3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

8770 commits

Author SHA1 Message Date
Marek Mahut 8f1c621b4e Merge pull request #88881 from mmahut/ergo
ergo: init at 3.2.5
2020-05-27 11:34:24 +02:00
José Romildo Malaquias d6a534937d
Merge pull request #88791 from romildo/upd.lumina
nixos/lumina: use xsession provided
2020-05-26 20:44:06 -03:00
José Romildo Malaquias d4fc8a16a2
Merge pull request #88603 from romildo/upd.enlightenment
enlightenment.enlightenment: 0.23.1 -> 0.24.0, cleanup and fixes
2020-05-26 20:43:00 -03:00
Marek Mahut fdc48e5c7e nixos/ergo: init 2020-05-26 21:47:31 +02:00
Peter Hoeg a3aec35383 nixos/plasma: support setting brightness via DDC 2020-05-26 22:28:15 +08:00
Martin Weinelt c18fae4a35 vsftpd: listen on both address families 2020-05-25 20:14:20 +02:00
José Romildo Malaquias f78e757cf3 nixos/lumina: use xsession provided 2020-05-25 12:16:48 -03:00
oxalica fe3e52c291
earlyoom: patch absolute dbus path and make nixos module up to date (#88443)
* earlyoom: patch absolute path of dbus-send

* nixos/earlyoom: replace `notificationsCommand` with `enableNotification`

* nixos/earlyoom: setup `systembus-notify` when `enableNotification`
2020-05-25 10:13:55 -05:00
Jan Tojnar 0af23b05ab
Merge pull request #75435 from Elyhaka/fprintd 2020-05-25 12:22:48 +02:00
rnhmjoj aee614c996
treewide: replace bazaar with breezy 2020-05-25 09:22:54 +02:00
rnhmjoj 743eea4c5f
nixos/dnscrypt-wrapper: make provider keys configurable 2020-05-25 09:16:23 +02:00
rnhmjoj fd3727a313
nixos/dnscrypt-wrapper: use dnscrypt-proxy1 2020-05-25 09:16:23 +02:00
Florian Klink 73b4ea16f7
Merge pull request #88725 from aanderse/modem-manager
nixos/networkmanager: apply --filter-policy=STRICT to modemmanager service
2020-05-24 19:44:15 +02:00
Kim Lindberger 825e20ff46
Merge pull request #82753 from Kloenk/feature/engelsystem
engelsystem: init at 3.1.0
2020-05-24 16:31:23 +02:00
Finn Behrens fc4d6f4215
nixos/engelsystem: init 2020-05-24 15:44:04 +02:00
markuskowa ff88568673
Merge pull request #87934 from gnidorah/cde
nixos/cde: add extraPackages option
2020-05-24 15:16:43 +02:00
gnidorah 3f20aa9468 nixos/cde: add extraPackages option 2020-05-24 15:59:49 +03:00
Aaron Andersen a036bae1fc
Merge pull request #83287 from iv-nn/add-rtorrent-service
nixos/rtorrent: add service
2020-05-24 08:14:41 -04:00
Philipp Bartsch 2827491c23 nixos/usbguard: update systemd sandboxing features
Apply upstream systemd service configuration options to improve
sandboxing.
2020-05-24 10:36:07 +02:00
José Romildo Malaquias fa8bd535fc enlightenment.enlightenment: fix setuid wrappers 2020-05-24 00:22:53 -03:00
José Romildo Malaquias 182f587c2f nixos/enlightenment: add ephoto and rage 2020-05-24 00:22:53 -03:00
José Romildo Malaquias 9c6322258a nixos/enlightenment: remove some themes and xauth
- E already comes with a default icon theme
- There are already the gtk default Adwaita themes for gtk2, gtk3 and icons
- Remove gnome-icon-theme (from old gtk2)
- Remove tango-icon-theme
- Remove xauth (used by kdesu), as kdesu is not a componnent of E. If
  really needed it should be added in the system configuration.
2020-05-24 00:22:53 -03:00
José Romildo Malaquias b1676e5a96 nixos/enlightenment: no need to explicitly set XDG_MENU_PREFIX
It is already set in the source code upstream.
2020-05-24 00:22:53 -03:00
José Romildo Malaquias 5a73d925ca nixos/enlightenment: use display manager session packages 2020-05-24 00:22:53 -03:00
ivann 67178ebe23
nixos/rtorrent: add service 2020-05-24 03:12:32 +02:00
Aaron Andersen 563a3f5a81 nixos/networkmanager: apply --filter-policy=STRICT to modemmanager service 2020-05-23 20:49:13 -04:00
Florian Klink 93ff93d539
Merge pull request #88607 from flokli/udev-rules-run-current-system-systemd
nixos/udev: support /run/current-system/systemd in udevRules
2020-05-22 17:10:51 +02:00
Florian Klink d64d42e023 nixos/udev: support /run/current-system/systemd in udevRules
https://github.com/NixOS/nixpkgs/pull/88492 flipped some references to
systemctl from config.systemd.package to /run/current-system/systemd/,
which udevRules obviously isn't able resolve.

