3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

7300 commits

Author SHA1 Message Date
lewo 3a377e26b2 nixos/nova-image: cleanup image builders (#29242)
There are currently two ways to build Openstack image. This just picks
best of both, to keep only one!

- Image is resizable
- Cloudinit is enable
- Password authentication is disable by default
- Use the same layer than other image builders (ec2, gce...)
2017-09-11 17:33:33 +01:00
timor ae87a30a83 physlock: 0.5 -> 11-dev
Update physlock to a more current version which supports PAM and
systemd-logind.  Amongst others, this should work now with the slim
login manager without any additional configuration, because it does
not rely on the utmp mechanism anymore.
2017-09-10 22:43:05 +02:00
Ryan Mulligan 9c786d82f2 matterbridge, modules/matterbridge: init at 1.1.0 2017-09-10 08:57:28 -07:00
Jörg Thalheim 7641d0e335 Merge pull request #29171 from vaibhavsagar/znc-open-firewall
znc: open firewall with configured port
2017-09-10 14:34:29 +01:00
Vaibhav Sagar c7dd5e146b znc: add openFirewall configuration option 2017-09-10 18:41:39 +08:00
Frederik Rietdijk dab3272f47 Merge remote-tracking branch 'upstream/master' into HEAD 2017-09-10 08:56:39 +02:00
Vaibhav Sagar 83d89e9b22 znc: open firewall with configured port
The configuration doesn't currently open the configured port, which is
less convenient than opening it.
2017-09-10 11:30:46 +08:00
Vaibhav Sagar 405050b2cb znc: fix network example configuration
s/ssl/useSSL/
2017-09-10 11:25:29 +08:00
Ruben Maher 4ff9e9e333 nixos/transmission: make it possible to use a different home directory (#29138) 2017-09-09 20:19:35 +00:00
Joachim Fasting 8aa0618cf0
nixos/hardened: blacklist a few obscure net protocols 2017-09-09 17:37:17 +02:00
Joachim Fasting 2bce0b13e7
nixos/hardened: set mmap_min_addr
This is set in the hardened linux config as well but sysctl is more
flexible & works with any boot.kernelPackages
2017-09-09 17:37:15 +02:00
Joachim F b5163bc937 Merge pull request #29071 from nh2/glusterfs-glusterfind-dirs
glusterfs service: Ensure dirs needed by `glusterfind` exist
2017-09-09 13:07:39 +00:00
Pascal Bach 2ed89eddf3 squid service: intial service based on default config 2017-09-09 12:44:46 +02:00
geistesk 2316f16ac0 nixos/fireqos: add service 2017-09-09 00:29:46 +02:00
Frederik Rietdijk febd5e323d Merge remote-tracking branch 'upstream/master' into HEAD 2017-09-08 20:48:14 +02:00
Michael Alan Dorman cd283e9234 mfi: Remove remaining reference to mfi.nix
This file was removed in 6f0b538044, but sufficient care was not taken
to remove all references to it.  Without this change, trying to
rebuild nixos fails.
2017-09-08 14:33:45 +02:00
Bjørn Forsman eed14baec3 nixos/postfix: undo deprecation of extraConfig, extraMasterConf
I realize that advanced users like to configure services with Nix
attrsets, but I don't think we should remove the option to use the
(configuration) language provided by upstream.
2017-09-07 21:41:29 +02:00
Jörg Thalheim 6f0b538044 nixos/mfi: remove 2017-09-07 10:24:03 +01:00
Niklas Hambüchen 5bc38fc089 glusterfs service: Ensure dirs needed by glusterfind exist 2017-09-07 10:38:52 +02:00
Frederik Rietdijk d38ee5b46c Merge remote-tracking branch 'upstream/master' into HEAD 2017-09-07 09:29:44 +02:00
Tim Steinbach a54b2e3ba2 Merge pull request #29002 from NeQuissimus/docker_edge_module_test
docker: Package in module, tests
2017-09-06 15:03:56 -04:00
Frederik Rietdijk 9e27b88141 Merge remote-tracking branch 'upstream/master' into HEAD 2017-09-06 20:17:53 +02:00
makefu ca54a86162
dnscrypt-wrapper module: fix permissions and options
When keys get refreshed a folder with the permissions of the root user
get created in the home directory of the user dnscrypt-wrapper. This
prevents the service from restarting.

In addition to that the parameters of dnscrypt-wrapper have
changed in upstream and in the newly packaged software.
2017-09-06 15:27:05 +02:00
Franz Pletz bbeeee220a
Merge remote-tracking branch 'origin/master' into staging 2017-09-05 20:14:08 +02:00
Franz Pletz 1bed4773f5
postgresql92: remove last references 2017-09-05 18:20:56 +02:00
pbogdan 94a4183bda nixos/fontconfig: fix substitutions option (#28895) 2017-09-05 16:20:42 +00:00
Frederik Rietdijk d7ef196c26 Merge remote-tracking branch 'upstream/master' into HEAD 2017-09-05 10:11:06 +02:00
Tim Steinbach 2bb57ef776
docker: Allow package selection in module 2017-09-04 19:02:05 -04:00
Michele Catalano 4ea1d49643 nexus: Add module for nexus.
Add also myself as maintainer
Add simple test of the nexus service
2017-09-04 22:32:02 +02:00
Orivej Desh 7803d69b78 nixos: update glibc locales link 2017-09-03 18:00:35 +00:00
John Ericson 241ced7dab nixos/hardware/raid/hpsa: Use NIX_BINUTILS
NIX_CC no longer includes nix-support/dynamic-linker
2017-09-03 11:39:16 -04:00
Jaka Hudoklin 4521225d22 nixos/xpra: allow to set extra options (#28934) 2017-09-03 16:30:08 +01:00
Jörg Thalheim 4391330033 Merge pull request #28893 from jtojnar/gpaste-service
gnome3.gpaste: Add GPaste service
2017-09-03 16:27:30 +01:00
Franz Pletz 2f48144d0e
gitlab: 9.4.5 -> 9.5.2 2017-09-03 15:50:52 +02:00
Robin Gloster 97a2cd0748
nginx: module fix example
Closes #28926
2017-09-03 14:05:32 +02:00
The Admin cdb0038052 logkeys module: init 2017-09-03 12:52:57 +02:00
Robin Gloster eedffc5277
gitlab module: fix permissions and path 2017-09-02 23:31:26 +02:00
Robin Gloster aaff3fa5f3
gitlab module: fix postgres superUser
(cherry picked from commit edd8265c36)
2017-09-02 23:30:53 +02:00
Robin Gloster 45605db3e0
gitlab: fix postgres calls 2017-09-02 23:30:49 +02:00
Robin Gloster 0156db2da5
Merge remote-tracking branch 'upstream/master' into HEAD 2017-09-02 23:29:04 +02:00
Philipp Steinpass d784b83005 nixos/hydra postgresql: Fix #27314 and add test case 2017-09-02 23:07:42 +02:00
Graham Christensen 8d8b5f57eb Merge pull request #28903 from grahamc/systemd-boot-nixos-version
Include date and NixOS version in systemd-boot entries
2017-09-02 15:43:20 -04:00
Joachim Fasting bb036a327c
nixos/chromium-suid-sandbox: remove reference to grsecurity 2017-09-02 20:35:28 +02:00
Joachim Fasting 268eb4adb7
nixos: purge remaining grsecurity bits
:(

