3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

9727 commits

Author SHA1 Message Date
Jan Malakhovski 8200e08b0b nixos: move nixosLabel to its own module 2018-02-18 12:56:30 +00:00
Jan Malakhovski e1782e342f nixos: add system.boot.loader.initrdFile option and use it where appropriate 2018-02-18 12:56:29 +00:00
Bjørn Forsman d84f18e288 nixos/postfix: document that *Alias options support comma separated values
For the longest time I thought there could be only one rootAlias.
2018-02-18 13:04:08 +01:00
Robert Schütz 772b72a8d7 nixos/home-assistant: test MQTT configuration 2018-02-17 20:43:55 +01:00
rnhmjoj edc4a1f3e7
nixos/tests: fix random failures of privacy test 2018-02-17 18:07:04 +01:00
Jörg Thalheim ba27be7955 nixos/powerdns: add test 2018-02-17 16:43:41 +00:00
Silvan Mosberger c2b8d14b56
nixos/znapzend: fix when no previous zetup
When the znapzend module was enabled for the first time with pure =
true; then the list of previous entries is empty, but xargs still tried
to execute a znapzendzetup delete command with no arguments, which made
it fail
2018-02-17 15:50:48 +01:00
rnhmjoj 0651754751
nixos/doc: document networking.interfaces module changes 2018-02-17 14:57:07 +01:00
rnhmjoj e81811a579
nixos/modules: rename IP addresses/routes options 2018-02-17 14:57:07 +01:00
rnhmjoj e239c1e582
nixos/tests: rename IP addresses/routes options 2018-02-17 14:57:07 +01:00
rnhmjoj c1bed05e34
nixos/networking-interfaces: rename IP addresses/routes options 2018-02-17 14:01:24 +01:00
rnhmjoj f41111c4da
nixos/tests: add test for static routes 2018-02-17 14:01:23 +01:00
rnhmjoj d00c91c5da
nixos/networking-interfaces: make static routes configurable 2018-02-17 13:57:58 +01:00
Alexei Robyn ab45e13e07 nixos/dante: order after network-online.target (#34435)
network-online.target properly depends on the underlying network
management tool (e.g. NixOS static configuration scripts, dhcpcd,
NetworkManager, networkd) signalling that all interfaces are up and
appropriately configured (to whatever degree possible/required), whereas
network.target only indicates that the network management tool itself
has started.
2018-02-17 10:18:05 +00:00
Joachim F faf072166b
Merge pull request #29869 from Nadrieril/syncserver-fup
syncserver service: follow-up of #28189
2018-02-17 10:09:42 +00:00
Jörg Thalheim b087ba6080 nixos/buildbot: also run test on hydra 2018-02-17 10:09:40 +00:00
Jörg Thalheim 431c004fbd
Merge pull request #35048 from nlewo/test.dockerTools
nixos.test.dockerTools: add more tests
2018-02-17 10:05:25 +00:00
Niklas Hambüchen f00a1514f9 nixos/nginx: validate config syntax in preStart (#24664) 2018-02-17 09:45:25 +00:00
Joachim F 71a32c36fe
Merge pull request #34587 from netixx/add-freeradius-service
nixos/freeradius : init - Added freeradius service
2018-02-17 09:17:35 +00:00
Joachim F cac0d0eb33
Merge pull request #34803 from mt-caret/lxd-partial-fix
nixos/lxd: partial fix for lxd breakage
2018-02-17 09:08:08 +00:00
Joachim F 7bf049a54c
Merge pull request #34492 from rnhmjoj/privacy
nixos/networking-interfaces: add preferTempAddress option
2018-02-17 08:41:23 +00:00
Matthieu Coudron 1912870a6e nixos/boot: allow kernel.printk override (#34958)
At one point in my configuration I had:
boot.kernel.sysctl = {
      # https://unix.stackexchange.com/questions/13019/description-of-kernel-printk-values
      "kernel.printk" = "4	4	1	7";
};
which triggered:

error: The unique option `boot.kernel.sysctl.kernel.printk' is defined multiple times, in `/home/teto/dotfiles/nixpkgs/mptcp-unstable.nix' and `/home/teto/nixpkgs/nixos/modules/system/boot/kernel.nix'.
(use ‘--show-trace’ to show detailed location information)
Traceback (most recent call last):
  File "/home/teto/nixops/scripts/nixops", line 984, in <module>
    args.op()
  File "/home/teto/nixops/scripts/nixops", line 406, in op_deploy
    max_concurrent_activate=args.max_concurrent_activate)
  File "/home/teto/nixops/nixops/deployment.py", line 1045, in deploy
    self.run_with_notify('deploy', lambda: self._deploy(**kwargs))
  File "/home/teto/nixops/nixops/deployment.py", line 1034, in run_with_notify
    f()
  File "/home/teto/nixops/nixops/deployment.py", line 1045, in <lambda>
    self.run_with_notify('deploy', lambda: self._deploy(**kwargs))
  File "/home/teto/nixops/nixops/deployment.py", line 985, in _deploy
    self.configs_path = self.build_configs(dry_run=dry_run, repair=repair, include=include, exclude=exclude)
  File "/home/teto/nixops/nixops/deployment.py", line 653, in build_configs
    raise Exception("unable to build all machine configurations")
Exception: unable to build all machine configurations

This simple addition allows to override it.
2018-02-17 06:47:33 +00:00
Antoine Eiche f9bb73f4aa nixos.test.dockerTools: add more tests 2018-02-16 18:24:48 +01:00
Tim Steinbach 87559028ef
Merge pull request #33954 from kuznero/pr/kubernetes
kubernetes: 1.7.9 -> 1.9.1
2018-02-16 13:56:59 +00:00
Vladimír Čunát 11fc2bad56
nixos tests: disable fwupd for now
See https://github.com/NixOS/nixpkgs/pull/32751/files#r168736256
2018-02-16 12:42:57 +01:00
Vladimír Čunát b5aaaf87a7
Merge staging and PR #35021
It's the last staging commit (mostly) built on Hydra,
and a minimal fix for Darwin regression in pysqlite.
2018-02-16 09:13:12 +01:00
Herwig Hochleitner b7b2a4ffa4 connmand: add extraFlags option to service 2018-02-15 23:37:12 +01:00
Nikolay Amiantov 56e0943b08 makeModulesClosure: support firmware
Link it in stage 1.
2018-02-16 00:11:07 +02:00
Herwig Hochleitner 23b5421c46 nixos: make boot.kernel.features internal
This isn't useful as public API. It should be used by options to
activate kernel features for use with specific programs.
2018-02-15 09:10:32 +01:00
Herwig Hochleitner 28875192ae programs.systemtap: add nixos option for installing systemtap
also enables debug feature on kernel
2018-02-15 09:10:32 +01:00
Herwig Hochleitner 66080ae4d8 programs.criu: add nixos option for installing criu + kernel flags 2018-02-15 09:10:32 +01:00
Herwig Hochleitner 0b621321cd boot.kernel.features: add nixos option for setting kernel features
this allows setting the features attribute for
pkgs/os-specific/linux/kernel/common-config.nix
2018-02-15 09:10:32 +01:00
Franz Pletz 79e7f7af9a
radvd service: fix due to systemd upgrade
After the systemd 237 upgrade, radvd wouldn't start anymore because the
PID file cannot be written. It seems that directories in /run has to be
explicitely defined as RuntimeDirectory now. The PID file isn't needed
due to systemd, though, so it was removed along with forking and loggia
via syslog.

This fixes the ipv6 NixOS test.
2018-02-15 07:02:08 +01:00
Jan Tojnar c6283e6e06
Merge pull request #32751 from jtojnar/fwupd-1.0.2
fwupd: 1.0.1 → 1.0.4
2018-02-15 01:18:38 +01:00
Jan Tojnar 201cc158cb
nixos/fwupd: add test 2018-02-15 01:11:13 +01:00
Jan Tojnar 640916d55d
nixos/fwupd: add maintainers 2018-02-15 01:11:13 +01:00
Jan Tojnar 9857545446
Merge pull request #34979 from jtojnar/gjs-1.50.4
gnome3.gjs: 1.50.2 → 1.50.4
2018-02-14 23:10:07 +01:00
Jan Tojnar 7713889556
nixos/gjs: add test 2018-02-14 22:43:59 +01:00
Sam Parkinson 16fa6f59f7
nixos/plotinus: add module to enable plotinus 2018-02-14 22:25:12 +01:00
Frederik Rietdijk 177cfe3370
Merge pull request #34974 from dotlambda/prosody
nixos/prosody: add package option
2018-02-14 20:35:01 +00:00
Frederik Rietdijk 672bb6b4ab Merge remote-tracking branch 'upstream/master' into HEAD 2018-02-14 21:30:08 +01:00
Lassulus 8acde7b612 nixos/gnunet: set private TMPDIR (#34945) 2018-02-14 15:35:30 +00:00
Robert Schütz de74ffb8f8 nixos/prosody: add package option 2018-02-14 14:56:00 +01:00
adisbladis 1de98e8568
plasma: 5.11.5 -> 5.12.1 2018-02-14 17:24:20 +08:00
Alexey Lebedeff 6d442efe99 zsh-autoenv: init at 2017-12-16 (#34932) 2018-02-14 06:31:59 +00:00
Profpatsch 1545f9062e nixos/tests: add simple dockerTools test 2018-02-14 06:36:14 +01:00
Jan Tojnar 44695e7045
Merge pull request #34507 from jtojnar/pipewire
pipewire: init at 0.1.8
2018-02-14 02:29:39 +01:00
Jan Tojnar 8e6ea91496
18.03 release notes: highlight gnome 3.26 2018-02-14 02:18:51 +01:00
Jan Tojnar d8f6c3fd63
18.03 release notes: warn about libinput 2018-02-14 02:18:51 +01:00
Parnell Springmeyer 0a603ee165
Merge remote-tracking branch 'upstream/master' into parnell/fetchdocker 2018-02-13 17:28:45 -06:00
Tuomas Tynkkynen 1a06373c0a Merge remote-tracking branch 'upstream/master' into staging
Conflicts:
	pkgs/development/libraries/libclc/default.nix
	pkgs/top-level/all-packages.nix
2018-02-13 16:42:55 +02:00
Franz Pletz 08d3754a89
Merge pull request #34705 from etu/php-upgrade
php: 7.1.14 -> 7.2.2
2018-02-13 12:50:45 +00:00
Jörg Thalheim 67b1d6a16d
Merge pull request #34905 from vcunat/p/kresd-TLS
kresd service: add listenTLS option
2018-02-13 10:41:52 +00:00
Franz Pletz eb862c48dd
systemd: 234 -> 237
Co-Authored-By: Florian Klink <flokli@flokli.de>
Co-Authored-By: Andreas Rammhold <andreas@rammhold.de>
2018-02-13 01:24:24 +01:00
Ruben Maher ac52cb3aed nixos/prometheus/alertmanager: double hyphenate long opts (#34914)
Alertmanager 0.13.0 doesn't support single dash long options, so '-config.file'
for example is parsed as '-c', which leads to the service not starting.
2018-02-12 18:02:38 -05:00
Vladimír Čunát 05d6a7edb6
kresd service: add listenTLS option
Also fix some deficiencies in the systemd multi-socket stuff.
2018-02-12 20:48:25 +01:00
Vladimír Čunát 040bde9052
Merge #34866: nixos doc: efficient comparisons
This solves most of the performance regression from a7d75ab (#33898).
2018-02-12 08:31:43 +01:00
Profpatsch b806863a82 jid: remove package 2018-02-12 06:23:33 +01:00
Jan Malakhovski b468f98b02 nixos: doc: trivial cleanup and docstring fix 2018-02-11 22:41:06 +00:00
Franz Pletz 54c7ca34c4
nixos/testing: use the same qemu in the test driver
The qemu_test package is also used for running a NixOS qemu VM.
2018-02-11 23:40:54 +01:00
Franz Pletz 74736f26c2
bird2: init at 2.0.1 2018-02-11 23:35:05 +01:00
Jan Malakhovski 252ec7da0a nixos: doc: make option sorting somewhat more efficient 2018-02-11 22:07:11 +00:00
Tuomas Tynkkynen 48f3036e87 Merge remote-tracking branch 'upstream/master' into staging 2018-02-11 02:10:02 +02:00
Vladimír Čunát 968b866dcc
Merge #32774: slurm-spank-x11: init at 0.2.5 2018-02-10 22:48:22 +01:00
Daniel Schaefer 713a69d083 nixos/acpid: pass event parameters to handler (#34190)
Previously the parameters were just dropped. Now they can be read
from within the handler script. An example to show this is added.

