3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

10813 commits

Author SHA1 Message Date
Jan Tojnar 69c47a3d91
nixos/metacity: switch to gnome3.metacity 2018-08-09 17:36:47 +02:00
Vincent Ambo 5b748bd8fa nixos/datadog-agent: Add option to configure datadog integrations
Introduces an option `services.datadog-agent.extraIntegrations` that
can be set to include additional Datadog agent integrations from the
integrations-core repository.

Documentation and an example is provided with the change.

Relates to NixOS/nixpkgs#40399
2018-08-09 17:25:23 +02:00
Vincent Ambo 5a07bb2fc7 nixos/datadog-agent: Refactor to allow arbitrary check configs
Refactors the datadog-agent (i.e. V6) module to let users configure
arbitrary checks, not just a limited set, without having to resort to
linking the files manually and updating the systemd unit.

Checks are now configured via a `services.datadog-agent.checks` option
which takes an attribute set in which the keys refer directly to
Datadog check names, and the values are attribute sets representing
Datadog's configuration structure.

With this mechanism users can configure arbitrary integrations, for
example for the `ntp`-check, simply by saying:

    services.datadog-agent.checks.ntp = {
      init_config = null;
      # ... other check configuration options as per Datadog
      # documentation
    };

The previous check-specific configuration options for non-default
checks have been removed. Disk & network check configuration options
have been kept rather than making them a `default`-value of the
`checks`-option because they will be overridden by user-configurations
in that case.

Relates to NixOS/nixpkgs#40399.
2018-08-09 17:25:23 +02:00
Rodney Lorrimar b9486e2b50 nixos/datadog-agent: add module
This is the new v6 version of datadog-agent.

The old v5 module is kept as dd-agent.
2018-08-09 16:53:31 +02:00
Rodney Lorrimar 51618113f4 nixos/dd-agent: Fix dodgy temp files
DataDog was dropping PID files and and python pickle files in
/tmp. Move these to private directories as a precaution.
2018-08-09 16:53:30 +02:00
Samuel Dionne-Riel 27c6bf0ef3
Merge pull request #29441 from oxij/nixos/luks
nixos: initrd/luks: allow to reuse passphrases, cleanup
2018-08-08 13:16:57 -04:00
Silvan Mosberger 565479374b
Merge pull request #42469 from ghuntley/patch-4
zerotier: added option to customise the port used
2018-08-08 17:02:25 +02:00
Geoffrey Huntley 5b66ddb943 nixos/zerotier: added option to customise the port used 2018-08-09 00:00:12 +10:00
Linus Heckemann adba92b5ef systemd: improve unit script drv naming
Also store scripts directly in the nix store rather than having the
superfluous /bin/ tree.
2018-08-08 14:29:41 +02:00
Jan Tojnar 83a18e14d9
Merge pull request #39792 from Moredread/fwupd
WIP fwupd: 1.0.5 -> 1.1.0
2018-08-08 11:57:39 +02:00
Jan Malakhovski 456f97f2e6 doc: document luksroot.nix changes in release notes 2018-08-08 02:47:50 +00:00
Jan Malakhovski 8c83ba0386 nixos: initrd/luks: disable input echo for the whole stage 2018-08-08 02:47:50 +00:00
Jan Malakhovski c35917e330 nixos: initrd/luks: simplify Yubikey handling code
From reading the source I'm pretty sure it doesn't support multiple Yubikeys, hence
those options are useless.

Also, I'm pretty sure nobody actually uses this feature, because enabling it causes
extra utils' checks to fail (even before applying any patches of this branch).

As I don't have the hardware to test this, I'm too lazy to fix the utils, but
I did test that with extra utils checks commented out and Yubikey
enabled the resulting script still passes the syntax check.
2018-08-08 02:47:49 +00:00
Jan Malakhovski a9d69a74d6 nixos: initrd/luks: change passphrases handling
Also reuse common cryptsetup invocation subexpressions.

- Passphrase reading is done via the shell now, not by cryptsetup.
  This way the same passphrase can be reused between cryptsetup
  invocations, which this module now tries to do by default (can be
  disabled).
- Number of retries is now infinity, it makes no sense to make users
  reboot when they fail to type in their passphrase.
2018-08-08 02:47:47 +00:00
Jan Malakhovski 12e6907f33 nixos: initrd/luks: cleanup and generalize common shell expressions
Also fix Yubikey timeout handling mess.
2018-08-08 02:45:17 +00:00
Jan Malakhovski dc653449c5 nixos: boot/stage-1: check syntax of the generated script 2018-08-08 02:43:17 +00:00
Jan Tojnar 4ce95e453b
libinfinity: modernize expression
* Use multiple outputs to reduce the number of rebuilds necessary.
* Fix build with GTK+ support
2018-08-08 01:40:26 +02:00
Vincent Bernat 57840dbffb nixos/cloud-init: order after network-online.target (#44633)
Some modules of cloud-init can cope with a network not immediately
available (notably, the EC2 module), but some others won't retry if
network is not available (notably, the Cloudstack module).
network.target doesn't give much guarantee about the network
availability. Applications not able to start without a fully
configured network should be ordered after network-online.target.

Also see #44573 and #44524.
2018-08-08 00:09:00 +02:00
Edmund Wu aea2d822dd luksroot: Add missing quote (#44639) 2018-08-07 23:56:30 +02:00
André-Patrick Bubel 08547ff642
fwupd: 1.0.5 -> 1.1.0
We override the ESP mount point in the config file /etc/fwupd/uefi.conf
(available since version 1.0.6), as it is set to a path in the nix store
during build time.

Tests are disabled as it needs /etc/os-release, which is not available
when building with sandboxing enabled.
2018-08-07 23:25:22 +02:00
Janne Heß 690dac11f3 nixos/luksroot: Support keyfile offsets 2018-08-07 17:39:02 +02:00
Thomas Bach 31e11bdd60 cassandra: rewrote service from scratch
Adds a replacement for the previously broken
`services.database.cassandra` with tests for a multi-node setup.
2018-08-07 14:48:43 +00:00
Maximilian Bosch bd40c92c2c
nixos/oh-my-zsh: add documentation
In the last year `programs.oh-my-zsh` gained more complexity and since
the introduction of features like `customPkgs` which builds a
`ZSH_CUSTOM` path from a sequence of derivation a documentation may be
fairly helpful to make the knowledge how to use the module and how to
package new ZSH plugins visible.

See https://github.com/NixOS/nixpkgs/pull/43282#issuecomment-410770432
2018-08-07 15:47:02 +02:00
Bob van der Linden e1da32d887 set initialHashedPassword in installation-device.nix 2018-08-07 14:45:50 +02:00
adisbladis 8f36a3185f
Merge pull request #44544 from bkchr/plasma_activation_script_use_absolute_path
services.plasma5: Make activationscript use absolute path to
2018-08-07 17:56:54 +08:00
Matthieu Coudron f0980c40c1 networkmanager: make hooks easier to use
First change is to override the nm-dispatcher systemd service so that
it puts coreutils (wc/env/...) and iproute in PATH.
Second change is to make sure userscripts have the execute bit.
2018-08-07 17:53:56 +09:00
John Ericson 68d31ddaf5 stage-1: Remove last reference of now-removed stdenv.isCross 2018-08-06 18:07:02 -04:00
Bastian Köcher 60e1e81201 services.plasma5: Make activationscript use absolute path to
`kbuildsyscoca5`
2018-08-06 17:15:53 +02:00
Robin Gloster fcf067a1aa nixos/release.nix: add docker-registry test 2018-08-06 16:31:33 +02:00
Robin Gloster cb9d784e49 docker-registry: Revert "[bot]: remove unreferenced code"
This code was referenced.

