3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

9373 commits

Author SHA1 Message Date
Leon Schuermann e45a06ebd1 openvpn: add option to store credentials 2018-01-15 14:34:58 +07:00
Vladimír Čunát 67e8392383
Merge #33057: stdenv meta checks: make them lazy
Closes #22277 - it's superseded;  I have some WIP on evaluation
performance, but best do that in a separate PR/thread.
2018-01-14 21:41:31 +01:00
Vladimír Čunát 799b941a2b
release notes: mention removal of lib.addPassthru 2018-01-14 21:34:55 +01:00
Jesper Geertsen Jonsson 8c0558dbb2 sg/newgrp should always be available, not chfn
sg and newgrp only changes the current user session and should be
available to users even if the "users.mutableUsers" option is set.
These are common, useful commands.

chfn does modify the /etc/passwd GECOS field which is also controlled
by the option "users.users.<name?>.description", so it's less
appropriate to make it available when "users.mutableUsers" is set.

However, because CHFN_RESTRICT in login.defs is never set in current
NixOS the chfn functionality is never available to users anyway and
may as well have its SUID disabled, as only root is able to use it.
This is recommended in the chfn man page in this case.
2018-01-14 20:54:40 +01:00
Joachim F b6c696cc6f
Merge pull request #33444 from rnhmjoj/dnscrypt-wrapper
nixos/dnscrypt-wrapper: fix rotate script failing to restart the service
2018-01-14 11:33:02 +00:00
Sarah Brofeldt ee4e6ebbfa
Merge pull request #32822 from LumiGuide/elk6
ELK: 5.6.1 -> 5.6.5 & add ELK 6.1.0
2018-01-14 10:40:50 +01:00
Miguel Madrid Mencía 22341c42e7
resilio-sync: fixed typo knownHosts -> entry.knownHosts 2018-01-13 23:44:39 +01:00
Jörg Thalheim 91ec1f784a
Merge pull request #33755 from srhb/keymap-test-disable-xterm-dm
nixos/tests/keymap: disable xterm DM
2018-01-13 17:03:53 +00:00
Jan Tojnar 38b6d7b60e
nixos/chrome-gnome-shell: init 2018-01-13 15:19:19 +01:00
Joachim F ed250d8093
Merge pull request #27131 from richardlarocque/mosquitto_pw
mosquitto: Explicitly configure password file
2018-01-13 12:02:45 +00:00
Sarah Brofeldt 4488e7c435 nixos/tests/keymap: disable xterm DM 2018-01-11 20:12:49 +01:00
Eelco Dolstra dddcd10ecc
Don't set 'config.xorg = {}'
This makes memoization of Nixpkgs evaluation less effective, since
some Nixpkgs invocations may have 'config = {}' while others may have
'config = { xorg = {}; }'.

Instead set 'config = {}'.
2018-01-11 19:31:05 +01:00
zimbatm 1276a3b12a
nixos/acme: configurable TOS hash (#33522)
This hash tends to change and upstream simp_le doesn't seem to keep up
with the changes.
2018-01-11 14:19:15 +00:00
Jörg Thalheim 788c5195f3 Revert "nixos/udev: fix outdated udev rules for network devices"
This reverts commit 45c5a915980fbe1fa6f0ff80ab2d11b60b844d9e.

This breaks PredictableNetworkInterfaceNames on systems without networkd.
We should only include this file from systemd, when networkd is enabled.
2018-01-11 11:21:16 +00:00
Eelco Dolstra 6bbd67d45a
EC2 AMIs: 17.09.2356.cb751f9b1c3 -> 17.09.2681.59661f21be6 2018-01-10 13:16:49 +01:00
Joachim F a6912f589e
Merge pull request #33629 from rnhmjoj/dnscrypt-proxy
Restore dnscrypt-proxy
2018-01-09 21:34:14 +00:00
John Ericson eec050f395
Merge pull request #33577 from dtzWill/fix/cross-2
Minor cross fixes, 2
2018-01-09 12:36:53 -05:00
Vladimír Čunát d6bf8eb71b
Merge #33614: nixos/kresd improvements
The PR was extended with other fixes.  All tested by me atop 17.09.
2018-01-09 17:26:31 +01:00
Ben Gamari b2cbffae64 nixos/security-wrapper: Fix cross-compilation 2018-01-09 11:25:19 -05:00
Ben Gamari a2215da9a1 make-ext4-fs: Dependencies are nativeBuildInputs 2018-01-09 11:25:19 -05:00
Ben Gamari d680678d0a makeSquashfs: Inputs are nativeBuildInputs 2018-01-09 11:25:19 -05:00
Vladimír Čunát 4bc4c08838
nixos/kresd: service nitpicks 2018-01-09 17:25:18 +01:00
Vladimír Čunát 3ab85ed1ac
nixos/kresd: use DNSSEC root trust anchor from nixpkgs
in read-only way.  If the cache directory is empty and you use the
very same service for system's DNS, kresd is unable to bootstrap root
trust anchors, as it would need a DNS lookup.

Also, if we don't rely on bootstrap, the extra lua deps of kresd could
be dropped by default, but let's not do that now, as the difference in
closure size is only ~4 MB, and there may be other use cases than
running the package as nixos service this way.
2018-01-09 17:24:49 +01:00
Vladimír Čunát f312e6d993
nixos/kresd: use systemd.tmpfiles
Since 4e4161c212 it works on nixos-rebuild.
2018-01-09 17:11:36 +01:00
José Romildo Malaquias 8b416450ea mate: let caja find extensions and gsettings schemas 2018-01-09 02:40:04 +02:00
José Romildo Malaquias 598c6c13f0 mate-panel: let mate-panel find applets in config system path 2018-01-09 02:40:04 +02:00
José Romildo Malaquias ca27392d9c mate-control-center: add gsettings schemas path to XDG vars
mate-control-center depends on mate-settings-daemon, but the later needs
gsettings schemas  provided by the former. To fix this the gsettings schema
path from mate-control-center is added to XDG_DATA_DIRS at session
startup.
2018-01-09 02:40:04 +02:00
José Romildo Malaquias 1bacb88c6a mate-session-manager: add debug option to mate service 2018-01-09 02:40:04 +02:00
Andreas Rammhold 637d5dd00c tomcat9: 9.0.0.M17 -> 9.0.2
also renamed from tomcatUnstable to tomcat9
2018-01-09 01:31:06 +01:00
rnhmjoj 94d28f3672
nixos/dnscrypt-proxy: use new dyne.org repository 2018-01-09 00:33:19 +01:00
Jörg Thalheim 71cce26342 nixos/udev: fix outdated udev rules for network devices
Udev changed its internal naming, so this rule file no longer applied correctly.
Therefore some properties such as network driver no longer matched in
systemd-networkd.

After updating we have more properties in systemd-networkd:

$ sudo networkctl status wlp3s0
...
   Driver: iwlwifi
...

To prevent this in future, the file is no copied from systemd directly
2018-01-08 16:59:33 +01:00
Andrey Golovizin f19d959ef1 nixos/kresd: fix systemd dependency cycle
The unnecessary dependency of sockets.target on kresd.service causes a
dependency cycle preventing kresd.service from starting at boot:

sockets.target -> kresd.service -> basic.target -> sockets.target
2018-01-08 15:52:26 +01:00
Yegor Timoshenko 85b84527f6
mopidy: fix, resolves #32234 2018-01-08 14:32:36 +00:00
rnhmjoj 4ebb9621f4
Revert "nixos/dnscrypt-proxy: remove"
This reverts commit 5dc2853981.
The project has a new maintainer.
2018-01-08 15:09:33 +01:00
Yegor Timoshenko f7a9f96725
nixos/xfce: clean up, use hyphenated attributes 2018-01-08 05:12:05 +00:00
Johannes Bornhold a88b4d4db1 nixos/matrix-synapse: Add module parameter extraConfigFiles (#33276)
This allows to configure additional configuration files for Synapse. This way
secrets can be kept in a secure place on the file system without a need to go
through the Nix store.
2018-01-07 20:13:48 +00:00
Joachim Fasting 5dc2853981 nixos/dnscrypt-proxy: remove
The upstream project ceased.

