1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-23 14:11:36 +00:00
Commit graph

4182 commits

Author SHA1 Message Date
Kranium Gikos Mendoza 9213916ca7 facetimehd: init at git-20160127 2016-01-28 02:59:36 +08:00
Eelco Dolstra 2352e2589e audit: Disable in containers
This barfs:

Jan 18 12:46:32 machine 522i0x9l80z7gw56iahxjjsdjp0xi10q-audit-start[506]: The audit system is disabled
2016-01-26 16:25:40 +01:00
Tony White c95bd5d085 sddm: add numlock switch
- added numlock on boot switch
- simply add :
services.xserver.displayManager.sddm.autoNumlock = true;
to configuration.nix and sddm will start
with numlock enabled.
2016-01-26 06:17:32 +00:00
Arseniy Seroka e395cb0214 Merge pull request #12601 from tomberek/gateone_update
Gateone: fix cacerts dependency
2016-01-25 23:14:53 +03:00
Eelco Dolstra 310aadc48b Merge pull request #12557 from ryanartecona/nixos-manual-custom-options
NixOS manual: allow options from nix packages
2016-01-25 10:43:39 +01:00
Franz Pletz ff51021920 Merge pull request #12590 from exi/askpass-in-env
nixos-ssh: set SSH_ASKPASS globally and not just on interactive shells
2016-01-25 10:42:31 +01:00
Vladimír Čunát 3e1599f57b nixos-generate-config: fix #12595: broadcom quoting 2016-01-25 07:57:53 +01:00
Thomas Bereknyei 80d38d12b4 Gateone: fix cacerts dependency 2016-01-24 16:52:06 -05:00
Reno Reckling 312bae7fc0 nixos-ssh: set SSH_ASKPASS globally and not just on interactive shells
If we limit SSH_ASKPASS to interactive shells, users are unable to trigger
the ssh-passphrase dialog from their desktop environment autostart scripts.
Usecase: I call ssh-add during my desktop environment autostart and want to have
the passphrase dialog immediately after startup.
For this to work, SSH_ASKPASS needs to be propagated properly on
non-interactive shells.
2016-01-24 11:18:30 +01:00
Dan Peebles dd18447055 grsecurity: add NixOS VM test 2016-01-24 04:06:19 +00:00
Dan Peebles e409d0fed3 nixos: update-locatedb - harden via systemd (#7220)
Also, use systemd timers.

Most of the work is by @thoughtpolice but I changed enough of it to warrant changing commit author.
2016-01-23 20:44:30 +00:00
Dan Peebles 7ccda42007 nixos: uptimed - rewrite and harden a bit (#7220)
This is mostly @thoughtpolice's work, but I cleaned it up a bit.
2016-01-23 19:28:01 +00:00
Nikolay Amiantov bf208745ab Merge pull request #12290 from abbradar/dovecot-updates
Rework dovecot module, add and update plugins, default Dovecot to 2.2
2016-01-23 12:02:23 +03:00
Tomas Vestelind 198c03bffe haka: very basic testing 2016-01-23 01:20:14 +01:00
Tomas Vestelind 11d475af29 haka: options for nixos 2016-01-23 01:19:53 +01:00
Ryan Artecona e6cd147ae7 nixos manual: allow options from nix packages 2016-01-22 14:22:12 -05:00
Peter Simons e6d42dfe04 Merge pull request #12459 from avnik/fix-var-lib-postfix-permissions
Make /var/lib/postfix world-readable
2016-01-22 17:25:07 +01:00
Peter Simons 9ee5a6b858 Merge pull request #12481 from nathan7/usrbinenv-option
activation-script module: add environment.usrbinenv option
2016-01-22 11:18:37 +01:00
Thomas Bereknyei eda3e938d7 IHaskell: remove un-needed inherit 2016-01-21 17:21:00 -05:00
Domen Kožar b39c51a362 Merge pull request #12323 from kragniz/rkt-v0.15.0
rkt: 0.14.0 -> 0.15.0
2016-01-21 22:27:33 +01:00
Domen Kožar e473a424fb Merge pull request #12324 from rickynils/nixos-rebuild-remote-try2
Fix NixOS installer tests failures introduced by nixos-rebuild changes
2016-01-21 21:20:57 +01:00
koral 93e17506ee Rewrite acpid module in a more generic way 2016-01-21 20:08:14 +01:00
aszlig c92d7481a5
multipath_tools: Rename to multipath-tools
See http://nixos.org/nixpkgs/manual/#sec-package-naming

