3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

5226 commits

Author SHA1 Message Date
zimbatm e71a5cb878 stdenv: introduce baseHash() to replace stripHash()
stripHash uses a global variable to communicate it's computation
results, but it's not necessary. You can just pipe to stdout in a
subshell. A function mostly behaves like just another command.

baseHash() also introduces a suffix-stripping capability since it's
something the users of the function tend to use.
2016-06-25 14:20:56 +01:00
Arseniy Seroka 5f5da9b20d Merge pull request #16381 from sheenobu/bugfix/logstash/fix_examples
logstash: fix examples in service file
2016-06-25 13:38:50 +03:00
Sheena Artrip e5fc302b1a
logstash: fix examples in service file 2016-06-24 14:36:18 -04:00
Alexander Ried c1319572d4 networkmanager: Dependency on avahi-autoipd has been dropped.
Native IPv4 link-local addressing configuration based on systemd network library is now used instead.
2016-06-23 23:12:41 +02:00
Vladimír Čunát 6b27ceb006 Merge 'master' into staging and re-revert merge
... from staging to master, reverted temporarily in aa9a04883e.
2016-06-23 12:09:03 +02:00
Vladimír Čunát aa9a04883e Revert "Merge branch 'staging'" due to glibc
The main output started to retain dependency on bootstrap-tools; see
https://github.com/NixOS/nixpkgs/pull/15867#issuecomment-227949096

This reverts commit c05d829598, reversing
changes made to f073df60d6.
2016-06-23 09:25:10 +02:00
Nikolay Amiantov 21f9180d49 Merge pull request #15579 from abbradar/nixos-install-ssl
nixos-install: fix SSL certificate error
2016-06-23 07:48:45 +04:00
Eric Sagnes ff074ec7a4 apache-httpd: add phpPackage option 2016-06-22 21:24:25 +09:00
Luca Bruno 2724c25fb0 Merge pull request #16420 from bjornfor/printing-fixes-for-upstream
nixos/gnome-desktop: fix adding printers with GNOME Control Center
2016-06-22 12:17:29 +02:00
Bjørn Forsman a156a8ab1a nixos/gnome-desktop: fix adding printers with GNOME Control Center
...by adding system-config-printer to services.dbus.packages (if
services.printing.enable is true).

Without this patch, trying to add a printer will result in a little dialog
saying "Failed to add new printer" and gnome-control-center will print this to
the terminal (line wrapped):

(gnome-control-center:3546): printers-cc-panel-WARNING **: \
  GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: \
  The name org.fedoraproject.Config.Printing was not provided by any .service files

system-config-printer supplies the "org.fedoraproject.Config.Printing" dbus
service, thus fixing the problem.
2016-06-22 11:13:31 +02:00
Vladimír Čunát c05d829598 Merge branch 'staging' 2016-06-22 10:49:56 +02:00
Frederik Rietdijk 9e2866d5de Merge pull request #16086 from layus/inginious
INGInious: provide a NixOS module
2016-06-21 16:37:29 +02:00
Frederik Rietdijk 39043e4d6e Merge pull request #16239 from Ralith/matrix-synapse
matrix-synapse: 0.14 -> 0.16
2016-06-21 14:30:33 +02:00
Benjamin Saunders 8e47786c0e coturn: init at 4.5.0.3 (#16284) 2016-06-21 12:59:29 +02:00
obadz fb6b4860c7 xl2tpd: add nixos module for service
(required adding execv to libredirect)
2016-06-20 21:41:59 +01:00
Eelco Dolstra d0b2524633 Merge pull request #16021 from Baughn/systemd-linger
systemd: Set KillUserProcesses=no in logind.conf
2016-06-20 14:54:03 +02:00
obadz 0243ccfbff i3 & xfce modules: add extraSessionCommands for WM-specific user-defined xsession lines
Could be extended to other window managers/desktops as well
2016-06-19 23:52:14 +01:00
zimbatm 31c158ad45 Merge pull request #16189 from zimbatm/usershell-config
User shell config
2016-06-19 23:36:45 +01:00
zimbatm b0f8416c5c Merge pull request #16180 from zimbatm/shell-escaping
Escape all shell arguments uniformly
2016-06-19 23:27:52 +01:00
Al Zohali 6b3f5b5a42 phpfpm service: restructured pool configuration 2016-06-20 01:00:03 +03:00
zimbatm 7795f11335 Merge pull request #16332 from solson/fix-fileSystems-example
Make fileSystems example literal.
2016-06-19 22:27:44 +01:00
Zack Piper f36c8f5f54 lxd: pkg.lxd does not point to the binaries
`pkg.lxd.bin` does
2016-06-19 20:30:36 +01:00
Joachim Fasting 6fd8e5719b Merge pull request #16108 from pwetzel/squeezelite
Squeezelite package and service init
2016-06-19 20:53:15 +02:00
Vladimír Čunát 61b8d27b4c make-wrapper: fixup #14753 changes to make tests work
The tests need to expand passed variable and very carefully.
I could see no other easy way than to change single-quoting in
makeWrapper to double-quoting.
The tests now fail with the same problem as on master...
2016-06-19 13:38:46 +02:00
Scott Olson 6d5ed7d971 Make fileSystems example literal.
This fixes the attribute names showing up unquoted in the options documentation.
2016-06-19 01:21:22 -06:00
obadz 8ab188eb16 pptpd service: improve option descriptions per @bjornfor's suggestion 2016-06-18 16:28:06 +01:00
obadz fc975bcffb pptpd: add nixos service 2016-06-18 02:08:07 +01:00
Benjamin Saunders 26da79230b matrix-synapse: 0.14 -> 0.16 2016-06-17 09:21:46 -07:00
Sander van der Burg 8fccaa9011 disnix-module: split dysnomia's functionality into a separate module so that it can be used without Disnix and remove the hacky/obsolete avahi publisher 2016-06-17 09:12:44 +00:00
Joachim Fasting c7ca9faa51 Merge pull request #16148 from womfoo/openldap
openldap: add -h urlList in service so LDAP TLS could be enabled
2016-06-16 16:37:55 +02:00
Franz Thoma 688d7cd3a6 i3-gaps: add as window manager
Closes #15917
2016-06-16 14:26:17 +01:00
Benno Fünfstück 519673e714 wpa_supplicant: start after wireless interfaces
wpa_supplicant fails to start if the wireless interfaces aren't ready yet,
so we need to add a system ordering directive here to start wpa_supplicant
after the interfaces are ready. Note that Requires= is not enough since
it does not imply ordering.
2016-06-16 00:22:08 +02:00
Kranium Gikos Mendoza f79930849a openldap: add -h urlList in service so LDAP TLS could be enabled 2016-06-14 23:47:02 +08:00
Arseniy Seroka 186a6a207d Merge pull request #16222 from kamilchm/rework-go
Fixes #16181 - using bin output for Go services
2016-06-14 17:19:17 +03:00
Guillaume Maudoux 0fef9ed3ed inginious: init NixOS module 2016-06-14 11:09:21 +02:00
Joachim Fasting 886c03ad2e Merge pull request #16107 from joachifm/grsec-ng
Rework grsecurity support
2016-06-14 03:52:50 +02:00
Joachim Fasting 09cf92ccee
nixos: flesh out the grsecurity test suite
I've failed to figure out what why `paxtest blackhat` hangs the vm, and
have resigned to running individual `paxtest` programs.  This provides
limited coverage, but at least verifies that some important features are
in fact working.

