1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-30 01:20:40 +00:00
Commit graph

2774 commits

Author SHA1 Message Date
Jan Malakhovski 5c6d86540b nixos: use types.enum instead of ad-hoc check in sshd service 2015-03-26 12:43:42 +00:00
Jan Malakhovski dc4fa2da8a nixos: udev: build rules locally 2015-03-26 12:43:42 +00:00
Rob Vermaas cbb14299c9 GCE image: Remove some unnecessary lib prefixes. 2015-03-26 09:15:09 +00:00
Rob Vermaas 80202fbd25 GCE image: Add some recommended sysctl settings. Disable OS level firewall by default for GCE images (GCE provides external firewall). Disable passwordAuthentication. Related to issue #6991. 2015-03-26 09:09:40 +00:00
William A. Kennington III 9d9a393a4b Merge pull request #6919 from ehmry/cjdns
cjdns: update pkg and fix nixos test
2015-03-25 22:16:23 -07:00
William A. Kennington III 8b3c7af358 Merge pull request #6981 from layus/systemd-escape-colon
nixos/systemd: Also escape ':' characters
2015-03-25 15:33:21 -07:00
William A. Kennington III 86666893f0 nixos/microcode-amd: Update to early initrd loader 2015-03-25 14:44:36 -07:00
William A. Kennington III b4fedf5315 nixos/intel-microcode: Support early initrd ucode loading 2015-03-25 14:14:46 -07:00
William A. Kennington III f2655e4fa0 makeInitrd: Support prepending other initrds 2015-03-25 14:14:46 -07:00
Guillaume Maudoux 6ca7fb8f73 nixos/systemd: Also escape ':' characters 2015-03-25 22:11:35 +01:00
Jascha Geerds 164dbfff80 nixos/tests/printing: Fix CUPS service name (#6767) 2015-03-25 13:26:37 +01:00
Bob van der Linden 58112832a7 nixos: iso-image: use label "EFIBOOT" for efi.img 2015-03-24 22:15:32 +01:00
Bob van der Linden f0fd1c9bcf nixos: iso-image: use memtest86 params in syslinux
See also #6593.
2015-03-24 22:15:11 +01:00
Bob van der Linden c57a912016 nixos: test: add tests for booting installation iso in various ways 2015-03-24 22:09:07 +01:00
Bob van der Linden 9ff9949896 nixos: iso-image: removed com32 entries from syslinux menu
These entries result in incorrect entries when UNetbootin writes
the image to an USB disk.
2015-03-24 22:09:06 +01:00
Bob van der Linden af68f24003 nixos: iso-image: solve UNetbootin compatiblity
There are a number of hidden restrictions on the syslinux
configuration file that come into play when UNetbootin
compatiblity is desired. With this commit these are documented.
2015-03-24 22:08:52 +01:00
Bob van der Linden a12ddc1964 nixos: iso-image: use generic boot-loader timeout
Syslinux uses different values than grub for timeout.
It uses 1/10 seconds as its unit and it uses 0 to disable timeouts.

In response to PR #5772.
2015-03-24 22:03:30 +01:00
Bob van der Linden 16a936be90 nixos: iso-image: filename escaping in xorriso 2015-03-24 22:01:51 +01:00
Bob van der Linden 8d092270d2 nixos: iso-image: use syslinux bootloader for USB booting support
This changes the bootloader for iso generation from Grub to
syslinux. In addition this adds USB booting support, so that
"dd" can be used to burn the generated ISO to USB thumbdrives
instead of needing applications like UnetBootin.
2015-03-24 22:01:04 +01:00
Arseniy Seroka ff22e19fc4 Merge pull request #6893 from hrdinka/nsd-config-options
nsd: Fix automatic config options
2015-03-23 13:19:29 +03:00
Jaka Hudoklin 491c8f82b2 Merge pull request #6917 from offlinehacker/rippled/module/awesome
rippled: expose more options, make compatible with new rippled version
2015-03-22 23:13:48 +01:00
Jaka Hudoklin ad10db7617 Merge pull request #6882 from offlinehacker/nixos/fluentd
Add fluentd package and module
2015-03-21 22:37:48 +01:00
Jaka Hudoklin 916aab2927 Merge pull request #6875 from offlinehacker/nixos/cadvisor/fix
nixos/cadvisor: fixes
2015-03-21 22:36:11 +01:00
William Casarin ea2baa8abf spectrwm window manager 2015-03-21 11:02:44 -07:00
Emery Hemingway ba2074fc31 nixos/tests/cjdns: do not build cjdns at evaluation
Putting hostnames in the cjdns configuration requires a utility
be present to convert public keys to ip addresses
2015-03-21 10:17:48 -04:00
Jaka Hudoklin 4947bacd52 rippled: expose more options, make compatible with new rippled version 2015-03-21 12:52:06 +01:00
Edward Tjörnhammar 664592561d nixos: added aiccu service 2015-03-20 22:01:35 +01:00
Austin Seipp 3ff22a924f Merge pull request #6871 from joachifm/apparmor-fixups
Apparmor fixups
2015-03-20 15:36:42 -05:00
aszlig ea2fd84ecd
nixos/mpd: Fix creation of "mpd" group.
The group is specified using a singleton list, so the loaOf merging is
done by iterating through the list items with imap, so it enumerates
every element and sets that as the default "name" attribute.

From lib/types:143:

name = elem.name or "unnamed-${toString defIdx}.${toString elemIdx}";

So, people get groups like "unnamed-X.Y" instead of "mpd".

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Reported-by: devhell <"^"@regexmail.net>
Tested-by: devhell <"^"@regexmail.net>
2015-03-20 20:58:13 +01:00
Eelco Dolstra 0461f35894 Rename scrubDrv -> hydraJob and make it more effective
It now strictly evaluates all remaining attributes, preventing
unevaluated thunks that cannot be garbage-collected. It's also applied
to all jobs in Nixpkgs' release.nix.