See https://github.com/NixOS/nixpkgs/issues/33540
2018-01-07 17:00:32 +01:00
Peter Hoeg 42f2a9ddde
Merge pull request #33531 from vdm/patch-1
Update macos USB instructions
2018-01-07 15:12:00 +08:00
Robin Gloster e606bb252b
gitlab module: config changes for gitlab 10.3 2018-01-07 05:02:56 +01:00
Robin Gloster 69c396f273
gitlab module: gitaly fixes 2018-01-07 05:02:35 +01:00
Jörg Thalheim 6249d32486
Merge pull request #33418 from Ma27/test-driver/mention-changes-in-manual
test-driver: mention `$user` argument in the NixOS manual and the Impala release notes
2018-01-07 02:33:21 +01:00
Graham Christensen 013580caf0
Merge pull request #30518 from Infinisil/usbmuxd-service
usbmuxd service: init
2018-01-06 15:53:42 -05:00
Vincent Murphy bd09ef9c21
Update macos USB instructions
"Ejecting" from the Finder ejects the entire device which is then not available for dd. diskutil unmountDisk does the right thing. Furthermore writing to diskN instead of rdiskN failed to complete even after waiting >10 minutes.
2018-01-06 18:13:58 +00:00
Jaakko Luttinen eeaa82bde1 nixos/availableKernelModules: add logitech hid
This adds support for Logitech (wireless) USB keyboards at boot
2018-01-06 17:11:30 +00:00
Léo Gaspard 7b878a443a
nixos/clamav: replace mkIf [] with optional 2018-01-06 16:52:14 +01:00
Léo Gaspard cb506e6e2e
nixos/clamsmtp: init 2018-01-06 16:08:54 +01:00
zimbatm eddf30cc93
nixos: introduce boot.growPartition (#33521)
Move it from being a profile
2018-01-06 13:52:51 +00:00
Maximilian Bosch e18b0b6033
test-driver: mention $user argument in the NixOS manual and the Impala release notes 2018-01-06 10:09:18 +01:00
Orivej Desh bc7f0162f5
Merge pull request #33406 from samueldr/doc/usb-device
Documentation: reword "Obtaining NixOS" paragraph to remove contradiction + update link
2018-01-06 03:25:25 +00:00
Orivej Desh b249907d04
Merge pull request #33197 from bgamari/gitlab-jws-fix
gitlab: Rename jws_private_key to openid_connect_signing_key
2018-01-06 03:08:57 +00:00
José Romildo Malaquias d0eb40b311 lightdm-gtk-greater: add configuration options for clock format and indicators 2018-01-06 02:20:53 +00:00
zimbatm 80f13dc31d fixup! buildkite-agent: change hooksPath type to 'path' (and prevent it from hitting the store) 2018-01-05 22:55:20 +00:00
Robin Gloster cfed96ca51 nixos/service.tt-rss: improve pgsql support, do not use static uid/gid 2018-01-05 14:47:54 +01:00
Jaakko Luttinen c26ff43905 nixos/service.tt-rss: improve mysql automatic setup
If the user chooses MySQL, it is enabled by default. Also, the used database is
created automatically along with the user and permissions.
2018-01-05 14:47:54 +01:00
Jaakko Luttinen 68855595ce nixos/service.tt-rss: enable nginx automatically 2018-01-05 14:47:54 +01:00
Jaakko Luttinen 13eaae1610 nixos/service.tt-rss: use tt_rss user
- Add tt_rss system user.
- Use tt_rss as the user by default.
- Create tt_rss user and group automatically if used.
2018-01-05 14:47:54 +01:00
Jaakko Luttinen c9b46ccea1 nixos/service.tt-rss: fix #27048 2018-01-05 14:47:54 +01:00
rnhmjoj c883311327
nixos/dnscrypt-wrapper: fix rotate script failing to restart the service 2018-01-05 02:37:09 +01:00
Jörg Thalheim f29ecd56c1
Merge pull request #33372 from Mic92/memcache
nixos/memcached: make unix sockets usuable
2018-01-04 18:39:48 +01:00
AmineChikhaoui 5dba59d494
Fixes https://github.com/NixOS/nixops/issues/756.
Seems the google compute metadata service behavior changed a bit
recently which caused this issue ?
see: https://cloud.google.com/compute/docs/storing-retrieving-metadata
2018-01-04 16:50:05 +01:00
Peter Hoeg 423dd6cc29
Merge pull request #33415 from peterhoeg/p/hv
hyperv-daemons: package and nixos module
2018-01-04 21:11:34 +08:00
Peter Hoeg 85e507ebea hyperv-daemons: add nixos module 2018-01-04 21:09:01 +08:00
Maximilian Bosch dbc414a8a5
yabar: add module
To make the configuration of `yabar` more pleasant and easier to
validate, a NixOS module will be quite helpful.

An example config could look like this:

```
{
  programs.yabar = {
    enable = true;
    bars.top.indicators.exec = "YA_DATE";
  };
}
```

The module adds a user-controlled systemd service which runs `yabar` after
starting up X.
2018-01-04 09:58:21 +01:00
Jörg Thalheim 2387c15d68
Merge pull request #33370 from Mic92/redis
nixos/redis: remove static uid/gid assignment
2018-01-04 09:46:24 +01:00
Jörg Thalheim 814b38541f
Merge pull request #32845 from Ma27/test-driver/allow-user-units
test-driver: support testing user units
2018-01-04 09:40:41 +01:00
Samuel Dionne-Riel 0e6346f16a doc: Obtaining NixOS: New link to section in wiki.
This adds a link to the new section in the new wiki that refers to the
same contents as the previously removed link.
2018-01-03 19:35:40 -05:00
Samuel Dionne-Riel dd602120a0 doc: Obtaining NixOS now refers to USB media creation chapter.
This:

 * Removes contradiction with information in the later paragraph.
 * Removes a dead link to the Wiki.
2018-01-03 19:34:32 -05:00
Jörg Thalheim c9c8a2c5b3 nixos/memcached: make unix sockets usuable
before:
  - /var/run/memcached is a bad default for a socket path, since its
    parent directory must be writeable by memcached.
  - Socket directory was not created by the module itself -> this was
    left as a burden to the user?
  - Having a static uid with a dynamic user name is not very useful.

after:
  - Replace services.memcached.socket by a boolean flag. This simplifies
    our code, since we do not have to check if the user specifies a
    path with a parent directory that should be owned by memcached
    (/run/memcached/memcached.sock -> /run/memcached).
  - Remove fixed uid/gid allocation. The only file ever owned by the
    daemon is the socket that will be recreated on every start.
    Therefore user and group ids do not need to be static.
  - only create the memcached user, if the user has not specified a
    different one. The major use case for changing option is to allow
    existing services (such as php-fpm) opening the local unix socket.
    If we would unconditionally create a user that option would be
    useless.
2018-01-03 12:33:36 +01:00
Jörg Thalheim 453e15ec91 nixos/redis: remove static uid/gid assignment
all files are chowned on startup
2018-01-03 11:18:04 +01:00
Léo Gaspard aa241aed14 nixos/dkimproxy-out: init (#33229) 2018-01-03 01:23:02 +00:00
Casey Ransom f3cba4f6bb netdata service: fix permissions for apps.plugin
apps.plugin requires capabilities for full process monitoring. with
1.9.0, netdata allows multiple directories to search for plugins and the
setuid directory can be specified here.

the module is backwards compatible with older configs. a test is
included that verifies data gathering for the elevated privileges. one
additional attribute is added to make configuration more generic than
including configuration in string form.
2018-01-02 17:57:19 -05:00
Ryan Trinkle f1a6fa6eec
Merge pull request #32258 from ryantrinkle/add-nat-extraCommands
nat: add extraCommands option
2018-01-02 14:32:42 -05:00
Maximilian Bosch e538e00404
test-driver: support testing user units
It is quite complicated to test services using the test-driver when
declaring user services with `systemd.user.services` such as many
X11-based services like `xautolock.service`.

This change adds an optional `$user` parameter to each systemd-related
function in the test-driver and runs `systemctl --user` commands using
`su -l $user -c ...` and sets the `XDG_RUNTIME_DIR` variable
accordingly and a new function named `systemctl` which is able to run a
systemd command with or without a specified user.

The change can be confirmed with a simple VM declaration like this:

```
import ./nixos/tests/make-test.nix ({ pkgs, lib }:

with lib;

{
  name = "systemd-user-test";

  nodes.machine = {
    imports = [ ./nixos/tests/common/user-account.nix ];

    services.xserver.enable = true;
    services.xserver.displayManager.auto.enable = true;
    services.xserver.displayManager.auto.user = "bob";
    services.xserver.xautolock.enable = true;
  };

  testScript = ''
    $machine->start;
    $machine->waitForX;

    $machine->waitForUnit("xautolock.service", "bob");
    $machine->stopJob("xautolock.service", "bob");
    $machine->startJob("xautolock.service", "bob");
    $machine->systemctl("list-jobs --no-pager", "bob");
    $machine->systemctl("show 'xautolock.service' --no-pager", "bob");
  '';
})
```
2018-01-02 20:14:27 +01:00
Frederik Rietdijk 804285f589 Merge remote-tracking branch 'upstream/staging' into HEAD 2018-01-02 19:10:45 +01:00
Uli Schlachter 5465d6f7de awesome: Use --search instead of $LUA_PATH/$LUA_CPATH
Instead of polluting the environment with environment variables which
are inherited by processes spawned from awesome, use the command line
argument "--search" to add things to the search path.

cc #33169
2018-01-02 17:24:56 +00:00
Jörg Thalheim 310ad4345b
Merge pull request #30686 from gnidorah/keyring
pam: add optional pam_gnome_keyring integration
2018-01-02 14:58:45 +01:00
Jörg Thalheim 54b16bcd11
Merge pull request #33227 from Ekleog/fcron-opensmtpd
fcron module: be compatible with non-wrapped sendmail's, like opensmt…
2018-01-02 09:26:53 +01:00
Bas van Dijk 803077ef1c elk: add elasticsearch6, logstash6, kibana6 and the beats at v6.1.0
This change is backwards compatible since the ELK tools at version 5.x
remain unchanged.

