1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-23 14:11:36 +00:00
Commit graph

4390 commits

Author SHA1 Message Date
Robert Klotzner e361cdd5c3 nixos: libinput use mkEnableOption 2016-02-27 07:24:47 +01:00
Thomas Tuegel 639c6b91a9 ibus: add engine list to module description 2016-02-26 18:43:54 -06:00
Thomas Tuegel 2383a708f6 ibus: refresh cache at startup 2016-02-26 18:43:41 -06:00
Thomas Tuegel 272cf5c44f Merge branch 'ibus' 2016-02-26 18:10:11 -06:00
Thomas Tuegel d30a128467 ibus: rewrite NixOS module 2016-02-26 18:08:48 -06:00
Arseniy Seroka 766ad682f1 Merge pull request #13471 from Profpatsch/networkmanager-link-local
networkmanager: fix link-local ip addresses
2016-02-27 02:55:31 +03:00
zimbatm 2c7e5a6d8e Merge pull request #13434 from spacefrogg/oath-module
config.security.oath: new module
2016-02-26 18:06:28 +00:00
Nikolay Amiantov c88a06a860 cups service: set path for cups-genppdupdate 2016-02-26 18:27:41 +03:00
zimbatm 8d4c2340d3 Merge pull request #13396 from mayflower/pkg/gitlab
gitlab: 8.0.5 -> 8.5.1, service improvements
2016-02-26 11:19:28 +00:00
Domen Kožar a469681a51 Merge pull request #13365 from abbradar/cups-second-attempt
CUPS update (second attempt)
2016-02-26 11:13:30 +00:00
zimbatm c86e10c115 Merge pull request #13469 from tg-x/acme-external
simp_le: external_pem.sh plugin is now called external.sh
2016-02-26 10:48:55 +00:00
Franz Pletz cd0f14f23e gitlab: Add documentation
Fixes #13303.
2016-02-26 08:56:39 +01:00
Franz Pletz e9393bd426 fixup! gitlab: 8.0.5 -> 8.5.0, service improvements
Make the gitlab packages and components overrideable.
2016-02-26 08:56:08 +01:00
Franz Pletz 44a4592a1c fixup! gitlab: 8.0.5 -> 8.5.0, service improvements
gitlab-shell is now talking over the unix socket to gitlab, so the TCP
port isn't needed anymore.
2016-02-26 08:31:20 +01:00
Franz Pletz 3fd51a9ab2 fixup! gitlab: 8.0.5 -> 8.5.0, service improvements
Some debugging and development leftovers.
2016-02-26 07:08:31 +01:00
Franz Pletz bcfa59bf82 gitlab: 8.0.5 -> 8.5.0, service improvements
Updates gitlab to the current stable version and fixes a lot of features that
were broken, at least with the current version and our configuration.

Quite a lot of sweat and tears has gone into testing nearly all features and
reading/patching the Gitlab source as we're about to deploy gitlab for our
whole company.

Things to note:

 * The gitlab config is now written as a nix attribute set and will be
   converted to JSON. Gitlab uses YAML but JSON is a subset of YAML.
   The `extraConfig` opition is also an attribute set that will be merged
   with the default config. This way *all* Gitlab options are supported.

 * Some paths like uploads and configs are hardcoded in rails  (at least
   after my study of the Gitlab source). This is why they are linked from
   the Gitlab root to /run/gitlab and then linked to the  configurable
   `statePath`.

 * Backup & restore should work out of the box from another Gitlab instance.

 * gitlab-git-http-server has been replaced by gitlab-workhorse upstream.
   Push & pull over HTTPS works perfectly. Communication to gitlab is done
   over unix sockets. An HTTP server is required to proxy requests to
   gitlab-workhorse over another unix socket at
   `/run/gitlab/gitlab-workhorse.socket`.

 * The user & group running gitlab are now configurable. These can even be
   changed for live instances.

 * The initial email address & password of the root user can be configured.

