Florian Klink
bafc256915
nixos/systemd: remove separate coredump module
2019-08-18 17:54:26 +02:00
Florian Klink
9be0327a49
nixos/systemd: install sysctl snippets
...
systemd provides two sysctl snippets, 50-coredump.conf and
50-default.conf.
These enable:
- Loose reverse path filtering
- Source route filtering
- `fq_codel` as a packet scheduler (this helps to fight bufferbloat)
This also configures the kernel to pass coredumps to `systemd-coredump`.
These sysctl snippets can be found in `/etc/sysctl.d/50-*.conf`,
and overridden via `boot.kernel.sysctl`
(which will place the parameters in `/etc/sysctl.d/60-nixos.conf`.
Let's start using these, like other distros already do for quite some
time, and remove those duplicate `boot.kernel.sysctl` options we
previously did set.
In the case of rp_filter (which systemd would set to 2 (loose)), make
our overrides to "1" more explicit.
2019-08-18 17:54:26 +02:00
Florian Klink
e5965bd489
nixos/sysctl: rename /etc/sysctl.d/nixos.conf -> 60-nixos.conf
...
sysctl.d(5) recommends prefixing all filenames in /etc/sysctl.d with a
two-digit number and a dash, to simplify the ordering of the files.
Some packages provide custom files, often with "50-" prefix.
To ensure user-supplied configuration takes precedence over the one
specified via `boot.kernel.sysctl`, prefix the file generated there with
"60-".
2019-08-18 17:54:26 +02:00
Florian Klink
368be910fc
Merge pull request #66825 from flokli/nixos-systemd-test-dup
...
nixosTests.systemd: remove duplicate copypasta
2019-08-18 17:54:09 +02:00
danbst
d80cd26ff9
Merge branch 'master' into flip-map-foreach
2019-08-18 18:00:25 +03:00
Danylo Hlynskyi
2b393c8913
elasticsearch: add example on how to use plugins ( #55115 )
...
See https://discourse.nixos.org/t/elastic-search-plugins/1997
2019-08-18 17:11:20 +03:00
Florian Klink
36ece762e5
Merge pull request #66621 from flokli/gitlab-12.1.6
...
gitlab-ce: 12.0.3 -> 12.1.6
2019-08-18 14:08:14 +02:00
Marek Mahut
d2ebcec779
tests: adding metabase service test
2019-08-18 13:44:26 +02:00
Marek Mahut
69089e990e
modules: adding metabase service
2019-08-18 13:44:26 +02:00
Florian Klink
ffef31459a
nixosTests.systemd: remove duplicate copypasta
...
It seems the regression test for #35268 sneaked in twice.
2019-08-18 13:11:51 +02:00
worldofpeace
4f3e9ca93a
Merge pull request #65291 from worldofpeace/xdg-updates
...
Flatpak updates
2019-08-18 04:23:54 -04:00
worldofpeace
ce0511e302
nixos/flatpak: add comment about selinux
2019-08-18 04:23:17 -04:00
worldofpeace
1728bc8d22
flatpak: 1.2.4 -> 1.4.2
...
* Regenerated all patches for 1.4.2 and resolved
any conflicts.
* fix-test-paths.patch doesn't copy the whole locale archive
because we have C.UTF8 now.
* nixos/flatpak creates a Flatpak system helper user
Change introduced in 1.3.2.
Changes:
See https://github.com/flatpak/flatpak/releases/tag/1.3.1 through
1.4.2.
2019-08-18 04:23:17 -04:00
Maximilian Güntner
dac8fe9cee
nixos/matrix-synapse: use notify instead of simple
...
Starting with 1.3.0, matrix-synapse supports notifying
systemd. Relevant PR: matrix-org/synapse#5732
2019-08-18 09:41:33 +02:00
Frederik Rietdijk
295888c622
Merge pull request #66381 from NixOS/staging-next
...