Fixes https://github.com/NixOS/nixpkgs/issues/28859
2017-09-02 20:35:24 +02:00
Graham Christensen 62652be111
Include date and NixOS version in systemd-boot entries
Grub configs include the NixOS version and date they were built, now
systemd can have fun too:

    version Generation 99 NixOS 17.03.1700.51a83266d1, Linux Kernel 4.9.43, Built on 2017-08-30
    version Generation 100 NixOS 17.03.1700.51a83266d1, Linux Kernel 4.9.43, Built on 2017-08-30
    version Generation 101 NixOS 17.03.1700.51a83266d1, Linux Kernel 4.9.43, Built on 2017-08-31
    version Generation 102 NixOS 17.03.1700.51a83266d1, Linux Kernel 4.9.43, Built on 2017-09-01
    version Generation 103 NixOS 17.03.1700.51a83266d1, Linux Kernel 4.9.43, Built on 2017-09-02
    version Generation 104 NixOS 17.09beta41.1b8c7786ee, Linux Kernel 4.9.46, Built on 2017-09-02
    version Generation 105 NixOS 17.09.git.1b8c778, Linux Kernel 4.9.46, Built on 2017-09-02
2017-09-02 14:28:34 -04:00
aszlig 880a0409e8
nixos/deluge: Fix last wrong package attribute
I missed this in 799435b7ca.

This time I used "git grep -F pythonPackages.deluge" just to be sure :-)

Thanks a lot to @roconnor for spotting this.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Reported-by: @roconnor
2017-09-02 19:44:14 +02:00
Jan Tojnar 6ca6ea9e23
nixos/gnome3.gpaste: add service 2017-09-02 17:43:01 +02:00
Frederik Rietdijk c2e23a4948 Merge pull request #28871 from romildo/mate
mate desktop: some improvements
2017-09-02 13:21:40 +02:00
Jörg Thalheim 7b20952c04 Merge pull request #28726 from vyp/interception-tools
interception-tools: init at 0.1.1
2017-09-02 08:24:57 +01:00
xd1le e0b44a09b8 interception-tools: init at 0.1.1
The latest release of libyamlcpp in nixpkgs does not build because it
uses an older version of boost than the one in nixpkgs and therefore
expects a particular header file which does not exist in the latest
boost anymore. For this reason, a later (git) version of libyamlcpp is
used here (which actually doesn't even require boost).

The substituteInPlace in the prePatch phase is needed because libevdev
places its headers in non-standard places, meaning Nix cannot normally
find them. The `cut` command removes the first two "-I" characters from
the output of `pkg-config`. This needs to be in the prePatch phase
because otherwise Nix will patch these lines to `/var/empty`, meaning
you would have less specific replacement (in case other lines are also
patched to `/var/empty`).

I wrote the patch. (I believe it is NixOS specific.)
2017-09-02 16:17:53 +10:00
Ryan Mulligan 8585898909 nixos/mattermost: fix create role
postgresql create role no longer supports NOCREATEUSER option. See
https://www.postgresql.org/docs/9.6/static/release-9-6.html for
details.
2017-09-01 14:24:44 -07:00
romildo c4dd81b81d mate: remove icon cache 2017-09-01 17:27:24 -03:00
aszlig 799435b7ca
nixos/deluge: Fix deluge package attribute
Regression introduced by fa5e343242.

The deluge package no longer resides in pythonPackages but now is a
top-level package.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @grantwwu, @fpletz
2017-09-01 18:07:12 +02:00
Jan Tojnar 137db3efb5
gnome3.at-spi2-core: fix service not found error
The service was not registered as a systemd service resulting in errors
in the system journal every time a GNOME application was launched.

