3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

6931 commits

Author SHA1 Message Date
Graham Christensen 1de35c7f5e
wireguard: attempt infinity times to resolve a peer 2019-05-31 14:51:31 -04:00
Graham Christensen dc44fc1760
wireguard: add each peer in a separate service
Before, changing any peers caused the entire WireGuard interface to
be torn down and rebuilt. By configuring each peer in a separate
service we're able to only restart the affected peers.

Adding each peer individually also means individual peer
configurations can fail, but the overall interface and all other peers
will still be added.

A WireGuard peer's internal identifier is its public key. This means
it is the only reliable identifier to use for the systemd service.
2019-05-31 14:51:25 -04:00
WilliButz ba17b32b43
nixos/prometheus-fritzbox-exporter: update binary name 2019-05-31 18:50:27 +02:00
Will Dietz a72d6f9349
Merge pull request #60954 from dtzWill/fix/network-online-actually-online-with-networkmanager
networkmanager: network-online --wants--> NetworkManager-wait-online
2019-05-30 23:05:57 -05:00
Janne Heß 672495d596 nixos/bird: Fix reload
When calling reload, bird attempts to reload the file that was given in
the command line. As the change of ${configFile} is never picked up,
bird will just reload the old file.
This way, the configuration is placed at a known location and updated.
2019-05-31 01:21:18 +02:00
Matthew Bauer a472b1449d
Merge pull request #61104 from adisbladis/plasma5-no-qt56
nixos/plasma5: Remove phonon-backend-gstreamer pinned to Qt 5.6
2019-05-30 16:17:28 -04:00
Matthew Bauer b64b2b57f0
Merge pull request #61423 from volth/de-xrdp
nixos/desktop-managers: let them work when 'services.xserver.enable = false'
2019-05-30 15:46:09 -04:00
Gabriel Ebner 18f564b882 octoprint: 1.3.10 -> 1.3.11 2019-05-30 18:10:29 +02:00
Matthew Bauer 38fdc9f8f8
Merge pull request #59076 from Yarny0/cups-path-fix
nixos/printing: fix CUPS `SetEnv` directive placement
2019-05-30 10:52:28 -04:00
Nikolay Amiantov f23c110692 murmur service: log to journald by default
Save an option to log to file with new `logFile` option.

As a side effect deprecate `pidfile` option and instead use systemd's
RuntimeDirectory.
2019-05-30 15:43:32 +03:00
gnidorah ea82b7f98d nixos/jack: init 2019-05-30 07:25:30 +03:00
Matthew Bauer 0a2b9719fd
Merge pull request #62157 from Lassulus/syncthing-fix
nixos/syncthing: run init only if a devices or folders are set
2019-05-29 21:02:18 -04:00
lassulus 87e9e65b6f nixos/syncthing: run init only if devices or folders are set 2019-05-29 13:57:39 +02:00
Aaron Andersen 5cf98d29e7 nixos/limesurvey: init module to replace apache subservice 2019-05-28 23:02:34 -04:00
lassulus ddfb687d5e nixos/syncthing: better examples for declarative options 2019-05-29 07:12:14 +09:00
Daniel Schaefer eccb90a2d9 compton: 0.1_beta2.5 -> 6.2 (#61681)
* compton-git: 5.1-rc2 -> 6.2

vsync is now a boolean option, see:
https://github.com/yshui/compton/pull/130

menu-opacity is deprecated and there's a warning that says:
Please use the wintype option `opacity` of `popup_menu` and
`dropdown_menu` instead.

* nixos/compton: Keep vSync option backwards compatible

The new upstream option tries to make the best choice for the user.
Therefore the behaviour should stay the same with this backwards
compatibility patch.

* compton-git: Remove DRM option

It's deprecated and shouldn't be used.
https://github.com/yshui/compton/pull/130/files#r285505456

* compton-git: Remove new_backends option

Was removed in "Let old/new backends co-exist"
b0c5db9f5aa500dc3568cc6fe68493df98794d4d

* compton: 0.1_beta2.5 -> 6.2

Drop the legacy, unmaintained version and use the fork for real.
2019-05-28 13:37:13 +02:00
José Romildo Malaquias 00d6232b47
Merge pull request #62035 from romildo/upd.lumina
lumina.lumina: 1.4.0-p1 -> 1.5.0
2019-05-27 17:41:58 -03:00
Michael Peyton Jones 9131bf59a7
nixos: add StateDirectory for fprintd 2019-05-26 18:06:46 +01:00
Aaron Andersen de6e5ea815 nixos/foundationdb: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:58 -04:00
Aaron Andersen 1540a85458 nixos/frab: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:58 -04:00
Aaron Andersen 89dae4b1ae nixos/murmur: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:58 -04:00
Aaron Andersen fff8b9bcaa nixos/netdata: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:57 -04:00
Aaron Andersen 12dec59905 nixos/octoprint: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:57 -04:00
Aaron Andersen fbe5943237 nixos/opendkim: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:57 -04:00
Aaron Andersen 114bd801f4 nixos/jira: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:57 -04:00
Aaron Andersen 65f449fe33 nixos/graylog: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:57 -04:00
Aaron Andersen 8034dac42f nixos/firebird: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:57 -04:00
Aaron Andersen 4775c59528 nixos/dspam: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:57 -04:00
Aaron Andersen 204be04531 nixos/crowd: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:56 -04:00
Aaron Andersen 99f74c268b nixos/confluence: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:56 -04:00
Aaron Andersen 8ac5973610 nixos/boinc: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:56 -04:00
Aaron Andersen e734494a59 nixos/autossh: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:56 -04:00
Aaron Andersen e85d03e52b nixos/aria2: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:56 -04:00
Aaron Andersen b6bfb874ec nixos/apache-kafka: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:56 -04:00
Aaron Andersen 2c350782ba nixos/alerta: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:56 -04:00
Aaron Andersen ff2fdc294e nixos/kapacitor: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:55 -04:00
Aaron Andersen 46a5db0810 nixos/quassel: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:55 -04:00
Aaron Andersen 780ff9a4eb nixos/riemann-tools: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:55 -04:00
Aaron Andersen cdcc504848 nixos/scollector: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:55 -04:00
Aaron Andersen d33c64eec8 nixos/slimserver: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:55 -04:00
Aaron Andersen 307a99bb01 nixos/squid: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:55 -04:00
Aaron Andersen dd9598cf54 nixos/teamspeak3: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:54 -04:00
Aaron Andersen 0b7305e783 nixos/unifi: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:54 -04:00
Aaron Andersen 4a4d3a2e04 nixos/zeronet: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:54 -04:00
Aaron Andersen c7481e6340 nixos/hbase: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:54 -04:00
Aaron Andersen 93235b8a85 nixos/minidlna: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:54 -04:00
Aaron Andersen 74b34535fc nixos/gollum: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-26 07:20:48 -04:00
Ambroz Bizjak 370d3af0c4 nixos: Don't set LD_LIBRARY_PATH for graphics drivers that don't need it.
A new internal option `hardware.opengl.setLdLibraryPath` is added which controls if `LD_LIBRARY_PATH` should be set to `/run/opengl-driver(-32)/lib`. It is false by default and is meant to be set to true by any driver which requires it. If this option is false, then `opengl.nix` and `xserver.nix` will not set `LD_LIBRARY_PATH`.