If we encounter such references, replace them with
config.systemd.package before doing the check.
2020-05-22 14:43:58 +02:00
David Terry 8724c96e71 nixos/bazarr: init 2020-05-22 11:23:31 +02:00
Lassulus 79f41b296c
Merge pull request #81104 from bb2020/transmission
nixos/transmission: fix startup directory creation
2020-05-22 11:23:17 +02:00
Lassulus d84d8e802e
Merge pull request #79175 from helsinki-systems/init/sogo
sogo: init at 4.3.2
2020-05-22 11:04:39 +02:00
snicket2100 866b411ab6 nixos/dnscrypt-proxy2: service restart on failure
it does happen that `dnscrypt-proxy` exit when it is unable to
synchronise its resolvers metadata on startup. this can happen due
to network connectivity issues for example. not restarting it automatically
means no dns resolution will work until a manual restart is performed.
2020-05-22 06:43:10 +02:00
Florian Klink 062302e006 nixos/xautolock: always run systemctl of the currently running systemd 2020-05-21 10:33:37 +02:00
Florian Klink de358a00b5 nixos/sddm: always run systemctl of the currently running systemd 2020-05-21 10:33:22 +02:00
Florian Klink 3fcfcb8bcb nixos/display-managers: always run systemctl of the currently running systemd 2020-05-21 10:32:59 +02:00
Florian Klink a3678ed347 nixos/nginx: always run systemctl of the currently running systemd
Also, make the postRun script refer to that systemctl, and not just rely
on $PATH for consistency.
2020-05-21 10:31:47 +02:00
Florian Klink 1955982190 nixos/wpa_supplicant: always run systemctl of the currently running systemd 2020-05-21 10:31:08 +02:00
Florian Klink 52e104cfdf nixos/nsd: always run systemctl of the currently running systemd 2020-05-21 10:30:40 +02:00
Florian Klink b0222a5e9c nixos/dhcpcd: always run systemctl of the currently running systemd 2020-05-21 10:30:21 +02:00
Florian Klink 73392b748f nixos/freeswitch: always run systemctl of the currently running systemd 2020-05-21 10:29:52 +02:00
Florian Klink 8aaca0addc nixos/docker-registry: always run systemctl of the currently running systemd 2020-05-21 10:29:37 +02:00
Emery Hemingway ac97b19a2a nixos/yggdrasil: change config priority, persistentKeys
Favor the configuration in "configFile" over "config" to allow
"configFile" to override "config" without a system rebuild.

Add a "persistentKeys" option to generate keys and addresses that
persist across service restarts. This is useful for self-configuring
boot media.
2020-05-21 12:11:13 +05:30
adisbladis 0f1eb8cd79
nixos/display-managers: Also set DBUS_SESSION_BUS_ADDRESS in the wrapper script context 2020-05-20 23:09:46 +01:00
Ryan Mulligan 646667831f
Merge pull request #87702 from jslight90/logrotate
nixos/logrotate: Add options for basic paths
2020-05-19 14:49:32 -07:00
gnidorah b9d37e55a0
maxx: drop (#87715) 2020-05-19 14:38:59 -04:00
Elyhaka 131a28e9f2
fprintd: 0.9.0 -> 1.90.1 2020-05-19 14:03:31 +02:00
adisbladis effceb8bfe
nixos/display-managers: Use dbus socket unit shipped by upstream
This ensures a correct DBUS_SESSION_BUS_ADDRESS environment variable
is set and imported into the systemd user environment.

Previously this would refer to a non-existing path preventing commands
interacting with the systemd manager from working.

Closes #87502
2020-05-19 00:40:55 +01:00
Milan Pässler 47c8e52a22 nixos/gitlab: use new structure.sql
According to https://gitlab.com/gitlab-org/gitlab/-/issues/211487
2020-05-19 01:28:06 +02:00
Aaron Andersen f82e267fb2
Merge pull request #87261 from symphorien/tt-rss
nixos/tt-rss: small improvements
2020-05-18 16:59:05 -04:00
Daniel Fullmer e958afa0a9 nixos/zoneminder: fix evaluation with php refactor 2020-05-17 13:42:42 -04:00
Jamie McClymont 8cdc8687bf redis: handle changes to systemd support
The 6.0 changelog notes that systemd support was rewritten. The effects
of that seem to be twofold:

* Redis will silently fail to sd_notify if not built with libsystemd,
  breaking our unit configuration.
* It also appears to misbehave if told to daemonize when running under
  systemd -- note that upstream's sample unit configuration does not
  daemonize:
  https://github.com/antirez/redis/blob/unstable/utils/systemd-redis_server.service
2020-05-17 20:23:48 +12:00
Jörg Thalheim b96a4dcc60
uwsgi: make instance configuration deeply mergeable
allows to specify independent uwsgi instances in two modules.
2020-05-15 08:53:31 +01:00
Anderson Torres 0687add56e
Merge pull request #87716 from AndersonTorres/weird-window-mangers-upload
Small window managers:

- berry: init at 0.1.5
- smallwm: init at 2020-02-28
- yeahwm: init at 0.3.5
- lwm: init at 1.2.4
2020-05-14 22:22:07 -03:00
Eelco Dolstra b7ddd316f1 postgresql: Use runuser instead of sudo
Currently, sudo doesn't work in a NixOS container running inside a Nix
build, because Nix's seccomp filter doesn't allow setuid programs. In
any case, runuser is a bit lower-overhead than sudo.
2020-05-15 00:25:27 +02:00
Izorkin da08b22e1a nixos/mysql-replication: ignore system databases in binary log 2020-05-14 17:29:40 +03:00
Izorkin b8c8e810aa nixos/mysql: disable load pluginx auth_socket in mariadb 2020-05-14 17:29:40 +03:00
Florian Klink 4a85559ffc
Merge pull request #87016 from flokli/nsswitch-cleanup
nixos/nsswitch cleanup nss modules
2020-05-14 14:55:43 +02:00
joachimschmidt557 cd1152ff7c nixos/mysql: refactor enable option 2020-05-14 13:08:41 +02:00
Linus Heckemann 85a0587884
Merge pull request #87219 from serokell/kirelagin/postgres-no-time
postgres: Do not log timestamp
2020-05-14 08:34:44 +02:00
Jeff Slight fe07adef7f
nixos/logrotate: add newline before extraConfig
Co-authored-by: Ryan Mulligan <ryan@ryantm.com>
2020-05-13 20:52:26 -07:00
AndersonTorres 1c2c0b2eb8 lwm: init at 1.2.4
lwm is a lightweight window manager
2020-05-13 21:32:54 -03:00
AndersonTorres 43ce2a5219 berry: init at 0.1.5
berry is a small window manager for X11
2020-05-13 21:32:54 -03:00
AndersonTorres 6aeaa1019c yeahwm: init at 0.3.5
yeahwm is a small window manager for X11, inspired by evilwm
2020-05-13 21:32:54 -03:00
AndersonTorres 58a93ee62d smallwm: init at 2020-02-28 2020-05-13 21:32:54 -03:00
Jeff Slight 90ce7f508a nixos/logrotate: add options for basic paths 2020-05-13 13:44:58 -07:00
Kirill Elagin 084bd32bad
postgresql: Fix formatting in option description
Co-authored-by: Mario Rodas <marsam@users.noreply.github.com>
2020-05-13 23:33:08 +03:00
Jeff Slight c94911c5b7 nixos/logrotate: use lib.mkEnableOption 2020-05-13 11:58:51 -07:00
Jörg Thalheim 6c437ef1bb
Merge pull request #85567 from Izorkin/nginx-sandbox 2020-05-13 10:34:02 +01:00
Dietrich Daroch 735c9a70d7 Services,IPFS,Fix: Require the ipfs-migrator package for handling upgrades.
Without it, the services get stuck on startup when the IPFS repo needs upgrades.
2020-05-13 00:15:50 -07:00
Linus Heckemann db010c5537
Merge pull request #85687 from mayflower/privacyidea
Init privacyIDEA packages and modules
2020-05-13 09:08:57 +02:00
Izorkin 94391fce1d nixos/nginx: add option enableSandbox 2020-05-12 20:03:29 +03:00
Izorkin aa12fb8adb nginxModules: add option allowMemoryWriteExecute
The allowMemoryWriteExecute option is required to checking enabled nginxModules
and disable the nginx sandbox mode MemoryDenyWriteExecute.
2020-05-12 20:03:29 +03:00
Izorkin 628354c686 nixos/nginx: enable sandboxing 2020-05-12 20:03:27 +03:00
ajs124 511b578c93 nixos/sogo: init module 2020-05-12 18:49:43 +02:00
Silvan Mosberger 6440000547
Merge pull request #87599 from helsinki-systems/znapzend-oracle-mode 2020-05-12 15:39:25 +02:00
Silvan Mosberger fea63944fd
Merge pull request #87280 from helsinki-systems/znapzend-mbuffer-path 2020-05-12 15:37:38 +02:00
betaboon fd41795f58 nixos/pixiecore: fix escaping of cmdline 2020-05-12 15:14:49 +02:00
Anderson Torres bae0829384
Merge pull request #87288 from AndersonTorres/tinywm-upload
tinywm: init at 2014-04-22
2020-05-11 21:31:41 -03:00
Florian Klink 90bc3ec9b9 nixos/sssd remove redundant condition
This is all inside a global cfg.enable conditional, so we don't need to
check here again.
2020-05-11 16:14:51 +02:00
Florian Klink 0f6f544aaf nixos/sssd: drop assertion
This is now already triggered by the nsswitch module, as we set
system.nssModules.
2020-05-11 16:14:51 +02:00
Florian Klink 1fb6c37597 nixos/samba: move nss database configuration into samba module 2020-05-11 16:14:50 +02:00
Florian Klink fd21793de6 nixos/avahi: move nss database configuration into avahi module 2020-05-11 16:14:50 +02:00
Florian Klink ecf327d697 nixos/sssd: add to system.nssDatabases.group too
nixos/modules/config/nsswitch.nix uses `passwdArray` for both `passwd`
and `group`, but when moving this into the sss module in
edddc7c82a, it didn't get split
appropriately.
2020-05-11 16:14:50 +02:00
Michel Weitbrecht 90533bfde2
nixos/znapzend: Add oracleMode feature; add maintainer
The feature destroys snapshots one-by-one instead of all at once.
If many snapshots accumulated, destroying them all at once can fail
because the argument list is too long. See
https://github.com/oetiker/znapzend/blob/master/lib/ZnapZend/ZFS.pm#L284
2020-05-11 14:35:30 +02:00
Michel Weitbrecht c46b26b9ad
nixos/znapzend: Use generic mbuffer path
The configured mbuffer path will be called on both the source and target
system. If you use pkgs.mbuffer from the source host and the target host
does not have this exact derivation, you will get a broken pipe when
sending snapshots. This is the case when transferring to a non-NixOS
system or to a host with a different mbuffer version.
2020-05-11 14:26:39 +02:00
Michele Guerini Rocco da19aa1319
Merge pull request #87593 from vojta001/monero
monero: fix rcp.restricted option
2020-05-11 12:39:16 +02:00
Jörg Thalheim 11c18faa4e
Merge pull request #85862 from Izorkin/nginx-paths 2020-05-11 11:17:04 +01:00
Vojtěch Káně e7ab236cab monero: fix rcp.restricted option
According to https://monerodocs.org/interacting/monerod-reference/#node-rpc-api
the correct option is restricted-rpc, not restrict-rpc.
2020-05-11 12:11:58 +02:00
Dominique Martinet a4763da299 nixos/mpd: add services.mpd.fluidsynth option
fluidsynth is compiled in but soundfont-fluid needs to be explicitely
pulled in and path configured, an option makes it much simpler to use
2020-05-10 23:05:19 +02:00
Dominique Martinet d8fa2627f3 mpd: remove user/group from conf
the options should not be set as we already change user with service
file, man mpd.conf says "Do not use this option if you start MPD as an
unprivileged user"