This reverts commit 87f5930c3f.

cc @volth
2018-08-06 16:31:33 +02:00
Jörg Thalheim 05daf390b3 systemd: 238 -> 239 2018-08-06 11:03:09 +02:00
Silvan Mosberger 66793d9284
Merge pull request #44058 from borisbabic/feature/choose-trackpoint-device
trackpoint: Make the device name configurable
2018-08-06 03:14:16 +02:00
Boris Babic 0ef3119c69 trackpoint: Make the device name configurable 2018-08-06 02:56:32 +02:00
Sander van der Burg 9748d7c60b nixos/disnix: undo dysnomia rename to fix disnix and retain compatibility with previous release 2018-08-06 01:25:38 +02:00
Vincent Bernat 48f7778d99 dhcpcd service: order before network target
This reverts a change applied in PR #18491. When interfaces are
configured by DHCP (typical in a cloud environment), ordering after
network.target cause trouble to applications expecting some network to
be present on boot (for example, cloud-init is quite brittle when
network hasn't been configured for `cloud-init.service`) and on
shutdown (for example, collectd needs to flush metrics on shutdown).

When ordering after network.target, we ensure applications relying on
network.target won't have any network reachability on boot and
potentially on shutdown.

Therefore, I think ordering before network.target is better.
2018-08-05 23:07:54 +02:00
Maximilian Bosch 39b85451de
nixos/oh-my-zsh: add customPkgs option to allow multiple derivations for ZSH_CUSTOM
If multiple third-party modules shall be used for `oh-my-zsh` it has to
be possible to create another env which composes all the packages.

Now it can be done like this:

```
{ pkgs, ... }:
{
  programs.zsh.enable = true;
  programs.zsh.ohMyZsh = {
    enable = true;
    customPkgs = with pkgs; [
      lambda-mod-zsh-theme
      nix-zsh-completions
    ];
    theme = "lambda-mod";
    plugins = [ "nix" ];
  };
}
```

Please keep in mind that this is not compatible with
`programs.zsh.ohMyZsh.custom`, only one of these options can be used
ATM.

Each package should store its outputs into
`$out/share/zsh/<output-name>`. Completions (and ZSH-only) extensions
should live in the `fpath` (`$out/share/zsh/site-functions`), plugins in
`.../plugins` and themes in `.../themes` (please refer to
fdb6bf6ed68c2f089ae6c729dfeaa3eddea2ce6a and 406d64aad162b3a4881747be4e24705fb5182573).

All scripts in `customPkgs` will be linked together using `linkFarm` to
provide a single directory for all scripts from all derivations in
`customPkgs` as suggested in https://github.com/NixOS/nixpkgs/pull/43282#issuecomment-410396365.
2018-08-05 23:01:18 +02:00
Silvan Mosberger 47b3cdf9be
Merge pull request #44108 from bennofs/gen-config-extlinux
nixos-generate-config: detect extlinux bootloader
2018-08-05 22:59:46 +02:00
Austin Seipp 3dc65650ea nixos/manual: add release note entry for FoundationDB
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-08-05 08:47:20 -05:00
Austin Seipp d80d0bc3d2 Revert "nixos/manual: add release note entry for FoundationDB"
This reverts commit be1124a537.
2018-08-05 08:42:58 -05:00
Austin Seipp be1124a537 nixos/manual: add release note entry for FoundationDB
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-08-05 08:42:43 -05:00
Austin Seipp d5eccebda5 nixos/manual: wordsmithing on fdb chapter
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-08-05 08:42:43 -05:00
Robert Schütz 2215834789
simp_le: use python3Packages (#44476) 2018-08-05 01:17:38 +02:00
Jesper 0254ae4e80 netdata: 1.9.0 -> 1.10.0 (#44472)
The web_access.patch would no longer apply.
It disabled a check that required the static files
for the web UI to be owned by the user the daemon runs as
(not root, so it doesn't work well with nix).

Besides updating netdata, this commit removes that patch,
changes the netdata service config to set the "web files owner/group"
option to "root" and adds a test that checks that the web UI is being served.

This allows the web files to be owned by root without patching.
2018-08-05 00:05:48 +02:00
Austin Seipp f42f0a1c48 nixos/foundationdb: show an example python script in the documentation
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-08-04 16:56:16 -05:00
Austin Seipp aa79ae0c64 foundationdb: install python bindings
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-08-04 16:56:16 -05:00
Silvan Mosberger 31dda068db
Merge pull request #42877 from Infinisil/systemd-boot/consoleMode
nixos/systemd-boot: Add consoleMode option
2018-08-04 23:21:31 +02:00
Bas van Dijk 5a43f6ffeb graphite: make systemd create /run directory for us (#44392) 2018-08-04 20:55:59 +02:00
xeji 1258e6dd3a
Merge pull request #43421 from rembo10/lightdm-gtk-greeter
nixos/lightdm-gtk-greeter: svg icon support
2018-08-04 17:55:54 +02:00
smithtim 9bf7ff3b57 nixos/doc: added MATE to list of desktop managers in manual (#44442) 2018-08-04 07:23:54 +01:00
Daiderd Jordan e2a32b747f
Revert "nixos/disnix: fix broken service because of rename"
Broke evaluation of the nixos options.

  The option `services.dysnomia' defined in `.../nixos/modules/rename.nix' does not exist.

This reverts commit 5c897b4eff.
2018-08-04 00:26:34 +02:00
Sander van der Burg 5c897b4eff nixos/disnix: fix broken service because of rename 2018-08-03 22:01:56 +02:00
xeji c9f3382a39
Merge pull request #43934 from jfrankenau/mpd-smb
mpd: add nfs and smb support
2018-08-03 21:59:30 +02:00
Johannes Frankenau b9234ea49c nixos/mpd: allow storage plugins in musicDirectory 2018-08-03 21:36:38 +02:00
Okina Matara 36ab89900b nixos/meguca: Various fixes 2018-08-03 10:59:06 -05:00
Okina Matara d49b5bdfb9 nixos/hydron: Various fixes, create db_conf.json and link to it 2018-08-03 10:43:53 -05:00
Silvan Mosberger fcb4254276
Merge pull request #43610 from jfrankenau/fix-pulse-module-x11-publish
nixos/display-managers: fix loading of module-x11-publish
2018-08-03 17:00:14 +02:00
Silvan Mosberger d31f89df44
Merge pull request #44127 from johanot/nixos-cfssl
nixos/cfssl: Add new module for cfssl
2018-08-03 16:39:12 +02:00
Bas van Dijk 3f889f30be nixos/doc: mention the ELK changes in the 18.09 release notes 2018-08-03 15:06:47 +01:00
Bas van Dijk 70e7235510 nixos/doc: add the new strongswan-swanctl service to the 18.09 release notes 2018-08-03 16:06:02 +02:00
Jörg Thalheim c9b41aa81f nixos/elasticsearch: fix evaluation on systems without unfree set 2018-08-03 15:03:53 +01:00
Franz Pletz cb691b987f
Merge pull request #44394 from mayflower/exporter-firewall-fix
nixos/prometheus-exporters: use nixos-fw chain
2018-08-03 13:21:00 +00:00
Matthew Harm Bekkema a6c7132abc doc: change git:// links to https:// (#44395)
The server is not verified over the git:// transfer protocol. If you
clone a repository over git://, you should check if the latest commit's
hash is correct.

