mirrors/nixpkgs
1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-25 03:17:13 +00:00
Code Issues Wiki Activity
285523 commits 204 branches 125 tags 10 GiB
Commit graph

456 commits

Author SHA1 Message Date
Pascal Bach 119a7aae50 nixos/nextcloud: prevent warning about missing X-Frame-Option 2020-02-24 22:07:24 +01:00
Benjamin Koch db32158bbd nixos/nextcloud: avoid loading imagick extension more than once 
This avoids the following error message:
  Module 'imagick' already loaded at Unknown#0
 2020-02-23 00:40:49 +00:00
David Wood 60a3d9dd6b nixos/jirefeau: add services.jirafeau module 
Signed-off-by: David Wood <david.wood@codeplay.com>
 2020-02-18 09:37:44 -08:00
Ryan Mulligan 5a358eade8
Merge pull request #69125 from jslight90/mattermost-5.15 
mattermost: 5.9.0 -> 5.15.0
 2020-02-12 20:56:00 -08:00
Maximilian Bosch 13f7b75553
nixos/grocy: init module 
Co-authored-by: elseym <elseym@me.com>
 2020-02-09 21:55:27 +01:00
Aaron Andersen 01ccb67598 nixos/httpd: code cleanup 2020-01-31 20:39:12 -05:00
Marek Mahut 942568b8ea
Merge pull request #77830 from 1000101/dokuwiki 
nixos/dokuwiki: init module
 2020-01-25 10:08:14 +01:00
Jan Hrnko 8bab2dec10 nixos/dokuwiki: init module at 2018-04-22b 2020-01-24 13:27:10 +01:00
Lennart 4e6e94417c nixos/nextcloud: added trusted_proxies setting (#77480) 2020-01-11 15:43:43 +01:00
Léo Gaspard b31660e5bb
Merge branch 'master' into ihatemoney 2020-01-09 03:49:03 +01:00
rnhmjoj 1d61efb7f1 treewide: use attrs instead of list for types.loaOf options 2020-01-06 10:39:18 -05:00
Daniel Frank 6d671372b5
nextcloud module: https is important not only for proxies 2019-12-31 13:01:46 +01:00
Aaron Andersen 79215f0df1 nixos/httpd: limit serving web content to virtual hosts, convert virtualHosts option type from listOf to attrsOf, add ACME integration 2019-12-24 20:27:48 -05:00
Aaron Andersen 133a5c345c
Merge pull request #74763 from nek0/restya-board-config-fix 
restya-board: Restya board config fix
 2019-12-23 07:42:37 -05:00
nek0 acd1240fd1 restya-board: fix configuration option and switch to file based password provisioning 2019-12-23 05:45:15 +01:00
Christian Kampka 9f97485399
trilium-server: Add nginx reverse proxy configuration to module 2019-12-19 10:14:13 +01:00
Christian Kampka 82f038d468
trilium-server: Add module 2019-12-19 10:14:12 +01:00
Silvan Mosberger 4ee3e8b21d
nixos/treewide: Move rename.nix imports to their respective modules 
A centralized list for these renames is not good because:
- It breaks disabledModules for modules that have a rename defined
- Adding/removing renames for a module means having to find them in the
central file
- Merge conflicts due to multiple people editing the central file
 2019-12-10 02:51:19 +01:00
Janne Heß d21f5cf36f nixos/nextcloud: Do not run sudo if not needed 
Only use sudo if we are currently not running as the nextcloud user.
This is problematic when occ is called from a systemd service with
NoNewPrivileges=true
 2019-12-07 21:10:34 +01:00
Jason Samsa 7e564ae162 remove vulgarity from wordpress nixos module 2019-12-04 12:45:40 -06:00
Aaron Andersen 5988940ca7
Merge pull request #73577 from helsinki-systems/matomo-consistency 
matomo: Fix consistency check
 2019-11-27 18:07:20 -05:00
Jean-Philippe Braun 4ea4408b9c nixos/nextcloud: add occ in path of nextcloud-setup 
This makes possible to use nextcloud-occ for setting extra
configuration options.

Example:

  systemd.services.nextcloud-setup = {
    script = mkAfter ''
      nextcloud-occ config:system:set redis 'host' --value '/var/run/redis/redis.sock' --type string
      nextcloud-occ config:system:set redis 'port' --value 0 --type integer
    '';
  };
 2019-11-19 23:59:26 +01:00
Janne Heß 08b9cac6d5 matomo: Fix consistency check 
This is done by recalculating sizes and md5 hashes and inserting them
into the manifest.
 2019-11-18 14:52:47 +01:00
Marek Mahut e51f707437
Merge pull request #72729 from mmahut/trac 
nixos/trac: init
 2019-11-04 17:53:49 +01:00
Marek Mahut 794c919765
Merge pull request #68327 from mmilata/moin 
nixos/moinmoin: init module
 2019-11-03 21:36:12 +01:00
Marek Mahut f3b8d9bae3 nixos/trac: service init 2019-11-03 17:24:08 +01:00
Symphorien Gibol 32d2266d0d ihatemoney: init at 4.1 plus module and test 2019-11-02 12:00:00 +00:00
Silvan Mosberger dd0a47e7ae
treewide: Switch to system users (#71055) 
treewide: Switch to system users
 2019-11-01 13:26:43 +01:00
Renaud e69fd930ed
Merge pull request #72193 from Ma27/bump-nexus 
nexus: 3.18.1-01 -> 3.19.1-01
 2019-11-01 08:55:24 +01:00
Maximilian Bosch df7727042f
nexus: 3.18.1-01 -> 3.19.1-01 
Relevant release notes:

* https://help.sonatype.com/repomanager3/release-notes/2019-release-notes#id-2019ReleaseNotes-RepositoryManager3.19.1
* https://help.sonatype.com/repomanager3/release-notes/2019-release-notes#id-2019ReleaseNotes-RepositoryManager3.19.0

Also added `preferLocalBuild = true;` to prevent builds on remote
machines as this only means elevated network access (tarball is fetched
locally and uploaded to the builder) and the build is fairly trivial.

To fix the startup I had to add the JVM parameter `java.endorsed.dirs`
to ensure that all libraries are loaded properly[1].

