat uid/gid mismatch
2015-03-16 09:58:13 +01:00
Austin Seipp
ef95600372 Merge pull request #6771 from joachifm/apparmor-2.9
Apparmor 2.9
2015-03-15 14:16:24 -05:00
Nicolas B. Pierron
05e8a48fb4 Document and rename internal option of modules. 2015-03-15 14:45:42 +01:00
Ricardo M. Correia
7c8247a8c5 grsecurity: Update stable and test patches
stable: 3.1-3.14.35-201503071140 -> 3.1-3.14.35-201503092203
test:   3.1-3.18.9-201503071142  -> 3.1-3.19.1-201503122205
2015-03-15 03:49:58 +01:00
William A. Kennington III
c200c1e0a1 Merge pull request #6813 from globin/fix/elantech-trackpoint-scrolling
Add Elanthec PS/2 Trackpoint (Thinkpad L430)
2015-03-14 17:01:13 -07:00
Robin Gloster
a8a350e679 Add Elanthec PS/2 Trackpoint (Thinkpad L430) 2015-03-15 00:09:04 +01:00
koral
9c4cbaa553 Fix mpd configuration (enclosing quotes needed). 2015-03-14 12:15:34 +00:00
Joachim Schiele
d74ea7d34f zef hemels' wordpress.nix adapted to extraSubservices 2015-03-13 14:19:48 +01:00
lethalman
f72d1abb79 Merge pull request #5846 from arno01/nginx
nginx service improvements
2015-03-13 11:41:27 +01:00
Nicolas B. Pierron
9f2865515d Fix infinite loop in fontconfig-ultimate.nix
With the new evaluation of arguments, pkgs is now defined by the
configuration, which implies that option declaration with pkgs.lib
will cause an infinite loop.
2015-03-12 23:42:58 +01:00
Shea Levy
3177d37652 Fix import using module args 2015-03-12 23:42:57 +01:00
Shea Levy
f69ce50529 Move most extra args out of eval-config.nix 2015-03-12 23:42:57 +01:00
Shea Levy
e3eff53037 evalModules: Add internal option for the check argument 2015-03-12 23:42:57 +01:00
Shea Levy
e4a06f35b1 nixos: Don't evaluate twice to get the value of config.nixpkgs 2015-03-12 23:42:57 +01:00
Shea Levy
1d62ad4746 modules.nix: Generate the extra argument set from the configuration
This allows for module arguments to be handled modularly, in particular
allowing the nixpkgs module to handle the nixpkgs import internally.
This creates the __internal option namespace, which should only be added
to by the module system itself.
2015-03-12 23:42:57 +01:00
Vladimír Čunát
208d1f24db xfce: more update fallout
- forgotten mousepad update, including some wrapping magic
- dealing with panel plugins (either fix or mark as broken)
	CC maintainer @AndersonTorres.
- remove some libxfcegui4 occurrences, as it's being phased out
- minor stuff
2015-03-12 23:02:15 +01:00
lethalman
14ed261fc7 Merge pull request #6765 from gebner/ibus-plugins
Add ibus-qt and ibus-anthy.
2015-03-12 14:35:23 +01:00
Joachim Fasting
7a9a24a95e Update AppArmor service module
- Use AppArmor 2.9
- Enable PAM support
2015-03-12 11:49:05 +01:00
Kirill Elagin
356810b178 cupsd: rename cupsd.service to cups.service 2015-03-12 09:00:56 +03:00
Gabriel Ebner
d23ed364b5 Add ibus-qt. 2015-03-11 21:54:04 +01:00
Gabriel Ebner
59da79c733 ibus: Enable XIM support.
This allows firefox to use ibus.
2015-03-11 21:54:04 +01:00
Gabriel Ebner
f222abea44 Add programs.ibus config option to enable ibus and plugins. 2015-03-11 21:53:34 +01:00
Thomas Tuegel
61cf7e1265 Merge branch 'kde5' 2015-03-11 11:49:45 -05:00
Thomas Tuegel
f370af91ad kde5: use ksshaskpass for SSH_ASKPASS 2015-03-11 11:49:29 -05:00
Thomas Tuegel
4b10907152 ssh: make askPassword an option
By making askPassword an option, desktop environment modules can
override the default x11_ssh_askpassword with their own equivalent for
better integration. For example, KDE 5 uses plasma5.ksshaskpass instead.
2015-03-11 11:49:29 -05:00
Thomas Tuegel
5b5b7aa951 kde5: add kde-workspace and kde-runtime to systemPackages 2015-03-11 11:49:28 -05:00
Luca Bruno
fe6b0b15e6 nixos-install: support -j, --cores and --option. Closes #6755 2015-03-11 16:47:44 +00:00
lethalman
fe79bf34a5 Merge pull request #6512 from bjornfor/nixos-haproxy-cleanup
nixos/haproxy: remove broken default 'config'
2015-03-11 16:29:06 +01:00
lethalman
c8ac069772 Merge pull request #6724 from anderspapitto/local
Add x11 service for unclutter
2015-03-11 15:32:40 +01:00
Arseniy Seroka
ef37154c82 Merge pull request #6739 from joachifm/refactor-tarsnap-service
nixos: refactor tarsnap backup service module
2015-03-11 11:22:32 +03:00
Arseniy Seroka
1c58c3a772 Merge pull request #6345 from puffnfresh/feature/mtrack-options
Add more options to multitouch (mtrack) module
2015-03-11 11:10:51 +03:00
William A. Kennington III
26020cfe8a nixos/lightdm: Add a background option 2015-03-10 15:57:46 -07:00
William A. Kennington III
e519414e1f nixos/lightdm: Fix data directory 2015-03-10 14:55:54 -07:00
William A. Kennington III
3a67a51689 nixos/lightdm: Small cleanup 2015-03-10 14:35:49 -07:00
William A. Kennington III
ffed8a85bc nixos/sddm: Hide users which don't have login shells 2015-03-10 14:32:53 -07:00
William A. Kennington III
5893d2ecd3 nixos/lightdm: More Cleanups 2015-03-10 14:23:43 -07:00
William A. Kennington III
7b6e2e1c68 lightdm: Fix rendering 2015-03-10 14:03:18 -07:00
lethalman
27f3f254d3 Merge pull request #6540 from k0ral/transmission
Simplify (and fix) settings for transmission module
2015-03-10 13:26:03 +01:00
lethalman
70527b87a1 Merge pull request #6440 from k0ral/fcgiwrap
Updated fcgiwrap's systemd unit to match upstream version.
2015-03-10 13:18:46 +01:00
Joachim Fasting
1bdd12ed69 nixos: refactor tarsnap backup service module
Major changes
- Port to systemd timers: for each archive configuration is created a
  tarsnap@archive-name.timer which triggers the instanced service unit
- Rename the `config` option to `archives`

Minor/superficial improvements
- Restrict tarsnap service capabilities
- Use dirOf builtin
- Set executable bit for owner of tarsnap cache directory
- Set IOSchedulingClass to idle
- Humanize numbers when printing stats
- Rewrite most option descriptions
- Simplify assertion
2015-03-10 12:35:58 +01:00
William A. Kennington III
4940e643cc nixos/display-manager: Support configurable hidden users 2015-03-09 18:10:31 -07:00
William A. Kennington III
66bfdf6eb0 nixos/lightdm: We now use a global lightdm.conf 2015-03-09 17:59:21 -07:00
Eelco Dolstra
475df1a350 switch-to-configuration: Don't print already active target units
Since we restart all active target units (of which there are many),
it's hard to see the units that actually matter. So don't print that
we're starting target units that are already active.
2015-03-09 16:51:06 +01:00
Eelco Dolstra
a574065a81 nixos-rebuild: Add ‘dry-activate’ command
‘nixos-rebuild dry-activate’ builds the new configuration and then
prints what systemd services would be stopped, restarted etc. if the
configuration were actually activated. This could be extended later to
show other activation actions (like uids being deleted).

