3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

2099 commits

Author SHA1 Message Date
Mathijs Kwik 0dd46d1335 networking: add options for configuring virtual devices (tun/tap)
These are mainly useful for network tunnels (vpn/ipv6) and creating
bridges for virtual machines
2012-08-29 22:59:36 +02:00
Mathijs Kwik d106a8a296 logcheck: make sure directories are writable during merge phase 2012-08-29 22:59:28 +02:00
Peter Simons 51e58dafca spamassassin: use a dedicated user for running spamd 2012-08-28 16:27:28 +02:00
Mathijs Kwik 2769f594f3 add logcheck module 2012-08-26 16:04:49 +02:00
Mathijs Kwik aba9f76105 change permission of /run/lock to allow non-root access to subdirectories 2012-08-26 10:17:22 +02:00
Mathijs Kwik 05262ad35d postfix: allow specifying 'virtual' mappings
mainly useful for having a few local addresses (me@host.domain.com) while the majority of
addresses are on the domain (you@domain.com)
2012-08-24 00:27:07 +02:00
Peter Simons 16713db4e2 modules/programs/bash/bashrc.sh: adapt bash completion for version 2.0 of the package 2012-08-20 16:37:14 +02:00
Petr Rockai 5dc8bc5f2a Do not assume that /dev/console can always be written. 2012-08-18 14:29:09 +02:00
Eelco Dolstra 7e99541afe Fix initrd for the latest lvm2 2012-08-16 15:37:13 -04:00
Eelco Dolstra a025e7e7e2 Provide a common share between VMs to allow easy communication
Every VM now mounts a common SMB share on /tmp/shared.
2012-08-16 10:47:33 -04:00
Eelco Dolstra 0e3f03106f postgresql.nix: Add an option for overriding the PostgreSQL package 2012-08-15 17:02:03 -04:00
Peter Simons a025e848e0 modules/security/sudo.nix: added 'wheelNeedsPassword' option (default: true)
Change this setting to 'false' to allow users in the 'wheel' group to execute
commands as super user without entering a password.
2012-08-13 14:37:32 +02:00
Shea Levy 85997a6692 mingetty: Don't make restartIfChanged optional 2012-08-12 11:44:00 -04:00
aszlig c9e05f1ed8 stage-1: Load boot-time keymap by default.
This also removes the configuration option, as suggested by @edolstra.
2012-08-12 16:54:31 +02:00
aszlig d809a9e6b2 mingetty: Option to not restart on service change.
This especially annoyed me whenver I was doing nixos-rebuild switch and getting
logged out on all consoles. With this there now is services.mingetty.dontRestart
for heavy VT users to deactivate this behaviour.
2012-08-12 13:50:50 +02:00
aszlig eb0b2651b8 stage-1: Add option to load keymap during bootup.
As non-QWERTY keyboards don't feel so warm and cozy if they hug QWERTY LUKS
password prompts, it was on honor for me to serve King Dvorak XV to fight the
glorious keyboard war against... what?! Yes, I'm awake!

We're fighting with loadkeys to spit out busybox binary keymaps against loadkmap
(loadkeys does have a special target -b for that).

And yep, I'm somewhat abusing preLVMCommands, if someone got issues with that,
feel free to introduce a new substitute in stage-i-init.sh.

Sent from my iPhone
2012-08-12 13:38:36 +02:00
Shea Levy 15a1efe023 find modules/ -name \*.nix -print0 | xargs -0 sed -i 's/RT73Firmware/RalinkFirmware/g' 2012-08-11 12:34:35 -04:00
Lluís Batlle i Rossell 50350a15f1 Adding a rename line for rt73 -> ralink. 2012-08-11 14:54:43 +02:00
Lluís Batlle i Rossell 9e753f3a46 Removing rt73 module, adding ralink module.
The rt73 fw were a subset of ralink, and the nixpkgs url
for rt73 didn't work either. Ralink should make any rt73 card work.
2012-08-11 14:53:34 +02:00
Lluís Batlle i Rossell 746b572ee6 stage2init: fix respecting 'noatime' mount options for /
We had a "mount -o remount,rw none /" that was setting back 'relatime',
although we had set 'noatime' at initrd mount. Removing the word 'none' fixed
it.