[1] https://issues.sonatype.org/browse/NEXUS-21603
 2019-10-28 21:34:55 +01:00
Robert Djubek 6ea626d3e2
nixos/matomo: fix deprecation warnings 
Fixes the phpfpm deprecation warnings about listen and extraConfig by
using fpm.socket and settings. Removes phpfpmProcessManagerConfig.
 2019-10-28 05:07:27 +00:00
Aaron Andersen 33474166e3
Merge pull request #69436 from tshaynik/fix/nextcloud-nginx-sts 
nixos/nextcloud: add Strict-Transport-Security
 2019-10-26 12:34:36 -04:00
Maximilian Bosch 4a5c0e029d
Merge pull request #71963 from dtzWill/security/nextcloud17-php-and-nginx-config 
Address nextcloud "urgent security issue" w/nginx per upstream recs
 2019-10-25 19:12:18 +02:00
Martin Milata ad034104cc nixos/moin: init 2019-10-25 17:51:09 +02:00
Maximilian Bosch 3461ec2ffd
nixos/gotify: init module and test 2019-10-25 16:19:41 +02:00
Will Dietz f6c45bff6d
nixos/nextcloud: update config for "urgent security issue" 
https://nextcloud.com/blog/urgent-security-issue-in-nginx-php-fpm/
 2019-10-25 06:50:29 -05:00
Janne Heß d6c08776ba treewide: Switch to system users 2019-10-12 22:25:28 +02:00
Mario Rodas af4351ab85
Merge pull request #69255 from minijackson/init-shiori 
Init shiori
 2019-10-12 09:01:58 -05:00
elseym 93fa16f939
documize: introduce state directory 2019-10-05 00:40:44 +02:00
Daniel KT 4590a2380e nixos/nextcloud: add Strict-Transport-Security 
This commit adds a Strict-Transport-Security header to
the nginx config file generated by the nextcloud module.

The Strict-Transport-Security header is recommended in
official guide for hardening Nextcloud installations:
https://docs.nextcloud.com/server/16/admin_manual/installation/harden_server.html

Further, if it is not set, we see a warning in the security scan results
in the Nextcloud admin panel:

```
The "Strict-Transport-Security" HTTP header is not set to at least "15552000" seconds. For enhanced security, it is recommended to enable HSTS as described in the security tips

```
 2019-09-25 16:56:53 -04:00
Jörg Thalheim bfed455de3
Merge pull request #68946 from volth/escape 
treewide: fix string escapes
 2019-09-24 04:19:12 +01:00
Jeff Slight 346a6ce265 nixos/mattermost: use database config if set to immutable 2019-09-23 14:56:41 -07:00
Minijackson 367cd2c7f8
nixos/shiori: init with test 2019-09-22 18:48:07 +02:00
Martin Milata 2adb03fdae nixos/wordpress: generate secrets locally 
Use /dev/urandom to generate keys and salts instead of downloading them
from https://api.wordpress.org/secret-key/1.1/salt/
 2019-09-22 14:33:08 +02:00
Jeff Slight 366be2ea32 nixos/mattermost: unescape unicode characters in config.json 2019-09-19 16:41:37 -07:00
Eelco Dolstra b0ccd6dd16
Revert "nixos/doc: re-format" 
This reverts commit ea6e8775bd. The new
format is not an improvement.
 2019-09-19 19:17:30 +02:00
Jan Tojnar ea6e8775bd
nixos/doc: re-format 2019-09-18 22:13:35 +02:00
volth 48086fbd70
nixos/matomo: fix escape 2019-09-17 00:27:13 +00:00
volth 432a2d73be
nixos/tt-rss: fix string escape 2019-09-17 00:23:51 +00:00
volth 4641b683f6
nixos/restya-board: fix string escape 2019-09-17 00:22:56 +00:00
volth 08195254aa
nixos/matomo: fix string escape 2019-09-17 00:22:11 +00:00
Aaron Andersen 7491f85e4f nixos/moodle: add extraConfig option 2019-09-16 08:03:37 -04:00
Maximilian Bosch 80e2c41b87
Merge pull request #68435 from averelld/nextcloud-fix-deprecation-warning 
nextcloud: fix deprecation warning
 2019-09-15 15:35:32 +02:00
Vincent Bernat cf3e491cef nginx: remove gzip_disable directive 
IE6 is long gone and this directive is not useful anymore. We can
spare a few CPU cycles (and maybe skip some bugs) by not trying to
disable gzip for MSIE6.
 2019-09-12 11:55:32 -05:00
Averell Dalton 56e5dddf7c nextcloud: fix deprecation warning 2019-09-12 14:19:42 +02:00
Aaron Andersen a0edbc5b4d nixos/zabbixWeb: fix a string reference as well as the phpfpm socket path 2019-09-09 12:24:39 -04:00
volth 7b8fb5c06c treewide: remove redundant quotes 2019-09-08 23:38:31 +00:00
Vladimír Čunát f21211ebfe
Merge branch 'master' into staging 2019-09-02 23:25:24 +02:00
Silvan Mosberger 478e7184f8
nixos/modules: Remove all usages of types.string 
And replace them with a more appropriate type

