Commit graph

655 commits

Author SHA1 Message Date
worldofpeace
b53e773220
Merge pull request #73004 from philandstuff/patch-1
ssh-agent: fix syntax problem from #71139
2019-11-08 04:13:58 +00:00
Matthew Bauer
c403d66b85
Merge pull request #71825 from AIDEA775/fix/zsh-syntax-highlighting
nixos/zsh-syntax-highlighting: Fix highlighting when ohMyZsh is enabled
2019-11-07 17:29:57 -05:00
Philip Potter
ce7d4e40f0
ssh-agent: fix syntax problem from #71139
Oops, in #71139 a missing `+` broke things quite badly.  Thanks @lzorkin for the
report and @mebubo for diagnosing the problem.
2019-11-07 22:13:18 +00:00
Robin Gloster
db502b034f
Merge pull request #71139 from philandstuff/ssh-agent-pkcs11-whitelist
ssh-agent: add agentPKCS11Whitelist option
2019-11-04 22:16:06 +01:00
worldofpeace
a0b037b863
Merge pull request #72391 from urkud/gnupg-pinentry-gnome3
nixos/gnupg: add dbus dependencies for gnome3 pinentry
2019-11-01 13:02:21 +00:00
Yury G. Kudryashov
7240566f74 nixos/gnupg: add dbus dependencies for gnome3 pinentry 2019-11-01 08:58:11 -04:00
Silvan Mosberger
dd0a47e7ae
treewide: Switch to system users (#71055)
treewide: Switch to system users
2019-11-01 13:26:43 +01:00
Yury G. Kudryashov
1105cec98d gnupg: fix pinentry in sway (fix a typo in 3c39093c0d) 2019-10-30 02:00:39 -04:00
Robin Gloster
3c39093c0d
gnupg: fix pinentry on sway 2019-10-29 20:30:23 +01:00
Silvan Mosberger
de357d5781
Merge pull request #65698 from Infinisil/system-users
Increase the system user id range
2019-10-27 10:41:39 +01:00
Silva Alejandro Ismael
35ae47e44b nixos/zsh-syntax-highlighting: Fix highlighting when ohMyZsh is enabled
From https://github.com/zsh-users/zsh-syntax-highlighting#faq:

"It must be sourced after all custom widgets have been created
(i.e., after all zle -N calls and after running compinit)."

zsh-syntax-highlighting must be sourced to the end.
2019-10-23 11:54:52 -03:00
Frederik Rietdijk
a456fbfeed Merge staging-next into staging 2019-10-22 09:20:03 +02:00
Tor Hedin Brønner
aa910d164d nixos/seahorse: use seahorse's askpass by default 2019-10-21 18:01:15 +02:00
Franz Pletz
3d832dee59 gnupg: disable gui/pinentry support by default
This solves the dependency cycle in gcr alternatively so there won't be
two gnupg store paths in a standard NixOS system which has udisks2 enabled
by default.

NixOS users are expected to use the gpg-agent user service to pull in the
appropriate pinentry flavour or install it on their systemPackages and set
it in their local gnupg agent config instead.

Co-authored-by: Florian Klink <flokli@flokli.de>
2019-10-16 20:31:16 -04:00
Franz Pletz
c2576266ba nixos/gnupg: add option for setting pinentry flavours
Co-authored-by: Florian Klink <flokli@flokli.de>
2019-10-16 20:31:05 -04:00
worldofpeace
2fbccbc728 Revert "Merge pull request #71095 from flokli/pinentry-cleanup"
This reverts commit 823da4d492, reversing
changes made to b75c8ee3bc.
2019-10-16 20:28:21 -04:00
Franz Pletz
b5bea4ce32 gnupg: disable gui/pinentry support by default
This solves the dependency cycle in gcr alternatively so there won't be
two gnupg store paths in a standard NixOS system which has udisks2 enabled
by default.

NixOS users are expected to use the gpg-agent user service to pull in the
appropriate pinentry flavour or install it on their systemPackages and set
it in their local gnupg agent config instead.