Specifying a device (in this case 'none'), makes mount to forget previous
device options. According to manpage, it says not to read fstab or mtab. But the
effect is that of setting 'relatime', if it was mounted 'noatime.
2012-08-10 20:51:13 +02:00
Eelco Dolstra f31ab09b85 Set uniq type on boot.loader.kernelFile 2012-08-09 11:00:35 -04:00
Shea Levy 20d4dee426 The efi boot stub code should only be run if it is enabled 2012-08-09 10:37:43 -04:00
Eelco Dolstra 6b2a14d698 Fix NixOS evaluation 2012-08-09 10:04:25 -04:00
Eelco Dolstra 5ae6385175 qemu-vm.nix: Use ext4 instead of ext3 2012-08-09 10:00:49 -04:00
Shea Levy da787e3071 efi-boot-stub: List required kernel config 2012-08-08 23:02:46 -04:00
Eelco Dolstra 21da462ad5 Merge pull request #25 from shlevy/required-kernel-config
Required kernel config
2012-08-08 10:33:41 -07:00
Shea Levy c39f493ebb Minor reorganization 2012-08-07 18:09:08 -04:00
Shea Levy d9c03b6447 The kernel needs swap support if swapDevices are enabled 2012-08-07 17:34:10 -04:00
Shea Levy d28876ea70 qemu tests use the virtio console to run commands 2012-08-07 17:04:00 -04:00
Shea Levy 9d8ddd90f9 qemu mounts /nix/store via CIFS 2012-08-07 16:44:15 -04:00
Shea Levy 13d8856a4f qemu requires VIRTIO_NET (and dependencies) for virtio networking 2012-08-07 16:25:11 -04:00
Eelco Dolstra 66ff6a382a stage-1-init: Close temporary file descriptor
Otherwise this fd will be inherited all the way into the Upstart jobs.
2012-08-07 10:05:33 -04:00
Shea Levy 805d37db48 qemu-vm creates an ext3 filesystem 2012-08-07 07:02:08 -04:00
Shea Levy 0ea2643c63 The initrd mounts some tmpfses 2012-08-07 06:57:01 -04:00
Shea Levy 11e5207a2d qemu requires VIRTIO_BLK (and dependencies) for virtio drives 2012-08-06 17:10:54 -04:00
Shea Levy 64d0069be3 udev requires unix sockets and inotify 2012-08-06 17:02:35 -04:00
Rickard Nilsson e33dfa936f Use busybox mount instead of klibc nfsmount for nfs mounts in initrd. 2012-08-06 16:25:22 -04:00
Shea Levy e66bcbd58a The kernel needs SERIAL_8250_CONSOLE when using a real serial port as a console 2012-08-06 08:13:06 -04:00
Shea Levy 1b615f460b Allow overriding all NixOS tests to run with the minimal kernel possible for that test's config(s) (based on requiredKernelConfig) 2012-08-04 09:45:26 -04:00
Peter Simons d13a3c741a spamassassin: call daemon with complete path 2012-08-03 18:07:06 +02:00
Eelco Dolstra d5d8acfacd Assign uid/gid 54 to wwwrun 2012-08-03 11:05:25 -04:00
Eelco Dolstra 23cb924fbf Don't try to change the uid/gid of existing users
Unless we search the entire filesystem to do a chown *and* restart
existing processes owned by that user, there is no sensible way that
we can change uids/gids.  So don't try.
2012-08-03 11:03:56 -04:00
Eelco Dolstra 0a0c28f812 Revert "Add services.httpd.fixUidAndGid option to assign reliable numeric UID and GID for the Apache user."
This reverts commit 0ef085d58a.
2012-08-03 10:52:53 -04:00
Peter Simons 0ef085d58a Add services.httpd.fixUidAndGid option to assign reliable numeric UID and GID for the Apache user.
The option is disabled by default so that previously existing installations
aren't affected.

If you'd like to migrate to the fixed numeric id for Apache, set "fixUidAndGid
= true", edit the file "/etc/groups" and replace the old GID value with 54.
(NixOS can't do that for you because it refuses to change a GID that identifies
the primary group of a user.) Then run

  find / -xdev -uid $oldUID -exec chown 54 {} +
  find / -xdev -gid $oldGID -exec chgrp 54 {} +