This reduces hydra-eval-jobs' memory consumption on the 14.12
release-combined jobset from 5.1 GB to 2.0 GB.
2015-03-20 19:46:18 +01:00
Jaka Hudoklin 89f41b90fa Merge pull request #6874 from offlinehacker/pkgs/kubernetes/update
kubernetes: update to 0.12.1, fix module
2015-03-20 11:22:48 +01:00
Ricardo M. Correia 4d2317e6eb nixos/zfs: Don't default to git version for kernels >= 3.19
Stable version 0.6.3-1.3 works with kernels 3.19.x.
2015-03-19 19:37:33 +01:00
Arseniy Seroka 9cfdeba324 Merge pull request #6611 from jagajaga/slurm
Slurm module
2015-03-19 21:06:49 +03:00
Christoph Hrdinka d3a2edb8ce nsd: Fix automatic config options 2015-03-19 12:10:55 +01:00
Jaka Hudoklin 1b99f0aeb6 Merge pull request #6873 from offlinehacker/pkgs/panamax/update
panamax: update, fix module
2015-03-19 09:18:48 +01:00
Arseniy Seroka 15f7afa6b4 Merge pull request #6885 from hrdinka/update-nsd
nsd: Update from 4.1.0 -> 4.1.1
2015-03-19 03:15:35 +03:00
Jaka Hudoklin fca0aa7077 Add fluentd package and module 2015-03-18 21:18:47 +01:00
Rickard Nilsson bdbdaee3c0 scollector module: Add extraOpts option 2015-03-18 21:16:31 +01:00
Christoph Hrdinka 6db8155e37 nsd: Update from 4.1.0 -> 4.1.1 2015-03-18 21:01:35 +01:00
Luca Bruno b94b08488f nixos/pulseaudio: don't put 32bit libs in systemPackages
Fixes the useless collisions in the system path.
The 64bit and 32bit variants have the same files, hence
it's pointless to put the 32bit pulseaudio in systemPackages.
2015-03-18 14:10:02 +00:00
Luca Bruno cb45b7ec3e Revert "nixos: Multiple service instances, apply to nginx. See #6784"
This reverts commit 7ef59c4fe2.

Wrong push! Sorry!
2015-03-18 14:09:24 +00:00
Luca Bruno 7ef59c4fe2 nixos: Multiple service instances, apply to nginx. See #6784 2015-03-18 14:07:29 +00:00
Jaka Hudoklin 2482b75eae kubernetes: update to 0.12.1, fix module 2015-03-18 14:37:03 +01:00
Jaka Hudoklin 079520ced5 panamax: update, fix module 2015-03-18 14:35:24 +01:00
Jaka Hudoklin 536694bcd4 nixos/cadvisor: fixes
- run as non root user, because of docker
- run docker by default
2015-03-18 14:31:08 +01:00
Joachim Fasting 532337d673 Cleanup AppArmor module
Remove excessive whitespace & comment sections
2015-03-18 12:07:43 +01:00
Eelco Dolstra 224d0d5302 Set stricter permissions on /nix/store
The nixbld group doesn't need read permission, it only needs write and
execute permission.

(cherry picked from commit 066758758e)
2015-03-18 10:58:08 +01:00
lethalman cdbeb7143c Merge pull request #6832 from k0ral/icecast
Added icecast module
2015-03-17 16:43:02 +01:00
koral 54857abfc9 Added icecast module. 2015-03-17 14:21:57 +00:00
lethalman c91ccb4b9c Merge pull request #6842 from philandstuff/hash-owncloud-admin-password
owncloud: don't store plaintext adminPassword in nix store
2015-03-17 12:59:58 +01:00
lethalman 70b059fb59 Merge pull request #5936 from j-keck/nixos-container-usage
nixos-container: add missing 'nixos-container update' in usage
2015-03-17 12:43:29 +01:00
lethalman 359bc60ec8 Merge pull request #6448 from eduarrrd/ddclient
ddclient module: fix module
2015-03-17 12:38:12 +01:00
Philip Potter 7ad6dac43b owncloud: don't store plaintext adminPassword in nix store
Rather than using openssl to hash the password at build time, and hence
leaving the plaintext password world-readable in the nix store, we can
instead hash the password in the nix expression itself using
builtins.hashString.
2015-03-16 22:42:22 +00:00
Peter Simons 56bb114905 Merge pull request #6722 from joachifm/fix-id-mismatches
Fix id mismatches
2015-03-16 18:46:38 +01:00
Joachim Fasting 3518b761ba TCSD: use tss user/group instead of nginx
For some reason TCSD is configured to use the nginx uid/gid.
Use the newly created tss uid/gid instead.
2015-03-16 09:58:16 +01:00
Joachim Fasting e9cd877921 nixos: resolve uid/gid conflicts
This patch resolves all uid/gid conflicts except for nobody/nogroup (seems
to make sense that these are the same).
All conflicts where determined mechanically, but resolutions were manual.
This patch also marks uids/gids with no corresponding group/user as "unused"
(aka. reserved).

