3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

4786 commits

Author SHA1 Message Date
Joel Moberg 75e96d2c30 avahi: fix test
Reflects module changes made by cdd7310a50
2016-02-28 16:18:39 +01:00
tg(x) be3bd972d5 grsecurity: add 4.1 kernel 2016-02-28 15:00:16 +01:00
Franz Pletz fde23a01b4 nixos/collectd: Fix package option
Commit ed979124ca was missing some code.
2016-02-28 14:55:58 +01:00
Thomas Tuegel c62bf00442 nixos: remove top-level uim option 2016-02-28 07:12:55 -06:00
Thomas Tuegel efad7bd47d fcitx: show available engines in module description 2016-02-28 07:12:55 -06:00
Thomas Tuegel a91161aa57 nixos: remove qtPlugins and gtkPlugins
Both Qt and GTK load plugins from the active profiles
automatically, so it is sufficient to install input methods
system-wide. Overriding the plugin paths may interfere with correct
operation of other plugins.
2016-02-28 07:12:55 -06:00
Domen Kožar 02c7d65bf9 fix NixOS eval 2016-02-28 09:36:23 +00:00
Vladimír Čunát f8516a0717 nixos copySystemConfiguration: fix when chrooted
Fixes #7974. Also makes the description more informative.
2016-02-28 10:08:42 +01:00
Domen Kožar 8b2be11b13 note the desktopManagerHandlesLidAndPower removal 2016-02-28 08:33:14 +00:00
Domen Kožar 4c17d3892b Merge pull request #9727 from Profpatsch/dm-lid-management
remove desktopManagerHandlesLidAndPower
2016-02-28 08:28:17 +00:00
Christoph Hrdinka fd46f18cf6 nsd service: add build time config validation 2016-02-28 09:18:39 +01:00
Nicolas B. Pierron 73630b8986 nsd service: add non-backward compatible release note entry 2016-02-28 09:18:39 +01:00
Christoph Hrdinka c4c9019105 nsd service: make use of literalExample 2016-02-28 09:18:11 +01:00
Christoph Hrdinka 6a096504cc nsd service: add missing options 2016-02-28 09:18:11 +01:00
Christoph Hrdinka 8442a7d12c nsd service: code cleanup
Puts everything in alphanumeric order and removes unnecessary spaces to better
match NixOS coding style.
2016-02-28 09:18:11 +01:00
Domen Kožar 88df035818 Merge pull request #13524 from makefu/bepasty-recursive-env
services.bepasty: buildEnv for creating PYTHONPATH
2016-02-28 06:20:29 +00:00
tg(x) 38614d3f6a grsecurity: use kernel version instead of testing / stable 2016-02-28 04:10:59 +01:00
makefu 3f7c600666 services.bepasty: buildEnv for creating PYTHONPATH
Fixes 'You need gevent installed to use this worker.' as well as missing Flask deps.
2016-02-28 01:35:56 +01:00
Graham Christensen 7df907b272 moodle: 2.8.5 -> 2.8.10 for CVE-2016-0724 CVE-2016-0725 2016-02-27 17:22:14 -06:00
Eelco Dolstra bf9c57fc49 Improve services.locate.period deprecation message 2016-02-27 20:48:12 +01:00
Eelco Dolstra d4636fa254 Revert "Add a way to pin a NixOS version within the module system."
This reverts commit a5992ad61b. Motivation:

a5992ad61b (commitcomment-14986820)
2016-02-27 20:48:12 +01:00
Domen Kožar 04422bb3ca Merge pull request #8630 from lihop/nixos/fix-formatting
nixos: fix formatting of option examples
2016-02-27 10:08:37 +00:00
Vladimír Čunát 3cf9cd8bc3 Merge #12796: nixos docs: show references to packages
(version 2) A better implementation of #10039, after #12357.
This time I did more thorough checking.

See commit messages for details.
2016-02-27 10:48:12 +01:00
Leroy Hopson 392ca77d4c nixos/activation-script: fix formatting of example 2016-02-27 22:25:40 +13:00
Leroy Hopson c1e674c4ca xserver service: fix formatting of example 2016-02-27 22:25:40 +13:00
Leroy Hopson 25fd9e31a2 phpfpm service: fix formatting of example 2016-02-27 22:25:40 +13:00
Leroy Hopson eb90705d45 fail2ban service: fix formatting of example 2016-02-27 22:25:39 +13:00
Leroy Hopson f6f892e2d6 nsd service: fix formatting of example 2016-02-27 22:25:39 +13:00
Leroy Hopson 24d5d28820 cacert: fix formatting of example 2016-02-27 22:25:39 +13:00
Leroy Hopson 3fc6470515 nixos/freetds: fix formatting of example 2016-02-27 22:25:39 +13:00
Leroy Hopson 3e326efffc nixos/vpnc: fix formatting of example 2016-02-27 22:25:39 +13:00
Robert Klotzner e361cdd5c3 nixos: libinput use mkEnableOption 2016-02-27 07:24:47 +01:00
Thomas Tuegel 639c6b91a9 ibus: add engine list to module description 2016-02-26 18:43:54 -06:00
Thomas Tuegel 2383a708f6 ibus: refresh cache at startup 2016-02-26 18:43:41 -06:00
Thomas Tuegel 272cf5c44f Merge branch 'ibus' 2016-02-26 18:10:11 -06:00
Thomas Tuegel d30a128467 ibus: rewrite NixOS module 2016-02-26 18:08:48 -06:00
Arseniy Seroka 766ad682f1 Merge pull request #13471 from Profpatsch/networkmanager-link-local
networkmanager: fix link-local ip addresses
2016-02-27 02:55:31 +03:00
zimbatm 2c7e5a6d8e Merge pull request #13434 from spacefrogg/oath-module
config.security.oath: new module
2016-02-26 18:06:28 +00:00
Nikolay Amiantov c88a06a860 cups service: set path for cups-genppdupdate 2016-02-26 18:27:41 +03:00
zimbatm 8d4c2340d3 Merge pull request #13396 from mayflower/pkg/gitlab
gitlab: 8.0.5 -> 8.5.1, service improvements
2016-02-26 11:19:28 +00:00
Domen Kožar a469681a51 Merge pull request #13365 from abbradar/cups-second-attempt
CUPS update (second attempt)
2016-02-26 11:13:30 +00:00
zimbatm c86e10c115 Merge pull request #13469 from tg-x/acme-external
simp_le: external_pem.sh plugin is now called external.sh
2016-02-26 10:48:55 +00:00
Franz Pletz cd0f14f23e gitlab: Add documentation
Fixes #13303.
2016-02-26 08:56:39 +01:00
Franz Pletz e9393bd426 fixup! gitlab: 8.0.5 -> 8.5.0, service improvements
Make the gitlab packages and components overrideable.
2016-02-26 08:56:08 +01:00
Franz Pletz 44a4592a1c fixup! gitlab: 8.0.5 -> 8.5.0, service improvements
gitlab-shell is now talking over the unix socket to gitlab, so the TCP
port isn't needed anymore.
2016-02-26 08:31:20 +01:00
Franz Pletz 3fd51a9ab2 fixup! gitlab: 8.0.5 -> 8.5.0, service improvements
Some debugging and development leftovers.
2016-02-26 07:08:31 +01:00
Franz Pletz bcfa59bf82 gitlab: 8.0.5 -> 8.5.0, service improvements
Updates gitlab to the current stable version and fixes a lot of features that
were broken, at least with the current version and our configuration.

Quite a lot of sweat and tears has gone into testing nearly all features and
reading/patching the Gitlab source as we're about to deploy gitlab for our
whole company.

Things to note:

 * The gitlab config is now written as a nix attribute set and will be
   converted to JSON. Gitlab uses YAML but JSON is a subset of YAML.
   The `extraConfig` opition is also an attribute set that will be merged
   with the default config. This way *all* Gitlab options are supported.

 * Some paths like uploads and configs are hardcoded in rails  (at least
   after my study of the Gitlab source). This is why they are linked from
   the Gitlab root to /run/gitlab and then linked to the  configurable
   `statePath`.

 * Backup & restore should work out of the box from another Gitlab instance.

 * gitlab-git-http-server has been replaced by gitlab-workhorse upstream.
   Push & pull over HTTPS works perfectly. Communication to gitlab is done
   over unix sockets. An HTTP server is required to proxy requests to
   gitlab-workhorse over another unix socket at
   `/run/gitlab/gitlab-workhorse.socket`.

 * The user & group running gitlab are now configurable. These can even be
   changed for live instances.

 * The initial email address & password of the root user can be configured.