Currently Mesa and NVidia drivers don't set `setLdLibraryPath` because they work with libglvnd and do not override libraries, while `amdgpu-pro`, `ati` and `parallels-guest` set it to true (the former two really need it, the last one doesn't build so is presumed to).

Additionally, the `libPath` attribute within entries of `services.xserver.drivers` is removed. This made `xserver.nix` add the driver path directly to the `LD_LIBRARY_PATH` for the display manager (including X server). Not only is it redundant when the driver is added to `hardware.opengl.package` (assuming that `hardware.opengl.enable` is true), in fact all current drivers except `ati` set it incorrectly to the package path instead of package/lib.

This removal of `LD_LIBRARY_PATH` could break certain packages using CUDA, but only those that themselves load `libcuda` or other NVidia driver libraries using `dlopen` (not if they just use `cudatoolkit`). A few have already been fixed but it is practically impossible to test all because most packages using CUDA are libraries/frameworks without a simple way to test.

Fixes #11434 if only Mesa or NVidia graphics drivers are used.
2019-05-26 10:23:46 +02:00
Silvan Mosberger 0040ca936e
Merge pull request #56175 from MostAwesomeDude/tahoe-service
Fix tahoe service
2019-05-25 21:53:23 +02:00
Aaron Andersen 191e4b0755 nixos/heartbeat: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-25 13:48:41 -04:00
Aaron Andersen 73342be85b nixos/riemann-dash: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-25 13:48:41 -04:00
Aaron Andersen a8defe81d1 nixos/mopidy: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-25 13:48:41 -04:00
Aaron Andersen 9fc6955abc nixos/couchpotato: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-05-25 13:48:41 -04:00
Aaron Andersen 86fd8c910d nixos/charybdis: replace deprecated usage of PermissionsStartOnly 2019-05-25 13:48:41 -04:00
Markus Schneider c30bd387d2 leftwm: enable service 2019-05-26 01:27:04 +09:00
Aaron Andersen 2726c45b01 nixos/nagios: update apacheHttpd configuration from 2.2 to 2.4 syntax 2019-05-25 10:38:07 -04:00
Maximilian Bosch 5fa93517f5
Merge pull request #61971 from sjau/wg_client_start
wireguard: restart on failure\nAs a oneshot service, if the startup f…
2019-05-25 16:36:56 +02:00
Aaron Andersen c2f8d6334c nixos/nagios: replace deprecated usage of PermissionsStartOnly
see #53852
2019-05-25 10:33:58 -04:00
sjau 1bff53cb84
wireguard: restart on failure
As a oneshot service, if the startup failed it would never be attempted again.
This is problematic when peer's addresses require DNS. DNS may not be reliably available at
the time wireguard starts. Converting this to a simple service with Restart
and RestartAfter directives allows the service to be reattempted, but at
the cost of losing the oneshot semantics.

Signed-off-by: Maximilian Bosch <maximilian@mbosch.me>
2019-05-25 16:32:14 +02:00
Florian Klink e4de353830
wireguard service: allow empty interfaces (#61743)
wireguard service: allow empty interfaces
2019-05-25 16:30:27 +02:00
Aaron Andersen 609c1580d8 nixos/nagios: change group from nogroup to nagios
see #55370
2019-05-25 10:25:49 -04:00
Aaron Andersen d27be52b3d nixos/hydron: replace deprecated usage of PermissionsStartOnly
see #53852
2019-05-25 08:38:15 -04:00
phile314-fh 62d4c2b34a mongodb: Add authentication support
* nixos/mongodb: Add authentication support

* nixos/mongodb: Add initial script option

* nixos/mongodb: Make initial root password configurable

* nixos/mongodb: Start only on loopback interface for setup procedure

* nixos/mongodb: Test auth/initial script

* nixos/mongodb: Code formatting

Co-Authored-By: Lassulus <github@lassul.us>
2019-05-25 18:09:30 +09:00
Nikolay Amiantov cfadd988e5 wireguard service: allow empty interfaces
This is needed in case one wants to use wg-quick on NixOS.
2019-05-25 11:17:36 +03:00
Milan Pässler 387d85b271 nixos/prosody: add authentication option (fixes #53134)
Passwords should not be stored in plain text by default. On existing
installations the next time a users user accounts will automatically
be upgraded from plain to hashed one-by-one as they log in.
2019-05-24 23:51:44 +02:00
José Romildo Malaquias 272fa9d41c lumina: init package set for the lumina desktop 2019-05-24 17:20:15 -03:00
Franz Pletz 5fa8cd257a
Merge pull request #51206 from krebs/xmonad-config
xmonad service: add .config option
2019-05-24 18:37:55 +00:00
Franz Pletz eb7c11d552
Merge pull request #58718 from Ma27/validate-ssh-configs
nixos/sshd: validate ssh configs during build
2019-05-24 18:30:04 +00:00
Maximilian Bosch 00a5222499
nixos/sshd: validate ssh configs during build
With `sshd -t` config validation for SSH is possible. Until now, the
config generated by Nix was applied without any validation (which is
especially a problem for advanced config like `Match` blocks).

When deploying broken ssh config with nixops to a remote machine it gets
even harder to fix the problem due to the broken ssh that makes reverts
with nixops impossible.

This change performs the validation in a Nix build environment by
creating a store path with the config and generating a mocked host key
which seems to be needed for the validation. With a broken config, the
deployment already fails during the build of the derivation.

The original attempt was done in #56345 by adding a submodule for Match
groups to make it harder screwing that up, however that made the module
far more complex and config should be described in an easier way as
described in NixOS/rfcs#42.
2019-05-24 20:16:53 +02:00
Silvan Mosberger f631167557
Merge pull request #58702 from florianjacob/fix-mysql
nixos/mysql: fix typing-induced bugs
2019-05-24 19:51:54 +02:00
Carl Dong f15118a883 nixos/bitcoind: add bitcoind service 2019-05-22 15:48:57 -04:00
Malte Brandy ab5926ba67 nixos/nextcloud: Improve autoUpdateApps description string 2019-05-22 19:07:42 +02:00
Ingolf Wanger e4f1e144a0 syncthing: made module more NixOps friendly 2019-05-22 22:39:34 +09:00
Malte Brandy 49f05a1760
nixos/nextcloud: Add options services.nextcloud.autoUpdateApps
nixos/nextcloud: Add documentation for nextcloud app installation and updates

nixos/nextcloud: Enable autoUpdateApps in nextcloud test

nixos/nextcloud: Fix typo in nixos/modules/services/web-apps/nextcloud.xml

Co-Authored-By: Florian Klink <flokli@flokli.de>

nixos/nextcloud: Escape html in option description

nixos/nextcloud: Fix autoUpdateApps URL in documentation.

Co-Authored-By: Florian Klink <flokli@flokli.de>
2019-05-21 13:24:23 +02:00
worldofpeace 6543e794a6
Merge pull request #61546 from cizra/libfprint-vfs0090
libfprint: added a fork for Lenovo ThinkPad
2019-05-20 14:16:34 -04:00
Elmo Todurov 432944cdb3 fprintd: added option to use fork for Lenovo ThinkPad 2019-05-20 20:48:30 +03:00
William Casarin 9a81e9cd9e xinetd: exec xinetd on launch
I noticed xinetd process doesn't get exec'd on launch, exec here so the bash
process doesn't stick around.

