Samuel Leathers
85329b96e0
nixos/airsonic: add module
2017-08-23 13:06:28 -04:00
danbst
63f8122cd9
nixos tests: add test for declarative containers, that container config changes
...
are applied on `nixos-rebuild switch` invocations.
2017-08-23 12:43:07 +03:00
Bas van Dijk
09bde4a2cd
elk: 5.4.2 -> 5.5.2
...
Release notes:
* https://www.elastic.co/guide/en/elasticsearch/reference/5.5/release-notes-5.5.2.html
* https://www.elastic.co/guide/en/logstash/5.5/logstash-5-5-2.html
* https://www.elastic.co/guide/en/kibana/current/release-notes-5.5.2.html
2017-08-23 01:58:12 +02:00
Joachim F
f1514a5876
Merge pull request #27699 from volth/varnish-fixes-sq
...
nixos/varnish: made compatible with varnish 5.1.2, add modules
2017-08-22 22:01:00 +00:00
Robin Gloster
ce7e2c06b1
prometheus-unifi-exporter: make ordering more robust
2017-08-22 20:26:18 +02:00
Benjamin Staffin
2e65e2df94
nixos: Fix pam_kwallet5 integration
...
Fixes #28469
2017-08-22 11:52:14 -04:00
SLNOS
2c4a925ab0
nixos: tor: rename portSpec -> port, type all "port"s properly
2017-08-22 14:57:07 +00:00
SLNOS
30a3cccd07
nixos: tor: better submodule for hidden services
...
Rebased onto master with a different implementation.
Originally: "add support for serving hidden services".
2017-08-22 14:57:07 +00:00
SLNOS
9226f4886f
nixos: tor: more options, no unexpected consequences for default relay operators
...
Before this commit default relay configuration could produce unexpected
real life consequences. This patch makes those choices explicit and
documents them extensively.
2017-08-22 14:57:06 +00:00
danbst
65ff0d5f9d
switch-to-configuration: fix detection of changes between rebuilds for template instances
...
This makes declarative containers truly reloadable. Current code already declares it:
56904d7c42/nixos/modules/virtualisation/containers.nix (L488)
```
restartIfChanged = false;
```
56904d7c42/nixos/modules/virtualisation/containers.nix (L540)
```
reloadIfChanged = true;
```
Original author: @chrisfarms in 6e36619b27
Most of stuff from that commit has already been ported.
2017-08-22 15:04:18 +03:00
Christian Albrecht
964799e556
sks and pgpkeyserver-lite modules: init ( #27515 )
...
* modules sks and pgpkeyserver-lite:
runs the sks keyserver with optional nginx proxy for webgui.
* Add calbrecht to maintainers
* module sks: fix default hkpAddress value
* module pgpkeyserver-lite: make hkpAddress a string type option
and use (builtins.head services.sks.hkpAddress) as default value
* module sks: remove leftover service dependencies
2017-08-22 12:27:00 +02:00
Franz Pletz
66fe192301
Merge pull request #28293 from makefu/module/gitlab-runner/configOptions
...
module gitlab-runner: introduce configOptions and configFile
2017-08-21 20:27:48 +02:00
Franz Pletz
cfb716e6a5
phpfpm service: remove NoNewPrivileges systemd option
...
This interferes with sendmail because suid won't work. Fixes #26611 .
2017-08-21 19:24:17 +02:00
Frederik Rietdijk
6bbc3a0b24
Merge commit '3b29468313bc8604fe8f85c8d9316fd276d3985c' into HEAD
2017-08-21 04:44:40 +02:00
Casey Rodarmor
ae02dd2d0a
nixos/mpd: allow configuring playlist directory ( #28252 )
2017-08-20 20:34:34 +00:00
Vladimír Čunát
7c7c83e233
buildLinux: allow overriding stdenv on each call
2017-08-20 08:24:52 +02:00
Tuomas Tynkkynen
affcf92287
nixos/tests: Make the UEFI boot test release-critical
...
Seems to be working fine, based on the history:
https://hydra.nixos.org/job/nixos/trunk-combined/nixos.tests.installer.simpleUefiGummiboot.i686-linux/all
https://hydra.nixos.org/job/nixos/trunk-combined/nixos.tests.installer.simpleUefiGummiboot.x86_64-linux/all
2017-08-19 08:46:48 +02:00
Tuomas Tynkkynen
0488cb1802
tests/installer: Rename simpleUefiGummiboot -> simpleUefiSystemdBoot
...
It hasn't been called Gummiboot for ages.
2017-08-19 08:46:48 +02:00
volth
9e00c643d8
boot.kernelParams: dedup and sort
...
dedup and sort boot.kernelParams to avoid restarting services on eval order change
Fixes https://github.com/NixOS/nixpkgs/issues/28277
2017-08-19 06:21:13 +00:00
Maximilian Bosch
a73c721f3f
programs.zsh: move evlauation of ${zshAliases}
after cfg.interactiveShellInit
...
`cfg.interactiveShellInit` is used by modules like
`programs.zsh.oh-my-zsh`. This means that all aliases defined in
`programs.zsh.shellAliases` might be overriden which is highly
unpredictable
2017-08-18 21:48:38 +02:00
Michael Peyton Jones
e675296a9c
Release notes: add note for overlays via file
2017-08-17 22:13:39 +00:00
Maximilian Güntner
0f02879e01
ipfs: added defaultMode, added norouting service
2017-08-17 03:30:57 +02:00
makefu
e6785422ae
module gitlab-runner: introduce configOptions and configFile
...
