mirrors/nixpkgs
1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-19 12:11:28 +00:00
Code Issues Wiki Activity
214731 commits 288 branches 124 tags 6.2 GiB
Commit graph

16244 commits

Author SHA1 Message Date
rnhmjoj ceb35dac58
nixos/sway: use new package name for rxvt-unicode 2020-02-13 09:36:35 +01:00
rnhmjoj 9290e6e7ba
nixos/urxvtd: use new package name for rxvt-unicode 2020-02-13 09:33:58 +01:00
Ryan Mulligan 5a358eade8
Merge pull request #69125 from jslight90/mattermost-5.15 
mattermost: 5.9.0 -> 5.15.0
 2020-02-12 20:56:00 -08:00
Graham Christensen 2d42fc240c
nixos-enter: redirect to fd2 instead of a file named /dev/stderr 
In some cases, /dev/stderr may not point to a sensible location. For
example, running nixos-enter inside a systemd unit where the unit's
StandardOutput and StandardError are set to be sockets. In these
cases, this line would fail.

Piping to fd2 directly works just as well, even under strange and
twisted executions.

Co-authored-by: Michael Bishop <michael.bishop@iohk.io>
 2020-02-12 21:18:27 -05:00
Will Dietz ac8a92543b
iwd: drop tmpfiles snippet, services use StateDirectory already 
Originally added in [1], and iwd added StateDirectory to its services
in [2] -- 4 days later.

("StateDirectory wasn't used when tmpfile snippet was added to NixOS")
(nevermind git -> release delay)

[1] 6e54e9253a
[2] upstream iwd git rev: 71ae0bee9c6320dae0083ed8c1700bc8fff1defb
 2020-02-12 19:29:28 -06:00
Eelco Dolstra 3182fbdeaa nixos/release.nix: Import './..' instead of nixpkgs 
'nixpkgs' is a result of a call to cleanSource, which is very
expensive and fails in --dry-run mode.
 2020-02-12 22:44:59 +01:00
worldofpeace 2d3163260b
Merge pull request #79830 from ilya-fedin/fix-xdg-current-desktop 
Add DesktopNames parameter to generated desktop session files
 2020-02-12 13:34:48 -05:00
Florian Klink b2c2eaea6d
Merge pull request #79862 from flokli/fix-run-keys 
nixos/filesystems: don't chown /run/keys recursively
 2020-02-12 17:52:23 +01:00
Jörg Thalheim e2ef8b439f
knot: add keyFiles option 
This useful to include tsig keys using nixops without adding those
world-readable to the nix store.
 2020-02-12 16:36:42 +00:00
Jörg Thalheim 88029bce39
knot: drop dynamic user 
This makes it hard to include secret files.
Also using tools like keymgr becomes harder.
 2020-02-12 16:34:10 +00:00
Andreas Rammhold 5a001981db
Merge pull request #79786 from andir/firefox73 
firefox: 72.0.3 -> 73.0
 2020-02-12 11:19:11 +01:00
Ilya Fedin f7768c939a nixos/display-managers: Add DesktopNames parameter to generated desktop session files 
Some display managers (e.g. SDDM) set the XDG_CURRENT_DESKTOP variable accroding to this parameter.
If this variable is not defined, there will be some problems (e.g. MATE doesn't have icons on the desktop).

Fixes https://github.com/NixOS/nixpkgs/issues/71427
 2020-02-12 07:00:39 +04:00
Michele Guerini Rocco 48704fbd4f
Merge pull request #71302 from tokudan/encrypted-swap-entropy-fix 
rngd: Start early during boot and encrypted swap entropy fix
 2020-02-12 01:28:03 +01:00
Florian Klink 4c8bdd1c4f nixos/filesystems: don't chown /run/keys recursively 
3c74e48d9c was a bit too much, it updated
permissions of all files recursively, causing files to be readable by
the group.

This isn't a problem immediately after bootup, but on a new activation,
as tmpfiles.d get restarted then, updating the permission bits of
now-existing files.