See: #16327
2017-09-01 17:22:18 +02:00
Florian Jacob 786e9711f5 nixos/piwik: fix nginx submodule's ssl defaults
previous mkDefault did not work as expected,
as it did not overwrite the original submodule's defaults when the user
did not specify any custom options at all.
2017-09-01 08:13:34 +02:00
Jörg Thalheim d0e4aef32a Merge pull request #28781 from romildo/mate
mate: add the MATE desktop environment
2017-08-31 18:57:20 +01:00
romildo 56345c0ee4 mate: add icon themes 2017-08-31 13:30:44 -03:00
Gabriel Ebner 1dcfcefd35 Merge pull request #28783 from ryantm/calibre-server
nixos/calibre-server: fix ExecStart call
2017-08-31 14:36:59 +02:00
Graham Christensen 8a11b0d7df Merge pull request #28775 from grahamc/describe-stateVersion
Document the stateVersion more
2017-08-31 06:47:09 -04:00
davidak 8f389f3316 nixos/bcachefs: init module 2017-08-31 05:39:31 -05:00
Florian Jacob d22c1c0719 mysql service: Make initialDatabases.schema attribute optional 2017-08-31 11:32:25 +02:00
Eelco Dolstra 79954b9d1f
nix: 1.11.13 -> 1.11.14 2017-08-31 11:00:09 +02:00
Symphorien Gibol 90ef2183f7 grub module: assume /nix/store is a bind mount even if it is not read only
Fixes #14999
2017-08-31 10:56:34 +02:00
Ryan Mulligan 39a982dc3e nixos/calibre-server: fix ExecStart call
calibre-server changed the way you specify the library from using
--with-library to just allowing the directory to be specified. See
https://manual.calibre-ebook.com/generated/en/calibre-server.html for
details.
2017-08-30 21:14:45 -07:00
romildo dcebb0668b mate: add the MATE desktop environment 2017-08-31 00:16:51 -03:00
Graham Christensen 8efb46b609
configuration.nix: Document the stateVersion more 2017-08-30 21:41:35 -04:00
Graham Christensen 9d2777a5a5
Mark synaptics as deprecated 2017-08-30 20:32:45 -04:00
Graham Christensen 1b68193167
profiles/graphical.nix: enable libinput over synaptics 2017-08-30 20:25:11 -04:00
Graham Christensen af51aa79d2
installer: add a comment hinting about enabling libinput for touchpads 2017-08-30 20:24:36 -04:00
Franz Pletz 5d5be9706e
Impala makes packaging a life-long addiction
Take that recursive acronym, GNU!
2017-08-30 23:13:56 +02:00
Florian Jacob ae9d311565 nixos/piwik: adjust to addSSL and forceSSL now being mutually exclusive 2017-08-30 22:13:26 +02:00
Florian Jacob 0544ac4a1b nixos/piwik: Make webServerUser default to nginx
if the nginx option is used.
Noted that either webServerUser or nginx option is mandatory.
Also introduce an assertion if both are not set,
and a warning if both are set.
Resolves #27704.
2017-08-30 22:05:02 +02:00
Florian Jacob adb03f32a1 nixos/piwik: Remove part about mail problems
Sending mail works out of the box as of resolution of #26611.
2017-08-30 22:05:01 +02:00
Florian Jacob 746cc06f13 nixos/piwik: use nginx' virtualHost submodule
instead of redeclaring part of the options. Backward-compatible change.
This gives the same flexibility to the user as nginx itself.
This also resolves the piwik module break from nginx' enableSSL introduction from #27426.
2017-08-30 22:05:00 +02:00
Linus Heckemann 46e41da543 cron service: fix reliance on etc.timezone
This does not fully address the issue, as cron will not restart when
the timezone is changed imperatively as it presumably needs to.
2017-08-30 21:35:17 +02:00
Vladimír Čunát 6b95cf646c
Merge: fixups to staging merge
None are large rebuilds; most are on staging already.
2017-08-30 21:17:17 +02:00
Frederik Rietdijk 6d4bd78fad Merge commit '2858c41' into HEAD 2017-08-30 21:07:07 +02:00
Robin Gloster 7cd46a0594
nginx module: add proxyResolveWhileRunning option 2017-08-30 21:01:53 +02:00
Robin Gloster 4ffa9ddb30
nginx module: allow basic configuration of upstreams 2017-08-30 21:01:53 +02:00
Franz Pletz 759daba980
nginx module: first proxy_set_header takes precendence 2017-08-30 21:01:52 +02:00
Franz Pletz 65c2203ffc
nginx module: add option for proxying websocket requests 2017-08-30 21:01:52 +02:00
Franz Pletz 530282eebe
nginx module: fix applying recommended proxy headers
Previously, if proxy_set_header would be used in an extraConfig of
a location, the headers defined in the http block by
recommendedProxySettings would be cleared. As this is not the intended
behaviour, these settings are now included from a separate file if
needed.
2017-08-30 21:01:52 +02:00
Robin Gloster 0371f2b5cc
nginx module: clean up SSL/listen handling 2017-08-30 21:01:52 +02:00
Franz Pletz 05c9a95d0e Merge pull request #28378 from Ma27/fix-zshrc-eval-order
programs.zsh: move evlauation of `${zshAliases}` after `cfg.interactiveShellInit`
2017-08-30 19:58:49 +02:00
Franz Pletz b5a95f6289 Merge pull request #28741 from bachp/gitlab-runner-improve
Gitlab runner improve
2017-08-30 18:52:17 +02:00
Eric Litak 5050c56382 ipfs: adding mountDir options but disabling broken autoMount 2017-08-30 08:24:38 -07:00
Eric Litak 5554ea5583 ipfs: preStart configuration moved into daemon services 2017-08-30 08:17:34 -07:00
Eric Litak ba976021af ipfs: refactor; wrapper adjustment 2017-08-30 08:17:34 -07:00
Eric Litak 952424217b ipfs: optionally manage ulimit -n in serviceConfig 2017-08-30 08:17:34 -07:00
Eric Litak 5f9bad6ceb ipfs: add extraConfig option 2017-08-30 08:17:34 -07:00
Eric Litak a48a2c4f78 ipfs: add autoMount option 2017-08-30 08:17:34 -07:00
Silvan Mosberger 76dec4a4d2 znapzend service: add autoCreation option 2017-08-30 14:13:13 +02:00
Pascal Bach 233781410d gitlab-runner service: allow adding additional tools to PATH
This is similar to how it is implemented for the Jenkins service.

Bash and docker-machine are added by default as they are required in
many cases.
2017-08-30 13:58:47 +02:00
Pascal Bach 73c4a3f641 gitlab-runner service: honor proxy variables 2017-08-30 13:58:46 +02:00
Jörg Thalheim 5d4a54ca4d network-interfaces-scripted: don't add 'lo' as device dependency
systemd does not create device units for loopback devices,
since they are not physical.
2017-08-30 13:01:47 +02:00
Graham Christensen 128cdeffd0
compiz: drop 2017-08-30 06:59:20 -04:00
Daniel Peebles ec75a30b66 Merge pull request #28722 from copumpkin/filterSource-cleanup
Deduplicate some filterSource invocations
2017-08-29 21:19:28 -04:00
Symphorien Gibol bd54589233 networkmanager_iodine: init at 1.2.0 2017-08-30 02:58:29 +02:00
Dan Peebles e2589b3ca2 Deduplicate some filterSource invocations
This version should have more conventional regexes that work across many
platforms and regex engines. This is an issue because up until Nix 1.11,
Nix called out to the libc regex matcher, which behaved differently on
Darwin and Linux. And in Nix 1.12, we're moving to std::regex which will
also behave differently here.

