1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-26 23:52:33 +00:00
Commit graph

6389 commits

Author SHA1 Message Date
Alexei Robyn 49d679d7a8 dante service: init 2016-11-22 21:33:54 +11:00
Kier Davis db50ae78d0
boinc service: init 2016-11-22 01:14:40 +00:00
Christian Kampka 35ecef2c6d containers module: Add tmpfs options (#20557)
Allows one or more directories to be mounted as a read-only file system.

This makes it convenient to run volatile containers that do not retain
application state.
2016-11-22 02:11:33 +01:00
Domen Kožar 49d608ac00 create-amis: use jq instead of json 2016-11-22 01:59:49 +01:00
Nikolay Amiantov 42a180352f bumblebee service: replace bbswitch option with pmMethod
I added this option just today, so I don't think this needs a rename entry.
2016-11-22 02:35:12 +03:00
Domen Kožar f940d65b2d create-amis: add us-east-2 2016-11-21 21:26:23 +01:00
Daiderd Jordan c531cc2303 Merge pull request #20606 from mdaiter/riak_extraAdvancedConfig
riak: added extraAdvancedConfig option to service module
2016-11-21 18:22:01 +01:00
Domen Kožar 1944c984c3 create-amis: order matters 2016-11-21 16:43:09 +01:00
Joachim Fasting f9f354faad
nixos/modules: use defaultText where applicable
Primarily to fix rendering of these default values in the manual but
it's also nice to avoid having to eval these things just to build the
manual.
2016-11-21 16:35:15 +01:00
Eelco Dolstra d69dce080d
Fix setting programs.ssh.setXAuthLocation
The configuration { services.openssh.enable = true;
services.openssh.forwardX11 = false; } caused
programs.ssh.setXAuthLocation to be set to false, which was not the
intent. The intent is that programs.ssh.setXAuthLocation should be
automatically enabled if needed or if xauth is already available.
2016-11-21 16:19:51 +01:00
Domen Kožar 6e08a55474 create-amis.sh: another dep needed for EBS images 2016-11-21 15:56:51 +01:00
Matthew Daiter f11899798e riak: added extraAdvancedConfig option to service module 2016-11-21 15:46:04 +01:00
Nikolay Amiantov f10ec922e0 bumblebee service: make bbswitch optional 2016-11-21 17:29:31 +03:00
Nikolay Amiantov 44808cac65 bumblebee service: fix service dependencies 2016-11-21 17:29:26 +03:00
Jörg Thalheim cb8af0ca51 Merge pull request #19379 from nixy/master
grub bootloader: add forceInstall option
2016-11-21 15:15:45 +01:00
Daiderd Jordan 86310553ca Merge pull request #20598 from mdaiter/riak_defaultText
riak: add defaultText to service
2016-11-21 12:38:18 +01:00
Matthew Daiter c51847e121 stanchion: added default 2016-11-21 12:35:08 +01:00
Matthew Daiter 68827cd79a riak-cs: init at 2.1.1
riak-cs: added to all-packages

Added Riak CS nix file to pkgs

Added service file for Riak CS

Removed Erlang_basho specific bindings from the Riak CS repo

riak-cs: changed description

riak-cs: added license

riak-cs: added maintainer

riak_cs: chgned indentations

riak-cs: removed overly complex srcs mechanism

riak-cs: added systemd module

riak-cs: changed Erlang module to Basho-specific version

riak-cs: made modular form

riak-cs: Added a default package in service options

riak-cs: Fixed default package in service options

riak-cs: Patched Makefile

riak_cs: added to module-list

riak_cs: changed from string to actual package in modules

riak-cs: changed example

riak-cs: removed default

riak-cs: changed to defaultText

stanchion: changed default option to defaultText

riak-cs: added defaults; changed types to str
2016-11-21 12:30:11 +01:00
Matthew Daiter ab43f932ce riak: add defaultText to service
riak: add default to service
2016-11-21 12:26:48 +01:00
Matthew Daiter 709631b47f stanchion: changed default option to defaultText 2016-11-21 12:07:06 +01:00
James Cook fc10bf81a1 Revert "riak-cs: add to nixpkgs" 2016-11-20 19:48:28 -08:00
Matthew Daiter bfc1ba475a riak-cs: init at 2.1.1
riak-cs: added to all-packages