Also removes configText, functionality is now provided more conveniently by configOptions.
Keep in mind that this breaks compatibility with previous configurations,
configFile provides a means to protect the CI token from being written into the nix store.
2017-08-15 16:06:55 +02:00
Peter Hoeg
698efcb7b5
open-vm-tools: do not pull x dependencies unconditionally
...
The "headless" configuration option is ignored because we unconditionally
reference pkgs.open-vm-tools.
This fixes that.
2017-08-15 17:05:30 +08:00
gnidorah
b73ae0a695
maxx: move deps from module to package
2017-08-14 11:13:49 +03:00
Jean-Pierre PRUNARET
e6157451c1
nixos/munin: scripts need to be executable in order to build a wrapper
...
"Builder called die: Cannot wrap
/nix/store/XXX-munin-available-plugins/plugin.sh because it is not an
executable file"
[Bjørn: Keep DRY, quote "$file".]
2017-08-14 07:50:32 +02:00
Joachim F
3e21f91a39
Merge pull request #27796 from LumiGuide/postage
...
postage: init at 3.2.17 & add NixOS module
2017-08-13 20:59:06 +00:00
Joachim Fasting
c0769dc6ef
nixos/hardened profile: increase ASLR entropy
2017-08-13 21:44:13 +02:00
Franz Pletz
2d5a04e5bd
nixos/agetty: override upstream default
...
Also see c2cf696430
.
2017-08-13 19:07:38 +02:00
Frederik Rietdijk
7ebcd39a0f
Merge commit '4c49205' into HEAD
2017-08-13 18:34:59 +02:00
Silvan Mosberger
e16a0988bc
radicale: 1.1.4 -> 2.1.2
...
This commit readds and updates the 1.x package from 1.1.4 to 1.1.6 which
also includes the needed command for migrating to 2.x
The module is adjusted to the version change, defaulting to radicale2 if
stateVersion >= 17.09 and radicale1 otherwise. It also now uses
ExecStart instead of the script service attribute. Some missing dots at
the end of sentences were also added.
I added a paragraph in the release notes on how to update to a newer
version.
2017-08-13 17:23:43 +02:00
Peter Hoeg
4ce76d9e1a
ddclient nixos module: follow best practice for running daemons
...
Couple of changes:
- move home to /var/lib/ddclient so we can enable ProtectSystem=full
- do not stick binary into systemPackages as it will only run as a daemon
- run as dedicated user/group
- document why we cannot run as type=forking (output is swallowed)
- secure things by running with ProtectSystem and PrivateTmp
- .pid file goes into /run/ddclient
- let nix create the home directory instead of handling it manually
- make the interval configurable
2017-08-13 21:56:48 +08:00
Peter Hoeg
beec141d84
ddclient: assign group for ddclient
2017-08-13 21:56:48 +08:00
Franz Pletz
9fda9f8c79
Merge pull request #27903 from volth/issue-27857-libvirt-xml-manipulation
...
libvirt: 3.5.0 -> 3.6.0
2017-08-12 21:45:01 +02:00
Nadrieril
69a4836df5
firefox syncserver service: run as non-root user by default
2017-08-12 14:42:50 +01:00
Frederik Rietdijk
c06fb4a269
Merge pull request #28188 from Nadrieril/ffsync-fix-pythonpath
...
firefox syncserver service: fix PYTHONPATH
2017-08-12 15:11:53 +02:00
Nadrieril
d6c1d2f793
firefox syncserver service: fix PYTHONPATH
2017-08-12 14:08:25 +01:00
Robin Gloster
79ac09ea06
ripple-rest: remove
...
marked as broken for > 1 yr, development is frozen and author recommends
moving to https://github.com/ripple/ripple-lib
2017-08-12 13:38:32 +02:00
Franz Pletz
5d2764eb68
prometheus-blackbox-exporter: 0.5.0 -> 0.8.1
2017-08-12 11:05:23 +02:00
Jörg Thalheim
c2e7b0e0b4
Merge pull request #27997 from richardlarocque/mosquitto_hashed_pass_docs
...
nixos/mosquitto: Fix instructions for password gen
2017-08-12 09:07:22 +01:00
Franz Pletz
59fa868b01
tests.plasma5: fix hash
2017-08-12 00:55:32 +02:00
Phil
b4d2cd6f6a
nixos/tor: add tor hidden service options ( #28081 )
...
* nixos/tor: add hiddenServices option
This change allows to configure hidden services more conveniently.
* nixos/tor: fix default/example mixup
* nixos/tor: use docbook in documentation
Also use more elegant optionalString for optional strings.
* tor: seperate hidden service port by newline
* tor: better example for hidden service path
a path below /var/lib/tor is usually used for hidden services
2017-08-11 22:59:52 +01:00
Keith Amidon
f9204b9762
nixos/samba: fix pam service name typo ( #28049 )
...
The PAM service name used before this commit was "sambda", with an
extra 'd'. For some reason I don't quite fully understand this typo
prevents GDM from starting. This change fixes that as tested in VMs
built using "nixos-rebuild -I nixpkgs=<mypkgs> build-vm".