This updates the `Z` to be a `z` (the non-recursive variant), and adds a
`d` to ensure a directory is created (which should be covered by the
initrd shell script anyway)
 2020-02-11 21:52:27 +01:00
Maximilian Bosch 93943acbc5
nixos/nixos-container: ensure that the state-dir is cleaned up if a build fails 2020-02-11 14:42:30 +01:00
Andreas Rammhold 7a625e7453
nixos/tests/firefox: support running the test with the firefox ESR version 
Also adds this to the release jobset.
 2020-02-11 08:58:13 +01:00
Michael Weiss 5282bc9a74
nixos/brightnessctl: Remove the module 
Due to the support of the systemd-logind API the udev rules aren't
required anymore which renders this module useless [0].
Note: brightnessctl should now require a working D-Bus setup and a valid
local logind session for this to work.

[0]: https://github.com/NixOS/nixpkgs/pull/79663
 2020-02-10 23:18:20 +01:00
worldofpeace be01f27adc rl-2009: typo 2020-02-10 14:23:00 -05:00
worldofpeace 2ba2b0cf23 20.09 is Nightingale 2020-02-10 14:14:18 -05:00
worldofpeace 09f7e376c2
Merge pull request #79416 from jtojnar/flatpak-1.6 
flatpak: 1.4.2 → 1.6.1
 2020-02-10 12:57:19 -05:00
Jan Tojnar f1aa8416d7 xdg-desktop-portal: 1.4.2 → 1.6.0 
* https://github.com/flatpak/xdg-desktop-portal/releases/tag/1.6.0
* https://github.com/flatpak/xdg-desktop-portal/releases/tag/1.5.4
* https://github.com/flatpak/xdg-desktop-portal/releases/tag/1.5.3
* https://github.com/flatpak/xdg-desktop-portal/releases/tag/1.5.2
* https://github.com/flatpak/xdg-desktop-portal/releases/tag/1.5.1
* https://github.com/flatpak/xdg-desktop-portal/releases/tag/1.5.0
 2020-02-10 12:55:25 -05:00
Jan Tojnar 102fa4aaec malcontent: init at 0.4.0 2020-02-10 12:55:24 -05:00
Jan Tojnar ea06e0055e glib-testing: init at 0.1.0 2020-02-10 12:55:24 -05:00
Michele Guerini Rocco 019b637fb1
Merge pull request #79747 from mmilata/fix-mangled-usernames 
nixos: fix bunch of mangled usernames
 2020-02-10 18:21:31 +01:00
Thomas Tuegel fb098ea543
Merge pull request #79744 from ttuegel/bug--plasma-5.17-ports 
nixos/plasma5: Port initial configurations from Plasma 5.16
 2020-02-10 11:08:23 -06:00
Martin Milata d99808c720 nixos/supybot: fix username 
Broken in 1d61efb7f1.
 2020-02-10 17:56:51 +01:00
Martin Milata 5d3d3eac8b nixos/statsd: fix username 
Broken in 1d61efb7f1.
 2020-02-10 17:56:35 +01:00
Martin Milata 17c72ef75f nixos/heapster: fix username 
Broken in 1d61efb7f1.
 2020-02-10 17:55:46 +01:00
Eelco Dolstra 0e6ceb8758
Merge pull request #68897 from edolstra/master 
Flake support
 2020-02-10 16:44:54 +01:00
Eelco Dolstra fb05afd78d Doh 2020-02-10 16:32:59 +01:00
Eelco Dolstra 8f86624ac9 nixos-rebuild: Remove TODOs 2020-02-10 15:45:27 +01:00
Eelco Dolstra c05cc615f2 nixos.revision: Use null instead of "master" 
"master" is not a valid SHA-1 commit hash, and it's not even
necessarily the branch used. 'nixos-version --revision' now returns an
error if the commit hash is not known.
 2020-02-10 15:45:15 +01:00
Eelco Dolstra b98ea45608 nixos-version --json: Use builtins.toJSON 2020-02-10 15:45:10 +01:00
Eelco Dolstra f9392f04ae nixos-rebuild: Remove --keep-going flag 2020-02-10 15:45:06 +01:00
Eelco Dolstra 4089dbf090 nixos-rebuild: Make 'edit' work with with flakes 2020-02-10 15:45:03 +01:00
Silvan Mosberger e3c5d299dc
Merge pull request #78373 from serokell/yorickvp/buildkites 
nixos/buildkite-agents: support multiple buildkite agents
 2020-02-10 14:39:40 +01:00
Yorick van Pelt e242eccb0b
nixos/buildkite-agents: update release notes 2020-02-10 13:36:30 +01:00
Yorick van Pelt f003810989
nixos/buildkite-agents: support multiple buildkite agents 2020-02-10 13:35:14 +01:00
aszlig 8754986076
nixos: Fix build of manual 
XML error introduced with merge commit 4e0fea3fe2.