Also fix up some minor module problems along the way
 2019-08-31 18:19:00 +02:00
volth 08f68313a4 treewide: remove redundant rec 2019-08-28 11:07:32 +00:00
Frederik Rietdijk 5061fe0c2c Merge staging-next into staging 2019-08-28 08:26:42 +02:00
Marek Mahut 3a9d17ef04 nixos/matomo: fixing the configuration path 2019-08-27 11:44:34 +02:00
volth 35d68ef143 treewide: remove redundant quotes 2019-08-26 21:40:19 +00:00
Aaron Andersen 3bd03d2c0a nixos/moodle: init service 2019-08-25 08:12:28 -04:00
Aaron Andersen 400c6aac71 nixos/phpfpm: deprecate extraConfig options in favor of settings options 2019-08-23 07:56:27 -04:00
Aaron Andersen a30a1e2795 nixos/phpfpm: add user and group option to each pool 2019-08-23 07:56:27 -04:00
Aaron Andersen 62b774a700 nixos/phpfpm: add socket option to replace the listen option 2019-08-23 07:56:21 -04:00
Aaron Andersen 0ce8317c46 nixos/phpfpm: deprecate poolConfigs option 2019-08-23 07:54:51 -04:00
Marek Mahut 3b6258946f
Merge pull request #64407 from dasJ/icingaweb-test 
nixos/icingaweb: Fix module path; Add test
 2019-08-19 21:27:16 +02:00
Aaron Andersen 6f6468bef3
Merge pull request #65728 from Infinisil/types-eithers 
lib/types: Add oneOf, extension of either to a list of types
 2019-08-13 11:48:42 -04:00
Silvan Mosberger 88bb9fa403
nixos/modules: Replace all nested types.either's with types.oneOf's 2019-08-08 23:35:52 +02:00
Aaron Andersen a1f738ba87
Merge pull request #62748 from aanderse/mediawiki 
nixos/mediawiki: init service to replace httpd subservice
 2019-07-31 22:12:23 -04:00
Aaron Andersen 455d33f514 nixos/mediawiki: init service to replace httpd subservice 2019-07-23 22:02:33 -04:00
Maximilian Bosch c5e515f5c7
nixos/nextcloud: fix inclusion of trusted_domains in override config 
Regression I caused with 3944aa051c, sorry
for this! The Nextcloud installer broke back then because
`trusted_domains` was an empty value by default (a.k.a an empty array)
which seemed to break the config merger of Nextcloud as Nextcloud
doesn't do recursive merging and now no domain was trusted because of
that, hence Nextcloud was unreachable for the `curl` call.
 2019-07-23 13:29:43 +02:00
Maximilian Bosch 3944aa051c
nixos/nextcloud: write config to additional config file 
One of the main problems of the Nextcloud module is that it's currently
not possible to alter e.g. database configuration after the initial
setup as it's written by their imperative installer to a file.

After some research[1] it turned out that it's possible to override all values
with an additional config file. The documentation has been
slightly updated to remain up-to-date, but the warnings should
remain there as the imperative configuration is still used and may cause
unwanted side-effects.

Also simplified the postgresql test which uses `ensure{Databases,Users}` to
configure the database.

Fixes #49783

[1] https://github.com/NixOS/nixpkgs/issues/49783#issuecomment-483063922
 2019-07-22 18:29:52 +02:00
Aaron Andersen faf884ca9b
Merge pull request #64365 from aanderse/tt-rss 
nixos/tt-rss: remove deprecated usage of PermissionsStartOnly, specify a group to run service as, and fix local pgsql database creation
 2019-07-20 08:23:48 -04:00
Aaron Andersen 6891fb4103 nixos/zabbixWeb: replace httpd subservice with new module 2019-07-11 18:45:46 -04:00
Janne Heß 9e2a8f5023 nixos/icingaweb: Fix module path; Add test 2019-07-07 03:03:59 +02:00
Aaron Andersen 1cd3b98c3a nixos/tt-rss: remove deprecated usage of PermissionsStartOnly, specify a group to run service as, and fix local pgsql database creation 2019-07-05 22:04:56 -04:00
Silvan Mosberger 944e21cf7c
Merge pull request #63339 from Slabity/master 
Fix restya-board's phpfpm.pools option
 2019-07-06 03:00:52 +02:00
Tyler Slabinski 120cf906a6 nixos/restya-board: Fix phpfpm.pools option 2019-07-05 20:16:13 -04:00
Aaron Andersen 5da6d04840 nixos/limesurvey: module fixes & cleanup 2019-07-04 06:16:59 -04:00
Aaron Andersen aa05aad470 nixos/wordpress: create module to replace the httpd subservice 2019-07-03 11:47:33 -04:00
Aaron Andersen 278d867a9b Revert "Merge pull request #63156 from Izorkin/phpfpm-rootless" 
This reverts commit b5478fd1a2, reversing
changes made to dbb00bfcbf.
 2019-06-28 21:47:43 -04:00
Elis Hirwing b5478fd1a2
Merge pull request #63156 from Izorkin/phpfpm-rootless 
phpfpm: do not run anything as root
 2019-06-27 19:13:53 +02:00
Graham Christensen 38c28ef10c
Merge pull request #56265 from aanderse/permissions-start-only 
replace deprecated usage of PermissionsStartOnly (part 2)
 2019-06-25 18:04:22 -04:00
Jan Tojnar 11cb382a4c
nixos/doc: Fix spurious indentation 2019-06-17 12:28:26 +02:00
Izorkin 6093c04b67 nixos/tt-rss: fix work with phpfpm-rootless mode 2019-06-17 09:15:48 +03:00
volth f3282c8d1e treewide: remove unused variables (#63177) 
* treewide: remove unused variables

* making ofborg happy
 2019-06-16 19:59:05 +00:00
Izorkin 6290bf9067 nixos/selfoss: fix work with phpfpm-rootless mode 2019-06-16 12:33:51 +03:00
Izorkin d44f759b55 nixos/restya-board: fix work with phpfpm-rootless mode 2019-06-16 12:33:51 +03:00
Izorkin 5b1a4730bc nixos/nextcloud: fix work with phpfpm-rootless mode 2019-06-16 12:33:51 +03:00
Izorkin 08dae69741 nixos/matomo: fix work with phpfpm-rootless mode 2019-06-16 12:33:51 +03:00
Izorkin 2172419101 nixos/icingaweb2: fix work with phpfpm-rootless mode 2019-06-16 12:33:51 +03:00
Izorkin d49857a885 nixos/limesurvey: fix work with phpfpm-rootless mode 2019-06-16 12:33:51 +03:00
zimbatm 18ae1ecf03
nixos/cryptpad: add module 2019-06-07 13:02:51 +02:00
Matthew Bauer f21b846afe
Merge pull request #57752 from aanderse/limesurvey 
limesurvey: 2.05_plus_141210 -> 3.17.1+190408, init module
 2019-06-01 17:31:15 -04:00
Aaron Andersen 5cf98d29e7 nixos/limesurvey: init module to replace apache subservice 2019-05-28 23:02:34 -04:00
Aaron Andersen 1540a85458 nixos/frab: replace deprecated usage of PermissionsStartOnly 
see https://github.com/NixOS/nixpkgs/issues/53852
 2019-05-26 07:20:58 -04:00
Aaron Andersen 114bd801f4 nixos/jira: replace deprecated usage of PermissionsStartOnly 
see https://github.com/NixOS/nixpkgs/issues/53852
 2019-05-26 07:20:57 -04:00
Aaron Andersen 204be04531 nixos/crowd: replace deprecated usage of PermissionsStartOnly 
see https://github.com/NixOS/nixpkgs/issues/53852
 2019-05-26 07:20:56 -04:00
Aaron Andersen 99f74c268b nixos/confluence: replace deprecated usage of PermissionsStartOnly 
see https://github.com/NixOS/nixpkgs/issues/53852
 2019-05-26 07:20:56 -04:00
Malte Brandy ab5926ba67 nixos/nextcloud: Improve autoUpdateApps description string 2019-05-22 19:07:42 +02:00
Malte Brandy 49f05a1760
nixos/nextcloud: Add options services.nextcloud.autoUpdateApps 
nixos/nextcloud: Add documentation for nextcloud app installation and updates