Ideas for future work includes a subtest for basic desktop
functionality.
2016-06-14 03:38:18 +02:00
Joachim Fasting a53452f3e1
nixos: remove the grsecurity GID
This GID was used to exempt users from Grsecurity's
`/proc` restrictions; we now prefer to rely on
`security.hideProcessInformation`, which uses the `proc` group
for this purpose.  That leaves no use for the grsecurity GID.

More generally, having only a single GID to, presumably, serve as the
default for all of grsecurity's GID based exemption/resriction schemes
would be problematic in any event, so if we decide to enable those
grsecurity features in the future, more specific GIDs should be added.
2016-06-14 03:38:17 +02:00
Joachim Fasting 0677cc61c8
nixos: rewrite the grsecurity module
The new module is specifically adapted to the NixOS Grsecurity/PaX
kernel.  The module declares the required kernel configurations and
so *should* be somewhat compatible with custom Grsecurity kernels.

The module exposes only a limited number of options, minimising the need
for user intervention beyond enabling the module. For experts,
Grsecurity/PaX behavior may be configured via `boot.kernelParams` and
`boot.kernel.sysctl`.

The module assumes the user knows what she's doing (esp. if she decides
to modify configuration values not directly exposed by the module).

Administration of Grsecurity's role based access control system is yet
to be implemented.
2016-06-14 03:38:12 +02:00
Kamil Chmielewski 437ea9fd37 Fixes #16181 - using bin output for Go services 2016-06-13 23:32:16 +02:00
Paweł Pacana d2b58dd39a buildkite-agent: init at 2.1.8
* nixos module included
* install compiled binary
* only one platform now
* limited config options
* relies on providing ssh keys for agent
2016-06-13 17:21:08 +01:00
Luca Bruno 02a1408d9c Merge pull request #16023 from choochootrain/add-xbanish-service
xbanish service: init at 1.4
2016-06-13 17:24:44 +02:00
zimbatm 4f27f28f89 Merge pull request #16137 from abbradar/parsoid
Update node packages
2016-06-13 00:19:25 +01:00
zimbatm a95229a963 Merge pull request #15677 from womfoo/mod_auth_mellon
mod_auth_mellon: init at 0.12.0 and dependency lasso: init at 2.5.1
2016-06-12 23:38:57 +01:00
zimbatm 2974b6f4c8 Use shell packages to select the user's shell
The string type is still available for backward-compatiblity.
2016-06-12 20:35:34 +01:00
zimbatm 28fa4a2f03 Escape all shell arguments uniformly 2016-06-12 18:11:37 +01:00
Phil Wetzel ccdf386a97 squeezelite service: init 2016-06-11 22:05:07 -04:00
Benno Fünfstück 3850123f32 nixos/docker: use wrapped modprobe
We need to use wrapped modprobe, so that it finds the right
modules. Docker needs modprobe to load overlay kernel module
for example.