Fixes #8598.
2016-02-26 07:08:31 +01:00
Profpatsch 70c02402c8 networkmanager: fix link-local ip addresses
NetworkManager needs an additional avahi-user to use link-local
IPv4 (and probably IPv6) addresses. avahi-autoipd also needs to be
patched to the right path.
2016-02-26 03:28:56 +01:00
Tanner Doshier 4e5ef470a7 ec2-data: ensure providing a SSH host key is actually optional
2701665904 broke this.
2016-02-25 20:11:49 -06:00
zimbatm b73c5ae291 Merge pull request #10546 from aszlig/nixops-issue-350
Fixes for NixOps issue #350
2016-02-26 00:33:49 +00:00
tg(x) 629a89343e simp_le: external_pem.sh plugin is now called external.sh 2016-02-26 01:31:58 +01:00
zimbatm 76f5cf3f31 Merge pull request #13324 from zimbatm/doc-from-wiki
Converting the wiki to documentation
2016-02-25 19:37:43 +00:00
zimbatm dc314aad12 samba module: add more description
Fixes #13281
2016-02-25 19:36:55 +00:00
zimbatm 93a0306e79 sane module: add more documentation
Imported from https://nixos.org/wiki/Scanners
2016-02-25 19:36:46 +00:00
Michael Raitza d09c7986de config.security.oath: new module
Add a module to make options to pam_oath module configurable.
These are:
 - enable - enable the OATH pam module
 - window - number of OTPs to check
 - digits - length of the OTP (adds support for two-factor auth)
 - usersFile - filename to store OATH credentials in
2016-02-25 13:52:45 +00:00
Emery b16dc8dcc5 New hdapsd module 2016-02-24 21:51:13 +01:00
Jordan Mulcahey a2b8cc0aaf netatalk: 3.1.0 -> 3.1.7, new service module 2016-02-24 19:32:54 +01:00
Eelco Dolstra e2af876c78 Merge pull request #13415 from MatrixAI/master
nixos/stage-1/2: Added -r option to read so that read interprets backslashes literally
2016-02-24 13:50:59 +01:00
Brian McKenna 7d91ee54c9 openbox: fix copy/paste typo in config 2016-02-24 22:54:08 +11:00
Roger Qiu 5cf823e1f4 nixos/stage-1/2: Added -r option to read so that read interprets backslashes literally, and corrected the comment about optional logging. 2016-02-24 18:54:25 +11:00
zimbatm 2a0f6453d5 Merge pull request #12540 from eskimor/libinput-master
nixos: Libinput: Add support like there is for synaptics
2016-02-24 00:01:38 +00:00
zimbatm cfa99e5a99 Merge pull request #13114 from colemickens/azure
azure: package qemu 2.2.0 to fix VHD creation
2016-02-23 22:47:44 +00:00
zimbatm 55ca9eb477 Merge pull request #13115 from colemickens/azure-agent
azure-agent: switch back to upstream WALinuxAgent
2016-02-23 22:46:30 +00:00
zimbatm 09c14170d8 Merge pull request #13125 from abbradar/uwsgi
Refactor uWSGI
2016-02-23 22:32:54 +00:00
Eelco Dolstra d9d6a92d5e sshd.nix: Ensure global config goes before user Match blocks
Hopefully fixes #13393.
2016-02-23 18:03:33 +01:00
Eelco Dolstra cacf2d063e Merge pull request #13059 from abbradar/udev-local-priority
Make local udev rules higher prioritized
2016-02-23 16:41:47 +01:00
Nikolay Amiantov 32df5ed4c2 udev service: make local rules apply after all others 2016-02-23 15:17:24 +03:00
Eelco Dolstra deae4eff7b Make stage-1/2 logging unconditional, and drop log level to "debug"
Using "debug" level prevents spamming the console with messages twice
(once directly and once via kmsg).
2016-02-23 11:56:09 +01:00
Eelco Dolstra 6f6e2c430f test-instrumentation.nix: Only clear $PAGER in the backdoor shell 2016-02-23 11:56:09 +01:00
Eelco Dolstra 806b27a297 qemu-guest.nix: Disable rngd
This gets rid of a zillion "rngd[N]: read error" messages during boot.
2016-02-23 11:56:09 +01:00
Roger Qiu 474d5a7bd0 nixos/stage-2: Added boot.logCommands 2016-02-23 11:56:09 +01:00
Roger Qiu 142f65e07a nixos/stage-1: Added boot.initrd.logCommands 2016-02-23 11:56:08 +01:00
Pascal Wittmann 5d6d841d58 Merge pull request #13373 from tomberek/revert_kippo_twisted
kippo: revert twisted dependency
2016-02-22 23:50:17 +01:00
Thomas Bereknyei e31c8922e0 kippo: revert twisted dependency 2016-02-22 13:57:24 -05:00
Franz Pletz 2d5e6a27fc Merge pull request #13355 from grahamc/ttyNumberString-issue3608
nixos-manual: Accept numbers for ttyNumber, closes #3608
2016-02-22 19:34:16 +01:00
Graham Christensen f57c049e0b nixos-manual: Accept numbers for ttyNumber, closes #3608 2016-02-22 11:25:16 -06:00
Nikolay Amiantov 8b124b7521 nixos.tests.printing: fix for new CUPS version
It looks like now queue is not immediately cleared from cancelled jobs.
Instead, files like "c00001" are left alongside "d00001-001", and
cleanup happens at some later point of time. Also, all new jobs are
assigned consecutive numbers now (00002, 00003 etc.). So when
original d00001 file is finally cleaned, it breaks the test. Fixed
by checking for any "d*" file inside the queue and cleaning it by
ourselves to ensure that each job works correctly.
2016-02-22 12:42:06 +03:00
Sou Bunnbu 7fcecec58b Merge pull request #11254 from ericsagnes/standardize-im
Improve and standardize input methods
2016-02-22 10:13:54 +08:00
zimbatm a7715e3e06 Merge pull request #10231 from zimbatm/apache-intermediate-ssl
apache-httpd: adopt mozilla's SSL configuration recommendation
2016-02-20 19:14:51 +00:00
Robin Gloster 686c09dd38 wpa_supplicant module: after network-interfaces.target
fixes #13136
2016-02-20 17:41:02 +00:00
Arseniy Seroka cbb06df02f Merge pull request #13142 from zimbatm/zerotierone-1.1.4
Zerotierone 1.1.4
2016-02-20 17:09:59 +03:00
Eric Sagnes dc6bd61187 added input method related changelog 2016-02-20 13:04:02 +09:00
zimbatm 433f979cee zerotierone: adopt systemd unit from upstream
See
5db538d85e/ext/installfiles/linux/systemd/zerotier-one.service
2016-02-19 22:56:19 +00:00
Nikolay Amiantov b6c49abba0 uwsgi service: update documentation 2016-02-19 18:09:27 +03:00
Nikolay Amiantov e48c991131 uwsgi service: refactor, throw more errors and drop simultaneous Python 2/3 in path 2016-02-19 18:09:26 +03:00
Thomas Tuegel 7bca3cd8dc kde5: reduce default installation size 2016-02-19 06:21:50 -06:00
Nikolay Amiantov b457b7a7ea Merge pull request #13069 from abbradar/m3d
OctoPrint and plugins and support for M3D Micro 3D-printer
2016-02-19 14:27:32 +03:00
Cole Mickens 86cbd505c5 azure-agent: switch back to upstream WALinuxAgent 2016-02-18 21:11:21 -08:00
Cole Mickens 718848d5aa azure: package qemu @ 2.2.0
This commit packages qemu-220. This package is qemu-2.2.0
and is only used with Azure.
2016-02-18 21:08:28 -08:00
Eric Sagnes 3ad12f2dec inputMethod service: init 2016-02-19 08:52:18 +09:00
Bjørn Forsman b2b1511353 nixos/collectd: add defaultText to package option
CC @fpletz
2016-02-18 20:30:05 +01:00
tg(x) de787adb90 tlsdated: add missing default value for extraOptions 2016-02-18 05:29:12 +01:00
Franz Pletz ed979124ca collectd service: Add option package 2016-02-18 03:44:55 +01:00
aszlig 7bdcfb33f4
nixos: Provide a defaultText for type = package
We don't want to build all those things along with the manual, so that's
what the defaultText attribute is for.

Unfortunately a few of them were missing, so let's add them.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-02-17 21:12:24 +01:00
Nikolay Amiantov 53269f1455 octoprint service: init 2016-02-17 17:05:59 +03:00
Rob Vermaas b2f2d2fef3 Fix azure image, by adding subformat=fixed to disk generation. 2016-02-17 12:02:52 +00:00
Eric Sagnes 3ed3f061da nabi service: init 2016-02-17 20:44:29 +09:00
Eric Sagnes 4a199d9955 uim service: init 2016-02-17 20:44:29 +09:00
Eric Sagnes 52dd53373f ibus service: refactoring 2016-02-17 20:44:29 +09:00
Eric Sagnes 295d670024 fcitx-with-plugins: add fcitx-configtool and fcitx-qt5 2016-02-17 20:44:29 +09:00
Eric Sagnes 850be632a0 fcitx service: init 2016-02-17 20:44:29 +09:00
Vladimír Čunát e9520e81b3 Merge branch 'master' into staging 2016-02-17 10:06:31 +01:00
Nikolay Amiantov 1c8a21dfad Merge branch 'pdnsd-service' of https://github.com/nfjinjing/nixpkgs
Closes #12932
2016-02-16 20:35:01 +03:00
Nikolay Amiantov 39e9b43082 Merge branch 'gammu-smsd' of https://github.com/zohl/nixpkgs into zohl-gammu-smsd
Closes #12998
2016-02-16 19:40:00 +03:00
Franz Pletz 932d2cbd2c Merge pull request #13000 from mayflower/feat/unbound-dnssec
unbound: 1.5.3 -> 1.5.7, hardening, DNSSEC support & cleanup
2016-02-16 02:13:35 +01:00
Arseniy Seroka 6b205a9eba Merge pull request #12988 from colemickens/cfdyndns
cfdyndns: init at 0.0.1
2016-02-16 00:24:32 +03:00
Cole Mickens c7571611dc cfdyndns: init at 0.0.1 2016-02-15 12:54:04 -08:00
Arseniy Seroka a13f9a708b Merge pull request #12992 from lukasepple/master
intel2200BGFirmware: init at 3.1
2016-02-15 22:10:49 +03:00
lukasepple 0b72e7e247 intel2200BGFirmware: init at 3.1
This commit adds the firmware for the Intel 2200BG wireless cards for
the ipw2200 kernel module. Also it changes the
networking.enableIntel2200BGFirmware option to set it as
hardware.firmware since firmware-linux-nonfree does not contain the
appropiate firmware anymore. Also hardware.enableAllFirmware does enable
the intel2200BGFirmware now.
2016-02-15 19:53:07 +01:00
Tuomas Tynkkynen eb9a85a389 Merge pull request #12742 from dezgeg/pr-uboot-changes
U-Boot: 2015.10 -> 2016.01, refactor & support some new boards
2016-02-15 16:10:37 +02:00
Franz Pletz 483e78d0f0 unbound service: add fetching root anchor for DNSSEC 2016-02-15 03:59:42 +01:00
Franz Pletz 9ba533ee4a unbound service: add types to options 2016-02-15 03:59:35 +01:00
Franz Pletz fe4b0a4801 unbound service: retab 2016-02-15 03:59:15 +01:00
Al Zohali 7b7cf281d3 gammu-smsd service: init 2016-02-15 00:26:41 +03:00
Nikolay Amiantov a0afc49f0f dspam service: restrict socket access 2016-02-14 10:35:06 +03:00
Nikolay Amiantov 2cee5a42b0 dspam service: set ClientHost 2016-02-14 10:35:04 +03:00
Vladimír Čunát d039c87984 Merge branch 'master' into closure-size 2016-02-14 08:33:51 +01:00
Franz Pletz 6a036d9fca Merge pull request #9913 from chris-martin/synaptics-options
Add synaptics options for palm detection and scroll speed
2016-02-14 06:08:36 +01:00
Markus Wotringer 4bc9e8a785 elasticsearch2: init at 2.2.0
changes by @globin:
 * updated 2.1.0 to 2.2.0
 * moved to a new derivation

closes #11446

Signed-off-by: Robin Gloster <mail@glob.in>
2016-02-13 15:03:09 +00:00
Robin Gloster c2b578386e kibana: fix pkg and module 2016-02-13 15:03:09 +00:00
Robin Gloster e1493f2ba7 logstash module: use literalExample 2016-02-13 15:03:09 +00:00
Edward Tjörnhammar 9c249a3adf nixos: i2pd, make config options adhere to version 2.4.0 2016-02-13 15:22:31 +01:00
Nikolay Amiantov c9d38164b7 dspam service: make maintenance script verbose 2016-02-12 18:00:00 +03:00
Eelco Dolstra abdbdbebf6 nixos/tests/simple.nix: Include minimal.nix
This reduces the amount of rebuilds (particularly some X11 stuff)
after changing some dependencies like systemd.
2016-02-12 14:35:41 +01:00
Eelco Dolstra 928035378d Fix typo 2016-02-12 14:35:40 +01:00
Robin Gloster 648e596c5f Merge pull request #12683 from heydojo/bluetooth--plasma5
kde5 bluedevil plasmoid : enable bluez5 bluetooth functionality
2016-02-12 13:49:54 +01:00
Eelco Dolstra fd8bd17c3e postgresql: Bump default version to 9.5 2016-02-12 13:20:11 +01:00
Peter Simons a1fa485378 Revert "Remove double-backslashes from grub conf file".
This reverts commit b861bf8ddf, because according to @mdorman [1] this
change rendered his NixOS systems unbootable, and we probably don't want that.