On the other hand, https:// will always verify the server automatically,
using certificate authorities.
2018-08-03 14:01:34 +01:00
Jan Tojnar f735d6a38d
Merge pull request #43992 from jtojnar/upstream-sessions
Upstream sessions
2018-08-03 14:23:17 +02:00
WilliButz 9216da8928
nixos/prometheus-exporters: use nixos-fw chain
Use nixos-fw chain instead of INPUT so that the rules don't keep
stacking everytime the firewall is reloaded.
This also adds a comment to each rule about the associated exporter.
2018-08-03 13:20:53 +02:00
Jörg Thalheim c3055ab3ce kibana: update default version to v6 2018-08-03 12:06:57 +01:00
Jörg Thalheim 13db07a092 logstash: update default version to v6 2018-08-03 12:06:45 +01:00
Jörg Thalheim cd62790201 nixos/elasticsearch: remove es5 version guard 2018-08-03 11:50:10 +01:00
Jörg Thalheim bedf471a08 elasticsearch6: new default version 2018-08-03 11:50:04 +01:00
Johannes Frankenau b7ce7d5b3f nixos/display-managers: fix loading of module-x11-publish
module-x11-publish is only provided by the pulseaudioFull package.
2018-08-03 12:22:28 +02:00
Johan Thomsen 7d7c36f8be nixos/cfssl: init
- based on module originally written by @srhb
- complies with available options in cfssl v1.3.2
- uid and gid 299 reserved in ids.nix
- added simple nixos test case
2018-08-03 09:40:32 +02:00
Silvan Mosberger 150f4fe9c4
Merge pull request #44371 from pvgoran/tomcat-webapps-listOfPaths
nixos/tomcat: allow non-package paths in services.tomcat.webapps
2018-08-02 23:32:33 +02:00
Silvan Mosberger 6b20531d7a
Merge pull request #44365 from pvgoran/tomcat-correct-virtualHosts
nixos/tomcat: correct type specification for virtualHosts
2018-08-02 23:32:09 +02:00
Pavel Goran 7fb40c6503 nixos/tomcat: correct type specification for virtualHosts
The wrong specification was introduced as part of commit 472f16d.

Fixes #44361.
2018-08-02 23:37:09 +07:00
Pavel Goran b2b5b97468 nixos/tomcat: allow non-package paths in services.tomcat.webapps
Resolves #44370.
2018-08-02 23:26:21 +07:00
Bas van Dijk 0aae3fda06 graphite: 1.0.2 -> 1.1.3 & moved dependencies to python-modules (#44276)
Fixes #30891

* Upgrade `graphite-web`, `carbon` and `whisper` from 1.0.2 -> 1.1.3.

* Replaced the deprecated `pythonPackages.graphite_influxdb` with
  `pythonPackages.influxgraph.`

* Renamed `pythonPackages.graphite_web` to `pythonPackages.graphite-web`
  to be consistent with the Python package name.

* Replaced the unmaintained `pythonPackages.graphite_pager` with
  `pythonPackages.graphitepager`

* Moved all new packages from `python-packages.nix` to
  `pkgs/development/python-modules`
2018-08-02 16:39:57 +02:00
Youfu Zhang 939c6be54e
fix vlan interface bring up on boot
when the parent interface of a vlan interface is not up (yet), ip link cannot bring the vlan interface up
the vlan interface will be automatically brought up when the parent interface is up later
fix NixOS/nixpkgs#28620
2018-08-02 18:10:10 +08:00
aszlig 6f5a86b189
tests/containers-imperative: Disable useSandbox
Since 4f6df27aee, nix.useSandbox defaults
to true which causes the Nix build within the containers-imperative test
to fail while trying to hardlink files into the chroot:

link("/nix/store/foo", "/nix/store/bar.drv.chroot/nix/store/foo")
   = -1 EPERM (Operation not permitted)

The reason this happens is that the hosts store is mounted using 9p and
an overlayfs is mounted on top, so even if we would disable the tmpfs
for the upper directory the hardlink would still cross filesystem
boundaries, which then fails with the above error code.

I haven't yet seen any other test which fails in a similar way, which
might be because building within VM tests is not very common and the
installer tests build in a separate store, so they're not affected.

Signed-off-by: aszlig <aszlig@nix.build>
Issue: https://github.com/NixOS/nix/issues/2324
Cc: @aristidb, @edolstra, @chaoflow, @kampfschlaefer
2018-08-02 06:00:32 +02:00
Matthew Bauer eb1afe452a
Merge pull request #44332 from jerith666/restic-s3-default
restic: add missing default for s3CredentialsFile
2018-08-01 22:56:12 -04:00
Matt McHenry 016922f88b restic: add missing default for s3CredentialsFile 2018-08-01 22:53:14 -04:00
Franz Pletz 9820531cb5
freeradius module: add to modules-list.nix
This was somehow never added and was thus never available. It works.
2018-08-01 22:24:47 +02:00
Franz Pletz b5477ab37b
freeradius: add rest module and multiple outputs 2018-08-01 22:24:47 +02:00
Maximilian Bosch cd5e01edd9 ocserv: init at 0.12.1 (#42871)
`ocserv` is a VPN server which follows the openconnect protocol
(https://github.com/openconnect/protocol). The packaging is slightly
inspired by the AUR version
(https://aur.archlinux.org/packages/ocserv/).

This patch initializes the package written in C, the man pages and a
module for a simple systemd unit to run the VPN server. The package
supports the following authentication methods for the server:

* `plain` (mostly username/password)
* `pam`

The third method (`radius`) is currently not supported since `nixpkgs`
misses a packaged client.

The module can be used like this:

``` nix
{
  services.ocserv = {
    enable = true;
    config = ''
      ...
    '';
  };
}
```

The option `services.ocserv.config` is required on purpose to
ensure that nobody just enables the service and experiences unexpected
side-effects on the system. For a full reference, please refer to the
man pages, the online docs or the example value.

The docs recommend to simply use `nobody` as user, so no extra user has
been added to the internal user list. Instead a configuration like
this can be used:

```
run-as-user = nobody
run-as-group = nogroup
```

/cc @tenten8401
Fixes #42594
2018-08-01 21:39:09 +02:00
Jan Tojnar 62e665e1ec
nixos/gnome3: warn against sessionPath 2018-08-01 20:36:25 +02:00
Andreas Rammhold 7feba330da
nixos/manual: added missing xml tags 2018-08-01 20:21:28 +02:00
Tor Hedin Brønner 9cd6342008
nixos/gnome3: Add back debug 2018-08-01 19:14:33 +02:00
Tor Hedin Brønner ee34f2537a
nixos/gnome3: Add back sessionPath
Implement through `services.xserver.displayManager.sessionCommands`.
2018-08-01 19:14:33 +02:00
Tor Hedin Brønner e8e0edd95c
nixos/tests/gnome3: Explicitly set default desktopManager
Sessions from `extraSessionFilePackages` isn't picked automatically as the
default session.
2018-08-01 19:14:33 +02:00
Tor Hedin Brønner efa27d33cf
nixos/desktopManager: Only trace if the default session isn't found
The default session might be found in `extraSessionFilePackages`, but it's not
viable to detect at evaluation time, so emit a warning.

In LightDM instead of checking `defaultSessionName` against
`displayManager.session.names` we rely on the assertions in
`desktopManager` and `windowMananger` and just check that there's at least one
default set. The second assertion could never actually be triggered.
2018-08-01 19:14:32 +02:00
Tor Hedin Brønner 9fad9fb869
nixos/displayManager: Create a common environment wrapper for all dms
This makes it easier to support a wider variety of .desktop session files. In
particular this makes it possible to use both the «legacy» sessions and upstream
session files.

We separate `xsession` into two parts, `xsessionWrapper` and `xsession`.
`xsessionWrapper` sets up the correct environment and then lauches the session's
Exec command (from the .desktop file), falling back to launching the default
window/desktopManager through the `xsession` script (required by at least some
nixos tests).

`xsession` then _only_ handles launching desktop-managers/window-managers defined
through `services.xserver.desktopManager.session`.
2018-08-01 19:14:32 +02:00
Jan Tojnar e6056c72d1
nixos/gnome3: use upstream session file
Pass gnome-session to extraSessionFilePackages, remove unnecessary environment variables, move the rest out of old session option, and then drop the option.
2018-08-01 19:14:31 +02:00
Jan Tojnar eb65e5ce56
nixos/gnome3: remove session path
Global environment variables are not very Nix-y.
2018-08-01 19:14:31 +02:00
Jan Tojnar f63d94eba3
gnome3.gpaste: hard-code paths
GPaste GNOME Shell extension uses GPaste library generated via introspection. Previously, we added the gpaste package to services.xserver.desktopManager.gnome3.sessionPath option, which
added its typelib directory to GI_TYPELIB_PATH environment variable globally, in order for GNOME Shell to be able to find it. This is not very Nix-y, though, so we have decided to patch the code to
append the path to the GI repository search path.

