3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

13382 commits

Author SHA1 Message Date
Silvan Mosberger 7c3f3e9c51
Merge pull request #72029 from lschuermann/tpm2-module
nixos/tpm2: init
2020-03-15 15:47:06 +01:00
Silvan Mosberger 779b7ff3d8
Merge pull request #80931 from LEXUGE/master
smartdns: init at 30
2020-03-15 15:36:05 +01:00
Leon Schuermann 156b879c2e nixos/tpm2: init
This commit adds udev rules, the userspace resource manager and
PKCS#11 module support.
2020-03-15 12:16:32 +01:00
adisbladis c00777042f
Merge pull request #82620 from aanderse/ssh-silent
nixos/ssh: silence ssh-keygen during configuration validation
2020-03-15 01:21:38 +00:00
Harry Ying 629d3bab18
nixos/smartdns: init first generation config 2020-03-15 08:53:20 +08:00
Aaron Andersen f383fa344e nixos/sshd: only include AuthorizedKeysCommand and AuthorizedKeysCommandUser options if explicitly set 2020-03-14 19:50:11 -04:00
Aaron Andersen f5951f520c nixos/ssh: silence ssh-keygen during configuration validation 2020-03-14 19:37:30 -04:00
Florian Klink 74f451b851
Merge pull request #82413 from aanderse/authorized-keys-command
nixos/sshd: add authorizedKeysCommand and authorizedKeysCommandUser options
2020-03-14 23:58:47 +01:00
zimbatm 001be890f7 folding@home: 6.02 -> 7.5.1
The v7 series is very different.

This commit introduces the 3 packages: fahclient, fahcontrol and
fahviewer. It also rebuilds the NixOS module to map better with the new
client.
2020-03-14 13:01:26 -07:00
Jörg Thalheim 4a8a014be4
Merge pull request #82468 from Mic92/kvmgt
nixos/kvmgt: udev rules + fix module initialisation
2020-03-14 07:17:28 +00:00
Andrew Childs 01f03f30db nixos/prometheus: add checkConfig
Workaround for https://github.com/prometheus/prometheus/issues/5222
2020-03-14 04:40:55 +00:00
Andrew Childs 2c121f4215 nixos/firewall: fix inverted assertion for reverse path filtering
Previously the assertion passed if the kernel had support OR the
filter was *enabled*. In the case of a kernel without support, the
`checkReversePath` option defaulted to false, and then failed the
assertion.
2020-03-14 04:32:07 +00:00
Joachim Fasting 1b575dbd79 nixos/firejail: use local runCommand
Also:

- use `runtimeShell`; and
- remove unused `makeWrapper` input; and
- `exec()` to shed wrapping shell
2020-03-14 03:09:48 +00:00
Mario Rodas ee599f376c
Merge pull request #71329 from tilpner/cadvisor-no-docker
nixos/cadvisor: don't enable docker
2020-03-13 20:35:46 -05:00
Vladimír Čunát 0729b8c55e
Revert Merge #82310: nixos/systemd: apply .link
...even when networkd is disabled

This reverts commit ce78f3ac70, reversing
changes made to dc34da0755.