[1] b861bf8ddf (commitcomment-16058598)
2016-02-12 13:14:34 +01:00
Jinjing Wang 73b9a9662d pdnsd service: init 2016-02-12 19:53:41 +08:00
Peter Simons 7bd6fc90cb Merge pull request #12725 from jerith666/postfix-dns-bl
postfix service: implement DNS blacklist support
2016-02-12 12:43:27 +01:00
Franz Pletz c29205f965 Merge pull request #12941 from elitak/unifi_fix
unifi: LD_LIBRARY_PATH hack for embedded libsnappyjava.so, fixes #12897
2016-02-12 08:22:20 +01:00
Edward Tjörnhammar faf01ab0f7 Merge pull request #12038 from womfoo/facetimehd
facetimehd: PCIe webcam support for Macbooks
2016-02-12 07:32:42 +01:00
Edward Tjörnhammar 81b5223c97 nixos: gitit, wrong type restriction redacted 2016-02-12 07:00:37 +01:00
Matt McHenry 40c7d554d4 postfix service: implement DNS blacklist support 2016-02-11 22:13:09 -05:00
Ben Booth b861bf8ddf Remove double-backslashes from grub conf file
The double-backspashes in the splashimage, kernel, and initrd sections serve no purpose and confuse pygrub
2016-02-11 12:05:15 -08:00
Eric Litak fc8a16f4ed unifi: LD_LIBRARY_PATH hack for embedded libsnappyjava.so, fixes #12897 2016-02-11 09:06:33 -08:00
Nikolay Amiantov ccece1ca88 dspam service: restart on failure 2016-02-11 14:03:34 +03:00
Eelco Dolstra 86c2a0f783 mediawiki: 1.23.9 -> 1.23.13 2016-02-11 11:24:44 +01:00
Robin Gloster c341a01281 Merge pull request #12913 from tg-x/tinc-chroot
tinc: enable chroot
2016-02-10 18:15:39 +01:00
tg(x) 5c19830b77 tinc: chroot option 2016-02-10 17:29:36 +01:00
Eelco Dolstra 652ff6902c Merge pull request #12910 from abbradar/postgresql-no-su
postgresql service: don't use su
2016-02-10 12:01:06 +01:00
Eelco Dolstra e892379472 Merge pull request #12909 from abbradar/vconsole-container
kbd module: don't setup vconsoles if we are in a container
2016-02-10 11:56:51 +01:00
Nikolay Amiantov 7ab80e8f79 kbd module: don't setup vconsoles if we are in a container 2016-02-10 13:38:27 +03:00
Eelco Dolstra a4f5dc8bbf Merge pull request #12908 from abbradar/nixos-install-no-check
nixos-install: don't check that /mnt is a mount point
2016-02-10 11:29:39 +01:00
tg(x) c768172919 tinc: enable chroot 2016-02-10 01:49:41 +01:00
Nikolay Amiantov 37bb4855c8 postfix module: fix link to postfix-files 2016-02-10 02:59:15 +03:00
Nikolay Amiantov 90ef11ddcd postgresql service: don't use su 2016-02-10 02:12:05 +03:00
Nikolay Amiantov 46f3975d99 nixos-install: don't check that /mnt is a mount point 2016-02-10 02:08:36 +03:00
Nikolay Amiantov 0024c10a5c dovecot service: add sendmail_path 2016-02-10 02:06:10 +03:00
Nikolay Amiantov c420a6f1ef acme service: update plugins enum 2016-02-10 02:06:01 +03:00
Nikolay Amiantov 2202bb9cf5 postsrsd: fix secret generation 2016-02-10 02:05:53 +03:00
Nikolay Amiantov 5396a01b6c init-script-builder: handle containers without a kernel 2016-02-10 02:05:47 +03:00
Robin Gloster 5bfcce9ed9 Merge pull request #12894 from nathan7/raw-psk
wpa_supplicant module: add an option for accepting raw PSKs
2016-02-09 17:23:24 +01:00
Nathan Zadoks 9e986c161b wpa_supplicant module: add an option for accepting raw PSKs
fix #12892
2016-02-09 17:20:35 +01:00
Eelco Dolstra 4d760edb94 Add FIXME 2016-02-09 16:15:57 +01:00
Rob Vermaas fdbbcef8a2 Fix waagent revision, previous did not exist anymore. 2016-02-09 14:52:54 +00:00
Robin Gloster 0ee88cffca Merge pull request #10417 from puffnfresh/nixos/mmc_block
initrd: add mmc_block to default available modules
2016-02-08 23:51:46 +01:00
Eric Sagnes f03ce60bd2 i3service: remove dmenu and i3 from env packages 2016-02-08 13:31:03 +09:00
Thomas Tuegel 5a13e9500c nixos/nix-serve: use bzip2.bin output 2016-02-07 18:38:00 -06:00
Vladimír Čunát a115bff08c Merge branch 'master' into staging 2016-02-07 13:52:42 +01:00
Aneesh Agrawal 3c5fca9618 filesystems: use list of strings for fs options
Allow usage of list of strings instead of a comma-separated string
for filesystem options. Deprecate the comma-separated string style
with a warning message; convert this to a hard error after 16.09.
15.09 was just released, so this provides a deprecation period during
the 16.03 release.

closes #10518

Signed-off-by: Robin Gloster <mail@glob.in>
2016-02-06 19:48:30 +00:00
Robin Gloster f7aa921773 Merge pull request #12560 from tvestelind/haka
Haka: new package
2016-02-06 20:32:39 +01:00
Nikolay Amiantov b16b5bcaa3 Merge pull request #12811 from abbradar/pulseaudio-device-manager
Load PulseAudio's module-device-manager only for KDE
2016-02-06 22:10:40 +03:00
Nikolay Amiantov 8ade67e8c1 Merge pull request #12797 from abbradar/udev-reload
udev service: restart on rules change
2016-02-06 18:57:24 +03:00
Rickard Nilsson 5c20877d40 opensmtpd: Add option that can disable adding sendmail to the system path 2016-02-06 11:54:56 +01:00
aszlig b060d70d7f
nixos/udev: Fix printing impure FHS paths
The test only checked for existence of the rule file in the output path
of the rulefile generator.

However, we also need to check whether the basename of the file is also
the one we're currently searching for.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-02-05 15:31:04 +01:00
Eelco Dolstra 2701665904 Fetch all EC2 metadata / user data in the initrd
Since we're already fetching one datum, we may as well fetch the
others needed by fetch-ec2-data. This also eliminates the dependency
on wget.
2016-02-04 15:45:54 +01:00
Eelco Dolstra 5c72b20dde amazon-init.nix: Be less spammy 2016-02-04 15:45:54 +01:00
Eelco Dolstra 95584666e9 amazon-init.nix: Don't run nixos-rebuild if we don't have to 2016-02-04 15:45:54 +01:00
Nikolay Amiantov ae662cdb11 display-manager module: load pulseaudio's module-device-manager only for KDE 2016-02-04 13:59:17 +03:00
Kranium Gikos Mendoza 46ecb25d68 facetimehd: blacklist bdc_pci when enabled 2016-02-04 11:31:28 +08:00
Vladimír Čunát 54299b60c4 Merge #12779: Mass replace pkg}/bin-style strings
... to refer to correct outputs
2016-02-03 17:25:22 +01:00
Vladimír Čunát d3a3aa8674 Merge #12740: multiple outputs for Qt 5 and KDE 5 2016-02-03 17:09:09 +01:00
Vladimír Čunát ae74c356d9 Merge recent 'staging' into closure-size
Let's get rid of those merge conflicts.
2016-02-03 16:57:19 +01:00
aszlig c10a17a3eb
nixos/udev: Always fail if rules contain FHS paths
Partially reverts the following commits:

  9f2a61c59c
  9c13fe6604

As @edolstra pointed out, it would make more sense to do this by default
instead of having that allowImpurePaths option. This of course might
break systems which add extra packages to udev, but on the upside it's
hard to miss one of these paths now because it won't get buried in the
ocean of build output lines.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-02-03 16:40:41 +01:00
aszlig 9c13fe6604
nixos/tests/installer: Fail on impure udev rules
With 9f2a61c in place, let's actually use this in the installer tests to
make sure we won't shovel FHS paths down the throad of unstable channel
users.

I've tested this by running all of the installer tests for x86_64-linux
and they all succeeded.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-02-03 15:53:44 +01:00
aszlig 9f2a61c59c
nixos/udev: Add an option to fail on FHS paths
So far we were merely printing a warning if there are still references
to (/usr)/s?bin, but we actually want to make sure that we fix those
paths, especially on updates of packages that come with udev rules.

This adds a new option allowImpurePaths, which when set to false will
cause the "udev-rules" derivation to fail.

I've set this to true by default, to not break existing systems too much
and the intention is to set it to false for a few NixOS VM tests.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-02-03 15:48:52 +01:00
aszlig 80983bbe54
nixos/udev: Provide a better warning for FHS paths
We were trying to find FHS references in all of the rules found in
services.udev.packages. Unfortunately we're still fixing up paths in the
same derivation where we are checking those references, so for example
references to /sbin/modprobe were still printed to be needed to fixup
even though they were already fixed at the time.

So now we're printing a more helpful warning message which is also
conditional (before the warning message was printed regardless of
whether there are any rules that need fixup) and is based off the rules
that were already fixed up.

The new warning message not only contains the build-local rule files but
also the original files from other store paths and the FHS path
references that were still found.

With 8ecd3a5e1d reverted, we now get this:

/nix/store/...-udev-rules/63-md-raid-arrays.rules (originally from
 /nix/store/...-mdadm-3.3.4/lib/udev/rules.d/63-md-raid-arrays.rules)
 contains references to /usr/bin/readlink and /usr/bin/basename.

Which is now more accurate to what is not yet fixed and where it's
coming from.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-02-03 15:48:52 +01:00
aszlig ee68bdc42e
nixos/udev: Fix up readlink and basename as well
In 8ecd3a5, we fixed up the FHS paths for stage 1, but unfortunately we
have a similar udev rules generator twice one for the initrd and one
without. So we might need to refactor this in the future.

For now, let's just fix the references to readlink and basename in the
udev module as well until we have properly addressed this.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Fixes: #12722
2016-02-03 15:45:37 +01:00
Eelco Dolstra 42709fb4e9 switch-to-configuration: Handle failure to read /proc/1/exe
It's not entirely clear why this happens, but sometimes /proc/1/exe
returns a bogus value, like
/ar3a3j6b9livhy5fcfv69izslhgk4gcz-systemd-217/lib/systemd/systemd. In
any case, we can just conservatively assume that we need to restart
systemd when this happens.

Fixes #10261.
2016-02-03 15:01:18 +01:00
Vladimír Čunát 4fede53c09 nixos manuals: bring back package references
This reverts most of 89e983786a, as those references are sanitized now.
Fixes #10039, at least most of it.

The `sane` case wasn't fixed, as it calls a *function* in pkgs to get
the default value.
2016-02-03 14:47:14 +01:00
Vladimír Čunát e0feace5cd nixos docs: allow displaying package references
This is an improved version of original #12357.
For the purpose of generating docs, evaluate options with each derivation
in `pkgs` (recursively) replaced by a fake with path "\${pkgs.attribute.path}".
It isn't perfect, but it seems to cover a vast majority of use cases.
Caveat: even if the package is reached by a different means,
the path above will be shown and not e.g. `${config.services.foo.package}`.

As before, defaults created by `mkDefault` aren't displayed,
but documentation shouldn't (mostly) be a reason to use that anymore.

