Commit graph

3099 commits

Author SHA1 Message Date
William A. Kennington III
31a273cb14 nixos/tinc: users are system users 2015-05-21 20:11:13 -07:00
William A. Kennington III
4f943ef237 nixos/lightdm: More changes 2015-05-21 20:10:52 -07:00
aszlig
77d7aa6742
nixos/tests/luksroot: Switch to use waitForText.
Fixes the "blindly hope that 60 seconds is enough" issue from 1f34503,
so that we now have a (hopefully) reliable way to wait for the
passphrase prompt.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-05-21 19:55:21 +02:00
aszlig
8bd025a75e
nixos/test-driver: Add new waitForText function.
As promised in the previous commit, this can be used similarly to
$machine->waitForWindow, where you supply a regular expression and it's
retrying OCR until the regexp matches.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-05-21 19:55:21 +02:00
aszlig
235c2228ca
nixos/test-driver: Add new getScreenText function.
Basically, this creates a screenshot and throws tesseract at it to
recognize the characters from the screenshot. In order to produce a
result that is well enough, we're using lanczos scaling and scale the
image up to 400% of its original size.

This provides the base functionality for a new Machine method which will
be called waitForText. I originally had that idea long ago when writing
the VM tests for VirtualBox and Chromium, but thought it would be
disproportionate to the case.

The downside however is that VM tests now depend on tesseract, but given
the average runtime of our tests it really shouldn't have a too big
impact and it's only a runtime dependency after all.

Another issue is that the OCR process takes quite some time to finish,
but IMHO it's better (as in more deterministic) than to rely on sleep().

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-05-21 19:55:21 +02:00
Arseniy Seroka
f134150180 Merge pull request #7857 from rushmorem/marathon-module-update
Update Marathon module
2015-05-21 16:52:14 +03:00
rushmorem
b5820a5ebd Update Marathon module
The new module makes it possible to pass extra commandline
arguments to Marathon as well as environment variables.
2015-05-21 15:45:13 +02:00
aszlig
7808efe5b7
nixos/release: Add luksroot test to "tested" job.
We want to avoid getting broken LUKS systems into the latest channel, so
let's ensure that the channel update won't happen if LUKS support is
broken again.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-05-21 13:21:41 +02:00
aszlig
1f34503010
nixos/tests/installer: Add test for LUKS rootfs.
This serves as a regression test for #7859.

It's pretty straightforward, except from the fact that nixos-generate-
config doesn't detect LUKS devices and the "sleep 60".

As for the former, I have tried to add support for LUKS devices for
nixos-generate-config, but it's not so easy as it sounds, because we
need to create a device tree across all possible mappers and/or LVM up
to the "real" device and then decide whether it is relevant to what is
currently mounted. So I guess this is something for the nixpart branch
(see #2079).

And the latter isn't very trivial as well, because the LUKS passphrase
prompt is issued on /dev/console, which is the last "console=..." kernel
parameter (thus the `mkAfter`). So we can't simply grep the log, because
the prompt ends up being on one terminal only (tty0) and using select()
on $machine->{socket} doesn't work very well, because the FD is always
"ready for read". If we would read the FD, we would conflict with
$machine->connect and end up having an inconsistent state. Another idea
would be to use multithreading to do $machine->connect while feeding the
passphrase prompt in a loop and stop the thread once $machine->connect
is done. Turns out that this is not so easy as well, because the threads
need to share the $machine object and of course need to do properly
locking.

In the end I decided to use the "blindly hope that 60 seconds is enough"
approach for now and come up with a better solution later. Other VM
tests surely use sleep as well, but it's $machine->sleep, which is bound
to the clock of the VM, so if the build machine is on high load, a
$machine->sleep gets properly delayed but the timer outside the VM won't
get that delay, so the test is not deterministic.

Tested against the following revisions:

5e3fe39: Before the libgcrypt cleanup (a71f78a) that broke cryptsetup.
69a6848: While cryptsetup was broken (obviously the test failed).
15faa43: After cryptsetup has been switched to OpenSSL (fd588f9).

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-05-21 13:21:41 +02:00
aszlig
3b396701fd
nixos/tests/installer: Allow pre-boot commands.
These commands will be executed directly after the machine is created,
so it gives us the chance to for example type in passphrases using the
virtual keyboard.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-05-21 13:21:41 +02:00
aszlig
5d2c6f0353
nixos/tests/installer: Allow to pass extra config.
We're going to need it for installer tests where nixos-generate-config
isn't yet able to fully detect the filesystems/hardware. for example for
device mapper configurations other than LVM.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-05-21 13:21:40 +02:00
William A. Kennington III
4ed8cdc3d4 nixos/bird: Fix doc compilation 2015-05-20 18:53:54 -07:00
William A. Kennington III
acdc3e6c9a nixos/lightdm: Some fixups 2015-05-20 18:32:12 -07:00
Arseniy Seroka
a9171953c6 Merge pull request #7860 from Lassulus/bird
nixos: add bird module
2015-05-21 03:24:20 +03:00
Eelco Dolstra
10ce7ae769 Document the nixpkgs-channels repo
This replaces update-channel-branches.sh with standard Git
invocations.
2015-05-20 14:20:53 +02:00
Eelco Dolstra
e98da673e4 nixos-checkout: Add nixpkgs-channels as a remote
This way, you can do things like

  git checkout channels/nixos-14.12

to get the latest tested and built version of NixOS.
2015-05-20 14:16:36 +02:00
Evgeny Egorochkin
8ed3ab50ea azure-image: common: add sg3_utils 2015-05-20 13:25:01 +03:00
Evgeny Egorochkin
2fe9084397 azure-image: fix, split into bootstrap and regular configurations
Conflicts:
	nixos/modules/virtualisation/azure-image.nix
2015-05-20 13:24:38 +03:00
Bjørn Forsman
db991a4024 nixos/libvirtd: remove --verbose flag
Because it spams the log:

  .libvirtd-wrapp[1950]: OBJECT_UNREF: obj=0x7f5d900b4200
  .libvirtd-wrapp[1950]: EVENT_POLL_UPDATE_HANDLE: watch=874 events=13
  .libvirtd-wrapp[1950]: OBJECT_UNREF: obj=0x7f5d900b4200
  .libvirtd-wrapp[1950]: EVENT_POLL_RUN: nhandles=24 timeout=-1
  .libvirtd-wrapp[1950]: EVENT_POLL_DISPATCH_HANDLE: watch=874 events=1
  .libvirtd-wrapp[1950]: OBJECT_REF: obj=0x7f5d900b4200
  .libvirtd-wrapp[1950]: [137B blob data]
2015-05-20 12:14:18 +02:00
Bjørn Forsman
3d2d78cb39 nixos/libvirtd: add 'extraOptions' option
And move the '--verbose' flag to extraOptions, so that users can easily
disable it.
2015-05-20 12:14:18 +02:00
Nikolay Amiantov
3e35ea305f postgresql-backup: cleanup 2015-05-19 18:35:22 +03:00
lassulus
9d07c54fa1 nixos: add bird module
patch bird to look in /var/run for birc.ctl
2015-05-19 15:42:24 +02:00
Luca Bruno
25f9555599 Drop GNOME 3.12 2015-05-18 12:24:08 +02:00
Tuomas Tynkkynen
6d176afe5e generic-extlinux-compatible: Add new bootloader for ARM
This module generates a /boot/extlinux/extlinux.conf bootloader
configuration file that is supported by e.g. U-Boot:

http://git.denx.de/?p=u-boot.git;a=blob;f=doc/README.distro;hb=refs/heads/master

With this, all ARM boards supported by U-Boot can be booted in a common
way (a single boot file generator, all boards booting via initrd like
x86) and with same boot menu functionality as GRUB has.

-- sample extlinux.conf file --
# Generated file, all changes will be lost on nixos-rebuild!

