1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-25 03:17:13 +00:00
Commit graph

11925 commits

Author SHA1 Message Date
Eelco Dolstra 35c1c170d7 nix.conf: Set sandbox-fallback = false
For security, we don't want the sandbox to be disabled silently.
2019-08-27 21:17:20 +02:00
worldofpeace 156f335161
Merge pull request #67549 from worldofpeace/gnome-control-center/fix-sharing
Fix sharing in gnome-control-center
2019-08-27 14:28:15 -04:00
Maximilian Bosch 56a7bc05e1
nixos/treewide: drop dependencies to keys.target
The `keys.target` is used to indicate whether all NixOps keys were
successfully uploaded on an unattended reboot. However this can cause
startup issues e.g. with NixOS containers (see #67265) and can block
boots even though this might not be needed (e.g. with a dovecot2
instance running that doesn't need any of the NixOps keys).

As described in the NixOps manual[1], dependencies to keys should be
defined like this now:

``` nix
{
  systemd.services.myservice = {
    after = [ "secret-key.service" ];
    wants = [ "secret-key.service" ];
  };
}
```

However I'd leave the issue open until it's discussed whether or not to
keep `keys.target` in `nixpkgs`.

[1] https://nixos.org/nixops/manual/#idm140737322342384
2019-08-27 18:55:55 +02:00
Matthew Bauer 4081bec5ac
zsh: remove unfunction on TERM=dumb
Unfortunately this gives an error when precmd or preexec exists. Removing to avoid that.
2019-08-27 11:00:58 -04:00
Frederik Rietdijk 98640fd482 Merge master into staging-next 2019-08-27 16:36:47 +02:00
Marek Mahut b40ee82685
Merge pull request #67556 from mmahut/matomo
nixos/matomo: fixing the configuration path
2019-08-27 16:13:34 +02:00
rnhmjoj 05ddde928d
nixos/dnschain: disable DNSSEC for namecoin TLDs 2019-08-27 14:42:06 +02:00
Silvan Mosberger 210756a450
nixos/pdns-recursor: implement a settings option (#67251)
nixos/pdns-recursor: implement a `settings` option
2019-08-27 14:34:32 +02:00
Marek Mahut 3a9d17ef04 nixos/matomo: fixing the configuration path 2019-08-27 11:44:34 +02:00
Florian Klink 9a02d9c75e
Merge pull request #66984 from flokli/systemd-cgroup-accounting
nixos/systemd: enable systemd cgroup accounting by default
2019-08-27 11:38:28 +02:00
worldofpeace 8a24bc2e08 nixos/gnome-user-share: cleanup
* No sessionPath!

* add to systemd.packages
  This is for the gnome-user-share-webdav.service.

* Update option description
2019-08-27 03:07:57 -04:00
Aaron Andersen 87fdc06a97
Merge pull request #63634 from aanderse/moodle
moodle: init at 3.7.1
2019-08-26 21:12:44 -04:00
volth 35d68ef143 treewide: remove redundant quotes 2019-08-26 21:40:19 +00:00
Matthew Bauer ed87d12187
Merge pull request #67476 from matthewbauer/fix-66745
nixos/update-users-groups.pl: chomp hashedPassword
2019-08-26 15:54:13 -04:00
rnhmjoj 0e0a533d9a
nixos/pdns-recursor: add luaConfig option 2019-08-26 17:46:04 +02:00
rnhmjoj 92d956267a
nixos/pdns-recursor: implement a settings option 2019-08-26 17:46:03 +02:00
Peter Simons 95c021393f mailman: reserve uid & gid in NixOS 2019-08-26 16:17:39 +02:00
Peter Hoeg c876affce0 nixos darkhttpd: module to enable darkhttpd 2019-08-26 19:57:49 +08:00
worldofpeace 450a180542
Merge pull request #67466 from worldofpeace/gnome3-defaults-cleanup
nixos/gnome3: split up
2019-08-26 05:56:38 -04:00
worldofpeace 70e506cf7c nixos/gnome3: split out gnome-flashback 2019-08-26 05:36:11 -04:00
worldofpeace fca8d35531 nixos/gnome3: split up
This introduces the following options under the services.gnome3 namespace:

* core-os-services.enable
* core-shell.enable
* core-utilities.enable
* games.enable

The first three are all default enabled by gnome3.enable
and their purpose is to make gnome3 more flexable for users
usecases. In the case of core-utilities and games, it allows
users to easily switch on the default gnome3 applications
and games packages. Previously we had lists in gnome-3/default.nix
but they weren't visible to the user. By having options we have
generated documentation and an interface.
2019-08-26 05:19:05 -04:00
Janne Heß c8e863e25e nixos/systemd: Add suspend-then-hibernate units
Pretty useful for laptops. I use them with:

```
services.logind.lidSwitch = "suspend-then-hibernate";
environment.etc."systemd/sleep.conf".text = "HibernateDelaySec=8h";
```
2019-08-26 11:04:10 +02:00
Peter Hoeg f729a79eae
Merge pull request #62974 from peterhoeg/f/zmtrigger
zoneminder: add perlPackages.DeviceSerialPort for zmtrigger.pl
2019-08-26 14:47:32 +08:00
Peter Hoeg 574ec28ef1 nixos/zoneminder: open telnet port for remote admin 2019-08-26 14:47:00 +08:00
Matthew Bauer fc565c1b9d nixos/update-users-groups.pl: chomp hashedPassword
We don’t want any trailing whitespace, otherwise we mess up the
formating of the shadow file. Some things like readFile may have the
trailing new line.