Fixes #8598.
2016-02-26 07:08:31 +01:00
Profpatsch 70c02402c8 networkmanager: fix link-local ip addresses
NetworkManager needs an additional avahi-user to use link-local
IPv4 (and probably IPv6) addresses. avahi-autoipd also needs to be
patched to the right path.
2016-02-26 03:28:56 +01:00
Tanner Doshier 4e5ef470a7 ec2-data: ensure providing a SSH host key is actually optional
2701665904 broke this.
2016-02-25 20:11:49 -06:00
zimbatm b73c5ae291 Merge pull request #10546 from aszlig/nixops-issue-350
Fixes for NixOps issue #350
2016-02-26 00:33:49 +00:00
tg(x) 629a89343e simp_le: external_pem.sh plugin is now called external.sh 2016-02-26 01:31:58 +01:00
zimbatm 76f5cf3f31 Merge pull request #13324 from zimbatm/doc-from-wiki
Converting the wiki to documentation
2016-02-25 19:37:43 +00:00
zimbatm dc314aad12 samba module: add more description
Fixes #13281
2016-02-25 19:36:55 +00:00
zimbatm 93a0306e79 sane module: add more documentation
Imported from https://nixos.org/wiki/Scanners
2016-02-25 19:36:46 +00:00
Michael Raitza d09c7986de config.security.oath: new module
Add a module to make options to pam_oath module configurable.
These are:
 - enable - enable the OATH pam module
 - window - number of OTPs to check
 - digits - length of the OTP (adds support for two-factor auth)
 - usersFile - filename to store OATH credentials in
2016-02-25 13:52:45 +00:00
Emery b16dc8dcc5 New hdapsd module 2016-02-24 21:51:13 +01:00
Jordan Mulcahey a2b8cc0aaf netatalk: 3.1.0 -> 3.1.7, new service module 2016-02-24 19:32:54 +01:00
Eelco Dolstra e2af876c78 Merge pull request #13415 from MatrixAI/master
nixos/stage-1/2: Added -r option to read so that read interprets backslashes literally
2016-02-24 13:50:59 +01:00
Brian McKenna 7d91ee54c9 openbox: fix copy/paste typo in config 2016-02-24 22:54:08 +11:00
Roger Qiu 5cf823e1f4 nixos/stage-1/2: Added -r option to read so that read interprets backslashes literally, and corrected the comment about optional logging. 2016-02-24 18:54:25 +11:00
zimbatm 2a0f6453d5 Merge pull request #12540 from eskimor/libinput-master
nixos: Libinput: Add support like there is for synaptics
2016-02-24 00:01:38 +00:00
zimbatm cfa99e5a99 Merge pull request #13114 from colemickens/azure
azure: package qemu 2.2.0 to fix VHD creation
2016-02-23 22:47:44 +00:00
zimbatm 55ca9eb477 Merge pull request #13115 from colemickens/azure-agent
azure-agent: switch back to upstream WALinuxAgent
2016-02-23 22:46:30 +00:00
zimbatm 09c14170d8 Merge pull request #13125 from abbradar/uwsgi
Refactor uWSGI
2016-02-23 22:32:54 +00:00
Eelco Dolstra d9d6a92d5e sshd.nix: Ensure global config goes before user Match blocks
Hopefully fixes #13393.
2016-02-23 18:03:33 +01:00
Eelco Dolstra cacf2d063e Merge pull request #13059 from abbradar/udev-local-priority
Make local udev rules higher prioritized
2016-02-23 16:41:47 +01:00
Nikolay Amiantov 32df5ed4c2 udev service: make local rules apply after all others 2016-02-23 15:17:24 +03:00
Eelco Dolstra deae4eff7b Make stage-1/2 logging unconditional, and drop log level to "debug"
Using "debug" level prevents spamming the console with messages twice
(once directly and once via kmsg).
2016-02-23 11:56:09 +01:00
Eelco Dolstra 6f6e2c430f test-instrumentation.nix: Only clear $PAGER in the backdoor shell 2016-02-23 11:56:09 +01:00
Eelco Dolstra 806b27a297 qemu-guest.nix: Disable rngd
This gets rid of a zillion "rngd[N]: read error" messages during boot.
2016-02-23 11:56:09 +01:00
Roger Qiu 474d5a7bd0 nixos/stage-2: Added boot.logCommands 2016-02-23 11:56:09 +01:00
Roger Qiu 142f65e07a nixos/stage-1: Added boot.initrd.logCommands 2016-02-23 11:56:08 +01:00
Pascal Wittmann 5d6d841d58 Merge pull request #13373 from tomberek/revert_kippo_twisted
kippo: revert twisted dependency
2016-02-22 23:50:17 +01:00
Thomas Bereknyei e31c8922e0 kippo: revert twisted dependency 2016-02-22 13:57:24 -05:00
Franz Pletz 2d5e6a27fc Merge pull request #13355 from grahamc/ttyNumberString-issue3608
nixos-manual: Accept numbers for ttyNumber, closes #3608
2016-02-22 19:34:16 +01:00
Graham Christensen f57c049e0b nixos-manual: Accept numbers for ttyNumber, closes #3608 2016-02-22 11:25:16 -06:00
Nikolay Amiantov 8b124b7521 nixos.tests.printing: fix for new CUPS version
It looks like now queue is not immediately cleared from cancelled jobs.
Instead, files like "c00001" are left alongside "d00001-001", and
cleanup happens at some later point of time. Also, all new jobs are
assigned consecutive numbers now (00002, 00003 etc.). So when
original d00001 file is finally cleaned, it breaks the test. Fixed
by checking for any "d*" file inside the queue and cleaning it by
ourselves to ensure that each job works correctly.
2016-02-22 12:42:06 +03:00
Sou Bunnbu 7fcecec58b Merge pull request #11254 from ericsagnes/standardize-im
Improve and standardize input methods
2016-02-22 10:13:54 +08:00
zimbatm a7715e3e06 Merge pull request #10231 from zimbatm/apache-intermediate-ssl
apache-httpd: adopt mozilla's SSL configuration recommendation
2016-02-20 19:14:51 +00:00
Robin Gloster 686c09dd38 wpa_supplicant module: after network-interfaces.target
fixes #13136
2016-02-20 17:41:02 +00:00
Arseniy Seroka cbb06df02f Merge pull request #13142 from zimbatm/zerotierone-1.1.4
Zerotierone 1.1.4
2016-02-20 17:09:59 +03:00
Eric Sagnes dc6bd61187 added input method related changelog 2016-02-20 13:04:02 +09:00
zimbatm 433f979cee zerotierone: adopt systemd unit from upstream
See
5db538d85e/ext/installfiles/linux/systemd/zerotier-one.service
2016-02-19 22:56:19 +00:00
Nikolay Amiantov b6c49abba0 uwsgi service: update documentation 2016-02-19 18:09:27 +03:00
Nikolay Amiantov e48c991131 uwsgi service: refactor, throw more errors and drop simultaneous Python 2/3 in path 2016-02-19 18:09:26 +03:00
Thomas Tuegel 7bca3cd8dc kde5: reduce default installation size 2016-02-19 06:21:50 -06:00
Nikolay Amiantov b457b7a7ea Merge pull request #13069 from abbradar/m3d
OctoPrint and plugins and support for M3D Micro 3D-printer
2016-02-19 14:27:32 +03:00
Cole Mickens 86cbd505c5 azure-agent: switch back to upstream WALinuxAgent 2016-02-18 21:11:21 -08:00
Cole Mickens 718848d5aa azure: package qemu @ 2.2.0
This commit packages qemu-220. This package is qemu-2.2.0
and is only used with Azure.
2016-02-18 21:08:28 -08:00
Eric Sagnes 3ad12f2dec inputMethod service: init 2016-02-19 08:52:18 +09:00
Bjørn Forsman b2b1511353 nixos/collectd: add defaultText to package option
CC @fpletz
2016-02-18 20:30:05 +01:00
tg(x) de787adb90 tlsdated: add missing default value for extraOptions 2016-02-18 05:29:12 +01:00
Franz Pletz ed979124ca collectd service: Add option package 2016-02-18 03:44:55 +01:00
aszlig 7bdcfb33f4
nixos: Provide a defaultText for type = package
We don't want to build all those things along with the manual, so that's
what the defaultText attribute is for.