2017-08-11 20:13:33 +00:00
Robin Gloster
350a6c3726
tests.plasma5: fix eval
2017-08-11 21:53:17 +02:00
Franz Pletz
991745046f
Merge pull request #27993 from Nadrieril/rsync-run-as-user
...
rsync service: allow running as user (plus some tweaks)
2017-08-11 19:12:46 +02:00
Peter Hoeg
b6f7713d33
Merge pull request #28127 from peterhoeg/f/collectd
...
influxdb (on nixos): reduce closure size by 99.99% (and a bit)
2017-08-12 00:01:46 +08:00
Franz Pletz
9f7f85a3cd
nixos/tests/nginx: fix name
2017-08-11 17:37:14 +02:00
Franz Pletz
61d133c1ee
Merge pull request #27939 from evujumenuk/wireguard-rt_tables
...
wireguard: add per-peer routing table option
2017-08-11 16:27:07 +02:00
Peter Hoeg
211593fe49
influxdb nixos module: allow customizing the collectd dependency
2017-08-11 22:12:49 +08:00
Joachim F
793523d7bc
Merge pull request #28089 from volth/patch-9
...
nixos/tinc: do not tell systemd where is pidfile
2017-08-11 13:31:57 +00:00
Tristan Helmich
aa8e60d934
graylog module: adapt to Graylog version 2.3.0
2017-08-11 13:07:30 +02:00
Domen Kožar
486e1c3c16
Merge pull request #27998 from davidak/macOS
...
replace "Mac OS X" and "OS X" with "macOS"
2017-08-11 13:01:36 +02:00
Peter Simons
1b30d15369
Merge pull request #28123 from jerith666/post-fix-up
...
Post fix up
2017-08-11 09:36:58 +02:00
Dan Peebles
ca99ec3f58
amazon-image: fix typo in last commit
2017-08-11 02:12:39 +00:00
Dan Peebles
5def5bab3c
amazon-image: make image size configurable
2017-08-11 01:57:43 +00:00
Matt McHenry
9186dda4a9
postfix: wakeup value should be used even if wakeupUnusedComponent is not defined
2017-08-10 21:32:03 -04:00
Matt McHenry
01fbf30041
postfix: warn about deprecated extraMasterConf option
2017-08-10 21:32:03 -04:00
Matt McHenry
edd4a0efe3
postfix: fix typo in transport_maps path
2017-08-10 21:32:02 -04:00
Dan Peebles
5f372ef67f
amazon-image: support VPC/VHD as an output format for the builder
2017-08-10 22:57:26 +00:00
Dan Peebles
f3f8c584a4
amazon-image: Add disk format option to image builder module
2017-08-10 21:40:42 +00:00
volth
15351c4780
apply 'restartIfChanged = false' to all libvirtd services
...
Although it is quite safe to restart ```libvirtd``` when there are only ```qemu``` machines, in case if there are ```libvirt_lxc``` containers, a restart may result in putting the whole system into an odd state: the containers go on running but the new ```libvirtd``` daemons do not see them.
2017-08-10 11:34:32 +00:00
Joachim Fasting
767b2ae327
nixos/dnscrypt-proxy: default to random upstream resolver
2017-08-10 01:19:17 +02:00
volth
b32b18631e
nixos/tinc: do not tell systemd where is pidfile
...
```Tinc```'s pid file has more info than just a pid
```
# cat /run/tinc.dmz.pid
12209 7BD4A657B4A04364D268D188A0F4AA972A05247D802149246BBE1F1E689CABA1 127.0.0.1 port 656
```
so ```systemd``` fails to parse it.
It results in long (re)start times when ```systemd``` waits for a correct pid file to appear.
2017-08-09 22:35:20 +00:00
volth
7e5332c868
tinc: allow the daemon to write to files in /etc/tinc/${network}/hosts
...
Follow up https://github.com/NixOS/nixpkgs/pull/27756 : tinc daemon may also create new files in ```/etc/tinc/$network/hosts```
2017-08-10 00:09:45 +02:00
Dan Peebles
b48ffa332b
services.fluentd: add plugins option
...
This allows us to pass in additional ad-hoc fluentd plugins for custom
output formats and other goodness.
2017-08-08 22:02:56 +00:00
Michael Raskin
29c3ea0cf0
Merge pull request #27925 from adisbladis/networkmanager_unbound
...
networkmanager service: use unbound if enabled
2017-08-08 12:13:42 +02:00
Jörg Thalheim
035e0198c5
Merge pull request #27978 from makefu/module/influxdb/bind-fix
...
influxdb module: collectd.port is now called bind-address
2017-08-08 07:51:03 +01:00
Wout Mertens
18fa60db30
Merge pull request #28008 from alexandergall/add-cloud-image
...
nixos/cloud-image: add module
2017-08-08 07:29:08 +02:00
Franz Pletz
bfc78abf2b
Merge pull request #28019 from Infinisil/fix-default-text-xmonad
...
xmonad service: add defaultText to extraPackages to fix rendering in docs
2017-08-08 02:15:45 +02:00
evujumenuk
eaab02b94f
wireguard: convert "table" to an interface option
...
Do the right thing, and use multiple interfaces for policy routing. For example, WireGuard interfaces do not allow multiple routes for the same CIDR range.
2017-08-08 01:45:19 +02:00
Silvan Mosberger
7bc42a8971
xmonad service: add defaultText to extraPackages to fix rendering in docs
2017-08-08 01:14:58 +02:00
davidak
3270aa896b
replace "Mac OS X" and "OS X" with "macOS"
...
as it is the official name since 2016
https://en.wikipedia.org/wiki/Macintosh_operating_systems#Desktop
exception are parts refering to older versions of macOS like
"GUI support for Mac OS X 10.6 - 10.12. Note that Emacs 23 and later [...]"