This was probably because of wrong conflict resolution, because the
actual change (d8e697b4fc) had the close
tag of the <para/> element, but the merge commit didn't.

Signed-off-by: aszlig <aszlig@nix.build>
 2020-02-10 13:33:52 +01:00
Florian Klink 4e0fea3fe2 Merge pull request #77578 from m1cr0man/master 
Replace simp-le with lego and support DNS-01 challenge
 2020-02-10 11:47:30 +01:00
Kevin Rauscher 05b4fe20a7 mopidy: update to python3 
mopidy: 2.3.1 -> 3.0.1
mopidy-iris: 3.43.0 -> 3.44.0
mopidy-spotify: 3.1.0 -> 4.0.1
pykka: 1.2.0 -> 2.0.1
 2020-02-10 09:53:13 +01:00
worldofpeace 134665d0ee
Merge pull request #79656 from worldofpeace/readd-keymap-to-tested 
release-combined: readd keymap tests
 2020-02-09 21:35:18 -05:00
Matt Layher 065ec9a28c nixos/corerad: update advertisement argument 2020-02-09 18:09:22 -08:00
worldofpeace aa4ba502d6
Merge pull request #79335 from flokli/deprecate-perl-vm-tests 
nixos/testing: add deprecation notice for Perl VM tests
 2020-02-09 21:08:11 -05:00
Silvan Mosberger cb1f1b4260
nixos/sudo: Fix extraRules example rendering 2020-02-10 01:37:07 +01:00
Silvan Mosberger 637bb9fa98
Merge pull request #72060 from lopsided98/sanoid-init 
sanoid: add package, NixOS module and test
 2020-02-10 01:28:41 +01:00
Silvan Mosberger 6169eef798
Merge pull request #78024 from wamserma/minidlna-interval 
minidlna: provide configuration option for announce interval
 2020-02-10 01:25:47 +01:00
Silvan Mosberger b9d7f1fe24 Merge pull request #65397 from mmilata/sympa 
sympa: init at 6.2.52 + NixOS module
 2020-02-10 01:23:45 +01:00
Ben Wolsieffer 7684537e33
nixos/sanoid, nixos/syncoid: init module and test 2020-02-10 01:12:39 +01:00
Florian Klink 0945178b3c nixos/testing: add deprecation notice for Perl VM tests 
Most VM tests have been migrated to use the python test driver
(introduced in #71684), the migration is tracked in #72828 (which also
thankfully uncovered and fixed many currently broken tests)

While increasing the acceptance and adoption of NixOS integration tests
by using a more popular language, there was also nobody willing to do
larger refactors in the currently very convoluted test infrastructure.

We plan to remove the perl infrastructure between the 20.03 and 20.09
release, to be able to do these refactorings.

Some people might be using Perl tests in their internal CI, so print a
warning for 20.03, and give users time to move to the python testing
infrastructure.
 2020-02-09 23:53:59 +01:00
Maximilian Bosch c2f2366f5c Merge pull request #79485 from Ma27/grocy 
grocy: init at 2.6.0
 2020-02-09 23:11:46 +01:00
Maximilian Bosch dd6a291e9f
gcc-snapshot: remove 
Package is marked as broken for >2 years and used a fairly old
snapshot from the gcc7-branch, so I fairly doubt that this is
somewhere used (and is also pretty misleading as you don't expect a
random snapshot from gcc7 at `pkgs.gcc-snapshot`).
 2020-02-09 22:46:29 +01:00
worldofpeace 5507e09618 testing: fix runInMachineWithX 2020-02-09 16:27:01 -05:00
worldofpeace 88f76812f2 testing-python: readd auto displayManager 
we import it for the runInMachineWithX
 2020-02-09 16:23:35 -05:00
worldofpeace fa9af83e96 testing-python: fix runInMachine 
The test script's were unported.
It's unclear whether the preBuild or
postBuild will work as expect, due to
the linting of the test scripts.
 2020-02-09 16:21:52 -05:00
worldofpeace d12524fd51 Merge pull request #78453 from wedens/memtest-efi-grub 
nixos/grub: make memtest work with EFI
 2020-02-09 16:09:58 -05:00
worldofpeace bf49181373 release-combined: readd keymap tests 
These are building just fine for a while now [0].
I restricted them from bulding on aarch64-linux because
there's still issues there.

