Commit graph

4993 commits

Author SHA1 Message Date
Eelco Dolstra
9771f0c96c sshd: Support multiple host keys
The option services.openssh.hostKeys now allows specifying multiple
host keys.  The default value enables both a DSA and ECDSA key.
(Clients by default will use the ECDSA key, unless known_hosts already
has a DSA key for that host.)  To use only an ECDSA key, you can say:

  services.openssh.hostKeys =
    [ { path = "/etc/ssh/ssh_host_ecdsa_key";
        type = "ecdsa";
        bits = 521;
      }
    ];
2013-08-24 01:01:10 +02:00
Eelco Dolstra
c9b9f7ee1d Manual: Fix some links 2013-08-23 19:05:19 +02:00
Evgeny Egorochkin
f8a6fa774e SSH daemon: change default key size for RSA, add alert for weak keys. 2013-08-23 14:50:14 +03:00
Rickard Nilsson
f420726936 Add several missing uids and gids to modules/misc/ids.nix 2013-08-23 11:37:17 +02:00
Evgeny Egorochkin
bfc75e73ae Update zip to zipAttrsWith since zip is obsolete. 2013-08-22 10:40:50 +03:00
Peter Simons
fa841f033e Merge pull request #227 from offlinehacker/modules.statsd
Add statsd, simple daemon for easy stats aggregation
2013-08-21 03:19:39 -07:00
Jaka Hudoklin
5894f26c81 Add statsd, simple daemon for easy stats aggregation 2013-08-21 11:52:25 +02:00
Jaka Hudoklin
2f0fa22d54 Add statsd, simple daemon for easy stats aggregation 2013-08-21 11:43:37 +02:00
Eelco Dolstra
d848daad94 Manual: Document how to deal with binary cache issues 2013-08-20 17:11:48 +02:00
Eelco Dolstra
97e8a3310f Manual: Document how to repair a corrupted Nix store 2013-08-20 17:11:48 +02:00
Eelco Dolstra
8b37dc0352 Manual: Nix store maintenance 2013-08-20 17:11:48 +02:00
Eelco Dolstra
a3eaf81986 Manual: Kernel configuration 2013-08-20 17:11:48 +02:00
Eelco Dolstra
735ad3f466 Manual: "filesystem" -> "file system" 2013-08-20 17:11:48 +02:00
Eelco Dolstra
35bb4da0e5 Manual: Document synaptics support 2013-08-20 17:11:48 +02:00
Eelco Dolstra
2d5e83c067 Manual: Move NVIDIA stuff into its own subsection 2013-08-20 17:11:47 +02:00
Eelco Dolstra
eefe0786f9 nixos-help: Use xdg-open if available 2013-08-20 17:11:47 +02:00
Eelco Dolstra
f4c42695cb Manual: Add section on how to do rollbacks 2013-08-20 17:11:47 +02:00
Eelco Dolstra
f2480af162 Manual: Remove "bleeding edge" remark 2013-08-20 17:11:47 +02:00
Eelco Dolstra
454e3477b6 Manual: Document LUKS encryption 2013-08-20 17:11:47 +02:00
Eelco Dolstra
b6d9eed805 Manual: Document X11 configuration 2013-08-20 17:11:47 +02:00
Eelco Dolstra
884b4c6137 Manual: Document user management 2013-08-20 17:11:47 +02:00
Eelco Dolstra
81eebecd15 Manual: Describe NixOS package management styles 2013-08-20 17:11:47 +02:00
Rickard Nilsson
1ff7584a30 networkmanager: Add option for appending DNS settings
If the option is enabled, the DNS servers from networking.nameservers
will be inserted in /etc/resolv.conf after the DNS servers that
NetworkManager receieves by DHCP, or that is configured manually
in the connection settings.
2013-08-20 13:36:01 +02:00
Rob Vermaas
71a21704dc Fix typoe in graphite module (cabon -> carbon). 2013-08-19 10:21:31 +02:00
Domen Kožar
6004b28af8 merge 2013-08-19 09:06:31 +02:00
Jaka Hudoklin
4628fd8434 graphite: Refactor options, serve with waitress 2013-08-19 04:22:46 +02:00
Bjørn Forsman
d17d1636b1 Revert "Add /etc/ssl/certs/ca-certificates.crt symlink for Ubuntu compatibility"
This reverts commit 10133f0b5b.

See discussion at https://github.com/NixOS/nixos/pull/224
2013-08-18 17:46:07 +02:00
Bjørn Forsman
10133f0b5b Add /etc/ssl/certs/ca-certificates.crt symlink for Ubuntu compatibility
NixOS and Fedora uses .../ca-bundle.crt. Ubuntu uses
.../ca-certificates.crt. Add .../ca-certificates.crt symlink to be
compatible with Ubuntu.