The test suite now both tests ELK-5 and ELK-6.
2018-01-02 01:15:29 +01:00
Franz Pletz 1a69b2029f
Merge pull request #33273 from fadenb/patch-1
lldpd module: create a lldpd user as system user
2018-01-01 23:46:50 +00:00
gnidorah f15fad898b pam: add optional pam_gnome_keyring integration 2018-01-01 21:58:37 +03:00
Frederik Rietdijk 4cc2a38854 Merge remote-tracking branch 'upstream/master' into HEAD 2018-01-01 18:15:13 +01:00
Jörg Thalheim 0bbf671b5a
Merge pull request #31157 from sorki/lxcfs_pam_related
[wip] lxcfs,pam: disable cgmanager, enable pam_cgfs, lxcfs 2.0.7 -> 2.0.8
2018-01-01 15:42:03 +01:00
Frederik Rietdijk 1869e7e5b0 Merge remote-tracking branch 'upstream/master' into HEAD 2018-01-01 15:09:55 +01:00
Tristan Helmich 3b74349661
lldpd module: create a lldpd user as system user 2018-01-01 14:22:58 +01:00
Léo Gaspard 70a085b62f nixos/rspamd: add extraConfig parameter (#33226) 2017-12-31 15:11:15 +00:00
Vladimír Čunát 1fcd92ce92
Merge branch 'master' into staging
A few thousand rebuilds from master, again.
Hydra: ?compare=1422362
2017-12-31 09:53:49 +01:00
Orivej Desh dac8f27f96 nixos/beegfs: fix the build of the NixOS manual 2017-12-31 07:52:32 +00:00
Markus Kowalewski b7fdefc8a4 beegfs: init at 6.17
package, kernel module, nixos module, and nixos test
2017-12-31 07:07:02 +00:00
Yegor Timoshenko 0dd6bd214d
xfce: resolve conflict with KDE
This resolves some aspects of #33231, but GDK_PIXBUF_MODULE_FILE doesn't really belong to any DE module.
2017-12-31 05:22:15 +00:00
John Ericson 4d2b763817
Merge pull request #26805 from obsidiansystems/cross-elegant
Make cross compilation elegant
2017-12-30 22:58:02 -05:00
Orivej Desh 54d01b0e97
Merge pull request #32914 from Infinisil/znapzendzetup
znapzend service: stateless setup
2017-12-31 03:45:40 +00:00
John Ericson a98e68676d doc: Breaking change release not for dependency propagation logic 2017-12-30 22:42:15 -05:00
John Ericson 553fd19e67 Merge branch 'ericson2314-cross-base' into staging 2017-12-30 22:39:19 -05:00
Léo Gaspard 341583b2d2
fcron module: be compatible with non-wrapped sendmail's, like opensmtpd's 2017-12-31 03:34:11 +01:00
John Ericson fa9f0e574d
Merge pull request #33196 from obsidiansystems/bintools-release-note
doc: Breaking change release note for bintools-wrapper
2017-12-30 19:37:06 -05:00
John Ericson d67e0921e9 doc: Breaking change release note for bintools-wrapper 2017-12-30 19:27:52 -05:00
Yegor Timoshenko c31ac41810
libinput: disableWhileTyping = false by default 2017-12-30 22:02:16 +00:00
Frederik Rietdijk 2d0bead714 Merge remote-tracking branch 'upstream/master' into HEAD 2017-12-30 17:04:54 +01:00
Ben Gamari b95cdd4f6c gitlab: Rename jws_private_key to openid_connect_signing_key
See
24d56df29b
2017-12-29 22:11:04 -05:00
Vladimír Čunát a1a3e54ac9
Merge branch 'master' into staging
Haskell rebuild :-)
Hydra: ?compare=1421865
2017-12-29 18:39:36 +01:00
gnidorah 766ae1ecf9 tmux module: add secureSocket option 2017-12-29 15:05:20 +03:00
Franz Pletz e2fe111d46
nixos/profiles/all-hardware: remove unavailable modules 2017-12-29 11:37:21 +01:00
Vladimír Čunát 0ac589246a
release-notes 18.03: fixup build after 553e8be1 2017-12-29 11:28:17 +01:00
Vladimír Čunát f29000b002
Merge branch 'master' into staging
Hydra: ?compare=1421760
2017-12-29 10:13:33 +01:00
Nadrieril 95fde40b71 usbguard service: rules option should be of type 'lines' 2017-12-29 03:19:36 +01:00
Robin Gloster 553e8be1d9 release-notes 18.03: add MariaDB update notes 2017-12-29 02:18:35 +01:00
Robin Gloster 86c7db0ac4 mysql module: cleanup obsolete checks 2017-12-29 02:18:35 +01:00
Robin Gloster 445e3d7390 ghostOne: remove
broken and unmaintained
2017-12-29 02:18:35 +01:00
Christoph Hrdinka 3e14b2826b
nsd module: make use of NSDs configFile option
Signed-off-by: Christoph Hrdinka <c.github@hrdinka.at>
2017-12-28 14:34:06 +01:00
adisbladis 563078184e
services.xserver.desktopManager.plasma5: add qtvirtualkeyboard to systemPackages 2017-12-28 21:13:46 +08:00
Kosyrev Serge 097719147a buildkite-agent: change hooksPath type to 'path' (and prevent it from hitting the store)
(cherry picked from commit 3aec59c99f)
Signed-off-by: Domen Kožar <domen@dev.si>
2017-12-28 12:16:05 +00:00
Kosyrev Serge 9f5593559b buildkite: address review suggestions 2017-12-28 12:16:05 +00:00
Kosyrev Serge bbb6072f10 buildkite: allow configuration and actual use of agent-specific hooks
(cherry picked from commit 775e49439f)
Signed-off-by: Domen Kožar <domen@dev.si>
2017-12-28 12:16:05 +00:00
Silvan Mosberger 66fefb82e7
nixos/znapzend: stateless setup
This enables znapzend users to specify its full configuration through
NixOS options, without ever needing to use the stateful `znapzendzetup`
command.

This works by running znapzendzetup with the specified config in
ExecPre, just before the znapzend daemon is started.

There is also the `pure` option which will clear all previous znapzend setups,
making it as stateless as can get, as only the setup declared in
configuration.nix will be persisted.
2017-12-28 01:40:01 +01:00
Peter Hoeg 7798051817
Merge pull request #32927 from peterhoeg/u/kdeapp
kde-applications: 17.08.3 -> 17.12.0
2017-12-28 08:22:27 +08:00
Christoph Hrdinka d890212ac8 nginx module: only turn on HTTP2 when SSL is enabled
Signed-off-by: Christoph Hrdinka <c.github@hrdinka.at>
2017-12-28 00:32:24 +01:00
gnidorah c955c131f7 rootston module, orbment/bemenu: change my maintainership 2017-12-27 10:21:34 +03:00
gnidorah ececaafee1 rootston module: better defaults 2017-12-26 23:31:38 +03:00
Jörg Thalheim f1c236a987
Merge pull request #33035 from corpix/feature/ssh-systemd-deps
sshd: Start after network target
2017-12-26 09:11:04 +01:00
Robin Gloster c4036762b2
gitlab: remove unnecessary assertion
It also gives less information than the error from the module system.
2017-12-26 01:11:16 +01:00
José Romildo Malaquias 6e0387a1e6 mate: fix XDG_MENU_PREFIX 2017-12-25 07:15:07 +01:00
José Romildo Malaquias 248e3983b0 gnome3: fix XDG_MENU_PREFIX 2017-12-25 07:15:07 +01:00
José Romildo Malaquias 1e147fee02 enlightenment: fix XDG_MENU_PREFIX 2017-12-25 07:15:07 +01:00
Michael Weiss 4be298bf6d nixos/sway: Extend the descriptions and examples
This'll hopefully make it a bit easier to get started with Sway and make
some things about the module more obvious.
2017-12-25 00:15:06 +01:00
Dmitry Moskowski ed26bc5931
sshd: Start after network target 2017-12-24 14:57:14 +00:00
Yegor Timoshenko b792b3ca61
thinkfan: proper case in IBM, Lenovo, ThinkPad 2017-12-24 12:54:43 +00:00
Jörg Thalheim b65f942eae
Merge pull request #28022 from volth/ccache
nixos/ccache: init
2017-12-24 13:41:48 +01:00
gnidorah 22596e8995 breeze-qt4: drop 2017-12-24 12:54:04 +03:00
Michael Weiss b322cad42b nixos/rootston: Init
Probably only relevant for a quick testing setup and NixOS VM tests.
2017-12-23 17:34:29 +01:00
Orivej Desh c3cfdc17bf
Merge pull request #32983 from flokli/virtualbox-5.2.4
virtualbox: 5.2.2 -> 5.2.4
2017-12-23 16:29:59 +00:00
Yegor Timoshenko f89bc2718b
Merge pull request #32995 from NixOS/yegortimoshenko-patch-1
mbpfan: improve description, resolves #32266
2017-12-23 17:31:13 +03:00
Yegor Timoshenko ca7472b1a7
mbpfan: improve description, resolves #32266 2017-12-23 14:28:37 +00:00
Yegor Timoshenko 108f76c927
Merge pull request #31668 from rycee/doc/naming
docs: clarify package and module option naming
2017-12-23 17:12:29 +03:00
Graham Christensen b5a61f2c59
Revert "nixos: doc: implement related packages in the manual" 2017-12-23 07:19:45 -05:00
Florian Klink 0543dc77b1 nixos/tests/virtualbox: remove mknod /dev/vda1 call
With devtmpfs introduced in 0d27df280f it is
created automatically.

