1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-02 10:31:36 +00:00
Commit graph

322 commits

Author SHA1 Message Date
Paul Hendry 486b8e7f5c Add Terraria server service (#16832) 2016-08-07 03:58:38 +02:00
Eric Sagnes c7bd26e537 version module: refactor with fileContents 2016-08-01 18:40:36 +09:00
Eelco Dolstra 83eb49220b Manual: Only include the release number (e.g. 16.03)
This prevents gratuitous rebuilds of the manual every time the Git
revision changes.

Should help a bit with #17261.
2016-08-01 11:10:21 +02:00
Eelco Dolstra 2a05368ff3 Remove $NIXOS_LABEL and $NIXOS_VERSION
Relying on environment variables to override configuration options is
ugly, and there is no reason for them.
2016-08-01 11:10:02 +02:00
Shawn Warren 9886c80daa Add gocd agent and server service packages (#16273)
GoCD is an open source continuous delivery server specializing in advanced workflow
modeling and visualization.  Update maintainers list to include swarren83.  Update
module list to include gocd agent and server module.  Update packages list to include
gocd agent and server package.  Update version, revision and checksum for GoCD
release 16.5.0.
2016-07-23 00:29:18 +02:00
cransom 4a9b640f37 smokeping: init at 2.6.11 (#17090)
Includes a module for service setup and a test
to verify functionality of both service and pkg.
2016-07-21 01:07:59 +02:00
Rickard Nilsson 9facb7078b nixos/elasticsearch: Set a group on the user
This fixed a problem I had when running ElasticSearch in an LXC
container, and it doesn't hurt using a dedicated group instead of
nogroup anyway.
2016-07-01 18:21:42 +02:00
Benjamin Saunders 8e47786c0e coturn: init at 4.5.0.3 (#16284) 2016-06-21 12:59:29 +02:00
Joachim Fasting 6fd8e5719b Merge pull request #16108 from pwetzel/squeezelite
Squeezelite package and service init
2016-06-19 20:53:15 +02:00
Joachim Fasting a53452f3e1
nixos: remove the grsecurity GID
This GID was used to exempt users from Grsecurity's
`/proc` restrictions; we now prefer to rely on
`security.hideProcessInformation`, which uses the `proc` group
for this purpose.  That leaves no use for the grsecurity GID.

More generally, having only a single GID to, presumably, serve as the
default for all of grsecurity's GID based exemption/resriction schemes
would be problematic in any event, so if we decide to enable those
grsecurity features in the future, more specific GIDs should be added.
2016-06-14 03:38:17 +02:00
Phil Wetzel ccdf386a97 squeezelite service: init 2016-06-11 22:05:07 -04:00
obadz 4c5fdf42ed nixos/modules/misc/version.nix: check that .git is a directory
That's not the case for git submodules
Fixes #15928
2016-06-03 13:38:41 +01:00
obadz d18ba0f50d toxvpn: init at 20151111
(Authored by @cleverca22)
2016-05-30 00:21:22 +01:00
obadz 47950b5353 modules/misc/version.nix: populate nixosRevision based on <nixpkgs/.git> when possible (#15624)
Example:

$ nixos-option system.nixosLabel
Value:
"16.09.git.4643ca1"
2016-05-24 23:34:28 +01:00
Hans-Harro Horn 77f2c305b6 mosquitto service: init
Initial Mosquitto MQTT Broker service file.
2016-05-24 10:49:03 +02:00
Tristan Helmich 36f8b3cad1 nzbget: 16.4 -> 17.0-r1686 and nzbget service 2016-05-13 18:56:39 +02:00
Kranium Gikos Mendoza 356f1bdac8 sniproxy service: init 2016-05-11 13:27:28 +08:00
Tristan Helmich e48580c083 graylog service: Initial graylog service 2016-04-28 23:27:57 +02:00
Tristan Helmich c145f6eaa7 emby service: new service 2016-04-23 16:13:53 +02:00
Eric Litak 13577e8785 factorio: headless server module 2016-04-14 23:03:36 -07:00
aszlig 9ed9e268a2
Merge pull request #14476 (taskserver)
This adds a Taskserver module along with documentation and a small
helper tool which eases managing a custom CA along with Taskserver
organisations, users and groups.

