3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

1771 commits

Author SHA1 Message Date
aszlig e36bec661c
nixos/virtualbox: Fix warning on enableHardening.
The warning was displayed whenever services.virtualboxHost.enable was
true, but if people were to enable hardening, they'd still get that
annoying message.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-12-16 11:24:55 +01:00
aszlig d85fabd68c
nixos/virtualbox/hostonlyif: Fix writing to /root.
Creates unnecessary cruft in the root users home directory, which we
really don't need. Except the log, but therefore we now cat the log to
stderr and the private temporary directory is cleaned up afterwards.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-12-15 19:16:43 +01:00
aszlig 5d67b17901
nixos/virtualbox: Disable hardening for now.
This should display a big fat warning that people can hardly miss until
we have fixed the issues with the host-only-interfaces that persist when
hardining is enabled.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-12-15 18:53:41 +01:00
aszlig 245baeb2f6
nixos/virtualbox: Note about "vboxusers" group.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-12-15 17:52:19 +01:00
aszlig e03e0ff42a
nixos/virtualbox: Allow to disable hardening.
Hardening mode in VirtualBox is quite restrictive and on some systems it
could make sense to disable hardening mode, especially while we still
have issues with hostonly networking and other issues[TM] we don't know
or haven't tested yet.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-12-15 17:52:18 +01:00
Eelco Dolstra bed675f400 nixos-generate-config: Don't emit networking.hostId
Systemd already generates /etc/machine-id. So there is no need to
generate another unique host identifer.
2014-12-15 17:03:28 +01:00
Eelco Dolstra 0d3a229baa nixos-generate-config: Add time zone 2014-12-15 16:55:03 +01:00
Peter Simons 0f2b026bfe nixos/modules/system/boot/luksroot.nix: hyperlinkify an URL in the documentation 2014-12-15 16:31:18 +01:00
Peter Simons 137ffc9929 Switch default timezone in NixOS from "CET" to "UTC".
Suggested in https://github.com/NixOS/nixpkgs/pull/5332.
2014-12-15 16:31:18 +01:00
Eelco Dolstra 88412c865d Fix ANSI escape in warning messages
Seems to have been broken by accident in 7d1ddae58e.
2014-12-15 16:19:35 +01:00
Thomas Tuegel 32e41c2280 nixos: fix config.fonts.fontconfig.ultimate.allowBitmaps
The option was incorrectly negated, so that 'allowBitmaps = true'
actually disabled bitmap fonts.
2014-12-15 09:16:40 -06:00
Rob Vermaas b48e41b8d7 cron: make into systemd.service and make it depend on /etc/localtime
so that changes in timezone will trigger a restart of cron service.
2014-12-15 14:50:12 +01:00
Eelco Dolstra cfe26e4438 Fix using Apache httpd 2.2 2014-12-15 13:13:17 +01:00
wmertens d3d38c38c5 Merge pull request #5326 from prikhi/refactor-psd-config
profile-sync-daemon: refactor nixos module
2014-12-14 19:38:31 +01:00
Sebastián Bernardo Galkin aba0d8a73d Fix networkmanager resumeCommands
Small typo prevented the post resume script to restart network manager
2014-12-14 03:46:54 -08:00
Domen Kožar 48a282b913 http://nixos.org -> https://nixos.org
(cherry picked from commit 78bb17dd22e4da4e3810fbc78185d73bb25ea73e)
Signed-off-by: Domen Kožar <domen@dev.si>
2014-12-14 11:26:45 +01:00
Domen Kožar ba5fad6dfa Merge pull request #5323 from offlinehacker/gitlab_i686_fix
gitlab: fix i686-linux build and module
2014-12-14 09:48:44 +01:00
Pavan Rikhi 25da0e2518 profile-sync-daemon: refactor module 2014-12-14 00:45:08 -05:00
Jaka Hudoklin 90683792aa gitlab: fix i686-linux build and module
It turns out that installing therubytracer, with dependency on old v8, even
when using source libv8 version is problematic.
(see
http://stackoverflow.com/questions/21666379/problems-installing-gitlab-on-odroid-v8-lib-not-available).

But wait, rails does not even need therubytracer, just any kind of javascript
server side execution framework like nodejs. Well just use that, as also
suggested from different internet sources (look link above), it works just
fine.
2014-12-14 02:24:12 +01:00
Pavan Rikhi 0df1c05f71 Add the Profile Sync Daemon Package & NixOS Module 2014-12-13 09:24:12 -05:00
aszlig 0d71ec8a6e
nixos/virtualbox: Fix setuid wrappers.
We only need to have setuid-root wrappers for VBox{Headless,SDL} and
VirtualBox, otherwise VBoxManage will run as root and NOT drop
privileges!