See https://github.com/NixOS/nixpkgs/pull/32983#issuecomment-353703083
2017-12-23 03:16:18 +00:00
Silvan Mosberger 0b0df8f9cf nixos/logkeys: fix evaluation 2017-12-23 01:44:14 +00:00
Arseniy Seroka 36e02645eb
Merge pull request #32424 from oxij/nixos/related-packages
nixos: doc: implement related packages in the manual
2017-12-23 03:34:58 +03:00
Evgeny Egorochkin ab623d8467 luksRoot: add the missing ECB dependency to fix XTS support, resolves #30940 2017-12-22 07:50:09 +02:00
gnidorah b9851a975e Make less known wayland compositors usable (#32285)
* bemenu: init at 2017-02-14

* velox: 2015-11-03 -> 2017-07-04

* orbment, velox: don't expose subprojects

the development of orbment and velox got stuck
their subprojects (bemenu, dmenu-wayland, st-wayland) don't work correctly outside of parent projects
so hide them to not confuse people
swc and wld libraries are unpopular and unlike wlc are not used by anything except velox

* pythonPackages.pydbus: init at 0.6.0

* way-cooler: 0.5.2 -> 0.6.2

* nixos/way-cooler: add module

* dconf module: use for wayland

non-invasive approach for #31293
see discussion at #32210

* sway: embed LD_LIBRARY_PATH for #32755

* way-cooler: switch from buildRustPackage to buildRustCrate #31150
2017-12-21 16:16:19 +00:00
Bjørn Forsman 7c481aa7c1 nixos/gitolite: copy hooks with force
This makes the commonHook option work also for (read-only) Nix store
paths. Currently it fails on the second activation, because the
destination is read-only.
2017-12-21 08:41:59 +01:00
volth 363cdde475 nixos/libvirt: remove 'virtualisation.libvirtd.enableKVM' option 2017-12-21 03:56:41 +00:00
volth a52aa6aafb nixos/libvirt: avoid dependency on two qemu packages
Currently libvirt requires two qemu derivations: qemu and qemu_kvm which is just a truncated version of qemu (defined as qemu.override { hostCpuOnly = true; }).

This patch exposes an option virtualisation.libvirtd.qemuPackage which allows to choose which package to use:

 * pkgs.qemu_kvm if all your guests have the same CPU as host, or
 * pkgs.qemu which allows to emulate alien architectures (for example ARMV7L on X86_64), or
 * a custom derivation

virtualisation.libvirtd.enableKVM option is vague and could be deprecate in favor of virtualisation.libvirtd.qemuPackage, anyway it does allow to enable/disable kvm.
2017-12-21 03:56:40 +00:00
Yegor Timoshenko 71a8dbb956 nixos/desktop-managers: do not leak feh to PATH
(originally from f9415cb621)

feh is used to set background image for desktop managers that do not
support it directly, however there is no need to include it in PATH.

Fixes #17450.
2017-12-21 01:43:38 +00:00
Orivej Desh b679079045
Merge pull request #32540 from rnhmjoj/portrange
nixos/doc: document the firewall port ranges options
2017-12-20 23:51:08 +00:00
rnhmjoj 63af1f7807
nixos/doc: document the firewall port ranges options 2017-12-21 00:46:34 +01:00
Graham Christensen 9f31fe81aa
nixos: zfs: correct the networking.hostId error message
Users were confused that the error message said config.networking.hostId, and indeed that did nothing to fix their problem.

Update the error message to specify the option they should actually set.
2017-12-20 17:56:03 -05:00
Sander van der Burg 9cee2e5c95 dysnomia module: use postgres as default user and always publish container properties 2017-12-20 21:45:07 +01:00
Eelco Dolstra 014800706a
create-amis.sh: Ass eu-west-3 2017-12-20 16:35:22 +01:00
Tuomas Tynkkynen 758b4c1ea4 make-disk-image.nix: Really fix write permissions in the store
I think the current one applies the -exec only to those that match
'-type d'. Let's switch it to something that humans can understand...
2017-12-20 17:28:46 +02:00
Eelco Dolstra 3c82e6fc82
Add AMI for eu-west-3 2017-12-20 16:19:33 +01:00
Franz Pletz cf12bc44b6
Merge pull request #32858 from nh2/nginx-add-http2-option
nginx service: Make http2 an option.
2017-12-20 11:18:33 +00:00
Yurii Rashkovskii 26a59f70a2 nixos/tarsnap: update doc for printStats
after the change made in 15567e6d8e
2017-12-20 10:16:10 +00:00
Yegor Timoshenko a0aeb2381e doc: system.environmentPackages -> environment.systemPackages 2017-12-20 02:19:43 +00:00
Jörg Thalheim ba007d32c9
Merge pull request #32829 from flokli/input_leds
boot.initrd.luks: add input_leds module
2017-12-19 21:36:51 +00:00
Wei Tang 62a974bbbf xfce: delay package selection for pulseaudio volume to nixos modules (#23382)
Now there are separate `xfce4.xfce4mixer_pulse` and `xfce4.xfcevolumed_pulse` attributes for PulseAudio versions of these packages, instead of relying on Nixpkgs option. Mind that xfce4-volumed and xfce4-volumed-pulse are actually two separate programs without much overlap.
2017-12-19 22:28:12 +03:00
Niklas Hambüchen afa97cb981 nginx service: Make http2 an option.
HTTP 2 can break some things, for example due to this Chrome bug:

  https://bugs.chromium.org/p/chromium/issues/detail?id=796199

So the service hardcoding it to be enabled is not helpful.

This commit adds an option so you can turn it off.
2017-12-19 19:59:15 +01:00
Kevin Hanselman 65fb15aaf8 nixos/smartd: allow extra cli options for daemon
This enables further customization of smartd.
2017-12-19 18:43:49 +01:00
Florian Klink f2a9f9aeab boot.initrd.luks: add input_leds module
To get working caps lock lights already at stage 1, the input_leds
module needs to be loaded.

Closes #12456.
2017-12-19 01:07:37 +01:00
Orivej Desh a65525bf9f
Merge pull request #32787 from yegortimoshenko/xfce/svg
xfce: SVG icon support in xfce4-panel, fixes #18536
2017-12-18 16:13:36 +00:00
Marti Serra f24b642587 crashplan-small-business: init at 6.6.0 2017-12-18 07:20:18 +01:00
Yegor Timoshenko 209cbf9fc7 xfce: SVG icon support in xfce4-panel, fixes #18536
Thanks to Yuriy Pitomets, Jonathan Curran, and David Kleuker.
2017-12-18 01:11:20 +00:00
Samuel Leathers 7becd38cdf
Merge pull request #31068 from dalaing/fdisk-examples
nixos manual: Adds some examples of how to use fdisk.
2017-12-17 14:24:32 -05:00
Joachim F 4fb4d2f407
Merge pull request #32496 from florianjacob/btrfs-autoScrub
tasks/btrfs: add services.btrfs.autoScrub
2017-12-17 16:12:42 +00:00
Jörg Thalheim 4844fbc267
Merge pull request #32268 from volth/patch-74
nixos/initrd-ssh: generate hostkeys if absent
2017-12-17 00:00:04 -08:00
Peter Simons 0fe9785305
Merge pull request #32584 from manoj23/davfs2-v3
davfs2: create user/group davfs2 if not specified in the configuration
2017-12-17 08:53:18 +01:00
Philipp Dörfler 4b0c9418c0 nixos/logcheck: replace rm with rm -r to delete the empty logcheck.logfiles.d/
Fixes #29906
2017-12-17 04:02:26 +00:00
Tuomas Tynkkynen c9f71974f8 make-disk-image.nix: Remove write permissions from /nix/store
Fakeroot seems to always give the owner write bit to any files touched
inside it (presumably to easily simulate the fact that root can still
modify such files). So do an explicit chmod to remove them.

This should finally solve #32242 after the EC2 images are regenerated
with this change.

https://hydra.nixos.org/build/66143116
2017-12-17 01:19:05 +02:00
Orivej Desh dc89304d4d
Merge pull request #32733 from jtojnar/pinentry-1.1
pinentry: 1.0.0 → 1.1.0
2017-12-16 03:54:50 +00:00
Jan Tojnar bd0d521774
pinentry: override pinentry_ncurses instead of the other way around 2017-12-16 04:39:29 +01:00
Jan Tojnar ba67110de3
pinentry_qt: merge into pinentry 2017-12-16 03:26:30 +01:00
Orivej Desh b256afac58
Merge pull request #32578 from michaelpj/imp/plymouth-theme-defaut
plymouth: add breeze-plymouth as default theme
2017-12-15 20:20:24 +00:00
Jörg Thalheim 5687f61b19
Merge pull request #32637 from makefu/pkgs/openstack/nuke
nuke openstack (again)
2017-12-15 10:06:23 -08:00
Tuomas Tynkkynen 6ed6d323fe make-squashfs.nix: Improve invalid path check messages
Now the mtime problems are gone, but EC2 Hydra builders are still having
some problems:

https://hydra.nixos.org/build/66043835
2017-12-15 19:57:40 +02:00
makefu 269d8a17b5
openstack module: rip
part of openstack cleanup
2017-12-15 16:08:38 +01:00
makefu 71767ee3c7
glance: rip
part of openstack cleanup
2017-12-15 16:08:10 +01:00
makefu d3d94992cf
keystone: rip
part of openstack cleanup
2017-12-15 16:06:44 +01:00
Bjørn Forsman b53407461a nixos/lighttpd: update allKnownModules list
lighttpd 1.4.46+ got three new modules.
2017-12-15 07:47:45 +01:00
David Kleuker ffc0bfa5b7 nixos/samba: increase LimitNOFILE to recommended value (#32085)
fixes warning:

    rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)

https://serverfault.com/a/641411
2017-12-14 17:12:44 +00:00
Franz Pletz 0f18f4af88
nixos/tests/jenkins: check if jenkins is available 2017-12-14 16:03:24 +01:00
Franz Pletz 2754d1a8c3
xmr-stak module: init 2017-12-14 16:03:09 +01:00
Eelco Dolstra e4847b797e
Update NixOS 17.09 AMIs
This adds support for c5.* instances.