This fixes an an error starting docker if the booted system's kernel
version is different from the /run/current-system profile's one.
2016-06-11 21:13:37 +02:00
Luca Bruno dbed53a79f gnome3: add gnome-session debug option 2016-06-11 16:47:14 +02:00
Nikolay Amiantov f28ab85f2e parsoid service: use default node 2016-06-11 03:04:03 +03:00
Peter Simons 61dba074c7 Merge pull request #16082 from uwap/master
Postfix: Add an option to enable Submission
2016-06-10 15:15:52 +02:00
uwap 1e72706d66 Change default to postfix default. 2016-06-10 15:10:28 +02:00
uwap ab0547b16f Choose a better default for services.postfix.submissionOptions 2016-06-10 14:51:43 +02:00
Joachim Fasting c1cb5ca57e
oauth2_proxy module: fix manual build 2016-06-10 01:02:40 +02:00
Joachim Fasting e2e2840aa7 Merge pull request #15283 from jml/oauth2proxy-moduleu
oauth2_proxy: create new module for service
2016-06-09 22:52:17 +02:00
Thomas Tuegel 04ad2ebfb2 Merge branch 'kde-propagate' 2016-06-09 12:40:04 -05:00
Thomas Tuegel c608230a61 nixos/kde5: include setup hook and icons with sddm theme
Fixes #16094.
2016-06-09 12:39:10 -05:00
uwap cc658b695a Make submission options more flexible 2016-06-09 18:06:07 +02:00
Jonathan Lange 58599744ee Add module for oauth2_proxy 2016-06-09 15:00:23 +01:00
Joachim Fasting 376ba5f17f
dnscrypt-proxy service: update resolver list 2016-06-09 14:03:40 +02:00
uwap d1e4ee146d Postfix: Add an option to enable Submission
Adds services.postfix.enableSubmission and services.postfix.extraSubmissionOptions to make it easy to enable submission in master.cf
2016-06-09 00:15:55 +02:00
Hurshal Patel 3913aaeaad
xbanish service: init at 1.4 2016-06-07 23:58:06 -07:00
Thomas Tuegel dc7d5231d6 Merge branch 'plasma-5' 2016-06-07 08:47:19 -05:00
Luca Bruno a72aba8c30 Merge pull request #14366 from NixOS/gnome-3.20
gnome3.20: init at 3.20.0
2016-06-07 14:23:08 +02:00
Thomas Tuegel 4eebb77df2 Revert "nixos/kde5: install oxygen-fonts and noto-fonts"
This reverts commit 285061d50c.
2016-06-07 06:24:23 -05:00
Thomas Tuegel 9dcbc4b015 nixos/kde5: install plasma-integration
frameworkintegration was split with plasma-integration in Plasma 5.6.
2016-06-07 06:20:29 -05:00
Thomas Tuegel 285061d50c nixos/kde5: install oxygen-fonts and noto-fonts 2016-06-07 06:20:11 -05:00
Arseniy Seroka c9f8cc4bf4 Merge pull request #15991 from womfoo/openldap
openldap: fix example for multiple-outputs and formatting
2016-06-06 22:22:49 +03:00
Benno Fünfstück c85f2b20e6 nixos/openvpn: add support for resolvconf
The update-resolve-conf script from the update-resolv-conf
package is very useful and should work in most of the common
cases, so this adds an option to enable it. The option is
disabled by default for backwards compatibility.
2016-06-06 20:43:52 +02:00
Damien Cassou da62589d8e gnome3_20: Add GNOME 3.20 package set 2016-06-06 20:33:58 +02:00
Svein Ove Aas 93c160fabc systemd: Set KillUserProcesses=no in logind.conf
Full discussion at
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825394

NixOS is even more of a server OS than Debian, and I can think of no
reason to make users jump through this sort of hoop.
2016-06-06 11:51:51 +01:00
Kranium Gikos Mendoza 64328ca475 openldap: fix example for multiple-outputs and formatting 2016-06-05 13:40:26 +08:00
Vladimír Čunát a03ff26080 Merge #15639: xorg-server 1.17.4 -> 1.18.3
... and fglrxCompat to maintain compatibility.
2016-06-05 00:52:06 +02:00
aszlig 9720e16adc
nixos/pcscd: Improve and clean up module
So far the module only allowed for the ccid driver, but there are a lot
of other PCSC driver modules out there, so let's add an option called
"plugins", which boils down to a store path that links together all the
paths specified.

We don't need to create stuff in /var/lib/pcsc anymore, because we
patched pcsclite to allow setting PCSCLITE_HP_DROPDIR.

Another new option is readerConfig, which is especially useful for
non-USB readers that aren't autodetected.

The systemd service now is no longer Type=forking, because we're now
passing the -f (foreground) option to pcscd.

