3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

14455 commits

Author SHA1 Message Date
worldofpeace 747fb48c72
Merge pull request #85065 from worldofpeace/autologin-unified
nixos/displayManager: make autoLogin options independent of DM type
2020-07-10 00:04:41 -04:00
worldofpeace 490cd7889e nixos/displayManager: make autoLogin options independent of DM type
Co-authored-by: volth <volth@volth.com>
2020-07-09 21:15:35 -04:00
lewo 9534da25bf
Merge pull request #90115 from asbachb/postfix-tls
postfix: Replaced config key by recommendation and introduced usage of system trust store
2020-07-09 20:29:49 +02:00
Matt Layher f9ea9c7299 nixos/systemd: add options for hardware watchdog management 2020-07-08 21:43:12 -04:00
Graham Christensen 84ecbc9a19
libvirtd: don't start libvirtd-tcp.socket by default
Per upstream:

> libvirtd-tcp.socket - the unit file corresponding to the TCP 16509
> port for non-TLS remote access. This socket should not be configured
> to start on boot until the administrator has configured a suitable
> authentication mechanism.
2020-07-08 19:50:23 -04:00
Florian Klink 9e5f550af9 nixos/networkd: fix systemd.network.netdevs.<name>.vlanConfig.Id example
This is passed as integer, not string.

Closes https://github.com/NixOS/nixpkgs/issues/91172.
2020-07-08 20:43:17 +02:00
Eelco Dolstra 046427570e
nix: 2.3.6 -> 2.3.7 2020-07-08 16:58:54 +02:00
Maximilian Bosch 87d7f0f0f3
Merge pull request #92329 from asbachb/roundcube/add-message-size
roundcube: Added new option `maxAttachmentSize` to configure max attachment size
2020-07-08 11:22:14 +02:00
Maximilian Bosch 5bc22adb5a
nixos/manual: fix build
Option names must be `opt-<full-option-name>` in docbook XML.
2020-07-08 11:09:01 +02:00
worldofpeace dfe59e0ab2
Merge pull request #90307 from eyJhb/luks-pre-post
boot.initrd.luks.devices: add preOpenCommands and postOpenCommands
2020-07-08 03:02:29 -04:00
worldofpeace aba048f0bf
Merge pull request #92587 from worldofpeace/session-settings-update
Pantheon updates 2020-07-07
2020-07-08 01:01:05 -04:00
Benjamin Asbach 12e0d726fd roundcube: Added new option maxAttachmentSize to configure the maximum attachment size
The multiplication is used since roundcube uses only 70% of the php configured upload size.
2020-07-08 01:22:28 +02:00
worldofpeace eb3c53b4e9 nixos/pantheon: update greeter whitelist to new wording
This was a simple non fatal deprecation.

https://github.com/elementary/wingpanel/pull/326
2020-07-07 11:35:21 -04:00
worldofpeace 56619d6ebb
Merge pull request #85992 from symphorien/ibus-db
ibus: fix dconf database
2020-07-07 11:29:53 -04:00
Samuel Gräfenstein 82cf1d9dcd
nixos/plasma5: Noto Mono -> Noto Sans Mono
The font has been renamed.
See https://github.com/googlefonts/noto-fonts/pull/1029
2020-07-07 17:07:27 +02:00
Kristoffer Søholm 80a7a4295a nixos/jupyter: add package and command options 2020-07-07 15:00:49 +02:00
Michele Guerini Rocco fc553c0bc5
Merge pull request #89773 from rnhmjoj/ncdns
ncdns: init at 0.0.10.3
2020-07-07 10:58:55 +02:00
Michele Guerini Rocco 01c4a388ee
Merge pull request #91238 from rnhmjoj/users
nixos/users-groups: do not check validity of special hashes
2020-07-07 10:57:51 +02:00
Niklas Hambüchen e8c1ff9ef8
grub: Fix incorrect upgrade to new jsonStateLine. See #85895. (#92520)
Fixes error

    Can't use an undefined value as an ARRAY reference at /nix/store/...-install-grub.pl line 642, <FILE> line 5.

with `/boot/grub/state` being:

```
grub
2.04
no
/dev/sda
/boot

```

I am not sure where the trailing empty line can come from; the script does not
seem to write it. In any case, now we handle that situation as well.