Makes use of the new writeShellScript function as suggested in:
issue #21557

resolves:  #21557
2018-02-10 13:26:05 +00:00
Jörg Thalheim 2cab78bc1d
Merge pull request #34384 from gnidorah/nvidia-optimus
modules/nvidia-optimus: fix module blacklisting
2018-02-10 12:14:21 +00:00
Jörg Thalheim c6bd88155e
Merge pull request #34518 from aneeshusa/document-default-kerberos-in-openssh
openssh: Document default Kerberos support
2018-02-10 11:31:35 +00:00
Jörg Thalheim 9fab083b79
Merge pull request #34524 from Infinisil/physlock-allowAnyUser
nixos/physlock: add allowAnyUser option
2018-02-10 09:58:36 +00:00
Jörg Thalheim 7914e6be3e
Merge pull request #34655 from markus1189/zookeeper-package-option
zookeeper.service: option for package and add to environment
2018-02-10 09:54:12 +00:00
Netix (Espinet François) 2a2e885cd0 nixos/freeradius : init - Added freeradius service
Inspired from the dhcpd service implementation
Only 2 configurations options at the moment:
- enabled
- path to config directory (defaults to /etc/raddb)

Implementation was also inspired from ArchLinux
systemd file and corrected with @dotlambda and
@fpletz help.
2018-02-10 09:59:01 +01:00
Masayuki Takeda 65faff97ff nixos/lxd: partial fix 2018-02-10 17:18:53 +09:00
Jörg Thalheim 79315b632e
Merge pull request #34728 from dpc/master
Add pam option to enable Google Authenticator
2018-02-10 08:16:50 +00:00
Jörg Thalheim 5be14cce39
Merge pull request #34753 from noqqe/master
Multiple users with hashedPassword is broken in mosquitto
2018-02-10 07:59:49 +00:00
markuskowa bf53dc68c2 nixos/rdma-core: add module for soft RoCE and test (#34607) 2018-02-10 07:52:03 +00:00
Dawid Ciężarkiewicz 5c746a0a84 nixos/pam: support for Google Authenticator 2018-02-09 21:09:03 -08:00
Graham Christensen 5aabf0fc34
Merge pull request #33898 from oxij/nixos/related-packages-v5
nixos: doc: implement related packages in the manual (again)
2018-02-09 20:36:27 -05:00
Graham Christensen 94e62d505f
Merge pull request #34778 from oxij/os/allow-pkgs
nixos: export packages of the current configuration
2018-02-09 20:23:30 -05:00
Jan Malakhovski 0d1a643210 nixos/xen-dom0: add related packages, make it play well with them
This is a custom attribute set example of `relatedPackages` option usage.
2018-02-09 19:51:07 +00:00
Jan Malakhovski e5268344fe nixos/adb: add related package
This is an attribute path example of `relatedPackages` option usage.
2018-02-09 19:51:06 +00:00
Jan Malakhovski eb38b8676a nixos/tmux: add related package
This is a trivial example of `relatedPackages` option usage.
2018-02-09 19:51:06 +00:00
Jan Malakhovski 660806066a nixos, lib: implement relatedPackages option
This allows one to specify "related packages" in NixOS that get rendered into
the configuration.nix(5) man page. The interface philosophy is pretty much
stolen from TeX bibliography.

See the next several commits for examples.
2018-02-09 19:51:06 +00:00
Jan Malakhovski a7d75ab648 nixos/doc: push all the enable*' and package*` options to the top of their option group
Why? Because this way configuration.nix(5) can be read linearly.

Before:

> virtualisation.xen.bootParams
> ...
> virtualisation.xen.enable
> ...
> virtualisation.xen.package
> ...

After:

> virtualisation.xen.enable
> virtualisation.xen.package
> virtualisation.xen.bootParams
> ...
2018-02-09 19:51:05 +00:00
Jan Malakhovski e1b1683981 nixos: export packages of the current configuration (its pkgs argument)
Allows one to access a package configured with overrides given in `nixpkgs.config`, e.g.:

nix-build ./nixos/default.nix -A pkgs.ffmpeg
2018-02-09 19:35:27 +00:00
Franz Pletz 1fcbc7055c
Merge pull request #33700 from roberth/nixos-externalpkgs
nixos: Add nixpkgs.pkgs option
2018-02-09 18:47:48 +00:00
Franz Pletz 3748f3aac8
Merge pull request #32582 from Ma27/yabar-module
yabar: add module
2018-02-09 18:43:59 +00:00
symphorien 0146074560 nixos/tests: add predictable-interface-names.nix (#34305) 2018-02-09 18:40:39 +00:00
Robert Hensing 209f8b1acd nixos/release*.nix: Clean nixpkgs sources by default
Currently, when building NixOS from a git clone, Nix has to copy
the entire repo at >1GB into the store by default. That is not
necessary and causes a dumping large path message.
If you need the old behaviour for some reason, you will have to
specify it by passing the path to your repo explicitly as the
nixpkgs argument like this:

  --arg nixpkgs '{outPath = ./.; revCount = 56789; shortRev = "gfedcba"; }'
2018-02-09 18:32:26 +00:00
Andreas Rammhold 04051ee9d0
Merge pull request #34562 from griff/rspamd-workers
nixos/rspamd: worker configuration, socket activation and tests
2018-02-09 14:45:54 +01:00
Andreas Rammhold 7ae9699e1c
Merge pull request #34759 from dotlambda/dovecot
nixos/dovecot: no " in mailbox.name
2018-02-09 12:43:03 +01:00
Robert Schütz 6ceece6b59 nixos/dovecot: no " in mailbox.name 2018-02-09 12:20:55 +01:00
Hamish 3a2b0cdf5c nixos/traefik: make group configurable for docker support (#34749) 2018-02-09 09:37:29 +00:00
Brian Olsen 908fc5e14b
nixos/rspamd: options for worker configuration and socket activation 2018-02-09 06:19:03 +01:00
Florian Baumann 7e76b127cd
Multiple users with hashedPassword is broken in mosquitto
If you have more than 1 User with hasedPassword Option set it generates 

```
rm -f /var/lib/mosquitto/passwd
touch /var/lib/mosquitto/passwd
echo 'user1:$6$xxx' > /var/lib/mosquitto/passwd
echo 'user2:$6$xxx' > /var/lib/mosquitto/passwd
```

Which ends up in only having 1 user.
2018-02-08 22:46:06 +01:00
Joachim F 65e6fbf2b5
Merge pull request #34690 from dotlambda/tor
nixos/tor: add hiddenServices.<name>.authorizeClient
2018-02-08 17:08:44 +00:00
Eric Bailey 6b45dbd99c services.mysql: properly quote database.name 2018-02-08 17:32:41 +01:00
Eelco Dolstra 6bc889205a
sshd: Remove UsePrivilegeSeparation option
This option is deprecated, see https://www.openssh.com/txt/release-7.5.
2018-02-08 13:32:55 +01:00
Frederik Rietdijk c0f6aac818
Merge pull request #34574 from dotlambda/home-assistant
nixos/home-assistant: support platform=... scheme for autoExtraComponents
2018-02-08 10:53:35 +00:00
Jörg Thalheim b6bcba6537 nixos/zfs: fix typo in enableLegacyCrypto description 2018-02-08 10:24:47 +00:00
Robert Schütz 355de06fe4 nixos/tor: add hiddenServices.<name>.authorizeClient 2018-02-08 10:02:22 +01:00
Graham Christensen 7fb90db696
Merge pull request #34710 from markus1189/doc-vm-login
docs: Explain how to login into built vm
2018-02-07 17:43:34 -05:00
sjau 0d65e2e0e5 zfs: add migration path for new crypto format
fixes #34559
2018-02-07 20:46:16 +00:00
Markus Hauck 0525e82392 docs: Explain how to login into built vm 2018-02-07 21:34:50 +01:00
Thomas Pham f0bafef6a1 add Serviio Media server package and service 2018-02-07 20:45:30 +01:00
Eelco Dolstra 847ea13be3
Doh 2018-02-07 19:47:03 +01:00
Eelco Dolstra 0f5d5970b2
nixos-prepare-root: Remove
This is no longer needed thanks to Nix 2.0 magic.
2018-02-07 19:39:14 +01:00
Eelco Dolstra 9802da517f
make-disk-image.nix: Use nixos-install again
Since nixos-install doesn't require any special privileges anymore,
this Just Works. No more need for fakeroot / nixos-prepare-root.
2018-02-07 19:39:13 +01:00
Eelco Dolstra 5d8860b919
nixos-install: Accept --substituters
This is useful in tests where we don't have network access. Passing
--substituters "" prevents wasting time by checking cache.nixos.org.
2018-02-07 19:39:13 +01:00
Eelco Dolstra f64a4af328
Fix comments 2018-02-07 19:32:41 +01:00
Eelco Dolstra 598a3f5b30
nixos-install: Create /etc 2018-02-07 19:10:13 +01:00
Tuomas Tynkkynen 93aa83deb4 nixos/release-combined.nix: Make 32-bit iso_minimal a channel blocker
In practice it already is since the channel update script barfs out if
the job fails:

9f96e1e25d/mirror-nixos-branch.pl (L132)
2018-02-07 20:00:19 +02:00
Elis Hirwing 9bbe112dc5
php: 7.1.14 -> 7.2.2 2018-02-07 18:31:29 +01:00
Eelco Dolstra 6daad9b3c5
nixos-install: Fix --closure 2018-02-07 18:22:05 +01:00
Eelco Dolstra da702a4034
nixos-enter: Don't require root
Of course, you'll get a bunch of warnings from the activation script:

  $ nixos-enter --root /tmp/mnt/
  setting up /etc...
  mount: /dev: permission denied.
  mount: /dev/pts: permission denied.
  mount: /dev/shm: permission denied.
  mount: /sys: permission denied.
  /nix/var/nix/profiles/system/activate: line 74: /proc/sys/kernel/modprobe: Permission denied
  chown: changing ownership of '/run/wrappers/wrappers.0pKlU8JsvV/dbus-daemon-launch-helper': Invalid argument
  NOTE: Under Linux, effective file capabilities must either be empty, or
        exactly match the union of selected permitted and inheritable bits.
  Failed to set capabilities on file `/run/wrappers/wrappers.0pKlU8JsvV/ping' (Operation not permitted)
  chown: changing ownership of '/run/wrappers/wrappers.0pKlU8JsvV/unix_chkpwd': Invalid argument

  [root@nixos:/]#
2018-02-07 17:59:04 +01:00
Eelco Dolstra 16bdaf3d03
Remove creation of /dev/{fd,stdin,stdout,stderr}
This is already provided by devtmpfs.
2018-02-07 17:58:21 +01:00
Eelco Dolstra bb030ece3b
nixos-enter: Check whether --root denotes a NixOS installation 2018-02-07 17:23:05 +01:00
Eelco Dolstra f0979ca30e
nixos-install: Don't require root
E.g.

  nixos-install --root /tmp/mnt/ --no-bootloader --no-root-passwd

now works for non-root users.
2018-02-07 17:20:26 +01:00
Eelco Dolstra df117acab7
ISO images: Initialize the Nix database with correct NAR hashes/sizes
The boot test now runs "nix verify" to ensure that all hashes are
correct.
2018-02-07 16:54:23 +01:00
Eelco Dolstra 5193807750
VM tests: Initialize the Nix database with correct NAR hashes/sizes 2018-02-07 15:49:02 +01:00
rnhmjoj 5118b86800 nixos/monero: init 2018-02-07 08:04:36 -05:00
Tuomas Tynkkynen a008a9cb3b nixos/sd-image-armv7l-multiplatform: Port RPi config.txt changes from aarch64 image
As was done in commit cd2e740dde.
2018-02-07 06:30:34 +02:00
Matthieu Coudron fe4f4de1c9 strongswan module: make it work with ipsec l2tp
l2tp saves its secrets into /etc/ipsec.d but strongswan would not read
them. l2tp checks for /etc/ipsec.secrets includes /etc/ipsec.d and if
not tries to write into it.