Signed-off-by: William Casarin <jb55@jb55.com>
2019-05-20 10:37:35 +01:00
Florian Klink cd96b50d90
nixos/postgresql: add ensureDatabases & ensureUsers options (#56720)
nixos/postgresql: add ensureDatabases & ensureUsers options
2019-05-20 10:58:48 +02:00
lassulus a3e7e1bbc8 nixos/syncthing: add options for declarative device/folder config 2019-05-20 17:56:17 +09:00
worldofpeace 82135b6c81 nixos/geoclue2: don't run as root 2019-05-19 18:53:18 -04:00
Aaron Andersen b5a0c38e55
Merge pull request #59401 from mguentner/mxisd_1_3
mxisd: 1.2.0 -> 1.4.3
2019-05-19 07:00:47 -04:00
Neil Mayhew f14cf438b4 nixos/modules: Ensure the colord user is a system user
Ideally, it should have an assigned uid and gid
2019-05-18 16:48:34 -06:00
Robin Gloster 6e546e0326
Merge pull request #60087 from dasJ/icingaweb-etc
nixos/icingaweb2: Fix environment.etc assignment
2019-05-18 10:03:40 +00:00
Robin Gloster a1dcac5104
Merge pull request #57523 from mayflower/kube-apiserver-preferred-address-types
nixos/kubernetes: Add preferredAddressTypes option to apiserver
2019-05-18 09:57:12 +00:00
Robin Gloster 6cf583cf2f
Merge pull request #60406 from JohnAZoidberg/remove-isnull
treewide: Remove usage of isNull
2019-05-18 09:36:24 +00:00
Robin Gloster dac48ea4a1
Merge pull request #61025 from azazel75/upgrade-coredns
nixos/kubernetes: upgrade CoreDNS 1.3.1 -> 1.5.0
2019-05-18 09:19:04 +00:00
Silvan Mosberger 85c0a4dc33
Merge pull request #61512 from c0bw3b/pkg/winstone
winstone: drop package and service
2019-05-17 17:36:38 +02:00
Renaud c5fd2a457e
Merge pull request #60670 from nyanloutre/factorio_sandbox
nixos/factorio: sandbox service using systemd
2019-05-17 13:40:02 +02:00
nyanloutre 85b3448e6a nixos/factorio: sandbox service using systemd
- DynamicUser enabled instead of static uid/gid
- Enables most sandboxing options systemd offers
2019-05-17 10:25:49 +02:00
Vladimír Čunát fc67de1802
Merge branch 'staging-next'
A few thousand Darwin jobs are still pending, but there we're depending
on this merge to fix the channel-blocking lz4 failure.
https://hydra.nixos.org/eval/1519778?compare=1519770
2019-05-17 09:43:32 +02:00
LeOtaku efcdac63fe nixos/pantheon: add geoclue application configuration
Co-authored-by: worldofpeace <worldofpeace@protonmail.ch>
2019-05-16 18:46:07 -04:00
LeOtaku 00d8fc1cde nixos/gnome3: add geoclue application configuration
Co-authored-by: worldofpeace <worldofpeace@protonmail.ch>
2019-05-16 18:46:07 -04:00
LeOtaku 2d93f57db5 nixos/geoclue2: make configurable, can whitelist applications
All options within geoclue.conf[0] have been made configurable.

Additonally, we can now specify whether or not GeoClue
should ask the agent to authorize an application like so:
```
services.geoclue2.appConfig."redshift" = {
  isAllowed = true;
  isSystem = true;
};
```

[0]: https://gitlab.freedesktop.org/geoclue/geoclue/blob/2.5.2/data/geoclue.conf.in

Co-authored-by: worldofpeace <worldofpeace@protonmail.ch>
2019-05-16 18:46:07 -04:00
Austin Seipp e2bbc6fb46
nixos: fix services.foundationdb.traceFormat for older server versions
This was a testing oversight that came from #61009 -- I forgot to test
the new traceFormat option with older server versions while I was
working on FDB 6.1.

Since trace_format is only available in 6.1+, emitting it
unconditionally caused older versions of the database fail to start,
reporting an error. We simply gate it behind a version check instead,
and assert the format is always XML on older versions. This avoids the
case where the user has an old version, changes traceFormat willingly,
and then is confused by why it didn't work.

As reported by @TimothyKlim in the comments on commit
c55b9236f0. See

    c55b9236f0 (r33566132)

