1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-28 00:22:13 +00:00
Commit graph

6519 commits

Author SHA1 Message Date
Bob van der Linden f09fb4d4dd
nixos/tt-rss: /var/run -> /run 2019-03-24 21:15:32 +01:00
Bob van der Linden 9b100c4e6f
nixos/selfoss: /var/run -> /run 2019-03-24 21:15:32 +01:00
Bob van der Linden cdc6f2e484
nixos/restya-board: /var/run -> /run 2019-03-24 21:15:31 +01:00
Bob van der Linden bde23ec9a3
nixos/codimd: /var/run -> /run 2019-03-24 21:15:31 +01:00
Bob van der Linden 60481ba3fd
nixos/hologram-agent: /var/run -> /run 2019-03-24 21:15:30 +01:00
Bob van der Linden 798931135e
nixos/fcron: /var/run -> /run 2019-03-24 21:15:30 +01:00
Bob van der Linden 0cf1944c36
nixos/cups: /var/run -> /run 2019-03-24 21:15:30 +01:00
Bob van der Linden 323e8ef375
nixos/xrdp: /var/run -> /run 2019-03-24 21:15:29 +01:00
Bob van der Linden 210b7134d3
nixos/wpa_supplicant: /var/run -> /run 2019-03-24 21:15:29 +01:00
Bob van der Linden b9e27ec43e
nixos/supplicant: /var/run -> /run 2019-03-24 21:15:29 +01:00
Bob van der Linden 8062476f73
nixos/raccoon: /var/run -> /run 2019-03-24 21:15:28 +01:00
Bob van der Linden 34738dea2a
nixos/ocserv: /var/run -> /run 2019-03-24 21:15:28 +01:00
Bob van der Linden cc5f08fed8
nixos/miniupnpd: /var/run -> /run 2019-03-24 21:15:28 +01:00
Bob van der Linden 321bc431cc
nixos/lldpd: /var/run -> /run 2019-03-24 21:15:27 +01:00
Bob van der Linden 1e48222cbe
nixos/ircd-hybrid: /var/run -> /run 2019-03-24 21:15:27 +01:00
Bob van der Linden 937e733c04
nixos/htpdate: /var/run -> /run 2019-03-24 21:15:26 +01:00
Bob van der Linden 1a567685b2
nixos/hostapd: /var/run -> /run 2019-03-24 21:15:26 +01:00
Bob van der Linden 82dee48ef2
nixos/bind: /var/run -> /run 2019-03-24 21:15:26 +01:00
Bob van der Linden 9afbe4c2bd
nixos/avahi-daemon: /var/run -> /run 2019-03-24 21:15:25 +01:00
Bob van der Linden 08558245a4
nixos/asterisk: /var/run -> /run 2019-03-24 21:13:19 +01:00
Dmitry Kalinkin cf7f234ff5
Merge pull request #57527 from Chiiruno/dev/meguca
Init: statik, Update: easyjson, quicktemplate, meguca, hydron
2019-03-24 15:26:37 -04:00
worldofpeace ffe35f3f76 nixos/pantheon: add meta.maintainers 2019-03-24 07:04:28 -04:00
worldofpeace f812cba2cf nixos/pantheon/files: add meta.maintainers 2019-03-24 07:04:28 -04:00
worldofpeace 415bceed8e nixos/pantheon/contractor: add meta.maintainers 2019-03-24 07:04:28 -04:00
worldofpeace 3565b1775a nixos/gsignond: add meta.maintainers 2019-03-24 07:04:28 -04:00
Dmitry Kalinkin 6f95ac3588
Merge pull request #57988 from lopsided98/buildbot-update
buildbot: 1.8.1 -> 2.1.0
2019-03-23 20:38:20 -04:00
markuskowa d71472beaf
Merge pull request #57434 from ck3d/user-dwm
nixos dwm: start user installed dwm if available
2019-03-23 23:49:34 +01:00
Francesco Gazzetta 58f682742e nixos/zeronet: add fileserverPort option
Without it, zeronet tried to write one to the read-only config file and
crashed
2019-03-23 17:58:57 +01:00
Ben Gamari 2036550a46 nixos/docker-registry: Allow use of non-filesystem storage
Previously this module precluded use of storage backends other than
`filesystem`. It is now possible to configure another storage backend
manually by setting `services.dockerRegistry.storagePath` to `null` and
configuring the other backend via `extraConfig`.
2019-03-23 10:32:56 +00:00
tv 59fac1a6d7 nixos/nginx: use writeNginxConfig 2019-03-23 11:16:14 +01:00
Frederik Rietdijk 23e431387b Merge staging-next into staging 2019-03-23 09:20:09 +01:00
Okina Matara 40d7079f79
nixos/meguca: Add videoPaths, set postgresql version to 11 2019-03-23 01:19:29 -05:00
Ben Wolsieffer b2e11e0cdf buildbot: 1.8.1 -> 2.1.0 2019-03-22 18:43:15 -04:00
Averell Dalton 028a4b6a53 plex: 1.14.1.5488 -> 1.15.2.793 2019-03-22 20:33:22 +01:00
Sarah Brofeldt 78c95f561f
Merge pull request #58031 from dotlambda/elasticsearch-curator-application
elasticsearch-curator: add top-level package using older click
2019-03-22 20:11:54 +01:00
Dmitry Kalinkin 0e57b98b2c
Merge pull request #57596 from artemist/nginx-return
nixos/nginx: add return option to location
2019-03-22 14:08:33 -04:00
Vladimír Čunát 4c3ec0e325
nixos docs: run the formatting tool (no content change)
As documented in the docs themselves :-)
2019-03-22 14:44:11 +01:00
Vladimír Čunát 11d204a9c4
nixos docs: improve GPU driver documentation
I'm not 100% sure about the incompatibility lines,
but I believe it's better to discourage these anyway.
If you find better information, feel free to amend...

