Commit graph

3068 commits

Author SHA1 Message Date
obadz
a05a340e26 PAM: reorganize the way pam_ecryptfs and pam_mount get their password
Run pam_unix an additional time rather than switching it from sufficient
to required. This fixes a potential security issue for
ecryptfs/pam_mount users as with pam_deny gone, if cfg.unixAuth = False
then it is possible to login without a password.
2015-11-21 21:10:40 +00:00
Peter Simons
2bb705da15 postfix: don't create a symlink inside of /var/spool/mail if /var/mail exists already 2015-11-02 14:33:30 +01:00
Bjørn Forsman
f25b36df3c nixos/jenkins: force .war (re)extraction at start-up
Or else we might run stale Jenkins.
2015-11-02 10:31:13 +01:00
Luca Bruno
ff02152def nixos/postgresql: fix extraPlugins example with a working one 2015-11-01 14:15:43 +01:00
Domen Kožar
581ae33e96 Merge pull request #10107 from ryantm/calibre-server
calibre-server service: init
2015-11-01 09:19:03 +01:00
Ryan Mulligan
922bf3986b calibre-server service: add type to libraryDir option 2015-10-31 14:21:56 -07:00
Benno Fünfstück
d767aae721 sddm module: support autologin configuration 2015-10-31 16:04:52 +01:00
Eelco Dolstra
d9d5c98c56 Add option environment.enableDebugInfo
This makes the debug outputs of packages that have them available to
programs like gdb.
2015-10-30 15:21:16 +01:00
Eelco Dolstra
c20403631d Factor out "man" into a separate module and add "man" outputs to system.path
Fixes #10270.
2015-10-30 15:21:12 +01:00
Eelco Dolstra
58e9440b89 Add option to link additional package outputs into system.path
This is necessary to get stuff like separate manpages, info files,
debug symbols, etc.
2015-10-30 15:21:02 +01:00
Eelco Dolstra
3e732f65cb Remove gnutar man page hack
It's no longer needed since the gnutar package contains a (much more
extensive) man page.
2015-10-30 15:20:15 +01:00
Nikolay Amiantov
00f79aab90 Merge pull request #10464 from abbradar/encrypted-swap
nixos/swap: refactor, add randomEncryption option
2015-10-30 11:49:46 +03:00
Domen Kožar
01b0355140 nm-openvpn: add user/group, closes #10689
(cherry picked from commit 551dad3ffd055d5df5de6878a74432d85ecbd114)
Signed-off-by: Domen Kožar <domen@dev.si>
2015-10-29 09:59:08 +01:00
Benno Fünfstück
a92c024c7f sddm: allow extra config options 2015-10-28 22:04:40 +01:00
Peter Simons
84903a4846 nixos: use "example.net" host name in autossh documentation 2015-10-28 20:04:36 +01:00
Peter Simons
b8dd60aaa6 nixos: remove redundant services.autossh.enable option
The service is enabled automatically when 'session' is non-empty.
2015-10-28 19:50:06 +01:00
Peter Simons
be1fa3c9da Merge pull request #10650 from grwlf/autossh-nixos
autossh.nix: AutoSSH service as a NixOS module
2015-10-28 11:31:51 +01:00
Sergey Mironov
d355ed81cb autossh.nix: add the module, which run autossh sessions as systemd services 2015-10-28 00:23:13 +03:00
Arseniy Seroka
42eabf1c4a Revert "i3wm: Add debug & logging options" 2015-10-27 13:40:04 +03:00
Arseniy Seroka
50f5122d72 Merge pull request #10635 from layus/i3log
i3wm: Add debug & logging options
2015-10-27 12:51:50 +03:00
Guillaume Maudoux
eb46e0fc72 i3wm: Add debug & logging options 2015-10-26 22:33:11 +01:00
michael bishop
b81f51cecf teamviewer: fix the expressions 2015-10-26 15:22:01 -03:00
Domen Kožar
f1508b3a23 nova-image: use make-disk-image.nix 2015-10-26 16:16:45 +01:00
aszlig
60d407b209
nixos/postgresql: Fix execution of initialScript.
Regression introduced by b21fd5d066.