Fixes #32612.
2017-12-13 23:42:09 +01:00
makefu 5369400bb0
nova: rip
part of openstack cleanup
2017-12-13 18:16:29 +01:00
Florian Jacob fc21593352 nixos/btrfs: add services.btrfs.autoScrub
for automatic regular scrubbing of mounted btrfs filesystems,
similar to what's already there for zfs.
2017-12-13 11:00:28 +01:00
Franz Thoma 9e486344a9 nixos.gnome3.at-spi2-core: Set environment variable NO_AT_BRIDGE=1 if disabled
As suggested in #16327 (https://github.com/NixOS/nixpkgs/issues/16327#issuecomment-315729994).
2017-12-13 04:55:35 +01:00
Graham Christensen 3cad1abf9e
Merge pull request #32031 from NixOS/unstable-aarch64
Aarch64 Netboot
2017-12-12 17:44:07 -05:00
Robert Helgesson 5eb4a8339c
nixos containers: remove stray , from pattern
See #31888.
2017-12-12 18:35:06 +01:00
Bas van Dijk 5572de75a0
containers: deny networkmanager from managing the ve-* and vb-* NICs
Without this, when you've enabled networkmanager and start a
nixos-container the container will briefly have its specified IP
address but then networkmanager starts managing it causing the IP
address to be dropped.
2017-12-12 18:22:15 +01:00
Eelco Dolstra 875eaf0821
nix: 1.11.15 -> 1.11.16 2017-12-12 17:46:21 +01:00
Tuomas Tynkkynen 0d27df280f build-support/vm: Use devtmpfs, not static device nodes
In 2017, there is no reason to create a static /dev.
2017-12-12 14:31:50 +02:00
Georges Savoundararadj 9724654c74 davfs2: create user/group davfs2 if not specified in the configuration
* Add options:
  - enable
  - davUser (default: "davfs2")
  - davGroup (default: "davfs2)
* Add davfs2 user or group if they are not specified in the
configuration
2017-12-11 19:30:25 -08:00
Graham Christensen 08b8bc24cb
Netboot: Add aarch64 2017-12-11 21:33:55 -05:00
Joachim F 90accc093e
Merge pull request #32216 from LumiGuide/networkmanager-strongswan
networkmanager_strongswan: fix package
2017-12-11 23:26:21 +00:00
Linus Heckemann e4b32222a3 nixos/tests: correct comment in radicale.nix (#32574)
The secrets are in fact also stored unhashed, as part of the .drv file
which produces the htpasswd.
2017-12-11 22:09:23 +00:00
Joachim F 4792523a3d
Merge pull request #32500 from srhb/logstash-locallisten
nixos/logstash: Listen on 127.0.0.1 instead of 0.0.0.0
2017-12-11 22:00:38 +00:00
Michael Peyton Jones 638d24950d plymouth: add breeze-plymouth as default theme 2017-12-11 20:42:00 +00:00
Vladimír Čunát e9c12f6936
Merge older staging
There are some regressions, but not that many and I want
the security update of openssl fast.
2017-12-11 09:49:56 +01:00
Orivej Desh 42973bef3f nixos/programs/bash: document that /etc/bash_completion.d is obsolete
fbd52a5e31/bash_completion (L2070-L2078)
2017-12-10 12:16:25 +00:00
Tor Hedin Brønner 9988224c2a nixos/programs/bash: Let bash-completion lazy load scripts
As described in detail here: https://github.com/NixOS/nixpkgs/issues/32533
bash will load completion scripts in $p/share/bash-completion/completions/ on
startup instead of letting bash-completion do it's lazy loading. Bash startup
will then slow down (very noticeable when bash-completion is installed in a
profile).

This commit leaves loading of scripts in the hands of bash-completion,
improving startup time for everyone using `enableCompletion`.

fixes #32533
2017-12-10 10:15:41 +01:00
Andreas Rammhold 104de603cb networkmanager: remove restart after suspend from resume
In commit ec9dc73 restarting NetworkManager after resume from
suspend/hibernate was introduced.

When I initially switch to NixOS I started noticing a high delay between
wakeup and re-connecting to WiFi & wired networks. The delay increased
from a few seconds (on my previous distro, same software stack) to
almost half a minute with NixOS.

I (locally) applied the change in this commit a few weeks ago and tested
since then. The notebook/mobile device experience has improved a lot.
Reconnects are as before switching to NixOS.

Issue #24401 could be related to this. Since I am not using KDE/plasma5
I can only guess…
2017-12-10 00:19:15 +01:00
Vladimír Čunát 2309acf723
Merge branch 'master' into staging 2017-12-09 21:00:07 +01:00
Sarah Brofeldt b694fa0054 nixos/logstash: Listen on 127.0.0.1 instead of 0.0.0.0 2017-12-09 11:32:14 +01:00
Orivej Desh 40950f6a2d
Merge pull request #31006 from florianjacob/prosody
Improvements for Prosody
2017-12-09 09:19:24 +00:00
volth bfee336614
nixos/varnish: it does not matter where to check syntax, only when 2017-12-09 08:29:44 +00:00
Nadrieril 9f5d779641 Mark services.firefox.syncserver.{user,group} as removed 2017-12-08 22:23:14 +00:00
Nadrieril ae416b47cf firefox.syncserver service: Fix missing dependency 2017-12-08 22:18:57 +00:00
Nadrieril 8851ef84c8 firefox.syncserver service: Add nadrieril to maintainers 2017-12-08 22:18:57 +00:00
Nadrieril 573719e328 firefox.syncserver service: Fix permissions 2017-12-08 22:18:57 +00:00
Nadrieril f90b3dcf05 firefox.syncserver service: No need for configurable user 2017-12-08 22:18:57 +00:00
Joachim F 1541211c31
Merge pull request #32261 from erictapen/osrm-module
osrm service: init
2017-12-07 21:32:42 +00:00
Jan Malakhovski 3be0e1bd72 nixos/xen-dom0: add related packages, make it play well with them 2017-12-07 21:27:32 +00:00
Jan Malakhovski f56b5824ad nixos/tmux: use related packages 2017-12-07 21:27:28 +00:00
Jan Malakhovski 67ec6371d5 nixos, lib: implement relatedPackages option
This allows one to specify "related packages" in NixOS that get rendered into
the configuration.nix(5) man page. The interface philosophy is pretty much
stolen from TeX bibliography.
2017-12-07 21:26:35 +00:00
Jan Malakhovski 182463dc79 nixos/doc: push all the enable*' and package*` options to the top of their option group
Why? Because this way configuration.nix(5) can be read linearly.

Before:

> virtualisation.xen.bootParams
> ...
> virtualisation.xen.enable
> ...
> virtualisation.xen.package
> ...

After:

> virtualisation.xen.enable
> virtualisation.xen.package
> virtualisation.xen.bootParams
> ...
2017-12-07 21:26:34 +00:00
Justin Humm bfc3844a15 osrm service: init 2017-12-07 18:51:39 +01:00
Peter Hoeg e5715d9464 cups: 2.2.2 -> 2.2.6 2017-12-07 07:22:39 +00:00
Ryan Trinkle ab2b3a5d0a nat: add extraCommands and extraStopCommands options 2017-12-06 11:17:38 -05:00
Tuomas Tynkkynen b2e315f97f nixos/qemu-vm: Pass gic-version=host for AArch64
This is required on the ThunderX CPUs on the Packet.net Type-2A
machines that have a GICv3. For some reason the default is to create a
GICv2 independent of the host hardware...
2017-12-06 17:29:09 +02:00
Peter Hoeg 40af7718f8 tests: logToJournal has been renamed 2017-12-06 17:45:40 +08:00
Pierre-Etienne Meunier 3b79220a41 nixos/gollum: enable emoji and file uploads (#32373) 2017-12-06 09:10:54 +00:00
Pierre Carrier 5a5325d11f nixos/modules/services/hardware/u2f: init 2017-12-06 07:37:44 +01:00
Pierre-Etienne Meunier 8e97f8fac4 nixos/gollum: Add optional MathJax support (#32338) 2017-12-05 12:20:31 +00:00
Orivej Desh 81e5b51a2c
Merge pull request #32308 from orivej/static-resolv-conf
nixos/networking: support static resolv.conf
2017-12-04 16:07:21 +00:00
Maximilian Bosch af75b48b51 services.statsd: add simple test 2017-12-04 16:56:16 +01:00
Maximilian Bosch aaf1e1c4fb statsd: restore support for {influx,librato,stackdriver} backends
These packages will be placed into an environment using
`backendsToPackages`. This function explicitly maps backends to
`pkgs.nodePackages.${type}` unless it's a builtin. This ensures that only
valid backends that work on NixOS are used (if not, the build already
breaks at evaluation time).

The log will be redirected to `stdout` to be able to watch the entire
output using `journalctl`.