The group option actually is not documented at all anymore and probably
no longer exists.

These options get in the way of setting up confinement for the service,
as it would otherwise be pretty straightforward to setup, but even if
mpd is not root it would check the user exists within the chroot which
is more work (need to get nss working):

  systemd.services.mpd = {
    serviceConfig.BindPaths = [
      # mpd state dir
      "/var/lib/mpd"
      # notify systemd service started up
      "/run/systemd/notify"
    ];
    serviceConfig.BindReadOnlyPaths = [
      "/path/to/music:/var/lib/mpd/music"
    ];
    # ProtectSystem is not compatible with confinement
    serviceConfig.ProtectSystem = lib.mkForce false;
    confinement = {
      enable = true;
      binSh = null;
      mode = "chroot-only";
    };
  };
2020-05-10 20:24:33 +02:00
Matthew Bauer b907387ffe
Merge pull request #87212 from matthewbauer/dont-include-gdk-pixbuf-module-file
nixos/gdk-pixbuf.nix: don’t set GDK_PIXBUF_MODULE_FILE in cross
2020-05-09 14:06:48 -05:00
Robin Gloster f1f0e82c50
privacyidea: address reviews 2020-05-09 12:11:44 +02:00
AndersonTorres 44d90b0619 tinywm: init at 2014-04-22
A tiny window manger for X11
2020-05-08 15:29:25 -03:00
0x4A6F 71a137a297
nixos/xandikos: update listen-address parameter 2020-05-08 18:20:55 +02:00
Michael Raskin 50684f118a
Merge pull request #87264 from prusnak/rfc45
treewide: per RFC45, remove more unquoted URLs
2020-05-08 14:30:09 +00:00
Jörg Thalheim 43b3c15228
Merge pull request #87255 from symphorien/dovecot-restart-module 2020-05-08 15:05:10 +01:00
Pavol Rusnak 6abf4a43ad
treewide: per RFC45, remove more unquoted URLs 2020-05-08 15:20:47 +02:00
Symphorien Gibol 8fc8eec0e7 nixos/tt-rss.service: set syslogidentifier 2020-05-08 12:00:00 +00:00
Symphorien Gibol 0f3b4928b2 dovecot: restart when modules are changed 2020-05-08 12:00:00 +00:00
Symphorien Gibol e96c52efdb tt-rss: restart on failure
as should be the default with all long-running services
2020-05-08 12:00:00 +00:00
Symphorien Gibol c7db8c1927 tt-rss: make less insanely verbose.
Fixes #74427
2020-05-08 12:00:00 +00:00
Jörg Thalheim ddef88772e
Merge pull request #86242 from lordcirth/ipfs05 2020-05-08 10:51:21 +01:00
Kirill Elagin 652958eefa postgres: Do not log timestamp
By default, postgres prefixes each log line with a timestamp. On NixOS
logs are written to journal anyway, so they include an external
timestamp, so the timestamp ends up being printed twice, which clutters
the log.

* Add a module option to change the log prefix.
* Set it to upstream default sans timestamp.
2020-05-08 00:13:20 +03:00
Matthew Bauer c33e8c4986 nixos/gdk-pixbuf.nix: don’t set GDK_PIXBUF_MODULE_FILE in cross
From 6c5983a291, this should not be
necessary for gdk-pixbuf to work correctly.
2020-05-07 14:39:42 -05:00
Eelco Dolstra 9bf75a27f4
Revert "nix-daemon.nix: Use 'nix ping-store' to initialize directories"
This reverts commits 9d0de0dc57,
27d2857a99. 'nix ping-store' is an
experimental command so it doesn't work in Nix 2.4 unless you set
'experimental-features = nix-command' in nix.conf.
2020-05-07 12:39:22 +02:00
joachimschmidt557 dc78d14d65 nixos/postgresql: refactor enable option
More consistency with other modules (mkEnableOption)
2020-05-07 10:59:07 +02:00
Florian Klink 50aba11b97
Merge pull request #87004 from flokli/nixos-tests-remove-ldap
nixosTests.ldap: remove
2020-05-06 19:48:58 +02:00
Florian Klink 450f8a44f9 nixosTests.ldap: remove
This seems to have worked in 15f105d41f (5
months ago) but broke somewhere in the meantime.