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2019-05-16 15:16:50 -05:00
Maximilian Güntner 1a84bfc0a2
mxisd: 1.2.0 -> 1.4.3 2019-05-16 21:14:13 +02:00
Frederik Rietdijk d4464ff8fe Merge master into staging-next 2019-05-16 08:17:55 +02:00
c0bw3b 582fd549fb winstone: drop package and service
Close #56294
Upstream package is unmaintained for years
and nixpkgs provides alternatives
2019-05-15 20:30:48 +02:00
Austin Seipp 2525b88c80
nixos/foundationdb: default to ssd storage engine
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2019-05-15 09:54:11 -05:00
Austin Seipp 427f1e58a4
nixos/foundationdb: chmod 0770 for logs/data files
Slight oversight: this allows members of the FoundationDB group to read
logs.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2019-05-15 09:54:11 -05:00
Austin Seipp c55b9236f0
nixos: add services.foundationdb.traceFormat option
This allows us to specify JSON trace logging, which is useful for
tooling to injest/transform logs.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2019-05-15 09:54:11 -05:00
Linus Heckemann 2b13c29c3c
Merge pull request #60231 from mayflower/tinc-allow-networking-interfaces
nixos/tinc: remove ordering dependency on network.target
2019-05-14 17:51:20 +02:00
Frederik Rietdijk 8abe5ee07e Merge master into staging-next 2019-05-14 10:23:13 +02:00
volth b51aae10e0
nixos/desktop-managers: let them work when services.xserver.enable=false 2019-05-13 16:57:09 +00:00
worldofpeace b5f26f3803
Merge pull request #59480 from worldofpeace/fprintd-systemd
nixos/fprintd: use systemd.packages
2019-05-13 03:30:24 -04:00
Eelco Dolstra de9e238469
FIx some malformed XML in option descriptions
E.g. these were using "<para>" at the *end* of a description. The real
WTF is that this is possible at all...
2019-05-13 09:15:17 +02:00
volth d7decccc28
nixos/pantheon: fix build with config.allowAliases=false 2019-05-13 04:48:55 +00:00
volth ac6875d294 nixos/desktop-managers: let them work when 'services.xserver.enable = false'
they can be used by remote desktop software, without X11 running locally
2019-05-13 04:23:56 +00:00
volth 46b9e5c3d4
nixos/enlightenment: fix build with config.allowAliases=false 2019-05-13 03:50:52 +00:00
Vladimír Čunát e8f4ad0169
Merge branch 'master' into staging-next
~5k rebuilds per platform.
Hydra nixpkgs: ?compare=1518759
2019-05-11 09:41:36 +02:00
Bas van Dijk 4b7aea9e8c
Merge pull request #61237 from basvandijk/journalbeat-fixes
NixOS: support journalbeat >= 6
2019-05-10 18:44:44 +02:00
Bas van Dijk 477c552c7d nixos/journalbeat: support journalbeat >= 6 & add test 2019-05-10 15:41:41 +02:00
Renaud c17ec06f66
Merge pull request #60569 from dtzWill/update/vnstat-2.2
vnstat: 2.1 -> 2.2
2019-05-09 20:09:40 +02:00
worldofpeace bb7e5566c7
Merge pull request #44086 from erikarvstedt/paperless
paperless: add package and service
2019-05-08 17:17:49 -04:00
Alyssa Ross 7261ffc18e
Merge pull request #60776 from alyssais/xerror
nixos/xserver: improve DM error message when X off
2019-05-08 12:19:14 +00:00
Erik Arvstedt 80c3ddbad8
paperless service: init 2019-05-08 09:26:32 +02:00
adisbladis d5887ece61
nixos/plasma5: Remove phonon-backend-gstreamer pinned to Qt 5.6
Adds closure size for seemingly no reason
2019-05-07 21:44:29 +01:00
Frederik Rietdijk 87a5d8fede Merge staging-next into staging 2019-05-07 19:30:14 +02:00
David Izquierdo b24a87fafe jellyfin: remove assertion if emby enabled: no emby module exists 2019-05-07 11:04:57 +02:00
Alberto Berti f965fb26a9 nixos/kubernetes: upgrade CoreDNS 1.3.1 -> 1.5.0 2019-05-06 13:10:32 +02:00
José Romildo Malaquias b4941a463e
Merge pull request #59943 from romildo/fix.deepin.modules
nixos/deepin: use only one module for deepin services
2019-05-05 20:52:13 -03:00
volth f3535aeea3
nix.systemFeatures: minor fix
following up #59148
I forgot the default case of the architectures which do not have minor brothers whose code they can run ("westmere" or any of of AMD)
2019-05-05 22:14:24 +00:00
Robert Schütz 1ea22b8868
Merge pull request #60217 from dotlambda/home-assistant-0.92
home-assistant: 0.91.4 -> 0.92.2
2019-05-05 23:31:31 +02:00
José Romildo Malaquias 78f176158c nixos/deepin: add deepin-anything service 2019-05-05 18:01:28 -03:00
José Romildo Malaquias 8ed9f9fedf nixos/deepin: add dde-dock dbus service 2019-05-05 17:37:46 -03:00
José Romildo Malaquias 9e9b96f073 nixos/deepin: install polkit local authority files in /etc 2019-05-05 17:14:42 -03:00
José Romildo Malaquias 9a1890cafb nixos/deepin: add deepin-screenshot dbus service 2019-05-05 17:14:42 -03:00
José Romildo Malaquias 65c6aff217 nixos/deepin: add deepin-image-viewer dbus service 2019-05-05 17:14:41 -03:00
José Romildo Malaquias f239997fde nixos/deepin: add dde-session-ui dbus service 2019-05-05 17:14:41 -03:00
José Romildo Malaquias 1294aaece6 nixos/deepin: add dde-calendar dbus service 2019-05-05 17:14:41 -03:00
José Romildo Malaquias 788b45fa13 nixos/deepin: add deepin-turbo systemd service 2019-05-05 17:14:41 -03:00
José Romildo Malaquias 77fa14725f nixos/deepin: move deepin-menu.nix into deepin.nix 2019-05-05 17:14:41 -03:00
José Romildo Malaquias 6121a8e3b5 nixos/deepin: fix the deepin-daemon user and group 2019-05-05 17:14:41 -03:00
José Romildo Malaquias 7c60ac71cf nixos/deepin: add dde-api services and user/group 2019-05-05 17:14:41 -03:00
José Romildo Malaquias 4fcaded92b nixos/deepin: rename dde-daemon module
The deepin module is used to set basic dbus and systedmd services, kernel modules,
groups and users needed by the Deepin Desktop Environment.
2019-05-05 17:14:41 -03:00
Michael Raskin 7770495cd7
Merge pull request #59148 from volth/gcc.arch.v3
compilation for particular x86_64 architecture
2019-05-05 19:12:12 +00:00
Will Dietz 45886612f0 networkmanager: network-online --wants--> NetworkManager-wait-online 2019-05-04 19:04:45 -05:00
Bas van Dijk 517c52ec2e
postgresql: always create the $out/bin directory
This is needed because some PostgreSQL plugins don't have a bin
directory. If only these plugins are listed in cfg.extraPlugins buildEnv
will turn $out/bin into a symbolic link to ${pg}/bin. Lateron we try to
rm $out/bin/{pg_config,postgres,pg_ctl} which will then fail because
$out/bin will be read-only.
2019-05-04 14:11:52 -05:00
Robert Schütz d280603bd1 nixos/home-assistant: account for introduction of manifest.json
The `availableComponents` now only contain a single attribute for
every integration.
2019-05-04 12:01:23 +02:00
Renaud 966ee252c2
Merge pull request #59367 from Ma27/fix-hostapd-interface-naming
nixos/hostapd: escape interface names for hostapd
2019-05-03 19:04:00 +02:00
Joachim F 5ad1e9f0bf
Merge pull request #60575 from dtzWill/feature/obfs4proxy
obfs4: init at 0.0.10, use in tor-browser-bundle's, tor service
2019-05-03 09:48:02 +00:00
Will Dietz 329df95958 vnstat: 2.1 -> 2.2
https://humdi.net/vnstat/CHANGES

* enable tests
* add hardening options from upstream's
  example service
* fix "documentation" setting in service:
  either needs to be `unitConfig.Documentation`
  (uppercase) or lowercase but not within unitConfig.
2019-05-03 01:47:57 -05:00
Elis Hirwing 6698c37fe1
Merge pull request #60630 from etu/drop-emby
emby: Drop package and module and refer to jellyfin
2019-05-03 07:58:30 +02:00
Silvan Mosberger bc5b262c9c
Merge pull request #60333 from azazel75/fix-grafana_reporter
grafana_reporter: Fix library function name
2019-05-03 06:29:09 +02:00
Silvan Mosberger be1ada3140
Merge pull request #60081 from Streetwalrus/nginx_stapling
nginx: use fullchain.pem for ssl_trusted_certificate
2019-05-03 06:28:38 +02:00
Hsiang-Cheng Yang e775587d63 softether: 4.25 -> 4.29 (#60665)
* softether: 4.25 -> 4.29

* softether_4_29: restrict to x86_64-linux
Does not build on aarch64 because of upstream "-m64" compile flag
2019-05-02 19:38:37 +02:00
Silvan Mosberger e3dfd6a8ad
Merge pull request #60543 from Infinisil/fix/znc-gen
nixos/znc: Fix config generator for certain null values
2019-05-02 18:23:10 +02:00
Silvan Mosberger a3e84ba63a
Merge pull request #55771 from Infinisil/nixos/znapzend/parallel
nixos/znapzend: Run znapzendzetup import in parallel
2019-05-02 18:22:44 +02:00
Alyssa Ross 7658c90f21
nixos/xserver: improve DM error message when X off
Previously, if you, for example, set
services.xserver.displayManager.sddm.enable, but forgot to set
services.xserver.enable, you would get an error message that looked like
this:

    error: attribute 'display-manager' missing

Which was not particularly helpful.