# Change this to e.g. nixos-42 to temporarily boot to an older configuration.
DEFAULT nixos-default

TIMEOUT 50

LABEL nixos-default
  MENU LABEL NixOS - Default
  LINUX ../nixos/n7vxfk60nb5h0mcbhkwwxhcz2q2nvxzv-linux-4.1.0-rc3-cpufreq-zImage
  INITRD ../nixos/0ss2zs8sb6d1qn4gblxpwlxkfjsgs5f0-initrd-initrd
  FDTDIR ../nixos/n7vxfk60nb5h0mcbhkwwxhcz2q2nvxzv-linux-4.1.0-rc3-cpufreq-dtbs
  APPEND systemConfig=/nix/store/469qvr43ln8bfsnk5lzcz6m6jfcgdd4r-nixos-15.06.git.0b7a7a6M init=/nix/store/469qvr43ln8bfsnk5lzcz6m6jfcgdd4r-nixos-15.06.git.0b7a7a6M/init loglevel=8 console=ttyS0,115200n8 drm.debug=0xf

LABEL nixos-71
  MENU LABEL NixOS - Configuration 71 (2015-05-17 21:32 - 15.06.git.0b7a7a6M)
  LINUX ../nixos/n7vxfk60nb5h0mcbhkwwxhcz2q2nvxzv-linux-4.1.0-rc3-cpufreq-zImage
  INITRD ../nixos/0ss2zs8sb6d1qn4gblxpwlxkfjsgs5f0-initrd-initrd
  FDTDIR ../nixos/n7vxfk60nb5h0mcbhkwwxhcz2q2nvxzv-linux-4.1.0-rc3-cpufreq-dtbs
  APPEND systemConfig=/nix/store/469qvr43ln8bfsnk5lzcz6m6jfcgdd4r-nixos-15.06.git.0b7a7a6M init=/nix/store/469qvr43ln8bfsnk5lzcz6m6jfcgdd4r-nixos-15.06.git.0b7a7a6M/init loglevel=8 console=ttyS0,115200n8 drm.debug=0xf
2015-05-17 23:38:03 +03:00
Richard Zetterberg
bd5011fc34 Fixes eval and build error of nova image builder 2015-05-17 20:55:07 +02:00
Thomas Tuegel
c59c20ca0f Update HPLIP to 3.15.4 2015-05-16 14:12:11 -05:00
Arseniy Seroka
0b3e2becca Merge pull request #7829 from joamaki/vmware_guest
VMWare guest support and open-vm-tools package
2015-05-15 15:13:30 +03:00
Jussi Maki
6a0d21eb86 VMWare guest support and open-vm-tools package 2015-05-15 12:43:21 +02:00
Arseniy Seroka
946e7dca61 Merge pull request #7842 from dezgeg/pr-nix-serve
nix-serve: Add nixos module
2015-05-14 22:44:43 +03:00
Jascha Geerds
779b65f019 cups: Second attempt to fix our printing tests; add more sleep statements 2015-05-14 17:46:32 +02:00
lethalman
1103392dd9 Merge pull request #7794 from womfoo/kbdlight
Add kbdlight package and setuid wrapper
2015-05-14 17:09:28 +02:00
Tuomas Tynkkynen
fd8cb1ff2d nix-serve: Add nixos module
This allows sharing the Nix store of the machine as a binary cache
simply by setting 'services.nix-serve.enable = true'.
2015-05-14 12:27:28 +03:00
Eelco Dolstra
15ffb9ad88 Remove fixed uid in tests 2015-05-13 16:23:57 +02:00
Eelco Dolstra
fc8011ad8d Ensure that nscd, sshd are created as system users
c0f70b4694 removed the fixed uid
assignment, but then it becomes necessary to set isSystemUser.

http://hydra.nixos.org/build/22182588
2015-05-13 16:23:36 +02:00
Nikolay Amiantov
e9679ce32a postgresql-backup: use system postgresql package 2015-05-13 16:06:50 +03:00
Jascha Geerds
92317259ef cups: First attempt to fix our printing tests; wait until cups is fully initialized 2015-05-13 14:22:30 +02:00
William A. Kennington III
2806491cc4 nixos/consul: Add shell for health checks 2015-05-11 17:44:07 -07:00
William A. Kennington III
b6e26aa8df nixos/consul: Support a config directory for health checks 2015-05-11 16:45:04 -07:00
William A. Kennington III
1938dc9b54 nixos/consul: Remove the joinNodes and joinRetries options as they are now built in consul options 2015-05-11 16:27:53 -07:00
Arseniy Seroka
26492cdba3 Merge pull request #7434 from Forkk/plex-media-server
plex: add support for managing plugins via Nix
2015-05-11 14:48:30 +03:00
Eelco Dolstra
492471b453 Apply some overrides to upstream systemd units
This removes the need for the following patches:

9a6cade993
9f7e832c90
2015-05-11 12:43:35 +02:00
Arseniy Seroka
c0727fb751 Merge pull request #7788 from Lassulus/charybdis
add charybdis nixos module
2015-05-11 12:57:58 +03:00
lassulus
304cab2b46 add charybdis nixos module 2015-05-11 11:38:53 +02:00
Domen Kožar
bb4d658f64 Merge branch 'master' into staging
Conflicts:
	nixos/doc/manual/release-notes/rl-unstable.xml
	nixos/modules/services/printing/cupsd.nix
	pkgs/applications/misc/calibre/default.nix
	pkgs/development/haskell-modules/hackage-packages.nix
	pkgs/development/libraries/libsodium/default.nix
	pkgs/misc/emulators/wine/unstable.nix
	pkgs/top-level/all-packages.nix
2015-05-11 10:05:23 +02:00
Kranium Gikos Mendoza
6f634e3c3a Add kbdlight package and setuid wrapper
update nixos/modules/programs/kbdlight.nix to use mkEnableOption
2015-05-11 13:23:01 +08:00
Ricardo M. Correia
aa75bb25d8 grsecurity: Update stable and test patches
stable: 3.1-3.14.41-201505072056 -> 3.1-3.14.41-201505101121
test:   3.1-4.0.2-201505072057   -> 3.1-4.0.2-201505101122
2015-05-11 02:45:38 +02:00
Charles Strahan
ba186ec4b9 mesos service: only pass --zk if quorum > 0
The ZooKeeper URL is not necessary when using in-memory slave
registration.
2015-05-10 19:36:20 -04:00
Charles Strahan
760169663e mesos: fix indentation in service definition 2015-05-10 17:23:33 -04:00
Jascha Geerds
19dbe42aeb Revert "cups: Rename "browsing" config option to "advertise""
This reverts commit 48e65cec4e.
2015-05-10 20:47:50 +02:00
Jascha Geerds
652d06207d cups: Rename "browsing" config option to "advertise" 2015-05-10 13:46:32 +02:00
Jascha Geerds
c4c0ec0581 cups: Add changelog for the upcoming NixOS release 2015-05-10 13:46:32 +02:00
Jascha Geerds
6f69dd46d7 cups: Add defaultShared, browsing and webInterace config option 2015-05-10 13:46:32 +02:00
Jascha Geerds
65e2b83b36 cups: Fix printing tests
It seems like there's an upstream bug in the "lpstat" command. We need
to specify the server's port.

Further information: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=711327

[root@client:~]# lpstat -H
/var/run/cups/cups.sock

[root@client:~]# lpstat -h server -H
/var/run/cups/cups.sock:631

[root@client:~]# CUPS_SERVER=server lpstat -H
server:631

[root@client:~]# lpstat -h server:631 -H
server:631
2015-05-10 13:46:32 +02:00
Jascha Geerds
f4d9c9043c cups: Remove deprecated config options from cupsd.conf 2015-05-10 13:46:32 +02:00
Jascha Geerds
e9cf6cd34f cups: Use systemd files provided by CUPS 2015-05-10 13:46:32 +02:00
Jascha Geerds
48e65cec4e cups: Rename "browsing" config option to "advertise" 2015-05-10 12:41:21 +02:00
Jascha Geerds
116006702b cups: Add changelog for the upcoming NixOS release 2015-05-10 12:41:21 +02:00
Jascha Geerds
2cc8d15653 cups: Add defaultShared, browsing and webInterace config option 2015-05-10 12:41:21 +02:00
Jascha Geerds
55a6469ba3 cups: Fix printing tests
It seems like there's an upstream bug in the "lpstat" command. We need
to specify the server's port.