Further, ensure that `extraGrubInstallArgs` defaults to the empty array
if its key is not present in the `jsonState`.
2020-07-07 00:53:55 +02:00
Martin Weinelt 8f357b7144
Merge pull request #81224 from chkno/modprobe-dot-d
nixos/modprobe: Fix modprobe configuration manpage link
2020-07-06 23:31:11 +02:00
Chuck 70cb417bac nixos/modprobe: Fix modprobe configuration manpage link 2020-07-06 13:50:11 -07:00
Niklas Hambüchen a90ae331ec install-grub.pl: Add errno messages to all or die errors.
For example, turns the error

    cannot copy /nix/store/g24xsmmsz46hzi6whv7qwwn17myn3jfq-grub-2.04/share/grub/unicode.pf2 to /boot

into the more useful

    cannot copy /nix/store/g24xsmmsz46hzi6whv7qwwn17myn3jfq-grub-2.04/share/grub/unicode.pf2 to /boot: Read-only file system
2020-07-06 22:07:46 +02:00
Niklas Hambüchen 8665b5ab91 grub: Add boot.loader.grub.extraGrubInstallArgs option.
Useful for when you need to build grub modules into your grub kernel
to get a working boot, as shown in the added example.

To store this new value, we switch to more structural JSON approach.

Using one line per value to store in `/boot/grub/state` gets really messy when
the values are arrays, or even worse, can contain newlines (escaping would be
needed). Further, removing a value from the file would get extra messy
(empty lines we'd have to keep for backwards compatibility).

Thus, from now on we use JSON to store all values we'll need in the future.
2020-07-06 22:07:46 +02:00
Niklas Hambüchen 81c15742ce install-grub.pl: Write state file atomically.
Other files were already written atomically, but not this one.
2020-07-06 22:07:46 +02:00
Niklas Hambüchen 0dcad215fe install-grub.pl: Refactor: Extract getList() 2020-07-06 22:07:46 +02:00
Niklas Hambüchen d4d9d9c552
Merge pull request #92122 from nh2/qemu-vm-fix-useBootLoader
qemu-vm: Fix useBootLoader, remove `/boot` read-only restriction
2020-07-06 22:06:20 +02:00
Daniel Fullmer 0b4e216775 qemu-vm: treat EFI vars as state, similarly to diskImage 2020-07-06 12:09:37 -07:00
Daniel Fullmer fec163d21c qemu-vm: add EFI support for aarch64 2020-07-06 12:09:36 -07:00
Daniel Fullmer d7e3312ab1 qemu-vm: split EFI NVRAM into CODE and VARS 2020-07-06 12:08:41 -07:00
Daniel Fullmer 4d14826825 qemu-vm: allow bootloader to set EFI vars
Without this, systemd-boot does not add an EFI boot entry for itself.
The reason it worked before this fix is because it would fall back to
the default installed \EFI\BOOT\BOOTX64.EFI
2020-07-06 12:07:49 -07:00
Imran Hossain 7dd656a037 nixos/restic: Add options for rclone repositories 2020-07-06 10:27:55 -04:00
Aaron Andersen 5cecdd145b
Merge pull request #91042 from datafoo/fix-issue-86184
nixos/acme: execute a single lego command
2020-07-06 07:26:05 -04:00
Eric Wolf 8af58eda12
postfix: Add submissions option for postfix and test (#91691)
RFC 8314 suggests, for end user submission of
mails, SMTP over TLS on port 465 should be used.

Closes #91690
2020-07-06 03:37:56 +02:00
Benjamin Hipple 152a29fef8
Merge pull request #77557 from c0deaddict/feature/nginx-sso-package-option
nixos/nginx.sso: add package option
2020-07-05 21:24:22 -04:00
Benjamin Hipple 1e835d98c5
Merge pull request #89498 from 0x4A6F/master-xandikos
xandikos: 0.1.0 -> 0.2.2
2020-07-05 20:04:50 -04:00
Matthew Bauer c34507d795
Merge pull request #90431 from euank/nixos-install-warn
nixos-install: error out if $mountPoint has bad permissions
2020-07-05 18:55:43 -04:00
Vincent Breitmoser 5395397fd6 nixos/nix-daemon: work on buildMachines submodule 2020-07-05 16:51:55 +02:00
John Ericson 1ed248eac2 nixos/nix-daemon: Organize buildMachine options with a submodule 2020-07-05 16:51:55 +02:00
Benjamin Asbach 632104e5a4 postfix: deprecated sslCACert in favour of tlsTrustedAuthorities
`sslCACert` was used for trust store of client and server certificates. Since `smtpd_tls_ask_ccert` defaults to no the setup of `smtpd_tls_CApath` was removed.

