Commit graph

2162 commits

Author SHA1 Message Date
Eelco Dolstra
997531d172 Document screen incompatibility 2014-12-15 19:55:37 +01:00
aszlig
8bbf1dc80e
nixos/tests/virtualbox: Improve logging.
This also makes showvminfo obsolete, as we get the same information from
the hosts log.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-12-15 19:17:38 +01:00
aszlig
d85fabd68c
nixos/virtualbox/hostonlyif: Fix writing to /root.
Creates unnecessary cruft in the root users home directory, which we
really don't need. Except the log, but therefore we now cat the log to
stderr and the private temporary directory is cleaned up afterwards.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-12-15 19:16:43 +01:00
Sven Keidel
7199db8aab disable verbose logging for XServer, fixes #4333
The current options for the XServer produce a huge amount of log messages. The
server produces around 70-80 messages per minute. The most messages look like
this:

display-manager-start[1846]: GetModeLine - scrn: 0 clock: 75200
display-manager-start[1846]: GetModeLine - hdsp: 1366 hbeg: 1414 hend: 1478 httl: 1582
display-manager-start[1846]: vdsp: 768 vbeg: 772 vend: 779 vttl: 792 flags: 9

Since theses messages aren't very useful, I propose to remove the `-logverbose`
and `-verbose` options from the XServer arguments.
2014-12-15 18:59:49 +01:00
aszlig
5d67b17901
nixos/virtualbox: Disable hardening for now.
This should display a big fat warning that people can hardly miss until
we have fixed the issues with the host-only-interfaces that persist when
hardining is enabled.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-12-15 18:53:41 +01:00
aszlig
9bf16a9c33
nixos/tests/virtualbox: Add test for hostonlyif.
Essentially adds two more VirtualBox VMs to the test and also increases
the memory size of the qemu VM to 768 MB to make sure we don't run out
of memory too soon.

We're testing whether those two VMs can talk to either each other
(currently via ICMP only) or to/from the host via TCP/IP.

Also, this restructures the VM test a bit, so that we now pass in a
custom stage2Init script that has access to the store via a private
mount over the /nix/store that's already in the initrd. The reason why
this is a private mount is that we don't want to shadow the Nix store of
the initrd, essentially breaking cleanup functionality after the custom
stage 2 script (currently this is only "poweroff -f").