Further information: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=711327

[root@client:~]# lpstat -H
/var/run/cups/cups.sock

[root@client:~]# lpstat -h server -H
/var/run/cups/cups.sock:631

[root@client:~]# CUPS_SERVER=server lpstat -H
server:631

[root@client:~]# lpstat -h server:631 -H
server:631
2015-05-10 12:41:21 +02:00
Jascha Geerds
3710dbec05 cups: Remove deprecated config options from cupsd.conf 2015-05-10 12:41:20 +02:00
Jascha Geerds
4ac95ab328 cups: Use systemd files provided by CUPS 2015-05-10 12:41:20 +02:00
Lluís Batlle i Rossell
21dd114f82 Revert "Making nixos keep a ref to its stdenv"
This reverts commit d170c98d13.

niksnut argues that we need smaller system closures, not bigger.

So users facing the trouble of getting gcc rebuilds after nix-collect-garbage
for any minimal nixos configuration change should use other means of
not losing the stdenv output.

One way is to keep one somewhere: nix-build -A stdenv -o stdenv '<nixpkgs>'.
Another may be to use nix.conf options like gc-keep-outputs, gc-keep-derivations
or env-keep-derivations.
2015-05-09 21:11:49 +00:00
Lluís Batlle i Rossell
d170c98d13 Making nixos keep a ref to its stdenv
This will help a lot on ARM, where nix-collect-garbage erases gcc; then, any
change to a small system config file requires rebuilding gcc again.

I don't know why it does not happen on x86. Maybe it just pulls the gcc from
hydra, if garbage is collected.
2015-05-09 20:19:34 +00:00
Lluís Batlle i Rossell
d8a2bb86c0 Raspberry Pi 2 changes to make it boot.
It boots, but some things still don't work:
1) Installation of DTBs
2) Boot of initrd

Booting still needs a proper config.txt in /boot, which could probably be
managed by NixOS.
2015-05-09 17:05:24 +00:00
William A. Kennington III
c9395e1e92 Merge branch 'master' into staging 2015-05-08 05:59:50 -07:00
Rob Vermaas
650d3f8fc4 Revert restartIfChanged on fetch-ec2-data, as it breaks deployments that set ec2.metadata = true, as the existing (default) blackhole will not be cleared.
(cherry picked from commit ccf672ca6b055e5e862e45b65d122754c16cf7d1)
2015-05-07 08:51:38 +00:00
William A. Kennington III
074c4a7f78 Merge remote-tracking branch 'upstream/master' into staging 2015-05-07 01:44:49 -07:00
Joachim Schiele
7aed6ddbb4 Merge pull request #7482 from qknight/mysql_socket_permissions
/run/mysqld now 0755 (instead 0700)
2015-05-07 01:55:00 +02:00
Joachim Schiele
db79335c07 mysql: /run/mysql now 0755 (instead 0700)
see https://github.com/NixOS/nixpkgs/pull/7482
2015-05-07 01:51:05 +02:00
Pascal Wittmann
40b9e938b6 postfix service: description enhancement
closes #7651
2015-05-06 21:53:39 +02:00
Stephen Weinberg
a6ebccfbb8 Sane default configuration for sabnzbd module
Added option to set user. Use unpriviledged user by default. Add sane
default for configuration location.
2015-05-05 00:18:22 -04:00
Aristid Breitkreuz
5ccbfb2dcc tarsnap: fix up permissions of existing cache directories 2015-05-04 18:58:35 +00:00
Eelco Dolstra
4239e276ea fetch-ec2-data: Don't restart
This service only needs to run once on system startup, so it doesn't
need to be restarted by switch-to-configuration.
2015-05-04 16:56:46 +02:00
Eelco Dolstra
28e49dcb41 Style fix 2015-05-04 14:18:14 +02:00
Eelco Dolstra
c2bf9c3ee3 Typo 2015-05-04 14:16:19 +02:00
lethalman
f2870bd77d Merge pull request #7601 from cstrahan/iso-name-fix
nixos: fix infinite recursion in isoImage.isoName
2015-05-04 10:24:38 +02:00
Thomas Tuegel
2325791c2b plasma53: patch upstream startkde
Rather than shipping our own startkde script, we will go back to
patching upstream's script. This will be less confusing to potential
contributors.
2015-05-03 17:09:50 -05:00
Philip Potter
2216728979 add support for pam_u2f to nixos pam module
This adds support for authenticating using a U2F device such as a
yubikey neo.
2015-05-03 19:22:00 +01:00
Steven Shaw
2a8577d7fe Correct spelling 2015-05-03 19:15:03 +10:00
Domen Kožar
00ef77f426 Merge pull request #7565 from offlinehacker/nixos/confd/module
nixos: add confd module
2015-05-02 14:43:02 +02:00
William A. Kennington III
00df204c82 Merge remote-tracking branch 'upstream/master' into staging 2015-05-01 15:57:09 -07:00
Charles Strahan
ba50d48400 mbpfan: service improvements
* add verbosity setting
* don't set mbpfan as a setuid program
2015-05-01 17:11:55 -04:00
Charles Strahan
d83399dcd9 mgpfan: new service 2015-04-30 21:21:15 -04:00
Jascha Geerds
6823b5e657 Merge pull request #7636 from bramd/brltty
Added BRLTTY package
2015-05-01 00:21:49 +02:00
Bram Duvigneau
e37dbea942 Document the brltty servicve in release notes 2015-05-01 00:08:48 +02:00
Alexei Robyn
60da99ea2a grub module: removed invalid device check for grub EFI installation 2015-04-30 19:28:34 +10:00
aszlig
4cdb4a4fef
networkd: Fix evaluation of systemd.network units.
During the refactor of the networkd stuff in f8dbe5f, a lot of the
options are now needed by systemd.nix as well as networkd.nix but
weren't moved by that commit as well.

For now, this fixes all networkd VM tests except for the macvlan one and
thus it should fix #7505 for at least DHCP-based configuration.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-04-30 06:49:10 +02:00
aszlig
49fa00cded
networkd: Fix disabled networkd units.
In f8dbe5f, the default value for networking unit "enabled" option
suddenly flipped to false. I have no idea of whether this happened by
accident, but I'm setting it to true again, because it essentially
breaks systemd networking support and we have systemd.network.enable to
have a "turn the world off" switch.

And of course, because the mentioned commit obviously wasn't done with
even a run of the simplest run of one of the network VM tests, we now
get an evaluation error if we switch useNetworkd to true.

Fixes the core issue of #7505.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-04-30 06:49:10 +02:00
Bram Duvigneau
9a535b9023 Added BRLTTY package 2015-04-29 23:02:09 +02:00
Domen Kožar
ff88f4bcda nixos-install: correctly detect stdin 2015-04-29 18:48:21 +02:00
Thomas Tuegel
1fe28a1132 Merge remote-tracking branch 'upstream/master' into staging 2015-04-29 11:33:28 -05:00
Rob Vermaas
ad0bd73775 Work around infinite recursion issue in nixops. 2015-04-29 09:55:20 +00:00
Arseniy Seroka
8150cf11b0 Merge pull request #7605 from ip1981/wiki
Mediawiki updates
2015-04-28 19:00:27 +03:00
Ricardo M. Correia
f5e7190572 nixos.system_tarball_pc: Fix evaluation
It was broken due to 57b05765c9.

