Commit graph

264 commits

Author SHA1 Message Date
Eelco Dolstra
7ea47df0a4 polkit: Fix authenticating as a wheel user
In Javascript-based PolKit, "unix-user:0;unix-group:wheel" is not
valid; it should be a list "unix-user:0", "unix-group:wheel".
2013-11-18 18:04:17 +01:00
Eelco Dolstra
1ce709ee00 polkit: The rule file needs to end in .rules
Otherwise it's ignored.
2013-11-18 18:04:17 +01:00
Eelco Dolstra
886b9e27a6 httpd.nix: Support non-root operation 2013-11-18 18:04:17 +01:00
Eelco Dolstra
2b0aea1793 Allow running NixOS services outside of systemd
The attribute ‘config.systemd.services.<service-name>.runner’
generates a script that runs the service outside of systemd.  This is
useful for testing, and also allows NixOS services to be used outside
of NixOS.  For instance, given a configuration file foo.nix:

  { config, pkgs, ... }:

  { services.postgresql.enable = true;
    services.postgresql.package = pkgs.postgresql92;
    services.postgresql.dataDir = "/tmp/postgres";
  }

you can build and run PostgreSQL as follows:

  $ nix-build -A config.systemd.services.postgresql.runner -I nixos-config=./foo.nix
  $ ./result

This will run the service's ExecStartPre, ExecStart, ExecStartPost and
ExecStopPost commands in an appropriate environment.  It doesn't work
well yet for "forking" services, since it can't track the main
process.  It also doesn't work for services that assume they're always
executed by root.
2013-11-18 18:04:17 +01:00
Eelco Dolstra
dc87f8e080 Check whether fileSystems defines the root FS 2013-11-18 18:04:16 +01:00
Eelco Dolstra
8951be2d80 Allow overrides to work for unit options 2013-11-18 18:04:16 +01:00
Eelco Dolstra
33cb0bbb4b Use types.lines for script/preStart/postStart/postStop 2013-11-18 18:04:16 +01:00
Eelco Dolstra
5620e69b5d Apply better type checking to unitConfig/serviceConfig/...
In particular, complain if two modules define the same systemd option.
2013-11-18 18:04:16 +01:00
Eelco Dolstra
f8a034172a Fix broken Conflicts options 2013-11-18 18:04:16 +01:00
Eelco Dolstra
08a85c2152 Allow building/testing individual systemd units 2013-11-18 18:04:16 +01:00
Sergey Mironov
d8b0c942a1 xfce: enable tumbler the thumbnail manager (close #1206) 2013-11-16 16:58:08 +01:00
Ricardo M. Correia
36a05c7b15 systemd: Add systemd.extraConfig option for /etc/systemd/system.conf 2013-11-16 16:50:59 +01:00
Ricardo M. Correia
e0171ef026 systemd: Change services.logind.extraConfig type to types.lines 2013-11-16 16:50:59 +01:00
Shea Levy
cc69da4314 Put /efi and /loader on the main livecd partition for efi booting with unetbootin
Fixes #248, mostly

Signed-off-by: Shea Levy <shea@shealevy.com>
2013-11-14 18:18:46 -05:00
Eelco Dolstra
e815e4026a mediawiki: Update to 1.20.7 2013-11-13 17:33:58 +01:00
Rickard Nilsson
26d7598d46 networkmanager NixOS service: Make it possible to append or insert name servers in /etc/resolv.conf 2013-11-13 01:52:57 +01:00
Eelco Dolstra
4cada34b7f Properly handle unit names with dashes in them
We ended up with files in /etc/systemd/system called
"bigx2ddata.mount.wants" rather than "big\x2ddata.mount.wants".
2013-11-12 16:58:36 +01:00
Eelco Dolstra
785eaf2cea Add some primops to lib 2013-11-12 13:48:30 +01:00
Domen Kožar
cee0f6c708 Merge pull request #1196 from bjornfor/capitalize-service-descriptions
nixos: capitalize a bunch of service descriptions
2013-11-12 01:25:18 -08:00
Eelco Dolstra
6441a9c1d0 Don't set the default channel to 13.10 when installing from master
Partial revert of 619a1f5614.
2013-11-11 11:26:15 +01:00
Bjørn Forsman
b9f5b880e7 nixos/libvirtd-service: fix for dnsmasq (dir perms 700 -> 755)
Fixes this:

Nov 09 16:18:54 nixos-laptop systemd[1]: Starting Libvirt Virtual Machine Management Daemon...
Nov 09 16:18:54 nixos-laptop dnsmasq[15809]: read /etc/hosts - 2 addresses
Nov 09 16:18:54 nixos-laptop dnsmasq[15809]: failed to load names from /var/lib/libvirt/dnsmasq/default.addnhosts: Permission denied
Nov 09 16:18:54 nixos-laptop dnsmasq[15809]: cannot read /var/lib/libvirt/dnsmasq/default.hostsfile: Permission denied
Nov 09 16:18:55 nixos-laptop systemd[1]: Started Libvirt Virtual Machine Management Daemon.

I don't understand the reason for the original 700 permission bits.
Apparently read-access is needed and Ubuntu also use 755 perms.

Use "chmod" instead of "mkdir -m" to set permissions because mkdir doesn't
modify permissions on existing directories.
2013-11-10 14:07:29 +01:00
Bjørn Forsman
dc352536a8 nixos: capitalize a bunch of service descriptions
(systemd service descriptions that is, not service descriptions in "man
configuration.nix".)

