The advantage of putting the PID file under the ephemeral /run is that
when the machine crashes /run gets cleared allowing graphite to start
once the machine is rebooted.
We also set the PIDFile systemd option so that systemd knows the correct
PID and enables systemd to remove the file after service shut down.
* package statsd node packages separatly since they actually require
nodejs-0.10 or nodejs-0.12 to work (which is ... well old)
* remove statsd packages and its backends from "global" node-packages.json.
i did not rebuild it since for some reason npm2nix command fails. next time
somebody will rerun npm2nix statsd packages are going to be removed.
* statsd service: backends are now provided as strings and not anymore as
packages.
Add the possibility to specify plugin set to
be used as overridable `thunar` derivation argument.
New nixos config attribute:
`services.xserver.desktopManager.xfce.thunarPlugins`
that allows user to specify plugins in the context
of nixos.
Tests:
- With and without plugins.
- Using the nixos attributes.
This module implements a way to start one or more bepasty servers.
It supports configuring the listen address of gunicorn and how bepasty
behaves internally.
Configuring multiple bepasty servers provides a way to serve pastes externally
without authentication and provide creating,listing,deleting pastes interally.
nginx can be used to provide access via hostname + listen address.
`configuration.nix`:
services.bepasty = {
enable = true;
servers = {
internal = {
defaultPermissions = "admin,list,create,read,delete";
secretKey = "secret";
bind = "127.0.0.1:8000";
};
external = {
defaultPermissions = "read";
bind = "127.0.0.1:8001";
secretKey = "another-secret";
};
};
};
Ctrl+Alt+Backspace is usually enabled by default under X, and is a
keyboard shortcut that forcefully kills the current X server. This can
lead to data loss by users if accidentally pressed. This commit
introduces a new option, services.xserver.enableCtrlAltBackspace, that
is *disabled* by default. If set to true, the previous behavior can be
restored.
A similar decision was made by the Ubuntu team, and is documented here:
https://wiki.ubuntu.com/XorgCtrlAltBackspace
Currently only the hardcoded default directories are created, not the
directories that the user may have provided. Fix that.
[Bjørn: fix small typo (%{settingsDir} => ${settingsDir}) and change
commit message.]
Run pam_unix an additional time rather than switching it from sufficient
to required. This fixes a potential security issue for
ecryptfs/pam_mount users as with pam_deny gone, if cfg.unixAuth = False
then it is possible to login without a password.
The idea that the interactive bash prompt isn't set in case of TERM=dumb
is intended to fix problems when other machines log remotely into a
NixOS installation via Tramp. A side-effect that change was, however,
that Emacs' shell-mode no longer had a correct prompt. I suppose the
presence of
INSIDE_EMACS=24.5.2,comint
is a sufficiently unique indication that the current interactive shell
is running inside of an Emacs and that the prompt can thus be configured
safely.
This option allows to define (declarative) Jenkins jobs, using Jenkins
Job Builder (JJB) as backend.
Example:
services.jenkins = {
enable = true;
jobBuilder = {
enable = true;
yamlJobs = ''
- job:
name: jenkins-job-test
builders:
- shell: echo 'Hello world!'
'';
};
};
Jobs can be defined using YAML, JSON and Nix.
Note that it really is declarative configuration; if you remove a
previously defined job, the module will remove the jobdir under
$JENKINS_HOME.
Jobs managed through the Jenkins WebUI (or by other means) are not
touched by this module.
Changes v1 -> v2:
* add nixJobs
* let jsonJobs take a list of strings (allows merge)
* 4 space indent in shell code
Regression introduced by b21fd5d066.
The initialScript is only executed whenever there is a .first-startup in
the dataDir, so silently dropping the file essentially breaks
initialScript functionality.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Since commits 89e9837 and 5b8dae8 the manual no longer depends on
evaluation of any packages from nixpkgs, so all errors of the form
"Package 'foo' is not supported on 'armv7l-linux'" are gone.
mmc_block and sdhci_acpi are both necessary for a Bay Trail Chromebook with an
internal eMMC drive. The sdhci_acpi module is detectable but I can not figure
out a way to check whether the mmc_block module is needed by just looking at
/sys/
I needed to add sdhci_acpi and mmc_block to my initrd modules in order to boot
my Chromebook. Looking under /sys/class/mmc_host/*/device/driver/module will
give us the sdhci_acpi dependency.
