3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

735 commits

Author SHA1 Message Date
Philip Potter e4029c34fc yubikey-agent: init at 0.1.3
This adds yubikey-agent as a package and a nixos module.

On macOS, we use `wrapProgram` to set pinentry_mac as default in PATH;
on Linux we rely on the user to set their preferred pinentry in PATH.
In particular, we use a systemd override to prefix PATH to select a
chosen pinentry program if specified.

On Linux, we need libnotify to provide the notify-send utility for
desktop notifications (such as "Waiting for Yubikey touch...").

This might work on other flavors of unix, but I haven't tested.

We reuse the programs.gnupg.agent.pinentryFlavor option for
yubikey-agent, but in doing so I hit a problem: pinentryFlavour's
default value is specified in a mkDefault, but only conditionally.  We
ought to be able to pick up the pinentryFlavour whether or not gpg-agent
is running.  As a result, this commit moves the default value to the
definition of programs.gnupg.agent.enable.
2020-07-16 15:29:33 +01:00
worldofpeace 56619d6ebb
Merge pull request #85992 from symphorien/ibus-db
ibus: fix dconf database
2020-07-07 11:29:53 -04:00
rnhmjoj 5b59329234
nixos/fish: enable man cache generation 2020-06-29 22:28:32 +02:00
Jan Tojnar 51dad85947
nixos/hamster: fix eval
Fixes

	error: The option value `meta.maintainers' in `nixos/modules/programs/hamster.nix' is not of type `list of maintainers'.
2020-06-18 16:22:13 +02:00
Jan Tojnar 75e756b8e1
Merge pull request #90051 from fabianhauser/hamster-time-tracker 2020-06-16 23:08:45 +02:00
Maximilian Bosch 267b93da34
Merge pull request #89662 from aanderse/ssmtp
nixos/ssmtp: add settings option
2020-06-12 16:09:13 +02:00
Aaron Andersen ad2330f642 nixos/ssmtp: drop authPass option in favor of authPassFile, or services.ssmtp.settings.AuthPass if absolutely required 2020-06-12 06:41:56 -04:00
Fabian Hauser 9c95e8150a hamster: init at 3.0.2 2020-06-10 22:05:18 +02:00
Izorkin 1086ae52fb nixos/ssh: add crypto options 2020-06-08 22:10:36 +03:00
Aaron Andersen 6394b12a07 nixos/ssmtp: add settings option 2020-06-07 10:28:22 -04:00
Eelco Dolstra bbfc47326b Don't enable nix-bash-completions when using Nix 2.4
2.4 has its own completion script which collides with
nix-bash-completions.
2020-06-04 14:18:18 +02:00
Symphorien Gibol 3dbd629fa4 ibus: fix installation of dconf database
Fixes this warning at ibus-daemon startup:

(ibus-dconf:15691): dconf-WARNING **: 21:49:24.018: unable to open file '/etc/dconf/db/ibus': Failed to open file ?/etc/dconf/db/ibus?: open() failed: No such file or directory; expect degraded performance
2020-06-02 22:32:03 +02:00
Jörg Thalheim 53d0dc6638
Merge pull request #51270 from aneeshusa/enable-setuid-wrapper-for-chsh
nixos/shadow: create setuid wrapper for chsh
2020-06-02 10:50:31 +01:00
davidak 297c265113 nixos/chromium: add example and update description 2020-05-24 21:39:44 +02:00
Maximilian Bosch 5d0fc0f3b6
Merge pull request #86643 from asbachb/zsh-bash-autocomplete
zsh: added option to enable compatibility with bash's completion system
2020-05-19 11:57:25 +02:00
Frederik Rietdijk 9875bbae75 Merge master into staging-next 2020-05-05 19:51:09 +02:00
Pavol Rusnak 7b0167204d treewide: use https for nixos.org and hydra.nixos.org
tarballs.nixos.org is omitted from the change because urls from there
are always hashed and checked
2020-05-03 22:14:21 -07:00
Benjamin Asbach cbb5b578b8 zsh: added option to enable compatibility with bash's completion system 2020-05-03 12:08:25 +02:00
Frederik Rietdijk afb1041148 Merge master into staging-next 2020-05-02 09:39:00 +02:00
Daniel Fullmer 2aebb2375c programs/chromium: allow extensions outside chrome web store 2020-05-01 15:56:41 +02:00
Michele Guerini Rocco 6c142fddb1
Merge pull request #84330 from das-g/xonsh-source-nixos-env
nixos/xonsh: source NixOS environment
2020-05-01 12:26:13 +02:00
Jan Tojnar 2874eebfd2
Merge branch 'staging-next' into staging 2020-04-29 08:35:47 +02:00
hyperfekt c0fe9d609d nixos/fish: prevent fish from generating completions on first run 2020-04-28 14:05:28 +02:00
zowoq c59c4e3589 nixos/*: use $out instead of $bin with buildGoPackage 2020-04-28 20:30:29 +10:00
worldofpeace ee5cba24c3
Revert "ibus: fix dconf db installation" 2020-04-24 18:22:59 -04:00
worldofpeace 78a9359b2a
Merge pull request #85892 from symphorien/ibus-db
ibus: fix dconf db installation
2020-04-24 15:49:01 -04:00
Symphorien Gibol a71dc0b27e ibus: fix installation of dconf database
Fixes this warning at ibus-daemon startup:

(ibus-dconf:15691): dconf-WARNING **: 21:49:24.018: unable to open file '/etc/dconf/db/ibus': Failed to open file ?/etc/dconf/db/ibus?: open() failed: No such file or directory; expect degraded performance
2020-04-24 13:15:56 +02:00
Raphael Borun Das Gupta 347e251261 nixos/xonsh: source NixOS environment
Without doing that, xonsh is unusable as login shell
2020-04-21 23:43:37 +02:00
Dominik Xaver Hörl 0412bde942 treewide: add bool type to enable options, or make use of mkEnableOption
Add missing type information to manually specified enable options or replace them by mkEnableOption where appropriate.
2020-04-21 08:55:36 +02:00
Maximilian Bosch 70ecf83c33
Merge pull request #82339 from Ma27/captive-browser-xdg
nixos/captive-browser: set chromium's data-dir to a XDG-compliant location
2020-04-16 00:06:12 +02:00
Mario Rodas 66e43c6588
Merge pull request #84599 from doronbehar/nodejs-python3
nodejs: use python3 if possible
2020-04-13 07:44:05 -05:00
Alyssa Ross 387b9bf352
nixos/ssh: don't accept ssh-dss keys
These have been deprecated long enough.  I think this default was even
made non-functional by 2337c7522a.  But
it's still a scary thing to see there.

Fixes https://github.com/NixOS/nixpkgs/issues/33381.
2020-04-07 13:35:51 +00:00
Doron Behar 16243290e2 nixos/npm: enable using a specific nodejs package 2020-04-07 15:34:06 +03:00
worldofpeace b0ac19e050 nixos: add freedesktop/gnome/myself maintainers 2020-04-01 20:53:09 -04:00
Maximilian Bosch fc316f7b31
nixos/ssmtp: declare all option renames manually
While renaming `networking.defaultMailServer` directly to
`services.ssmtp` is shorter and probably clearer, it causes eval errors
due to the second rename (directDelivery -> enable) when using e.g. `lib.mkForce`.

