1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-20 04:31:52 +00:00
Commit graph

1268 commits

Author SHA1 Message Date
worldofpeace 266db0820e rl-1909: note changes to gnome3 defaults 2019-09-01 18:27:28 -04:00
worldofpeace acced1a381 rl-1909: note gnome3 profile style options 2019-09-01 18:27:28 -04:00
adisbladis f140dfb161
nixos/desktop-managers/xterm: Disable by default
It's a confusing default for some display managers that will default
to it even when you have defined another display manager.
2019-09-01 22:17:35 +01:00
Ben Wolsieffer 9e5aa25c53 sd-image: don't use installer.cloneConfig option that is not imported
This once again allows sd-image.nix to imported standalone to build SD images
of arbitrary NixOS systems.
2019-09-01 14:15:33 -04:00
William Casarin cec822a7bb release-notes: add altcoins removal note
Release notes for #67687 (bc08b42da4) [1]
Related issue: #25025 [2]

[1] https://github.com/NixOS/nixpkgs/issues/67687
[2] https://github.com/NixOS/nixpkgs/issues/25025

Suggested-by: @mmahut
Signed-off-by: William Casarin <jb55@jb55.com>
2019-09-01 10:03:18 -07:00
Florian Jacob 18a5d23b55 nixos/printers: declarative configuration 2019-09-01 15:38:30 +02:00
Florian Klink 8680f72c88 nixos/redis: add changelog for #67768 2019-09-01 14:12:47 +02:00
Florian Klink ff2fd6c4e5 nixos/redis: unbreak module
The redis module currently fails to start up, most likely due to running
a chown as non-root in preStart.

While at it, I hardcoded it to use systemd's StateDirectory and
DynamicUser to manage directory permissions, removed the unused
appendOnlyFilename option, and the pidFile option.

We properly tell redis now it's daemonized, and it'll use notify support
to signal readiness.
2019-09-01 14:08:42 +02:00
worldofpeace fcec3ff0dc rl-1909: add note about default emoji font 2019-09-01 00:12:12 -04:00
Florian Klink 645de3b611
Merge pull request #67840 from flokli/systemd-sysctl-sysrq-rl
release-notes: mention restricted SysRq key combinations
2019-09-01 03:59:34 +02:00
Marti Serra d3de35967a crashplan, crashplan-small-business: remove pkg and module 2019-09-01 03:25:19 +02:00
Florian Klink c48170ac02 release-notes: mention restricted SysRq key combinations
This was missing from #66482.
2019-08-31 18:44:35 +02:00
Florian Klink 4e586dea50
Merge pull request #63773 from flokli/installation-device-fixes
installation-device.nix: explain sshd usage, don't include clone-config
2019-08-31 02:59:23 +02:00
worldofpeace 0d220e4ed6 nixos/fontconfig-penultimate: disable by default
It currently lacks an emoji font-family which means it has to be
disabled for them to function [0].  Additionally it's fallen out of
necessity to ship custom font rendering settings (as far as I'm aware
of).

[0]: https://github.com/NixOS/nixpkgs/pull/67215
2019-08-30 19:50:30 -04:00
edef 722940fcdc nixos/release-notes: fix indentation 2019-08-30 19:32:25 +00:00
adisbladis 41d1b8fa88
emacsPackages: Drop old emacsPackages (non-NG) sets
These have been deprecated for a long time now and has not seen much maintenance.
2019-08-30 16:43:16 +01:00
Peter Simons 19a1e15501 rl-1909.xml: fix XML syntax error that broke the NixOS manual 2019-08-29 20:29:19 +02:00
Arian van Putten 604b7c139f Fix letsencrypt (#60219)
* nixos/acme: Fix ordering of cert requests

When subsequent certificates would be added, they would
not wake up nginx correctly due to target units only being triggered
once. We now added more fine-grained systemd dependencies to make sure
nginx always is aware of new certificates and doesn't restart too early
resulting in a crash.

Furthermore, the acme module has been refactored. Mostly to get
rid of the deprecated PermissionStartOnly systemd options which were
deprecated. Below is a summary of changes made.

* Use SERVICE_RESULT to determine status
This was added in systemd v232. we don't have to keep track
of the EXITCODE ourselves anymore.

* Add regression test for requesting mutliple domains

* Deprecate 'directory' option
We now use systemd's StateDirectory option to manage
create and permissions of the acme state directory.

* The webroot is created using a systemd.tmpfiles.rules rule
instead of the preStart script.