Solution:
Have the strongswan module create /etc/ipsec.d and /etc/ipsec.secrets
when networkmanager_l2tp is installed.
Include /etc/ipsec.secrets in
/nix/store/hash-strongswan/etc/ipsec.secrets so that it can find l2tp
secrets.

Also when the ppp 'nopeerdns' option is used, the DNS resolver tries to
write into an alternate file /etc/ppp/resolv.conf. This fails when
/etc/ppp does not exist so the module creates it by default.
2018-02-07 13:21:49 +09:00
Robert Schütz b5ecdfa977 nixos/acme: Fix xml (#34683) 2018-02-06 23:27:28 +00:00
Joachim Schiele edeacd00ad security.acme: default name value via module system (#34388) 2018-02-06 21:08:57 +00:00
Joachim F 97ab8d8981
Merge pull request #17106 from spacefrogg/openafs
openafs: Refactor and introduce server module
2018-02-06 14:43:55 +00:00
Markus Hauck 77218de812 zookeeper.service: option for package and add to environment 2018-02-06 09:59:01 +01:00
Eelco Dolstra cc0caac098
Move creation of /root to the activation script
...so it appears in a new installation before rebooting the system.
2018-02-05 22:12:18 +01:00
Eelco Dolstra f9e64dbe76
nixos-enter: Don't mount special filesystems
The activation script already does this.
2018-02-05 21:05:02 +01:00
Eelco Dolstra 1346923ffa
modprobe activation: Order after specialfs
It requires the existence of /proc.
2018-02-05 21:04:40 +01:00
Eelco Dolstra e88f28965a
nixos-install: Make compatible with Nix 2.0
The use of Nix 2.0 significantly simplifies the installer, since we
can just pass a different store URI (--store /mnt) - it's no longer
needed to set up a chroot environment for the build, and to bootstrap
Nix into the chroot.

Also, commands that need to run in the installation (namely boot
loader installation and setting a root password) are now executed
using nixos-enter.

This also removes the need for nixos-prepare-root since any required
initialisation is done by Nix or by the activation script.
2018-02-05 19:50:36 +01:00
Eelco Dolstra 60cb23001a
Add a "nixos-enter" command
This factors out the functionality in nixos-install for running a
command inside a NixOS installation (nixos-install --chroot).
2018-02-05 19:41:54 +01:00
Philipp Dörfler 35441b52d9
Wrapped ${mailbox.name} in "s to allow for space in mailbox names. 2018-02-05 17:06:49 +01:00
Frederik Rietdijk ba34a70086
Merge pull request #33866 from yesbox/fix_newgrp
nixos: sg/newgrp should always be available, not chfn
2018-02-05 10:47:23 +00:00
David McFarland e591f11c25 nixos/tests: add matrix-synapse test 2018-02-04 21:22:55 -04:00
David McFarland fbba0d0ee5 matrix-synapse: default server_name to hostname 2018-02-04 21:22:55 -04:00
David McFarland a4b7de74a5 matrix-synapse: default to postgresql on 18.03 2018-02-04 21:22:55 -04:00
David McFarland 1472fa8685 matrix-synapse: create and connect to local postgresql db 2018-02-04 21:22:54 -04:00
Thomas Tuegel 4688dd0cf5
Merge pull request #34526 from ttuegel/bugfix/plasma-integration/font-style
plasma-integration: Fix font style name bug with Qt >= 5.8
2018-02-04 17:41:50 -06:00
Sarah Brofeldt bf58890a5a nixos/k8s: Enable Node authorizer and NodeRestriction by default 2018-02-04 21:23:36 +01:00
Thomas Tuegel 77a607aa88
nixos/plasma5: Fix font style names in kdeglobals 2018-02-04 13:31:04 -06:00
Robert Schütz 59eb19224b nixos/home-assistant: support platform=... scheme for autoExtraComponents
See https://home-assistant.io/components/sensor.luftdaten/ for an example component using that scheme.
2018-02-04 11:09:55 +01:00
Brian Olsen 27ee0b9099
nixos/tests: add basic tests for services.rspamd 2018-02-03 20:07:15 +01:00
Vladimír Čunát dd57c63793
Merge branch 'staging'
There are some Darwin regressions and a mysterious Lisp issue,
but also a security update of curl...
2018-02-03 10:56:07 +01:00
Vladimír Čunát 84fb5c6a0d
nixos/availableKernelModules: add a keyboard module
Non-working keyboards during boot are quite a problem; see:
https://github.com/NixOS/nixpkgs/pull/33529#issuecomment-361164997
2018-02-03 10:46:53 +01:00
adisbladis 7ebb82e04f
home-assistant: Fix incorrect xml closing tag 2018-02-03 16:54:02 +08:00
Frederik Rietdijk 55e0f12761 Merge remote-tracking branch 'upstream/master' into HEAD 2018-02-03 09:48:42 +01:00
Frederik Rietdijk db58049f75
Merge pull request #34494 from dotlambda/home-assistant
home-assistant: compute extraComponents from config
2018-02-03 08:01:50 +00:00
Tuomas Tynkkynen 10c8e6d0c5 Merge remote-tracking branch 'upstream/master' into staging 2018-02-03 02:50:21 +02:00
Jörg Thalheim a4170403e6
Merge pull request #33897 from rnhmjoj/digits
Avoid package attributes starting with a digit
2018-02-02 19:30:23 +00:00
aszlig 2a09b4275c
nixos/tests/make-test.nix: Fix eval error
Regression introduced by 943592f698.

The lib attribute isn't in scope here, so we need to use pkgs.lib
instead for isFunction.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @shlevy
2018-02-02 17:44:08 +01:00
Michael Raitza d0ebdbd308 nixos/openafsServer: OpenAFS server nixos module 2018-02-02 16:43:44 +01:00
Shea Levy 43f647e5b4
Merge branch 'dynamic-function-args' 2018-02-02 09:41:16 -05:00
Vladimír Čunát bbfca0f371
knot-resolver: 1.5.3 -> 2.0.0 (feature update)
Also split extraFeatures into a wrapper derivation.
So far, no changes like user renaming nor systemd unit rework.
2018-02-02 15:26:36 +01:00
Silvan Mosberger cfd22b733b
physlock: add allowAnyUser option 2018-02-02 14:03:00 +01:00
Robert Schütz 78c2ca326e home-assistant: compute extraComponents from config 2018-02-02 09:48:50 +01:00
Aneesh Agrawal 478e510ddd openssh: Document default Kerberos support 2018-02-02 00:18:54 -08:00
Jan Tojnar dfe7a54d19
nixos/pipewire: init 2018-02-01 22:40:51 +01:00
Michael Raitza ce74e1cc36 nixos/openafsClient: Extend client service functionality
Add a lot of options to the client to make it more usable and compatible
with the OpenAFS server module.
2018-02-01 16:35:24 +01:00
Michael Raitza c389d705f3 nixos/openafsClient: relocate nixos module 2018-02-01 16:35:18 +01:00
rnhmjoj 4050c30da2
nixos/tests: add test for temporary IPv6 addresses 2018-02-01 16:29:36 +01:00
rnhmjoj 1fec496f38
nixos/networking-interfaces: add preferTempAddress option 2018-02-01 13:14:09 +01:00
Jörg Thalheim 57d72d4140
Merge pull request #34442 from rnhmjoj/virtual
Fix virtualType for network-interfaces-scripted
2018-02-01 10:35:13 +00:00
rnhmjoj e28ecd5528
fix 2018-02-01 10:51:35 +01:00
Frederik Rietdijk d30735f889
Merge pull request #34188 from dotlambda/home-assistant
home-assistant: init at 0.62.1
2018-02-01 08:44:48 +00:00
Vladimír Čunát 2fb4606f38
Merge branch 'master' into staging
Haskell rebuild.
Hydra: ?compare=1430378
2018-02-01 09:36:23 +01:00
Eelco Dolstra 700e21d6da nix-daemon.nix: Updates for Nix 2.0
* The environment variables NIX_CONF_DIR, NIX_BUILD_HOOK and
  NIX_REMOTE are no longer needed.

* A /bin/sh (from busybox) is provided by default in sandboxes.

* Various options were renamed.
2018-01-31 22:26:05 +01:00
WilliButz c2fa5f1729
nixos/xautolock: fix default defaults/examples, add assertions
see issue #34371
2018-01-31 21:43:23 +01:00
Shea Levy 943592f698
Add setFunctionArgs lib function.
Among other things, this will allow *2nix tools to output plain data
while still being composable with the traditional
callPackage/.override interfaces.
2018-01-31 14:02:19 -05:00
Robert Schütz 0604c078a8 home-assistant: add NixOS test 2018-01-31 12:34:58 +01:00
Robert Schütz bacbc48cfe home-assistant: add NixOS module 2018-01-31 12:30:31 +01:00
rnhmjoj f1cacaf97c
nixos/tests: add test for virtual interfaces 2018-01-31 05:52:22 +01:00
rnhmjoj 46c158a32f
nixos/networking-interfaces: set default value for virtualType 2018-01-31 05:51:09 +01:00
Peter Hoeg dc52fc6dda aria2 (nixos): actually load the module
Fixes #33991
2018-01-31 09:42:03 +08:00
Vladimír Čunát c9171e5a4c
Merge branch 'master' into staging
Hydra: ?compare=1430035
2018-01-30 19:51:33 +01:00
Tuomas Tynkkynen 71631a922b runInLinuxVM: Use QEMU command line that works on other architectures
... by moving the existing definition to qemu-flags.nix and reusing
that.
2018-01-30 16:57:27 +02:00
Tuomas Tynkkynen 8e83158f12 nixos/qemu: Deduplicate QEMU serialDevice into qemu-flags.nix 2018-01-30 16:57:27 +02:00
Tuomas Tynkkynen 1ce1380497 nixos/qemu-flags: Take a 'pkgs' parameter
I'm gonna use it in the next commit.
2018-01-30 16:57:27 +02:00
Tuomas Tynkkynen 3be9d4610f nixos/tests: Drop unnecessary qemu-flags.nix include
None of these files are using anything from there.
2018-01-30 16:57:27 +02:00
Robert Hensing f2a45a47d4 nixos: Add nixpkgs.pkgs option
This lets the user set pkgs directly, so that it can be injected
externally and be reused among evaluations of NixOS.
2018-01-30 12:57:03 +01:00
Jörg Thalheim add22af095
Merge pull request #34381 from JohnAZoidberg/less
nixos/less configure less with module
2018-01-30 10:41:39 +00:00
Daniel Schaefer 288898d6f1 nixos/less: use lesspipe package for preprocessing
Rather than a custom script the less config now uses the lesspipe
package config by default.
2018-01-29 22:08:32 +07:00
Jörg Thalheim 8a5f77ffbc nixos/borgbackup: add test
We had problems to get borg's own test suite running.
This test is intended to perform a quick smoke test to see whether we
have missed not any important dependency necessary to create backups
with borg.

tested with:

$ nix-build nixos/release.nix -A tests.borgbackup.x86_64-linux
2018-01-29 14:14:57 +00:00
gnidorah 7b2482ea54 modules/nvidia-optimus: fix module blacklisting 2018-01-29 15:46:15 +03:00
Daniel Schaefer 192c2330d0 nixos/less configure less with module 2018-01-29 18:40:22 +07:00
Jan Tojnar 0f21306ca3
Merge pull request #33900 from jtojnar/nginx-acme
nixos/nginx: allow using existing ACME certificate
2018-01-29 01:38:45 +01:00
Graham Christensen e2a54266c4
openssh: Build with Kerberos by default
This reverts commit 09696e32c390c232ec7ac506df6457fb93c1f536.
which reverted f596aa0f4a
to move it to staging
2018-01-28 16:36:01 -05:00
Graham Christensen 15a4977409
Revert "openssh: Build with Kerberos by default"
This reverts commit a232dd66ee.

