obadz
fb6b4860c7
xl2tpd: add nixos module for service
...
(required adding execv to libredirect)
2016-06-20 21:41:59 +01:00
Eelco Dolstra
d0b2524633
Merge pull request #16021 from Baughn/systemd-linger
...
systemd: Set KillUserProcesses=no in logind.conf
2016-06-20 14:54:03 +02:00
obadz
0243ccfbff
i3 & xfce modules: add extraSessionCommands for WM-specific user-defined xsession lines
...
Could be extended to other window managers/desktops as well
2016-06-19 23:52:14 +01:00
zimbatm
31c158ad45
Merge pull request #16189 from zimbatm/usershell-config
...
User shell config
2016-06-19 23:36:45 +01:00
zimbatm
b0f8416c5c
Merge pull request #16180 from zimbatm/shell-escaping
...
Escape all shell arguments uniformly
2016-06-19 23:27:52 +01:00
zimbatm
7795f11335
Merge pull request #16332 from solson/fix-fileSystems-example
...
Make fileSystems example literal.
2016-06-19 22:27:44 +01:00
Zack Piper
f36c8f5f54
lxd: pkg.lxd
does not point to the binaries
...
`pkg.lxd.bin` does
2016-06-19 20:30:36 +01:00
Joachim Fasting
6fd8e5719b
Merge pull request #16108 from pwetzel/squeezelite
...
Squeezelite package and service init
2016-06-19 20:53:15 +02:00
Scott Olson
6d5ed7d971
Make fileSystems example literal.
...
This fixes the attribute names showing up unquoted in the options documentation.
2016-06-19 01:21:22 -06:00
obadz
8ab188eb16
pptpd service: improve option descriptions per @bjornfor's suggestion
2016-06-18 16:28:06 +01:00
obadz
fc975bcffb
pptpd: add nixos service
2016-06-18 02:08:07 +01:00
Sander van der Burg
8fccaa9011
disnix-module: split dysnomia's functionality into a separate module so that it can be used without Disnix and remove the hacky/obsolete avahi publisher
2016-06-17 09:12:44 +00:00
Joachim Fasting
c7ca9faa51
Merge pull request #16148 from womfoo/openldap
...
openldap: add -h urlList in service so LDAP TLS could be enabled
2016-06-16 16:37:55 +02:00
Franz Thoma
688d7cd3a6
i3-gaps: add as window manager
...
Closes #15917
2016-06-16 14:26:17 +01:00
Benno Fünfstück
519673e714
wpa_supplicant: start after wireless interfaces
...
wpa_supplicant fails to start if the wireless interfaces aren't ready yet,
so we need to add a system ordering directive here to start wpa_supplicant
after the interfaces are ready. Note that Requires= is not enough since
it does not imply ordering.
2016-06-16 00:22:08 +02:00
Kranium Gikos Mendoza
f79930849a
openldap: add -h urlList in service so LDAP TLS could be enabled
2016-06-14 23:47:02 +08:00
Arseniy Seroka
186a6a207d
Merge pull request #16222 from kamilchm/rework-go
...
Fixes #16181 - using bin output for Go services
2016-06-14 17:19:17 +03:00
Joachim Fasting
886c03ad2e
Merge pull request #16107 from joachifm/grsec-ng
...
Rework grsecurity support
2016-06-14 03:52:50 +02:00
Joachim Fasting
09cf92ccee
nixos: flesh out the grsecurity test suite
...
I've failed to figure out what why `paxtest blackhat` hangs the vm, and
have resigned to running individual `paxtest` programs. This provides
limited coverage, but at least verifies that some important features are
in fact working.
Ideas for future work includes a subtest for basic desktop
functionality.
2016-06-14 03:38:18 +02:00
Joachim Fasting
a53452f3e1
nixos: remove the grsecurity GID
...
This GID was used to exempt users from Grsecurity's
`/proc` restrictions; we now prefer to rely on
`security.hideProcessInformation`, which uses the `proc` group
for this purpose. That leaves no use for the grsecurity GID.
More generally, having only a single GID to, presumably, serve as the
default for all of grsecurity's GID based exemption/resriction schemes
would be problematic in any event, so if we decide to enable those
grsecurity features in the future, more specific GIDs should be added.
2016-06-14 03:38:17 +02:00
Joachim Fasting
0677cc61c8
nixos: rewrite the grsecurity module
...
The new module is specifically adapted to the NixOS Grsecurity/PaX
kernel. The module declares the required kernel configurations and
so *should* be somewhat compatible with custom Grsecurity kernels.
The module exposes only a limited number of options, minimising the need
for user intervention beyond enabling the module. For experts,
Grsecurity/PaX behavior may be configured via `boot.kernelParams` and
`boot.kernel.sysctl`.
The module assumes the user knows what she's doing (esp. if she decides
to modify configuration values not directly exposed by the module).