Note: t wouldn't be enough to just use `lib.mapAttrsRecursive`,
because derivations are also (special) attribute sets.
2016-02-03 14:47:14 +01:00
Nikolay Amiantov 1dce7c0b82 initrd-ssh module: don't check if network is up
We already do this in initrd-network.
2016-02-03 16:37:10 +03:00
Nikolay Amiantov b4528a696a initrd-network: call postCommands only if network is up 2016-02-03 16:35:21 +03:00
Eelco Dolstra 20b54bd989 Merge pull request #12724 from abbradar/udev-hwdb
udev service: generate hwdb database from all udev packages
2016-02-03 14:24:11 +01:00
aszlig 8ecd3a5e1d
nixos/stage-1: Fix references to readlink/basename
Fixes references coming from the mdadm udev rules.

This addresses #12722 (mdadm udev rules have references to /usr/bin) but
still won't fix the warning, though (if we want to fix the warnings, we
will have to patch the udev rules generater in services/hardware/udev).

For common mdraid functionality, this shouldn't fix anything, because
the wrong references seem to only apply to containers, see these
(wrapped) lines from ${mdadm}/lib/udev/rules.d/63-md-raid-arrays.rules:

  # Tell systemd to run mdmon for our container, if we need it.
  ENV{MD_LEVEL}=="raid[1-9]*",
    ENV{MD_CONTAINER}=="?*",
  PROGRAM="/usr/bin/readlink $env{MD_CONTAINER}",
    ENV{MD_MON_THIS}="%c"
    ENV{MD_MON_THIS}=="?*",
    PROGRAM="/usr/bin/basename $env{MD_MON_THIS}",
    ENV{SYSTEMD_WANTS}+="mdmon@%c.service"

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-02-03 14:19:24 +01:00
Nikolay Amiantov 6b5f90a1a1 udev service: restart on rules change 2016-02-03 15:44:43 +03:00
Nikolay Amiantov 1d70e2fb75 initrd modules: move passwd and nsswitch back to initrd-ssh
Partially reverts commit 901163c0c7.
This has broken remote SSH into initrd because ${cfg.shell} is not
expanded. Also, nsswitch is useless without libnss_files.so which
are installed by initrd-ssh.
2016-02-03 14:56:55 +03:00
Nikolay Amiantov 815ff00ee0 initrd-ssh module: enable only if initrd network is enabled 2016-02-03 14:55:52 +03:00
Nikolay Amiantov cc70183cee initrd-network module: initialize network before other pre-LVM commands
This is needed to ensure that network will be initialized before LUKS
passphrase is asked.
2016-02-03 14:55:42 +03:00
Guillaume Maudoux 9f358f809d Configure a default trust store for openssl 2016-02-03 12:42:01 +01:00
Vladimír Čunát 889351af8b Revert "Merge #12357: nixos docs: show references to packages"
The PR wasn't good enough yet.
This reverts commit b2a37ceeea, reversing
changes made to 7fa9a1abce.
2016-02-03 12:16:33 +01:00
Eelco Dolstra 69ec09f38a Don't make chromium-beta/dev release blockers
Generally we shouldn't ship pre-release versions anyway, and we
certainly don't want them to be release blockers. Also, chromium
builds are just too slow to have them blocking the channel (see
https://github.com/NixOS/nixpkgs/issues/12794).
2016-02-03 11:49:50 +01:00
Vladimír Čunát b2a37ceeea Merge #12357: nixos docs: show references to packages 2016-02-03 10:07:27 +01:00
Eelco Dolstra e618492168 Revert "Do not relocate /nix and /tmp to small disks on AWS"
This reverts commit f10bead8fd because
it doesn't work - there is no lsblk in the initrd, and there is a
missing backslash.
2016-02-02 19:59:28 +01:00
Eelco Dolstra cc925d0506 boot.initrd.network: Support DHCP
This allows us to use it for EC2 instances.
2016-02-02 19:59:27 +01:00
Eelco Dolstra 901163c0c7 Split the initrd sshd support into a separate module
Also, drop boot.initrd.postEarlyDeviceCommands since preLVMCommands
should work fine.
2016-02-02 19:59:27 +01:00
Eelco Dolstra 06731dfcae ec2: Don't use ephemeral disks for /nix unionfs
This is a regression introduced by merging the EBS and S3 images. The
EBS images had a special marker /.ebs to prevent the initrd from using
ephemeral storage for the unionfs, but this marker was missing in the
consolidated image.

The fix is to check the file ami-manifest-path on the metadata server
to see if we're an S3-based instance. This does require networking in
the initrd.

Issue #12613.
2016-02-02 19:59:27 +01:00
cransom user f10bead8fd Do not relocate /nix and /tmp to small disks on AWS
The default behavior with an m3.medium instance is to relocate
/nix and /tmp to /disk0 because an assumption is made that any
ephemeral disk is larger than the root volume.  Rather than make
that assumption, add a check to see if the disk is larger, and
only then relocate /nix and /tmp.

This addresses https://github.com/NixOS/nixpkgs/issues/12613
2016-02-02 01:40:41 +00:00
Tuomas Tynkkynen 33e7a2549a treewide: Mass replace 'xfsprogs}/bin' to refer the 'bin' output 2016-02-01 20:46:23 +02:00
Tuomas Tynkkynen 13b3f3f246 treewide: Mass replace 'openssl}/bin' to refer the 'bin' output 2016-02-01 20:46:16 +02:00
aszlig ecefd2167a
nixos/connman: Fix assertion for networkmanager
Regression introduced by 5184aaa1ea.

The fix was intended to remove the "x == true/false" assertions, but by
accident a "x == false" was made "x == true" instead of "(!x)".

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Reported-by: devhell <"^"@regexmail.net>
2016-02-01 19:33:50 +01:00
Eelco Dolstra 45c218f893 initrd: Use modprobe from busybox 2016-02-01 18:19:24 +01:00
Eelco Dolstra b21ef9c9e6 Don't include wireless-tools/iw/rfkill when wireless is disabled
This is mostly to get rid of some useless stuff in VMs/containers.
2016-02-01 18:19:23 +01:00
Eelco Dolstra 5184aaa1ea Use booleans properly 2016-02-01 18:19:23 +01:00
Eelco Dolstra a7b7ac8bfb openssh: Enable DSA host/client keys
This applies a patch from Fedora to make HostKeyAlgorithms do the
right thing, fixing the issue described in
401782cb67.
2016-02-01 16:31:43 +01:00
Nikolay Amiantov 7330bfe464 udev service: generate proper hwdb database 2016-02-01 14:09:49 +03:00
Eelco Dolstra 1d6379bd30 Merge pull request #12458 from k0ral/acpid
Rewrite acpid module in a more generic way
2016-02-01 11:22:31 +01:00
Rickard Nilsson e430f14da3 nixos-rebuild: Don't propagate --no-out-link arg to nix-store 2016-02-01 10:54:58 +01:00
Rickard Nilsson b5b7805543 nixos-rebuild: Do not create result symlinks for boot/switch actions (resolves #12665) 2016-02-01 10:37:53 +01:00
Nikolay Amiantov 53e0f8b1cd Merge branch 'fontconfig-caches' into staging
Closes #12668, fixes #12648
2016-02-01 12:20:06 +03:00
Tomas Vestelind de2d609317 haka in unstable release notes 2016-02-01 09:47:23 +01:00
Tuomas Tynkkynen 4cf9bf9eb0 sd-image.nix: Move the /boot partition up to 8M
Reportedly some ARM boards need some boot code at the start of a SD card
that could be larger than a megabyte. Change it to 8M, and while at it
reduce the /boot size such that the root partition should now start on a
128M boundary (the flash on SD cards really don't like non-aligned
writes these days).
2016-02-01 10:46:17 +02:00
Tuomas Tynkkynen b6621196e0 sd-image-armv7l-multiplatform.nix: Add ttymxc0 to the list of consoles
Needed for the RS-232 port on Wandboard Quad (and presumably other boards
using the i.MX6 SoC).
2016-02-01 10:46:17 +02:00
Thomas Tuegel 4768f41e36 nixos/kde5: use runtime outputs 2016-01-31 21:15:03 -06:00
Ryan Mulligan 8fee229261 desktop manager service: fix and improve default error
Before the error if the wrong default desktop was chosen would be:

/nixpkgs-channels/lib/modules.nix:282:11:
Default desktop manager ($(defaultDM)) not found.

which has the string interpolation done incorreclty. Now that is fixed
and it is more user-friendly as:

/nixpkgs-channels/lib/modules.nix:282:11:

Default desktop manager (gnome) not found.
Probably you want to change
  services.xserver.desktopManager.default = "gnome";
to one of
  services.xserver.desktopManager.default = "gnome3";
  services.xserver.desktopManager.default = "none";
2016-01-31 13:00:15 -08:00
Luca Bruno 932ee094e1 gnome3: drop GNOME 3.16 2016-01-31 13:59:48 +01:00
Oliver Charles ab2db6239d lightdm: Allow background colors and images. Fixes #12684 2016-01-31 09:52:28 +00:00
Franz Pletz 65e5a727eb Merge pull request #11737 from MatrixAI/master
Simplified totalmem calculation for zram.nix
2016-01-30 23:14:44 +01:00
Franz Pletz dbb01a863b Merge pull request #12699 from simonvandel/sundtek
sundtek: 2015-12-12 -> 2016-01-26 + service change
2016-01-30 20:41:04 +01:00
Simon Vandel Sillesen 81e99998f7 sundtek: 2015-12-12 -> 2016-01-26 + service change
* There is no need for hydra to build this, hence preferLocal
* service change: do not hardcode a wait time of 5 seconds
2016-01-30 20:08:52 +01:00
Tony White ddfb660f7b kde5 bluedevil plasmoid : enable bluez5 bluetooth functionality
- Fixed a bug in bluedevil (link to a .js file)
    - Made bluez5 the default bluetooth service except for kde4
    - created org.bluez.obex systemd dbus service
    - Patched bluez5 using bluez-5.37-obexd_without_systemd-1.patch
    in order to enable obex when using either the bluedevil plasmoid
    or dolpin file manager within plasma workspaces 5.

    The functionality was tested using a Sony Xperia Z, the machine
    and the handset paired  and two different files were sent in both
    directions successfully.
2016-01-29 22:08:42 +00:00
aszlig 6fec28e043
nixos-manual: Further simplify stripAnyPrefixes
First of all this fixes an evaluation error I introduced in ae466ba,
which wasn't triggered by any of my own tests against the change because
there are usually no NixOS options that are declared outside of the
<nixpkgs> tree. I renamed the attribute name from "fn" to "fileName"
first and later to "fullPath" but forgot one still occuring "filename".

Thanks to @vcunat for noticing this.

Another thing that he pointed out was that the "stripPrefix" function
can be factored away entirely, because it's very similar to
"removePrefix" in <nixpkgs/lib>.

Unfortunately we can't use "removePrefix" as is, because we need to
account for the final shlash.

So instead of removing it twice and/or retaining "stripPrefix", let's
append a shlash on every "prefixesToStrip" and we can use "removePrefix"
as is.

Tested with:

taalo-build nixos/release.nix -A tests.installer.simple.x86_64-linux

And:

w3m -dump "$(
  nix-build nixos/release.nix -A manual.x86_64-linux
)/share/doc/nixos/options.html"

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @vcunat
2016-01-29 20:14:11 +01:00
aszlig ae466ba15c
nixos-manual: Simplify stripping prefixes
Let's use a simple (unflipped) fold and break out the actual core
stripPrefix function from stripAnyPrefixes (I personally love
point-less^H^H^H^Hfree style but if I'd be anal I'd even go further and
factor away the "fn:").