* Depend on certs directly

By getting rid of the target units, we make sure ordering
is correct in the case that you add new certs after already
having deployed some.

Reason it broke before:  acme-certificates.target would
be in active state, and if you then add a new cert, it
would still be active and hence nginx would restart
without even requesting a new cert. Not good!  We
make the dependencies more fine-grained now. this should fix that

* Remove activationDelay option

It complicated the code a lot, and is rather arbitrary. What if
your activation script takes more than activationDelay seconds?

Instead, one should use systemd dependencies to make sure some
action happens before setting the certificate live.

e.g. If you want to wait until your cert is published in DNS DANE /
TLSA, you could create a unit that blocks until it appears in DNS:

```
RequiredBy=acme-${cert}.service
After=acme-${cert}.service
ExecStart=publish-wait-for-dns-script
```
2019-08-29 16:32:59 +02:00
worldofpeace b49a76566d
Merge pull request #67626 from worldofpeace/xfce4-14-doc
rl-1909: add note about Xfce 4.14
2019-08-28 13:54:16 -04:00
worldofpeace 722746c056 rl-1909: add note about Xfce 4.14 2019-08-28 09:57:01 -04:00
Maximilian Bosch 56a7bc05e1
nixos/treewide: drop dependencies to keys.target
The `keys.target` is used to indicate whether all NixOps keys were
successfully uploaded on an unattended reboot. However this can cause
startup issues e.g. with NixOS containers (see #67265) and can block
boots even though this might not be needed (e.g. with a dovecot2
instance running that doesn't need any of the NixOps keys).

As described in the NixOps manual[1], dependencies to keys should be
defined like this now:

``` nix
{
  systemd.services.myservice = {
    after = [ "secret-key.service" ];
    wants = [ "secret-key.service" ];
  };
}
```

However I'd leave the issue open until it's discussed whether or not to
keep `keys.target` in `nixpkgs`.

[1] https://nixos.org/nixops/manual/#idm140737322342384
2019-08-27 18:55:55 +02:00
Silvan Mosberger 210756a450
nixos/pdns-recursor: implement a settings option (#67251)
nixos/pdns-recursor: implement a `settings` option
2019-08-27 14:34:32 +02:00
rnhmjoj d5f098a96c
nixos/doc: mention extraConfig -> settings change in pdns-recursor 2019-08-26 17:47:25 +02:00
Florian Klink 0fb17141fb nixos/systemd: enable cgroup accounting by default
If this is the default for OpenShift already, we probably can enable it
as well.

see https://github.com/openshift/machine-config-operator/pull/581
2019-08-25 22:26:12 +02:00
Alexander V. Nikolaev 885511cb5c rmilter: remove deprecated package (and module) 2019-08-24 17:33:48 +03:00
Samuel Leathers 5f06052e75
Merge pull request #31064 from disassembler/release-manager-docs
nixos docs: add release manager section
2019-08-24 09:42:02 -04:00
Samuel Leathers bb1b96373b
nixos docs: add release manager section 2019-08-23 10:10:12 -04:00
Robin Gloster 948b3e34a5
squid: remove v3, default to v4 2019-08-22 00:39:52 +02:00
Robin Gloster f4fc845e5b
Merge remote-tracking branch 'upstream/master' into openssl-1.1 2019-08-21 14:25:13 +02:00
Aaron Andersen 249b4ad942
Merge pull request #66492 from aanderse/extra-subservice-cleanup
nixos/httpd: extraSubservices cleanup
2019-08-20 18:55:08 -04:00
Florian Klink d6eb5b068f nixos/doc/clone-config.xml: add line about installation media = installation target 2019-08-19 16:34:06 +02:00
Florian Klink 1515afe879 nixos/doc: update installation-device.nix
This got quite outdated. We now have both the nixos and root user
available for example.
2019-08-19 16:34:06 +02:00
Florian Klink 93a03177f2
Merge pull request #66482 from flokli/systemd-sysctl
nixos/systemd: install sysctl snippets
2019-08-19 16:32:00 +02:00
Nikolay Amiantov 9b30cf0cb4 nixos release notes: mention systemd.packages changes 2019-08-19 13:25:15 +03:00
Florian Klink bafc256915 nixos/systemd: remove separate coredump module 2019-08-18 17:54:26 +02:00
Florian Klink 9be0327a49 nixos/systemd: install sysctl snippets
systemd provides two sysctl snippets, 50-coredump.conf and
50-default.conf.