The 32-bit thing is completely GPU-agnostic, so I can't see why we had
it separately for proprietary drivers and missing for the rest.
2019-03-22 14:31:17 +01:00
Wael M. Nasreddine 5af0780492
Merge remote-tracking branch 'origin/master' into staging
* origin/master: (693 commits)
  buildGoModule: use go_1_12 instead of go_1_11 (#58103)
  gitAndTools.lab: 0.15.2 -> 0.15.3 (#58091)
  signal-desktop: 1.22.0 -> 1.23.0
  added missing semicolon to documentation
  terminus_font_ttf: 4.46.0 -> 4.47.0
  buildGoModule: remove SSL env vars in favor of cacert in buildInputs (#58071)
  dav1d: init at 0.2.1
  dropbox-cli: 2018.11.28 -> 2019.02.14
  atlassian-confluence: 6.14.1 -> 6.14.2
  maintainers: update email for dywedir
  python.pkgs.hglib: use patch to specify hg path (#57926)
  chkrootkit: 0.52 -> 0.53
  radare2-cutter: 1.7.2 -> 1.8.0
  autorandr: 1.7 -> 1.8
  pythonPackages.pyhepmc: fix build
  llvm-polly/clang-polly: use latest llvm
  apulse: 0.1.11.1 -> 0.1.12, cleanup
  factorio: experimental 0.17.14 → 0.17.16 (#58000)
  sequeler: 0.6.7 -> 0.6.8
  nasc: 0.5.1 -> 0.5.2
  ...
2019-03-21 21:01:25 -07:00
Robert Schütz c0409de98d elasticsearch-curator: add top-level package using older click
See https://github.com/NixOS/nixpkgs/pull/58023 for a discussion
of why this is necessary. The upstream issue can be found at
https://github.com/elastic/curator/pull/1280.
2019-03-21 11:53:32 +01:00
Samuel Leathers cafd07a54e
Merge pull request #56423 from Izorkin/nginx-unit
unit: add service unit and update package
2019-03-20 13:08:05 -04:00
Bob van der Linden 40679eb3c8 nixos/zabbix: /var/run -> /run 2019-03-20 00:02:46 +01:00
Bob van der Linden 3068252913 nixos/nagios: /var/run -> /run 2019-03-20 00:02:45 +01:00
Bob van der Linden 78acc82432 nixos/svnserve: /var/run -> /run 2019-03-20 00:02:45 +01:00
Bob van der Linden 3f17dcbbfd nixos/spice-vdagentd: /var/run -> /run 2019-03-20 00:02:45 +01:00
Bob van der Linden 231d815721 nixos/mbpfan: /var/run -> /run 2019-03-20 00:02:45 +01:00
Bob van der Linden e1376ddd3d nixos/matrix-synapse: /var/run -> /run 2019-03-20 00:02:45 +01:00
Bob van der Linden c67f2f0815 nixos/spamassassin: /var/run -> /run 2019-03-20 00:02:44 +01:00
Bob van der Linden edd5c88086 nixos/postgrey: /var/run -> /run 2019-03-20 00:02:44 +01:00
Bob van der Linden 0438ad4712 nixos/pfix-srsd: /var/run -> /run 2019-03-20 00:02:44 +01:00
Bob van der Linden e8434784bd nixos/rethinkdb: /var/run -> /run 2019-03-20 00:02:43 +01:00
Bob van der Linden af0380997f nixos/redis: /var/run -> /run 2019-03-20 00:02:43 +01:00
Bob van der Linden 09d3ea4f67 nixos/openldap: /var/run -> /run 2019-03-20 00:02:43 +01:00
Bob van der Linden 660ee99293 nixos/mongodb: /var/run -> /run 2019-03-20 00:02:43 +01:00
Bob van der Linden 651f05c47c nixos/couchdb: /var/run -> /run 2019-03-20 00:02:42 +01:00
Bob van der Linden 66fb3aa1be nixos/bacula: /var/run -> /run 2019-03-20 00:01:45 +01:00
Jörg Thalheim b488c60cdb network-manager: rename systemd service back to match upstream
Compatibility with other distributions/software and expectation
of users coming from other systems should have higher priority over consistency.
In particular this fixes #51375, where the NetworkManager-wait-online.service
broke as a result of this.
2019-03-19 23:48:08 +01:00
Yurii Izorkin f56d507e06 nixos/datadog-agent: change start command (#57871) 2019-03-18 13:31:04 -07:00
Izorkin 42a99b1be2 nixos/unit: init service unit 2019-03-16 19:54:21 +03:00
Vladimír Čunát 3aecf21239
Merge #56922: nixos/knot: init basic service + tests 2019-03-16 09:17:15 +01:00
Janne Heß b0daedd371 nixos/icingaweb2: Replace most options with toINI 2019-03-15 20:35:29 +01:00
Florian Jacob 5bec5e8cb1 nixos/mysql: specify option types 2019-03-15 16:32:36 +01:00
Silvan Mosberger f8de52a2fe
Revert "nixos/nginx: support h2c" 2019-03-15 14:31:11 +01:00
Markus 2e29412e9c nixos/kubernetes: Add proxy client certs to apiserver 2019-03-15 13:21:43 +00:00
Ryan Mulligan 4b6a41a939
Merge pull request #57077 from callahad/brother-dsseries
dsseries: init at 1.0.5-1
2019-03-14 21:17:31 -07:00
aszlig ef553788d0
postgresql: Move socket dir to /run/postgresql
The default, which is /tmp, has a few issues associated with it:

One being that it makes it easy for users on the system to spoof a
PostgreSQL server if it's not running, causing applications to connect
to their provided sockets instead of just failing to connect.

Another one is that it makes sandboxing of PostgreSQL and other services
unnecessarily difficult. This is already the case if only PrivateTmp is
used in a systemd service, so in order for such a service to be able to
connect to PostgreSQL, a bind mount needs to be done from /tmp to some
other path, so the service can access it. This pretty much defeats the
whole purpose of PrivateTmp.

We regularily run into issues with this in the past already (one example
would be https://github.com/NixOS/nixpkgs/pull/24317) and with the new
systemd-confinement mode upcoming in
https://github.com/NixOS/nixpkgs/pull/57519, it makes it even more
tedious to sandbox services.