I'm sorry; Hydra has been unable to evaluate, always returning
> error: unexpected EOF reading a line
and I've been unable to reproduce the problem locally.  Bisecting
pointed to this merge, but I still can't see what exactly was wrong.
2020-03-13 22:05:33 +01:00
Michele Guerini Rocco 7b15d6cee4
Merge pull request #81241 from thefloweringash/nesting-system
nixos/activation: propagate system to nested configurations
2020-03-13 09:58:10 +01:00
Jörg Thalheim 505d241ee3
nixos/kvmgt: add udev rules for unprivileged access 2020-03-13 07:04:26 +00:00
Jörg Thalheim 85aae79ca1
nixos/kvmgt: fix driver option
extraModprobeConfig could be applied too late i.e. if the driver has been
loaded in initrd, while the harddrive is still encrypted.
Using a kernelParams works in all cases however.
2020-03-13 07:03:45 +00:00
snicket2100 65abd808d5 firejail: system package on programs.firejail.enable
this way the man page etc. becomes available if we enable firejail with
`programs.firejail.enable = true`
2020-03-13 03:28:08 +00:00
Aaron Andersen dbe59eca84 nixos/sshd: add authorizedKeysCommand and authorizedKeysCommandUser options 2020-03-12 21:00:12 -04:00
Florian Klink ce78f3ac70
Merge pull request #82310 from flokli/systemd-network-link-no-networkd
nixos/systemd: apply .link even when networkd is disabled
2020-03-12 15:47:59 -07:00
Léo Gaspard 693d834c37
Merge pull request #76739 from symphorien/mail_plugins
nixos/dovecot: add an option to enable mail_plugins
2020-03-12 22:44:23 +01:00
Léo Gaspard 26b1ef1506
Merge pull request #80141 from symphorien/scrub
nixos/btrfs: make autoScrub not prevent shutdown or suspend
2020-03-12 22:39:34 +01:00
adisbladis f3adcbd150
Merge pull request #82411 from adisbladis/ntpd-extraconfig
services.ntpd: Add extraConfig parameter
2020-03-12 16:37:25 +00:00
Silvan Mosberger 8f2109cda4
Merge pull request #81945 from Infinisil/hostFiles
Introduce `networking.hostFiles` option
2020-03-12 15:56:30 +01:00
adisbladis 63c35a9c28
services.ntpd: Add extraConfig parameter 2020-03-12 14:44:59 +00:00
Léo Gaspard 06bdfc5e32
Merge pull request #82185 from matt-snider/master
ankisyncd, nixos/ankisyncd: init at 2.1.0
2020-03-12 11:47:42 +01:00
lewo cbb21b2a8a
Merge pull request #81214 from buckley310/updateDelay
NixOS/auto-upgrade: Add optional randomized delay
2020-03-12 09:06:32 +01:00
Graham Christensen 10f625b3d2
Merge pull request #81402 from mmilata/firejail-example
nixos/firejail: add example for wrappedBinaries
2020-03-11 20:28:35 -04:00
Jörg Thalheim 154f9e1bd9
Merge pull request #82340 from nyanloutre/vsftpd_pam_fix
nixos/vsftpd: fix missing default pam_service_name
2020-03-11 22:29:43 +00:00
Jörg Thalheim 9aa23e31b3
Merge pull request #80904 from talyz/haproxy-fixes
nixos/haproxy: Revive the haproxy user and group
2020-03-11 22:23:13 +00:00
Maximilian Bosch b7cdb64ac2
treewide: remove myself from a few packages I don't use anymore 2020-03-11 22:29:30 +01:00
nyanloutre 7ab00c48d8
nixos/vsftpd: fix missing default pam_service_name
9458ec4 removed the ftp pam service which was used by default by vsftpd
2020-03-11 21:15:47 +01:00
talyz bb7ad853fb nixos/haproxy: Revive the haproxy user and group
Running haproxy with "DynamicUser = true" doesn't really work, since
it prohibits specifying a TLS certificate bundle with limited
permissions. This revives the haproxy user and group, but makes them
dynamically allocated by NixOS, rather than statically allocated. It
also adds options to specify which user and group haproxy runs as.
2020-03-11 19:52:37 +01:00
Silvan Mosberger fc2b132c94
Merge pull request #82326 from mmilata/rename-fix-module-path
nixos: fix module paths in rename.nix
2020-03-11 19:35:40 +01:00
Martin Milata d08ede042b nixos: fix module paths in rename.nix 2020-03-11 15:59:22 +01:00
Florian Klink 3d1079a20d nixos/zerotierone: switch from manually generating the .link file to use the module
Previously, systemd.network.links was only respected with networkd
enabled, but it's really udev taking care of links, no matter if
networkd is enabled or not.

With our module fixed, there's no need to manually manage the text file
anymore.
2020-03-11 10:21:37 +01:00
Florian Klink 36ef112a47 nixos/networkd: respect systemd.network.links also with disabled systemd-networkd
This mirrors the behaviour of systemd - It's udev that parses `.link`
files, not `systemd-networkd`.
2020-03-11 10:21:37 +01:00
Edward Tjörnhammar b155a62dad nixos/lightdm-tiny-greeter: init module 2020-03-11 08:12:35 +00:00
Jan Tojnar 6bba9428d9
Merge pull request #81431 from jtojnar/malcontent-0.6
malcontent: 0.4.0 → 0.6.0
2020-03-11 04:08:59 +01:00
Jan Tojnar 31dd8332bc
nixos/malcontent: init 2020-03-10 23:30:20 +01:00
Matt Snider acba458b7e nixos/ankisyncd: init at 2.1.0 2020-03-10 22:45:33 +01:00
Aaron Andersen 641b94bdd0 nixos/mysql: add settings and configFile options 2020-03-10 15:15:11 -04:00
Linus Heckemann dfc70d37f4
Merge pull request #82252 from mayflower/radius-http2
FreeRADIUS improvements
2020-03-10 16:01:46 +01:00
Linus Heckemann 065716ab95 nixos/freeradius: depend on network.target, not online 2020-03-10 15:54:29 +01:00
Linus Heckemann 0587329191 freeradius: make debug logging optional 2020-03-10 15:54:02 +01:00
adisbladis 6fcce60fd5
Merge pull request #82139 from adisbladis/switch-to-configuration-manual
switch-to-configuration: Add new option X-OnlyManualStart
2020-03-10 11:17:33 +00:00
adisbladis db6c94304f
switch-to-configuration: Add new option X-OnlyManualStart
This is to facilitate units that should _only_ be manually started and
not activated when a configuration is switched to.

More specifically this is to be used by the new Nixops deploy-*
targets created in https://github.com/NixOS/nixops/pull/1245 that are
triggered by Nixops before/after switch-to-configuration is called.
2020-03-09 11:28:07 +00:00
zimbatm cc90ececa7
environment.etc: fix typo 2020-03-09 12:01:41 +01:00
Florian Klink dceec409cc nixos/cage: move ConditionPathExists to service config
It doesn't belong into [Service]:
> Unknown key name 'ConditionPathExists' in section 'Service', ignoring.
2020-03-09 00:47:49 +01:00