Fixes #5283.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-12-13 07:52:19 +01:00
Jaka Hudoklin d8ee91cb54 nixos: container profile, fix a few things 2014-12-12 20:28:01 +01:00
Jaka Hudoklin 13e58784bf nixos/gitlab: fixes
- fix timezone data not found
- fix module, add simple test
- allow to set port
2014-12-12 18:01:31 +01:00
Thomas Hunger 59995e168c nixos: Add gitlab and gitlab-shell
I had to make several adjustments to make it work with nixos:

* Replace relative config file lookups with ENV variable.
* Modify gitlab-shell to not clear then environment when running
  pre-receive.
* Modify gitlab-shell to write some environment variables into
  the .authorized_keys file to make sure gitlab-shell reads the
  correct config file.
* Log unicorn output to syslog.
  I tried various ways of adding a syslog package but the bundler would
  not pick them up. Please fix in a better way if possible.
* Gitlab-runner program wrapper.
  This is useful to run e.g. backups etc. with the correct
  environment set up.
2014-12-12 18:01:29 +01:00
Vladimír Čunát 3bcd3ed017 nixos: check resumeDevice is absolute path and document
Fixes #5219 after merging #4995.

(cherry picked from commit 0681d61c37)
Signed-off-by: Domen Kožar <domen@dev.si>
2014-12-12 11:11:57 +01:00
Eelco Dolstra 8bb494c170 Get rid of a warning about dbus in the activation script 2014-12-12 10:45:37 +01:00
aszlig cf7f15c92c
nixos-install: Pass CA cert bundle to chroot.
Since we're using HTTPS for the binary cache (introduced in faf0797) by
default, the binary cache should also be available during installation.

The file that is defined in SSL_CERT_FILE outside of the chroot is
copied over to /tmp/ca-cert.crt inside the chroot, so we have an
absolute path we can reference during nixos-install. However, this might
end up with the file not being cleaned up properly from outside of the
store, but neither would be /tmp/root so the cleanup issue needs to be
solved in another place (or commit to be more exact).