Moving to staging
2018-01-28 16:36:01 -05:00
Aneesh Agrawal 716d1612af
openssh: Build with Kerberos by default
This can be disabled with the `withKerberos` flag if desired.
Make the relevant assertions lazy,
so that if an overlay is used to set kerberos to null,
a later override can explicitly set `withKerberos` to false.

Don't build with GSSAPI by default;
the patchset is large and a bit hairy,
and it is reasonable to follow upstream who has not merged it
in not enabling it by default.
2018-01-28 16:36:00 -05:00
Graham Christensen f596aa0f4a
Revert "openssh: Build with Kerberos by default"
This reverts commit a232dd66ee.

Moving to staging
2018-01-28 16:32:52 -05:00
Aneesh Agrawal a232dd66ee
openssh: Build with Kerberos by default
This can be disabled with the `withKerberos` flag if desired.
Make the relevant assertions lazy,
so that if an overlay is used to set kerberos to null,
a later override can explicitly set `withKerberos` to false.

Don't build with GSSAPI by default;
the patchset is large and a bit hairy,
and it is reasonable to follow upstream who has not merged it
in not enabling it by default.
2018-01-28 16:30:46 -05:00
Franz Pletz 36103e9863
nixos/powerManagement: remove duplicate definition
When not set just use the kernel default. `nixos-generate-config` will pick
a reasonable default.

cc #34350
2018-01-28 21:53:07 +01:00
Franz Pletz 50dda062d8
Merge pull request #34350 from Ma27/fix-powermanagement-default
nixos/powerManagement: set `cpuFreqGovernor` with `mkOptionDefault`
2018-01-28 14:46:51 +00:00
Jesper 2b270c1596 nixos/containers: Enable use of the network.useHostResolvConf option (#34354) 2018-01-28 14:42:15 +00:00
Maximilian Bosch 8ed3a90cdf
nixos/powerManagement: set cpuFreqGovernor with mkOptionDefault
`nixos-generate-config` detects the `cpuFreqGovernor` suited best for my
machine, e.g. `powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";`.

However the `powerManagement` module sets a sensitive default for
`cpuFreqGovernor` using `mkDefault` to avoid breackage with older
setups. Since 140ac2f1 the `hardware-configuration.nix` sets the
gorvernor with `mkDefault` as well which causes evaluation errors if the
powermanagement module is enabled:

```
error: The unique option `powerManagement.cpuFreqGovernor' is defined multiple times, in `/home/ma27/Projects/nixos-config/hardware-configuration.nix' and `/nix/var/nix/profiles/per-user/root/channels/nixos/nixpkgs/nixos/modules/config/power-management.nix'.
```

Using `mkOptionDefault` rather than `mkDefault` in the powermanagement
module fixes this issue as it decreases the priority of the module and
prefers the value set in `hardware-configuration.nix`.

I have confirmed the change using the following VM declaration:

```
{
  cpuFreq = { lib, ... }: {
    powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
    powerManagement.enable = true;
  };
}
```
2018-01-28 09:38:45 +01:00
Luke Adams 1537ce9dc7 samba4/sambaMaster: Modify services to align with Samba project usage 2018-01-26 22:37:17 +01:00
Tuomas Tynkkynen d085af7b7d nixos/tests: Fix statsd test evaluation
Fixes:

error: anonymous function at nixos/tests/statsd.nix:1:25 called with unexpected argument ‘system’, at nixos/tests/make-test.nix:5:41
2018-01-26 23:29:53 +02:00
Franz Pletz 1c2e33f3cf
Merge pull request #34060 from WilliButz/fix-postfix-module
nixos/postfix: fix default postfix config
2018-01-26 13:33:49 +00:00
Franz Pletz f646e9051d
release notes: mention the postfix config option fix
cc #34060
2018-01-26 14:27:15 +01:00
Franz Pletz cb7fe51ee6
nixos/postfix: separate list option elements with commas 2018-01-26 14:10:17 +01:00
Markus Kowalewski 85ca8f121b slurm-spank-x11: init at 0.2.5 2018-01-25 13:58:14 -08:00
Orivej Desh ce1d740fa6 addPassthru: fix argument order
addPassthru became unused in #33057, but its signature was changed at the same
time.  This commit restores the original signature and updates the warning and
the changelog.
2018-01-24 23:06:12 +00:00
WilliButz 9bd7798d9c
nixos/postfix: fix default postfix config
`services.postfix.config` is now correctly merged with the default attrset
specified in the module. Some options that are lists in postfix also
have to be lists in nix to be merged correctly. Other default options are
now set with `mkDefault` so they can be overridden via the module system.
2018-01-24 23:35:28 +01:00
Tuomas Tynkkynen d02c2d694e nixos/sd-image-*.nix: Bring back high consoleLogLevel
3d040f9305 removed it from installation-device.nix, but the default
loglevel is just too low for ARM and the like.
2018-01-24 18:23:32 +02:00
Tuomas Tynkkynen cd2e740dde nixos/sd-image-aarch64.nix: Set avoid_warnings in RPi config.txt
Also add some comments on the existing config settings as well.
2018-01-24 18:23:31 +02:00
Michael Raitza 8a77ae81ad openafsClient: rename to openafs 2018-01-24 13:20:47 +01:00
Tuomas Tynkkynen 6388f51ea9 nixos/release.nix: Use callSubTestsOnTheseSystems for ec2 tests 2018-01-23 12:43:24 +02:00
Tuomas Tynkkynen 8353ebe073 nixos/release.nix: Introduce callSubTestsOnTheseSystems
The existing callSubTests seems to already have special-cased code to
allow enabling subtests on a single specific system by looking at the
`system` attribute in the test arguments. Replace it with a new version
similar to the callTestOnTheseSystems because:

- It's consistent with the existing functions for creating
  system-specific tests (though admittedly, the callSubTests special
  case for `system` predates them)
- This approach allows limiting to multiple system types, the previous
  one inherently allows only one system type.
- This also fixes the problem that if you pass in e.g.
  supportedSystems = [ "aarch64-linux" ], you end up with a
  tests.chromium job that silently runs on x86_64-linux.
- Finally, this causes renames of the jobs like:
  tests.chromium -> tests.chromium.x86_64-linux to be consistent with
  the rest of the tests.
2018-01-23 12:24:33 +02:00
Jörg Thalheim e45dfded2b
Merge pull request #34052 from volth/patch-86
nixos/libvirtd: add qemu-img to $PATH of the daemon
2018-01-22 14:39:29 +00:00
Tuomas Tynkkynen 95880aaf06 nixos/initrd: Don't include some x86-specific modules unconditionally 2018-01-22 12:53:33 +02:00
Tuomas Tynkkynen 962e79ef32 nixos/make-disk-image.nix: Support EFI images
- Add a new parameter `imageType` that can specify either "efi" or
  "legacy" (the default which should see no change in behaviour by
  this patch).

- EFI images get a GPT partition table (instead of msdos) with a
  mandatory ESP partition (so we add an assert that `partitioned`
  is true).

- Use the partx tool from util-linux to determine exact start + size
  of the root partition. This is required because GPT stores a secondary
  partition table at the end of the disk, so we can't just have
  mkfs.ext4 create the filesystem until the end of the disk.

- (Unrelated to any EFI changes) Since we're depending on the
  `-E offset=X` option to mkfs which is only supported by e2fsprogs,
  disallow any attempts of creating partitioned disk images where
  the root filesystem is not ext4.
2018-01-22 11:18:23 +02:00
Rommel Martinez f716cdb9be nixos manual: fix typo 2018-01-22 09:39:24 +02:00
Graham Christensen 931a0b8be8
Merge pull request #34128 from teto/doc_simple
Doc: simple precisions
2018-01-21 22:40:36 -05:00
Matthieu Coudron 8b9429008e doc: add wpa_supplicant command to connect to wifi
New thin laptops don't have an ethernet port and so rely on wifi to get
access. With the minimal installer, setup wpa_supplicant can be hard if
it is the first time so here we provide an example.
2018-01-22 11:54:17 +09:00
Matthieu Coudron 91648a2f22 environment.variables: give an example 2018-01-22 10:40:23 +09:00
Matthieu Coudron d9ebd0d35b zsh doc: precise environment.shellAliases 2018-01-22 10:40:23 +09:00
Jörg Thalheim a1e2f2a339 nixos/initrd-network: fix docbook syntax 2018-01-22 00:01:49 +00:00
Svein Ove Aas 5c5259d68d initrd-network: Document the need for modules 2018-01-21 17:43:41 +00:00
Leon Schuermann 04c4c01089 nixos/stunnel: add module (#33151) 2018-01-21 11:23:07 +00:00
Sarah Brofeldt ed792d3a45
Merge pull request #33842 from mimadrid/fix/resilio-sync
resilio-sync: fixed typo knownHosts -> entry.knownHosts
2018-01-21 12:11:29 +01:00
Vladimír Čunát 5402412b97
Merge #33600: xfce: cleanup, hyphenate attributes 2018-01-21 09:52:58 +01:00
Jörg Thalheim dfa6a81a31
Merge pull request #33331 from cransom/netdata-module
netdata service: fix permissions for apps.plugin
2018-01-19 23:19:29 +00:00
volth c4eb23062e
nixos/libvirtd: add qemu-img to $PATH of the daemon
...because daemon's $PATH does not include "/run/current-system/sw/bin"
2018-01-19 16:28:01 +00:00
Jan Tojnar d2d1a2dfba
Merge pull request #28882 from jtojnar/chrome-gnome-shell
chrome-gnome-shell: refactor
2018-01-19 13:40:42 +01:00
Tuomas Tynkkynen 4fd0a3a43d nixos/release.nix: More refactoring for multi-arch
Currently, even if you pass supportedSystems = [ "aarch64-linux" ] you
end up with e.g. `nixos.tests.docker` which actually silently runs on
x86_64-linux. Using the new callTestOnTheseSystems fixes that.