Using assertions, we can make this message much better.
2019-05-02 16:19:59 +00:00
Will Dietz f24f72e60b nixos tor: use obfs4proxy, make transport list customizable 2019-05-01 21:56:05 -05:00
Silvan Mosberger b6a6162919
Merge pull request #55422 from nand0p/ethminer
ethminer: init at 0.18.0-rc.0
2019-05-02 01:29:09 +02:00
Fernando J Pando 3325773754 nixos/ethminer: init
- Tested on NixOS
2019-05-01 17:20:26 -04:00
Silvan Mosberger c68124b5f0
Merge pull request #60097 from Mic92/openldap-rootpw-file
nixos/openldap: make rootpw option optional
2019-05-01 22:29:55 +02:00
Elis Hirwing 02cd2b00e7
emby: Drop package and module and refer to jellyfin 2019-05-01 17:47:32 +02:00
Silvan Mosberger a27dc9d3ab
nixos/znc: Fix config generator for certain null values
The type of ZNC's config option specifies that a configuration like

  config.User.paul = null;

should be valid, which is useful for clearing/disabling property sets
like Users and Networks. However until now the config generator
implementation didn't actually cover null values, meaning you'd get an
error like

  error: value is null while a set was expected, at /foo.nix:29:10

This fixes the implementation to correcly allow clearing of property
sets.
2019-05-01 00:06:11 +02:00
worldofpeace 7df410c6d4
Merge pull request #59630 from worldofpeace/setcap-gnome-keyring
gnome3.gnome-keyring: CAP_IPC_LOCK gnome-keyring-daemon
2019-04-30 13:17:03 -04:00
volth 5a2356cff1
nix.systemFeatures: minor refactor 2019-04-30 16:28:21 +00:00
volth 5ad79dc4bb compilation for particular x86_64 architecture 2019-04-30 14:28:04 +00:00
Frederik Rietdijk fd2bd6e433
Merge staging-next into master 2019-04-30 15:50:24 +02:00
Johan Thomsen 29bf511ef9 nixos/kubernetes: fix control-plane-online prestart dependency
The kubeconfig provided to the kubernetes-control-plane-online.service
is invalid. However, the apiserver /healthz endpoint can be accessed without auth so it's
simpler to just use curl for that.
2019-04-29 17:42:16 +02:00
Daniel Schaefer 786f02f7a4 treewide: Remove usage of isNull
isNull "is deprecated; just write e == null instead" says the Nix manual
2019-04-29 14:05:50 +02:00
Frederik Rietdijk 2f936f85d8 Merge master into staging-next 2019-04-29 13:46:20 +02:00
Joachim F e666cc4e7e
Merge pull request #60334 from bhipple/fix/doc-typo
nixos.grafana: fix docstring typo
2019-04-28 15:07:06 +00:00
Aaron Andersen 3fce35fde2
Merge pull request #59465 from minijackson/module-jellyfin 2019-04-28 10:21:35 -04:00
Michael Weiss 6852c080d8
nixos/sks: Fix another regression from ab5dcc7068
The two directories KDB and PTree do not exist before the SKS DB is
build for the first time. If /var/db/sks is empty and the module is
enabled via "services.sks.enable = true;" the following error will
occur:
...-unit-script-sks-db-pre-start[xxx]:
ln: failed to create symbolic link 'KDB/DB_CONFIG': No such file or directory

To avoid this both links have to be created after the DB is build.
Note: Creating the directories manually might be better but the initial
build might be skipped as a result:
unit-script-sks-db-pre-start[xxxxx]: KeyDB directory already exists.  Exiting.
unit-script-sks-db-pre-start[xxxxx]: PTree directory already exists.  Exiting.
2019-04-28 14:45:21 +02:00
Minijackson eb8dac2fcd
nixos/jellyfin: init 2019-04-28 11:03:50 +02:00
elseym 5fb48557f5
documize-module: refactor and add more options 2019-04-28 07:45:17 +02:00
Silvan Mosberger 77fb90d27e
Merge pull request #59731 from ajs124/ejabberd_test
ejabberd: refactor module, add test
2019-04-27 23:36:52 +02:00
Michael Weiss 753e1e0bab
nixos/sks: Fix the module (the pre-start script was broken)
Unfortunately the changes in ab5dcc7068
introduced a typo (took me a while to spot that...) that broke the
whole module (or at least the sks-db systemd unit).

The systemd unit was failing with the following error message:
...-unit-script-sks-db-pre-start[xxx]: KDB/DB_CONFIG exists but is not a symlink.
2019-04-27 19:19:27 +02:00
Sarah Brofeldt 22348f951c
Merge pull request #60197 from etu/patch-gitea-generated-config
nixos/gitea: Don't include not needed database options depending on type
2019-04-27 19:16:33 +02:00
Benjamin Hipple d084937fe7 nixos.grafana: fix docstring typo 2019-04-27 13:09:48 -04:00
Alberto Berti 47f62b4821 grafana_reporter: Fix library function name 2019-04-27 19:09:06 +02:00
Florian Klink 033882e0b7
Merge pull request #60019 from aanderse/nzbget
nzbget: fix broken service, as well as some improvements
2019-04-27 18:26:50 +02:00
Aaron Andersen 8d64ec7a17
Merge pull request #59424 from florianjacob/journalwatch
journalwatch: fix broken package, general maintenance
2019-04-27 10:58:45 -04:00
Lassulus 9cda3faecd
Merge pull request #53444 from wedens/earlyoom-notifications
nixos/earlyoom: add notificationsCommand option
2019-04-27 21:34:37 +09:00
Matthieu Coudron 03fb00d565
Merge pull request #60223 from Ma27/write-i3cfg-to-etc
nixos/window-managers/i3: write config file to `/etc/i3/config`
2019-04-27 18:46:57 +09:00
Lassulus 21fe4fd176
Merge pull request #58181 from fgaz/nixos/zeronet/fix1
nixos/zeronet: add fileserverPort option
2019-04-27 15:45:30 +09:00
Frederik Rietdijk 883232c00d Merge master into staging-next 2019-04-27 07:01:38 +02:00
Maximilian Bosch a1ffabe4de
nixos/window-managers/i3: write config file to /etc/i3/config
The default config of i3 provides a key binding to reload, so changes
take effect immediately:

```
bindsym $mod+Shift+c reload
```

Unfortunately the current module uses the store path of the `configFile`
option. So when I change the config in NixOS, a store path will be
created, but the current i3 process will continue to use the old one,
hence a restart of i3 is required currently.

This change links the config to `/etc/i3/config` and alters the X
startup script accordingly so after each rebuild, the config can be
reloaded.
2019-04-26 21:12:52 +02:00
Peter Hoeg eb6ce1c8a9
Merge pull request #60146 from peterhoeg/f/packagekit
nixos/packagekit: make it not error out + test
2019-04-26 14:19:46 +08:00
Aaron Andersen 5b76046db3 nixos/nzbget: fix broken service, add a nixos test, as well as some general improvements 2019-04-25 20:28:39 -04:00
Linus Heckemann d4cd164082 nixos/tinc: remove ordering dependency on network.target
This allows configuring IP addresses on a tinc interface using
networking.interfaces."tinc.${n}".ipv[46].addresses.