[0]: https://hydra.nixos.org/job/nixos/trunk-combined/nixos.tests.keymap.dvorak.x86_64-linux/all
 2020-02-09 16:03:00 -05:00
Maximilian Bosch 13f7b75553
nixos/grocy: init module 
Co-authored-by: elseym <elseym@me.com>
 2020-02-09 21:55:27 +01:00
Samuel Dionne-Riel cebb0b49d4 Merge pull request #79368 from sorki/ext4resize 
nixos/lib/make-ext4-fs: fall back to resize2fs -M if exact resize fails
 2020-02-09 14:35:08 -05:00
jrp2014 788d8769f7 nixos/virtualisation.hypervGuest: use elevator=noop 
Microsoft recommends the NOOP I/O scheduler for disk performance in HYPER-V:

https://docs.microsoft.com/en-us/windows-server/virtualization/hyper-v/best-practices-for-running-linux-on-hyper-v

> NOOP is a first-in first-out queue that passes the schedule decision
> to be made by the hypervisor. It is recommended to use NOOP as the
> scheduler when running Linux virtual machine on Hyper-V.
 2020-02-09 19:50:13 +01:00
Lucas Savva 75fa8027eb
nixos/acme: Update release note, remove redundant requires 
Merge remote-tracking branch 'remotes/upstream/master'
 2020-02-09 16:31:07 +00:00
Richard Marko db894cb8ce nixos/lib/make-ext4-fs: fall back to resize2fs -M if exact resize fails 
See also
- https://bugs.launchpad.net/ubuntu/+source/e2fsprogs/+bug/1415077/comments/4
- https://github.com/NixOS/nixpkgs/pull/62262
 2020-02-09 17:18:21 +01:00
Lucas Savva d8e697b4fc
nixos/acme: update release notes for 20.03 2020-02-09 15:59:03 +00:00
Michael Raskin f320a0231c
Merge pull request #67376 from oxij/nixos/zsh-doc 
nixos: zsh: add more helpful documentation into generated files
 2020-02-09 11:58:30 +00:00
Lucas Savva 636eb23157
nixos/acme: Fix b.example.com test 2020-02-09 11:34:17 +00:00
worldofpeace 8396961c9c
Merge pull request #79300 from jtojnar/default-wm-fix 
nixos/services.xserver: Fix legacy options for default wm without dm
 2020-02-08 21:28:14 -05:00
Lucas Savva ac983cff48
nixos/acme: add dns-01 test, fix cert locating bug 2020-02-09 02:09:34 +00:00
Thomas Tuegel d5757a8880
nixos/plasma5: Port initial configurations from Plasma 5.16 2020-02-08 09:25:14 -06:00
worldofpeace 4befcf4c6e Merge pull request #70887 from tokudan/autoUpgrade.allowReboot-rn 
doc: Add documentation for the new option to the Automatic Upgrades section
 2020-02-08 09:56:29 -05:00
Franz Pletz 64ece8cc9c
Merge pull request #79248 from flokli/run-keys-group 
nixos/filesystems: ensure keys gid on /run/keys mountpoint
 2020-02-08 14:52:20 +00:00
Florian Klink dd5f92f20b
Merge pull request #78670 from tfc/port-installer-test 
nixosTests.installer: Port installer and ZFS test to python
 2020-02-08 15:36:28 +01:00
Daniel Frank d14ba1e1ad
security.rngd: start rngd during early boot to reduce entropy starvation due to encrypted swap and remove PrivateTmp to avoid a circular dependency 2020-02-08 12:29:13 +01:00
Daniel Frank 1ac86e14c7
swap: depend on rngd if enabled and randomEncryption is configured to 
avoid entropy starvation during boot
 2020-02-08 12:26:09 +01:00
Daniel Frank 73220589e0
doc: Add documentation for the new option to the Automatic Upgrades section 2020-02-08 11:44:59 +01:00
Spencer Janssen 3b70d0f6d1 nixos/pulseaudio: Enable udev rules 2020-02-07 15:54:35 -06:00
Martin Milata 097ab90850 nixos/sympa: init module 2020-02-07 22:54:27 +01:00
Markus S. Wamser 696979e0bc modules/wireguard: fix typo in documentation 2020-02-07 20:54:35 +01:00
worldofpeace 5e307dc68d Revert "nixos/xfce: use sessionPackages" 
This reverts commit 966e56cdfb.