Administration of Grsecurity's role based access control system is yet
to be implemented.
2016-06-14 03:38:12 +02:00
Kamil Chmielewski
437ea9fd37
Fixes #16181 - using bin output for Go services
2016-06-13 23:32:16 +02:00
Paweł Pacana
d2b58dd39a
buildkite-agent: init at 2.1.8
...
* nixos module included
* install compiled binary
* only one platform now
* limited config options
* relies on providing ssh keys for agent
2016-06-13 17:21:08 +01:00
Luca Bruno
02a1408d9c
Merge pull request #16023 from choochootrain/add-xbanish-service
...
xbanish service: init at 1.4
2016-06-13 17:24:44 +02:00
zimbatm
4f27f28f89
Merge pull request #16137 from abbradar/parsoid
...
Update node packages
2016-06-13 00:19:25 +01:00
zimbatm
a95229a963
Merge pull request #15677 from womfoo/mod_auth_mellon
...
mod_auth_mellon: init at 0.12.0 and dependency lasso: init at 2.5.1
2016-06-12 23:38:57 +01:00
zimbatm
2974b6f4c8
Use shell packages to select the user's shell
...
The string type is still available for backward-compatiblity.
2016-06-12 20:35:34 +01:00
zimbatm
28fa4a2f03
Escape all shell arguments uniformly
2016-06-12 18:11:37 +01:00
Phil Wetzel
ccdf386a97
squeezelite service: init
2016-06-11 22:05:07 -04:00
Benno Fünfstück
3850123f32
nixos/docker: use wrapped modprobe
...
We need to use wrapped modprobe, so that it finds the right
modules. Docker needs modprobe to load overlay kernel module
for example.
This fixes an an error starting docker if the booted system's kernel
version is different from the /run/current-system profile's one.
2016-06-11 21:13:37 +02:00
Luca Bruno
dbed53a79f
gnome3: add gnome-session debug option
2016-06-11 16:47:14 +02:00
Nikolay Amiantov
f28ab85f2e
parsoid service: use default node
2016-06-11 03:04:03 +03:00
Peter Simons
61dba074c7
Merge pull request #16082 from uwap/master
...
Postfix: Add an option to enable Submission
2016-06-10 15:15:52 +02:00
uwap
1e72706d66
Change default to postfix default.
2016-06-10 15:10:28 +02:00
uwap
ab0547b16f
Choose a better default for services.postfix.submissionOptions
2016-06-10 14:51:43 +02:00
Joachim Fasting
c1cb5ca57e
oauth2_proxy module: fix manual build
2016-06-10 01:02:40 +02:00
Joachim Fasting
e2e2840aa7
Merge pull request #15283 from jml/oauth2proxy-moduleu
...
oauth2_proxy: create new module for service
2016-06-09 22:52:17 +02:00
Thomas Tuegel
04ad2ebfb2
Merge branch 'kde-propagate'
2016-06-09 12:40:04 -05:00
Thomas Tuegel
c608230a61
nixos/kde5: include setup hook and icons with sddm theme
...
Fixes #16094 .
2016-06-09 12:39:10 -05:00
uwap
cc658b695a
Make submission options more flexible
2016-06-09 18:06:07 +02:00
Jonathan Lange
58599744ee
Add module for oauth2_proxy
2016-06-09 15:00:23 +01:00
Joachim Fasting
376ba5f17f
dnscrypt-proxy service: update resolver list
2016-06-09 14:03:40 +02:00
uwap
d1e4ee146d
Postfix: Add an option to enable Submission
...
Adds services.postfix.enableSubmission and services.postfix.extraSubmissionOptions to make it easy to enable submission in master.cf
2016-06-09 00:15:55 +02:00
Hurshal Patel
3913aaeaad
xbanish service: init at 1.4
2016-06-07 23:58:06 -07:00
Thomas Tuegel
dc7d5231d6
Merge branch 'plasma-5'
2016-06-07 08:47:19 -05:00
Luca Bruno
a72aba8c30
Merge pull request #14366 from NixOS/gnome-3.20
...
gnome3.20: init at 3.20.0
2016-06-07 14:23:08 +02:00
Thomas Tuegel
4eebb77df2
Revert "nixos/kde5: install oxygen-fonts and noto-fonts"
...
This reverts commit 285061d50c
.
2016-06-07 06:24:23 -05:00
Thomas Tuegel
9dcbc4b015
nixos/kde5: install plasma-integration
...
frameworkintegration was split with plasma-integration in Plasma 5.6.
2016-06-07 06:20:29 -05:00
Thomas Tuegel
285061d50c
nixos/kde5: install oxygen-fonts and noto-fonts
2016-06-07 06:20:11 -05:00
Arseniy Seroka
c9f8cc4bf4
Merge pull request #15991 from womfoo/openldap
...
openldap: fix example for multiple-outputs and formatting
2016-06-06 22:22:49 +03:00