Fixes #66745
2019-08-25 23:42:31 -04:00
worldofpeace ae3fc3a688 nixos/pantheon: fix launching nm-applet components
For some reason nm-applet has to be running for an authentication
dialog to be spawned by wingpanel-indicator-network.

This also fixes storing NetworkManager secrets in the keyring, but this
is still broken because we lack the proper PAM configuration.
2019-08-25 22:23:54 -04:00
Marek Mahut 81fe072a8f nixos/unifi: restarting on failure (#67456) 2019-08-25 18:22:03 -06:00
Florian Klink 0fb17141fb nixos/systemd: enable cgroup accounting by default
If this is the default for OpenShift already, we probably can enable it
as well.

see https://github.com/openshift/machine-config-operator/pull/581
2019-08-25 22:26:12 +02:00
Florian Klink f3a18d4562 nixos/systemd: add new Default{BlockIO,IP}Accounting settings 2019-08-25 22:25:19 +02:00
Florian Klink f34f38ef1c nixos/systemd: honor default enableCgroupAccounting settings
systemd defaults DefaultMemoryAccounting and DefaultTasksAccounting to
yes, so no need to enable explicitly
2019-08-25 22:25:19 +02:00
Marek Mahut 18dfe1a3f5
Merge pull request #67449 from mmahut/jormungandr
nixos/jormungandr: adding genesis tests
2019-08-25 19:54:03 +02:00
Marek Mahut 4ca0df1539
Merge pull request #67444 from dasJ/fix-memcached-privateusers
nixos/memcached: Remove PrivateUsers
2019-08-25 19:18:26 +02:00
Marek Mahut f6ced211e6 nixos/jormungandr: changing the port to match upstream 2019-08-25 18:33:13 +02:00
Aaron Andersen 5b8c2295b0
Merge pull request #67393 from c0deaddict/feature/transmission-user-configurable
nixos/transmission: make user configurable
2019-08-25 10:47:40 -04:00
Janne Heß cabab90ad2 nixos/memcached: Remove PrivateUsers
Seems to break systems using the hardened profile.
Ref #62936
cc @Izorkin
2019-08-25 16:34:06 +02:00
Vladimír Čunát 985d1ac425
Merge branch 'master' into staging-next
There were several more conflicts from name -> pname+version;
all auto-solved by kdiff3, hopefully OK.

Hydra nixpkgs: ?compare=1538611
2019-08-25 14:57:11 +02:00
Marek Mahut 9ffc980ef7
Merge pull request #67391 from avnik/drop-rmilter
rmilter: remove deprecated package (and module)
2019-08-25 14:24:06 +02:00
Aaron Andersen 3bd03d2c0a nixos/moodle: init service 2019-08-25 08:12:28 -04:00
Jos van Bakel c3e93d5ad4
nixos/transmission: make user configurable 2019-08-25 13:19:48 +02:00
worldofpeace e075227b00
Merge pull request #67407 from jtojnar/gnome-bg
nixos/gnome3: fix default background setting
2019-08-24 18:33:41 -04:00
Jan Tojnar 305cb5c6f3
nixos/gnome3: fix default background setting
Fix the following error when opening Background panel in GNOME Settings:

    URI '/nix/store/…-simple-dark-gray-2016-02-19/share/artwork/gnome/nix-wallpaper-simple-dark-gray.png' is invalid
2019-08-24 22:10:01 +02:00
Marek Mahut 8a41fcb552
Merge pull request #67409 from duhirsch/module/gpg/addToSystemPackages
nixos/gnupg: Add gpg to systemPackages
2019-08-24 22:09:02 +02:00
Jan Tojnar edcecfee00
Merge pull request #67358 from jtojnar/ofono-progress
nixos/ofono: various improvements
2019-08-24 21:37:42 +02:00
Daniel Hirschberger 9a6adc1619 nixos/gnupg: Add gpg to systemPackages 2019-08-24 21:30:49 +02:00
worldofpeace 53a7d67344 nixos/doc: document share/dbus-1/*.d 2019-08-24 15:07:44 -04:00
Jan Tojnar d90aa7dc62
Merge pull request #67389 from jtojnar/xdg-user-dirs
Allow changing xdg-user-dirs with environment.etc
2019-08-24 19:22:45 +02:00
worldofpeace d9cf3ee80f
Merge pull request #67351 from worldofpeace/fix-vte-prompt-command
nixos/vte: ensure bash vte snippet appears first
2019-08-24 11:40:34 -04:00
Alexander V. Nikolaev 885511cb5c rmilter: remove deprecated package (and module) 2019-08-24 17:33:48 +03:00
Jan Tojnar 48426833c8
nixos/environment: prepend /etc/xdg to XDG_CONFIG_DIRS
Previously, we were only adding profile-relative paths to XDG_CONFIG_DIRS
variable. That required very ugly hacks like
https://github.com/NixOS/nixpkgs/issues/33282#issuecomment-524550842
to be able to configure XDG stuff.