ZFS requires `networking.hostId` to be set.
2015-04-28 17:15:02 +02:00
Herwig Hochleitner
8233fd5c6a i2p: add service to module-list 2015-04-28 14:35:36 +02:00
Jaka Hudoklin
f5bc58d733 Merge pull request #7545 from offlinehacker/pkgs/kubernetes/fixes
kubernetes: update to 0.15, module fixes
2015-04-28 14:12:53 +02:00
Jaka Hudoklin
7b878a7ca9 Merge pull request #7555 from offlinehacker/nixos/nginx/reload
nixos/nginx: enable service/config reload
2015-04-28 14:12:21 +02:00
Jaka Hudoklin
ef6b88690d Merge pull request #7549 from offlinehacker/nixos/ripple-data-api/importmode
nixos/ripple-data-api: add import mode option
2015-04-28 14:10:50 +02:00
Jookia
71910be9ea nixos-install: Fix chroot flag not defaulting to Bash outside NixOS.
Passing the chroot flag to nixos-install without arguments should now give you a
Bash shell as intended rather than try an empty path.

This was masked by the user's shell (usually /bin/bash) being defaulted to by
chroot, and being found since their paths used NixOS conventions.
2015-04-28 06:37:04 -04:00
Jookia
7b37a5f168 nixos-install: Fix password prompt failing outside NixOS.
When bootstrapping from other distributions, nixos-install is unable to find
various tools in the chroot since their paths aren't aware of NixOS conventions.

This makes a small change to existing code by specifying nixpkgs/nixos instead
of just nixos when running nix-instantiate in the chroot. I haven't tested this
outside of bootstrapping, but the same specification is used elsewhere in the
code so I don't see why it wouldn't work.
2015-04-28 06:34:47 -04:00
Igor Pashev
4855b0b3fb Mediawiki 1.23.9 2015-04-28 08:05:16 +00:00
Igor Pashev
bca76e46f0 Apache servedFiles: fixed a typo in example 2015-04-28 08:05:15 +00:00
Igor Pashev
8388bd3280 wiki: do not rewrite served files 2015-04-28 08:05:08 +00:00
Charles Strahan
a64e90bdef nixos: fix infinite recursion in isoImage.isoName 2015-04-27 23:10:53 -04:00
Herwig Hochleitner
c600f5af25 gnome3: move definition of package sets into pkgs 2015-04-28 02:54:14 +02:00
Eelco Dolstra
19366a10fc Remove redundant i18n.supportedLocales setting
This is already set in profiles/minimal.nix.

Probably fixes #7589.
2015-04-27 19:21:28 +02:00
Eelco Dolstra
534b84a9ac Don't require sslServerChain to be set 2015-04-27 18:24:16 +02:00
lethalman
9807dbc142 Merge pull request #7486 from oxij/actkbd-and-media-keys
add actkbd; nixos: add support for volume control with media keys
2015-04-27 12:31:15 +02:00
Vladimír Čunát
30f31c9afc Merge 'master' into staging
(relatively simple conflicts)
2015-04-26 22:52:08 +02:00
Domen Kožar
ff12c3274a Merge pull request #7548 from offlinehacker/etcdfix
nixos/etcd: fix enable type, so it could be enabled on multiple places
2015-04-25 22:14:55 +02:00
Jaka Hudoklin
a9cd286cd0 Merge pull request #7546 from offlinehacker/nixos/panamax/reload
nixos/fluentd: add support for config reload
2015-04-25 16:29:34 +02:00
Jaka Hudoklin
ffea231652 Merge pull request #7550 from offlinehacker/nixos/rippled/changes
nixos/rippled: new options, fixes
2015-04-25 16:28:15 +02:00
Jaka Hudoklin
b7d8d5dd30 Add graphite beacon package and module 2015-04-25 16:25:26 +02:00
Jaka Hudoklin
ff095f5002 nixos: add node docker registry server 2015-04-25 16:16:34 +02:00
Jaka Hudoklin
6ca12344b3 nixos: add confd module 2015-04-25 16:10:49 +02:00
Emery Hemingway
34f1c39fe0 nixos: fix cjdns json config
filter extraneous attributes from config modules
2015-04-25 09:40:44 -04:00
Jaka Hudoklin
ec6ecce8cf nixos/openvswitch: add ipsec gre tunnels support 2015-04-25 15:35:02 +02:00
Jaka Hudoklin
b5114de4ac nixos: add racoon ipsec IKE deamon 2015-04-25 15:31:27 +02:00
Jaka Hudoklin
d6660af8ac nixos/docker: set extraOptions to separatedString type
This change is needed if you want to pass extraOptions to docker in multiple
nixos modules.
2015-04-25 15:25:15 +02:00
Jaka Hudoklin
fb8bc4da21 nixos/etcd: fix enable type, so it could be enabled on multiple places 2015-04-25 15:21:49 +02:00
Jaka Hudoklin
494d1820e3 nixos/nginx: enable service/config reload 2015-04-25 15:17:06 +02:00
Jaka Hudoklin
54ddf2176b nixos/rippled: new options, fixes 2015-04-25 14:39:24 +02:00
Jaka Hudoklin
5984c04f1f nixos/ripple-data-api: add import mode option 2015-04-25 14:38:05 +02:00
Jaka Hudoklin
b7cb0420ca nixos/docker-registry: docker independant docker registry 2015-04-25 14:26:35 +02:00
Jaka Hudoklin
f6bb49ad4a nixos/fluentd: add support for config reload 2015-04-25 14:21:27 +02:00
Jaka Hudoklin
6cb195a83d nixos/kubernetes: fix module 2015-04-25 14:18:25 +02:00
Luca Bruno
db3b86560f GNOME 3.16.1, closes #7357 2015-04-25 12:02:33 +02:00
Edward Tjörnhammar
4ea47155af Merge pull request #7498 from k0ral/sslh
sslh: argument to -F can no longer be separated from the option by a space
2015-04-23 21:35:46 +02:00
Dan Peebles
81d8074881 Add hologram service 2015-04-23 14:30:12 -04:00
Oliver Matthews
a498b28322 wait for filesystem before starting btsync; bump to latest package version 2015-04-23 13:09:34 +00:00
koral
88ce17b6e1 sslh: argument to -F can no longer be separated from the option by a space 2015-04-21 16:29:25 +00:00
Domen Kožar
f39b1ead2a manual: re-add running nixos tests sections 2015-04-21 02:28:59 -04:00
Nicolas B. Pierron
7585d42d2b Fix #7354 - Accept _module attributes added to every submodule. 2015-04-20 23:58:32 +02:00
Jan Malakhovski
57ab189e78 nixos: add actkbd module and sound.enableMediaKeys option 2015-04-20 17:11:19 +00:00
Nikolay Amiantov
0f5d5f9d12 lambdabot: add named pipe for incoming commands 2015-04-20 18:56:48 +03:00
Eelco Dolstra
d5f187de03 Typo 2015-04-20 16:12:28 +02:00
Eelco Dolstra
d4d6b8cc61 Grmbl 2015-04-20 14:24:42 +02:00
Eelco Dolstra
fc91ba52df ntfs.nix: Remove copypasta jfs stuff
Thanks to @wizeman for spotting this!
2015-04-20 14:06:44 +02:00
Eelco Dolstra
11a9774c75 Use "mkdir -p" when creating ~/.nix-defexpr
Otherwise, simultaneous invocations of /etc/profile can fail, e.g.

  mkdir: cannot create directory ‘/.nix-defexpr’: File exists
2015-04-20 13:03:04 +02:00
Eelco Dolstra
d69b205527 Remove sysvtools from the system path
All programs in sysvtools (except killall5) are also provided by
util-linux or procps.

Issue #7117.
2015-04-20 11:33:42 +02:00
Eelco Dolstra
56f66dad97 Fix #7476 2015-04-20 11:32:29 +02:00
Eelco Dolstra
650492c5c8 minimal.nix: Get rid of most Glibc locales
This cuts ~100 MB from the system closure.