I've added an alias for multipath_tools to make sure that we don't break
existing configurations referencing the old name.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-01-21 16:18:38 +01:00
Nikolay Amiantov 5b5e2c05c4 nixos/dovecot: add mail user and group 2016-01-21 12:53:26 +03:00
Nikolay Amiantov b781cf1a12 nixos/dovecot: add sieveScripts support 2016-01-21 12:53:26 +03:00
Nikolay Amiantov 39bbac96af nixos/dovecot: symlink system-wide config and use it 2016-01-21 12:53:25 +03:00
Nikolay Amiantov 70e77f9b53 nixos/dovecot: use new modules directory 2016-01-21 12:53:25 +03:00
Nikolay Amiantov 94a43b41af nixos/dovecot: add dovecot package to modules, force proper dovecot version 2016-01-21 12:53:25 +03:00
Nikolay Amiantov b2b58642fe nixos/dovecot: add 'protocols' option 2016-01-21 12:53:25 +03:00
Nikolay Amiantov 122929cda7 nixos/dovecot: use systemd's RuntimeDirectory instead of creating it by ourselves 2016-01-21 12:53:25 +03:00
Nikolay Amiantov 9c7b067c6a nixos/dovecot: create user/group only if they are default 2016-01-21 12:53:24 +03:00
Nikolay Amiantov d1a9c55d91 nixos/dovecot: add reload command 2016-01-21 12:53:24 +03:00
Nikolay Amiantov 9fe72b34ed nixos changelog: mention postfix changes 2016-01-21 12:48:30 +03:00
Nikolay Amiantov 15ea50733d nixos changelog: mention ejabberd fixes 2016-01-21 12:48:30 +03:00
Edward Tjörnhammar 4948bdadd6 nixos: ihaskell, wrong type restriction redacted 2016-01-21 10:02:39 +01:00
Alexander V. Nikolaev 39bd9be5a9 postfix: use built-in set-permission tool to setup queue
Make top level /var/lib/postfix as root:root 0755

After generating custom configs in /var/lib/postfix/conf,
`postfix set-permissions` called, to perform all required tricks
related to queue handling (postfix use file mode bits to keep
some internal statuses, so `chmod -R` not recommended by authors,
see comments in $out/libexec/postfix/post-install for details)

Also post-install script was patched, to skip permission check/update
for files inside $out, as well as symlinks following to $NIX_STORE.

Config file `main.cf` extended with all default directory locations,
to prevent post-install script from guessing and overwrite them.

And finally all actions in activation script snippets performed
by postmap/postalias/postfix tools from current build, not random one
from paths.
2016-01-20 14:52:59 +02:00
Robin Gloster eac8cb1ce1 Merge pull request #11896 from mayflower/upstream-networkd
networkd: add IPForward IPMasquerade options,  DHCPServer section
2016-01-20 13:06:44 +01:00
Rickard Nilsson 51c6383ebd nixos-rebuild: Build only the 'out' output of nix (not 'doc' and 'debug' too)
This fixes the failing NixOS installer tests.
2016-01-20 10:01:59 +01:00
Rickard Nilsson fb2eae08d5 Revert "Revert "nixos-rebuild: Add option for building and/or deploying on a remote host""
This reverts commit 78be7f5a53.
2016-01-20 10:01:59 +01:00
Joachim Schiele 2a88417f03 nixos/doc: fix to: ~/.nix-defexpr wasn't created, fixes #6606 2016-01-20 04:59:16 +01:00
Rick Yang f8c3130e0f softether: Fixed problems with using systemd services 2016-01-20 03:47:33 +01:00
Peter Jones 5b8c871842 If container name is already unique, don't append "-0"
When using `--ensure-unique-name`, don't needlessly append `"-0"` if the
container name is already unique.