Now, we are prepending the variable with /etc/xdg, allowing us to
simply use `environment.etc."xdg/…"` options.
2019-08-24 16:01:01 +02:00
Aaron Andersen 825d023c8a
Merge pull request #65706 from aanderse/phpfpm
nixos/phpfpm: module cleanup
2019-08-24 08:25:24 -04:00
Marek Mahut b8b35816c3
Merge pull request #67356 from alexbakker/libvirt-onboot
libvirtd: add onBoot option
2019-08-24 11:59:07 +02:00
Vladimír Čunát 2e6bf42a22
Merge branch 'master' into staging-next
There ver very many conflicts, basically all due to
name -> pname+version.  Fortunately, almost everything was auto-resolved
by kdiff3, and for now I just fixed up a couple evaluation problems,
as verified by the tarball job.  There might be some fallback to these
conflicts, but I believe it should be minimal.

Hydra nixpkgs: ?compare=1538299
2019-08-24 08:55:37 +02:00
Matthew Bauer 1329703616
Merge pull request #67225 from matthewbauer/tramp-zshrc-fix
nixos/zsh: Fix tramp support
2019-08-23 15:14:46 -04:00
Jan Tojnar 5db762126c
nixos/ofono: allow adding 3rd party plug-ins 2019-08-23 19:50:53 +02:00
Jan Tojnar f66613b3b6
nixos/ofono: add module 2019-08-23 19:50:53 +02:00
Jan Tojnar a8d3aebdce
Merge pull request #67318 from jtojnar/gnome-photos
gnome-photos: 3.32.0 → 3.32.1
2019-08-23 19:49:43 +02:00
Alexander Bakker d20022018e libvirtd: add onBoot option
This adds a new ``onBoot`` option that allows specifying the action taken on
guests when the host boots. Specifying "start" ensures all guests that were
running prior to shutdown are started, regardless of their autostart settings.
Specifying "ignore" will make libvirtd ignore such guests. Any guest marked as
autostart will still be automatically started by libvirtd.
2019-08-23 17:52:12 +02:00
Sarah Brofeldt 3a64303a20
Merge pull request #63539 from ivan/usbguard-nox
usbguard-nox: init at 0.7.4
2019-08-23 16:25:13 +02:00
worldofpeace 9d5f1eb581 nixos/vte: ensure bash vte snippet appears first
Fixes #67312
2019-08-23 10:11:48 -04:00
Aaron Andersen 400c6aac71 nixos/phpfpm: deprecate extraConfig options in favor of settings options 2019-08-23 07:56:27 -04:00
Aaron Andersen d2db3a338c nixos/phpfpm: Use systemd's RuntimeDirectory 2019-08-23 07:56:27 -04:00
Aaron Andersen a30a1e2795 nixos/phpfpm: add user and group option to each pool 2019-08-23 07:56:27 -04:00
Aaron Andersen 62b774a700 nixos/phpfpm: add socket option to replace the listen option 2019-08-23 07:56:21 -04:00
Aaron Andersen 2b5f663015 nixos/phpfpm: merge pool-options.nix into default.nix 2019-08-23 07:54:51 -04:00
Aaron Andersen 0ce8317c46 nixos/phpfpm: deprecate poolConfigs option 2019-08-23 07:54:51 -04:00
Marek Mahut 882e5b0e05
Merge pull request #67213 from mmahut/jormungandr
nixos: adding jormungandr service
2019-08-23 11:07:49 +02:00
Marek Mahut 4aef2212ee
Revert "nixos/containers: add unprivileged option" 2019-08-23 08:24:06 +02:00
Marek Mahut 27acea73b8
Merge pull request #67130 from uvNikita/containers/unprivileged
nixos/containers: add unprivileged option
2019-08-23 08:00:35 +02:00
Jan Tojnar b8ba71d633
tracker-miners: move from gnome3 2019-08-23 02:55:42 +02:00
Jan Tojnar 4919db9cbb
tracker: move from gnome3 2019-08-23 02:53:43 +02:00
Jan Tojnar fac090c8dd
gnome-online-accounts: move from gnome3 2019-08-23 02:47:21 +02:00
Marek Mahut f4ca6e3dd1
Merge pull request #66722 from mmahut/trezord-emulator
trezord: adding emulator support (plus test)
2019-08-22 23:25:18 +02:00
Marek Mahut ddc0521ebf nixos: adding jormungandr service 2019-08-22 07:10:16 +02:00
worldofpeace ae1cb0bdf9 nixos/xfce4-14: init 2019-08-21 21:51:00 -04:00
Matthew Bauer ac773d1607 nixos/zsh: Fix tramp support
For a long time, TRAMP has not worked with ZSH NixOS servers. I
thought I fixed this in 0740f57e63af61694d14796286cb9204, but now
realize that was only half the problem. For TRAMP to start working
again ‘unsetopt zle’ was needed, otherwise the connection would hang.
In addition, I have a few more settings added that can apparenty
interfere with these settings.
2019-08-21 21:24:45 -04:00
worldofpeace 1156146e74 nixos/mate: enable vte integration
Default terminal is mate-terminal which uses vte.
2019-08-21 17:20:49 -04:00
worldofpeace 034eb3b3cd nixos/pantheon: enable vte integration
Default terminal is elementary-terminal which uses vte.
2019-08-21 17:20:49 -04:00
worldofpeace 4ba10fbbfd
Merge pull request #66990 from worldofpeace/gnome-vte-config
nixos/gnome-terminal: init
2019-08-21 16:17:05 -04:00
worldofpeace 4a46140d29 nixos/gnome-terminal: init
This module obsoletes services.gnome3.gnome-terminal-server
as that's a confusing option for users, and sounds internal.
It's much simpler to have a gnome-terminal module.
2019-08-21 16:16:04 -04:00
worldofpeace 79dd78b911 nixos/vte: init
This module correctly includes the vte.sh script
required for vte terminals like gnome-terminal to show the
CWD in the window title and preserved across instances.

