3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

7603 commits

Author SHA1 Message Date
Silvan Mosberger e463c7cd75
nixos/nix-daemon: Prevent network warning when checking config
Since version 2.3 (https://github.com/NixOS/nix/pull/2949 which was
cherry-picked to master) Nix issues a warning when --no-net wasn't
passed and there is no network interface. This commit adds the --no-net
flag to the nix.conf check such that no warning is issued.
2019-09-28 17:00:47 +02:00
Vladimír Čunát fda4a08d4a
Merge branch 'staging-next'
There are several security fixes - again, as it consists mainly of the
previously reverted staging-next merge.
2019-09-28 07:43:04 +02:00
worldofpeace 07ca91187c
Merge pull request #69706 from worldofpeace/gdm-isnt-unstable
nixos/gdm: update description
2019-09-27 18:40:18 -04:00
worldofpeace e4cce87fba nixos/gdm: update description
GDM isn't dangerous anymore in NixOS.
2019-09-27 17:42:39 -04:00
Vladimír Čunát 217cf982c7
Merge branch 'master' into staging-next 2019-09-27 22:13:02 +02:00
Joachim F ad773d31e2
Merge pull request #69345 from joachifm/feat/split-version
Replace uses of splitString for splitting version strings
2019-09-27 06:19:18 +00:00
worldofpeace 985697bff7
Merge pull request #66652 from craigem/clarify_wireless_examples
nixos/doc: Clarify wireless examples
2019-09-26 22:56:20 -04:00
Craige McWhirter cce7486deb nixos/doc: Clarify wireless examples
This commits makes it clearer to a novice reader how to configure several
diferent types of SSID connections that were otherwise obscurely documented

Resolves #66650
2019-09-26 22:52:21 -04:00
Joachim Fasting bad07dfac5
tree-wide: replace uses of splitString "." with lib.versions
Quoting from the splitString docstring:

   NOTE: this function is not performant and should never be used.

This replaces trivial uses of splitString for splitting version
strings with the (potentially builtin) splitVersion.
2019-09-26 17:42:49 +02:00
Peter Hoeg 8cc9d24fe1
Merge pull request #69387 from peterhoeg/f/optimise
nixos/nix-optimise: be smarter about when we run the store optimiser
2019-09-26 13:10:39 +08:00
Dmitry Kalinkin b3472597b7
Merge branch 'staging-next' into staging
Fixes eval on darwin after #69072

Tested using maintainers/scripts/eval-release.sh before and after to see
that the fix works
2019-09-25 19:31:32 -04:00
Dmitry Kalinkin c455adcc42
Merge branch 'master' into staging-next
Fixes eval on darwin after #69072

Resolved conflict in pkgs/tools/security/thc-hydra/default.nix
Basically had to revert a1c0e10564 which
adapts #69210 to master that doesn't yet have
329a88efa7

Tested using maintainers/scripts/eval-release.sh before and after to see
that the fix works
2019-09-25 19:21:46 -04:00
Daniel KT 4590a2380e nixos/nextcloud: add Strict-Transport-Security
This commit adds a Strict-Transport-Security header to
the nginx config file generated by the nextcloud module.

The Strict-Transport-Security header is recommended in
official guide for hardening Nextcloud installations:
https://docs.nextcloud.com/server/16/admin_manual/installation/harden_server.html

Further, if it is not set, we see a warning in the security scan results
in the Nextcloud admin panel:

```
The "Strict-Transport-Security" HTTP header is not set to at least "15552000" seconds. For enhanced security, it is recommended to enable HSTS as described in the security tips