Added Riak CS nix file to pkgs

Added service file for Riak CS

Removed Erlang_basho specific bindings from the Riak CS repo

riak-cs: changed description

riak-cs: added license

riak-cs: added maintainer

riak_cs: chgned indentations

riak-cs: removed overly complex srcs mechanism

riak-cs: added systemd module

riak-cs: changed Erlang module to Basho-specific version

riak-cs: made modular form

riak-cs: Added a default package in service options

riak-cs: Fixed default package in service options

riak-cs: Patched Makefile

riak_cs: added to module-list

riak_cs: changed from string to actual package in modules
2016-11-20 23:55:17 +01:00
Matthew Daiter f7c097556b stanchion: init at 2.1.1 2016-11-20 23:17:49 +01:00
Joachim Fasting 2eb6ec1bc4
grsecurity module: remove code pertaining to zfs
I don't know if it still the case that zfs fails to boot; either way,
that's the user's responsibility to contend with.
2016-11-20 23:01:22 +01:00
Joachim Fasting 98935c7103
grsecurity module: remove requiredKernelConfig
Using a custom package set with the NixOS module is no longer
something I wish to support.  It's still *possible* but not
advertised.  Secondly, the requiredKernelConfig didn't really
do anything (setting kernelPackages to a non-grsec kernel would
just silently let the user boot into a non-grsec setup ...).
2016-11-20 23:00:41 +01:00
Joachim Fasting 5ad8a56d16
grsecurity module: remove use of mkEnableOption 2016-11-20 23:00:24 +01:00
goibhniu 322f5e5132 Merge pull request #20319 from NixOS/nm-containers
NixOS Manual: Container Networking with NM
2016-11-20 18:15:03 +01:00
Cillian de Roiste c9b0e88c0b NixOS Manual: Container Networking with NM
Network Manager calls dhclient on container interfaces and fails
which locks you out of the container after a few seconds, unless
you tell it not to manage these interfaces.
2016-11-20 17:25:33 +01:00
Nikolay Amiantov 15567e6d8e tarsnap service: fix multiple simultaneous archives with a single key 2016-11-20 19:15:52 +03:00
Nikolay Amiantov 6bb292d42b parsoid service: update, use declarative configuration
Old configuration format is disabled now (it can still be used, but with
additional steps). This is a backwards incompatible change.
2016-11-20 19:12:14 +03:00
Nikolay Amiantov 382047a135 sane service: support remote scanners 2016-11-20 19:09:03 +03:00
Nikolay Amiantov 65f9341370 sane service: add saned support 2016-11-20 19:09:02 +03:00
Nikolay Amiantov 4111710b8e bumblebee service: blacklist additional nvidia modules 2016-11-20 19:08:52 +03:00
Joachim F eca9955b83 Merge pull request #20485 from anoever/master
vmware-guest: fix vmmouse driver
2016-11-20 03:39:28 +01:00
Jörg Thalheim c54d2860dc Merge pull request #20469 from Mic92/initrd-ssh
initrd-ssh: fix authorized_key generation with multiple keys
2016-11-18 23:16:44 +01:00
Andreas Noever 9a1507f253 vmware-guest: fix vmmouse driver
Fix automatic mouse grabbing/releasing when running as a vmware guest.

1. The xf86inputvmmouse is not loaded by default. Add it.
2. InptutDevice sections for which specify a driver are ignored if
AutoAddDevices is enabled (which it is by default). See [1]. Instead use
an InputClass to load the vmmouse driver.

[1] https://www.x.org/archive/X11R7.7/doc/man/man5/xorg.conf.5.xhtml#heading8
2016-11-18 19:58:44 +01:00
Emery Hemingway 60ded3f363 nixos/cjdns: do not ammend /etc/hosts
Generating IPv6 addresses at eval time required building cjdns.

