1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-30 09:31:01 +00:00
Commit graph

10681 commits

Author SHA1 Message Date
Alyssa Ross 98b8d4cfbc
environment.extraInit: fix description typo 2018-08-13 14:28:52 +01:00
Sarah Brofeldt b4d15afe02
Merge pull request #44876 from eadwu/display-managers/pulseaudio-rely-on-socket
nixos/display-managers: rely on socket to activate pulseaudio
2018-08-12 22:23:45 +02:00
Jan Tojnar f496d26247
Merge pull request #44651 from jtojnar/gobby
gobby5: fix build
2018-08-12 17:25:07 +02:00
Silvan Mosberger 8fb7ab9b32
Merge pull request #43282 from Ma27/support-external-zsh-plugins
nixos/ohMyZsh: allow multiple derivations in `ZSH_CUSTOM`
2018-08-12 16:47:12 +02:00
Thibault Polge d470a407eb
nixos/systemd-boot: Add missing newline
This fixes an issue where setting both
`boot.loader.systemd-boot.editor` to `false` and
`boot.loader.systemd-boot.consoleMode` to any value would concatenate
the two configuration lines in the output, resulting in an invalid
`loader.conf`.
2018-08-12 15:12:27 +02:00
Vladimír Čunát 00df25ee57
Merge branch 'master' into staging-next
Hydra: ?compare=1472947
2018-08-12 10:33:41 +02:00
zimbatm 1e65420eb3
virtualbox module: allow to pass the package (#44907) 2018-08-11 19:40:00 +01:00
aszlig f51dc2a94b
nixos/tests/luksroot: Fix OCR of passphrase prompt
Since a9d69a74d6, the passphrase prompt
now no longer starts with "Enter passphrase for" but now it's just
"Passphrase for", which causes the luksroot installer test to fail.

I've tested this on a x86_64-linux machine and the test now succeeds.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @oxij, @samueldr
Issue: #29441
2018-08-11 00:07:10 +02:00
Eelco Dolstra 4d1332e507
nixos/modules/misc/version.nix: Don't spam the user with vague warnings 2018-08-10 21:39:36 +02:00
(cdep)illabout 56ad359d93
virtualization: update the virtualbox-host module to use the extension pack if enabled. 2018-08-11 02:48:29 +09:00
xeji 12eb1e96ce
Merge pull request #44870 from symphorien/tests-eval
Fix evaluation of two tests
2018-08-10 19:06:20 +02:00
xeji a102b900be
Merge pull request #37281 from xeji/qemu-nonroot
nixos/libvirtd: add option to run qemu as non-root
2018-08-10 18:54:10 +02:00
Edmund Wu ced374cf98
display-managers: rely on socket to activate pulseaudio 2018-08-10 12:43:47 -04:00
Symphorien Gibol 9375312ab9 nixos/tests/yabar: fix evaluation 2018-08-10 15:22:34 +02:00
Silvan Mosberger 1a3b9e1bd2
Merge pull request #44556 from johanot/certmgr-module-init
nixos/certmgr: init
2018-08-10 15:11:26 +02:00
xeji 980505dc3b nixos/libvirtd: add option to run qemu as non-root
New option virtualisation.libvirtd.qemuRunAsRoot (default: true).
If false, qemu is run as non-privileged user qemu-libvirtd,
reducing security risk
2018-08-10 13:59:58 +02:00
Yegor Timoshenko e0b3d77ccd
Merge pull request #44823 from yegortimoshenko/20180809.194425/youtrack
youtrack: 2018.1.41051 -> 2018.2.42284
2018-08-10 13:00:49 +03:00
Franz Pletz f167e88794
Merge pull request #44658 from dlahoti/patch-2
add `extraConfig` section to `networking.wireless`
2018-08-10 09:38:23 +00:00
Johan Thomsen 004e7fb6fd nixos/certmgr: init 2018-08-10 09:56:25 +02:00
Sarah Brofeldt ddde09d4f8
Merge pull request #44848 from LnL7/vault-options
nixos/vault: make package configurable
2018-08-10 09:48:07 +02:00
Silvan Mosberger c08244fc1b
Merge pull request #44649 from dlahoti/patch-1
add `/share/sddm/themes` to `environment.pathsToLink`
2018-08-09 23:41:47 +02:00
Daiderd Jordan d113c02563
services-vault: make package configurable and add extraConfig option 2018-08-09 23:22:53 +02:00
Deven Lahoti 8d6128208d nixos/wireless: add extraConfig section to networking.wireless
This allows the user to add `wpa_supplicant` config options not yet supported by Nix without having to write the entire `wpa_supplicant.conf` file manually.
2018-08-09 15:20:44 -05:00
Deven Lahoti 414e6de41a nixos/sddm: add /share/sddm/themes to environment.pathsToLink
Without this, there are no SDDM themes available in the directory configured in `sddm.conf`.
2018-08-09 15:17:22 -05:00
Yorick van Pelt 369cc995d1 youtrack: 2018.1.41051 -> 2018.2.44329 2018-08-09 21:46:21 +03:00
Frederik Rietdijk d9fa74ba78 Merge master into staging 2018-08-09 18:28:15 +02:00
Jan Tojnar 69c47a3d91
nixos/metacity: switch to gnome3.metacity 2018-08-09 17:36:47 +02:00
Vincent Ambo 5b748bd8fa nixos/datadog-agent: Add option to configure datadog integrations
Introduces an option `services.datadog-agent.extraIntegrations` that
can be set to include additional Datadog agent integrations from the
integrations-core repository.