```
2019-09-25 16:56:53 -04:00
Marek Mahut a28f136bdb
Merge pull request #69297 from aanderse/zabbix
nixos/zabbixServer: move pid file from default (/tmp) to /run/zabbix …
2019-09-25 20:35:50 +02:00
edef 429644bf4c nixos/rabbitmq: use an attrset for example configItems 2019-09-25 17:38:00 +00:00
markuskowa 389c287b90
Merge pull request #69398 from Evils-Devils/fancontrol
nixos/fancontrol: init
2019-09-25 18:34:16 +02:00
Evils-Devils 6765f049f2
Update nixos/modules/services/hardware/fancontrol.nix
Co-Authored-By: markuskowa <markus.kowalewski@gmail.com>
2019-09-25 17:31:20 +02:00
Evils-Devils 44e2ff26b8
Update nixos/modules/services/hardware/fancontrol.nix
Co-Authored-By: markuskowa <markus.kowalewski@gmail.com>
2019-09-25 17:24:49 +02:00
Evils 401b0b0c7b fancontrol: load config from configuration.nix 2019-09-25 17:05:09 +02:00
Evils-Devils 5fe72ee446
Update nixos/modules/services/hardware/fancontrol.nix
Co-Authored-By: markuskowa <markus.kowalewski@gmail.com>
2019-09-25 14:49:28 +02:00
Evils baa642e8b3 fancontrol: more cleanup 2019-09-25 14:42:22 +02:00
Markus Kowalewski 8b4ce06e63
nixos/orangefs: add modules for server and client 2019-09-25 14:17:08 +02:00
Evils 30f8bc974c update cfg to match section change 2019-09-25 13:43:06 +02:00
Evils-Devils 6c19673fef
Update nixos/modules/services/hardware/fancontrol.nix
Co-Authored-By: markuskowa <markus.kowalewski@gmail.com>
2019-09-25 13:28:16 +02:00
Evils 81b6dec3c8 fancontrol service init 2019-09-25 05:05:32 +02:00
Peter Hoeg 81cd220c67 nixos/pymks: log to journal 2019-09-25 06:33:34 +08:00
Peter Hoeg 4b34dd3120
Merge pull request #69300 from peterhoeg/f/ha2
nixos/home-assistant: set bluetooth perms
2019-09-25 04:49:31 +08:00
Janne Heß aa27c1c664 nixos/memcached: Switch to a system user 2019-09-24 20:10:19 +02:00
talyz 58a7502421 nixos/gitlab: Only create the database when databaseHost is unset
Make sure that we don't create a database if we're not going to
connect to it. Also, fix the assertion that usernames be equal to only
trig when peer authentication is used (databaseHost == "").
2019-09-24 15:04:20 +02:00
talyz ec958d46ac nixos/gitlab: Fix evaluation failure when postgresql is disabled
config.services.postgresql.package is only defined when the postgresql
service is activated, which means we fail to evaluate when
databaseCreateLocally == false. Fix this by using the default
postgresql package when the postgresql service is disabled.
2019-09-24 15:04:19 +02:00
Florian Klink e813eb2b65
nixos/gitlab: Update release notes and documentation (#69313)
nixos/gitlab: Update release notes and documentation
2019-09-24 13:00:35 +02:00
Vladimír Čunát 192fb9d11b
Merge branch 'staging-next' into staging 2019-09-24 08:15:01 +02:00
Vladimír Čunát eab41878ac
Merge branch 'master' into staging-next 2019-09-24 08:14:34 +02:00
Jörg Thalheim bfed455de3
Merge pull request #68946 from volth/escape
treewide: fix string escapes
2019-09-24 04:19:12 +01:00
Notkea 981177e4dd nixos/postgresql-wal-receiver: remove restart limit (#67857)
useful in case of network disruption
2019-09-23 22:51:26 +03:00
talyz dfc43f7d0a nixos/gitlab: Document the restriction introduced on statePath
The state path now, since the transition from initialization in
preStart to using systemd-tmpfiles, has the following restriction: no
parent directory can be owned by any other user than root or the user
specified in services.gitlab.user. This is a potentially breaking
change and the cause of the error isn't immediately obvious, so
document it both in the release notes and statePath description.
2019-09-23 17:55:58 +02:00
Peter Hoeg e537a0a11e home-assistant: set capabilities for bluetooth 2019-09-23 21:54:16 +08:00
Aaron Andersen 32a38d50bb nixos/zabbixServer: move pid file from default (/tmp) to /run/zabbix to avoid issues with PrivateTmp=true 2019-09-23 09:35:51 -04:00
Florian Klink 6262e83f5f
nixos/gitlab: Add gnutar and gzip to gitlab-sidekiq's path (#68908)
nixos/gitlab: Add gnutar and gzip to gitlab-sidekiq's path
2019-09-23 06:40:52 +02:00
Peter Hoeg 55509279a9
Merge pull request #69260 from volth/patch-369
nixos/mailcatcher: add bind capabilities
2019-09-23 11:27:32 +08:00
Peter Hoeg 423eb16913
Merge pull request #15560 from peterhoeg/nm_dnsdhcp
nixos/networkmanager: tiny cleanups
2019-09-23 10:16:32 +08:00
volth 6c038cd409
nixos/mailcatcher: add bind capabilities 2019-09-22 19:49:26 +00:00
Minijackson 367cd2c7f8
nixos/shiori: init with test 2019-09-22 18:48:07 +02:00
Jan Tojnar f2b9f5baa5
Merge branch 'staging-next' into staging 2019-09-22 16:39:56 +02:00
Jan Tojnar 11c2b06dd2
Merge branch 'master' into staging-next 2019-09-22 16:39:12 +02:00
Martin Milata 2adb03fdae nixos/wordpress: generate secrets locally
Use /dev/urandom to generate keys and salts instead of downloading them
from https://api.wordpress.org/secret-key/1.1/salt/
2019-09-22 14:33:08 +02:00
danbst e557ad74ac move from 19.09 to 20.03 2019-09-22 12:27:39 +03:00
Jörg Thalheim 8c7667c325
Enable work variant firewall with iptables-compat (#66953)
Enable work variant firewall with iptables-compat
2019-09-22 09:28:16 +01:00
Jörg Thalheim ffa80e75b7
nixos/firewall: rename iptables-compat to iptables-nftables-compat 2019-09-22 09:09:43 +01:00
Vladimír Čunát 6c567ed797
Merge branch 'staging-next' into staging 2019-09-22 10:06:45 +02:00
Vladimír Čunát 22a216849b
Re-Revert "Merge branch 'staging-next'"
This reverts commit f8a8fc6c7c.
2019-09-22 09:38:09 +02:00
Peter Hoeg 1c7aaf227c nixos/networkmanager: tiny cleanups
These are the leftovers of an older PR.