>By default (see smtpd_tls_ask_ccert), client certificates are not requested, and smtpd_tls_CApath should remain empty.
see http://www.postfix.org/postconf.5.html#smtpd_tls_CAfile
2020-07-05 14:53:34 +02:00
Benjamin Asbach 9d697837f0 postfix: used recommended configuration key to enable tls
> With Postfix 2.3 and later use smtp_tls_security_level instead.

http://www.postfix.org/postconf.5.html#smtp_use_tls
2020-07-05 14:50:40 +02:00
Lassulus e0f07f9b8d
Merge pull request #63165 from CRTified/module/initrd-ovpn
nixos/system/boot/initrd-openvpn: New openvpn options for initrd
2020-07-05 14:32:52 +02:00
Jan Tojnar 07cebeffb8
Merge pull request #86473 from bachp/virtualbox-vmsvga 2020-07-05 04:11:44 +02:00
worldofpeace d3a40e7cfc
Merge pull request #92270 from samuelgrf/fix/whether-typo
nixos/*: fix misspellings of whether
2020-07-04 09:34:28 -04:00
Samuel Gräfenstein 5bb0b72720
nixos/*: wheter -> whether 2020-07-04 15:20:41 +02:00
Samuel Gräfenstein 850d7d1790
nixos/*: wether -> whether 2020-07-04 15:17:03 +02:00
Niklas Hambüchen 7c903ca1d2
Merge pull request #92205 from chkno/qemu-vm-cleanup
qemu-vm device name cleanup
2020-07-04 15:08:52 +02:00
Niklas Hambüchen 5b16d4c9ce qemu-vm.nix: Fix device name hardcodes on useBootLoader.
boot.loader.grub.device` was hardcoded to `bootDevice`, which is
wrong, because that's the device for `/`, and with `useBootLoader`
the boot loader is not on that device.

This bug probably came into existence because of bad naming;
`virtualisation.bootDevice` has description
"The disk to be used for the root filesystem", which is very confusing;
it should be `.rootDevice` then!
Unfortunately, the description is right and the attribute name is wrong,
so it is not easy to change this without deprecation.

This commit ensures that even if you use `useBootLoader` and
`diskInterface == "scsi"`, the created VM can boot through, and can run
`nixos-rebuild afterwards.

It also adds extra commentary to explain what's going on in this module
in general in relation to `useBootLoader`.
2020-07-04 14:47:36 +02:00
Niklas Hambüchen 2fa351b6a5 qemu-vm.nix: Do not mount /boot read-only.
There does not seem to be a good reason to do this, and it breaks running
`nixos-rebuild boot --install-bootloader` inside the VM.
2020-07-04 14:44:33 +02:00
Chuck e74755c422 nixos/qemu-vm: Don't assume boot drive is always vdb 2020-07-04 14:40:42 +02:00
rnhmjoj c37347af7e
nixos/users-groups: handle password hashes with special meaning 2020-07-04 12:21:49 +02:00
rnhmjoj 99899e2e46
nixos/users-groups: add assertion for ":" in hashes 2020-07-04 12:21:49 +02:00
rnhmjoj 751c2ed6e4
nixos/users-groups: do not check validity of empty hashes 2020-07-04 12:21:49 +02:00
rnhmjoj 900ae97569
nixos/users-groups: clearly document special hash values
This explanation was contained in the description of
security.initialRootPassword but got lost when it was deprecated
a long ago (f496c3c) and removed.
2020-07-04 12:21:48 +02:00
rnhmjoj a6ed7d4845
nixos/users-groups: remove ancient security.initialRootPassword option
This option has been deprecated for a long time because is redundant
(users.users.root.initialHashedPassword exists).
Moreover, being of type string, it required to handle the special value
"!" separately, instead of using just `null`.
2020-07-04 12:14:37 +02:00
Jörg Thalheim b2aa673d5a
nixos: fix manual build
https://github.com/NixOS/nixpkgs/pull/92240#issuecomment-653740926
2020-07-04 10:23:25 +01:00
Jörg Thalheim 81aeaeb252
Merge pull request #92240 from nh2/better-empty-password-docs
docs: Explain how to set password-less logins.
2020-07-04 07:24:37 +01:00
Chuck a5e211dd7f nixos/qemu-vm: Generalize drive naming 2020-07-03 19:36:45 -07:00
Niklas Hambüchen 06b8b96500 docs: Explain how to set password-less logins.
This explains the