The current module doesn't seem to be underdocumented and might need a
serious refactor. It requires quite some hacks to get it to work (see
https://github.com/NixOS/nixpkgs/issues/86305#issuecomment-621129942),
or how the ldap.nix test used systemd.services.openldap.preStart and
made quite some assumptions on internals.

Mic92 agreed on being added as a maintainer for the module, as he uses
it a lot and can possibly fix eventual breakages. For the most basic
startup breakages, the remaining openldap.nix test might suffice.
2020-05-06 14:56:21 +02:00
Izorkin cfad151ac5 nixos/unit: run Unit as root
In latest release recommended not set ambient capabilities.
2020-05-06 12:27:12 +03:00
Izorkin 3eb6012b64 nixos/unit: update sandboxing mode 2020-05-06 12:27:12 +03:00
Izorkin 91a7f33b64 nixos/unit: fix starting service 2020-05-06 12:27:12 +03:00
Michele Guerini Rocco dc9c88a451
Merge pull request #86678 from rnhmjoj/picom
nixos/picom: cleanup
2020-05-06 10:27:16 +02:00
Vladimír Čunát 54eb2d1018
Merge branch 'staging-next'
Status on Hydra for linuxes seems good enough:
https://hydra.nixos.org/eval/1585703?filter=linux&compare=1585482&full=#tabs-now-fail
2020-05-06 08:20:05 +02:00
Nathan Fish 496899068e ipfs: remove ipfs repo fsck
https://github.com/NixOS/nixpkgs/pull/86242#issuecomment-621469759
2020-05-05 22:19:06 +00:00
worldofpeace 4ad2e1c92e
Merge pull request #86908 from cptMikky/pantheon-nodefault
nixos/pantheon: mkDefault value for defaultSession
2020-05-05 15:47:25 -04:00
Jakub Fišer c04989da24 nixos/pantheon: mkDefault value for defaultSession
Fixes #86907
2020-05-05 21:38:39 +02:00
Frederik Rietdijk 9875bbae75 Merge master into staging-next 2020-05-05 19:51:09 +02:00
Lassulus ef0f57ff8a
Merge pull request #86712 from rardiol/hostapd
nixos/hostapd: country selection, CRDA, logging
2020-05-05 19:51:09 +02:00
Jörg Thalheim ff0da3ad81
Merge pull request #83257 from rail/znapzend-0.20.0 2020-05-05 15:20:15 +01:00
Aaron Andersen 39a0020c8f
Merge pull request #85904 from aanderse/gitea
nixos/gitea: add settings option
2020-05-04 23:01:12 -04:00
Ricardo Ardissone a55b736a65 nixos/hostapd: conditionally enable ieee80211d 2020-05-04 21:28:56 -03:00
Izorkin 9f099143bc nixos/awstats: change path to nginx logs 2020-05-04 16:36:38 +03:00
Izorkin 4d988ff0d0 nixos/nginx: change log and cache directories 2020-05-04 16:36:37 +03:00
Florian Klink dd38a549f8
Merge pull request #86649 from mmilata/prosody-muc-extraconfig
nixos/prosody: add MUC extraConfig + fixes
2020-05-04 11:47:45 +02:00
rnhmjoj 1b9f81ca0d
nixos/picom: cleanup
- Use floating points instead of strings, which Nix now supports

- Make the type of picom.settings option recursive

- Add a meaningful description of both the option and its type
2020-05-04 08:58:09 +02:00
Pavol Rusnak 7b0167204d treewide: use https for nixos.org and hydra.nixos.org
tarballs.nixos.org is omitted from the change because urls from there
are always hashed and checked
2020-05-03 22:14:21 -07:00
Ricardo Ardissone d6d0442243 nixos/hostapd: add logLevel option 2020-05-04 00:31:09 -03:00
Ricardo Ardissone c09c054231 nixos/hostapd: add countryCode option 2020-05-04 00:31:09 -03:00
Ricardo Ardissone 151d32d22c nixos/hostapd: use CRDA
Needed for regulatory compliance and unlocking some channels.
2020-05-03 23:57:33 -03:00
Martin Milata ce0c39be0b nixos/prosody: add MUC extraConfig, fix extraConfig order
Add extraConfig option for the muc submodule.

Also move the global extraConfig before all components and
virtualhosts, because the manual states:

    The configuration is divided into two parts. The first part is known as
    the "global" section. All settings here apply to the whole server, and
    are the default for all virtual hosts.

    The second half of the file is a series of VirtualHost and Component
    definitions. Settings under each VirtualHost or Component line apply
    only to that host.

Before, if at least one muc was defined, or uploadHttp enabled, the
global extraConfig would end up after "muc" or "http_upload" component
making it apply to that component only and not globally.
2020-05-04 00:10:33 +02:00
Gabriel Ebner a4f60b72e9 Merge branch 'master' into octoprint 2020-05-03 11:37:52 +02:00
Milan Pässler f2d1041b6b nixos/deluge: remove p7zip from extraPackages defaults 2020-05-03 00:48:48 +02:00
misuzu 0b0afcae16 nixos/gitlab-runner: support multiple services 2020-05-02 11:59:57 +02:00
Frederik Rietdijk afb1041148 Merge master into staging-next 2020-05-02 09:39:00 +02:00
Frederik Rietdijk 309711c4b4 Revert "nixos/gitlab-runner: support multiple services"
Reverting because of merge conflict. Rebase the fix and submit again.