a. Send messages to auditd if auditing is enabled.
b. Add missing dbus configuration if dnsmasq is used for DNS
2019-09-22 13:33:43 +08:00
Mario Rodas 54433c443b
nixos/spotifyd: update spotifyd flags 2019-09-21 17:10:00 -05:00
Vladimír Čunát f8a8fc6c7c
Revert "Merge branch 'staging-next'"
This reverts commit 41af38f372, reversing
changes made to f0fec244ca.

Let's delay this.  We have some serious regressions.
2019-09-21 20:05:09 +02:00
Vladimír Čunát 41af38f372
Merge branch 'staging-next' 2019-09-21 13:14:09 +02:00
Elis Hirwing 89b0ef6589
Merge pull request #69195 from c0deaddict/fix/gitea-dump
nixos/gitea: fix dump
2019-09-21 10:02:41 +02:00
Jos van Bakel 86b83f37b8
nixos/gitea: fix dump 2019-09-21 09:28:53 +02:00
danbst fb863fceea nixos/postgresql: switch default 9.6 -> 11
This is designed for 19.09 release.
2019-09-21 10:18:56 +03:00
yvt 832ede6514 nixos/do-agent: init 2019-09-21 13:16:25 +09:00
Matthew Bauer d8b7b95ac6 Merge remote-tracking branch 'origin/master' into staging 2019-09-20 23:25:24 -04:00
worldofpeace 1e6f4fb2bc
Merge pull request #68983 from worldofpeace/xfce-cleanup
Touchups for nixos/xfce4-14 for 19.09
2019-09-19 13:25:03 -04:00
Eelco Dolstra b0ccd6dd16
Revert "nixos/doc: re-format"
This reverts commit ea6e8775bd. The new
format is not an improvement.
2019-09-19 19:17:30 +02:00
Frederik Rietdijk f81d43b94c Merge staging-next into staging 2019-09-19 17:00:07 +02:00
Frederik Rietdijk 0b12d44c06 Merge master into staging-next 2019-09-19 16:59:42 +02:00
Alex Rice cf56cefd95
xterm: Set default to xserver.enable 2019-09-19 12:27:05 +01:00
Marek Mahut 0358bc174b nixos/jormungandr: moving to a new section topics_of_interest 2019-09-19 10:51:59 +02:00
Jan Tojnar 0902f08e0d
Merge branch 'staging-next' into staging 2019-09-18 22:40:42 +02:00
Jan Tojnar 105abdd52c
Merge branch 'master' into staging-next 2019-09-18 22:40:03 +02:00
Jan Tojnar ea6e8775bd
nixos/doc: re-format 2019-09-18 22:13:35 +02:00
Jan Tojnar f5ef80b46d
Merge branch 'staging-next' into staging 2019-09-18 21:16:01 +02:00
Jan Tojnar 62791c3743
Merge branch 'master' into staging-next 2019-09-18 21:15:35 +02:00
worldofpeace 760b677c19
Merge pull request #68729 from worldofpeace/elementary-greeter/master
nixos/pantheon: use Pantheon's greeter
2019-09-18 11:16:21 -04:00
worldofpeace ee29fbd9a2
Merge pull request #68492 from worldofpeace/pam-sessionvariables
Introduce environment.profileRelativeSessionVariables
2019-09-18 11:15:26 -04:00
worldofpeace cc125810cb nixos/environment: set GTK_DATA_PREFIX
Many desktop environment modules are already setting
this so it already makes sense to just do this globally.
2019-09-18 11:13:43 -04:00
worldofpeace 5669b06235 lightdm-mini-greeter: put xgreeters in passthru 2019-09-18 11:13:43 -04:00
worldofpeace b558eb8329 nixos/lightdm-gtk-greeter: don't wrap in module 2019-09-18 11:13:43 -04:00
worldofpeace 7814a2f566 nixos/enso-os: don't wrap in module 2019-09-18 11:13:42 -04:00
worldofpeace feab607ae5 nixos/sddm: don't set XDG_DATA_DIRS
environment.profileRelativeSessionVariables should make this unneeded.
2019-09-18 11:13:42 -04:00
worldofpeace 453036c8a7 nixos/gdm: don't set XCURSOR_PATH 2019-09-18 11:13:42 -04:00
Robert Helgesson 866cc3e792 nixos/system-environment: introduce environment.profileRelativeSessionVariables
There is a need for having sessionVariables set relative to the Nix Profiles.
Such as in #68383.
2019-09-18 11:09:43 -04:00
worldofpeace e2644036f6 fprintd: 0.8.1 -> 0.9.0
Resolves issues with StateDirectory not being set in
systemd unit.