Configuration parameters for the backends need to be set using
`services.statsd.extraConfig` as each backend has its own options and
all of them shouldn't be validated and checked explicitly and manually.
2017-12-04 16:56:16 +01:00
Orivej Desh d5facd5df3 nixos/networking: support static resolv.conf 2017-12-04 13:58:54 +00:00
zimbatm 3807408c38
Merge pull request #32212 from ryantrinkle/nat-port-forwarding-ranges
Nat port forwarding ranges
2017-12-04 12:05:05 +00:00
Daiderd Jordan 852fe55822
Merge pull request #32304 from LnL7/vault-test
vault: add nixos test
2017-12-04 13:04:13 +01:00
Daiderd Jordan 6a20b88cec
vault: add nixos test 2017-12-04 12:59:52 +01:00
Ryan Trinkle 4f8a65a163 nixos/nat: add dmzHost option (#32257) 2017-12-04 09:21:58 +00:00
Jaka Hudoklin bc557912a1
Merge pull request #28939 from xtruder/nixos/tor/trans_proxy
tor module: add support for transparent proxy and dns
2017-12-03 21:47:11 +01:00
Domen Kožar d64ba1c060
Add localtime package and nixos module
Simple daemon for keeping system timezone up-to-date via geoclue2.

Sadly i3 status needs to be restarted for timezone changes.
2017-12-03 11:42:51 +01:00
Joachim F 58e4f8a14b
Merge pull request #32186 from jbboehr/patch-1
nixos/i2pd: tunnel configuration fixes
2017-12-03 07:58:36 +00:00
Bert Moens a5398a7663 nixos/doc/x-windows: update touchpad to libinput 2017-12-03 05:05:21 +02:00
volth af6fc78f5d
initrd-ssh: generate hostkeys if absent 2017-12-03 02:27:29 +00:00
Tuomas Tynkkynen 574526d510 make-squashfs: Hack to avoid building images where nixos-install won't run
https://github.com/NixOS/nixpkgs/issues/32242
2017-12-03 03:37:45 +02:00
Ryan Trinkle a8f1ebf52c nat: support port ranges in networking.nat.forwardPorts 2017-12-02 13:28:01 -05:00
Ryan Trinkle 83048c4fe0 nixpkgs.lib: Add types.strMatching 2017-12-02 13:28:00 -05:00
John Boehr 67c3f7f65f nixos/i2pd: tunnel config fixes
Tunnel configuration has no member named "host" - i2pd does but it's called "address" in the options. As a result, no tunnel configuration is generated.

* Fix attribute check in inTunnels
* Fix integer to string coercion in inTunnels
* Add destinationPort option for outTunnels
2017-11-30 17:13:42 -08:00
Orivej Desh dd7738d13f
Merge pull request #32203 from jtojnar/xorg-localectl
nixos/xserver: Move the keyboard configuration to 00-keyboard.conf
2017-12-01 00:29:47 +00:00
Bas van Dijk 460a4b0832 networkmanager_strongswan: fix package
Added the boolean option:

  networking.networkmanager.enableStrongSwan

which enables the networkmanager_strongswan plugin and adds
strongswanNM to the dbus packages.

This was contributed by @wucke13, @eqyiel and @globin.

Fixes: #29873
2017-11-30 23:03:32 +01:00
Jan Tojnar 1d868aa8de
nixos/xserver: Move the keyboard configuration to 00-keyboard.conf
localectl looks for keyboard settings in /X11/xorg.conf.d/00-keyboard.conf

Closes: #29959, #14318
2017-11-30 14:10:34 +01:00
Eelco Dolstra 949a6e3ec5
Merge pull request #32188 from NixOS/copumpkin-aws-ntp
amazon-image: use NTP provided by the hypervisor
2017-11-30 13:06:25 +01:00
Orivej Desh 905672f524 nixos/pulseaudio: document audio group for system wide access 2017-11-30 06:37:01 +00:00
Daniel Peebles 5fd528d043
amazon-image: use NTP provided by the hypervisor
See http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/set-time.html for more information.

Fixes #32187
2017-11-29 22:48:00 -05:00
James Earl Douglas 00cda0d18d nixos/nexus: fix typo
Nexus is produced by [Sonatype][1], not SonarType.

[1]: https://www.sonatype.org/
2017-11-29 22:39:37 +01:00
Philipp Hausmann 5f59913c74 FusionInventory: 3.18 -> 3.21 2017-11-29 14:58:36 +00:00
Vladimír Čunát 5f020d5627
Merge branch 'staging'
There are security fixes in multiple packages /cc #32117,
so I'm merging a little earlier, with a few thousand jobs
still not finished on Hydra for x86_64-darwin and aarch64-linux.
2017-11-29 10:02:40 +01:00
Orivej Desh 0e6ca9e85d
Merge pull request #31970 from The-M1k3y/master
nixos/factorio: add stateDir and requireUserVerification option
2017-11-29 08:36:52 +00:00
Orivej Desh b8ddde411c
Merge pull request #32060 from elitak/ipfs
ipfs: add swarmAddress option
2017-11-29 01:59:08 +00:00
Orivej Desh 7d69f11293
Merge pull request #32141 from yellowgh0st/compton
compton: adding missing xr_glx_hybrid backend
2017-11-28 23:28:56 +00:00
Vladimír Čunát addd20e6f9
Merge branch 'master' into staging 2017-11-28 18:19:34 +01:00
Yell0w Ghost 57475d12ad
compton: adding missing xr_glx_hybrid backend
Compton can run with xr_glx_hybrid backend too.
Adding this missing option.
2017-11-28 14:02:48 +01:00
Léo Gaspard 652842d82e clamav module: make services.clamav.daemon.enable actually work 2017-11-28 13:45:13 +01:00
Ollie Charles 6ece306812 nixos/grafana: Fix type of database.type option
If you want to use grafana with PostgreSQL, the type is `postgres`,
not `postgresql`.
2017-11-28 11:57:35 +00:00
Vladimír Čunát 6705f30e2c
Merge branch 'master' into staging 2017-11-27 15:09:53 +01:00
Vladimír Čunát 6345089ca0
Merge #29392: gnome3: 3.24 -> 3.26
It might be slightly confusing that a couple of the changes will be twice
in the history, but let's merge this way.
2017-11-27 12:19:01 +01:00
rnhmjoj 13bb5ff402
nixos/xserver: fix X.org session script logging 2017-11-27 11:29:37 +01:00
Tuomas Tynkkynen dc5cd7800a tests/initrd-network-ssh: Don't build during evaluation
Issue #29774
2017-11-27 12:08:57 +02:00
Tuomas Tynkkynen cb008da167 owncloud: Don't build during evaluation
Issue #29774
2017-11-27 12:08:57 +02:00
Vladimír Čunát 337e900c3d
Merge #31683: glib: Add variable for overriding schemas 2017-11-27 10:54:19 +01:00
Peter Hoeg 80c5cf80f2
pulseaudio/nixos: set it as default for openal/libao if enabled (#32078)
- /var/run -> /run as the former is deprecated
- configure openal to use pulseaudio if pulseaudio is enabled
- configure libao to use pulseaudio if pulseaudio is enabled
2017-11-27 15:49:38 +08:00
Tuomas Tynkkynen f3794bb8cb nixos/qemu-guest: Ensure virtio_mmio is available in initrd
ARM and AArch64 might use virtio_mmio in some cases.
2017-11-26 11:22:39 +02:00
Tuomas Tynkkynen 8762490337 nixos/qemu: Add virtio-rng-pci to test-driver
Otherwise AArch64 KVM guests don't have enough entropy at boot.
2017-11-26 11:13:21 +02:00
Tuomas Tynkkynen e56da6a464 nixos/qemu-vm: Use different serial port on ARM/AArch64 2017-11-26 11:13:21 +02:00
Tuomas Tynkkynen 0a2eda7a7e nixos/qemu-vm: Don't try enabling graphics/mouse on non-x86
Needs to be figured out some day, just disable them for now.
2017-11-26 11:13:21 +02:00
Tuomas Tynkkynen 43cb964e17 nixos/qemu-vm: Set QEMU command line depending on architecture 2017-11-26 11:13:21 +02:00
volth 25b178c745
nixos/varnish: check .vcl syntax at compile time (e.g. before nixops deployment) 2017-11-26 08:13:09 +00:00
Eric Litak d0b9d13618 ipfs: add swarmAddress option 2017-11-25 22:56:07 -08:00
Jan Tojnar 1566de20c7
nixos/gnome3: override schemas using env variable
For some reason, the GNOME 3.26 update broke the overrides. It turns
out the overrides now need to come before the overridden schemas in the
XDG_DATA_DIRS variable. This is not possible in general due to applications
prefixing the variable (e.g. in wrapGAppsHook).

To fix this, a new environment variable NIX_GSETTINGS_OVERRIDES_DIR
was introduced. It has greater priority than XDG_DATA_DIRS but lower
than GSETTINGS_SCHEMA_DIR. A separate variable was chosen in order not
to block the built-in one for users.
2017-11-26 03:11:00 +01:00
Jan Tojnar 6e0fc275d6
nixos/tracker-miners: init 2017-11-26 03:10:56 +01:00
Kosyrev Serge 3fa4e1e3ee buildkite-agent: secrecy improvements: non-store, non-Nix provisioning of secrets 2017-11-25 17:52:19 +00:00
Jörg Thalheim 3ea493430a
Merge pull request #31283 from michalrus/per-user-profiles-buildEnv
users-groups module: use `buildEnv` in per-user profiles
2017-11-25 15:28:58 +00:00
Joachim F 822342ffdf
Merge pull request #31048 from LumiGuide/fix-owncloud
Fix some but not all errors in owncloud
2017-11-25 12:43:29 +00:00
Orivej Desh 6d9ad27103
Merge pull request #31995 from jtojnar/xserver-libinput
Use libinput for all input devices when enabled
2017-11-25 10:33:39 +00:00
Jan Tojnar c177b838df nixos/xserver: let X choose the xkb rules
With libinput used for keyboard, base rules produce incorrect keyboard
layouts. We are removing the option as recommended in the XKB configuration
guide [1] to let X server choose the ruleset. It looks like it chooses
evdev rules which seem to work for some reason

[1]: https://www.x.org/releases/X11R7.6/doc/xorg-docs/input/XKB-Config.html#id2521360
2017-11-25 10:27:31 +00:00
Kjetil Orbekk bd3e49a80e nixos/munin: fix broken plugin wrappers
The munin-node service used wrapProgram to inject environment variables.
This doesn't work because munin plugins depend on argv[0], which is
overwritten when the executable is a script with a shebang line (example
below).