Also, let's use path as a better name for "fn" (filename), because
that's what it is and also cannot be confused with "fn" meaning
"function".

We now toString all of the prefixes, so there shouldn't be any need to
implicily toString the extraSources anymore.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-01-29 16:33:19 +01:00
aszlig a581f72f22
nixos-manual: Fix stripping declaration prefixes
Regression introduced by e6cd147ae7.

This broke all of the installer tests, because they needed to rebuild
the manual within the test machine, while it only has a closure of the
already pre-built system in place.

The problem here was just that the order of the arguments got mixed up
in stripAnyPrefixes, so it was actually trying to strip the path off the
prefix, not the other way around.

So in the end no prefix was stripped at all, so we ended up having full
store paths in the manual, which in turn caused the build within the VM
to fail, because the prefixes differed.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-01-29 16:33:19 +01:00
Nikolay Amiantov 39b5bc3b2f fontconfig service: add pre-generated fonts caches 2016-01-29 14:41:26 +03:00
Roger Qiu 5d3b1b84f5 zram: simplified totalmem calculation for zram.nix 2016-01-29 22:41:20 +11:00
Vladimír Čunát de0af30716 Merge branch 'master' into staging 2016-01-29 10:19:48 +01:00
Eelco Dolstra bfebc7342e Fix some references to deprecated /etc/ssl/certs/ca-bundle.crt 2016-01-29 02:32:05 +01:00
Vladimír Čunát ab8a691d05 nixos systemPackages: rework default outputs
- Now `pkg.outputUnspecified = true` but this attribute is missing in
  every output, so we can recognize whether the user chose or not.
  If (s)he didn't choose, we put `pkg.bin or pkg.out or pkg` into
  `systemPackages`.
- `outputsToLink` is replaced by `extraOutputsToLink`.
  We add extra outputs *regardless* of whether the user chose anything.
  It's mainly meant for outputs with docs and debug symbols.
- Note that as a result, some libraries will disappear from system path.
2016-01-28 11:24:18 +01:00
Sergey Mironov a4d977e01f syncthing: support SOCKS5 proxying for relays 2016-01-27 22:47:09 +03:00
Kranium Gikos Mendoza 9213916ca7 facetimehd: init at git-20160127 2016-01-28 02:59:36 +08:00
Eelco Dolstra 2352e2589e audit: Disable in containers
This barfs:

Jan 18 12:46:32 machine 522i0x9l80z7gw56iahxjjsdjp0xi10q-audit-start[506]: The audit system is disabled
2016-01-26 16:25:40 +01:00
Nikolay Amiantov b52acfdf01 nixos xserver: remove vaapiDrivers
Use hardware.opengl.extraPackages instead.
2016-01-26 13:42:40 +03:00
Nikolay Amiantov 1ae1791e8e nixos opengl: add extraPackages and extraPackages32 2016-01-26 13:42:39 +03:00
Tony White c95bd5d085 sddm: add numlock switch
- added numlock on boot switch
- simply add :
services.xserver.displayManager.sddm.autoNumlock = true;
to configuration.nix and sddm will start
with numlock enabled.
2016-01-26 06:17:32 +00:00
Arseniy Seroka e395cb0214 Merge pull request #12601 from tomberek/gateone_update
Gateone: fix cacerts dependency
2016-01-25 23:14:53 +03:00
Eelco Dolstra 310aadc48b Merge pull request #12557 from ryanartecona/nixos-manual-custom-options
NixOS manual: allow options from nix packages
2016-01-25 10:43:39 +01:00
Franz Pletz ff51021920 Merge pull request #12590 from exi/askpass-in-env
nixos-ssh: set SSH_ASKPASS globally and not just on interactive shells
2016-01-25 10:42:31 +01:00
Vladimír Čunát 2af19df364 Merge branch 'master' into staging 2016-01-25 10:02:25 +01:00
Vladimír Čunát 3e1599f57b nixos-generate-config: fix #12595: broadcom quoting 2016-01-25 07:57:53 +01:00
Thomas Bereknyei 80d38d12b4 Gateone: fix cacerts dependency 2016-01-24 16:52:06 -05:00
Reno Reckling 312bae7fc0 nixos-ssh: set SSH_ASKPASS globally and not just on interactive shells
If we limit SSH_ASKPASS to interactive shells, users are unable to trigger
the ssh-passphrase dialog from their desktop environment autostart scripts.
Usecase: I call ssh-add during my desktop environment autostart and want to have
the passphrase dialog immediately after startup.
For this to work, SSH_ASKPASS needs to be propagated properly on
non-interactive shells.
2016-01-24 11:18:30 +01:00
Tuomas Tynkkynen d91c7347d1 treewide: Mass replace 'openssl}/lib' to refer the 'out' output 2016-01-24 10:03:38 +02:00
Tuomas Tynkkynen 40ef23e7ed treewide: Mass replace 'xorg.libXext}/lib' to refer the 'out' output 2016-01-24 10:03:37 +02:00
Tuomas Tynkkynen 5d52f55426 treewide: Mass replace 'xorg.libX11}/lib' to refer the 'out' output 2016-01-24 10:03:37 +02:00
Tuomas Tynkkynen 8707bf4a3c treewide: Mass replace 'libcap}/lib' to refer the 'out' output 2016-01-24 10:03:35 +02:00
Tuomas Tynkkynen a1909d7380 treewide: Mass replace 'glibc}/lib' to refer the 'out' output 2016-01-24 10:03:35 +02:00
Tuomas Tynkkynen f12f6c8607 treewide: Mass replace 'dbus_daemon}/lib' to refer the 'lib' output 2016-01-24 10:03:34 +02:00
Tuomas Tynkkynen dc8e939dbc treewide: Mass replace 'cups}/lib' to refer the 'out' output 2016-01-24 10:03:33 +02:00
Tuomas Tynkkynen 96372f2edb treewide: Mass replace 'cairo}/lib' to refer the 'out' output 2016-01-24 10:03:33 +02:00
Tuomas Tynkkynen f412f5f3ee treewide: Mass replace 'attr}/lib' to refer the 'out' output 2016-01-24 10:03:32 +02:00
Dan Peebles dd18447055 grsecurity: add NixOS VM test 2016-01-24 04:06:19 +00:00
Dan Peebles e409d0fed3 nixos: update-locatedb - harden via systemd (#7220)
Also, use systemd timers.

Most of the work is by @thoughtpolice but I changed enough of it to warrant changing commit author.
2016-01-23 20:44:30 +00:00
Dan Peebles 7ccda42007 nixos: uptimed - rewrite and harden a bit (#7220)
This is mostly @thoughtpolice's work, but I cleaned it up a bit.
2016-01-23 19:28:01 +00:00
Nikolay Amiantov bf208745ab Merge pull request #12290 from abbradar/dovecot-updates
Rework dovecot module, add and update plugins, default Dovecot to 2.2
2016-01-23 12:02:23 +03:00
Tomas Vestelind 198c03bffe haka: very basic testing 2016-01-23 01:20:14 +01:00
Tomas Vestelind 11d475af29 haka: options for nixos 2016-01-23 01:19:53 +01:00
Ryan Artecona e6cd147ae7 nixos manual: allow options from nix packages 2016-01-22 14:22:12 -05:00
Nikolay Amiantov c3abcd8415 Merge pull request #12368 from abbradar/ghostscript-update
Ghostscript and CUPS updates
2016-01-22 21:46:52 +03:00
Peter Simons e6d42dfe04 Merge pull request #12459 from avnik/fix-var-lib-postfix-permissions
Make /var/lib/postfix world-readable
2016-01-22 17:25:07 +01:00
Robert Klotzner 5d4948e183 libinput: configuration support: Polishing
+ addition of missing options
2016-01-22 13:11:13 +01:00
Robert Klotzner d3f687951a nixos: libinput added options
- natural scrolling
- scroll method
- disable while typing
2016-01-22 13:09:54 +01:00
Robert Klotzner a2db14925b nixos: Added libinput configuration
like there was for synaptics
2016-01-22 13:09:39 +01:00
Peter Simons 9ee5a6b858 Merge pull request #12481 from nathan7/usrbinenv-option
activation-script module: add environment.usrbinenv option
2016-01-22 11:18:37 +01:00
Thomas Bereknyei eda3e938d7 IHaskell: remove un-needed inherit 2016-01-21 17:21:00 -05:00
Domen Kožar b39c51a362 Merge pull request #12323 from kragniz/rkt-v0.15.0
rkt: 0.14.0 -> 0.15.0
2016-01-21 22:27:33 +01:00
Domen Kožar e473a424fb Merge pull request #12324 from rickynils/nixos-rebuild-remote-try2
Fix NixOS installer tests failures introduced by nixos-rebuild changes
2016-01-21 21:20:57 +01:00
koral 93e17506ee Rewrite acpid module in a more generic way 2016-01-21 20:08:14 +01:00
Nikolay Amiantov 3ade072aad nixos changelog: mention CUPS changes 2016-01-21 20:02:50 +03:00
aszlig c92d7481a5
multipath_tools: Rename to multipath-tools
See http://nixos.org/nixpkgs/manual/#sec-package-naming

I've added an alias for multipath_tools to make sure that we don't break
existing configurations referencing the old name.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-01-21 16:18:38 +01:00
Nikolay Amiantov 5b5e2c05c4 nixos/dovecot: add mail user and group 2016-01-21 12:53:26 +03:00
Nikolay Amiantov b781cf1a12 nixos/dovecot: add sieveScripts support 2016-01-21 12:53:26 +03:00
Nikolay Amiantov 39bbac96af nixos/dovecot: symlink system-wide config and use it 2016-01-21 12:53:25 +03:00
Nikolay Amiantov 70e77f9b53 nixos/dovecot: use new modules directory 2016-01-21 12:53:25 +03:00
Nikolay Amiantov 94a43b41af nixos/dovecot: add dovecot package to modules, force proper dovecot version 2016-01-21 12:53:25 +03:00
Nikolay Amiantov b2b58642fe nixos/dovecot: add 'protocols' option 2016-01-21 12:53:25 +03:00
Nikolay Amiantov 122929cda7 nixos/dovecot: use systemd's RuntimeDirectory instead of creating it by ourselves 2016-01-21 12:53:25 +03:00
Nikolay Amiantov 9c7b067c6a nixos/dovecot: create user/group only if they are default 2016-01-21 12:53:24 +03:00
Nikolay Amiantov d1a9c55d91 nixos/dovecot: add reload command 2016-01-21 12:53:24 +03:00
Nikolay Amiantov 9fe72b34ed nixos changelog: mention postfix changes 2016-01-21 12:48:30 +03:00
Nikolay Amiantov 15ea50733d nixos changelog: mention ejabberd fixes 2016-01-21 12:48:30 +03:00
Edward Tjörnhammar 4948bdadd6 nixos: ihaskell, wrong type restriction redacted 2016-01-21 10:02:39 +01:00
Alexander V. Nikolaev 39bd9be5a9 postfix: use built-in set-permission tool to setup queue
Make top level /var/lib/postfix as root:root 0755

After generating custom configs in /var/lib/postfix/conf,
`postfix set-permissions` called, to perform all required tricks
related to queue handling (postfix use file mode bits to keep
some internal statuses, so `chmod -R` not recommended by authors,
see comments in $out/libexec/postfix/post-install for details)

Also post-install script was patched, to skip permission check/update
for files inside $out, as well as symlinks following to $NIX_STORE.