https://gitlab.freedesktop.org/libfprint/fprintd/-/tags/V_0_9_0
2019-09-17 20:15:57 -04:00
worldofpeace 0b73294d60 fixup! nixos/xfce4-14: cleanup defaults slightly 2019-09-17 19:49:18 -04:00
worldofpeace f6398d8ba2 nixos/xfce4-14: cleanup defaults slightly
We added
- parole
- pavucontrol
- xfce4-taskmanager
- xfwm4-themes

to the default packages.
2019-09-17 17:05:39 -04:00
worldofpeace f85e126f8c nixos/xfce4-14: add gnome-themes-extra 2019-09-17 17:05:39 -04:00
worldofpeace 5bcec7642f nixos/xfce4-14: remove gtk-xfce-engine
Xfce 4.14 deprecated this.
It had many gtk2 themes that don't work that confused users #68977.
2019-09-17 17:05:39 -04:00
Alex Whitt f01224374d nixos/jenkins: Copy plugins as .jpi to fix initialization errors 2019-09-17 19:54:57 +02:00
Antoine R. Dumont (@ardumont) 35fe50352f nixos/minidlna: Allow more configuration options
This commits allows the user to configure:
- more minidlna options
- the ones not yet disclosed in nix (extending the existing minimal subset)
2019-09-17 19:51:33 +02:00
talyz aceac9d531 nixos/gitlab: Add gnutar and gzip to gitlab-sidekiq's path
Tar and gzip are needed when importing GitLab project exports.
2019-09-17 09:27:16 +02:00
volth 48086fbd70
nixos/matomo: fix escape 2019-09-17 00:27:13 +00:00
volth 432a2d73be
nixos/tt-rss: fix string escape 2019-09-17 00:23:51 +00:00
volth 4641b683f6
nixos/restya-board: fix string escape 2019-09-17 00:22:56 +00:00
volth 08195254aa
nixos/matomo: fix string escape 2019-09-17 00:22:11 +00:00
volth b384420f2c
nixos/prosody: fix escape 2019-09-17 00:20:05 +00:00
volth fbd2b55715
nixos/graphite: fix escape 2019-09-17 00:19:28 +00:00
volth 602a39c318
nixos/rspamd: fix fancy unicode quote 2019-09-16 23:40:32 +00:00
Vladimír Čunát 268872d996
Merge branch 'staging-next' into staging 2019-09-16 19:25:54 +02:00
Vladimír Čunát fa4a3af5a7
Merge branch 'master' into staging-next 2019-09-16 19:24:52 +02:00
Aaron Andersen 7491f85e4f nixos/moodle: add extraConfig option 2019-09-16 08:03:37 -04:00
Silvan Mosberger 92e653b19b
Fix services.redshift.provider backwards-incompatibility (#68852)
Fix `services.redshift.provider` backwards-incompatibility
2019-09-15 21:45:25 +02:00
Silvan Mosberger e686b39288
nixos/redshift: Add rename for provider option
This was an oversight in https://github.com/NixOS/nixpkgs/pull/64309
resulting it backwards incompatibilities
2019-09-15 18:26:53 +02:00
Silvan Mosberger ecf5f85a81
nixos/redshift: Move option renames to the module 2019-09-15 18:25:40 +02:00
Tom Hall 3f52518048 nixos/plasma5: optionally include wacomtablet
When services.xserver.wacom.enable is true, include the KDE configuration
GUI for Wacom Tablets in the Plasma5 desktop.
2019-09-15 15:13:37 +01:00
Maximilian Bosch 80e2c41b87
Merge pull request #68435 from averelld/nextcloud-fix-deprecation-warning
nextcloud: fix deprecation warning
2019-09-15 15:35:32 +02:00
Vladimír Čunát b6c6e1f9e8
Merge branch 'master' into staging-next 2019-09-15 13:18:54 +02:00
worldofpeace 1ff3a0c498 networkmanager: 1.18.2 -> 1.20.2
* libnm-glib is gone 👋️
* correct dbus_conf_dir
* remove legacy service symlink
* upstream defaults to 'internal' for dhcp
  NixOS module reflects this.

https://gitlab.freedesktop.org/NetworkManager/NetworkManager/blob/1.20.2/NEWS
2019-09-14 09:01:46 -04:00
Will Dietz 447d625edc networkmanager,modemmanager: fix service symlinks for systemd v243
Fixes problems such as:

systemd[1]: Failed to put bus name to hashmap: File exists
systemd[1]: dbus-org.freedesktop.nm-dispatcher.service: Two services allocated for the same bus name org.freedesktop.nm_dispatcher, refusing operation.

Problem is that systemd treats symlinks to files outside the service
path differently, causing our old workaround to look like two separate services.

These symlinks are intended to be a means for manually emulating
the behavior of the `Alias=` directive in these services.
Unfortunately even making these symlinks relative isn't enough,
since they don't make it to where it matters--
that only makes the links in /etc/static/systemd/system/*
relative, with systemd still being shown non-relative links
in /etc/systemd/system/*.