Taskserver is the server component of Taskwarrior, a TODO list
application for the command line.

The work has been started by @matthiasbeyer back in mid 2015 and I have
continued to work on it recently, so this merge contains commits from
both of us.

Thanks particularly to @nbp and @matthiasbeyer for reviewing and
suggesting improvements.

I've tested this with the new test (nixos/tests/taskserver.nix) this
branch adds and it fails because of the changes introduced by the
closure-size branch, so we need to do additional work on base of this.
2016-04-15 00:21:49 +02:00
Ricardo M. Correia f5951c55f7 nixos.locate: fix update-locatedb service failure
It was failing with a `Read-only filesystem` failure due to the systemd
service option `ReadWriteDirectories` not being correctly configured.

Fixes #14132
2016-04-14 13:51:17 +02:00
joachifm 245f200dd8 Merge pull request #11987 from angus-g/caddy
Add Caddy and its NixOS module
2016-04-11 09:20:21 +02:00
Joachim Fasting cef2814a4f nixos: add optional process information hiding
This module adds an option `security.hideProcessInformation` that, when
enabled, restricts access to process information such as command-line
arguments to the process owner.  The module adds a static group "proc"
whose members are exempt from process information hiding.

Ideally, this feature would be implemented by simply adding the
appropriate mount options to `fileSystems."/proc".fsOptions`, but this
was found to not work in vmtests. To ensure that process information
hiding is enforced, we use a systemd service unit that remounts `/proc`
after `systemd-remount-fs.service` has completed.

To verify the correctness of the feature, simple tests were added to
nixos/tests/misc: the test ensures that unprivileged users cannot see
process information owned by another user, while members of "proc" CAN.

Thanks to @abbradar for feedback and suggestions.
2016-04-10 12:27:06 +02:00
Angus Gibson bb6408ba16 caddy service: initial implementation 2016-04-05 23:45:54 +00:00
aszlig 743993f4be
nixos/ids: Rename uid and add gid for "taskd"
I'm renaming the attribute name for uid, because the user name is called
"taskd" so we should really use the same name for it.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-04-05 18:53:31 +02:00
Matthias Beyer 5442f22d05
Add taskserver to ids.nix 2016-04-05 18:53:31 +02:00
Eric Litak 0de2d2fbcd mfi: init at 2.1.11
This package has some outdated dependencies, so old versions of mongodb
and v8 had to be re-added as well.
2016-04-01 02:45:11 -07:00
rnhmjoj a98a918b10 syncthing: run daemon with dedicated user as default 2016-04-01 01:26:52 +02:00
Joachim Fasting 9bf6e64860 dnscrypt-proxy service: use dynamic uid/gid
The daemon doesn't have any portable data, reserving a
UID/GID for it is redundant.

This frees up UID/GID 151.
2016-03-24 17:14:22 +01:00
Domen Kožar d43da3c488 Pin hydra-www and hydra-queue-runner uids
hydra user is already pinned, this is needed due to
https://github.com/NixOS/nixpkgs/issues/14148

(cherry picked from commit 0858ece1ad)
Signed-off-by: Domen Kožar <domen@dev.si>
2016-03-23 12:17:18 +00:00
Pascal Wittmann a491b75523 radicale service: run with dedicated user
This is done in the context of #11908.
2016-03-20 15:50:14 +01:00
Domen Kožar 68d30cdfcb NixOS 16.09 is called Flounder
chosen by @zimbatm as our documentation hero in 16.03
2016-03-14 19:09:54 +00:00
Nikolay Amiantov 83ff545bfd mjpg-streamer service: init 2016-03-12 18:53:02 +03:00
Franz Pletz aa819b8d39 Merge pull request #13591 from mayflower/services/nntp-proxy
nntp-proxy service: init
2016-03-03 18:57:25 +01:00
Tristan Helmich 17389e256f nntp-proxy service: init 2016-03-03 14:14:19 +01:00
Eelco Dolstra f3d94cfc23 Revert "Add the tool "nixos-typecheck" that can check an option declaration to:"
This reverts commit cad8957eab. It
breaks NixOps, but more importantly, such major changes to the module
system really need to be reviewed.
2016-03-01 20:52:06 +01:00
Thomas Strobel cad8957eab Add the tool "nixos-typecheck" that can check an option declaration to:
- Enforce that an option declaration has a "defaultText" if and only if the
   type of the option derives from "package", "packageSet" or "nixpkgsConfig"
   and if a "default" attribute is defined.