Issue #7117.
2015-04-20 11:32:28 +02:00
Eelco Dolstra
bad3211893 Disable some more unnecessary stuff in containers 2015-04-20 11:32:28 +02:00
Eelco Dolstra
abeb4a9c96 stage-2-init: Don't depend on sysvtools 2015-04-20 11:32:28 +02:00
Eelco Dolstra
e66970417b Remove obsolete "eject" entry from the system path
It's an alias for util-linux, so included anyway.
2015-04-20 11:21:20 +02:00
Eelco Dolstra
3d2b24d161 Remove pciutils and usbutils from the default system path
Issue #7117.
2015-04-20 11:21:20 +02:00
Cray Elliott
479f5f4ae6 fix rebuild when using ntfs partitions
needed to define inInitrd, used vfat.nix as a template
2015-04-19 15:17:23 -07:00
Eelco Dolstra
2b6d011bec Include cifs-utils only when needed
Issue #7117.
2015-04-19 22:06:45 +02:00
Eelco Dolstra
1cb5583c05 container.nix -> docker-container.nix 2015-04-19 22:06:45 +02:00
Eelco Dolstra
57b05765c9 Don't include ntfs-3g by default
Issue #7117.
2015-04-19 22:06:45 +02:00
Eelco Dolstra
c0f70b4694 Remove fixed uids for nscd, sshd
These services don't create files on disk, let alone on a network
filesystem, so they don't really need a fixed uid. And this also gets
rid of a warning coming from <= 14.12 systems.
2015-04-19 22:06:45 +02:00
Eelco Dolstra
c87977e97d Don't include networkd units unless enabled
Otherwise, the enabled -> disabled transition won't be handled
correctly (switch-to-configuration currently assumes that if a unit is
running and exists, it should be restarted).
2015-04-19 22:06:45 +02:00
Eelco Dolstra
f8dbe5f376 systemd: Move networkd into separate modules
The systemd module was getting rather bloated.
2015-04-19 22:06:45 +02:00
Tobias Geerinckx-Rice
1f513c21f9 Merge pull request #7461 from dezgeg/pr-ddclient-unit-type
ddclient: Fix capitalization of systemd unit keys
2015-04-19 15:27:21 +02:00
Tuomas Tynkkynen
e7843efe12 ddclient: Fix incorrectly capitalized systemd unit key
This avoids the following warning:

Apr 19 10:53:48 xen systemd[1]: [/nix/store/...-unit-ddclient.service/ddclient.service:19] Unknown lvalue 'type' in section 'Service'

As `Type=simple` is the default in systemd, the assignment to the
service type can be simply dropped.
2015-04-19 15:58:34 +03:00
lethalman
e6b664cafe Merge pull request #7443 from ts468/fixgrub
Fix grub for "nodev" targets.
2015-04-18 21:19:04 +02:00
Mateusz Kowalczyk
5676e8b391 lightdm: allow the user to specify extra Seat opts 2015-04-18 20:14:10 +01:00
Mateusz Kowalczyk
1713184b11 xserver.nix: fix indentation issues under Device 2015-04-18 19:04:03 +01:00
Mateusz Kowalczyk
d7810b4303 Hard tabs be gone! 2015-04-18 18:52:15 +01:00
Mateusz Kowalczyk
70aa758c34 Fix RightOf for xrandrHeads
Closes #7441
2015-04-18 18:34:28 +01:00
Thomas Strobel
66c73da5f9 Fix grub for "nodev" targets. 2015-04-18 19:22:25 +02:00
Forkk
771c7fb496 plex: add support for managing plugins via Nix
Added support for managing Plex plugins via Nix. This is done via an
"extraPlugins" configuration option which takes a list of paths to
plugin bundles, which are then symlinked into Plex's plugin directory
when the service is started.
2015-04-17 14:45:49 -05:00
Forkk
079da8cdcd plex: init at 0.9.11.16.958
Added a package and module for Plex Media Server, an application for
managing media collections across multiple devices.
2015-04-17 12:11:30 -05:00
Jonathan Glines
cdb174c18d Added NixOS module for Asterisk server 2015-04-16 17:41:37 -06:00
Nikolay Amiantov
405e4bd099 nixos.samba: update required mounts 2015-04-16 20:18:03 +03:00
Nikolay Amiantov
0d38958b61 nixos.samba: fix booleans in smb.conf 2015-04-16 20:17:59 +03:00
Eelco Dolstra
a0f69df10e dnsmasq: Add some types 2015-04-16 19:13:26 +02:00
Eelco Dolstra
5a5a43ea25 dbus: Reload if /etc/dbus-1 changes
Specifically, this fixes dnsmasq, which failed with

  Apr 16 19:00:30 mandark dnsmasq[23819]: dnsmasq: DBus error: Connection ":1.260" is not allowed to own the service "uk.org.thekelleys.dnsmasq" due to security policies in the configuration file
  Apr 16 19:00:30 mandark dnsmasq[23819]: DBus error: Connection ":1.260" is not allowed to own the service "uk.org.thekelleys.dnsmasq" due to security policies in the configuration file

after being enabled, due to dbus not being reloaded.
2015-04-16 19:13:20 +02:00
Nikolay Amiantov
1d6723c085 lambdabot: add nixos service 2015-04-16 13:33:40 +03:00
Edward Tjörnhammar
dfc8e5ab05 ihaskell: cleanup wrapper and service 2015-04-15 23:00:03 +02:00
aszlig
e6591588a9
releaso-notes: Document changes from #7349.
Thanks to @domenkozar for implicitly reminding me that documentation is
probably our biggest issue. And I'm a dumbass for contributing to that
situation, so let's do better than that and document it.

The current changes are only preparation for a bigger change coming real
soon[TM] in Hydra and release-tools, so right now it's still a bit
tedious to create custom channels.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-04-15 21:48:16 +02:00
lethalman
09f9178a78 Merge pull request #7392 from joelmo/master
Some i2p changes
2015-04-15 17:13:15 +02:00
Oliver Matthews
0144849f67 Allow allowing local access to mysql socket 2015-04-15 14:35:38 +00:00
lethalman
8330d64af4 Merge pull request #7372 from dezgeg/getty-autologin
[nixos] agetty: Add autologinUser config option
2015-04-15 15:37:12 +02:00
Joel Moberg
5b075eb400 i2p: add nixos service 2015-04-15 12:52:06 +02:00
Arseniy Seroka
4dd1b8cc22 Merge pull request #7347 from sargon/pr-x11
services.x11: Add option for additional InputClass sections.
2015-04-14 18:23:29 +03:00
Peter Simons
65822005f0 Merge pull request #7314 from edwtjo/ihaskell-fixups
IHaskell fixes
2015-04-14 14:21:44 +02:00
Peter Simons
6edc3022ef Merge pull request #7345 from joachifm/conditional-shadow-setuids
nixos: condition shadow setuid-wrappers on mutableUsers
2015-04-14 13:23:19 +02:00
Eelco Dolstra
3fe102b797 Merge pull request #7349 from aszlig/custom-channels
Make it easy to add system-wide custom channels.
2015-04-14 13:00:34 +02:00
Tuomas Tynkkynen
25062f56d4 Installation CD: automatic log in at virtual consoles 2015-04-14 12:51:24 +03:00
Tuomas Tynkkynen
7d916bb27e agetty: Add autologinUser config option
This option causes the specified user to be automatically logged in at
the virtual console.