To fix this, drop all of this at the package level
and instead simply specify the aliases in the NixOS modules.

Also handle the same for modemmanager,
since the networkmanager NixOS module also handles that.
2019-09-14 08:05:27 -04:00
worldofpeace 3cb0ae999f
Revert "networkmanager,modemmanager: fix service symlinks for systemd v243" 2019-09-14 08:04:28 -04:00
worldofpeace e8bc2a6ac0
Merge pull request #68731 from dtzWill/fix/networkmanager-dbus-service-aliases
networkmanager,modemmanager: fix service symlinks for systemd v243
2019-09-14 08:03:12 -04:00
WilliButz cbb6293dce
Merge pull request #68291 from Ma27/bump-hydra
hydra: 2019-05-06 -> 2019-08-30
2019-09-14 13:16:07 +02:00
Maximilian Bosch ce37a040c2
nixos/hydra: incorporate upstream changes and update test
During the last update, `hydra-notify` was rewritten as a daemon which
listens to postgresql notifications for each build[1]. The module
uses the `hydra-notify.service` unit from upstream's Hydra module and
the VM test ensures that email notifications are sent properly.

Also updated `hydra-init.service` to install `pg_trgm` on a local
database if needed[2].

[1] c7861b85c4
[2] 8a0a5ec3a3
2019-09-14 12:58:42 +02:00
schneefux bab6e6eb04
nixos/gitlab: Remove todo about mysql support
GitLab has ended MySQL support.
https://about.gitlab.com/2019/06/27/removing-mysql-support/
2019-09-14 11:26:22 +02:00
Will Dietz f99bdb2b61
networkmanager,modemmanager: fix service symlinks for systemd v243
Fixes problems such as:

systemd[1]: Failed to put bus name to hashmap: File exists
systemd[1]: dbus-org.freedesktop.nm-dispatcher.service: Two services allocated for the same bus name org.freedesktop.nm_dispatcher, refusing operation.

Problem is that systemd treats symlinks to files outside the service
path differently, causing our old workaround to look like two separate services.

These symlinks are intended to be a means for manually emulating
the behavior of the `Alias=` directive in these services.
Unfortunately even making these symlinks relative isn't enough,
since they don't make it to where it matters--
that only makes the links in /etc/static/systemd/system/*
relative, with systemd still being shown non-relative links
in /etc/systemd/system/*.

To fix this, drop all of this at the package level
and instead simply specify the aliases in the NixOS modules.

Also handle the same for modemmanager,
since the networkmanager NixOS module also handles that.
2019-09-13 21:02:39 -05:00
worldofpeace 5e936cab20 nixos/pantheon: use Pantheon's greeter
I now consider this usable in NixOS without reflecting
negatively on NixOS as a whole. For example this greeter
is immune to issues like #60651.
2019-09-13 21:36:23 -04:00
worldofpeace a99ef0345d nixos/lightdm/pantheon: provide xgreeters in package 2019-09-13 21:31:12 -04:00
worldofpeace 4828df8ab7 nixos/pantheon: add gtk settings.ini 2019-09-13 21:31:11 -04:00
worldofpeace d5766ef6b3 nixos/pantheon: use sessionVariables 2019-09-13 21:31:11 -04:00
worldofpeace 4b2e250f9e nixos/lightdm/pantheon: drop warning
This issue has been fixed in the latest release.
2019-09-13 21:31:03 -04:00
Robin Gloster 1987bddea8
Merge pull request #68649 from talyz/gitlab-fix
nixos/gitlab: Fix swap of secrets
2019-09-13 13:36:00 +02:00
Robin Gloster 7782ffb89a
Merge pull request #64364 from JohnAZoidberg/nm-wireless
Allow NetworkManager and wireless together
2019-09-13 13:18:14 +02:00
talyz 4b6ba5b27c nixos/gitlab: Fix swap of secrets
Fix accidental swap of the otp and db secrets in the secrets.yml
file. Fixes #68613.
2019-09-13 08:40:59 +02:00
Vincent Bernat cf3e491cef nginx: remove gzip_disable directive
IE6 is long gone and this directive is not useful anymore. We can
spare a few CPU cycles (and maybe skip some bugs) by not trying to
disable gzip for MSIE6.
2019-09-12 11:55:32 -05:00
Austin Seipp 5a1ae55bbc nixos/chrony: keep in foreground
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2019-09-12 11:45:51 -05:00
Austin Seipp b8bda8cb4f nixos/chrony: remove redundant 'initstepslew.servers' option
This option was added in 6336048c58 but it
is essentially a complete duplicate of the existing cfg.servers and
there seems to be no reason to keep maintaining it.

Furthermore, it requires annoying duplication if you try to do option
merging, e.g. merging in sets into your configuration.nix that add
`services.chrony.initstepslew` options will overwrite the servers option
unless you keep it, but that means you just have to duplicate
config.networking.timeServers again anyway which is an implementation
detail!