Fix #20422
2016-11-18 18:41:50 +01:00
Thomas Tuegel 6cd867dd4c Merge pull request #20433 from ttuegel/install-cd-kde-5
Use KDE 5 for the graphical installation DVD
2016-11-18 11:29:47 -06:00
Joachim F 2bb30e5d66 Merge pull request #20467 from ericsagnes/feat/module-enums-2
modules: use enum when relevant
2016-11-17 22:48:26 +01:00
Franz Pletz 6a5ae21c47 Merge pull request #20421 from mayflower/refactor/clamav-service
clamav service: refactor
2016-11-17 19:37:53 +01:00
aszlig 6cfb3b6364
nixos/tests: Use a patched QEMU for testing
The reason to patch QEMU is that with latest Nix, tests like "printing"
or "misc" fail because they expect the store paths to be owned by uid 0
and gid 0.

Starting with NixOS/nix@5e51ffb1c2, Nix
builds inside of a new user namespace. Unfortunately this also means
that bind-mounted store paths that are part of the derivation's inputs
are no longer owned by uid 0 and gid 0 but by uid 65534 and gid 65534.

This in turn causes things like sudo or cups to fail with errors about
insecure file permissions.

So in order to avoid that, let's make sure the VM always gets files
owned by uid 0 and gid 0 and does a no-op when doing a chmod on a store
path.

In addition, this adds a virtualisation.qemu.program option so that we
can make sure that we only use the patched version if we're *really*
running NixOS VM tests (that is, whenever we have imported
test-instrumentation.nix).

Tested against the "misc" and "printing" tests.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-11-17 17:16:16 +01:00
Joachim F 2c01da3654 Merge pull request #20384 from ericsagnes/feat/bspwm-refactor
bspwm module: refactor
2016-11-17 15:37:07 +01:00
Domen Kožar 2326c8de4d cloud-utils: 0.27 -> 0.29
We keep the existing hacks for growpart to work
inside the initrd

Fixes #15736 #17015
2016-11-17 15:15:42 +01:00
Jaka Hudoklin 5bc7ae7adb kubernetes module: support for kubernetes 1.4 2016-11-17 02:46:31 +01:00
Eelco Dolstra 69bea26ea9 sddm: Enable user switching
It was lacking the dbus configuration to bind to
org.freedesktop.DisplayManager, and it was passing fixed TTY/display
numbers to the X server (see 9be012f0d4).
2016-11-16 23:38:50 +01:00
Domen Kožar 67f3e2853b create-amis.sh: use nix-shell for convenience 2016-11-16 16:49:32 +01:00
Jörg Thalheim 7ad01f5f0c initrd-ssh: fix authorized_key generation with multiple keys
multiple entries should be separated by newline
2016-11-16 14:47:37 +00:00
Eric Sagnes 0ebc5ec7cb network-interfaces: use enum 2016-11-16 22:37:57 +09:00
Eric Sagnes 4a600b0437 raspberrypi module: use enum 2016-11-16 22:37:36 +09:00
Eric Sagnes 15d25df698 nsd module: use enum 2016-11-16 22:37:14 +09:00
Eric Sagnes 5259fb2181 nntp-proxy module: use enum 2016-11-16 22:36:53 +09:00
Eric Sagnes fb26d561ed hostapd module: use enum 2016-11-16 22:36:26 +09:00
Eric Sagnes 9513ab45aa duosec module: use enum 2016-11-16 22:36:05 +09:00
Eric Sagnes 61efe92e68 fontconfig module: use enum 2016-11-16 22:35:46 +09:00
Joachim F a105b3aff9 Merge pull request #20392 from jerith666/cp-48
crashplan: 4.7.0r2 -> 4.8.0r1
2016-11-15 22:34:38 +01:00
Thomas Tuegel 66d9772f0b
installation-cd-graphical-kde: put manual link directly on desktop 2016-11-15 07:21:40 -06:00
Thomas Tuegel 8c3aa5a484
kde5: add enableQt4Support option 2016-11-15 07:21:40 -06:00
Thomas Tuegel c9146d7e5f
kde5: don't install oxygen-icons5 if breeze-icons is present 2016-11-15 07:21:39 -06:00
Thomas Tuegel 456414c519
installation-cd-graphical-kde: use KDE 5 2016-11-15 07:18:46 -06:00
Michael Stapelberg 9cbf8a0652 Fix buildMachines example: use lists, not string (#20361)
Using the example before this commit resulted in the following error:

```
error: value is a string while a list was expected, at /nix/var/nix/profiles/per-user/root/channels/nixos/nixpkgs/nixos/modules/services/misc/nix-daemon.nix:349:37
```
2016-11-15 07:04:32 +01:00
Franz Pletz 45854a02e8 services/tahoe: SFTP support (#20372) 2016-11-15 07:01:04 +01:00
Franz Pletz 9e1e3b2880
clamav service: refactor
* Sync systemd units with upstream. Upstream uses SIGUSR2 instead of SIGHUP
  to reload the clamd service.