To prevent confusion, ‘nixos-rebuild dry-run’ has been renamed to
‘nixos-rebuild dry-build’.
2015-03-09 16:50:59 +01:00
Eelco Dolstra
8cb3e3b864 httpd: Disable insecure protocols/ciphers by default
This makes us resistant to FREAK and similar attacks.
2015-03-09 14:18:12 +01:00
Eelco Dolstra
d31202fba2 sshd: Enable seccomp sandboxing 2015-03-09 11:27:19 +01:00
lethalman
9867f4bdef Merge pull request #6720 from nslqqq/nmhooks
New NetworkManager Dispatcher scripts options
2015-03-09 10:36:10 +01:00
Anders Papitto
887a547ac9 Add x11 service for unclutter
modeled after the redshift service
2015-03-08 20:12:18 -07:00
William A. Kennington III
5b059416b8 Merge pull request #6699 from hakuch/fix_samba
Samba: Fixed "syncPasswordsByPam".
2015-03-08 16:09:29 -07:00
obadz
e5d4624420 PAM/eCryptfs now able to mount ecryptfs'd home directories on login 2015-03-08 16:03:51 -07:00
Nikita Mikhailov
579159c72b Add dispatcher configuration options to NetworkManager module 2015-03-08 20:24:53 +01:00
Unai Zalakain
581a90bad8 Optional user and group to run the MPD 2015-03-08 10:18:40 +00:00
Jesse Haber-Kucharsky
5a1950d985 Samba: Fixed "syncPasswordsByPam". 2015-03-07 17:56:46 +00:00
Nikolay Amiantov
b802018482 stage-1: fix hibernation (close #6675)
Fixes #6617.
2015-03-07 13:00:08 +01:00
Arseniy Seroka
30e6f1b4ea slurm: impl basic configuration 2015-03-07 00:26:57 +03:00
Arseniy Seroka
0b1cc3cd51 slurm: impl simple service 2015-03-07 00:26:57 +03:00
Arseniy Seroka
69e59e9962 munge: add service 2015-03-07 00:26:52 +03:00
Eelco Dolstra
3b9b620656 Revert "linux: disable UEVENT_HELPER*"
This reverts commit 9f87f3ccb0 because
it causes /proc/sys/kernel/hotplug to not be cleared on Linux <= 3.14.
2015-03-06 15:59:06 +01:00
Nikolay Amiantov
4fde098eec Merge pull request #6677 from abbradar/sddm
Add SDDM display manager
2015-03-05 21:03:43 +03:00
Nikolay Amiantov
4f317767da lightdm: don't leave a shell running 2015-03-05 20:49:45 +03:00
Nikolay Amiantov
264c6892f2 nixos/uim: capitalize description 2015-03-05 20:49:45 +03:00
Nikolay Amiantov
db5b08cfaf nixos/sddm: add display manager 2015-03-05 20:49:26 +03:00
Eelco Dolstra
9bb586943a Deal with virtualisation.xen.stored in a more standard way 2015-03-05 12:46:50 +01:00
Luca Bruno
b93e8bab3a nixos/xen: do not use derivation in the default values
The xen package is broken on i686, so this would break the generation
of the nixos manual.
2015-03-04 12:05:58 +01:00
Eelco Dolstra
1002fb6433 Add "input" group
This is required by systemd >= 215.
2015-03-03 20:27:09 +01:00
Eelco Dolstra
8546ec7c74 Fix some uid/gid clashes 2015-03-03 20:26:36 +01:00
Eelco Dolstra
a4e0278fcd Create /dev/nvidia-uvm for CUDA support 2015-03-03 20:24:14 +01:00
Arseniy Seroka
7ce77b5752 slurm: add pkg 2015-03-02 22:10:58 +03:00
lethalman
c97d7819ab Merge pull request #6624 from joachifm/grsec-lock
nixos: grsec-lock service fixes
2015-03-02 18:49:39 +01:00
Joachim Fasting
18320d3b21 nixos: fix grsec-lock requires 2015-03-02 18:39:04 +01:00
Joachim Fasting
ccd6f5a313 nixos: make the grsec-lock unit depend on the path it writes to
The grsec-lock unit fails unless /proc/sys/kernel/grsecurity/grsec_lock
exists and so prevents switching into a new configuration after enabling
grsecurity.sysctl.
2015-03-02 18:39:01 +01:00
lethalman
373c4ce0ec Merge pull request #6605 from AndersonTorres/afterstep
Adding Afterstep to nixos window manager modules
2015-03-02 18:00:28 +01:00
Tobias Geerinckx-Rice
9f87f3ccb0 linux: disable UEVENT_HELPER*
Deprecated since 2006: http://lwn.net/Articles/166954/
2015-03-01 03:31:59 +01:00
Eelco Dolstra
307064ceb5 Don't use machinectl to shut down containers
If the host is shutting down, machinectl may fail because it's
bus-activated and D-Bus will be shutting down. So just send a signal
to the leader process directly.

Fixes #6212.
2015-02-28 19:23:00 +01:00
AndersonTorres
929485b645 Adding Afterstep to nixos modules 2015-02-28 11:14:33 -03:00
AndersonTorres
5472af91f2 Fluxbox: update to 1.3.7 2015-02-28 11:04:20 -03:00
Jaka Hudoklin
6dc0938a3e Merge pull request #6591 from lseppala/master
Fix rebooting containers where resolv.conf is a symlink
2015-02-28 12:19:01 +01:00
Joachim Fasting
0473b4ae8d nixos: citerefentry markup in lxc option descriptions 2015-02-28 09:21:48 +01:00
Joachim Fasting
d375550ead nixos: add a few missing type specifiers under boot.* 2015-02-28 09:19:23 +01:00
Lane Seppala
4106a3b74e Fix rebooting containers where resolv.conf is a symlink 2015-02-27 10:27:18 -07:00
Eelco Dolstra
22d2fc3657 Fix "systemctl reload container@"
Fixes #5179.
2015-02-27 14:32:54 +01:00
Rob Vermaas
24e0565407 Only start fetch-keys for GCE image after ip-up. 2015-02-27 10:48:15 +00:00
koral
c1cefa1a58 Simplify (and fix) settings for transmission module. 2015-02-26 22:21:27 +00:00
Rob Vermaas
e4928b8955 GCE image: Pass header to metadata service calls. 2015-02-26 19:20:43 +00:00
Sander van der Burg
7b27af61fb Add NixOS global binaries to the PATH 2015-02-26 17:29:49 +00:00
Eelco Dolstra
6177710ac7 Merge pull request #6046 from ts468/xen
Update: Xen 4.5 + NixOS Xen modules
2015-02-26 10:15:05 +01:00
lethalman
b6672f232a Merge pull request #6283 from mdorman/master
Fix initial-install issues with couchdb.nix.
2015-02-26 10:11:18 +01:00
lethalman
d791335ac2 Merge pull request #6518 from ehmry/u9fs
U9fs
2015-02-26 09:41:18 +01:00
William A. Kennington III
9ce0c1cb71 nixos/consul: Fix timeout bugs and json formatting 2015-02-25 15:42:43 -08:00
Thomas Strobel
3d4fbb874c Update: add new Xen versions + update NixOS Xen modules
Versions of XEN:
- Xen 4.5
- Xen 4.5 + XenServer patches
- Xen 4.4.1
2015-02-25 23:30:44 +01:00
William A. Kennington III
f27fa79aa9 nixos/dnsmasq: Fix service name typo 2015-02-25 09:22:16 -08:00
Eelco Dolstra
36d0f367de ssh-agent: Fix asking for confirmation via $SSH_ASKPASS
This was lost back in
ffedee6ed5. Getting this to work is
slightly tricky because ssh-agent runs as a user unit, and so doesn't
know the user's $DISPLAY.
2015-02-25 14:31:17 +01:00
Eelco Dolstra
93902ea108 nsswitch.conf: Omit ldap unless ldap is enabled
This prevents programs from trying to find nss_ldap.
2015-02-25 14:31:13 +01:00
William A. Kennington III
e453f99446 nixos/networkd: Add an assertion for unsupported rstp 2015-02-24 13:09:34 -08:00
Lluís Batlle i Rossell
b26e939111 fix pam (OATH related)
the pam config was wrong.