This is achieved with the options:
* programs.bash.vteIntegration
* programs.zsh.vteIntegration

as it's best to keep this configuration unguarded by gnome3.enable
to support other vte terminals (such as elementary-terminal).
Note the distinction between Zsh and Bash doesn't include
a different script, as this script only supports those two shells.
2019-08-21 16:16:04 -04:00
Sarah Brofeldt f20fbeedcf
Merge pull request #67179 from uvNikita/containers/fix-imperative
nixos/containers: fix imperative containers
2019-08-21 21:04:52 +02:00
Nikita Uvarov 578d712af4
nixos/containers: fix imperative containers
Fixes #67174.
2019-08-21 20:48:27 +02:00
Jan Tojnar d736138b00
Merge pull request #67071 from jtojnar/fontconfig-harmonization
nixos/fontconfig: harmonize with penultimate
2019-08-21 17:44:30 +02:00
Danylo Hlynskyi 855be67358
nginx: expose generated config and allow nginx reloads (#57429)
* nginx: expose generated config and allow nginx reloads

Fixes: https://github.com/NixOS/nixpkgs/issues/15906
Another try was done, but not yet merged in https://github.com/NixOS/nixpkgs/pull/24476

This add 2 new features: ability to review generated Nginx config
(and NixOS has sophisticated generation!) and reloading
of nginx on config changes. This preserves nginx restart on package
updates.

I've modified nginx test to use this new feature and check reload/restart
behavior.

* rename to enableReload

* add sleep(1) in ETag test (race condition) and rewrite rebuild-switch using `nesting.clone`
2019-08-21 16:52:46 +03:00
Florian Klink 9f237fe444
Merge pull request #45392 from dguibert/dg/wireguard
nixos/wireguard: setup interface with systemd-networkd
2019-08-21 15:48:05 +02:00
Félix Baylac-Jacqué 0528816570 systemd-networkd: add tests
(cherry picked from commit ec073e41a0)
2019-08-21 11:11:28 +02:00
David Guibert 7fd91a898b systemd-networkd: add support for wireguard netdev. 2019-08-21 11:11:24 +02:00
Aaron Andersen 249b4ad942
Merge pull request #66492 from aanderse/extra-subservice-cleanup
nixos/httpd: extraSubservices cleanup
2019-08-20 18:55:08 -04:00
Nikita Uvarov 7e7fc6471e
nixos/containers: add unprivileged option
Fixes #57083.
2019-08-21 00:01:29 +02:00
Marek Mahut 5dcc65a25b
Merge pull request #67109 from 1000101/master
trezord: add docs
2019-08-20 22:12:16 +02:00
Jan Hrnko 8033c66389 trezord: add docs 2019-08-20 21:09:32 +02:00
Matthew Bauer 1ab1e11257
Merge pull request #66992 from oxij/nixos/fix-zsh-prompt
nixos: zsh: setopt prompt_sp to workaround a zsh bug
2019-08-20 13:20:30 -04:00
worldofpeace f9d58edf07 nixos/pantheon: use qt5 module for adwaita-qt 2019-08-20 12:53:00 -04:00
worldofpeace fd7fa0aa5d
Merge pull request #66392 from worldofpeace/qt-theme/module
nixos/qt5: init
2019-08-20 12:44:28 -04:00
worldofpeace 1d0d69a214 nixos/qt5: init
This moduule has the following options:
* platformTheme
* style