This reverts commit 3853c27111.
2020-05-02 09:38:08 +02:00
Emery Hemingway 0d49162aa0 nixos/yggdrasil: add group option
Allow users to access the Yggdrasil control socket by group.
2020-05-02 01:21:55 +05:30
Florian Klink e148a72377
Merge pull request #86067 from NinjaTrappeur/nin-sane-prosody-defaults
nixos/prosody: make module defaults comply with XEP-0423
2020-05-01 20:07:13 +02:00
Félix Baylac-Jacqué f5b1e6bc21
nixos/prosody: add NixOS manual entry
We add a Prosody entry to the NixOS manual showing how to setup a
basic XEP-0423 compliant Prosody service. This example also showcase
how to generate the associated ACME certificates.

Note: The <programlisting> body might look poorly indented, but trust
me, it's necessary. If we try to increase their indentation level, the
HTML output will end up containing a lot of unecesseray heading spaces
breaking the formatting...
2020-05-01 19:57:33 +02:00
Ed Cragg df2f8d9150 thelounge: write out default path for thelounge
The output file is found and handled by thelounge itself [1], leaving
the user free to override THELOUNGE_HOME in the environment if they
choose, but having a sensible default to make `thelounge` generally
usable in most cases.

This solution follows discussion on #70318.

[1] 9ef5c6c67e/src/command-line/utils.js (L56)
2020-05-01 14:46:46 +01:00
Florian Klink 4e14ff6eac
Merge pull request #84139 from misuzu/gitlab-runner-multi
nixos/gitlab-runner: support multiple services
2020-05-01 12:37:28 +02:00
misuzu 3853c27111 nixos/gitlab-runner: support multiple services 2020-05-01 12:52:43 +03:00
Frederik Rietdijk 484ee79050 Merge staging-next into staging 2020-05-01 08:57:10 +02:00
Aaron Andersen 5445b8d8d0
Merge pull request #83436 from mmilata/mediawiki-default-extensions
nixos/mediawiki: allow using default extensions
2020-04-30 21:03:15 -04:00
Félix Baylac-Jacqué 353a8b58e6
nixos/prosody: leverage systemd sandbox features to harden service
We are leveraging the systemd sandboxing features to prevent the
service accessing locations it shouldn't do. Most notably, we are here
preventing the prosody service from accessing /home and providing it
with a private /dev and /tmp.

Please consult man systemd.exec for further informations.
2020-04-30 20:40:00 +02:00
Félix Baylac-Jacqué 8aea528872
nixos/prosody: make defaults comply with XEP-0423
Setting up a XMPP chat server is a pretty deep rabbit whole to jump in
when you're not familiar with this whole universe. Your experience
with this environment will greatly depends on whether or not your
server implements the right set of XEPs.

To tackle this problem, the XMPP community came with the idea of
creating a meta-XEP in charge of listing the desirable XEPs to comply
with. This meta-XMP is issued every year under an new XEP number. The
2020 one being XEP-0423[1].

This prosody nixos module refactoring makes complying with XEP-0423
easier. All the necessary extensions are enabled by default. For some
extensions (MUC and HTTP_UPLOAD), we need some input from the user and
cannot provide a sensible default nixpkgs-wide. For those, we guide
the user using a couple of assertions explaining the remaining manual
steps to perform.

We took advantage of this substential refactoring to refresh the
associated nixos test.

Changelog:
- Update the prosody package to provide the necessary community
  modules in order to comply with XEP-0423. This is a tradeoff, as
  depending on their configuration, the user might end up not using them
  and wasting some disk space. That being said, adding those will
  allow the XEP-0423 users, which I expect to be the majority of
  users, to leverage a bit more the binary cache.
- Add a muc submodule populated with the prosody muc defaults.
- Add a http_upload submodule in charge of setting up a basic http
  server handling the user uploads. This submodule is in is
  spinning up an HTTP(s) server in charge of receiving and serving the
  user's attachments.
- Advertise both the MUCs and the http_upload endpoints using mod disco.
- Use the slixmpp library in place of the now defunct sleekxmpp for
  the prosody NixOS test.
- Update the nixos test to setup and test the MUC and http upload
  features.
- Add a couple of assertions triggered if the setup is not xep-0423
  compliant.