2017-08-07 21:41:30 +02:00
Bas van Dijk
ca64eaadf8
postage: init at 3.2.17 & add NixOS module
2017-08-07 20:35:23 +02:00
Wout Mertens
339330b322
Merge pull request #27426 from rnhmjoj/nginx
...
nginx: make enabling SSL port-specific
2017-08-07 16:46:28 +02:00
Frederik Rietdijk
e6808e30ae
Merge pull request #27931 from gnidorah/kde
...
Fix some KDE applications
2017-08-07 13:15:36 +02:00
Alexander Gall
a0a4bea2a6
nixos/cloud-image: add module
...
The module creates an image for an openstack-based cloud using the
cloud-init package.
2017-08-07 13:03:02 +02:00
Richard Larocque
b27d8c5d0a
nixos/mosquitto: Fix instructions for password gen
...
Fixes https://github.com/NixOS/nixpkgs/issues/27996 .
Updates instructions for generating hashes passwords for use in a
Mosquitto password file. Using `mosquitto_passwd` to generate these
hashes is a little less convenient, but the results are more likely to
be compatible with the mosquitto daemon.
As far as I can tell, the hashes generated with `mkpassd` did not work
as intended. But this may have been hidden by another bug:
https://github.com/NixOS/nixpkgs/issues/27130 .
2017-08-06 15:54:36 -07:00
Joachim F
9f93150ec9
Merge pull request #27820 from dalaing/piwik-install-doc-fix
...
nixos/piwik: clarifies setup documentation
2017-08-06 22:58:52 +01:00
Nadrieril
a4d07290cb
rsync service: allow running as not root
2017-08-06 22:57:53 +01:00
Nadrieril
94fc613cc7
rsync service: restart service on configuration change
2017-08-06 22:57:53 +01:00
Nadrieril
541377e5f0
rsync service: modernize config file generation
2017-08-06 22:57:53 +01:00
Franz Pletz
0f4179aed2
fixup! reword
2017-08-06 15:16:57 +02:00
makefu
c8e96826ae
influxdb module: collectd.port is now called bind-address
...
with the influxdb release we have packaged (and newer releases)
collectd.port has been streamlined to bind-address which takes a string
instead of a number.
ref: https://github.com/influxdata/influxdb/blob/master/services/collectd/README.md
2017-08-06 14:49:56 +02:00
gnidorah
0e28d3af1d
nixos: add pathes for KDE applications
2017-08-06 12:55:10 +03:00
Linus Heckemann
0abf9d2b12
Document timezone changes in release notes
2017-08-05 12:06:31 +01:00
Robin Gloster
2dddc6dcf6
libvirt: don't suspend and resume on change
2017-08-05 11:00:02 +00:00
Jan Tojnar
c9d419a22b
gnome: Further fixes for Using the 'memory' GSettings backend issue
2017-08-05 12:21:00 +02:00
Graham Christensen
7d0b001d4a
nixos,nixpkgs: only build essentials on i686
2017-08-05 12:06:05 +02:00
evujumenuk
6070d91e93
wireguard: remove "table" option from example
...
Most users will be served well by the default "table" setting ("main").
2017-08-04 21:00:45 +02:00
John Ericson
a753f2fef7
17.09 release-notes: New breaking change: cc-wrapper exports more env vars
2017-08-04 13:43:38 -04:00
evujumenuk
e355f7044d
wireguard: add per-peer routing table option
...
This adds a convenient per-peer option to set the routing table that associated routes are added to. This functionality is very useful for isolating interfaces from the kernel's global routing and forcing all traffic of a virtual interface (or a group of processes, via e.g. "ip rule add uidrange 10000-10009 lookup 42") through Wireguard.
2017-08-04 18:30:53 +02:00
Robin Gloster
b18b70c74d
nixos.tests.nat: fix
2017-08-04 17:52:42 +02:00
Phil
4f277bd920
nixos/networking/nat: add option for protocol
...
This commit adds an option to allow udp port forwarding (see #24894 ).
2017-08-04 17:03:05 +02:00
adisbladis
da7755b75c
networkmanager service: use unbound if enabled
2017-08-04 13:50:06 +08:00
Remy Goldschmidt
7fa034de56
Improved nixos-option manpage
2017-08-04 03:30:35 +02:00
Robin Gloster
dc13376ee2
wvdial: remove
2017-08-04 02:24:07 +02:00
Robin Gloster
a4647bc33f
tlsdate: remove
...
Dead and does not build with openssl 1.1.
Debian has removed it, too.
2017-08-04 02:24:03 +02:00
Robin Gloster
485a8fef73
modules: specify some types
2017-08-04 02:20:31 +02:00
Robin Gloster
94a2cba8d9
nginx module: add resolver config
2017-08-04 02:15:46 +02:00
Robin Gloster
75bbcd4215
nginx module: include uwsgi_params
2017-08-04 02:15:01 +02:00
Markus Mueller
c678fc385e
confluence: fix optional sso
2017-08-04 02:13:51 +02:00
Franz Pletz
02791ced34
atlassian-{jira,confluence}: add crowd sso support
2017-08-04 02:13:42 +02:00
Simon Lackerbauer
1075919413
unifi: add options to control JVM heap size
...
Our controller was acting very sluggish at times and increasing
available RAM for the JVM fixes this.