Briefly,

- tss group conflicts with dhcpcd
  The tss group id conflicts with dhcpcd: assign
  a new number and add a corresponding tss user.
- elasticsearch uid conflicts with haproxy gid
- resolve firebird/munin conflict
- fix fourstorehttp{,d} typo
- fix ghostOne typo: the service module refers to gids.ghostone, so use that
  in ids
- memcached uid conflicts with users gid
- nagios uid conflicts with disks gid
- nscd uid conflicts with wheel gid
- ntp uid conflicts with tty gid
- resolve postfix/postdrop id uid
- redis uid conflicts with keys gid
- sshd uid conflicts with kmem gid
- tcryptd uid conflicts with openldap gid
- unifi uid conflicts with docker gid
- uptimed uid conflicts with utmp gid
- zope2 uid conflicts with connman gid
- tomcat uid/gid mismatch
2015-03-16 09:58:13 +01:00
Austin Seipp ef95600372 Merge pull request #6771 from joachifm/apparmor-2.9
Apparmor 2.9
2015-03-15 14:16:24 -05:00
Nicolas B. Pierron 05e8a48fb4 Document and rename internal option of modules. 2015-03-15 14:45:42 +01:00
Ricardo M. Correia 7c8247a8c5 grsecurity: Update stable and test patches
stable: 3.1-3.14.35-201503071140 -> 3.1-3.14.35-201503092203
test:   3.1-3.18.9-201503071142  -> 3.1-3.19.1-201503122205
2015-03-15 03:49:58 +01:00
William A. Kennington III c200c1e0a1 Merge pull request #6813 from globin/fix/elantech-trackpoint-scrolling
Add Elanthec PS/2 Trackpoint (Thinkpad L430)
2015-03-14 17:01:13 -07:00
Robin Gloster a8a350e679 Add Elanthec PS/2 Trackpoint (Thinkpad L430) 2015-03-15 00:09:04 +01:00
koral 9c4cbaa553 Fix mpd configuration (enclosing quotes needed). 2015-03-14 12:15:34 +00:00
Joachim Schiele d74ea7d34f zef hemels' wordpress.nix adapted to extraSubservices 2015-03-13 14:19:48 +01:00
lethalman f72d1abb79 Merge pull request #5846 from arno01/nginx
nginx service improvements
2015-03-13 11:41:27 +01:00
Nicolas B. Pierron 9f2865515d Fix infinite loop in fontconfig-ultimate.nix
With the new evaluation of arguments, pkgs is now defined by the
configuration, which implies that option declaration with pkgs.lib
will cause an infinite loop.
2015-03-12 23:42:58 +01:00
Shea Levy 3177d37652 Fix import using module args 2015-03-12 23:42:57 +01:00
Shea Levy f69ce50529 Move most extra args out of eval-config.nix 2015-03-12 23:42:57 +01:00
Shea Levy 0a0a29fd0b Add comments about the module system interface
Ideally the module system could be configured pretty much completely by
the contents of the modules themselves, so add comments about avoiding
complicating it further and possibly removing now-redundant
configurability from the existing interface.
2015-03-12 23:42:57 +01:00
Shea Levy e3eff53037 evalModules: Add internal option for the check argument 2015-03-12 23:42:57 +01:00
Shea Levy e4a06f35b1 nixos: Don't evaluate twice to get the value of config.nixpkgs 2015-03-12 23:42:57 +01:00
Shea Levy 1d62ad4746 modules.nix: Generate the extra argument set from the configuration
This allows for module arguments to be handled modularly, in particular
allowing the nixpkgs module to handle the nixpkgs import internally.
This creates the __internal option namespace, which should only be added
to by the module system itself.
2015-03-12 23:42:57 +01:00
Vladimír Čunát 208d1f24db xfce: more update fallout
- forgotten mousepad update, including some wrapping magic
- dealing with panel plugins (either fix or mark as broken)
	CC maintainer @AndersonTorres.
- remove some libxfcegui4 occurrences, as it's being phased out
- minor stuff
2015-03-12 23:02:15 +01:00
lethalman 14ed261fc7 Merge pull request #6765 from gebner/ibus-plugins
Add ibus-qt and ibus-anthy.
2015-03-12 14:35:23 +01:00
Joachim Fasting 7a9a24a95e Update AppArmor service module
- Use AppArmor 2.9
- Enable PAM support
2015-03-12 11:49:05 +01:00
Kirill Elagin 356810b178 cupsd: rename cupsd.service to cups.service 2015-03-12 09:00:56 +03:00
Gabriel Ebner d23ed364b5 Add ibus-qt. 2015-03-11 21:54:04 +01:00
Gabriel Ebner 59da79c733 ibus: Enable XIM support.
This allows firefox to use ibus.
2015-03-11 21:54:04 +01:00
Gabriel Ebner f222abea44 Add programs.ibus config option to enable ibus and plugins. 2015-03-11 21:53:34 +01:00
Thomas Tuegel 61cf7e1265 Merge branch 'kde5' 2015-03-11 11:49:45 -05:00
Thomas Tuegel f370af91ad kde5: use ksshaskpass for SSH_ASKPASS 2015-03-11 11:49:29 -05:00
Thomas Tuegel 4b10907152 ssh: make askPassword an option
By making askPassword an option, desktop environment modules can
override the default x11_ssh_askpassword with their own equivalent for
better integration. For example, KDE 5 uses plasma5.ksshaskpass instead.
2015-03-11 11:49:29 -05:00
Thomas Tuegel 5b5b7aa951 kde5: add kde-workspace and kde-runtime to systemPackages 2015-03-11 11:49:28 -05:00
Luca Bruno fe6b0b15e6 nixos-install: support -j, --cores and --option. Closes #6755 2015-03-11 16:47:44 +00:00
lethalman fe79bf34a5 Merge pull request #6512 from bjornfor/nixos-haproxy-cleanup
nixos/haproxy: remove broken default 'config'
2015-03-11 16:29:06 +01:00
Eelco Dolstra 8a9e427174 Manual tweak 2015-03-11 15:34:57 +01:00
lethalman c8ac069772 Merge pull request #6724 from anderspapitto/local
Add x11 service for unclutter
2015-03-11 15:32:40 +01:00
Arseniy Seroka ef37154c82 Merge pull request #6739 from joachifm/refactor-tarsnap-service
nixos: refactor tarsnap backup service module
2015-03-11 11:22:32 +03:00
Arseniy Seroka 1c58c3a772 Merge pull request #6345 from puffnfresh/feature/mtrack-options
Add more options to multitouch (mtrack) module
2015-03-11 11:10:51 +03:00
William A. Kennington III 26020cfe8a nixos/lightdm: Add a background option 2015-03-10 15:57:46 -07:00
William A. Kennington III e519414e1f nixos/lightdm: Fix data directory 2015-03-10 14:55:54 -07:00
William A. Kennington III 3a67a51689 nixos/lightdm: Small cleanup 2015-03-10 14:35:49 -07:00
William A. Kennington III ffed8a85bc nixos/sddm: Hide users which don't have login shells 2015-03-10 14:32:53 -07:00
William A. Kennington III 5893d2ecd3 nixos/lightdm: More Cleanups 2015-03-10 14:23:43 -07:00
William A. Kennington III 7b6e2e1c68 lightdm: Fix rendering 2015-03-10 14:03:18 -07:00
Luca Bruno 6fdd92742c Document container@ systemd service 2015-03-10 16:23:00 +01:00
lethalman 27f3f254d3 Merge pull request #6540 from k0ral/transmission
Simplify (and fix) settings for transmission module
2015-03-10 13:26:03 +01:00
lethalman 70527b87a1 Merge pull request #6440 from k0ral/fcgiwrap
Updated fcgiwrap's systemd unit to match upstream version.
2015-03-10 13:18:46 +01:00
Joachim Fasting 1bdd12ed69 nixos: refactor tarsnap backup service module
Major changes
- Port to systemd timers: for each archive configuration is created a
  tarsnap@archive-name.timer which triggers the instanced service unit
- Rename the `config` option to `archives`