Unfortunately a few of them were missing, so let's add them.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-02-17 21:12:24 +01:00
Nikolay Amiantov 53269f1455 octoprint service: init 2016-02-17 17:05:59 +03:00
Rob Vermaas b2f2d2fef3 Fix azure image, by adding subformat=fixed to disk generation. 2016-02-17 12:02:52 +00:00
Eric Sagnes 3ed3f061da nabi service: init 2016-02-17 20:44:29 +09:00
Eric Sagnes 4a199d9955 uim service: init 2016-02-17 20:44:29 +09:00
Eric Sagnes 52dd53373f ibus service: refactoring 2016-02-17 20:44:29 +09:00
Eric Sagnes 295d670024 fcitx-with-plugins: add fcitx-configtool and fcitx-qt5 2016-02-17 20:44:29 +09:00
Eric Sagnes 850be632a0 fcitx service: init 2016-02-17 20:44:29 +09:00
Vladimír Čunát e9520e81b3 Merge branch 'master' into staging 2016-02-17 10:06:31 +01:00
Nikolay Amiantov 1c8a21dfad Merge branch 'pdnsd-service' of https://github.com/nfjinjing/nixpkgs
Closes #12932
2016-02-16 20:35:01 +03:00
Nikolay Amiantov 39e9b43082 Merge branch 'gammu-smsd' of https://github.com/zohl/nixpkgs into zohl-gammu-smsd
Closes #12998
2016-02-16 19:40:00 +03:00
Franz Pletz 932d2cbd2c Merge pull request #13000 from mayflower/feat/unbound-dnssec
unbound: 1.5.3 -> 1.5.7, hardening, DNSSEC support & cleanup
2016-02-16 02:13:35 +01:00
Arseniy Seroka 6b205a9eba Merge pull request #12988 from colemickens/cfdyndns
cfdyndns: init at 0.0.1
2016-02-16 00:24:32 +03:00
Cole Mickens c7571611dc cfdyndns: init at 0.0.1 2016-02-15 12:54:04 -08:00
Arseniy Seroka a13f9a708b Merge pull request #12992 from lukasepple/master
intel2200BGFirmware: init at 3.1
2016-02-15 22:10:49 +03:00
lukasepple 0b72e7e247 intel2200BGFirmware: init at 3.1
This commit adds the firmware for the Intel 2200BG wireless cards for
the ipw2200 kernel module. Also it changes the
networking.enableIntel2200BGFirmware option to set it as
hardware.firmware since firmware-linux-nonfree does not contain the
appropiate firmware anymore. Also hardware.enableAllFirmware does enable
the intel2200BGFirmware now.
2016-02-15 19:53:07 +01:00
Tuomas Tynkkynen eb9a85a389 Merge pull request #12742 from dezgeg/pr-uboot-changes
U-Boot: 2015.10 -> 2016.01, refactor & support some new boards
2016-02-15 16:10:37 +02:00
Franz Pletz 483e78d0f0 unbound service: add fetching root anchor for DNSSEC 2016-02-15 03:59:42 +01:00
Franz Pletz 9ba533ee4a unbound service: add types to options 2016-02-15 03:59:35 +01:00
Franz Pletz fe4b0a4801 unbound service: retab 2016-02-15 03:59:15 +01:00
Al Zohali 7b7cf281d3 gammu-smsd service: init 2016-02-15 00:26:41 +03:00
Nikolay Amiantov a0afc49f0f dspam service: restrict socket access 2016-02-14 10:35:06 +03:00
Nikolay Amiantov 2cee5a42b0 dspam service: set ClientHost 2016-02-14 10:35:04 +03:00
Franz Pletz 6a036d9fca Merge pull request #9913 from chris-martin/synaptics-options
Add synaptics options for palm detection and scroll speed
2016-02-14 06:08:36 +01:00
Markus Wotringer 4bc9e8a785 elasticsearch2: init at 2.2.0
changes by @globin:
 * updated 2.1.0 to 2.2.0
 * moved to a new derivation