2017-08-04 02:12:31 +02:00
Franz Pletz
3b472d78a8
avahi-daemon service: add cacheEntriesMax option
2017-08-04 02:10:11 +02:00
Franz Pletz
32e7904624
gnupg agent module: fix ssh agent assertion logic
2017-08-04 02:07:49 +02:00
Markus Mueller
1793c96be2
tests/nat: Use switch-to-configuration in test case
2017-08-03 21:16:14 +02:00
Markus Mueller
53d2f0980d
nat: always flush nixos nat rules on firewall start/reload
...
Fixes #27510
2017-08-03 21:16:14 +02:00
Volth
84a6a3683b
libvirt: 3.5.0 -> 3.6.0
2017-08-03 13:53:57 +00:00
Daniel Fullmer
caaa79f246
nixos/pulseaudio: Fix for missing zeroconf module
2017-08-03 14:21:34 +02:00
Peter Hoeg
72a64ea4f1
nsswitch: add systemd module
...
In order for DynamicUser = true to work in services, we need the
nss-systemd module to be able to resolve the user and group names
generated dynamically.
2017-08-03 10:51:06 +08:00
Profpatsch
5d62d8775c
modules/systemd: improve logind.extraConfig example
...
Since we have a .handleLidSwitch option now, give an other example.
2017-08-03 03:07:05 +02:00
Dave Laing
d690701ff7
nixos/piwik: clarifies setup documentation
...
The piwki setup documentation as it stands has two issues:
- the `ALTER USER root` line does not work with MariaDB or MySQL 5.5
- the auth plugin details vary between MariaDB and MySQL
2017-08-02 08:38:16 +10:00
Christian Albrecht
93965870a8
nixos/auditd: break ordering cycle ( #27577 )
...
auditd creates an ordering cycle by adding wantedBy = [ "basic.target" ],
because of this the job job systemd-update-utmp.service/start is deleted.
Adding unitConfig.DefaultDependencies = false; to the auditd service unbreaks the cycle.
See also #11864
2017-08-01 20:45:01 +01:00
Volth
b998d8e8b7
nixos/hardware/raid/hpsa: init at 2.40
2017-08-01 12:52:04 +00:00
Franz Pletz
c217f48c35
searx: 0.11.0 -> 0.12.0
2017-08-01 06:16:03 +02:00
Taeradan
67890f73af
postfix service: typo in transport filepath
2017-07-31 21:05:03 +02:00
aszlig
4f901203e8
nixos/timezone: Fix evaluation error
...
Evaluation error introduced in a0d464033c
.
If the value for timeZone is null it shouldn't be even tried to coerce
it into a string.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @lheckemann, @joachifm
2017-07-31 17:15:30 +02:00
Linus Heckemann
a0d464033c
nixos/timezone: support imperative timezone configuration ( #26608 )
...
Fixes #26469 .
2017-07-31 15:55:24 +01:00
Valentin Shirokov
d30b2eb1c0
Removed networking.fqdn option
...
Adding it was a mistake which can only lead to problems and confusion.
2017-07-31 13:55:41 +02:00
Valentin Shirokov
a74c0c6652
Removed deprecation warning for networking.extraHosts
2017-07-31 10:04:01 +02:00
Frederik Rietdijk
740d76371e
Merge commit 'ba68231273bea4cba01413fd2a0e56d68db9234c' into HEAD
2017-07-31 09:12:15 +02:00
Jörg Thalheim
758bf31a22
Merge pull request #27756 from volth/tinc-fix
...
tinc: allow the daemon to write to files in /etc/tinc/${network}/hosts
2017-07-30 11:15:15 +01:00
Jörg Thalheim
12e8bea477
Merge pull request #27578 from Ma27/bugfix/thefuck/support-for-non-posix-compliant-shells
...
programs.thefuck: support shells that don't use `/etc/profile`
2017-07-30 11:13:07 +01:00
sshisk
e79d11b623
postfix service: fix extraMasterConf ( #27755 )
...
thanks
2017-07-30 11:37:51 +02:00
Vladimír Čunát
8177561e8f
Merge #27105 : more correct form of /etc/hosts
2017-07-30 09:57:41 +02:00
Maximilian Bosch
26655f505f
programs.thefuck: support shells that don't use /etc/profile
2017-07-30 08:23:35 +02:00
Frederik Rietdijk
20b8e4b4cf
Merge remote-tracking branch 'upstream/master' into HEAD
2017-07-30 08:09:11 +02:00
Volth
3b82d7db82
tinc: allow the daemon to write to files in /etc/tinc/${network}/hosts
2017-07-30 00:25:04 +00:00
Volth
faac018630
environment.etc: add user/group option
...
fixes #27546
2017-07-29 23:56:46 +01:00
volth
eaa2d27b90
nixos/tinc: remove restartTriggers
...
```restartTriggers``` pointed to the constant files in ```/nix/store/``` and had to effect.
2017-07-29 21:32:28 +02:00
Florian Jacob
3e69c650ab
nixos/systemd-networkd: allow [Link] section in .network files
2017-07-29 21:25:21 +02:00
Tuomas Tynkkynen
1d72474df7
make-ext4-fs: Fix modification timestamps in image
...
Use '-f' to make timestamp calls to always return the same time. Also
Nix uses the timestamp of '1' instead of epoch directly.