This makes the firmware available (or would, if someone switched off
enableAllFirmware). Corresponding kernel module should get auto-loaded.
See #9948. Close#9971.
Option aliases/deprecations can now be declared in any NixOS module,
not just in nixos/modules/rename.nix. This is more modular (since it
allows for example grub-related aliases to be declared in the grub
module), and allows aliases outside of NixOS (e.g. in NixOps modules).
The syntax is a bit funky. Ideally we'd have something like:
options = {
foo.bar.newOption = mkOption { ... };
foo.bar.oldOption = mkAliasOption [ "foo" "bar" "newOption" ];
};
but that's not possible because options cannot define values in
*other* options - you need to have a "config" for that. So instead we
have functions that return a *module*: mkRemovedOptionModule,
mkRenamedOptionModule and mkAliasOptionModule. These can be used via
"imports", e.g.
imports = [
(mkAliasOptionModule [ "foo" "bar" "oldOption" ] [ "foo" "bar" "newOption" ]);
];
As an added bonus, deprecation warnings now show the file name of the
offending module.
Fixes#10385.
I doubt that ordering non-sysvinit services after network.target ever
makes sense. In this case, CopyConsole requires DNS lookups and fails
if these are not yet possible.
Synergy seems to get more and more unstable in recent versions, so we
might want to debug this properly. However, it makes sense to restart
the service nevertheless, because synergy is about keyboard and mouse
sharing and it's quite annoying to either SSH in to restart the service
or even needing to unplug the keyboard and plug in into the machine with
the failing service.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Trigger a restart of the post-resume.target on resume.
That allows other systemd services to receive the restart signal
after resume by becoming 'partOf' the post-resume.target.
Jenkins gets (by default) an additional environment of
{ NIX_REMOTE = "daemon"; }
This has the following problems:
1. NIX_REMOTE disappears when users specify additional environment
variables, because defaults have low merge priority.
2. nix cannot be used without additional NIX_PATH envvar, which is
currently missing.
3. If you try to use HTTPS, you'll see that jenkins lacks
SSL_CERT_FILE envvar, causing it to fail.
This commit adds config.environment.sessionVariables and NIX_REMOTE to
the set of variables that are always there for jenkins, making nix and
HTTPS work out of the box.
services.jenkins.environment is now empty by default.
Commit 9bfe92ecee ("docker: Minor improvements, fix failing test") added
the services.docker.storageDriver option, made it mandatory but didn't
give it a default value. This results in an ugly traceback when users
enable docker, if they don't pay enough attention to also set the
storageDriver option. (An attempt was made to add an assertion, but it
didn't work, possibly because of how "mkMerge" works.)
The arguments against a default value were that the optimal value
depends on the filesystem on the host. This is, AFAICT, only in part
true. (It seems some backends are filesystem agnostic.) Also, docker
itself uses a default storage driver, "devicemapper", when no
--storage-driver=x options are given. Hence, we use the same value as
default.
Add a FIXME comment that 'devicemapper' breaks NixOS VM tests (for yet
unknown reasons), so we still run those with the 'overlay' driver.
Closes#10100 and #10217.
When using the ZFS storagedriver in docker, it shells out for the ZFS
commands. The path configuration for the systemd task does not include
ZFS, so if the driver is set to ZFS, add ZFS utilities to the PATH.
This will resolve https://github.com/NixOS/nixpkgs/issues/10127
[Bjørn: prefix commit message with "nixos/docker:", remove extra space
before ';']
based on @eldostra feedback:
* remove user and group configuration, because it is probably
unnecessary
* remove libraryDir default
* capitalize and shorten service description
Configuration option for setting up virtual WLAN interfaces.
If the hardware NIC supports it, then multiple virtual WLAN interfaces can be
configured through the options of the new 'networking.wlanInterfaces' module.
For example, the following configuration transforms the device with the persistent
udev name 'wlp6s0' into a managed and a ad hoc device with the device names
'wlan-managed0' and 'wlan-adhoc0', respectively:
networking.wlanInterfaces = {
"wlan-managed0" = {
type = "managed";
device = "wlp6s0";
};
"wlan-adhoc0" = {
type = "ibss";
device = "wlp6s0";
};
};
Internally, a udev rule is created that matches wlp6s0 and runs a script which adds
the missing virtual interfaces and re-configures the wlp6s0 interface accordingly.