Tested against a YubiKey 4, SCR335 and a REINER SCT USB reader.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @wkennington
2016-06-04 16:39:19 +02:00
Nikolay Amiantov 1dfdc3e521 nixos manual: fix syntax
It appears I've cherry-picked wrong commit without this fix.
2016-06-03 19:23:17 +03:00
Nikolay Amiantov 1942957b53 nixos manual: document Gtk and Qt themes 2016-06-03 19:14:52 +03:00
Shea Levy 83c2629f15 Merge pull request #15895 from cerana/stage2-sysfs
stage2: if no /proc, also mount /sys
2016-06-03 11:32:57 -04:00
Domen Kožar 5260686aa8 fix https://github.com/NixOS/nixops/issues/331 2016-06-03 15:55:17 +01:00
obadz 4c5fdf42ed nixos/modules/misc/version.nix: check that .git is a directory
That's not the case for git submodules
Fixes #15928
2016-06-03 13:38:41 +01:00
Eelco Dolstra 7c19b395eb Explicitly specify the subsystem for /dev/vboxguest
Otherwise systemd gets confused and forgets about device units after
reloading.

https://github.com/NixOS/nixops/issues/391
https://github.com/systemd/systemd/issues/3423
2016-06-03 00:33:15 +02:00
Domen Kožar 81cdd0bf96 fix manual 2016-06-01 21:55:31 +01:00
Domen Kožar 3e631800d1 Add hydra package and its NixOS module.
This was originally removed in d4d0e449d7.
The intent was not to maintain hydra expression at two places.

Nowadays we have enough devs to maintain this despite copy/pasta.

This should encourage more people to use Hydra, which is a really
great piece of software together with Nix.

Tested a deploy using https://github.com/peti/hydra-tutorial
2016-06-01 21:55:31 +01:00
Joel Moberg 20826c2a5d nixos kde5: improve test
IceWM is not part of KDE 5 and is now no longer part of the test. KDE 5
applications: Dolphin, System Monitor, and System Settings are started
in this test.
2016-06-01 17:09:51 +02:00
Wilhelm Schuster 5f8d14546b Manual: Explicitly mark commands that require to be run as root (#15589)
* manual: Mark commands that require root

Mark every command that requires to be run as root by prefixing them
with '#' instead of '$'.

* manual: Add note about commands that require root
2016-06-01 15:23:32 +01:00
Nahum Shalman 9b0a5ced13 stage2: if no /proc, also mount /sys 2016-06-01 13:26:14 +00:00
Eelco Dolstra e8ad22be12 Rename gummiboot module 2016-06-01 12:55:56 +02:00
Eelco Dolstra 9f0e137338 Rename boot.loader.gummiboot.enable -> boot.loader.systemd-boot.enable 2016-06-01 12:55:52 +02:00
Bob van der Linden 4e6697dcb6 acme: added option security.acme.preliminarySelfsigned (#15562) 2016-06-01 11:39:46 +01:00
Nikolay Amiantov 164ead312e Merge pull request #15793 from abbradar/unity3d-pkg
Unity3D package
2016-06-01 12:59:12 +03:00
Tuomas Tynkkynen 0229693354 iso-image.nix: Fix path to EFI blob after systemd-boot switch
This evaluates, but I can't verify if it works.

@edolstra
2016-06-01 12:14:00 +03:00
Eelco Dolstra f222689aba Use systemd-boot instead of gummiboot
Gummiboot is part of systemd now so we may as well use it.
2016-05-31 17:02:47 +02:00
obadz 0c9e904943 toxvpn: restartIfChanged = false & minor cleanups 2016-05-30 14:23:52 +01:00
anderspapitto dd2bb96dbe syncthing service: respect cfg.package (#15810) 2016-05-30 10:14:19 +02:00
obadz d18ba0f50d toxvpn: init at 20151111
(Authored by @cleverca22)
2016-05-30 00:21:22 +01:00
aszlig dc38003af9
nixos/containers: Create an empty machine-id file
Since systemd version 230, it is required to have a machine-id file
prior to the startup of the container. If the file is empty, a transient
machine ID is generated by systemd-nspawn.

See systemd/systemd#3014 for more details on the matter.

This unbreaks all of the containers-* NixOS tests.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @edolstra
Closes: #15808
2016-05-29 18:38:37 +02:00
Nikolay Amiantov 281db6bbc3 unity3d service: init 2016-05-29 17:38:36 +03:00
Joachim Fasting b05bb30361
slurm service: robust reference to slurm bin output 2016-05-28 15:28:21 +02:00
Joachim Fasting c420d0fb28
slurm service: fix typo in option description 2016-05-28 15:28:21 +02:00
Joachim Fasting 4e74479807
networking config: specify resolv.conf options as list of strings 2016-05-28 14:28:13 +02:00
Christian Zagrodnick 14dfdeb31a
networking config: support setting resolv.conf options
Closes: #11372
2016-05-28 14:28:13 +02:00
Joachim Fasting 44548c8a9e Merge pull request #15596 from rnhmjoj/master
fish: 2.2.0 -> 2.3.0
2016-05-28 00:53:12 +02:00
Joachim Fasting a03cbebeb5
diod service: Capabilities -> CapabilityBoundingSet
`Capabilities` is obsolete in recent systemd and will be simply
ignored.