nixos/nextcloud: Enable autoUpdateApps in nextcloud test

nixos/nextcloud: Fix typo in nixos/modules/services/web-apps/nextcloud.xml

Co-Authored-By: Florian Klink <flokli@flokli.de>

nixos/nextcloud: Escape html in option description

nixos/nextcloud: Fix autoUpdateApps URL in documentation.

Co-Authored-By: Florian Klink <flokli@flokli.de>
 2019-05-21 13:24:23 +02:00
Robin Gloster 6e546e0326
Merge pull request #60087 from dasJ/icingaweb-etc 
nixos/icingaweb2: Fix environment.etc assignment
 2019-05-18 10:03:40 +00:00
Daniel Schaefer 786f02f7a4 treewide: Remove usage of isNull 
isNull "is deprecated; just write e == null instead" says the Nix manual
 2019-04-29 14:05:50 +02:00
elseym 5fb48557f5
documize-module: refactor and add more options 2019-04-28 07:45:17 +02:00
Janne Heß 5fbf306760 nixos/icingaweb2: Fix environment.etc assignment 2019-04-23 14:04:40 +02:00
Aaron Andersen 56c7960d66 nixos/codimd: replace deprecated usage of PermissionsStartOnly 
see https://github.com/NixOS/nixpkgs/issues/53852
 2019-04-13 07:00:58 -04:00
Aaron Andersen a6bbc55ae1 nixos/nexus: replace deprecated usage of PermissionsStartOnly 
see https://github.com/NixOS/nixpkgs/issues/53852
 2019-04-13 07:00:56 -04:00
Joachim F 5dafbb2cb1
Merge pull request #56719 from bricewge/miniflux-service 
miniflux: add service
 2019-04-12 09:57:30 +00:00
Robin Gloster a58ab8fc05
Merge pull request #58398 from Ma27/package-documize 
documize-community: init at 2.2.1
 2019-04-08 22:34:11 +00:00
Maximilian Bosch acbb74ed18
documize-community: init at 2.2.1 
Documize is an open-source alternative for wiki software like Confluence
based on Go and EmberJS. This patch adds the sources for the community
edition[1], for commercial their paid-plan[2] needs to be used.

For commercial use a derivation that bundles the commercial package and
contains a `$out/bin/documize` can be passed to
`services.documize.enable`.

The package compiles the Go sources, the build process also bundles the
pre-built frontend from `gui/public` into the binary.

The NixOS module generates a simple `systemd` unit which starts the
service as a dynamic user, database and a reverse proxy won't be
configured.

[1] https://www.documize.com/get-started/
[2] https://www.documize.com/pricing/
 2019-04-08 23:54:57 +02:00
Florian Klink 2457510db4
Merge pull request #51918 from bobvanderlinden/var-run 
tree-wide: nixos: /var/run -> /run
 2019-04-07 20:09:46 +02:00
Will Dietz 27d78f4c6c nextcloud: use same php package throughout! 
`phpPackage` is 7.3 by default, but `pkgs.php` is 7.2,
so this saves the need for an extra copy of php
for the purpose of running nextcloud's cron;
more importantly this fixes problems with extensions
not loading since they are built against a different php.
 2019-04-06 10:34:14 -05:00
Jeremy Apthorp e8b68dd4f4 miniflux: add service 2019-04-06 03:52:15 +02:00
Silvan Mosberger fab50f0e91
Merge pull request #57716 from dasJ/redo-icingaweb2 
nixos/icingaweb2: Replace most options with toINI
 2019-04-04 21:20:01 +02:00
Danylo Hlynskyi 40cc269561
Merge branch 'master' into postgresql-socket-in-run 2019-03-25 01:06:59 +02:00
Bob van der Linden f09fb4d4dd
nixos/tt-rss: /var/run -> /run 2019-03-24 21:15:32 +01:00
Bob van der Linden 9b100c4e6f
nixos/selfoss: /var/run -> /run 2019-03-24 21:15:32 +01:00
Bob van der Linden cdc6f2e484
nixos/restya-board: /var/run -> /run 2019-03-24 21:15:31 +01:00
Bob van der Linden bde23ec9a3
nixos/codimd: /var/run -> /run 2019-03-24 21:15:31 +01:00
Vladimír Čunát 4c3ec0e325
nixos docs: run the formatting tool (no content change) 
As documented in the docs themselves :-)
 2019-03-22 14:44:11 +01:00
Janne Heß b0daedd371 nixos/icingaweb2: Replace most options with toINI 2019-03-15 20:35:29 +01:00
aszlig ef553788d0
postgresql: Move socket dir to /run/postgresql 
The default, which is /tmp, has a few issues associated with it:

One being that it makes it easy for users on the system to spoof a
PostgreSQL server if it's not running, causing applications to connect
to their provided sockets instead of just failing to connect.

Another one is that it makes sandboxing of PostgreSQL and other services
unnecessarily difficult. This is already the case if only PrivateTmp is
used in a systemd service, so in order for such a service to be able to
connect to PostgreSQL, a bind mount needs to be done from /tmp to some
other path, so the service can access it. This pretty much defeats the
whole purpose of PrivateTmp.

We regularily run into issues with this in the past already (one example
would be https://github.com/NixOS/nixpkgs/pull/24317) and with the new
systemd-confinement mode upcoming in
https://github.com/NixOS/nixpkgs/pull/57519, it makes it even more
tedious to sandbox services.