Config file `main.cf` extended with all default directory locations,
to prevent post-install script from guessing and overwrite them.

And finally all actions in activation script snippets performed
by postmap/postalias/postfix tools from current build, not random one
from paths.
2016-01-20 14:52:59 +02:00
Robin Gloster eac8cb1ce1 Merge pull request #11896 from mayflower/upstream-networkd
networkd: add IPForward IPMasquerade options,  DHCPServer section
2016-01-20 13:06:44 +01:00
Rickard Nilsson 51c6383ebd nixos-rebuild: Build only the 'out' output of nix (not 'doc' and 'debug' too)
This fixes the failing NixOS installer tests.
2016-01-20 10:01:59 +01:00
Rickard Nilsson fb2eae08d5 Revert "Revert "nixos-rebuild: Add option for building and/or deploying on a remote host""
This reverts commit 78be7f5a53.
2016-01-20 10:01:59 +01:00
Joachim Schiele 2a88417f03 nixos/doc: fix to: ~/.nix-defexpr wasn't created, fixes #6606 2016-01-20 04:59:16 +01:00
Rick Yang f8c3130e0f softether: Fixed problems with using systemd services 2016-01-20 03:47:33 +01:00
Peter Jones 5b8c871842 If container name is already unique, don't append "-0"
When using `--ensure-unique-name`, don't needlessly append `"-0"` if the
container name is already unique.

This is especially helpful with NixOps since when it deploys to a
container it uses `--ensure-unique-name`.  This means that the container
name will never match the deployment host due to the `"-0"`.  Having the
container name and the host name match isn't exactly a requirement, but
it's nice to have and a small change.
2016-01-20 03:46:19 +01:00
Rok Garbas 109ba4c861 nixos: add test for postgresql, fixes #11146 2016-01-20 03:42:59 +01:00
Mark Laws 1c393cbb3c gale service: fix permissions configuration, fixes #12457 2016-01-20 02:09:40 +01:00
Tobias Geerinckx-Rice df29b0d23f nixos: fix evaluation
After commit 5e468b9, evaluation failed with:

  error: undefined variable ‘dnsExtensionMechanism’ at
  .../nixpkgs/nixos/modules/config/networking.nix:177:33
2016-01-20 01:19:03 +01:00
Nathan Zadoks df82096af0 activation-script module: add environment.usrbinenv option 2016-01-19 23:29:48 +01:00
Peter Simons 5e468b96b4 nixos: add 'networking.dnsExtensionMechanism' option to enable edns0 (for DNSSEC)
Set this option to 'true' (default: 'false') to enable extension mechanisms for
DNS (EDNS) in your local glibc resolver. This is required for supporting
DNSSEC, for example.

Implementation detail: the patch changes assignments to "resolv_conf_options"
to use "+=" instead of "=" to ensure that multiple users of that variable don't
overwrite each other. The generated config file is a shell script, after all,
so this should work fine.

Closes https://github.com/NixOS/nixpkgs/issues/12470.
2016-01-19 21:54:43 +01:00
Vladimír Čunát 716aac2519 Merge branch 'staging' into closure-size 2016-01-19 09:55:31 +01:00
Eric Sagnes 0dd8e03308 i3 service: added i3status and dmenu dependency 2016-01-19 09:32:49 +09:00
Nikolay Amiantov 148396c022 systemd service: add *.busname upstream units 2016-01-18 19:42:25 +03:00
Rickard Nilsson ce543ebf27 elasticsearch: Fix some startup warnings 2016-01-18 15:57:59 +01:00
Rickard Nilsson d6f9f13512 bosun: Create ledisDir in pre-start script 2016-01-18 15:57:59 +01:00
Robin Gloster cd11d91f0a jobs -> systemd.services
missed an override
2016-01-17 22:05:13 +00:00
Robin Gloster 101125d184 Merge pull request #12441 from k0ral/acpid
Add volume and cd events to acpid configuration
2016-01-17 21:57:58 +01:00
Domen Kožar 9e8eba48ab xorg.xorgserver: wrap Xvfb with required flags 2016-01-17 21:14:49 +01:00
Robin Gloster 4a0692a5fb types: remove references to new packageSet
Reverts part of a04a7272aa

packageSet is slated to be introduced in #11866 but currently causes
evalation errors.

/cc @ts468
2016-01-17 19:49:38 +00:00
Thomas Strobel a04a7272aa Add missing 'type', 'defaultText' and 'literalExample' in module definitions
- add missing types in module definitions
- add missing 'defaultText' in module definitions
- wrap example with 'literalExample' where necessary in module definitions
2016-01-17 19:41:23 +01:00
rnhmjoj 641a951c61 i18n: Fix vconsole colorscheme generation
Close #12442.
abbradar: remove trailing spaces.
2016-01-17 20:24:45 +03:00
Nikolay Amiantov 47017474fd cupsd service: move root directory to /var/lib/cups 2016-01-17 15:50:40 +03:00
Nikolay Amiantov c311901810 cupsd service: don't allow overriding necessary configuration options 2016-01-17 15:50:40 +03:00
Nikolay Amiantov d93f866f55 cupsd service: add gutenprint support 2016-01-17 15:50:40 +03:00
Nikolay Amiantov 8377b4e5d6 cupsd service: move all default drivers to the bindir directly 2016-01-17 15:50:40 +03:00
Nikolay Amiantov 06865208e8 cupsd service: use cups-pk-helper is policykit is enabled 2016-01-17 15:50:40 +03:00
koral 9327982486 Add volume and cd events to acpid configuration 2016-01-17 13:04:54 +01:00
Pascal Wittmann a3e7adf509 nixos/plex: fix service startup, see #12422 2016-01-17 13:01:42 +01:00
Domen Kožar 07dcea52e6 Merge pull request #12419 from avnik/rmilter+rspamd
Rmilter+rspamd packages and NixOS modules
2016-01-17 12:57:51 +01:00
Domen Kožar 2d681fdcf7 Merge pull request #12202 from thoughtpolice/nixos/tarsnap/sep-cachedirs
nixos: tarsnap - allow and document concurrent backups
2016-01-17 12:48:59 +01:00
Domen Kožar 75284b09e1 Fix ISO building from a channel
Building config.system.build.isoImage would fail with the following
error using the channel:

  ln: failed to create symbolic link
'/nix/store/zz0hzi5imrg4927v6f8mv281qs6v6pbq-nixos-16.03pre69762.e916273/nixos/nixpkgs/.': File exists

The fix skips symlink as it already exists if the channel
nixpkgs copy is used.

Fixes #10367
2016-01-16 21:58:40 +01:00
Sander van der Burg 4fafd77f7e disnix: propagate ejabberd username to the activation module 2016-01-16 18:08:07 +00:00
Franz Pletz cac1041ced Merge pull request #12328 from makefu/zsh-allow-override-history-defaults
programs.zsh: allow override of history defaults
2016-01-16 17:25:20 +01:00
makefu ed83b8a61c programs.zsh: allow override of history defaults 2016-01-16 16:55:30 +01:00
Alexander V. Nikolaev de8dea4821 nixos: add module for rmilter 2016-01-16 15:12:30 +02:00
Alexander V. Nikolaev 14926f08a3 nixos: Add module for rspamd 2016-01-16 15:11:36 +02:00
aszlig 5caa8ab55e
nixos/tests/quake3: Don't quote +set arguments
With the new upstream Git version of ioquake3 introduced in 7fc7502, the
arguments to the quake3(server) binaries/wrappers may no longer be
passed as full single arguments (like "+set foo bar") but rather as
separate arguments (like "+set" "foo" "bar"), otherwise they will be
completely ignored.

Ran the x86_64-linux test on my machine and it now succeeds.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-01-16 01:13:36 +01:00
aszlig c4de45b7ca
nixos/tests/quake3: Fix eval due to unfree license
Regression introduced by 6b447a3c9b.

In this commit the Quake 3 demo data now have a meta attribute which
specifies the license as unfreeRedistributable.

While I haven't found anything official about that on the web, let's
just allow it to be used in the test because first of all, we have been
using it for a long time (since 2009, introduced in 497760b) and second,
because it will be quite some effort to rewrite the test with something
like OpenArena (particularily because we need coverage data and need to
use the ioquake3 version plus OpenArena-specific patches).

Tested evaluation on my local system, but the VM test still fails.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-01-16 01:13:02 +01:00
Louis Taylor 6309f48137 rkt: 0.14.0 -> 0.15.0 2016-01-15 18:09:58 +00:00
Robin Gloster 00b2e1f704 Merge pull request #11809 from mayflower/fix/libvirtd_service
libvirtd service: Move mutable configs to /var
2016-01-15 18:58:40 +01:00
aszlig 7e36514c90
nixos/postfix: Set type for extraConfig to "lines"
Regression introduced by 3891d3e654.

Merging multiple options with type "str" won't work and give an
evaluation error. For extra configuration lines in the Postfix config it
really should be "lines", especially because even the description
mentions "extra lines".

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-01-15 17:57:09 +01:00
roblabla 7e10bf4327 matrix-synapse: init at 0.12.0 2016-01-15 15:17:14 +01:00
Tristan Helmich bce59a1a8b libvirtd service: Move mutable configs to /var
Modifies libvirt package to search for configs in /var/lib and changes
libvirtd service to copy the default configs to the new location.

This enables the user to change e.g. the networking configuration with
virsh or virt-manager and keep those settings.
2016-01-15 14:26:20 +01:00
Vladimír Čunát 98218971c2 Merge #12299: make firefox-like browsers wrapped by default 2016-01-15 08:53:58 +01:00
Vladimír Čunát 5fe68602cc release notes: document renames of firefox-like browsers 2016-01-15 08:37:02 +01:00
Domen Kožar 8525936f80 nixos: Document "jobs" option removal 2016-01-14 13:08:56 +01:00
Mark Laws e7ba7fba01 gale: init at 1.1happy 2016-01-13 12:00:50 -08:00
Nikolay Amiantov b292e19fbd xserver service: wait for systemd-logind
This seems the right thing to do, and most likely has fixed the race condition
described at https://github.com/NixOS/nixpkgs/issues/12132#issuecomment-171284532
2016-01-13 17:31:23 +03:00
Peter Simons ae6fc4c5be Merge pull request #12293 from abbradar/postfix-updates
Rework postfix module and package
2016-01-13 14:12:50 +01:00
Luca Bruno 27928a020a gnome3: default to gnome 3.18 2016-01-13 12:13:27 +00:00
Vladimír Čunát 3bcf8ae879 nixos manuals: bring back package references
This reverts most of 89e983786a, as those references are sanitized now.
Fixes #10039, at least most of it.

The `sane` case wasn't fixed, as it calls a *function* in pkgs to get
the default value.
2016-01-13 12:04:31 +01:00
Vladimír Čunát b9f6dfe8c5 nixos manuals: allow displaying package references
The manuals are now evaluated with each derivation in `pkgs` (recursively)
replaced by a fake with path "\${pkgs.path.to.the.attribute}".
It isn't perfect, but it seems to cover a vast majority of use cases.
Caveat: even if the package is reached by a different means,
the path above will be shown and not e.g. `${config.services.foo.package}`.

As before, defaults created by `mkDefault` aren't displayed,
but documentation shouldn't (mostly) be a reason to use that anymore.

