Mathijs Kwik
0dd46d1335
networking: add options for configuring virtual devices (tun/tap)
...
These are mainly useful for network tunnels (vpn/ipv6) and creating
bridges for virtual machines
2012-08-29 22:59:36 +02:00
Mathijs Kwik
d106a8a296
logcheck: make sure directories are writable during merge phase
2012-08-29 22:59:28 +02:00
Peter Simons
51e58dafca
spamassassin: use a dedicated user for running spamd
2012-08-28 16:27:28 +02:00
Mathijs Kwik
2769f594f3
add logcheck module
2012-08-26 16:04:49 +02:00
Mathijs Kwik
aba9f76105
change permission of /run/lock to allow non-root access to subdirectories
2012-08-26 10:17:22 +02:00
Mathijs Kwik
05262ad35d
postfix: allow specifying 'virtual' mappings
...
mainly useful for having a few local addresses (me@host.domain.com ) while the majority of
addresses are on the domain (you@domain.com )
2012-08-24 00:27:07 +02:00
Peter Simons
16713db4e2
modules/programs/bash/bashrc.sh: adapt bash completion for version 2.0 of the package
2012-08-20 16:37:14 +02:00
Petr Rockai
5dc8bc5f2a
Do not assume that /dev/console can always be written.
2012-08-18 14:29:09 +02:00
Eelco Dolstra
7e99541afe
Fix initrd for the latest lvm2
2012-08-16 15:37:13 -04:00
Eelco Dolstra
a025e7e7e2
Provide a common share between VMs to allow easy communication
...
Every VM now mounts a common SMB share on /tmp/shared.
2012-08-16 10:47:33 -04:00
Eelco Dolstra
0e3f03106f
postgresql.nix: Add an option for overriding the PostgreSQL package
2012-08-15 17:02:03 -04:00
Peter Simons
a025e848e0
modules/security/sudo.nix: added 'wheelNeedsPassword' option (default: true)
...
Change this setting to 'false' to allow users in the 'wheel' group to execute
commands as super user without entering a password.
2012-08-13 14:37:32 +02:00
Shea Levy
85997a6692
mingetty: Don't make restartIfChanged optional
2012-08-12 11:44:00 -04:00
aszlig
c9e05f1ed8
stage-1: Load boot-time keymap by default.
...
This also removes the configuration option, as suggested by @edolstra.
2012-08-12 16:54:31 +02:00
aszlig
d809a9e6b2
mingetty: Option to not restart on service change.
...
This especially annoyed me whenver I was doing nixos-rebuild switch and getting
logged out on all consoles. With this there now is services.mingetty.dontRestart
for heavy VT users to deactivate this behaviour.
2012-08-12 13:50:50 +02:00
aszlig
eb0b2651b8
stage-1: Add option to load keymap during bootup.
...
As non-QWERTY keyboards don't feel so warm and cozy if they hug QWERTY LUKS
password prompts, it was on honor for me to serve King Dvorak XV to fight the
glorious keyboard war against... what?! Yes, I'm awake!
We're fighting with loadkeys to spit out busybox binary keymaps against loadkmap
(loadkeys does have a special target -b for that).
And yep, I'm somewhat abusing preLVMCommands, if someone got issues with that,
feel free to introduce a new substitute in stage-i-init.sh.
Sent from my iPhone
2012-08-12 13:38:36 +02:00
Shea Levy
15a1efe023
find modules/ -name \*.nix -print0 | xargs -0 sed -i 's/RT73Firmware/RalinkFirmware/g'
2012-08-11 12:34:35 -04:00
Lluís Batlle i Rossell
50350a15f1
Adding a rename line for rt73 -> ralink.
2012-08-11 14:54:43 +02:00
Lluís Batlle i Rossell
9e753f3a46
Removing rt73 module, adding ralink module.
...
The rt73 fw were a subset of ralink, and the nixpkgs url
for rt73 didn't work either. Ralink should make any rt73 card work.
2012-08-11 14:53:34 +02:00
Lluís Batlle i Rossell
746b572ee6
stage2init: fix respecting 'noatime' mount options for /
...
We had a "mount -o remount,rw none /" that was setting back 'relatime',
although we had set 'noatime' at initrd mount. Removing the word 'none' fixed
it.
Specifying a device (in this case 'none'), makes mount to forget previous
device options. According to manpage, it says not to read fstab or mtab. But the
effect is that of setting 'relatime', if it was mounted 'noatime.