2017-07-29 22:03:43 +03:00
Bjørn Forsman
aff0725a7d
nixos/lighttpd: add enableUpstreamMimeTypes option
...
enableUpstreamMimeTypes controls whether to include the list of mime
types bundled with lighttpd (upstream). This option is enabled by
default and gives a much more complete mime type list than we currently
have. If you disable this, no mime types will be added by NixOS and you
will have to add your own mime types in services.lighttpd.extraConfig.
2017-07-29 14:24:40 +02:00
Bjørn Forsman
b339e6e13f
nixos/lighttpd: update list of allowed module names
...
* mod_dirlisting is auto-loaded by lighttpd and should not be explicitly
loaded in the configuration file.
* The rest comes from looking at "ls -1 $lighttpd/lib/*.so" when
lighttpd is built with "enableMagnet" and "enableMysql".
2017-07-29 14:24:40 +02:00
Frederik Rietdijk
b2608b8910
Merge remote-tracking branch 'upstream/master' into HEAD
2017-07-29 13:08:11 +02:00
Joel Thompson
168fbde17a
exhibitor: Fix bug with automatic instance management
...
Exhibitor tests the auto-manage-instances config value to see if it's a
non-zero integer, rather than a true/false string, which was getting
put into the config before. This now causes autoManageInstances to
behave correctly.
2017-07-28 15:54:48 -04:00
Franz Pletz
b116fa5ff2
Merge branch 'master' into staging
2017-07-28 16:08:30 +02:00
aszlig
6e5d2f8963
nixos/xserver: Properly validate XKB options
...
Checking the keyboard layout has been a long set of hurdles so far, with
several attempts. Originally, the checking was introduced by @lheckemann
in #23709 .
The initial implementation just was trying to check whether the symbols/
directory contained the layout name.
Unfortunately, that wasn't enough and keyboard variants weren't
recognized, so if you set layout to eg. "dvorak" it will fail with an
error (#25526 ).
So my improvement on that was to use sed to filter rules/base.lst and
match the layout against that. I fucked up twice with this, first
because layout can be a comma-separated list which I didn't account for
and second because I ran into a Nix issue (NixOS/nix#1426 ).
After fixing this, it still wasn't enough (and this is btw. what
localectl also does), because we were *only* matching rules but not
symbols, so using "eu" as a layout won't work either.
I decided now it's the time to actually use libxkbcommon to try
compiling the keyboard options and see whether it succeeds. This comes
in the form of a helper tool called xkbvalidate.
IMHO this approach is a lot less error-prone and we can be sure that we
don't forget about anything because that's what the X server itself uses
to compile the keymap.
Another advantage of this is that we now validate the full set of XKB
options rather than just the layout.
Tested this against a variety of wrong and correct keyboard
configurations and against the "keymap" NixOS VM tests.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @lheckemann, @peti, @7c6f434c, @tohl, @vcunat, @lluchs
Fixes : #27597
2017-07-28 12:39:55 +02:00
Valentin Shirokov
635ecd802f
Deprecation warning for networking.extraHosts
2017-07-28 00:15:17 +03:00
Robin Gloster
2799a94963
zfs, spl: 0.6.5.11 -> 0.7.0
2017-07-27 19:00:54 +02:00
Volth
688dc4e4c3
tinc_pre: avoid infinite loop with EBADFD on network restart
2017-07-27 18:04:33 +02:00
Mateusz Kowalczyk
93d364f4f5
mongodb: we already set quiet in config
2017-07-27 13:26:36 +01:00
Graham Christensen
107d931b44
Merge pull request #27677 from peterhoeg/u/mcelog
...
mcelog: 148 -> 153
2017-07-27 06:34:10 -04:00
Peter Hoeg
f5c0607f8d
mcelog: use .service file from upstream
2017-07-27 13:06:20 +08:00
rnhmjoj
a912a6a291
nginx: make enabling SSL port-specific
2017-07-27 03:45:53 +02:00
Volth
c6128d2feb
nixos/varnish: made compatible with varnish 5.2.1, add modules
...
* nixos/varnish: command line compatible with varnish 5.2.1, fixes
https://github.com/NixOS/nixpkgs/issues/27409
* nixos/varnish: add support for modules (services.varnish.extraModules)
* varnish-modules: init at 0.10.2
* varnish-geoip: init at 1.0.2
* varnish-rtstatus: init at 1.2.0
* varnish-digest: init at 1.0.1
* added services.varnish.extraCommandLine option
2017-07-26 23:32:49 +00:00
Graham Christensen
d4ef5ac0e9
nixos/tahoe: fixup create-introducer, syntax regression from 90acbe5
, improperly patched in 72f85b9e07
2017-07-26 19:13:21 -04:00
Graham Christensen
72f85b9e07
nixos/tahoe: fixup create-introducer, syntax regression from 90acbe5
2017-07-26 19:05:26 -04:00
Martin Wohlert
9be26f81ca
change swap.randomEncryption config option to "coercedTo" for backwards compatibility
2017-07-26 20:57:10 +03:00
Martin Wohlert
c3d5cfdc3c
swap: extend randomEncryption to plainOpen and ability to select cipher
2017-07-26 20:57:10 +03:00
John Ericson
9be40841ea
Merge remote-tracking branch 'upstream/master' into staging-base
...