Note: t wouldn't be enough to just use `lib.mapAttrsRecursive`,
because derivations are also (special) attribute sets.
2016-01-13 12:03:18 +01:00
Nikolay Amiantov b4179c5612 nixos/dspam: add module 2016-01-13 13:08:55 +03:00
Nikolay Amiantov f5efac09aa nixos/opendkim: add module 2016-01-13 13:07:46 +03:00
Nikolay Amiantov c51d08cf27 nixos/postsrsd: add module 2016-01-13 13:04:12 +03:00
Sander van der Burg 23772ef0a2 ejabberd: make config parameter nullable, so that the default bundled config can be used if none is given 2016-01-12 17:12:47 +00:00
Shea Levy dbe94f2ec3 Merge branch 'swap-norestart' of git://github.com/abbradar/nixpkgs 2016-01-12 10:05:52 -05:00
Nikolay Amiantov d3a19f1b8e nixos/postfix: backwards compatibility with /var/postfix 2016-01-12 18:01:27 +03:00
Nikolay Amiantov 1edb62b40a nixos/postfix: add options to compile additional maps and aliases 2016-01-12 18:00:54 +03:00
Nikolay Amiantov 9c502abb1c nixos/postfix: use path instead of direct package mentions 2016-01-12 17:56:54 +03:00
Nikolay Amiantov 902dd35d47 nixos/postfix: move scripts to serviceConfig 2016-01-12 17:54:44 +03:00
Nikolay Amiantov ef3102b27e nixos/postfix: move /var/postfix to /var/lib/postfix, fix access rights 2016-01-12 17:54:41 +03:00
Sander van der Burg b1d6e6a38b Fix running apache tomcat as a daemon 2016-01-12 14:32:22 +00:00
Nikolay Amiantov 9df07753ce swap service: don't restart mkswap.service on switches
Sadly, we can't instruct systemd to properly restart device-name.swap when this service restarts (or I haven't found the way to do so). As of now blindly restarting it would only get you a bunch of errors about device already used -- let's avoid it.
2016-01-12 17:27:21 +03:00
Nikolay Amiantov 54bc19270b nixos/postfix: add users and groups only if needed, fix group name 2016-01-12 16:41:35 +03:00
Nikolay Amiantov 22fb0cb058 nixos/postfix: don't emit alias_maps config option if we don't have aliases set 2016-01-12 16:41:34 +03:00
Nikolay Amiantov 8d4bc5c029 nixos/swap: fix stopping mkswap for encrypted device 2016-01-12 14:54:51 +03:00
Nikolay Amiantov d82c0f9790 nixos/cdemu: use system kernel modules 2016-01-12 14:44:41 +03:00
Domen Kožar 7fe7138968 nixos: fix acme service @abbradar 2016-01-12 11:50:34 +01:00
Domen Kožar 7b0613d51e Revert "nixos/qemu-vm: Disable cache for $NIX_DISK_IMAGE"
This reverts commit 6353f580f9.

Unfortunately cache=none doesn't work with all filesystem options.

Hydra tests error out with: file system may not support O_DIRECT

See http://hydra.nixos.org/build/30323625/
2016-01-11 11:29:16 +01:00
Pascal Wittmann 0d21ba2361 Merge pull request #12283 from abbradar/acme-allowgroup
nixos/acme: add allowKeysForGroup
2016-01-11 07:45:49 +01:00
Pascal Wittmann 009f944b9f Merge pull request #12315 from tlevine/trackpoint-typo
trackpoint: fix typo in trackpoint speed description
2016-01-11 07:44:52 +01:00
Thomas Levine 2d6ebc9189 trackpoint: fix typo in configuration description
I fixed a typo in the description for hardware.trackpoint.speed.
2016-01-11 04:12:04 +00:00
Tobias Geerinckx-Rice 228774aaf5 wis_go7007: remove dead package & module
Broken since 2014, but basically a package from 2008 with no
upstream.
2016-01-11 00:16:01 +01:00
Tobias Geerinckx-Rice 521f903b80 xorgVideoUnichrome: remove dead package
Broken since 2013, upstream very dead.
2016-01-11 00:16:01 +01:00
goibhniu 8b8f864e48 Merge pull request #12103 from rick68/ostinato
Ostinato
2016-01-11 00:09:32 +01:00
Aristid Breitkreuz 01eea878ad Merge pull request #12291 from abbradar/ejabberd
Update ejabberd, new NixOS module for it
2016-01-10 21:15:33 +01:00
Aristid Breitkreuz 9c92faf370 Merge pull request #12133 from dwe11er/new-package/irqbalance
irqbalance: init at 1.1.0
2016-01-10 21:06:50 +01:00
Aristid Breitkreuz bca9ecdd05 Merge pull request #12238 from bfrog/postgresql95
postgresql: 9.4 -> 9.5
2016-01-10 21:01:19 +01:00
Nikolay Amiantov d0510febe1 nixos/ejabberd: update service 2016-01-10 21:28:27 +03:00
Domen Kožar 82af770fa6 correctly fix 313fa2ebc6 2016-01-10 18:24:29 +01:00
Domen Kožar 78be7f5a53 Revert "nixos-rebuild: Add option for building and/or deploying on a remote host"
This reverts commit ca0c460406.

All the installer tests are failing due to this change. cc @rickynils
2016-01-10 17:50:50 +01:00
Domen Kožar 313fa2ebc6 nixos installer tests: use -A nix-env flag to prevent out of memory 2016-01-10 17:48:35 +01:00
Evgeny Egorochkin ada9b3b666 azure-image: azure resource manager doesn't base64-encode custom data, unlike azure service manager 2016-01-10 11:35:44 +02:00
Evgeny Egorochkin 01130e502a systemd: backslashes are no longer allowed in script names 2016-01-10 11:31:38 +02:00
Vladimír Čunát 22184c4cfa release-notes: document $NIX_AUTO_RUN from #12000 2016-01-10 10:15:44 +01:00
Nikolay Amiantov f92cec4c1b nixos/acme: add allowKeysForGroup 2016-01-10 07:28:19 +03:00
Nikolay Amiantov 3891d3e654 nixos/postfix: add types 2016-01-10 06:07:38 +03:00
Arseniy Seroka c03fe79265 Merge pull request #10996 from oxij/nixos-label
nixos: introduce system.nixosLabel support
2016-01-09 20:52:08 +03:00
Jan Malakhovski 119c8f91e7 nixos: introduce system.nixosLabel option and use it where appropriate
Setting nixosVersion to something custom is useful for meaningful GRUB
menus and /nix/store paths, but actuallly changing it rebulids the
whole system path (because of `nixos-version` script and manual
pages). Also, changing it is not a particularly good idea because you
can then be differentitated from other NixOS users by a lot of
programs that read /etc/os-release.

This patch introduces an alternative option that does all you want
from nixosVersion, but rebuilds only the very top system level and
/etc while using your label in the names of system /nix/store paths,
GRUB and other boot loaders' menus, getty greetings and so on.
2016-01-08 22:26:15 +00:00
Thomas Tuegel fdefc0cb2c Merge branch 'kdenetwork-filesharing' 2016-01-08 14:20:46 -06:00
Thomas Tuegel 049357bb30 nixos/kde5: install kio-extras 2016-01-08 14:20:07 -06:00
Thomas Tuegel fa0057be39 nixos/kde5: install kdenetwork-filesharing if Samba enabled 2016-01-08 14:20:05 -06:00
Tom Burdick 2c23a311cd postgresql: (94 -> 95)
Updates postgresql to its latest versions
2016-01-08 10:13:01 -06:00
Marcin Falkiewicz 7636359c89 irqbalance: init at 1.1.0 2016-01-08 12:37:43 +01:00
Nathan Zadoks 8cb22c0a63 consul service: add package option 2016-01-08 01:44:28 +01:00
Shea Levy 4a511911bb Merge branch 'rm-notbit' of git://github.com/jgillich/nixpkgs 2016-01-07 14:34:40 -05:00
Daniel Peebles 57cb5ab17a Merge pull request #12198 from mayflower/remove-upstart-layer
Remove upstart layer
2016-01-07 13:47:39 -05:00
Eelco Dolstra e4b4e9b986 linux: Make Unix domain sockets builtin
This hopefully fixes intermittent initrd failures where udevd cannot
create a Unix domain socket:

  machine# running udev...
  machine# error getting socket: Address family not supported by protocol
  machine# error initializing udev control socket
  machine# error getting socket: Address family not supported by protocol

The "unix" kernel module is supposed to be loaded automatically, and
clearly that works most of the time, but maybe there is a race
somewhere. In any case, no sane person would run a kernel without Unix
domain sockets, so we may as well make it builtin.

http://hydra.nixos.org/build/30001448
2016-01-07 13:20:53 +01:00
Austin Seipp 7a01badef5 nixos: tarsnap - allow keys for individual archives
Two concurrent tarsnap backups cannot be run at the same time with the
same keys - completely separate sets of keys must be generated for each
archive in this case, if you want backups to overlap.

This extends the archives attrset to support a 'keyfile' option, which
defaults to /root/tarsnap.key like the top-level attribute.

With this change, if you generate two keys with tarsnap-keygen(1) and
use each of those separately for each archive, you can backup
concurrently.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2016-01-07 05:54:41 -06:00
Austin Seipp ec70f64ecd nixos: tarsnap - separate archive cachedirs
Tarsnap locks the cachedir during backup, meaning if you specify
multiple backups with a shared cache that might overlap (for example,
one backup may take an hour), secondary backups will fail. This isn't
very nice behavior for the obvious reasons.

This splits the cache dirs for each archive appropriately. Note that
this will require a rebuild of your archive caches (although if you were
only using one archive for your whole system, you can just move the
directory).

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2016-01-07 05:54:36 -06:00
Tanner Doshier ad796f155b nixos: tarsnap - make systemd timer persistent
A machine may not always be active (or online!) when a backup timer
triggers, meaning backups can be missed - now we properly set the
tarsnap timer's Persistent option so systemd will run the command even
when the machine wasn't online at that exact time.

However, we also need to make sure that we can contact the tarsnap
server reliably before we start the backup. So, we attempt to ping the
access endpoint in a loop with a sleep, before continuing.

This fixes #8823.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2016-01-07 05:52:18 -06:00
Peter Simons a68450e509 Merge pull request #12009 from mayflower/tinc-module
tinc module: Ed25519PrivateKeyFile, BindToAddress
2016-01-07 12:48:35 +01:00
Austin Seipp 472a5192fd Revert "nixos: tarsnap - separate archive cachedirs"
This reverts commit 5f0253ace6.

I didn't intend to push this - I meant to push it to *my fork's*
remote...
2016-01-07 04:51:58 -06:00
Austin Seipp 5f0253ace6 nixos: tarsnap - separate archive cachedirs
Tarsnap locks the cachedir during backup, meaning if you specify
multiple backups with a shared cache that might overlap (for example,
one backup may take an hour), secondary backups will fail. This isn't
very nice behavior for the obvious reasons.

This splits the cache dirs for each archive appropriately. Note that
this will require a rebuild of your archive caches (although if you were
only using one archive for your whole system, you can just move the
directory).

