3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

13038 commits

Author SHA1 Message Date
Graham Christensen dc44fc1760
wireguard: add each peer in a separate service
Before, changing any peers caused the entire WireGuard interface to
be torn down and rebuilt. By configuring each peer in a separate
service we're able to only restart the affected peers.

Adding each peer individually also means individual peer
configurations can fail, but the overall interface and all other peers
will still be added.

A WireGuard peer's internal identifier is its public key. This means
it is the only reliable identifier to use for the systemd service.
2019-05-31 14:51:25 -04:00
Will Dietz a72d6f9349
Merge pull request #60954 from dtzWill/fix/network-online-actually-online-with-networkmanager
networkmanager: network-online --wants--> NetworkManager-wait-online
2019-05-30 23:05:57 -05:00
Matthew Bauer a472b1449d
Merge pull request #61104 from adisbladis/plasma5-no-qt56
nixos/plasma5: Remove phonon-backend-gstreamer pinned to Qt 5.6
2019-05-30 16:17:28 -04:00
Matthew Bauer b64b2b57f0
Merge pull request #61423 from volth/de-xrdp
nixos/desktop-managers: let them work when 'services.xserver.enable = false'
2019-05-30 15:46:09 -04:00
Matthew Bauer 38fdc9f8f8
Merge pull request #59076 from Yarny0/cups-path-fix
nixos/printing: fix CUPS `SetEnv` directive placement
2019-05-30 10:52:28 -04:00
Nikolay Amiantov f23c110692 murmur service: log to journald by default
Save an option to log to file with new `logFile` option.

As a side effect deprecate `pidfile` option and instead use systemd's
RuntimeDirectory.
2019-05-30 15:43:32 +03:00
Pierre Bourdon 9e60eab8f5
nixos/malloc: apply allocator settings to systemd units
This uses systemd's system.conf/user.conf "DefaultEnvironment" feature
to set the allocator's LD_PRELOAD near-globally.
2019-05-30 12:07:34 +09:00
Matthew Bauer 0a2b9719fd
Merge pull request #62157 from Lassulus/syncthing-fix
nixos/syncthing: run init only if a devices or folders are set
2019-05-29 21:02:18 -04:00
Pierre Bourdon 1cc8ea7cb4
nixos/malloc: add scudo from LLVM compiler-rt 2019-05-30 02:35:50 +09:00
Florian Klink b09c6ac05b
nixos: Make 'nesting.clone' work in NixOS tests (#62069)
nixos: Make 'nesting.clone' work in NixOS tests
2019-05-29 14:45:53 +02:00
lassulus 87e9e65b6f nixos/syncthing: run init only if devices or folders are set 2019-05-29 13:57:39 +02:00
Arian van Putten cbc45b5981 nixos: Make nesting.children work in NixOS tests
We differentiate between modules and baseModules in  the
VM builder for NixOS tests. This way, nesting.children, eventhough
it doesn't inherit from parent, still has enough config to
actually complete the test. Otherwise, the qemu modules
would not be loaded, for example, and a nesting.children
statement would not evaluate.
2019-05-29 12:50:49 +02:00
lassulus ddfb687d5e nixos/syncthing: better examples for declarative options 2019-05-29 07:12:14 +09:00
Daniel Schaefer eccb90a2d9 compton: 0.1_beta2.5 -> 6.2 (#61681)
* compton-git: 5.1-rc2 -> 6.2

vsync is now a boolean option, see:
https://github.com/yshui/compton/pull/130

menu-opacity is deprecated and there's a warning that says:
Please use the wintype option `opacity` of `popup_menu` and
`dropdown_menu` instead.

* nixos/compton: Keep vSync option backwards compatible

The new upstream option tries to make the best choice for the user.
Therefore the behaviour should stay the same with this backwards
compatibility patch.

* compton-git: Remove DRM option

It's deprecated and shouldn't be used.
https://github.com/yshui/compton/pull/130/files#r285505456

* compton-git: Remove new_backends option

Was removed in "Let old/new backends co-exist"
b0c5db9f5aa500dc3568cc6fe68493df98794d4d

* compton: 0.1_beta2.5 -> 6.2

Drop the legacy, unmaintained version and use the fork for real.
2019-05-28 13:37:13 +02:00
José Romildo Malaquias 00d6232b47
Merge pull request #62035 from romildo/upd.lumina
lumina.lumina: 1.4.0-p1 -> 1.5.0
2019-05-27 17:41:58 -03:00
Silvan Mosberger e383ed6a2d
nixos/xdg/mime: disable fdatasync when building the XDG MIME database (#62076)
nixos/xdg/mime: disable fdatasync when building the XDG MIME database
2019-05-27 18:18:54 +02:00
Ding Xiang Fei 359fd5b729 nixos/modules/virtualisation/google-compute-config.nix: pin filesystem type to ext4 for now
Fix #61859.
Assertion fails when a Google Compute Engine image is built, because
now choices of filesystem types are restricted to `f2fs` and `ext` family if
auto-resizing is enabled.
This change will pin the filesystem used on such an image to be `ext4` for now.
2019-05-27 14:15:02 +08:00
Michael Peyton Jones 9131bf59a7
nixos: add StateDirectory for fprintd 2019-05-26 18:06:46 +01:00
Bryan Gardiner 2400191caf
nixos/xdg/mime: disable fdatasync when building the XDG MIME database
Back in 2013, update-mime-database started using fdatasync() to write out
its changes after processing each file in /share/mime, with the reasoning
that a corrupted database from an interruption midway would be
problematic for applications[1].  Unfortunately, this caused a
significant regression in the time required to run update-mime-database:
commonly from under a second to half a minute or more.