Previously, this would fail with timeouts, because of the dependency
chain
tinc.${netname}.service
--after--> network.target
--after--> network-addresses-tinc.${n}.service (and network-link-…)
--after--> sys-subsystem-net-devices-tinc.${n}.device

But the network interface doesn't exist until tinc creates it! So
systemd waits in vain for the interface to appear, and by then the
network-addresses-* and network-link-* units have failed. This leads
to the network link not being brought up and the network addresses not
being assigned, which in turn stops tinc from actually working.
2019-04-25 22:54:11 +02:00
Elis Hirwing 71450b1c1a
nixos/gitea: Don't include not needed database options depending on type
This was discovered in https://github.com/NixOS/nixpkgs/pull/60014
2019-04-25 08:30:14 +02:00
Florian Jacob e916cdf02d nixos/journalwatch: permissionsStartOnly is deprecated
See #53852 for details,
related to the efforts in #56265
2019-04-24 21:26:29 +02:00
Graham Christensen 857069293d
Merge pull request #56565 from andrew-d/adunham/plex-fhs
plex: rewrite to use FHS userenv
2019-04-24 15:00:30 -04:00
Robin Gloster b2c1ed6355
Merge pull request #53043 from exi/wg-quick
nixos/modules/networking/wg-quick Add wg-quick options support
2019-04-24 17:16:32 +00:00
Frederik Rietdijk 0a7bcb3b03 Merge staging into staging-next 2019-04-24 18:38:11 +02:00
Peter Hoeg 1bc408ec3a nixos/packagekit: make it not error out and use upstream systemd unit 2019-04-24 22:31:36 +08:00
Maximilian Bosch 28a95c4f7f
Merge pull request #60138 from grahamc/wireguard-generate-key
wireguard: add generatePrivateKeyFile option + test
2019-04-24 16:00:34 +02:00
Graham Christensen 06c83a14e1
Wrap 'wg' commands in <command> 2019-04-24 07:46:01 -04:00
Graham Christensen f57fc6c881
wireguard: add generatePrivateKeyFile option + test
Ideally, private keys never leave the host they're generated on - like
SSH. Setting generatePrivateKeyFile to true causes the PK to be
generate automatically.
2019-04-24 07:46:01 -04:00
Andrew Dunham 9f7f367bf5 plex: rewrite to use FHS userenv 2019-04-23 20:19:33 -07:00
Matthew Bauer 84d00355e8 Merge remote-tracking branch 'NixOS/master' into staging 2019-04-23 22:00:42 -04:00
Silvan Mosberger 508fd8f133
Merge pull request #55413 from msteen/bitwarden_rs
bitwarden_rs: init at 1.8.0
2019-04-24 00:25:08 +02:00
Matthijs Steen ef1a43030b nixos/bitwarden_rs: init 2019-04-23 23:46:57 +02:00
Silvan Mosberger ca37c23f91
Merge pull request #58096 from pacien/tedicross-init
tedicross: init at 0.8.7
2019-04-23 23:14:22 +02:00
pacien d3423dd5c2 nixos/tedicross: add module 2019-04-23 22:52:23 +02:00
Jörg Thalheim d43dc68db3
nixos/openldap: make rootpw option optional
This allows to store passwords in external files outside of the world-readable
nix store.
2019-04-23 16:35:33 +01:00
Janne Heß 5fbf306760 nixos/icingaweb2: Fix environment.etc assignment 2019-04-23 14:04:40 +02:00
ajs124 3e32e150cb nixos/ejabberd: migrate to tmpfiles, drop runit 2019-04-23 14:00:49 +02:00
Dan Elkouby 83c9b6ee39 nginx: use fullchain.pem for ssl_trusted_certificate
Some ACME clients do not generate full.pem, which is the same as
fullchain.pem + the certificate key (key.pem), which is not necessary
for verifying OCSP staples.
2019-04-23 12:33:19 +03:00
markuskowa d0e70ac2d3
Merge pull request #60010 from JohnAZoidberg/https-urls
HTTPS urls
2019-04-22 23:37:07 +02:00
Daniel Schaefer 92cccb6f83 treewide: Use HTTPS for readthedocs URLs 2019-04-22 20:46:18 +02:00
Aaron Andersen c3f69d1373
Merge pull request #59381 from aanderse/automysqlbackup
automysqlinit: init at 3.0_rc6
2019-04-22 08:30:23 -04:00
mlvzk 113bb0a7e9 nixos/display-managers/startx: fix typos for startx option description
`~/.xinintrc` => `~/.xinitrc`
`autmatically` => `automatically`
2019-04-21 07:46:37 +00:00
Léo Gaspard 451961ead2
Merge pull request #59880 from florianjacob/matrix-synapse-identity-servers
nixos/matrix-synapse: correct trusted_third_party_id_servers default
2019-04-21 02:41:21 +02:00
Matthew Bauer 799fa4d404 Merge remote-tracking branch 'origin/master' into staging 2019-04-20 19:31:35 -04:00
Aaron Andersen 4a11ce7f26
cleanup redundant text in modules utilizing mkEnableOption
Closes #59911
2019-04-20 14:44:02 +02:00
Reno Reckling abf60791e2 nixos/modules/networking/wg-quick Add wg-quick options support
This is an implementation of wireguard support using wg-quick config
generation.

This seems preferrable to the existing wireguard support because
it handles many more routing and resolvconf edge cases than the
current wireguard support.

It also includes work-arounds to make key files work.