closes #11446

Signed-off-by: Robin Gloster <mail@glob.in>
2016-02-13 15:03:09 +00:00
Robin Gloster c2b578386e kibana: fix pkg and module 2016-02-13 15:03:09 +00:00
Robin Gloster e1493f2ba7 logstash module: use literalExample 2016-02-13 15:03:09 +00:00
Edward Tjörnhammar 9c249a3adf nixos: i2pd, make config options adhere to version 2.4.0 2016-02-13 15:22:31 +01:00
Nikolay Amiantov c9d38164b7 dspam service: make maintenance script verbose 2016-02-12 18:00:00 +03:00
Eelco Dolstra abdbdbebf6 nixos/tests/simple.nix: Include minimal.nix
This reduces the amount of rebuilds (particularly some X11 stuff)
after changing some dependencies like systemd.
2016-02-12 14:35:41 +01:00
Eelco Dolstra 928035378d Fix typo 2016-02-12 14:35:40 +01:00
Robin Gloster 648e596c5f Merge pull request #12683 from heydojo/bluetooth--plasma5
kde5 bluedevil plasmoid : enable bluez5 bluetooth functionality
2016-02-12 13:49:54 +01:00
Eelco Dolstra fd8bd17c3e postgresql: Bump default version to 9.5 2016-02-12 13:20:11 +01:00
Peter Simons a1fa485378 Revert "Remove double-backslashes from grub conf file".
This reverts commit b861bf8ddf, because according to @mdorman [1] this
change rendered his NixOS systems unbootable, and we probably don't want that.