Issue #6551
2015-02-24 17:52:41 +01:00
Eelco Dolstra
16cf3ee9da Ensure that the home directory exists even if the user already exists 2015-02-24 11:57:38 +01:00
Eduard Bachmakov
4bf66ba89c ddclient module: fix module
* rewrite to systemd.services
* disable forking to give systemd better control
* verifiably run as ddclient user
* expose ssl option
* unset default value for dyndns server
* rename option "web" to "use" to be consistent with ddclient docs
* add descriptions
* add types to options
* clean up formatting
2015-02-23 22:37:20 -05:00
Jaka Hudoklin
1cddb5be20 mongodb: remove lock file on restart 2015-02-23 20:40:13 +01:00
Eelco Dolstra
b70bd0879b sshd: Generate a ed25519 host key 2015-02-23 17:00:07 +01:00
Emery Hemingway
446580f3cd nixos: u9fs service module 2015-02-22 12:16:58 -05:00
Bjørn Forsman
d5017499a2 nixos/redis: capitalize service description 2015-02-22 16:54:14 +01:00
Bjørn Forsman
25a6745310 nixos/fail2ban: capitalize service description 2015-02-22 16:54:14 +01:00
Lluís Batlle i Rossell
4e99901961 nixos: Adding OATH in pam.
(cherry picked from commit cb3cba54a1b87c376d0801238cb827eadb18e39e)

Conflicts:
	nixos/modules/security/pam.nix
2015-02-22 15:25:38 +01:00
Bjørn Forsman
ffb4797dd3 nixos/haproxy: remove broken default 'config'
HAProxy fails to start with the default 'config'. Better disable it and
assert that the user provides a suitable 'config'. (AFAICS, there cannot
really be a default config file for HAProxy.)
2015-02-22 12:30:14 +01:00
Bjørn Forsman
419a4166a7 nixos/haproxy: small cleanup
* Add option types
* Rewrite option descriptions
* /var/run/haproxy.pid => /run/haproxy.pid (canonical location)
2015-02-22 12:29:34 +01:00
aszlig
030895f075
nixos/dhcpcd: Only run resume commands if enabled.
The networkd implementation sets systemd.services.dhcpcd.enable to
false in nixos/modules/tasks/network-interfaces-systemd.nix. So we need
to respect that in the dhcpcd module.

If we don't, the resumeCommand is set nevertheless, which causes the
post-resume.service to fail after resuming:

Failed to reload dhcpcd.service: Unit dhcpcd.service is masked.
post-resume.service: main process exited, code=exited, status=1/FAILURE
Failed to start Post-Resume Actions.
Dependency failed for Post-Resume Actions.
Unit post-resume.service entered failed state.
post-resume.service failed.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-02-22 08:09:04 +01:00
Thomas Tuegel
d15d0bebc3 kde5: remove file collisions 2015-02-21 20:58:43 -06:00
Thomas Tuegel
68f2db74ff kde5: always use plasma-nm 2015-02-21 13:59:28 -06:00
Thomas Tuegel
7eb8a9b41f kde5: install media-player-info udev rules for solid 2015-02-21 11:39:21 -06:00
Thomas Tuegel
532650e4bb kde5: change notice about default Phonon backend 2015-02-21 11:39:21 -06:00
Thomas Tuegel
e5de75bf2a kde5: install kde-frameworks version used by plasma 2015-02-21 11:39:21 -06:00
Thomas Tuegel
b050babd3e kde5: fix Phonon GStreamer backend 2015-02-21 11:39:20 -06:00
Thomas Tuegel
a79936561b environment: use Qt 5 Qml import paths 2015-02-21 11:39:20 -06:00
Vladimír Čunát
a3a467ce77 nixos/nvidia: use correct 32-bit legacy libs; refactor
Fixes #6127.
Now we avoid multiple switches among the version possibilities.
2015-02-21 16:34:24 +01:00
Bjørn Forsman
97875ac175 bridge-utils: align attrname with pkgname 2015-02-20 22:30:51 +01:00
Thomas Strobel
c62e42e9c5 Enhance stage-1/2 scripts for better dealing with squashfs 2015-02-20 17:42:22 +01:00
Peter Simons
263a49be20 Merge pull request #5704 from eduarrrd/nixos-version
Add option to display git revision to nixos-version
2015-02-20 16:35:56 +01:00
Shea Levy
2fe3a3c203 Merge branch 'grub' of git://github.com/ts468/nixpkgs
Fix grubTarget on nodev installs
2015-02-20 07:47:06 -05:00
tv
86cb16965a exim: add version 4.85 incl. nixos module 2015-02-20 10:49:15 +01:00
Shea Levy
3e44f99055 Fix grub 1 install 2015-02-19 19:33:17 -05:00
Eelco Dolstra
5762f8f95c Add options to support signed binary caches
Typical use:

    nix.requireSignedBinaryCaches = true;
    nix.binaryCachePublicKeys = [ "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" ];

(The public key of cache.nixos.org is included by default.)