Note that setting the hostname inside the VirtualBox VM is *not* for
additional fanciness but to produce a different store path for the VM
image, so that VirtualBox doesn't bail out when trying to use an image
which is already attached to another VM.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-12-15 17:52:20 +01:00
aszlig
245baeb2f6
nixos/virtualbox: Note about "vboxusers" group.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-12-15 17:52:19 +01:00
aszlig
e03e0ff42a
nixos/virtualbox: Allow to disable hardening.
Hardening mode in VirtualBox is quite restrictive and on some systems it
could make sense to disable hardening mode, especially while we still
have issues with hostonly networking and other issues[TM] we don't know
or haven't tested yet.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-12-15 17:52:18 +01:00
aszlig
77831e8467
nixos/tests/virtualbox: Generalize expression.
We're going to create more than one VirtualBox VM, so let's dynamically
generate subs specific to a particular VirtualBox VM, merging everything
into the testScript and machine expressions.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-12-15 17:52:16 +01:00
Eelco Dolstra
bed675f400 nixos-generate-config: Don't emit networking.hostId
Systemd already generates /etc/machine-id. So there is no need to
generate another unique host identifer.
2014-12-15 17:03:28 +01:00
Eelco Dolstra
0d3a229baa nixos-generate-config: Add time zone 2014-12-15 16:55:03 +01:00
Peter Simons
60f21f983f nixos/doc/manual/release-notes/rl-1412.xml: document change of default time zone
https://github.com/NixOS/nixpkgs/pull/5332
2014-12-15 16:38:04 +01:00
Peter Simons
0f2b026bfe nixos/modules/system/boot/luksroot.nix: hyperlinkify an URL in the documentation 2014-12-15 16:31:18 +01:00
Peter Simons
137ffc9929 Switch default timezone in NixOS from "CET" to "UTC".
Suggested in https://github.com/NixOS/nixpkgs/pull/5332.
2014-12-15 16:31:18 +01:00
Eelco Dolstra
88412c865d Fix ANSI escape in warning messages
Seems to have been broken by accident in 7d1ddae58e.
2014-12-15 16:19:35 +01:00
Thomas Tuegel
32e41c2280 nixos: fix config.fonts.fontconfig.ultimate.allowBitmaps
The option was incorrectly negated, so that 'allowBitmaps = true'
actually disabled bitmap fonts.
2014-12-15 09:16:40 -06:00
Rob Vermaas
b48e41b8d7 cron: make into systemd.service and make it depend on /etc/localtime
so that changes in timezone will trigger a restart of cron service.
2014-12-15 14:50:12 +01:00
Eelco Dolstra
cfe26e4438 Fix using Apache httpd 2.2 2014-12-15 13:13:17 +01:00
wmertens
d3d38c38c5 Merge pull request #5326 from prikhi/refactor-psd-config
profile-sync-daemon: refactor nixos module
2014-12-14 19:38:31 +01:00
Domen Kožar
3d74b38101 add chromium test to the tested job
(cherry picked from commit fa4e45f20cc7049ed99fd81d96fc1f67b2a870f6)
Signed-off-by: Domen Kožar <domen@dev.si>
2014-12-14 13:47:19 +01:00
Domen Kožar
d62d45642c fix quake3 test
(cherry picked from commit fde7e1286e42a394328e56be36168942be94a578)
Signed-off-by: Domen Kožar <domen@dev.si>
2014-12-14 13:47:19 +01:00
Domen Kožar
a7bcba42c5 Merge pull request #5328 from paraseba/master
Fix networkmanager resumeCommands
2014-12-14 13:09:15 +01:00
Jaka Hudoklin
ca32d20d6e nixos/gitlab: enable tests in release 2014-12-14 13:05:35 +01:00
Jaka Hudoklin
6ae50a4cc6 nixos/kubernetes: fix test, make more deterministic by having more ram 2014-12-14 13:05:35 +01:00
Sebastián Bernardo Galkin
aba0d8a73d Fix networkmanager resumeCommands
Small typo prevented the post resume script to restart network manager
2014-12-14 03:46:54 -08:00
Domen Kožar
5d9b24e1ec typo
(cherry picked from commit ad4e371acf5104ecf6a309ca8f974c7147ba1843)
Signed-off-by: Domen Kožar <domen@dev.si>
2014-12-14 11:29:09 +01:00
Domen Kožar
48a282b913 http://nixos.org -> https://nixos.org
(cherry picked from commit 78bb17dd22e4da4e3810fbc78185d73bb25ea73e)
Signed-off-by: Domen Kožar <domen@dev.si>
2014-12-14 11:26:45 +01:00
Domen Kožar
ba5fad6dfa Merge pull request #5323 from offlinehacker/gitlab_i686_fix
gitlab: fix i686-linux build and module
2014-12-14 09:48:44 +01:00
Pavan Rikhi
25da0e2518 profile-sync-daemon: refactor module 2014-12-14 00:45:08 -05:00
Jaka Hudoklin
bbc44bf0da nixos/gitlab: imporove tests 2014-12-14 02:30:13 +01:00
Jaka Hudoklin
90683792aa gitlab: fix i686-linux build and module
It turns out that installing therubytracer, with dependency on old v8, even
when using source libv8 version is problematic.
(see
http://stackoverflow.com/questions/21666379/problems-installing-gitlab-on-odroid-v8-lib-not-available).

But wait, rails does not even need therubytracer, just any kind of javascript
server side execution framework like nodejs. Well just use that, as also
suggested from different internet sources (look link above), it works just
fine.
2014-12-14 02:24:12 +01:00
Pavan Rikhi
0df1c05f71 Add the Profile Sync Daemon Package & NixOS Module 2014-12-13 09:24:12 -05:00
aszlig
69858d7743
nixos: Add VM test for VirtualBox.
Currently it pretty much tests starting up virtual machines and just
shutting down afterwards, but for both VBoxManage and the VirtualBox
GUI.

This helps catching errors in hardened mode, however we still need to
test whether networking works the way intended (and I fear that this is
broken at the moment).

The VirtualBox VM is _not_ using hardware virtualization support (thus
we use system = "i686-linux", because x86_64 has no emulation support),
because we're already within a qemu VM, which means it's going to be
slow as hell (that's why I've written own subs just for testing
startup/shutdown/whatnot with respective timeouts).