And yes, I do actually evaluate make-disk-image.nix on Darwin ;)
2017-08-29 20:27:04 -04:00
Franz Pletz 7d1d019650 Merge pull request #27826 from Infinisil/radicale
radicale: update to version 2
2017-08-30 02:17:34 +02:00
Franz Pletz b91ed35325 Merge pull request #28660 from NeQuissimus/frandom_patch
frandom: Remove
2017-08-30 02:04:56 +02:00
Franz Pletz 3e18f32f68 Merge pull request #28465 from danbst/reloadable-containers
Reloadable containers
2017-08-30 02:01:46 +02:00
Tim Steinbach ae742fa495
frandom: Remove 2017-08-29 20:01:25 -04:00
Richard Yang 64994b3638 tasks/filesystems: Make sure /dev/pts/ptmx is 0666 (#28490)
This is required for running commands likes screen and tmux, especially inside containers.

See also : https://www.kernel.org/doc/Documentation/filesystems/devpts.txt
2017-08-30 01:50:29 +02:00
Pascal Bach 322d0c562c auto-upgrade: add proxy support
Add the proxy variables so that auto upgrade works behind a proxy.
2017-08-30 01:25:47 +02:00
Vladimír Čunát dc93744273
rogue: omit from the installation media
At least for now.  It would increase the ISO size by ~10 MB,
after the fixup in the parent commit.
2017-08-29 16:15:15 +02:00
Vladimír Čunát 2858c41823
Merge branch 'master' into staging
There were some conflicts in python modules, commented at #28314.
2017-08-29 10:51:54 +02:00
Michael Weiss ea23f8bb07 cups service: Automatically detect Gutenprint in drivers
Additional CUPS drivers can be added via "services.printing.drivers" but
Gutenprint was an exception. It was possible to add a Gutenprint
derivation to that list and it would work at first but unlike the other
drivers Gutenprint requires a script to be run after each update or any
attempt to print something would simply fail and an error would show up
in the jobs queue (http://localhost:631/jobs/):
"The PPD version (5.2.11) is not compatible with Gutenprint 5.2.13.
Please run
`/nix/store/7762kpyhfkcgmr3q81v1bbyy0bjhym80-gutenprint-5.2.13/sbin/cups-genppdupdate'
as administrator."
This is due to state in "/var/lib/cups/ppd" and one would need to run
"/nix/store/.../bin/cups-genppdupdate -p /var/lib/cups/ppd" manually.
The alternative was to enable the following option:
"services.printing.gutenprint" but this had two disadvantages:
1) It is an exception that one could be unaware of or that could
potentially cause some confusion.
2) One couldn't use a customized Gutenprint derivation in
"services.printing.drivers" but would instead have to overwrite
"pkgs.gutenprint".

This new approach simply detects a Gutenprint derivation in
"services.printing.gutenprint" by checking if the meta set of a
derivation contains "isGutenprint = true". Therefore no special
exception for Gutenprint would be required and it could easily be
applied to other drivers if they would require such a script to be run.
2017-08-29 05:25:12 +04:00
Franz Pletz 8e622d2689
phpfpm service: allow netlink sockets for sendmail
Fixes #26611.
2017-08-29 00:41:31 +02:00
Tom Hunger 932b167321 Fix indentation. 2017-08-28 15:56:04 +01:00
Linus Heckemann b73e3b6095 GNOME: 3.22 -> 3.24
This is a squash commit of the joint work from:

* Jan Tojnar (@jtojnar)
* Linus Heckemann (@lheckemann)
* Ryan Mulligan (@ryantm)
* romildo (@romildo)
* Tom Hunger (@teh)
2017-08-28 15:32:49 +01:00
Robin Gloster 8994b27c54
libvirtd module: add qemu_kvm to path 2017-08-28 12:54:41 +02:00
Franz Pletz 951106c650
lldpd: 0.9.7 -> 0.9.8
Now uses the upstream systemd unit which adds lots of hardening flags.
2017-08-27 02:33:32 +02:00
Joachim F 1715436b75 Merge pull request #27833 from volth/hpsa-2.40
nixos/hardware/raid/hpsa: init at 2.40
2017-08-26 23:10:57 +00:00
Jörg Thalheim 2d43c1fa9f Revert "boot.kernelParams: dedup and sort"
This reverts commit 9e00c643d8.

reason: https://github.com/NixOS/nixpkgs/pull/28392#issuecomment-325130848
2017-08-26 15:45:24 +01:00
Jörg Thalheim 66b42344f3 Merge pull request #28392 from volth/patch-53
boot.kernelParams: dedup and sort
2017-08-26 14:14:14 +01:00
Joachim F 227697bc67 Merge pull request #28562 from oxij/nixos/i2pd
nixos: i2pd: bits and pieces
2017-08-26 10:07:35 +00:00
Phil 4f2935390e nixos/usbguard: create package and module (#28363)
* nixos/usbguard: create package and module

No usbguard module or package existed for NixOS previously. USBGuard
will protect you from BadUSB attacks. (assuming configuration is done
correctly)

* nixos/usbguard: remove extra packages

Users can override this by themselves.

* nixos/usbguard: add maintainer and fix style
2017-08-25 23:35:18 +01:00
Jörg Thalheim e861a26b82 Merge pull request #28476 from disassembler/airsonic
airsonic: init at 10.0.0
2017-08-25 23:19:49 +01:00
Jörg Thalheim 3ba09a8e2c nixos/airsonic: remove full-path commands from preStart
systemd services are initialised with a default PATH.
This path includes coreutils.
2017-08-25 23:18:46 +01:00
Jörg Thalheim 6905e59e25 nixos/airsonic: change script to serviceConfig.ExecStart
- shell invocation is not necessary here
2017-08-25 23:18:46 +01:00
Frederik Rietdijk 665d393919 Merge remote-tracking branch 'upstream/master' into HEAD 2017-08-25 19:39:41 +02:00
Frederik Rietdijk 997043c137 bepasty: move out of python-packages
because its a (web) application and thus doesn't belong there.
2017-08-25 19:36:18 +02:00
Jan Malakhovski 27aa99753b nixos: i2pd: fix indent 2017-08-25 12:49:10 +00:00
Jan Malakhovski 3594c4eec6 nixos: i2pd: tiny fix in a description 2017-08-25 12:49:10 +00:00
SLNOS fd872c9b71 nixos: i2pd: enable ElGamal precomputation by default 2017-08-25 12:49:10 +00:00
SLNOS af5de701b7 nixos: i2pd: add logLevel 2017-08-25 12:49:10 +00:00
SLNOS 042329be5e nixos: i2pd: one fork less, one process less 2017-08-25 12:49:10 +00:00
SLNOS b42a107bc6 nixos: i2pd: rename extIp -> address to harmonize with tor 2017-08-25 12:49:10 +00:00
SLNOS c21d434d1b nixos: i2pd: change httpproxy port to its default value 2017-08-25 12:49:10 +00:00
aszlig dd5f0d9538
nixos: Fix build of manual
Regression introduced by 520a43ced3.