Co-authored-by: Florian Klink <flokli@flokli.de>
2019-10-16 19:56:50 -04:00
Franz Pletz
edea9fed72 nixos/gnupg: add option for setting pinentry flavours
Co-authored-by: Florian Klink <flokli@flokli.de>
2019-10-16 19:56:49 -04:00
Philip Potter
8120184bf1 ssh-agent: add agentPKCS11Whitelist option
If you want to be able to use OpenSC with ssh-agent, you need to be able
to add it to the ssh-agent whitelist.  This adds an option,
agentPKCS11Whitelist, that exposes the option.

Note that I currently work around this by injecting the parameter into
the agentTimeout option:

    programs.ssh.agentTimeout = "1h -P ${pkgs.opensc}/lib/opensc-pkcs11.so";

but I feel that a proper option would be better :)
2019-10-14 20:45:28 +01:00
Silvan Mosberger
23d920c8f0
nixos/users: Increase maximum system uid/gid from 499 to 999
This enlarges the system uid/gid range 6-fold, from 100 to 600 ids. This
is a preventative measure against running out of dynamically allocated
ids for NixOS services with isSystemUser, which should become the
preferred way of allocating uids for non-real users.
2019-10-14 01:59:19 +02:00
worldofpeace
dd050270c7 nixos/environment: don't set GTK_DATA_PREFIX or GTK_EXE_PREFIX
We had these set so gtk2 can discover themes properly, however we failed
realize that gtk2 already has a patch that makes it search in XDG_DATA_DIRS.
I don't believe any issue is solved by setting these.
2019-10-13 19:54:09 -04:00
Janne Heß
d6c08776ba treewide: Switch to system users 2019-10-12 22:25:28 +02:00
Eelco Dolstra
4e0d6a5ff8
Don't create /nix/var/nix/{gcroots,per-user}/per-user with 1777 permission
In fact, don't create them at all because Nix does that automatically.

Also remove modules/programs/shell.nix because everything it did is
now done automatically by Nix.
2019-10-10 16:24:33 +02:00
Joachim Fasting
923c449e9b
nixos/blcr: remove 2019-10-06 08:10:23 +02:00
Jörg Thalheim
bfed455de3
Merge pull request #68946 from volth/escape
treewide: fix string escapes
2019-09-24 04:19:12 +01:00
Eelco Dolstra
b0ccd6dd16
Revert "nixos/doc: re-format"
This reverts commit ea6e8775bd. The new
format is not an improvement.
2019-09-19 19:17:30 +02:00
worldofpeace
58f090cc7b
Merge pull request #69031 from worldofpeace/xcursor-update
nixos/xdg/icons: match XCURSOR_PATH spec
2019-09-18 17:42:20 -04:00
Jan Tojnar
c28659e2fb
doc: Disable wrapping source (#68181)
doc: Disable wrapping source
2019-09-18 22:33:56 +02:00
Jan Tojnar
ea6e8775bd
nixos/doc: re-format 2019-09-18 22:13:35 +02:00
Maximilian Bosch
713fda2eb5
nixos/sway: install swaybg by default 2019-09-18 21:50:18 +02:00
worldofpeace
b3f4ce351e nixos/xdg/icons: match XCURSOR_PATH spec 2019-09-18 13:03:14 -04:00
worldofpeace
ee29fbd9a2
Merge pull request #68492 from worldofpeace/pam-sessionvariables
Introduce environment.profileRelativeSessionVariables
2019-09-18 11:15:26 -04:00
worldofpeace
6663a795a3 nixos/environment: set GTK_EXE_PREFIX 2019-09-18 11:13:43 -04:00
worldofpeace
cc125810cb nixos/environment: set GTK_DATA_PREFIX
Many desktop environment modules are already setting
this so it already makes sense to just do this globally.
2019-09-18 11:13:43 -04:00
Robert Helgesson
866cc3e792 nixos/system-environment: introduce environment.profileRelativeSessionVariables
There is a need for having sessionVariables set relative to the Nix Profiles.
Such as in #68383.
2019-09-18 11:09:43 -04:00
volth
1aadcee68a
nixos/less: fix escape 2019-09-17 00:18:14 +00:00
Maximilian Bosch
99b291c73c
Merge pull request #68507 from peterhoeg/f/mtr
nixos/mtr: support for selecting the package
2019-09-12 09:34:22 +02:00
volth
7b8fb5c06c treewide: remove redundant quotes 2019-09-08 23:38:31 +00:00
Frederik Rietdijk
66bc7fc1b3 Merge master into staging-next 2019-09-06 22:46:05 +02:00
worldofpeace
792444af84 nixos/system-config-printer: init 2019-09-06 09:40:17 -04:00
Jan Tojnar
cdf426488b
Merge branch 'master' into staging-next
Fixed trivial conflicts caused by removing rec.
2019-09-06 03:20:09 +02:00
Jan Tojnar
72e7d569a7
tree-wide: s/GTK+/GTK/g
GTK was renamed.
2019-09-06 02:54:53 +02:00
Vladimír Čunát
f21211ebfe
Merge branch 'master' into staging 2019-09-02 23:25:24 +02:00
worldofpeace
9b13731b72
Merge pull request #67522 from worldofpeace/gnome3/harmonize-defaults
Harmonize Gnome3 Defaults
2019-09-01 18:33:00 -04:00
Silvan Mosberger
478e7184f8
nixos/modules: Remove all usages of types.string
And replace them with a more appropriate type