to update ownership of all files that are supposed to be owned by Apache.
2012-08-03 16:39:55 +02:00
Eelco Dolstra 29f721ba54 Only create the Apache user/group if it's "wwwrun" 2012-08-03 09:35:06 -04:00
Peter Simons 1b249eaf05 Initial version of a SpamAssassin service.
The configuration is expected to be managed by the user in /etc/spamassassin.
2012-08-03 15:11:28 +02:00
Eelco Dolstra 1fcef0a0e0 Don't use nixUnstable 2012-08-02 13:31:57 -04:00
Rickard Nilsson a6039e1be2 LUKS root: Fix key file check
Check for null instead of empty string
2012-08-02 11:39:31 +02:00
Rickard Nilsson 0958b224ac LUKS root: Add option for using a key file instead of a passphrase. 2012-08-02 11:30:33 +02:00
Rickard Nilsson ecdbc94e05 LUKS root: Add option allowDiscards (for SSD disks) 2012-08-02 11:27:28 +02:00
Shea Levy feb010a366 NixOS kernels should support ELF executables 2012-08-02 00:47:36 -04:00
Shea Levy 3d20a308af tests/minimal-kernel: Add CIFS timeout patch 2012-08-01 23:36:48 -04:00
Shea Levy 9e300052bd Add test to check that a machine with a minimal kernel but all of the requiredKernelConfig options set boots and shuts down 2012-08-01 22:32:16 -04:00
Shea Levy 2a983acaff Enable specifying which kernel config options are needed for a given module 2012-08-01 21:50:43 -04:00
Eelco Dolstra 5f57110e1f install-grub.pl: Fix Xen support 2012-08-01 21:48:29 +02:00
Mathijs Kwik 52fd5ea6ca gogoclient: setup config and dirs on service start, not on system activation 2012-07-31 20:07:05 +02:00
Eelco Dolstra 6576d81ff1 Fix "please: command not found" in switch-to-configuration 2012-07-30 15:19:30 -04:00
Eelco Dolstra 2678ff3726 Use /sys/fs/cgroup instead of /dev/cgroup 2012-07-30 13:49:18 -04:00
Eelco Dolstra 174d6a07e0 Fix whitespace 2012-07-30 13:49:10 -04:00
Eelco Dolstra a559a2a606 mediawiki.nix: Use the right PHP build 2012-07-30 17:19:23 +02:00
Florian Friesdorf 14a8532ee0 add NIX_CONF_DIR to sudo env_keep variables (suggested by Eelco Dolstra)
this enables nix-collect-garbage under sudo to respect nix.conf, e.g.:

    gc-keep-outputs = true
    gc-keep-derivations = true
2012-07-27 12:25:11 +02:00
Peter Simons e988324534 Use a dedicated user ('named') for BIND instead of running the daemon as super user. 2012-07-27 00:08:41 +02:00
Shea Levy 51765e6333 Merge pull request #20 from chaoflow/setuid-wrapper-newgrp
add setuid wrapper for newgrp
2012-07-26 11:11:10 -07:00
Florian Friesdorf 7c1c4c757c add setuid wrapper for newgrp 2012-07-26 16:52:38 +02:00
Eelco Dolstra 16da4a14f1 amazon-image.nix: Don't put any old configurations in the GRUB menu 2012-07-25 16:38:05 -04:00
Eelco Dolstra 557f39aa0f install-grub.pl: Apply the configuration limit only to old generations 2012-07-25 16:37:29 -04:00
Eelco Dolstra 8cae5e5782 Remove jfsrec from the minimal CD because it pulls in Boost 2012-07-25 11:39:41 -04:00
Eelco Dolstra b52117c34d Treat init-script as a boot loader 2012-07-25 11:30:16 -04:00
Eelco Dolstra 8b91a5f2ff Move boot loader modules to modules/system/boot/loader 2012-07-25 10:59:03 -04:00
Eelco Dolstra b15e1fbb08 Boot loader refactoring
- Renamed system.build.menuBuilder to system.build.installBootLoader.

- ‘install-grub.pl’ (formerly grub-menu-builder.pl) now generates the
  GRUB menu *and* installs GRUB (if necessary).

- ‘switch-to-configuration.sh’ has no boot loader specific knowledge
  anymore.  It just calls installBootLoader.
2012-07-25 10:47:32 -04:00
Eelco Dolstra 1b743526bd grub.nix: Handle null values
http://hydra.nixos.org/build/2894714
2012-07-25 09:27:51 -04:00
Eelco Dolstra be4c4d79cf grub-menu-builder: GRUB now installs unicode.pf2 automatically 2012-07-24 22:37:16 -04:00
Eelco Dolstra a0721ad2b3 stage-1-init: Use mount --move to move /sys etc. to the target root
This fixes warnings about /sys/kernel/security during shutdown and
cleans up /proc/mounts.
2012-07-24 22:04:28 -04:00
Eelco Dolstra fb15b1894e Add missing progress message 2012-07-24 19:27:16 -04:00
Eelco Dolstra f0c82f4543 Pass the ‘--recheck’ flag to grub-install 2012-07-24 19:22:19 -04:00
Eelco Dolstra f07f221f0e Replace grub-menu-builder with a much faster version
The old GRUB menu builder script is quite slow, typically taking
several seconds.  This is a real annoyance since it's run every time
you switch to a new configuration.  Therefore this patch replaces the
Bash script with a much faster Perl script.  In a VirtualBox test, the
execution time went from 2.7s to 0.1s.  The Perl version is also more
correct because it uses XML to get the GRUB configuration (through
builtins.toXML), so there are no shell escaping issues.