Using XML tag characters for things that are not tags needs to be
properly indicated by an entity.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-08-25 14:08:11 +02:00
Jörg Thalheim 47295b4677 Merge pull request #28552 from romildo/fix.oblogout
oblogout: add description for configuration options
2017-08-25 09:35:36 +01:00
Izorkin 520a43ced3 Fix zsh completions (#28550)
* Fix zsh completions

* Fix zsh completions (fix commit)

* Fix zsh completions (fix commit)
2017-08-25 09:34:21 +01:00
Robert Helgesson f861426de9
nixos/tlp: mask systemd-rfkill socket
This fixes a spurious error on boot. See #24737.
2017-08-25 10:09:25 +02:00
Jörg Thalheim 21df7ec4cf Merge pull request #28549 from evujumenuk/exit_on_reboot
containers: remove EXIT_ON_REBOOT
2017-08-25 07:02:31 +01:00
Jörg Thalheim ddf540d44c Merge pull request #27096 from gnidorah/maxx
maxx: init at 1.1.0
2017-08-25 06:40:31 +01:00
Peter Hoeg ecdabb1b5b Merge pull request #28481 from mpcsh/master
nixos/caddy: improve documentation
2017-08-25 09:56:40 +08:00
romildo 51df72e4f6 oblogout: add description for configuration options 2017-08-24 18:10:32 -03:00
evujumenuk 36dd8edde1 containers: remove EXIT_ON_REBOOT
EXIT_ON_REBOOT has been obsolete since sometime in 2014.
2017-08-24 20:48:24 +02:00
Frederik Rietdijk 31ba3649ec Merge pull request #28189 from Nadrieril/ffsync-non-root
firefox syncserver service: run as non-root user by default
2017-08-24 20:47:52 +02:00
Mark Cohen 8511a3378b nixos/caddy: improve documentation
There was no documentation for the "config" option, and it wasn't quite
clear whether it was supposed to be a file, a string, or what. This
commit removes that ambiguity.
2017-08-24 13:39:06 -04:00
gnidorah 15ae2cbeea maxx: use libredirect 2017-08-24 19:34:08 +03:00
Thomas Tuegel 27c043c49b Merge pull request #28470 from benley/fix-pam-kwallet5
nixos: Fix pam_kwallet5 integration
2017-08-24 11:32:49 -05:00
Joachim F 9447b8b9cd Merge pull request #28338 from oxij/nixos/better-tor
nixos: better tor config
2017-08-24 08:12:59 +00:00
Philipp Hausmann de1a25cd69 nixos/hail: init (#28442) 2017-08-23 18:23:13 +00:00
Samuel Leathers 85329b96e0 nixos/airsonic: add module 2017-08-23 13:06:28 -04:00
Joachim F f1514a5876 Merge pull request #27699 from volth/varnish-fixes-sq
nixos/varnish: made compatible with varnish 5.1.2, add modules
2017-08-22 22:01:00 +00:00
Robin Gloster ce7e2c06b1
prometheus-unifi-exporter: make ordering more robust 2017-08-22 20:26:18 +02:00
Benjamin Staffin 2e65e2df94 nixos: Fix pam_kwallet5 integration
Fixes #28469
2017-08-22 11:52:14 -04:00
SLNOS 2c4a925ab0 nixos: tor: rename portSpec -> port, type all "port"s properly 2017-08-22 14:57:07 +00:00
SLNOS 30a3cccd07 nixos: tor: better submodule for hidden services
Rebased onto master with a different implementation.
Originally: "add support for serving hidden services".
2017-08-22 14:57:07 +00:00
SLNOS 9226f4886f nixos: tor: more options, no unexpected consequences for default relay operators
Before this commit default relay configuration could produce unexpected
real life consequences. This patch makes those choices explicit and
documents them extensively.
2017-08-22 14:57:06 +00:00
danbst 65ff0d5f9d switch-to-configuration: fix detection of changes between rebuilds for template instances
This makes declarative containers truly reloadable. Current code already declares it:

56904d7c42/nixos/modules/virtualisation/containers.nix (L488)

```
  restartIfChanged = false;
```

56904d7c42/nixos/modules/virtualisation/containers.nix (L540)

```
  reloadIfChanged = true;
```

Original author: @chrisfarms in 6e36619b27
Most of stuff from that commit has already been ported.
2017-08-22 15:04:18 +03:00
Christian Albrecht 964799e556 sks and pgpkeyserver-lite modules: init (#27515)
* modules sks and pgpkeyserver-lite:
  runs the sks keyserver with optional nginx proxy for webgui.
* Add calbrecht to maintainers
* module sks: fix default hkpAddress value
* module pgpkeyserver-lite: make hkpAddress a string type option
  and use (builtins.head services.sks.hkpAddress) as default value
* module sks: remove leftover service dependencies
2017-08-22 12:27:00 +02:00
Franz Pletz 66fe192301 Merge pull request #28293 from makefu/module/gitlab-runner/configOptions
module gitlab-runner: introduce configOptions and configFile
2017-08-21 20:27:48 +02:00
Franz Pletz cfb716e6a5
phpfpm service: remove NoNewPrivileges systemd option
This interferes with sendmail because suid won't work. Fixes #26611.
2017-08-21 19:24:17 +02:00
Frederik Rietdijk 6bbc3a0b24 Merge commit '3b29468313bc8604fe8f85c8d9316fd276d3985c' into HEAD 2017-08-21 04:44:40 +02:00
Casey Rodarmor ae02dd2d0a nixos/mpd: allow configuring playlist directory (#28252) 2017-08-20 20:34:34 +00:00
Vladimír Čunát 7c7c83e233
buildLinux: allow overriding stdenv on each call 2017-08-20 08:24:52 +02:00
volth 9e00c643d8 boot.kernelParams: dedup and sort
dedup and sort boot.kernelParams  to avoid restarting services on eval order change
Fixes https://github.com/NixOS/nixpkgs/issues/28277
2017-08-19 06:21:13 +00:00
Maximilian Bosch a73c721f3f
programs.zsh: move evlauation of ${zshAliases} after cfg.interactiveShellInit
`cfg.interactiveShellInit` is used by modules like
`programs.zsh.oh-my-zsh`. This means that all aliases defined in
`programs.zsh.shellAliases` might be overriden which is highly
unpredictable
2017-08-18 21:48:38 +02:00
Maximilian Güntner 0f02879e01
ipfs: added defaultMode, added norouting service 2017-08-17 03:30:57 +02:00
makefu e6785422ae
module gitlab-runner: introduce configOptions and configFile
Also removes configText, functionality is now provided more conveniently by configOptions.
Keep in mind that this breaks compatibility with previous configurations,
configFile provides a means to protect the CI token from being written into the nix store.
2017-08-15 16:06:55 +02:00
Peter Hoeg 698efcb7b5 open-vm-tools: do not pull x dependencies unconditionally
The "headless" configuration option is ignored because we unconditionally
reference pkgs.open-vm-tools.