Also fix up some minor module problems along the way
2019-08-31 18:19:00 +02:00
Frederik Rietdijk
98ef78326d Merge staging-next into staging 2019-08-31 18:07:33 +02:00
Silvan Mosberger
4727a40be9
Merge pull request #65283 from averelld/add-x2goserver-module
Add x2goserver module
2019-08-31 17:49:41 +02:00
Frederik Rietdijk
ad1d58c622 Merge staging-next into staging 2019-08-31 10:04:20 +02:00
worldofpeace
90319d5e33 nixos/seahorse: move to programs 2019-08-30 20:42:01 -04:00
Averell Dalton
f0d23b6343 x2goserver: add module 2019-08-30 19:54:12 +02:00
Elis Hirwing
aacf9235d8
nixos/usbtop: Add module to install usbtop and to enable kernel module 2019-08-30 18:54:33 +02:00
Vika
844200a06f
nixos/bash: Improve Emacs detection for PS1
That's one of my itches - when I'm sshing from Emacs' term to a NixOS
machine, it doesn't detect that I'm running emacs and showing a title
escape sequence. This commit fixes it, checking against $TERM to
prevent this from ever bothering anyone again.
2019-08-30 00:28:57 +03:00
volth
08f68313a4 treewide: remove redundant rec 2019-08-28 11:07:32 +00:00
Frederik Rietdijk
5061fe0c2c Merge staging-next into staging 2019-08-28 08:26:42 +02:00
Matthew Bauer
4081bec5ac
zsh: remove unfunction on TERM=dumb
Unfortunately this gives an error when precmd or preexec exists. Removing to avoid that.
2019-08-27 11:00:58 -04:00
volth
35d68ef143 treewide: remove redundant quotes 2019-08-26 21:40:19 +00:00
Daniel Hirschberger
9a6adc1619 nixos/gnupg: Add gpg to systemPackages 2019-08-24 21:30:49 +02:00
Jan Tojnar
d90aa7dc62
Merge pull request #67389 from jtojnar/xdg-user-dirs
Allow changing xdg-user-dirs with environment.etc
2019-08-24 19:22:45 +02:00
Jan Tojnar
48426833c8
nixos/environment: prepend /etc/xdg to XDG_CONFIG_DIRS
Previously, we were only adding profile-relative paths to XDG_CONFIG_DIRS
variable. That required very ugly hacks like
https://github.com/NixOS/nixpkgs/issues/33282#issuecomment-524550842
to be able to configure XDG stuff.