See https://github.com/NixOS/nixpkgs/pull/78421#issuecomment-582891431.
 2020-02-07 10:16:26 -05:00
Jörg Thalheim 341241b1c8
Merge pull request #78886 from Mic92/restic-fixes 
Restic fixes: pruning, process substitution (take 2)
 2020-02-07 14:14:16 +00:00
Jacek Galowicz 942f0fd7c0 nixosTests.zfs: Add to all-tests.nix 2020-02-07 13:24:16 +01:00
Jacek Galowicz 3bb2941e73 nixosTests.zfs: Refactor 2020-02-07 13:24:16 +01:00
Jacek Galowicz 059845b11d nixosTests.installer: Port to python 2020-02-07 13:24:16 +01:00
Jacek Galowicz 798fcaafa4 nixos/test: Add copy_from_host and copy_from_host_via_shell to python 
test driver
 2020-02-07 13:24:16 +01:00
Bruno Bigras 42adda1ec4
nixos/tests/restic.nix: add test 2020-02-07 10:36:53 +00:00
Matt McHenry 5ad71cfe84
fix pruneCmd to use optionals so multi-element list is preserved 2020-02-07 10:25:33 +00:00
Jan Tojnar 07281f23b6
Merge pull request #79371 from jtojnar/hughsie-pkgs 
fwupd: split daemon again
 2020-02-07 00:35:27 +01:00
risson 301bca0734
nixos/tmux: rename extraTmuxConf to extraConfig (#77423) 2020-02-06 15:29:36 -08:00
Jan Tojnar e5f7dacc93
nixos/fwupd: disable test plugins implicitly 
invalid test was introduced in 297d1598ef
and it is disabled in the shipped daemon.conf.

I forgot to reflect that in the module, which caused the daemon to print the following on start-up:

    FuEngine             invalid has incorrect built version invalid

and the command to warn:

    WARNING: The daemon has loaded 3rd party code and is no longer supported by the upstream developers!

To reduce the change of this happening in the future, I moved the list of default disabled plug-ins to the package expression.

I also set the value of the NixOS module option in the config section of the module instead of the default value used previously,
which will allow users to not care about these plug-ins.
 2020-02-06 22:32:13 +01:00
Florian Klink c4402ea388
Merge pull request #79352 from tfc/port-chromium-test 
nixosTests.chromium: Port to Python
 2020-02-06 18:48:36 +01:00
Silvan Mosberger 5acd168425
Merge pull request #59827 from oxij/nixos/suppress-systemd-units 
nixos/systemd: add an option to suppress system units
 2020-02-06 18:11:01 +01:00
Thomas Tuegel 1a903be2de
Merge pull request #79011 from ttuegel/update--plasma-5.17.5 
Plasma 5.17.5
 2020-02-06 09:59:51 -06:00
Jacek Galowicz 2e7d406b11 nixosTests.chromium: Port to Python 2020-02-06 15:51:38 +01:00
Aaron Andersen f87440fd0f
Merge pull request #79046 from aanderse/http2 
nixos/httpd: add http2 option
 2020-02-06 06:43:13 -05:00
Jacek Galowicz bc7444384f nixosTests.printing: Port to Python 2020-02-06 11:29:23 +01:00
Maximilian Bosch 351b515223
Merge pull request #79292 from symphorien/roundcube-rl 
nixos/roundcube: add release notes for #77532
 2020-02-06 07:09:42 +01:00
Jan Tojnar bd9c5b933c
nixos/services.xserver: Fix legacy options for default wm without dm 
We switched to unified default session option services.xserver.displayManager.defaultSession
and included fallback path for the legacy options. Unfortunately when only
services.xserver.windowManager.default is set and not services.xserver.desktopManager.default,
it got incorrectly converted to the new option.

This should fix that.