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-12-13 11:43:44 +01:00
aszlig
0d71ec8a6e
nixos/virtualbox: Fix setuid wrappers.
We only need to have setuid-root wrappers for VBox{Headless,SDL} and
VirtualBox, otherwise VBoxManage will run as root and NOT drop
privileges!

Fixes #5283.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-12-13 07:52:19 +01:00
Jaka Hudoklin
d8ee91cb54 nixos: container profile, fix a few things 2014-12-12 20:28:01 +01:00
Jaka Hudoklin
13e58784bf nixos/gitlab: fixes
- fix timezone data not found
- fix module, add simple test
- allow to set port
2014-12-12 18:01:31 +01:00
Thomas Hunger
59995e168c nixos: Add gitlab and gitlab-shell
I had to make several adjustments to make it work with nixos:

* Replace relative config file lookups with ENV variable.
* Modify gitlab-shell to not clear then environment when running
  pre-receive.
* Modify gitlab-shell to write some environment variables into
  the .authorized_keys file to make sure gitlab-shell reads the
  correct config file.
* Log unicorn output to syslog.
  I tried various ways of adding a syslog package but the bundler would
  not pick them up. Please fix in a better way if possible.
* Gitlab-runner program wrapper.
  This is useful to run e.g. backups etc. with the correct
  environment set up.
2014-12-12 18:01:29 +01:00
Vladimír Čunát
3bcd3ed017 nixos: check resumeDevice is absolute path and document
Fixes #5219 after merging #4995.

(cherry picked from commit 0681d61c3730c686548df3af9a7dc1a59abaf371)
Signed-off-by: Domen Kožar <domen@dev.si>
2014-12-12 11:11:57 +01:00
Eelco Dolstra
8bb494c170 Get rid of a warning about dbus in the activation script 2014-12-12 10:45:37 +01:00
aszlig
cf7f15c92c
nixos-install: Pass CA cert bundle to chroot.
Since we're using HTTPS for the binary cache (introduced in faf0797) by
default, the binary cache should also be available during installation.

The file that is defined in SSL_CERT_FILE outside of the chroot is
copied over to /tmp/ca-cert.crt inside the chroot, so we have an
absolute path we can reference during nixos-install. However, this might
end up with the file not being cleaned up properly from outside of the
store, but neither would be /tmp/root so the cleanup issue needs to be
solved in another place (or commit to be more exact).