While at it, refactor and make a helper function for building the getty
command line.
2015-04-14 10:45:28 +03:00
Joachim Fasting
75ab7bf960 nixos: condition shadow setuid-wrappers on mutableUsers
Having junk setuid wrappers in PATH is annoying.
2015-04-14 00:27:11 +02:00
Austin Seipp
8d3b8d0dc8 Merge pull request #7149 from joachifm/grsec-gradm-optional
grsecurity module: configure gradm iff RBAC is enabled
2015-04-13 17:11:29 -05:00
Austin Seipp
b86f6a3ed6 Merge pull request #7148 from joachifm/grsec-trivial
grsecurity module: trivial improvements
2015-04-13 17:10:47 -05:00
Austin Seipp
409da39c08 Merge pull request #7163 from joachifm/tarsnap-bandwidth-options
tarsnap module: add options for controlling bandwidth
2015-04-13 17:10:04 -05:00
Eelco Dolstra
574173f0e6 Merge pull request #7027 from ecraven/apache-sslchain
apache-httpd: adding support for sslServerChain
2015-04-13 16:48:20 +02:00
Peter Feigl
3837ef82ad fixing documentation 2015-04-13 15:42:01 +02:00
Peter Feigl
e5b3918f85 apache-httpd: adding support for sslServerChain 2015-04-13 15:41:10 +02:00
Peter Feigl
69b18fc4b6 fixing indentation 2015-04-13 13:46:42 +02:00
Peter Feigl
44ea83b986 changed config to only include the minimum necessary 2015-04-13 13:10:04 +02:00
Peter Feigl
49eb77b26c apache-httpd: adding subservice moodle 2015-04-13 13:06:39 +02:00
aszlig
df31a338dc
nixos-rebuild: Conditionally update channels.
This partially reverts commit 3a4fd0bfc6.

Addresses another concern by @edolstra that users might not want to
update *all* channels. We're now reverting to the old behaviour but
after updating the "nixos" channel, we just check whether the channel
ships with a file called ".update-on-nixos-rebuild" and if it exists, we
update that channel as well.

Other channels than these are not touched anymore.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-04-13 12:54:19 +02:00
Eelco Dolstra
4466707ddf switch-to-configuration: Better error checking 2015-04-13 12:28:12 +02:00
aszlig
5075cbe696
nixos: Put root's channels to the end of NIX_PATH.
My original reason to put it at the beginning of NIX_PATH was to allow
shipping a particular version <nixpkgs> with a channel. But in order to
do that, we can still let the channel expression ship with a custom
version of nixpkgs by something like <channel/nixpkgs> and the builder
of the channel could also rewrite self-references.

So the inconvenience is now shifted towards the maintainer of the
channel rather than the user (which isn't nice, but better err on the
side of the developer rather than on the user), because as @edolstra
pointed out: Having the channels of root at the beginning of NIX_PATH
could have unintended side-effects if there a channel called nixpkgs.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-04-13 12:20:58 +02:00
Joachim Schiele
85c454ab1d Merge pull request #6785 from qknight/wordpress
zef hemel's wordpress.nix adapted to extraSubservices
2015-04-13 10:27:55 +02:00
aszlig
3a4fd0bfc6
nixos-rebuild: Update all channels of user root.
Should make it even easier to use custom channels, because whenever the
user does a "nixos-rebuild --upgrade", it will also upgrade possibly
used ("used" as in referenced in configuration.nix) channels besides
"nixos". And if you also ship a channel tied to a particular version of
nixpkgs or even remove the "nixos" channels, you won't run into
unexpected situations where the system is not updating your custom
channels.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-04-13 00:09:00 +02:00
aszlig
65e569cc37
nixos: Add all of root's channels to NIX_PATH.
This is very useful if you want to distribute channels (and thus
expressions as well) in a similar fashion to Debians APT sources (or
PPAs or whatnot).

So, for example if you have a channel with some additional functions
or packages, you simply add that channel with:

sudo nix-channel --add https://example.com/my-nifty-channel foo

And you can access that channel using <foo>, for example in your
configuration.nix:

{
  imports = [ <foo/modules/shiny-little-module> ];
  environment.systemPackages = with import <foo/pkgs> {}; [ bar blah ];
  services.udev.extraRules = import <foo/lib/udev/mkrule.nix> {
    kernel = "eth*";
    attr.address = "00:1D:60:B9:6D:4F";
    name = "my_fast_network_card";
  };
}

Within nixpkgs, we shouldn't have <nixos> used anywhere anymore, so we
shouldn't get into conflicts.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-04-12 23:50:20 +02:00
Daniel Ehlers
057f01b11e services.x11: Add option for additional InputClass sections.
Implement support for additional InputClass sections, e.g. for non
keyboard input devices.
2015-04-12 23:49:48 +02:00
William A. Kennington III
793cf28cd5 nixos/tests/networking: Clean up and attempt to make more reliable 2015-04-10 23:23:53 -07:00
Edward Tjörnhammar
7d0ddbd154 nixos: add ihaskell service 2015-04-11 00:09:31 +02:00
Rickard Nilsson
3620b27a66 mpd: Make it possible to specify db file path 2015-04-10 23:10:14 +02:00
Eelco Dolstra
d923a6eab5 Make environment.checkConfigurationOptions an alias
NixOps uses it, and we can't change it there for
backward-compatibility reasons.
2015-04-10 16:11:07 +02:00
Eelco Dolstra
13dcb35233 VM tests: Don't produce output on failure
Producing output makes it hard to restart builds that failed for
intermittent reasons (like timeouts). So let's not do that.
2015-04-10 11:18:30 +02:00
Nicolas B. Pierron
9647a72835 Fix amazon default configuration.nix file. 2015-04-09 22:18:13 +02:00
Vladimír Čunát
5aa9b72400 nixos: typo in docker option description 2015-04-09 20:58:20 +02:00
Nicolas B. Pierron
296e6c4991 Fix #7252 - NixOS Manual: Carry the current system value to evaluation of the manual. 2015-04-08 23:14:19 +02:00
Nicolas B. Pierron
3eef61a6eb NixOS Manual: Do not use unfree packages as default value. 2015-04-08 23:14:19 +02:00
Joachim Fasting
c5ec6ef609 window-managers: add missing import ratpoison 2015-04-08 14:14:37 +02:00
William A. Kennington III
6ffd44c4c3 nvidia: 346.47 -> 346.59 2015-04-07 13:24:55 -07:00
Oliver Matthews
09179b603f allow changing minecraft data dir + allow opening firewall 2015-04-07 14:10:13 +00:00
Eelco Dolstra
facd53315b tests/misc.nix: Ensure that the Nix DB is initialised correctly 2015-04-07 15:10:47 +02:00
Eelco Dolstra
a38f130126 Revert "Set stricter permissions on /nix/store"
This reverts commit 066758758e7c0768ff8da51d208cdae0f33b368c because
it breaks NixOS VM tests.
2015-04-07 15:10:41 +02:00
Domen Kožar
42c421adc3 Merge pull request #7180 from jagajaga/fix_generator
Fixing nixos-generate-config
2015-04-07 12:24:04 +02:00
Arseniy Seroka
e52e160190 Merge pull request #7215 from cwoac/btsync2
Add support for btsync 2.x branch
2015-04-06 18:50:05 +03:00
Oliver Matthews
0539ed4771 Add support for btsync 2.x branch 2015-04-06 15:31:40 +00:00
Domen Kožar
ad197d89ae Merge pull request #7181 from jagajaga/teamviewer
Teamviewer
2015-04-06 14:13:07 +02:00
Tobias Geerinckx-Rice
f02651ee9b Merge pull request #7204 from fpletz/fix/hotplug_helper
Check if /proc/sys/kernel/hotplug exists before writing
2015-04-06 13:55:29 +02:00
Domen Kožar
7c7f426b3f Merge pull request #7164 from rzetterberg/master
Fixes minetest mesa 10.* incompatibility, adds minetest server service
2015-04-06 10:46:26 +02:00
Franz Pletz
16d25f4fa6 Check if /proc/sys/kernel/hotplug exists before writing
If a kernel without CONFIG_UEVENT_HELPER set is used with NixOS, the file
/proc/sys/kernel/hotplug does not exist. Before writing to it to disable
this deprecated mechanism, we have to ensure it actually exists because
otherwise the activation script will fail.
2015-04-06 09:23:58 +02:00
Arseniy Seroka
0998212640 impl: teamviewer daemon 2015-04-05 20:47:01 +03:00
Arseniy Seroka
b11f662617 fix https://github.com/NixOS/nixpkgs/issues/3560 2015-04-05 16:12:14 +03:00
William A. Kennington III
b3c423757e nixos/rdnssd: Major refactoring
This updates rdnssd to the following:
* Using the systemd interfaces directly
* Using the rdnssd user instead of the root user
* Integrating with resolvconf instead of writing directly to /etc/resolv.conf
2015-04-04 21:20:07 -07:00
aszlig
4a84a9f4c0
nixos/release: Test vbox on x86_64-linux only.
The i686-linux test has never worked and I wrote the VM test only on
x86_64-linux to verify whether hardening mode works. I don't know why it
fails on i686-linux, but that might be because the inner VirtualBox VM
we're starting during the VM test doesn't use hardware virtualization.

