Vladimír Čunát
5402412b97
Merge #33600 : xfce: cleanup, hyphenate attributes
2018-01-21 09:52:58 +01:00
Jörg Thalheim
dfa6a81a31
Merge pull request #33331 from cransom/netdata-module
...
netdata service: fix permissions for apps.plugin
2018-01-19 23:19:29 +00:00
volth
c4eb23062e
nixos/libvirtd: add qemu-img to $PATH of the daemon
...
...because daemon's $PATH does not include "/run/current-system/sw/bin"
2018-01-19 16:28:01 +00:00
Jan Tojnar
d2d1a2dfba
Merge pull request #28882 from jtojnar/chrome-gnome-shell
...
chrome-gnome-shell: refactor
2018-01-19 13:40:42 +01:00
Leon Schuermann
c61a9dfd2e
sshd: provide option to disable firewall altering
2018-01-18 22:55:28 +08:00
Rob Vermaas
38538f3206
Merge pull request #33423 from AmineChikhaoui/gce-ssh-keys
...
Fix ssh keys retrieval in GCE instances
2018-01-18 13:06:00 +01:00
Leon Schuermann
f297ddb5c9
sudo: define extra rules in Nix language ( #33905 )
2018-01-17 14:56:08 +00:00
Francesco Gazzetta
356eeb0d4f
nixos/mighttpd2: init
2018-01-16 21:04:09 +00:00
rnhmjoj
c946c101d6
avoid package attributes starting with a digit
2018-01-16 21:13:16 +01:00
Robin Gloster
9bceb2b353
oh-my-zsh module: reword & fix manual build
...
docbook interpreted this as a tag and this sounded as if the option
defaulted to putting the cached directory into the nix store.
cc @Ma27 @fpletz
2018-01-16 21:02:54 +01:00
Maximilian Bosch
b55d4c0564
programs.zsh.ohMyZsh: add cacheDir
option ( #33150 )
...
The default cache directory set by oh-my-zsh is $ohMyZsh/cache which
lives in the Nix store in our case. This causes issues with several
completion plugins provided by oh-my-zsh.
2018-01-16 17:29:46 +00:00
Jörg Thalheim
822c949833
Merge pull request #33915 from lheckemann/remove-amd-hybrid-graphics
...
amd-hybrid-graphics module: remove
2018-01-16 15:57:37 +00:00
Leon Schuermann
22e83d2667
openvpn: add warning about world-readable credentials
2018-01-16 11:40:16 +07:00
Linus Heckemann
730f8530a8
amd-hybrid-graphics module: remove
...
This was only applicable to very specific hardware, and the only person
with an apparent interest in maintaining it (me) no longer uses the
hardware in question.
2018-01-15 23:17:12 +00:00
Jan Tojnar
41d252d7a4
nixos/nginx: allow using existing ACME certificate
...
When a domain has a lot of subdomains, it is quite easy to hit the rate limit:
https://letsencrypt.org/docs/rate-limits/
Instead you can define the certificate manually in `security.acme.certs` and list the subdomains in the `extraDomains` option.
2018-01-15 13:48:45 +01:00
Leon Schuermann
e45a06ebd1
openvpn: add option to store credentials
2018-01-15 14:34:58 +07:00
Joachim F
b6c696cc6f
Merge pull request #33444 from rnhmjoj/dnscrypt-wrapper
...
nixos/dnscrypt-wrapper: fix rotate script failing to restart the service
2018-01-14 11:33:02 +00:00
Sarah Brofeldt
ee4e6ebbfa
Merge pull request #32822 from LumiGuide/elk6
...
ELK: 5.6.1 -> 5.6.5 & add ELK 6.1.0
2018-01-14 10:40:50 +01:00
Miguel Madrid Mencía
22341c42e7
resilio-sync: fixed typo knownHosts -> entry.knownHosts
2018-01-13 23:44:39 +01:00
Jan Tojnar
38b6d7b60e
nixos/chrome-gnome-shell: init
2018-01-13 15:19:19 +01:00
Joachim F
ed250d8093
Merge pull request #27131 from richardlarocque/mosquitto_pw
...
mosquitto: Explicitly configure password file
2018-01-13 12:02:45 +00:00
Eelco Dolstra
dddcd10ecc
Don't set 'config.xorg = {}'
...