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2019-09-12 11:45:51 -05:00
Austin Seipp 83180ea41f nixos/chrony: set iburst for ntp servers
'iburst' allows chrony to make very quick adjustments to the clock by
doing a couple rapid measurements outside of the default 'minpoll'
option. This helps improve rapid time adjustment at boot, and is enabled
by default.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2019-09-12 11:45:51 -05:00
Austin Seipp f0ad5ebdfb nixos/{chrony,ntpd,openntpd}: add myself as maintainer
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2019-09-12 11:45:51 -05:00
Austin Seipp a61e94329f nixos: shuffle all ntp services into their own dir
This is reckless, ill-advised, pointless, and I will be scorned for it,
but it makes me feel a lot better.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2019-09-12 11:45:51 -05:00
Marek Mahut f16bc2ff5f
Merge pull request #68365 from aanderse/zabbix
nixos/zabbixWeb: fix a string reference as well as the phpfpm socket path
2019-09-12 15:40:34 +02:00
Averell Dalton 56e5dddf7c nextcloud: fix deprecation warning 2019-09-12 14:19:42 +02:00
Maximilian Bosch 848ea3af65
Merge pull request #68496 from WilliButz/add-rspamd-exporter
add prometheus rspamd exporter and test
2019-09-11 16:55:26 +02:00
Alyssa Ross 27b459ce1e
nixos/mailman: types.string -> types.str 2019-09-11 14:14:09 +00:00
Peter Simons d0dba96e1d nixos/mailman: properly wrap the mailman-web script 2019-09-11 15:22:37 +02:00
Peter Simons a7941fe210 nixos/mailman: create "mailman" executable as a proper wrapper script 2019-09-11 15:11:34 +02:00
Peter Simons 1cb5cff611 nixos/mailman: clean up our variable names 2019-09-11 14:58:16 +02:00
Peter Simons 0cc37b3cfa nixos/mailman: httpd.services requires mailman-web in the systemd sense
When mailman-web restarts, it removes the generated "static" directory. This
breaks a currently running httpd process, which needs a re-start, too, to
obtain a new handle for the newly generated path.
2019-09-11 14:52:47 +02:00
Peter Simons 86f8895abb python-mailman-web: turn these Djando configuration files into a make-shift Python library
Suggested in https://github.com/NixOS/nixpkgs/pull/67951#issuecomment-530309702.
2019-09-11 14:48:51 +02:00
WilliButz bcce960d7d
nixos/prometheus-exporters: add rspamd-exporter
This adds a module that configures the json exporter,
which then acts as an exporter for rspamd.
2019-09-11 14:21:36 +02:00
Peter Simons 72c7ba5aba nixos/mailman: add support for the Mailman Web UI (Postorius & Hyperkitty) 2019-09-11 12:19:23 +02:00
worldofpeace e99786076a
Merge pull request #68390 from worldofpeace/portal-gnome-shell
nixos/gnome3: add gnome-shell xdg portal
2019-09-10 10:56:36 -04:00
worldofpeace bfb2389a84 nixos/gnome3: add gnome-shell xdg portal 2019-09-09 19:28:59 -04:00
Sander van der Burg e987e3fef9 nixos/dysnomia: enable InfluxDB support 2019-09-09 23:28:10 +02:00
adisbladis b8f2f6ff9d
Merge pull request #68363 from worldofpeace/xterm-stateversion
nixos/xterm: stateVersion disable by default
2019-09-09 18:50:20 +01:00
Michael Bishop 7256d10d00
Merge pull request #68368 from toonn/toxvpn-typo
nixos/toxvpn: Fix typo in option description
2019-09-09 14:35:22 -03:00
toonn a34b61ab30 nixos/toxvpn: Fix typo in option description 2019-09-09 19:31:48 +02:00
Aaron Andersen a0edbc5b4d nixos/zabbixWeb: fix a string reference as well as the phpfpm socket path 2019-09-09 12:24:39 -04:00
worldofpeace 456c42c3e8 nixos/xterm: stateVersion disable by default 2019-09-09 12:07:11 -04:00
Léo Gaspard a80eef922d rss2email: 3.9 -> 3.10 2019-09-09 18:03:17 +02:00
worldofpeace 787eabd7c1
Merge pull request #68218 from worldofpeace/cups-pk/no-auth-wheel
nixos/cupsd: passwordless admin for wheel with polkit
2019-09-09 04:42:19 -04:00
Linus Heckemann c8c04bc96c
Merge pull request #68310 from rnhmjoj/xkb
services.xserver.extraLayouts fixes
2019-09-09 10:19:58 +02:00
Frederik Rietdijk e3f25191c4 Merge staging-next into staging 2019-09-09 08:11:34 +02:00
volth 7b8fb5c06c treewide: remove redundant quotes 2019-09-08 23:38:31 +00:00
Silvan Mosberger 916603c03c
Merge pull request #67241 from kcalvinalvin/cmt
nixos/modules/services/x11/hardware/: add cmt module
2019-09-08 22:33:30 +02:00
rnhmjoj e57c0f3bf9
nixos/xserver: export configuration with startx and extra layouts
If the X server is run manually it must be started with an `-xkbdir` argument
pointing to the custom xkb directory. So we export it to /etc/X11/xkb.
2019-09-08 14:51:23 +02:00
worldofpeace 362c2f67f9
Merge pull request #68037 from dtzWill/update/upower-0.99.11
upower: 0.99.10 -> 0.99.11
2019-09-08 08:14:35 -04:00
worldofpeace 16083defb5 nixos/upower: drop resumeCommands hack
Introduced 7 years ago, it's likely the issue has
been fixed. Even possible this could cause issues
with recent upower.
2019-09-08 07:02:58 -04:00
worldofpeace 92740dd4a8 nixos/upower: drop custom unit
All of these changes ++ are in the upstream unit
Also drop glib in path of unit as I don't believe
this should be needed anymore.
2019-09-08 07:02:58 -04:00
worldofpeace ab48ede4c3 nixos/upower: don't use activation script to create statedir
Systemd now handles this completely.
2019-09-08 07:02:57 -04:00
Vladimír Čunát 707c7e4ea8
deluge service: fix my bad conflict resolution from f21211ebf
I'm sorry.  Thanks to aszlig.
2019-09-08 08:42:53 +02:00
Florian Klink 2f3b9cd52c
Merge pull request #66274 from talyz/gitlab
nixos/gitlab: Add support for secure secrets and more
2019-09-07 12:52:44 -07:00
Calvin Kim fa53852804 nixos/cmt: add cmt module
Adds custom touchpad drivers for Chromebooks.
2019-09-08 03:02:25 +09:00
adisbladis 8e2fc57a80
postgresql_9_4: Remove package
It's only supported until February 13, 2020 which is during the 19.09 life cycle.
2019-09-07 15:31:27 +01:00
adisbladis 88a70c9669
nixos/kibana: Filter empty lists
Some options (in particular elasticsearch.ssl.certificateAuthorities)
are not allowed to be empty.
2019-09-07 13:24:24 +01:00
Marek Mahut a2550e2af5
Merge pull request #68243 from mmahut/jormungandr
nixos/jormungandr: adding RUST_BACKTRACE until service is stable
2019-09-07 11:29:51 +02:00
worldofpeace 416f057bc3
Merge pull request #68213 from worldofpeace/ead/fix
nixos/iwd: add tmpfiles rule for ead service
2019-09-07 03:40:06 -04:00
worldofpeace 93e5683353
Merge pull request #68182 from worldofpeace/chrome-gnome-shell
nixos/gnome3: enable chrome-gnome-shelll
2019-09-07 03:13:22 -04:00
Marek Mahut af9c515c8b nixos/jormungandr: adding RUST_BACKTRACE until service is stable 2019-09-07 08:31:28 +02:00
worldofpeace e49049493a
Merge pull request #68233 from worldofpeace/plasma5-enable-libinput
nixos/plasma5: enable libinput
2019-09-06 19:23:28 -04:00
worldofpeace 466f5e5346 nixos/plasma5: enable libinput 2019-09-06 19:18:52 -04:00
worldofpeace 4e89375846
Merge pull request #67917 from worldofpeace/lightdm-pam-gnome-keyring
nixos/lightdm: fix pam rules
2019-09-06 18:50:07 -04:00
worldofpeace 0c602541a3 nixos/lightdm: fix pam rules
Rules are a translation of what's done in the
GDM module and adjustments based of looking at
Arch Linux's configuration and upstream's.