This fixes that.
2017-08-15 17:05:30 +08:00
gnidorah b73ae0a695 maxx: move deps from module to package 2017-08-14 11:13:49 +03:00
Jean-Pierre PRUNARET e6157451c1 nixos/munin: scripts need to be executable in order to build a wrapper
"Builder called die: Cannot wrap
/nix/store/XXX-munin-available-plugins/plugin.sh because it is not an
executable file"

[Bjørn: Keep DRY, quote "$file".]
2017-08-14 07:50:32 +02:00
Joachim F 3e21f91a39 Merge pull request #27796 from LumiGuide/postage
postage: init at 3.2.17 & add NixOS module
2017-08-13 20:59:06 +00:00
Joachim Fasting c0769dc6ef
nixos/hardened profile: increase ASLR entropy 2017-08-13 21:44:13 +02:00
Franz Pletz 2d5a04e5bd
nixos/agetty: override upstream default
Also see c2cf696430.
2017-08-13 19:07:38 +02:00
Frederik Rietdijk 7ebcd39a0f Merge commit '4c49205' into HEAD 2017-08-13 18:34:59 +02:00
Silvan Mosberger e16a0988bc
radicale: 1.1.4 -> 2.1.2
This commit readds and updates the 1.x package from 1.1.4 to 1.1.6 which
also includes the needed command for migrating to 2.x

The module is adjusted to the version change, defaulting to radicale2 if
stateVersion >= 17.09 and radicale1 otherwise. It also now uses
ExecStart instead of the script service attribute. Some missing dots at
the end of sentences were also added.

I added a paragraph in the release notes on how to update to a newer
version.
2017-08-13 17:23:43 +02:00
Peter Hoeg 4ce76d9e1a ddclient nixos module: follow best practice for running daemons
Couple of changes:

 - move home to /var/lib/ddclient so we can enable ProtectSystem=full
 - do not stick binary into systemPackages as it will only run as a daemon
 - run as dedicated user/group
 - document why we cannot run as type=forking (output is swallowed)
 - secure things by running with ProtectSystem and PrivateTmp
 - .pid file goes into /run/ddclient
 - let nix create the home directory instead of handling it manually
 - make the interval configurable
2017-08-13 21:56:48 +08:00
Peter Hoeg beec141d84 ddclient: assign group for ddclient 2017-08-13 21:56:48 +08:00
Franz Pletz 9fda9f8c79 Merge pull request #27903 from volth/issue-27857-libvirt-xml-manipulation
libvirt: 3.5.0 -> 3.6.0
2017-08-12 21:45:01 +02:00
Nadrieril 69a4836df5 firefox syncserver service: run as non-root user by default 2017-08-12 14:42:50 +01:00
Frederik Rietdijk c06fb4a269 Merge pull request #28188 from Nadrieril/ffsync-fix-pythonpath
firefox syncserver service: fix PYTHONPATH
2017-08-12 15:11:53 +02:00
Nadrieril d6c1d2f793 firefox syncserver service: fix PYTHONPATH 2017-08-12 14:08:25 +01:00
Robin Gloster 79ac09ea06
ripple-rest: remove
marked as broken for > 1 yr, development is frozen and author recommends
moving to https://github.com/ripple/ripple-lib
2017-08-12 13:38:32 +02:00
Franz Pletz 5d2764eb68
prometheus-blackbox-exporter: 0.5.0 -> 0.8.1 2017-08-12 11:05:23 +02:00
Jörg Thalheim c2e7b0e0b4 Merge pull request #27997 from richardlarocque/mosquitto_hashed_pass_docs
nixos/mosquitto: Fix instructions for password gen
2017-08-12 09:07:22 +01:00
Phil b4d2cd6f6a nixos/tor: add tor hidden service options (#28081)
* nixos/tor: add hiddenServices option

This change allows to configure hidden services more conveniently.

* nixos/tor: fix default/example mixup

* nixos/tor: use docbook in documentation

Also use more elegant optionalString for optional strings.