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-12-12 03:03:14 +01:00
Jaka Hudoklin
f2e20fa837 nixos: container profile, update /init symlink on rebuild 2014-12-12 02:55:23 +01:00
ambrop7@gmail.com
65393ca8d3 virtualbox: Unbreak the nixos module. 2014-12-12 00:16:33 +01:00
Jaka Hudoklin
e1383d0833 Merge pull request #5300 from ambrop72/virtualbox-network-interface
virtualbox: Allow disabling the network interface.
2014-12-11 23:51:52 +01:00
lethalman
786a0c92c6 Merge pull request #5299 from bjornfor/gnome-enable-mtp-support
nixos/gnome: enable MTP support in gvfs
2014-12-11 23:41:05 +01:00
Jaka Hudoklin
91961c2a32 nixos/mesos: fix typo 2014-12-11 23:35:39 +01:00
ambrop7@gmail.com
9fa2c35ec8 virtualbox: Allow disabling the network interface.
The current nixos module for VirtualBox unconditionally configures a vboxnet0
network interface at boot. This may be undesired, especially when the user wants
to manage network interfaces in a centralized manner.
2014-12-11 23:35:03 +01:00
Jaka Hudoklin
4be1089781 nixos: move kubernetes & fleet to services/cluster 2014-12-11 23:32:37 +01:00
Jaka Hudoklin
5dac2ec412 Merge pull request #5297 from fmapfmapfmap/tor-extra-config
Tor module: append redundant specifications of 'extraConfig', via 'types.lines'.
2014-12-11 23:22:52 +01:00
Jaka Hudoklin
deb28cf0b1 nixos: container tarball release
- Create container nixos profile
- Create lxc-container nixos config using container nixos profile
- Docker nixos image, use nixos profile for its base config
2014-12-11 23:17:27 +01:00
Jaka Hudoklin
a782b890d5 nixos/make-system-tarball: extra commands to be executed before archive 2014-12-11 23:17:27 +01:00
Bjørn Forsman
f3a46c3858 nixos/gnome: enable MTP support in gvfs
To support browsing files on Android phones in Nautilus (and other GVFS
based file browsers).
2014-12-11 23:13:39 +01:00
vi
c005dc0e6b Tor module: append redundant specifications of 'extraConfig', via 'types.lines'. 2014-12-11 14:23:48 +00:00
Shea Levy
10751129d0 Don't require forcing utils to get to lib 2014-12-10 19:28:45 -05:00
Eelco Dolstra
4d918cb6c7 php-5.3: Remove
PHP 5.3 is EOL (see http://php.net/supported-versions.php). NixOS
14.12 is a good opportunity to drop it.
2014-12-10 17:19:37 +01:00
Eelco Dolstra
df1f751f03 Rename release notes 2014-12-10 17:19:37 +01:00
Domen Kožar
0ec12d53e6 tcpcrypt: 2011.07.22 -> 0.3rc1, fix nixos service 2014-12-10 10:23:46 +01:00
Austin Seipp
42e4e64577 Merge pull request #5276 from abbradar/nginx-types
nixos/nginx: add more types
2014-12-09 19:48:04 -06:00
Nikolay Amiantov
d0773dae54 nixos/nginx: add more types 2014-12-10 04:45:10 +03:00
Eelco Dolstra
faf0797c0c Use https://cache.nixos.org 2014-12-09 13:38:46 +01:00
Domen Kožar
45ec582372 nixos.tests.bittorrent: mark torrent as private
Hopefully that resolves transient errors with DHT
such as http://hydra.nixos.org/build/17784957
2014-12-09 12:08:58 +01:00
William A. Kennington III
c17eb7f0e6 nixos/consul: Make service definition more sane 2014-12-09 02:24:36 -08:00
Thomas Tuegel
9707ffd973 nixos: let fontconfig default fonts be lists of fonts 2014-12-08 10:55:24 -06:00
Thomas Tuegel
57ba2093bf Replace Bitstream Vera fonts by DejaVu in defaults
The default configuration installed the Bitstream Vera fonts, but DejaVu
is a superior replacement, and the default Fontconfig settings need it
now for the generic faces monospace, sans-serif, and serif.
2014-12-08 10:55:24 -06:00
Thomas Tuegel
c00c563c66 Add NixOS module for fontconfig-ultimate
Details:
* The option `fonts.fontconfig.ultimate.enable` can be used to disable
  the fontconfig-ultimate configuration.
* The user-configurable options provided by fontconfig-ultimate are
  exposed in the NixOS module: `allowBitmaps` (default: true),
  `allowType1` (default: false), `useEmbeddedBitmaps` (default: false),
  `forceAutohint` (default: false), `renderMonoTTFAsBitmap` (default:
  false).
* Upstream provides three substitution modes for substituting TrueType
  fonts for Type 1 fonts (which do not render well). The default,
  "free", substitutes free fonts for Type 1 fonts. The option "ms"
  substitutions Microsoft fonts for Type 1 fonts. The option "combi"
  uses a combination of Microsoft and free fonts. Substitutions can also
  be disabled.
* All 21 of the Infinality rendering modes supported by fontconfig-ultimate
  or by the original Infinality distribution can be selected through
  `fonts.fontconfig.ultimate.rendering`. The default is the medium style
  provided by fontconfig-ultimate. Any of the modes may be customized,
  or Infinality rendering can be disabled entirely.
2014-12-08 10:55:24 -06:00
Thomas Tuegel
8991ff7ceb Load default Fontconfig settings into Xresources for Xft 2014-12-08 10:55:24 -06:00
Thomas Tuegel
1df1305a8a Rewrite Fontconfig NixOS module
Details:
* The option `fonts.enableFontConfig` has (finally) been renamed
  `fonts.fontconfig.enable`.
* Configurations are loaded in this order: first the Fontconfig-upstream
  configuration is loaded, then the NixOS-specific font directories are
  set, the system-wide default configuration is loaded, and finally the
  user configuration is loaded (if enabled).
* The NixOS options `fonts.fontconfig.defaultFonts.monospace`,
  `fonts.fontconfig.defaultFonts.sansSerif` and
  `fonts.fontconfig.defaultFonts.serif` are added to allow setting the
  default system-wide font used for these generic faces. The defaults
  are the appropriate faces from the DejaVu collection because of their
  comprehensive Unicode coverage, clean rendering, and excellent
  legibility.
* The NixOS option `fonts.fontconfig.antialias` can be used to disable
  antialiasing (it is enabled by default).
* The options `fonts.fontconfig.subpixel.rgba` and
  `fonts.fontconfig.subpixel.lcdfilter` control the system-wide default
  settings for subpixel order and LCD filtering algorithm,
  respectively.
* `fonts.fontconfig.hinting.enable` can be used to disable TrueType font
  hinting (it is enabled by default).
  `fonts.fontconfig.hinting.autohint` controls the FreeType autohinter.
  `fonts.fontconfig.hinting.style` controls the hint style; it is "full"
  by default.
* User configurations can be disabled system-wide by setting
  `fonts.fontconfig.includeUserConf = false`. They are enabled by
  default so users can set Fontconfig options in the desktop environment
  of their choice.
2014-12-08 10:55:23 -06:00
Jaka Hudoklin
c821f239a3 nixos/fleet: fix typo 2014-12-08 13:30:45 +01:00
Jaka Hudoklin
743b47579b nixos/fleet: enable etcd and docker by default 2014-12-08 13:07:12 +01:00
Domen Kožar
ee8e15fe76 enable bash autocomplete by default 2014-12-08 12:06:02 +01:00
Jaka Hudoklin
4a993dc409 Merge pull request #5255 from offlinehacker/nixos/fleet
nixos: add fleet module
2014-12-08 02:49:42 +01:00
Jaka Hudoklin
b7092dc95c nixos: add fleet module 2014-12-07 21:52:52 +01:00
Jaka Hudoklin
8bb6fdc4f9 nixos/systemd: ignore null environment options 2014-12-07 21:44:20 +01:00
Emery Hemingway
f30748a7cd nixos: configure samba and rsync shares with sets 2014-12-07 15:42:22 -05:00
Domen Kožar
07ce825a4e installer tests: don't rely on swap.target until systemd bug is fixed 2014-12-07 20:58:48 +01:00
cillianderoiste
9c90498b1f Update obtaining.xml
Avoid pointing to the wiki for the default installation method (which points back to the manual anyway). Use more words.
2014-12-07 14:38:54 +01:00
Jaka Hudoklin
1b8516b498 nixos/kubernetes: fix tests 2014-12-07 12:49:06 +01:00
Bjørn Forsman
f85ad2d378 nfs-utils: align attrname with pkgname
nfsUtils => nfs-utils. Keep copy of old attribute for backward
compatibility.
2014-12-06 17:01:05 +01:00
Austin Seipp
bc10c92377 nixos: overhaul Tor module
This overhauls the Tor module in a few ways:

  - Uses systemd service files, including hardening/config checks
  - Removed old privoxy support; users should use the Tor Browser
    instead.
  - Remove 'fast' circuit/SOCKS port; most users don't care (and it adds
    added complexity and confusion)
  - Added support for bandwidth accounting
  - Removed old relay listenAddress option; taken over by portSpec
  - Formatting, description, code cleanups.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-12-06 05:01:08 -06:00
Austin Seipp
e5e8efc1f4 nixos: rewrite torsocks module
Rather than trying to override the 'torsocks' executable in $PATH, the
new module instead properly configures `/etc/tor/torsocks.conf` and puts
the normal `torsocks` executable in $PATH so it can work out of the box.

As a bonus, I think this module actually works now, because the torsocks
configuration has changed a lot from when this was written, it seems...

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-12-06 05:00:27 -06:00
Austin Seipp
1b26faeb69 nixos: Remove torify module
'torify' now ships with the tor bundle itself; and using torsocks is
recommended over tsocks (torify will use torsocks automatically.)

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-12-06 05:00:26 -06:00
William A. Kennington III
8297e09d78 nixos/synergy: Don't generate units unecessarily 2014-12-05 12:12:17 -08:00
William A. Kennington III
159af942d5 nixos/unifi: Ensure stateDir is mounted before proceeding 2014-12-05 12:12:17 -08:00
Domen Kožar
226d209d97 fix installer tests 2014-12-05 18:31:30 +01:00
Luca Bruno
cbd30b2bde Merge PR #5235, fix predictable network interfaces 2014-12-05 17:33:23 +01:00
Tino Breddin
ee0f81de5e Fix filename for udev network interface rules
From http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/

You disable the assignment of fixed names, so that the unpredictable
kernel names are used again. For this, simply mask udev's rule file for
the default policy: ln -s /dev/null
/etc/udev/rules.d/80-net-setup-link.rules (since v209: this file was
called 80-net-name-slot.rules in release v197 through v208)
2014-12-05 17:32:36 +01:00
William A. Kennington III
6ad032ed93 nixos/installer: Fix swap device override 2014-12-04 13:34:35 -08:00
Emery Hemingway
e69f876cca nixos: iPXE client for GRUB
fix bug in grub/install-grub.pl that would replace @bootRoot@ with an invalid string
2014-12-04 12:03:10 +01:00
William A. Kennington III
82f59e8c69 nixos/installer: Override swap devices so tests don't fail
This patch should be reverted if either:
  - systemd fixes the multi-swapon issue.
    https://bugs.freedesktop.org/show_bug.cgi?id=86930
  - If we disable the autogeneration of swap and vfat units within
    systemd.
2014-12-03 15:43:48 -08:00
Georges Dubus
2a7808138d whitespace change to restart kde4 test 2014-12-03 17:18:33 +01:00
Thomas Tuegel
f7c27885d0 Add iwlegacy firmware for old Intel wireless cards 2014-12-03 10:10:00 -06:00
Jaka Hudoklin
099eabb490 nixos: add chronos service 2014-12-03 15:49:14 +01:00
Jaka Hudoklin
665cc41e5c nixos/peerflix: fix enable option description 2014-12-03 15:13:50 +01:00
Georges Dubus
9889f1b545 Added the cloud-init service 2014-12-03 13:22:13 +01:00
Domen Kožar
7a140096e0 whitespace change for kde4 test to force rebuild :( 2014-12-03 12:31:10 +01:00
Domen Kožar
55cf272c19 fixes #5198 2014-12-02 12:59:14 +01:00
Jaka Hudoklin
a0cf449fa5 mesos: add docker support 2014-12-02 12:22:12 +01:00
Luca Bruno
41cb91a4fd Revert "Merge pull request #5184 from daogames/tb/fix-systemd-udev-net-rules"
This reverts commit ddeee82b31, reversing
changes made to 75ead8812b.
2014-12-02 10:54:48 +01:00
lethalman
ddeee82b31 Merge pull request #5184 from daogames/tb/fix-systemd-udev-net-rules
Fix filename for udev network interface rules
2014-12-02 10:50:16 +01:00
William A. Kennington III
75ead8812b nixos/tests: Fix nfs 2014-12-02 01:34:20 -08:00
William A. Kennington III
8a94c06595 nixos: Add network-pre.target and adjust firewall start ordering 2014-12-01 17:19:44 -08:00
William A. Kennington III
2b06a92c2a nixos/nfs: Fix dependency ordering 2014-12-01 17:19:44 -08:00
William A. Kennington III
1716c12b54 iwlwifi: Split into separate package with more up to date firmware 2014-12-01 16:25:20 -08:00
wmertens
3cecef15d7 Revert $GIT_SSL_CAINFO removal
Users have an older git in their user environment and it doesn't work without it. We should keep it around for a while.
2014-12-01 23:07:50 +01:00
Jaka Hudoklin
40d73c5eb7 nixos/docker: fix module, add simple test 2014-12-01 17:20:35 +01:00
Jaka Hudoklin
4fe3e44645 nixos/mesos: restart on failure 2014-12-01 16:57:56 +01:00
Jaka Hudoklin
827ad85a1e nixos/mesos: convert quorum to string 2014-12-01 16:57:17 +01:00
Jaka Hudoklin
5fa87a9df7 nixos/peerflix: add test to release.nix 2014-12-01 16:45:38 +01:00
Jaka Hudoklin
3424ded286 nixos: add peerflix module 2014-12-01 16:42:40 +01:00
William A. Kennington III
1c04e69bce nixos/networking: Fix more harmless errors 2014-12-01 01:18:32 -08:00
Tino Breddin
d0327c052c Fix filename for udev network interface rules
From http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/