Note that this requires Nix 1.9 and that most of cache.nixos.org
hasn't been signed yet.
2015-02-19 14:22:43 +01:00
Jaka Hudoklin
ebfadc2fc9 Merge pull request #6452 from rushmorem/update-chronos-port
Update chronos default port
2015-02-19 14:13:00 +01:00
rushmorem
74b40e9a43 Add marathon mesos framework 2015-02-19 13:30:00 +02:00
rushmorem
a661802d29 Update chronos default port
Update chronos default port to match the one documented on
their website (http://airbnb.github.io/chronos). The one in
their repo (the current one) clashes with the marathon documented
one.
2015-02-19 12:31:12 +02:00
koral
d9078d03a3 Updated fcgiwrap's systemd unit to match upstream version. 2015-02-18 21:19:12 +00:00
Eelco Dolstra
4ac280ec49 Blacklist the nouveau driver on EC2 2015-02-18 13:04:10 +01:00
Sou Bunnbu
f8dbd6f9ae Merge pull request #6427 from grwlf/vsftpd-port
vsftpd.nix: add 'portPromiscuous' option
2015-02-18 19:18:34 +08:00
Sergey Mironov
ac65a757f0 vsftpd.nix: add 'portPromiscuous' option 2015-02-18 11:51:43 +03:00
Mathijs Kwik
2fe44b95d0 nixos/wpa_supplicant: fix conflicting documentation
fixes #6298
2015-02-17 22:16:20 +01:00
James Cook
6daf9aa922 Merge pull request #5995 from ts468/qemu-vm
Update QEMU Nixos Virtual Machine
2015-02-16 13:13:26 -08:00
Thomas Strobel
c61ff9b51e Fix grubTarget on nodev installs 2015-02-16 20:19:44 +01:00
Thomas Strobel
80afabd5b5 Update QEMU Nixos Virtual Machine
The Nixos Qemu VM that are used for VM tests can now start without
boot menu even when using a bootloader.
The Nixos Qemu VM with bootloader can emulate a EFI boot now.
2015-02-16 20:07:42 +01:00
Evgeny Egorochkin
4621f16b34 azure: add a job to download ssh host and root keys if they are made available via "custom data"; see #3986 2015-02-16 16:54:30 +02:00
Eelco Dolstra
5d7000df68 Automatically set nix.nrBuildUsers to at least nix.maxJobs 2015-02-16 12:02:49 +01:00
Wout Mertens
65438da88a Merge pull request #6357 from NixOS/jobs-vs-users
nix-daemon: Sanity check maxJobs vs nrBuildUsers
2015-02-16 11:42:24 +01:00
Rob Vermaas
824fccd3e9 Move amazon option out of amazon-image.nix, needed to make ec2.hvm usable from nixops, without breaking evaluation for other backends.
(cherry picked from commit 213fe8427c5ce455b893c0c5c56cc38175bf36b7)
2015-02-16 09:57:19 +00:00
Eelco Dolstra
5092d625d6 /etc/ssl/certs/ca-bundle.crt -> ca-certificates.crt
Even though there is no "official" standard location, it's better to
stick to what most distros are using.
2015-02-15 19:06:31 +01:00
Eelco Dolstra
75e1b5e317 Provide symlinks to ca-bundle.crt for compat with other distros
There is no "standard" location for the certificate bundle, so many
programs/libraries have various hard-coded default locations that
don't exist on NixOS. To make these more likely to work, provide
some symlinks.
2015-02-15 19:06:31 +01:00
AndersonTorres
f19ed980a2 Sawfish (git): New Package
Sawfish is a versatile, Lisp-based window manager

In that commit I include all Sawfish stack:
- librep, a lisp system;
- rep-gtk, bindings for gtk
- sawfish, the window manager
2015-02-15 19:42:53 +03:00
Wout Mertens
d41367735d nix-daemon: Sanity check maxJobs vs nrBuildUsers 2015-02-15 15:37:30 +01:00
James Cook
33550b6efe Merge pull request #5665 from joachifm/dnscrypt-proxy-apparmor-updates
dnscrypt-proxy service: update AppArmor profile
2015-02-14 22:02:31 -08:00
Brian McKenna
28a9ed618f Add more options to multitouch (mtrack) module 2015-02-14 14:56:12 -07:00
William A. Kennington III
1fddcd1e83 grub: Don't remove zfs support if contained in the default binary 2015-02-13 14:40:41 -08:00
William A. Kennington III
69a277e2cc iwlegacy: Remove since it is already in linux-firmware-nonfree 2015-02-13 14:27:47 -08:00
Harald van Dijk
0fe9d58e4e stage-1-init: fix PID 1 shell
The PID 1 shell is executed as the last command in a sh invocation. Some
shells implicitly use exec for that, but the current busybox ash does not,
so the shell gets a wrong PID. Spell out the exec.
2015-02-13 10:20:29 +00:00
lethalman
51a7277fac Merge pull request #6312 from k0ral/sslh
sslh: added libwrap support + improved nixos module.
2015-02-13 10:03:48 +01:00
Domen Kožar
5a4614dc1f Add hid_lenovo to initrd kernel modules 2015-02-13 01:42:13 +01:00
Jaka Hudoklin
a17f5c8c9b nixos/consul: add consul-alerts service 2015-02-12 19:16:50 +01:00
Jaka Hudoklin
36e7a61dde Merge pull request #6222 from offlinehacker/limesurvey
add limesurvey package and nixos module
2015-02-12 18:07:42 +00:00
koral
cb153cfca3 sslh: added libwrap support + improved nixos module. 2015-02-12 13:21:36 +01:00
Michael Alan Dorman
f21cab27a4 Fix initial-install issues with couchdb.nix.
When starting from a clean slate, the couchdb service fails.

First, the pre-start script fails because it tries to chown the uriFile,
which doesn't exist.  It also doesn't ensure that the directory in which
the uriFIle is placed is writeable by couchdb, which could also cause
failure (though I didn't observe this).

Additionally, the log file's default location isn't a directory owned by
couchdb, nor is the file guaranteed to exist, nor is it guaranteed to be
chowned to the appropriate user.  All of which can cause unexpected
failure.