* tor: seperate hidden service port by newline

* tor: better example for hidden service path

a path below /var/lib/tor is usually used for hidden services
2017-08-11 22:59:52 +01:00
Keith Amidon f9204b9762 nixos/samba: fix pam service name typo (#28049)
The PAM service name used before this commit was "sambda", with an
extra 'd'. For some reason I don't quite fully understand this typo
prevents GDM from starting. This change fixes that as tested in VMs
built using "nixos-rebuild -I nixpkgs=<mypkgs> build-vm".
2017-08-11 20:13:33 +00:00
Franz Pletz 991745046f Merge pull request #27993 from Nadrieril/rsync-run-as-user
rsync service: allow running as user (plus some tweaks)
2017-08-11 19:12:46 +02:00
Peter Hoeg b6f7713d33 Merge pull request #28127 from peterhoeg/f/collectd
influxdb (on nixos): reduce closure size by 99.99% (and a bit)
2017-08-12 00:01:46 +08:00
Franz Pletz 61d133c1ee Merge pull request #27939 from evujumenuk/wireguard-rt_tables
wireguard: add per-peer routing table option
2017-08-11 16:27:07 +02:00
Peter Hoeg 211593fe49 influxdb nixos module: allow customizing the collectd dependency 2017-08-11 22:12:49 +08:00
Joachim F 793523d7bc Merge pull request #28089 from volth/patch-9
nixos/tinc: do not tell systemd where is pidfile
2017-08-11 13:31:57 +00:00
Tristan Helmich aa8e60d934 graylog module: adapt to Graylog version 2.3.0 2017-08-11 13:07:30 +02:00
Domen Kožar 486e1c3c16 Merge pull request #27998 from davidak/macOS
replace "Mac OS X" and "OS X" with "macOS"
2017-08-11 13:01:36 +02:00
Peter Simons 1b30d15369 Merge pull request #28123 from jerith666/post-fix-up
Post fix up
2017-08-11 09:36:58 +02:00
Matt McHenry 9186dda4a9 postfix: wakeup value should be used even if wakeupUnusedComponent is not defined 2017-08-10 21:32:03 -04:00
Matt McHenry 01fbf30041 postfix: warn about deprecated extraMasterConf option 2017-08-10 21:32:03 -04:00
Matt McHenry edd4a0efe3 postfix: fix typo in transport_maps path 2017-08-10 21:32:02 -04:00
volth 15351c4780 apply 'restartIfChanged = false' to all libvirtd services
Although it is quite safe to restart ```libvirtd``` when there are only ```qemu``` machines, in case if there are ```libvirt_lxc``` containers, a restart may result in putting the whole system into an odd state: the containers go on running but the new ```libvirtd``` daemons do not see them.
2017-08-10 11:34:32 +00:00
Joachim Fasting 767b2ae327
nixos/dnscrypt-proxy: default to random upstream resolver 2017-08-10 01:19:17 +02:00
volth b32b18631e nixos/tinc: do not tell systemd where is pidfile
```Tinc```'s pid file has more info than just a pid