A side effect of this change is that gnome-keyring
and kwallet modules should work as expected when in-
cluded.

Fixes #64259 #62045
2019-09-06 18:22:22 -04:00
Frederik Rietdijk 66bc7fc1b3 Merge master into staging-next 2019-09-06 22:46:05 +02:00
WilliButz bb62066225
nixos/prometheus: remove prometheus1 module, rename prometheus2
Prometheus 1 is no longer supported, instead 'services.prometheus'
now configures the Prometheus 2 service.
2019-09-06 21:55:23 +02:00
worldofpeace b9d9045d57 nixos/cupsd: passwordless admin for wheel with polkit 2019-09-06 13:51:38 -04:00
Nikolay Amiantov daa9ea2987 murmur service: fix typo in description 2019-09-06 20:29:20 +03:00
worldofpeace 5d4890b58d
Merge pull request #67585 from worldofpeace/system-config-printer
nixos/system-config-printer: init
2019-09-06 12:08:23 -04:00
worldofpeace 998f59ccda nixos/mate: enable system-config-printer
After some research this should be installed as a program
in Mate or Cinnamon.
2019-09-06 12:06:32 -04:00
worldofpeace 335b8c65c7 nixos/plasma5: use system-config-printer module 2019-09-06 12:06:32 -04:00
worldofpeace 146532b272 nixos/xfce4-14: use system-config-printer module 2019-09-06 12:06:32 -04:00
worldofpeace 2fe7bd3ab3 nixos/gnome3: use system-config-printer module 2019-09-06 12:06:32 -04:00
worldofpeace 6b99ec2dbe nixos/pantheon: use system-config-printer module 2019-09-06 12:06:32 -04:00
worldofpeace 3722f1d20e nixos/iwd: add tmpfiles rule for ead service
This is needed for the wired service ead.service.
(in ReadWritePaths)
2019-09-06 11:32:55 -04:00
talyz 240649a510 nixos/gitlab: Extract arbitrary secrets from extraConfig
Adds the ability to make any parameter specified in extraConfig secret
by defining it an attrset containing the attr _secret, which in turn
is a path to a file containing the actual secret.
2019-09-06 16:57:23 +02:00
talyz b351454cac nixos/gitlab: Use postgresql module options to provision local db
Use the postgresql module to provision a local db (if
databaseCreateLocally is true) instead of doing this locally.