[1] b861bf8ddf (commitcomment-16058598)
2016-02-12 13:14:34 +01:00
Jinjing Wang 73b9a9662d pdnsd service: init 2016-02-12 19:53:41 +08:00
Peter Simons 7bd6fc90cb Merge pull request #12725 from jerith666/postfix-dns-bl
postfix service: implement DNS blacklist support
2016-02-12 12:43:27 +01:00
Franz Pletz c29205f965 Merge pull request #12941 from elitak/unifi_fix
unifi: LD_LIBRARY_PATH hack for embedded libsnappyjava.so, fixes #12897
2016-02-12 08:22:20 +01:00
Edward Tjörnhammar faf01ab0f7 Merge pull request #12038 from womfoo/facetimehd
facetimehd: PCIe webcam support for Macbooks
2016-02-12 07:32:42 +01:00
Edward Tjörnhammar 81b5223c97 nixos: gitit, wrong type restriction redacted 2016-02-12 07:00:37 +01:00
Matt McHenry 40c7d554d4 postfix service: implement DNS blacklist support 2016-02-11 22:13:09 -05:00
Ben Booth b861bf8ddf Remove double-backslashes from grub conf file
The double-backspashes in the splashimage, kernel, and initrd sections serve no purpose and confuse pygrub
2016-02-11 12:05:15 -08:00
Eric Litak fc8a16f4ed unifi: LD_LIBRARY_PATH hack for embedded libsnappyjava.so, fixes #12897 2016-02-11 09:06:33 -08:00
Nikolay Amiantov ccece1ca88 dspam service: restart on failure 2016-02-11 14:03:34 +03:00
Eelco Dolstra 86c2a0f783 mediawiki: 1.23.9 -> 1.23.13 2016-02-11 11:24:44 +01:00
Robin Gloster c341a01281 Merge pull request #12913 from tg-x/tinc-chroot
tinc: enable chroot
2016-02-10 18:15:39 +01:00
tg(x) 5c19830b77 tinc: chroot option 2016-02-10 17:29:36 +01:00
Eelco Dolstra 652ff6902c Merge pull request #12910 from abbradar/postgresql-no-su
postgresql service: don't use su
2016-02-10 12:01:06 +01:00
Eelco Dolstra e892379472 Merge pull request #12909 from abbradar/vconsole-container
kbd module: don't setup vconsoles if we are in a container
2016-02-10 11:56:51 +01:00
Nikolay Amiantov 7ab80e8f79 kbd module: don't setup vconsoles if we are in a container 2016-02-10 13:38:27 +03:00
Eelco Dolstra a4f5dc8bbf Merge pull request #12908 from abbradar/nixos-install-no-check
nixos-install: don't check that /mnt is a mount point
2016-02-10 11:29:39 +01:00
tg(x) c768172919 tinc: enable chroot 2016-02-10 01:49:41 +01:00
Nikolay Amiantov 37bb4855c8 postfix module: fix link to postfix-files 2016-02-10 02:59:15 +03:00
Nikolay Amiantov 90ef11ddcd postgresql service: don't use su 2016-02-10 02:12:05 +03:00
Nikolay Amiantov 46f3975d99 nixos-install: don't check that /mnt is a mount point 2016-02-10 02:08:36 +03:00
Nikolay Amiantov 0024c10a5c dovecot service: add sendmail_path 2016-02-10 02:06:10 +03:00
Nikolay Amiantov c420a6f1ef acme service: update plugins enum 2016-02-10 02:06:01 +03:00
Nikolay Amiantov 2202bb9cf5 postsrsd: fix secret generation 2016-02-10 02:05:53 +03:00
Nikolay Amiantov 5396a01b6c init-script-builder: handle containers without a kernel 2016-02-10 02:05:47 +03:00
Robin Gloster 5bfcce9ed9 Merge pull request #12894 from nathan7/raw-psk
wpa_supplicant module: add an option for accepting raw PSKs
2016-02-09 17:23:24 +01:00
Nathan Zadoks 9e986c161b wpa_supplicant module: add an option for accepting raw PSKs
fix #12892
2016-02-09 17:20:35 +01:00
Eelco Dolstra 4d760edb94 Add FIXME 2016-02-09 16:15:57 +01:00
Rob Vermaas fdbbcef8a2 Fix waagent revision, previous did not exist anymore. 2016-02-09 14:52:54 +00:00
Robin Gloster 0ee88cffca Merge pull request #10417 from puffnfresh/nixos/mmc_block
initrd: add mmc_block to default available modules
2016-02-08 23:51:46 +01:00
Eric Sagnes f03ce60bd2 i3service: remove dmenu and i3 from env packages 2016-02-08 13:31:03 +09:00
Vladimír Čunát a115bff08c Merge branch 'master' into staging 2016-02-07 13:52:42 +01:00
Aneesh Agrawal 3c5fca9618 filesystems: use list of strings for fs options
Allow usage of list of strings instead of a comma-separated string
for filesystem options. Deprecate the comma-separated string style
with a warning message; convert this to a hard error after 16.09.
15.09 was just released, so this provides a deprecation period during
the 16.03 release.