The new script currently lacks support for subconfigurations defined
through "nesting.children".
2012-07-24 19:16:27 -04:00
Eelco Dolstra b3b6b8ad60 virtualbox-image.nix: VirtualBox disks are /dev/sda, not /dev/vda 2012-07-24 19:07:03 -04:00
Phreedom cb063afcbf F-Prot virus signaure database updater: package 2012-07-24 10:52:04 +03:00
Shea Levy 0f65521df2 Merge pull request #17 from MarcWeber/fix-init-script-builder
fix init-script-builder
2012-07-23 17:44:37 -07:00
Peter Simons e8e19bbb1f modules/services/web-servers/apache-httpd: rename 'apacheHttpd' option to 'package' 2012-07-24 01:01:48 +02:00
Peter Simons b3627f6c69 modules/services/web-servers/apache-httpd: add apache user to the apache group 2012-07-23 22:00:35 +02:00
Peter Simons 52c97adaba modules/services/web-servers/apache-httpd: make this module more configurable
- The new option 'apacheHttpd' determines the version of the Apache
   HTTP Server that's being used by this module. The default version
   is Apache 2.2.x, as before.

 - The new option 'configFile' allows users specify their own custom
   config file for the web server instead of being limited to the one
   that this module generates.
2012-07-23 21:48:21 +02:00
Eelco Dolstra 5a0cf5e7b6 Use ext4 for VirtualBox images 2012-07-23 14:01:10 -04:00
Phreedom 4f109c8a3d ClamAV: package virus fingerprint database updater. 2012-07-23 17:19:59 +03:00
Marc Weber 7ddea025e4 dont hardcode apache group name when setting permissions for state dir 2012-07-23 03:28:21 +02:00
Your Name 4549bad2f4 AppArmor: packaged 2012-07-22 16:31:49 +03:00
Your Name 8bde72d99c Mount securityfs needed for AppArmor and some TPM drivers.
Should be harmless.
2012-07-22 16:31:49 +03:00
Marc Weber 3221159f5f fix init-script-builder 2012-07-21 19:26:36 +02:00
Mathijs Kwik 26bf696350 Revert "allow out-of-tree nixos modules"
This reverts commit b609ff4fcf.

It turns out this can just be done using "require".
2012-07-21 18:30:58 +02:00
Mathijs Kwik b609ff4fcf allow out-of-tree nixos modules
The environment variable "NIXOS_EXTRA_MODULES" is now checked to
contain a path to a file similar to modules/module-list.nix.

This gives the ability to include nixos modules that are not in the
nixos source tree.

This can be useful for modules that are still experimental, or which
aren't useful for other nixos users. Of course, this was already
possible to do this using a forked nixos tree, but with this
functionality, you can just rely on the nixos channel, easing things a
lot.
2012-07-21 17:35:50 +02:00
Eelco Dolstra 63742a942e Don't create /var/log/upstart/<jobname> unless necessary 2012-07-18 17:09:00 -04:00
Lluís Batlle i Rossell f43033a3f7 crashdump: it required some kernel options for the nmi_watchdog to work.
Now it says at boot, for every core:
NMI watchdog: enabled, takes one hw-pmu counter.
2012-07-18 21:50:18 +02:00
Peter Simons 4553a27a92 modules/security/pam.nix: add xscreensaver to the list of services 2012-07-17 13:01:09 +02:00
Eelco Dolstra 1d57489427 Global replace /var/run/opengl-driver -> /run/opengl-driver 2012-07-16 11:34:21 -04:00
Eelco Dolstra 98459eb675 Global replace /var/run/booted-system -> /run/booted-system 2012-07-16 11:34:21 -04:00
Eelco Dolstra 73532c3855 Global replace /var/run/current-system -> /run/current-system 2012-07-16 11:34:21 -04:00
Shea Levy 8c24de13e4 D'oh 2012-07-16 08:11:44 -04:00
Shea Levy cdd8ecf9c7 multitouch: Invert left-right scrolling when invertScroll is enabled 2012-07-16 08:03:47 -04:00
Shea Levy 3d2b83c110 multitouch: Add an option to ignore palm touches 2012-07-14 21:40:49 -04:00
Shea Levy c909ea9208 multitouch: Add option to invert scroll 2012-07-14 18:02:46 -04:00