Minor/superficial improvements
- Restrict tarsnap service capabilities
- Use dirOf builtin
- Set executable bit for owner of tarsnap cache directory
- Set IOSchedulingClass to idle
- Humanize numbers when printing stats
- Rewrite most option descriptions
- Simplify assertion
2015-03-10 12:35:58 +01:00
William A. Kennington III 4940e643cc nixos/display-manager: Support configurable hidden users 2015-03-09 18:10:31 -07:00
William A. Kennington III 66bfdf6eb0 nixos/lightdm: We now use a global lightdm.conf 2015-03-09 17:59:21 -07:00
Eelco Dolstra 475df1a350 switch-to-configuration: Don't print already active target units
Since we restart all active target units (of which there are many),
it's hard to see the units that actually matter. So don't print that
we're starting target units that are already active.
2015-03-09 16:51:06 +01:00
Eelco Dolstra a574065a81 nixos-rebuild: Add ‘dry-activate’ command
‘nixos-rebuild dry-activate’ builds the new configuration and then
prints what systemd services would be stopped, restarted etc. if the
configuration were actually activated. This could be extended later to
show other activation actions (like uids being deleted).

To prevent confusion, ‘nixos-rebuild dry-run’ has been renamed to
‘nixos-rebuild dry-build’.
2015-03-09 16:50:59 +01:00
Eelco Dolstra 8cb3e3b864 httpd: Disable insecure protocols/ciphers by default
This makes us resistant to FREAK and similar attacks.
2015-03-09 14:18:12 +01:00
Eelco Dolstra d31202fba2 sshd: Enable seccomp sandboxing 2015-03-09 11:27:19 +01:00
lethalman 9867f4bdef Merge pull request #6720 from nslqqq/nmhooks
New NetworkManager Dispatcher scripts options
2015-03-09 10:36:10 +01:00
Anders Papitto 887a547ac9 Add x11 service for unclutter
modeled after the redshift service
2015-03-08 20:12:18 -07:00
William A. Kennington III 5b059416b8 Merge pull request #6699 from hakuch/fix_samba
Samba: Fixed "syncPasswordsByPam".
2015-03-08 16:09:29 -07:00
obadz e5d4624420 PAM/eCryptfs now able to mount ecryptfs'd home directories on login 2015-03-08 16:03:51 -07:00
Nikita Mikhailov 579159c72b Add dispatcher configuration options to NetworkManager module 2015-03-08 20:24:53 +01:00
Unai Zalakain 581a90bad8 Optional user and group to run the MPD 2015-03-08 10:18:40 +00:00
Jesse Haber-Kucharsky 5a1950d985 Samba: Fixed "syncPasswordsByPam". 2015-03-07 17:56:46 +00:00
Vladimír Čunát dfaded0b8e nixos docs: fix typo 2015-03-07 14:44:13 +01:00
Nikolay Amiantov b802018482 stage-1: fix hibernation (close #6675)
Fixes #6617.
2015-03-07 13:00:08 +01:00
Arseniy Seroka 30e6f1b4ea slurm: impl basic configuration 2015-03-07 00:26:57 +03:00
Arseniy Seroka 0b1cc3cd51 slurm: impl simple service 2015-03-07 00:26:57 +03:00
Arseniy Seroka 69e59e9962 munge: add service 2015-03-07 00:26:52 +03:00
Eelco Dolstra 3b9b620656 Revert "linux: disable UEVENT_HELPER*"
This reverts commit 9f87f3ccb0 because
it causes /proc/sys/kernel/hotplug to not be cleared on Linux <= 3.14.
2015-03-06 15:59:06 +01:00
Nikolay Amiantov 4fde098eec Merge pull request #6677 from abbradar/sddm
Add SDDM display manager
2015-03-05 21:03:43 +03:00
Nikolay Amiantov 4f317767da lightdm: don't leave a shell running 2015-03-05 20:49:45 +03:00
Nikolay Amiantov 264c6892f2 nixos/uim: capitalize description 2015-03-05 20:49:45 +03:00
Nikolay Amiantov db5b08cfaf nixos/sddm: add display manager 2015-03-05 20:49:26 +03:00
Eelco Dolstra 9bb586943a Deal with virtualisation.xen.stored in a more standard way 2015-03-05 12:46:50 +01:00
aszlig 19a7494600
nixos: Add VM test for i3 window manager.
Currently just makes sure that by default it's possible to open a
terminal.

And exactly this should be the main point that might confuse users of i3
in NixOS, because i3 doesn't print a warning/error if it is unable to
start the terminal emulator.

