cafkafk/nixpkgs
cafkafk/nixpkgs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2
53857 commits 1 branch 0 tags 3.7 GiB
Commit graph

1940 commits

Author SHA1 Message Date
William A. Kennington III
9a11132fe5 nixos/network: Remove debug output in tests 2014-11-30 01:21:37 -08:00
William A. Kennington III
a911f9989c nixos/networkd: Fix macvlan called with null mode 2014-11-30 01:19:54 -08:00
William A. Kennington III
16827ff287 nixos/nfs: Fix Test 2014-11-30 01:14:57 -08:00
William A. Kennington III
66f45268ab nixos/networking: Improve service ordering 2014-11-29 22:47:04 -08:00
William A. Kennington III
7ecb084b77 nixos/networking: More fixes 2014-11-29 22:35:03 -08:00
William A. Kennington III
bcfe7b2200 Merge pull request #5043 from wkennington/master.networkd 
nixos/networking: Revamp networking configuration and add an experimental networkd option.
 2014-11-29 19:59:31 -08:00
William A. Kennington III
a403379b88 nixos/tests: Add networking tests for basic functionality 2014-11-29 19:53:37 -08:00
Jaka Hudoklin
20487919b2 nixos/kubernetes: try to fix test by incrising memory size 2014-11-30 01:36:10 +01:00
Jaka Hudoklin
04cfe045eb nixos: run etcd, docker-registry and kubernetes tests only on supported platforms 2014-11-30 01:33:25 +01:00
aszlig
3e49487c1a
virtualbox: Enable hardening by default. 
VirtualBox with hardening support requires the main binaries to be
setuid root. Using VBOX_WITH_RUNPATH, we ensure that the RPATHs are
pointing to the libexec directory and we also need to unset
VBOX_WITH_ORIGIN to make sure that the build system is actually setting
those RPATHs.

The hardened.patch implements two things:

 * Set the binary directory to the setuid-wrappers dir so that
   VboxSVC calls them instead of the binaries from the store path. The
   reason behind this is because nothing in the Nix store can have the
   setuid flag.
 * Excempt /nix/store from the group permission check, because while it
   is group-writeable indeed it also has the sticky bit set (and also
   the whole store is mounted read-only on most NixOS systems), so we're
   checking on that as well.

Right now, the hardened.patch uses /nix/store and /var/setuid-wrappers
directly, so someone would ever want to change those on a NixOS system,
please provide a patch to set those paths on build time. However, for
simplicity, it's best to do it when we _really_ need it.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
 2014-11-29 19:21:46 +01:00
Jaka Hudoklin
8c766dcc90 nixos/kubernetes: fix user id 2014-11-29 16:46:39 +01:00
Jaka Hudoklin
bd32da69bc Merge pull request #5088 from offlinehacker/nixos/kubernetes 
nixos: add kubernetes module
 2014-11-29 16:44:42 +01:00
Jaka Hudoklin
2b261c1edf nixos: add kubernetes module 2014-11-29 02:27:17 +01:00
aszlig
c37611f3e5
nixos: Use vendor zones instead of N.pool.ntp.org. 
Closes #4824, thanks to @abh for processing my stupidity.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
 2014-11-28 19:37:03 +01:00
William A. Kennington III
299b59d1c4 nixos/network-interfaces: More fixes 2014-11-27 22:54:01 -08:00
Domen Kožar
28a1af6e06 fix printing test 2014-11-27 20:01:18 +01:00
Domen Kožar
b4cedc7965 nixos: reverse logic in nixos interactive tests documentation 2014-11-27 20:01:18 +01:00
aszlig
2249474632
nixos/sshd: Fix build if knownHosts is empty. 
Introduced by 77ff279f27.

Build failure: https://headcounter.org/hydra/build/583158/nixlog/5/raw

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
 2014-11-27 19:03:41 +01:00
aszlig
14f09e01c1
nixos: Add enable option for programs/virtualbox. 
We will simply rename the previous module and add a warning whenever the
module is included directly, pointing the user to the right option and
also enable it as well (in case somebody has missed the option and is
wondering why VirtualBox doesn't work anymore).