As a bonus I made a small change in the description of the configFile
attribute, in the hopes of making it a little more obvious why it
existed.
2015-02-11 20:42:52 -05:00
William A. Kennington III
35e9d3c112 nixos/zfs: Use the git version for kernels unsupported by 0.6.3 2015-02-11 15:11:56 -08:00
Luca Bruno
e088fd0314 Revert "Merge pull request #5626 from matthiasbeyer/add-fish_shell_module"
This reverts commit 157d199b33, reversing
changes made to 4c7adddcb7.
2015-02-11 18:31:11 +01:00
Luca Bruno
c427b48ba6 Revert "Add fish to nixos module list"
This reverts commit d7f5d00f0a.
2015-02-11 18:30:58 +01:00
Luca Bruno
d7f5d00f0a Add fish to nixos module list 2015-02-11 14:05:30 +00:00
lethalman
157d199b33 Merge pull request #5626 from matthiasbeyer/add-fish_shell_module
Add basic nixos module for fish shell
2015-02-11 15:05:03 +01:00
Luca Bruno
f7b26bf98f gnome3: Set XCURSOR_PATH. Closes #6191 2015-02-11 11:48:51 +00:00
lethalman
c1d22c947e Merge pull request #6278 from bendlas/cdemu
Add cdemu packages and module
2015-02-10 15:33:06 +01:00
Herwig Hochleitner
983fddcea8 Move cdemu module into programs 2015-02-10 13:14:09 +01:00
lethalman
12834a8500 Merge pull request #6072 from AndersonTorres/window-managers
Update NixOS module files to include WindowMaker
2015-02-10 13:06:06 +01:00
Herwig Hochleitner
b909def3e1 Whitespace cleanup 2015-02-10 11:49:32 +01:00
lethalman
93ebaafabe Merge pull request #6170 from k0ral/sslh
New sslh module
2015-02-10 11:17:56 +01:00
lethalman
7614b2f984 Merge pull request #6229 from devhell/canto
canto-{curses,daemon}: Add packages
2015-02-10 10:34:11 +01:00
Luca Bruno
d06122c58d Add PermissionsStartOnly to mpd service. Closes #6277 2015-02-10 10:18:54 +01:00
Herwig Hochleitner
2961b83d08 Add cdemu packages and module 2015-02-10 06:49:47 +01:00
William A. Kennington III
650b2258f0 nonfree-firmware: Use the new kernel.org repository for tracking nonfree firmware changes
remove the obsolete iwlwifi firmware which is included in the repo.
2015-02-09 16:28:40 -08:00
William A. Kennington III
b556983eb7 nixos/system: Add xhci_pci as it is needed to detect host buses in the initrd for usb keyboards on the xhci bus and storage devices on the iso 2015-02-09 13:09:26 -08:00
Wout Mertens
8f42f33c45 stage-1-init: better warnings
- Suppress spurious LVM FD3 warning:
  See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=432986
- Warn when device doesn't come online
2015-02-09 21:53:51 +01:00
Shea Levy
24c0844cfb Fix grub on nodev installs 2015-02-08 22:31:14 -05:00
William A. Kennington III
c4bec1a0a4 Merge pull request #6152 from abbradar/samba-clean
nixos/samba: cleanup and update defaults
2015-02-08 14:20:49 -08:00
William A. Kennington III
2a0754ccbc Merge pull request #5994 from ts468/grub
Add 'target' parameter for GRUB installation chain
2015-02-08 14:18:13 -08:00
devhell
a9ac564f50 canto-daemon: Fix typo and remove TimeoutStopSec 2015-02-08 14:16:17 +00:00
devhell
d6e9df1e1a canto-daemon: Add a systemd service
This adds a systemd service for the canto-daemon.
2015-02-08 14:16:17 +00:00
Domen Kožar
b83433cdd1 Remove gui (see #6207), use nixui instead 2015-02-08 10:47:58 +01:00
William A. Kennington III
42a6ac5209 nixos/iso: Increase efi image size to 15M 2015-02-07 20:38:24 -08:00
William A. Kennington III
0fa4c9d6d3 nixos/zfs: Fix references to zfs packages now that they are split 2015-02-07 15:07:39 -08:00
Jaka Hudoklin
41ae4d1af9 add limesurvey package and nixos module 2015-02-07 23:18:51 +01:00
Jaka Hudoklin
f85abb041a Merge pull request #5622 from offlinehacker/panamax
panamax: new package and service
2015-02-07 14:56:25 +00:00
Jaka Hudoklin
769fb8a141 Merge pull request #5486 from matejc/fixgatewayd
systemd-journal-gatewayd: add systemd-journal group
2015-02-07 14:52:31 +00:00
Jaka Hudoklin
ae34f923f7 panamax: simplify, refactor, add test 2015-02-07 15:32:20 +01:00
Matej Cotman
8c79a2df63 panamax: new package and service 2015-02-07 15:32:20 +01:00
William A. Kennington III
9792b12e53 nixos/openntpd: Don't start until we have networking
This attempts to fix an issues where ntp is unable to resolve hostnames
because it came up before local nameservers or networking.
2015-02-06 14:45:47 -08:00
William A. Kennington III
3e280f2089 nixos/tinc: Fix key generation behavior and use tinc 1.1 by default 2015-02-05 23:37:20 -08:00
Eelco Dolstra
d2bfb5ceb0 Add options for installing additional root certificates 2015-02-05 18:08:35 +01:00
Nikolay Amiantov
f35568e705 Merge pull request #5277 from abbradar/uwsgi
Add uWSGI application server
2015-02-05 17:10:37 +03:00
koral
1439e72147 New sslh module. 2015-02-05 13:30:39 +01:00
Edward Tjörnhammar
83925c33f6 i2pd: 0.6.0 -> 0.7.0
nixos: i2pd.service, fix string escaping
2015-02-05 12:09:59 +01:00
William A. Kennington III
9ddb6c9cc9 nixos/tinc: Add daemon configuration 2015-02-04 18:19:04 -08:00
William A. Kennington III
bae5faa82d nixos/dhcpd: Also try restarting openntpd as it suffers the same dns resolution problem 2015-02-04 17:33:14 -08:00
William A. Kennington III
43d8b1ef3c openntpd: Fixes 2015-02-04 17:30:22 -08:00
William A. Kennington III
a9f1329d2d nixos/openntpd: Add openntpd to the environment for ntpctl 2015-02-04 17:27:03 -08:00
Nikolay Amiantov
b22a1ff683 Merge pull request #4485 from abbradar/parsoid
Add "parsoid" service
2015-02-04 23:08:28 +03:00
Nikolay Amiantov
b903bf0a57 nixos/samba: cleanup and update defaults 2015-02-04 22:31:50 +03:00
AndersonTorres
fff55a968e Update NixOS module files to include WindowMaker
According to a hint on NixOS mailing list[1], I updated nixos/modules/services/x11/window-managers/default.nix
to include windowmaker.

1 - https://github.com/NixOS/nixpkgs/pull/4066#issuecomment-72017611
2015-02-03 21:24:12 -02:00
Lukas Lihotzki
c848d05de9 gitlab: Fix typo 2015-02-03 22:08:10 +01:00
lethalman
49b67bb9cb Merge pull request #6078 from boothead/sabnzbd
sabnzbd Change service to systemd
2015-02-03 13:32:59 +01:00
Peter Simons
b7ecd5e729 Merge pull request #5025 from abbradar/xmonad-wrapper
nixos/xmonad: make a wrapper
2015-02-03 11:52:09 +01:00
Shea Levy
c45372f038 Merge commit 'cfb29ab882323d379aba20a95020c7c24f883eae'
Partial staging merge, including cc-wrapper fixes

