Commit graph

2596 commits

Author SHA1 Message Date
Eelco Dolstra
e66970417b Remove obsolete "eject" entry from the system path
It's an alias for util-linux, so included anyway.
2015-04-20 11:21:20 +02:00
Eelco Dolstra
3d2b24d161 Remove pciutils and usbutils from the default system path
Issue #7117.
2015-04-20 11:21:20 +02:00
Cray Elliott
479f5f4ae6 fix rebuild when using ntfs partitions
needed to define inInitrd, used vfat.nix as a template
2015-04-19 15:17:23 -07:00
Eelco Dolstra
2b6d011bec Include cifs-utils only when needed
Issue #7117.
2015-04-19 22:06:45 +02:00
Eelco Dolstra
1cb5583c05 container.nix -> docker-container.nix 2015-04-19 22:06:45 +02:00
Eelco Dolstra
57b05765c9 Don't include ntfs-3g by default
Issue #7117.
2015-04-19 22:06:45 +02:00
Eelco Dolstra
c0f70b4694 Remove fixed uids for nscd, sshd
These services don't create files on disk, let alone on a network
filesystem, so they don't really need a fixed uid. And this also gets
rid of a warning coming from <= 14.12 systems.
2015-04-19 22:06:45 +02:00
Eelco Dolstra
c87977e97d Don't include networkd units unless enabled
Otherwise, the enabled -> disabled transition won't be handled
correctly (switch-to-configuration currently assumes that if a unit is
running and exists, it should be restarted).
2015-04-19 22:06:45 +02:00
Eelco Dolstra
f8dbe5f376 systemd: Move networkd into separate modules
The systemd module was getting rather bloated.
2015-04-19 22:06:45 +02:00
Tobias Geerinckx-Rice
1f513c21f9 Merge pull request #7461 from dezgeg/pr-ddclient-unit-type
ddclient: Fix capitalization of systemd unit keys
2015-04-19 15:27:21 +02:00
Tuomas Tynkkynen
e7843efe12 ddclient: Fix incorrectly capitalized systemd unit key
This avoids the following warning:

Apr 19 10:53:48 xen systemd[1]: [/nix/store/...-unit-ddclient.service/ddclient.service:19] Unknown lvalue 'type' in section 'Service'

As `Type=simple` is the default in systemd, the assignment to the
service type can be simply dropped.
2015-04-19 15:58:34 +03:00
lethalman
e6b664cafe Merge pull request #7443 from ts468/fixgrub
Fix grub for "nodev" targets.
2015-04-18 21:19:04 +02:00
Mateusz Kowalczyk
5676e8b391 lightdm: allow the user to specify extra Seat opts 2015-04-18 20:14:10 +01:00
Mateusz Kowalczyk
1713184b11 xserver.nix: fix indentation issues under Device 2015-04-18 19:04:03 +01:00
Mateusz Kowalczyk
d7810b4303 Hard tabs be gone! 2015-04-18 18:52:15 +01:00
Mateusz Kowalczyk
70aa758c34 Fix RightOf for xrandrHeads
Closes #7441
2015-04-18 18:34:28 +01:00
Thomas Strobel
66c73da5f9 Fix grub for "nodev" targets. 2015-04-18 19:22:25 +02:00
Forkk
771c7fb496 plex: add support for managing plugins via Nix
Added support for managing Plex plugins via Nix. This is done via an
"extraPlugins" configuration option which takes a list of paths to
plugin bundles, which are then symlinked into Plex's plugin directory
when the service is started.
2015-04-17 14:45:49 -05:00
Forkk
079da8cdcd plex: init at 0.9.11.16.958
Added a package and module for Plex Media Server, an application for
managing media collections across multiple devices.
2015-04-17 12:11:30 -05:00
Jonathan Glines
cdb174c18d Added NixOS module for Asterisk server 2015-04-16 17:41:37 -06:00
Nikolay Amiantov
405e4bd099 nixos.samba: update required mounts 2015-04-16 20:18:03 +03:00
Nikolay Amiantov
0d38958b61 nixos.samba: fix booleans in smb.conf 2015-04-16 20:17:59 +03:00
Eelco Dolstra
a0f69df10e dnsmasq: Add some types 2015-04-16 19:13:26 +02:00
Eelco Dolstra
5a5a43ea25 dbus: Reload if /etc/dbus-1 changes
Specifically, this fixes dnsmasq, which failed with