2012-08-10 20:51:13 +02:00
Eelco Dolstra
f31ab09b85
Set uniq type on boot.loader.kernelFile
2012-08-09 11:00:35 -04:00
Shea Levy
20d4dee426
The efi boot stub code should only be run if it is enabled
2012-08-09 10:37:43 -04:00
Eelco Dolstra
6b2a14d698
Fix NixOS evaluation
2012-08-09 10:04:25 -04:00
Eelco Dolstra
5ae6385175
qemu-vm.nix: Use ext4 instead of ext3
2012-08-09 10:00:49 -04:00
Shea Levy
da787e3071
efi-boot-stub: List required kernel config
2012-08-08 23:02:46 -04:00
Eelco Dolstra
21da462ad5
Merge pull request #25 from shlevy/required-kernel-config
...
Required kernel config
2012-08-08 10:33:41 -07:00
Shea Levy
c39f493ebb
Minor reorganization
2012-08-07 18:09:08 -04:00
Shea Levy
d9c03b6447
The kernel needs swap support if swapDevices are enabled
2012-08-07 17:34:10 -04:00
Shea Levy
d28876ea70
qemu tests use the virtio console to run commands
2012-08-07 17:04:00 -04:00
Shea Levy
9d8ddd90f9
qemu mounts /nix/store via CIFS
2012-08-07 16:44:15 -04:00
Shea Levy
13d8856a4f
qemu requires VIRTIO_NET (and dependencies) for virtio networking
2012-08-07 16:25:11 -04:00
Eelco Dolstra
66ff6a382a
stage-1-init: Close temporary file descriptor
...
Otherwise this fd will be inherited all the way into the Upstart jobs.
2012-08-07 10:05:33 -04:00
Shea Levy
805d37db48
qemu-vm creates an ext3 filesystem
2012-08-07 07:02:08 -04:00
Shea Levy
0ea2643c63
The initrd mounts some tmpfses
2012-08-07 06:57:01 -04:00
Shea Levy
11e5207a2d
qemu requires VIRTIO_BLK (and dependencies) for virtio drives
2012-08-06 17:10:54 -04:00
Shea Levy
64d0069be3
udev requires unix sockets and inotify
2012-08-06 17:02:35 -04:00
Rickard Nilsson
e33dfa936f
Use busybox mount instead of klibc nfsmount for nfs mounts in initrd.
2012-08-06 16:25:22 -04:00
Shea Levy
e66bcbd58a
The kernel needs SERIAL_8250_CONSOLE when using a real serial port as a console
2012-08-06 08:13:06 -04:00
Shea Levy
1b615f460b
Allow overriding all NixOS tests to run with the minimal kernel possible for that test's config(s) (based on requiredKernelConfig)
2012-08-04 09:45:26 -04:00
Peter Simons
d13a3c741a
spamassassin: call daemon with complete path
2012-08-03 18:07:06 +02:00
Eelco Dolstra
d5d8acfacd
Assign uid/gid 54 to wwwrun
2012-08-03 11:05:25 -04:00
Eelco Dolstra
23cb924fbf
Don't try to change the uid/gid of existing users
...
Unless we search the entire filesystem to do a chown *and* restart
existing processes owned by that user, there is no sensible way that
we can change uids/gids. So don't try.
2012-08-03 11:03:56 -04:00
Eelco Dolstra
0a0c28f812
Revert "Add services.httpd.fixUidAndGid option to assign reliable numeric UID and GID for the Apache user."
...
This reverts commit 0ef085d58a
.
2012-08-03 10:52:53 -04:00
Peter Simons
0ef085d58a
Add services.httpd.fixUidAndGid option to assign reliable numeric UID and GID for the Apache user.
...
The option is disabled by default so that previously existing installations
aren't affected.
If you'd like to migrate to the fixed numeric id for Apache, set "fixUidAndGid
= true", edit the file "/etc/groups" and replace the old GID value with 54.
(NixOS can't do that for you because it refuses to change a GID that identifies
the primary group of a user.) Then run
find / -xdev -uid $oldUID -exec chown 54 {} +
find / -xdev -gid $oldGID -exec chgrp 54 {} +
to update ownership of all files that are supposed to be owned by Apache.
2012-08-03 16:39:55 +02:00
Eelco Dolstra
29f721ba54
Only create the Apache user/group if it's "wwwrun"
2012-08-03 09:35:06 -04:00
Peter Simons
1b249eaf05
Initial version of a SpamAssassin service.
...
The configuration is expected to be managed by the user in /etc/spamassassin.
2012-08-03 15:11:28 +02:00
Eelco Dolstra
1fcef0a0e0
Don't use nixUnstable
2012-08-02 13:31:57 -04:00
Rickard Nilsson
a6039e1be2
LUKS root: Fix key file check
...
Check for null instead of empty string
2012-08-02 11:39:31 +02:00
Rickard Nilsson
0958b224ac
LUKS root: Add option for using a key file instead of a passphrase.