Once the new interfaces are created by the Linux kernel, the configuration of the
interfaces is managed by udev and systemd in the usual way.
If nixos-install is run on a machine with `nix.distributedBuilds = true`
the installation will fail at some point like this:
Died at /nix/store/4frhrl31cl7iahlz6vyvysy5dmr6xnh3-nix-1.10/libexec/nix/build-remote.pl line 115, <STDIN> line 1.
This is due to `nix.distributedBuilds` setting
NIX_BUILD_HOOK=/nix/store/.../build-remote.pl in the global environment,
which then gets confused in the minimal chroot created by nixos-install.
To avoid these kinds of issues with build hooks, just disable them in
the chroot.
Adding the configuration option 'systemd.generators' to
specify systemd system-generators. The option allows to
either add new system-generators to systemd, or to over-
ride or disable the system-generators provided by systemd.
Internally, the configuration option 'systemd.generators'
maps onto the 'environment.etc' configuration option.
Having a convenience wrapper around 'environment.etc' helps
to group the systemd system-generator configuration more
easily with other 'systemd...' configurations.
This prevents seeing lots of warnings about missing hashes/sizes in the
database when running "nix-store --verify --check-contents" for the
first time.
The EBS and S3 (instance-store) AMIs are now created from the same
image. HVM instance-store AMIs are also generated.
Disk image generation has been factored out into a function
(nixos/lib/make-disk-image.nix) that can be used to build other kinds
of images.
This fixes#10077 because after some debugging it turns out that by
default we don't have a font which is able to display Chinese symbols.
Thanks to @anderspapitto, @kmicu and hyper_ch on IRC to help debugging
this issue, see log at:
http://nixos.org/irc/logs/log.20150926 starting at 19:46
With unifont we have a reasonable fallback font to ensure that every
written language is rendered correctly and thus less surprise for new
users who keep their font settings at the default.
Reported-by: Anders Papitto <anderspapitto@gmail.com>
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Since 74209a4 we have initial support for the "vboxsf" (VirtualBox
shared folder) file system support. This will be cherry-picked to
release-15.09 so we need to notice people about the change.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
There were quite a few configuration options which were tagged via
<literal/>, so in order to keep consistency with other docbook manuals
in the source tree, let's use <option/> here.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
I'm not quite sure why the official Hydra gets a kernel panic in one of
two VMs using the exact same kernels:
https://hydra.nixos.org/build/26339384
Because the kernel panic happens before stage 1, let's wait for the
first VM to boot up and after the bootup is done, start the second one
in hope that it won't trigger the panic.
Oddly enough, whenever I run the test on my own Hydra and on my local
machines, I don't get anything like that.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
I forgot to do this in da0e642. It shouldn't be a big problem but it's
more clean to destroy the VM once we're done testing.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
We previously had 1024 MB of memory to fit a VirtualBox VM with 512 MB
plus the memory needed of the VirtualBox host VM. That obviously won't
work for two VirtualBox VMs, which are used for testing networking
between two VirtualBox guests.
Now, we have 2048 MB on the qemu guest (the VirtualBox host) and 768 MB
for each VirtualBox guest. That should be enough to fit in two
VirtualBox guests (I hope).
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
The default options for all file systems currently are
"defaults.relatime", which works well on file systems which support the
relatime option.
Unfortunately, this is not the case for the VirtualBox shared folder
filesystem, so until now, you need to set something like:
fileSystems."/foo" = {
device = "foo";
fsType = "vboxsf";
options = "defaults";
};
Otherwise mounting the file system would fail.
Now, we provide only the "defaults" option to the "vboxsf" file system,
so something like this is enough:
fileSystems."/foo" = {
device = "foo";
fsType = "vboxsf";
};
An alternative to that could be to document that you need to set default
options, but we really should do what users expect instead of forcing
them to look up the documentation as to why this has failed.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Unfortunately, we can't test whether USB is really working, but we can
make sure that VirtualBox has access to the USB devices.