    # Allow the user to log in as root without a password.
    users.users.root.initialHashedPassword = "";

that the NixOS installer live systems use in
`profiles/installation-device.nix`.
2020-07-04 02:05:03 +02:00
Pascal Bach 3e7d650bcc nixos/unifi: restart service on package update
Currently the service doesn't detect if on of the packages is updated
and doesn't restart.

By manually adding a trigger we make sure the service restarts if any of
the involved packages update.
2020-07-03 22:34:29 +02:00
Chuck 800639f287 nixos/qemu-vm: Refactor: Combine duplicate disk definitions 2020-07-03 11:31:43 -07:00
Peter Hoeg 8bc7721fb1
Merge pull request #91765 from asdf8dfafjk/onedrive_module
nixos/onedrive: init
2020-07-03 10:08:42 +08:00
Graham Christensen 9d335706a0
Merge pull request #92092 from ElvishJerricco/zfs-encryption-systemd-ask-password
ZFS: Update description for requestEncryptionCredentials
2020-07-02 17:25:53 -04:00
Will Fancher b5f7b79a2d ZFS: Update description for requestEncryptionCredentials 2020-07-02 16:08:50 -04:00
Graham Christensen 105e63469d
Merge pull request #91344 from ElvishJerricco/zfs-encryption-systemd-ask-password
ZFS: Ask for stage 2 encryption passwords using systemd-ask-password
2020-07-02 14:15:18 -04:00
Will Fancher e2f1594695 ZFS: Set IFS=$'\t' for the read command in stage 2 load-key
Co-authored-by: Graham Christensen <graham@grahamc.com>
2020-07-02 13:50:29 -04:00
Will Fancher 05f8cba1b6 ZFS: Pipe /dev/null into the stage 2 load-key script
Just in case something reads stdin, so that `while read ds kl` doesn't
miss anything
2020-07-02 13:50:28 -04:00
Will Fancher c128229dce plymouth: Enable systemd-ask-password-plymouth 2020-07-02 13:50:23 -04:00
Vincent Ambo c0122d335b nixos/openldap: add option for configuring OpenLDAP package to use
In certain cases, for example when custom OpenLDAP modules are
compiled into the binary, users may want to override the package used
for OpenLDAP.

This is especially common in setups where LDAP is the primary
authentication source, as good password hashing mechanisms need to be
enabled as extra modules.
2020-07-01 20:49:04 +01:00
Michele Guerini Rocco dab676b2d7
Merge pull request #65231 from buckley310/grub-password
grub: add support for passwords
2020-07-01 09:04:30 +02:00
CRTified c684398c6a nixos/system/boot/initrd-openvpn: Add openvpn options for initrd
nixos/tests/initrd-openvpn: Add test for openvpn in the initramfs

The module in this commit adds new options that allows the
integration of an OpenVPN client into the initrd.
This can be used e.g. to remotely unlock LUKS devices.

This commit also adds two tests for `boot.initrd.network.openvpn`.
The first one is a basic test to validate that a failing connection
does not prevent the machine from booting.

The second test validates that this module actually creates a valid
openvpn connection.
For this, it spawns three nodes:

  - The client that uses boot.initrd.network.openvpn
  - An OpenVPN server that acts as gateway and forwards a port
    to the client
  - A node that is external to the OpenVPN network

The client connects to the OpenVPN server and spawns a netcat instance
that echos a value to every client.
Afterwards, the external node checks if it receives this value over the
forwarded port on the OpenVPN gateway.
2020-07-01 00:08:55 +02:00
Michele Guerini Rocco 5abeb133de
Merge pull request #91794 from rnhmjoj/fish-mandb
nixos/fish: enable man cache generation
2020-06-30 13:43:22 +02:00
rnhmjoj 5b59329234
nixos/fish: enable man cache generation 2020-06-29 22:28:32 +02:00
_ a3b0864bb0 nixos/onedrive: init 2020-06-29 19:56:41 +05:30
misuzu fc9f994ee5
nixos/gitlab-runner: add more global options (#86946) 2020-06-29 13:35:21 +00:00
Florian Klink aed85b7279
Merge pull request #85223 from arianvp/acme-fix-nginx-after
nixos/acme: Fix ordering of certificate requests (#81482)
2020-06-29 10:17:25 +02:00
Linus Heckemann 5b8b201e44 Revert "traefik: unify TOML generation"
This reverts commit a5e6901702.