Conflicts:
	pkgs/applications/audio/spotify/default.nix
	pkgs/build-support/cc-wrapper/default.nix
	pkgs/development/compilers/cryptol/1.8.x.nix
2015-02-02 21:14:28 -05:00
Nikolay Amiantov
b7bb524f04 nixos/xmonad: move to haskell-ng and make a wrapper 2015-02-03 01:05:23 +03:00
Nikolay Amiantov
51681449da uwsgi: add nixos module 2015-02-02 22:23:42 +03:00
Nikolay Amiantov
9a04482af7 parsoid: add service 2015-02-02 22:21:45 +03:00
Thomas Tuegel
0fee7a2b21 fontconfig: stringify dpi correctly 2015-02-01 16:18:48 -06:00
Bjørn Forsman
ee52a61e3a nixos/tftpd: add option types and fixup descriptions
The first description is a (incorrect) copy/paste from the 'vsftpd'
module, and the second option lacks a 'dot' at the end.
2015-02-01 15:57:28 +01:00
lethalman
9576ff49d8 Merge pull request #5737 from matthiasbeyer/add-gitolite_admin_pubkey_oneline_note
Add note that admin-pub-key for gitolite has to be written in one line
2015-01-30 11:24:06 +01:00
lethalman
41cca7d2d6 Merge pull request #6045 from ragnard/apache-kafka
apache-kafka: New package and service
2015-01-30 10:50:14 +01:00
Luca Bruno
a239775488 Merge PR #5772, boot.loader.timeout 2015-01-30 10:39:50 +01:00
Bob van der Linden
a3d5f4f3ef nixos: gummiboot: change default to 1000 if boot.loader.timeout is null
When gummiboot.timeout == null, the menu will still be skipped.
When gummiboot.timeout == 0, the menu will also be skipped.
The only way to show the menu 'indefinitely' is to show it a long time.
2015-01-30 10:36:21 +01:00
Bob van der Linden
f93ba51469 nixos: loader: added generic config.boot.loader.timeout option
timeout options of grub and gummiboot will inherit the value of this
option by default.
2015-01-30 09:53:44 +01:00
Shea Levy
52d4b9d982 Merge branch 'tlsdate' of git://github.com/4z3/nixpkgs 2015-01-30 01:07:59 -05:00
Ragnar Dahlén
17bd96ea25 apache-kafka: New service for Apache Kafka 2015-01-29 11:10:22 +00:00
lethalman
a15edc22e3 Merge pull request #5615 from nckx/freefall
Add freefall: hard drive protection on HP/Dell laptops
2015-01-28 18:52:46 +01:00
Eelco Dolstra
378006f0f2 Restrict the length of container names 2015-01-28 16:13:00 +01:00
Jaka Hudoklin
c0eff1de61 Merge pull request #5939 from offlinehacker/nixos/containers/containers_in_containers
nixos/containers: make containers in containers possible
2015-01-28 16:07:17 +01:00
Jaka Hudoklin
2af3ff52c2 nixos/containers: make containers in containers possible 2015-01-28 16:06:44 +01:00
Tobias Geerinckx-Rice
ff5eae075a Add freefall NixOS service module 2015-01-28 15:59:21 +01:00
Eelco Dolstra
b61d4ac6a5 ntpd: Fork into the background
With -n, ntpd will write log messages to both syslog and stderr, which
is ugly.
2015-01-28 15:34:42 +01:00
Thomas Strobel
3767370866 Add target parameter to grub installation chain 2015-01-27 19:46:37 +01:00
Eelco Dolstra
53710c752a nixos-rebuild: Update fallback code to update Nix 2015-01-27 18:58:20 +01:00
Eelco Dolstra
6f8fad2253 Remove executable bits from non-executable files 2015-01-27 18:54:38 +01:00
Thomas Tuegel
63ec1a9677 add stable attrs for plasma5, kf5, and kdeApps 2015-01-26 21:01:07 -06:00
Thomas Tuegel
a55543711e kde5: simplify package list 2015-01-26 21:01:06 -06:00
Thomas Tuegel
3a97ea592f kdm: install default backgrounds 2015-01-26 21:01:06 -06:00
Thomas Tuegel
726b80bc87 startkde: don't split script between NixOS module and package 2015-01-26 21:01:06 -06:00
Thomas Tuegel
e7508b831f kde5: warn if enabled with kde4 2015-01-26 21:01:05 -06:00
Thomas Tuegel
16b54d19d3 kde5: rename plasma5 desktop module 2015-01-26 21:01:05 -06:00
Thomas Tuegel
5c52354ee8 add NixOS module for Plasma desktop 2015-01-26 21:00:38 -06:00
Thomas Tuegel
849647a3eb environment: set paths for Qt plugins and QML 2015-01-26 20:59:49 -06:00
Domen Kožar
9df1bdefef Merge pull request #5982 from robberer/pkgs/openldap
openldap: add dataDir, use cfg.user and cfg.group to run slapd
2015-01-26 10:33:57 +01:00
Domen Kožar
c1ce67561d openldap: correct directory hint 2015-01-26 10:03:25 +01:00
Longrin Wischnewski
a4af32eec3 openldap: add dataDir, use cfg.user and cfg.group to run slapd 2015-01-26 09:35:56 +01:00
aszlig
d110f5adf7
nixos/gitlab: Fix evaluation.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-01-26 08:20:14 +01:00
Jaka Hudoklin
6e7d708bcc nixos/rabbitmq: fix module 2015-01-26 02:09:04 +01:00
Charles Strahan
6eaa419920 gitlab: fix evaluation 2015-01-25 16:28:18 -05:00
Domen Kožar
2daba83828 openldap: add example config 2015-01-25 21:15:29 +01:00
j-keck
611a21a919 nixos-container: add missing 'nixos-container update' in usage
* in nixos-container.pl the mode 'update' is missing in the usage
2015-01-24 20:37:55 +01:00
Edward Tjörnhammar
6bbec634a7 Merge pull request #5850 from edwtjo/kodi-plugins
XBMC to Kodi migrations
2015-01-24 14:17:14 +01:00
Domen Kožar
cb7cd012df Merge pull request #5593 from abbradar/modprobe-fix
modprobe: wrap all of kmod
2015-01-24 07:11:16 +01:00
Domen Kožar
fde45d217e Merge pull request #5531 from abbradar/tlp
tlp: add package
2015-01-24 07:10:48 +01:00
Nikolay Amiantov
b7b3a0972d nixos/tlp: add service 2015-01-24 02:56:21 +03:00
Eelco Dolstra
11a0344e13 Merge pull request #5918 from robberer/openntpd
openntpd: add extraConfig and extraOptions
2015-01-23 16:43:15 +01:00
Longrin Wischnewski
4fa5d1f626 openntpd: add extraConfig and extraOptions 2015-01-23 16:15:20 +01:00
aszlig
127c928c23
nixos/rename: Fix merging multiple destinations.
The renaming of options define the original value for the new attribute
path. This works well if there is only *one* target, but if there are
more, we end up recursing into the attribute set of the option
definition itself.

We now check for that within the parent recursion node (we can't check
that from the subnode, because we lack that information about whether
it's defined multiple times) and if the subnode consist entirely of a
list of definitions, we use mkMerge on it.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-01-22 14:08:28 +01:00
wmertens
8780caadd4 Merge pull request #5499 from wizeman/u/zfs-dont-fsck
nixos: When generating /etc/fstab, ZFS and NFS filesystems shouldn't be checked
2015-01-22 12:09:22 +01:00
Charles Strahan
8d49e87dec Merge pull request #4677 from cstrahan/pleasant-ruby
Pleasant ruby
2015-01-21 23:27:38 -05:00
Matej Cotman
3ed3977166 owncloud: make .htaccess available 2015-01-21 22:49:22 +01:00
Matej Cotman
7494bd389e apache-httpd: add owncloud 2015-01-21 22:49:22 +01:00
Matej Cotman
6630e3e4fe apache-httpd: add restartSec option 2015-01-21 22:49:22 +01:00
Ricardo M. Correia
1b66077205 nixos: Don't do filesystem checks on ZFS or NFS filesystems 2015-01-21 17:39:53 +01:00
tv
3fdd925063 nixos: Add tlsdated service 2015-01-21 05:09:47 +01:00
Charles Strahan
dfc225d143 Merge branch 'master' of github.com:nixos/nixpkgs into pleasant-ruby
Conflicts:
	pkgs/applications/version-management/git-and-tools/default.nix
	pkgs/applications/version-management/git-and-tools/hub/default.nix
	pkgs/tools/audio/mpdcron/default.nix
2015-01-20 20:21:03 -05:00
Ricardo M. Correia
a11dc2f0a3 grsecurity: Add denyUSB option to grsec NixOS module
The option had been added to the grsec build-support code,
but it hadn't been added to the grsec module.