Note: this is the only service using `Capabilites`, per `git grep`.
2016-05-27 16:26:55 +02:00
Joachim Fasting f7e7b814a9 Merge pull request #15668 from joachifm/fontDir-builderDefs
config.fonts.fontdir: use runCommand instead of builderDefs
2016-05-27 16:17:58 +02:00
Vladimír Čunát e4832c7541 Merge branch 'staging'
Includes a security update of libxml2.
2016-05-27 15:58:40 +02:00
Joachim Fasting a487cacef4 Merge pull request #15745 from peterhoeg/tmux-env
tmux module: set TMUX_TMPDIR via environment instead of wrapper
2016-05-27 13:23:48 +02:00
Peter Hoeg 5404595b55 tmux module: set TMUX_TMPDIR via environment instead of wrapper 2016-05-27 17:29:19 +08:00
Eelco Dolstra b786b00023 KDE test: Bump kdm start timeout
Hopefully this will fix random failures like
http://hydra.nixos.org/build/36249079.
2016-05-27 11:22:27 +02:00
Joachim Fasting b24e58a82b
config.fonts.fontdir: use runCommand instead of builderDefs
The primary motivation here is to get rid of builderDefs, but now the
resulting font directory is also linked into /run/current-system/sw,
which fixes #15194.
2016-05-26 22:39:01 +02:00
Vladimír Čunát 81039713fa Merge branch 'master' into staging
... to get the systemd update (rebuilding ~7k jobs).
2016-05-26 16:50:22 +02:00
aszlig 3b8a2a793c
nixos/tests/vbox: Fix invocation of dbus
VBoxService needs dbus in order to work properly, which failed to start
up so far, because it was searching in /run/current-system/sw for its
configuration files.

We now no longer run with the --system flag but specify the
configuration file directly instead.

This fixes at least the "simple-gui" test and probably the others as
well, which I haven't tested yet.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-26 16:48:32 +02:00
aszlig 3fd3911105
nixos/tests/vbox: Replace waitForWindow with xprop
We can't use waitForWindow here because it runs xwininfo as user root,
who in turn is not authorized to connect to the X server running as
alice.

So instead, we use xprop from user alice which should fix waiting for
the VirtualBox manager window.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-26 16:48:32 +02:00
Alexander Ried 8fbdb40ef0 services.*ntp*: Add time-sync.target to ntp clients (#15714)
See: https://www.freedesktop.org/software/systemd/man/systemd.special.html#time-sync.target
2016-05-26 16:25:36 +02:00
Eelco Dolstra b37d6d8996 Fix failure to start old containers
The existence of $root/var/lib/private/host-notify as a socket
prevented a bind mount:

  container foo[8083]: Failed to create mount point /var/lib/containers/foo/var/lib/private/host-notify: No such device or address
2016-05-26 16:19:40 +02:00
aszlig ecd3cbb9e7
nixos/tests/vbox: Start X server with user "alice"
The VirtualBox tests so far ran the X server as root instead of user
"alice" and it did work, because we had access control turned off by
default.

Fortunately, it was changed in 1541fa351b.

As a side effect, it caused all the VirtualBox tests to fail because
they now can't connect to the X server, which is a good thing because
it's a bug of the VirtualBox tests.

So to fix it, let's just start the X server as user alice.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-26 15:05:23 +02:00
aszlig cb796ccd09
nixos/test-driver/Logger: Replace invalid UTF-8
Regression introduced by d84741a4bf.

The mentioned commit actually is a good thing, because we now get the
output from the X session.

Unfortunately, for the i3wm test, the i3-config-wizard prints out the
raw keyboard symbols directly coming from xcb, so the output isn't
necessarily proper UTF-8.

As the XML::Writer already expects valid UTF-8 input, we assume that
everything that comes into sanitise() will be UTF-8 from the start. So
we just decode() it using FB_DEFAULT as the check argument so that
every invalid character is replaced by the unicode replacement
character:

https://en.wikipedia.org/wiki/Specials_(Unicode_block)#Replacement_character

We simply re-oncode it again afterwards and return it, so we should
always get out valid UTF-8 in the log XML.

For more information about FB_DEFAULT and FB_CROAK, have a look at:

http://search.cpan.org/~dankogai/Encode-2.84/Encode.pm#Handling_Malformed_Data

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-26 14:24:33 +02:00
Domen Kožar 467cd6f3a4 Make i3wm test a release blocker
Catch issues like
331fa2feff
2016-05-26 10:47:15 +01:00
obadz e78a99c35b nixos/tests/installer.nix: nixos-generate-config detects LUKS since a7baec7
Fixes nix-build '<nixos/release.nix>' -A tests.installer.luksroot.x86_64-linux
2016-05-26 04:02:36 +01:00
rnhmjoj 17ec9368cd
fish: 2.2.0 -> 2.3.0 2016-05-26 00:10:22 +02:00
obadz 331fa2feff xsession: fix variable read before set introduced in c99608c 2016-05-25 17:47:36 +01:00
Eelco Dolstra a7baec7cb1 nixos-generate-config: Emit LUKS configuration for boot device 2016-05-25 18:04:41 +02:00
Eelco Dolstra c6ab4ab206 nixos-generate-config: Enable strictness 2016-05-25 18:04:34 +02:00
Eelco Dolstra 845c9b50bf boot.initrd.luks.devices: Change into an attribute set
This allows setting options for the same LUKS device in different
modules. For example, the auto-generated hardware-configuration.nix
can contain

  boot.initrd.luks.devices.crypted.device = "/dev/disk/...";

while configuration.nix can add

  boot.initrd.luks.devices.crypted.allowDiscards = true;