closes #10518

Signed-off-by: Robin Gloster <mail@glob.in>
2016-02-06 19:48:30 +00:00
Robin Gloster f7aa921773 Merge pull request #12560 from tvestelind/haka
Haka: new package
2016-02-06 20:32:39 +01:00
Nikolay Amiantov b16b5bcaa3 Merge pull request #12811 from abbradar/pulseaudio-device-manager
Load PulseAudio's module-device-manager only for KDE
2016-02-06 22:10:40 +03:00
Nikolay Amiantov 8ade67e8c1 Merge pull request #12797 from abbradar/udev-reload
udev service: restart on rules change
2016-02-06 18:57:24 +03:00
Rickard Nilsson 5c20877d40 opensmtpd: Add option that can disable adding sendmail to the system path 2016-02-06 11:54:56 +01:00
aszlig b060d70d7f
nixos/udev: Fix printing impure FHS paths
The test only checked for existence of the rule file in the output path
of the rulefile generator.

However, we also need to check whether the basename of the file is also
the one we're currently searching for.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-02-05 15:31:04 +01:00
Eelco Dolstra 2701665904 Fetch all EC2 metadata / user data in the initrd
Since we're already fetching one datum, we may as well fetch the
others needed by fetch-ec2-data. This also eliminates the dependency
on wget.
2016-02-04 15:45:54 +01:00
Eelco Dolstra 5c72b20dde amazon-init.nix: Be less spammy 2016-02-04 15:45:54 +01:00
Eelco Dolstra 95584666e9 amazon-init.nix: Don't run nixos-rebuild if we don't have to 2016-02-04 15:45:54 +01:00
Nikolay Amiantov ae662cdb11 display-manager module: load pulseaudio's module-device-manager only for KDE 2016-02-04 13:59:17 +03:00
Kranium Gikos Mendoza 46ecb25d68 facetimehd: blacklist bdc_pci when enabled 2016-02-04 11:31:28 +08:00
aszlig c10a17a3eb
nixos/udev: Always fail if rules contain FHS paths
Partially reverts the following commits:

  9f2a61c59c
  9c13fe6604

As @edolstra pointed out, it would make more sense to do this by default
instead of having that allowImpurePaths option. This of course might
break systems which add extra packages to udev, but on the upside it's
hard to miss one of these paths now because it won't get buried in the
ocean of build output lines.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-02-03 16:40:41 +01:00
aszlig 9c13fe6604
nixos/tests/installer: Fail on impure udev rules
With 9f2a61c in place, let's actually use this in the installer tests to
make sure we won't shovel FHS paths down the throad of unstable channel
users.

I've tested this by running all of the installer tests for x86_64-linux
and they all succeeded.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-02-03 15:53:44 +01:00
aszlig 9f2a61c59c
nixos/udev: Add an option to fail on FHS paths
So far we were merely printing a warning if there are still references
to (/usr)/s?bin, but we actually want to make sure that we fix those
paths, especially on updates of packages that come with udev rules.

This adds a new option allowImpurePaths, which when set to false will
cause the "udev-rules" derivation to fail.

I've set this to true by default, to not break existing systems too much
and the intention is to set it to false for a few NixOS VM tests.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-02-03 15:48:52 +01:00
aszlig 80983bbe54
nixos/udev: Provide a better warning for FHS paths
We were trying to find FHS references in all of the rules found in
services.udev.packages. Unfortunately we're still fixing up paths in the
same derivation where we are checking those references, so for example
references to /sbin/modprobe were still printed to be needed to fixup
even though they were already fixed at the time.