This has one quirk:
We need to set reverse path checking in the firewall to false because
it interferes with the way wg-quick sets up its routing.
2019-04-20 14:02:54 +02:00
Aaron Andersen e5b583bef4 nixos/httpd: cleanup old apache2.2 syntax 2019-04-20 07:32:55 -04:00
Jan Tojnar d3259ed673
Merge branch 'master' into staging 2019-04-20 12:49:01 +02:00
Florian Jacob 34aa25b8dc nixos/matrix-synapse: correct trusted_third_party_id_servers default
the servers are equivalent and synchronized, but Riot defaults to use vector.im
Source: https://github.com/matrix-org/synapse/blob/v0.99.3/docs/sample_config.yaml#L701
2019-04-19 11:54:06 +02:00
Aaron Andersen 3464b50c61
Merge pull request #59389 from aanderse/issue/53853-1
replace deprecated usage of PermissionsStartOnly (part 1)
2019-04-18 20:46:28 -04:00
markuskowa dac0051e60
Merge pull request #59188 from gnidorah/maxx
maxx: 1.1.0 -> 2.0.1
2019-04-18 21:48:01 +02:00
Bas van Dijk cccc7a93d2
Merge pull request #59828 from basvandijk/prometheus-refactoring
nixos/prometheus: refactored & added more missing options
2019-04-18 13:43:53 +02:00
Bas van Dijk cdd82681b3 nixos/prometheus: add more missing options 2019-04-18 12:53:13 +02:00
Bas van Dijk 285fd3c05a nixos/prometheus: abstract over optional option creation 2019-04-18 11:55:43 +02:00
Frederik Rietdijk 2346182c2c Merge staging-next into staging 2019-04-18 08:26:30 +02:00
worldofpeace 7abeda982a gnome3.gsettings-desktop-schemas -> gsettings-desktop-schemas
gnome3.pomodoro is left out because I don't want to create a conflict.
2019-04-17 13:39:23 -04:00
Robin Gloster b278cd86e1
Merge branch 'master' into kube-apiserver-preferred-address-types 2019-04-17 16:40:06 +00:00
Robin Gloster 44afc81af1
Merge pull request #57693 from mayflower/kube-apiserver-proxy-client-certs
nixos/kubernetes: Add proxy client certs to apiserver
2019-04-17 16:38:51 +00:00
Robin Gloster 7dc6e77bc2
Merge pull request #56789 from mayflower/upstream-k8s-refactor
nixos/kubernetes: stabilize cluster deployment/startup across machines
2019-04-17 16:37:58 +00:00
Bas van Dijk 55ef5d4246 nixos/prometheus: set optional attributes to type types.nullOr
This makes sure that when a user hasn't set a Prometheus option it
won't show up in the prometheus.yml configuration file. This results
in smaller and easier to understand configuration files.
2019-04-17 14:49:09 +02:00
Bas van Dijk 57e5b75f9c nixos/prometheus: filter out the _module attr in a central place
We previously filtered out the `_module` attribute in a NixOS
configuration by filtering it using the option's `apply` function.

This meant that every option that had a submodule type needed to have
this apply function. Adding this function is easy to forget thus this
mechanism is error prone.

We now recursively filter out the `_module` attributes at the place we
construct the Prometheus configuration file. Since we now do the filtering
centrally we don't have to do it per option making it less prone to errors.
2019-04-17 14:08:16 +02:00
Bas van Dijk a913d0891c nixos/prometheus: filter out empty srcape_configs attributes
This results in a smaller prometheus.yml config file.

It also allows us to use the same options for both prometheus-1 and
prometheus-2 since the new options for prometheus-2 default to null
and will be filtered out if they are not set.
2019-04-16 16:06:11 +02:00
Bas van Dijk a23db5db08 nixos/prometheus: add new ec2_sd_config options for prometheus2 2019-04-16 16:04:33 +02:00
Andrew Childs ad7e232f88 nixos/prometheus: add ec2_sd_configs section to scrape_configs 2019-04-16 13:43:52 +02:00
Bas van Dijk d1940beb3a nixos/prometheus/pushgateway: add module and test 2019-04-16 08:09:38 +02:00
Aaron Andersen 5f4df8e509 automysqlinit: init at 3.0_rc6 2019-04-15 21:51:55 -04:00
worldofpeace 2d6247a414 gnome3.gnome-keyring: CAP_IPC_LOCK gnome-keyring-daemon
From gkd-capability.c:

This program needs the CAP_IPC_LOCK posix capability.
We want to allow either setuid root or file system based capabilies
to work. If file system based capabilities, this is a no-op unless
the root user is running the program. In that case we just drop
capabilities down to IPC_LOCK. If we are setuid root, then change to the
invoking user retaining just the IPC_LOCK capability. The application
is aborted if for any reason we are unable to drop privileges.
2019-04-15 14:59:56 -04:00
worldofpeace 27ac8cb2c4
Merge pull request #59185 from worldofpeace/glib-networking
nixos/glib-networking: init
2019-04-15 13:17:58 -04:00
worldofpeace 7802b18958 nixos/pantheon: use glib-networking module 2019-04-15 13:11:58 -04:00
worldofpeace b0e9f85f47 nixos/glib-networking: init
Note that we were previously didn't have glib-networking
in systemd.packages so the PacRunner was non-functional.
2019-04-15 13:04:06 -04:00
adisbladis 9a176d669a
nixos/tox-node: Add descriptions to module options.
Missing these broke the tarball build
https://hydra.nixos.org/build/92258938/nixlog/1
2019-04-15 17:11:10 +01:00
José Romildo Malaquias c32b50a5f7
Merge pull request #59520 from romildo/upd.deepin.deepin-daemon
nixos/dde-daemon: init
2019-04-15 10:30:51 -03:00
adisbladis 4b4caa9413
Merge pull request #59368 from suhr/tox-node
nixos/tox-node: init
2019-04-15 12:28:27 +03:00
adisbladis 454aa43213
nixos/tox-node: Dont hardcode bootstrap nodes
Get these from upstream tox-node package instead.
This is likely to cause less maintenance overhead over time and
following upstream bootstrap node changes is automated.
2019-04-15 09:27:32 +01:00
Сухарик 6cb40f7b0b
nixos/tox-node: init 2019-04-15 09:27:27 +01:00
Bas van Dijk e5724e8e66
Merge pull request #59514 from basvandijk/elk-7.0.0
elk7: init at 7.0.0
2019-04-15 07:05:13 +02:00
José Romildo Malaquias 46a4e92d92 nixos/deepin-daemon: init 2019-04-14 21:47:45 -03:00
Bas van Dijk 13352f28d2 elk7: init at 7.0.0
This adds the following new packages:

+ elasticsearch7
+ elasticsearch7-oss
+ logstash7
+ logstash7-oss
+ kibana7
+ kibana7-oss
+ filebeat7
+ heartbeat7
+ metricbeat7
+ packetbeat7
+ journalbeat7