Thanks to @waaaaargh for reporting this issue.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-03-05 05:21:36 +01:00
Luca Bruno b93e8bab3a nixos/xen: do not use derivation in the default values
The xen package is broken on i686, so this would break the generation
of the nixos manual.
2015-03-04 12:05:58 +01:00
Eelco Dolstra 1002fb6433 Add "input" group
This is required by systemd >= 215.
2015-03-03 20:27:09 +01:00
Eelco Dolstra 8546ec7c74 Fix some uid/gid clashes 2015-03-03 20:26:36 +01:00
Eelco Dolstra a4e0278fcd Create /dev/nvidia-uvm for CUDA support 2015-03-03 20:24:14 +01:00
Arseniy Seroka 7ce77b5752 slurm: add pkg 2015-03-02 22:10:58 +03:00
lethalman c97d7819ab Merge pull request #6624 from joachifm/grsec-lock
nixos: grsec-lock service fixes
2015-03-02 18:49:39 +01:00
Joachim Fasting 18320d3b21 nixos: fix grsec-lock requires 2015-03-02 18:39:04 +01:00
Joachim Fasting ccd6f5a313 nixos: make the grsec-lock unit depend on the path it writes to
The grsec-lock unit fails unless /proc/sys/kernel/grsecurity/grsec_lock
exists and so prevents switching into a new configuration after enabling
grsecurity.sysctl.
2015-03-02 18:39:01 +01:00
lethalman 373c4ce0ec Merge pull request #6605 from AndersonTorres/afterstep
Adding Afterstep to nixos window manager modules
2015-03-02 18:00:28 +01:00
Tobias Geerinckx-Rice 9f87f3ccb0 linux: disable UEVENT_HELPER*
Deprecated since 2006: http://lwn.net/Articles/166954/
2015-03-01 03:31:59 +01:00
Eelco Dolstra 307064ceb5 Don't use machinectl to shut down containers
If the host is shutting down, machinectl may fail because it's
bus-activated and D-Bus will be shutting down. So just send a signal
to the leader process directly.

Fixes #6212.
2015-02-28 19:23:00 +01:00
AndersonTorres 929485b645 Adding Afterstep to nixos modules 2015-02-28 11:14:33 -03:00
AndersonTorres 5472af91f2 Fluxbox: update to 1.3.7 2015-02-28 11:04:20 -03:00
Jaka Hudoklin 6dc0938a3e Merge pull request #6591 from lseppala/master
Fix rebooting containers where resolv.conf is a symlink
2015-02-28 12:19:01 +01:00
Joachim Fasting 0473b4ae8d nixos: citerefentry markup in lxc option descriptions 2015-02-28 09:21:48 +01:00
Joachim Fasting d375550ead nixos: add a few missing type specifiers under boot.* 2015-02-28 09:19:23 +01:00
Eelco Dolstra 568df3f4a9 Disable the cjdns test
The cjdns module uses "import from derivation", which is a bad thing
(it causes building at evaluation time).
2015-02-27 20:55:44 +01:00
Lane Seppala 4106a3b74e Fix rebooting containers where resolv.conf is a symlink 2015-02-27 10:27:18 -07:00
Eelco Dolstra 22d2fc3657 Fix "systemctl reload container@"
Fixes #5179.
2015-02-27 14:32:54 +01:00
Rob Vermaas 24e0565407 Only start fetch-keys for GCE image after ip-up. 2015-02-27 10:48:15 +00:00
koral c1cefa1a58 Simplify (and fix) settings for transmission module. 2015-02-26 22:21:27 +00:00
Rob Vermaas e4928b8955 GCE image: Pass header to metadata service calls. 2015-02-26 19:20:43 +00:00
Sander van der Burg 7b27af61fb Add NixOS global binaries to the PATH 2015-02-26 17:29:49 +00:00
Eelco Dolstra 6177710ac7 Merge pull request #6046 from ts468/xen
Update: Xen 4.5 + NixOS Xen modules
2015-02-26 10:15:05 +01:00
lethalman b6672f232a Merge pull request #6283 from mdorman/master
Fix initial-install issues with couchdb.nix.
2015-02-26 10:11:18 +01:00
lethalman d791335ac2 Merge pull request #6518 from ehmry/u9fs
U9fs
2015-02-26 09:41:18 +01:00
William A. Kennington III 9ce0c1cb71 nixos/consul: Fix timeout bugs and json formatting 2015-02-25 15:42:43 -08:00
Thomas Strobel 3d4fbb874c Update: add new Xen versions + update NixOS Xen modules
Versions of XEN:
- Xen 4.5
- Xen 4.5 + XenServer patches
- Xen 4.4.1
2015-02-25 23:30:44 +01:00
William A. Kennington III f27fa79aa9 nixos/dnsmasq: Fix service name typo 2015-02-25 09:22:16 -08:00
Eelco Dolstra 36d0f367de ssh-agent: Fix asking for confirmation via $SSH_ASKPASS
This was lost back in
ffedee6ed5. Getting this to work is
slightly tricky because ssh-agent runs as a user unit, and so doesn't
know the user's $DISPLAY.
2015-02-25 14:31:17 +01:00
Eelco Dolstra 93902ea108 nsswitch.conf: Omit ldap unless ldap is enabled
This prevents programs from trying to find nss_ldap.
2015-02-25 14:31:13 +01:00
William A. Kennington III e453f99446 nixos/networkd: Add an assertion for unsupported rstp 2015-02-24 13:09:34 -08:00
lethalman 2fdad12a8d Merge pull request #6552 from nslqqq/master
Correct NetworkManager documentation
2015-02-24 18:32:24 +01:00
Nikita Mikhailov 25e29b3870 Correct NetworkManager documentation 2015-02-24 22:09:36 +05:00
Lluís Batlle i Rossell b26e939111 fix pam (OATH related)
the pam config was wrong.