This allows us to configure the Qt5 theme engine and style.
2019-08-20 12:24:55 -04:00
Silvan Mosberger dc0d945bdf
Merge pull request #66291 from reanimus/roon-no-dynamic
roon-server: disable DynamicUser
2019-08-20 18:12:36 +02:00
Jan Tojnar 67367587eb
nixos/fontconfig: harmonize comments 2019-08-20 13:59:28 +02:00
Jan Tojnar e7dc9d0b90
nixos/fontconfig: harmonize file names 2019-08-20 13:57:46 +02:00
Jan Tojnar 0d4fc97686
nixos/fontconfig: harmonize folder variables 2019-08-20 13:56:00 +02:00
Jan Tojnar be2cf1f093
nixos/fontconfig: harmonize indentation 2019-08-20 13:54:18 +02:00
Jan Tojnar 1a3f604de3
nixos/fontconfig-penultimate: reorder
to be more in line with fontconfig.nix
2019-08-20 13:50:52 +02:00
Matthieu Coudron 3b205ad3a7
Merge pull request #58207 from teto/kernelPackages_check
boot.kernelPackages: check for conflicts
It's currently possible to set conflicting `boot.kernelPackages` several times.
Nixos now warns when this is the case instead of just picking one.
2019-08-20 14:15:51 +09:00
worldofpeace 4b90f549ee
Merge pull request #66956 from worldofpeace/cleanup-gvfs-envars
nixos/gvfs: set GIO_EXTRA_MODULES
2019-08-19 19:36:29 -04:00
worldofpeace ffe7999f3d nixos/lxqt: use gvfs module 2019-08-19 19:03:38 -04:00
worldofpeace 5c5791c134 nixos/xfce: use gvfs module 2019-08-19 19:03:37 -04:00
worldofpeace 45eac0537d nixos/mate: don't set GiO_EXTRA_MODULES 2019-08-19 19:03:37 -04:00
worldofpeace a686dc071c nixos/pantheon: don't set GIO_EXTRA_MODULES 2019-08-19 19:03:37 -04:00
worldofpeace 5b09814b57 nixos/gnome3: don't set GIO_EXTRA_MODULES 2019-08-19 19:03:37 -04:00
worldofpeace 4bb6625767 nixos/gvfs: set GIO_EXTRA_MODULES 2019-08-19 19:03:37 -04:00
Jan Malakhovski 065c6ed96e nixos: zsh: setopt prompt_sp to workaround a zsh bug
See #38535, properly fixing the prompt seems complicated, and this seems
to work in all the ttys I checked.

Suggested by @Mic92.
2019-08-19 22:58:13 +00:00
worldofpeace eb127d2005 nixos/gvfs: add package option 2019-08-19 18:56:41 -04:00
worldofpeace 67ad8a788f nixos/gvfs: move out of GNOME 2019-08-19 18:53:43 -04:00
Marek Mahut 3b6258946f
Merge pull request #64407 from dasJ/icingaweb-test
nixos/icingaweb: Fix module path; Add test
2019-08-19 21:27:16 +02:00
Marek Mahut c4592aa161
Merge pull request #63973 from apvodney/master
u9fs service: start after network.target
2019-08-19 21:11:19 +02:00
Marek Mahut d7b3d2d0fd
Merge pull request #65995 from danderson/master
nixos/sshguard: create ipsets before starting, and clean up after stopping.
2019-08-19 21:05:42 +02:00
Marek Mahut 7c15694c29
Merge pull request #66271 from vdot0x23/patch-1
nixos/stubby: clearer wording for upstreamServers
2019-08-19 20:58:45 +02:00
Marek Mahut 7a4b296c8d
Merge pull request #66687 from joachifm/feat/hardened-nixos-revert-graphene-malloc
Revert "nixos/hardened: use graphene-hardened malloc by default"
2019-08-19 20:56:07 +02:00
Marek Mahut 94c51859df
Merge pull request #66846 from uvNikita/containers/ephemeral
nixos/containers: add 'ephemeral' option
2019-08-19 20:55:33 +02:00
Nikolay Amiantov fca97dfebc stage-1 init: fix debug menu
* Read one char at a time, so user doesn't have to enter "i<ENTER>"
  contrary to the menu;
* Exec shell inside setsid.
2019-08-19 19:54:00 +03:00
worldofpeace 9125f51b70
Merge pull request #66860 from worldofpeace/dconf-update
nixos/dconf: cleanup
2019-08-19 11:59:06 -04:00
Florian Klink 0aa5e3165c sd-image.nix: set installer.cloneConfig to false
As SD Card images are both installation media and installation target,
don't copy over a /etc/nixos/configuration.nix