yj doesn't distinguish floats and ints, which breaks some configs.
2020-06-29 09:34:41 +02:00
Robert Schütz 595a3d14b7
Merge pull request #91168 from dotlambda/radicale-3.0.3
radicale: 2.1.11 -> 3.0.3
2020-06-28 12:48:56 +02:00
Graham Christensen 38060ee399
Merge pull request #91666 from Atemu/undervolt-warning
undervolt: clarify that the service is unofficial
2020-06-27 08:39:55 -04:00
Atemu 2c7402b54d undervolt: clarify that the service is unofficial
The original warning almost made it sound like the service was made by or
somehow connected to Intel which is not the case
2020-06-27 14:21:58 +02:00
Christoph Hrdinka b2655b6a34
Merge pull request #91514 from NinjaTrappeur/nin-fix-nsdconf
nixos/nsd: symlink conf file to /etc/nsd
2020-06-26 23:24:30 +02:00
Marek Mahut bb7c60708a
Merge pull request #91497 from 1000101/blockbook
nixos/blockbook-frontend: init
2020-06-26 21:17:36 +02:00
Félix Baylac-Jacqué 7020dc8eac
nixos/nsd: symlink conf file to /etc/nsd
We remove the configFile build flag override in the NixOS module.

Instead of embedding the conf file link to the binaries, we symlink it
to /etc/nsd/nsd.nix, the hardcoded config file location for the
various CLI nsd utilities.

This config file build option override is triggerring a nsd rebuild
for each configuration change. This prevent us to use the nixos cache
in many cases.

Co-authored-by: Erjo <erjo@cocoba.work>
2020-06-26 20:18:33 +02:00
1000101 de3c56ffd8 nixos/blockbook-frontend: init 2020-06-26 16:16:49 +02:00
zowoq a8efeed583
Merge pull request #91138 from zowoq/podman
podman: 1.9.3 -> 2.0.1
2020-06-26 12:14:22 +10:00
zowoq 29b75dc074
Merge pull request #91458 from mdlayher/mdl-corerad-0.2.7
corerad: 0.2.6 -> 0.2.7
2020-06-26 09:45:59 +10:00
zowoq e89446656d nixos/{podman,containers}: libpod.conf -> containers.conf 2020-06-26 08:09:36 +10:00
Frederik Rietdijk bef20b38ef Merge master into staging-next 2020-06-25 13:48:05 +02:00
Kim Lindberger c00bf081d9
Merge pull request #88940 from stigtsp/package/convos-init
convos: init at 4.22
2020-06-25 09:32:33 +02:00
Matt Layher 09f0d65317
nixos/corerad: set systemd unit Type=notify
Signed-off-by: Matt Layher <mdlayher@gmail.com>
2020-06-24 22:09:20 -04:00
Timo Kaufmann 41ba255e23
Merge pull request #77982 from symphorien/sshl_ipv6
nixos/sslh: make it possible (and the default) to listen on ipv6, plus regression test
2020-06-24 22:13:19 +02:00
Frederik Rietdijk 16287a8cb8 Merge master into staging-next 2020-06-24 19:04:03 +02:00
Fabian Möller c07a6f8743
nixos/generic-extlinux-compatible: fix docbook syntax 2020-06-23 20:51:02 +02:00
Vladimír Čunát 64cf1e79dd
Merge #91363: small treewide: his -> theirs/its 2020-06-23 19:11:13 +02:00
Sean Buckley 37ec7c488a
grub: add support for passwords
This patch adds support for user accounts/passwords in GRUB 2.
When configured, everything but the default option is password-protected.
2020-06-23 19:01:43 +02:00
Florian Klink d227d81c9a
Merge pull request #91195 from flokli/extlinux-conf-builder-dtbname
extlinux-conf-builder: expose and use base builder command, allow a custom FDT to be specified
2020-06-23 18:07:31 +02:00
Profpatsch 517be84135 small treewide: his -> theirs/its
SJW brigade represent. ;)