This is especially helpful with NixOps since when it deploys to a
container it uses `--ensure-unique-name`.  This means that the container
name will never match the deployment host due to the `"-0"`.  Having the
container name and the host name match isn't exactly a requirement, but
it's nice to have and a small change.
2016-01-20 03:46:19 +01:00
Rok Garbas 109ba4c861 nixos: add test for postgresql, fixes #11146 2016-01-20 03:42:59 +01:00
Mark Laws 1c393cbb3c gale service: fix permissions configuration, fixes #12457 2016-01-20 02:09:40 +01:00
Tobias Geerinckx-Rice df29b0d23f nixos: fix evaluation
After commit 5e468b9, evaluation failed with:

  error: undefined variable ‘dnsExtensionMechanism’ at
  .../nixpkgs/nixos/modules/config/networking.nix:177:33
2016-01-20 01:19:03 +01:00
Nathan Zadoks df82096af0 activation-script module: add environment.usrbinenv option 2016-01-19 23:29:48 +01:00
Peter Simons 5e468b96b4 nixos: add 'networking.dnsExtensionMechanism' option to enable edns0 (for DNSSEC)
Set this option to 'true' (default: 'false') to enable extension mechanisms for
DNS (EDNS) in your local glibc resolver. This is required for supporting
DNSSEC, for example.

Implementation detail: the patch changes assignments to "resolv_conf_options"
to use "+=" instead of "=" to ensure that multiple users of that variable don't
overwrite each other. The generated config file is a shell script, after all,
so this should work fine.

Closes https://github.com/NixOS/nixpkgs/issues/12470.
2016-01-19 21:54:43 +01:00
Eric Sagnes 0dd8e03308 i3 service: added i3status and dmenu dependency 2016-01-19 09:32:49 +09:00
Nikolay Amiantov 148396c022 systemd service: add *.busname upstream units 2016-01-18 19:42:25 +03:00
Rickard Nilsson ce543ebf27 elasticsearch: Fix some startup warnings 2016-01-18 15:57:59 +01:00
Rickard Nilsson d6f9f13512 bosun: Create ledisDir in pre-start script 2016-01-18 15:57:59 +01:00
Robin Gloster cd11d91f0a jobs -> systemd.services
missed an override
2016-01-17 22:05:13 +00:00
Robin Gloster 101125d184 Merge pull request #12441 from k0ral/acpid
Add volume and cd events to acpid configuration
2016-01-17 21:57:58 +01:00
Domen Kožar 9e8eba48ab xorg.xorgserver: wrap Xvfb with required flags 2016-01-17 21:14:49 +01:00
Robin Gloster 4a0692a5fb types: remove references to new packageSet
Reverts part of a04a7272aa

packageSet is slated to be introduced in #11866 but currently causes
evalation errors.

/cc @ts468
2016-01-17 19:49:38 +00:00
Thomas Strobel a04a7272aa Add missing 'type', 'defaultText' and 'literalExample' in module definitions
- add missing types in module definitions
- add missing 'defaultText' in module definitions
- wrap example with 'literalExample' where necessary in module definitions
2016-01-17 19:41:23 +01:00
rnhmjoj 641a951c61 i18n: Fix vconsole colorscheme generation
Close #12442.
abbradar: remove trailing spaces.
2016-01-17 20:24:45 +03:00
koral 9327982486 Add volume and cd events to acpid configuration 2016-01-17 13:04:54 +01:00
Pascal Wittmann a3e7adf509 nixos/plex: fix service startup, see #12422 2016-01-17 13:01:42 +01:00
Domen Kožar 07dcea52e6 Merge pull request #12419 from avnik/rmilter+rspamd
Rmilter+rspamd packages and NixOS modules
2016-01-17 12:57:51 +01:00
Domen Kožar 2d681fdcf7 Merge pull request #12202 from thoughtpolice/nixos/tarsnap/sep-cachedirs
nixos: tarsnap - allow and document concurrent backups
2016-01-17 12:48:59 +01:00
Domen Kožar 75284b09e1 Fix ISO building from a channel
Building config.system.build.isoImage would fail with the following
error using the channel:

  ln: failed to create symbolic link
'/nix/store/zz0hzi5imrg4927v6f8mv281qs6v6pbq-nixos-16.03pre69762.e916273/nixos/nixpkgs/.': File exists

The fix skips symlink as it already exists if the channel
nixpkgs copy is used.

Fixes #10367
2016-01-16 21:58:40 +01:00
Sander van der Burg 4fafd77f7e disnix: propagate ejabberd username to the activation module 2016-01-16 18:08:07 +00:00
Franz Pletz cac1041ced Merge pull request #12328 from makefu/zsh-allow-override-history-defaults
programs.zsh: allow override of history defaults
2016-01-16 17:25:20 +01:00
makefu ed83b8a61c programs.zsh: allow override of history defaults 2016-01-16 16:55:30 +01:00
Alexander V. Nikolaev de8dea4821 nixos: add module for rmilter 2016-01-16 15:12:30 +02:00
Alexander V. Nikolaev 14926f08a3 nixos: Add module for rspamd 2016-01-16 15:11:36 +02:00
aszlig 5caa8ab55e
nixos/tests/quake3: Don't quote +set arguments
With the new upstream Git version of ioquake3 introduced in 7fc7502, the
arguments to the quake3(server) binaries/wrappers may no longer be
passed as full single arguments (like "+set foo bar") but rather as
separate arguments (like "+set" "foo" "bar"), otherwise they will be
completely ignored.

Ran the x86_64-linux test on my machine and it now succeeds.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-01-16 01:13:36 +01:00
aszlig c4de45b7ca
nixos/tests/quake3: Fix eval due to unfree license
Regression introduced by 6b447a3c9b.

In this commit the Quake 3 demo data now have a meta attribute which
specifies the license as unfreeRedistributable.

While I haven't found anything official about that on the web, let's
just allow it to be used in the test because first of all, we have been
using it for a long time (since 2009, introduced in 497760b) and second,
because it will be quite some effort to rewrite the test with something
like OpenArena (particularily because we need coverage data and need to
use the ioquake3 version plus OpenArena-specific patches).

Tested evaluation on my local system, but the VM test still fails.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-01-16 01:13:02 +01:00
Louis Taylor 6309f48137 rkt: 0.14.0 -> 0.15.0 2016-01-15 18:09:58 +00:00
Robin Gloster 00b2e1f704 Merge pull request #11809 from mayflower/fix/libvirtd_service
libvirtd service: Move mutable configs to /var
2016-01-15 18:58:40 +01:00
aszlig 7e36514c90
nixos/postfix: Set type for extraConfig to "lines"
Regression introduced by 3891d3e654.

Merging multiple options with type "str" won't work and give an
evaluation error. For extra configuration lines in the Postfix config it
really should be "lines", especially because even the description
mentions "extra lines".

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-01-15 17:57:09 +01:00
roblabla 7e10bf4327 matrix-synapse: init at 0.12.0 2016-01-15 15:17:14 +01:00
Tristan Helmich bce59a1a8b libvirtd service: Move mutable configs to /var
Modifies libvirt package to search for configs in /var/lib and changes
libvirtd service to copy the default configs to the new location.