Also updated the examples/docs to use /disk/disk/by-uuid instead of
/dev/sda, since we shouldn't promote the use of the latter.
2016-05-25 18:04:21 +02:00
Eelco Dolstra 32bed83b18 Remove boot.loader.grub.timeout and boot.loader.gummiboot.timeout
There is a generic boot.loader.timeout option.
2016-05-25 11:39:17 +02:00
Eelco Dolstra fe875b4100 nixos/tests/boot.nix: Remove empty module 2016-05-25 11:39:17 +02:00
obadz 47950b5353 modules/misc/version.nix: populate nixosRevision based on <nixpkgs/.git> when possible (#15624)
Example:

$ nixos-option system.nixosLabel
Value:
"16.09.git.4643ca1"
2016-05-24 23:34:28 +01:00
Eelco Dolstra c726773f26 cpufreq: Fix "sh: modprobe: command not found" 2016-05-24 21:48:42 +02:00
Eelco Dolstra c99608c638 Add an option to write the X session log to the journal
... rather than ~/.xsession-errors. It might make sense to make this
the default, in order to eliminate ad hoc, uncentralised, poorly
discoverable log files.
2016-05-24 21:46:38 +02:00
Eelco Dolstra d84741a4bf X server: Log to the journal instead of /var/log/X.0.log
This ensures that "journalctl -u display-manager" does what you would
expect in 2016. However, the main reason is to ensure that our VM
tests show the output of the X server.

A slight problem is that with KDE user switching, messages from the
various X servers end up in the same place. However, that's an
improvement over the previous situation, where the second X server
would overwrite the /var/log/X.0.log of the first. (This was caused by
the fact that we were passing a hard-coded value for -logfile.)
2016-05-24 21:45:26 +02:00
Eelco Dolstra 3e7b510281 nixos.tests.swraid: Drop mdadm -W
This command is racy because it will return a non-zero exit code if
the array is already clean. This caused numerous random failures. It
should be unnecessary anyway. (Maybe in the past we needed this
because of #15226.)

http://hydra.nixos.org/job/nixos/release-16.03/nixos.tests.installer.swraid.i686-linux
2016-05-24 17:20:22 +02:00
Eelco Dolstra ad29b72686 test-driver: Fix "unit X is inactive and there are no pending jobs"
This was causing many random test failures.
2016-05-24 16:33:14 +02:00
Joachim Fasting e27e0b3d75 Merge pull request #15620 from Cornu/mosquitto
mosquitto service: init
2016-05-24 13:56:06 +02:00
Joachim Fasting 493cae8756
Revert "Merge pull request #15384 from Shados/fix-preshell-terminfo"
This reverts commit 4e9833d9e8, reversing
changes made to 6194e9d801.

Setting TERMINFO prevents ncurses from reading TERMINFO_DIRS.  See
https://github.com/NixOS/nixpkgs/pull/15384#issuecomment-221205596
2016-05-24 11:13:46 +02:00
Hans-Harro Horn 77f2c305b6 mosquitto service: init
Initial Mosquitto MQTT Broker service file.
2016-05-24 10:49:03 +02:00
zimbatm 4d0a421f18 Merge pull request #15646 from vcunat/p/man-db
man-db: make it the default man provider
2016-05-24 09:25:10 +01:00
Markus Mueller 19ee3baa32 ldap module: fix activationScripts declaration 2016-05-23 22:54:15 +02:00
Vladimír Čunát b9df4311dc man-db: make it the default man provider
For now, leave the old implementation under `man-old` attribute.

Small warning: I had a leftover ~/.nix-profile/man from an old package,
which caused man-db's man prefer it and ignore ~/.nix-profile/share/man.
The PATH->MANPATH code just selects the first match for each PATH item.
2016-05-23 19:53:05 +02:00
Joachim Fasting 0f384e5cf2
dnscrypt-proxy service: update resolver list 2016-05-23 16:44:20 +02:00
Taeradan 77028b1e8d
fail2ban service: add iproute to PATH
iproute is required for blocking via null routes; without it, rules
based on routes.conf will fail.

Closes #15638
2016-05-23 15:57:21 +02:00
Vladimír Čunát e7080becfd release notes: mention xorg-server update 2016-05-23 15:24:00 +02:00
Vladimír Čunát 5eb0e1360a release notes: mention removal of shell aliases 2016-05-23 15:16:41 +02:00
Domen Kožar 16535d4a71 setuid-wrappers: remove config.system.path from the closure
The motivation is using sudo in chroot nix builds, a somewhat
special edge case I have and pulling system path into chroot
yields to some very nasty bug like
https://github.com/NixOS/nixpkgs/issues/15581

Previously:

$ cat /var/setuid-wrappers/sudo.real
/nix/store/3sm04dzh0994r86xqxy52jjc0lqnkn65-system-path/bin/sudo

After the change:

$ cat /var/setuid-wrappers/sudo.real
/nix/store/4g9sxbzy8maxf1v217ikp69c0c3q12as-sudo-1.8.15/bin/sudo
2016-05-23 13:47:23 +01:00
Vladimír Čunát 358533dc61 nixos xserver: fix evdev driver with xserver 1.18
... and add its man page.
Now I seem to be running fine with the new server.
2016-05-23 13:02:55 +02:00
Vladimír Čunát 69cc0a7bc5 xf86-input-evdev: split dev output 2016-05-23 13:02:55 +02:00
Eelco Dolstra 0c5ebbd744 Merge pull request #15598 from rnhmjoj/systemd
Remove systemd shell aliases
2016-05-23 10:28:34 +02:00
Vladimír Čunát 05a36304ea nixos ati_unfree: auto-switch xorg to fglrxComat 2016-05-23 10:12:44 +02:00
Vladimír Čunát 0b192a0976 Merge branch 'master' into staging
That's to get mesa rebuild from master, as it's nontrivial.
2016-05-23 09:02:10 +02:00
Joachim Fasting 89d50c4341 Merge pull request #15630 from obadz/opensmtpd
opensmtpd: 5.7.3p2 -> 5.9.2p1
2016-05-23 08:52:42 +02:00
obadz e69ed2b64b opensmtpd: 5.7.3p2 -> 5.9.2p1 2016-05-23 02:59:20 +01:00
Eelco Dolstra c7d92f9485 xf86-video-modesetting: Remove
This driver is part of xorg-server now, so we were using an outdated
version.
2016-05-22 23:05:30 +02:00
Kranium Gikos Mendoza 25fbac5b52 mod_auth_mellon: init at 0.12.0 2016-05-23 02:02:25 +08:00
Joachim Fasting d9796f44f6
manual: minor cleanups 2016-05-22 20:01:52 +02:00
Joachim Fasting d6575c96fb
transmission service: robust lib references in apparmor profile 2016-05-22 20:01:29 +02:00
Vladimír Čunát 73f1f5eb39 imagemagick: split dev output to fix #9604
Also fixup references to imagemagick.
2016-05-22 13:41:15 +02:00
Vladimír Čunát f4eb808554 xf86-input-synaptics: split dev output 2016-05-22 12:10:38 +02:00
Vladimír Čunát c4661e9643 Merge: make dev output references explicit
This is a rebase of most commits from #14766,
resolving conflicts and a few other evaluation problems.
2016-05-22 12:09:23 +02:00
Arnold Krille bf0e745597 unbound service: do not initialize root cert
When enableRootTrustAnchor is set to false, there is really no point in
initializing the root key before starting unbound.

Fixes #15605.
2016-05-21 22:27:27 +02:00
rnhmjoj 1d9651e723
Remove systemd shell aliases 2016-05-21 19:25:21 +02:00
Ben Smith 3a1beb6347
redis service: add firewall and VM overcommit options
- Add vm.over_commit setting for background saving
- Add openFirewall setting

Closes #10193
2016-05-21 18:17:36 +02:00
Alexander Ried 31fa7eda70 releasenotes: fix opengl.extraPackages option name
Should be merged into master and release-16.03 I guess
2016-05-21 16:34:58 +02:00
Bjørn Forsman c7db50e24f Revert "network-manager: multiple outputs"
This reverts commit c25907d072.

I think this commit broke the NixOS service for NetworkManager. At least
with this, and the two previous reverts, everything is back to normal.
(With multiple-outputs split, it would have reduced the closure size by
3 MiB.)
2016-05-21 13:12:44 +02:00
Bjørn Forsman 167272f01d Revert "networkmanager service: fixup"
This reverts commit 7ac1ef05fa.

One of a few reverts needed to unbreak networkmanager NixOS service
since the multiple-output split (to save 3 MiB of closure size).
2016-05-21 13:12:44 +02:00
Bjørn Forsman d1463ac750 Revert "nixos/networkmanager: fix syntax error"
This reverts commit 2875293615.

One of a few reverts needed to unbreak networkmanager NixOS service
since the multiple-output split (to save 3 MiB of closure size).
2016-05-21 13:12:44 +02:00
Nikolay Amiantov 53b8852498 initrd-ssh service: add assertions for host keys 2016-05-20 23:34:28 +03:00
Joachim Fasting d12e9c1a30 Merge pull request #15365 from bendlas/fix-gnome-keyring
gnome-keyring: add gcr dependency to service
2016-05-20 15:18:11 +02:00
Domen Kožar 9d745c6795 typo 2016-05-20 13:55:48 +01:00
Nikolay Amiantov 1193790b95 nixos-install: fix SSL certificate error 2016-05-20 15:30:56 +03:00
Domen Kožar 2d6d731f24 nixos: add a small section about kernel module dev 2016-05-20 11:55:38 +01:00
Domen Kožar 2a3c0ca3d5 command-not-found: disable module until it's fixed again
See https://github.com/NixOS/nixos-channel-scripts/issues/4
2016-05-19 20:02:06 +01:00
Tuomas Tynkkynen 2a73de6e6c treewide: Make explicit that 'dev' output of openssl is used 2016-05-19 10:02:23 +02:00
Tuomas Tynkkynen f81af4e6f0 treewide: Make explicit that 'dev' output of glib is used 2016-05-19 10:00:35 +02:00
Tuomas Tynkkynen 2132c86c45 nixos/dbus: Reference correct output of 'dbus' 2016-05-18 22:58:00 +03:00
Peter Hoeg 60025e3524 tmux module: add additional variables for configuring tmux
Also wraps the tmux binary, so that sockets are stored under /run
2016-05-18 19:24:03 +08:00
Joachim Fasting cf5e07ca5b Merge pull request #15471 from telotortium/subsonic
subsonic: change NixOS home directory config
2016-05-18 04:01:32 +02:00
Domen Kožar b49bf121b8 rename iElectric to domenkozar to match GitHub 2016-05-17 13:00:47 +01:00
Robert Irelan cf14dad167 Add script to move /var/subsonic to cfg.home 2016-05-16 14:42:22 -07:00
Robert Irelan 40d4f6df81 Move from ExecStart{,Pre} to systemd.nix attributes 2016-05-16 14:08:32 -07:00
Ricardo Ardissone 6067eddf83 minetest-server module: fix executable path 2016-05-15 18:46:45 -03:00
Joachim Fasting 3ad0276e7e Merge pull request #15435 from mayflower/nzbget_no_config
nzbget: 16.4 -> 17.0-r1686 and nzbget service
2016-05-15 14:05:31 +02:00
Joachim Fasting fbdb82cc17 Merge pull request #15473 from romildo/fix.xfce4-screenshooter
xfce4: rename application xfce4screenshooter to xfce4-screenshooter
2016-05-15 12:17:32 +02:00
José Romildo Malaquias 44d347aba5 xfce4: rename application xfce4screenshooter to xfce4-screenshooter 2016-05-15 06:56:46 -03:00
Joachim Fasting b740e046ab
dnscrypt-proxy service: robust lib references in apparmor profile
Use getLib to avoid future problems caused by re-ordering outputs.
2016-05-15 11:55:17 +02:00
Rok Garbas 03b115f8e0 nixos/i3lock-color: added to pam 2016-05-15 07:47:31 +02:00
Robert Irelan a712d8ff0b subsonic: change NixOS home directory config
Move Subsonic state directory from `/var/subsonic` to
`/var/lib/subsonic`, since the general convention is for each
application to put its state directory there.