Issue #6551
2015-02-24 17:52:41 +01:00
Eelco Dolstra 16cf3ee9da Ensure that the home directory exists even if the user already exists 2015-02-24 11:57:38 +01:00
Eduard Bachmakov 4bf66ba89c ddclient module: fix module
* rewrite to systemd.services
* disable forking to give systemd better control
* verifiably run as ddclient user
* expose ssl option
* unset default value for dyndns server
* rename option "web" to "use" to be consistent with ddclient docs
* add descriptions
* add types to options
* clean up formatting
2015-02-23 22:37:20 -05:00
Jaka Hudoklin 1cddb5be20 mongodb: remove lock file on restart 2015-02-23 20:40:13 +01:00
Eelco Dolstra b70bd0879b sshd: Generate a ed25519 host key 2015-02-23 17:00:07 +01:00
Emery Hemingway 446580f3cd nixos: u9fs service module 2015-02-22 12:16:58 -05:00
Bjørn Forsman d5017499a2 nixos/redis: capitalize service description 2015-02-22 16:54:14 +01:00
Bjørn Forsman 25a6745310 nixos/fail2ban: capitalize service description 2015-02-22 16:54:14 +01:00
Lluís Batlle i Rossell 4e99901961 nixos: Adding OATH in pam.
(cherry picked from commit cb3cba54a1)

Conflicts:
	nixos/modules/security/pam.nix
2015-02-22 15:25:38 +01:00
Bjørn Forsman ffb4797dd3 nixos/haproxy: remove broken default 'config'
HAProxy fails to start with the default 'config'. Better disable it and
assert that the user provides a suitable 'config'. (AFAICS, there cannot
really be a default config file for HAProxy.)
2015-02-22 12:30:14 +01:00
Bjørn Forsman 419a4166a7 nixos/haproxy: small cleanup
* Add option types
* Rewrite option descriptions
* /var/run/haproxy.pid => /run/haproxy.pid (canonical location)
2015-02-22 12:29:34 +01:00
aszlig 030895f075
nixos/dhcpcd: Only run resume commands if enabled.
The networkd implementation sets systemd.services.dhcpcd.enable to
false in nixos/modules/tasks/network-interfaces-systemd.nix. So we need
to respect that in the dhcpcd module.

If we don't, the resumeCommand is set nevertheless, which causes the
post-resume.service to fail after resuming:

Failed to reload dhcpcd.service: Unit dhcpcd.service is masked.
post-resume.service: main process exited, code=exited, status=1/FAILURE
Failed to start Post-Resume Actions.
Dependency failed for Post-Resume Actions.
Unit post-resume.service entered failed state.
post-resume.service failed.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-02-22 08:09:04 +01:00
aszlig 9de4caddc1
nixos/tests/chromium: Check new userns sandbox.
Since Chromium version 42, we have a new user namespaces sandbox in the
upstream project. It's more integrated so the chrome://sandbox page
reports it as "Namespace Sandbox" instead of SUID sandbox, which we were
re-using (or abusing?) in our patch.

So if either "SUID Sandbox" or "Namespace Sandbox" reports with "Yes",
it's fine on our side.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-02-22 07:52:53 +01:00
Thomas Tuegel d15d0bebc3 kde5: remove file collisions 2015-02-21 20:58:43 -06:00
Thomas Tuegel 68f2db74ff kde5: always use plasma-nm 2015-02-21 13:59:28 -06:00
Thomas Tuegel 7eb8a9b41f kde5: install media-player-info udev rules for solid 2015-02-21 11:39:21 -06:00
Thomas Tuegel 532650e4bb kde5: change notice about default Phonon backend 2015-02-21 11:39:21 -06:00
Thomas Tuegel e5de75bf2a kde5: install kde-frameworks version used by plasma 2015-02-21 11:39:21 -06:00
Thomas Tuegel b050babd3e kde5: fix Phonon GStreamer backend 2015-02-21 11:39:20 -06:00
Thomas Tuegel a79936561b environment: use Qt 5 Qml import paths 2015-02-21 11:39:20 -06:00
Vladimír Čunát a3a467ce77 nixos/nvidia: use correct 32-bit legacy libs; refactor
Fixes #6127.
Now we avoid multiple switches among the version possibilities.
2015-02-21 16:34:24 +01:00
Bjørn Forsman 97875ac175 bridge-utils: align attrname with pkgname 2015-02-20 22:30:51 +01:00
Thomas Strobel c62e42e9c5 Enhance stage-1/2 scripts for better dealing with squashfs 2015-02-20 17:42:22 +01:00
Peter Simons 263a49be20 Merge pull request #5704 from eduarrrd/nixos-version
Add option to display git revision to nixos-version
2015-02-20 16:35:56 +01:00
Shea Levy 2fe3a3c203 Merge branch 'grub' of git://github.com/ts468/nixpkgs
Fix grubTarget on nodev installs
2015-02-20 07:47:06 -05:00
tv 86cb16965a exim: add version 4.85 incl. nixos module 2015-02-20 10:49:15 +01:00
Shea Levy 3e44f99055 Fix grub 1 install 2015-02-19 19:33:17 -05:00
Sander van der Burg 8d29cb2b00 In a test VM it's impossible to connect to itself, so fix this 2015-02-19 21:13:49 +00:00
Eelco Dolstra 5762f8f95c Add options to support signed binary caches
Typical use:

    nix.requireSignedBinaryCaches = true;
    nix.binaryCachePublicKeys = [ "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" ];

(The public key of cache.nixos.org is included by default.)