This enables the user to change e.g. the networking configuration with
virsh or virt-manager and keep those settings.
2016-01-15 14:26:20 +01:00
Vladimír Čunát 98218971c2 Merge #12299: make firefox-like browsers wrapped by default 2016-01-15 08:53:58 +01:00
Vladimír Čunát 5fe68602cc release notes: document renames of firefox-like browsers 2016-01-15 08:37:02 +01:00
Domen Kožar 8525936f80 nixos: Document "jobs" option removal 2016-01-14 13:08:56 +01:00
Mark Laws e7ba7fba01 gale: init at 1.1happy 2016-01-13 12:00:50 -08:00
Nikolay Amiantov b292e19fbd xserver service: wait for systemd-logind
This seems the right thing to do, and most likely has fixed the race condition
described at https://github.com/NixOS/nixpkgs/issues/12132#issuecomment-171284532
2016-01-13 17:31:23 +03:00
Peter Simons ae6fc4c5be Merge pull request #12293 from abbradar/postfix-updates
Rework postfix module and package
2016-01-13 14:12:50 +01:00
Luca Bruno 27928a020a gnome3: default to gnome 3.18 2016-01-13 12:13:27 +00:00
Vladimír Čunát 3bcf8ae879 nixos manuals: bring back package references
This reverts most of 89e983786a, as those references are sanitized now.
Fixes #10039, at least most of it.

The `sane` case wasn't fixed, as it calls a *function* in pkgs to get
the default value.
2016-01-13 12:04:31 +01:00
Vladimír Čunát b9f6dfe8c5 nixos manuals: allow displaying package references
The manuals are now evaluated with each derivation in `pkgs` (recursively)
replaced by a fake with path "\${pkgs.path.to.the.attribute}".
It isn't perfect, but it seems to cover a vast majority of use cases.
Caveat: even if the package is reached by a different means,
the path above will be shown and not e.g. `${config.services.foo.package}`.

As before, defaults created by `mkDefault` aren't displayed,
but documentation shouldn't (mostly) be a reason to use that anymore.

Note: t wouldn't be enough to just use `lib.mapAttrsRecursive`,
because derivations are also (special) attribute sets.
2016-01-13 12:03:18 +01:00
Nikolay Amiantov b4179c5612 nixos/dspam: add module 2016-01-13 13:08:55 +03:00
Nikolay Amiantov f5efac09aa nixos/opendkim: add module 2016-01-13 13:07:46 +03:00
Nikolay Amiantov c51d08cf27 nixos/postsrsd: add module 2016-01-13 13:04:12 +03:00
Sander van der Burg 23772ef0a2 ejabberd: make config parameter nullable, so that the default bundled config can be used if none is given 2016-01-12 17:12:47 +00:00
Shea Levy dbe94f2ec3 Merge branch 'swap-norestart' of git://github.com/abbradar/nixpkgs 2016-01-12 10:05:52 -05:00
Nikolay Amiantov d3a19f1b8e nixos/postfix: backwards compatibility with /var/postfix 2016-01-12 18:01:27 +03:00
Nikolay Amiantov 1edb62b40a nixos/postfix: add options to compile additional maps and aliases 2016-01-12 18:00:54 +03:00
Nikolay Amiantov 9c502abb1c nixos/postfix: use path instead of direct package mentions 2016-01-12 17:56:54 +03:00
Nikolay Amiantov 902dd35d47 nixos/postfix: move scripts to serviceConfig 2016-01-12 17:54:44 +03:00
Nikolay Amiantov ef3102b27e nixos/postfix: move /var/postfix to /var/lib/postfix, fix access rights 2016-01-12 17:54:41 +03:00
Sander van der Burg b1d6e6a38b Fix running apache tomcat as a daemon 2016-01-12 14:32:22 +00:00
Nikolay Amiantov 9df07753ce swap service: don't restart mkswap.service on switches
Sadly, we can't instruct systemd to properly restart device-name.swap when this service restarts (or I haven't found the way to do so). As of now blindly restarting it would only get you a bunch of errors about device already used -- let's avoid it.
2016-01-12 17:27:21 +03:00
Nikolay Amiantov 54bc19270b nixos/postfix: add users and groups only if needed, fix group name 2016-01-12 16:41:35 +03:00
Nikolay Amiantov 22fb0cb058 nixos/postfix: don't emit alias_maps config option if we don't have aliases set 2016-01-12 16:41:34 +03:00
Nikolay Amiantov 8d4bc5c029 nixos/swap: fix stopping mkswap for encrypted device 2016-01-12 14:54:51 +03:00
Nikolay Amiantov d82c0f9790 nixos/cdemu: use system kernel modules 2016-01-12 14:44:41 +03:00
Domen Kožar 7fe7138968 nixos: fix acme service @abbradar 2016-01-12 11:50:34 +01:00
Domen Kožar 7b0613d51e Revert "nixos/qemu-vm: Disable cache for $NIX_DISK_IMAGE"
This reverts commit 6353f580f9.