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-12-12 03:03:14 +01:00
Jaka Hudoklin f2e20fa837 nixos: container profile, update /init symlink on rebuild 2014-12-12 02:55:23 +01:00
ambrop7@gmail.com 65393ca8d3 virtualbox: Unbreak the nixos module. 2014-12-12 00:16:33 +01:00
Jaka Hudoklin e1383d0833 Merge pull request #5300 from ambrop72/virtualbox-network-interface
virtualbox: Allow disabling the network interface.
2014-12-11 23:51:52 +01:00
lethalman 786a0c92c6 Merge pull request #5299 from bjornfor/gnome-enable-mtp-support
nixos/gnome: enable MTP support in gvfs
2014-12-11 23:41:05 +01:00
ambrop7@gmail.com 9fa2c35ec8 virtualbox: Allow disabling the network interface.
The current nixos module for VirtualBox unconditionally configures a vboxnet0
network interface at boot. This may be undesired, especially when the user wants
to manage network interfaces in a centralized manner.
2014-12-11 23:35:03 +01:00
Jaka Hudoklin 4be1089781 nixos: move kubernetes & fleet to services/cluster 2014-12-11 23:32:37 +01:00
Jaka Hudoklin 5dac2ec412 Merge pull request #5297 from fmapfmapfmap/tor-extra-config
Tor module: append redundant specifications of 'extraConfig', via 'types.lines'.
2014-12-11 23:22:52 +01:00
Jaka Hudoklin deb28cf0b1 nixos: container tarball release
- Create container nixos profile
- Create lxc-container nixos config using container nixos profile
- Docker nixos image, use nixos profile for its base config
2014-12-11 23:17:27 +01:00
Bjørn Forsman f3a46c3858 nixos/gnome: enable MTP support in gvfs
To support browsing files on Android phones in Nautilus (and other GVFS
based file browsers).
2014-12-11 23:13:39 +01:00
vi c005dc0e6b Tor module: append redundant specifications of 'extraConfig', via 'types.lines'. 2014-12-11 14:23:48 +00:00
Shea Levy 10751129d0 Don't require forcing utils to get to lib 2014-12-10 19:28:45 -05:00
Domen Kožar 0ec12d53e6 tcpcrypt: 2011.07.22 -> 0.3rc1, fix nixos service 2014-12-10 10:23:46 +01:00
Austin Seipp 42e4e64577 Merge pull request #5276 from abbradar/nginx-types
nixos/nginx: add more types
2014-12-09 19:48:04 -06:00
Nikolay Amiantov d0773dae54 nixos/nginx: add more types 2014-12-10 04:45:10 +03:00
Eelco Dolstra faf0797c0c Use https://cache.nixos.org 2014-12-09 13:38:46 +01:00
William A. Kennington III c17eb7f0e6 nixos/consul: Make service definition more sane 2014-12-09 02:24:36 -08:00
Thomas Tuegel 9707ffd973 nixos: let fontconfig default fonts be lists of fonts 2014-12-08 10:55:24 -06:00
Thomas Tuegel 57ba2093bf Replace Bitstream Vera fonts by DejaVu in defaults
The default configuration installed the Bitstream Vera fonts, but DejaVu
is a superior replacement, and the default Fontconfig settings need it
now for the generic faces monospace, sans-serif, and serif.
2014-12-08 10:55:24 -06:00
Thomas Tuegel c00c563c66 Add NixOS module for fontconfig-ultimate
Details:
* The option `fonts.fontconfig.ultimate.enable` can be used to disable
  the fontconfig-ultimate configuration.
* The user-configurable options provided by fontconfig-ultimate are
  exposed in the NixOS module: `allowBitmaps` (default: true),
  `allowType1` (default: false), `useEmbeddedBitmaps` (default: false),
  `forceAutohint` (default: false), `renderMonoTTFAsBitmap` (default:
  false).
* Upstream provides three substitution modes for substituting TrueType
  fonts for Type 1 fonts (which do not render well). The default,
  "free", substitutes free fonts for Type 1 fonts. The option "ms"
  substitutions Microsoft fonts for Type 1 fonts. The option "combi"
  uses a combination of Microsoft and free fonts. Substitutions can also
  be disabled.
* All 21 of the Infinality rendering modes supported by fontconfig-ultimate
  or by the original Infinality distribution can be selected through
  `fonts.fontconfig.ultimate.rendering`. The default is the medium style
  provided by fontconfig-ultimate. Any of the modes may be customized,
  or Infinality rendering can be disabled entirely.
2014-12-08 10:55:24 -06:00
Thomas Tuegel 8991ff7ceb Load default Fontconfig settings into Xresources for Xft 2014-12-08 10:55:24 -06:00
Thomas Tuegel 1df1305a8a Rewrite Fontconfig NixOS module
Details:
* The option `fonts.enableFontConfig` has (finally) been renamed
  `fonts.fontconfig.enable`.
* Configurations are loaded in this order: first the Fontconfig-upstream
  configuration is loaded, then the NixOS-specific font directories are
  set, the system-wide default configuration is loaded, and finally the
  user configuration is loaded (if enabled).
* The NixOS options `fonts.fontconfig.defaultFonts.monospace`,
  `fonts.fontconfig.defaultFonts.sansSerif` and
  `fonts.fontconfig.defaultFonts.serif` are added to allow setting the
  default system-wide font used for these generic faces. The defaults
  are the appropriate faces from the DejaVu collection because of their
  comprehensive Unicode coverage, clean rendering, and excellent
  legibility.
* The NixOS option `fonts.fontconfig.antialias` can be used to disable
  antialiasing (it is enabled by default).
* The options `fonts.fontconfig.subpixel.rgba` and
  `fonts.fontconfig.subpixel.lcdfilter` control the system-wide default
  settings for subpixel order and LCD filtering algorithm,
  respectively.
* `fonts.fontconfig.hinting.enable` can be used to disable TrueType font
  hinting (it is enabled by default).
  `fonts.fontconfig.hinting.autohint` controls the FreeType autohinter.
  `fonts.fontconfig.hinting.style` controls the hint style; it is "full"
  by default.
* User configurations can be disabled system-wide by setting
  `fonts.fontconfig.includeUserConf = false`. They are enabled by
  default so users can set Fontconfig options in the desktop environment
  of their choice.
2014-12-08 10:55:23 -06:00
Jaka Hudoklin c821f239a3 nixos/fleet: fix typo 2014-12-08 13:30:45 +01:00
Jaka Hudoklin 743b47579b nixos/fleet: enable etcd and docker by default 2014-12-08 13:07:12 +01:00