2012-08-02 11:30:33 +02:00
Rickard Nilsson
ecdbc94e05
LUKS root: Add option allowDiscards (for SSD disks)
2012-08-02 11:27:28 +02:00
Shea Levy
feb010a366
NixOS kernels should support ELF executables
2012-08-02 00:47:36 -04:00
Shea Levy
3d20a308af
tests/minimal-kernel: Add CIFS timeout patch
2012-08-01 23:36:48 -04:00
Shea Levy
9e300052bd
Add test to check that a machine with a minimal kernel but all of the requiredKernelConfig options set boots and shuts down
2012-08-01 22:32:16 -04:00
Shea Levy
2a983acaff
Enable specifying which kernel config options are needed for a given module
2012-08-01 21:50:43 -04:00
Eelco Dolstra
5f57110e1f
install-grub.pl: Fix Xen support
2012-08-01 21:48:29 +02:00
Mathijs Kwik
52fd5ea6ca
gogoclient: setup config and dirs on service start, not on system activation
2012-07-31 20:07:05 +02:00
Eelco Dolstra
6576d81ff1
Fix "please: command not found" in switch-to-configuration
2012-07-30 15:19:30 -04:00
Eelco Dolstra
2678ff3726
Use /sys/fs/cgroup instead of /dev/cgroup
2012-07-30 13:49:18 -04:00
Eelco Dolstra
174d6a07e0
Fix whitespace
2012-07-30 13:49:10 -04:00
Eelco Dolstra
a559a2a606
mediawiki.nix: Use the right PHP build
2012-07-30 17:19:23 +02:00
Florian Friesdorf
14a8532ee0
add NIX_CONF_DIR to sudo env_keep variables (suggested by Eelco Dolstra)
...
this enables nix-collect-garbage under sudo to respect nix.conf, e.g.:
gc-keep-outputs = true
gc-keep-derivations = true
2012-07-27 12:25:11 +02:00
Peter Simons
e988324534
Use a dedicated user ('named') for BIND instead of running the daemon as super user.
2012-07-27 00:08:41 +02:00
Shea Levy
51765e6333
Merge pull request #20 from chaoflow/setuid-wrapper-newgrp
...
add setuid wrapper for newgrp
2012-07-26 11:11:10 -07:00
Florian Friesdorf
7c1c4c757c
add setuid wrapper for newgrp
2012-07-26 16:52:38 +02:00
Eelco Dolstra
16da4a14f1
amazon-image.nix: Don't put any old configurations in the GRUB menu
2012-07-25 16:38:05 -04:00
Eelco Dolstra
557f39aa0f
install-grub.pl: Apply the configuration limit only to old generations
2012-07-25 16:37:29 -04:00
Eelco Dolstra
8cae5e5782
Remove jfsrec from the minimal CD because it pulls in Boost
2012-07-25 11:39:41 -04:00
Eelco Dolstra
b52117c34d
Treat init-script as a boot loader
2012-07-25 11:30:16 -04:00
Eelco Dolstra
8b91a5f2ff
Move boot loader modules to modules/system/boot/loader
2012-07-25 10:59:03 -04:00
Eelco Dolstra
b15e1fbb08
Boot loader refactoring
...
- Renamed system.build.menuBuilder to system.build.installBootLoader.
- ‘install-grub.pl’ (formerly grub-menu-builder.pl) now generates the
GRUB menu *and* installs GRUB (if necessary).
- ‘switch-to-configuration.sh’ has no boot loader specific knowledge
anymore. It just calls installBootLoader.
2012-07-25 10:47:32 -04:00
Eelco Dolstra
1b743526bd
grub.nix: Handle null values
...
http://hydra.nixos.org/build/2894714
2012-07-25 09:27:51 -04:00
Eelco Dolstra
be4c4d79cf
grub-menu-builder: GRUB now installs unicode.pf2 automatically
2012-07-24 22:37:16 -04:00
Eelco Dolstra
a0721ad2b3
stage-1-init: Use mount --move to move /sys etc. to the target root
...
This fixes warnings about /sys/kernel/security during shutdown and
cleans up /proc/mounts.
2012-07-24 22:04:28 -04:00
Eelco Dolstra
fb15b1894e
Add missing progress message
2012-07-24 19:27:16 -04:00
Eelco Dolstra
f0c82f4543
Pass the ‘--recheck’ flag to grub-install
2012-07-24 19:22:19 -04:00
Eelco Dolstra
f07f221f0e
Replace grub-menu-builder with a much faster version
...