For instance,

``` nix
{ lib, ... }: {
  networking.defaultMailServer = {
    hostName = "localhost";
    directDelivery = lib.mkForce true;
    domain = "example.org";
  };
}
```

would break with the following (rather confusing) error:

```
error: The option value `services.ssmtp.enable' in `/home/ma27/Projects/nixpkgs/nixos/modules/programs/ssmtp.nix' is not of type `boolean'.
(use '--show-trace' to show detailed location information)
```
2020-03-22 15:52:01 +01:00
Joachim Fasting 1b575dbd79 nixos/firejail: use local runCommand
Also:

- use `runtimeShell`; and
- remove unused `makeWrapper` input; and
- `exec()` to shed wrapping shell
2020-03-14 03:09:48 +00:00
snicket2100 65abd808d5 firejail: system package on programs.firejail.enable
this way the man page etc. becomes available if we enable firejail with
`programs.firejail.enable = true`
2020-03-13 03:28:08 +00:00
Maximilian Bosch f073b74c13
nixos/captive-browser: set chromium's data-dir to a XDG-compliant location
To quote the XDG specification:

     There is a single base directory relative to which user-specific
     data files should be written. This directory is defined by the\
     environment variable $XDG_DATA_HOME.

Rather than adding another directory to $HOME, I think that it's better
to follow this standard to avoid a cluttered home-dir.
2020-03-11 20:17:46 +01:00
Martin Milata 96e36bf1ba nixos/firejail: add example for wrappedBinaries 2020-02-29 19:06:28 +01:00
Jan Tojnar c1b45ef401
Merge pull request #80456 from cole-h/fish
nixos/fish: fix completions patch
2020-02-20 07:43:25 +01:00
Cole Helbling f518e280b1
nixos/fish: fix completions patch
Upstream decided to split the lines we were patching out, so the patch
would fail.
2020-02-18 08:58:11 -08:00
Jörg Thalheim 55819e6c86
Revert "zsh: don't clobber the environment of non-login shells"
This reverts commit 6a756af3e7.

Currently zshenv by default only set fpath and HELPDIR without exporting them.
A parent shell would also not set those variables usually as they are shell local.

It also sources a file called set-environment but this is protected by an
environment variable called __NIXOS_SET_ENVIRONMENT_DONE. Hence any modification
done by the parent shell should persist as long as __NIXOS_SET_ENVIRONMENT_DONE
is not unset.

This behavior deviates from what we do in bashrc and breaks common setups such
as tmux/mosh or screen.

Fixes #80437
2020-02-18 15:52:21 +00:00
rnhmjoj ceb35dac58
nixos/sway: use new package name for rxvt-unicode 2020-02-13 09:36:35 +01:00
Michael Raskin f320a0231c
Merge pull request #67376 from oxij/nixos/zsh-doc
nixos: zsh: add more helpful documentation into generated files
2020-02-09 11:58:30 +00:00
risson 301bca0734
nixos/tmux: rename extraTmuxConf to extraConfig (#77423) 2020-02-06 15:29:36 -08:00
Danylo Hlynskyi 437e1f69be
bash-my-aws: init at 20200111 (#76793)
* bash-my-aws: init at 20191231

Create bma-init

* Update
2020-02-05 22:37:52 +02:00
Maximilian Bosch 87d4951a82
Merge pull request #78660 from buckley310/dircolors
nixos/bash: configure $LS_COLORS for interactive shells
2020-02-05 09:08:41 +01:00
worldofpeace 138c94c75c
Merge pull request #77408 from petabyteboy/feature/geary-module
nixos/geary: init
2020-01-28 18:45:45 -05:00
Sean Buckley 83c36ee797 nixos/bash: configure $LS_COLORS for interactive shells 2020-01-28 00:11:43 -05:00
edef bfe1c69ede nixos/gnupg: actually use the configured gpg package
Previously, this would ignore the `package` option if `pinentryFlavor`
was set.
2020-01-24 15:54:57 +00:00
Michael Weiss 5a4b93e33c
Merge pull request #76787 from primeos/sway
sway: 1.2 -> 1.4, wlroots: 0.8.1 -> 0.10.0
2020-01-23 14:19:59 +01:00
Michael Weiss e99b32d27f
nixos/sway: Install the new default terminal emulator
The default changed in Sway 1.3 from rxvt_unicode to alacritty. For
backward compatibility we'll install both terminal emulators by default.
2020-01-22 21:38:01 +01:00
Silvan Mosberger 3929a0fbca
nixos/traceroute: init (#77953)
nixos/traceroute: init
2020-01-20 22:32:33 +01:00
worldofpeace ffcfb80781
Merge pull request #77690 from gnidorah/way-cooler
way-cooler: Remove
2020-01-18 14:50:41 -05:00
Matthias Beyer 29bb16a9cd way-cooler: Remove
As of 2020-01-09, way-cooler is officially dead:

    http://way-cooler.org/blog/2020/01/09/way-cooler-post-mortem.html

hence, remove the package and the module.

Signed-off-by: Matthias Beyer <mail@beyermatthias.de>

docs/release-notes: remove way-cooler

way-cooler: show warnings about removal

Apply suggestions from code review

Co-Authored-By: worldofpeace <worldofpeace@protonmail.ch>

way-cooler: add suggestion by @Infinisil
2020-01-18 18:25:01 +03:00
volth d5d1293fe3 nixos/traceroute: init 2020-01-17 21:28:54 +00:00
Maximilian Bosch d77b68e487
nixos/liboping: add module
This creates setcap wrappers for oping and noping to allow unprivileged
users to use those as well.
2020-01-16 18:09:35 +01:00
Michael Weiss 0608d78f3c
Merge pull request #76437 from gnidorah/sway
nixos/sway: add programs.sway.extraOptions
2020-01-11 12:16:34 +01:00
Milan Pässler fb9645656b nixos/geary: init 2020-01-10 02:00:08 +01:00
gnidorah ad8a430a3a
nixos/sway: add programs.sway.extraOptions 2020-01-09 22:25:01 +01:00
Jörg Thalheim ff5ddd04f3
nixos/pam: cleanup services (#76885)
nixos/pam: cleanup services
2020-01-09 10:09:13 +00:00
rnhmjoj 1d61efb7f1 treewide: use attrs instead of list for types.loaOf options 2020-01-06 10:39:18 -05:00
Jörg Thalheim 900aaa5a98
screen: move pam service to module 2020-01-03 15:24:32 +00:00
Tom Bereknyei e5208af780 bash-my-aws: init at 20191231
Create bma-init
2020-01-01 14:53:15 -05:00
Oleksii Filonenko 1a477dc895
bandwhich: 0.5.1 -> 0.6.0
- Rename from `what` to `bandwhich`
- Add Security for darwin
2019-12-31 10:20:07 +02:00
Oleksii Filonenko bf17262578
nixos/what: init 2019-12-30 13:59:52 +02:00
Michael Weiss b9b77386b0
Merge pull request #75247 from Elyhaka/sway
sway: refactor with a wrapper

This moves the wrapper functionality from the NixOS module to a new package
(wrapper) that wraps the original sway package (sway-unwrapped). Therefore it's
now also possible to properly use Sway on non-NixOS systems out of the box.

The new submodule for the wrapperFeatures makes it easy to extend the
functionality which should become useful in the future.