Additionally, the code relies on GPaste’s GSettings schemas, so we had to hard-code the paths to them as well. We ignored the GNOME Shell’s schemas, since they will already be available for the
extension inside GNOME Shell program.
2018-08-01 19:14:30 +02:00
Jan Tojnar 0e1c01451f
nixos/gnome3: rely on xdg autostart for xdg-user-dirs 2018-08-01 19:14:30 +02:00
Jan Tojnar cc6d77c83f
gnome3.gdm: add upstream xsession 2018-08-01 19:14:30 +02:00
Jan Tojnar 83fc9a9825
nixos/display-manager.default: add extraSessionFilePackages option 2018-08-01 19:14:30 +02:00
Jan Tojnar a8c6489fd4
nixos/services.xserver.displayManager: move X sessions to a subdirectory
Previously, the mkDesktops function produced a flat package containing
session files in the top level. As a preparation for introduction of
Wayland sessions, the files will now be placed to $out/share/xsessions.
2018-08-01 19:14:29 +02:00
Andreas Rammhold 17ee0a8662
Merge pull request #44190 from andir/nixos/default-enable-sandboxing
nixos/nix-daemon: default `nix.useSandbox` to `true`.
2018-08-01 19:10:45 +02:00
Jean-Philippe Braun 76c7cc0f30 nixos/kubernetes: fix kubelet cgroup stats
https://github.com/kubernetes/kubernetes/issues/56850
2018-07-31 15:45:37 +02:00
Austin Seipp 1fdfa1ca13 nixos/manual: fix inclusion of FoundationDB documentation
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-07-30 18:30:40 -05:00
Matthew Bauer 5afe87ed7a
Merge pull request #44089 from lheckemann/netboot-channel-v2
nixos/release: use real paths of netboot files
2018-07-30 17:56:37 -04:00
Teo Klestrup Röijezon 6c54cfb280 nixos/gitlab: don't install pg_trgm for remote hosts
Fixes #41476
2018-07-30 19:41:12 +02:00
Teo Klestrup Röijezon e0983f3eec nixos/gitlab: create uploads folder
It seems like Gitlab doesn't pick up GITLAB_UPLOADS_PATH. The internal uploads
folder is already symlinked to /run/gitlab/uploads by the gitlab package. Here
we symlink this further to ${statePath}/uploads, since /run is (usually) a tmpfs.
2018-07-30 19:41:12 +02:00
Teo Klestrup Röijezon 3250b89987 nixos/gitlab: don't delete ${statePath}/lib if it doesn't exist
The old behaviour caused new instances to be unable to start
2018-07-30 19:41:12 +02:00
Jörg Thalheim 81d5e441b2
Merge pull request #44202 from jerith666/journald-rate
journald: set rateLimitInterval and rateLimitBurst to upstream defaults
2018-07-30 13:47:01 +01:00
markuskowa b59a13e9b4 beegfs: 6.18 -> 7.0 (#44210) 2018-07-30 12:42:59 +02:00
Isaac Shapira a8febbc4eb nixos/hoogle: add home option (#44103) 2018-07-30 11:27:07 +01:00
xeji 2791900608
Merge pull request #40982 from romildo/upd.lxqt
lxqt: 0.12.0 -> 0.13.0
2018-07-29 20:43:38 +02:00
Silvan Mosberger c3f00f7c16
Merge pull request #44061 from ljani/avahi-extraconfig
nixos/avahi: add support for extraConfig
2018-07-29 20:07:11 +02:00
Matt McHenry a3c1ddda84 journald: set rateLimitInterval and rateLimitBurst to upstream defaults 2018-07-29 12:29:30 -04:00
Andreas Rammhold 4f6df27aee
nixos/nix-daemon: default nix.useSandbox to true. 2018-07-29 16:47:10 +02:00
Michael Weiss 01cfa808ff
Merge pull request #43682 from primeos/never-stop-system.slice
nixos/switch-to-configuration: Never stop system.slice
2018-07-28 20:42:22 +02:00
Jani d17770d0d5 nixos/avahi: add support for extraConfig 2018-07-28 12:48:08 +03:00
José Romildo Malaquias 63b8e9a2d1 lxqt: add ${config.system.path}/share to XDG_CONFIG_DIRS 2018-07-27 19:59:45 -03:00
Bas van Dijk 72f3a5cf5c
Merge pull request #44038 from LumiGuide/elk-6.3.0
elk: 6.2.4 -> 6.3.2
2018-07-28 00:33:18 +02:00
Bas van Dijk ebcdb822f8 elk: 6.2.4 -> 6.3.2
* The ELK stack is upgraded to 6.3.2.

* `elasticsearch6`, `logstash6` and `kibana6` now come with X-Pack which is
  a suite of additional features. These are however licensed under the unfree
  "Elastic License".

* Fortunately they also provide OSS versions which are now packaged
  under: `elasticsearch6-oss`, `logstash6-oss` and `kibana6-oss`.
  Note that the naming of the attributes is consistent with upstream.

* The test `nix-build nixos/tests/elk.nix -A ELK-6` will test the OSS
  version by default. You can also run the test on the unfree ELK using:
  `NIXPKGS_ALLOW_UNFREE=1 nix-build nixos/tests/elk.nix -A ELK-6 --arg enableUnfree true`
2018-07-28 00:01:31 +02:00
Tuomas Tynkkynen cad1c18743 nixos/rename: Add temporary aliases for the system.nixos.* rename revert
See the previous commit for motivation.
2018-07-28 00:12:55 +03:00
Tuomas Tynkkynen 96190535e5 Revert "nixos: rename system.{stateVersion,defaultChannel} -> system.nixos.\1"
This reverts commit 095fe5b43d.

Pointless renames considered harmful. All they do is force people to
spend extra work updating their configs for no benefit, and hindering
the ability to switch between unstable and stable versions of NixOS.

Like, what was the value of having the "nixos." there? I mean, by
definition anything in a NixOS module has something to do with NixOS...
2018-07-28 00:12:55 +03:00
Benno Fünfstück 29af6a6080 nixos-generate-config: detect extlinux bootloader 2018-07-25 22:45:09 +02:00
Linus Heckemann 662f3020a4 nixos/release: use real paths of netboot files 2018-07-25 14:07:58 +02:00
Profpatsch 710f0f8c10 skarnet software: rename attributes and split outputs
Change the attribute names of camelCased utils to kebab-case to improve
consistency.
Split every package into multiple outputs where possible.
2018-07-25 00:06:31 +02:00
Silvan Mosberger 7eb5ba7618
Merge pull request #44015 from alexshpilkin/resolv-unbound
nixos/networking: include local Unbound in resolv.conf
2018-07-24 22:53:53 +02:00
Eelco Dolstra c9ea04b57f EC2 AMIs: 18.03.131792.becbe4dbe16 -> 18.03.132946.1caae7247b8 2018-07-24 21:19:14 +02:00
Eelco Dolstra b240822cfa create-amis.sh: Change directory for AMIs 2018-07-24 21:19:14 +02:00
Matthew Bauer 1b40dda8a7
Merge pull request #42834 from Synthetica9/patch-1
security.sudo.extraRules: documentation fix
2018-07-23 11:29:18 -04:00
Matthew Bauer ca0522a842
Merge pull request #41970 from aneeshusa/enable-building-systemd-without-libmicrohttpd
nixos/systemd: Allow building systemd without libmicrohttpd
2018-07-23 11:24:14 -04:00
Alexander Shpilkin 81fa1ceeee nixos/networking: include local Unbound in resolv.conf
Previously, only BIND, dnsmasq and resolved were included in
resolv.conf. Recognize an Unbound installation as well.
2018-07-23 16:26:03 +02:00
volth 92b3e8f147 fix build with allowAliases=false 2018-07-23 00:12:23 +00:00
volth cc55a3ebcb treewide: fix build with disallowed aliases (#43872)
fixes build with disallowed aliases
2018-07-21 22:03:24 -04:00
Jörg Thalheim e9ff0f9448
Merge pull request #43863 from volth/unused4
[bot] nixos/*: remove unused arguments in lambdas
2018-07-21 16:39:08 +01:00
Daiderd Jordan 9d72403814
ssh: fix 3572f89bbe 2018-07-21 13:06:16 +02:00
Daiderd Jordan 3572f89bbe
ssh: don't add empty PubkeyAcceptedKeyTypes/HostKeyAlgorithms
The options introduced in e2444a433f would generate a broken
ssh config when set to an empty list.