Unfortunately cache=none doesn't work with all filesystem options.

Hydra tests error out with: file system may not support O_DIRECT

See http://hydra.nixos.org/build/30323625/
2016-01-11 11:29:16 +01:00
Pascal Wittmann 0d21ba2361 Merge pull request #12283 from abbradar/acme-allowgroup
nixos/acme: add allowKeysForGroup
2016-01-11 07:45:49 +01:00
Pascal Wittmann 009f944b9f Merge pull request #12315 from tlevine/trackpoint-typo
trackpoint: fix typo in trackpoint speed description
2016-01-11 07:44:52 +01:00
Thomas Levine 2d6ebc9189 trackpoint: fix typo in configuration description
I fixed a typo in the description for hardware.trackpoint.speed.
2016-01-11 04:12:04 +00:00
Tobias Geerinckx-Rice 228774aaf5 wis_go7007: remove dead package & module
Broken since 2014, but basically a package from 2008 with no
upstream.
2016-01-11 00:16:01 +01:00
Tobias Geerinckx-Rice 521f903b80 xorgVideoUnichrome: remove dead package
Broken since 2013, upstream very dead.
2016-01-11 00:16:01 +01:00
goibhniu 8b8f864e48 Merge pull request #12103 from rick68/ostinato
Ostinato
2016-01-11 00:09:32 +01:00
Aristid Breitkreuz 01eea878ad Merge pull request #12291 from abbradar/ejabberd
Update ejabberd, new NixOS module for it
2016-01-10 21:15:33 +01:00
Aristid Breitkreuz 9c92faf370 Merge pull request #12133 from dwe11er/new-package/irqbalance
irqbalance: init at 1.1.0
2016-01-10 21:06:50 +01:00
Aristid Breitkreuz bca9ecdd05 Merge pull request #12238 from bfrog/postgresql95
postgresql: 9.4 -> 9.5
2016-01-10 21:01:19 +01:00
Nikolay Amiantov d0510febe1 nixos/ejabberd: update service 2016-01-10 21:28:27 +03:00
Domen Kožar 82af770fa6 correctly fix 313fa2ebc6 2016-01-10 18:24:29 +01:00
Domen Kožar 78be7f5a53 Revert "nixos-rebuild: Add option for building and/or deploying on a remote host"
This reverts commit ca0c460406.