Example use case: Bob has a ~/.msmtprc file that he brings over from
Ubuntu. It also works on NixOS.
2013-08-17 13:13:02 +02:00
Bjørn Forsman
7e7a153cd6 libvirtd-service: document that users in "libvirtd" group have access 2013-08-16 21:25:00 +02:00
Rickard Nilsson
d1095e1bd4 Add libvirtd gid 2013-08-16 00:47:21 +02:00
Rickard Nilsson
e36e979d38 networkmanager: Add option for overriding DNS settings
If the option is enabled, the DNS servers from networking.nameservers
will be inserted in /etc/resolv.con and override any DNS servers that
NetworkManager receieves by DHCP, or that is configured manually
in the connection settings.
2013-08-16 00:35:57 +02:00
Bjørn Forsman
f7d11af98a libvirtd-service: give access to users in the "libvirtd" group
Currently only root has access. But with this patch all users in
"libvirtd" group will have access. This is similar to how it's done on
Ubuntu.

Also, add virtualisation.libvirtd.extraConfig option for further
customization of libvirtd.conf.
2013-08-15 21:50:16 +02:00
Eelco Dolstra
2dca8421f9 xfce: Add tango-icon-theme
The Rodent icon theme depends on ("inherits") Tango.
2013-08-15 18:02:55 +02:00
Eelco Dolstra
e6fa5cd8f2 Fix mousepad 2013-08-15 16:37:53 +02:00
Eelco Dolstra
35e2bac069 Remove $mountPoint
I just don't see the reason for setting this globally, given that /mnt
is the default.
2013-08-15 13:22:41 +02:00
Eelco Dolstra
b22e735d2b "with pkgs.lib.types; X" -> types.X 2013-08-15 13:21:49 +02:00
Eelco Dolstra
ec9ae91205 Add more jobs to the "tested" aggregate 2013-08-15 13:20:02 +02:00
Marc Weber
2fcd1195e6 bash: change shell script option types from string to lines
installation-cd-base: export mountPoint=/mnt. This doesn't change the default behavior, but an explicit
mount point specification is cleaner.
2013-08-15 09:28:44 +03:00
Marc Weber
d97ea69a81 systemd: check service.name.Type and service.name.Restart 2013-08-15 09:19:51 +03:00
Eelco Dolstra
1cb8c090e7 Rename ‘members’ to ‘constituents’ 2013-08-15 03:10:11 +02:00
aszlig
93923296a9
i3: Allow to pass a configuration file.
With this it's now possible to directly embed a configuration file
using `services.xserver.windowManager.i3.configFile = path`, which then
will be used instead of the one in the users home directory.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-08-14 17:33:06 +02:00
Eelco Dolstra
047b65dd68 Typo 2013-08-14 03:34:40 +02:00
Eelco Dolstra
5060160634 not-detected.nix: Enable all firmware
Note that since the configuration produced by nixos-hardware-scan
includes not-detected.nix, you get all firmware when following the
regular installation procedure.

Issue #87.
2013-08-14 03:32:28 +02:00
Eelco Dolstra
8db22f747d Enable the Debian firmware package on the installation CD
It's unfree but we already had such firmware on the CD so we're not
worse off.

Issue #87.
2013-08-14 03:29:16 +02:00
Eelco Dolstra
4bc73f3ece Use the Debian firmware package in more places 2013-08-14 03:27:02 +02:00
Eelco Dolstra
14315b81b1 Add /media and /run to the filesystems ignored by updatedb 2013-08-14 03:07:36 +02:00
Eelco Dolstra
ce866184c6 Update the locate database using a systemd service
This makes it easier to update the database manually ("systemctl start
update-locatedb").

Also, use modern module syntax.
2013-08-14 02:58:55 +02:00
Eelco Dolstra
fc2fc63f4c Use the Debian firmware package instead of the Intel-specific ones
The intel-*.nix modules are obsolete (since you can just say
‘hardware.enableAllFirmware = true’, or equivalently,
‘hardware.firmware = [ pkgs.firmwareLinuxNonfree ]’).  But we'll keep
them around for compatibility.
2013-08-14 02:31:43 +02:00
Evgeny Egorochkin
6246d75654 Unbreak iso_efi by feeding it a kernel that exists. 2013-08-12 21:42:45 +03:00
Evgeny Egorochkin
eec1131a0b Merge pull request #216 from ivan/hacking-on-nixos
"Hacking on NixOS": Explain how to use /my/sources with nix-env
2013-08-11 10:35:24 -07:00