/etc/ssh/ssh_config line 7: Missing argument.
2018-07-21 12:29:16 +02:00
Daiderd Jordan e2444a433f
Merge pull request #40686 from Izorkin/ssh
ssh: custom config key types
2018-07-21 11:57:41 +02:00
Izorkin 05bc5fed28 ssh: custom config key types 2018-07-21 12:27:16 +03:00
Frederik Rietdijk 8424ac61a9
Merge pull request #43862 from volth/unused3
[bot] treewide: remove unused 'args@' in lambdas
2018-07-21 11:14:44 +02:00
Frederik Rietdijk 251a0a9a86
Merge pull request #43860 from volth/unused2
treewide: remove unused 'inherit' in let blocks
2018-07-21 11:13:36 +02:00
volth 2e979e8ceb [bot] nixos/*: remove unused arguments in lambdas 2018-07-20 20:56:59 +00:00
Pascal Wittmann c271ebdde7
Merge pull request #40768 from CommunicationAnimale/master
nixos/thinkfan: use non-deprecated keywords in config file.
2018-07-20 22:27:56 +02:00
volth dda95bae35 [bot] treewide: remove unused 'args@' in lambdas 2018-07-20 19:54:05 +00:00
volth 6d2857a311 [bot] treewide: remove unused 'inherit' in let blocks 2018-07-20 19:38:19 +00:00
Frederik Rietdijk 1a6af9f88e
Merge pull request #43857 from volth/unused
[bot] treewide: remove unreferenced code
2018-07-20 21:06:32 +02:00
volth 87f5930c3f [bot]: remove unreferenced code 2018-07-20 18:48:37 +00:00
Robert Schütz 55a12c9763
nixos/home-assistant: do not always override extraComponents (#43845)
Fixes #43843.
2018-07-20 19:28:29 +02:00
Erik Arvstedt aecf24a0eb openvpn: document how to import an external config 2018-07-20 10:51:52 +02:00
Robert Schütz e7e5aaa0b9
Merge pull request #43782 from Ma27/fix-simpleldap-python3
python3Packages.simpleldap: remove
2018-07-19 17:54:13 +02:00
Maximilian Bosch 0adca53c79
inginious: remove
Fallout of 9db7f15ea3ce57eee25458daf87cce7a04ea98b2 which removed
simpleldap.

@layus suggests to remove:

* https://github.com/NixOS/nixpkgs/pull/43782#issuecomment-406186881
* https://github.com/NixOS/nixpkgs/pull/31975#issuecomment-346647857
2018-07-19 17:31:40 +02:00
Matthew Bauer 76999cc40e treewide: remove aliases in nixpkgs
This makes the command ‘nix-env -qa -f. --arg config '{skipAliases =
true;}'’ work in Nixpkgs.

Misc...

- qtikz: use libsForQt5.callPackage

  This ensures we get the right poppler.

- rewrites:

  docbook5_xsl -> docbook_xsl_ns
  docbook_xml_xslt -> docbook_xsl

diffpdf: fixup
2018-07-18 23:25:20 -04:00
Silvan Mosberger 810f91f46d
Merge pull request #43308 from Chiiruno/dev/hydron
hydron: init at 2018-07-11
2018-07-18 22:10:11 +02:00
Silvan Mosberger 35c069ea02
nixos: systemd.globalEnvironment: fix type
Follow up fix of fb2a8d6669

https://github.com/NixOS/nixpkgs/pull/38356
https://github.com/NixOS/nixpkgs/pull/40416
2018-07-18 22:04:26 +02:00
Okina Matara 38f2a3efbf nixos/hydron: init 2018-07-18 13:16:50 -05:00
Sarah Brofeldt 5672083461
Merge pull request #43728 from srhb/k8srbacfix
nixos/kubernetes: Don't lose rbac submodule with no explicit options
2018-07-18 12:37:44 +02:00
Sarah Brofeldt 6dd6f28415 nixos/kubernetes: Don't lose rbac submodule with no explicit options 2018-07-18 12:02:06 +02:00
Johan Thomsen 205b54ed95 nixos/kubernetes: Added missing dependency, awk, to kube-addon-manager path (#43708) 2018-07-18 10:47:27 +02:00
Michael Weiss 7098b0fcdf nixos/switch-to-configuration: Never stop system.slice
Problem: Restarting (stopping) system.slice would not only stop X11 but
also most system units/services. We obviously don't want this happening
to users when they switch from 18.03 to 18.09 or nixos-unstable.

Reason: The following change in systemd:
d8e5a93382

The commit adds system.slice to the perpetual units, which means
removing the unit file and adding it to the source code. This is done so
that system.slice can't be stopped anymore but in our case it ironically
would cause this script to stop system.slice because the unit file was
removed (and an older systemd version is still running).

Related issue: https://github.com/NixOS/nixpkgs/issues/39791
2018-07-17 19:37:36 +02:00
Frederik Rietdijk 1ae2f10642 Merge staging-next into master 2018-07-17 10:04:59 +02:00
Silvan Mosberger f2632f5c60
Merge pull request #42748 from patternspandemic/neo4j-service
nixos/neo4j: Update module, make compatible with neo4j 3.4
2018-07-16 22:31:25 +02:00
Frederik Rietdijk 3c09808160 Merge master into staging-next 2018-07-16 07:43:37 +02:00
Wael M. Nasreddine fd2448b2e6 aerospike: init at 4.2.0.4
Co-authored-by: Volth <volth@webmaster.ms>
2018-07-16 04:21:47 +00:00
Franz Pletz 1cfc4963a9
Merge pull request #43147 from Ma27/fix-nixos-option-evaluation
nixos/nixos-option: don't abort in case of evaluation errors
2018-07-16 03:57:37 +00:00
xeji 311f017066
Merge pull request #43494 from jb55/clipmenu-master
clipmenu: init at 5.4.0
2018-07-16 00:48:31 +02:00
Franz Pletz 8bda93f0b2
Merge pull request #37096 from jfrankenau/feat-cups-socket
nixos/cupsd: Add option to start when needed
2018-07-15 21:39:07 +00:00
Franz Pletz 92c82e0933
nixos/thinkfan: add types & fix formatting 2018-07-15 23:28:14 +02:00
Jan Tojnar 5b1f6b5959
nixos/flatpak: slim down test enviroment a bit 2018-07-15 22:07:08 +02:00
William Casarin 6c1eb15a3b nixos/modules: add clipmenu user service
add a clipmenud daemon user service
2018-07-15 12:22:46 -07:00
Matthew Bauer 19fc061a13
Merge pull request #43169 from samueldr/fix/stripDirs
Fixes `stripDirs` use after signature change
2018-07-14 19:07:46 -04:00
Johannes Frankenau d81f819db3 nixos/cupsd: add option to start when needed 2018-07-14 23:39:43 +02:00
Thomas Tuegel 5ea799defc
Merge pull request #43243 from peterhoeg/f/sddmqt
sddm: use tmpfiles.d to wipe QML cache
2018-07-14 13:16:18 -05:00
Thomas Tuegel 1301973797
Merge pull request #42910 from bkchr/kde_update_start_menu
services.plasma5: Update start menu with an activationScript
2018-07-14 13:13:39 -05:00
Franz Pletz ea9078b76b
Merge pull request #41745 from rvolosatovs/fix/sshd
nixos: Add more ssh-keygen params
2018-07-14 16:29:46 +00:00
Vladimír Čunát 0f01215203
Merge branch 'master' into staging-next
Hydra: ?compare=1468896
2018-07-14 18:15:30 +02:00
Peter Hoeg 6e3ee65b44
Merge pull request #43511 from peterhoeg/m/firejail
firejail: add nixos module
2018-07-14 21:04:11 +08:00
Peter Hoeg 65eb3a590d firejail: add nixos module
Also add support for wrapping binaries with firejail.
2018-07-14 20:21:41 +08:00
patternspandemic d9d9200496
nixos/neo4j: Update module, make compatible with neo4j 3.4 2018-07-12 19:28:40 -07:00
Silvan Mosberger b9c95c7d60
httpd: Fix typo 2018-07-13 02:59:00 +02:00
rembo10 c84e668109 nixos/lightdm-gtk-greeter: svg icon support 2018-07-12 18:20:07 +03:00
Ben Wolsieffer 7c763118b4 raspberrypiWirelessFirmware: init 2018-07-12 17:02:32 +03:00
Andrew Dunham d7bfd04301 sdImage: make partition ID/UUID configurable 2018-07-12 17:02:03 +03:00
volth 88939a1949 nixos: remove option services.xserver.desktopManager.xfce.screenLock 2018-07-12 01:45:41 +00:00
aszlig 7b87554ca1
nixos/tests/letsencrypt: Hardcode certs and keys
In 0c7c1660f7 I have set allowSubstitutes
to false, which avoided the substitution of the certificates.