The initialScript is only executed whenever there is a .first-startup in
the dataDir, so silently dropping the file essentially breaks
initialScript functionality.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-10-25 16:05:14 +01:00
Arseniy Seroka
a5c0aec680 Merge pull request #10586 from dezgeg/pr-arm-tweaks
nixos: Minor improvements to ARM image expressions
2015-10-25 04:31:03 +03:00
Arseniy Seroka
61910861dc fix spelling 2015-10-25 04:26:49 +03:00
Tuomas Tynkkynen
7671f920f8 ARM: Use linuxPackages_latest in ARMv7 image
4.2 is out now, which includes the pcDuino3 Nano DTB.
2015-10-24 17:32:21 +03:00
Tuomas Tynkkynen
63c3aed442 ARM: Don't disable manual in installation images
Since commits 89e9837 and 5b8dae8 the manual no longer depends on
evaluation of any packages from nixpkgs, so all errors of the form
"Package 'foo' is not supported on 'armv7l-linux'" are gone.
2015-10-24 17:25:55 +03:00
Domen Kožar
6fb7b9b664 networkmanager: don't check if subject is active (false in my X session)
(cherry picked from commit 4c2bbb248cf22ad3c3541ba7d38bbc3abb40c706)
Signed-off-by: Domen Kožar <domen@dev.si>
2015-10-23 20:16:49 +02:00
Nikolay Amiantov
763ad3372a nixos/parsoid: use nodejs 0.10 2015-10-22 14:34:02 +03:00
Nikolay Amiantov
a9792367aa Merge pull request #10390 from abbradar/bash-tramp
nixos/bash: use simple prompt for dumb terminals
2015-10-22 14:07:19 +03:00
Nikolay Amiantov
7a9982d465 nixos/bash: use simple prompt for dumb terminals 2015-10-22 14:05:49 +03:00
Nikolay Amiantov
de8b8b35a4 nixos/swap: refactor, add randomEncryption option 2015-10-20 15:56:12 +03:00
Hajo Möller
de9e05153d service.asterisk: fix dir creation 2015-10-19 19:05:23 +02:00
Brian McKenna
3ef956eb50 nixos-generate-config: look at mmc_host for device drivers
I needed to add sdhci_acpi and mmc_block to my initrd modules in order to boot
my Chromebook. Looking under /sys/class/mmc_host/*/device/driver/module will
give us the sdhci_acpi dependency.
2015-10-16 17:41:15 +11:00
Charles Strahan
cb38f10d12 nixos-generate-config: detect brcmfmac requirement
This makes the firmware available (or would, if someone switched off
enableAllFirmware). Corresponding kernel module should get auto-loaded.

See #9948. Close #9971.
2015-10-15 13:12:42 +02:00
Eelco Dolstra
5f077e2296 Factor out option renaming
Option aliases/deprecations can now be declared in any NixOS module,
not just in nixos/modules/rename.nix. This is more modular (since it
allows for example grub-related aliases to be declared in the grub
module), and allows aliases outside of NixOS (e.g. in NixOps modules).

The syntax is a bit funky. Ideally we'd have something like:

  options = {
    foo.bar.newOption = mkOption { ... };
    foo.bar.oldOption = mkAliasOption [ "foo" "bar" "newOption" ];
  };

but that's not possible because options cannot define values in
*other* options - you need to have a "config" for that. So instead we
have functions that return a *module*: mkRemovedOptionModule,
mkRenamedOptionModule and mkAliasOptionModule. These can be used via
"imports", e.g.

  imports = [
    (mkAliasOptionModule [ "foo" "bar" "oldOption" ] [ "foo" "bar" "newOption" ]);
  ];

As an added bonus, deprecation warnings now show the file name of the
offending module.

Fixes #10385.
2015-10-14 18:18:47 +02:00
Pascal Wittmann
78b2851724 Merge pull request #10384 from robbinch/fix-statd
Fix typo in nixos/modules/tasks/filesystems/nfs.nix.
2015-10-14 10:49:52 +02:00
Robbin C
528ebb4e5e Fix typo in nixos/modules/tasks/filesystems/nfs.nix.
statd should be cfg.statd.
2015-10-14 08:48:34 +08:00
Tobias Geerinckx-Rice
a65cf63f55 copy-com service: order after network-online.target
I doubt that ordering non-sysvinit services after network.target ever
makes sense. In this case, CopyConsole requires DNS lookups and fails
if these are not yet possible.
2015-10-13 21:02:01 +02:00
aszlig
e4caf0fde0
nixos/synergy: Restart services on failure.
Synergy seems to get more and more unstable in recent versions, so we
might want to debug this properly. However, it makes sense to restart
the service nevertheless, because synergy is about keyboard and mouse
sharing and it's quite annoying to either SSH in to restart the service
or even needing to unplug the keyboard and plug in into the machine with
the failing service.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-10-13 04:42:39 +02:00
Domen Kožar
49f5d85041 Merge pull request #10208 from offlinehacker/nixos/grafana/fix_option_name
grafana service: fix package option name
2015-10-08 12:21:58 +02:00
Bjørn Forsman
04e748e61f nixos/jenkins: reduce default environment
Don't pull in all of environment.sessionVariables, only add what's
needed for nix and HTTPS to work (which was the point of the previous
patch).
2015-10-06 22:11:03 +02:00
Thomas Strobel
c6b2365e9a supplicant module: extended module for wpa_supplicant
Add new configuration options for wpa_supplicant and allow to
configure and start one wpa_supplicant per device.
2015-10-06 20:12:40 +02:00
Thomas Strobel
d5604f0b22 power management: restart post-resume.target on resume
Trigger a restart of the post-resume.target on resume.
That allows other systemd services to receive the restart signal
after resume by becoming 'partOf' the post-resume.target.
2015-10-06 20:12:40 +02:00
Thomas Strobel
acb1b3cdd0 networking module: wlanInterfaces: fix file name of udev rules 2015-10-06 20:12:39 +02:00
Thomas Strobel
881ec1efb8 networking module: vswitches: re-structure dependencies to systemd units 2015-10-06 20:12:39 +02:00
Thomas Strobel
7a8980193d nixos grub: trustedBoot: introduce safety check that TPM is available 2015-10-06 20:12:39 +02:00
Domen Kožar
a61e26a63d Merge pull request #10227 from bjornfor/jenkins-envvars
nixos/jenkins: rework environment handling
2015-10-06 13:38:55 +02:00
lethalman
241821cbb4 Merge pull request #10195 from cleverca22/master
build the crontab localy, there is nothing to gain from building it remotely
2015-10-06 11:01:56 +02:00