All the installer tests are failing due to this change. cc @rickynils
2016-01-10 17:50:50 +01:00
Domen Kožar 313fa2ebc6 nixos installer tests: use -A nix-env flag to prevent out of memory 2016-01-10 17:48:35 +01:00
Evgeny Egorochkin ada9b3b666 azure-image: azure resource manager doesn't base64-encode custom data, unlike azure service manager 2016-01-10 11:35:44 +02:00
Evgeny Egorochkin 01130e502a systemd: backslashes are no longer allowed in script names 2016-01-10 11:31:38 +02:00
Vladimír Čunát 22184c4cfa release-notes: document $NIX_AUTO_RUN from #12000 2016-01-10 10:15:44 +01:00
Nikolay Amiantov f92cec4c1b nixos/acme: add allowKeysForGroup 2016-01-10 07:28:19 +03:00
Nikolay Amiantov 3891d3e654 nixos/postfix: add types 2016-01-10 06:07:38 +03:00
Arseniy Seroka c03fe79265 Merge pull request #10996 from oxij/nixos-label
nixos: introduce system.nixosLabel support
2016-01-09 20:52:08 +03:00
Jan Malakhovski 119c8f91e7 nixos: introduce system.nixosLabel option and use it where appropriate
Setting nixosVersion to something custom is useful for meaningful GRUB
menus and /nix/store paths, but actuallly changing it rebulids the
whole system path (because of `nixos-version` script and manual
pages). Also, changing it is not a particularly good idea because you
can then be differentitated from other NixOS users by a lot of
programs that read /etc/os-release.

This patch introduces an alternative option that does all you want
from nixosVersion, but rebuilds only the very top system level and
/etc while using your label in the names of system /nix/store paths,
GRUB and other boot loaders' menus, getty greetings and so on.
2016-01-08 22:26:15 +00:00
Thomas Tuegel fdefc0cb2c Merge branch 'kdenetwork-filesharing' 2016-01-08 14:20:46 -06:00
Thomas Tuegel 049357bb30 nixos/kde5: install kio-extras 2016-01-08 14:20:07 -06:00
Thomas Tuegel fa0057be39 nixos/kde5: install kdenetwork-filesharing if Samba enabled 2016-01-08 14:20:05 -06:00
Tom Burdick 2c23a311cd postgresql: (94 -> 95)
Updates postgresql to its latest versions
2016-01-08 10:13:01 -06:00
Marcin Falkiewicz 7636359c89 irqbalance: init at 1.1.0 2016-01-08 12:37:43 +01:00
Nathan Zadoks 8cb22c0a63 consul service: add package option 2016-01-08 01:44:28 +01:00
Shea Levy 4a511911bb Merge branch 'rm-notbit' of git://github.com/jgillich/nixpkgs 2016-01-07 14:34:40 -05:00
Daniel Peebles 57cb5ab17a Merge pull request #12198 from mayflower/remove-upstart-layer
Remove upstart layer
2016-01-07 13:47:39 -05:00
Eelco Dolstra e4b4e9b986 linux: Make Unix domain sockets builtin
This hopefully fixes intermittent initrd failures where udevd cannot
create a Unix domain socket:

  machine# running udev...
  machine# error getting socket: Address family not supported by protocol
  machine# error initializing udev control socket
  machine# error getting socket: Address family not supported by protocol

The "unix" kernel module is supposed to be loaded automatically, and
clearly that works most of the time, but maybe there is a race
somewhere. In any case, no sane person would run a kernel without Unix
domain sockets, so we may as well make it builtin.

http://hydra.nixos.org/build/30001448
2016-01-07 13:20:53 +01:00
Austin Seipp 7a01badef5 nixos: tarsnap - allow keys for individual archives
Two concurrent tarsnap backups cannot be run at the same time with the
same keys - completely separate sets of keys must be generated for each
archive in this case, if you want backups to overlap.

This extends the archives attrset to support a 'keyfile' option, which
defaults to /root/tarsnap.key like the top-level attribute.

With this change, if you generate two keys with tarsnap-keygen(1) and
use each of those separately for each archive, you can backup
concurrently.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2016-01-07 05:54:41 -06:00
Austin Seipp ec70f64ecd nixos: tarsnap - separate archive cachedirs
Tarsnap locks the cachedir during backup, meaning if you specify
multiple backups with a shared cache that might overlap (for example,
one backup may take an hour), secondary backups will fail. This isn't
very nice behavior for the obvious reasons.