Unfortunately substitution may still happen later when the certificate
is merged with the CA bundle. So the merged CA bundle might be
substituted from a binary cache but the certificate itself is built
locally, which could result in a different certificate in the bundle.

So instead of adding just yet another workaround, I've now hardcoded all
the certificates and keys in a separate file. This also moves
letsencrypt.nix into its own directory so we don't mess up
nixos/tests/common too much.

This was long overdue and should finally make the dependency graph for
the ACME test more deterministic.

Signed-off-by: aszlig <aszlig@nix.build>
2018-07-12 02:32:46 +02:00
aszlig c21b1ede95
nixos/tests/letsencrypt: Fix go source install
Since e95f17e272, Go packages no longer
contain the source tree, however Boulder seems to need that as it
generates a few files during build.

Ideally we would only pick the files that are needed and put it into a
separate output, but I currently don't have time for this so I'm marking
this with XXX to get back to it later.

Signed-off-by: aszlig <aszlig@nix.build>
2018-07-12 02:32:44 +02:00
Maximilian Bosch 6f72b63601
nixos/nixos-option: don't abort in case of evaluation errors
When running e.g. `nixos-option boot.kernelPackages` I get an output
like this on the current unstable channel (18.09pre144959.be1461fc0ab):

```
$ nixos-option boot.kernelPackages
Value:
*exit 1*
```

This is fairly counter-intuitive as I have no clue what might went
wrong. `strace` delivers an output like this:

```
read(3, "error: Package \342\200\230cryptodev-linu"..., 128) = 128
read(3, "ux/cryptodev/default.nix:22 is m"..., 128) = 128
read(3, "lowBroken = true; }\nin configura"..., 128) = 128
read(3, "you can add\n  { allowBroken = tr"..., 128) = 128
read(3, "n)\n", 128)                    = 3
read(3, "", 128)                        = 0
```

`nixos-option` evaluates the system config using `nix-instantiate` which
might break when the evaluation fails (e.g. due to broken or unfree
packages that are prohibited to evaluate by default). The script aborts
due to the shebang `@shell@ -e`.

In order to ensure that no unexpected
behavior occurs due to removing `-e` from the interpreter the easiest
way to work around this was to wrap `nix-instantiate` in `evalNix()`
with a `set +e`. The function checks the success of the evaluation with
`$?` in the end. Additionally `evalNix` shouldn't break, if one
evaluation (e.g. the values that contain a package set by default) to
return additional information like a description.

With the change `nixos-option boot.kernelPackages` delivers the
following output for me:

```
Value:
error: Package ‘cryptodev-linux-1.9-4.14.52’ in /nix/store/47z2s8cwppymmgzw6n7pbcashikyk5jk-nixos/nixos/pkgs/os-specific/linux/cryptodev/default.nix:22 is marked as broken, refusing to evaluate.

Default:
{ __unfix__ = <LAMBDA>; acpi_call = <CODE>; amdgpu-pro = <CODE>; ati_drivers_x11 = <CODE>; batman_adv = <CODE>; bbswitch = <CODE>; bcc = <CODE>; beegfs-module = <CODE>; blcr = <CODE>; broadcom_sta = <CODE>; callPackage = <CODE>; cpupower = <CODE>; cryptodev = <CODE>; dpdk = <CODE>; e1000e = <CODE>; ena = <CODE>; evdi = <CODE>; exfat-nofuse = <CODE>; extend = <CODE>; facetimehd = <CODE>; fusionio-vsl = <CODE>; hyperv-daemons = <CODE>; ixgbevf = <CODE>; jool = <CODE>; kernel = <CODE>; lttng-modules = <CODE>; mba6x_bl = <CODE>; mwprocapture = <CODE>; mxu11x0 = <CODE>; ndiswrapper = <CODE>; netatop = <CODE>; nvidiaPackages = <CODE>; nvidia_x11 = <CODE>; nvidia_x11_beta = <CODE>; nvidia_x11_legacy304 = <CODE>; nvidia_x11_legacy340 = <CODE>; nvidiabl = <CODE>; odp-dpdk = <CODE>; openafs = <CODE>; openafs_1_8 = <CODE>; perf = <CODE>; phc-intel = <CODE>; pktgen = <CODE>; ply = <CODE>; prl-tools = <CODE>; recurseForDerivations = true; rtl8192eu = <CODE>; rtl8723bs = <CODE>; rtl8812au = <CODE>; rtl8814au = <CODE>; rtlwifi_new = <CODE>; sch_cake = <CODE>; spl = <CODE>; splLegacyCrypto = <CODE>; splStable = <CODE>; splUnstable = <CODE>; stdenv = <CODE>; sysdig = <CODE>; systemtap = <CODE>; tbs = <CODE>; tmon = <CODE>; tp_smapi = <CODE>; usbip = <CODE>; v4l2loopback = <CODE>; v86d = <CODE>; vhba = <CODE>; virtualbox = <CODE>; virtualboxGuestAdditions = <CODE>; wireguard = <CODE>; x86_energy_perf_policy = <CODE>; zfs = <CODE>; zfsLegacyCrypto = <CODE>; zfsStable = <CODE>; zfsUnstable = <CODE>; }

Example:
{ _type = "literalExample"; text = "pkgs.linuxPackages_2_6_25"; }

Description:

"This option allows you to override the Linux kernel used by\nNixOS. Since things like external kernel module packages are\ntied to the kernel you're using, it also overrides those.\nThis option is a function that takes Nixpkgs as an argument\n(as a convenience), and returns an attribute set containing at\nthe very least an attribute <varname>kernel</varname>.\nAdditional attributes may be needed depending on your\nconfiguration. For instance, if you use the NVIDIA X driver,\nthen it also needs to contain an attribute\n<varname>nvidia_x11</varname>.\n"

Declared by:
  "/nix/var/nix/profiles/per-user/root/channels/nixos/nixpkgs/nixos/modules/system/boot/kernel.nix"

Defined by:
  "/home/ma27/Projects/nixos-config/system/boot.nix"
```
2018-07-12 00:37:01 +02:00
Dave Laing 4d5371f373 nixos/virtualbox: Adds more options to virtualbox-image.nix (#42699)
* nixos/virtualbox: Adds more options to virtualbox-image.nix

Previously you could only set the size of the disk.

This change adds the ability to change the amount of memory
that the image gets, along with the name / derivation name /
file name for the VM.