Staging next
2019-08-18 08:54:45 +02:00
worldofpeace
5892773eb6
nixos/pantheon: adjust to renamed gnome3 options
2019-08-17 16:34:55 -04:00
Marek Mahut
caf9b8cc35
Merge pull request #66591 from aanderse/zabbix-proxy
...
nixos/zabbixProxy: fix database initialization logic
2019-08-17 20:55:13 +02:00
Symphorien Gibol
c3e1e64e4c
remove all instances of nix-env -i without -A in the NixOS manual
...
motivation: https://nixos.wiki/wiki/FAQ/Why_not_use_nix-env_-i_foo%3F
2019-08-17 18:04:43 +02:00
WilliButz
ecd4d03dfe
grafana-loki: fix typo in service config
2019-08-17 12:08:51 +02:00
Frederik Rietdijk
c68f58d95c
Merge master into staging-next
2019-08-17 09:30:16 +02:00
Samuel Dionne-Riel
b750ebf1b3
Merge pull request #60422 from kwohlfahrt/device-tree
...
nixos/hardware.deviceTree: new module
2019-08-16 13:26:48 -04:00
Edmund Wu
aa251bbc3e
systemd-networkd: link: Name -> OriginalName
2019-08-15 21:58:24 -04:00
Joachim Fasting
4ead3d2ec3
Revert "nixos/hardened: use graphene-hardened malloc by default"
...
This reverts commit 48ff4f1197
.
Causes too much breakage to be enabled by default [1][2].
[1]: https://github.com/NixOS/nixpkgs/issues/61489
[2]: https://github.com/NixOS/nixpkgs/issues/65000
2019-08-15 18:49:57 +02:00
Joachim Fasting
da0b67c946
nixos-hardened: disable unprivileged userfaultfd syscalls
...
New in 5.2 [1]
[1]: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cefdca0a86be517bc390fc4541e3674b8e7803b0
2019-08-15 18:43:34 +02:00
Joachim Fasting
4b21d1ac8c
nixos-hardened: enable page alloc randomization
2019-08-15 18:43:32 +02:00
Marek Mahut
08749c4860
Merge pull request #66588 from lschuermann/nixos-enter-silent
...
nixos-enter: add --silent to suppress activation script output
2019-08-15 10:22:27 +02:00
Peter Hoeg
503ca1f40c
nixos aws: use in-kernel ixgbevf driver ( #58956 )
2019-08-15 02:58:22 +03:00
aszlig
dc525e8b12
Merge pull request #66648 (improve xkbvalidate)
...
This allows xkbvalidate to be compiled via Clang and also has a few
other portability improvements, eg. it now can even be compiled on OS X,
even though it's probably not needed there.
In addition, I changed the binary name so that it matches the package
name.
I'm merging this in right now, because there is only the xserver NixOS
module where this is used, so the risk of a catastrophic breakage is
very low.
Checks and build done by ofborg also ran successfully and I also did a
few local tests (eg. running via valgrind to avoid leaks) to make sure
it's still working properly.
2019-08-15 01:32:09 +02:00
aszlig
16ecd0d5ca
xkbvalidate: Rename output binary to xkbvalidate
...
So far, the output binary has been just "validate", which is quite a
very generic name and doesn't match the package name.
Even though I highly doubt that this program will ever be used outside
of NixOS modules, it's nevertheless less confusing to have a consistent
naming.
Signed-off-by: aszlig <aszlig@nix.build>
2019-08-15 01:11:32 +02:00
worldofpeace
bc0072305b
Merge pull request #66638 from worldofpeace/favorite-apps-gnome3
...
nixos/gnome3: set favorite-apps
2019-08-14 17:12:48 -04:00
worldofpeace
83c0b5f06f
nixos/gnome3: set favorite-apps
...
The upstream defaults [0] for this key include shotwell and
rhythmbox which aren't installed by the gnome3 module.
We swap these out for gnome-photos and gnome-music
which are.
[0]: https://gitlab.gnome.org/GNOME/gnome-shell/blob/3.32.2/data/org.gnome.shell.gschema.xml.in#L42
2019-08-14 16:55:45 -04:00
Matthew Bauer
e9b7085ff8
cups: add myself as maintainer
2019-08-14 11:47:48 -04:00
Matthew Bauer
01cd4663d6
tests/printing: don’t wait for unit services
...
These are now socket activated, we don’t need it to start up front.
2019-08-14 11:47:48 -04:00
Matthew Bauer
011b12c3ca
nixos: Add release notes for CUPS changes
2019-08-14 11:47:48 -04:00
Matthew Bauer
c068488817
nixos/cupsd: use socket-based activation by default
...