Documentation and an example is provided with the change.

Relates to NixOS/nixpkgs#40399
2018-08-09 17:25:23 +02:00
Vincent Ambo 5a07bb2fc7 nixos/datadog-agent: Refactor to allow arbitrary check configs
Refactors the datadog-agent (i.e. V6) module to let users configure
arbitrary checks, not just a limited set, without having to resort to
linking the files manually and updating the systemd unit.

Checks are now configured via a `services.datadog-agent.checks` option
which takes an attribute set in which the keys refer directly to
Datadog check names, and the values are attribute sets representing
Datadog's configuration structure.

With this mechanism users can configure arbitrary integrations, for
example for the `ntp`-check, simply by saying:

    services.datadog-agent.checks.ntp = {
      init_config = null;
      # ... other check configuration options as per Datadog
      # documentation
    };

The previous check-specific configuration options for non-default
checks have been removed. Disk & network check configuration options
have been kept rather than making them a `default`-value of the
`checks`-option because they will be overridden by user-configurations
in that case.

Relates to NixOS/nixpkgs#40399.
2018-08-09 17:25:23 +02:00
Rodney Lorrimar b9486e2b50 nixos/datadog-agent: add module
This is the new v6 version of datadog-agent.

The old v5 module is kept as dd-agent.
2018-08-09 16:53:31 +02:00
Rodney Lorrimar 51618113f4 nixos/dd-agent: Fix dodgy temp files
DataDog was dropping PID files and and python pickle files in
/tmp. Move these to private directories as a precaution.
2018-08-09 16:53:30 +02:00
Samuel Dionne-Riel 27c6bf0ef3
Merge pull request #29441 from oxij/nixos/luks
nixos: initrd/luks: allow to reuse passphrases, cleanup
2018-08-08 13:16:57 -04:00
Silvan Mosberger 565479374b
Merge pull request #42469 from ghuntley/patch-4
zerotier: added option to customise the port used
2018-08-08 17:02:25 +02:00
Geoffrey Huntley 5b66ddb943 nixos/zerotier: added option to customise the port used 2018-08-09 00:00:12 +10:00
Linus Heckemann adba92b5ef systemd: improve unit script drv naming
Also store scripts directly in the nix store rather than having the
superfluous /bin/ tree.
2018-08-08 14:29:41 +02:00
Jan Tojnar 83a18e14d9
Merge pull request #39792 from Moredread/fwupd
WIP fwupd: 1.0.5 -> 1.1.0
2018-08-08 11:57:39 +02:00
Jan Malakhovski 456f97f2e6 doc: document luksroot.nix changes in release notes 2018-08-08 02:47:50 +00:00
Jan Malakhovski 8c83ba0386 nixos: initrd/luks: disable input echo for the whole stage 2018-08-08 02:47:50 +00:00
Jan Malakhovski c35917e330 nixos: initrd/luks: simplify Yubikey handling code
From reading the source I'm pretty sure it doesn't support multiple Yubikeys, hence
those options are useless.