As a side-effect, this also causes a rename of
`nixos.tests.docker` -> `nixos.tests.docker.x86_64-linux`, which is IMHO
a good thing since it's makes them consistent with the rest of the
tests.
2018-01-19 10:35:49 +02:00
Tuomas Tynkkynen eb57d6d089 nixos/release.nix: Add preferLocalBuild to makeNetboot result 2018-01-19 10:35:49 +02:00
Tuomas Tynkkynen 424fc54243 nixos/release.nix: Clean some syntax 2018-01-19 10:35:49 +02:00
Leon Schuermann c61a9dfd2e
sshd: provide option to disable firewall altering 2018-01-18 22:55:28 +08:00
Rob Vermaas 38538f3206
Merge pull request #33423 from AmineChikhaoui/gce-ssh-keys
Fix ssh keys retrieval in GCE instances
2018-01-18 13:06:00 +01:00
Leon Schuermann f297ddb5c9 sudo: define extra rules in Nix language (#33905) 2018-01-17 14:56:08 +00:00
Roman Kuznetsov f63604a598
kubernetes-dashboard (module): 1.6.3 -> 1.8.2 2018-01-17 09:01:32 +01:00
Francesco Gazzetta 356eeb0d4f nixos/mighttpd2: init 2018-01-16 21:04:09 +00:00
rnhmjoj aff5137fc0
docs: document changes regarding package attribute with a digit 2018-01-16 21:13:16 +01:00
rnhmjoj c946c101d6
avoid package attributes starting with a digit 2018-01-16 21:13:16 +01:00
Robin Gloster 9bceb2b353
oh-my-zsh module: reword & fix manual build
docbook interpreted this as a tag and this sounded as if the option
defaulted to putting the cached directory into the nix store.

cc @Ma27 @fpletz
2018-01-16 21:02:54 +01:00
John Ericson 4dff3ee959
Merge pull request #33749 from dezgeg/release-refactor-1
nixos/release.nix: Refactoring for better multi-system support
2018-01-16 12:54:11 -05:00
Maximilian Bosch b55d4c0564 programs.zsh.ohMyZsh: add cacheDir option (#33150)
The default cache directory set by oh-my-zsh is $ohMyZsh/cache which
lives in the Nix store in our case. This causes issues with several
completion plugins provided by oh-my-zsh.
2018-01-16 17:29:46 +00:00
Tuomas Tynkkynen 4ccf308d66 nixos/release.nix: Use forTheseSystems from release-lib
Currently, even if you pass `supportedSystems = [ "aarch64-linux" ]` you
end up with e.g. `nixos.iso_graphical.x86_64-linux` job. Using
forTheseSystems from release-lib avoids that.

This shouldn't affect the usual x86 trunk-combined jobset.
2018-01-16 18:56:41 +02:00
Tuomas Tynkkynen b3c50ec1e9 nixos/release.nix: Move forAllSystems to release-lib
There's already a similar forTheseSystems in release-lib, so be more
consistent.
2018-01-16 18:56:41 +02:00
Jörg Thalheim 822c949833
Merge pull request #33915 from lheckemann/remove-amd-hybrid-graphics
amd-hybrid-graphics module: remove
2018-01-16 15:57:37 +00:00
Jörg Thalheim c4d37f1460
Merge pull request #33890 from lschuermann/openvpn-auth-user-pass
openvpn: add option to store credentials
2018-01-16 08:18:51 +00:00
Leon Schuermann 22e83d2667 openvpn: add warning about world-readable credentials 2018-01-16 11:40:16 +07:00
Linus Heckemann 730f8530a8 amd-hybrid-graphics module: remove
This was only applicable to very specific hardware, and the only person
with an apparent interest in maintaining it (me) no longer uses the
hardware in question.
2018-01-15 23:17:12 +00:00
Jan Tojnar 41d252d7a4
nixos/nginx: allow using existing ACME certificate
When a domain has a lot of subdomains, it is quite easy to hit the rate limit:

https://letsencrypt.org/docs/rate-limits/

Instead you can define the certificate manually in `security.acme.certs` and list the subdomains in the `extraDomains` option.
2018-01-15 13:48:45 +01:00
Leon Schuermann e45a06ebd1 openvpn: add option to store credentials 2018-01-15 14:34:58 +07:00
Vladimír Čunát 67e8392383
Merge #33057: stdenv meta checks: make them lazy
Closes #22277 - it's superseded;  I have some WIP on evaluation
performance, but best do that in a separate PR/thread.
2018-01-14 21:41:31 +01:00
Vladimír Čunát 799b941a2b
release notes: mention removal of lib.addPassthru 2018-01-14 21:34:55 +01:00
Jesper Geertsen Jonsson 8c0558dbb2 sg/newgrp should always be available, not chfn
sg and newgrp only changes the current user session and should be
available to users even if the "users.mutableUsers" option is set.
These are common, useful commands.

chfn does modify the /etc/passwd GECOS field which is also controlled
by the option "users.users.<name?>.description", so it's less
appropriate to make it available when "users.mutableUsers" is set.

However, because CHFN_RESTRICT in login.defs is never set in current
NixOS the chfn functionality is never available to users anyway and
may as well have its SUID disabled, as only root is able to use it.
This is recommended in the chfn man page in this case.
2018-01-14 20:54:40 +01:00
Joachim F b6c696cc6f
Merge pull request #33444 from rnhmjoj/dnscrypt-wrapper
nixos/dnscrypt-wrapper: fix rotate script failing to restart the service
2018-01-14 11:33:02 +00:00
Sarah Brofeldt ee4e6ebbfa
Merge pull request #32822 from LumiGuide/elk6
ELK: 5.6.1 -> 5.6.5 & add ELK 6.1.0
2018-01-14 10:40:50 +01:00
Miguel Madrid Mencía 22341c42e7
resilio-sync: fixed typo knownHosts -> entry.knownHosts 2018-01-13 23:44:39 +01:00
Jörg Thalheim 91ec1f784a
Merge pull request #33755 from srhb/keymap-test-disable-xterm-dm
nixos/tests/keymap: disable xterm DM
2018-01-13 17:03:53 +00:00
Jan Tojnar 38b6d7b60e
nixos/chrome-gnome-shell: init 2018-01-13 15:19:19 +01:00
Joachim F ed250d8093
Merge pull request #27131 from richardlarocque/mosquitto_pw
mosquitto: Explicitly configure password file
2018-01-13 12:02:45 +00:00
David McFarland 68dda232d2 amdgpu-pro: 17.10 -> 17.40 2018-01-12 00:09:15 -04:00
Sarah Brofeldt 4488e7c435 nixos/tests/keymap: disable xterm DM 2018-01-11 20:12:49 +01:00
Eelco Dolstra dddcd10ecc
Don't set 'config.xorg = {}'
This makes memoization of Nixpkgs evaluation less effective, since
some Nixpkgs invocations may have 'config = {}' while others may have
'config = { xorg = {}; }'.

Instead set 'config = {}'.
2018-01-11 19:31:05 +01:00
zimbatm 1276a3b12a
nixos/acme: configurable TOS hash (#33522)
This hash tends to change and upstream simp_le doesn't seem to keep up
with the changes.
2018-01-11 14:19:15 +00:00
Jörg Thalheim 788c5195f3 Revert "nixos/udev: fix outdated udev rules for network devices"
This reverts commit 45c5a915980fbe1fa6f0ff80ab2d11b60b844d9e.

This breaks PredictableNetworkInterfaceNames on systems without networkd.
We should only include this file from systemd, when networkd is enabled.
2018-01-11 11:21:16 +00:00
Parnell Springmeyer e4ec980e9c
Merge remote-tracking branch 'upstream/master' into parnell/fetchdocker 2018-01-10 10:13:49 -08:00
Eelco Dolstra 6bbd67d45a
EC2 AMIs: 17.09.2356.cb751f9b1c3 -> 17.09.2681.59661f21be6 2018-01-10 13:16:49 +01:00
Joachim F a6912f589e
Merge pull request #33629 from rnhmjoj/dnscrypt-proxy
Restore dnscrypt-proxy
2018-01-09 21:34:14 +00:00
John Ericson eec050f395
Merge pull request #33577 from dtzWill/fix/cross-2
Minor cross fixes, 2
2018-01-09 12:36:53 -05:00
Vladimír Čunát d6bf8eb71b
Merge #33614: nixos/kresd improvements
The PR was extended with other fixes.  All tested by me atop 17.09.
2018-01-09 17:26:31 +01:00
Ben Gamari b2cbffae64 nixos/security-wrapper: Fix cross-compilation 2018-01-09 11:25:19 -05:00
Ben Gamari a2215da9a1 make-ext4-fs: Dependencies are nativeBuildInputs 2018-01-09 11:25:19 -05:00
Ben Gamari d680678d0a makeSquashfs: Inputs are nativeBuildInputs 2018-01-09 11:25:19 -05:00
Vladimír Čunát 4bc4c08838
nixos/kresd: service nitpicks 2018-01-09 17:25:18 +01:00
Vladimír Čunát 3ab85ed1ac
nixos/kresd: use DNSSEC root trust anchor from nixpkgs
in read-only way.  If the cache directory is empty and you use the
very same service for system's DNS, kresd is unable to bootstrap root
trust anchors, as it would need a DNS lookup.

Also, if we don't rely on bootstrap, the extra lua deps of kresd could
be dropped by default, but let's not do that now, as the difference in
closure size is only ~4 MB, and there may be other use cases than
running the package as nixos service this way.
2018-01-09 17:24:49 +01:00
Vladimír Čunát f312e6d993
nixos/kresd: use systemd.tmpfiles
Since 4e4161c212 it works on nixos-rebuild.
2018-01-09 17:11:36 +01:00
José Romildo Malaquias 8b416450ea mate: let caja find extensions and gsettings schemas 2018-01-09 02:40:04 +02:00
José Romildo Malaquias 598c6c13f0 mate-panel: let mate-panel find applets in config system path 2018-01-09 02:40:04 +02:00
José Romildo Malaquias ca27392d9c mate-control-center: add gsettings schemas path to XDG vars
mate-control-center depends on mate-settings-daemon, but the later needs
gsettings schemas  provided by the former. To fix this the gsettings schema
path from mate-control-center is added to XDG_DATA_DIRS at session
startup.
2018-01-09 02:40:04 +02:00
José Romildo Malaquias 1bacb88c6a mate-session-manager: add debug option to mate service 2018-01-09 02:40:04 +02:00
Andreas Rammhold 637d5dd00c tomcat9: 9.0.0.M17 -> 9.0.2
also renamed from tomcatUnstable to tomcat9
2018-01-09 01:31:06 +01:00
rnhmjoj 94d28f3672
nixos/dnscrypt-proxy: use new dyne.org repository 2018-01-09 00:33:19 +01:00
Jörg Thalheim 71cce26342 nixos/udev: fix outdated udev rules for network devices
Udev changed its internal naming, so this rule file no longer applied correctly.
Therefore some properties such as network driver no longer matched in
systemd-networkd.

After updating we have more properties in systemd-networkd:

$ sudo networkctl status wlp3s0
...
   Driver: iwlwifi
...

To prevent this in future, the file is no copied from systemd directly
2018-01-08 16:59:33 +01:00
Andrey Golovizin f19d959ef1 nixos/kresd: fix systemd dependency cycle
The unnecessary dependency of sockets.target on kresd.service causes a
dependency cycle preventing kresd.service from starting at boot:

sockets.target -> kresd.service -> basic.target -> sockets.target
2018-01-08 15:52:26 +01:00
Yegor Timoshenko 85b84527f6
mopidy: fix, resolves #32234 2018-01-08 14:32:36 +00:00
rnhmjoj 4ebb9621f4
Revert "nixos/dnscrypt-proxy: remove"
This reverts commit 5dc2853981.
The project has a new maintainer.
2018-01-08 15:09:33 +01:00
Yegor Timoshenko f7a9f96725
nixos/xfce: clean up, use hyphenated attributes 2018-01-08 05:12:05 +00:00
Johannes Bornhold a88b4d4db1 nixos/matrix-synapse: Add module parameter extraConfigFiles (#33276)
This allows to configure additional configuration files for Synapse. This way
secrets can be kept in a secure place on the file system without a need to go
through the Nix store.
2018-01-07 20:13:48 +00:00
Joachim Fasting 5dc2853981 nixos/dnscrypt-proxy: remove
The upstream project ceased.

