* simplify directory layout
* clean up option descriptions
* let the user override Firebird package
* create firebird user
* clarify TODO comment
Close # 1061.
This enables to override which plugins to include with nginx by allowing to change
nginx package. I also removed webdav option in nginx nixos module, because you
can now specify this by overriding nginx package.
Those tests are flapping and redundant to some degree, as two
configurations are tested in NixOps as well. So, let's deactivate them
until the 1.0 release of nixpart, which has a more general approach for
automatically partitioning NixOS installations.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Previously changing the value of certain options in configuration.nix
would cause the manual to be regenerated, because some option defaults
depend on the configuration. This is undesirable because rebuilding
the manual is kind of slow. So now the manual reflects an empty
configuration.
The downside is that this requires another call to fixMergeModules,
which adds about 14% to evaluation time. Probably worth it.
It requires a writable /nix/store to store the build result. Also,
wait until we've reached multi-user.target before doing the build, and
do a sync at the end to ensure all data to $out is properly written.
http://hydra.nixos.org/build/6496716
Suggested by Marc Weber. Fixes #1059.
Generate /etc/nix.machines only if buildMachines is not empty. Thus,
if you want to manage /etc/nix.machines in some other way, you can set
nix.distributedBuilds to true but not set nix.buildMachines.
Note that there is a subtle difference in Nix that causes
nixos-rebuild to work and NixOps to fail:
$ nix-instantiate '<nixos>' -A config.system.nixosVersion --eval-only
"13.10pre34915.50f4822"
$ nix-instantiate '<nixos/default.nix>' -A config.system.nixosVersion --eval-only
error: opening file `/nix/var/nix/profiles/per-user/root/channels/nixos/.version': No such file or directory
Fixes NixOS/nixops#145.
Sshd *must* use PAM because we depend on it for proper session
management. The original goal of this option (disabling password
logins) can also be implemented by removing pam_auth authentication
from sshd's PAM service.
That is, you can say
security.pam.services.sshd = { options... };
instead of
security.pam.services = [ { name = "sshd"; options... } ];
making it easier to override PAM settings from other modules.
Previously logging in via SLiM more than once didn't work because SLiM
doesn't clean up its PAM session properly (that is, in a child rather
than in the parent). Thus the slim process becomes part of the user
session's cgroup, among other things. This patch causes SLiM to exit
after the session has finished, after which systemd will restart
display-manager.service.
Fixes NixOS/nixops#137.
Twisted provides option to log with syslog, this enables nicer logging.
Imagine what happens in a case of exception. If logs are written to stdout,
traceback won't be merged thus giving ugly logs. This commit fixes that.
This is also one of the official ways of starting carbon, so no worries.
If this option is given, nixos-generate-config will write the
configuration to /etc/nixos under the given root, and only emit
fileSystems attributes for filesystems under the given root directory.
The typically use case is at installation time, where you can say:
$ nixos-generate-config --root /mnt
which will create /mnt/etc/nixos/{configuration.nix,hardware-configuration.nix}.
Also add a --force flag to force overwriting configuration.nix.
Having configuration.nix generation hidden underneath nixos-option
never made sense, also given that there was another command to
generate part of the configuration (nixos-hardware-scan). Now
nixos-generate-config produces both configuration.nix and
hardware-configuration.nix. The latter is overwritten while the
former is not.
vsftpd improvements:
- intorduce one declarative list of options
- make docummentation strings more understandable and add missing options
such as SSL/TLS support
- Use environment.etc."vsftpd".text because I can't think about any
reason why a shell script should be used.
That code was written in 2009.
It's now "<yy>.<mm>pre<commit-count>.<short-hash>"
(e.g. "13.10pre5678.gfedcba") for the unstable branch, and
"<yy>.<mm>.<commit-count>.<short-hash>" (e.g. "13.10.5678.gfedcba")
for stable branches.