  Apr 16 19:00:30 mandark dnsmasq[23819]: dnsmasq: DBus error: Connection ":1.260" is not allowed to own the service "uk.org.thekelleys.dnsmasq" due to security policies in the configuration file
  Apr 16 19:00:30 mandark dnsmasq[23819]: DBus error: Connection ":1.260" is not allowed to own the service "uk.org.thekelleys.dnsmasq" due to security policies in the configuration file

after being enabled, due to dbus not being reloaded.
2015-04-16 19:13:20 +02:00
Nikolay Amiantov
1d6723c085 lambdabot: add nixos service 2015-04-16 13:33:40 +03:00
Edward Tjörnhammar
dfc8e5ab05 ihaskell: cleanup wrapper and service 2015-04-15 23:00:03 +02:00
lethalman
09f9178a78 Merge pull request #7392 from joelmo/master
Some i2p changes
2015-04-15 17:13:15 +02:00
Oliver Matthews
0144849f67 Allow allowing local access to mysql socket 2015-04-15 14:35:38 +00:00
lethalman
8330d64af4 Merge pull request #7372 from dezgeg/getty-autologin
[nixos] agetty: Add autologinUser config option
2015-04-15 15:37:12 +02:00
Joel Moberg
5b075eb400 i2p: add nixos service 2015-04-15 12:52:06 +02:00
Arseniy Seroka
4dd1b8cc22 Merge pull request #7347 from sargon/pr-x11
services.x11: Add option for additional InputClass sections.
2015-04-14 18:23:29 +03:00
Peter Simons
65822005f0 Merge pull request #7314 from edwtjo/ihaskell-fixups
IHaskell fixes
2015-04-14 14:21:44 +02:00
Peter Simons
6edc3022ef Merge pull request #7345 from joachifm/conditional-shadow-setuids
nixos: condition shadow setuid-wrappers on mutableUsers
2015-04-14 13:23:19 +02:00
Eelco Dolstra
3fe102b797 Merge pull request #7349 from aszlig/custom-channels
Make it easy to add system-wide custom channels.
2015-04-14 13:00:34 +02:00
Tuomas Tynkkynen
25062f56d4 Installation CD: automatic log in at virtual consoles 2015-04-14 12:51:24 +03:00
Tuomas Tynkkynen
7d916bb27e agetty: Add autologinUser config option
This option causes the specified user to be automatically logged in at
the virtual console.

While at it, refactor and make a helper function for building the getty
command line.
2015-04-14 10:45:28 +03:00
Joachim Fasting
75ab7bf960 nixos: condition shadow setuid-wrappers on mutableUsers
Having junk setuid wrappers in PATH is annoying.
2015-04-14 00:27:11 +02:00
Austin Seipp
8d3b8d0dc8 Merge pull request #7149 from joachifm/grsec-gradm-optional
grsecurity module: configure gradm iff RBAC is enabled
2015-04-13 17:11:29 -05:00
Austin Seipp
b86f6a3ed6 Merge pull request #7148 from joachifm/grsec-trivial
grsecurity module: trivial improvements
2015-04-13 17:10:47 -05:00
Austin Seipp
409da39c08 Merge pull request #7163 from joachifm/tarsnap-bandwidth-options
tarsnap module: add options for controlling bandwidth
2015-04-13 17:10:04 -05:00
Eelco Dolstra
574173f0e6 Merge pull request #7027 from ecraven/apache-sslchain
apache-httpd: adding support for sslServerChain
2015-04-13 16:48:20 +02:00
Peter Feigl
3837ef82ad fixing documentation 2015-04-13 15:42:01 +02:00
Peter Feigl
e5b3918f85 apache-httpd: adding support for sslServerChain 2015-04-13 15:41:10 +02:00
Peter Feigl
69b18fc4b6 fixing indentation 2015-04-13 13:46:42 +02:00
Peter Feigl
44ea83b986 changed config to only include the minimum necessary 2015-04-13 13:10:04 +02:00
Peter Feigl
49eb77b26c apache-httpd: adding subservice moodle 2015-04-13 13:06:39 +02:00
aszlig
df31a338dc
nixos-rebuild: Conditionally update channels.
This partially reverts commit 3a4fd0bfc6.

Addresses another concern by @edolstra that users might not want to
update *all* channels. We're now reverting to the old behaviour but
after updating the "nixos" channel, we just check whether the channel
ships with a file called ".update-on-nixos-rebuild" and if it exists, we
update that channel as well.