I've tested this change against all the postgresql NixOS VM tests and
they still succeed and I also grepped through the source tree to replace
other occasions where we might have /tmp hardcoded. Luckily there were
very few occasions.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @ocharles, @thoughtpolice, @danbst
2019-03-15 04:52:35 +01:00
Silvan Mosberger fb879ae920
Merge pull request #57174 from worldofpeace/pantheon/cleanup
nixos/pantheon cleanup
2019-03-15 01:26:49 +01:00
Matthew Bauer b703c4d998 plasma5: fix typo from pr #57037
Thanks @Yarny0
2019-03-14 14:09:13 -04:00
Martin Weinelt a978d3dcd2
nixos/knot: init 2019-03-14 01:28:53 +01:00
Artemis Tosini fee854ed01
nixos/nginx: add return option to location 2019-03-13 17:31:01 +00:00
Andrew Childs c53703a6b2 nixos/prometheus: use append instead of insert for opening firewalls (#55224)
Inserting with `-I` causes the rules to placed before `ctstate`
tracking, while `-A` places them alongside all other allow rules.
2019-03-13 12:44:36 +02:00
Markus 7e71cd8292 nixos/flannel: Add iptables package to service path 2019-03-12 15:30:33 +00:00
Johan Thomsen 292c1ce7ff nixos/gitlab: added gzip and bzip2 as dependencies for gitaly 2019-03-12 15:04:45 +00:00
Matthew Bauer 7890494813
Merge pull request #57037 from matthewbauer/remove-xdg-desktop-menu-dummy
plasma: handle kbuildsycoca5 better
2019-03-11 22:58:40 -04:00
Christian Kögler 9f7f16cd7b nixos dwm: start user installed dwm if available
dwm has no configuration file. The user has to install his own version.
2019-03-11 20:18:08 +01:00
Christian Albrecht e3a80ebc40
Cleanup pki: remove mkWaitCurl 2019-03-11 12:22:59 +01:00
Christian Albrecht 45e683fbd6
Cleanup pki: control-plane-online 2019-03-11 12:22:59 +01:00
Christian Albrecht 50c5f489ef
Cleanup pki: scheduler 2019-03-11 12:22:53 +01:00
Christian Albrecht 46653f84c9
Cleanup pki: proxy 2019-03-11 12:22:49 +01:00
Christian Albrecht 73657b7fcf
Cleanup pki: kubelet 2019-03-11 12:22:44 +01:00
Christian Albrecht ea6985ffc1
Cleanup pki: flannel 2019-03-11 12:22:40 +01:00
Christian Albrecht ce83dc2c52
Cleanup pki: controller-manager 2019-03-11 12:22:36 +01:00
Christian Albrecht 8ab50cb239
Cleanup pki: apiserver and etcd 2019-03-11 12:22:31 +01:00
Christian Albrecht ee9dd4386a
Cleanup pki: addon-manager 2019-03-11 12:16:58 +01:00
worldofpeace 36d4dba317 nixos/pantheon: more mkDefault 2019-03-09 17:29:29 -05:00
worldofpeace c41a2d28d3 nixos/pantheon: cleanup systemPackages
We don't need gnome-bluetooth because its executables
path is already hardcoded into the contractor file, as that's
the only place it is needed.
Don't think we need gnome-power-manager either.

Also add programs like geary to removePackagesByName.
2019-03-09 17:29:08 -05:00
Silvan Mosberger 6ad76ff1ba
Merge pull request #52096 from furrycatherder/davmail
nixos/davmail: init
2019-03-09 22:41:55 +01:00
Pierre Bourdon 18bc8203a1
nixos/firewall: canonicalize firewall ports lists
Fixes #56086.
2019-03-09 20:02:04 +01:00
Pierre Bourdon 843215ac1c
nixos/firewall: use types.port where appropriate 2019-03-09 19:45:11 +01:00
Sean Haugh f2730d881b nixos/davmail: init
Co-authored-by: Aaron Andersen <aaron@fosslib.net>
Co-authored-by: Silvan Mosberger <infinisil@icloud.com>
2019-03-09 12:05:15 -06:00
scaroo 56aa491ad7 zonminder: Fix database name and username
PR #56889 messed up db and use naming while fixing the scope of the initialDatabases property.
This patch fixes the issue.
2019-03-09 17:21:29 +01:00
worldofpeace fa64c63fa0
Merge pull request #56552 from worldofpeace/elementary-screenshot-tool/fix-conceal-text
pantheon.elementary-screenshot-tool: fix conceal text
2019-03-09 11:03:37 -05:00
Alexandre Mazari d7f6cdeda4 Fix locally created database (#56889)
* zoneminder: fix initial database creation

Move initialDatabases directive from the 'ensureUsers' scope to the correct outer 'mysql' one.

* zoneminder: Fix mysql username to match unix username

When database.createLocally is used, a mysql user is created with the ensureUsers directive.
It ensures that the unix user with the name provided exists and can connect to MySQL through socket.
Thus, the MySQL username used by php/perl scripts must match the unix user owning the server PID.