This is essentially testing #9736, which I haven't yet been able to
reproduce though, but it makes sense to test it so it won't happen in
future releases.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
The default synaptics functionality (without this file) is limited for
clickpads: the right soft button area in the bottom right isn't active by
default, so the entire pad generates left-clicks. There is no way to
right-drag.
This file defines soft button areas and provides some matching rules.
These settings don't conflict with the synaptics options that NixOS
provides.
Addresses #9876 in the way that we want to make sure that VirtualBox 5.x
is going to be properly detected. Right now the result is "kvm", so the
subtest fails as expected with:
error: systemd-detect-virt returned "kvm" instead of "oracle" at (eval
14) line 414, <__ANONIO__> line 92.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
The previous default was $out/lib/debug, which wasn't very useful.
This ensures that you can do
environment.systemPackages = [ pkgs.hello.debug ];
to install debug info.
Booting the demo/installer image won't work if the video memory is too
low. It boots into KDE, shows the background image and doesn't do
anything, according to @domenkozar.
Thanks to @domenkozar for reporting and testing this with 32MB.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
pkgs/os-specific/linux/kernel/common-config.nix defines HIGHMEM64G on
line 441 for 32bit systems, which implies PAE.
We now creating the OVA with PAE support enabled, which fixes bootup of
the image if people are just importing it without setting PAE
explicitly.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Makes it easier to debug and find out for which machine a certain log
socket has been started or stopped.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
We're simply using antiquotation, since it's been a while since these
got introduced (in Nix 1.7). So we can use them because it makes the
code much more readable.
As usual, I made sure that I didn't accidentally change something in
functionality:
$ nix-instantiate nixos/tests/virtualbox.nix
...
/nix/store/cldxyrxqvwpqm02cd3lvknnmj4qmblyn-vm-test-run-virtualbox.drv
$ git stash pop
...
$ nix-instantiate nixos/tests/virtualbox.nix
...
/nix/store/cldxyrxqvwpqm02cd3lvknnmj4qmblyn-vm-test-run-virtualbox.drv
$
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This is essentially not only "wrapping" the line but refactoring into a
shorter name which is used in two places.
And yes, I know I'm very pedantic if it comes to whitespaces and line
lengths, but I made sure this doesn't change any functionality:
$ nix-instantiate nixos/tests/virtualbox.nix
...
/nix/store/cldxyrxqvwpqm02cd3lvknnmj4qmblyn-vm-test-run-virtualbox.drv
$ git stash pop
...
$ nix-instantiate nixos/tests/virtualbox.nix
...
/nix/store/cldxyrxqvwpqm02cd3lvknnmj4qmblyn-vm-test-run-virtualbox.drv
$
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Instead of manually setting debug to true or false, this should make it
possible to now run the test like this:
nix-build nixos/tests/virtualbox.nix --arg debug true
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Sometimes there are random kernel panics do to the lack of memory in the
qemu guests, but as we're setting the VirtualBox memory size relatively
low, 1024 MB should be enough for the qemu guests.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
We want to check whether DBus functionality is working, so let's make
sure it is running in our mini-initrd.
DBus unfortunately requires to have users properly set up and another
configuration file other than in ${dbus.daemon}/etc/dbus-1/system.conf,
so we do provide that as well.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This seems to have been confusing people, using both xlibs and xorg, etc.
- Avoided renaming local (and different) xlibs binding in gcc*.
- Fixed cases where both xorg and xlibs were used.
Hopefully everything still works as before.
Fixes#7593 (NM can't find the dnsmasq binary); the NM expression is missing
dnsmasq in its buildInputs, so configure can't find it.
Also creates /var/lib/misc which dnsmasq expects to exist, because it puts
dnsmasq.leases there.
This reverts commit ab6c8643d4. Issue
https://github.com/NixOS/nix/issues/609 has been resolved, the new Nix
version is available after 86eaeb4c0a, and
using nix-collect-garbage has the advantage that the '-d' flag is
available, which nix-store doesn't have.
Or else users may see this unfriendly message:
error: cannot coerce null to a string, at .../nixos/modules/services/x11/display-managers/gdm.nix:107:49
Changes the option and explicitely sets it for each desktopManager.
Reasoning: Currently,
services.xserver.displayManager.desktopManagerHandlesLidAndPower is set
to true by default. This creates a problem for users without desktop
environments activated, since lid management simply doesn't work
(and they have to be lucky to find this option).