Make socket-based activation the
default (services.printing.startWhenNeeded)
2019-08-14 11:47:12 -04:00
Matthew Bauer
28040465be
nixos/cupsd: include /run/cups/cups.sock in ListenStreams
...
This socket should always be created by systemd.
2019-08-14 11:47:12 -04:00
Matthew Bauer
35e633bde5
nixos/cupsd: only enable cups when startWhenNeeded = false
...
cups-browsed was pulling in cups.service even when we were using the
socket-based initialization.
2019-08-14 11:47:12 -04:00
Matthew Bauer
04ea093eb6
nixos/cupsd: Set CUPS_DATADIR globally
...
This is used by some programs that need CUPS data files. For instance,
print-manager looks here for printing test pages.
2019-08-14 11:47:12 -04:00
worldofpeace
dd49cf711e
Merge pull request #66338 from worldofpeace/installer/no-root
...
installer: Don't run as root
2019-08-14 11:20:54 -04:00
Matthew Bauer
3411c1566a
Merge pull request #66480 from primeos/nixos-fuse
...
nixos/fuse: init
2019-08-14 10:16:02 -04:00
Ben Gamari
d7d873b8cb
nixos/gitlab: Delete stale hooks directories with -R
...
These can be directories.
2019-08-14 15:29:50 +02:00
Frederik Rietdijk
8d56f2472e
Merge master into staging-next
2019-08-14 13:45:54 +02:00
WilliButz
ddf15d321f
Merge pull request #66612 from fadenb/oxidized_permission_issue
...
nixos/oxidized: Use symlinks for config files
2019-08-14 11:56:34 +02:00
Tristan Helmich (omniIT)
02dfc07a04
nixos/oxidized: Use symlinks for config files
...
The old `cp` suffers from a permission issue on the 2nd start of the
service. The files were copied from the read-only nix store. On the 2nd
start of the service the `cp` failed.
The new version force creates a symlink which does not suffer from this.
2019-08-14 09:30:51 +00:00
Tim Digel
5bbde1e1ca
nixos/riemann-tools: Add ExtraArgs Config Option
...
Added option "extraArgs" to forward any switches to riemann-tools.
2019-08-14 08:26:13 +02:00
worldofpeace
d66f89022f
Merge pull request #66593 from aaronjanse/crashdump-poll-fix
...
fix crashDump overheating
2019-08-13 19:11:26 -04:00
Aaron Janse
011fa89b92
nixos/modules/misc/crashdump: remove idle=poll ( fix #66464 )
...
Previously, "idle=poll" would severely overheat some CPUs
2019-08-13 16:08:22 -07:00
Aaron Andersen
9af06755f3
nixos/zabbixProxy: fix database initialization logic
2019-08-13 18:50:28 -04:00
Leon Schuermann
415993d6b7
nixos-enter: silent activation script option
...
Also, fix a few shellcheck errors.
2019-08-13 23:48:58 +02:00
Matthew Bauer
329e097828
Merge pull request #66425 from Gerschtli/fix/path-order
...
environment.profiles: fix order of profiles and PATH
2019-08-13 15:06:09 -04:00
Marek Mahut
cb8f4b0552
Merge pull request #65439 from aanderse/httpd-extra-modules
...
nixos/httpd: remove duplicate module entries from httpd.conf
2019-08-13 18:51:15 +02:00
Aaron Andersen
6f6468bef3
Merge pull request #65728 from Infinisil/types-eithers
...
lib/types: Add oneOf, extension of either to a list of types
2019-08-13 11:48:42 -04:00
Peter Hoeg
16bd66818a
Merge pull request #63716 from peterhoeg/f/mosquitto
...
nixos/mosquitto: make the tests run
2019-08-13 22:45:38 +08:00
WilliButz
7a29431da9
Merge pull request #66561 from Ma27/document-user-services-on-rebuild
...
nixos/doc: document that services defined with `systemd.users` aren't restarted by nixos-rebuild
2019-08-13 16:43:40 +02:00
Maximilian Bosch
551230b7f6
nixos/doc: document that services defined with systemd.users
aren't restarted by nixos-rebuild
2019-08-13 16:26:09 +02:00
WilliButz
bab5455d80
Merge pull request #62914 from Ma27/improve-nixos-rebuild-manpage
...