Conflicts:
pkgs/build-support/cc-wrapper/default.nix
pkgs/build-support/gcc-wrapper-old/builder.sh
pkgs/build-support/trivial-builders.nix
pkgs/desktops/kde-4.14/kde-package/default.nix
pkgs/development/compilers/openjdk-darwin/8.nix
pkgs/development/compilers/openjdk-darwin/default.nix
pkgs/development/compilers/openjdk/7.nix
pkgs/development/compilers/openjdk/8.nix
pkgs/development/compilers/oraclejdk/jdk-linux-base.nix
pkgs/development/compilers/zulu/default.nix
pkgs/development/haskell-modules/generic-builder.nix
pkgs/misc/misc.nix
pkgs/stdenv/generic/builder.sh
pkgs/stdenv/generic/setup.sh
2017-07-26 13:46:04 -04:00
Peter Hoeg
588e3da3f4
Merge pull request #26761 from gnidorah/master3
...
qt5ct module: expose qtstyleplugins
2017-07-26 22:44:45 +08:00
Nikolay Amiantov
358abce837
autofs service: fix the manual
...
Fixes #27202 .
2017-07-26 15:24:43 +03:00
k0ral
a3e6df6ee2
environment.noXlibs: Disable gnome when noXLibs is set ( #27567 )
2017-07-26 08:54:42 +02:00
edef
10c6df2e3c
nixos/…/swap.nix: don't create a LUKS header for randomEncryption
...
Creating and then erasing the key relies on the disk erasing data
correctly, and otherwise allows attackers to simply decrypt swap just
using "secretkey". We don't actually need a LUKS header, so we can save
ourselves some pointless disk writes and identifiability.
In addition, I wouldn't have made the awful mistake of backing up my swap partition's LUKS header instead of my zpool's. May my data rest in peace.
2017-07-26 08:45:50 +02:00
0xABAB
90acbe5449
Cleanup tahoe module
...
- Remove useless escape of question mark
- Fix and quoting
- Add some '&&s' for correctness
- Add escapeShellArg
- Remove &&s in preStart
Edited by grahamc: fixed the ${} typo on line 246
2017-07-25 22:09:43 -04:00
Volth
00512470ec
tinc service: add CLI tools to the $PATH
...
Now user can execute e.g. "sudo tinc.netname dump nodes"
2017-07-25 23:13:58 +02:00
Jörg Thalheim
97544a6c38
Merge pull request #27627 from volth/zookeeper-escape-shell
...
nixos/zookeeper: escape cfg.extraCmdLineOptions
2017-07-25 07:46:05 +01:00
Charles Strahan
c1fdf3341b
Merge pull request #27347 from cstrahan/osquery-new
...
osquery: init at 2.5.2
2017-07-24 21:51:10 -04:00
Charles Strahan
53426f6cb9
osquery: init at 2.5.2
2017-07-24 21:47:32 -04:00
Volth
f2bfb459c4
nixos/zookeeper: escape cfg.extraCmdLineOptions
2017-07-24 22:27:58 +00:00
gnidorah
52deb4b460
maxx: 1.0.0 -> 1.1.0
2017-07-24 13:19:45 +03:00
Aristid Breitkreuz
63190540a8
wireguard: sometimes module tries to re-add the default route, which fails - use replace to make it succeed
2017-07-23 23:08:39 +02:00
Joachim F
1a768eba2a
Merge pull request #26632 from jazmit/nixpkgs
...
coturn: allow use of ports < 1024
2017-07-23 12:56:05 +01:00
gnidorah
9f61c7f947
qt5ct module: expose qtstyleplugins
2017-07-23 12:56:04 +03:00
Frederik Rietdijk
29f91c107f
Merge remote-tracking branch 'upstream/master' into HEAD
2017-07-23 11:23:43 +02:00
Thomas Tuegel
4b14212914
nixos/tests/keymap: use SLIM theme from nixos/tests/slim
2017-07-22 17:43:28 -05:00
Jörg Thalheim
b1bff52a5c
Merge pull request #27469 from Ma27/oh-my-zsh/make-pkg-configurable
...
programs.zsh.ohMyZsh: add `package` option to make package overrides on module-base easier
2017-07-22 10:00:35 +01:00
Thomas Tuegel
6a004bf9c8
Merge branch 'master' into bugfix/staging/stdenv
2017-07-21 20:36:34 -05:00
Joel Thompson
9dc51dc00d
exhibitor: Fix bugs in previous package
...
The previous package didn't build properly due to a bug in the build
script, and the nixos module didn't evaluate due to missing descriptions
in the options. This fixes both issues.
It also adds missing command-line options that weren't able to be set
and properly converts bools to the strings exhibitor expects.
2017-07-21 16:14:04 -04:00
Franz Pletz
1697684591
docker module: fix autoPrune.enable description
...
cc #27503
2017-07-21 16:54:40 +02:00
Joel Thompson
4b42fc4b8a
exhibitor: init at 3.4.9
...
Initial Exhibitor nix package and nixos module for Netflix's Exhibitor,
which is a manager for Apache Zookeeper.
2017-07-21 09:45:37 -04:00
Rhys
8777174d60
nixos/oauth2_proxy: actually pass provider-specific options
...
Syntax errors prevented important parameters from being passed to
oauth2_proxy, which could have permitted unauthorised access to
services behind the proxy.
2017-07-21 00:27:06 +02:00
Pascal Bach
22acfd0327
docker service: add option to do automatic pruning
...
This allows to run the prune job periodically on a machine.
By default the if enabled the job is run once a week.
The structure is similar to how system.autoUpgrade works.