Note that this requires Nix 1.9 and that most of cache.nixos.org
hasn't been signed yet.
2015-02-19 14:22:43 +01:00
Jaka Hudoklin ebfadc2fc9 Merge pull request #6452 from rushmorem/update-chronos-port
Update chronos default port
2015-02-19 14:13:00 +01:00
rushmorem 74b40e9a43 Add marathon mesos framework 2015-02-19 13:30:00 +02:00
rushmorem a661802d29 Update chronos default port
Update chronos default port to match the one documented on
their website (http://airbnb.github.io/chronos). The one in
their repo (the current one) clashes with the marathon documented
one.
2015-02-19 12:31:12 +02:00
koral d9078d03a3 Updated fcgiwrap's systemd unit to match upstream version. 2015-02-18 21:19:12 +00:00
Eelco Dolstra 4ac280ec49 Blacklist the nouveau driver on EC2 2015-02-18 13:04:10 +01:00
Sou Bunnbu f8dbd6f9ae Merge pull request #6427 from grwlf/vsftpd-port
vsftpd.nix: add 'portPromiscuous' option
2015-02-18 19:18:34 +08:00
Sergey Mironov ac65a757f0 vsftpd.nix: add 'portPromiscuous' option 2015-02-18 11:51:43 +03:00
Mathijs Kwik 2fe44b95d0 nixos/wpa_supplicant: fix conflicting documentation
fixes #6298
2015-02-17 22:16:20 +01:00
James Cook 6daf9aa922 Merge pull request #5995 from ts468/qemu-vm
Update QEMU Nixos Virtual Machine
2015-02-16 13:13:26 -08:00
Thomas Strobel c61ff9b51e Fix grubTarget on nodev installs 2015-02-16 20:19:44 +01:00
Thomas Strobel 80afabd5b5 Update QEMU Nixos Virtual Machine
The Nixos Qemu VM that are used for VM tests can now start without
boot menu even when using a bootloader.
The Nixos Qemu VM with bootloader can emulate a EFI boot now.
2015-02-16 20:07:42 +01:00
Evgeny Egorochkin 4621f16b34 azure: add a job to download ssh host and root keys if they are made available via "custom data"; see #3986 2015-02-16 16:54:30 +02:00
Eelco Dolstra 5d7000df68 Automatically set nix.nrBuildUsers to at least nix.maxJobs 2015-02-16 12:02:49 +01:00
Wout Mertens 65438da88a Merge pull request #6357 from NixOS/jobs-vs-users
nix-daemon: Sanity check maxJobs vs nrBuildUsers
2015-02-16 11:42:24 +01:00
Rob Vermaas 824fccd3e9 Move amazon option out of amazon-image.nix, needed to make ec2.hvm usable from nixops, without breaking evaluation for other backends.
(cherry picked from commit 213fe8427c)
2015-02-16 09:57:19 +00:00
Eelco Dolstra 5092d625d6 /etc/ssl/certs/ca-bundle.crt -> ca-certificates.crt
Even though there is no "official" standard location, it's better to
stick to what most distros are using.
2015-02-15 19:06:31 +01:00
Eelco Dolstra 75e1b5e317 Provide symlinks to ca-bundle.crt for compat with other distros
There is no "standard" location for the certificate bundle, so many
programs/libraries have various hard-coded default locations that
don't exist on NixOS. To make these more likely to work, provide
some symlinks.
2015-02-15 19:06:31 +01:00
AndersonTorres f19ed980a2 Sawfish (git): New Package
Sawfish is a versatile, Lisp-based window manager

In that commit I include all Sawfish stack:
- librep, a lisp system;
- rep-gtk, bindings for gtk
- sawfish, the window manager
2015-02-15 19:42:53 +03:00
Wout Mertens d41367735d nix-daemon: Sanity check maxJobs vs nrBuildUsers 2015-02-15 15:37:30 +01:00
James Cook 33550b6efe Merge pull request #5665 from joachifm/dnscrypt-proxy-apparmor-updates
dnscrypt-proxy service: update AppArmor profile
2015-02-14 22:02:31 -08:00
Brian McKenna 28a9ed618f Add more options to multitouch (mtrack) module 2015-02-14 14:56:12 -07:00
William A. Kennington III 23e1b46f17 nixos/tests/installer: Add all bootloaders to the store 2015-02-13 14:41:11 -08:00
William A. Kennington III 1fddcd1e83 grub: Don't remove zfs support if contained in the default binary 2015-02-13 14:40:41 -08:00
William A. Kennington III 69a277e2cc iwlegacy: Remove since it is already in linux-firmware-nonfree 2015-02-13 14:27:47 -08:00
Harald van Dijk 0fe9d58e4e stage-1-init: fix PID 1 shell
The PID 1 shell is executed as the last command in a sh invocation. Some
shells implicitly use exec for that, but the current busybox ash does not,
so the shell gets a wrong PID. Spell out the exec.
2015-02-13 10:20:29 +00:00
lethalman 51a7277fac Merge pull request #6312 from k0ral/sslh
sslh: added libwrap support + improved nixos module.
2015-02-13 10:03:48 +01:00
Domen Kožar 5a4614dc1f Add hid_lenovo to initrd kernel modules 2015-02-13 01:42:13 +01:00
Jaka Hudoklin 2f2d638d38 Merge pull request #6317 from offlinehacker/nixos/consul/alerts
nixos/consul: add consul-alerts service
2015-02-12 21:39:09 +00:00
William A. Kennington III e2915fc5d1 nixos/tests: Fix installer test by providing a missing dependency 2015-02-12 11:36:02 -08:00
Jaka Hudoklin a17f5c8c9b nixos/consul: add consul-alerts service 2015-02-12 19:16:50 +01:00
Jaka Hudoklin 36e7a61dde Merge pull request #6222 from offlinehacker/limesurvey
add limesurvey package and nixos module
2015-02-12 18:07:42 +00:00
Eelco Dolstra 1907ca8a2a Drop tests.installer.grub1 as release critical
This test sometimes fails with

  Kernel panic - not syncing: assertion "i && sym_get_cam_status(cp->cmd) == DID_SOFT_ERROR" failed: file "/tmp/nix-build-linux-3.14.32.drv-0/linux-3.14.32/drivers/scsi/sym53c8xx_2/sym_hipd.c", line 3399

after "sd 2:0:0:0: ABORT operation timed-out."