You disable the assignment of fixed names, so that the unpredictable
kernel names are used again. For this, simply mask udev's rule file for
the default policy: ln -s /dev/null
/etc/udev/rules.d/80-net-setup-link.rules (since v209: this file was
called 80-net-name-slot.rules in release v197 through v208)
2014-12-01 09:32:41 +01:00
Domen Kožar
1ad22e8c55 Merge pull request #5189 from NixOS/almir
almir: pin the sqlalchemy version used by zope.sqlalchemy to 8
2014-11-30 17:23:53 +01:00
Luca Bruno
93fcefe126 nixos/tests: add networking-proxy.nix to release 2014-11-30 15:22:12 +01:00
Antoine R. Dumont
da47d6bd59 Improve readability - from https://github.com/NixOS/nixpkgs/pull/5058#discussion_r21043552 2014-11-30 15:19:30 +01:00
Antoine R. Dumont
e54f9ffcf4 Ensure nix-daemon sees the proxy defined options
(Not sure about this one)

Here are the incomplete and a little contradictory discussions about
it (or at least my interpretations of them):

- https://github.com/NixOS/nixpkgs/pull/5058#discussion_r20830855
- https://github.com/NixOS/nixpkgs/pull/5058#discussion_r21043552

cc @edolstra @wmertens

What did I get wrong?
2014-11-30 15:19:30 +01:00
Antoine R. Dumont
3c7e779602 Introduce a dedicated networking.proxy option
Following the discussion NixOS#5021:
- obsolete the nix.proxy option
- add the networking.proxy option
- open a default no_proxy environment variable
- add a rsync option
- Manual tests ok.
- Automatic tests ok.

Amended by lethalman to simplify the option descriptions.
2014-11-30 15:19:25 +01:00
William A. Kennington III
74ed5eee41 nixos/network: Fix typo 2014-11-30 05:16:07 -08:00
William A. Kennington III
47d3db5c30 nixos/network: Only check slave interfaces which are configured 2014-11-30 05:12:49 -08:00
William A. Kennington III
01332149d4 nixos/networkd: Fix dhcp being enabled when it should be disabled 2014-11-30 04:46:59 -08:00
Cillian de Róiste
1d5aecd356 Almir module: set a working default sqlalchemy_engine_url 2014-11-30 13:11:55 +01:00
Arseniy Seroka
f8e1087209 Merge pull request #5121 from coreyoconnor/primus-upstream
Add primus and extend bumblebee to support 32bit/64bit multilib
2014-11-30 13:23:30 +03:00
William A. Kennington III
4b9c5ebee6 nixos/networking: Fix dependencies for macvlan which should be on bridges 2014-11-30 01:25:09 -08:00
William A. Kennington III
9a11132fe5 nixos/network: Remove debug output in tests 2014-11-30 01:21:37 -08:00
William A. Kennington III
a911f9989c nixos/networkd: Fix macvlan called with null mode 2014-11-30 01:19:54 -08:00
William A. Kennington III
16827ff287 nixos/nfs: Fix Test 2014-11-30 01:14:57 -08:00
William A. Kennington III
66f45268ab nixos/networking: Improve service ordering 2014-11-29 22:47:04 -08:00
William A. Kennington III
7ecb084b77 nixos/networking: More fixes 2014-11-29 22:35:03 -08:00
William A. Kennington III
bcfe7b2200 Merge pull request #5043 from wkennington/master.networkd
nixos/networking: Revamp networking configuration and add an experimental networkd option.
2014-11-29 19:59:31 -08:00
William A. Kennington III
a403379b88 nixos/tests: Add networking tests for basic functionality 2014-11-29 19:53:37 -08:00
Corey O'Connor
b2f3e10a35 Add primus and extend bumblebee to support 32bit/64bit multilib architectures.
Using primusrun will work as expected in a multilib environment. Even if the initial program
executes a antoehr program of the another architecture. Assuming the program does not modify
LD_LIBRARY_PATH inappropriately.

This does not update virtualgl for seemless multilib. I was unable to get a mixed 64/32 bit
environment to work with VirtualGL. The mechanism VirtualGL uses to inject the fake GL library would
fail if both 32bit and 64 bit libraries were in the environment. Instead the bumblebee package
creates a optirun32 executable that can be used to run a 32bit executable with optimus on a 64 bit
host. This is not created if the host is 32bit.