* Convert freshclam service to a oneshot service activated by a systemd timer.
  This way we can make clamd wait for freshclam to finish fetching the virus
  database before failing to start if the database doesn't exist yet.

* Fixes console tools to work as expected as they require hardcoded config
  file locations.
2016-11-15 04:47:14 +01:00
Franz Pletz 02e9c88d77
clamav: don't bundle freshclam config with package
Building clamav is expensive due to the bundled llvm.

Closes #20304.
2016-11-15 02:06:02 +01:00
Joachim Fasting 999ac3056d
cjdns test: fix typo
Noticed by @vcunat
daf3ba426b (commitcomment-19820962)
2016-11-15 01:57:30 +01:00
Corbin 2548fd6908 services/tahoe: SFTP support. 2016-11-13 17:13:18 -08:00
Matt McHenry ee6dfa1e9e crashplan: 4.7.0r2 -> 4.8.0r1 2016-11-13 14:38:14 -05:00
Vladimír Čunát 1ac5869907
Merge #19936: vulkan / amdgpu-pro update 2016-11-13 20:06:40 +01:00
David McFarland 6bf27c2cae vulkan-loader: allow validation layers to be enabled
The loader now uses XDK_DATA_DIRS to find drivers and layers.
2016-11-13 12:44:27 -04:00
David McFarland e783cc90a0 opengl: add driver paths to XDG_DATA_DIRS 2016-11-13 12:44:27 -04:00
Eric Sagnes 8ea1e93537 i3 module: refactor 2016-11-14 00:58:49 +09:00
Eric Sagnes 293da497c3 bspwm module: refactor 2016-11-14 00:41:05 +09:00
Marc Weber b51f165334 apache-httpd
* Introduce listen = [ { ip = "*"; port = 443; } ]; configuartion.
* deprecated port = 443 option which is no longer needed
2016-11-12 15:35:38 +01:00
Graham Christensen cbe7ca77db Merge pull request #20351 from bachp/etcd-new-port
etcd: make all service using etc go to 127.0.0.1:2379 by default
2016-11-12 07:18:18 -05:00
Joachim Fasting 852b365928
Revert "cjdns: Disable tests"
This reverts commit 0ba3d429a7.
2016-11-12 13:09:28 +01:00
Joachim Fasting f059c7f754
Revert "cjdns test: exercise host builder logic"
This reverts commit daf3ba426b.

This is an alternative to 0ba3d429a7,
which disables the test outright.  Briefly, exercising builders which
rely on import-from-derivation can cause Hydra jobsets to time out.
2016-11-12 13:09:17 +01:00
Alex Ivanov ccf8566bdd yandex-disk service: add exclude-dirs option 2016-11-12 12:36:33 +03:00
Alex Ivanov 5f8aa15e84 yandex-disk service: correct permissions 2016-11-12 12:02:33 +03:00
Pascal Bach c1dca9e40b etcd: make all service using etc go to 127.0.0.1:2379 by default
The old etcd port 4001 is no longer enabled by default in etcd 3.
The new port is 2379 and is officially assigned by IANA.

There were still some services left that expect etcd on port 4001 by default.
This changes the default to 2379 everywhere.