This makes memoization of Nixpkgs evaluation less effective, since
some Nixpkgs invocations may have 'config = {}' while others may have
'config = { xorg = {}; }'.
Instead set 'config = {}'.
2018-01-11 19:31:05 +01:00
zimbatm
1276a3b12a
nixos/acme: configurable TOS hash ( #33522 )
...
This hash tends to change and upstream simp_le doesn't seem to keep up
with the changes.
2018-01-11 14:19:15 +00:00
Jörg Thalheim
788c5195f3
Revert "nixos/udev: fix outdated udev rules for network devices"
...
This reverts commit 45c5a915980fbe1fa6f0ff80ab2d11b60b844d9e.
This breaks PredictableNetworkInterfaceNames on systems without networkd.
We should only include this file from systemd, when networkd is enabled.
2018-01-11 11:21:16 +00:00
Eelco Dolstra
6bbd67d45a
EC2 AMIs: 17.09.2356.cb751f9b1c3 -> 17.09.2681.59661f21be6
2018-01-10 13:16:49 +01:00
Joachim F
a6912f589e
Merge pull request #33629 from rnhmjoj/dnscrypt-proxy
...
Restore dnscrypt-proxy
2018-01-09 21:34:14 +00:00
John Ericson
eec050f395
Merge pull request #33577 from dtzWill/fix/cross-2
...
Minor cross fixes, 2
2018-01-09 12:36:53 -05:00
Vladimír Čunát
d6bf8eb71b
Merge #33614 : nixos/kresd improvements
...
The PR was extended with other fixes. All tested by me atop 17.09.
2018-01-09 17:26:31 +01:00
Ben Gamari
b2cbffae64
nixos/security-wrapper: Fix cross-compilation
2018-01-09 11:25:19 -05:00
Vladimír Čunát
4bc4c08838
nixos/kresd: service nitpicks
2018-01-09 17:25:18 +01:00
Vladimír Čunát
3ab85ed1ac
nixos/kresd: use DNSSEC root trust anchor from nixpkgs
...
in read-only way. If the cache directory is empty and you use the
very same service for system's DNS, kresd is unable to bootstrap root
trust anchors, as it would need a DNS lookup.
Also, if we don't rely on bootstrap, the extra lua deps of kresd could
be dropped by default, but let's not do that now, as the difference in
closure size is only ~4 MB, and there may be other use cases than
running the package as nixos service this way.
2018-01-09 17:24:49 +01:00
Vladimír Čunát
f312e6d993
nixos/kresd: use systemd.tmpfiles
...
Since 4e4161c212
it works on nixos-rebuild.
2018-01-09 17:11:36 +01:00
José Romildo Malaquias
8b416450ea
mate: let caja find extensions and gsettings schemas
2018-01-09 02:40:04 +02:00
José Romildo Malaquias
598c6c13f0
mate-panel: let mate-panel find applets in config system path
2018-01-09 02:40:04 +02:00
José Romildo Malaquias
ca27392d9c
mate-control-center: add gsettings schemas path to XDG vars
...
mate-control-center depends on mate-settings-daemon, but the later needs
gsettings schemas provided by the former. To fix this the gsettings schema
path from mate-control-center is added to XDG_DATA_DIRS at session
startup.
2018-01-09 02:40:04 +02:00
José Romildo Malaquias
1bacb88c6a
mate-session-manager: add debug option to mate service
2018-01-09 02:40:04 +02:00
Andreas Rammhold
637d5dd00c
tomcat9: 9.0.0.M17 -> 9.0.2
...
also renamed from tomcatUnstable to tomcat9
2018-01-09 01:31:06 +01:00
rnhmjoj
94d28f3672
nixos/dnscrypt-proxy: use new dyne.org repository
2018-01-09 00:33:19 +01:00
Jörg Thalheim
71cce26342
nixos/udev: fix outdated udev rules for network devices
...
Udev changed its internal naming, so this rule file no longer applied correctly.
Therefore some properties such as network driver no longer matched in
systemd-networkd.