Also, I'm pretty sure nobody actually uses this feature, because enabling it causes
extra utils' checks to fail (even before applying any patches of this branch).

As I don't have the hardware to test this, I'm too lazy to fix the utils, but
I did test that with extra utils checks commented out and Yubikey
enabled the resulting script still passes the syntax check.
2018-08-08 02:47:49 +00:00
Jan Malakhovski a9d69a74d6 nixos: initrd/luks: change passphrases handling
Also reuse common cryptsetup invocation subexpressions.

- Passphrase reading is done via the shell now, not by cryptsetup.
  This way the same passphrase can be reused between cryptsetup
  invocations, which this module now tries to do by default (can be
  disabled).
- Number of retries is now infinity, it makes no sense to make users
  reboot when they fail to type in their passphrase.
2018-08-08 02:47:47 +00:00
Jan Malakhovski 12e6907f33 nixos: initrd/luks: cleanup and generalize common shell expressions
Also fix Yubikey timeout handling mess.
2018-08-08 02:45:17 +00:00
Jan Malakhovski dc653449c5 nixos: boot/stage-1: check syntax of the generated script 2018-08-08 02:43:17 +00:00
Jan Tojnar 4ce95e453b
libinfinity: modernize expression
* Use multiple outputs to reduce the number of rebuilds necessary.
* Fix build with GTK+ support
2018-08-08 01:40:26 +02:00
Vincent Bernat 57840dbffb nixos/cloud-init: order after network-online.target (#44633)
Some modules of cloud-init can cope with a network not immediately
available (notably, the EC2 module), but some others won't retry if
network is not available (notably, the Cloudstack module).
network.target doesn't give much guarantee about the network
availability. Applications not able to start without a fully
configured network should be ordered after network-online.target.

Also see #44573 and #44524.
2018-08-08 00:09:00 +02:00
Edmund Wu aea2d822dd luksroot: Add missing quote (#44639) 2018-08-07 23:56:30 +02:00
André-Patrick Bubel 08547ff642
fwupd: 1.0.5 -> 1.1.0
We override the ESP mount point in the config file /etc/fwupd/uefi.conf
(available since version 1.0.6), as it is set to a path in the nix store
during build time.

Tests are disabled as it needs /etc/os-release, which is not available
when building with sandboxing enabled.
2018-08-07 23:25:22 +02:00
Janne Heß 690dac11f3 nixos/luksroot: Support keyfile offsets 2018-08-07 17:39:02 +02:00
Thomas Bach 31e11bdd60 cassandra: rewrote service from scratch
Adds a replacement for the previously broken
`services.database.cassandra` with tests for a multi-node setup.
2018-08-07 14:48:43 +00:00
Maximilian Bosch bd40c92c2c
nixos/oh-my-zsh: add documentation
In the last year `programs.oh-my-zsh` gained more complexity and since
the introduction of features like `customPkgs` which builds a
`ZSH_CUSTOM` path from a sequence of derivation a documentation may be
fairly helpful to make the knowledge how to use the module and how to
package new ZSH plugins visible.

See https://github.com/NixOS/nixpkgs/pull/43282#issuecomment-410770432
2018-08-07 15:47:02 +02:00
Bob van der Linden e1da32d887 set initialHashedPassword in installation-device.nix 2018-08-07 14:45:50 +02:00
adisbladis 8f36a3185f
Merge pull request #44544 from bkchr/plasma_activation_script_use_absolute_path
services.plasma5: Make activationscript use absolute path to
2018-08-07 17:56:54 +08:00
John Ericson 68d31ddaf5 stage-1: Remove last reference of now-removed stdenv.isCross 2018-08-06 18:07:02 -04:00
Bastian Köcher 60e1e81201 services.plasma5: Make activationscript use absolute path to
`kbuildsyscoca5`
2018-08-06 17:15:53 +02:00
Robin Gloster fcf067a1aa nixos/release.nix: add docker-registry test 2018-08-06 16:31:33 +02:00
Robin Gloster cb9d784e49 docker-registry: Revert "[bot]: remove unreferenced code"
This code was referenced.