The default major version of the ELK stack stays at 6. We should
probably set it to 7 in a next commit.
2019-04-14 21:39:46 +02:00
Silvan Mosberger a63c182d53
Merge pull request #59315 from Infinisil/znc-docs-url
nixos/znc: Fix URL XML for config option
2019-04-14 17:33:49 +02:00
worldofpeace 6846d4ab85 nixos/fprintd: use systemd.packages
Upstream has a systemd service.
2019-04-14 10:19:57 -04:00
worldofpeace 4616b4ec85
Merge pull request #21860 from e-user/bugfix/upstream/gnome-pam
nixos/gdm: use provided PAM login configuration wherever possible
2019-04-14 09:52:17 -04:00
Alexander Kahl 5b9895b1a0 nixos/gdm: use provided PAM login configuration wherever possible
Fixes #21859
2019-04-14 09:49:01 -04:00
worldofpeace c9a925d82b
Merge pull request #59433 from romildo/upd.deepin.deepin-menu
nixos/deepin-menu: init
2019-04-14 09:18:15 -04:00
José Romildo Malaquias 9e99eed443 nixos/deepin-menu: init 2019-04-14 10:00:44 -03:00
Sarah Brofeldt f839011719
Merge pull request #58512 from aanderse/solr
solr: init at 8.0.0
2019-04-14 11:16:28 +02:00
gnidorah 1a4072e90f maxx: 1.1.0 -> 2.0.1 2019-04-14 09:51:29 +03:00
Aaron Andersen 55ddb04a8a nixos/zookeeper: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:01 -04:00
Aaron Andersen a1c48c3f63 nixos/vault: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:01 -04:00
Aaron Andersen 053c9a7992 nixos/sonarr: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:01 -04:00
Aaron Andersen bb649d96b0 nixos/smokeping: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:00 -04:00
Aaron Andersen 484e896d7a nixos/radarr: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:00 -04:00
Aaron Andersen 021b287b84 nixos/peerflix: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:00 -04:00
Aaron Andersen 0672f867bc nixos/mysql-backup: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:00 -04:00
Aaron Andersen 89cbee4d3e nixos/mxisd: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:00 -04:00
Aaron Andersen cd46038ae5 nixos/jackett: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:59 -04:00
Aaron Andersen b7f376c01b nixos/ipfs: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:59 -04:00
Aaron Andersen b1be2f1584 nixos/influxdb: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:59 -04:00
Aaron Andersen 6ac630bad3 nixos/etcd: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:59 -04:00
Aaron Andersen 062efe018d nixos/couchdb: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:58 -04:00
Aaron Andersen 56c7960d66 nixos/codimd: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:58 -04:00
Aaron Andersen e51f86a018 nixos/clickhouse: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:58 -04:00
Aaron Andersen e5d8ba59cc nixos/traefik: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:58 -04:00
Aaron Andersen cefbee3edc nixos/syncthing: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:58 -04:00
Aaron Andersen 0113cc0de9 nixos/stanchion: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:57 -04:00
Aaron Andersen a585d29bfd nixos/rss2email: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:57 -04:00
Aaron Andersen 2ebbe3988b nixos/rabbitmq: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:57 -04:00
Aaron Andersen 7b2be9b328 nixos/postgresqlBackup: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:57 -04:00
Aaron Andersen 64fdacc580 nixos/nullmailer: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:57 -04:00
Aaron Andersen a6bbc55ae1 nixos/nexus: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:56 -04:00
Aaron Andersen 7808202b38 nixos/munge: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:56 -04:00
Aaron Andersen 919c87a106 nixos/mpd: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:56 -04:00
Aaron Andersen 8c48c55c2d nixos/minio: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:56 -04:00
Aaron Andersen 89081eef5d nixos/mesos: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:56 -04:00
Aaron Andersen 2f50cd06dc nixos/memcached: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:55 -04:00
Aaron Andersen 5f9a639f69 nixos/liquidsoap: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:55 -04:00
Aaron Andersen 8fe1c5b30f nixos/lidarr: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:55 -04:00
Aaron Andersen 09af9fcd34 nixos/collectd: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:55 -04:00
markuskowa 7d363d46ba
Merge pull request #59362 from matthiasbeyer/ympd-port-int
ympd service: Allow webPort to be int
2019-04-12 20:59:13 +02:00
Maximilian Bosch f975bbae11
nixos/hostapd: escape interface names for hostapd
Same problem as described in acbadcdbba.

When using multiple interfaces for wifi with `networking.wlanInterfaces`
and the interface for `hostapd` contains a dash, this will fail as
systemd escapes dashes in its device names.
2019-04-12 19:27:19 +02:00
Matthias Beyer 31884f788e ympd service: Allow webPort to be int
Signed-off-by: Matthias Beyer <mail@beyermatthias.de>
2019-04-12 18:17:10 +02:00
Silvan Mosberger 92ae299998
Merge pull request #59081 from Yarny0/hylafax-updates
HylaFAX: fix ModemGroup, also minor metadata updates
2019-04-12 16:30:46 +02:00
Bas van Dijk 08b277e0da
Merge pull request #56017 from elohmeier/prom-tls
prometheus: add tls_config
2019-04-12 12:57:54 +02:00
Joachim F 5dafbb2cb1
Merge pull request #56719 from bricewge/miniflux-service
miniflux: add service
2019-04-12 09:57:30 +00:00
Yarny0 e57156bcaa nixos/hylafax: fix faxq ModemGroup setting
The manpage claims that the "limit" in the setting::
  <name>:[<limit>:]<regex>
is optional and defaults to zero, implying no limit.
However, tests confirmed that it actually isn't optional.

Without limit, the setting ``any:.*`` places
outbound jobs on infinite hold if no particular
modem was specified on the sendfax command line.
The new default value ``any:0:.*`` from
this commit uses any available modem to
send jobs if not modem was given to sendfax.
2019-04-12 11:11:49 +02:00
Yarny0 1438f7b664 nixos/hylafax: add 'yarny' (= myself) as maintainer
I forgot to do this when I submitted this module with
commit 12fa95f2d6.
2019-04-12 11:11:48 +02:00
Silvan Mosberger 2d1fa68c83
Merge pull request #59044 from teto/strongswan_path
strongswan module: use strings for secrets.
2019-04-11 22:51:24 +02:00
Enno Lohmeier da7aeb1b7d prometheus: add tls_config 2019-04-11 20:34:31 +02:00
Silvan Mosberger b8dc0f9a5b
nixos/znc: Fix URL XML for config option 2019-04-11 16:59:19 +02:00
Frederik Rietdijk 230c67f43b Merge master into staging-next 2019-04-11 07:50:23 +02:00
Ryan Mulligan 0960fc72b7
Merge pull request #49868 from jfrankenau/fix-triggerhappy
nixos/triggerhappy: add option user
2019-04-10 20:56:19 -07:00
Matthieu Coudron 08b8c6caf2 nixos/strongswan: use strings for secrets.
The nixos module artifically enforces type.path whereas the ipsec secret configuration files
accept pattern or relative paths.
Enforcing absolute paths already caused problems with l2tp vpn:
https://github.com/nm-l2tp/NetworkManager-l2tp/issues/108
2019-04-11 11:44:49 +09:00
Aaron Andersen ee7565af9d solr: init at 8.0.0 2019-04-10 20:12:41 -04:00
Bas van Dijk cd4486ecc3 nixos/prometheus/alertmanager: use DynamicUser instead of nobody
See issue #55370
2019-04-10 20:38:40 +02:00
Bas van Dijk 739bdff4a4 nixos/prometheus/alertmanager: use ExecStart instead of script
This results in a simpler service unit which doesn't first have to
start a shell:

  > cat /nix/store/s95nsr8zbkblklanqpkiap49mkwbaq45-unit-alertmanager.service/alertmanager.service
  ...
  ExecStart=/nix/store/4g784lwcy7kp69hg0z2hfwkhjp2914lr-alertmanager-0.16.2-bin/bin/alertmanager \
    --config.file /nix/store/p2c7fyi2jkkwq04z2flk84q4wyj2ggry-checked-config \
    --web.listen-address [::1]:9093 \
    --log.level warn
  ...
2019-04-10 15:03:09 +02:00
Linus Heckemann 4557373d68
Merge pull request #58858 from worldofpeace/pantheon/lightdm-gtk-greeter
nixos/pantheon: enable lightdm gtk greeter
2019-04-10 09:36:20 +02:00
Robin Gloster f370553f8f
Merge pull request #58804 from Ma27/roundcube-fixes
roundcube: minor fixes
2019-04-09 18:30:00 +00:00
Frederik Rietdijk d108b49168 Merge master into staging-next 2019-04-09 16:38:35 +02:00
Bas van Dijk 2f2e2971d6
Merge pull request #58255 from jbgi/prometheus2
Add Prometheus 2 service in parallel with 1.x version (continuation)
2019-04-09 14:14:18 +02:00