After updating we have more properties in systemd-networkd:
$ sudo networkctl status wlp3s0
...
Driver: iwlwifi
...
To prevent this in future, the file is no copied from systemd directly
2018-01-08 16:59:33 +01:00
Andrey Golovizin
f19d959ef1
nixos/kresd: fix systemd dependency cycle
...
The unnecessary dependency of sockets.target on kresd.service causes a
dependency cycle preventing kresd.service from starting at boot:
sockets.target -> kresd.service -> basic.target -> sockets.target
2018-01-08 15:52:26 +01:00
Yegor Timoshenko
85b84527f6
mopidy: fix, resolves #32234
2018-01-08 14:32:36 +00:00
rnhmjoj
4ebb9621f4
Revert "nixos/dnscrypt-proxy: remove"
...
This reverts commit 5dc2853981
.
The project has a new maintainer.
2018-01-08 15:09:33 +01:00
Yegor Timoshenko
f7a9f96725
nixos/xfce: clean up, use hyphenated attributes
2018-01-08 05:12:05 +00:00
Johannes Bornhold
a88b4d4db1
nixos/matrix-synapse: Add module parameter extraConfigFiles ( #33276 )
...
This allows to configure additional configuration files for Synapse. This way
secrets can be kept in a secure place on the file system without a need to go
through the Nix store.
2018-01-07 20:13:48 +00:00
Joachim Fasting
5dc2853981
nixos/dnscrypt-proxy: remove
...
The upstream project ceased.
See https://github.com/NixOS/nixpkgs/issues/33540
2018-01-07 17:00:32 +01:00
Robin Gloster
e606bb252b
gitlab module: config changes for gitlab 10.3
2018-01-07 05:02:56 +01:00
Robin Gloster
69c396f273
gitlab module: gitaly fixes
2018-01-07 05:02:35 +01:00
Graham Christensen
013580caf0
Merge pull request #30518 from Infinisil/usbmuxd-service
...
usbmuxd service: init
2018-01-06 15:53:42 -05:00
Jaakko Luttinen
eeaa82bde1
nixos/availableKernelModules: add logitech hid
...
This adds support for Logitech (wireless) USB keyboards at boot
2018-01-06 17:11:30 +00:00
Léo Gaspard
7b878a443a
nixos/clamav: replace mkIf [] with optional
2018-01-06 16:52:14 +01:00
Léo Gaspard
cb506e6e2e
nixos/clamsmtp: init
2018-01-06 16:08:54 +01:00
zimbatm
eddf30cc93
nixos: introduce boot.growPartition ( #33521 )
...
Move it from being a profile
2018-01-06 13:52:51 +00:00
Orivej Desh
b249907d04
Merge pull request #33197 from bgamari/gitlab-jws-fix
...
gitlab: Rename jws_private_key to openid_connect_signing_key
2018-01-06 03:08:57 +00:00
José Romildo Malaquias
d0eb40b311
lightdm-gtk-greater: add configuration options for clock format and indicators
2018-01-06 02:20:53 +00:00
zimbatm
80f13dc31d
fixup! buildkite-agent: change hooksPath type to 'path' (and prevent it from hitting the store)
2018-01-05 22:55:20 +00:00
Robin Gloster
cfed96ca51
nixos/service.tt-rss: improve pgsql support, do not use static uid/gid
2018-01-05 14:47:54 +01:00
Jaakko Luttinen
c26ff43905
nixos/service.tt-rss: improve mysql automatic setup
...
If the user chooses MySQL, it is enabled by default. Also, the used database is
created automatically along with the user and permissions.
2018-01-05 14:47:54 +01:00
Jaakko Luttinen
68855595ce
nixos/service.tt-rss: enable nginx automatically
2018-01-05 14:47:54 +01:00
Jaakko Luttinen
13eaae1610
nixos/service.tt-rss: use tt_rss user
...
- Add tt_rss system user.
- Use tt_rss as the user by default.
- Create tt_rss user and group automatically if used.