I've tested this change against all the postgresql NixOS VM tests and
they still succeed and I also grepped through the source tree to replace
other occasions where we might have /tmp hardcoded. Luckily there were
very few occasions.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @ocharles, @thoughtpolice, @danbst
 2019-03-15 04:52:35 +01:00
Silvan Mosberger 21c6592a42
Merge pull request #56987 from bachp/nextcloud-ocm-provider 
nixos/nextcloud: fix escapings and ocm-provider
 2019-03-08 16:49:36 +01:00
Silvan Mosberger 4a9a596fbf
Merge pull request #56625 from aanderse/phpfpm 
set phpOptions per phpfpm pool, instead of applying to every phpfpm pool
 2019-03-08 01:53:18 +01:00
Silvan Mosberger 34e67f3f9f
Merge pull request #56578 from serokell/youtrack-hostname 
youtrack: add hostname to path
 2019-03-07 18:56:29 +01:00
Christian Höppner c568dad253
nixos/youtrack: add hostname to path 2019-03-07 17:21:20 +01:00
Pascal Bach 415b927653 nixos/nextcloud: fix escapings and ocm-provider 2019-03-06 21:56:27 +01:00
Aaron Andersen cddb117b96 nixos/icingaweb2, nixos/restya-board, nixos/zoneminder: set phpOptions per phpfpm pool, instead of applying to every phpfpm pool 2019-03-03 07:33:25 -05:00
Franz Pletz 542e384916
Merge pull request #56496 from bachp/nextcloud-nginx-recommended 
nixos/nextcloud: Update recommended nginx settings
 2019-03-02 01:18:18 +00:00
Pascal Bach 390b6108a2 nixos/nextcloud: don't make phpPackages configurable 
It needs to match the version in phpfm which is hard coded.
So there is no point in being able to change it.
 2019-03-02 00:16:57 +01:00
Pascal Bach f0c0b8d949 nixos/nextcloud: move phpPackage and phpOptions into pool 
This allows to have a php configuration for nextcloud that is independent
of the global configuration.
 2019-03-02 00:16:56 +01:00
Pascal Bach 8f1b163b00 nixos/nextcloud: use PHP 7.3 instead of 7.1 by default 2019-03-02 00:16:55 +01:00
Pascal Bach 7f8620900a nixos/nextcloud: update recommended nginx settings 
This updates the configuration to the recommendations in
https://docs.nextcloud.com/server/15/admin_manual/installation/nginx.html
 2019-03-02 00:16:55 +01:00
Maximilian Bosch b42c24f7f2
nixos/nextcloud: add overwriteProtocol option 
The overwriteprotocol option can be used to force Nextcloud to generate
URLs with the given protocol. This is useful for instances behind
reverse proxies that serve Nextcloud with HTTPS.

In this case Nextcloud can't determine the proper protocol and it needs
to be configured manually.
 2019-02-27 22:14:35 +01:00
Matthieu Coudron 20bbfc39e4 services.nextcloud: add logLevel (#56400) 
a vlaue between 0 and 4 to help debug problems
 2019-02-26 09:18:08 +01:00
Symphorien Gibol a915b33315 nixos: add preferLocalBuild=true; on derivations for config files 2019-02-22 20:11:27 +01:00
Robert Irelan 7ae4b4897a
tt-rss: Fix syntax error in config.php DB_PASS field 
Empty password case would write `define('DB_PASS', )` instead of `define('DB_PASS', '')`.
 2019-02-19 16:24:17 -08:00
Ryan Mulligan c3f9fdbf42
Merge pull request #55957 from dasJ/icingaweb2-module 
nixos/icingaweb2: Init the module
 2019-02-17 11:12:23 -08:00
Janne Heß 1caa886f6c nixos/icingaweb2: Init the module 
The module is indeed very large but allows configuring every aspect of
icingaweb2. The built-in monitoring module is in an own file because
there are actually more (third-party) modules and this structure means
every module can get an own file.
 2019-02-17 19:08:47 +01:00
Torsten Schmits 97bb693927 nixos/tt-rss: fix syntax error in pre-start script 2019-02-17 10:50:24 +01:00
Graham Christensen a1525c5d48
docs: give matomo an ID 2019-02-15 17:51:00 -05:00
Silvan Mosberger 8a5925b7eb
Merge pull request #55301 from telotortium/tt-rss_disable_automatic_updates 
Remove option config.services.tt-rss.checkForUpdates (forced to false)
 2019-02-14 21:15:30 +01:00
Silvan Mosberger 3df95cfd9a
Merge pull request #55540 from florianjacob/matomo 
Security: Matomo 3.7.0 -> 3.8.1
 2019-02-14 21:13:57 +01:00
Silvan Mosberger c84488329b
Merge pull request #47747 from florianjacob/matomo-archive-processing-service 
Matomo archive processing service
 2019-02-14 21:05:16 +01:00
Francesco Zanini ab912cf744 atlassian services: allow overriding package (#55685) 2019-02-13 08:08:13 +00:00
Florian Jacob faac33bc77 nixos/matomo: 3.8.0 introduces matomo.{php,js} files 2019-02-11 17:33:44 +01:00
Jörg Thalheim f636bb2016
tt-rss: read listen socket from pool 
This allows to use a different socket.
The configuration was tested on my server.
 2019-02-08 07:08:13 +00:00
Jörg Thalheim 367b1e10cb
tt-rss: add database.passwordFile option 2019-02-08 07:08:10 +00:00
Robert Irelan eab69d998b Remove option config.services.tt-rss.checkForUpdates (forced to false) 
Force this option to false. Leaving this as true (currently the default)
is dangerous. If the TT-RSS installation upgrades itself to a newer
version requiring a schema update, the installation will break the next
time the TT-RSS systemd service is restarted.