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
 2014-11-27 18:42:22 +01:00
aszlig
444987193e
nixos: Rename virtualbox to virtualboxGuest. 
Especially new users could be confused by this, so we're now marking
services.virtualbox.enable as obsolete and defaulting to
services.virtualboxGuest.enable instead. I believe this now makes it
clear, that this option is for guest additions only.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
 2014-11-27 18:42:22 +01:00
Rickard Nilsson
77ff279f27 nixos/services.openssh: Allow knownHost keys to have multiple lines. 
Useful for adding several public keys of different types for the same host.
 2014-11-27 18:40:21 +01:00
Eelco Dolstra
e7cd18e907 Don't set $MANPATH 
The default is derived automatically from $PATH, so it's in fact
better *not* to set it.
 2014-11-27 17:36:46 +01:00
wmertens
45c1b9147f Merge pull request #5130 from wmertens/git-ssl-env 
Let git use $SSL_CERT_FILE
 2014-11-27 13:24:08 +01:00
Domen Kožar
91bdca38a0 NetworkManager.service -> network-manager.service 2014-11-27 12:10:20 +01:00
William A. Kennington III
fbe9ac05d3 nixos/network-interfaces: Add maclvan support 2014-11-26 16:29:24 -08:00
William A. Kennington III
1860ee27b0 nixos/networking: Fixes 2014-11-26 16:29:24 -08:00
Matej Cotman
084fb3a0d3 e18: remove old desktop manager 2014-11-26 21:44:23 +01:00
Matej Cotman
959946a5af e17: remove old desktop manager 2014-11-26 21:44:23 +01:00
William A. Kennington III
4f2a041345 nixos/network-interfaces: Make it clear that networkd is experimental 2014-11-26 11:22:03 -08:00
William A. Kennington III
2c42738231 nixos/network-interfaces: Refactor scripts for reliability and dependency removal 2014-11-26 11:22:03 -08:00
William A. Kennington III
c417012c1b nixos/dhcpcd: Respect per interface dhcp options 2014-11-26 11:22:03 -08:00
William A. Kennington III
7005e289da nixos/network-interfaces: Promote secondary addresses when primary addresses expire 2014-11-26 11:22:03 -08:00
William A. Kennington III
c7d46687c5 nixos/network-interfaces: Support mac address and mtu universally 2014-11-26 11:22:03 -08:00
William A. Kennington III
2057d9087f nixos: Support network-online target in addition to ip-up 2014-11-26 11:22:03 -08:00
William A. Kennington III
0626c1ecf0 nixos/systemd: ip-up and network-online targets should come after networkd-wait-online 2014-11-26 11:22:02 -08:00
William A. Kennington III
c234e7b115 nixos/networking: Rebuild resolvconf during activation 
This is needed when /etc/resolv.conf is being overriden by networkd
and other configurations. If the file is destroyed by an environment
activation then it must be rebuilt so that applications which interface
with /etc/resolv.conf directly don't break.
 2014-11-26 11:22:02 -08:00
William A. Kennington III
8cffa37787 networkd: Support Host Resolvconf 2014-11-26 11:22:02 -08:00
William A. Kennington III
295a17f872 nixos/network-interfaces-scripted: Fix network-setup triggering 2014-11-26 11:22:02 -08:00
William A. Kennington III
59f512ef7d nixos/network-interfaces: Provide a networkd implementation 2014-11-26 11:22:02 -08:00
William A. Kennington III
045132a9b0 systemd-network: Add assertions for user clarity 2014-11-26 11:22:02 -08:00
William A. Kennington III
a332c4eac5 systemd: Enable more network services 2014-11-26 11:22:02 -08:00
William A. Kennington III
08e74f2791 systemd: Add ability to define networks 2014-11-26 11:22:02 -08:00
Igor Pashev
1dd53cc990 Mediawiki: updated for Apache 2.4 2014-11-26 16:51:30 +01:00
Wout Mertens
72b81cf8bb Remove unnecessary $GIT_SSL_CAINFO from sys env 2014-11-26 00:30:07 +01:00
Eelco Dolstra
dd2dedafa3 Style fixes 2014-11-25 16:01:27 +01:00
Igor Pashev
4c33004e1f Added strongSwan service 2014-11-25 15:29:34 +01:00
Aristid Breitkreuz
82f2be6a26 containers: add test that stopping and starting a container works (#4989) 2014-11-24 23:19:34 +01:00
Vladimír Čunát
d39c6ceffc nvidia_x11: current long-lived becomes a new legacy 
CC: #5070.
 2014-11-24 22:39:00 +01:00
cillianderoiste
04d62f6643 Merge pull request #5006 from daogames/este/customgitoliteuser 
enable different useraccount name for gitolite user
 2014-11-24 22:03:20 +01:00
William A. Kennington III
f83aa6c0ea nixos/unifi: Properly depend on mountpoints 2014-11-24 12:40:07 -08:00