This patch sets the default mysql user to 'zoneminder' instead of 'zmuser'.
2019-03-09 17:57:39 +02:00
Jonas Juselius 279716c330 nixos/kubernetes: add dns addonmanger reconcile mode option (#55834)
Allow coredns ConfigMap and Depolyment to be editable by the user. An use
case is augmenting the default, generated dns records with local services.
2019-03-09 12:57:41 +02:00
aanderse d800bd923f nixos/redmine: replace imagemagickBig with imagemagick (#57078) 2019-03-08 23:47:11 +01:00
Jordan Johnson-Doyle 04425c6223
nixos/nginx: support h2c 2019-03-08 17:50:46 +00:00
Silvan Mosberger a540993d62
Merge pull request #56171 from bachp/tautulli
tautulli/plexpy: 1.4.25 -> 2.1.26 (renamed)
2019-03-08 16:52:40 +01:00
Silvan Mosberger 21c6592a42
Merge pull request #56987 from bachp/nextcloud-ocm-provider
nixos/nextcloud: fix escapings and ocm-provider
2019-03-08 16:49:36 +01:00
Bas van Dijk e44e2455d3 strongswan-swanctl: fix module by setting the new SWANCTL_DIR envvar 2019-03-08 16:11:38 +01:00
Dan Callahan c80385d934
dsseries: init at 1.0.5-1 2019-03-08 15:02:22 +00:00
Silvan Mosberger 9fa52ae9a2
Merge pull request #56589 from johanot/kubernetes-module-stabilization
nixos/kubernetes: minor module fixes
2019-03-08 15:47:15 +01:00
Christian Albrecht 154356d820
nixos/kubernetes: Fix kube-control-plane-online must not be present
outside kubernetes module.
2019-03-08 09:36:59 +01:00
Johan Thomsen 80c4fd4f85 nixos/kubernetes: minor module fixes
- mkDefault etcd instance name
- make sure ca-cert in mkKubeConfig can be overriden
- fix controller-manager "tls-private-key-file" flag name
2019-03-08 09:18:51 +01:00
Ryan Mulligan 18f6dbe6be nixos/hdaps: automatically enable the hdapsd kernel module (#56309)
patch by hpoussin via
https://discourse.nixos.org/t/hdapsd-automatically-enable-the-hdapsd-kernel-module/2183
2019-03-08 09:50:02 +02:00
Silvan Mosberger 0036842e8d
Merge pull request #57006 from kyren/bepasty-fix
nixos/bepasty: switch to python3Packages to match bepasty package
2019-03-08 01:54:48 +01:00
Silvan Mosberger 4a9a596fbf
Merge pull request #56625 from aanderse/phpfpm
set phpOptions per phpfpm pool, instead of applying to every phpfpm pool
2019-03-08 01:53:18 +01:00
Matthew Bauer 393b359f13 plasma: handle ksycoca5 better
- Remove xdg-desktop-menu-dummy.menu kbuildsycoca5. Not sure why we
  need it but it is a pretty big failure if it exists.
  See issue #56176.

- plasma: clear ksycoca cache before building

  This is needed to pick up on software removed since the last cache
  update. Otherwise it hangs around as zombies forever (or until the
  cache is cleared).

- Add the above + the icon cache cleanup to plasmaSetup

  This will be run for the logged in user on each nixos-rebuild.
  Unfortunately this only works if you are managing software through
  nixos-rebuild (nix-env users need to run this manually, otherwise
  log out and log back in).
2019-03-07 15:11:04 -05:00
Silvan Mosberger 34e67f3f9f
Merge pull request #56578 from serokell/youtrack-hostname
youtrack: add hostname to path
2019-03-07 18:56:29 +01:00
Christian Höppner c568dad253
nixos/youtrack: add hostname to path 2019-03-07 17:21:20 +01:00
Janne Heß 2a6f518b90 nixos/openldap: Fix quoting of log level 2019-03-07 14:19:50 +01:00
kyren 4bf1d8c67d nixos/bepasty: switch to python3Packages to match bepasty package
I think the bepasty nixos service has been broken since c539c02, since
bepasty changed from using python2.7 to python3.7.  This updates the
nixos module to refer to the matching python version.
2019-03-06 22:18:59 -05:00
Silvan Mosberger 502a4263a3
Merge pull request #55936 from tobim/modules/snapserver
nixos/snapserver: init
2019-03-07 00:00:48 +01:00
Tobias Mayer 085751b63b nixos/snapserver: init
A nixos module for configuring the server side of pkgs.snapcast.
The module is named "snapserver" following upstream convention.
This commit does not provide module for the corresponding client.

Fix handling of port and controlPort

Fix stream uri generation & address review

Remove unused streams options & add description

Add missing description & Remove default fs path

Use types.port for ports & formatting improvements

Force mpd and mopidy to wait for snapserver
2019-03-06 23:40:05 +01:00
Pascal Bach 415b927653 nixos/nextcloud: fix escapings and ocm-provider 2019-03-06 21:56:27 +01:00
Christian Albrecht ff382c18c8
nixos/kubernetes: Address review: Move remaining paths to pki 2019-03-06 17:56:28 +01:00
Christian Albrecht e148cb040b
nixos/kubernetes: Address review: rename node-online target 2019-03-06 17:17:20 +01:00
Christian Albrecht 5684034693
nixos/kubernetes: Address review: Remove restart from certmgr bootstrap service 2019-03-06 16:55:13 +01:00
Christian Albrecht 7323b77435
nixos/kubernetes: Address review: Separate preStart from certificates 2019-03-06 16:55:08 +01:00
Christian Albrecht 52fe1d2e7a
nixos/kubernetes: Address review: Move controller manager paths into pki 2019-03-06 16:55:04 +01:00
Christian Albrecht 6e9037fed0
nixos/kubernetes: Address review: Move bootstrapping addons into own service 2019-03-06 16:54:50 +01:00
Christian Albrecht ff91d5818c
nixos/kubernetes: Address review: Rename targets and move proxy to node-online.target 2019-03-06 16:54:22 +01:00
Janne Heß 3de5726e9b nixos/nginx: Support additional listen parameters (#56835) 2019-03-06 11:42:46 +02:00
Wael Nasreddine 51fdca9cad
Merge pull request #56567 from Izorkin/datadog-agent
datadog-agent: update go packages and sub-packages
2019-03-05 16:59:21 -08:00
Silvan Mosberger 09c3fb0d75
Merge pull request #56774 from worldofpeace/mate/cleanup
nixos/mate: cleanup
2019-03-05 12:26:14 +01:00
Domen Kožar f60459a023
Merge pull request #55142 from FlorianFranzen/thinkfan_smart
thinkfan: add option for libatasmart support
2019-03-05 17:47:13 +07:00
worldofpeace a00c5e301e nixos/mate: cleanup 2019-03-04 21:07:01 -05:00
Silvan Mosberger f274fc8656
Merge pull request #56550 from Infinisil/doc/xrandr/monitorConfig
nixos/xserver: Point to man page for options available in monitorConfig
2019-03-04 22:08:15 +01:00
Silvan Mosberger 8f33ad7ca9
Merge pull request #56243 from aanderse/redmine
nixos/redmine: fix permissions & cleanup
2019-03-04 22:06:33 +01:00
worldofpeace 59f47088fb nixos/pantheon: add elementary-redacted-script to fonts
Needed by elementary-screenshot-tool to conceal text.
2019-03-04 14:11:15 -05:00
Peter Hoeg 011fe4a246
Merge pull request #56571 from peterhoeg/u/mqtt
mosquitto: 1.5.5 -> 1.5.8
2019-03-04 12:23:45 +08:00
Silvan Mosberger 8c4babb8ba
Merge pull request #53463 from OlivierMarty/master
nixos/duplicity: init
2019-03-04 01:22:29 +01:00
Christian Albrecht 74962bf767
nixos/kubernetes: No need to restart services besides certmgr
within the node join script, since certmgr is taking care of
restarting services.
2019-03-03 19:43:15 +01:00
Christian Albrecht 7df88bd802
nixos/kubernetes: Put dashboard service account into bootstrapAddons
to prevent errors in log about missing permissions when
addon manager starts the dashboard.
2019-03-03 19:43:15 +01:00
Christian Albrecht fd28c0a82a
nixos/kubernetes: Seed docker images before kubelet service start
to speed up startup time because it can be parallelized.
2019-03-03 19:43:14 +01:00
Christian Albrecht cf8389c904
nixos/kubernetes: Add longer timeouts for waiting services 2019-03-03 19:43:14 +01:00
Christian Albrecht 51aeaaffc2
nixos/kubernetes: flannel needs iptables in service path 2019-03-03 19:43:13 +01:00
Christian Albrecht 62f03750e4
nixos/kubernetes: Stabilize services startup across machines
by adding targets and curl wait loops to services to ensure services
are not started before their depended services are reachable.