So now we're printing a more helpful warning message which is also
conditional (before the warning message was printed regardless of
whether there are any rules that need fixup) and is based off the rules
that were already fixed up.

The new warning message not only contains the build-local rule files but
also the original files from other store paths and the FHS path
references that were still found.

With 8ecd3a5e1d reverted, we now get this:

/nix/store/...-udev-rules/63-md-raid-arrays.rules (originally from
 /nix/store/...-mdadm-3.3.4/lib/udev/rules.d/63-md-raid-arrays.rules)
 contains references to /usr/bin/readlink and /usr/bin/basename.

Which is now more accurate to what is not yet fixed and where it's
coming from.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-02-03 15:48:52 +01:00
aszlig ee68bdc42e
nixos/udev: Fix up readlink and basename as well
In 8ecd3a5, we fixed up the FHS paths for stage 1, but unfortunately we
have a similar udev rules generator twice one for the initrd and one
without. So we might need to refactor this in the future.

For now, let's just fix the references to readlink and basename in the
udev module as well until we have properly addressed this.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Fixes: #12722
2016-02-03 15:45:37 +01:00
Eelco Dolstra 42709fb4e9 switch-to-configuration: Handle failure to read /proc/1/exe
It's not entirely clear why this happens, but sometimes /proc/1/exe
returns a bogus value, like
/ar3a3j6b9livhy5fcfv69izslhgk4gcz-systemd-217/lib/systemd/systemd. In
any case, we can just conservatively assume that we need to restart
systemd when this happens.

Fixes #10261.
2016-02-03 15:01:18 +01:00
Vladimír Čunát 4fede53c09 nixos manuals: bring back package references
This reverts most of 89e983786a, as those references are sanitized now.
Fixes #10039, at least most of it.

The `sane` case wasn't fixed, as it calls a *function* in pkgs to get
the default value.
2016-02-03 14:47:14 +01:00
Vladimír Čunát e0feace5cd nixos docs: allow displaying package references
This is an improved version of original #12357.
For the purpose of generating docs, evaluate options with each derivation
in `pkgs` (recursively) replaced by a fake with path "\${pkgs.attribute.path}".
It isn't perfect, but it seems to cover a vast majority of use cases.
Caveat: even if the package is reached by a different means,
the path above will be shown and not e.g. `${config.services.foo.package}`.

As before, defaults created by `mkDefault` aren't displayed,
but documentation shouldn't (mostly) be a reason to use that anymore.

Note: t wouldn't be enough to just use `lib.mapAttrsRecursive`,
because derivations are also (special) attribute sets.
2016-02-03 14:47:14 +01:00
Nikolay Amiantov 1dce7c0b82 initrd-ssh module: don't check if network is up
We already do this in initrd-network.
2016-02-03 16:37:10 +03:00
Nikolay Amiantov b4528a696a initrd-network: call postCommands only if network is up 2016-02-03 16:35:21 +03:00
Eelco Dolstra 20b54bd989 Merge pull request #12724 from abbradar/udev-hwdb
udev service: generate hwdb database from all udev packages
2016-02-03 14:24:11 +01:00
aszlig 8ecd3a5e1d
nixos/stage-1: Fix references to readlink/basename
Fixes references coming from the mdadm udev rules.

This addresses #12722 (mdadm udev rules have references to /usr/bin) but
still won't fix the warning, though (if we want to fix the warnings, we
will have to patch the udev rules generater in services/hardware/udev).

For common mdraid functionality, this shouldn't fix anything, because
the wrong references seem to only apply to containers, see these
(wrapped) lines from ${mdadm}/lib/udev/rules.d/63-md-raid-arrays.rules:

  # Tell systemd to run mdmon for our container, if we need it.
  ENV{MD_LEVEL}=="raid[1-9]*",
    ENV{MD_CONTAINER}=="?*",
  PROGRAM="/usr/bin/readlink $env{MD_CONTAINER}",
    ENV{MD_MON_THIS}="%c"
    ENV{MD_MON_THIS}=="?*",
    PROGRAM="/usr/bin/basename $env{MD_MON_THIS}",
    ENV{SYSTEMD_WANTS}+="mdmon@%c.service"

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-02-03 14:19:24 +01:00