3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

10701 commits

Author SHA1 Message Date
William Casarin 6c1eb15a3b nixos/modules: add clipmenu user service
add a clipmenud daemon user service
2018-07-15 12:22:46 -07:00
Matthew Bauer 19fc061a13
Merge pull request #43169 from samueldr/fix/stripDirs
Fixes `stripDirs` use after signature change
2018-07-14 19:07:46 -04:00
Johannes Frankenau d81f819db3 nixos/cupsd: add option to start when needed 2018-07-14 23:39:43 +02:00
Thomas Tuegel 5ea799defc
Merge pull request #43243 from peterhoeg/f/sddmqt
sddm: use tmpfiles.d to wipe QML cache
2018-07-14 13:16:18 -05:00
Thomas Tuegel 1301973797
Merge pull request #42910 from bkchr/kde_update_start_menu
services.plasma5: Update start menu with an activationScript
2018-07-14 13:13:39 -05:00
Franz Pletz ea9078b76b
Merge pull request #41745 from rvolosatovs/fix/sshd
nixos: Add more ssh-keygen params
2018-07-14 16:29:46 +00:00
Vladimír Čunát 0f01215203
Merge branch 'master' into staging-next
Hydra: ?compare=1468896
2018-07-14 18:15:30 +02:00
Peter Hoeg 6e3ee65b44
Merge pull request #43511 from peterhoeg/m/firejail
firejail: add nixos module
2018-07-14 21:04:11 +08:00
Peter Hoeg 65eb3a590d firejail: add nixos module
Also add support for wrapping binaries with firejail.
2018-07-14 20:21:41 +08:00
patternspandemic d9d9200496
nixos/neo4j: Update module, make compatible with neo4j 3.4 2018-07-12 19:28:40 -07:00
Silvan Mosberger b9c95c7d60
httpd: Fix typo 2018-07-13 02:59:00 +02:00
rembo10 c84e668109 nixos/lightdm-gtk-greeter: svg icon support 2018-07-12 18:20:07 +03:00
Ben Wolsieffer 7c763118b4 raspberrypiWirelessFirmware: init 2018-07-12 17:02:32 +03:00
Andrew Dunham d7bfd04301 sdImage: make partition ID/UUID configurable 2018-07-12 17:02:03 +03:00
volth 88939a1949 nixos: remove option services.xserver.desktopManager.xfce.screenLock 2018-07-12 01:45:41 +00:00
aszlig 7b87554ca1
nixos/tests/letsencrypt: Hardcode certs and keys
In 0c7c1660f7 I have set allowSubstitutes
to false, which avoided the substitution of the certificates.

Unfortunately substitution may still happen later when the certificate
is merged with the CA bundle. So the merged CA bundle might be
substituted from a binary cache but the certificate itself is built
locally, which could result in a different certificate in the bundle.

So instead of adding just yet another workaround, I've now hardcoded all
the certificates and keys in a separate file. This also moves
letsencrypt.nix into its own directory so we don't mess up
nixos/tests/common too much.

This was long overdue and should finally make the dependency graph for
the ACME test more deterministic.

Signed-off-by: aszlig <aszlig@nix.build>
2018-07-12 02:32:46 +02:00
aszlig c21b1ede95
nixos/tests/letsencrypt: Fix go source install
Since e95f17e272, Go packages no longer
contain the source tree, however Boulder seems to need that as it
generates a few files during build.

Ideally we would only pick the files that are needed and put it into a
separate output, but I currently don't have time for this so I'm marking
this with XXX to get back to it later.

Signed-off-by: aszlig <aszlig@nix.build>
2018-07-12 02:32:44 +02:00
Maximilian Bosch 6f72b63601
nixos/nixos-option: don't abort in case of evaluation errors
When running e.g. `nixos-option boot.kernelPackages` I get an output
like this on the current unstable channel (18.09pre144959.be1461fc0ab):

```
$ nixos-option boot.kernelPackages
Value:
*exit 1*
```

This is fairly counter-intuitive as I have no clue what might went
wrong. `strace` delivers an output like this:

```
read(3, "error: Package \342\200\230cryptodev-linu"..., 128) = 128
read(3, "ux/cryptodev/default.nix:22 is m"..., 128) = 128
read(3, "lowBroken = true; }\nin configura"..., 128) = 128
read(3, "you can add\n  { allowBroken = tr"..., 128) = 128
read(3, "n)\n", 128)                    = 3
read(3, "", 128)                        = 0
```

`nixos-option` evaluates the system config using `nix-instantiate` which
might break when the evaluation fails (e.g. due to broken or unfree
packages that are prohibited to evaluate by default). The script aborts
due to the shebang `@shell@ -e`.

In order to ensure that no unexpected
behavior occurs due to removing `-e` from the interpreter the easiest
way to work around this was to wrap `nix-instantiate` in `evalNix()`
with a `set +e`. The function checks the success of the evaluation with
`$?` in the end. Additionally `evalNix` shouldn't break, if one
evaluation (e.g. the values that contain a package set by default) to
return additional information like a description.

With the change `nixos-option boot.kernelPackages` delivers the
following output for me:

```
Value:
error: Package ‘cryptodev-linux-1.9-4.14.52’ in /nix/store/47z2s8cwppymmgzw6n7pbcashikyk5jk-nixos/nixos/pkgs/os-specific/linux/cryptodev/default.nix:22 is marked as broken, refusing to evaluate.

Default:
{ __unfix__ = <LAMBDA>; acpi_call = <CODE>; amdgpu-pro = <CODE>; ati_drivers_x11 = <CODE>; batman_adv = <CODE>; bbswitch = <CODE>; bcc = <CODE>; beegfs-module = <CODE>; blcr = <CODE>; broadcom_sta = <CODE>; callPackage = <CODE>; cpupower = <CODE>; cryptodev = <CODE>; dpdk = <CODE>; e1000e = <CODE>; ena = <CODE>; evdi = <CODE>; exfat-nofuse = <CODE>; extend = <CODE>; facetimehd = <CODE>; fusionio-vsl = <CODE>; hyperv-daemons = <CODE>; ixgbevf = <CODE>; jool = <CODE>; kernel = <CODE>; lttng-modules = <CODE>; mba6x_bl = <CODE>; mwprocapture = <CODE>; mxu11x0 = <CODE>; ndiswrapper = <CODE>; netatop = <CODE>; nvidiaPackages = <CODE>; nvidia_x11 = <CODE>; nvidia_x11_beta = <CODE>; nvidia_x11_legacy304 = <CODE>; nvidia_x11_legacy340 = <CODE>; nvidiabl = <CODE>; odp-dpdk = <CODE>; openafs = <CODE>; openafs_1_8 = <CODE>; perf = <CODE>; phc-intel = <CODE>; pktgen = <CODE>; ply = <CODE>; prl-tools = <CODE>; recurseForDerivations = true; rtl8192eu = <CODE>; rtl8723bs = <CODE>; rtl8812au = <CODE>; rtl8814au = <CODE>; rtlwifi_new = <CODE>; sch_cake = <CODE>; spl = <CODE>; splLegacyCrypto = <CODE>; splStable = <CODE>; splUnstable = <CODE>; stdenv = <CODE>; sysdig = <CODE>; systemtap = <CODE>; tbs = <CODE>; tmon = <CODE>; tp_smapi = <CODE>; usbip = <CODE>; v4l2loopback = <CODE>; v86d = <CODE>; vhba = <CODE>; virtualbox = <CODE>; virtualboxGuestAdditions = <CODE>; wireguard = <CODE>; x86_energy_perf_policy = <CODE>; zfs = <CODE>; zfsLegacyCrypto = <CODE>; zfsStable = <CODE>; zfsUnstable = <CODE>; }

Example:
{ _type = "literalExample"; text = "pkgs.linuxPackages_2_6_25"; }

Description:

"This option allows you to override the Linux kernel used by\nNixOS. Since things like external kernel module packages are\ntied to the kernel you're using, it also overrides those.\nThis option is a function that takes Nixpkgs as an argument\n(as a convenience), and returns an attribute set containing at\nthe very least an attribute <varname>kernel</varname>.\nAdditional attributes may be needed depending on your\nconfiguration. For instance, if you use the NVIDIA X driver,\nthen it also needs to contain an attribute\n<varname>nvidia_x11</varname>.\n"

Declared by:
  "/nix/var/nix/profiles/per-user/root/channels/nixos/nixpkgs/nixos/modules/system/boot/kernel.nix"

Defined by:
  "/home/ma27/Projects/nixos-config/system/boot.nix"
```
2018-07-12 00:37:01 +02:00
Dave Laing 4d5371f373 nixos/virtualbox: Adds more options to virtualbox-image.nix (#42699)
* nixos/virtualbox: Adds more options to virtualbox-image.nix

Previously you could only set the size of the disk.

This change adds the ability to change the amount of memory
that the image gets, along with the name / derivation name /
file name for the VM.

* Incorporates some review feedback
2018-07-11 19:45:10 +02:00
Jan Tojnar bf09bb5ef0 nixos/bamf: init 2018-07-11 18:58:02 +02:00
Oliver Evans 01bc14da8f nixos/tests/taskserver: fix typos (#43284) 2018-07-11 10:20:12 +02:00
Uli Baum 7ac794f878 nixos/tests/taskserver: fix eval
Since IP address options were changed for 18.03, eval has failed with:
"The option `networking.interfaces.eth1.subnetMask' is used but not defined."
although this option is not used at all in nixos anymore.