These enable:
 - Loose reverse path filtering
 - Source route filtering
 - `fq_codel` as a packet scheduler (this helps to fight bufferbloat)

This also configures the kernel to pass coredumps to `systemd-coredump`.
These sysctl snippets can be found in `/etc/sysctl.d/50-*.conf`,
and overridden via `boot.kernel.sysctl`
(which will place the parameters in `/etc/sysctl.d/60-nixos.conf`.

Let's start using these, like other distros already do for quite some
time, and remove those duplicate `boot.kernel.sysctl` options we
previously did set.

In the case of rp_filter (which systemd would set to 2 (loose)), make
our overrides to "1" more explicit.
2019-08-18 17:54:26 +02:00
Florian Klink e5965bd489 nixos/sysctl: rename /etc/sysctl.d/nixos.conf -> 60-nixos.conf
sysctl.d(5) recommends prefixing all filenames in /etc/sysctl.d with a
two-digit number and a dash, to simplify the ordering of the files.

Some packages provide custom files, often with "50-" prefix.
To ensure user-supplied configuration takes precedence over the one
specified via `boot.kernel.sysctl`, prefix the file generated there with
"60-".
2019-08-18 17:54:26 +02:00
danbst d80cd26ff9 Merge branch 'master' into flip-map-foreach 2019-08-18 18:00:25 +03:00
Symphorien Gibol c3e1e64e4c remove all instances of nix-env -i without -A in the NixOS manual
motivation: https://nixos.wiki/wiki/FAQ/Why_not_use_nix-env_-i_foo%3F
2019-08-17 18:04:43 +02:00
Aaron Andersen efbdce2e96 nixos/mantisbt: drop unmaintained module 2019-08-15 21:01:23 -04:00
Aaron Andersen 265163da07 nixos/systemhealth: drop unmaintained module 2019-08-15 21:01:23 -04:00
Marek Mahut 08749c4860
Merge pull request #66588 from lschuermann/nixos-enter-silent
nixos-enter: add --silent to suppress activation script output
2019-08-15 10:22:27 +02:00
Matthew Bauer 011b12c3ca nixos: Add release notes for CUPS changes 2019-08-14 11:47:48 -04:00
worldofpeace dd49cf711e
Merge pull request #66338 from worldofpeace/installer/no-root
installer: Don't run as root
2019-08-14 11:20:54 -04:00
Leon Schuermann 415993d6b7 nixos-enter: silent activation script option
Also, fix a few shellcheck errors.
2019-08-13 23:48:58 +02:00
Aaron Andersen 6f6468bef3
Merge pull request #65728 from Infinisil/types-eithers
lib/types: Add oneOf, extension of either to a list of types
2019-08-13 11:48:42 -04:00
WilliButz 7a29431da9
Merge pull request #66561 from Ma27/document-user-services-on-rebuild
nixos/doc: document that services defined with `systemd.users` aren't restarted by nixos-rebuild
2019-08-13 16:43:40 +02:00
Maximilian Bosch 551230b7f6
nixos/doc: document that services defined with systemd.users aren't restarted by nixos-rebuild 2019-08-13 16:26:09 +02:00
WilliButz bab5455d80
Merge pull request #62914 from Ma27/improve-nixos-rebuild-manpage
doc/nixos-rebuild(8): add Nix options to summary
2019-08-13 15:54:51 +02:00
Marek Mahut c78fead206
Merge pull request #63735 from Ekleog/drop-old-kernels
manual: remind to drop kernels that will get EOL'd
2019-08-12 23:31:00 +02:00
worldofpeace 397c7d26fc installer: Don't run as root
There's many reason why it is and is going to
continue to be difficult to do this:

1. All display-managers (excluding slim) default PAM rules
   disallow root auto login.

2. We can't use wayland

3. We have to use system-wide pulseaudio

4. It could break applications in the session.
   This happened to dolphin in plasma5
   in the past.

This is a growing technical debt, let's just use
passwordless sudo.
2019-08-12 14:45:27 -04:00
worldofpeace e9e165fa23
Merge pull request #66449 from delroth/no-ibus-qt
nixos/ibus: do not default-install ibus-qt
2019-08-11 22:41:02 -04:00
Pierre Bourdon 67d1cf4707
nixos/ibus: do not default-install ibus-qt
ibus-qt has not seen a release in 5 years and is only relevant for Qt
4.x, which is becoming more and more rare. Using my current laptop as a
data point, ibus-qt is the only dependency left that drags in qt-4.8.7.
2019-08-10 19:37:12 +02:00
Domen Kožar 5ce8864c54
Merge pull request #66328 from domenkozar/nixos-options-doc
Extract NixOS options documentation generation to a function
2019-08-10 14:07:19 +02:00
Matthew Bauer ddf38a8241
Merge pull request #65002 from matthewbauer/binfmt-wasm
Add binfmt interpreter for wasm
2019-08-09 14:04:21 -04:00
Silvan Mosberger 013d403f30
nixos/dwm-status: add module (#51319)
nixos/dwm-status: add module
2019-08-09 15:39:50 +02:00
Domen Kožar 5cfd034af0
Extract NixOS options documentation generation to a function
Motivation is to support other repositories containing nixos
modules that would like to generate options documentation:

- nix-darwin
- private repos
- arion
- ??
2019-08-08 16:18:09 +02:00
Silvan Mosberger 9a44f44d4c
lib/types: Add oneOf, extension of either to a list of types 2019-08-06 14:08:42 +02:00
danbst 29ba0a0adf add release notes 2019-08-05 14:34:51 +03:00
Danylo Hlynskyi 7585496eff
Merge branch 'master' into flip-map-foreach 2019-08-05 14:09:28 +03:00
danbst 0f8596ab3f mass replace "flip map -> forEach"
See `forEach`-introduction commit.
```
rg 'flip map ' --files-with-matches | xargs sed -i 's/flip map /forEach /g'
```
2019-08-05 14:03:38 +03:00
danbst 91bb646e98 Revert "mass replace "flip map -> foreach""
This reverts commit 3b0534310c.
2019-08-05 14:01:45 +03:00
WilliButz 370370aa2c
nixos/release-notes: add note about prometheus-exporters 2019-08-02 18:50:02 +02:00
Susan Potter 6923b76eb5
nixos/doc+manual: change copyright year 2018->2019 2019-08-02 10:45:04 -05:00
Robin Gloster 30969073f0
Merge remote-tracking branch 'upstream/master' into openssl-1.1 2019-08-02 03:01:30 +02:00
adisbladis 9e9c6de50c
nodejs-8_x: Drop package
It will be EOL within the support period of 19.09
2019-08-02 02:34:47 +02:00
Aaron Andersen a1f738ba87
Merge pull request #62748 from aanderse/mediawiki
nixos/mediawiki: init service to replace httpd subservice
2019-07-31 22:12:23 -04:00
Robin Gloster 9b750c2474
shibboleth-sp: 2.6.1 -> 3.0.4.1 2019-07-30 00:06:12 +02:00
Silvan Mosberger d3dfe06c38
nixos/xserver: add option to install custom xkb layouts (#47764)
nixos/xserver: add option to install custom xkb layouts
2019-07-26 20:43:37 +02:00
rnhmjoj e91f0c38c0
docs/xserver: use <note> tag for notes 2019-07-26 18:08:05 +02:00
rnhmjoj 3effc55b5b
docs/xserver: document xserver.extraLayouts 2019-07-26 18:08:04 +02:00
Léo Gaspard 5f33bcd953
matrix-synapse: fix documentation better 2019-07-25 15:37:32 +02:00
Aaron Andersen ebd9067473 nixos/mediawiki: add release notes for 19.09 2019-07-23 22:03:20 -04:00
Aaron Andersen 72ef4786e1
Merge pull request #64151 from aanderse/httpd-extraSubservices
nixos/httpd: module cleanup
2019-07-23 21:58:40 -04:00
Maximilian Bosch 3944aa051c
nixos/nextcloud: write config to additional config file
One of the main problems of the Nextcloud module is that it's currently
not possible to alter e.g. database configuration after the initial
setup as it's written by their imperative installer to a file.

After some research[1] it turned out that it's possible to override all values
with an additional config file. The documentation has been
slightly updated to remain up-to-date, but the warnings should
remain there as the imperative configuration is still used and may cause
unwanted side-effects.

Also simplified the postgresql test which uses `ensure{Databases,Users}` to
configure the database.