This reverts commit 87f5930c3f.

cc @volth
2018-08-06 16:31:33 +02:00
Jörg Thalheim 05daf390b3 systemd: 238 -> 239 2018-08-06 11:03:09 +02:00
Silvan Mosberger 66793d9284
Merge pull request #44058 from borisbabic/feature/choose-trackpoint-device
trackpoint: Make the device name configurable
2018-08-06 03:14:16 +02:00
Boris Babic 0ef3119c69 trackpoint: Make the device name configurable 2018-08-06 02:56:32 +02:00
Sander van der Burg 9748d7c60b nixos/disnix: undo dysnomia rename to fix disnix and retain compatibility with previous release 2018-08-06 01:25:38 +02:00
Vincent Bernat 48f7778d99 dhcpcd service: order before network target
This reverts a change applied in PR #18491. When interfaces are
configured by DHCP (typical in a cloud environment), ordering after
network.target cause trouble to applications expecting some network to
be present on boot (for example, cloud-init is quite brittle when
network hasn't been configured for `cloud-init.service`) and on
shutdown (for example, collectd needs to flush metrics on shutdown).

When ordering after network.target, we ensure applications relying on
network.target won't have any network reachability on boot and
potentially on shutdown.

Therefore, I think ordering before network.target is better.
2018-08-05 23:07:54 +02:00
Maximilian Bosch 39b85451de
nixos/oh-my-zsh: add customPkgs option to allow multiple derivations for ZSH_CUSTOM
If multiple third-party modules shall be used for `oh-my-zsh` it has to
be possible to create another env which composes all the packages.

Now it can be done like this:

```
{ pkgs, ... }:
{
  programs.zsh.enable = true;
  programs.zsh.ohMyZsh = {
    enable = true;
    customPkgs = with pkgs; [
      lambda-mod-zsh-theme
      nix-zsh-completions
    ];
    theme = "lambda-mod";
    plugins = [ "nix" ];
  };
}
```

Please keep in mind that this is not compatible with
`programs.zsh.ohMyZsh.custom`, only one of these options can be used
ATM.

Each package should store its outputs into
`$out/share/zsh/<output-name>`. Completions (and ZSH-only) extensions
should live in the `fpath` (`$out/share/zsh/site-functions`), plugins in
`.../plugins` and themes in `.../themes` (please refer to
fdb6bf6ed68c2f089ae6c729dfeaa3eddea2ce6a and 406d64aad162b3a4881747be4e24705fb5182573).

All scripts in `customPkgs` will be linked together using `linkFarm` to
provide a single directory for all scripts from all derivations in
`customPkgs` as suggested in https://github.com/NixOS/nixpkgs/pull/43282#issuecomment-410396365.
2018-08-05 23:01:18 +02:00
Silvan Mosberger 47b3cdf9be
Merge pull request #44108 from bennofs/gen-config-extlinux
nixos-generate-config: detect extlinux bootloader
2018-08-05 22:59:46 +02:00
Austin Seipp 3dc65650ea nixos/manual: add release note entry for FoundationDB
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-08-05 08:47:20 -05:00
Austin Seipp d80d0bc3d2 Revert "nixos/manual: add release note entry for FoundationDB"
This reverts commit be1124a537.
2018-08-05 08:42:58 -05:00
Austin Seipp be1124a537 nixos/manual: add release note entry for FoundationDB
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-08-05 08:42:43 -05:00
Austin Seipp d5eccebda5 nixos/manual: wordsmithing on fdb chapter
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-08-05 08:42:43 -05:00
Robert Schütz 2215834789
simp_le: use python3Packages (#44476) 2018-08-05 01:17:38 +02:00
Jesper 0254ae4e80 netdata: 1.9.0 -> 1.10.0 (#44472)
The web_access.patch would no longer apply.
It disabled a check that required the static files
for the web UI to be owned by the user the daemon runs as
(not root, so it doesn't work well with nix).

Besides updating netdata, this commit removes that patch,
changes the netdata service config to set the "web files owner/group"
option to "root" and adds a test that checks that the web UI is being served.