For my usage, gaming under wine, the primusrun executable works as expected regardless of
32bit/64bit.
2014-11-29 16:42:00 -08:00
Jaka Hudoklin
20487919b2 nixos/kubernetes: try to fix test by incrising memory size 2014-11-30 01:36:10 +01:00
Jaka Hudoklin
04cfe045eb nixos: run etcd, docker-registry and kubernetes tests only on supported platforms 2014-11-30 01:33:25 +01:00
aszlig
3e49487c1a
virtualbox: Enable hardening by default.
VirtualBox with hardening support requires the main binaries to be
setuid root. Using VBOX_WITH_RUNPATH, we ensure that the RPATHs are
pointing to the libexec directory and we also need to unset
VBOX_WITH_ORIGIN to make sure that the build system is actually setting
those RPATHs.

The hardened.patch implements two things:

 * Set the binary directory to the setuid-wrappers dir so that
   VboxSVC calls them instead of the binaries from the store path. The
   reason behind this is because nothing in the Nix store can have the
   setuid flag.
 * Excempt /nix/store from the group permission check, because while it
   is group-writeable indeed it also has the sticky bit set (and also
   the whole store is mounted read-only on most NixOS systems), so we're
   checking on that as well.

Right now, the hardened.patch uses /nix/store and /var/setuid-wrappers
directly, so someone would ever want to change those on a NixOS system,
please provide a patch to set those paths on build time. However, for
simplicity, it's best to do it when we _really_ need it.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-11-29 19:21:46 +01:00
Jaka Hudoklin
8c766dcc90 nixos/kubernetes: fix user id 2014-11-29 16:46:39 +01:00
Jaka Hudoklin
bd32da69bc Merge pull request #5088 from offlinehacker/nixos/kubernetes
nixos: add kubernetes module
2014-11-29 16:44:42 +01:00
Jaka Hudoklin
2b261c1edf nixos: add kubernetes module 2014-11-29 02:27:17 +01:00
aszlig
c37611f3e5
nixos: Use vendor zones instead of N.pool.ntp.org.
Closes #4824, thanks to @abh for processing my stupidity.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-11-28 19:37:03 +01:00
William A. Kennington III
299b59d1c4 nixos/network-interfaces: More fixes 2014-11-27 22:54:01 -08:00
Domen Kožar
28a1af6e06 fix printing test 2014-11-27 20:01:18 +01:00
Domen Kožar
b4cedc7965 nixos: reverse logic in nixos interactive tests documentation 2014-11-27 20:01:18 +01:00
aszlig
2249474632
nixos/sshd: Fix build if knownHosts is empty.
Introduced by 77ff279f27.

Build failure: https://headcounter.org/hydra/build/583158/nixlog/5/raw

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-11-27 19:03:41 +01:00
aszlig
14f09e01c1
nixos: Add enable option for programs/virtualbox.
We will simply rename the previous module and add a warning whenever the
module is included directly, pointing the user to the right option and
also enable it as well (in case somebody has missed the option and is
wondering why VirtualBox doesn't work anymore).

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-11-27 18:42:22 +01:00
aszlig
444987193e
nixos: Rename virtualbox to virtualboxGuest.
Especially new users could be confused by this, so we're now marking
services.virtualbox.enable as obsolete and defaulting to
services.virtualboxGuest.enable instead. I believe this now makes it
clear, that this option is for guest additions only.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-11-27 18:42:22 +01:00
Rickard Nilsson
77ff279f27 nixos/services.openssh: Allow knownHost keys to have multiple lines.
Useful for adding several public keys of different types for the same host.
2014-11-27 18:40:21 +01:00
Eelco Dolstra
e7cd18e907 Don't set $MANPATH
The default is derived automatically from $PATH, so it's in fact
better *not* to set it.
2014-11-27 17:36:46 +01:00
wmertens
45c1b9147f Merge pull request #5130 from wmertens/git-ssl-env
Let git use $SSL_CERT_FILE
2014-11-27 13:24:08 +01:00
Domen Kožar
91bdca38a0 NetworkManager.service -> network-manager.service 2014-11-27 12:10:20 +01:00
William A. Kennington III
fbe9ac05d3 nixos/network-interfaces: Add maclvan support 2014-11-26 16:29:24 -08:00
William A. Kennington III
1860ee27b0 nixos/networking: Fixes 2014-11-26 16:29:24 -08:00
Matej Cotman
084fb3a0d3 e18: remove old desktop manager 2014-11-26 21:44:23 +01:00
Matej Cotman
959946a5af e17: remove old desktop manager 2014-11-26 21:44:23 +01:00