Closes #5708.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-04-04 17:16:57 +02:00
aszlig
1165a243f8
nixos/tests/vbox: Make GUI startup more robust.
Sometimes, keys aren't properly recognized the first time, so in order
to make sure they get through, always resend the key again on retry.

In this case the worst that could happen is that the VM is started over
and over again, but never in parallel, so that's fine because we're
checking for successful startup 10 seconds after the keypress.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-04-04 17:09:15 +02:00
Richard Zetterberg
0b1f994f29 Adds minetest server service 2015-04-04 12:36:43 +02:00
Joachim Fasting
66bfc3bbe6 tarsnap module: add options for controlling bandwidth
Annoyingly, these do not appear to accept SI prefixes.
2015-04-04 12:03:02 +02:00
Joachim Fasting
7cb7c57132 tarsnap module: inline optionalNullStr 2015-04-04 11:34:37 +02:00
William A. Kennington III
c0cb4e1ef7 nixos/nvidia: Add a temporary hack to support kernel 4.0 2015-04-03 21:53:34 -07:00
Nicolas B. Pierron
6de931a0f8 Merge rename.nix changes. 2015-04-03 23:12:12 +02:00
Arseniy Seroka
8592c6c004 Merge pull request #7150 from joachifm/grsec-types
grsecurity module: use types.enum
2015-04-03 16:03:49 +03:00
Joachim Fasting
3e847d512d grsecurity module: configure gradm iff RBAC is enabled 2015-04-03 13:45:57 +02:00
Joachim Fasting
ba93a75724 grsecurity module: use types.enum
Also
- set desktop as default system
- make virtualisationSoftware nullOr
- make virtualisationConfig nullOr
2015-04-03 13:45:45 +02:00
Joachim Fasting
66c4f51046 grsecurity module: simplify assertion 2015-04-03 13:38:32 +02:00
Joachim Fasting
2e88605a91 grsecurity module: remove reference to systemd-sysctl
First, that's not what the service is called, and secondly it's
most likely irrelevant to the user.
2015-04-03 13:38:32 +02:00
Austin Seipp
1c1083345b Merge pull request #7058 from joachifm/sysctl-kptr-restrict
nixos: condition sysctl.kptr_restrict on features.grsecurity
2015-04-03 04:13:19 -05:00
Eelco Dolstra
94eb519e19 Add nfs4 test 2015-04-02 17:44:48 +02:00
aszlig
82bd608de1
tests/chromium: Work around popup close flakiness.
It's not nice to send the escape key over and over again just to ensure
the popup is closed, because even *if* it fails to close the popup 4
times in a row it's just very unlikely that it will be closed. But in
order to make really sure, we might need to do a screenshot and detect
visual changes.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-04-02 14:12:19 +02:00
Arseniy Seroka
4fa554e32b Merge pull request #7017 from obadz/sg+sudo-g
Ability to switch groups with sg and sudo -g
2015-04-02 02:11:10 +03:00
William A. Kennington III
ff21171921 Fix references to current-system/sw/sbin 2015-04-01 13:57:36 -07:00
William A. Kennington III
a9f2e107d0 Revert "Remove obsolete .../sbin directories from $PATH"
This reverts commit 98cedb3d22.
2015-04-01 13:57:36 -07:00
aszlig
224ed7e798
nixos/hardware: Add option to enable KSM.
This is essentially what's been done for the official NixOS build slaves
and I'm using it as well for a few of my machines and my own Hydra
slaves.

Here's the same implementation from the Delft server configurations:

f47c2fc7f8/delft/common.nix (L91-L101)

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-04-01 20:00:27 +02:00
Eelco Dolstra
1c39a47ac8 Reload, don't restart, dbus.service
Many bus clients get hopelessly confused when dbus-daemon is
restarted. So let's not do that.

Of course, this is not ideal either, because we end up stuck with a
possibly outdated dbus-daemon. But that issue will become irrelevant
in the glorious kdbus-based future.

Hopefully this also gets rid of systemd getting stuck after
dbus-daemon is restarted:

Apr 01 15:37:50 mandark systemd[1]: Failed to register match for Disconnected message: Connection timed out
Apr 01 15:37:50 mandark systemd[1]: Looping too fast. Throttling execution a little.
Apr 01 15:37:51 mandark systemd[1]: Looping too fast. Throttling execution a little.
...
2015-04-01 16:57:16 +02:00
Eelco Dolstra
98cedb3d22 Remove obsolete .../sbin directories from $PATH 2015-04-01 16:22:12 +02:00
Eelco Dolstra
fdfe4b7cde Remove unnecessary symlinks in /nix/var/nix/gcroots 2015-04-01 14:45:02 +02:00
aszlig
1567f56a5a
nixos: Re-add swraid installer tests to releases.
It has been removed by 71a197bc6e.

I'm reintroducing the test mainly because it actually *is* useful,
because right now, machines with mdraid will not boot. In order to
prevent such things from happening in the future, we should *not* remove
this VM test again.

If it really goes back to failing randomly, we should really try to fix
it instead of removing it again.

Of course it fails right now because of the mdraid bump in 7719f7f.
Also, if you want to have additional info about the reasons, have a look
at the commit message of 666cf992f0.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-04-01 08:50:38 +02:00
aszlig
56c0edca86
nixos/tests/swraid: Increase boot partition size.
I'm increasing it to 100MB to make sure, any bootloader will fit with
all its stages. Of course, right now the reason why GRUB doesn't fit
into the partition is because of mdadm 3.3.2 and thus the initrd taking
all the space, but in order to avoid confusion on why the *boot* loader
fails in the VM tests, I've increased the size.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-04-01 08:50:38 +02:00
William A. Kennington III
8028357084 nixos/mysql: Cleanups 2015-03-31 16:17:55 -07:00
Domen Kožar
a87e2ae717 fix eval 2015-03-31 18:20:43 +02:00
Vladimír Čunát
81fc066900 Merge #4678: nixos iso-image: support USB booting
by using syslinux (i.e. support the dd-method in addition to unetbootin).
@vcunat tidied the PR by squashing closely related changes together.
2015-03-31 15:12:16 +02:00
obadz
be7f104502 sg: add setuid wrapper. (newgrp is a symlink to sg and was already setuid).
sudo: add ability for wheel users to change group (as well as user)
2015-03-30 23:50:45 +01:00
Nikolay Amiantov
7c03829024 Merge pull request #7060 from abbradar/nm-l2tp
Support L2TP in NetworkManager
2015-03-30 23:05:42 +03:00
Edward Tjörnhammar
1092b9da48 Merge pull request #7066 from edwtjo/xbmc-pruning
Remove XBMC expressions in favor of the Kodi ones
2015-03-30 21:46:29 +02:00
Edward Tjörnhammar
1345a65765 Remove XBMC expressions in favor of the Kodi ones 2015-03-30 21:43:32 +02:00
lethalman
f72b0c43f6 Merge pull request #6762 from lethalman/nixos-install
nixos-install: support -j, --cores and --option. Closes #6755
2015-03-30 18:06:53 +02:00
lethalman
dc560b5b02 Merge pull request #7031 from cwoac/mediatomb
Add MediaTomb service
2015-03-30 17:49:46 +02:00
Luca Bruno
eac32cf697 Revert "Merge pull request #7032 from flosse/change-option-names"
This reverts commit c265aafb55, reversing
changes made to c9bbf2228f.