 - Enforce that the value of the "example" attribute is wrapped with "literalExample"
   if the type of the option derives from "package", "packageSet" or "nixpkgsConfig".

 - Warn if a "defaultText" is defined in an option declaration if the type of
   the option does not derive from "package", "packageSet" or "nixpkgsConfig".

 - Warn if no "type" is defined in an option declaration.
2016-02-29 01:09:00 +01:00
Eelco Dolstra bf9c57fc49 Improve services.locate.period deprecation message 2016-02-27 20:48:12 +01:00
Eelco Dolstra d4636fa254 Revert "Add a way to pin a NixOS version within the module system."
This reverts commit a5992ad61b. Motivation:

a5992ad61b (commitcomment-14986820)
2016-02-27 20:48:12 +01:00
Profpatsch 70c02402c8 networkmanager: fix link-local ip addresses
NetworkManager needs an additional avahi-user to use link-local
IPv4 (and probably IPv6) addresses. avahi-autoipd also needs to be
patched to the right path.
2016-02-26 03:28:56 +01:00
Nikolay Amiantov 53269f1455 octoprint service: init 2016-02-17 17:05:59 +03:00
Nikolay Amiantov 1c8a21dfad Merge branch 'pdnsd-service' of https://github.com/nfjinjing/nixpkgs
Closes #12932
2016-02-16 20:35:01 +03:00
Nikolay Amiantov 39e9b43082 Merge branch 'gammu-smsd' of https://github.com/zohl/nixpkgs into zohl-gammu-smsd
Closes #12998
2016-02-16 19:40:00 +03:00
Cole Mickens c7571611dc cfdyndns: init at 0.0.1 2016-02-15 12:54:04 -08:00
Al Zohali 7b7cf281d3 gammu-smsd service: init 2016-02-15 00:26:41 +03:00
Jinjing Wang 73b9a9662d pdnsd service: init 2016-02-12 19:53:41 +08:00
Dan Peebles e409d0fed3 nixos: update-locatedb - harden via systemd (#7220)
Also, use systemd timers.

Most of the work is by @thoughtpolice but I changed enough of it to warrant changing commit author.
2016-01-23 20:44:30 +00:00
Thomas Strobel a04a7272aa Add missing 'type', 'defaultText' and 'literalExample' in module definitions
- add missing types in module definitions
- add missing 'defaultText' in module definitions
- wrap example with 'literalExample' where necessary in module definitions
2016-01-17 19:41:23 +01:00
Alexander V. Nikolaev de8dea4821 nixos: add module for rmilter 2016-01-16 15:12:30 +02:00
Alexander V. Nikolaev 14926f08a3 nixos: Add module for rspamd 2016-01-16 15:11:36 +02:00
roblabla 7e10bf4327 matrix-synapse: init at 0.12.0 2016-01-15 15:17:14 +01:00
Mark Laws e7ba7fba01 gale: init at 1.1happy 2016-01-13 12:00:50 -08:00
Nikolay Amiantov b4179c5612 nixos/dspam: add module 2016-01-13 13:08:55 +03:00
Nikolay Amiantov f5efac09aa nixos/opendkim: add module 2016-01-13 13:07:46 +03:00
Nikolay Amiantov c51d08cf27 nixos/postsrsd: add module 2016-01-13 13:04:12 +03:00
Nikolay Amiantov d0510febe1 nixos/ejabberd: update service 2016-01-10 21:28:27 +03:00
Arseniy Seroka c03fe79265 Merge pull request #10996 from oxij/nixos-label
nixos: introduce system.nixosLabel support
2016-01-09 20:52:08 +03:00
Jan Malakhovski 119c8f91e7 nixos: introduce system.nixosLabel option and use it where appropriate
Setting nixosVersion to something custom is useful for meaningful GRUB
menus and /nix/store paths, but actuallly changing it rebulids the
whole system path (because of `nixos-version` script and manual
pages). Also, changing it is not a particularly good idea because you
can then be differentitated from other NixOS users by a lot of
programs that read /etc/os-release.