doc/nixos-rebuild(8): add Nix options to summary
2019-08-13 15:54:51 +02:00
Domen Kožar
0047672d58
Merge pull request #66436 from domenkozar/nixos-options-doc-nix
...
make-options-doc: expose Nix set and add asciidoc variant
2019-08-13 12:20:18 +02:00
Marek Mahut
4754ca7d2e
Merge pull request #62936 from dasJ/sandbox-memcached
...
nixos/memcached: Isolate the service
2019-08-13 08:56:34 +02:00
Marek Mahut
c78fead206
Merge pull request #63735 from Ekleog/drop-old-kernels
...
manual: remind to drop kernels that will get EOL'd
2019-08-12 23:31:00 +02:00
Jeff Slight
2ee14c34ed
nixos/gitlab: properly clear out initializers
2019-08-12 12:50:02 -07:00
worldofpeace
397c7d26fc
installer: Don't run as root
...
There's many reason why it is and is going to
continue to be difficult to do this:
1. All display-managers (excluding slim) default PAM rules
disallow root auto login.
2. We can't use wayland
3. We have to use system-wide pulseaudio
4. It could break applications in the session.
This happened to dolphin in plasma5
in the past.
This is a growing technical debt, let's just use
passwordless sudo.
2019-08-12 14:45:27 -04:00
Franz Pletz
f3160a2db6
Merge pull request #66476 from WilliButz/fix-prometheus-alertmanager-option
...
nixos/prometheus2: replace alertmanagerURL with new alertmanagers option
2019-08-12 17:59:27 +00:00
Maximilian Bosch
f0d6955052
Merge pull request #66470 from WilliButz/update-blackbox-exporter
...
prometheus-blackbox-exporter: 0.12.0 -> 0.14.0, run tests and check config
2019-08-12 19:38:43 +02:00
Silvan Mosberger
a7c7bb156f
clight: init ( #64309 )
...
clight: init
2019-08-12 18:18:05 +02:00
Graham Christensen
5d807f80c7
Merge pull request #63864 from cransom/datadog-agent-integrations-fix
...
datadog-agent: fix extraIntegrations
2019-08-12 12:15:48 -04:00
Edmund Wu
7c8ea897be
clight: include module
2019-08-12 11:56:47 -04:00
Edmund Wu
c4de0bf492
timezone.nix -> locale.nix
...
Also includes geolocation information abstracted from redshift.nix
2019-08-12 11:56:40 -04:00
Michael Weiss
62f7711e29
Fix the indentation
...
Co-Authored-By: Alexey Shmalko <rasen.dubi@gmail.com>
2019-08-12 13:37:15 +02:00
Domen Kožar
dcd50c0ea0
pkgs.lib -> lib
2019-08-12 11:46:53 +02:00
WilliButz
c28ded36ef
nixos/prometheus-blackbox-exporter: add config check
2019-08-12 10:53:00 +02:00
WilliButz
a8847c870a
nixos/rename: add prometheus2 change
2019-08-12 10:42:29 +02:00
WilliButz
543f219b30
nixos/prometheus: replace 'alertmanagerURL' options for prometheus2
...
Prometheus2 does no longer support the command-line flag to specify
an alertmanager. Instead it now supports both service discovery and
configuration of alertmanagers in the alerting config section.
Simply mapping the previous option to an entry in the new alertmanagers
section is not enough to allow for complete configurations of an
alertmanager.
Therefore the option alertmanagerURL is no longer used and instead
a full alertmanager configuration is expected.
2019-08-12 10:42:28 +02:00
worldofpeace
e9e165fa23
Merge pull request #66449 from delroth/no-ibus-qt
...
nixos/ibus: do not default-install ibus-qt
2019-08-11 22:41:02 -04:00
Lassulus
612871e2ec
Merge pull request #66375 from emmanuelrosa/syncthing-1.2.1
...
syncthing: 1.1.4 -> 1.2.1
2019-08-12 00:22:25 +02:00
worldofpeace
bddce34e49
Merge pull request #66478 from aanderse/nylas-mail
...
nylas-mail-bin: drop package which is no longer supported upstream
2019-08-11 17:52:26 -04:00
Aaron Andersen
26f128c1af
nylas-mail-bin: drop package which is no longer supported upstream
2019-08-11 17:44:05 -04:00
Danylo Hlynskyi
329fa4b01e
Merge pull request #66401 from eadwu/postgresql/fix-quoted-query
...
nixos/postgresql: fix quoted queries
2019-08-11 22:46:50 +03:00
Notkea
4ff9a48398
nixos/postgresql-wal-receiver: add module ( #63799 )
2019-08-11 20:09:42 +03:00
Michael Weiss
2473d902e6
nixos/fuse: init
...