Since we don't care all that much about GRUB 1 anymore, don't make the
release depend on it.

http://hydra.nixos.org/build/19563197
2015-02-12 16:20:00 +01:00
koral cb153cfca3 sslh: added libwrap support + improved nixos module. 2015-02-12 13:21:36 +01:00
Michael Alan Dorman f21cab27a4 Fix initial-install issues with couchdb.nix.
When starting from a clean slate, the couchdb service fails.

First, the pre-start script fails because it tries to chown the uriFile,
which doesn't exist.  It also doesn't ensure that the directory in which
the uriFIle is placed is writeable by couchdb, which could also cause
failure (though I didn't observe this).

Additionally, the log file's default location isn't a directory owned by
couchdb, nor is the file guaranteed to exist, nor is it guaranteed to be
chowned to the appropriate user.  All of which can cause unexpected
failure.

As a bonus I made a small change in the description of the configFile
attribute, in the hopes of making it a little more obvious why it
existed.
2015-02-11 20:42:52 -05:00
William A. Kennington III 35e9d3c112 nixos/zfs: Use the git version for kernels unsupported by 0.6.3 2015-02-11 15:11:56 -08:00
Luca Bruno e088fd0314 Revert "Merge pull request #5626 from matthiasbeyer/add-fish_shell_module"
This reverts commit 157d199b33, reversing
changes made to 4c7adddcb7.
2015-02-11 18:31:11 +01:00
Luca Bruno c427b48ba6 Revert "Add fish to nixos module list"
This reverts commit d7f5d00f0a.
2015-02-11 18:30:58 +01:00
Luca Bruno d7f5d00f0a Add fish to nixos module list 2015-02-11 14:05:30 +00:00
lethalman 157d199b33 Merge pull request #5626 from matthiasbeyer/add-fish_shell_module
Add basic nixos module for fish shell
2015-02-11 15:05:03 +01:00
Luca Bruno f7b26bf98f gnome3: Set XCURSOR_PATH. Closes #6191 2015-02-11 11:48:51 +00:00
Bjørn Forsman 7a6af47cca nixos/tests/jenkins: increase timeout to 6 minutes
Fixes the test failure, at least on my system.
2015-02-10 16:50:50 +01:00
lethalman c1d22c947e Merge pull request #6278 from bendlas/cdemu
Add cdemu packages and module
2015-02-10 15:33:06 +01:00
Herwig Hochleitner 983fddcea8 Move cdemu module into programs 2015-02-10 13:14:09 +01:00
lethalman 12834a8500 Merge pull request #6072 from AndersonTorres/window-managers
Update NixOS module files to include WindowMaker
2015-02-10 13:06:06 +01:00
Herwig Hochleitner b909def3e1 Whitespace cleanup 2015-02-10 11:49:32 +01:00
lethalman 93ebaafabe Merge pull request #6170 from k0ral/sslh
New sslh module
2015-02-10 11:17:56 +01:00
lethalman 7614b2f984 Merge pull request #6229 from devhell/canto
canto-{curses,daemon}: Add packages
2015-02-10 10:34:11 +01:00
Luca Bruno d06122c58d Add PermissionsStartOnly to mpd service. Closes #6277 2015-02-10 10:18:54 +01:00
Herwig Hochleitner 2961b83d08 Add cdemu packages and module 2015-02-10 06:49:47 +01:00
William A. Kennington III 650b2258f0 nonfree-firmware: Use the new kernel.org repository for tracking nonfree firmware changes
remove the obsolete iwlwifi firmware which is included in the repo.
2015-02-09 16:28:40 -08:00
William A. Kennington III b556983eb7 nixos/system: Add xhci_pci as it is needed to detect host buses in the initrd for usb keyboards on the xhci bus and storage devices on the iso 2015-02-09 13:09:26 -08:00
Wout Mertens 8f42f33c45 stage-1-init: better warnings
- Suppress spurious LVM FD3 warning:
  See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=432986
- Warn when device doesn't come online
2015-02-09 21:53:51 +01:00
Shea Levy 24c0844cfb Fix grub on nodev installs 2015-02-08 22:31:14 -05:00
William A. Kennington III c4bec1a0a4 Merge pull request #6152 from abbradar/samba-clean
nixos/samba: cleanup and update defaults
2015-02-08 14:20:49 -08:00
William A. Kennington III 2a0754ccbc Merge pull request #5994 from ts468/grub
Add 'target' parameter for GRUB installation chain
2015-02-08 14:18:13 -08:00
devhell a9ac564f50 canto-daemon: Fix typo and remove TimeoutStopSec 2015-02-08 14:16:17 +00:00
devhell d6e9df1e1a canto-daemon: Add a systemd service
This adds a systemd service for the canto-daemon.
2015-02-08 14:16:17 +00:00
Domen Kožar b83433cdd1 Remove gui (see #6207), use nixui instead 2015-02-08 10:47:58 +01:00
William A. Kennington III 42a6ac5209 nixos/iso: Increase efi image size to 15M 2015-02-07 20:38:24 -08:00
William A. Kennington III 0fa4c9d6d3 nixos/zfs: Fix references to zfs packages now that they are split 2015-02-07 15:07:39 -08:00
Jaka Hudoklin 41ae4d1af9 add limesurvey package and nixos module 2015-02-07 23:18:51 +01:00
Jaka Hudoklin f85abb041a Merge pull request #5622 from offlinehacker/panamax
panamax: new package and service
2015-02-07 14:56:25 +00:00
Jaka Hudoklin 769fb8a141 Merge pull request #5486 from matejc/fixgatewayd
systemd-journal-gatewayd: add systemd-journal group
2015-02-07 14:52:31 +00:00
Jaka Hudoklin ae34f923f7 panamax: simplify, refactor, add test 2015-02-07 15:32:20 +01:00