* Incorporates some review feedback
2018-07-11 19:45:10 +02:00
Jan Tojnar bf09bb5ef0 nixos/bamf: init 2018-07-11 18:58:02 +02:00
Oliver Evans 01bc14da8f nixos/tests/taskserver: fix typos (#43284) 2018-07-11 10:20:12 +02:00
Uli Baum 7ac794f878 nixos/tests/taskserver: fix eval
Since IP address options were changed for 18.03, eval has failed with:
"The option `networking.interfaces.eth1.subnetMask' is used but not defined."
although this option is not used at all in nixos anymore.

The misleading error message seems to be generated from evaluating warnings
for `mkRemovedOptionModule ["subnetMask"]` which apparently broke here
when this test inherited network.interfaces from one VM config to another.

Cc: @aszlig
2018-07-11 00:27:06 +02:00
Jan Tojnar 7b6510e455
nixos/udisks2: use upstream unit
Simplifies the module and gets rid of the following error:

The --no-debug option is deprecated and ignored. See '--help
2018-07-10 12:40:43 +02:00
xeji 51d0309651
Merge pull request #38324 from rvl/znc-uri-prefix
znc: add uriPrefix option
2018-07-10 09:38:50 +02:00
volth 79b97aab7f options.i18n.inputMethod.package: fix type (#43239) 2018-07-09 22:37:27 +02:00
Peter Hoeg cd4e54b3a1 sddm: use tmpfiles.d to wipe QML cache 2018-07-09 14:51:05 +08:00
volth 29f0525679
nixos/nexus: fix evaluation 2018-07-09 04:48:15 +00:00
volth e9ec28f068
nixos/matomo: fix evaluation 2018-07-09 04:45:52 +00:00
volth 6f1134ff8b
nixos/journalwatch: fix evaluation 2018-07-09 04:43:41 +00:00
volth 06ed05d3b9
nixos/digitalbitbox: fix evaluation 2018-07-09 04:37:52 +00:00
Samuel Dionne-Riel 4106de56d0 stage-1: Fixes use of stripDirs. 2018-07-07 22:25:23 -04:00
Rickard Nilsson d80292dbd2 nixos: Add option networking.networkmanager.dynamicHosts
This allows non-privileged users to configure local DNS
entries by editing hosts files read by NetworkManager's dnsmasq
instance.

Cherry-picked from e6c3d5a507 and
5a566004a2.
2018-07-07 17:15:35 +02:00
Graham Christensen 96305ca6f2
Merge pull request #43094 from grahamc/fix-quagga-docs
quagga module: Use a deep merge via imports instead of the shallow merge
2018-07-06 17:47:05 -04:00
Graham Christensen 48d292e8a1
networking: Fix timeout when lo has aliased IPs
With a config like

    {
      networking.interfaces."lo".ip4 = [
        { address = "10.8.8.8"; prefixLength = 32; }
      ];
    }

a nixos-rebuild switch would take a long time, and you'd see:

    $ systemctl list-jobs
       JOB UNIT                                TYPE  STATE
    734400 network-interfaces.target           start waiting
    734450 sys-subsystem-net-devices-lo.device start running
    734449 network-link-lo.service             start waiting

and:

    systemd[1]: sys-subsystem-net-devices-lo.device: Job sys-subsystem-net-devices-lo.device/star>
    systemd[1]: sys-subsystem-net-devices-lo.device: Job sys-subsystem-net-devices-lo.device/star>
    systemd[1]: Timed out waiting for device sys-subsystem-net-devices-lo.device.

This removes the device dependency for `lo` and fixes this bug.

Closes #7227
2018-07-06 15:38:52 -04:00
Vladimír Čunát 38bca8d36f
nixos.tests.containers-imperative: increase VM memory
Apparently merging #43021 1bdb138710 did increase memory usage
in some cases.  1 GiB for a VM memory seems still low enough to me.
2018-07-06 15:57:57 +02:00
Mathias Schreck 39e678e24e dockerTools.buildImage: add option to use nix output hash as tag 2018-07-06 15:15:09 +02:00
Peter Hoeg f2d9f3ab85
Merge pull request #43097 from peterhoeg/m/pipewire
pipewire (nixos): add socket activation support
2018-07-06 15:26:39 +08:00
Peter Hoeg 139a6b4106 pipewire (nixos): add support for socket activation 2018-07-06 12:03:24 +08:00
Matthew Bauer 2b4d7221a9
Merge pull request #42569 from spacefrogg/nscd-fix
resolvconf.conf: Remove forced NSCD service restart
2018-07-05 22:16:02 -04:00
Graham Christensen 078925c954
quagga module: Use a deep merge via imports instead of the shallow merge
The deep merge caused all the options to be unset when generating docs, unless quagga was enabled.

Using imports, instead, properly allows the documentation to be generated.
2018-07-05 22:11:29 -04:00
Matthew Bauer a92472fae1
Merge pull request #42724 from yshui/libinput-button
libinput: add button to scrollMethod
2018-07-05 22:10:26 -04:00
Matthew Bauer 9cd122a2c4
Merge pull request #43088 from matthewbauer/misc
Get rid of 2 unneeded packages
2018-07-05 20:13:47 -04:00
Yegor Timoshenko 1bb95d8409
Merge pull request #42775 from mkaito/oauth2_proxy-virtualHosts
oauth2_proxy: add nginx vhost module
2018-07-05 22:15:50 +03:00
Silvan Mosberger 59b3ce2894
Merge pull request #42398 from Ma27/make-autorandr-target-configurable
nixos/autorandr: make default target in systemd service configurable
2018-07-05 15:10:22 +02:00
Maximilian Bosch 8325996621
nixos/autorandr: make default target in systemd service configurable
The `.service` file defining the `systemd` unit for `autorandr.service`
which is bundled with the package itself uses `--default default` in the
`ExecStart` section. This can be an issue when having multiple layouts
(e.g. `default` as workstation layout I mostly work on and `mobile` when
I go somewhere else).

When the service gets restarted and `--default` can't be applied,
however the current layout can't be detected (e.g. when working with an
unknown beamer) the service silently fails with a message like this:

```
Jun 22 18:44:46 hauptshuhle autorandr[3168]: /nix/store/h83b72ffm68nm8fyjnppljchp456a94r-xrandr-1.5.0/bin/xrandr: ca>
Jun 22 18:44:46 hauptshuhle autorandr[3168]: Failed to apply profile 'default' (line 718):
Jun 22 18:44:46 hauptshuhle autorandr[3168]:   Command failed: /nix/store/h83b72ffm68nm8fyjnppljchp456a94r-xrandr-1.>
```

As discussed in the IRC (see https://botbot.me/freenode/nixos/2018-07-05/?msg=101791455&page=6)
it's a bad long-term solution in terms of maintenance to manually patch
the service file bundled with the derivation, instead the service shall
be configured declaratively. Additionally this makes possible overrides
from the user-space way easier.