The misleading error message seems to be generated from evaluating warnings
for `mkRemovedOptionModule ["subnetMask"]` which apparently broke here
when this test inherited network.interfaces from one VM config to another.

Cc: @aszlig
2018-07-11 00:27:06 +02:00
Jan Tojnar 7b6510e455
nixos/udisks2: use upstream unit
Simplifies the module and gets rid of the following error:

The --no-debug option is deprecated and ignored. See '--help
2018-07-10 12:40:43 +02:00
xeji 51d0309651
Merge pull request #38324 from rvl/znc-uri-prefix
znc: add uriPrefix option
2018-07-10 09:38:50 +02:00
volth 79b97aab7f options.i18n.inputMethod.package: fix type (#43239) 2018-07-09 22:37:27 +02:00
Peter Hoeg cd4e54b3a1 sddm: use tmpfiles.d to wipe QML cache 2018-07-09 14:51:05 +08:00
volth 29f0525679
nixos/nexus: fix evaluation 2018-07-09 04:48:15 +00:00
volth e9ec28f068
nixos/matomo: fix evaluation 2018-07-09 04:45:52 +00:00
volth 6f1134ff8b
nixos/journalwatch: fix evaluation 2018-07-09 04:43:41 +00:00
volth 06ed05d3b9
nixos/digitalbitbox: fix evaluation 2018-07-09 04:37:52 +00:00
Samuel Dionne-Riel 4106de56d0 stage-1: Fixes use of stripDirs. 2018-07-07 22:25:23 -04:00
Rickard Nilsson d80292dbd2 nixos: Add option networking.networkmanager.dynamicHosts
This allows non-privileged users to configure local DNS
entries by editing hosts files read by NetworkManager's dnsmasq
instance.

Cherry-picked from e6c3d5a507 and
5a566004a2.
2018-07-07 17:15:35 +02:00
Graham Christensen 96305ca6f2
Merge pull request #43094 from grahamc/fix-quagga-docs
quagga module: Use a deep merge via imports instead of the shallow merge
2018-07-06 17:47:05 -04:00
Graham Christensen 48d292e8a1
networking: Fix timeout when lo has aliased IPs
With a config like

    {
      networking.interfaces."lo".ip4 = [
        { address = "10.8.8.8"; prefixLength = 32; }
      ];
    }

a nixos-rebuild switch would take a long time, and you'd see:

    $ systemctl list-jobs
       JOB UNIT                                TYPE  STATE
    734400 network-interfaces.target           start waiting
    734450 sys-subsystem-net-devices-lo.device start running
    734449 network-link-lo.service             start waiting

and:

    systemd[1]: sys-subsystem-net-devices-lo.device: Job sys-subsystem-net-devices-lo.device/star>
    systemd[1]: sys-subsystem-net-devices-lo.device: Job sys-subsystem-net-devices-lo.device/star>
    systemd[1]: Timed out waiting for device sys-subsystem-net-devices-lo.device.

This removes the device dependency for `lo` and fixes this bug.

Closes #7227
2018-07-06 15:38:52 -04:00
Vladimír Čunát 38bca8d36f
nixos.tests.containers-imperative: increase VM memory
Apparently merging #43021 1bdb138710 did increase memory usage
in some cases.  1 GiB for a VM memory seems still low enough to me.
2018-07-06 15:57:57 +02:00
Mathias Schreck 39e678e24e dockerTools.buildImage: add option to use nix output hash as tag 2018-07-06 15:15:09 +02:00
Peter Hoeg f2d9f3ab85
Merge pull request #43097 from peterhoeg/m/pipewire
pipewire (nixos): add socket activation support
2018-07-06 15:26:39 +08:00
Peter Hoeg 139a6b4106 pipewire (nixos): add support for socket activation 2018-07-06 12:03:24 +08:00
Matthew Bauer 2b4d7221a9
Merge pull request #42569 from spacefrogg/nscd-fix
resolvconf.conf: Remove forced NSCD service restart
2018-07-05 22:16:02 -04:00
Graham Christensen 078925c954
quagga module: Use a deep merge via imports instead of the shallow merge
The deep merge caused all the options to be unset when generating docs, unless quagga was enabled.

Using imports, instead, properly allows the documentation to be generated.
2018-07-05 22:11:29 -04:00
Matthew Bauer a92472fae1
Merge pull request #42724 from yshui/libinput-button
libinput: add button to scrollMethod
2018-07-05 22:10:26 -04:00
Matthew Bauer 9cd122a2c4
Merge pull request #43088 from matthewbauer/misc
Get rid of 2 unneeded packages
2018-07-05 20:13:47 -04:00
Yegor Timoshenko 1bb95d8409
Merge pull request #42775 from mkaito/oauth2_proxy-virtualHosts
oauth2_proxy: add nginx vhost module
2018-07-05 22:15:50 +03:00
Silvan Mosberger 59b3ce2894
Merge pull request #42398 from Ma27/make-autorandr-target-configurable
nixos/autorandr: make default target in systemd service configurable
2018-07-05 15:10:22 +02:00
Maximilian Bosch 8325996621
nixos/autorandr: make default target in systemd service configurable
The `.service` file defining the `systemd` unit for `autorandr.service`
which is bundled with the package itself uses `--default default` in the
`ExecStart` section. This can be an issue when having multiple layouts
(e.g. `default` as workstation layout I mostly work on and `mobile` when
I go somewhere else).

When the service gets restarted and `--default` can't be applied,
however the current layout can't be detected (e.g. when working with an
unknown beamer) the service silently fails with a message like this:

```
Jun 22 18:44:46 hauptshuhle autorandr[3168]: /nix/store/h83b72ffm68nm8fyjnppljchp456a94r-xrandr-1.5.0/bin/xrandr: ca>
Jun 22 18:44:46 hauptshuhle autorandr[3168]: Failed to apply profile 'default' (line 718):
Jun 22 18:44:46 hauptshuhle autorandr[3168]:   Command failed: /nix/store/h83b72ffm68nm8fyjnppljchp456a94r-xrandr-1.>
```

As discussed in the IRC (see https://botbot.me/freenode/nixos/2018-07-05/?msg=101791455&page=6)
it's a bad long-term solution in terms of maintenance to manually patch
the service file bundled with the derivation, instead the service shall
be configured declaratively. Additionally this makes possible overrides
from the user-space way easier.

The `udev` rule (in `$out/etc/udev/rules.d`) won't' be affected, it
simply runs `systemctl start autorandr.service` when e.g. a new display
is added, so now `udev` communicates with the NixOS systemd unit.
2018-07-05 14:39:08 +02:00
Silvan Mosberger fb29756259
Merge pull request #42118 from emmanuelrosa/mpd-nixos-tests
mpd: add NixOS tests
2018-07-04 20:41:46 +02:00
Ingo Blechschmidt c97b1a44d1 supplicant: Fix tiny typo in the documentation 2018-07-04 00:14:45 +02:00
Silvan Mosberger bdac6ac4b2
Merge pull request #42860 from ldesgoui/fix-murmur-service
murmur service: prevent silent launch failure by waiting until network is available
2018-07-03 17:34:07 +02:00
Silvan Mosberger 59dd0e6c69
Merge pull request #41222 from gnidorah/firewall
nixos/firewall: per-interface port options
2018-07-03 17:21:55 +02:00
Bastian Köcher 8b3fb83160 services.plasma5: Update start menu with an activationScript
To update the plasma start menu `kbuildsyscoca5` needs to be executed.
There are several people complaining about missing applications in their
plasma start menu.
This patch adds a activationScript for plasma, that runs
`kbuildsyscoca5` for each user that has `isNormalUser` == `true`.
2018-07-03 15:18:07 +02:00
Jörg Thalheim ed20918278
Merge pull request #42896 from sorki/gpsd_nowait
nixos/gpsd-service: add services.gpsd.nowait option
2018-07-03 13:56:06 +01:00
Jörg Thalheim 32e982448d gpsd: use optionalString 2018-07-03 13:55:27 +01:00
Jörg Thalheim 73245552b7
Merge pull request #42898 from aespinosa/kerberos
nixos/kerberos: update binary folder pointer
2018-07-03 13:41:46 +01:00
Jörg Thalheim 54da29274f
Merge pull request #42269 from Baughn/zfs
zfs: Improve import handling
2018-07-03 13:23:09 +01:00
Allan Espinosa da994fb64e nixos/kerberos: update binary folder pointer
${pkg.tcp_wrappers}/sbin does not exist anymore.
2018-07-02 20:15:11 -04:00
Joachim F 3ea5b15c20
Merge pull request #42845 from ivanbrennan/nixos-sudo-describe-rules-precedence
nixos/security.sudo: Document ordering of extraRules
2018-07-02 23:55:56 +00:00
Richard Marko 57ed52d61f nixos/gpsd-service: add services.gpsd.nowait option 2018-07-03 00:40:57 +02:00
Matthew Bauer e8e26becac
Merge pull request #42887 from matthewbauer/libsecurity-closure-reductions
Libsecurity closure reductions
2018-07-02 18:34:53 -04:00
Svein Ove Aas cfd8c4ee88 zfs: Improve import handling 2018-07-02 21:14:45 +01:00
Silvan Mosberger e08148041f
nixos/systemd-boot: Add consoleMode option 2018-07-02 18:21:51 +02:00
aszlig 6e4711727e
nixos/hadoop: Replace users.extra{Users,Groups}
In fff5923686 all occurences of
users.extraUsers and users.extraGroups have been changed tree-wide to
users.users and users.group. In the meantime the hadoop modules were
introduced via #41381 (060a98e9f4).