This splits the cache dirs for each archive appropriately. Note that
this will require a rebuild of your archive caches (although if you were
only using one archive for your whole system, you can just move the
directory).

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2016-01-07 05:54:36 -06:00
Tanner Doshier ad796f155b nixos: tarsnap - make systemd timer persistent
A machine may not always be active (or online!) when a backup timer
triggers, meaning backups can be missed - now we properly set the
tarsnap timer's Persistent option so systemd will run the command even
when the machine wasn't online at that exact time.

However, we also need to make sure that we can contact the tarsnap
server reliably before we start the backup. So, we attempt to ping the
access endpoint in a loop with a sleep, before continuing.

This fixes #8823.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2016-01-07 05:52:18 -06:00
Peter Simons a68450e509 Merge pull request #12009 from mayflower/tinc-module
tinc module: Ed25519PrivateKeyFile, BindToAddress
2016-01-07 12:48:35 +01:00
Austin Seipp 472a5192fd Revert "nixos: tarsnap - separate archive cachedirs"
This reverts commit 5f0253ace6.

I didn't intend to push this - I meant to push it to *my fork's*
remote...
2016-01-07 04:51:58 -06:00
Austin Seipp 5f0253ace6 nixos: tarsnap - separate archive cachedirs
Tarsnap locks the cachedir during backup, meaning if you specify
multiple backups with a shared cache that might overlap (for example,
one backup may take an hour), secondary backups will fail. This isn't
very nice behavior for the obvious reasons.

This splits the cache dirs for each archive appropriately. Note that
this will require a rebuild of your archive caches (although if you were
only using one archive for your whole system, you can just move the
directory).

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2016-01-07 04:26:57 -06:00
Austin Seipp 4dc7cab40e nixos: btsync - switch to using systemd user services
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2016-01-07 03:33:38 -06:00
Tristan Helmich 1a0d004cc2 tinc module: Ed25519PrivateKeyFile, listenAddress 2016-01-07 09:13:28 +00:00
Robin Gloster 88292fdf09 jobs -> systemd.services 2016-01-07 06:39:06 +00:00
Robin Gloster af50b03f50 fuppes: remove obsolete broken package and service 2016-01-07 06:39:05 +00:00
Austin Seipp d89454bb79 nixos: btsync - add directoryRoot option
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2016-01-07 00:09:20 -06:00
Jakob Gillich 57d6dfe932 notbit: removed dead package
The Bitmessage protocol v3 became mandatory on 16 Nov 2014 and notbit does not support it, nor has there been any activity in the project repository since then.
2016-01-07 04:39:51 +01:00
Dan Peebles 668179f31e tests.ec2-config: fix to not try to talk to the internet (which breaks on Hydra) 2016-01-07 03:25:56 +00:00
Dan Peebles 63bfe20b72 security.audit: add NixOS module
Part of the way towards #11864. We still don't have the auditd
userland logging daemon, but journald also tracks audit logs so we
can already use this.
2016-01-07 03:06:10 +00:00
Robin Gloster 246f0e91cd wpa_supplicant service: Warn about plaintext keys in docs 2016-01-06 03:58:39 +00:00
Robin Gloster 391c330042 wpa_supplicant service: jobs -> systemd.services
Fixes an occurence of `jobs` usage causing tests to fail to evaluate.

thanks @domenkozar
2016-01-06 03:58:39 +00:00
Robin Gloster 609457458e wpa_supplicant module: remove preStart hack
If the config file is managed imperatively we shouldn't touch it.
2016-01-06 03:58:39 +00:00
Robin Gloster d03b35f881 wpa_supplicant module: add networks option 2016-01-06 03:58:39 +00:00
Robin Gloster 3a5f488445 wpa_supplicant module: refactor 2016-01-06 03:58:39 +00:00
Robin Gloster 7d973a56d0 wpa_supplicant module: remove obsolete option
networking.WLANInterface has been obsolete for years
2016-01-06 03:58:39 +00:00