2018-01-05 14:47:54 +01:00
Jaakko Luttinen
c9b46ccea1
nixos/service.tt-rss: fix #27048
2018-01-05 14:47:54 +01:00
rnhmjoj
c883311327
nixos/dnscrypt-wrapper: fix rotate script failing to restart the service
2018-01-05 02:37:09 +01:00
Jörg Thalheim
f29ecd56c1
Merge pull request #33372 from Mic92/memcache
...
nixos/memcached: make unix sockets usuable
2018-01-04 18:39:48 +01:00
AmineChikhaoui
5dba59d494
Fixes https://github.com/NixOS/nixops/issues/756 .
...
Seems the google compute metadata service behavior changed a bit
recently which caused this issue ?
see: https://cloud.google.com/compute/docs/storing-retrieving-metadata
2018-01-04 16:50:05 +01:00
Peter Hoeg
423dd6cc29
Merge pull request #33415 from peterhoeg/p/hv
...
hyperv-daemons: package and nixos module
2018-01-04 21:11:34 +08:00
Peter Hoeg
85e507ebea
hyperv-daemons: add nixos module
2018-01-04 21:09:01 +08:00
Jörg Thalheim
c9c8a2c5b3
nixos/memcached: make unix sockets usuable
...
before:
- /var/run/memcached is a bad default for a socket path, since its
parent directory must be writeable by memcached.
- Socket directory was not created by the module itself -> this was
left as a burden to the user?
- Having a static uid with a dynamic user name is not very useful.
after:
- Replace services.memcached.socket by a boolean flag. This simplifies
our code, since we do not have to check if the user specifies a
path with a parent directory that should be owned by memcached
(/run/memcached/memcached.sock -> /run/memcached).
- Remove fixed uid/gid allocation. The only file ever owned by the
daemon is the socket that will be recreated on every start.
Therefore user and group ids do not need to be static.
- only create the memcached user, if the user has not specified a
different one. The major use case for changing option is to allow
existing services (such as php-fpm) opening the local unix socket.
If we would unconditionally create a user that option would be
useless.
2018-01-03 12:33:36 +01:00
Jörg Thalheim
453e15ec91
nixos/redis: remove static uid/gid assignment
...
all files are chowned on startup
2018-01-03 11:18:04 +01:00
Léo Gaspard
aa241aed14
nixos/dkimproxy-out: init ( #33229 )
2018-01-03 01:23:02 +00:00
Casey Ransom
f3cba4f6bb
netdata service: fix permissions for apps.plugin
...
apps.plugin requires capabilities for full process monitoring. with
1.9.0, netdata allows multiple directories to search for plugins and the
setuid directory can be specified here.
the module is backwards compatible with older configs. a test is
included that verifies data gathering for the elevated privileges. one
additional attribute is added to make configuration more generic than
including configuration in string form.
2018-01-02 17:57:19 -05:00
Ryan Trinkle
f1a6fa6eec
Merge pull request #32258 from ryantrinkle/add-nat-extraCommands
...
nat: add extraCommands option
2018-01-02 14:32:42 -05:00
Frederik Rietdijk
804285f589
Merge remote-tracking branch 'upstream/staging' into HEAD
2018-01-02 19:10:45 +01:00
Uli Schlachter
5465d6f7de
awesome: Use --search instead of $LUA_PATH/$LUA_CPATH
...
Instead of polluting the environment with environment variables which
are inherited by processes spawned from awesome, use the command line
argument "--search" to add things to the search path.
cc #33169
2018-01-02 17:24:56 +00:00
Jörg Thalheim
310ad4345b
Merge pull request #30686 from gnidorah/keyring
...
pam: add optional pam_gnome_keyring integration
2018-01-02 14:58:45 +01:00
Jörg Thalheim
54b16bcd11
Merge pull request #33227 from Ekleog/fcron-opensmtpd
...
fcron module: be compatible with non-wrapped sendmail's, like opensmt…
2018-01-02 09:26:53 +01:00
Bas van Dijk
803077ef1c
elk: add elasticsearch6, logstash6, kibana6 and the beats at v6.1.0
...
This change is backwards compatible since the ELK tools at version 5.x
remain unchanged.
The test suite now both tests ELK-5 and ELK-6.