Extra targets cfssl-online.target and kube-apiserver-online.target
syncronize starts across machines and node-online.target ensures
docker is restarted and ready to deploy containers on after flannel
has discussed the network cidr with apiserver.

Since flannel needs to be started before addon-manager to configure
the docker interface, it has to have its own rbac bootstrap service.

The curl wait loops within the other services exists to ensure that when
starting the service it is able to do its work immediately without
clobbering the log about failing conditions.

By ensuring kubernetes.target is only reached after starting the
cluster it can be used in the tests as a wait condition.

In kube-certmgr-bootstrap mkdir is needed for it to not fail to start.

The following is the relevant part of systemctl list-dependencies

default.target
● ├─certmgr.service
● ├─cfssl.service
● ├─docker.service
● ├─etcd.service
● ├─flannel.service
● ├─kubernetes.target
● │ ├─kube-addon-manager.service
● │ ├─kube-proxy.service
● │ ├─kube-apiserver-online.target
● │ │ ├─flannel-rbac-bootstrap.service
● │ │ ├─kube-apiserver-online.service
● │ │ ├─kube-apiserver.service
● │ │ ├─kube-controller-manager.service
● │ │ └─kube-scheduler.service
● │ └─node-online.target
● │   ├─node-online.service
● │   ├─flannel.target
● │   │ ├─flannel.service
● │   │ └─mk-docker-opts.service
● │   └─kubelet.target
● │     └─kubelet.service
● ├─network-online.target
● │ └─cfssl-online.target
● │   ├─certmgr.service
● │   ├─cfssl-online.service
● │   └─kube-certmgr-bootstrap.service
2019-03-03 19:39:02 +01:00
Christian Albrecht f9e2f76a59
nixos/kubernetes: Add systemd path units
to protect services from crashing and clobbering the logs when
certificates are not in place yet and make sure services are activated
when certificates are ready.

To prevent errors similar to "kube-controller-manager.path: Failed to
enter waiting state: Too many open files"
fs.inotify.max_user_instances has to be increased.
2019-03-03 19:34:57 +01:00
Andreas Rammhold 768336a74b
Merge pull request #56233 from jtojnar/nginx-tlsv13
nixos/nginx: Enable TLS 1.3 support
2019-03-03 14:19:38 +01:00
Aaron Andersen cddb117b96 nixos/icingaweb2, nixos/restya-board, nixos/zoneminder: set phpOptions per phpfpm pool, instead of applying to every phpfpm pool 2019-03-03 07:33:25 -05:00
worldofpeace 812b88f902 nixos/mate: use gsd module 2019-03-03 04:02:25 -05:00
Aaron Andersen 43258201b9 nixos/redmine: fix permissions & cleanup 2019-03-02 23:16:19 -05:00
Robert Schütz 77482629b0 nixos/home-assistant: use preferLocalBuild = true for configuration 2019-03-02 12:37:48 +01:00
Robert Schütz 971187eada nixos/home-assistant: account for "The Great Migration"
See https://developers.home-assistant.io/blog/2019/02/19/the-great-migration.html
and https://github.com/NixOS/nixpkgs/issues/55958#issuecomment-466793526.
2019-03-02 12:37:48 +01:00
worldofpeace a589f6e1dc
Merge pull request #56562 from worldofpeace/module/gsd
nixos/gnome-settings-daemon: init
2019-03-01 22:01:26 -05:00
Franz Pletz 542e384916
Merge pull request #56496 from bachp/nextcloud-nginx-recommended
nixos/nextcloud: Update recommended nginx settings
2019-03-02 01:18:18 +00:00
Julien Moutinho 2a61c058c6 rmilter: fix inetSocket
IPv6 address has to be between [] and the port after.
2019-03-02 01:12:21 +00:00
Franz Pletz e4808a6587
Merge pull request #56489 from Ma27/add-nextcloud-overwriteprotocol-option
nixos/nextcloud: add overwriteProtocol option
2019-03-02 00:21:26 +00:00
Pascal Bach 390b6108a2 nixos/nextcloud: don't make phpPackages configurable
It needs to match the version in phpfm which is hard coded.
So there is no point in being able to change it.
2019-03-02 00:16:57 +01:00
Pascal Bach f0c0b8d949 nixos/nextcloud: move phpPackage and phpOptions into pool
This allows to have a php configuration for nextcloud that is independent
of the global configuration.
2019-03-02 00:16:56 +01:00
Pascal Bach 8f1b163b00 nixos/nextcloud: use PHP 7.3 instead of 7.1 by default 2019-03-02 00:16:55 +01:00
Pascal Bach 7f8620900a nixos/nextcloud: update recommended nginx settings
This updates the configuration to the recommendations in
https://docs.nextcloud.com/server/15/admin_manual/installation/nginx.html
2019-03-02 00:16:55 +01:00
worldofpeace a2b665446a nixos/pantheon: use gnome-settings-daemon module 2019-03-01 14:55:12 -05:00
worldofpeace 5ce2eba776 nixos/gnome-settings-daemon: init 2019-03-01 14:55:12 -05:00
worldofpeace b5df81f1a1
Merge pull request #56553 from worldofpeace/plasma/xdg-user-dirs
nixos/plasma5: add xdg-user-dirs to create user directories
2019-03-01 13:25:58 -05:00
Peter Hoeg 0e40b7bfc2 mosquitto (nixos): notify systemd when started 2019-03-01 18:54:24 +08:00
David Duarte b381c27b58 nixos/coredns: init (#54931) 2019-03-01 11:10:44 +02:00
Frederik Rietdijk 2fcb11a244 Merge staging-next into master 2019-03-01 09:06:20 +01:00
Izorkin 35b6943507 datadog-trace-agent: trace-agent moved to datadog-agent 2019-03-01 10:47:02 +03:00
worldofpeace 2e5f64bb83 nixos/plasma5: add xdg-user-dirs to create user directories 2019-02-28 19:12:28 -05:00
Silvan Mosberger 94411a4c08
nixos/xserver: Point to man page for options available in monitorConfig 2019-03-01 00:44:19 +01:00
Yurii Izorkin fa20f98571 datadog-agent: 6.9.0 -> 6.10.0 (#56523) 2019-02-28 11:48:49 -08:00
Pascal Bach 8b3ffebcdc tautulli/plexpy: 1.4.25 -> 2.1.26 (renamed)
PlexPy was renamed to Tautulli.