It should not cause problems for users as the etcd by nix does listen on the new port only by default anyway.
2016-11-11 23:11:54 +01:00
Joachim F 7edd5ab54f Merge pull request #20340 from romildo/fix.lxqt
lxqt: it is capable of setting a background
2016-11-11 17:19:31 +01:00
Gregor Kleen 54199414e3 nsd service: fix typo
Closes #20343.
2016-11-11 14:06:07 +01:00
romildo 53c3cf3fb9 lxqt: it is capable of setting a background 2016-11-11 08:04:59 -02:00
Joachim F e76b0fa7d9 Merge pull request #20241 from matthewbauer/patch-1
virtualbox-demo: Add modesetting to drivers
2016-11-10 22:44:17 +01:00
aszlig c67a7ee731
Merge branch 'chromium-update-with-gn'
This brings in the new stable version 54 which also introduces a lot of
security fixes:

  CVE-2016-5198: Out of bounds memory access in V8
  CVE-2016-5181: Universal XSS in Blink
  CVE-2016-5182: Heap overflow in Blink
  CVE-2016-5183: Use after free in PDFium
  CVE-2016-5184: Use after free in PDFium
  CVE-2016-5185: Use after free in Blink
  CVE-2016-5187: URL spoofing
  CVE-2016-5188: UI spoofing
  CVE-2016-5192: Cross-origin bypass in Blink
  CVE-2016-5189: URL spoofing
  CVE-2016-5186: Out of bounds read in DevTools
  CVE-2016-5191: Universal XSS in Bookmarks
  CVE-2016-5190: Use after free in Internals
  CVE-2016-5193: Scheme bypass

Detailed announcements about these changes can be found here (latest to
oldest):

https://googlechromereleases.blogspot.de/2016/11/stable-channel-update-for-desktop.html
https://googlechromereleases.blogspot.de/2016/10/stable-channel-update-for-desktop_20.html
https://googlechromereleases.blogspot.de/2016/10/stable-channel-update-for-desktop.html

The update process of Chromium has been a bit bumpy on our side, because
version 54 also did the switch from GYP to GN so it wasn't just a matter
of updating the upstream-info file.

I've tested the Flash plugin (which runs fine) and WideVine manually,
although I couldn't get WideVine to work (I was running this within a VM
though).

So if people want to use WideVine they need to use Chrome instead until
we got this sorted out.

VM test results along with builds for all platforms can be found here:

https://headcounter.org/hydra/eval/339328

I'm going to backport these changes to stable as soon as the
tests/builds succeed there as well.

Closes: #19565
Closes: #20120
2016-11-09 09:55:31 +01:00
aszlig 4e7eb75a79
nixos/tests/chromium: Fix popup detection
Sometimes it happens that the "Type to search or enter a URL to
navigate" popup doesn't show, but all we need to know at this time is
whether Chromium has finished starting up.

So checking for the "startup done" page is a better option here.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-11-09 09:41:10 +01:00
Eelco Dolstra 0ba3d429a7 cjdns: Disable tests
Since 8180922d23, the cjdns module
imports from a derivation, which is very bad. It causes all of stdenv
to be built at evaluation time. Since we have a hard 3600 second limit
on Hydra evaluations, this was causing NixOS jobsets to time out.

@joachifm
2016-11-08 20:35:03 +01:00
Robin Gloster f422afd07d
errbot service: fix import config in plugins 2016-11-08 17:44:52 +01:00
Rob Vermaas b0dd048cc5 hound: make mercurial indexing work
(cherry picked from commit 990716ce72)
2016-11-08 14:09:07 +00:00
Philipp Hausmann 632282300a nginx service: Add missing port toString conversion (#20252) 2016-11-08 13:34:04 +01:00
Maximilian Güntner 7fa157c558
services: Add Interplanetary File System service
Signed-off-by: Maximilian Güntner <code@klandest.in>
2016-11-07 22:01:38 +01:00
Matthew Justin Bauer 6de20a7fe4 virtualbox-demo: Add modesetting to drivers
This needs to be included for VirtualBox to detect that it needs to start the video driver. "modesetting" is also set in virtualbox-image.nix but this line seems to take precedence over that one (even though the virtualbox-image.nix has a higher override?) This should fix the problems that I and a few others have been having with the .ova files built for nixos.org.