Switch to using the local unix socket for db connections by default;
this is needed since dbs created by the postgresql module only support
peer authentication.

Instead of running the rake tasks db:schema:load, db:migrate and
db:seed_fu, run gitlab:db:configure, which in turn runs these tasks
when needed.

Solves issue #53852 for gitlab.
2019-09-06 16:56:20 +02:00
Jan Tojnar f9237f3152
Merge branch 'master' into staging-next 2019-09-06 16:55:11 +02:00
talyz cbdf94c0f3 nixos/gitlab: Add support for storing secrets in files
Add support for storing secrets in files outside the nix store, since
files in the nix store are world-readable and secrets therefore can't
be stored safely there.

The old string options are kept, since they can potentially be handy
for testing purposes, but their descriptions now state that they
shouldn't be used in production. The manual section is updated to use
the file options rather than the string options and the tests now test
both.
2019-09-06 16:54:22 +02:00
worldofpeace 792444af84 nixos/system-config-printer: init 2019-09-06 09:40:17 -04:00
adisbladis a3032415f7
kibana5: Remove EOL package 2019-09-06 14:30:49 +01:00
adisbladis 4e30b30a65
logstash5: Remove EOL package 2019-09-06 14:22:15 +01:00
talyz 7648b4f8ba nixos/gitlab: Fix missing ca_file for SMTP
Work around upstream issue #790 by explicitly referencing the
ca-certificates.crt file.
2019-09-06 10:17:31 +02:00
worldofpeace ca5ec234ce nixos/gnome3: enable chrome-gnome-shelll 2019-09-05 23:10:09 -04:00
worldofpeace 2f14615ddc nixos/chrome-gnome-shell: enable in firefox 2019-09-05 23:07:59 -04:00
Jan Tojnar cdf426488b
Merge branch 'master' into staging-next
Fixed trivial conflicts caused by removing rec.
2019-09-06 03:20:09 +02:00
Jan Tojnar ed54a5b51d
Merge branch 'gtk-no-plus' 2019-09-06 02:57:51 +02:00
Jan Tojnar 72e7d569a7
tree-wide: s/GTK+/GTK/g
GTK was renamed.
2019-09-06 02:54:53 +02:00
Craige McWhirter 169cb996c5 postgresql: improve identMap description
This patch provides example usage for identMap based upon PostrgeSQL documentation

@thoughtpolice
2019-09-05 12:28:21 -05:00
Sarah Brofeldt 11e72e547d
Merge pull request #67563 from johanot/kubernetes-1.15-withmodulerevert
kubernetes: 1.14.3 -> 1.15.3

Also reverts the module systemd dependencies
2019-09-05 07:34:11 +02:00
Silvan Mosberger 7ff619f440
Merge pull request #68015 from aanderse/zookeeper
nixos/zookeeper: recursively set permissions and ownership on dataDir
2019-09-04 19:00:49 +02:00
Johan Thomsen d891283aa4 nixos/kubernetes: make module compatible with v1.15.x 2019-09-04 17:38:41 +02:00
Johan Thomsen 00975b5628 Revert "Merge pull request #56789 from mayflower/upstream-k8s-refactor"
This reverts commit 7dc6e77bc2, reversing
changes made to bce47ea9d5.

Motivation for the revert in #67563
2019-09-04 17:37:02 +02:00
Johan Thomsen fb22d67fa7 ceph: 13.2.4 -> 14.2.1
* remove kinetic
* release note
* add johanot as maintainer

nixos/ceph: create option for mgr_module_path
  - since the upstream default is no longer correct in v14

* fix module, default location for libexec has changed
* ceph: fix test
2019-09-04 16:17:18 +02:00
Kristoffer 85baedaca3 ceph: 12.2.7 -> 13.2.4
* maintain only one version
* ceph-client: init
* include ceph-volume python tool in output

nixos/ceph: extraConfig, fix test, wait for ceph-mgr to become active

* run ceph with disk group permission
* add extraConfig option for the global section
needed per cluster
* clear up how ceph.conf is generated
* fix ceph testcase
2019-09-04 16:01:42 +02:00