This patch introduces an alternative option that does all you want
from nixosVersion, but rebuilds only the very top system level and
/etc while using your label in the names of system /nix/store paths,
GRUB and other boot loaders' menus, getty greetings and so on.
2016-01-08 22:26:15 +00:00
Jakob Gillich 57d6dfe932 notbit: removed dead package
The Bitmessage protocol v3 became mandatory on 16 Nov 2014 and notbit does not support it, nor has there been any activity in the project repository since then.
2016-01-07 04:39:51 +01:00
Benjamin Staffin fe8498f609 nixos/mathics: New service and test 2016-01-02 14:34:55 -08:00
Domen Kožar fe9a7c6d5b Merge pull request #11956 from zimbatm/nm-openvpn-uid-gid
networkmanager: set uid/gid for the networkmanager openvpn agent
2015-12-27 11:02:55 +01:00
Anders Papitto bbcc08cb30 NixOS manual: fix typo 2015-12-26 10:38:17 -08:00
zimbatm c515be4651 networkmanager: set uid/gid for the networkmanager openvpn agent
Fixes #11317
2015-12-08 16:47:56 +00:00
Rodney Lorrimar b13b9489ad pump.io service: init
Pump.io runs its web server as a standalone service listening on
443. It's also possible to put the service behind a HTTP reverse proxy.
2015-12-06 13:35:21 +00:00
goibhniu cc63832981 Merge pull request #8758 from fpletz/package/chrony
chrony: 2.1.1 -> 2.2 & service improvements
2015-11-26 13:22:33 +01:00
makefu 0bdc5e269b services/misc/bepasty: init at 2015-10-21
This module implements a way to start one or more bepasty servers.
It supports configuring the listen address of gunicorn and how bepasty
behaves internally.

Configuring multiple bepasty servers provides a way to serve pastes externally
without authentication and provide creating,listing,deleting pastes interally.
nginx can be used to provide access via hostname + listen address.

`configuration.nix`:

    services.bepasty = {
      enable = true;
      servers = {

        internal = {
          defaultPermissions = "admin,list,create,read,delete";
          secretKey = "secret";
          bind = "127.0.0.1:8000";
        };

        external = {
          defaultPermissions = "read";
          bind = "127.0.0.1:8001";
          secretKey = "another-secret";
        };
      };
    };
2015-11-23 22:10:14 +01:00
Nicolas B. Pierron 4e61fc89d2 Merge pull request #11106 from nbp/nixos-reentry
Add a way to pin a NixOS version within the module system.
2015-11-20 20:11:21 +00:00
Nicolas B. Pierron a5992ad61b Add a way to pin a NixOS version within the module system.
This modification add a way to re-evaluate the module system with a
different version of NixOS, or with a different set of arguments.
2015-11-19 20:58:45 +00:00
Jaka Hudoklin aa4bad4c17 heapster module: init 2015-11-16 16:58:10 +01:00
Jan Malakhovski 732eb3c4cc nixos: cleanup version module, allow setting nixosVersion with env variable 2015-11-12 21:14:49 +00:00
Franz Pletz d89f269b26 chrony service: Members of group chrony can use chronyc 2015-11-03 15:07:18 +01:00
Ryan Mulligan 9c22cd380c calibre-server service: init 2015-09-27 20:31:17 -07:00
Matej Cotman d31cc0d19a xtreemfs: add nixos module 2015-09-22 21:46:52 +02:00
Jaka Hudoklin 80aea0dcfd kibana service: init 2015-09-19 00:33:44 +02:00
William A. Kennington III c2e4fb29c6 nixos/lxd: Add service 2015-09-13 23:27:31 -07:00
Thomas Strobel 684cd17ff5 dnschain nixos module: init 2015-09-10 18:11:40 +02:00
Thomas Strobel 8db7c14e56 namecoind nixos module: security enhancements 2015-09-10 18:11:40 +02:00
Thomas Strobel b6fb760484 namecoind nixos module: init 2015-09-08 20:17:52 +02:00
Domen Kožar 7bc624f572 And next release is called Emu!
http://img.gawkerassets.com/img/17qtp0agra45ajpg/original.jpg
2015-09-03 11:39:56 +02:00
Tobias Geerinckx-Rice e87fa04ddc nixos: move left-behind allowUnfree comment 2015-09-03 01:17:10 +02:00
Eelco Dolstra 2cd7c1f198 Unify NixOS and Nixpkgs channel structure
This is primarily to ensure that