Capitalizing each word in the description seems to be the accepted
standard.

Also shorten these descriptions:
 * "Munin node, the agent process" => "Munin Node"
 * "Planet Venus, an awesome ‘river of news’ feed reader" => "Planet Venus Feed Reader"
2013-11-09 20:45:50 +01:00
Vladimír Čunát
619a1f5614 changes proposed for 13-10 update
One feature change: polkit update 8d14c7ba
2013-11-09 18:41:42 +01:00
Jaka Hudoklin
673fc81337 nixos/graphite: fix storage dir for carbon 2013-11-09 17:36:05 +01:00
Vladimír Čunát
8d14c7baa6 polkit: major update 0.105 -> 0.112
- It now uses JavaScript for configuration (only),
  so I had to "convert" config for NetworkManager.
- I tested suspend/restart/(un)mount on KDE/Xfce,
  Phreedom tested NetworkManager config conversion.
2013-11-09 16:29:18 +01:00
Domen Kožar
b3ea42462c Merge pull request #1182 from offlinehacker/nixos/mongodb/userfix
nixos/mongodb: set static uid to work with #1076
2013-11-08 12:56:00 -08:00
Domen Kožar
a623cc96e3 Merge pull request #1066 from offlinehacker/nixos/logstash/update
nixos/logstash: update and simplify to be fully compatible with new version
2013-11-08 11:44:17 -08:00
Eelco Dolstra
065493284f Update the X11 terminal server module for systemd
Yay, we no longer need inetd!
2013-11-08 16:39:22 +01:00
Eelco Dolstra
e62e15b2f9 Only run systemd-inhibit for local X11 sessions 2013-11-08 16:39:22 +01:00
Rob Vermaas
001550d5fe Adapt S3 ami creation script to new nixpkgs structure 2013-11-08 12:49:44 +01:00
Rob Vermaas
e9921632ef Updating EC2 EBS HVM creation script.
* Use smaller instances to generate HVM images
* Use HVM base image that has 4 ephemeral disks in device mapping
* As grub is not on the base images anymore, install it first before copying parts of its contents
2013-11-08 12:49:44 +01:00
Rob Vermaas
f3eccb26f7 Fix test deployment in EC2 creation script 2013-11-08 12:49:44 +01:00
Eelco Dolstra
cc65b1015d vsftpd: Disable seccomp filtering on 64-bit
It worked on Linux 3.4 but fails with "500 OOPS: priv_sock_get_cmd"
since we updated the default kernel to 3.10.

http://hydra.nixos.org/build/6715359

https://bugzilla.redhat.com/show_bug.cgi?id=845980
https://bugzilla.novell.com/show_bug.cgi?id=786024
2013-11-07 16:38:57 +01:00
Eelco Dolstra
000962c3fb vsftpd: Run in the background and log to syslog (i.e. journal) 2013-11-07 16:38:57 +01:00
Eelco Dolstra
10e31f6de7 Clean up the vsftpd module a bit 2013-11-07 16:38:57 +01:00
Eelco Dolstra
8c9c3b628f Drop the new-kernel ISOs 2013-11-07 16:38:57 +01:00
Eelco Dolstra
0d5ec076d2 Use default kernel for EFI-related stuff 2013-11-07 16:38:56 +01:00
Eelco Dolstra
1e89c720e2 Manual: Port forwarding to VMs 2013-11-07 12:28:45 +01:00
Domen Kožar
a46c71857d Merge pull request #1172 from zefhemel/patch-1
Removed unnecessary mkIf in elasticserach
2013-11-07 03:11:11 -08:00
Michael Raskin
e8b347e6ae Merge pull request #1167 from grwlf/serverflags
Add serverFlagsSection option to the xserver config
2013-11-07 03:00:37 -08:00
Michael Raskin
f8ddc0cbd4 Merge pull request #1099 from offlinehacker/nixos/nginx/package_change_support
nixos/nginx: allow to specify which package to use
2013-11-07 02:59:09 -08:00
Michael Raskin
0cfc45c3b9 Merge pull request #1164 from kirelagin/master
Make touchpad button mapping configurable
2013-11-07 02:49:44 -08:00
Jaka Hudoklin
50a2f3fdce nixos/mongodb: set static uid to work with #1076 2013-11-07 11:25:14 +01:00
Sander van der Burg
d31b328d0a Updated Disnix service definition to support new development version and mongo databases 2013-11-07 10:54:53 +01:00
Zef Hemel
8063382867 Removed unnecessary mkIf
The whole block is already wrapped in cfg.enable and this breaks some things.
2013-11-05 08:52:23 +01:00
Eelco Dolstra
d9c13a73c2 gurobi: Remove
It's proprietary, non-redistributable software.
2013-11-05 00:07:24 +01:00
Eelco Dolstra
754704ea18 Allow packages to be marked as "broken" by setting meta.broken
The effect is that they won't show up in "nix-env -qa" anymore.
2013-11-04 21:11:00 +01:00
Domen Kožar
a734f32fa1 Remove desktopManager.gnome
Gnome doesn't work at least since I started using NixOS half a year
ago, let's not give wrong impressions to newcomers. Packaging gnome3
is still something on horizon.
2013-11-04 18:12:38 +01:00
Peter Simons
87c3907c14 Merge pull request #1168 from grwlf/nixos-gnu-screen
Add GNU Screen program module
2013-11-04 08:06:59 -08:00
Sergey Mironov
8c1e14e6cc Add GNU Screen program module 2013-11-04 19:07:51 +04:00