See https://github.com/NixOS/nixpkgs/issues/33540
2018-01-07 17:00:32 +01:00
Peter Hoeg 42f2a9ddde
Merge pull request #33531 from vdm/patch-1
Update macos USB instructions
2018-01-07 15:12:00 +08:00
Robin Gloster e606bb252b
gitlab module: config changes for gitlab 10.3 2018-01-07 05:02:56 +01:00
Robin Gloster 69c396f273
gitlab module: gitaly fixes 2018-01-07 05:02:35 +01:00
Jörg Thalheim 6249d32486
Merge pull request #33418 from Ma27/test-driver/mention-changes-in-manual
test-driver: mention `$user` argument in the NixOS manual and the Impala release notes
2018-01-07 02:33:21 +01:00
Graham Christensen 013580caf0
Merge pull request #30518 from Infinisil/usbmuxd-service
usbmuxd service: init
2018-01-06 15:53:42 -05:00
Vincent Murphy bd09ef9c21
Update macos USB instructions
"Ejecting" from the Finder ejects the entire device which is then not available for dd. diskutil unmountDisk does the right thing. Furthermore writing to diskN instead of rdiskN failed to complete even after waiting >10 minutes.
2018-01-06 18:13:58 +00:00
Jaakko Luttinen eeaa82bde1 nixos/availableKernelModules: add logitech hid
This adds support for Logitech (wireless) USB keyboards at boot
2018-01-06 17:11:30 +00:00
Léo Gaspard 7b878a443a
nixos/clamav: replace mkIf [] with optional 2018-01-06 16:52:14 +01:00
Léo Gaspard cb506e6e2e
nixos/clamsmtp: init 2018-01-06 16:08:54 +01:00
zimbatm eddf30cc93
nixos: introduce boot.growPartition (#33521)
Move it from being a profile
2018-01-06 13:52:51 +00:00
Maximilian Bosch e18b0b6033
test-driver: mention $user argument in the NixOS manual and the Impala release notes 2018-01-06 10:09:18 +01:00
Orivej Desh bc7f0162f5
Merge pull request #33406 from samueldr/doc/usb-device
Documentation: reword "Obtaining NixOS" paragraph to remove contradiction + update link
2018-01-06 03:25:25 +00:00
Orivej Desh b249907d04
Merge pull request #33197 from bgamari/gitlab-jws-fix
gitlab: Rename jws_private_key to openid_connect_signing_key
2018-01-06 03:08:57 +00:00
José Romildo Malaquias d0eb40b311 lightdm-gtk-greater: add configuration options for clock format and indicators 2018-01-06 02:20:53 +00:00
zimbatm 80f13dc31d fixup! buildkite-agent: change hooksPath type to 'path' (and prevent it from hitting the store) 2018-01-05 22:55:20 +00:00
Robin Gloster cfed96ca51 nixos/service.tt-rss: improve pgsql support, do not use static uid/gid 2018-01-05 14:47:54 +01:00
Jaakko Luttinen c26ff43905 nixos/service.tt-rss: improve mysql automatic setup
If the user chooses MySQL, it is enabled by default. Also, the used database is
created automatically along with the user and permissions.
2018-01-05 14:47:54 +01:00
Jaakko Luttinen 68855595ce nixos/service.tt-rss: enable nginx automatically 2018-01-05 14:47:54 +01:00
Jaakko Luttinen 13eaae1610 nixos/service.tt-rss: use tt_rss user
- Add tt_rss system user.
- Use tt_rss as the user by default.
- Create tt_rss user and group automatically if used.
2018-01-05 14:47:54 +01:00
Jaakko Luttinen c9b46ccea1 nixos/service.tt-rss: fix #27048 2018-01-05 14:47:54 +01:00
rnhmjoj c883311327
nixos/dnscrypt-wrapper: fix rotate script failing to restart the service 2018-01-05 02:37:09 +01:00
Jörg Thalheim f29ecd56c1
Merge pull request #33372 from Mic92/memcache
nixos/memcached: make unix sockets usuable
2018-01-04 18:39:48 +01:00
AmineChikhaoui 5dba59d494
Fixes https://github.com/NixOS/nixops/issues/756.
Seems the google compute metadata service behavior changed a bit
recently which caused this issue ?
see: https://cloud.google.com/compute/docs/storing-retrieving-metadata
2018-01-04 16:50:05 +01:00
Peter Hoeg 423dd6cc29
Merge pull request #33415 from peterhoeg/p/hv
hyperv-daemons: package and nixos module
2018-01-04 21:11:34 +08:00
Peter Hoeg 85e507ebea hyperv-daemons: add nixos module 2018-01-04 21:09:01 +08:00
Maximilian Bosch dbc414a8a5
yabar: add module
To make the configuration of `yabar` more pleasant and easier to
validate, a NixOS module will be quite helpful.

An example config could look like this:

```
{
  programs.yabar = {
    enable = true;
    bars.top.indicators.exec = "YA_DATE";
  };
}
```

The module adds a user-controlled systemd service which runs `yabar` after
starting up X.
2018-01-04 09:58:21 +01:00
Jörg Thalheim 2387c15d68
Merge pull request #33370 from Mic92/redis
nixos/redis: remove static uid/gid assignment
2018-01-04 09:46:24 +01:00
Jörg Thalheim 814b38541f
Merge pull request #32845 from Ma27/test-driver/allow-user-units
test-driver: support testing user units
2018-01-04 09:40:41 +01:00
Samuel Dionne-Riel 0e6346f16a doc: Obtaining NixOS: New link to section in wiki.
This adds a link to the new section in the new wiki that refers to the
same contents as the previously removed link.
2018-01-03 19:35:40 -05:00
Samuel Dionne-Riel dd602120a0 doc: Obtaining NixOS now refers to USB media creation chapter.
This:

 * Removes contradiction with information in the later paragraph.
 * Removes a dead link to the Wiki.
2018-01-03 19:34:32 -05:00
Jörg Thalheim c9c8a2c5b3 nixos/memcached: make unix sockets usuable
before:
  - /var/run/memcached is a bad default for a socket path, since its
    parent directory must be writeable by memcached.
  - Socket directory was not created by the module itself -> this was
    left as a burden to the user?
  - Having a static uid with a dynamic user name is not very useful.

after:
  - Replace services.memcached.socket by a boolean flag. This simplifies
    our code, since we do not have to check if the user specifies a
    path with a parent directory that should be owned by memcached
    (/run/memcached/memcached.sock -> /run/memcached).
  - Remove fixed uid/gid allocation. The only file ever owned by the
    daemon is the socket that will be recreated on every start.
    Therefore user and group ids do not need to be static.
  - only create the memcached user, if the user has not specified a
    different one. The major use case for changing option is to allow
    existing services (such as php-fpm) opening the local unix socket.
    If we would unconditionally create a user that option would be
    useless.
2018-01-03 12:33:36 +01:00
Jörg Thalheim 453e15ec91 nixos/redis: remove static uid/gid assignment
all files are chowned on startup
2018-01-03 11:18:04 +01:00
Léo Gaspard aa241aed14 nixos/dkimproxy-out: init (#33229) 2018-01-03 01:23:02 +00:00
Casey Ransom f3cba4f6bb netdata service: fix permissions for apps.plugin
apps.plugin requires capabilities for full process monitoring. with
1.9.0, netdata allows multiple directories to search for plugins and the
setuid directory can be specified here.

the module is backwards compatible with older configs. a test is
included that verifies data gathering for the elevated privileges. one
additional attribute is added to make configuration more generic than
including configuration in string form.
2018-01-02 17:57:19 -05:00
Ryan Trinkle f1a6fa6eec
Merge pull request #32258 from ryantrinkle/add-nat-extraCommands
nat: add extraCommands option
2018-01-02 14:32:42 -05:00
Maximilian Bosch e538e00404
test-driver: support testing user units
It is quite complicated to test services using the test-driver when
declaring user services with `systemd.user.services` such as many
X11-based services like `xautolock.service`.

This change adds an optional `$user` parameter to each systemd-related
function in the test-driver and runs `systemctl --user` commands using
`su -l $user -c ...` and sets the `XDG_RUNTIME_DIR` variable
accordingly and a new function named `systemctl` which is able to run a
systemd command with or without a specified user.

The change can be confirmed with a simple VM declaration like this:

```
import ./nixos/tests/make-test.nix ({ pkgs, lib }:

with lib;

{
  name = "systemd-user-test";

  nodes.machine = {
    imports = [ ./nixos/tests/common/user-account.nix ];

    services.xserver.enable = true;
    services.xserver.displayManager.auto.enable = true;
    services.xserver.displayManager.auto.user = "bob";
    services.xserver.xautolock.enable = true;
  };

  testScript = ''
    $machine->start;
    $machine->waitForX;

    $machine->waitForUnit("xautolock.service", "bob");
    $machine->stopJob("xautolock.service", "bob");
    $machine->startJob("xautolock.service", "bob");
    $machine->systemctl("list-jobs --no-pager", "bob");
    $machine->systemctl("show 'xautolock.service' --no-pager", "bob");
  '';
})
```
2018-01-02 20:14:27 +01:00
Frederik Rietdijk 804285f589 Merge remote-tracking branch 'upstream/staging' into HEAD 2018-01-02 19:10:45 +01:00
Uli Schlachter 5465d6f7de awesome: Use --search instead of $LUA_PATH/$LUA_CPATH
Instead of polluting the environment with environment variables which
are inherited by processes spawned from awesome, use the command line
argument "--search" to add things to the search path.

cc #33169
2018-01-02 17:24:56 +00:00
Jörg Thalheim 310ad4345b
Merge pull request #30686 from gnidorah/keyring
pam: add optional pam_gnome_keyring integration
2018-01-02 14:58:45 +01:00
Jörg Thalheim 54b16bcd11
Merge pull request #33227 from Ekleog/fcron-opensmtpd
fcron module: be compatible with non-wrapped sendmail's, like opensmt…
2018-01-02 09:26:53 +01:00
Bas van Dijk 803077ef1c elk: add elasticsearch6, logstash6, kibana6 and the beats at v6.1.0
This change is backwards compatible since the ELK tools at version 5.x
remain unchanged.

