3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

1909 commits

Author SHA1 Message Date
Ricardo M. Correia a11dc2f0a3 grsecurity: Add denyUSB option to grsec NixOS module
The option had been added to the grsec build-support code,
but it hadn't been added to the grsec module.

After this commit, grsec module users will be able to change
the default value. It also serves to document that this option
exists and that NixOS will disable it by default.
2015-01-20 19:18:06 +01:00
Joachim Fasting 7023e03d77 firewall service: fix pingLimit example value
The example uses single dashes, whereas iptables requires double dashes.
2015-01-20 08:47:11 +01:00
lethalman d957d9e6bc Merge pull request #5517 from paraseba/bumblebee
Bumblebee config to enable multiple monitors
2015-01-19 15:00:11 +01:00
wmertens d3383e4879 Merge pull request #4394 from wmertens/patch-6
setup-etc.pl: Fail when symlink/rename fails
2015-01-19 12:39:41 +01:00
lethalman 9cd9264ef3 Merge pull request #5849 from robberer/systemd/restartassert
systemd: extend checkUnitConfig with on-abnormal
2015-01-19 11:48:48 +01:00
Longrin Wischnewski 4b0100774a systemd: extend checkUnitConfig with on-abnormal 2015-01-19 11:41:18 +01:00
Andrey Arapov 04be7262a6 nixos/dovecot: added configFile option and default Restart on-failure, PR #5845
Absolute path is required when one has such postfix configuration
where he/she needs to specify the actual (real) path to active dovecot
config.

Without this commit applied, the dovecot is running in such way:
/nix/store/hashAAA-dovecot-ver/sbin/dovecot -F -c /nix/store/hashBBB-dovecot2.conf

and postfix can't be aware of the value of "hashBBB" via services.postfix.extraConfig = '' ... '';
(it can only be aware of "hashAAA" with ${pkgs.dovecot} parameter)

Also enable Restart on-failure.

Edit: set RestartSec to 1s
2015-01-19 11:05:56 +01:00
William A. Kennington III 130f66b683 nixos/sync-server: Respect the enable option 2015-01-18 14:21:40 -08:00
Domen Kožar 3b174a4024 Merge pull request #5301 from nbp/syncserver
Add Firefox Sync service
2015-01-18 17:47:51 +01:00
Nicolas B. Pierron 8196727fad Improve the documentation of the syncserver module. 2015-01-18 12:21:23 +01:00
Nicolas B. Pierron 0d13ea0131 Change default syncserver listen.port to a safer one. 2015-01-18 12:20:44 +01:00
Domen Kožar b92a62165d Merge pull request #5726 from spwhitt/zsh-command-not-found
command-not-found: Add ZSH Support
2015-01-17 18:15:35 +01:00
Damien Cassou a7024cb4b4 Create a nixos module for cups-browsed 2015-01-16 14:10:57 +01:00
Eelco Dolstra efa8fc2b0a Paranoia 2015-01-15 18:37:55 +01:00
Eelco Dolstra b9c4569b6b nixos-install: Create /root with 700 permission 2015-01-15 18:37:55 +01:00
Eelco Dolstra 3ca275d7ba NixOS containers: Create /root with 700 permission
Systemd-nspawn creates /root with 755 permission if it doesn't exist,
which is bad. So we have to create it ourselves before calling
systemd-nspawn.
2015-01-15 17:51:43 +01:00
Eelco Dolstra 24ce7ff3ea test-instrumentation.nix: Prevent calling a pager 2015-01-15 14:39:29 +01:00
Edward Tjörnhammar 837cfbb9ea nixos: adding nylon service with uid,gid 2015-01-14 22:08:47 +01:00
William A. Kennington III 8e5ef7da54 nixos/network-interfaces: Fix rstp support 2015-01-14 10:34:28 -08:00
Luca Bruno 804a958663 pam: add pam_wheel 2015-01-14 18:32:08 +01:00
Luca Bruno 2beb43174f nixos-rebuild: use reload-or-restart for dbus. Closes #5767
Now that dbus reload has been moved before restarting units,
the reload may fail if dbus has been stopped before.
The reload-or-restart will reload dbus if it's active,
otherwise start it.
2015-01-14 16:08:47 +01:00
Rob Vermaas df7923fa82 Merge pull request #5515 from oconnorr/master
GCE updates to ntp server and to fetch all ssh keys
2015-01-14 13:19:38 +01:00
Matej Cotman 4e6efec4b4 enlightenment: fix media preview 2015-01-13 14:56:35 +01:00
mokasin dd6dfde575 Add auto-start option to containers. 2015-01-12 18:26:22 +01:00
Spencer Whitt 6cba6dc61b command-not-found: Add ZSH Support 2015-01-12 03:45:48 -05:00
Vladimír Čunát 72d2d59cd4 /etc/ssh/ssh_known_hosts: refactor and fix #5612
Generating the file was refactored to be completely in nix.
Functionally it should create the same content as before,
only adding the newlines.