```
# cat /run/tinc.dmz.pid
12209 7BD4A657B4A04364D268D188A0F4AA972A05247D802149246BBE1F1E689CABA1 127.0.0.1 port 656
```
so ```systemd``` fails to parse it.
It results in long (re)start times when ```systemd``` waits for a correct pid file to appear.
2017-08-09 22:35:20 +00:00
volth 7e5332c868 tinc: allow the daemon to write to files in /etc/tinc/${network}/hosts
Follow up https://github.com/NixOS/nixpkgs/pull/27756: tinc daemon may also create new files in ```/etc/tinc/$network/hosts```
2017-08-10 00:09:45 +02:00
Dan Peebles b48ffa332b services.fluentd: add plugins option
This allows us to pass in additional ad-hoc fluentd plugins for custom
output formats and other goodness.
2017-08-08 22:02:56 +00:00
Michael Raskin 29c3ea0cf0 Merge pull request #27925 from adisbladis/networkmanager_unbound
networkmanager service: use unbound if enabled
2017-08-08 12:13:42 +02:00
Jörg Thalheim 035e0198c5 Merge pull request #27978 from makefu/module/influxdb/bind-fix
influxdb module: collectd.port is now called bind-address
2017-08-08 07:51:03 +01:00
Wout Mertens 18fa60db30 Merge pull request #28008 from alexandergall/add-cloud-image
nixos/cloud-image: add module
2017-08-08 07:29:08 +02:00
Franz Pletz bfc78abf2b Merge pull request #28019 from Infinisil/fix-default-text-xmonad
xmonad service: add defaultText to extraPackages to fix rendering in docs
2017-08-08 02:15:45 +02:00
evujumenuk eaab02b94f wireguard: convert "table" to an interface option
Do the right thing, and use multiple interfaces for policy routing. For example, WireGuard interfaces do not allow multiple routes for the same CIDR range.
2017-08-08 01:45:19 +02:00
Silvan Mosberger 7bc42a8971
xmonad service: add defaultText to extraPackages to fix rendering in docs 2017-08-08 01:14:58 +02:00
davidak 3270aa896b replace "Mac OS X" and "OS X" with "macOS"
as it is the official name since 2016

https://en.wikipedia.org/wiki/Macintosh_operating_systems#Desktop

exception are parts refering to older versions of macOS like

"GUI support for Mac OS X 10.6 - 10.12. Note that Emacs 23 and later [...]"
2017-08-07 21:41:30 +02:00
Bas van Dijk ca64eaadf8 postage: init at 3.2.17 & add NixOS module 2017-08-07 20:35:23 +02:00
Wout Mertens 339330b322 Merge pull request #27426 from rnhmjoj/nginx
nginx: make enabling SSL port-specific
2017-08-07 16:46:28 +02:00
Frederik Rietdijk e6808e30ae Merge pull request #27931 from gnidorah/kde
Fix some KDE applications
2017-08-07 13:15:36 +02:00
Alexander Gall a0a4bea2a6 nixos/cloud-image: add module
The module creates an image for an openstack-based cloud using the
cloud-init package.
2017-08-07 13:03:02 +02:00
Richard Larocque b27d8c5d0a nixos/mosquitto: Fix instructions for password gen
Fixes https://github.com/NixOS/nixpkgs/issues/27996.

Updates instructions for generating hashes passwords for use in a
Mosquitto password file.  Using `mosquitto_passwd` to generate these
hashes is a little less convenient, but the results are more likely to
be compatible with the mosquitto daemon.

As far as I can tell, the hashes generated with `mkpassd` did not work
as intended.  But this may have been hidden by another bug:
https://github.com/NixOS/nixpkgs/issues/27130.
2017-08-06 15:54:36 -07:00
Joachim F 9f93150ec9 Merge pull request #27820 from dalaing/piwik-install-doc-fix
nixos/piwik: clarifies setup documentation
2017-08-06 22:58:52 +01:00
Nadrieril a4d07290cb rsync service: allow running as not root 2017-08-06 22:57:53 +01:00
Nadrieril 94fc613cc7 rsync service: restart service on configuration change 2017-08-06 22:57:53 +01:00
Nadrieril 541377e5f0 rsync service: modernize config file generation 2017-08-06 22:57:53 +01:00
makefu c8e96826ae
influxdb module: collectd.port is now called bind-address
with the influxdb release we have packaged (and newer releases)
collectd.port has been streamlined to bind-address which takes a string
instead of a number.

ref: https://github.com/influxdata/influxdb/blob/master/services/collectd/README.md
2017-08-06 14:49:56 +02:00
gnidorah 0e28d3af1d nixos: add pathes for KDE applications 2017-08-06 12:55:10 +03:00
Robin Gloster 2dddc6dcf6 libvirt: don't suspend and resume on change 2017-08-05 11:00:02 +00:00
Jan Tojnar c9d419a22b gnome: Further fixes for Using the 'memory' GSettings backend issue 2017-08-05 12:21:00 +02:00
evujumenuk 6070d91e93 wireguard: remove "table" option from example
Most users will be served well by the default "table" setting ("main").
2017-08-04 21:00:45 +02:00
evujumenuk e355f7044d wireguard: add per-peer routing table option
This adds a convenient per-peer option to set the routing table that associated routes are added to. This functionality is very useful for isolating interfaces from the kernel's global routing and forcing all traffic of a virtual interface (or a group of processes, via e.g. "ip rule add uidrange 10000-10009 lookup 42") through Wireguard.
2017-08-04 18:30:53 +02:00
Phil 4f277bd920 nixos/networking/nat: add option for protocol
This commit adds an option to allow udp port forwarding (see #24894).
2017-08-04 17:03:05 +02:00
adisbladis da7755b75c
networkmanager service: use unbound if enabled 2017-08-04 13:50:06 +08:00
Robin Gloster dc13376ee2
wvdial: remove 2017-08-04 02:24:07 +02:00
Robin Gloster a4647bc33f
tlsdate: remove
Dead and does not build with openssl 1.1.
Debian has removed it, too.
2017-08-04 02:24:03 +02:00
Robin Gloster 485a8fef73
modules: specify some types 2017-08-04 02:20:31 +02:00
Robin Gloster 94a2cba8d9
nginx module: add resolver config 2017-08-04 02:15:46 +02:00
Robin Gloster 75bbcd4215
nginx module: include uwsgi_params 2017-08-04 02:15:01 +02:00
Markus Mueller c678fc385e
confluence: fix optional sso 2017-08-04 02:13:51 +02:00
Franz Pletz 02791ced34
atlassian-{jira,confluence}: add crowd sso support 2017-08-04 02:13:42 +02:00
Simon Lackerbauer 1075919413
unifi: add options to control JVM heap size
Our controller was acting very sluggish at times and increasing
available RAM for the JVM fixes this.
2017-08-04 02:12:31 +02:00
Franz Pletz 3b472d78a8
avahi-daemon service: add cacheEntriesMax option 2017-08-04 02:10:11 +02:00
Franz Pletz 32e7904624
gnupg agent module: fix ssh agent assertion logic 2017-08-04 02:07:49 +02:00
Markus Mueller 53d2f0980d
nat: always flush nixos nat rules on firewall start/reload
Fixes #27510
2017-08-03 21:16:14 +02:00
Volth 84a6a3683b libvirt: 3.5.0 -> 3.6.0 2017-08-03 13:53:57 +00:00
Daniel Fullmer caaa79f246 nixos/pulseaudio: Fix for missing zeroconf module 2017-08-03 14:21:34 +02:00
Peter Hoeg 72a64ea4f1 nsswitch: add systemd module
In order for DynamicUser = true to work in services, we need the
nss-systemd module to be able to resolve the user and group names
generated dynamically.
2017-08-03 10:51:06 +08:00
Profpatsch 5d62d8775c modules/systemd: improve logind.extraConfig example
Since we have a .handleLidSwitch option now, give an other example.
2017-08-03 03:07:05 +02:00
Dave Laing d690701ff7 nixos/piwik: clarifies setup documentation
The piwki setup documentation as it stands has two issues:
- the `ALTER USER root` line does not work with MariaDB or MySQL 5.5
- the auth plugin details vary between MariaDB and MySQL
2017-08-02 08:38:16 +10:00
Christian Albrecht 93965870a8 nixos/auditd: break ordering cycle (#27577)
auditd creates an ordering cycle by adding wantedBy = [ "basic.target" ],
because of this the job job systemd-update-utmp.service/start is deleted.

Adding unitConfig.DefaultDependencies = false; to the auditd service unbreaks the cycle.

See also #11864
2017-08-01 20:45:01 +01:00
Volth b998d8e8b7 nixos/hardware/raid/hpsa: init at 2.40 2017-08-01 12:52:04 +00:00
Franz Pletz c217f48c35
searx: 0.11.0 -> 0.12.0 2017-08-01 06:16:03 +02:00
Taeradan 67890f73af postfix service: typo in transport filepath 2017-07-31 21:05:03 +02:00
aszlig 4f901203e8
nixos/timezone: Fix evaluation error
Evaluation error introduced in a0d464033c.

If the value for timeZone is null it shouldn't be even tried to coerce
it into a string.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @lheckemann, @joachifm
2017-07-31 17:15:30 +02:00
Linus Heckemann a0d464033c nixos/timezone: support imperative timezone configuration (#26608)
Fixes #26469.
2017-07-31 15:55:24 +01:00
Valentin Shirokov d30b2eb1c0 Removed networking.fqdn option
Adding it was a mistake which can only lead to problems and confusion.
2017-07-31 13:55:41 +02:00
Valentin Shirokov a74c0c6652 Removed deprecation warning for networking.extraHosts 2017-07-31 10:04:01 +02:00
Frederik Rietdijk 740d76371e Merge commit 'ba68231273bea4cba01413fd2a0e56d68db9234c' into HEAD 2017-07-31 09:12:15 +02:00
Jörg Thalheim 758bf31a22 Merge pull request #27756 from volth/tinc-fix
tinc: allow the daemon to write to files in /etc/tinc/${network}/hosts
2017-07-30 11:15:15 +01:00
Jörg Thalheim 12e8bea477 Merge pull request #27578 from Ma27/bugfix/thefuck/support-for-non-posix-compliant-shells
programs.thefuck: support shells that don't use `/etc/profile`
2017-07-30 11:13:07 +01:00
sshisk e79d11b623 postfix service: fix extraMasterConf (#27755)
thanks
2017-07-30 11:37:51 +02:00