This also introduces a GTK wrapper feature to fix issues with icon/GTK themes,
e.g. when running waybar or wofi. This should also work for #67704. If not, we
might have to add some additional dependencies/arguments for this case.
2019-12-21 23:48:02 +01:00
Elyhaka d467c59825
sway: refactor with a wrapper 2019-12-21 21:17:21 +01:00
worldofpeace e203d58403
Merge pull request #75583 from worldofpeace/nm-applet-default-gnome
networkmanagerapplet: default to withGnome
2019-12-21 11:58:05 -05:00
Tor Hedin Brønner dd7144b860
nixos/sessionPackages: provide session names in passthru
We want access to the valid session names at evaluation time.
2019-12-15 04:16:18 +01:00
Tor Hedin Brønner d362df6682
nixos/display-manager: extraSessionFilePackages -> sessionPackages 2019-12-15 04:14:56 +01:00
WilliButz 10c5b2d91c
Merge pull request #75363 from primeos/sway-display-manager-integration
nixos/sway: Enable the display manager integration
2019-12-14 17:02:33 +01:00
worldofpeace f5081ecca6 networkmanagerapplet: default to withGnome
This requires us to add gcr to the module.
2019-12-13 18:23:20 -05:00
worldofpeace c158ad48c5 nixos/oblogout: drop module 2019-12-10 22:41:25 -05:00
Silvan Mosberger 4ee3e8b21d
nixos/treewide: Move rename.nix imports to their respective modules
A centralized list for these renames is not good because:
- It breaks disabledModules for modules that have a rename defined
- Adding/removing renames for a module means having to find them in the
central file
- Merge conflicts due to multiple people editing the central file
2019-12-10 02:51:19 +01:00
Michael Weiss ca9788d4de
nixos/sway: Enable the display manager integration
If no display manager is enabled this will not make any difference, but
if a Wayland compatible display manager like SDDM is enabled, a session
for Sway will be available. Therefore it does make sense to enable this
by default.

This adds the display manager integration mentioned in #57602.
2019-12-09 14:18:03 +01:00
Jan Tojnar 8cbc862b83
dconf: move to top-level 2019-12-01 01:01:40 +01:00
Christian Kauhaus dd87e9eb4d ssmtp: use services.ssmtp.* options
This PR is part of the networking.* namespace cleanup.

ssmtp used to be configured via `networking.defaultMailServer` which is
sort of misleading since it provides options only for ssmtp. Other
dumb mail relays like nullmailer have always been living under
services.

The intent of this PR is to align ssmtp's options with those of similar
services. Specifically, two renames have been done:

* Rename `networking.defaultMailHost` to `services.ssmtp`.
* Rename `directDelivery` to `enable` because this is what it basically does.
2019-11-26 11:08:44 +01:00
Will Dietz 6ee7b4ddd8 nixos/adb: don't make android tools the system-wide mke2fs, lowPrio 2019-11-20 22:57:00 +01:00
worldofpeace b53e773220
Merge pull request #73004 from philandstuff/patch-1
ssh-agent: fix syntax problem from #71139
2019-11-08 04:13:58 +00:00
Matthew Bauer c403d66b85
Merge pull request #71825 from AIDEA775/fix/zsh-syntax-highlighting
nixos/zsh-syntax-highlighting: Fix highlighting when ohMyZsh is enabled
2019-11-07 17:29:57 -05:00
Philip Potter ce7d4e40f0
ssh-agent: fix syntax problem from #71139
Oops, in #71139 a missing `+` broke things quite badly.  Thanks @lzorkin for the
report and @mebubo for diagnosing the problem.
2019-11-07 22:13:18 +00:00
Robin Gloster db502b034f
Merge pull request #71139 from philandstuff/ssh-agent-pkcs11-whitelist
ssh-agent: add agentPKCS11Whitelist option
2019-11-04 22:16:06 +01:00
worldofpeace a0b037b863
Merge pull request #72391 from urkud/gnupg-pinentry-gnome3
nixos/gnupg: add dbus dependencies for gnome3 pinentry
2019-11-01 13:02:21 +00:00
Yury G. Kudryashov 7240566f74 nixos/gnupg: add dbus dependencies for gnome3 pinentry 2019-11-01 08:58:11 -04:00
Silvan Mosberger dd0a47e7ae
treewide: Switch to system users (#71055)
treewide: Switch to system users
2019-11-01 13:26:43 +01:00
Yury G. Kudryashov 1105cec98d gnupg: fix pinentry in sway (fix a typo in 3c39093c0d) 2019-10-30 02:00:39 -04:00
Robin Gloster 3c39093c0d
gnupg: fix pinentry on sway 2019-10-29 20:30:23 +01:00
Silvan Mosberger de357d5781
Merge pull request #65698 from Infinisil/system-users
Increase the system user id range
2019-10-27 10:41:39 +01:00
Silva Alejandro Ismael 35ae47e44b nixos/zsh-syntax-highlighting: Fix highlighting when ohMyZsh is enabled
From https://github.com/zsh-users/zsh-syntax-highlighting#faq:

"It must be sourced after all custom widgets have been created
(i.e., after all zle -N calls and after running compinit)."

zsh-syntax-highlighting must be sourced to the end.
2019-10-23 11:54:52 -03:00
Frederik Rietdijk a456fbfeed Merge staging-next into staging 2019-10-22 09:20:03 +02:00
Tor Hedin Brønner aa910d164d nixos/seahorse: use seahorse's askpass by default 2019-10-21 18:01:15 +02:00
Franz Pletz 3d832dee59 gnupg: disable gui/pinentry support by default
This solves the dependency cycle in gcr alternatively so there won't be
two gnupg store paths in a standard NixOS system which has udisks2 enabled
by default.

NixOS users are expected to use the gpg-agent user service to pull in the
appropriate pinentry flavour or install it on their systemPackages and set
it in their local gnupg agent config instead.

Co-authored-by: Florian Klink <flokli@flokli.de>
2019-10-16 20:31:16 -04:00
Franz Pletz c2576266ba nixos/gnupg: add option for setting pinentry flavours
Co-authored-by: Florian Klink <flokli@flokli.de>
2019-10-16 20:31:05 -04:00
worldofpeace 2fbccbc728 Revert "Merge pull request #71095 from flokli/pinentry-cleanup"
This reverts commit 823da4d492, reversing
changes made to b75c8ee3bc.
2019-10-16 20:28:21 -04:00
Franz Pletz b5bea4ce32 gnupg: disable gui/pinentry support by default
This solves the dependency cycle in gcr alternatively so there won't be
two gnupg store paths in a standard NixOS system which has udisks2 enabled
by default.

NixOS users are expected to use the gpg-agent user service to pull in the
appropriate pinentry flavour or install it on their systemPackages and set
it in their local gnupg agent config instead.

Co-authored-by: Florian Klink <flokli@flokli.de>
2019-10-16 19:56:50 -04:00
Franz Pletz edea9fed72 nixos/gnupg: add option for setting pinentry flavours
Co-authored-by: Florian Klink <flokli@flokli.de>
2019-10-16 19:56:49 -04:00
Philip Potter 8120184bf1 ssh-agent: add agentPKCS11Whitelist option
If you want to be able to use OpenSC with ssh-agent, you need to be able
to add it to the ssh-agent whitelist.  This adds an option,
agentPKCS11Whitelist, that exposes the option.

Note that I currently work around this by injecting the parameter into
the agentTimeout option:

    programs.ssh.agentTimeout = "1h -P ${pkgs.opensc}/lib/opensc-pkcs11.so";

but I feel that a proper option would be better :)
2019-10-14 20:45:28 +01:00
Silvan Mosberger 23d920c8f0
nixos/users: Increase maximum system uid/gid from 499 to 999
This enlarges the system uid/gid range 6-fold, from 100 to 600 ids. This
is a preventative measure against running out of dynamically allocated
ids for NixOS services with isSystemUser, which should become the
preferred way of allocating uids for non-real users.
2019-10-14 01:59:19 +02:00
worldofpeace dd050270c7 nixos/environment: don't set GTK_DATA_PREFIX or GTK_EXE_PREFIX
We had these set so gtk2 can discover themes properly, however we failed
realize that gtk2 already has a patch that makes it search in XDG_DATA_DIRS.
I don't believe any issue is solved by setting these.
2019-10-13 19:54:09 -04:00