Closes: https://github.com/NixOS/nixpkgs/issues/76684
 2020-02-06 02:34:56 +01:00
Eelco Dolstra c08930874a nixos-rebuild: Propagate various flake lock file flags 
And also --refresh and --no-net.
 2020-02-05 23:15:18 +01:00
Eelco Dolstra 2a0cf385d2 nixos-rebuild: Avoid subshell reading hostname 
Co-Authored-By: Jörg Thalheim <Mic92@users.noreply.github.com>
 2020-02-05 23:15:18 +01:00
Eelco Dolstra 2452042c47 nixos-rebuild: Support -L flag 2020-02-05 23:15:18 +01:00
Eelco Dolstra 98e322b929 nixos-rebuild: uri -> url 2020-02-05 23:15:18 +01:00
Eelco Dolstra fb051f0dec nixos-{rebuild,container}: Use flakeref#attrpath syntax 
This makes them consistent with the 'nix' command line.
 2020-02-05 23:15:18 +01:00
Eelco Dolstra cfd468adbb nixos-rebuild: Use /etc/nixos/flake.nix if it exists 2020-02-05 23:15:18 +01:00
Eelco Dolstra 7e9b745174 nixos-version: Add --json flag and show system.configurationRevision 2020-02-05 23:15:18 +01:00
Eelco Dolstra 855fcc324a Add option system.configurationRevision to record revision of top-level flake 2020-02-05 23:15:18 +01:00
Eelco Dolstra 22cc7ab78c nixos-rebuild: Add --flake option 2020-02-05 23:15:18 +01:00
Benjamin Staffin d04bdce3d1
docker-containers: Don't unconditionally prune images (#79253) 
NixOS has `virtualisation.docker.autoPrune.enable` for this
functionality; we should not do it every time a container starts up.

(also, some trivial documentation fixes)
 2020-02-05 16:30:31 -05:00
Danylo Hlynskyi 437e1f69be
bash-my-aws: init at 20200111 (#76793) 
* bash-my-aws: init at 20191231

Create bma-init

* Update
 2020-02-05 22:37:52 +02:00
Frederik Rietdijk 419bc0a4cd Revert "Revert "Merge master into staging-next"" 
In 87a19e9048 I merged staging-next into master using the GitHub gui as intended.
In ac241fb7a5 I merged master into staging-next for the next staging cycle, however, I accidentally pushed it to master.
Thinking this may cause trouble, I reverted it in 0be87c7979. This was however wrong, as it "removed" master.

This reverts commit 0be87c7979.
 2020-02-05 19:41:25 +01:00
Frederik Rietdijk 0be87c7979 Revert "Merge master into staging-next" 
I merged master into staging-next but accidentally pushed it to master.
This should get us back to 87a19e9048.

This reverts commit ac241fb7a5, reversing
changes made to 76a439239e.
 2020-02-05 19:18:35 +01:00
Vladimír Čunát baeed035ea
Merge #78628: knot-resolver: 4.3.0 -> 5.0.1 
The service needed lots of changes. A few smaller changes
are added into the PR, e.g. replacement for PR #72014.
See the commit messages for details.
 2020-02-05 16:57:02 +01:00
Silvan Mosberger 3ab846e34a
Merge pull request #35188 from sorki/overlayfs 
use overlayfs by default for netboot and iso
 2020-02-05 13:46:04 +01:00
Symphorien Gibol 4600fe67c5 nixos/roundcube: add release notes for #77532 2020-02-05 12:00:00 +00:00
Leonhard Markert 42a2668eb0 lorri: unstable-2020-01-09 -> 1.0 2020-02-05 12:12:02 +01:00
Richard Marko 0c20feb231 use overlayfs by default for netboot and iso 2020-02-05 10:35:59 +01:00
Maximilian Bosch 87d4951a82
Merge pull request #78660 from buckley310/dircolors 
nixos/bash: configure $LS_COLORS for interactive shells
 2020-02-05 09:08:41 +01:00
wedens 7b5550a3fc nixos/grub: make memtest work with EFI 
Memtest86+ doesn't support EFI, so unfree Memtest86 is used when EFI
support is enabled (systemd-boot currently also uses Memtest86 when
memtest is enabled).
 2020-02-05 11:12:55 +07:00
Florian Klink 3c74e48d9c nixos/filesystems: ensure keys gid on /run/keys mountpoint 
boot.specialFileSystems is used to describe mount points to be set up in
stage 1 and 2.