Closes #63576.
2019-08-19 16:34:06 +02:00
Florian Klink f71fd79ff0 nixos/installation-device.nix: explain sshd usage 2019-08-19 16:34:06 +02:00
Florian Klink 93a03177f2
Merge pull request #66482 from flokli/systemd-sysctl
nixos/systemd: install sysctl snippets
2019-08-19 16:32:00 +02:00
Nikita Uvarov c740f0d400
nixos/containers: add 'ephemeral' option 2019-08-19 15:21:35 +02:00
davidak 6d4c69e640 netdata: enable cgroup accounting 2019-08-19 14:57:41 +02:00
Marek Mahut f0d1db99db
Merge pull request #66857 from nrdxp/fix/caddy
caddy: remove 'bin' attribute
2019-08-19 13:50:14 +02:00
worldofpeace 38c7d55d5d nixos/pantheon: use programs.dconf 2019-08-18 21:56:52 -04:00
worldofpeace a7b5d6142f nixos/gnome3: use programs.dconf 2019-08-18 21:55:52 -04:00
worldofpeace 918b7d572f nixos/dconf: cleanup
Add dconf to systemPackages and make GIO_EXTRA_MODULES
a list so it can actually merge.
2019-08-18 21:54:00 -04:00
Timothy DeHerrera 98e6c1432e
caddy: remove 'bin' attribute 2019-08-18 18:46:21 -06:00
Silvan Mosberger 918e1e0925
nixos/cadvisor: allow passing custom arguments (#66855)
nixos/cadvisor: allow passing custom arguments
2019-08-19 02:28:38 +02:00
Aaron Andersen 8227b2f29e
Merge pull request #66399 from mmahut/metabase
metabase: service module and test
2019-08-18 19:49:05 -04:00
tilpner 944a3a0dfc
nixos/cadvisor: allow passing custom arguments 2019-08-19 01:32:01 +02:00
Sarah Brofeldt e0cf7d6093 nixos/sd-image: Increase default firmware partition size 2019-08-18 22:55:39 +02:00
Nikolay Amiantov 79ebe562fb shadowsocks service: support dual-stack server
Enable IPv6 by default.
2019-08-18 23:07:51 +03:00
WilliButz 4835f65e95
Merge pull request #66814 from mguentner/synapse_1_3_1
matrix-synapse: 1.2.1 -> 1.3.1
2019-08-18 19:30:14 +02:00
Eric Litak ccf3557015 nixos/cjdns: add extraConfig option (#53502) 2019-08-18 18:47:56 +02:00
Marek Mahut e6fb350cf6
Merge pull request #66606 from DerTim1/riemann-config
nixos/riemann-tools: Add ExtraArgs Config Option
2019-08-18 18:47:19 +02:00
Florian Klink bafc256915 nixos/systemd: remove separate coredump module 2019-08-18 17:54:26 +02:00
Florian Klink 9be0327a49 nixos/systemd: install sysctl snippets
systemd provides two sysctl snippets, 50-coredump.conf and
50-default.conf.

These enable:
 - Loose reverse path filtering
 - Source route filtering
 - `fq_codel` as a packet scheduler (this helps to fight bufferbloat)

This also configures the kernel to pass coredumps to `systemd-coredump`.
These sysctl snippets can be found in `/etc/sysctl.d/50-*.conf`,
and overridden via `boot.kernel.sysctl`
(which will place the parameters in `/etc/sysctl.d/60-nixos.conf`.

Let's start using these, like other distros already do for quite some
time, and remove those duplicate `boot.kernel.sysctl` options we
previously did set.

In the case of rp_filter (which systemd would set to 2 (loose)), make
our overrides to "1" more explicit.
2019-08-18 17:54:26 +02:00
Florian Klink e5965bd489 nixos/sysctl: rename /etc/sysctl.d/nixos.conf -> 60-nixos.conf
sysctl.d(5) recommends prefixing all filenames in /etc/sysctl.d with a
two-digit number and a dash, to simplify the ordering of the files.

Some packages provide custom files, often with "50-" prefix.
To ensure user-supplied configuration takes precedence over the one
specified via `boot.kernel.sysctl`, prefix the file generated there with
"60-".
2019-08-18 17:54:26 +02:00
danbst d80cd26ff9 Merge branch 'master' into flip-map-foreach 2019-08-18 18:00:25 +03:00
Danylo Hlynskyi 2b393c8913
elasticsearch: add example on how to use plugins (#55115)
See https://discourse.nixos.org/t/elastic-search-plugins/1997
2019-08-18 17:11:20 +03:00
Florian Klink 36ece762e5
Merge pull request #66621 from flokli/gitlab-12.1.6
gitlab-ce: 12.0.3 -> 12.1.6
2019-08-18 14:08:14 +02:00
Marek Mahut 69089e990e modules: adding metabase service 2019-08-18 13:44:26 +02:00
Frederik Rietdijk f65aa21bb2 Merge master into staging-next 2019-08-18 12:53:44 +02:00
worldofpeace 4f3e9ca93a
Merge pull request #65291 from worldofpeace/xdg-updates
Flatpak updates
2019-08-18 04:23:54 -04:00
worldofpeace ce0511e302 nixos/flatpak: add comment about selinux 2019-08-18 04:23:17 -04:00
worldofpeace 1728bc8d22 flatpak: 1.2.4 -> 1.4.2
* Regenerated all patches for 1.4.2 and resolved
  any conflicts.

* fix-test-paths.patch doesn't copy the whole locale archive
  because we have C.UTF8 now.

* nixos/flatpak creates a Flatpak system helper user
  Change introduced in 1.3.2.