Fixes #20007.
2016-11-07 14:36:41 -06:00
Andres Nötzli 95b5e4c46a NixOS manual: Update link to list of AMIs 2016-11-07 11:24:15 -08:00
Joachim F 858f088007 Merge pull request #20063 from romildo/new.lumina
lumina: init at 1.1.0-p1
2016-11-06 15:29:14 +01:00
Joachim Schiele 47d81ed347 leaps: 0.5.1 + add a service + test 2016-11-06 10:34:42 +01:00
Edward Tjörnhammar 4009dbe543
nixos: i2pd, update config options 2016-11-06 08:13:04 +01:00
Eric Sagnes e14de56613 module system: extensible option types 2016-11-06 00:05:58 +01:00
Eric Sagnes 1fe1cdecb2 types: loeOf -> listOf 2016-11-05 21:46:42 +01:00
Joachim F 32715b8314 Merge pull request #17445 from joachifm/dnscrypt-proxy-update-list
dnscrypt-proxy service: auto-updated resolver list
2016-11-05 18:23:48 +01:00
Joachim Fasting 806e652e51
dnscrypt-proxy test: simplification 2016-11-05 17:45:02 +01:00
Joachim Fasting 2f912bf0a3
dnscrypt-proxy service: auto-update upstream resolver list
By default, we use the list of public DNSCrypt resolvers provided by
dnscrypt-proxy upstream. The list is updated at regular intervals.
2016-11-05 17:44:51 +01:00
Joachim F 2c567dbd4d Merge pull request #20144 from ericsagnes/feat/module-enums
modules: use enum when relevant
2016-11-05 12:18:04 +01:00
Vladimír Čunát 5d5efcea14
Merge #20001: docs: use overrideAttrs instead of overrideDerivation 2016-11-05 11:03:59 +01:00
Vladimír Čunát 559ddae410
nixos manual: clarify "attributes of function" 2016-11-05 11:02:04 +01:00
Eric Sagnes 986510de45 logcheck module: use enum 2016-11-05 13:24:53 +09:00
Sophie Taylor 20e81f7c0d nixos/cjdns: tightened permissions via systemd, added caps 2016-11-04 17:00:23 +01:00
uwap d9134ddb5d Add a package option for quassel (#20159) 2016-11-04 16:33:47 +01:00
Joachim Fasting daf3ba426b
cjdns test: exercise host builder logic 2016-11-04 13:45:04 +01:00
Joachim Fasting 222cfd3233
cjdns module: fix typo 2016-11-04 13:44:48 +01:00
Eric Sagnes ffc0e2f4fc network-interfaces module: use enum 2016-11-04 13:05:44 +09:00
Eric Sagnes 80b854739c grub module: use enum 2016-11-04 13:05:13 +09:00
Eric Sagnes 797d40767d fcgiwrap module: use enum 2016-11-04 13:04:52 +09:00
Eric Sagnes 8f8184ece1 tinc module: use enum 2016-11-04 13:04:17 +09:00
Eric Sagnes 5a3c2e3db0 bitlbee module: use enum 2016-11-04 13:03:53 +09:00
Eric Sagnes 943f161fc5 ghost-one module: use enum 2016-11-04 13:03:18 +09:00
Joachim F 9f94595485 Merge pull request #20121 from mbrgm/fix/smokeping-setuid-fping
smokeping service: Use setuid-wrapped fping binary
2016-11-04 00:01:23 +01:00
Nikolay Amiantov 5187c28f91 parsoid service: don't run as a superuser 2016-11-03 19:20:19 +03:00
Nikolay Amiantov 0fa07f1b20 parsoid service: fix for new parsoid 2016-11-03 19:20:19 +03:00
Ricardo M. Correia af01fa71e0 nixos.libvirtd: fix broken VMs due to emulator path changes
This had already been fixed in f52f9bf7cd,
but the problem was reintroduced in
bce59a1a8b because the path to the XML
files changed.
2016-11-03 14:55:44 +01:00
Andrew R. M a31bf8961a grub bootloader: add forceInstall option
Using the --force option on GRUB isn't recommended, but there are very
specific instances where it makes sense. One example is installing on a
partitionless disk.
2016-11-03 05:50:42 -04:00
Marius Bergmann 51652ac3aa smokeping service: Use setuid-wrapped fping binary
The current default probe config uses the unwrapped fping binary, which
leads to an error because fping must be executed with elevated
permissions.