Ideally, the installation itself should be immutable (see
https://github.com/NixOS/nixpkgs/issues/55300).
 2019-02-05 23:05:23 -08:00
Andrew Childs a7d9dcab7e nixos/nextcloud: use matching nginx package when configuring nginx 
NixOS currently defaults services.nginx.package to
nginxStable. Including configuration files from nginxMainline could
potentially cause incompatible configuration.
 2019-02-05 02:59:42 +09:00
Robin Gloster 89d24aca93
atlassian-crowd: 3.2.5 -> 3.3.3 2019-01-07 21:54:23 +01:00
Franz Pletz b60f8fc6e2
atlassian modules: don't chown home recursively 
This can take a long time and should not be necassary anyway.
 2019-01-07 21:54:20 +01:00
Florian Klink 34d45007e2
Merge pull request #51053 from Ma27/draft-nextcloud-module-docs 
nixos/nextcloud: add basic module documentation and warn about current upgrading issues
 2018-12-16 12:16:47 +01:00
Florian Jacob 959ba6f055 nixos/matomo: rename matomo_setup_update to matomo-setup-update 
to make it consistent with other NixOS systemd services and `matomo-archive-processing.service`.
Also, consistently spell Matomo with capital M.
 2018-12-09 14:42:27 +01:00
Florian Jacob ed6a60de1e nixos/matomo: add automatic archive processing 2018-12-09 14:42:27 +01:00
Jörg Thalheim 40c8969b4c
quassel-webserver: remove 
Package is broken and the original maintainer does not respond.
Unless someone wants to pick it up, I propose the removal.

fixes #51614
 2018-12-07 16:46:36 +00:00
Maximilian Bosch 216a954540
nixos/nextcloud: add basic module documentation and warn about current upgrading issues 
Part of #49783. NextCloud tracks in its `config.php` the application's
state which makes it hard for the module to modify configurations during
upgrades.

It will take time until the issue is properly fixed, therefore we
decided to warn about this in the manual.

This PR addresses two things:

* Adding a basic example for nextcloud. I figured it to be helpful to
  add some basic usage instructions when adding a new manual entry.
  Advanced documentation may follow later.

  For now this document actively links to the service options, so users
  are guided to the remaining options that can be helpful in certain
  cases.

* Add a warning about upgrades and manual changes in
  `/var/lib/nextcloud`. This will be fixed in the future, but it's
  definetely helpful to document the current issues in the manual (as
  proposed in https://github.com/NixOS/nixpkgs/issues/49783#issuecomment-439691127).
 2018-11-29 11:59:54 +01:00
Rafael García Gallego 8bf4fe85f1 selfoss (service): fix port in service config (#50411) 2018-11-15 19:22:20 +00:00
Léo Gaspard 221e0fae38
nextcloud module: document process for using with pgsql unix auth 2018-11-10 12:30:54 +09:00
Marwan Aljubeh 8ddefe857d nixos/nextcloud: fix a typo 
The NextCloud `adminpass` option sets the admin password, not the database password.
 2018-10-25 18:04:36 +02:00
Victor SENE 2a164f598c nixos/nextcloud: extend documentation for nginx configuration 
Co-authored-by: Robin Gloster <mail@glob.in>
 2018-10-22 19:50:37 +02:00
Yegor Timoshenko 6e4d0c4a8a
Merge pull request #47691 from florianjacob/matomo-choose-package 
nixos/matomo: introduce services.matomo.package option
 2018-10-13 15:27:00 +00:00
Florian Jacob a1825aecfc
nixos/matomo: introduce services.matomo.package option 2018-10-13 15:25:12 +00:00
Victor SENE 2dcd512e74 nixos/nextcloud: add poolConfig option (#48094) 2018-10-11 14:13:23 +00:00
Matthew Bauer ef7d2215a5
Merge pull request #46856 from dasJ/tt_rss_uid 
nixos/tt_rss: Give a proper UID
 2018-10-05 22:41:27 -05:00
Franz Pletz ebd38185c8 nixos/nextcloud: init 
Co-authored-by: Franz Pletz <fpletz@fnordicwalking.de>
Co-authored-by: Robin Gloster <mail@glob.in>
Co-authored-by: Janne Heß <janne@hess.ooo>
Co-authored-by: Florian Klink <flokli@flokli.de>
 2018-10-01 02:07:43 +09:30
Graham Christensen 8413f22bb3
docs: format 2018-09-29 20:51:11 -04:00
WilliButz 3961cab52f codimd: remove unneeded defaults 2018-09-18 23:15:34 +02:00
WilliButz fc93264f59 codimd: fix option configuration.saml.idpCert 2018-09-18 23:15:34 +02:00
Janne Heß be6e995085 nixos/tt_rss: Give a proper UID 2018-09-18 21:46:52 +02:00
WilliButz db846a88a8 nixos/codimd: add module 2018-09-17 15:18:52 +02:00
Graham Christensen 34d2ec7c09
nixos docs: give IDs to things 2018-09-01 16:20:49 -04:00
Yorick van Pelt 369cc995d1 youtrack: 2018.1.41051 -> 2018.2.44329 2018-08-09 21:46:21 +03:00
volth 2e979e8ceb [bot] nixos/*: remove unused arguments in lambdas 2018-07-20 20:56:59 +00:00
volth 87f5930c3f [bot]: remove unreferenced code 2018-07-20 18:48:37 +00:00
volth 29f0525679
nixos/nexus: fix evaluation 2018-07-09 04:48:15 +00:00
volth e9ec28f068
nixos/matomo: fix evaluation 2018-07-09 04:45:52 +00:00
Florian Klink fff5923686 nixos/modules: users.(extraUsers|extraGroup->users|group) 2018-06-30 03:02:58 +02:00
Matthew Bauer 76d1e13b7a
Merge pull request #41444 from dasJ/tt-rss 
nixos/tt-rss: Support plugins and themes
 2018-06-28 20:40:09 -04:00
Franz Pletz 2ef3ae5590
virtlyst service: init 2018-06-26 01:18:30 +02:00
Franz Pletz 8f4f748810
Merge pull request #42306 from ryantm/mattermost 
mattermost: 4.10.0 -> 5.0.0
 2018-06-20 20:52:04 +00:00
Jörg Thalheim 36600b2a50
Merge pull request #42287 from ryantm/mattermost-joinsnamespaceof 
nixos/mattermost: fix JoinsNamespaceOf config location
 2018-06-20 09:57:16 +01:00
Ryan Mulligan b83152c135 mattermost: 4.10.0 -> 5.0.0 2018-06-19 17:12:13 -07:00
Allan Espinosa 783eb8438a nixos/nexus: allow overriding the package 
Useful when pulling nixos-unstable in a stable NixOS installation.
 2018-06-13 08:02:17 -04:00
Ryan Mulligan 24f176f016 nixos/mattermost: fix JoinsNamespaceOf config location 2018-06-11 09:47:01 -07:00
Janne Heß 31714e44b7 nixos/tt-rss: Support plugins and themes 
The extra config is required to configure some plugins.
 2018-06-04 14:14:57 +02:00
Simon Lackerbauer 120e93928f
crowd: 3.0.1 -> 3.1.2 2018-05-24 04:40:47 +02:00
Maximilian Bosch 91365cd23a nexus: fix setup and nixos test (#40522) 
The original `nexus` derivation required `/run/sonatype-work/nexus3`
which explicitly depended on the NixOS path structure.