The test suite now both tests ELK-5 and ELK-6.
2018-01-02 01:15:29 +01:00
Franz Pletz 1a69b2029f
Merge pull request #33273 from fadenb/patch-1
lldpd module: create a lldpd user as system user
2018-01-01 23:46:50 +00:00
gnidorah f15fad898b pam: add optional pam_gnome_keyring integration 2018-01-01 21:58:37 +03:00
Frederik Rietdijk 4cc2a38854 Merge remote-tracking branch 'upstream/master' into HEAD 2018-01-01 18:15:13 +01:00
Jörg Thalheim 0bbf671b5a
Merge pull request #31157 from sorki/lxcfs_pam_related
[wip] lxcfs,pam: disable cgmanager, enable pam_cgfs, lxcfs 2.0.7 -> 2.0.8
2018-01-01 15:42:03 +01:00
Frederik Rietdijk 1869e7e5b0 Merge remote-tracking branch 'upstream/master' into HEAD 2018-01-01 15:09:55 +01:00
Tristan Helmich 3b74349661
lldpd module: create a lldpd user as system user 2018-01-01 14:22:58 +01:00
Léo Gaspard 70a085b62f nixos/rspamd: add extraConfig parameter (#33226) 2017-12-31 15:11:15 +00:00
Vladimír Čunát 1fcd92ce92
Merge branch 'master' into staging
A few thousand rebuilds from master, again.
Hydra: ?compare=1422362
2017-12-31 09:53:49 +01:00
Orivej Desh dac8f27f96 nixos/beegfs: fix the build of the NixOS manual 2017-12-31 07:52:32 +00:00
Markus Kowalewski b7fdefc8a4 beegfs: init at 6.17
package, kernel module, nixos module, and nixos test
2017-12-31 07:07:02 +00:00
Yegor Timoshenko 0dd6bd214d
xfce: resolve conflict with KDE
This resolves some aspects of #33231, but GDK_PIXBUF_MODULE_FILE doesn't really belong to any DE module.
2017-12-31 05:22:15 +00:00
John Ericson 4d2b763817
Merge pull request #26805 from obsidiansystems/cross-elegant
Make cross compilation elegant
2017-12-30 22:58:02 -05:00
Orivej Desh 54d01b0e97
Merge pull request #32914 from Infinisil/znapzendzetup
znapzend service: stateless setup
2017-12-31 03:45:40 +00:00
John Ericson a98e68676d doc: Breaking change release not for dependency propagation logic 2017-12-30 22:42:15 -05:00
John Ericson 553fd19e67 Merge branch 'ericson2314-cross-base' into staging 2017-12-30 22:39:19 -05:00
Léo Gaspard 341583b2d2
fcron module: be compatible with non-wrapped sendmail's, like opensmtpd's 2017-12-31 03:34:11 +01:00
John Ericson fa9f0e574d
Merge pull request #33196 from obsidiansystems/bintools-release-note
doc: Breaking change release note for bintools-wrapper
2017-12-30 19:37:06 -05:00
John Ericson d67e0921e9 doc: Breaking change release note for bintools-wrapper 2017-12-30 19:27:52 -05:00
Yegor Timoshenko c31ac41810
libinput: disableWhileTyping = false by default 2017-12-30 22:02:16 +00:00
Frederik Rietdijk 2d0bead714 Merge remote-tracking branch 'upstream/master' into HEAD 2017-12-30 17:04:54 +01:00
Ben Gamari b95cdd4f6c gitlab: Rename jws_private_key to openid_connect_signing_key
See
24d56df29b
2017-12-29 22:11:04 -05:00
Vladimír Čunát a1a3e54ac9
Merge branch 'master' into staging
Haskell rebuild :-)
Hydra: ?compare=1421865
2017-12-29 18:39:36 +01:00
gnidorah 766ae1ecf9 tmux module: add secureSocket option 2017-12-29 15:05:20 +03:00
Franz Pletz e2fe111d46
nixos/profiles/all-hardware: remove unavailable modules 2017-12-29 11:37:21 +01:00
Vladimír Čunát 0ac589246a
release-notes 18.03: fixup build after 553e8be1 2017-12-29 11:28:17 +01:00
Vladimír Čunát f29000b002
Merge branch 'master' into staging
Hydra: ?compare=1421760
2017-12-29 10:13:33 +01:00
Nadrieril 95fde40b71 usbguard service: rules option should be of type 'lines' 2017-12-29 03:19:36 +01:00
Robin Gloster 553e8be1d9 release-notes 18.03: add MariaDB update notes 2017-12-29 02:18:35 +01:00
Robin Gloster 86c7db0ac4 mysql module: cleanup obsolete checks 2017-12-29 02:18:35 +01:00
Robin Gloster 445e3d7390 ghostOne: remove
broken and unmaintained
2017-12-29 02:18:35 +01:00
Christoph Hrdinka 3e14b2826b
nsd module: make use of NSDs configFile option
Signed-off-by: Christoph Hrdinka <c.github@hrdinka.at>
2017-12-28 14:34:06 +01:00
adisbladis 563078184e
services.xserver.desktopManager.plasma5: add qtvirtualkeyboard to systemPackages 2017-12-28 21:13:46 +08:00
Kosyrev Serge 097719147a buildkite-agent: change hooksPath type to 'path' (and prevent it from hitting the store)
(cherry picked from commit 3aec59c99f)
Signed-off-by: Domen Kožar <domen@dev.si>
2017-12-28 12:16:05 +00:00
Kosyrev Serge 9f5593559b buildkite: address review suggestions 2017-12-28 12:16:05 +00:00
Kosyrev Serge bbb6072f10 buildkite: allow configuration and actual use of agent-specific hooks
(cherry picked from commit 775e49439f)
Signed-off-by: Domen Kožar <domen@dev.si>
2017-12-28 12:16:05 +00:00
Silvan Mosberger 66fefb82e7
nixos/znapzend: stateless setup
This enables znapzend users to specify its full configuration through
NixOS options, without ever needing to use the stateful `znapzendzetup`
command.

This works by running znapzendzetup with the specified config in
ExecPre, just before the znapzend daemon is started.

There is also the `pure` option which will clear all previous znapzend setups,
making it as stateless as can get, as only the setup declared in
configuration.nix will be persisted.
2017-12-28 01:40:01 +01:00
Peter Hoeg 7798051817
Merge pull request #32927 from peterhoeg/u/kdeapp
kde-applications: 17.08.3 -> 17.12.0
2017-12-28 08:22:27 +08:00
Christoph Hrdinka d890212ac8 nginx module: only turn on HTTP2 when SSL is enabled
Signed-off-by: Christoph Hrdinka <c.github@hrdinka.at>
2017-12-28 00:32:24 +01:00
gnidorah c955c131f7 rootston module, orbment/bemenu: change my maintainership 2017-12-27 10:21:34 +03:00
gnidorah ececaafee1 rootston module: better defaults 2017-12-26 23:31:38 +03:00
Jörg Thalheim f1c236a987
Merge pull request #33035 from corpix/feature/ssh-systemd-deps
sshd: Start after network target
2017-12-26 09:11:04 +01:00
Robin Gloster c4036762b2
gitlab: remove unnecessary assertion
It also gives less information than the error from the module system.
2017-12-26 01:11:16 +01:00
José Romildo Malaquias 6e0387a1e6 mate: fix XDG_MENU_PREFIX 2017-12-25 07:15:07 +01:00
José Romildo Malaquias 248e3983b0 gnome3: fix XDG_MENU_PREFIX 2017-12-25 07:15:07 +01:00
José Romildo Malaquias 1e147fee02 enlightenment: fix XDG_MENU_PREFIX 2017-12-25 07:15:07 +01:00
Michael Weiss 4be298bf6d nixos/sway: Extend the descriptions and examples
This'll hopefully make it a bit easier to get started with Sway and make
some things about the module more obvious.
2017-12-25 00:15:06 +01:00
Dmitry Moskowski ed26bc5931
sshd: Start after network target 2017-12-24 14:57:14 +00:00
Yegor Timoshenko b792b3ca61
thinkfan: proper case in IBM, Lenovo, ThinkPad 2017-12-24 12:54:43 +00:00
Jörg Thalheim b65f942eae
Merge pull request #28022 from volth/ccache
nixos/ccache: init
2017-12-24 13:41:48 +01:00
gnidorah 22596e8995 breeze-qt4: drop 2017-12-24 12:54:04 +03:00
Michael Weiss b322cad42b nixos/rootston: Init
Probably only relevant for a quick testing setup and NixOS VM tests.
2017-12-23 17:34:29 +01:00
Orivej Desh c3cfdc17bf
Merge pull request #32983 from flokli/virtualbox-5.2.4
virtualbox: 5.2.2 -> 5.2.4
2017-12-23 16:29:59 +00:00
Yegor Timoshenko f89bc2718b
Merge pull request #32995 from NixOS/yegortimoshenko-patch-1
mbpfan: improve description, resolves #32266
2017-12-23 17:31:13 +03:00
Yegor Timoshenko ca7472b1a7
mbpfan: improve description, resolves #32266 2017-12-23 14:28:37 +00:00
Yegor Timoshenko 108f76c927
Merge pull request #31668 from rycee/doc/naming
docs: clarify package and module option naming
2017-12-23 17:12:29 +03:00
Graham Christensen b5a61f2c59
Revert "nixos: doc: implement related packages in the manual" 2017-12-23 07:19:45 -05:00
Florian Klink 0543dc77b1 nixos/tests/virtualbox: remove mknod /dev/vda1 call
With devtmpfs introduced in 0d27df280f it is
created automatically.

See https://github.com/NixOS/nixpkgs/pull/32983#issuecomment-353703083
2017-12-23 03:16:18 +00:00
Silvan Mosberger 0b0df8f9cf nixos/logkeys: fix evaluation 2017-12-23 01:44:14 +00:00
Arseniy Seroka 36e02645eb
Merge pull request #32424 from oxij/nixos/related-packages
nixos: doc: implement related packages in the manual
2017-12-23 03:34:58 +03:00
Evgeny Egorochkin ab623d8467 luksRoot: add the missing ECB dependency to fix XTS support, resolves #30940 2017-12-22 07:50:09 +02:00
gnidorah b9851a975e Make less known wayland compositors usable (#32285)
* bemenu: init at 2017-02-14

* velox: 2015-11-03 -> 2017-07-04

* orbment, velox: don't expose subprojects

the development of orbment and velox got stuck
their subprojects (bemenu, dmenu-wayland, st-wayland) don't work correctly outside of parent projects
so hide them to not confuse people
swc and wld libraries are unpopular and unlike wlc are not used by anything except velox

* pythonPackages.pydbus: init at 0.6.0

* way-cooler: 0.5.2 -> 0.6.2

* nixos/way-cooler: add module

* dconf module: use for wayland

non-invasive approach for #31293
see discussion at #32210

* sway: embed LD_LIBRARY_PATH for #32755

* way-cooler: switch from buildRustPackage to buildRustCrate #31150
2017-12-21 16:16:19 +00:00
Bjørn Forsman 7c481aa7c1 nixos/gitolite: copy hooks with force
This makes the commonHook option work also for (read-only) Nix store
paths. Currently it fails on the second activation, because the
destination is read-only.
2017-12-21 08:41:59 +01:00
volth 363cdde475 nixos/libvirt: remove 'virtualisation.libvirtd.enableKVM' option 2017-12-21 03:56:41 +00:00
volth a52aa6aafb nixos/libvirt: avoid dependency on two qemu packages
Currently libvirt requires two qemu derivations: qemu and qemu_kvm which is just a truncated version of qemu (defined as qemu.override { hostCpuOnly = true; }).

This patch exposes an option virtualisation.libvirtd.qemuPackage which allows to choose which package to use:

 * pkgs.qemu_kvm if all your guests have the same CPU as host, or
 * pkgs.qemu which allows to emulate alien architectures (for example ARMV7L on X86_64), or
 * a custom derivation

virtualisation.libvirtd.enableKVM option is vague and could be deprecate in favor of virtualisation.libvirtd.qemuPackage, anyway it does allow to enable/disable kvm.
2017-12-21 03:56:40 +00:00
Yegor Timoshenko 71a8dbb956 nixos/desktop-managers: do not leak feh to PATH
(originally from f9415cb621)

feh is used to set background image for desktop managers that do not
support it directly, however there is no need to include it in PATH.

Fixes #17450.
2017-12-21 01:43:38 +00:00
Orivej Desh b679079045
Merge pull request #32540 from rnhmjoj/portrange
nixos/doc: document the firewall port ranges options
2017-12-20 23:51:08 +00:00
rnhmjoj 63af1f7807
nixos/doc: document the firewall port ranges options 2017-12-21 00:46:34 +01:00
Graham Christensen 9f31fe81aa
nixos: zfs: correct the networking.hostId error message
Users were confused that the error message said config.networking.hostId, and indeed that did nothing to fix their problem.