Also, automatically set the home directory of the `subsonic` user to the
value of `config.services.subsonic.home`, rather than setting it to a
value hardcoded in the module. This keeps the home directory of the
`subsonic` user and the state directory for the Subsonic application in
sync.
2016-05-14 14:13:30 -07:00
Tuomas Tynkkynen 0561e14c3b bind: Split into multiple outputs
A patch is needed to make bind not print its configure flags on
'named -V'.
2016-05-14 22:12:59 +03:00
Joachim Fasting 4e9833d9e8 Merge pull request #15384 from Shados/fix-preshell-terminfo
nixos: ensure TERMINFO is set before user shells are run
2016-05-14 06:21:25 +02:00
Nikolay Amiantov cd5dd9f82e udev service: fix packages' paths 2016-05-14 05:12:52 +03:00
Nikolay Amiantov 5c39f28a9f Merge pull request #15024 from abbradar/xfce-no-desktop
xfce service: add noDesktop option
2016-05-14 04:55:27 +03:00
Tristan Helmich 36f8b3cad1 nzbget: 16.4 -> 17.0-r1686 and nzbget service 2016-05-13 18:56:39 +02:00
Franz Pletz 939c80c26f jenkins module: Check for 200 & 403 response codes
The new jenkins version shows a setup wizard on first startup that will
throw a 403 HTTP response code instead of 200.
2016-05-13 17:45:39 +02:00
Vladimír Čunát 3e387c3e00 Merge branch 'staging'
Darwin isn't in a perfect state, in particular its bootstrap tools won't
build which will block nixpkgs channel. But on the whole it seems
acceptable.
2016-05-13 10:14:53 +02:00
Franz Pletz df8958435e grafana: 2.6.0 -> 3.0.1 (#15395)
* grafana: 2.6.0 -> 3.0.1

* grafana module: Fix anonymous auth & add analytics config
2016-05-13 02:28:24 +02:00
Данило Глинський (Danylo Hlynskyi) bc2fe9f2cd typo in authorizedKeysFiles 2016-05-12 18:01:17 +03:00
Joachim Fasting 639dcffa0b Merge pull request #15403 from Shados/maintain-teamspeak-server
teamspeak-server package & module maintenance
2016-05-12 13:01:38 +02:00
Alexei Robyn 11b0972544 teamspeak-server module: Create data directory by
leveraging users.users.<user>.createHome instead of a preStart script.
preStart script is still required to ensure proper creation of logging
directory.
2016-05-12 20:49:17 +10:00
Domen Kožar 25e3c091a0 Revert "nixos/nat: Allow nat without an externalInterface"
This reverts commit 431a98b12b.

Breaks nixos tests: http://hydra.nixos.org/build/35538207
2016-05-12 11:04:06 +01:00
Joachim Fasting 1aff127b56 Merge pull request #10988 from Shados/improve-rsnapshot-service
rsnapshot service: Avoid package rebuild, create+use /etc/rsnapshot.conf
2016-05-12 05:24:01 +02:00
Vladimír Čunát 6c2fbfbd77 Merge branch 'master' into staging 2016-05-12 04:53:38 +02:00
Franz Pletz 431a98b12b nixos/nat: Allow nat without an externalInterface 2016-05-12 01:52:13 +02:00
Alexei Robyn 1e2ec5817c rsnapshot module: Enable manual rsnapshot usage with module config. 2016-05-12 09:27:59 +10:00
Alexei Robyn c90d5eb298 rsnapshot module: Avoid package rebuild, pass config file explicitly. 2016-05-12 09:27:52 +10:00