Now, we are prepending the variable with /etc/xdg, allowing us to
simply use `environment.etc."xdg/…"` options.
2019-08-24 16:01:01 +02:00
Jan Malakhovski
2eaf57541f nixos: zsh: reorder /etc/zshrc a little bit, add more helpful documentation 2019-08-24 05:48:57 +00:00
Jan Malakhovski
f70e3f3738 nixos: zsh: move NixOS-specific variables from /etc/zshrc to /etc/zshenv
We want these to be set even when /etc/zshrc loading is disabled.
2019-08-24 05:36:02 +00:00
Matthew Bauer
ac773d1607 nixos/zsh: Fix tramp support
For a long time, TRAMP has not worked with ZSH NixOS servers. I
thought I fixed this in 0740f57e63af61694d14796286cb9204, but now
realize that was only half the problem. For TRAMP to start working
again ‘unsetopt zle’ was needed, otherwise the connection would hang.
In addition, I have a few more settings added that can apparenty
interfere with these settings.
2019-08-21 21:24:45 -04:00
worldofpeace
4ba10fbbfd
Merge pull request #66990 from worldofpeace/gnome-vte-config
nixos/gnome-terminal: init
2019-08-21 16:17:05 -04:00
worldofpeace
4a46140d29 nixos/gnome-terminal: init
This module obsoletes services.gnome3.gnome-terminal-server
as that's a confusing option for users, and sounds internal.
It's much simpler to have a gnome-terminal module.
2019-08-21 16:16:04 -04:00
Matthew Bauer
1ab1e11257
Merge pull request #66992 from oxij/nixos/fix-zsh-prompt
nixos: zsh: setopt prompt_sp to workaround a zsh bug
2019-08-20 13:20:30 -04:00
Jan Malakhovski
065c6ed96e nixos: zsh: setopt prompt_sp to workaround a zsh bug
See #38535, properly fixing the prompt seems complicated, and this seems
to work in all the ttys I checked.

Suggested by @Mic92.
2019-08-19 22:58:13 +00:00
worldofpeace
918b7d572f nixos/dconf: cleanup
Add dconf to systemPackages and make GIO_EXTRA_MODULES
a list so it can actually merge.
2019-08-18 21:54:00 -04:00
Matthew Bauer
3411c1566a
Merge pull request #66480 from primeos/nixos-fuse
nixos/fuse: init
2019-08-14 10:16:02 -04:00
Matthew Bauer
329e097828
Merge pull request #66425 from Gerschtli/fix/path-order
environment.profiles: fix order of profiles and PATH
2019-08-13 15:06:09 -04:00
Michael Weiss
62f7711e29
Fix the indentation
Co-Authored-By: Alexey Shmalko <rasen.dubi@gmail.com>
2019-08-12 13:37:15 +02:00
Aaron Andersen
26f128c1af nylas-mail-bin: drop package which is no longer supported upstream 2019-08-11 17:44:05 -04:00
Michael Weiss
2473d902e6
nixos/fuse: init
Add a module for /etc/fuse.conf.
Fixes #30923.
2019-08-11 16:13:23 +02:00
worldofpeace
0722e88665 nixos/gpaste: don't set sessionPath
Not needed since f63d94eba3
2019-08-10 11:17:18 -04:00
worldofpeace
be3fe4a869 nixos/gpaste: move to programs 2019-08-10 11:17:18 -04:00
Tobias Happ
33c834f2fb environment.profiles: fix order of profiles
This change is needed because the order of profiles correlate to the
order in PATH, therefore "/etc/profiles/per-user/$USER" always appeared
after the system packages directories.
2019-08-10 10:28:12 +02:00
worldofpeace
f12f2bb828 nixos/gnome-documents: move to programs 2019-08-09 12:56:11 -04:00
worldofpeace
6c525b1076 nixos/gnome-disks: move to programs 2019-08-09 12:56:11 -04:00
worldofpeace
ff0e3aae35 nixos/file-roller: move to programs 2019-08-09 12:56:11 -04:00
worldofpeace
db69d2dfe7 nixos/evince: move to programs 2019-08-09 12:56:11 -04:00
Peter Hoeg
968d4643b0 nixos/mtr: make the package configurable 2019-08-05 17:42:17 +08:00
Peter Hoeg
f2639566b5
Merge pull request #30712 from peterhoeg/f/service
systemd user services shouldn't run as root and other "non-interactive" users
2019-08-02 11:58:27 +08:00
Artemis Tosini
42c3eefd77
nixos/xonsh: Use the package specified in the package option 2019-07-31 23:28:13 +00:00
edef
4bcc6e11d3
Merge pull request #65227 from NixOS/openssh-known-hosts-ca
nixos/programs/ssh: allow specifying known host CAs
2019-07-31 12:08:58 +00:00
worldofpeace
bb4f61f73d
Merge pull request #64121 from tadeokondrak/nixos/programs/shell.nix/remove-gnu-specific-option
nixos/programs/shell.nix: don't use unnecessary GNU-specific option
2019-07-31 02:19:59 -04:00
edef
1c9a2d4d7f nixos/programs/ssh: allow specifying known host CAs 2019-07-21 14:23:41 +00:00
Yarny0
f5b873f43c nixos/tsm-client: init module
This commit brings a module that installs the
IBM Spectrum Protect (Tivoli Storage Manager)
command-line client together with its
system-wide client system-options file `dsm.sys`.
2019-07-15 09:41:37 +02:00
Tadeo Kondrak
fef4dc526f
nixos/programs/shell.nix: don't use unnecessary GNU-specific option 2019-07-02 03:08:14 -06:00
Maximilian Bosch
d9f7bac91f
nixos/captive-browser: fix module
Fixes the broken metrics evaluation which was caused by a `trace`
warning in stdout which confused `jq` in `pkgs/top-level/metrics.nix`.