Changes:
See https://github.com/flatpak/flatpak/releases/tag/1.3.1 through
1.4.2.
2019-08-18 04:23:17 -04:00
Maximilian Güntner dac8fe9cee
nixos/matrix-synapse: use notify instead of simple
Starting with 1.3.0, matrix-synapse supports notifying
systemd. Relevant PR: matrix-org/synapse#5732
2019-08-18 09:41:33 +02:00
Frederik Rietdijk 295888c622
Merge pull request #66381 from NixOS/staging-next
Staging next
2019-08-18 08:54:45 +02:00
worldofpeace 5892773eb6 nixos/pantheon: adjust to renamed gnome3 options 2019-08-17 16:34:55 -04:00
Marek Mahut caf9b8cc35
Merge pull request #66591 from aanderse/zabbix-proxy
nixos/zabbixProxy: fix database initialization logic
2019-08-17 20:55:13 +02:00
Symphorien Gibol c3e1e64e4c remove all instances of nix-env -i without -A in the NixOS manual
motivation: https://nixos.wiki/wiki/FAQ/Why_not_use_nix-env_-i_foo%3F
2019-08-17 18:04:43 +02:00
WilliButz ecd4d03dfe
grafana-loki: fix typo in service config 2019-08-17 12:08:51 +02:00
Frederik Rietdijk fe9a3e3e63 Merge staging-next into staging 2019-08-17 09:39:23 +02:00
Frederik Rietdijk c68f58d95c Merge master into staging-next 2019-08-17 09:30:16 +02:00
Samuel Dionne-Riel b750ebf1b3
Merge pull request #60422 from kwohlfahrt/device-tree
nixos/hardware.deviceTree: new module
2019-08-16 13:26:48 -04:00
Marek Mahut 5712bea91b trezord: adding emultor support 2019-08-16 16:58:48 +02:00
Edmund Wu aa251bbc3e
systemd-networkd: link: Name -> OriginalName 2019-08-15 21:58:24 -04:00
Aaron Andersen efbdce2e96 nixos/mantisbt: drop unmaintained module 2019-08-15 21:01:23 -04:00
Aaron Andersen 265163da07 nixos/systemhealth: drop unmaintained module 2019-08-15 21:01:23 -04:00
Aaron Andersen ac4327c025 nixos/awstats: replace usage of deprecated services.httpd.extraSubservices 2019-08-15 21:00:27 -04:00
Joachim Fasting 4ead3d2ec3
Revert "nixos/hardened: use graphene-hardened malloc by default"
This reverts commit 48ff4f1197.

Causes too much breakage to be enabled by default [1][2].

[1]: https://github.com/NixOS/nixpkgs/issues/61489
[2]: https://github.com/NixOS/nixpkgs/issues/65000
2019-08-15 18:49:57 +02:00
Joachim Fasting da0b67c946
nixos-hardened: disable unprivileged userfaultfd syscalls
New in 5.2 [1]

[1]: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cefdca0a86be517bc390fc4541e3674b8e7803b0
2019-08-15 18:43:34 +02:00
Joachim Fasting 4b21d1ac8c
nixos-hardened: enable page alloc randomization 2019-08-15 18:43:32 +02:00
volth 46420bbaa3 treewide: name -> pname (easy cases) (#66585)
treewide replacement of

stdenv.mkDerivation rec {
  name = "*-${version}";
  version = "*";

to pname
2019-08-15 13:41:18 +01:00
Marek Mahut 08749c4860
Merge pull request #66588 from lschuermann/nixos-enter-silent
nixos-enter: add --silent to suppress activation script output
2019-08-15 10:22:27 +02:00
Peter Hoeg 503ca1f40c nixos aws: use in-kernel ixgbevf driver (#58956) 2019-08-15 02:58:22 +03:00
aszlig dc525e8b12
Merge pull request #66648 (improve xkbvalidate)
This allows xkbvalidate to be compiled via Clang and also has a few
other portability improvements, eg. it now can even be compiled on OS X,
even though it's probably not needed there.

In addition, I changed the binary name so that it matches the package
name.

I'm merging this in right now, because there is only the xserver NixOS
module where this is used, so the risk of a catastrophic breakage is
very low.

Checks and build done by ofborg also ran successfully and I also did a
few local tests (eg. running via valgrind to avoid leaks) to make sure
it's still working properly.
2019-08-15 01:32:09 +02:00
aszlig 16ecd0d5ca
xkbvalidate: Rename output binary to xkbvalidate
So far, the output binary has been just "validate", which is quite a
very generic name and doesn't match the package name.

Even though I highly doubt that this program will ever be used outside
of NixOS modules, it's nevertheless less confusing to have a consistent
naming.

Signed-off-by: aszlig <aszlig@nix.build>
2019-08-15 01:11:32 +02:00
worldofpeace bc0072305b
Merge pull request #66638 from worldofpeace/favorite-apps-gnome3
nixos/gnome3: set favorite-apps
2019-08-14 17:12:48 -04:00
worldofpeace 83c0b5f06f nixos/gnome3: set favorite-apps
The upstream defaults [0] for this key include shotwell and
rhythmbox which aren't installed by the gnome3 module.
We swap these out for gnome-photos and gnome-music
which are.