Unfortunately those modules still use users.extraUsers, which has been
renamed a long time ago (14321ae243, about
three years from now), so let's actually rename it accordingly as well.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @matthewbauer, @aespinosa
2018-07-02 18:05:33 +02:00
Jörg Thalheim 8cf4a4725c
Merge pull request #41823 from Chiiruno/dev/meguca
meguca: 2018-05-26 -> 2018-06-11
2018-07-02 15:35:42 +01:00
Michael Raskin b43c4d8b75
Merge pull request #42798 from flokli/users-users
tree-wide: users.extraUsers -> users.users, users.extraGroups -> users.groups
2018-07-02 11:23:10 +00:00
Vladimír Čunát c1ffc65d1a
Merge branch 'master' into staging
This apparently fixes some broken src fetches (gnuradio, twisted).
2018-07-02 11:10:26 +02:00
ldesgoui 16a46139d3 murmur: prevent silent launch failure 2018-07-02 05:30:43 +02:00
ivanbrennan d08967a3a8
nixos/security.sudo: describe extraRules order
The order of sudoers entries is significant. The man page for sudoers(5)
notes:

  Where there are multiple matches, the last match is used (which is not
  necessarily the most specific match).

This module adds a rule for group "wheel" matching all commands. If you
wanted to add a more specific rule allowing members of the "wheel" group
to run command `foo` without a password, you'd need to use mkAfter to
ensure your rule comes after the more general rule.

  extraRules = lib.mkAfter [
    {
      groups = [ "wheel" ];
      commands = [
        {
          command = "${pkgs.foo}/bin/foo";
          options = [ "NOPASSWD" "SETENV" ];
        }
      ]
    }
  ];

Otherwise, when configuration options are merged, if the general rule
ends up after the specific rule, it will dictate the behavior even when
running the `foo` command.
2018-07-01 15:50:51 -04:00
Patrick Hilhorst 38b7233f83
Update sudo.nix
Updated example for security.sudo.extraRules to match comment
2018-07-01 13:23:55 +02:00
Jörg Thalheim 6e54e9253a iwd: set statedir to /var/lib/iwd 2018-07-01 10:59:35 +01:00
Matthew Bauer 060a98e9f4
Merge pull request #41381 from aespinosa/hadoop-modules
nixos/hadoop: add hadoop module (hdfs, yarn)
2018-06-30 18:33:03 -04:00
aszlig 0c7c1660f7
nixos/tests/letsencrypt: Don't substitute certs
If one of the certificates of the chain gets substituted from a binary
cache and the rest is generated locally it might turn out that we get
invalid certificates, which in turn cause tests using this module to
fail.

So let's set allowSubstitutes to false for all derivations that are
involved with certificate/key generation.

Signed-off-by: aszlig <aszlig@nix.build>
2018-06-30 18:35:10 +02:00
Silvan Mosberger d74419ee3e
nixos/fwupd: Fix meta 2018-06-30 15:49:44 +02:00
adisbladis dd608f80db
Merge pull request #42709 from jollheef/master
hostapd: use WPA2 instead of WPA1 by default
2018-06-30 21:44:19 +08:00
Mikhail Klementev d8f6ca1afa hostapd: use WPA2 instead of WPA1 by default 2018-06-30 11:33:11 +00:00
Allan Espinosa 0c10b2baa6 nixos/hadoop: add hadoop module (hdfs, yarn) 2018-06-29 23:14:02 -04:00
Florian Klink fff5923686 nixos/modules: users.(extraUsers|extraGroup->users|group) 2018-06-30 03:02:58 +02:00
Florian Klink 89d5d191b4 nixos/tests: users.(extraUsers|extraGroup->users|group) 2018-06-30 02:31:30 +02:00
Florian Klink 0868aa76f6 nixos-generate-config.pl: users.extraUsers-> users.users 2018-06-30 02:26:47 +02:00
Florian Klink bd228c05b1 nixos/modules/installer: users.extraUsers -> users.users 2018-06-30 02:26:14 +02:00
Vladimír Čunát f7781f5293
Merge branch 'master' into staging 2018-06-30 01:41:59 +02:00
xeji 82550f54c6
Merge pull request #42746 from flokli/manual-fixes-users-users
Manual fixes: users.extraUsers -> users.users
2018-06-30 00:46:25 +02:00
spacefrogg 37c999228b openafs_1_8: init at 1.8.0 (#41889)
- Introduce new "server" output holding the server binaries
 - Adapt tsmbac.patch to new build environment
 - Adapt openafs nixos server module accordingly
 - Update upstream CellServDB: 2017-03-14 -> 2018-05-14
 - Introduce package attributes to refer to the openafs packages to use for
   server, programs and kernel module
2018-06-30 00:34:35 +02:00
Okina Matara 4b91c2428b meguca: 2018-05-26 -> 2018-06-10 2018-06-29 15:56:33 -05:00
Benjamin Staffin dca7e24a11
networkmanager: Expand dns description, integrate with other services (#41898)
Rather than special-casing the dns options in networkmanager.nix, use
the module system to let unbound and systemd-resolved contribute to
the newtorkmanager config.
2018-06-29 13:41:46 -04:00
Michishige Kaito 2fec848254 fixup! oauth2_proxy: add nginx vhost module 2018-06-29 16:23:24 +01:00
Michishige Kaito 4a72999c75 oauth2_proxy: add nginx vhost module 2018-06-29 15:36:03 +01:00
Jan Tojnar 3784fd5e46
pcsclite: split package 2018-06-29 04:40:54 +02:00
Matthew Bauer e4e2ba6507
Merge pull request #42655 from yesbox/zerotier_module
zerotier module: interface names changed; fix no dhcp
2018-06-28 22:26:10 -04:00
Matthew Bauer ba0cd50e85
Merge pull request #42326 from Ekleog/opensmtpd-test
opensmtpd package and module: add nixos test
2018-06-28 22:25:12 -04:00
Matthew Bauer 4a611a2ecf
Merge pull request #41635 from spacefrogg/dbus-nss-fix
dbus: Add NSS modules path to dbus system bus service
2018-06-28 22:14:37 -04:00
Matthew Bauer be3a8c4bdb
Merge pull request #41799 from pacien/patch-4
cgit: Parametrise cgit subdirectory
2018-06-28 22:13:42 -04:00
Matthew Bauer e0cd8fc91a
Merge pull request #42394 from netixx/add-freeradius-modules
freeradius : added service to module-list
2018-06-28 22:09:46 -04:00
Matthew Bauer dfd90df391
Merge pull request #41343 from jerith666/restic-s3
restic: add s3CredentialsFile option
2018-06-28 20:43:41 -04:00
Matthew Bauer 50edf59e1b
Merge pull request #41430 from Tomahna/bloop
Bloop: Init 1.0.0-M11
2018-06-28 20:42:41 -04:00
Matthew Bauer 76d1e13b7a
Merge pull request #41444 from dasJ/tt-rss
nixos/tt-rss: Support plugins and themes
2018-06-28 20:40:09 -04:00
Florian Klink 329983f6c7 manual: rename user added to networkmanager from "youruser" to "alice"
to be consistent with the rest of the manual

Reported-By: Cedric Shahabi <cedric.shahabi@gmail.com>
2018-06-28 23:54:35 +02:00
Florian Klink 6cabce9abd manual: rename users.extraUsers to users.users
Is called like this since 14321ae243, but
docs were still using the old option in some cases.