I fixed this by changing the path to the default binary to the
setuid-wrapped version.
2016-11-03 09:44:21 +01:00
Franz Pletz 8085aff315 Merge pull request #20015 from Mic92/adb
adb: init module
2016-11-03 06:29:28 +01:00
Peter J. Jones d19967bf48 vsftpd service: add extraConfig option, set anon_root (#20069)
This commit includes two changes:

  1. A new `extraConfig` option to allow administrators to set any
     vsftpd configuration option that isn't directly supported by this
     derivation.

  2. Correctly set the `anon_root` vsftpd option to `anonymousUserHome`
2016-11-03 05:06:47 +01:00
Eric Sagnes 7fd38dc8b3 znc module: optionSet -> submodule (#20096) 2016-11-03 05:02:14 +01:00
Tim Steinbach 08fb099b82 Merge pull request #20085 from mbrgm/fix/smokeping-permissions
smokeping service: Fix permissions in $smokepingHome
2016-11-02 20:26:29 -04:00
Tim Steinbach 04b22dd935 Merge pull request #19982 from sternenseemann/netcat
Make netcat-openbsd the default netcat
2016-11-02 19:44:29 -04:00
Bjørn Forsman 2f8ac21e1b nixos: remove test-config-examples.sh (obsolete)
This file has been non-functional for over two years, since
commit f002a27a80 ("Remove obsolete directory") removed
.../doc/config-examples/.
2016-11-02 22:46:19 +01:00
Marius Bergmann 248bf519c9 smokeping service: Fix permissions in $smokepingHome
In the prestart config of the smokeping service, smokeping is executed
initially. This happens as the user root and writes some files to
$smokepingHome, which can't be overwritten by the smokeping user. This
gives an error message.

I fixed this by moving the chown step after the initial smokeping runs,
so that it also affects the generated files.
2016-11-02 13:18:57 +01:00
Ruben Maher 08d7fbb42d
matrix-synapse: Allow keys to be generated
The matrix-synapse user has `createHome = true;` which runs before the
`preStart` script, so the home directory will always exist and the block
will never execute.

Also don't include default path to keys in the configuration file,
because synapse will choke if it tries to open them before they
exist (even with `--generate-keys`).
2016-11-02 10:10:46 +01:00
romildo a25e6bc8db lumina: init at 1.1.0-p1 2016-11-01 17:06:39 -02:00
Tim Steinbach 96e462cbe1 Merge pull request #19963 from groxxda/mpich
mpich: remove unused test
2016-11-01 09:22:37 -04:00
Edward Tjörnhammar f7ad0c0fd5 Merge pull request #19675 from edwtjo/dictd-touchup
Dictd touchup
2016-10-31 13:08:57 +01:00
Jörg Thalheim 08ebb422c5
adb: init module 2016-10-31 11:30:07 +01:00
Aneesh Agrawal 3d99eea852 docs: use overrideAttrs instead of overrideDerivation 2016-10-30 14:34:40 -04:00
sternenseemann e2372502d3 netcat: make netcat-openbsd the default netcat (#19411)
The motivation for this change is the following: As gnu-netcat,
e. g. does not support ipv6, it is not suitable as default netcat.