2018-01-02 01:15:29 +01:00
Franz Pletz
1a69b2029f
Merge pull request #33273 from fadenb/patch-1
...
lldpd module: create a lldpd user as system user
2018-01-01 23:46:50 +00:00
gnidorah
f15fad898b
pam: add optional pam_gnome_keyring integration
2018-01-01 21:58:37 +03:00
Frederik Rietdijk
4cc2a38854
Merge remote-tracking branch 'upstream/master' into HEAD
2018-01-01 18:15:13 +01:00
Jörg Thalheim
0bbf671b5a
Merge pull request #31157 from sorki/lxcfs_pam_related
...
[wip] lxcfs,pam: disable cgmanager, enable pam_cgfs, lxcfs 2.0.7 -> 2.0.8
2018-01-01 15:42:03 +01:00
Frederik Rietdijk
1869e7e5b0
Merge remote-tracking branch 'upstream/master' into HEAD
2018-01-01 15:09:55 +01:00
Tristan Helmich
3b74349661
lldpd module: create a lldpd user as system user
2018-01-01 14:22:58 +01:00
Léo Gaspard
70a085b62f
nixos/rspamd: add extraConfig parameter ( #33226 )
2017-12-31 15:11:15 +00:00
Vladimír Čunát
1fcd92ce92
Merge branch 'master' into staging
...
A few thousand rebuilds from master, again.
Hydra: ?compare=1422362
2017-12-31 09:53:49 +01:00
Orivej Desh
dac8f27f96
nixos/beegfs: fix the build of the NixOS manual
2017-12-31 07:52:32 +00:00
Markus Kowalewski
b7fdefc8a4
beegfs: init at 6.17
...
package, kernel module, nixos module, and nixos test
2017-12-31 07:07:02 +00:00
Yegor Timoshenko
0dd6bd214d
xfce: resolve conflict with KDE
...
This resolves some aspects of #33231 , but GDK_PIXBUF_MODULE_FILE doesn't really belong to any DE module.
2017-12-31 05:22:15 +00:00
Orivej Desh
54d01b0e97
Merge pull request #32914 from Infinisil/znapzendzetup
...
znapzend service: stateless setup
2017-12-31 03:45:40 +00:00
Léo Gaspard
341583b2d2
fcron module: be compatible with non-wrapped sendmail's, like opensmtpd's
2017-12-31 03:34:11 +01:00
Yegor Timoshenko
c31ac41810
libinput: disableWhileTyping = false by default
2017-12-30 22:02:16 +00:00
Frederik Rietdijk
2d0bead714
Merge remote-tracking branch 'upstream/master' into HEAD
2017-12-30 17:04:54 +01:00
Ben Gamari
b95cdd4f6c
gitlab: Rename jws_private_key to openid_connect_signing_key
...
See
24d56df29b
2017-12-29 22:11:04 -05:00
Vladimír Čunát
a1a3e54ac9
Merge branch 'master' into staging
...
Haskell rebuild :-)
Hydra: ?compare=1421865
2017-12-29 18:39:36 +01:00
gnidorah
766ae1ecf9
tmux module: add secureSocket option
2017-12-29 15:05:20 +03:00
Franz Pletz
e2fe111d46
nixos/profiles/all-hardware: remove unavailable modules
2017-12-29 11:37:21 +01:00
Vladimír Čunát
f29000b002
Merge branch 'master' into staging
...
Hydra: ?compare=1421760
2017-12-29 10:13:33 +01:00
Nadrieril
95fde40b71
usbguard service: rules
option should be of type 'lines'
2017-12-29 03:19:36 +01:00
Robin Gloster
86c7db0ac4
mysql module: cleanup obsolete checks
2017-12-29 02:18:35 +01:00
Robin Gloster
445e3d7390
ghostOne: remove
...
broken and unmaintained
2017-12-29 02:18:35 +01:00
Christoph Hrdinka
3e14b2826b
nsd module: make use of NSDs configFile option
...
Signed-off-by: Christoph Hrdinka <c.github@hrdinka.at>
2017-12-28 14:34:06 +01:00
adisbladis
563078184e
services.xserver.desktopManager.plasma5: add qtvirtualkeyboard to systemPackages
2017-12-28 21:13:46 +08:00