This renames the module as well as the application accordingly.
Aliases are kept for backwards compatibility.

# Conflicts:
#	nixos/modules/services/misc/tautulli.nix
2019-02-28 19:07:00 +01:00
Aaron Andersen 51c897c37d nixos/plexpy: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-02-28 18:54:34 +01:00
José Romildo Malaquias 8705341dc9 mate: enable gvfs service (#56469) 2019-02-28 15:24:37 +01:00
Maximilian Bosch b42c24f7f2
nixos/nextcloud: add overwriteProtocol option
The overwriteprotocol option can be used to force Nextcloud to generate
URLs with the given protocol. This is useful for instances behind
reverse proxies that serve Nextcloud with HTTPS.

In this case Nextcloud can't determine the proper protocol and it needs
to be configured manually.
2019-02-27 22:14:35 +01:00
Dmitry Kalinkin c9d5546635
openafs: minor documentation fix 2019-02-26 14:49:59 -05:00
Tom F 9f07fa719c Document the addresses Alertmanager will listen on (#56409)
https://github.com/golang/go/issues/9334 describes how net.Listen (as used by Alertmanager):
* listens on 127.0.0.1 if the listenAddress is "localhost"
* listens on all interfaces if the listenAddress is ""
2019-02-26 14:59:11 +01:00
Matthieu Coudron 20bbfc39e4 services.nextcloud: add logLevel (#56400)
a vlaue between 0 and 4 to help debug problems
2019-02-26 09:18:08 +01:00
Jan Tojnar f93ff28c62 nixos/nginx: Enable TLS 1.3 support 2019-02-25 16:47:19 +01:00
Andreas Rammhold 64c60a813d nixos/gnunet: fix typo in PrivateTmp parameter (#56343)
Systemd expects `PrivateTmp` and not `PrivateTemp` in the service
configuration.

I found this by chance while grepping through nixpkgs…
2019-02-25 15:53:36 +01:00
Linus Heckemann dd25140305
Merge pull request #56326 from uvNikita/openssh/fix-socket
sshd: fix startWhenNeeded and listenAddresses combination
2019-02-25 12:06:11 +01:00
Elis Hirwing 0d3230f339
Merge pull request #56335 from Izorkin/nginx-fix-config
nginx: fix formating the config file
2019-02-25 10:59:37 +01:00
Nikita Uvarov 131e31cd1b
sshd: fix startWhenNeeded and listenAddresses combination
Previously, if startWhenNeeded was set, listenAddresses option was
ignored and daemon was listening on all interfaces.
Fixes #56325.
2019-02-25 00:51:58 +01:00
Izorkin 569248b3c2 nginx: fix formating the config file 2019-02-24 19:50:58 +03:00
Léo Gaspard 5fa2c13696
Merge pull request #56257 from pacien/synapse-0.99.1.1-homeserverscript
matrix-synapse: restore service wrapper script
2019-02-24 17:11:41 +01:00
Frederik Rietdijk c2eac6741b Merge master into staging-next 2019-02-24 09:19:12 +01:00
Elis Hirwing d7ba376435
Merge pull request #56280 from Izorkin/nginx-config
nginx: formating the config file
2019-02-24 08:57:31 +01:00
Izorkin 0394b177c7 nginx: formating the config file 2019-02-24 10:17:11 +03:00
Will Dietz b5c0aa9ea3
squeezelite: fix 'cfg' reference (#56271) 2019-02-23 18:28:02 -06:00
Ryan Mulligan 7776de07f4
Merge pull request #38033 from peterhoeg/f/slite
squeezelite: 2016-05-27 -> 2018-08-14
2019-02-23 15:10:06 -08:00
pacien cb15d762f4 Revert "nixos/matrix-synapse: use python to launch synapse"
This reverts commit eb753318b3.