We use it to create /run/keys already there, so sshd-in-initrd scenarios
can consume keys sent over through nixops send-keys.

However, it seems the kernel only supports the gid=… option for tmpfs,
not ramfs, causing /run/keys to be owned by the root group, not keys
group.

This was/is worked around in nixops by running a chown root:keys
/run/keys whenever pushing keys [1], and as machines had to have pushed keys
to be usable, this was pretty much always the case.

This is causing regressions in setups not provisioned via nixops, that
still use /run/keys for secrets (through cloud provider startup scripts
for example), as suddenly being an owner of the "keys" group isn't
enough to access the folder.

This PR removes the defunct gid=… option in the mount script called in
stage 1 and 2, and introduces a tmpfiles rule which takes care of fixing
up permissions as part of sysinit.target (very early in systemd bootup,
so before regular services are started).

In case of nixops deployments, this doesn't change anything.
nixops-based deployments receiving secrets from nixops send-keys in
initrd will simply have the permissions already set once tmpfiles is
started.

Fixes #42344

[1]: 884d6c3994/nixops/backends/__init__.py (L267-L269)
 2020-02-05 01:53:26 +01:00
Silvan Mosberger c4e912ac79
Merge pull request #79243 from Infinisil/remove-hostresolvconf 
nixos/resolvconf: Remove useHostResolvConf option
 2020-02-05 00:53:53 +01:00
Silvan Mosberger 97ff64e351
nixos/resolvconf: Remove useHostResolvConf option 
Never had any effect
 2020-02-05 00:28:32 +01:00
Silvan Mosberger b4cc413928
Merge pull request #77594 from Frostman/fix-grub-extrafiles-mirroredboots 
Fix boot.loader.grub.extraFiles when used with mirroredBoots
 2020-02-05 00:22:35 +01:00
Florian Klink eb09e82120
Merge pull request #79162 from misuzu/systemd-sleep-config 
nixos/systemd: add `systemd.sleep.extraConfig` config option
 2020-02-04 23:02:53 +01:00
Maximilian Bosch f28acbdd33
Merge pull request #79221 from Ma27/bump-oracle-sqldeveloper 
sqldeveloper: {17.4.1.054.0712,18.2.0.183.1748} -> 19.4.0.354.1759
 2020-02-04 22:25:44 +01:00
Jörg Thalheim 6cfc7e9bd2
Merge pull request #78448 from snicket2100/irqbalance-systemd 
irqbalance: systemd service config aligned with upstream
 2020-02-04 14:21:04 +00:00
Jörg Thalheim c24a2d3e32
nixos/irqbalance: re-add multi-user.target 
otherwise the service is never started by us.
 2020-02-04 14:20:12 +00:00
Maximilian Bosch 294f667121
sqldeveloper: {17.4.1.054.0712,18.2.0.183.1748} -> 19.4.0.354.1759 
There are no new releases of sqldeveloper v17/v18 and I don't think that
we should keep obviously unmaintained software that interacts with
database systems.

I removed `sqldeveloper_18` and `pkgs.sqldeveloper` now points to
version 19.4. Unfortunately I had to drop darwin support as JavaFX is
required for 19.4 which is part of the `oraclejdk` which isn't packaged
for darwin yet.

For further information please refer to the release notes:

https://www.oracle.com/technetwork/developer-tools/sql-developer/downloads/sqldev-relnotes-194-5908846.html
 2020-02-04 13:51:52 +01:00
Sergey Lukjanov 7144b9ac54 Fix boot.loader.grub.extraFiles when used with mirroredBoots 
Substitute @bootPath@ in boot.loader.grub.extraPrepareConfig script
same way as it's done for boot.loader.grub.extraEntries option.
 2020-02-03 15:37:00 -08:00
Lucas Savva 2181313c54
nixos/acme: simplify email resolve logic 2020-02-03 21:37:22 +00:00
Florian Klink d4a951f31d
Merge pull request #78960 from aanderse/nslcd 
nixos/ldap: remove redundant configuration options
 2020-02-03 19:42:47 +01:00
Evan Stoll e341719193 openrazer: 2.6.0 -> 2.7.0 
openrazer: remove superfluous period from hardware.openrazer.enable
 2020-02-03 10:00:35 -08:00
Florian Klink 136c0e4249
Merge pull request #79141 from thefloweringash/openstack-tests 
nixos/tests/openstack-image: add stdenv to image for nixos-rebuild
 2020-02-03 18:17:02 +01:00
Andrew Childs 6e40a8e484 nixosTests.openstack-image-userdata: re-enable 2020-02-04 02:07:57 +09:00
misuzu f93a9074e4 nixos/systemd: add systemd.sleep.extraConfig config option 2020-02-03 18:33:15 +02:00
Marek Mahut 2abe12a39a manual.release-notes: qesteidutil is deprecated 2020-02-03 11:22:19 +01:00
worldofpeace 74e4cb7ea4
Merge pull request #78543 from Atemu/dnscrypt-proxy2-service 
nixos/dnscrypt-proxy2: init
 2020-02-02 23:02:06 -05:00
worldofpeace 4c3166b006 nixosTests.dnscrypt-proxy2: init 
This removes the old dnscrypt-proxy test.
 2020-02-02 21:51:19 -05:00
Andrew Childs e0a734ef6b nixos/tests/openstack-image: add stdenv to image for nixos-rebuild 
Fixes #79100
 2020-02-03 10:44:53 +09:00
Florian Klink 7870644286
Merge pull request #79064 from worldofpeace/port-misc 
nixosTests.misc: port to python
 2020-02-03 00:13:50 +01:00
Maximilian Bosch 5c2a7d0f07
Merge pull request #79015 from mayflower/pkg/prometheus-xmpp-alerts 
prometheus-xmpp-alerts: init at 0.4.2
 2020-02-02 18:46:53 +01:00
Maximilian Bosch c2d2c2d0ca
Merge pull request #72931 from Ma27/restart-dhcp-on-exit-hook-change 
nixos/dhcpcd: restart dhcpcd if exit hook changed
 2020-02-02 18:33:34 +01:00
snicket2100 04bfeeac79 irqbalance: using systemd service definition from the package itself 2020-02-02 18:09:45 +01:00
worldofpeace 915060d03f rl-2003: dnscrypt-proxy2 2020-02-02 11:11:27 -05:00
Yegor Timoshenko 92d689d66b nixos/dnscrypt-proxy2: init 
This removes the original dnscrypt-proxy module as well.

Co-authored-by: Atemu <atemu.main@gmail.com>
Co-authored-by: Silvan Mosberger <contact@infinisil.com>
Co-authored-by: ryneeverett <ryneeverett@gmail.com>
Co-authored-by: worldofpeace <worldofpeace@protonmail.ch>
 2020-02-02 11:11:27 -05:00
Eelco Dolstra 26aba55951
Revert "add config.environment.ld-linux" 
This reverts commit af665d822a, see
https://github.com/NixOS/nixpkgs/pull/78798#issuecomment-580059834 for
the reasons in a similar PR.
 2020-02-02 15:29:49 +01:00
Eelco Dolstra 5495cb91eb
Revert "rmdir: avoid failing when directory did not exist" 
This reverts commit 45db499d2d.
 2020-02-02 15:29:40 +01:00
Vladimír Čunát 1af60850c5
nixosTests.misc: fix blkio sub-test with newer kernels 
The blkio.sectors file is no longer provided; by quick search:
https://issues.apache.org/jira/browse/MESOS-9848
so hopefully it's sufficient to test existence of this other file:
https://www.kernel.org/doc/html/v5.4/admin-guide/cgroup-v1/blkio-controller.html#common-files-among-various-policies

Originally this sub-test was added in 58e40f84.
 2020-02-02 13:20:03 +01:00
Maximilian Bosch 0c960262d1
oraclejdk8: document removals in the release notes 2020-02-02 12:11:50 +01:00
Jacek Galowicz 5ae9820ea4 nixosTests.keymap: Port to python 2020-02-02 10:46:54 +01:00
Jacek Galowicz 8f6f418e42 nixosTests.ihatemoney: Port to python 2020-02-02 10:43:38 +01:00
Jacek Galowicz afc3d25824 nixosTests.buildbot: Port to python 2020-02-02 10:43:38 +01:00
Maximilian Bosch 0f10495eb9
Merge pull request #74624 from Ma27/networkd-units-internal 
nixos/networkd: mark `units` option as internal
 2020-02-02 07:59:57 +01:00