Reported-By: Cedric Shahabi <cedric.shahabi@gmail.com>
2018-06-28 23:54:02 +02:00
Yuxuan Shui a8ff4a073f nixos/libinput: add button to scrollMethod
Close #17840
2018-06-28 12:15:00 +01:00
Frank Doepper c5da007af5 nixos/zfs: load encryption keys for all pools (#41846)
fixes #41838

At the moment it works fine for "file://" keys, but does not work for
dataPools with "prompt" keys, because the passphrase cannot be entered
(yet).
2018-06-28 11:04:30 +01:00
Jörg Thalheim 9ae531e263
Merge pull request #42588 from laMudri/ibus-troubleshoot
nixos/ibus: detail workaround for issue #11558
2018-06-27 15:39:39 +01:00
Jesper Geertsen Jonsson 1327218d8a zerotier: interface names changed; fix no dhcp
Since ZT v1.2.8:
ZT interface names are no longer named zt<sequence number>.
Instead they are by default named zt<network hash>.

https://www.zerotier.com/blog/2018-05-04-128.shtml
2018-06-27 15:43:55 +02:00
aszlig a346f153b5
nixos/strongswan-swanctl: Fix build of manual
Commit 401370287a introduced a small error
where the closing tag of <literal/> was an opening tag instead.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @basvandijk, @xeji
2018-06-26 10:02:07 +02:00
Franz Pletz 2ef3ae5590
virtlyst service: init 2018-06-26 01:18:30 +02:00
laMudri 1fe63c8ad1 nixos/ibus: detail workaround for issue #11558 2018-06-25 23:18:17 +01:00
Michael Raitza d8c16bc54a resolvconf.conf: Remove forced NSCD service restart
Forcibly restarting NSCD is unnecessary and breaks setups that use SSSD for
authentication. NSCD is capable of detecting changes to /etc/resolv.conf and
invalidating its caches internally. Restarting NSCD/SSSD breaks user name and
UID resolution.
2018-06-25 16:25:15 +02:00
xeji 7e77094f39
Merge pull request #42518 from LumiGuide/strongswan-swanctl-5.6.3
strongswan-swanctl: adapt options to strongswan-5.6.3
2018-06-25 15:01:56 +02:00
Maximilian Bosch db493ad552 nixos/npm: add npm to the system closure by default (#42420) 2018-06-25 00:11:55 +02:00
xeji bbe8321a29
Merge pull request #42365 from LumiGuide/fix-chronyd
chrony: disable the whole timesyncd module when chronyd is enabled
2018-06-24 22:31:57 +02:00
Jan Tojnar 9db625c7ab
ostree: 2018.4 → 2018.6
Update, clean-up dependencies and add installed tests.
2018-06-24 16:10:32 +02:00
gnidorah c60c8aa759 nixos/firewall: per-interface port options 2018-06-24 16:49:10 +03:00
Daiderd Jordan 4cd108043c
Merge pull request #42424 from LumiGuide/remove-deprecated-postage
pgmanage: remove deprecated postage alias
2018-06-24 13:19:18 +02:00
Bas van Dijk 401370287a strongswan-swanctl: adapt options to strongswan-5.6.3
This time there was only one change between 5.6.2..5.6.3:

2c7a4b0704
2018-06-24 11:32:10 +02:00
Kevin Rauscher ead58d100d bloop: init at 1.0.0-M11 2018-06-23 18:25:44 +02:00
Bas van Dijk 68fa306be6 pgmanage: remove deprecated postage alias
The following has been removed:

* The `services.postage` alias for the `services.pgmanage` module
* The `postage` alias for the `pgmanage` package
2018-06-23 13:32:13 +02:00
Maximilian Bosch 3fde98e587
nixos/screen: add pkgs.screen to the system closure 2018-06-23 11:17:10 +02:00
Netix (Espinet François) 4ea4073c46 freeradius : added service to module-list
The freeradius service was merged with #34587
but the module was not added to module-list.

This commit fixes that and enables the use of
services.freeradius in nixos configuration.
2018-06-22 22:20:57 +02:00
Bas van Dijk 56ef106848 chrony: disable the whole timesyncd module when chronyd is enabled
Peviously only the timesyncd systemd unit was disabled. This meant
that when you activate a system that has chronyd enabled the following
strange startup behaviour takes place:

  systemd[1]: Starting chrony NTP daemon...
  systemd[1]: Stopping Network Time Synchronization...
  systemd[1]: Stopped chrony NTP daemon.
  systemd[1]: Starting Network Time Synchronization...
2018-06-22 12:02:35 +02:00
Vladimír Čunát a8c71037e0
installer tests: avoid udisks2
This is a temporary hack to fix channel until we resolve #42324.
2018-06-22 10:47:05 +02:00
Maximilian Bosch 6c66e15bbf
nixos/thefuck: move init scripts to programs.*.interactiveShellInit
`fuck` should only be used for interactive sessions, but nothing more
(so init files like `/etc/zshenv` become even more lightweight).
2018-06-22 01:32:11 +02:00
Matthew Justin Bauer fe948fd6b0
Merge pull request #42327 from bkchr/fix_plasma5_test
tests.plasma5: Fixes OCR in sddm by providing a custom theme
2018-06-21 18:24:35 -04:00
Bastian Köcher 51bafa6471 tests.plasma5: Fixes OCR in sddm by providing a custom theme
The custom theme just sets the old background colour that OCR works
again.
2018-06-21 14:52:54 +02:00
Léo Gaspard b6eeeb111c
opensmtpd package and module: add nixos test 2018-06-21 13:04:24 +02:00
Matthew Justin Bauer 31021701ac
Merge pull request #41478 from bluescreen303/docker-registry
Small improvements to the docker registry module
2018-06-20 21:45:56 -04:00
Matthew Justin Bauer 3925077548
Merge pull request #41485 from teto/owamp
[RDY] Owamp : Get one way (network) latencies between synchronized computers
2018-06-20 21:45:36 -04:00
Joachim Fasting b9c953eb19
nixos/tests/tor: a minimal test
For now check that the default client config boots.

Ideas for the future:
- Expand on control via netcat
- Configure a circuit of nodes exercise various configs (e.g., check
  that a client node can access a hidden www service).  Needs setting up
  authoritative directory servers &c.
2018-06-21 00:26:44 +02:00
Jörg Thalheim d63cb0695f
Merge pull request #42133 from markuskowa/pgbackup
nixos/pgbackup: Fix and refactor the postgres backup module
2018-06-20 22:21:52 +01:00
Franz Pletz 8f4f748810
Merge pull request #42306 from ryantm/mattermost
mattermost: 4.10.0 -> 5.0.0
2018-06-20 20:52:04 +00:00
Markus Kowalewski 6dc06fdd28
nixos/pgbackup: rename option period -> startAt 2018-06-20 17:58:48 +02:00
Tuomas Tynkkynen f9218b1346 nixos/stage-1: Make find-libs not choke on dynamic linker being in DT_NEEDED
find-libs is currently choking when it finds the dynamic linker
as a DT_NEEDED dependency (from glibc) and bails out like this
(as glibc doesn't have a RPATH):

Couldn't satisfy dependency ld-linux-x86-64.so.2

Actually the caller of find-libs ignores the exit status, so the issue
almost always goes unnoticed and happens to work by chance. But
additionally what happens is that indirect .so dependencies are
left out from the dependency closure calculation, which breaks
latest cryptsetup as libssl.so isn't found anymore.
2018-06-20 17:58:02 +03:00
Franz Pletz cac9f08810
Merge pull request #42134 from tazjin/feat/journaldriver
Add package & NixOS module for journaldriver
2018-06-20 12:14:31 +00:00
Jörg Thalheim 36600b2a50
Merge pull request #42287 from ryantm/mattermost-joinsnamespaceof
nixos/mattermost: fix JoinsNamespaceOf config location
2018-06-20 09:57:16 +01:00
Ryan Mulligan b83152c135 mattermost: 4.10.0 -> 5.0.0 2018-06-19 17:12:13 -07:00
Emmanuel Rosa 5509a4d273 mpd: add NixOS tests
This change adds NixOS tests for the MPD (Music Player Daemon) module.
Tests include:

- Playing audio locally using ALSA directly.
- Playing audio locally using PulseAudio (backed by ALSA).
- Playing audio from an external client.
- Rejecting an external client when it's not explicitly allowed (default configuration).

refs #41772
2018-06-19 20:01:25 -04:00
Thomas Kim Pham 1d07b0edac add missing k8s Webhook authorization mode 2018-06-19 22:33:57 +02:00
Johan Thomsen f9ad1cae78 nixos/kubernetes: dashboard lockdown
Kubernetes dashboard currently has cluster admin permissions,
which is not recommended.

- Renamed option "services.kubernetes.addons.dashboard.enableRBAC" to "services.kubernetes.addons.dashboard.rbac.enable"
- Added option "services.kubernetes.addons.dashboard.rbac.clusterAdmin", default = false.
- Setting recommended minimal permissions for the dashboard in accordance with https://github.com/kubernetes/dashboard/wiki/Installation
- Updated release note for 18.09.
2018-06-19 22:28:00 +02:00
Franz Pletz 8eaff5b06a
xmr-stak service: support multiple config files 2018-06-19 18:07:41 +02:00
Jörg Thalheim 81eaa7ab1b
Merge pull request #42211 from dje4321/dje4321
Grub: default is signed int. Fixes #42152
2018-06-19 10:55:13 +01:00
Emily Ann Ediger ac0136509c added suggestion to support both str and int 2018-06-19 04:05:50 -05:00
Emily Ann Ediger ae04fb01f8 set default to type.str 2018-06-19 01:59:21 -05:00
Emily Ann Ediger 08691d0515 Grub: default is signed int. Fixes #42152 2018-06-18 23:54:45 -05:00
Vincent Ambo 59e5aabee6 nixos/journaldriver: add module for journaldriver log forwarder
Adds a module for running the journaldriver log forwarding agent via
systemd.

The agent can be deployed on both GCP instances and machines hosted
elsewhere to forward all logs from journald to Stackdriver Logging.

Consult the module options and upstream documentation for more
information.

Implementation notes:

* The service unit is configured to use systemd's dynamic user feature
  which will let systemd set up the state directory and appropriate
  user configuration at unit launch time instead of hardcoding it.