After this commit, grsec module users will be able to change
the default value. It also serves to document that this option
exists and that NixOS will disable it by default.
2015-01-20 19:18:06 +01:00
Joachim Fasting
7023e03d77 firewall service: fix pingLimit example value
The example uses single dashes, whereas iptables requires double dashes.
2015-01-20 08:47:11 +01:00
Edward Tjörnhammar
5b1c9417a8 Add Kodi desktop-manager 2015-01-19 22:14:36 +01:00
Peter Simons
ec6b82a0c2 Merge branch 'master' into staging. 2015-01-19 18:41:17 +01:00
lethalman
d957d9e6bc Merge pull request #5517 from paraseba/bumblebee
Bumblebee config to enable multiple monitors
2015-01-19 15:00:11 +01:00
wmertens
d3383e4879 Merge pull request #4394 from wmertens/patch-6
setup-etc.pl: Fail when symlink/rename fails
2015-01-19 12:39:41 +01:00
lethalman
9cd9264ef3 Merge pull request #5849 from robberer/systemd/restartassert
systemd: extend checkUnitConfig with on-abnormal
2015-01-19 11:48:48 +01:00
Longrin Wischnewski
4b0100774a systemd: extend checkUnitConfig with on-abnormal 2015-01-19 11:41:18 +01:00
Andrey Arapov
04be7262a6 nixos/dovecot: added configFile option and default Restart on-failure, PR #5845
Absolute path is required when one has such postfix configuration
where he/she needs to specify the actual (real) path to active dovecot
config.

Without this commit applied, the dovecot is running in such way:
/nix/store/hashAAA-dovecot-ver/sbin/dovecot -F -c /nix/store/hashBBB-dovecot2.conf

and postfix can't be aware of the value of "hashBBB" via services.postfix.extraConfig = '' ... '';
(it can only be aware of "hashAAA" with ${pkgs.dovecot} parameter)

Also enable Restart on-failure.

Edit: set RestartSec to 1s
2015-01-19 11:05:56 +01:00
Andrey Arapov
b1b9efdbe1 nginx service improvements
Adding Restart, RestartSec, StartLimitInterval to ensure that the service
is started in case if it can't assign (bind) the address as often it takes longer
for the network (e.g. dhcpcd) to get the IP assigned.
2015-01-19 10:46:45 +01:00
William A. Kennington III
130f66b683 nixos/sync-server: Respect the enable option 2015-01-18 14:21:40 -08:00
Domen Kožar
3b174a4024 Merge pull request #5301 from nbp/syncserver
Add Firefox Sync service
2015-01-18 17:47:51 +01:00
Nicolas B. Pierron
8196727fad Improve the documentation of the syncserver module. 2015-01-18 12:21:23 +01:00
Nicolas B. Pierron
0d13ea0131 Change default syncserver listen.port to a safer one. 2015-01-18 12:20:44 +01:00
Domen Kožar
b92a62165d Merge pull request #5726 from spwhitt/zsh-command-not-found
command-not-found: Add ZSH Support
2015-01-17 18:15:35 +01:00
Damien Cassou
a7024cb4b4 Create a nixos module for cups-browsed 2015-01-16 14:10:57 +01:00
Eelco Dolstra
efa8fc2b0a Paranoia 2015-01-15 18:37:55 +01:00
Eelco Dolstra
b9c4569b6b nixos-install: Create /root with 700 permission 2015-01-15 18:37:55 +01:00
Eelco Dolstra
3ca275d7ba NixOS containers: Create /root with 700 permission
Systemd-nspawn creates /root with 755 permission if it doesn't exist,
which is bad. So we have to create it ourselves before calling
systemd-nspawn.
2015-01-15 17:51:43 +01:00
Eelco Dolstra
24ce7ff3ea test-instrumentation.nix: Prevent calling a pager 2015-01-15 14:39:29 +01:00
Eric Seidel
88eae46455 rename occurrences of gcc.gcc to gcc.cc 2015-01-14 20:47:49 -08:00
Edward Tjörnhammar
837cfbb9ea nixos: adding nylon service with uid,gid 2015-01-14 22:08:47 +01:00
William A. Kennington III
8e5ef7da54 nixos/network-interfaces: Fix rstp support 2015-01-14 10:34:28 -08:00
Luca Bruno
804a958663 pam: add pam_wheel 2015-01-14 18:32:08 +01:00
Luca Bruno
2beb43174f nixos-rebuild: use reload-or-restart for dbus. Closes #5767
Now that dbus reload has been moved before restarting units,
the reload may fail if dbus has been stopped before.
The reload-or-restart will reload dbus if it's active,
otherwise start it.
2015-01-14 16:08:47 +01:00
Rob Vermaas
df7923fa82 Merge pull request #5515 from oconnorr/master
GCE updates to ntp server and to fetch all ssh keys
2015-01-14 13:19:38 +01:00
Matej Cotman
4e6efec4b4 enlightenment: fix media preview 2015-01-13 14:56:35 +01:00
Ryan Mulligan
2e3fa5b849 different wording for adminPubkey description
Maybe this wording is a slight improvement?
2015-01-12 21:49:33 -08:00
Matthias Beyer
f64d795950 Add note that administrative public key for gitolite has to be written in one line 2015-01-12 23:10:27 +01:00
mokasin
dd6dfde575 Add auto-start option to containers. 2015-01-12 18:26:22 +01:00
Spencer Whitt
6cba6dc61b command-not-found: Add ZSH Support 2015-01-12 03:45:48 -05:00
Vladimír Čunát
72d2d59cd4 /etc/ssh/ssh_known_hosts: refactor and fix #5612
Generating the file was refactored to be completely in nix.
Functionally it should create the same content as before,
only adding the newlines.

CC recent updaters: @aszlig, @rickynils.
2015-01-11 22:14:25 +01:00
Peter Simons
43bae26b33 Merge pull request #5627 from oxij/update-postfix
postfix: make 2.11 the default, nixos: update postfix config for 2.11
2015-01-11 11:28:31 +01:00
Arseniy Seroka
4f596fb93f Revert "zsh: profile-relative functions path"
This reverts commit 766207ca1d.

We need to solve the problem with `environment.profileRelativeEnvVars`.
The best workaround is to make profileRelativeEnvVars prepend paths.
2015-01-10 22:11:13 +03:00
Joachim Fasting
97bac259d0 dnscrypt-proxy service: update AppArmor profile
This patch fixes the AppArmor profile path clause and adds
(currently ignored) network rules.

The AppArmor profile used to be defined for the path sbin/dnscrypt-proxy,
but the real path is bin/dnscrypt-proxy (due to sbin now being a symlink
to bin), which permitted the service to run unconfined.