Fixes #49783

[1] https://github.com/NixOS/nixpkgs/issues/49783#issuecomment-483063922
2019-07-22 18:29:52 +02:00
WilliButz 294bed66dc
nixos/release-notes: add note about nginx-exporter 2019-07-22 16:41:10 +02:00
Aaron Andersen 9b970d07f3 nixos/httpd: drop postgresql reference 2019-07-20 18:36:24 -04:00
Aaron Andersen 0fd69629c7 nixos/httpd: mark extraSubservices option as deprecated 2019-07-20 18:36:19 -04:00
Graham Christensen d51b522a6e
Merge pull request #64052 from aanderse/tomcat-connector
nixos/httpd: drop tomcat-connector httpd subservice
2019-07-19 15:25:44 -04:00
Matthew Bauer 857f7fb4af nixos/binfmt: update release notes and provide examples 2019-07-17 17:09:20 -04:00
Linus Heckemann a935eff7fa
Merge pull request #62835 from lheckemann/ipv6-privacy-extensions
Ipv6 privacy extensions
2019-07-14 19:27:54 +02:00
danbst 3b0534310c mass replace "flip map -> foreach"
See `foreach`-introduction commit.
```
rg 'flip map ' --files-with-matches | xargs sed -i 's/flip map /foreach /g'
```
2019-07-14 13:46:10 +03:00
Léo Gaspard 8f38f0341c
Merge pull request #63639 from Ekleog/fix-matrix-doc
matrix-synapse: fix documentation
2019-07-13 18:17:14 +02:00
Aaron Andersen c13fbe0551
Merge pull request #63844 from aanderse/zabbix-cleanup
nixos/zabbix: overhaul package & module
2019-07-12 06:12:51 -04:00
Aaron Andersen 08286b4f29 nixos/httpd: drop tomcat-connector httpd subservice 2019-07-11 20:58:55 -04:00
Aaron Andersen 649ec93c37 foswiki: drop package & httpd subservice 2019-07-11 19:46:30 -04:00
Aaron Andersen 6a1de5460b nixos/httpd: remove broken trac subservice 2019-07-11 19:19:27 -04:00
Aaron Andersen 6891fb4103 nixos/zabbixWeb: replace httpd subservice with new module 2019-07-11 18:45:46 -04:00
Aaron Andersen ca336ac985
Merge pull request #64050 from aanderse/mercurial
nixos/httpd: drop mercurial httpd subservice
2019-07-09 12:54:01 -04:00
Ben Wolsieffer d82840dbd1 nixos/release-notes: fix bad merge of cargo-vendor entry and overall indentation 2019-07-08 21:13:58 -04:00
adisbladis d614edeb32
Revert Nodejs-8_x deprecation
This was supposed to go through a pull request

Revert "nodePackages: Regenerate node packages for nodejs 10 & 12"
This reverts commit 6a17bdf397.

Revert "nodejs-8_x: Drop package"
This reverts commit e06c97b71d.
2019-07-05 12:23:27 +01:00
adisbladis e06c97b71d
nodejs-8_x: Drop package
It will be EOL within the support period of 19.09
2019-07-05 12:21:42 +01:00
Danylo Hlynskyi d0e3c02a49
Merge pull request #63954 from nh2/consul-1.5.2
consul: 1.4.2 -> 1.4.4 -> 1.5.2
2019-07-04 19:55:39 +03:00
Elis Hirwing 80c7463a92
php: drop 7.1
PHP 7.1 is currently on life support, as in only recieving security related patches.

This will only continue until: 2019-12-01

This date are in the middle of the 19.09 lifecycle. So it would be
nice to not have it in the 19.09 stable release. Dropping it now would
also result in less maintanance in updating them.

The death dates can be seen on following links:
 - https://endoflife.date/php
 - https://php.net/supported-versions.php
 - https://en.wikipedia.org/wiki/PHP#Release_history
2019-07-04 14:31:49 +02:00
Aaron Andersen b9e68389d1 nixos/wordpress: add release notes for 19.09 2019-07-03 11:50:34 -04:00
Aaron Andersen f2a499549f nixos/httpd: drop mercurial httpd subservice 2019-07-01 15:34:00 -04:00
Niklas Hambüchen 9d17e5e77c manual: Add consul upgrade notes 2019-06-30 17:08:08 +02:00
Matthias Beyer fe6bb17872 Add missing semicolon (#63919)
Signed-off-by: Matthias Beyer <mail@beyermatthias.de>
2019-06-29 15:52:21 +00:00
Léo Gaspard 6a2abeb6b4
Update nixos/doc/manual/development/releases.xml
Co-Authored-By: Alyssa Ross <hi@alyssa.is>
2019-06-24 18:57:24 +02:00
Léo Gaspard 980b5e0c88 manual: remind to drop kernels that will get EOL'd 2019-06-24 17:11:54 +02:00