* The module depends on `network-online.target` to prevent a situation
  where journaldriver is failing and restarting multiple times before
  the network is online.
2018-06-18 20:36:44 +02:00
Yegor Timoshenko 5e5bdfa6ad
Merge pull request #41098 from mkaito/oauth2_proxy
oauth2_proxy: Handle attributes being derivations
2018-06-18 20:47:55 +03:00
Matthew Justin Bauer 8180c32b73
Merge pull request #39153 from mnacamura/lightdm-mini-greeter
lightdm-mini-greeter: init at 0.3.2
2018-06-18 11:38:35 -04:00
Yegor Timoshenko b5d6a49085
nixos/networkmanager: add extraConfig 2018-06-18 22:21:27 +08:00
Joachim Fasting c449f0b55c
nixos/tor: grammer fix, advise -> advice
Seems to me that the noun form is more appropriate here.
2018-06-18 12:40:09 +02:00
Mitsuhiro Nakamura 83b389394b lightdm-mini-greeter: init at 0.3.2 2018-06-18 18:55:06 +09:00
adisbladis 2f907d5ba1
Merge pull request #42153 from Ekleog/opensmtpd-changeable-package
opensmtpd module: allow changing the package
2018-06-18 16:42:58 +08:00
lewo 7a61c728e5
Merge pull request #41909 from aespinosa/nexus-package
nixos/nexus: allow overriding the package
2018-06-18 10:07:44 +02:00
Léo Gaspard bb08686f1e opensmtpd module: allow changing the package 2018-06-18 09:49:01 +02:00
xeji bf6974648e
Merge pull request #42128 from volth/patch-157
nixos/xrdp: add fonts.enableDefaultFonts
2018-06-18 00:29:07 +02:00
Yegor Timoshenko 6d5cb130af
not-detected: use lib.mkDefault 2018-06-17 23:25:41 +03:00
xeji bb8b1df729
Merge pull request #41511 from vicgc/nilfs2-root-fix
Fixed nilfs2 fsck error at boot because its not needed by the nilfs2 filesystem
2018-06-17 21:52:55 +02:00
Markus Kowalewski aee0f49fe6
nixos/pgbackup: add postgres backup to the postgres test 2018-06-17 19:50:40 +02:00
Markus Kowalewski baef643232
nixos/pgbackup: Fix the postgres backup modules 2018-06-17 19:48:51 +02:00
volth baa1098a4a
nixos/xrdp: add fonts.enableDefaultFonts 2018-06-17 11:23:30 +00:00
dje4321 1b7ce4c6d5 brightnessctl: init at 0.3.2 (#42102)
* brightnessctl: init at 0.3.2

* Revised PR
2018-06-16 18:15:42 -04:00
Matthew Justin Bauer 98cd8568e5
Merge pull request #41971 from aneeshusa/use-listen_addresses-for-postgresql
nixos/postgresql: Use listen_addresses, not -i
2018-06-15 22:41:15 -04:00
Matthew Justin Bauer 53a75e3a2a
Merge pull request #41737 from jraygauthier/jrg/uvcvideo_dynctrl_rebased
nixos/uvcvideo.dynctrl: Init
2018-06-15 22:26:30 -04:00
Frank Doepper 673ecfcbaa nixos/zfs: mount AFTER import 2018-06-15 20:58:43 +02:00
Aneesh Agrawal 94bd4787a9 nixos/postgresql: Use listen_addresses, not -i
The -i flag to control if PostgreSQL listens for TCP/IP connections has
been deprecated, so replace it with the modern alternative.
2018-06-13 23:03:02 -07:00
Aneesh Agrawal 76c4c7b9de nixos/systemd: Allow building systemd without libmicrohttpd 2018-06-13 22:55:06 -07:00
Aneesh Agrawal c2ab820d6a nixos/uwsgi: use python.withPackages 2018-06-13 22:47:22 -07:00
xeji 8e5891b33e
Merge pull request #41853 from volth/patch-153
network-interfaces.nix: remove duplicate code
2018-06-13 23:55:46 +02:00
Jörg Thalheim cc7aa24c8c
Merge pull request #41928 from woffs/zfs-service-enable
nixos/zfs: enable zfs services
2018-06-13 22:37:05 +01:00
Jörg Thalheim a89586a885
Merge pull request #41938 from tilpner/awesome-no-argb
nixos/awesome: Add noArgb option
2018-06-13 22:31:45 +01:00
Joachim F f0f385ae76
Merge pull request #41852 from oxij/nixos/tor-service
nixos/tor: fix systemd service
2018-06-13 19:52:10 +00:00
tilpner 903292a2d8
nixos/awesome: Add noArgb option
Add option to disable client transparency support in awesome,
which greatly improves performance in my setup
(and presumably will in some others).
2018-06-13 19:47:26 +02:00
Michael Raskin f35cc5eb42
Merge pull request #41764 from oxij/nixos/some-more-related-packages
nixos: add some more related packages
2018-06-13 17:03:56 +00:00
Jan Malakhovski b01ccbb899 nixos: xserver: add related packages 2018-06-13 16:25:10 +00:00
Jan Malakhovski 2a5688574c nixos: doc: make relatedPackages a bit smarter 2018-06-13 16:25:10 +00:00
Frank Doepper bea4323acf nixos/zfs: enable zfs services 2018-06-13 16:31:05 +02:00
Uli Baum 41f3dee176 nixos/tests/morty: fix non-deterministic failure
... due to improper timing
2018-06-13 16:29:58 +02:00
Sarah Brofeldt 2ebadc4d87
Merge pull request #41884 from johanot/k8s-improvements
nixos/kubernetes: improvements
2018-06-13 14:31:11 +02:00
Allan Espinosa 783eb8438a nixos/nexus: allow overriding the package
Useful when pulling nixos-unstable in a stable NixOS installation.
2018-06-13 08:02:17 -04:00
xeji bffc59badd
Merge pull request #37289 from disassembler/dnsdist
nixos/dnsdist: init module
2018-06-13 13:56:53 +02:00
volth 3ae018592d
nixos/tinc: minor fixes 2018-06-12 23:27:52 +00:00
Notkea 8b9559e417 cgit: parametrise subdirectory
This proposal enables the user to choose the sub-directory in which to serve cgit.
The previous default behaviour isn't altered.
2018-06-13 00:28:52 +02:00
Johan Thomsen 8d7ea96a13 nixos/kubernetes: improvements
- Added option 'cni.configDir' to allow for having CNI config outside of nix-store
  Existing behavior (writing verbatim CNI conf-files to nix-store) is still available.

- Removed unused option 'apiserver.publicAddress' and changed 'apiserver.address' to 'bindAddress'
  This conforms better to k8s docs and removes existing --bind-address hardcoding to 0.0.0.0

- Fixed c/p mistake in apiserver systemd unit description

- Updated 18.09 release notes to reflect changes to existing options
  And fixed some typos from previous PR

- Make docker images for Kubernetes Dashboard and kube-dns configurable
2018-06-12 22:47:32 +02:00
Roman Volosatovs 1846a85b77
sshd: Add issue references to services.openssh.authorizedKeysFiles 2018-06-12 18:30:53 +02:00
Roman Volosatovs 9953edaf75
sshd: Support more ssh-keygen parameters 2018-06-12 18:26:20 +02:00
volth d79a5057d3 nixos/nat: optional networking.nat.externalInterface (#41864)
to prevent "cannot coerce null to string" raise before the assertions are checked
2018-06-12 15:14:15 +02:00
volth b25a2c9614 nixos/unbound: add restart (#41885) 2018-06-12 14:29:25 +02:00
Jörg Thalheim dbdad4b44b maintainers/create-azure.sh: remove hydra.nixos.org as binary cache (#41883) 2018-06-12 14:21:56 +02:00
Cole Mickens a44a9fdad6 azure: stop carrying qemu-220 patch 2018-06-12 02:06:03 -07:00
aszlig fb2c132db4
nixos/no-x-libs: Switch to using nixpkgs.overlays
The usage of nixpkgs.config.packageOverrides is deprecated and we do
have overlays since quite a while.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @edolstra
2018-06-11 20:58:33 +02:00
volth 4d07170dc0
network-interfaces.nix: remove duplicate code 2018-06-11 16:50:01 +00:00
Ryan Mulligan 24f176f016 nixos/mattermost: fix JoinsNamespaceOf config location 2018-06-11 09:47:01 -07:00
SLNOS adab27a352 nixos/tor: use ControlPort for controlSocket for simplicity 2018-06-11 15:52:24 +00:00
SLNOS 2de3c4bd78 nixos/tor: add tor-init service to fix directory ownerships, fix hardenings
This reverts a part of 5bd12c694b.

Apparently there's no way to specify user for RuntimeDirectory in systemd
service file (it's always root) but tor won't create control socket if the dir
is owned by anybody except the tor user.

These hardenings were adopted from the upstream service file, checked
against systemd.service(5) and systemd.exec(5) manuals, and tested to
actually work with all the options enabled.

`PrivateDevices` implies `DevicePolicy=closed` according to systemd.exec(5),
removed.