Co-authored-by: Jan Tojnar <jtojnar@gmail.com>
2020-06-23 16:49:50 +02:00
Will Fancher 0d55d48f0f ZFS: Ask for stage 2 encryption passwords using systemd-ask-password 2020-06-23 06:25:21 -04:00
Robert Schütz d77fb3729d nixos/radicale: use radicale3 2020-06-23 12:02:27 +02:00
Jörg Thalheim 7aaffa71dc
Merge pull request #91216 from Mic92/nixos-config-generate
nixos-generate-config: refer to nixos-hardware
2020-06-22 23:52:48 +01:00
Jörg Thalheim e943489f24
nixos-generate-config: refer to nixos-hardware 2020-06-22 23:51:08 +01:00
Stig Palmquist 042a2d8baf
nixos/convos: init 2020-06-22 13:58:34 +02:00
Frederik Rietdijk 7481da9cbd Merge master into staging-next 2020-06-22 08:46:16 +02:00
Jörg Thalheim 9aa668ef04
Merge pull request #91154 from Mic92/homeassistant 2020-06-21 13:59:28 +01:00
Florian Klink 387f3b58d2 hardware.deviceTree: add name
This can be used to explicitly specify a specific dtb file, relative to
the dtb base.

Update the generic-extlinux-compatible module to make use of this option.
2020-06-21 13:48:22 +02:00
Florian Klink bd8137aef1 extlinux-conf-builder.sh: allow a custom FDT to be specified
Some bootloaders might not properly detect the model.
If the specific model is known by configuration, provide a way to
explicitly point to a specific dtb in the extlinux.conf.
2020-06-21 13:48:22 +02:00
Florian Klink afa627730e nixos/sd-image-*: use boot.loader.generic-extlinux-compatible.populateCmd
While getting rid of the separate extlinux-conf-builder import, this now
also honors boot.loader.timeout in the initial sd card image if
specified.
2020-06-21 13:48:17 +02:00
Florian Klink 54129e72b4 nixos/generic-extlinux-compatible: introduce boot.loader.generic-extlinux-compatible.populateCmd
This option exposes the builder command used to populate an image,
honoring all options except the -c <path-to-default-configuration>
argument.

Useful to have for sdImage.populateRootCommands.

Special care needs to be taken w.r.t cross - the populate command runs
on the host platform, the activation script on the build platform (so
the builders differ)
2020-06-21 13:41:22 +02:00
edef c27fc6a5e5
nixos/gerrit: allow configuring replication declaratively (#91200) 2020-06-21 08:54:14 +00:00
Florian Klink 43424688db nixos/deviceTree: fix description
hardware.deviceTree.base points to a path, not a package (and also if of
types.path)

It defaults to ${config.boot.kernelPackages.kernel}/dtbs.
2020-06-21 10:39:10 +02:00
Edmund Wu 00f7558225
Revert "libinput: ensure that we only apply touchpad options to touchpads"
This reverts commit 912a58428c.
2020-06-20 20:46:17 -04:00
Samuel Dionne-Riel f203b8b277
Merge pull request #90119 from samueldr/feature/rpi4-fixups
Fix some pitfalls from the Raspberry Pi 4 specific sd image
2020-06-20 17:02:51 -04:00
Michele Guerini Rocco 1eef920a8d
Merge pull request #91128 from bbigras/rslsync-localhost
nixos/resilio: listen on [::1] by default
2020-06-20 20:43:04 +02:00
Bruno Bigras dbb5bdfa09 nixos/resilio: listen on [::1] by default 2020-06-20 14:28:23 -04:00
Maximilian Bosch c9462630bd
Merge pull request #91149 from nlewo/nextcloud-expose-occ
nixos/nextcloud: add occ internal option
2020-06-20 19:28:25 +02:00
Marek Mahut 0ff1bdb7c0
Merge pull request #90884 from mmahut/wasabi
nixos/wasabibackend: init 1.1.11.1
2020-06-20 15:30:32 +02:00
lewo 2fd146f6ae
Merge pull request #89427 from Ma27/nextcloud19
nextcloud19: init at 19.0.0
2020-06-20 13:59:47 +02:00
Symphorien Gibol 433f227f70 nixos/sslh: make it possible (and the default) to listen on ipv6 2020-06-20 12:54:36 +02:00
Jörg Thalheim 26e9a3498b
nixos/home-assistant: make service reloadable
This allows quick reloads using the following trick:

$(nix-build --show-trace --no-out-link \
  -E '(with import <nixpkgs/nixos> {};
       pkgs.writeScript "update-hass-config"
       config.systemd.services.home-assistant.preStart)')
systemctl reload home-assistant
2020-06-20 10:31:27 +01:00
Maximilian Bosch f326e5a35e
nixos/nextcloud: update upgrade-path for nextcloud19
Enhance the heuristics to make sure that a user doesn't accidentally
upgrade across two major versions of Nextcloud (e.g. from v17 to v19).