2017-07-20 20:33:16 +02:00
Michael Peyton Jones
b09c87ab47
Factorio service: fix typo in attribute path
2017-07-20 20:32:25 +02:00
Franz Pletz
226964861f
Merge pull request #27405 from rvl/postgresql-xml
...
postgresql: fix nixos tests and add xml support
2017-07-20 20:31:38 +02:00
Franz Pletz
00b6ac7bd3
Merge pull request #26419 from roblabla/feature-sasl
...
cyrus-sasl: Add saslauthd service and LDAP support
2017-07-20 20:23:52 +02:00
Maximilian Bosch
95bf0cc1cb
programs.zsh.ohMyZsh: add package
option to make package overrides on module-base easier
2017-07-20 08:54:10 +02:00
Graham Christensen
2b2a6f2070
nixos/ldap: remove tls_checkpeer no when using TLS
2017-07-19 19:23:40 -04:00
Rodney Lorrimar
0b027720af
nixos tests: run postgresql tests with postgres user
2017-07-19 22:13:02 +01:00
Daiderd Jordan
a03d6116ce
gitlab: fix archive urls for gitlab service
...
Accessing an url like https://gitlab.example.org/group/project/repository/archive.tar.gz?ref=master
requires tar/gzip to be in the path of the gitlab-workhorse service otherwise it fails.
2017-07-19 21:34:17 +02:00
zimbatm
14f53e5251
Merge pull request #26214 from zimbatm/google-compute-image
...
Google compute image
2017-07-19 09:49:20 +01:00
Benno Fünfstück
99fbd867ef
Merge pull request #27031 from jerith666/cnijfilter-2-80
...
cnijfilter: init at 2.80
2017-07-18 14:37:32 +02:00
Graham Christensen
ef95175ba3
manual: update mailing list links
2017-07-18 07:54:36 -04:00
Domen Kožar
d03178aae3
Point to the new mailing list by replacing the old link
2017-07-18 13:44:10 +02:00
Rob Vermaas
ec313abdce
Add file with Azure image locations, similar to ec2-amis.nix. Will be used by nixops.
...
(cherry picked from commit e93f26847ea41cce6633b6a0feb6ce31b0722d5d)
2017-07-18 09:18:51 +00:00
Rob Vermaas
412bfda422
Add file with GCE image locations, similar to ec2-amis.nix. Will be used by nixops.
...
(cherry picked from commit 9d810ddcc1938a90090fd60f8924f4e83acbeee2)
2017-07-18 09:16:15 +00:00
Eelco Dolstra
17642b5fd0
nix: 1.11.12 -> 1.11.13
2017-07-18 10:54:01 +02:00
Jörg Thalheim
26f85e4253
Merge pull request #27410 from florianjacob/journalwatch
...
journalwatch & journalwatch service: init at 1.1.0
2017-07-18 08:19:33 +01:00
Aristid Breitkreuz
9b0ff955fd
wireguard: allow not storing private keys in world-readable /nix/store ( #27433 )
...
* wireguard: allow not storing private keys in world-readable /nix/store
2017-07-17 23:55:31 +02:00
Falco Peijnenburg
b09d036342
Strongswan after network-online instead of network
...
The systemd service file shipped with strongswan has strongswan started after `network-online`. It turns out that this is for good reason: failure to connect on boot otherwise.
See this thread on the mailing list, which my colleague initiated after finding that our NixOS strongswan config wouldn't connect on boot:
https://lists.strongswan.org/pipermail/users/2017-January/010359.html
Tested on a local config (which has the strongswan service config overridden).
2017-07-17 20:17:58 +02:00
Wout Mertens
c4783a982b
nginx: add gzip_vary to recommended settings
...
Google PageSpeed recommends turning this on to allow proxies to cache
2017-07-17 20:15:59 +02:00
Jörg Thalheim
04c944cdb4
Merge pull request #27057 from Nadrieril/bitlbee-libpurple
...
bitlbee service: Add option to load libpurple plugins into bitlbee
2017-07-17 18:07:43 +01:00
Robin Gloster
b8d92a7840
programs.gnupg: use extraInit instead of interactiveShellInit
...
Otherwise some programmes cannot use the GPG agent, e.g. applications
started from dmenu.
Behaviour was changed in #26888 , this reverts that part.
2017-07-17 18:45:37 +02:00
Frederik Rietdijk
3eceecb90d
Merge remote-tracking branch 'upstream/master' into HEAD
2017-07-17 13:52:01 +02:00
Matt McHenry
67d02cd60a
cnijfilter: init at 2.80
...
this driver reads support files from lib/bjlib as well as lib/cups,
which is why the path in cupsd.nix is tweaked
2017-07-17 07:32:23 -04:00
Nadrieril
8669fb1f96
tinc service: BindToAddress and ListenAddress are different options, they should not be mistaken
2017-07-17 13:07:49 +02:00
Benno Fünfstück
1d78df2729
Merge pull request #27000 from Balletie/fix/pulseaudio-alsa-conf
...
pulseaudio: Resolve conflicting asound.conf of pulseaudio and alsa
2017-07-17 08:20:38 +02:00
volth
870375e19d
all-hardware.nix: add VMware support. ( #27430 )
...
NixOS does not boot in VMware guest without these modules
2017-07-17 02:38:10 +02:00
Graham Christensen
8df6d351c4
Merge pull request #26912 from knedlsepp/fix-autoResize
...
nixos: Force check the filesystem before resizing
2017-07-16 16:54:54 -04:00