This would break `nexus` for everyone using `nixpkgs` on a non-NixOS
system, additionally the module never created `/run/sonatype-work`, so
the systemd unit created in `services.nexus` fails as well. The issue
wasn't actively known as the `nixos/nexus` test wasn't registered in
Hydra (see #40257).

This patch contains the following changes:

* Adds `tests.nexus` to `release.nix` to run the test on Hydra.

* Makes JVM parameters configurable: by default all JVM options were located
  in `result/bin/nexus.vmoptions` which made it quite hard to patch
  these parameters. Now it's possible to override all parameters by
  running `VM_OPTS_FILE=custom-nexus.vmoptions ./result/bin/nexus run`
  (after patching the `nexus` shell script), additionally it's possible
  to override these parameters with `services.nexus.vmoptions`.

* Bumped Nexus from 3.5.1 to 3.11.0

* Run the `nexus` test on Hydra with `callTest` in `nixos/release.nix`,
  furthermore the test checks if the UI is available on the specified
  port.

* Added myself as maintainer for the NixOS test and the package to have
  some more people in case of further breakage.

* Added sufficient disk space to the `nexus` test, otherwise the service
  fails with the following errors:

  ```
  com.orientechnologies.orient.core.exception.ODatabaseException: Cannot create database 'accesslog'
  com.orientechnologies.orient.core.exception.OLowDiskSpaceException: Error occurred while executing
    a write operation to database 'accesslog' due to limited free space on the disk (242 MB). The database
    is now working in read-only mode. Please close the database (or stop OrientDB), make room on your hard
    drive and then reopen the database. The minimal required space is 256 MB. Required space is now set to
    256MB (you can change it by setting parameter storage.diskCache.diskFreeSpaceLimit) .
  ```

/cc @ironpinguin @xeji
 2018-05-15 14:10:29 +02:00
Yegor Timoshenko 6e33df0f6f
Merge pull request #39008 from serokell/youtrack 
Youtrack package and service
 2018-04-27 22:16:57 +03:00
Yorick van Pelt 000482ffc4
youtrack: add service 2018-04-27 17:33:41 +02:00
Jean-Baptiste Giraudeau 15e44477b3
Add bash to jira PATH: required by health checks. 2018-04-17 16:44:04 +02:00
Gabriel Ebner d91caac6c3 services.tt-rss: do not unnecessarily start nginx 2018-04-17 11:44:52 +02:00
Robin Gloster fda705527d
nixbot: remove 
obsoleted mostly by ofborg
 2018-03-22 16:17:12 +01:00
Yegor Timoshenko 5905fe069b
tt-rss: use proper user and package for MySQL 2018-03-06 03:10:24 +00:00
Rodney Lorrimar 21dcead5f0
nixos/pump.io: remove 
This would probably be better maintained in a separate repo as an
external NixOS module which gets imported into user's configuration.
 2018-02-27 12:52:51 +00:00
Florian Jacob 885e762d47 nixos/matomo: improve serverName default 
when we need to change it anyway for the rename.
 2018-02-22 22:03:55 +01:00
Florian Jacob 48e449ee70 nixos/piwik: rename to matomo 2018-02-22 22:03:55 +01:00
Robin Gloster cfed96ca51 nixos/service.tt-rss: improve pgsql support, do not use static uid/gid 2018-01-05 14:47:54 +01:00
Jaakko Luttinen c26ff43905 nixos/service.tt-rss: improve mysql automatic setup 
If the user chooses MySQL, it is enabled by default. Also, the used database is
created automatically along with the user and permissions.
 2018-01-05 14:47:54 +01:00
Jaakko Luttinen 68855595ce nixos/service.tt-rss: enable nginx automatically 2018-01-05 14:47:54 +01:00
Jaakko Luttinen 13eaae1610 nixos/service.tt-rss: use tt_rss user 
- Add tt_rss system user.
- Use tt_rss as the user by default.
- Create tt_rss user and group automatically if used.
 2018-01-05 14:47:54 +01:00
Jaakko Luttinen c9b46ccea1 nixos/service.tt-rss: fix #27048 2018-01-05 14:47:54 +01:00
James Earl Douglas 00cda0d18d nixos/nexus: fix typo 
Nexus is produced by [Sonatype][1], not SonarType.

[1]: https://www.sonatype.org/
 2017-11-29 22:39:37 +01:00
Thomas Strobel 67ce1357fa nixos: init module: restya-board 2017-11-22 12:14:24 +01:00
aszlig 0e790b9f66
nixos/atlassian: Fix eval error in jrePackage 
The error got introduced by 4f3d971ef5,
which removed the *Text attributes from the option.