Breaks evaluation, see https://github.com/NixOS/nixpkgs/pull/7032#issuecomment-87641471
2015-03-30 13:45:07 +02:00
lethalman
c265aafb55 Merge pull request #7032 from flosse/change-option-names
nixos: prosody service - rename 'enabled' to 'enable'
2015-03-30 12:47:11 +02:00
lethalman
321b2e0439 Merge pull request #7073 from oxij/x11support-dbus
dbus: rename useX11 option into x11Support, cleanup a bit
2015-03-30 10:28:45 +02:00
William A. Kennington III
113c6c8f6a nixos/initrd: Do a lazy library copy in hopes to save some space for replaced binaries 2015-03-29 21:53:25 -07:00
William A. Kennington III
6b3cf366d7 nixos/initrd: Allow overriding of binaries 2015-03-29 21:26:39 -07:00
Jan Malakhovski
380ee53fff dbus: rename useX11 option into x11Support, cleanup a bit 2015-03-29 23:28:30 +00:00
William A. Kennington III
ca149f2be0 nixos/mysql: All versions of mysql have mysqld in /bin 2015-03-29 13:30:05 -07:00
Vladimír Čunát
299da40f9f iso: make efi FS size adaptive, make deterministic
Fixes #6795.
This was co-authored with @bobvanderlinden.

(cherry picked from commit e19ac248ae59fd327c32b1ae3e37792c22a7c7ac)
Signed-off-by: Domen Kožar <domen@dev.si>

Conflicts:
	nixos/modules/installer/cd-dvd/iso-image.nix
2015-03-29 22:25:41 +02:00
William A. Kennington III
553105310a nixos/stage-1: Fix the initrd builder for shell scripts 2015-03-29 13:20:54 -07:00
Nikolay Amiantov
16f047a60f nixos/networkmanager: support l2tp 2015-03-29 13:09:02 +03:00
William A. Kennington III
9718561589 nixos/vfat: Readd fsck.reiserfs 2015-03-28 19:07:45 -07:00
William A. Kennington III
c379847fda nixos/vfat: Readd fsck.vfat 2015-03-28 19:06:43 -07:00
William A. Kennington III
4868649f03 nixos/initrd: Generic library copying 2015-03-28 18:37:29 -07:00
Aristid Breitkreuz
1901f3fe77 fix initrd now that cryptsetup switched to libgcrypt 1.6 2015-03-28 23:59:19 +00:00
Joachim Fasting
5cb2cee954 nixos: condition sysctl.kptr_restrict on features.grsecurity
Conditioning `sysctl.kptr_restrict` on `features.grsecurity` supports
any grsecurity enabled kernel without having to enable the grsecurity
module.
2015-03-29 00:42:58 +01:00
Arseniy Seroka
a639c710ae Merge pull request #6968 from oxij/unquestionably-good
Easy to check to be unquestionably good changes
2015-03-28 13:16:13 +03:00
Markus Kohlhase
47aa6725e2 nixos: prosody service - rename virtualHosts option 'enabled' to 'enable' 2015-03-27 21:36:05 +00:00
Oliver Matthews
51b06c5865 Add MediaTomb service 2015-03-27 12:45:25 +01:00
Jaka Hudoklin
d3c6d4175a Merge pull request #6940 from offlinehacker/pkgs/ripple-data-api/add
Add ripple data api package and nixos service
2015-03-26 20:04:51 +01:00
Jaka Hudoklin
75169aabc3 Add ripple data api package and nixos service 2015-03-26 20:02:39 +01:00
Jan Malakhovski
5c6d86540b nixos: use types.enum instead of ad-hoc check in sshd service 2015-03-26 12:43:42 +00:00
Jan Malakhovski
dc4fa2da8a nixos: udev: build rules locally 2015-03-26 12:43:42 +00:00
Rob Vermaas
cbb14299c9 GCE image: Remove some unnecessary lib prefixes. 2015-03-26 09:15:09 +00:00
Rob Vermaas
80202fbd25 GCE image: Add some recommended sysctl settings. Disable OS level firewall by default for GCE images (GCE provides external firewall). Disable passwordAuthentication. Related to issue #6991. 2015-03-26 09:09:40 +00:00
William A. Kennington III
9d9a393a4b Merge pull request #6919 from ehmry/cjdns
cjdns: update pkg and fix nixos test
2015-03-25 22:16:23 -07:00
William A. Kennington III
8b3c7af358 Merge pull request #6981 from layus/systemd-escape-colon
nixos/systemd: Also escape ':' characters
2015-03-25 15:33:21 -07:00
William A. Kennington III
86666893f0 nixos/microcode-amd: Update to early initrd loader 2015-03-25 14:44:36 -07:00
William A. Kennington III
b4fedf5315 nixos/intel-microcode: Support early initrd ucode loading 2015-03-25 14:14:46 -07:00
William A. Kennington III
f2655e4fa0 makeInitrd: Support prepending other initrds 2015-03-25 14:14:46 -07:00
Guillaume Maudoux
6ca7fb8f73 nixos/systemd: Also escape ':' characters 2015-03-25 22:11:35 +01:00
Jascha Geerds
164dbfff80 nixos/tests/printing: Fix CUPS service name (#6767) 2015-03-25 13:26:37 +01:00
Bob van der Linden
58112832a7 nixos: iso-image: use label "EFIBOOT" for efi.img 2015-03-24 22:15:32 +01:00
Bob van der Linden
f0fd1c9bcf nixos: iso-image: use memtest86 params in syslinux
See also #6593.
2015-03-24 22:15:11 +01:00
Bob van der Linden
c57a912016 nixos: test: add tests for booting installation iso in various ways 2015-03-24 22:09:07 +01:00
Bob van der Linden
9ff9949896 nixos: iso-image: removed com32 entries from syslinux menu
These entries result in incorrect entries when UNetbootin writes
the image to an USB disk.
2015-03-24 22:09:06 +01:00
Bob van der Linden
af68f24003 nixos: iso-image: solve UNetbootin compatiblity
There are a number of hidden restrictions on the syslinux
configuration file that come into play when UNetbootin
compatiblity is desired. With this commit these are documented.
2015-03-24 22:08:52 +01:00
Bob van der Linden
a12ddc1964 nixos: iso-image: use generic boot-loader timeout
Syslinux uses different values than grub for timeout.
It uses 1/10 seconds as its unit and it uses 0 to disable timeouts.

In response to PR #5772.
2015-03-24 22:03:30 +01:00
Bob van der Linden
16a936be90 nixos: iso-image: filename escaping in xorriso 2015-03-24 22:01:51 +01:00
Bob van der Linden
8d092270d2 nixos: iso-image: use syslinux bootloader for USB booting support
This changes the bootloader for iso generation from Grub to
syslinux. In addition this adds USB booting support, so that
"dd" can be used to burn the generated ISO to USB thumbdrives
instead of needing applications like UnetBootin.
2015-03-24 22:01:04 +01:00
Arseniy Seroka
ff22e19fc4 Merge pull request #6893 from hrdinka/nsd-config-options
nsd: Fix automatic config options
2015-03-23 13:19:29 +03:00
Jaka Hudoklin
491c8f82b2 Merge pull request #6917 from offlinehacker/rippled/module/awesome
rippled: expose more options, make compatible with new rippled version
2015-03-22 23:13:48 +01:00
Jaka Hudoklin
ad10db7617 Merge pull request #6882 from offlinehacker/nixos/fluentd
Add fluentd package and module
2015-03-21 22:37:48 +01:00
Jaka Hudoklin
916aab2927 Merge pull request #6875 from offlinehacker/nixos/cadvisor/fix
nixos/cadvisor: fixes
2015-03-21 22:36:11 +01:00
William Casarin
ea2baa8abf spectrwm window manager 2015-03-21 11:02:44 -07:00
Emery Hemingway
ba2074fc31 nixos/tests/cjdns: do not build cjdns at evaluation
Putting hostnames in the cjdns configuration requires a utility
be present to convert public keys to ip addresses
2015-03-21 10:17:48 -04:00