The old GRUB menu builder script is quite slow, typically taking
several seconds. This is a real annoyance since it's run every time
you switch to a new configuration. Therefore this patch replaces the
Bash script with a much faster Perl script. In a VirtualBox test, the
execution time went from 2.7s to 0.1s. The Perl version is also more
correct because it uses XML to get the GRUB configuration (through
builtins.toXML), so there are no shell escaping issues.
The new script currently lacks support for subconfigurations defined
through "nesting.children".
2012-07-24 19:16:27 -04:00
Eelco Dolstra
b3b6b8ad60
virtualbox-image.nix: VirtualBox disks are /dev/sda, not /dev/vda
2012-07-24 19:07:03 -04:00
Phreedom
cb063afcbf
F-Prot virus signaure database updater: package
2012-07-24 10:52:04 +03:00
Shea Levy
0f65521df2
Merge pull request #17 from MarcWeber/fix-init-script-builder
...
fix init-script-builder
2012-07-23 17:44:37 -07:00
Peter Simons
e8e19bbb1f
modules/services/web-servers/apache-httpd: rename 'apacheHttpd' option to 'package'
2012-07-24 01:01:48 +02:00
Peter Simons
b3627f6c69
modules/services/web-servers/apache-httpd: add apache user to the apache group
2012-07-23 22:00:35 +02:00
Peter Simons
52c97adaba
modules/services/web-servers/apache-httpd: make this module more configurable
...
- The new option 'apacheHttpd' determines the version of the Apache
HTTP Server that's being used by this module. The default version
is Apache 2.2.x, as before.
- The new option 'configFile' allows users specify their own custom
config file for the web server instead of being limited to the one
that this module generates.
2012-07-23 21:48:21 +02:00
Eelco Dolstra
5a0cf5e7b6
Use ext4 for VirtualBox images
2012-07-23 14:01:10 -04:00
Phreedom
4f109c8a3d
ClamAV: package virus fingerprint database updater.
2012-07-23 17:19:59 +03:00
Marc Weber
7ddea025e4
dont hardcode apache group name when setting permissions for state dir
2012-07-23 03:28:21 +02:00
Your Name
4549bad2f4
AppArmor: packaged
2012-07-22 16:31:49 +03:00
Your Name
8bde72d99c
Mount securityfs needed for AppArmor and some TPM drivers.
...
Should be harmless.
2012-07-22 16:31:49 +03:00
Marc Weber
3221159f5f
fix init-script-builder
2012-07-21 19:26:36 +02:00
Mathijs Kwik
26bf696350
Revert "allow out-of-tree nixos modules"
...
This reverts commit b609ff4fcf
.
It turns out this can just be done using "require".
2012-07-21 18:30:58 +02:00
Mathijs Kwik
b609ff4fcf
allow out-of-tree nixos modules
...
The environment variable "NIXOS_EXTRA_MODULES" is now checked to
contain a path to a file similar to modules/module-list.nix.
This gives the ability to include nixos modules that are not in the
nixos source tree.
This can be useful for modules that are still experimental, or which
aren't useful for other nixos users. Of course, this was already
possible to do this using a forked nixos tree, but with this
functionality, you can just rely on the nixos channel, easing things a
lot.
2012-07-21 17:35:50 +02:00
Eelco Dolstra
63742a942e
Don't create /var/log/upstart/<jobname> unless necessary
2012-07-18 17:09:00 -04:00
Lluís Batlle i Rossell
f43033a3f7
crashdump: it required some kernel options for the nmi_watchdog to work.
...
Now it says at boot, for every core:
NMI watchdog: enabled, takes one hw-pmu counter.
2012-07-18 21:50:18 +02:00
Peter Simons
4553a27a92
modules/security/pam.nix: add xscreensaver to the list of services
2012-07-17 13:01:09 +02:00
Eelco Dolstra
1d57489427
Global replace /var/run/opengl-driver -> /run/opengl-driver
2012-07-16 11:34:21 -04:00
Eelco Dolstra
98459eb675
Global replace /var/run/booted-system -> /run/booted-system
2012-07-16 11:34:21 -04:00
Eelco Dolstra
73532c3855
Global replace /var/run/current-system -> /run/current-system
2012-07-16 11:34:21 -04:00
Shea Levy
8c24de13e4
D'oh
2012-07-16 08:11:44 -04:00
Shea Levy
cdd8ecf9c7
multitouch: Invert left-right scrolling when invertScroll is enabled
2012-07-16 08:03:47 -04:00
Shea Levy
3d2b83c110
multitouch: Add an option to ignore palm touches
2012-07-14 21:40:49 -04:00
Shea Levy
c909ea9208
multitouch: Add option to invert scroll
2012-07-14 18:02:46 -04:00