This commit removes the wrappers and instead passes the required
environment variables to munin-node.

Eliminating the wrappers resulted in some broken plugins, e.g., meminfo
and hddtemp_smartctl. That was fixed with the per-plugin configuration.

Example:

  The plugin if_eth0 is a symlink to /.../plugins/if_, which uses $0
  to determine that it should monitor traffic on the eth0 interface.

  if_ is a wrapped program, and runs `exec -a "$0" .if_-wrapped`

  .if_-wrapped has a "#!/nix/.../bash" line, which results in bash
  changing $0, and as a result the plugin thinks my interface
  is called "-wrapped".
2017-11-25 11:23:56 +01:00
Orivej Desh 2f1a818d00 nixos/fwupd: disable by default
It causes building during evaluation when enabled, and it is hardly useful
without GNOME or the awareness of the system operator.
2017-11-25 06:49:38 +00:00
Vladimír Čunát 474c1ce799
nixos.tests.installer.swraid: increase drive size
The latest staging caused this test not to fit anymore.
I'm all for keeping closure sizes under control,
but I don't think *this* is a good place.
2017-11-25 07:46:28 +01:00
Vladimír Čunát 7dfa97969a
Merge branch 'staging' (older one)
Hydra seems OK-ish, except that some aarch64 jobs need restarting
after qt4 timing out for the first time:
https://hydra.nixos.org/eval/1412641?compare=1412561
2017-11-24 18:36:54 +01:00
Franz Pletz 3ad0845fb0
Merge pull request #31371 from gnidorah/sway
sway module: passthrough sway binary when needed
2017-11-24 10:03:41 +01:00
Franz Pletz a59864c3c5
Merge pull request #31839 from bluescreen303/fix-rpfilter
firewall: fix rpfilter blocking dhcp offers when no ip was bound yet
2017-11-24 09:39:05 +01:00
Jan Tojnar 193c4c5701
Merge pull request #30252 from jtojnar/fwupd
fwupd: 0.9.6 → 1.0.1
2017-11-24 04:07:52 +01:00
Jan Tojnar ed9dc1f187
nixos/libinput: load configuration file
In order for libinput to be used with Xorg, its configuration file
needs to be added to environment similarly to how evdev one’s is.

Closes: #31670
2017-11-24 02:18:38 +01:00
Graham Christensen 0726cd6f0c
Merge pull request #31972 from bkchr/copyfilefromhost_missing_documentation
Adds missing documentation for copyFileFromHost in NixOS tests
2017-11-23 19:50:39 -05:00
Bastian Köcher 1200f9b9e2 Adds missing documentation for copyFileFromHost in NixOS tests 2017-11-23 15:50:54 +01:00
Graham Christensen 8443352ffa
Merge pull request #31973 from grahamc/options-fix-inginious
inginious: fix options eval
2017-11-23 09:43:23 -05:00
Graham Christensen 2bbdd70b99
inginious: fix options eval 2017-11-23 09:33:59 -05:00
Jörg Thalheim 487c4a6f6e
Merge pull request #27513 from lukeadams/prl-tools-fix
[NixOS] Fix + update `hardware.parallels` config option
2017-11-23 14:10:21 +00:00
The-M1k3y 7dcd299e9a nixos/factorio: add stateDir and requireUserVerification option 2017-11-23 13:50:19 +01:00
Jörg Thalheim d541d0c7bf
Merge pull request #31941 from Rovanion/master
user-mgmt.xml: extraUsers => users
2017-11-23 10:28:47 +00:00
Rovanion Luckey 99864c4a79 nixos/manual: extraUsers -> users in user-mgmt.xml
Changed extraUsers -> users and one case of extraGroups -> groups in nixos manual chapter 7.

According to chatter on IRC these are the proper names for these configuration options nowadays.

Modified based on feedback from Jörg Talheim.
2017-11-23 10:22:00 +01:00
Jan Tojnar c49522edb7
nixos/services.fwupd: allow adding trusted keys 2017-11-23 00:53:50 +01:00
Profpatsch f09f49d483 nixos/doc/manual: print context on failing xmllint validation
Previously only the line numbers of a giant, internally generated XML file were
printed, without any kind of debuggability.
Now at least the mentioned lines are printed with a little bit of surrounding
context (to have something to grep for).

```
manual-combined.xml:4863: element para: Relax-NG validity error : Did not expect element para there
  4859	<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xi="http://www.w3.org/2001/XInclude" version="5.0" xml:id="sec-writing-modules">
  4860
  4861	<title>Writing NixOS Modules</title>
  4862
  4863	<para>NixOS has a modular system for declarative configuration.  This
  4864	system combines multiple <emphasis>modules</emphasis> to produce the
  4865	full system configuration.  One of the modules that constitute the
```
2017-11-22 21:27:05 +01:00
Domen Kožar ad492e6f33
hydra: 2017-10-26 -> 2017-11-21 2017-11-22 17:24:55 +00:00
Thomas Strobel 67ce1357fa nixos: init module: restya-board 2017-11-22 12:14:24 +01:00
Thomas Strobel 2128d8ce4e ixos ids: reserve restya-board 2017-11-22 12:14:24 +01:00
Joachim F 1f2b938734
Merge pull request #31850 from herrwiese/evilwm
evilwm: implement NixOS WM module
2017-11-21 22:56:22 +00:00
Orivej Desh b8e1e7191e Merge branch 'master' into staging
* master: (80 commits)
  lkl: Supports aarch64
  wimlib: nitpicks
  gitAndTools.git-codeowners: 0.1.1 -> 0.1.2
  wimlib: init at 1.12.0
  kernel: improve modDirVersion error message
  releaseTools.sourceTarball: Clean up temporary files
  dotnetPackages.SmartIrc4net: rehash source
  migmix: make it a fixed-output derivation
  vm: Create /dev/full
  samba: 4.6.8 -> 4.6.11 to address CVEs CVE-2017-14746 & CVE-2017-15275
  microcodeIntel: 20170707 -> 20171117
  sshd: Remove ripemd160 MACs
  kernel config: Enable MEDIA_CONTROLLER
  linux: 4.4.99 -> 4.4.100
  linux: 4.9.63 -> 4.9.64
  nix-bash-completions: 0.4 -> 0.5
  linux: 4.14 -> 4.14.1
  linux: 4.13.14 -> 4.13.15
  nix-zsh-completions: 0.3.3 -> 0.3.5
  dns-root-data: use a stable URL that I maintain anyway
  ...
2017-11-21 22:48:36 +00:00
Tim Steinbach 48252b15b9
sshd: Remove ripemd160 MACs
They are invalid for our OpenSSH
2017-11-21 09:36:51 -05:00
Graham Christensen 3c9b356e10
Merge pull request #31860 from rycee/nixos/bash/fix/inputrc
nixos/bash: mark `inputrc` etc file as default
2017-11-20 21:46:54 -05:00
Tim Steinbach 861fef71f4
Merge pull request #31763 from jeaye/harden-ssh-config
Harden ssh config defaults and remove old host key support
2017-11-20 20:13:21 +00:00
Robert Helgesson 101d56cb0c
nixos/bash: mark inputrc etc file as default
The bash module currently sets the `/etc/inputrc` unconditionally,
which prevents easy user override. This commit lowers the priority of
the setting to "option default" level, which allows a user to override
the value using either

    environment.etc."inputrc".text = …

or

    environment.etc."inputrc".source = …
2017-11-20 12:32:01 +01:00
Orivej Desh ab0d141f44 Merge branch 'master' into staging
* master: (23 commits)
  silver-searcher: patch bash completions location
  shairplay: init at 2016-01-01
  ocamlPackages.rope: 0.5 -> 0.6
  ocamlPackages.ocaml_gettext: 0.8.7 -> 0.8.8
  mupdf: Patch openjpeg version
  nextcloud-client: fix build after qt updates
  gstreamer.gst-plugins-bad: Patch openjpeg version
  silver-searcher: move bash completion to etc/bash-completion.d/
  neomutt: use mime.types from dedicated mime-types derivation
  mime_types: rename to mime-types
  XMLLibXML: 2.0129 -> 2.0132 fixes failing tests & CVE-2017-10672
  nixos/matrix-synapse: remove unused log_file config
  nixos: run parted with --script option (3rd)
  nixos: run parted with --script option (2nd)
  nixos/release: add nixos/tests/switch-test.nix to tested job
  nixos/system: make switch-to-configuration script pure.
  nixos/release: include mutableUsers test to release tests.
  nixos/tests: Add a test for config.users.mutableUsers.
  corebird: 1.7.2 -> 1.7.3
  nixos/matrix-synapse: make home directory configurable
  ...
2017-11-20 09:21:51 +00:00
Franz Pletz 0ed7d4d0e8
Merge pull request #31812 from eqyiel/matrix-synapse-configurable-home
nixos/matrix-synapse: make home directory configurable
2017-11-20 09:35:57 +01:00
Andreas Wiese f5f601a7f2 nixos/evilwm: allow enabling evilwm through services.xserver.windowManager.evilwm.* 2017-11-20 07:50:28 +01:00
Ruben Maher 50777e5702 nixos/matrix-synapse: remove unused log_file config 2017-11-20 09:29:45 +10:30
Bjørn Forsman aedba5c2af nixos: run parted with --script option (3rd)
Doh, should have included this in previous commit.