[0]: https://gitlab.gnome.org/GNOME/gnome-shell/blob/3.32.2/data/org.gnome.shell.gschema.xml.in#L42
2019-08-14 16:55:45 -04:00
Matthew Bauer e9b7085ff8 cups: add myself as maintainer 2019-08-14 11:47:48 -04:00
Matthew Bauer c068488817 nixos/cupsd: use socket-based activation by default
Make socket-based activation the
default (services.printing.startWhenNeeded)
2019-08-14 11:47:12 -04:00
Matthew Bauer 28040465be nixos/cupsd: include /run/cups/cups.sock in ListenStreams
This socket should always be created by systemd.
2019-08-14 11:47:12 -04:00
Matthew Bauer 35e633bde5 nixos/cupsd: only enable cups when startWhenNeeded = false
cups-browsed was pulling in cups.service even when we were using the
socket-based initialization.
2019-08-14 11:47:12 -04:00
Matthew Bauer 04ea093eb6 nixos/cupsd: Set CUPS_DATADIR globally
This is used by some programs that need CUPS data files. For instance,
print-manager looks here for printing test pages.
2019-08-14 11:47:12 -04:00
worldofpeace dd49cf711e
Merge pull request #66338 from worldofpeace/installer/no-root
installer: Don't run as root
2019-08-14 11:20:54 -04:00
Matthew Bauer 3411c1566a
Merge pull request #66480 from primeos/nixos-fuse
nixos/fuse: init
2019-08-14 10:16:02 -04:00
Ben Gamari d7d873b8cb nixos/gitlab: Delete stale hooks directories with -R
These can be directories.
2019-08-14 15:29:50 +02:00
Frederik Rietdijk 8d56f2472e Merge master into staging-next 2019-08-14 13:45:54 +02:00
WilliButz ddf15d321f
Merge pull request #66612 from fadenb/oxidized_permission_issue
nixos/oxidized: Use symlinks for config files
2019-08-14 11:56:34 +02:00
Tristan Helmich (omniIT) 02dfc07a04 nixos/oxidized: Use symlinks for config files
The old `cp` suffers from a permission issue on the 2nd start of the
service. The files were copied from the read-only nix store. On the 2nd
start of the service the `cp` failed.
The new version force creates a symlink which does not suffer from this.
2019-08-14 09:30:51 +00:00
Tim Digel 5bbde1e1ca nixos/riemann-tools: Add ExtraArgs Config Option
Added option "extraArgs" to forward any switches to riemann-tools.
2019-08-14 08:26:13 +02:00
worldofpeace d66f89022f
Merge pull request #66593 from aaronjanse/crashdump-poll-fix
fix crashDump overheating
2019-08-13 19:11:26 -04:00
Aaron Janse 011fa89b92 nixos/modules/misc/crashdump: remove idle=poll (fix #66464)
Previously, "idle=poll" would severely overheat some CPUs
2019-08-13 16:08:22 -07:00
Aaron Andersen 9af06755f3 nixos/zabbixProxy: fix database initialization logic 2019-08-13 18:50:28 -04:00
Leon Schuermann 415993d6b7 nixos-enter: silent activation script option
Also, fix a few shellcheck errors.
2019-08-13 23:48:58 +02:00
Matthew Bauer 329e097828
Merge pull request #66425 from Gerschtli/fix/path-order
environment.profiles: fix order of profiles and PATH
2019-08-13 15:06:09 -04:00
Marek Mahut cb8f4b0552
Merge pull request #65439 from aanderse/httpd-extra-modules
nixos/httpd: remove duplicate module entries from httpd.conf
2019-08-13 18:51:15 +02:00
Aaron Andersen 6f6468bef3
Merge pull request #65728 from Infinisil/types-eithers
lib/types: Add oneOf, extension of either to a list of types
2019-08-13 11:48:42 -04:00
Marek Mahut 4754ca7d2e
Merge pull request #62936 from dasJ/sandbox-memcached
nixos/memcached: Isolate the service
2019-08-13 08:56:34 +02:00
Jeff Slight 2ee14c34ed
nixos/gitlab: properly clear out initializers 2019-08-12 12:50:02 -07:00
worldofpeace 397c7d26fc installer: Don't run as root
There's many reason why it is and is going to
continue to be difficult to do this:

1. All display-managers (excluding slim) default PAM rules
   disallow root auto login.

2. We can't use wayland

3. We have to use system-wide pulseaudio

4. It could break applications in the session.
   This happened to dolphin in plasma5
   in the past.

This is a growing technical debt, let's just use
passwordless sudo.
2019-08-12 14:45:27 -04:00
Franz Pletz f3160a2db6
Merge pull request #66476 from WilliButz/fix-prometheus-alertmanager-option
nixos/prometheus2: replace alertmanagerURL with new alertmanagers option
2019-08-12 17:59:27 +00:00
Maximilian Bosch f0d6955052
Merge pull request #66470 from WilliButz/update-blackbox-exporter
prometheus-blackbox-exporter: 0.12.0 -> 0.14.0, run tests and check config
2019-08-12 19:38:43 +02:00
Silvan Mosberger a7c7bb156f
clight: init (#64309)
clight: init
2019-08-12 18:18:05 +02:00
Graham Christensen 5d807f80c7
Merge pull request #63864 from cransom/datadog-agent-integrations-fix
datadog-agent: fix extraIntegrations
2019-08-12 12:15:48 -04:00
Edmund Wu 7c8ea897be
clight: include module 2019-08-12 11:56:47 -04:00