Also made the `bind-device` feature optional as suggested after the
merge.
2019-06-14 20:38:33 +02:00
Maximilian Bosch
d1990cff8d
Merge pull request #58036 from volth/captive-browser
nixos/programs.captive-browser: init
2019-06-13 14:05:13 +02:00
Izorkin
82ad143a51
nixos/zsh: move zsh setopt 2019-06-09 00:13:01 +02:00
Florian Klink
640afe964e
Barco clickshare (#59891)
Barco clickshare
2019-06-02 12:41:21 +02:00
Klemens Nanni
7f104aa6e2 tmux module: Fix escaping in TMUX_TMPDIR
5404595b55 relocated code but kept
one backslah too many, leading to

	$ tmux
	error creating /run/user/$(id -u)/tmux-1000 (No such file or directory)

/run/user/$UID/ is created by pam_systemd(3) which also populates
XD_RUNTIME_DIR with that value.

Alternatively, TMUX_TMPDIR might simply default to XDG_RUNTIME_DIR
without providing the same directory yet again as default string in
parameter substitution, however such behaviour change is subject to
another patch.

In fact, with `security.polkit.enable = false` systemd_logind(8) fails
to start and /run/user/$UID/ is never created for unprivileged users
in proper login sessions;  XDG_RUNTIME_DIR would consequently not be
set either.

Removing the fallback to /run/user/$UID/ would have caused TMUX_TMPDIR
to be empty, which in turn would lead tmux(1) to use /tmp/.  This
effectively breaks the idea of isolated sockets entirely while hiding
errors from the user.
2019-05-31 15:09:59 +02:00
Yarny0
b38bdf6d2f nixos/clickshare: init module
The clickshare-csc1 package brings a udev rule file
to grant access to the ClickShare dongle if connected.
This module provides an option to install that rule file.
Only users in the "clickshare" users group have access.
2019-05-30 19:58:45 +02:00
Robin Gloster
6cf583cf2f
Merge pull request #60406 from JohnAZoidberg/remove-isnull
treewide: Remove usage of isNull
2019-05-18 09:36:24 +00:00
Maximilian Bosch
fa2c6dc3c2
Merge pull request #61311 from turboMaCk/xss-lock-locker-options
xss-lock: improve locker options passing
2019-05-12 11:07:54 +02:00
Maximilian Bosch
775146165d
nixos/xss-lock: improve module
* Don't use `literalExample`, raw Nix values can directly be specified
  as an option example which provides support for highlighting in the
  manual as well.

* Escape shell args for `extraOptions`: I.e. the `-n` option might be
  problematic as a longer notification command might be misinterpreted.
2019-05-12 03:20:44 +02:00
Marek Fajkus
7fef2e38ea xss-locker: improve options passing
- allow locker options without hacks
- add extraOptions
2019-05-11 19:33:10 +02:00
Maximilian Bosch
3d6fe3d760
nixos/zmap: init module
The module installs `zmap` globally and links the config files to
`/etc/zmap`, the default location of config files for zmap.

The package provides pretty much a sensitive default, custom configs can
be created like this:

```
{ lib, ... }:
{
  environment.etc."zmap/blacklist.conf" = lib.mkForce {
    text = ''
      # custom zmap blacklist
      0.0.0.0/0
    '';
  };
}
```
2019-05-10 08:12:27 +02:00
Daniel Schaefer
786f02f7a4 treewide: Remove usage of isNull
isNull "is deprecated; just write e == null instead" says the Nix manual
2019-04-29 14:05:50 +02:00
Frederik Rietdijk
2f936f85d8 Merge master into staging-next 2019-04-29 13:46:20 +02:00