This commit also fixes all obvious build issues caused by this change.
2016-10-30 15:06:04 +01:00
Aristid Breitkreuz db537ed87d opensmtpd service: fix evaluation error caused by Joachim's refactoring 2016-10-30 11:34:16 +01:00
Timofei Kushnir faa6f9b6b3 grsecurity: fix 'isYes' and 'isNo' 2016-10-29 14:26:06 +03:00
Alexander Ried bb8b48c794 mpich: remove unused test 2016-10-29 07:33:28 +02:00
Joachim Fasting 420cf50838
dnscrypt-proxy module: minor config example tweaks
- Indentation
- unbound automatically handles local forward addresses
2016-10-29 03:04:00 +02:00
Joachim Fasting d198e474a8
dnscrypt-proxy service: remove use of mkEnableOption 2016-10-29 03:03:50 +02:00
aszlig 3d4b6257d6
nixos/stage1: Fix local keyword outside function
Thanks to @NeQuissimus in a5c1985fef for
updating busybox, which since version 1.25 doesn't allow local variables
outside of functions anymore (which is the desired behaviour).

See the following upstream commit of busybox which is the change that
let's this problem surface:

https://git.busybox.net/busybox/commit/?id=ef2386b80abfb22ccb697ddbdd4047aacc395c50

So this has been an error I've made on my end in
67223ee205, because I originally had a
function for killing the processes but desired to inline it because it's
only used in one place.

This fixes the boot-stage1 NixOS test.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-10-28 22:50:44 +02:00
Joachim Fasting 6977b94e9b
Revert "xserverArgs fuckup"
This reverts commit c2922a9157.

See https://github.com/NixOS/nixpkgs/issues/19930

While the above commit is designed to allow GDM to work, it appears to
break other use cases.  In particular, it breaks tests involving X
usage (e.g., i3wm[1] and firefox[2]), which makes it difficult to assess
the impact of other changes and so hampers development of unrelated
features.

https://hydra.nixos.org/build/42852015
https://hydra.nixos.org/build/42851666
2016-10-28 19:30:12 +02:00
Joachim F 1da6dd3eee Merge pull request #19875 from joachifm/cjdns-for-upstream
Cjdns module enhancments
2016-10-28 13:01:58 +02:00
Joachim Fasting 8180922d23 cjdns service: refactor cjdns hosts builder
The old version would export two lists to a bash builder and do pairwise
processing on the bash side.  In the new version we instead generate a
logic free builder on the Nix side. This is not only conceptually
simpler but reduces the amount of code and intermediate values.
2016-10-27 14:15:54 +02:00
Joachim Fasting 9654e09b5a cjdns service: ensure that generated passwd has requested length
`head -cNUM ... | tr -dc SET` might generate output containing fewer
than NUM characters.  Given the limited alphabet, this could result in a
fairly weak passphrase. The construction `tr </dev/urandom | head
-cNUM`, however, is sure to give us the full `NUM`.
2016-10-27 14:15:53 +02:00
Joachim Fasting e94bd6f31d cjdns service: protect /home and /tmp 2016-10-27 14:15:52 +02:00
Joachim Fasting 5fba586650 cjdns service: better types
- types.string -> str, string is deprecated
- change type of confFile option to nullOr path, makes more sense
2016-10-27 14:15:52 +02:00
Joachim Fasting afe67f28a3 cjdns service: use cfg.enable shortcut 2016-10-27 14:15:51 +02:00
Joachim Fasting 79d216b8f4 cjdns service: whitespace cleanup 2016-10-27 14:15:51 +02:00
Joachim F 371a595f3c Merge pull request #19874 from joachifm/opensmtpd-refactorings
Opensmtpd module refactorings
2016-10-27 13:39:09 +02:00
Joachim F 709c6a6238 Merge pull request #19876 from joachifm/fix-virtualbox-test
virtualbox-{systemd-detect-virt,net-hostonlyif} test: fix dbus socket dir
2016-10-27 13:02:16 +02:00
Michał Pałka fc3eed2cb0 xen service: fix wrong netmask handed out by xen-bridge.service
The dnsmasq instance run by the xen-bridge.service errorenously
hands out 172.16.0.0 as the netmask over DHCP to the VMs. This
commit removes the option responsible for that from dnsmasq.conf,
so that the proper netmask is inferred by dnsmasq instead.

Addresses https://github.com/NixOS/nixpkgs/issues/19883
2016-10-26 16:26:01 +00:00