[1] https://xmpp.org/extensions/xep-0423.html
2020-04-30 20:39:54 +02:00
Elis Hirwing 27b9b7b3af
Merge pull request #85026 from talyz/php_buildenv_override
php.buildEnv: Make the exported php package overridable, improve handling of currently enabled extensions, etc
2020-04-29 19:57:37 +02:00
worldofpeace 5100e4f250 nixos/pantheon: install nixos wallpaper
Fixes  #86146
2020-04-29 13:24:37 -04:00
worldofpeace 7f3bc5b8fa nixos/gnome3: install nixos wallpapers 2020-04-29 13:24:37 -04:00
Jan Tojnar 3d1706c28d nixos/lightdm: change background type to path 2020-04-29 13:24:37 -04:00
worldofpeace 62587f43dd nixos-artwork: add file path attributes
This makes things so much easier, and we install to
the path that both gnome-backgrounds and
elementary-wallpapers install to.
2020-04-29 13:23:35 -04:00
talyz c3d5d92f4a
php.buildEnv: Add phpIni attribute for easy access to the php.ini 2020-04-29 12:12:59 +02:00
Jan Tojnar 2874eebfd2
Merge branch 'staging-next' into staging 2020-04-29 08:35:47 +02:00
worldofpeace a6dc21fa2d nixos/pantheon: fix doc typo 2020-04-29 01:20:03 -04:00
Pavel Goran c678d68cdb nixos/pykms: add SyslogIdentifier 2020-04-29 03:53:47 +00:00
Florian Klink c01ac3ed12
Merge pull request #85998 from helsinki-systems/make-nsswitch-more-flexible
nixos/nsswitch: Make databases more configurable
2020-04-29 01:28:33 +02:00
Janne Heß edddc7c82a
nixos/sss: Move nsswitch config into the module 2020-04-28 17:02:46 +02:00
zowoq c59c4e3589 nixos/*: use $out instead of $bin with buildGoPackage 2020-04-28 20:30:29 +10:00
talyz c0a838df38
nixos/gitlab: Fix services.gitlab.enableStartTLSAuto
'toString false' results in an empty string, which, in this context,
is a syntax error. Use boolToString instead.

Fixes #86160
2020-04-28 09:05:26 +02:00
Maximilian Bosch 1f6d33ef26
Merge pull request #86013 from Ma27/cups-allow-from
nixos/printing: make access to web-interface configurable
2020-04-28 02:56:16 +02:00
Dominik Xaver Hörl c10d82358f treewide: add types to boolean / enable options or make use of mkEnableOption 2020-04-27 09:32:01 +02:00
talyz 2ba7926959
php.buildEnv: Provide a list of currently enabled extensions
Rework withExtensions / buildEnv to handle currently enabled
extensions better and make them compatible with override. They now
accept a function with the named arguments enabled and all, where
enabled is a list of currently enabled extensions and all is the set
of all extensions. This gives us several nice properties:

 - You always get the right version of the list of currently enabled
   extensions

 - Invocations chain

 - It works well with overridden PHP packages - you always get the
   correct versions of extensions

As a contrived example of what's possible, you can add ImageMagick,
then override the version and disable fpm, then disable cgi, and
lastly remove the zip extension like this:

{ pkgs ? (import <nixpkgs>) {} }:
with pkgs;

let
  phpWithImagick = php74.withExtensions ({ all, enabled }: enabled ++ [ all.imagick ]);

  phpWithImagickWithoutFpm743 = phpWithImagick.override {
    version = "7.4.3";
    sha256 = "wVF7pJV4+y3MZMc6Ptx21PxQfEp6xjmYFYTMfTtMbRQ=";
    fpmSupport = false;
  };

  phpWithImagickWithoutFpmZip743 = phpWithImagickWithoutFpm743.withExtensions (
    { enabled, all }:
      lib.filter (e: e != all.zip) enabled);

  phpWithImagickWithoutFpmZipCgi743 = phpWithImagickWithoutFpmZip743.override {
    cgiSupport = false;
  };
in
  phpWithImagickWithoutFpmZipCgi743
2020-04-26 16:43:05 +02:00
Aaron Andersen 16ab83760f
Merge pull request #85043 from aanderse/httpd-2020
nixos/httpd: modernize module standards
2020-04-25 20:04:05 -04:00
Florian Klink 02b57e72bb
Merge pull request #86010 from flokli/nscd-disable
nixos/nscd: be more specific in the nscd.enable description on what breaks
2020-04-26 00:05:25 +02:00
Maximilian Bosch 4062592f3a
nixos/printing: make access to web-interface configurable
Otherwise you'd always get a 403 when hosting the web-interface of cups
at a different location than `localhost`.
2020-04-25 19:48:34 +02:00
Florian Klink 2ececf1ed9 nixos/nscd: be more specific in the nscd.enable description on what breaks 2020-04-25 18:11:10 +02:00
lewo fcf547d0e2
Merge pull request #85813 from johnae/fix-k3s-systemd-units
The systemd unit for k3s should differ between agents and servers
2020-04-25 09:45:49 +02:00
Aaron Andersen 218049c5c2 nixos/gitea: add settings option 2020-04-23 21:06:26 -04:00
Florian Klink 04e308a496
Merge pull request #85815 from arianvp/fix-85800
Fix networkd not restarting on unit changes
2020-04-23 10:36:57 +02:00
Arian van Putten f332109ebf nixos/datadog-agent: Fix restartTriggers
Fixes #85800

1d61efb7f1 accidentially changed the
restartTriggers of `datadog-agent.service` to point to the attribute
name (in this case, a location relative to `/etc`), instead of the
location of the config files in the nix store.

This caused datadog to not get restarted on activation of new
config, if the file name hasn't changed.