Update the error message to specify the option they should actually set.
2017-12-20 17:56:03 -05:00
Sander van der Burg 9cee2e5c95 dysnomia module: use postgres as default user and always publish container properties 2017-12-20 21:45:07 +01:00
Eelco Dolstra 014800706a
create-amis.sh: Ass eu-west-3 2017-12-20 16:35:22 +01:00
Tuomas Tynkkynen 758b4c1ea4 make-disk-image.nix: Really fix write permissions in the store
I think the current one applies the -exec only to those that match
'-type d'. Let's switch it to something that humans can understand...
2017-12-20 17:28:46 +02:00
Eelco Dolstra 3c82e6fc82
Add AMI for eu-west-3 2017-12-20 16:19:33 +01:00
Franz Pletz cf12bc44b6
Merge pull request #32858 from nh2/nginx-add-http2-option
nginx service: Make http2 an option.
2017-12-20 11:18:33 +00:00
Yurii Rashkovskii 26a59f70a2 nixos/tarsnap: update doc for printStats
after the change made in 15567e6d8e
2017-12-20 10:16:10 +00:00
Yegor Timoshenko a0aeb2381e doc: system.environmentPackages -> environment.systemPackages 2017-12-20 02:19:43 +00:00
Jörg Thalheim ba007d32c9
Merge pull request #32829 from flokli/input_leds
boot.initrd.luks: add input_leds module
2017-12-19 21:36:51 +00:00
Wei Tang 62a974bbbf xfce: delay package selection for pulseaudio volume to nixos modules (#23382)
Now there are separate `xfce4.xfce4mixer_pulse` and `xfce4.xfcevolumed_pulse` attributes for PulseAudio versions of these packages, instead of relying on Nixpkgs option. Mind that xfce4-volumed and xfce4-volumed-pulse are actually two separate programs without much overlap.
2017-12-19 22:28:12 +03:00
Niklas Hambüchen afa97cb981 nginx service: Make http2 an option.
HTTP 2 can break some things, for example due to this Chrome bug:

  https://bugs.chromium.org/p/chromium/issues/detail?id=796199

So the service hardcoding it to be enabled is not helpful.

This commit adds an option so you can turn it off.
2017-12-19 19:59:15 +01:00
Kevin Hanselman 65fb15aaf8 nixos/smartd: allow extra cli options for daemon
This enables further customization of smartd.
2017-12-19 18:43:49 +01:00
Florian Klink f2a9f9aeab boot.initrd.luks: add input_leds module
To get working caps lock lights already at stage 1, the input_leds
module needs to be loaded.

Closes #12456.
2017-12-19 01:07:37 +01:00
Orivej Desh a65525bf9f
Merge pull request #32787 from yegortimoshenko/xfce/svg
xfce: SVG icon support in xfce4-panel, fixes #18536
2017-12-18 16:13:36 +00:00
Marti Serra f24b642587 crashplan-small-business: init at 6.6.0 2017-12-18 07:20:18 +01:00
Yegor Timoshenko 209cbf9fc7 xfce: SVG icon support in xfce4-panel, fixes #18536
Thanks to Yuriy Pitomets, Jonathan Curran, and David Kleuker.
2017-12-18 01:11:20 +00:00
Samuel Leathers 7becd38cdf
Merge pull request #31068 from dalaing/fdisk-examples
nixos manual: Adds some examples of how to use fdisk.
2017-12-17 14:24:32 -05:00
Joachim F 4fb4d2f407
Merge pull request #32496 from florianjacob/btrfs-autoScrub
tasks/btrfs: add services.btrfs.autoScrub
2017-12-17 16:12:42 +00:00
Jörg Thalheim 4844fbc267
Merge pull request #32268 from volth/patch-74
nixos/initrd-ssh: generate hostkeys if absent
2017-12-17 00:00:04 -08:00
Peter Simons 0fe9785305
Merge pull request #32584 from manoj23/davfs2-v3
davfs2: create user/group davfs2 if not specified in the configuration
2017-12-17 08:53:18 +01:00
Philipp Dörfler 4b0c9418c0 nixos/logcheck: replace rm with rm -r to delete the empty logcheck.logfiles.d/
Fixes #29906
2017-12-17 04:02:26 +00:00
Tuomas Tynkkynen c9f71974f8 make-disk-image.nix: Remove write permissions from /nix/store
Fakeroot seems to always give the owner write bit to any files touched
inside it (presumably to easily simulate the fact that root can still
modify such files). So do an explicit chmod to remove them.

This should finally solve #32242 after the EC2 images are regenerated
with this change.

https://hydra.nixos.org/build/66143116
2017-12-17 01:19:05 +02:00
Orivej Desh dc89304d4d
Merge pull request #32733 from jtojnar/pinentry-1.1
pinentry: 1.0.0 → 1.1.0
2017-12-16 03:54:50 +00:00
Jan Tojnar bd0d521774
pinentry: override pinentry_ncurses instead of the other way around 2017-12-16 04:39:29 +01:00
Jan Tojnar ba67110de3
pinentry_qt: merge into pinentry 2017-12-16 03:26:30 +01:00
Orivej Desh b256afac58
Merge pull request #32578 from michaelpj/imp/plymouth-theme-defaut
plymouth: add breeze-plymouth as default theme
2017-12-15 20:20:24 +00:00
Jörg Thalheim 5687f61b19
Merge pull request #32637 from makefu/pkgs/openstack/nuke
nuke openstack (again)
2017-12-15 10:06:23 -08:00
Tuomas Tynkkynen 6ed6d323fe make-squashfs.nix: Improve invalid path check messages
Now the mtime problems are gone, but EC2 Hydra builders are still having
some problems:

https://hydra.nixos.org/build/66043835
2017-12-15 19:57:40 +02:00
makefu 269d8a17b5
openstack module: rip
part of openstack cleanup
2017-12-15 16:08:38 +01:00
makefu 71767ee3c7
glance: rip
part of openstack cleanup
2017-12-15 16:08:10 +01:00
makefu d3d94992cf
keystone: rip
part of openstack cleanup
2017-12-15 16:06:44 +01:00
Bjørn Forsman b53407461a nixos/lighttpd: update allKnownModules list
lighttpd 1.4.46+ got three new modules.
2017-12-15 07:47:45 +01:00
David Kleuker ffc0bfa5b7 nixos/samba: increase LimitNOFILE to recommended value (#32085)
fixes warning:

    rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)

https://serverfault.com/a/641411
2017-12-14 17:12:44 +00:00
Franz Pletz 0f18f4af88
nixos/tests/jenkins: check if jenkins is available 2017-12-14 16:03:24 +01:00
Franz Pletz 2754d1a8c3
xmr-stak module: init 2017-12-14 16:03:09 +01:00
Symphorien Gibol b8a85fccd9 luksroot.nix: rename fallback to fallbackToPassword 2017-12-14 13:43:14 +01:00
Eelco Dolstra e4847b797e
Update NixOS 17.09 AMIs
This adds support for c5.* instances.

Fixes #32612.
2017-12-13 23:42:09 +01:00
makefu 5369400bb0
nova: rip
part of openstack cleanup
2017-12-13 18:16:29 +01:00
Florian Jacob fc21593352 nixos/btrfs: add services.btrfs.autoScrub
for automatic regular scrubbing of mounted btrfs filesystems,
similar to what's already there for zfs.
2017-12-13 11:00:28 +01:00
Franz Thoma 9e486344a9 nixos.gnome3.at-spi2-core: Set environment variable NO_AT_BRIDGE=1 if disabled
As suggested in #16327 (https://github.com/NixOS/nixpkgs/issues/16327#issuecomment-315729994).
2017-12-13 04:55:35 +01:00
Graham Christensen 3cad1abf9e
Merge pull request #32031 from NixOS/unstable-aarch64
Aarch64 Netboot
2017-12-12 17:44:07 -05:00
Robert Helgesson 5eb4a8339c
nixos containers: remove stray , from pattern
See #31888.
2017-12-12 18:35:06 +01:00
Bas van Dijk 5572de75a0
containers: deny networkmanager from managing the ve-* and vb-* NICs
Without this, when you've enabled networkmanager and start a
nixos-container the container will briefly have its specified IP
address but then networkmanager starts managing it causing the IP
address to be dropped.
2017-12-12 18:22:15 +01:00
Eelco Dolstra 875eaf0821
nix: 1.11.15 -> 1.11.16 2017-12-12 17:46:21 +01:00
Tuomas Tynkkynen 0d27df280f build-support/vm: Use devtmpfs, not static device nodes
In 2017, there is no reason to create a static /dev.
2017-12-12 14:31:50 +02:00
Georges Savoundararadj 9724654c74 davfs2: create user/group davfs2 if not specified in the configuration
* Add options:
  - enable
  - davUser (default: "davfs2")
  - davGroup (default: "davfs2)
* Add davfs2 user or group if they are not specified in the
configuration
2017-12-11 19:30:25 -08:00
Graham Christensen 08b8bc24cb
Netboot: Add aarch64 2017-12-11 21:33:55 -05:00
Joachim F 90accc093e
Merge pull request #32216 from LumiGuide/networkmanager-strongswan
networkmanager_strongswan: fix package
2017-12-11 23:26:21 +00:00
Linus Heckemann e4b32222a3 nixos/tests: correct comment in radicale.nix (#32574)
The secrets are in fact also stored unhashed, as part of the .drv file
which produces the htpasswd.
2017-12-11 22:09:23 +00:00
Joachim F 4792523a3d
Merge pull request #32500 from srhb/logstash-locallisten
nixos/logstash: Listen on 127.0.0.1 instead of 0.0.0.0
2017-12-11 22:00:38 +00:00
Michael Peyton Jones 638d24950d plymouth: add breeze-plymouth as default theme 2017-12-11 20:42:00 +00:00
Vladimír Čunát e9c12f6936
Merge older staging
There are some regressions, but not that many and I want
the security update of openssl fast.
2017-12-11 09:49:56 +01:00
Orivej Desh 42973bef3f nixos/programs/bash: document that /etc/bash_completion.d is obsolete
fbd52a5e31/bash_completion (L2070-L2078)
2017-12-10 12:16:25 +00:00
Tor Hedin Brønner 9988224c2a nixos/programs/bash: Let bash-completion lazy load scripts
As described in detail here: https://github.com/NixOS/nixpkgs/issues/32533
bash will load completion scripts in $p/share/bash-completion/completions/ on
startup instead of letting bash-completion do it's lazy loading. Bash startup
will then slow down (very noticeable when bash-completion is installed in a
profile).

This commit leaves loading of scripts in the hands of bash-completion,
improving startup time for everyone using `enableCompletion`.

fixes #32533
2017-12-10 10:15:41 +01:00
Andreas Rammhold 104de603cb networkmanager: remove restart after suspend from resume
In commit ec9dc73 restarting NetworkManager after resume from
suspend/hibernate was introduced.

When I initially switch to NixOS I started noticing a high delay between
wakeup and re-connecting to WiFi & wired networks. The delay increased
from a few seconds (on my previous distro, same software stack) to
almost half a minute with NixOS.

I (locally) applied the change in this commit a few weeks ago and tested
since then. The notebook/mobile device experience has improved a lot.
Reconnects are as before switching to NixOS.

Issue #24401 could be related to this. Since I am not using KDE/plasma5
I can only guess…
2017-12-10 00:19:15 +01:00
Vladimír Čunát 2309acf723
Merge branch 'master' into staging 2017-12-09 21:00:07 +01:00
Sarah Brofeldt b694fa0054 nixos/logstash: Listen on 127.0.0.1 instead of 0.0.0.0 2017-12-09 11:32:14 +01:00
Orivej Desh 40950f6a2d
Merge pull request #31006 from florianjacob/prosody
Improvements for Prosody
2017-12-09 09:19:24 +00:00
volth bfee336614
nixos/varnish: it does not matter where to check syntax, only when 2017-12-09 08:29:44 +00:00
Nadrieril 9f5d779641 Mark services.firefox.syncserver.{user,group} as removed 2017-12-08 22:23:14 +00:00
Nadrieril ae416b47cf firefox.syncserver service: Fix missing dependency 2017-12-08 22:18:57 +00:00