`--RunAsDaemon 0` is the default value according to tor(5), removed.
2018-06-11 15:52:24 +00:00
Raymond Gauthier 3dfc9cd826 nixos/uvcvideo.dynctrl: Init 2018-06-11 11:33:49 -04:00
volth 4c3352896e
nixos/initrd-network: support hetzner 2018-06-11 10:35:02 +00:00
Uli Baum 93cbb9b72f nixos/tomcat: fix eval error introduced by #40657 2018-06-11 11:02:54 +02:00
Maximilian Bosch aa46b1ec0e nixos/autosuggestions: add module (#41397)
The `zsh-autosuggestions` package provides several configuration options
such as a different highlight style (like `fg=cyan` which is easier to
read).

With `rename.nix` the old `programs.zsh.enableAutosuggestions` is still
functional, but yields the following warning like this during evaluation:

```
trace: warning: The option `programs.zsh.enableAutosuggestions' defined in `<unknown-file>' has been renamed to `programs.zsh.autosuggestions.enable'.
```

The module provides the most common `zsh-autosuggestions` (highlight
style and strategy) as options that will be written into the interactive
shell init (`/etc/zshrc` by default). Further configuration options can
be declared using the `extraConfig` attr set:

```
{
  programs.zsh.autosuggestions.extraConfig = {
    "ZSH_AUTOSUGGEST_BUFFER_MAX_SIZE" = "buffer_size";
  };
}
```

A full list of available configuration options for `zsh-autosuggestions`
can be viewed here: https://github.com/zsh-users/zsh-autosuggestions/blob/v0.4.3/README.md
2018-06-10 23:08:50 +02:00
Tristan Helmich 1daa77160e tomcat service: fix webapps default option (#40657)
The old package tomcat.webapps does not exist
2018-06-10 20:10:01 +02:00
volth d4daddad75 nixos/nat: optional networking.nat.externalInterface (#41758) 2018-06-10 18:29:32 +02:00
Matthew Justin Bauer 7996889cf0
Merge branch 'master' into nixos-evaluate 2018-06-10 11:10:11 -04:00
Izorkin 9ef30fd56a sshd: change location of config file (#41744)
create symlink /etc/ssh/sshd_config
2018-06-10 01:39:06 +02:00
xeji 08197d032a
nixos/tests/gnome3: switch to lightdm (#41742) 2018-06-09 22:02:48 +02:00
Jörg Thalheim bf070df972
Merge pull request #41733 from Baughn/nix-sync
zfs: Fix "zfs-sync" for modern systemd
2018-06-09 08:29:26 +01:00
Andreas Rammhold 2b1915b9f6
Merge pull request #41731 from andir/memcached-test
nixos/memcached: added simple set/get test
2018-06-09 08:07:51 +02:00
Peter Hoeg 8219b4a7ab
Merge pull request #41057 from nyanloutre/duplicati/custom_options
nixos/duplicati: add port and datafolder options
2018-06-09 12:29:48 +08:00
Svein Ove Aas deb6c6e052 zfs: Fix "zfs-sync" for modern systemd 2018-06-09 01:17:04 +01:00
Andreas Rammhold 1305752ba0
nixos/memcached: added simple set/get test
The test ensures that the services comes up and accepts/provides values.
2018-06-09 02:11:15 +02:00
markuskowa 96af022af5 nixos/munge: run munge as user munge instead of root. (#41509)
* Added a note in release notes (incompatibilities)
* Adapt slurm test
* Change user to munge in service.munge
2018-06-09 00:50:28 +02:00
volth 2874e56c05 nixos/sslh: add transparent proxying support (#41412)
[x] Support transparent proxying. This means services behind sslh (Apache, sshd and so on) will see the external IP and ports as if the external world connected directly to them.
 [x] Run sslh daemon as unprivileged user instead of root (it is not only for security, transparent proxying requires it)
 [x] Removed pidFile support (it is not compatible with running sslh daemon as unprivileged user)
 [x] listenAddress default changed from "config.networking.hostName" (which resolves to meaningless "127.0.0.1" as with current /etc/hosts production) to "0.0.0.0" (all addresses)
2018-06-09 00:38:51 +02:00
nyanloutre 20f6c5c865
nixos/duplicati: add port and interface options 2018-06-09 00:34:13 +02:00
Andreas Rammhold 0decee48f5
Merge pull request #41466 from andir/haproxy-1.8.9
Haproxy 1.8.9
2018-06-08 23:41:05 +02:00
Andreas Rammhold e179003026
nixos/tests; add haproxy 2018-06-08 22:31:47 +02:00
xeji 951d3cc4b9
Merge pull request #41375 from phryneas/mosh-with-libutempter
nixos/programs.mosh: refactor
2018-06-08 21:56:15 +02:00
Lenz Weber 7c34c28cfa nixos/programs.mosh: refactor
Adds programs.mosh.withUtempter (default: true).
The option enables -with-utempter for mosh, allowing it to write to
/var/run/utmp and thus making connected sessions appear in the output
of `who -a`.

For that, a guid-wrapper is required. Also, the path to the `utempter` was
hardcoded in the resulting binary until now (so it could never been found),
thus, libutempter was patched accordingly to point to
/run/wrappers/bin/utempter which at least works when the wrapper is
configured.
2018-06-08 20:57:16 +02:00
Jörg Thalheim 53af41d301
Merge pull request #41652 from hamishmack/patch-4
minio: Output server logs & startup in json format
2018-06-08 16:20:04 +01:00
Matthieu Coudron eb7e0d42db doc: Explain how to hack on kernel
Presents the options available (linuxManualConfig versus overriding
extraConfig, ignoreConfigErrors, autoModules, kernelPreferBuiltin.

For advanced hostPlatform customization refer to the commands shared by ericson1234 at
https://github.com/NixOS/nixpkgs/pull/33813 but it is too advanced to
put in the doc.
2018-06-08 10:36:21 +03:00
Hamish Mackenzie 0e5c971af8
minio: Output server logs & startup in json format
Currently minio logs with enhanced tty data and journalctl does not include anything useful as a result:

```
Jun 08 11:03:28 alpha minio[17813]: [78B blob data]
Jun 08 11:03:28 alpha minio[17813]: [49B blob data]
Jun 08 11:03:28 alpha minio[17813]: [19B blob data]
Jun 08 11:03:28 alpha minio[17813]: [88B blob data]
Jun 08 11:03:28 alpha minio[17813]: [45B blob data]
Jun 08 11:03:28 alpha minio[17813]: [44B blob data]
Jun 08 11:03:28 alpha minio[17813]: [57B blob data]
```

Indicating that it detected some binary output.  With the `--json` flag it logs:

```
Jun 08 11:14:58 alpha minio[18573]: {"level":"FATAL","time":"2018-06-07T23:14:58.770637778Z","error":{"message":"--address input is invalid: address 127.0.0.1: missing port in address","source":["/build/go/src/github.com/minio/minio/cmd/server-main.go:121:cmd.serverHandleCmdArgs()"]}}
```
2018-06-08 11:22:00 +12:00
Brandon Elam Barker f098e60ecf nixos/sandbox: improve documentation.
This was put together based on feedback from LnL on IRC.
2018-06-07 21:43:52 +01:00
Michael Raitza e598fdf229 dbus: Add NSS modules path to dbus system bus service
DBus seems to resolve user IDs directly via glibc, circumventing nscd. In more
 advanced setups this leads to user's coming from LDAP or SSSD not being
 resolved by the dbus system bus daemon. The effect for such users is, that all
 access to the system bus (e.g. busctl or nmcli) is denied.

 Adding the respective NSS modules to the service's environment solves the issue
 the same way it does for nscd.
2018-06-07 16:44:04 +02:00
Joachim Fasting 2be28b1df5
Revert "Merge pull request #38263 from lopsided98/grub-initrd-secrets"
This reverts commit c06d7950f1, reversing
changes made to 4c25fbe338.

See https://github.com/NixOS/nixpkgs/issues/41608
2018-06-07 14:24:59 +02:00
Mathijs Kwik c4fd2b7318 nixos/docker-registry: allow running on ports < 1024 2018-06-06 22:26:26 +02:00
Joachim F c06d7950f1
Merge pull request #38263 from lopsided98/grub-initrd-secrets
grub: support initrd secrets
2018-06-06 19:05:54 +00:00
Uli Baum 4c25fbe338 nixos/release-combined: remove keymap tests from tested job
Temporary fix for #41538; non-deterministic failures
blocked the release channel.
2018-06-06 21:02:55 +02:00
Daiderd Jordan 4e0de0c587
Merge pull request #40729 from nlewo/pr-hydra-test
nixos/tests/hydra: build a trivial derivation
2018-06-06 20:13:30 +02:00
Antoine Eiche 891650bd44 nixos/tests/hydra: add it in nixos/release.nix 2018-06-06 18:00:41 +02:00
Antoine Eiche 47fc27b456 nixos/tests/hydra: build a trivial derivation
A script is used to create a project, and configure a jobset. This
jobset fetches a local file containing a trivial Nix expression. The
test script makes sure this derivation has been successfully built by
Hydra.
2018-06-06 18:00:41 +02:00
vicgc ee4bb9454e Fixed nilfs2 fsck error at boot because its not needed bu the nilfs2 filesystem 2018-06-06 00:24:04 +02:00
xeji c958516cb3
Merge pull request #41342 from samueldr/fix/doc/formatting-oopsies
Fixes doc auto-formatting oopsies
2018-06-05 23:50:44 +02:00
Graham Christensen 5467f0ed7a
Merge pull request #41486 from grahamc/support-null-font
grub: Support when boot.loader.grub.font is null
2018-06-05 13:29:28 -04:00
Graham Christensen ab889c14b5
install-grub: only try to loadfont if font is not null 2018-06-05 13:11:33 -04:00
Graham Christensen 52de38f5f4
grub-config.xml: handle a null font 2018-06-05 13:11:26 -04:00
Eelco Dolstra 70faa56775
Merge pull request #41446 from aszlig/make-serviceconfig-overridable
nixos/systemd: Allow to override serviceConfig
2018-06-05 17:35:28 +02:00
Matthieu Coudron 358296c05a owamp: adding module
You can retrieve the one way latency between your client and the remote
host via owping.
2018-06-05 22:15:28 +09:00
Mathijs Kwik 5f1ad29340 nixos/docker-registry: allow nested config options
for example:

services.dockerRegistry = {
    enable = true;
    extraConfig = {
        http = {
            host = "https://${config.networking.hostName}:5000";

            tls = {
                certificate = "${registry-tls}/snakeoil.pem";
                key = "${registry-tls}/snakeoil.key";
            };
        };
    };
};
2018-06-05 11:26:02 +02:00
aszlig 0e7c945e15
nixos/systemd: Allow to override serviceConfig
This has been reported by @qknight in his Stack Overflow question:

https://stackoverflow.com/q/50678639

The correct way to override a single value would be to use something
like this:

systemd.services.nagios.serviceConfig.Restart = lib.mkForce "no";

However, this doesn't work because the check is applied for the attrsOf
type and thus the attribute values might still contain the attribute set
created by mkOverride.

The unitOption type however did already account for this, but at this
stage it's already too late.

So now the actual value is unpacked while checking the values of the
attribute set, which should allow us to override values in
serviceConfig.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @edolstra, @qknight
2018-06-04 15:34:21 +02:00
Janne Heß 31714e44b7 nixos/tt-rss: Support plugins and themes
The extra config is required to configure some plugins.
2018-06-04 14:14:57 +02:00
Rob Vermaas 19332e4d52
Merge pull request #41311 from AmineChikhaoui/fix-gce-fetch-ssh
GCE image: properly remove the temporary ssh host keys files/directory
2018-06-04 11:38:07 +02:00
AmineChikhaoui 1398d0c312
avoid redundant rm calls 2018-06-04 10:23:40 +01:00
Thomas Kerber 61f5b9d6c4 nixos/gitea: Respect gitea-dump enable option. (#41437) 2018-06-04 08:41:20 +02:00
Geoffrey Huntley ca0e52edc3 kubernetes: corrected spelling mistake in docs (#41439) 2018-06-04 05:45:25 +00:00
Janne Heß b3e7923b94 nixos/exim: Add unit restart trigger (#41418) 2018-06-03 21:22:55 +02:00
Vladimír Čunát 448d7d648d
Merge branch 'staging'
It's only half-rebuilt on Hydra, but it brings a security fix.
2018-06-03 13:52:13 +02:00
Robert Helgesson 323c2a1c6b
mpd: fix spelling in description 2018-06-03 09:55:26 +02:00
Matt McHenry c61aad6574 restic: add s3CredentialsFile option 2018-06-02 14:12:23 -04:00
Joachim F c30bd1c131
Merge pull request #41377 from markuskowa/slurm-ext-pr
nixos/slurm: Improve slurm configuration options and features.
2018-06-02 12:17:02 +00:00
Markus Kowalewski d7412d0b16
nixos/slurm: remove propagatedBuidInputs from slurmWrapped
propagatedBuildInputs = [ cfg.package etcSlurm ]; had no effect
2018-06-02 14:01:24 +02:00
Joachim F ae512f2d8e
Merge pull request #34886 from leenaars/mortyproxy
morty: init -> 0.2.0
2018-06-02 10:26:09 +00:00
Matthew Justin Bauer bc7ea93a47
Merge pull request #40028 from WilliButz/add-dnsmasq-exporter
prometheus-dnsmasq-exporter: init at 2018-05-05, add module
2018-06-01 23:18:49 -04:00
Matthew Justin Bauer e4746bdf15
Merge pull request #40037 from alunduil/fix-fcrontab-setuid
nixos/modules/services/scheduling/fcron: add setuid to fcrontab
2018-06-01 23:18:21 -04:00
Matthew Justin Bauer 20ca7af00f
Merge pull request #40171 from teto/ntp
[RDY] openntpd: make -s flag work
2018-06-01 23:16:20 -04:00
Matthew Justin Bauer 0135f04d77
Merge pull request #40242 from gnidorah/gvt
linux: enable support for iGVT-g VGPU
2018-06-01 23:14:35 -04:00
Matthew Justin Bauer 76d0d7ceb5
Merge pull request #40692 from Izorkin/sshd
sshd: add custom options
2018-06-01 23:08:28 -04:00
Markus Kowalewski c8faa482fa
nixos/slurm: update test, add test for enableStools
* Add pure submit host to test 'enableStools'
* Disable client.enable on control machine
2018-06-02 00:19:03 +02:00
Markus Kowalewski 8026127e47
slurm: add freeipmi, readline, libssh2, fix hwloc
* add freeipmi to get power meter readings
* readline support for scontrol
* libssh2 support for X11 supporta
* Add note to enableSrunX11 in module
* fix hwloc support (was detected by configure)
2018-06-02 00:18:29 +02:00
Markus Kowalewski b7e91f096a
nixos/slurm: Add man pages to wrapedSlurm
The nixos module adds a new derivation to
systemPackages to make sure that the binaries
get the generated config file. This derivation
did not contain the man pages so far.
Activating the module now makes the man pages
available in the system environment.
2018-06-02 00:18:28 +02:00
Markus Kowalewski 995d2ec928
nixos/slurm: Extend configuration options
* Updated SrunX11 option
* Added extraPlugstackConfig parameter
* Added option enableStools
* Add cgroup.conf to module
* Fix some typos
2018-06-02 00:17:59 +02:00
xeji b17b44232f
nixos/tests/iftop: fix non-deterministic failure (#41309)
- make sure machines are fully booted before sending commands
- test that capability setting in iftop module makes a difference
2018-06-01 22:27:51 +02:00
Andreas Rammhold bc069622dd
Merge pull request #41367 from andir/nixos-mpd-dbFile-null
nixos/mpd: allow services.mpd.dbFile to be null
2018-06-01 19:39:17 +02:00
Andreas Rammhold a0797bad2c
nixos/mpd: allow services.mpd.dbFile to be null
This change allows users to specify an alternative database method. For
example an mpd satellite setup where another mpd on the network shares
it's database with the local instance. The `dbFile` parameter must not be
configured in that case.
2018-06-01 19:17:15 +02:00
Tuomas Tynkkynen e864247f08 Merge branch 'plat-fix-for-merge-2' into master 2018-06-01 20:08:08 +03:00
Tuomas Tynkkynen f49906d80c nixos/sd-image-raspberrypi: Support Raspberry Pi Zero 2018-06-01 13:48:55 +03:00
aszlig 0385d69f87
tests/containers-imperative: Include stdenvNoCC
While building the container there are a few occasions where stdenvNoCC
is used underneath. During the last staging merge, some change now tries
to build texinfo during the test while building stdenvNoCC.

With this change, I'm adding stdenvNoCC to the closure to make sure that
even when we have future stdenv changes, it doesn't break (well, except
if we do have another variation like stdenvNoCC that overrides stdenv).

I haven't bisected the exact change, but I'd suspect that it could be
one of the commits in #39457.

This fixes the test and it no longer fails with the following error:

error: unable to download 'http://ftpmirror.gnu.org/texinfo/texinfo-6.5.tar.xz': Couldn't resolve host name (6)
builder for '/nix/store/r7sf1wjbnimwgnv276jh59nfnzw40x30-texinfo-6.5.tar.xz.drv' failed with exit code 1
cannot build derivation '/nix/store/5w1pv788ayi1wahyy76i90yqv96ai4h5-texinfo-6.5.drv': 1 dependencies couldn't be built
cannot build derivation '/nix/store/cnsfkf0j5xmm14zzm5a3a66pz66gbc82-stdenv-linux.drv': 1 dependencies couldn't be built
cannot build derivation '/nix/store/11kkhk57ic8kfd7g197sqwgd0pzqfjhl-nixos-system-foo-0-18.09pre-git.drv': 1 dependencies couldn't be built
error: build of '/nix/store/11kkhk57ic8kfd7g197sqwgd0pzqfjhl-nixos-system-foo-0-18.09pre-git.drv' failed
/run/current-system/sw/bin/nixos-container: failed to build initial container configuration

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @aristidb, @edolstra, @chaoflow, @kampfschlaefer
2018-06-01 08:20:20 +02:00
Samuel Dionne-Riel 15fa70cd78 nixos/doc+man: Fixes squishedtogether definitions. 2018-05-31 21:07:15 -04:00
Samuel Dionne-Riel 88ca2b1ec4 nixos/doc: ran make format
With visual inspection that nothing got worse.
2018-05-31 21:03:51 -04:00
Samuel Dionne-Riel bc0421c4cf doc: Adds xml fixing script. (see previous and next commits)
This script is used to automatically fix issues within xml documentation
files.