The original idea/discussion has been documented in the nixpkgs manual[1].

This includes the following changes:

* `nextcloud19` will be selected automatically when having a stateVersion
  greater or equal than 20.09. For existing setups, the package has to
  be selected manually to avoid accidental upgrades.

* When using `nextcloud18` or older, a warning will be thrown which recommends
  upgrading to `nextcloud19`.

* Added a brief paragraph about `nextcloud19` in the NixOS 19.09 release
  notes.

* Restart `phpfpm` if the Nextcloud-package (`cfg.package`) changes[2].

[1] https://nixos.org/nixos/manual/index.html#module-services-nextcloud-maintainer-info
[2] https://github.com/NixOS/nixpkgs/pull/89427#issuecomment-638885727
2020-06-20 11:30:11 +02:00
Michele Guerini Rocco 34f19a4686
Merge pull request #86253 from erictapen/printers-example
nixos/printers: fix example for hardware.printers.ensurePrinters.*.model
2020-06-20 10:15:30 +02:00
Michele Guerini Rocco fe1245d555
Merge pull request #87270 from martinetd/mpd-fluidsynth
mpd: add services.mpd.fluidsynth option
2020-06-20 10:14:06 +02:00
Antoine Eiche 7d994ad445 nixos/nextcloud: add occ internal option
This option exposes the prefconfigured nextcloud-occ
program. nextcloud-occ can then be used in other systemd services or
added in environment.systemPackages.

The nextcloud test shows how it can be add in
environment.systemPackages.
2020-06-20 09:59:27 +02:00
Michele Guerini Rocco 41e1bd6021
Merge pull request #90635 from Twey/libinput-touchpad
libinput: ensure that we only apply touchpad options to touchpads
2020-06-20 09:58:47 +02:00
Michele Guerini Rocco 003bf184c0
Merge pull request #91116 from bbigras/rslsync-group
nixos/resilio: fix group name in documentation
2020-06-20 09:54:17 +02:00
Frederik Rietdijk 9c5e7367d1 Merge master into staging-next 2020-06-20 07:38:17 +02:00
Evils 73a90b0154 nixos/tuptime: change group/user to match upstream 2020-06-20 05:34:37 +02:00
Timo Kaufmann 4843eab3a1
Merge pull request #84135 from symphorien/btrfs-scrub-success
nixos/btrfs autoScrub: don't fail when scrub finishes successfully
2020-06-19 22:55:19 +02:00
Maximilian Bosch a2a5aa2634
nextcloud19: init at 19.0.0
https://nextcloud.com/blog/nextcloud-hub-brings-productivity-to-home-office/
2020-06-19 22:16:52 +02:00
Bruno Bigras ad13beeebc nixos/resilio: fix group name in documentation 2020-06-19 15:15:33 -04:00
Marek Mahut d07ba3e962
nixos/wasabibackend: fixing description
Co-authored-by: 1000101 <b1000101@pm.me>
2020-06-19 20:07:55 +02:00
Alyssa Ross 4e69b0a899
Merge pull request #89744 from vojta001/traefik-indent-config
traefik: unify TOML generation
2020-06-19 15:23:55 +00:00
Marek Mahut b62df8ab46 nixos/wasabibackend: init 2020-06-19 16:44:21 +02:00
datafoo cc37d7edd7 nixos/acme: execute a single lego command
Stop trying to execute `lego renew` if that is not necessary.

Fix #86184.
2020-06-19 14:56:17 +02:00
Frederik Rietdijk e4cd7a48f3 Merge staging-next into staging 2020-06-19 10:49:25 +02:00
Linus Heckemann aea806b8ea
Merge pull request #86177 from mayflower/mailman-upstream
Mailman refactor
2020-06-19 07:54:41 +02:00
Euan Kemp 460c0d608f nixos-install: error out if $mountPoint has bad permissions
The nix store more-or-less requires o+rx on all parent directories.
This is primarily because nix runs builders in a uid/gid mapped
user-namespace, and those builders have to be able to operate on the nix
store.