The `udev` rule (in `$out/etc/udev/rules.d`) won't' be affected, it
simply runs `systemctl start autorandr.service` when e.g. a new display
is added, so now `udev` communicates with the NixOS systemd unit.
2018-07-05 14:39:08 +02:00
Silvan Mosberger fb29756259
Merge pull request #42118 from emmanuelrosa/mpd-nixos-tests
mpd: add NixOS tests
2018-07-04 20:41:46 +02:00
Ingo Blechschmidt c97b1a44d1 supplicant: Fix tiny typo in the documentation 2018-07-04 00:14:45 +02:00
Silvan Mosberger bdac6ac4b2
Merge pull request #42860 from ldesgoui/fix-murmur-service
murmur service: prevent silent launch failure by waiting until network is available
2018-07-03 17:34:07 +02:00
Silvan Mosberger 59dd0e6c69
Merge pull request #41222 from gnidorah/firewall
nixos/firewall: per-interface port options
2018-07-03 17:21:55 +02:00
Bastian Köcher 8b3fb83160 services.plasma5: Update start menu with an activationScript
To update the plasma start menu `kbuildsyscoca5` needs to be executed.
There are several people complaining about missing applications in their
plasma start menu.
This patch adds a activationScript for plasma, that runs
`kbuildsyscoca5` for each user that has `isNormalUser` == `true`.
2018-07-03 15:18:07 +02:00
Jörg Thalheim ed20918278
Merge pull request #42896 from sorki/gpsd_nowait
nixos/gpsd-service: add services.gpsd.nowait option
2018-07-03 13:56:06 +01:00
Jörg Thalheim 32e982448d gpsd: use optionalString 2018-07-03 13:55:27 +01:00
Jörg Thalheim 73245552b7
Merge pull request #42898 from aespinosa/kerberos
nixos/kerberos: update binary folder pointer
2018-07-03 13:41:46 +01:00
Jörg Thalheim 54da29274f
Merge pull request #42269 from Baughn/zfs
zfs: Improve import handling
2018-07-03 13:23:09 +01:00
Allan Espinosa da994fb64e nixos/kerberos: update binary folder pointer
${pkg.tcp_wrappers}/sbin does not exist anymore.
2018-07-02 20:15:11 -04:00
Joachim F 3ea5b15c20
Merge pull request #42845 from ivanbrennan/nixos-sudo-describe-rules-precedence
nixos/security.sudo: Document ordering of extraRules
2018-07-02 23:55:56 +00:00
Richard Marko 57ed52d61f nixos/gpsd-service: add services.gpsd.nowait option 2018-07-03 00:40:57 +02:00
Matthew Bauer e8e26becac
Merge pull request #42887 from matthewbauer/libsecurity-closure-reductions
Libsecurity closure reductions
2018-07-02 18:34:53 -04:00
Svein Ove Aas cfd8c4ee88 zfs: Improve import handling 2018-07-02 21:14:45 +01:00
Silvan Mosberger e08148041f
nixos/systemd-boot: Add consoleMode option 2018-07-02 18:21:51 +02:00
aszlig 6e4711727e
nixos/hadoop: Replace users.extra{Users,Groups}
In fff5923686 all occurences of
users.extraUsers and users.extraGroups have been changed tree-wide to
users.users and users.group. In the meantime the hadoop modules were
introduced via #41381 (060a98e9f4).

Unfortunately those modules still use users.extraUsers, which has been
renamed a long time ago (14321ae243, about
three years from now), so let's actually rename it accordingly as well.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @matthewbauer, @aespinosa
2018-07-02 18:05:33 +02:00
Jörg Thalheim 8cf4a4725c
Merge pull request #41823 from Chiiruno/dev/meguca
meguca: 2018-05-26 -> 2018-06-11
2018-07-02 15:35:42 +01:00
Michael Raskin b43c4d8b75
Merge pull request #42798 from flokli/users-users
tree-wide: users.extraUsers -> users.users, users.extraGroups -> users.groups
2018-07-02 11:23:10 +00:00
Vladimír Čunát c1ffc65d1a
Merge branch 'master' into staging
This apparently fixes some broken src fetches (gnuradio, twisted).
2018-07-02 11:10:26 +02:00
ldesgoui 16a46139d3 murmur: prevent silent launch failure 2018-07-02 05:30:43 +02:00
ivanbrennan d08967a3a8
nixos/security.sudo: describe extraRules order
The order of sudoers entries is significant. The man page for sudoers(5)
notes:

  Where there are multiple matches, the last match is used (which is not
  necessarily the most specific match).

This module adds a rule for group "wheel" matching all commands. If you
wanted to add a more specific rule allowing members of the "wheel" group
to run command `foo` without a password, you'd need to use mkAfter to
ensure your rule comes after the more general rule.

  extraRules = lib.mkAfter [
    {
      groups = [ "wheel" ];
      commands = [
        {
          command = "${pkgs.foo}/bin/foo";
          options = [ "NOPASSWD" "SETENV" ];
        }
      ]
    }
  ];

Otherwise, when configuration options are merged, if the general rule
ends up after the specific rule, it will dictate the behavior even when
running the `foo` command.
2018-07-01 15:50:51 -04:00
Patrick Hilhorst 38b7233f83
Update sudo.nix
Updated example for security.sudo.extraRules to match comment
2018-07-01 13:23:55 +02:00
Jörg Thalheim 6e54e9253a iwd: set statedir to /var/lib/iwd 2018-07-01 10:59:35 +01:00
Matthew Bauer 060a98e9f4
Merge pull request #41381 from aespinosa/hadoop-modules
nixos/hadoop: add hadoop module (hdfs, yarn)
2018-06-30 18:33:03 -04:00
aszlig 0c7c1660f7
nixos/tests/letsencrypt: Don't substitute certs
If one of the certificates of the chain gets substituted from a binary
cache and the rest is generated locally it might turn out that we get
invalid certificates, which in turn cause tests using this module to
fail.

So let's set allowSubstitutes to false for all derivations that are
involved with certificate/key generation.

Signed-off-by: aszlig <aszlig@nix.build>
2018-06-30 18:35:10 +02:00
Silvan Mosberger d74419ee3e
nixos/fwupd: Fix meta 2018-06-30 15:49:44 +02:00
adisbladis dd608f80db
Merge pull request #42709 from jollheef/master
hostapd: use WPA2 instead of WPA1 by default
2018-06-30 21:44:19 +08:00
Mikhail Klementev d8f6ca1afa hostapd: use WPA2 instead of WPA1 by default 2018-06-30 11:33:11 +00:00
Allan Espinosa 0c10b2baa6 nixos/hadoop: add hadoop module (hdfs, yarn) 2018-06-29 23:14:02 -04:00
Florian Klink fff5923686 nixos/modules: users.(extraUsers|extraGroup->users|group) 2018-06-30 03:02:58 +02:00
Florian Klink 89d5d191b4 nixos/tests: users.(extraUsers|extraGroup->users|group) 2018-06-30 02:31:30 +02:00
Florian Klink 0868aa76f6 nixos-generate-config.pl: users.extraUsers-> users.users 2018-06-30 02:26:47 +02:00
Florian Klink bd228c05b1 nixos/modules/installer: users.extraUsers -> users.users 2018-06-30 02:26:14 +02:00
Vladimír Čunát f7781f5293
Merge branch 'master' into staging 2018-06-30 01:41:59 +02:00
xeji 82550f54c6
Merge pull request #42746 from flokli/manual-fixes-users-users
Manual fixes: users.extraUsers -> users.users
2018-06-30 00:46:25 +02:00
spacefrogg 37c999228b openafs_1_8: init at 1.8.0 (#41889)
- Introduce new "server" output holding the server binaries
 - Adapt tsmbac.patch to new build environment
 - Adapt openafs nixos server module accordingly
 - Update upstream CellServDB: 2017-03-14 -> 2018-05-14
 - Introduce package attributes to refer to the openafs packages to use for
   server, programs and kernel module
2018-06-30 00:34:35 +02:00
Okina Matara 4b91c2428b meguca: 2018-05-26 -> 2018-06-10 2018-06-29 15:56:33 -05:00
Benjamin Staffin dca7e24a11
networkmanager: Expand dns description, integrate with other services (#41898)
Rather than special-casing the dns options in networkmanager.nix, use
the module system to let unbound and systemd-resolved contribute to
the newtorkmanager config.
2018-06-29 13:41:46 -04:00
Michishige Kaito 2fec848254 fixup! oauth2_proxy: add nginx vhost module 2018-06-29 16:23:24 +01:00
Michishige Kaito 4a72999c75 oauth2_proxy: add nginx vhost module 2018-06-29 15:36:03 +01:00
Jan Tojnar 3784fd5e46
pcsclite: split package 2018-06-29 04:40:54 +02:00
Matthew Bauer e4e2ba6507
Merge pull request #42655 from yesbox/zerotier_module
zerotier module: interface names changed; fix no dhcp
2018-06-28 22:26:10 -04:00
Matthew Bauer ba0cd50e85
Merge pull request #42326 from Ekleog/opensmtpd-test
opensmtpd package and module: add nixos test
2018-06-28 22:25:12 -04:00