  -I nixpkgs=https://nixos.org/channels/nixos-unstable/nixexprs.tar.xz

and

  -I nixpkgs=https://github.com/NixOS/nixpkgs-channels/archive/nixos-unstable.tar.gz

and

  -I nixpkgs=https://nixos.org/channels/nixpkgs-unstable/nixexprs.tar.xz

behave consistently.

It also allows installing packages via "nix-env -iA nixos.<pkg>"
rather than "nixos.pkgs.<pkg>". It would be even better to allow
"nixpkgs.<pkg>", but that requires a change to nix-channel.

Fixes #7659.
2015-08-05 17:37:11 +02:00
Eelco Dolstra 91e71725d4 Remove some obsolete references to <nixos> 2015-08-05 17:37:08 +02:00
Arseniy Seroka a5b976e8d3 Merge pull request #9061 from tomberek/add_gateone
GateOne: init at 1.2
2015-08-04 07:16:21 +03:00
William A. Kennington III 736552b7e5 nixos: Fix manpages from 8c652379df 2015-08-03 16:19:12 -07:00
Thomas Bereknyei cb6dc71599 GateOne: init at 1.2 2015-08-03 11:01:05 -04:00
Eelco Dolstra ff4e92f2cc Spelling etc 2015-08-03 13:48:43 +02:00
lethalman fa7860f84d Merge pull request #8036 from Profpatsch/locate
locate: option includeStore
2015-08-03 10:23:30 +02:00
Profpatsch 8c652379df locate: option includeStore 2015-08-02 01:04:13 +02:00
Benjamin Staffin ad4c957163 shout service: New module. 2015-08-01 03:36:45 -07:00
Eelco Dolstra f463d24903 Add read-only options
These are options that can have only one definition, regardless of
priority.
2015-07-30 13:44:50 +02:00
Eelco Dolstra d166c854b6 Add option system.stateVersion
This option requests compatibility with older NixOS releases with
respect to stateful data, in cases where new releases have defaults
that might be incompatible with system state of existing NixOS
deployments. For instance, if we change the default version of
PostgreSQL, existing deployments will break if the new version can't
read databases created by the old version.

So for example, setting

  system.stateVersion = "15.07";

requests that options like services.postgresql.package use defaults
corresponding to the 15.07 release branch. Note that
nixos-generate-config emits this option. (In the future, NixOps may
set system.stateVersion to the NixOS release in use when the machine
was created.)

See also #7939 for another motivating example.
2015-07-27 20:30:09 +02:00
Charles Strahan babb744b71 riak: new nixos service 2015-07-21 09:25:41 -04:00
James Cook a456168e5b Merge pull request #6702 from joachifm/dnscrypt-proxy
nixos: some improvements for dnscrypt-proxy
2015-07-12 00:17:46 -07:00
Robert Irelan f64a5dd3f3 subsonic service: init
Add a systemd service and UID/GID for the Subsonic personal media
streamer server (<http://subsonic.org>).
2015-07-05 17:25:42 -07:00
Shea Levy dd9530c819 Merge remote-tracking branch 'projectorhq/riemann-tools'
Add riemann-tools package and service
2015-07-01 08:45:33 -04:00
Robert Pitts and Trenton Strong bbb36ea039 Add riemann-tools to nixpkgs
Adds package via bundlerEnv and service for Riemann health.
2015-06-30 17:16:51 -04:00
Edward Tjörnhammar ed9dc1fd9e nixos: added gitit service 2015-06-28 12:39:52 +02:00
Russell O'Connor 46f06ccde7 uwsgi-service: Add user/group for uwsgi service.
Also add a uwsgi directory under /run (defaulting to /run/uwsgi) where the uwsgi user can place sockets.
2015-06-24 14:48:53 +00:00
Simon Vandel Sillesen 9dab1a840c tvheadend: init at 4.0.4 2015-06-24 13:22:09 +00:00