This check is especially helpful because nix does not produce a helpful
error on its own (rather, creating directories and such works, it's not
until 'mount --bind' that it gets an EACCES).

Helps users who run into this opaque error, such as in #67465.
Possibly fixes that issue if bad permissions were the only cause.
2020-06-18 20:10:26 -07:00
Florian Klink a84cbb60f0
Merge pull request #91073 from danielfullmer/systemd-string-format
nixos/systemd-boot: fix incorrect string formatting
2020-06-19 02:23:25 +02:00
Daniel Fullmer 1d4dc149df nixos/systemd-boot: fix incorrect string formatting
Currently, this always writes "default nixos-generation-%d.conf" without
replacing the "%d" in the string.
Python .format() is not equivalent to "%"
2020-06-18 19:58:50 -04:00
Florian Klink 757ba1931f
Merge pull request #91068 from flokli/nixos-systemd-unit-path-types
nixos/systemd: allow str in systemd.services.<name>.path
2020-06-19 00:25:32 +02:00
Florian Klink f5f8b08f16
Merge pull request #91065 from Infinisil/move-fontultimate
nixos/fontconfig: Move deprecated ultimate removals to relevant module
2020-06-19 00:07:46 +02:00
Florian Klink 1c9e02b911 nixos/systemd: allow str in systemd.services.<name>.path
Turns out, #75510 was too restrictive.

We also need to allow str here, as some modules set this to
"/run/wrappers" to bring `/run/wrappers/bin` into $PATH of a unit.
2020-06-19 00:02:51 +02:00
Florian Klink c1e7366483
Merge pull request #75510 from helsinki-systems/systemd-path-type
nixos/systemd: Use a proper type for unit paths
2020-06-18 23:50:42 +02:00
Silvan Mosberger 78453e6ba6
nixos/fontconfig: Move deprecated ultimate removals to relevant module
This was a mistake in https://github.com/NixOS/nixpkgs/pull/61570, this
does not belong to prometheus
2020-06-18 23:12:18 +02:00
Florian Klink e051dab9ff
Merge pull request #91043 from flokli/buildbot-reporters
nixos/buildbot-master: support reporters, migrate away from status
2020-06-18 23:00:44 +02:00
Linus Heckemann d5cc8fb892 nixos/mailman: fix search index location 2020-06-18 17:23:34 +02:00
Linus Heckemann 176bc68a69 mailman: log to journal 2020-06-18 17:23:33 +02:00
Linus Heckemann 3dbbc786f5 nixos/mailman: RFC42-ise 2020-06-18 17:23:33 +02:00
Linus Heckemann 1b8af3e1ae nixos/mailman: fix clearing static files 2020-06-18 17:23:33 +02:00
Linus Heckemann 32c556b039 nixos/mailman: document, add maintainers 2020-06-18 17:23:29 +02:00
Linus Heckemann b478e0043c nixos/mailman: refactor
- Add serve.enable option, which configures uwsgi and nginx to serve
  the mailman-web application;
- Configure services to log to the journal, where possible. Mailman
  Core does not provide any options for this, but will now log to
  /var/log/mailman;
- Use a unified python environment for all components, with an
  extraPackages option to allow use of postgres support and similar;
- Configure mailman's postfix module such that it can generate the
  domain and lmtp maps;
- Fix formatting for option examples;
- Provide a mailman-web user to run the uwsgi service by default
- Refactor Hyperkitty's periodic jobs to reduce repetition in the
  expressions;
- Remove service dependencies not related to functionality included in
  the module, such as httpd -- these should be configured in user config
  when used;
- Move static files root to /var/lib/mailman-web-static by default. This avoids
  permission issues when a static file web server attempts to access
  /var/lib/mailman which is private to mailman. The location can still
  be changed by setting services.mailman.webSettings.STATIC_ROOT;
- Remove the webRoot option, which seems to have been included by
  accident, being an unsuitable directory for serving via HTTP.
- Rename mailman-web.service to mailman-web-setup.service, since it
  doesn't actually serve mailman-web. There is now a
  mailman-uwsgi.service if serve.enable is set to true.
2020-06-18 17:21:41 +02:00