The homeserver script has been restored with commit
0c663e9032.
2019-02-23 20:58:28 +01:00
Robert Schütz 63b7732ed6
Merge pull request #56202 from dotlambda/home-assistant-availableComponents
nixos/home-assistant: use availableComponents of configured package
2019-02-23 13:38:03 +01:00
Silvan Mosberger c0318efe9a
Merge pull request #50504 from symphorien/local-closureInfo
nixos: add preferLocalBuild=true; on derivations for config files and closureInfo
2019-02-22 20:53:17 +01:00
Symphorien Gibol a915b33315 nixos: add preferLocalBuild=true; on derivations for config files 2019-02-22 20:11:27 +01:00
Vladimír Čunát 71f4ba29a3
Merge branch 'master' into staging-next
Hydra nixpkgs: ?compare=1506218
2019-02-22 17:51:01 +01:00
Robert Schütz e211f55d87 nixos/home-assistant: use availableComponents of configured package
fixes #55958
2019-02-22 17:33:18 +01:00
aanderse e5405f9ae8 nixos/beanstalkd: new service for existing package (#55953) 2019-02-22 14:10:02 +01:00
Adam Finn Tulinius 291c809888 nixos/kubernetes: add missing systemd restart options 2019-02-21 14:57:57 +01:00
Jörg Thalheim 183919a0c0
Merge pull request #56004 from eskimor/add-nix-serve-help
nixos-nix-serve: Add some hint on howto get valid signing keys.
2019-02-21 09:43:50 +00:00
Michael Raskin 95039d0668
nixos/xserver: drop intel from videoDrivers (#55583)
* nixos/xserver: drop intel from videoDrivers

* Some more notes about possible regressions
2019-02-21 09:42:11 +00:00
Frederik Rietdijk e2cd07b997 Merge staging-next into staging 2019-02-21 07:54:33 +01:00
Franz Pletz 2935a67eb9
Merge pull request #45670 from johanot/kubernetes-1.11
nixos/kubernetes: Module refactor
2019-02-20 23:31:47 +00:00
Jaka Hudoklin 97a27fd2d2
nixos/kubernetes: fix flannel and kubelet startup 2019-02-21 00:26:11 +01:00
Tor Hedin Brønner bba6de611a
Merge pull request #56046 from callahad/bolt
Add and enable Bolt to support Thunderbolt 3 settings in GNOME
2019-02-20 21:43:02 +01:00
Franz Pletz 3a02205496
nixos/kubernetes: bootstrap docker without networking
Before flannel is ready there is a brief time where docker will be
running with a default docker0 bridge. If kubernetes happens to spawn
containers before flannel is ready, docker can't be restarted when
flannel is ready because some containers are still running on the
docker0 bridge with potentially different network addresses.

Environment variables in `EnvironmentFile` override those defined via
`Environment` in the systemd service config.

Co-authored-by: Christian Albrecht <christian.albrecht@mayflower.de>
2019-02-20 21:08:58 +01:00
Johan Thomsen 7028fac35b
nixos/kubernetes: use system.path to handle dependency on flannel subnet.env
The current postStart step on flannel causes flannel.service to
sometimes hang, even when it's commanded to stop.
2019-02-20 21:08:56 +01:00
Johan Thomsen 466beb0214
nixos/kubernetes: let flannel use kubernetes as storage backend
+ isolate etcd on the master node by letting it listen only on loopback
+ enabling kubelet on master and taint master with NoSchedule

The reason for the latter is that flannel requires all nodes to be "registered"
in the cluster in order to setup the cluster network. This means that the
kubelet is needed even at nodes on which we don't plan to schedule anything.
2019-02-20 21:08:56 +01:00
Johan Thomsen 1f49c2160a
nixos/kubernetes: CoreDNS privileges has to be assigned by addon manager bootstrap
- because the kube-addon-manager drops most of its privileges after
startup.
2019-02-20 21:08:55 +01:00
Johan Thomsen 6334796370
nixos/kubernetes: use the certmgr-selfsigned variant 2019-02-20 21:08:54 +01:00
Johan Thomsen e2380e79e1
nixos/kubernetes: major module refactor
- All kubernetes components have been seperated into different files
- All TLS-enabled ports have been deprecated and disabled by default
- EasyCert option added to support automatic cluster PKI-bootstrap
- RBAC has been enforced for all cluster components by default
- NixOS kubernetes test cases make use of easyCerts to setup PKI
2019-02-20 21:08:01 +01:00
aanderse a9358c4356 nixos/httpd: update documentation to reflect changes from https://github.com/NixOS/nixpkgs/pull/54529 (#56079) 2019-02-20 14:43:25 +02:00
Robert Klotzner 9f3fe63b5f Add some hint on howto get valid signing keys. 2019-02-20 12:32:08 +01:00
Vladimír Čunát 32767d139f
Merge branch 'staging-next'
This round is without the systemd CVE,
as we don't have binaries for that yet.
BTW, I just ignore darwin binaries these days,
as I'd have to wait for weeks for them.
2019-02-20 09:38:45 +01:00
Elis Hirwing f342be2c06
Merge pull request #56062 from elseym/jackett-module
jackett module: add more options and refactor
2019-02-20 09:14:36 +01:00
Elis Hirwing 66404f0742
Merge pull request #56061 from elseym/radarr-module
radarr module: add more options and refactor
2019-02-20 09:14:23 +01:00
Florian Klink c8b33d15d1
Merge pull request #56076 from telotortium/patch-1
tt-rss: Fix syntax error in config.php DB_PASS field
2019-02-20 01:58:28 +01:00
Florian Klink 11699d03bc
Merge pull request #56072 from bgamari/gitlab-database-config
nixos/gitlab: Introduce database pool size option
2019-02-20 01:56:28 +01:00
Robert Irelan 7ae4b4897a
tt-rss: Fix syntax error in config.php DB_PASS field
Empty password case would write `define('DB_PASS', )` instead of `define('DB_PASS', '')`.
2019-02-19 16:24:17 -08:00
Ben Gamari bd5ba09b79 nixos/gitlab: Introduce database pool size option
As well as a extraDatabaseConfig option.
2019-02-19 17:49:15 -05:00
Dan Callahan d20ad56ca7
nixos/gnome3: enable bolt by default
GNOME's support for Thunderbolt 3 requires the bolt daemon.