This delay affects the time required to build system-path on NixOS, when
xdg.mime.enable is true (the default).  For example, on one of my systems
system-path builds in ~48 seconds, 45 of which are update-mime-database.
This makes rapidly building new system configurations not fun.

This commit disables the calls to fdatasync().  update-mime-database
checks an environment variable, PKGSYSTEM_ENABLE_FSYNC, to determine
whether it should sync, and we can set this to false.  system-path
already only has whatever filesystem commit guarantees that the Nix
builder provides.  Furthermore, there is no risk of a failed MIME
database update messing up existing packages, because this is Nix.

(This issue was also reported at and discussed by Debian, Red Hat, and
Gentoo at least.)

[1] https://bugs.freedesktop.org/show_bug.cgi?id=70366
2019-05-25 21:00:25 -07:00
Arian van Putten a48047a755 nixos: Add test that demonstrates how to use nesting.clone
This is actually very useful. Allows you to test switch-to-configuration

nesting.children is still currently still broken as it will throw
away 'too much' of the config, including the modules that make
nixos tests work in the first place. But that's something for
another time.
2019-05-26 00:37:13 +02:00
Arian van Putten d50b434234 nixos: Make 'nesting.clone' work in NixOS tests
Because nesting.clone calls 'eval-config.nix' manually,
without the 'extraArgs' argument that provides the 'nodes'
argument to nixos modules in nixos tests, evaluating
of 'nesting.clone' definitions would fail with the following error

while evaluating the module argument `nodes' in "<redacted>"
while evaluating the attribute '_module.args.nodes' at undefined position:
attribute 'nodes' missing, at <redacted./nixpkgs/lib/modules.nix:163:28

by not using 'extraArgs' but a nixos module instead, the nodes parameter
gets propagated to the 'eval-config.nix' call that  'nesting.clone'
makes too -  getting rid of the error.

See  https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/system/activation/top-level.nix#L13-L23
See  https://github.com/NixOS/nixpkgs/blob/master/nixos/lib/build-vms.nix#L27
See  https://github.com/NixOS/nixpkgs/issues/20886#issuecomment-495952149
2019-05-26 00:20:21 +02:00
Silvan Mosberger 0040ca936e
Merge pull request #56175 from MostAwesomeDude/tahoe-service
Fix tahoe service
2019-05-25 21:53:23 +02:00
Markus Schneider c30bd387d2 leftwm: enable service 2019-05-26 01:27:04 +09:00
Maximilian Bosch 5fa93517f5
Merge pull request #61971 from sjau/wg_client_start
wireguard: restart on failure\nAs a oneshot service, if the startup f…
2019-05-25 16:36:56 +02:00
sjau 1bff53cb84
wireguard: restart on failure
As a oneshot service, if the startup failed it would never be attempted again.
This is problematic when peer's addresses require DNS. DNS may not be reliably available at
the time wireguard starts. Converting this to a simple service with Restart
and RestartAfter directives allows the service to be reattempted, but at
the cost of losing the oneshot semantics.

Signed-off-by: Maximilian Bosch <maximilian@mbosch.me>
2019-05-25 16:32:14 +02:00
Florian Klink e4de353830
wireguard service: allow empty interfaces (#61743)
wireguard service: allow empty interfaces
2019-05-25 16:30:27 +02:00
phile314-fh 62d4c2b34a mongodb: Add authentication support
* nixos/mongodb: Add authentication support

* nixos/mongodb: Add initial script option

* nixos/mongodb: Make initial root password configurable

* nixos/mongodb: Start only on loopback interface for setup procedure

* nixos/mongodb: Test auth/initial script

* nixos/mongodb: Code formatting

Co-Authored-By: Lassulus <github@lassul.us>
2019-05-25 18:09:30 +09:00
Nikolay Amiantov cfadd988e5 wireguard service: allow empty interfaces
This is needed in case one wants to use wg-quick on NixOS.
2019-05-25 11:17:36 +03:00
Milan Pässler 387d85b271 nixos/prosody: add authentication option (fixes #53134)
Passwords should not be stored in plain text by default. On existing
installations the next time a users user accounts will automatically
be upgraded from plain to hashed one-by-one as they log in.
2019-05-24 23:51:44 +02:00
José Romildo Malaquias 272fa9d41c lumina: init package set for the lumina desktop 2019-05-24 17:20:15 -03:00
Franz Pletz 5fa8cd257a
Merge pull request #51206 from krebs/xmonad-config
xmonad service: add .config option
2019-05-24 18:37:55 +00:00
Franz Pletz eb7c11d552
Merge pull request #58718 from Ma27/validate-ssh-configs
nixos/sshd: validate ssh configs during build
2019-05-24 18:30:04 +00:00
Maximilian Bosch 00a5222499
nixos/sshd: validate ssh configs during build
With `sshd -t` config validation for SSH is possible. Until now, the
config generated by Nix was applied without any validation (which is
especially a problem for advanced config like `Match` blocks).