The script is *for now* intended to be used ad-hoc, and the commits to
be examined.

A future discussion will define whether:

  * This commit and scripts are kept.
  * The script is extended for common use.

The biggest issue right now with the script is that it *could* in theory
destroy a valid space-less varlistentry.

The script could, in practical use, be changed and extended to normalize
some parts of the XML files, mainly:

  * A common quoting style for attributes
  * Fix-up some weird formatting automatically that xmlformat doesn't
    catch
2018-05-31 21:02:15 -04:00
Samuel Dionne-Riel aa59151c21 doc: Adds rule to xmlformat to help keep spacing right.
The other definitions broke term, cmdsynopsis and arg tags; spaces
inside were removed, making workdsrun-ininstead of keeping them spaced.
2018-05-31 21:02:15 -04:00
Jan Tojnar 86c4a640b4
Revert "nixos: disable gdk-pixbuf test"
This reverts commit 218ada1ba7.
2018-06-01 00:17:38 +02:00
coretemp 2d3db84ddb dnscrypt-proxy: make man 8 dnscrypt-proxy work (#41039) 2018-05-31 23:15:19 +02:00
Matthew Bauer 05eb57b35d Revert "nixpkgs module: Fix defaulting of localSystem and system"
This reverts commit 4fe2898608.

This gives a recursion in certain nixpkgs configs.
2018-05-31 15:55:36 -04:00
Matthew Bauer 218ada1ba7 nixos: disable gdk-pixbuf test
The test currently relies on installedTests output which was reverted
in 85ae7137ac.

See
85ae7137ac
for discussion.
2018-05-31 14:01:05 -04:00
Matthew Bauer 2f68e86ce6 zsh: only do promptInit when TERM!=dumb
This allows tramp to be used correctly when default shell is zsh.
2018-05-31 12:34:16 -04:00
Matthew Bauer 753c63dbc1 qemu-flags: default to qemu-kvm
this is the "generic" version & should work everywhere.

also add darwin case
2018-05-31 12:34:15 -04:00
Matthew Justin Bauer e754f60fd9
Merge pull request #40708 from obsidiansystems/nixos-nixpkgs-defaults
nixpkgs module: Fix defaulting of `localSystem` and `system`
2018-05-31 11:03:04 -04:00
Joachim F 83e3480686
Merge pull request #41218 from Gerschtli/fix/gitea-pre-start
nixos/gitea: fix pre start script
2018-05-31 13:43:27 +00:00
AmineChikhaoui 95c05343ce
revert 4a86f8c9ab and properly remove
the temporary ssh host keys file/directory.
2018-05-31 12:49:15 +01:00
Eelco Dolstra 47b85dc5ab
nix: 2.0.3 -> 2.0.4 2018-05-31 11:31:04 +02:00
Rob Vermaas a8ed1fc4ed Update GCE image for 18.03
(cherry picked from commit 8aa385069f)
2018-05-30 19:36:39 +02:00
Michiel Leenaars e9ff80d24a morty: init as service 2018-05-30 18:13:53 +02:00
Eelco Dolstra 0eea0209cf
nix: 2.0.2 -> 2.0.3 2018-05-30 11:47:09 +02:00
Peter Hoeg 159c1576c8
Merge pull request #40579 from peterhoeg/m/sddm
sddm: add support for hidpi mode
2018-05-30 16:23:07 +08:00
aszlig 94bc38e6c1
nixos/bind: Allow to set extra options
BIND doesn't allow the options section (or any section I'd guess) to be
defined more than once, so whenever you want to set an additional option
you're stuck using weird hacks like this:

services.bind.forwarders = lib.mkForce [ "}; empty-zones-enable no; #" ];

This basically exploits the fact that values coming from the module
options aren't escaped and thus works in a similar vain to how SQL
injection works.

Another option would be to just set configFile to a file that includes
all the options, including zones. That obviously makes the configuration
way less extensible and more awkward to use with the module system.

To make sure this change does work correctly I added a small test just
for that. The test could use some improvements, but better to have a
test rather than none at all. For a future improvement the test could be
merged with the NSD test, because both use the same zone file format.

This change has been reviewed in #40053 and after not getting any
opposition, I'm hereby adding this to master.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @peti, @edolstra
Closes: #40053
2018-05-30 05:07:39 +02:00
Daiderd Jordan c4e9ebc248
Merge pull request #38791 from LnL7/nixos-profile-variables
nixos: remove PKG_CONFIG_PATH/PERL5LIB environment variables
2018-05-30 00:23:34 +02:00
Tobias Happ 28c20a4731 nixos/gitea: fix pre start script
The hooks directory contains now one level deep subdirectories which
need to be updated as well.
If you use gitea via ssh, ~/.ssh/authorized_keys also needs to be
updated because of the hardcoded path to gitea in the "command" option.
2018-05-29 19:53:12 +02:00
gnidorah a3e239ac62 nixos/kvmgt: init 2018-05-29 19:29:23 +03:00
Nathaniel McCallum 29f75982a6 nixos.modules.tasks.swraid: add raid10 module to initrd 2018-05-28 23:49:35 +03:00
Geoffrey Huntley f607f01b70 fix: connect the --bind-address arg to the cfg.apiserver.address option 2018-05-28 18:07:06 +02:00
Jörg Thalheim 06fe322187
Merge pull request #39482 from Chiiruno/init/meguca
meguca: init at 2018-05-17
2018-05-27 23:06:53 +01:00
Tuomas Tynkkynen 2760b24462 Merge remote-tracking branch 'upstream/master' into staging 2018-05-26 19:01:18 +03:00
Okina Matara e2f1a05756 meguca: git-2018-05-17 -> git-2018-05-20 2018-05-26 07:03:49 -05:00
Okina Matara 14a26f0153 meguca: init at git-2018-05-17 2018-05-26 07:03:49 -05:00
Michishige Kaito 170223fe64 Handle attributes being derivations 2018-05-26 12:05:04 +01:00
Sarah Brofeldt 2052c1687e
Merge pull request #41073 from johanot/kube-1.10
kubernetes: 1.9.7 -> 1.10.3
2018-05-26 11:35:37 +02:00
Johan Thomsen df54c25f5a Kubernetes:
- Added information regarding breaking changes to release note for 18.09
- Changed golang version comment in kubernetes package
- Added @johanot to maintainers list
2018-05-26 11:19:12 +02:00
Peter Hoeg 30c3487e04 ids: assing openvpn 2018-05-26 11:11:48 +08:00
Jan Malakhovski ad35019501 Merge branch 'master' into staging
Fixed conflicts:
- lib/systems/for-meta.nix: in favor of staging
- pkgs/os-specific/darwin/xcode/default.nix: in favor of master
2018-05-26 00:20:17 +00:00
Alberto Berti 0c841f98d0 Kubernetes tests: increase the size of the VM from 700MB to 1.5GB
VMs were starving, many of the daemons were unable to complete their
tasks resulting in tests failures.

Turned off verbose output from k8s components as it consumes even more resources, and useful error messages actually drown in debug-clutter
2018-05-25 11:10:15 +02:00
Alberto Berti 29fd05f3f5 Kuberetes Dashboard addon 1.8.2 -> 1.8.3
As shipped with k8s 1.10.3.

Also:
- updated the definition jsons as they are distributed in k8s.
- updated the image uris as they are renamed in k8s
- added imageDigest param as per 736848723e
2018-05-25 11:10:02 +02:00
Alberto Berti 55fa98dd76 Kuberbetes DNS addon 1.14.4 -> 1.14.10
As shipped with k8s 1.10.3.

Also:
- updated the definition jsons as they are distributed in k8s.
- updated the image uris as they are renamed in k8s
- added imageDigest param as per 736848723e
2018-05-25 10:59:10 +02:00
Charles Strahan 996849ab86 kubernetes: update to 1.10 2018-05-25 10:50:36 +02:00
Tuomas Tynkkynen 696c6bed4e w3m: Add a variant without graphics support and use for NixOS manual
This gets rid of various graphics libraries from the minimal installer.
2018-05-25 01:55:51 +03:00
Tuomas Tynkkynen 91117f0d1d nixos/installer: Drop dmraid
This seems some obsolete software RAID configuration program that hasn't
been updated since 2010.
2018-05-25 01:55:51 +03:00
Daniel Frank c42cb40291 nixos/systemd-timesyncd: use the correct server list (#40919) 2018-05-24 22:44:04 +00:00
Uli Baum 7ba417aeca nixos/slurm: fix xml tag mismatch in manual
build of nixos manual broke because of mismatched xml tags
in an option description introduced in #41016.
2018-05-24 22:56:57 +02:00
lewo 2e98e0c003
Merge pull request #40947 from samueldr/fix/34779
dockerTools: fixes extraCommands for mkRootLayer.
2018-05-24 21:22:31 +02:00
lewo 4ccb13adb6
Merge pull request #40665 from seppeljordan/fix-kubernetes-modules
nixos/kubernetes: Update kube-dns and kube-dashbashboard docker image…
2018-05-24 20:31:35 +02:00