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2016-01-07 04:26:57 -06:00
Austin Seipp 4dc7cab40e nixos: btsync - switch to using systemd user services
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2016-01-07 03:33:38 -06:00
Tristan Helmich 1a0d004cc2 tinc module: Ed25519PrivateKeyFile, listenAddress 2016-01-07 09:13:28 +00:00
Robin Gloster 88292fdf09 jobs -> systemd.services 2016-01-07 06:39:06 +00:00
Robin Gloster af50b03f50 fuppes: remove obsolete broken package and service 2016-01-07 06:39:05 +00:00
Austin Seipp d89454bb79 nixos: btsync - add directoryRoot option
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2016-01-07 00:09:20 -06:00
Jakob Gillich 57d6dfe932 notbit: removed dead package
The Bitmessage protocol v3 became mandatory on 16 Nov 2014 and notbit does not support it, nor has there been any activity in the project repository since then.
2016-01-07 04:39:51 +01:00
Dan Peebles 668179f31e tests.ec2-config: fix to not try to talk to the internet (which breaks on Hydra) 2016-01-07 03:25:56 +00:00
Dan Peebles 63bfe20b72 security.audit: add NixOS module
Part of the way towards #11864. We still don't have the auditd
userland logging daemon, but journald also tracks audit logs so we
can already use this.
2016-01-07 03:06:10 +00:00
Robin Gloster 246f0e91cd wpa_supplicant service: Warn about plaintext keys in docs 2016-01-06 03:58:39 +00:00
Robin Gloster 391c330042 wpa_supplicant service: jobs -> systemd.services
Fixes an occurence of `jobs` usage causing tests to fail to evaluate.

thanks @domenkozar
2016-01-06 03:58:39 +00:00
Robin Gloster 609457458e wpa_supplicant module: remove preStart hack
If the config file is managed imperatively we shouldn't touch it.
2016-01-06 03:58:39 +00:00
Robin Gloster d03b35f881 wpa_supplicant module: add networks option 2016-01-06 03:58:39 +00:00
Robin Gloster 3a5f488445 wpa_supplicant module: refactor 2016-01-06 03:58:39 +00:00
Robin Gloster 7d973a56d0 wpa_supplicant module: remove obsolete option
networking.WLANInterface has been obsolete for years
2016-01-06 03:58:39 +00:00
William A. Kennington III ce8c8f1e1b Merge pull request #11890 from Baughn/zfs
zfs:Add option for zpool import -d, and set it to /dev/disk/by-id.
2016-01-05 14:37:19 -08:00
Arseniy Seroka 1fc685ae64 Merge pull request #11945 from jgillich/fish
fish: add module to support it as default shell
2016-01-06 01:25:37 +03:00
Peter Simons 49d18bdfcb Revert "Basic Declaritive Network Configuration in wpa_supplicant Service" 2016-01-05 19:32:41 +01:00
Peter Simons d807b057ed Merge pull request #11920 from bjornfor/rename-host-to-listen-address
Rename NixOS option names: 'host' to 'listenAddress'
2016-01-05 12:54:15 +01:00
Peter Simons f4b2c3d510 Merge pull request #12155 from vkleen/postfix-configuration-options
Postfix configuration options
2016-01-05 12:32:23 +01:00
Eelco Dolstra 22848d55e2 kdmrc: Build locally 2016-01-05 12:17:32 +01:00
Viktor Kleen ebd8e2c380 postfix service: include configuration option for transport maps 2016-01-05 02:59:16 -08:00
Viktor Kleen 8fad959b15 postfix service: make SMTP services optional using enableSmtp option 2016-01-05 02:57:52 -08:00
Peter Simons 94e6323de0 Merge pull request #12015 from mayflower/wpa_supplicant-service
Basic Declaritive Network Configuration in wpa_supplicant Service
2016-01-05 10:53:13 +01:00
Tobias Geerinckx-Rice a133ef9a0c liferea, graphite service: fix typo (agregator -> aggregator) 2016-01-05 01:03:50 +01:00
Svein Ove Aas f16594e18b nixos/fail2ban: Enable jails by default
With jails defaulting to 'enabled = true', the sshd jail that NixOS
defines will now be enabled.

[Bjørn: tweak commit message]
2016-01-04 21:52:32 +01:00
Eelco Dolstra 6d02d7e740 NixOS tests: Increase hung_task_timeout_secs
This hopefully fixes intermittent test failures like

  http://hydra.nixos.org/build/29962437

  router# [  240.128835] INFO: task mke2fs:99 blocked for more than 120 seconds.
  router# [  240.130135]       Not tainted 3.18.25 #1-NixOS
  router# [  240.131110] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.

assuming that these are caused by high load on the host.
2016-01-04 16:53:42 +01:00
Vladimír Čunát 0e1fe66aad kernel: do not load configs module (close #10912)
... because we make it built-in by default.
I can't imagine anyone who wanted to purge this module from his/her system,
so let's keep it simple, at least for now.
2016-01-04 13:59:53 +01:00
Eelco Dolstra 104c252b61 Merge pull request #11279 from rickynils/nixos-rebuild-remote
nixos-rebuild: Add option for building and/or deploying on a remote host
2016-01-04 11:52:25 +01:00
Wei-Ming Yang bd035405f4 ostinato: add ostinato in NixOS services 2016-01-04 14:29:02 +08:00
Tobias Geerinckx-Rice 82419575aa btrfsProgs -> canonical btrfs-progs 2016-01-03 20:38:44 +01:00
Shea Levy 06356c90dc Merge branch 'kmscon-extraoptions' of git://github.com/nathan7/nixpkgs 2016-01-03 10:01:43 -05:00
Tobias Geerinckx-Rice 99075fb402 saneBackends{,Git} -> sane-backends{,-git}
Fixes xsane evaluation.
2016-01-03 03:31:38 +01:00
Nikolay Amiantov e312276b01 Merge pull request #12000 from nathan7/nix-auto-run
command-not-found: add NIX_AUTO_RUN option, to automatically invoke nix-shell
2016-01-03 03:22:50 +03:00
Rickard Nilsson 7772293a0a Merge pull request #12099 from jmitchell/patch-1
Fix package name typo
2016-01-02 23:53:41 +01:00
Arseniy Seroka 1d2accb8fe Merge pull request #9716 from benley/mathics-service
Add a Mathics notebook service (with test)
2016-01-03 01:37:06 +03:00
Benjamin Staffin fe8498f609 nixos/mathics: New service and test 2016-01-02 14:34:55 -08:00
Nathan Zadoks d396f1e99b kmscon service: add extraOptions option 2016-01-02 22:21:54 +01:00
Jacob Mitchell 7ce9699a6a Fix package name typo 2016-01-02 12:37:20 -08:00
Tobias Geerinckx-Rice a88b771ae7 Merge pull request #11936 from dezgeg/pr-cd-touchpad
installation-cd-graphical: Enable the 'synaptics' touchpad driver
2016-01-02 20:13:29 +01:00
Domen Kožar 8225e1b1c1 Merge pull request #12086 from bmorphism/master
thinkfan levels option to control actuation points
2016-01-02 10:56:37 +01:00
Barton Yadlowski d732a7f5c5 thinkfan levels option to control actuation points 2016-01-02 04:49:58 -05:00
Rickard Nilsson 448a2af041 nixos-rebuild: Document --build-host and --target-host options 2016-01-01 18:22:11 +01:00
Rickard Nilsson ca0c460406 nixos-rebuild: Add option for building and/or deploying on a remote host
This commit adds the options --build-host and --target-host to nixos-rebuild.

--build-host instructs nixos-rebuild to perform all nix builds on the
specified host (via ssh). Build results are then copied back to the
local machine and used when activating the system.

--build-target instructs nixos-rebuild to activate the configuration
not on the local machine but on the specified remote host. Build
results are copied to the target machine and then activated there (via ssh).

It is possible to combine the usage of --build-host and --target-host,
in which case you can perform the build on one remote machine and deploy
the configuration to another remote machine. The only requirement is that
the build host has a working ssh connection to the target host (if the
target is not local), and that the local machine can connect to both
the target and the build host. Also, your user must be allowed to copy
nix closures between the local machine and the target and host machines.

At no point in time are the configuration sources (the nix files) copied
anywhere. Instead, nix evaluation always happens locally
(with nix-instantiate). The drv-file is then copied and realised remotely
(with nix-store).

As a convenience, if only --target-host is specified, --build-host is
implicitly set to that host too. So if you want to build locally and deploy
remotely you have to explicitly set "--build-host localhost".

To activate (test, boot or switch) you need to have root access to the
target host. You can specify this by "--target-host root@myhost".

I have tested the obvious scenarios and they are working. Some of the
combinations of --build-host and --target-host and the various actions might
not make much sense, and should maybe be forbidden (like setting a remote
target host when building a VM), and some combinations might not work at all.
2016-01-01 18:21:59 +01:00
Vladimír Čunát f9f6f41bff Merge branch 'master' into closure-size
TODO: there was more significant refactoring of qtbase and plasma 5.5
on master, and I'm deferring pointing to correct outputs to later.
2015-12-31 09:53:02 +01:00
Austin Seipp 59acfd4f16 nixos/plex: Add 'package' option to module
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2015-12-30 20:20:25 -06:00
Peter Simons e402a2e670 Merge pull request #12042 from anderspapitto/docs
docs
2015-12-30 21:08:52 +01:00
Anders Papitto 58cc890d2b sysctl: use literalExample in docs 2015-12-30 10:22:04 -08:00
Domen Kožar f41603d8a6 Merge pull request #11940 from jgillich/dnsmasq-leases
dnsmasq: create state dir for dhcp leases file
2015-12-30 16:50:14 +01:00
Arseniy Seroka 640d861d13 Merge pull request #12020 from ehmry/windowlab
WindowLab: initial pkg at 1.40
2015-12-30 18:07:20 +03:00
Eelco Dolstra 146c727924 waitForUnit: Fail if the unit reaches inactive state with no pending jobs
This prevents waitForUnit for looping for many minutes before giving
up.
2015-12-30 15:17:52 +01:00
Eelco Dolstra e78bad5262 etc: Use a friendlier name than "etc-file" 2015-12-30 15:17:30 +01:00
Eelco Dolstra 1ba2015450 install-grub: Make more robust against GC'ed system profile entries
Previously this barfed with:

  updating GRUB 2 menu...
  fileparse(): need a valid pathname at /nix/store/zldbbngl0f8g5iv4rslygxwp0dbg1624-install-grub.pl line 391.
  warning: error(s) occured while switching to the new configuration
2015-12-30 15:07:18 +01:00
Emery 952563d620 WindowLab: initial pkg at 1.40
http://nickgravgaard.com/windowlab/
2015-12-30 11:10:30 +01:00
Dan Peebles cd7612b841 amazon-image: enable configure-from-userdata and the corresponding VM test 2015-12-30 04:59:52 +00:00
Robin Gloster 4bf7afc78e wpa_supplicant module: remove preStart hack
If the config file is managed imperatively we shouldn't touch it.
2015-12-29 18:49:39 +00:00
Robin Gloster 56a53ff458 wpa_supplicant module: add networks option 2015-12-29 18:49:39 +00:00
Robin Gloster 9dceabc95d wpa_supplicant module: refactor 2015-12-29 18:49:39 +00:00
Robin Gloster 57210ce1c1 wpa_supplicant module: remove obsolete option
networking.WLANInterface has been obsolete for years
2015-12-29 18:49:38 +00:00
Eelco Dolstra 7906169ce1 Add some preferLocalBuild 2015-12-29 17:21:49 +01:00
Eelco Dolstra 74aac17878 Force rebuild of some corrupted files 2015-12-29 16:39:26 +01:00