When deploying broken ssh config with nixops to a remote machine it gets
even harder to fix the problem due to the broken ssh that makes reverts
with nixops impossible.

This change performs the validation in a Nix build environment by
creating a store path with the config and generating a mocked host key
which seems to be needed for the validation. With a broken config, the
deployment already fails during the build of the derivation.

The original attempt was done in #56345 by adding a submodule for Match
groups to make it harder screwing that up, however that made the module
far more complex and config should be described in an easier way as
described in NixOS/rfcs#42.
2019-05-24 20:16:53 +02:00
Silvan Mosberger f631167557
Merge pull request #58702 from florianjacob/fix-mysql
nixos/mysql: fix typing-induced bugs
2019-05-24 19:51:54 +02:00
worldofpeace 713bbb769c
Merge pull request #47153 from Ma27/hunspell-fr_FR-dictionary
hunspellDict.fr-any: Link `fr-moderne.dic` to `fr_FR.dic`
2019-05-23 13:30:05 -04:00
Florian Klink 1e739293bc
nixosTests.signal-desktop: add test (#61916)
nixosTests.signal-desktop: add test
2019-05-23 15:59:09 +02:00
Maximilian Bosch a9d67d54b0
hunspellDicts.fr-any: link fr-moderne to fr_FR
Some packages like `ibus-engines.typing-booster` require the dictionary
`fr_FR.dic` to provide proper support for the french language.

Until now the hunspell package set of nixpkgs didn't provide this
dictionary. It has been recommended to use `fr-moderne` as base and link
`fr_FR.dic` from it as done by other distros such as ArchLinux.

See https://github.com/NixOS/nixpkgs/issues/46940#issuecomment-423684570

Fixes #46940
2019-05-23 15:53:50 +02:00
markuskowa 3a28c99923
Merge pull request #61894 from mkenigs/fix-typo
docker: fix typo
2019-05-23 10:03:01 +02:00
Florian Klink 5695696664 nixosTests.signal-desktop: add test 2019-05-23 00:56:46 +02:00
Carl Dong f15118a883 nixos/bitcoind: add bitcoind service 2019-05-22 15:48:57 -04:00
Malte Brandy ab5926ba67 nixos/nextcloud: Improve autoUpdateApps description string 2019-05-22 19:07:42 +02:00
mkenigs 42232ebea4
docker: fix typo 2019-05-22 08:40:01 -07:00
Renaud 42c0ce80e6
Merge pull request #61610 from worldofpeace/init/graphene
graphene: init at 1.8.6
2019-05-22 17:26:46 +02:00
Ingolf Wanger e4f1e144a0 syncthing: made module more NixOps friendly 2019-05-22 22:39:34 +09:00
Yegor Timoshenko 6a63021eba
Merge pull request #60207 from volth/patch-329
nixos-generate-config: do not build btrfs-tools when btrfs is not used
2019-05-22 15:32:00 +03:00
Matthew Bauer 6d036d5b26
Merge pull request #61037 from bkchr/facetimehd_aarch64_fix
nixos/all-firmware: Enable facetimehd only for i686/x86_64
2019-05-21 16:14:15 -05:00
Malte Brandy 49f05a1760
nixos/nextcloud: Add options services.nextcloud.autoUpdateApps
nixos/nextcloud: Add documentation for nextcloud app installation and updates

nixos/nextcloud: Enable autoUpdateApps in nextcloud test

nixos/nextcloud: Fix typo in nixos/modules/services/web-apps/nextcloud.xml

Co-Authored-By: Florian Klink <flokli@flokli.de>

nixos/nextcloud: Escape html in option description

nixos/nextcloud: Fix autoUpdateApps URL in documentation.

Co-Authored-By: Florian Klink <flokli@flokli.de>
2019-05-21 13:24:23 +02:00
Matthew Bauer 022d8ab861
Merge pull request #61036 from cdepillabout/nixos-memtest-loader
nixos/systemd-boot: add support for memtest86 EFI app
2019-05-20 21:42:40 -05:00
(cdep)illabout d88d675051
Change non-open-source to unfree in description. 2019-05-21 11:34:11 +09:00
worldofpeace 6543e794a6
Merge pull request #61546 from cizra/libfprint-vfs0090
libfprint: added a fork for Lenovo ThinkPad
2019-05-20 14:16:34 -04:00