Fixes #55938
2019-02-19 20:54:39 +00:00
Dan Callahan 139e12323f
nixos/bolt: init at 0.7 2019-02-19 20:54:38 +00:00
elseym a73817ed82
jackett module: add more options and refactor 2019-02-19 20:45:00 +01:00
elseym 7b58ca7797
radarr module: add more options and refactor 2019-02-19 20:25:58 +01:00
Matthew Bauer b1bbd94bb6 Merge remote-tracking branch 'NixOS/master' into staging 2019-02-18 20:36:48 -05:00
Johan Thomsen f738618637 nixos/kubernetes: dashboard 1.8.3 -> 1.10.1
- add option to specify extra cmdline arguments to the dashboard
2019-02-18 17:34:30 +01:00
Johan Thomsen 5af74e19e6 nixos/kubernetes: coredns 1.2.5 -> 1.3.1 2019-02-18 17:34:30 +01:00
Frederik Rietdijk 815b77cbe6 Merge master into staging-next 2019-02-18 14:18:04 +01:00
Silvan Mosberger a3f85f0dc0
Merge pull request #55410 from aanderse/apache-defaults
nixos/httpd: improve security in configuration file
2019-02-18 03:27:18 +01:00
Silvan Mosberger ac953a4a6b
Merge pull request #55766 from Lucus16/bump-quassel
nixos/quassel: Add support for certificate file
2019-02-18 03:04:56 +01:00
rembo10 8e151c1e86
Merge branch 'master' into headphones 2019-02-18 09:14:14 +08:00
Ryan Mulligan a52d280cc4
Merge pull request #55955 from rnhmjoj/diod
Fixes for diod
2019-02-17 14:23:26 -08:00
Ryan Mulligan c3f9fdbf42
Merge pull request #55957 from dasJ/icingaweb2-module
nixos/icingaweb2: Init the module
2019-02-17 11:12:23 -08:00
Janne Heß 1caa886f6c nixos/icingaweb2: Init the module
The module is indeed very large but allows configuring every aspect of
icingaweb2. The built-in monitoring module is in an own file because
there are actually more (third-party) modules and this structure means
every module can get an own file.
2019-02-17 19:08:47 +01:00
rnhmjoj 6871e43937
nixos/diod: fix permissions 2019-02-17 18:26:00 +01:00
Torsten Schmits 97bb693927 nixos/tt-rss: fix syntax error in pre-start script 2019-02-17 10:50:24 +01:00
Frederik Rietdijk fd48a94b62 Merge staging-next into staging 2019-02-16 09:30:46 +01:00
Frederik Rietdijk 6fe10d2779 Merge master into staging-next 2019-02-16 09:29:54 +01:00
Jan Tojnar 23eff453a2
Merge pull request #55742 from aanderse/php-fpm
nixos/phpfpm: allow configuring php.ini files per-pool
2019-02-16 07:28:07 +01:00
Graham Christensen a1525c5d48
docs: give matomo an ID 2019-02-15 17:51:00 -05:00
Jaka Hudoklin 5ae048071d
Merge pull request #55649 from johanot/flannel-with-kubernetes-backend
nixos/flannel: add kubernetes as storage backend (and fix test)
2019-02-15 19:55:56 +01:00
Peter Hoeg 507855e56c
Merge pull request #55667 from amazari/master
zoneminder: fix build issue when using createLocally database
2019-02-15 22:00:31 +08:00
Silvan Mosberger b1bda29f5c
Merge pull request #55517 from florianjacob/cups-fix-ssl-dir
nixos/cups: Fix Unable to encrypt connection:
2019-02-14 21:19:57 +01:00
Silvan Mosberger 8a5925b7eb
Merge pull request #55301 from telotortium/tt-rss_disable_automatic_updates
Remove option config.services.tt-rss.checkForUpdates (forced to false)
2019-02-14 21:15:30 +01:00
Silvan Mosberger 3df95cfd9a
Merge pull request #55540 from florianjacob/matomo
Security: Matomo 3.7.0 -> 3.8.1
2019-02-14 21:13:57 +01:00
Silvan Mosberger c84488329b
Merge pull request #47747 from florianjacob/matomo-archive-processing-service
Matomo archive processing service
2019-02-14 21:05:16 +01:00
Florian Jacob 33b3272692 nixos/cups: Fix Unable to encrypt connection:
Unable to create server credentials
by creating /var/lib/cups/ssl directory.
2019-02-14 20:43:26 +01:00
Silvan Mosberger 80480598d4
Merge pull request #55515 from rycee/wpa_supplicant_citerefentry
nixos/wpa_supplicant: use `<citerefentry>`
2019-02-14 20:38:05 +01:00
Silvan Mosberger cf2f5850e2
nixos/znapzend: Run znapzendzetup import in parallel
Patch by @Baughn, who noticed these imports being very slow when run
serially with many datasets, so much that the service would time out and
fail, this fixes it.
2019-02-14 18:33:59 +01:00
Lars Jellema 85675c139f
nixos/quassel: Add support for certificate file 2019-02-14 14:36:21 +01:00
Frederik Rietdijk a25d48cd4f Merge master into staging 2019-02-14 11:35:50 +01:00
Jan Tojnar 606ceda352
gnome3: stop using aliases 2019-02-14 02:31:15 +01:00
Aaron Andersen 5eef3590ae nixos/phpfpm: allow configuring php.ini files per-pool 2019-02-13 19:58:02 -05:00
Michael Raskin f539a6a70e
Merge pull request #55138 from oxij/tree/random-fixes
random cleanups and a tiny fix
2019-02-13 20:16:07 +00:00
Alex Whitt 58d6951971 nzbget: Fix script for copying default config file template (#51235)
* nzbget: Fix configFile / dataDir checking in service script

* nzbget: improve the description for the `configFile` option

* nzbget: Add detail to the `configFile` option description

* nzbget: Improve wording of `configFile` option

* nzbget: Refactor dataDir management into systemd config

* nzbget: Remove debug
2019-02-13 17:38:32 +01:00
Johan Thomsen 94136fdc1b nixos/flannel: node name needs to be configured for flannel to work with kubernetes storage backend 2019-02-13 17:17:52 +01:00
Frederik Rietdijk 7257dedd7c Merge master into staging-next 2019-02-13 12:33:29 +01:00
Francesco Zanini ab912cf744 atlassian services: allow overriding package (#55685) 2019-02-13 08:08:13 +00:00
Alexandre Mazari b93ea9c26f zoneminder: fix build issue when using createLocally database 2019-02-12 22:32:11 +01:00
Johan Thomsen 9522ca5ce9 nixos/flannel: add options to configure kubernetes as config backend for flannel 2019-02-12 18:26:39 +01:00