This in turn leads to an evaluation error while building the
manual/manpage, because oraclejre8 is marked unfree.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @jbgi, @orivej, @globin
 2017-11-09 20:31:41 +01:00
Jean-Baptiste Giraudeau 4f3d971ef5 Atlassian apps: remove misleading JRE switch logic 
Only the Oracle JRE is supported by Atlassian appsAtlassian apps
 (see https://jira.atlassian.com/browse/JRASERVER-46152)
 Plus Atlassian apps are non free so the switch logic always chose
 Oracle JRE anyway.
 Option is kept in case someone want to patch apps to support openjdk.
 2017-11-09 12:56:11 +01:00
Jean-Baptiste Giraudeau 3c06d9f0b0 Fix atlassian services (optional attr. and systemd) 
- Properly handle optional configuration.
 - Use ExecStart/ExecStop instead of script/stopScript.
 2017-11-09 12:56:11 +01:00
Ryan Mulligan e8c8370425 nixos/mattermost: fix for webapp being renamed to client 2017-11-05 13:53:50 -08:00
Franz Pletz de917326a9
atlassian-crowd service: run crowd in foreground 2017-10-24 14:21:05 +02:00
elseym aeeac71231 mattermost: create role and db with postgres superuser 
Recently, the postgres superuser name has changed. Using the configured
and correct username here fixes database initialisation.
 2017-10-10 20:08:21 +02:00
Joachim F c9200f8d9c Merge pull request #28874 from ryantm/mattermost 
nixos/mattermost: fix create role
 2017-09-13 19:41:25 +00:00
Michele Catalano 4ea1d49643 nexus: Add module for nexus. 
Add also myself as maintainer
Add simple test of the nexus service
 2017-09-04 22:32:02 +02:00
Ryan Mulligan 8585898909 nixos/mattermost: fix create role 
postgresql create role no longer supports NOCREATEUSER option. See
https://www.postgresql.org/docs/9.6/static/release-9-6.html for
details.
 2017-09-01 14:24:44 -07:00
Florian Jacob 786e9711f5 nixos/piwik: fix nginx submodule's ssl defaults 
previous mkDefault did not work as expected,
as it did not overwrite the original submodule's defaults when the user
did not specify any custom options at all.
 2017-09-01 08:13:34 +02:00
Florian Jacob ae9d311565 nixos/piwik: adjust to addSSL and forceSSL now being mutually exclusive 2017-08-30 22:13:26 +02:00
Florian Jacob 0544ac4a1b nixos/piwik: Make webServerUser default to nginx 
if the nginx option is used.
Noted that either webServerUser or nginx option is mandatory.
Also introduce an assertion if both are not set,
and a warning if both are set.
Resolves #27704.
 2017-08-30 22:05:02 +02:00
Florian Jacob adb03f32a1 nixos/piwik: Remove part about mail problems 
Sending mail works out of the box as of resolution of #26611.
 2017-08-30 22:05:01 +02:00
Florian Jacob 746cc06f13 nixos/piwik: use nginx' virtualHost submodule 
instead of redeclaring part of the options. Backward-compatible change.
This gives the same flexibility to the user as nginx itself.
This also resolves the piwik module break from nginx' enableSSL introduction from #27426.
 2017-08-30 22:05:00 +02:00
Christian Albrecht 964799e556 sks and pgpkeyserver-lite modules: init (#27515) 
* modules sks and pgpkeyserver-lite:
  runs the sks keyserver with optional nginx proxy for webgui.
* Add calbrecht to maintainers
* module sks: fix default hkpAddress value
* module pgpkeyserver-lite: make hkpAddress a string type option
  and use (builtins.head services.sks.hkpAddress) as default value
* module sks: remove leftover service dependencies
 2017-08-22 12:27:00 +02:00
Joachim F 9f93150ec9 Merge pull request #27820 from dalaing/piwik-install-doc-fix 
nixos/piwik: clarifies setup documentation
 2017-08-06 22:58:52 +01:00
Markus Mueller c678fc385e
confluence: fix optional sso 2017-08-04 02:13:51 +02:00
Franz Pletz 02791ced34
atlassian-{jira,confluence}: add crowd sso support 2017-08-04 02:13:42 +02:00
Dave Laing d690701ff7 nixos/piwik: clarifies setup documentation 
The piwki setup documentation as it stands has two issues:
- the `ALTER USER root` line does not work with MariaDB or MySQL 5.5
- the auth plugin details vary between MariaDB and MySQL
 2017-08-02 08:38:16 +10:00
Florian Jacob 55844c8380 piwik & piwik service: init at 3.0.4 2017-06-19 16:00:17 +02:00
Franz Pletz cce8aab9de
mattermost service: PrivateTmp broken with local postgresql 2017-05-08 09:18:32 +02:00
Robin Gloster edb1ea055e
confluence module: needs bash for health checks 2017-04-29 11:15:59 +02:00
Franz Pletz 3ab45f4b36
treewide: use boolToString function 2017-04-11 18:18:53 +02:00
Franz Pletz f1f9020224
crowd service: fix secure sso cookies 
Crowd didn't detect a secure connection before.
 2017-04-10 15:39:37 +02:00
Franz Pletz 9536169074
nixos/treewide: remove boolean examples for options 
They contain no useful information and increase the length of the
autogenerated options documentation.

See discussion in #18816.
 2017-03-17 23:36:19 +01:00
Rodney Lorrimar f488b1811b
pumpio service: don't keep secrets in nix store 
Added extra config options to allow reading passwords from file rather
than the world-readable nix store.

The full config.json file is created at service startup.

Relevant to #18881
 2017-03-12 16:01:02 +01:00
Rodney Lorrimar f1a1490135
pumpio service: adjust upload directory config for 3.0.0 
These changes are backwards compatible.
 2017-03-12 16:00:57 +01:00
Arian van Putten 252fbbf2d2 mattermost sevice: JoinsNamespaceOf for local pgsql (#22899) 2017-02-20 04:43:04 +01:00
Franz Pletz fbf762e0b7
frab module: init 2017-01-25 23:58:21 +01:00
Robin Gloster d8ef63fc73
crowd module: fix OpenID server 2016-12-29 00:41:42 +01:00
Joachim Fasting f9f354faad
nixos/modules: use defaultText where applicable 
Primarily to fix rendering of these default values in the manual but
it's also nice to avoid having to eval these things just to build the
manual.
 2016-11-21 16:35:15 +01:00
uwap 42e93b5f2a quassel-webserver: init at 2.1.1 2016-10-21 23:31:50 +02:00
Franz Pletz 1749e86577 crowd module: init 2016-10-12 13:17:24 +02:00
Franz Pletz 96d0950ce3 jira module: init 2016-10-12 13:17:24 +02:00
Franz Pletz cc89d6c8e9 confluence module: init 2016-10-12 13:17:24 +02:00
Robin Gloster c6b050fd2f
nixbot module: init 2016-10-09 15:05:27 +02:00
Joachim F 2522504bd1 Merge pull request #18463 from regnat/selfoss 
Selfoss : add package and module
 2016-09-24 16:10:39 +02:00
Théophane Hufschmitt 0401260922 selfoss service: init 2016-09-14 09:23:56 +02:00
Nadrieril 3846329c97
tt-rss service: Default to multiple user mode 2016-08-28 11:20:18 -07:00
Nadrieril 789a37f0fc
tt-rss service: #15862 has been merged; enable nginx virtualhost config 2016-08-28 11:20:17 -07:00
Nadrieril 33d6371fd9
tt-rss service: Allow connecting to the database through Unix socket 2016-08-27 13:55:00 -07:00
Nadrieril 3a4db71b35
tt-rss service: Use the correct user to run the application 2016-08-27 13:54:46 -07:00
Nadrieril bc9c9dd6bd
tt-rss service: Allow setting application root 2016-08-27 13:54:31 -07:00