Add a module for /etc/fuse.conf.
Fixes #30923 .
2019-08-11 16:13:23 +02:00
Jean Potier
9847967594
Fix typo in assert in grafana module
...
Current assert prevents using secretKeyFile entirely
2019-08-11 13:21:26 +03:00
Emmanuel Rosa
d80670bdc2
syncthing: 1.1.4 -> 1.2.1
...
syncthing-gtk: add missing runtime dependencies
NixOS: fix syncthing-init NixOS test
2019-08-11 08:35:04 +07:00
Domen Kožar
6cf861c617
make-options-doc: add asciidoc variant
2019-08-10 20:11:04 +02:00
Silvan Mosberger
ca3820dd00
nixos/misc: Fix nixpkgs.config merge function
...
Previously nested attrsets would override each other
2019-08-10 20:03:11 +02:00
Pierre Bourdon
67d1cf4707
nixos/ibus: do not default-install ibus-qt
...
ibus-qt has not seen a release in 5 years and is only relevant for Qt
4.x, which is becoming more and more rare. Using my current laptop as a
data point, ibus-qt is the only dependency left that drags in qt-4.8.7.
2019-08-10 19:37:12 +02:00
worldofpeace
2eaef474f2
Merge pull request #66236 from worldofpeace/test-reorganize
...
Reorganize GNOME tests, re-enable LightDM for release-combined
2019-08-10 11:23:57 -04:00
worldofpeace
1ce7ece4b2
Merge pull request #66398 from worldofpeace/gnome3-option-renames
...
Move certain GNOME3 options to programs
2019-08-10 11:17:47 -04:00
worldofpeace
0722e88665
nixos/gpaste: don't set sessionPath
...
Not needed since f63d94eba3
2019-08-10 11:17:18 -04:00
worldofpeace
be3fe4a869
nixos/gpaste: move to programs
2019-08-10 11:17:18 -04:00
Domen Kožar
3a93fcfd1e
make-options-doc: expose Nix set
2019-08-10 14:24:11 +02:00
Domen Kožar
5ce8864c54
Merge pull request #66328 from domenkozar/nixos-options-doc
...
Extract NixOS options documentation generation to a function
2019-08-10 14:07:19 +02:00
Tobias Happ
33c834f2fb
environment.profiles: fix order of profiles
...
This change is needed because the order of profiles correlate to the
order in PATH, therefore "/etc/profiles/per-user/$USER" always appeared
after the system packages directories.
2019-08-10 10:28:12 +02:00
Alex Guzman
9fec6dfa39
roon-server: add back state directory
2019-08-09 22:21:46 -07:00
Silvan Mosberger
ce82d0b61a
Couchdb: Don't chown /var/log to couchdb ( #65347 )
...
Couchdb: Don't chown /var/log to couchdb
2019-08-10 01:36:15 +02:00
Alex Guzman
d830ae9af3
[roon-server] Use non-deprecated string type
2019-08-09 13:02:46 -07:00
Edmund Wu
18d176dc20
nixos/postgresql: fix quoted queries
2019-08-09 15:11:24 -04:00
Matthew Bauer
ddf38a8241
Merge pull request #65002 from matthewbauer/binfmt-wasm
...
Add binfmt interpreter for wasm
2019-08-09 14:04:21 -04:00
Matthieu Coudron
2da1ad60a8
boot.kernelPackages: check for conflicts
...
It's currently possible to set conflicting `boot.kernelPackages` several times
which can prove confusing.
This is an attempt to warn for this.
2019-08-10 02:27:52 +09:00
worldofpeace
f12f2bb828
nixos/gnome-documents: move to programs
2019-08-09 12:56:11 -04:00
worldofpeace
6c525b1076
nixos/gnome-disks: move to programs
2019-08-09 12:56:11 -04:00
worldofpeace
ff0e3aae35
nixos/file-roller: move to programs
2019-08-09 12:56:11 -04:00