See issue #9671
This reverts commit a8eb2a6a81. OpenSSH
7.0 is causing too many interoperability problems so soon before the
15.08 release.
For instance, it causes NixOps EC2 initial deployments to fail with
"REMOTE HOST IDENTIFICATION HAS CHANGED". This is because the client
knows the server's ssh-dss host key, but this key is no longer
accepted by default. Setting "HostKeyAlgorithms" to "+ssh-dss" does
not work because it causes ssh-dss to be ordered after
"ecdsa-sha2-nistp521", which the server also offers. (Normally, ssh
prioritizes host key algorithms for which the client has a known host
key, but not if you set HostKeyAlgorithms.)
Using waitForWindow on the IceWM root window doesn't necessarily mean
that the panel will be shown. In the lightdm test, we only make sure
that the login is working and thus it doesn't matter how the session
itself will look or whether IceWM is broken, so we don't need that
screenshot.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This looks for the window title instead of OCRing the clock from the
IceWM panel. Of course, this has the drawback, that whenever IceWM is
started it doesn't necessarily mean that the panel is also visible at
that time, so we might want to drop the screenshot of the "session" as
well.
- upgrade 106 -> 108
- fix passphrase rewrapper (password changing should now work fine) as
discussed on https://bugs.launchpad.net/ecryptfs/+bug/1486470
- add lsof dependency so ecryptfs-migrate-home should work out of the
box
`man 1 info` says:
The first non-option argument, if present, is the menu entry to
start from; it is searched for in all `dir' files along INFOPATH.
If it is not present, info merges all `dir' files and shows the
result. Any remaining arguments are treated as the names of menu
items relative to the initial node visited.
Which means that this does what previous programs/info did and #8519
(on-the-fly infodir generation for Emacs) wanted to do, but for both
programs.
Now it generates notifications for auto-detected devices as well as
for explicitly configured ones, sends well formed e-mails and supports
immediate `wall` and `xmessage` notifications.
Avoids this warning when running `nixos-rebuild switch`:
````
building Nix...
building the system configuration...
trace: Obsolete option `services.virtualboxGuest.enable' is used. It was renamed to `virtualisation.virtualbox.guest.enable'.
````
Currently the lightdm test detects a successful login by OCR'ing the
screen and searching for the clock widget's text. Since the last
IceWM update (commit bdd20ced), either the font or the colors of the
clock changed such that the OCR doesn't pick it up anymore.
Instead, just look for a matching (root) window title, e.g.
"IceWM 1.3.9 (Linux/i686)"
This improves error messages when a set or a list is used where a path
was expected. For an example, if you used a package set (as opposed to a
single package) in systemPackages before this commit, the error was:
```
cannot coerce a list to a string, at "/home/nixpkgs/lib/types.nix":103:37
```
Now, the error message reads:
```
The option value `environment.systemPackages' in `/etc/nixos/configuration.nix' is not a list of paths.
```
And set the default value to "Address @LOCAL". This change is needed to
find printers at my workplace (with "lpinfo -v" or the
"system-config-printer" GUI). Ubuntu 14.04 also has this as default.
snmp.conf does not seem to be needed in restartTriggers, because it is
not the cups daemon itself that reads it, but some helper programs that
it spawns on demand.
This provides support for Ubuntu Fan Networking [1].
This includes:
* The fanctl package, and a corresponding NixOS service.
* iproute patches.
* kernel patches.
closes#9188
1: https://wiki.ubuntu.com/FanNetworking
Commit 687caeb renamed services.virtualboxHost to programs.virtualbox,
but according to the discussion on the commit, it's probably a better to
put it into virtualisation.virtualbox instead.
The discussion can be found here:
https://github.com/NixOS/nixpkgs/commit/687caeb#commitcomment-12664978
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Regression introduced by 032f0ffdd0.
The change doesn't look obvious at the first sight why it may cause
problems with lib.makePerlPath, but it introduces a Perl package called
"lib".
And using "with perlPackages;" uses the Perl library "lib" instead of
the lib attribute set from pkgs.
So let's use pkgs.lib.makePerlPath directly in hope that there won't be
a Perl package anytime soon which is called "pkgs".
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