Ref. 0ff4bb5f87
("nixos: run parted with --script option").
2017-11-19 22:55:12 +01:00
Bjørn Forsman bf338ab9ee nixos: run parted with --script option (2nd)
Ref. 0ff4bb5f87
("nixos: run parted with --script option")
2017-11-19 22:50:24 +01:00
Mathijs Kwik 05761e9504 firewall: fix rpfilter blocking dhcp offers when no ip was bound yet 2017-11-19 22:24:56 +01:00
Franz Pletz bdbaaad7de
Merge pull request #29269 from Moredread/test_crypt_with_keyfile
Test opening encrypted filesystem with keyfile
2017-11-19 20:30:59 +01:00
obadz edcf51a359
Merge pull request #31805 from gleber/make-switch-to-configuration-pure
nixos/system: make switch-to-configuration script pure
2017-11-19 19:03:52 +00:00
Franz Pletz f367bb4d6d
Merge pull request #31569 from gleber/add-mutable-users-test
nixos/tests: add a test for config.users.mutableUsers.
2017-11-19 19:54:28 +01:00
Gleb Peregud f8fb6a679e nixos/release: add nixos/tests/switch-test.nix to tested job 2017-11-19 19:50:08 +01:00
Gleb Peregud 2f6148c743 nixos/system: make switch-to-configuration script pure.
Fixes #28443

Fixed few invocations to `systemctl` to have an absolute path. Additionally add
LOCALE_ARCHIVE so that perl stops spewing warning messages.
2017-11-19 19:42:54 +01:00
Franz Pletz fa824e6c58
Merge branch 'master' into staging 2017-11-19 19:39:04 +01:00
Pierre Chevalier c46d4dab96 gdm: remove old workaround for conflicts with getty
- There used to be a conflict between gdm and getty both trying to
  access tty1
- This conflict was fixed by running gdm on tty7 instead
2017-11-19 19:35:37 +01:00
Pierre Chevalier aed114ecb9 Revert "gdm: don't start getty@tty1 if enabled"
This commit isn't needed anymore since we now run gdm on tty7.

This reverts commit 440178d729.
2017-11-19 19:35:37 +01:00
Gleb Peregud cea8302182 nixos/release: include mutableUsers test to release tests. 2017-11-19 19:20:50 +01:00
Gleb Peregud 1dd0379ba8 nixos/tests: Add a test for config.users.mutableUsers.
It's in preparation to add an assertion for #4990.
2017-11-19 19:11:19 +01:00
Franz Pletz 71b8437e2c
nixos/tests: add couchdb test 2017-11-19 17:39:36 +01:00
Orivej Desh 50d8720d2a nixos/testing: fix after --set ceased to evaluate the value 2017-11-19 14:15:19 +00:00
Ruben Maher 86e161ff47 nixos/matrix-synapse: make home directory configurable 2017-11-19 13:48:29 +10:30
jeaye 03f7adfdd1
nixos/ssh: Update 18.03 release notes
Since ssh-dss is no longer supported by default, users relying on those
keys for their login may be locked out. They should ideally use stronger
keys, but adding the support for ssh-dss back in can also be done
through extraConfig.
2017-11-18 15:35:56 -08:00
Pierre Chevalier b3de3893d0 nixos/zsh: add the type for enableAutosuggestions option
Simply a small inconsistency I picked up when reading that file.

fixes #31795
2017-11-18 21:27:12 +00:00
Tuomas Tynkkynen 931aa5f9e2 U-Boot: 2017.03 -> 2017.11
Also move patches from sd-image-aarch64.nix, they might be useful for
the older raspberries as well.
2017-11-18 13:57:17 +02:00
Orivej Desh 89912165e1
Merge pull request #31378 from michaelpj/imp/plymouth-nixos-branding
breeze-plymouth: add optional nixos branding, enable for plasma5
2017-11-18 10:37:26 +00:00
Michael Peyton Jones eec4c31d89 plasma5: enable NixOS branding in plymouth theme 2017-11-18 10:36:23 +00:00
Jan Tojnar c47ea8ca4e
nixos/services.fwupd: init 2017-11-17 18:54:45 +01:00
Bjørn Forsman 3f36f167e6 nixos/pam: fix docs about path to u2f_keys file
Looking at upstream git repo (git://github.com/Yubico/pam-u2f.git) the
docs initially said the path was ~/.yubico/u2f_keys, but it was later
changed to ~/.config/Yubico/u2f_keys (in 2015).

I have run pam_u2f.so with "debug" option and observed that the correct
path indeed is ~/.config/Yubico/u2f_keys.
2017-11-17 17:50:40 +01:00
Franz Pletz 00056e76d0
nixos/tests/acme: update terms of service to fix test 2017-11-17 16:05:13 +01:00
Oliver Charles 560400773c nixos/prometheus: Correct documentation for external_labels
As description is literal XML, I need to escape < and > by hand.
2017-11-17 11:06:03 +00:00
Oliver Charles acb7f43db9 nixos/prometheus: add external_labels option 2017-11-17 10:16:21 +00:00
Oliver Charles f0334c0336 nixos/prometheus: add scrape_configs.honor_labels 2017-11-17 10:15:37 +00:00
jeaye 2a8bd9e2a1
nixos/ssh: Harden config defaults 2017-11-16 20:25:37 -08:00
jeaye ec80c92825
nixos/ssh: Remove support for old host keys 2017-11-16 20:25:22 -08:00
Orivej Desh 963204e6ee
Merge pull request #31753 from mbld/show-ip
nixos-container: Make show-ip work together with ipv4 + netmask
2017-11-17 00:32:56 +00:00
Orivej Desh f79e3e237f
Merge pull request #31618 from adisbladis/zfs-tests
Add basic ZFS tests
2017-11-16 20:00:16 +00:00
Martin Bornhold 25b71e18f5 nixos-container: Modify existing test to cover show-ip command
Modified the existing test to check that the 'nixos-container show-ip' command
can handle ipv4 addresses with submask in CIDR notation.
2017-11-16 20:25:45 +01:00
Parnell Springmeyer cb11bf73a5 nixos/nghttpx: add module for the nghttpx proxy server (#31680)
* nghttpx: Add a new NixOS module for the nghttpx proxy server

This change also adds a global `uid` and `gid` for a `nghttpx` user
and group as well as an integration test.

* nixos/nghttpx: fix building manual
2017-11-16 18:21:02 +00:00
Franz Pletz 903a7e2f94
Merge pull request #31641 from danbst/patch-13
mysql module: fix flaky check
2017-11-16 00:07:55 +01:00
Tim Steinbach c9b8bbd039
Merge pull request #31268 from Ma27/x11-defaults
services.xserver: fix defaults of X11
2017-11-15 16:41:52 +00:00
Thomas Tuegel dd5e6bcefc
Merge pull request #31504 from benley/fontconfig-localconf
fonts: fix fontconfig.localConf when used with penultimate
2017-11-15 08:23:47 -06:00
Jan Tojnar a3509f6c22
gnome3.gnome-online-miners: add missing dleyna dependency 2017-11-15 14:02:37 +01:00
Jan Tojnar e1b8636181
dleyna-server: init at 0.6.0 2017-11-15 14:02:37 +01:00
Jan Tojnar abb17136de
gnome3.gnome-photos: add missing dleyna depenency 2017-11-15 14:02:37 +01:00
Jan Tojnar a04cfdea12
dleyna-renderer: init at 0.6.0 2017-11-15 14:02:37 +01:00
Jan Tojnar 510737cca7
nixos/gnome3: override schemas using env variable
For some reason, the GNOME 3.26 update broke the overrides. It turns
out the overrides now need to come before the overriden schemas in the
XDG_DATA_DIRS variable. This is not possible in general due to applications
prefixing the variable (e.g. in wrapGAppsHook).

To fix this, a new environment variable NIX_GSETTINGS_OVERRIDES_DIR
was introduced. It has greater priority than XDG_DATA_DIRS but lower
than GSETTINGS_SCHEMA_DIR. A separate variable was chosen in order not
to block the built-in one for users.
2017-11-15 03:45:25 +01:00
Maximilian Bosch 20a5e9db84 nixos-option: don't eval description
see https://github.com/NixOS/nixpkgs/pull/31630#issuecomment-344073438
2017-11-14 23:06:44 +01:00
Robert Helgesson 91154416b6
docs: clarify package and module option naming
This attempts to briefly clarify the current naming conventions of
attribute names in `all-packages.nix` and module option names.
2017-11-14 19:17:35 +01:00
Robin Gloster 9181faac41
dovecot: fix config if mailboxes == [] 2017-11-14 16:49:53 +01:00