Adding the network rules has no effect other than improving correctness,
as the version of AppArmor in the NixOS kernel fails to enforce network
rules.
2015-01-09 15:08:07 +01:00
Shea Levy
cca8bae86e Merge branch 'rngd-fix' of git://github.com/abbradar/nixpkgs 2015-01-08 09:36:29 -05:00
Matthias Beyer
5e6068d913 Put shell aliases in interactiveShellInit 2015-01-08 15:18:26 +01:00
Matthias Beyer
c5e855e060 Add basic nixos module for fish shell 2015-01-08 15:18:26 +01:00
lethalman
908c47b281 Merge pull request #5550 from abbradar/fprintd
add fprintd support
2015-01-08 14:58:22 +01:00
William A. Kennington III
dd7efcbf36 java: More default cleanups 2015-01-07 14:55:41 -08:00
William A. Kennington III
c82410eeda java: Normalize to the default jre / jdk 2015-01-07 14:55:41 -08:00
William A. Kennington III
9a7766e054 nixos/network-interfaces: Add mstpd support for bridges 2015-01-07 14:49:24 -08:00
Peter Simons
24f5b2a1a0 Merge pull request #5619 from oxij/various-changes-2
Various (hopefully) small changes
2015-01-07 16:59:10 +01:00
Jan Malakhovski
265c1c1472 postfix: make 2.11 the default, nixos: update postfix config for 2.11
postfix 2.11 is much more humane with respect to disk writes since it uses
sockets (which do not change inodes on accesses) instead of fifos (which do).
2015-01-07 15:43:32 +00:00
Jan Malakhovski
b6646f7ba7 nixos: make zsh use fcntl for locking history files by default
Without this zsh creates and then unlinks .lock files at each interactive
input line, which is inhumane with respect to disk.
2015-01-07 15:43:01 +00:00
j-keck
3ced0d94ac doc: use postgresql94
update postgresql module doc to use postgresql94 (was postgresql93)
2015-01-07 13:21:18 +01:00
William A. Kennington III
20d2092ff8 nixos/base: Add efi management utilities 2015-01-07 01:52:47 -08:00
Russell O'Connor
d1a58ef7c6 google-compute-image.nix: Try to download all SSH host keys from metadata server. 2015-01-06 12:06:54 -05:00
Nikolay Amiantov
dbc0395b2b nixos/rngd: some fixes 2015-01-06 17:27:07 +03:00
Nikolay Amiantov
2aaeacc579 nixos/modprobe: wrap all of kmod 2015-01-06 16:39:00 +03:00
Russell O'Connor
3251948029 Generate SSH host public key from the private key. 2015-01-05 15:20:55 -05:00
Russell O'Connor
d1cbbff1e3 Call wget directly in fetch-ssh-keys service. 2015-01-05 15:20:55 -05:00
Russell O'Connor
6382e16014 google-compute-image.nix: unconditionally clean up /root/key.pub /root/authorized-keys-metadata 2015-01-05 15:18:02 -05:00
Russell O'Connor
b19ab1f046 google-comute-image.nix: set umask 077 when downloading private keys from the metadata server. 2015-01-05 15:01:49 -05:00
Russell O'Connor
e548a4330d google-compute-image.nix: use internal google NTP server. 2015-01-05 12:45:23 -05:00
Peter Simons
ea94a6d653 nixos/modules/services/misc/nix-daemon.nix: document meaning of '0' for the buildCores attribute 2015-01-05 15:38:08 +01:00
Rob Vermaas
c5caa853ec dd-agent: set SSL_CERT_FILE for dogstatsd.
(cherry picked from commit c67204dec27a86e2235afb2aebf48bc53dd804d0)
2015-01-05 13:15:22 +01:00
Eelco Dolstra
ae7d79cd61 Fix some bad gids
Issue #3727.
2015-01-05 11:58:17 +01:00
Rob Vermaas
ea9530b5c7 Fix GCE image build.
(cherry picked from commit 98af87cd4abb0cd77e8a51cfdf6913a92d088784)
2015-01-05 09:35:35 +01:00
William A. Kennington III
8ec82fcb18 nixos/samba: Allow package version setting 2015-01-03 21:45:16 -08:00
Kirill Elagin
766207ca1d zsh: profile-relative functions path
This is needed mostly for autocompletion.
2015-01-04 02:02:59 +03:00
Nikolay Amiantov
a164a0b4c5 nixos/fprintd: add service and pam support 2015-01-03 19:50:40 +03:00
Domen Kožar
3d7ff07258 fix manual 2015-01-03 16:32:07 +01:00
Domen Kožar
1f523bb23d clarify things about hashed passwords and mutableUsers 2015-01-02 17:32:56 +01:00
William A. Kennington III
8627110091 icedtea: Make major version nonspecific attrs 2015-01-02 00:24:49 -08:00
Nicolas B. Pierron
816229593a Merge pull request #5441 from nbp/mkAlias
modules: Extract mkAliasDefinition from the rename.nix NixOS module.
2015-01-01 06:59:42 -08:00
Sebastián Bernardo Galkin
24abe2b2b3 Bumblebee config to enable multiple monitors
Added configurations to `bumblebee` package to easy multiple monitors on Optimus
machines.

The behaviour of the default `bumblebee` package hasn't change, so this change
is backwards compatible. Users who want to connect a monitor to their discrete
card should use the package `bumblebee_display` instead.

Also added new configuration option to nixos bumblebee module:

```
hardware.bumblebee.connectDisplay = true
```

will enable the new configuration, but the default is still false.
2014-12-30 19:17:42 -08:00
Charles Strahan
94dd4b9721 ruby: WIP 2014-12-30 21:05:00 -05:00
Eelco Dolstra
e62cb5585d Merge pull request #5507 from DamienCassou/systemd-user-timers
Add systemd.user.timers
2014-12-30 15:40:43 +01:00
Damien Cassou
dcc93abe74 Add systemd.user.timers 2014-12-30 05:46:36 +01:00
Tobias Geerinckx-Rice
c64257b8e5 Fix user-facing typos (mainly in descriptions) 2014-12-30 03:31:03 +01:00
Jaka Hudoklin
1b19b7a3bf Merge pull request #5491 from offlinehacker/cadvisor
Add cadvisor package and nixos module
2014-12-29 17:58:43 +01:00
Shea Levy
9245516b46 gummiboot-builder.py: run nix with no build-users-group
During install, the bootloader script gets run inside a chroot after the
/etc/group bind-mount is unmounted. Since we're not doing any building,
this should be safe, but really nix should just not care if the group
does not exist when no build is needed.

Fixes #5494
2014-12-29 07:09:10 -05:00
Ricardo M. Correia
1d44322d53 grsecurity: Update stable and test patches
stable: 3.0-3.14.27-201412211908 -> 3.0-3.14.27-201412280859
test:   3.0-3.17.7-201412211910  -> 3.0-3.18.1-201412281149
2014-12-29 03:00:47 +01:00
Matej Cotman
9eb24c72ff systemd: fix permissions on /var/log/journal 2014-12-28 22:37:50 +01:00
Charles Strahan
145733c479 Merge branch 'master' of github.com:nixos/nixpkgs into pleasant-ruby
Conflicts:
	pkgs/applications/version-management/redmine/default.nix
	pkgs/development/interpreters/ruby/gem.nix
	pkgs/development/interpreters/ruby/generated.nix
	pkgs/development/interpreters/ruby/patches.nix
	pkgs/development/tools/vagrant/default.nix
	pkgs/servers/consul/default.nix
2014-12-28 14:29:52 -05:00
Domen Kožar
43af22b2de Merge pull request #5487 from luke-clifton/lc-btsync-group
btsync groups
2014-12-28 20:25:13 +01:00
Charles Strahan
4ed847d81d redmine: fix use of bundler 2014-12-28 14:22:11 -05:00
Jaka Hudoklin
b6198f08e3 nixos: add cadvisor service 2014-12-28 20:21:41 +01:00
Eelco Dolstra
ea9d391bb5 Fix ntpd
Since the 4.2.8 upgrade, ntpd is broken on NixOS:

  Dec 28 19:06:54 hagbard ntpd[27723]: giving up resolving host 1.nixos.pool.ntp.org: Servname not supported for ai_socktype (-8)

This appears to be because DNS resolution doesn't work in chroots
anymore (due to /etc being missing). So disable chroots for now. It's
probably better to use systemd's containment facilities anyway.
2014-12-28 19:38:45 +01:00
Alexander Kjeldaas
da1f8578b0 Eradicate gzip -9 without -n 2014-12-28 13:45:27 +01:00
Luke Clifton
3c8914f94e Changed group id to match user id 2014-12-28 19:47:12 +08:00