This allows the web files to be owned by root without patching.
2018-08-05 00:05:48 +02:00
Austin Seipp f42f0a1c48 nixos/foundationdb: show an example python script in the documentation
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-08-04 16:56:16 -05:00
Austin Seipp aa79ae0c64 foundationdb: install python bindings
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-08-04 16:56:16 -05:00
Silvan Mosberger 31dda068db
Merge pull request #42877 from Infinisil/systemd-boot/consoleMode
nixos/systemd-boot: Add consoleMode option
2018-08-04 23:21:31 +02:00
Bas van Dijk 5a43f6ffeb graphite: make systemd create /run directory for us (#44392) 2018-08-04 20:55:59 +02:00
xeji 1258e6dd3a
Merge pull request #43421 from rembo10/lightdm-gtk-greeter
nixos/lightdm-gtk-greeter: svg icon support
2018-08-04 17:55:54 +02:00
smithtim 9bf7ff3b57 nixos/doc: added MATE to list of desktop managers in manual (#44442) 2018-08-04 07:23:54 +01:00
Daiderd Jordan e2a32b747f
Revert "nixos/disnix: fix broken service because of rename"
Broke evaluation of the nixos options.

  The option `services.dysnomia' defined in `.../nixos/modules/rename.nix' does not exist.

This reverts commit 5c897b4eff.
2018-08-04 00:26:34 +02:00
Sander van der Burg 5c897b4eff nixos/disnix: fix broken service because of rename 2018-08-03 22:01:56 +02:00
xeji c9f3382a39
Merge pull request #43934 from jfrankenau/mpd-smb
mpd: add nfs and smb support
2018-08-03 21:59:30 +02:00
Johannes Frankenau b9234ea49c nixos/mpd: allow storage plugins in musicDirectory 2018-08-03 21:36:38 +02:00
Okina Matara 36ab89900b nixos/meguca: Various fixes 2018-08-03 10:59:06 -05:00
Okina Matara d49b5bdfb9 nixos/hydron: Various fixes, create db_conf.json and link to it 2018-08-03 10:43:53 -05:00
Silvan Mosberger fcb4254276
Merge pull request #43610 from jfrankenau/fix-pulse-module-x11-publish
nixos/display-managers: fix loading of module-x11-publish
2018-08-03 17:00:14 +02:00
Silvan Mosberger d31f89df44
Merge pull request #44127 from johanot/nixos-cfssl
nixos/cfssl: Add new module for cfssl
2018-08-03 16:39:12 +02:00
Bas van Dijk 70e7235510 nixos/doc: add the new strongswan-swanctl service to the 18.09 release notes 2018-08-03 16:06:02 +02:00
Franz Pletz cb691b987f
Merge pull request #44394 from mayflower/exporter-firewall-fix
nixos/prometheus-exporters: use nixos-fw chain
2018-08-03 13:21:00 +00:00
Matthew Harm Bekkema a6c7132abc doc: change git:// links to https:// (#44395)
The server is not verified over the git:// transfer protocol. If you
clone a repository over git://, you should check if the latest commit's
hash is correct.

On the other hand, https:// will always verify the server automatically,
using certificate authorities.
2018-08-03 14:01:34 +01:00
Jan Tojnar f735d6a38d
Merge pull request #43992 from jtojnar/upstream-sessions
Upstream sessions
2018-08-03 14:23:17 +02:00
WilliButz 9216da8928
nixos/prometheus-exporters: use nixos-fw chain
Use nixos-fw chain instead of INPUT so that the rules don't keep
stacking everytime the firewall is reloaded.
This also adds a comment to each rule about the associated exporter.
2018-08-03 13:20:53 +02:00
Johannes Frankenau b7ce7d5b3f nixos/display-managers: fix loading of module-x11-publish
module-x11-publish is only provided by the pulseaudioFull package.
2018-08-03 12:22:28 +02:00
Johan Thomsen 7d7c36f8be nixos/cfssl: init
- based on module originally written by @srhb
- complies with available options in cfssl v1.3.2
- uid and gid 299 reserved in ids.nix
- added simple nixos test case
2018-08-03 09:40:32 +02:00
Silvan Mosberger 150f4fe9c4
Merge pull request #44371 from pvgoran/tomcat-webapps-listOfPaths
nixos/tomcat: allow non-package paths in services.tomcat.webapps
2018-08-02 23:32:33 +02:00
Silvan Mosberger 6b20531d7a
Merge pull request #44365 from pvgoran/tomcat-correct-virtualHosts
nixos/tomcat: correct type specification for virtualHosts
2018-08-02 23:32:09 +02:00
Pavel Goran 7fb40c6503 nixos/tomcat: correct type specification for virtualHosts
The wrong specification was introduced as part of commit 472f16d.