CC recent updaters: @aszlig, @rickynils.
2015-01-11 22:14:25 +01:00
Peter Simons 43bae26b33 Merge pull request #5627 from oxij/update-postfix
postfix: make 2.11 the default, nixos: update postfix config for 2.11
2015-01-11 11:28:31 +01:00
Arseniy Seroka 4f596fb93f Revert "zsh: profile-relative functions path"
This reverts commit 766207ca1d.

We need to solve the problem with `environment.profileRelativeEnvVars`.
The best workaround is to make profileRelativeEnvVars prepend paths.
2015-01-10 22:11:13 +03:00
Shea Levy cca8bae86e Merge branch 'rngd-fix' of git://github.com/abbradar/nixpkgs 2015-01-08 09:36:29 -05:00
lethalman 908c47b281 Merge pull request #5550 from abbradar/fprintd
add fprintd support
2015-01-08 14:58:22 +01:00
William A. Kennington III dd7efcbf36 java: More default cleanups 2015-01-07 14:55:41 -08:00
William A. Kennington III c82410eeda java: Normalize to the default jre / jdk 2015-01-07 14:55:41 -08:00
William A. Kennington III 9a7766e054 nixos/network-interfaces: Add mstpd support for bridges 2015-01-07 14:49:24 -08:00
Peter Simons 24f5b2a1a0 Merge pull request #5619 from oxij/various-changes-2
Various (hopefully) small changes
2015-01-07 16:59:10 +01:00
Jan Malakhovski 265c1c1472 postfix: make 2.11 the default, nixos: update postfix config for 2.11
postfix 2.11 is much more humane with respect to disk writes since it uses
sockets (which do not change inodes on accesses) instead of fifos (which do).
2015-01-07 15:43:32 +00:00
Jan Malakhovski b6646f7ba7 nixos: make zsh use fcntl for locking history files by default
Without this zsh creates and then unlinks .lock files at each interactive
input line, which is inhumane with respect to disk.
2015-01-07 15:43:01 +00:00
j-keck 3ced0d94ac doc: use postgresql94
update postgresql module doc to use postgresql94 (was postgresql93)
2015-01-07 13:21:18 +01:00
William A. Kennington III 20d2092ff8 nixos/base: Add efi management utilities 2015-01-07 01:52:47 -08:00
Russell O'Connor d1a58ef7c6 google-compute-image.nix: Try to download all SSH host keys from metadata server. 2015-01-06 12:06:54 -05:00
Nikolay Amiantov dbc0395b2b nixos/rngd: some fixes 2015-01-06 17:27:07 +03:00
Russell O'Connor 3251948029 Generate SSH host public key from the private key. 2015-01-05 15:20:55 -05:00
Russell O'Connor d1cbbff1e3 Call wget directly in fetch-ssh-keys service. 2015-01-05 15:20:55 -05:00
Russell O'Connor 6382e16014 google-compute-image.nix: unconditionally clean up /root/key.pub /root/authorized-keys-metadata 2015-01-05 15:18:02 -05:00
Russell O'Connor b19ab1f046 google-comute-image.nix: set umask 077 when downloading private keys from the metadata server. 2015-01-05 15:01:49 -05:00
Russell O'Connor e548a4330d google-compute-image.nix: use internal google NTP server. 2015-01-05 12:45:23 -05:00
Peter Simons ea94a6d653 nixos/modules/services/misc/nix-daemon.nix: document meaning of '0' for the buildCores attribute 2015-01-05 15:38:08 +01:00
Rob Vermaas c5caa853ec dd-agent: set SSL_CERT_FILE for dogstatsd.
(cherry picked from commit c67204dec2)
2015-01-05 13:15:22 +01:00
Eelco Dolstra ae7d79cd61 Fix some bad gids
Issue #3727.
2015-01-05 11:58:17 +01:00
Rob Vermaas ea9530b5c7 Fix GCE image build.
(cherry picked from commit 98af87cd4a)
2015-01-05 09:35:35 +01:00
William A. Kennington III 8ec82fcb18 nixos/samba: Allow package version setting 2015-01-03 21:45:16 -08:00