Fix this, by pointing this back to the location in the nix store.
2020-04-23 09:58:18 +02:00
John Axel Eriksson 41a95b1b7d
The systemd unit for k3s should differ between agents and servers 2020-04-23 07:55:23 +02:00
Frederik Rietdijk 8374a2a0ee Merge master into staging-next 2020-04-22 17:20:20 +02:00
Bas van Dijk 784aa2913a
Merge pull request #79840 from knl/update-oauth2_proxy-to-5.0.0
oauth2_proxy: 3.2.0 -> 5.1.0
2020-04-22 12:15:07 +02:00
Jan Tojnar b231ac2101
Merge pull request #85402 from jtojnar/httpd-php 2020-04-22 04:23:24 +02:00
Aaron Andersen d0de970279 nixos/httpd: some mod_php cleanup 2020-04-21 20:33:18 -04:00
Aaron Andersen ee030b121b nixos/httpd: set modern default values for mpm and http2 2020-04-21 20:33:18 -04:00
Aaron Andersen 20f37a4430 nixos/httpd: run as non root user 2020-04-21 20:33:18 -04:00
Florian Klink c1a6e60335
Merge pull request #85598 from danderson/tailscale-fix-cachedir
nixos/tailscale: set a CacheDir in the systemd unit.
2020-04-21 22:38:32 +02:00
Thomas Churchman 8880957042 nixos/phpfpm: fix erroneous pools example 2020-04-21 20:59:52 +02:00
Frederik Rietdijk 23be4a8b4d Merge master into staging-next 2020-04-21 19:59:56 +02:00
Robin Gloster 134c66b584
privacyidea module: init 2020-04-21 16:54:51 +02:00
Dominik Xaver Hörl 0412bde942 treewide: add bool type to enable options, or make use of mkEnableOption
Add missing type information to manually specified enable options or replace them by mkEnableOption where appropriate.
2020-04-21 08:55:36 +02:00
Frederik Rietdijk 803b3d296c Merge staging-next into staging 2020-04-21 08:29:51 +02:00
David Anderson cee5ddbb28 nixos/tailscale: set a CacheDir in the systemd unit.
Fixes a bug where tailscaled drops some files into / when CacheDir
is unset.

Signed-off-by: David Anderson <dave@natulte.net>
2020-04-20 15:35:55 -07:00
Marek Mahut 60100a7c92
Merge pull request #83769 from dadada/nixos/dokuwiki-multi-server
nixos/dokuwiki: add support for multi-site, additional plugins and templates
2020-04-20 19:39:48 +02:00
Nikola Knezevic 3c551848be oauth2_proxy: Update NixOS module
Update to match the current flags and apply fixes to all breaking changes.
2020-04-20 10:11:46 +02:00
Florian Klink a88d17bc69
Merge pull request #83301 from evils/tuptime
Tuptime: Init Package, Module and Test
2020-04-19 23:38:53 +02:00
worldofpeace f882896cc8
Merge pull request #73934 from flokli/nixos-test-port-cockroachdb
nixosTests.cockroachdb: port to python
2020-04-19 16:30:45 -04:00
Michael Weiss 0e4417f118
Revert "nixos: Introduce nix.buildLocation option"
This reverts commit 5291925fd2.
Reason: This started to cause severe regressions, see:
- https://github.com/NixOS/nixpkgs/issues/85552
- https://github.com/NixOS/nixpkgs/pull/83166#pullrequestreview-395960588
Fixes #85552.
2020-04-19 15:16:08 +02:00
dadada 2d86cca35e
nixos/dokuwiki: change default of aclFile and usersFile
`aclFile` and `usersFile` will be set to a default value if `aclUse` is
specified and aclFile is not overriden by `acl`.
2020-04-18 23:37:19 +02:00
dadada 9460fb5788
nixos/dokuwiki: modify usersFile and aclFile
Use types.str instead of types.path to exclude private information from
the derivation.
Add a warinig about the contents of acl beeing included in the nix
store.
2020-04-18 23:37:19 +02:00
dadada 2b67a89f29
nixos/dokuwiki: dokuwiki user 2020-04-18 23:37:19 +02:00
dadada 2e699f1db1
nixos/dokuwiki: add option disableActions 2020-04-18 23:37:18 +02:00
dadada a58dc30d34
nixos/dokuwiki: set default value for usersFile
If usersFile is not set, a file is created along the stateDir that can
hold the users and supports dynamically adding users using the web GUI.
2020-04-18 23:37:18 +02:00
dadada 0228046eec
nixos/dokuwiki: add assertion for usersFile 2020-04-18 23:37:18 +02:00
dadada af6a7a0486
nixos/dokuwiki: add plugins and templates options
Adds support for additional plugins and templates similarly to how
wordpress.nix does it.

Plugins and templates need to be packaged as in the example.
2020-04-18 23:37:18 +02:00
dadada 71baf4801c
nixos/dokuwiki: refactor 2020-04-18 23:37:18 +02:00
dadada dc7ed06615
nixos/dokuwiki: add <name?> option
Enables multi-site configurations.

This break compatibility with prior configurations that expect options
for a single dokuwiki instance in `services.dokuwiki`.
2020-04-18 23:37:18 +02:00
John Ericson 1ea80c2cc3 Merge remote-tracking branch 'upstream/master' into staging 2020-04-18 15:40:49 -04:00
Jörg Thalheim 35eb7793a3
Merge pull request #83166 from avnik/nix-build-location 2020-04-18 18:37:15 +01:00
Alexander V. Nikolaev 5291925fd2 nixos: Introduce nix.buildLocation option
Allow to specify where package build will happens.
It helps big packages (like browsers) not to overflow tmpfs.
2020-04-18 20:31:04 +03:00