Fixes #44361.
2018-08-02 23:37:09 +07:00
Pavel Goran b2b5b97468 nixos/tomcat: allow non-package paths in services.tomcat.webapps
Resolves #44370.
2018-08-02 23:26:21 +07:00
Bas van Dijk 0aae3fda06 graphite: 1.0.2 -> 1.1.3 & moved dependencies to python-modules (#44276)
Fixes #30891

* Upgrade `graphite-web`, `carbon` and `whisper` from 1.0.2 -> 1.1.3.

* Replaced the deprecated `pythonPackages.graphite_influxdb` with
  `pythonPackages.influxgraph.`

* Renamed `pythonPackages.graphite_web` to `pythonPackages.graphite-web`
  to be consistent with the Python package name.

* Replaced the unmaintained `pythonPackages.graphite_pager` with
  `pythonPackages.graphitepager`

* Moved all new packages from `python-packages.nix` to
  `pkgs/development/python-modules`
2018-08-02 16:39:57 +02:00
aszlig 6f5a86b189
tests/containers-imperative: Disable useSandbox
Since 4f6df27aee, nix.useSandbox defaults
to true which causes the Nix build within the containers-imperative test
to fail while trying to hardlink files into the chroot:

link("/nix/store/foo", "/nix/store/bar.drv.chroot/nix/store/foo")
   = -1 EPERM (Operation not permitted)

The reason this happens is that the hosts store is mounted using 9p and
an overlayfs is mounted on top, so even if we would disable the tmpfs
for the upper directory the hardlink would still cross filesystem
boundaries, which then fails with the above error code.

I haven't yet seen any other test which fails in a similar way, which
might be because building within VM tests is not very common and the
installer tests build in a separate store, so they're not affected.

Signed-off-by: aszlig <aszlig@nix.build>
Issue: https://github.com/NixOS/nix/issues/2324
Cc: @aristidb, @edolstra, @chaoflow, @kampfschlaefer
2018-08-02 06:00:32 +02:00
Matthew Bauer eb1afe452a
Merge pull request #44332 from jerith666/restic-s3-default
restic: add missing default for s3CredentialsFile
2018-08-01 22:56:12 -04:00
Matt McHenry 016922f88b restic: add missing default for s3CredentialsFile 2018-08-01 22:53:14 -04:00
Franz Pletz 9820531cb5
freeradius module: add to modules-list.nix
This was somehow never added and was thus never available. It works.
2018-08-01 22:24:47 +02:00
Franz Pletz b5477ab37b
freeradius: add rest module and multiple outputs 2018-08-01 22:24:47 +02:00
Maximilian Bosch cd5e01edd9 ocserv: init at 0.12.1 (#42871)
`ocserv` is a VPN server which follows the openconnect protocol
(https://github.com/openconnect/protocol). The packaging is slightly
inspired by the AUR version
(https://aur.archlinux.org/packages/ocserv/).

This patch initializes the package written in C, the man pages and a
module for a simple systemd unit to run the VPN server. The package
supports the following authentication methods for the server:

* `plain` (mostly username/password)
* `pam`

The third method (`radius`) is currently not supported since `nixpkgs`
misses a packaged client.

The module can be used like this:

``` nix
{
  services.ocserv = {
    enable = true;
    config = ''
      ...
    '';
  };
}
```

The option `services.ocserv.config` is required on purpose to
ensure that nobody just enables the service and experiences unexpected
side-effects on the system. For a full reference, please refer to the
man pages, the online docs or the example value.

The docs recommend to simply use `nobody` as user, so no extra user has
been added to the internal user list. Instead a configuration like
this can be used:

```
run-as-user = nobody
run-as-group = nogroup
```

/cc @tenten8401
Fixes #42594
2018-08-01 21:39:09 +02:00