Other channels than these are not touched anymore.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-04-13 12:54:19 +02:00
Eelco Dolstra
4466707ddf switch-to-configuration: Better error checking 2015-04-13 12:28:12 +02:00
aszlig
5075cbe696
nixos: Put root's channels to the end of NIX_PATH.
My original reason to put it at the beginning of NIX_PATH was to allow
shipping a particular version <nixpkgs> with a channel. But in order to
do that, we can still let the channel expression ship with a custom
version of nixpkgs by something like <channel/nixpkgs> and the builder
of the channel could also rewrite self-references.

So the inconvenience is now shifted towards the maintainer of the
channel rather than the user (which isn't nice, but better err on the
side of the developer rather than on the user), because as @edolstra
pointed out: Having the channels of root at the beginning of NIX_PATH
could have unintended side-effects if there a channel called nixpkgs.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-04-13 12:20:58 +02:00
Joachim Schiele
85c454ab1d Merge pull request #6785 from qknight/wordpress
zef hemel's wordpress.nix adapted to extraSubservices
2015-04-13 10:27:55 +02:00
aszlig
3a4fd0bfc6
nixos-rebuild: Update all channels of user root.
Should make it even easier to use custom channels, because whenever the
user does a "nixos-rebuild --upgrade", it will also upgrade possibly
used ("used" as in referenced in configuration.nix) channels besides
"nixos". And if you also ship a channel tied to a particular version of
nixpkgs or even remove the "nixos" channels, you won't run into
unexpected situations where the system is not updating your custom
channels.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-04-13 00:09:00 +02:00
aszlig
65e569cc37
nixos: Add all of root's channels to NIX_PATH.
This is very useful if you want to distribute channels (and thus
expressions as well) in a similar fashion to Debians APT sources (or
PPAs or whatnot).

So, for example if you have a channel with some additional functions
or packages, you simply add that channel with:

sudo nix-channel --add https://example.com/my-nifty-channel foo

And you can access that channel using <foo>, for example in your
configuration.nix:

{
  imports = [ <foo/modules/shiny-little-module> ];
  environment.systemPackages = with import <foo/pkgs> {}; [ bar blah ];
  services.udev.extraRules = import <foo/lib/udev/mkrule.nix> {
    kernel = "eth*";
    attr.address = "00:1D:60:B9:6D:4F";
    name = "my_fast_network_card";
  };
}

Within nixpkgs, we shouldn't have <nixos> used anywhere anymore, so we
shouldn't get into conflicts.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-04-12 23:50:20 +02:00
Daniel Ehlers
057f01b11e services.x11: Add option for additional InputClass sections.
Implement support for additional InputClass sections, e.g. for non
keyboard input devices.
2015-04-12 23:49:48 +02:00
Edward Tjörnhammar
7d0ddbd154 nixos: add ihaskell service 2015-04-11 00:09:31 +02:00
Rickard Nilsson
3620b27a66 mpd: Make it possible to specify db file path 2015-04-10 23:10:14 +02:00
Eelco Dolstra
d923a6eab5 Make environment.checkConfigurationOptions an alias
NixOps uses it, and we can't change it there for
backward-compatibility reasons.
2015-04-10 16:11:07 +02:00
Nicolas B. Pierron
9647a72835 Fix amazon default configuration.nix file. 2015-04-09 22:18:13 +02:00
Vladimír Čunát
5aa9b72400 nixos: typo in docker option description 2015-04-09 20:58:20 +02:00
Nicolas B. Pierron
296e6c4991 Fix #7252 - NixOS Manual: Carry the current system value to evaluation of the manual. 2015-04-08 23:14:19 +02:00
Nicolas B. Pierron
3eef61a6eb NixOS Manual: Do not use unfree packages as default value. 2015-04-08 23:14:19 +02:00
Joachim Fasting
c5ec6ef609 window-managers: add missing import ratpoison 2015-04-08 14:14:37 +02:00
William A. Kennington III
6ffd44c4c3 nvidia: 346.47 -> 346.59 2015-04-07 13:24:55 -07:00
Oliver Matthews
09179b603f allow changing minecraft data dir + allow opening firewall 2015-04-07 14:10:13 +00:00
Eelco Dolstra
a38f130126 Revert "Set stricter permissions on /nix/store"
This reverts commit 066758758e7c0768ff8da51d208cdae0f33b368c because
it breaks NixOS VM tests.
2015-04-07 15:10:41 +02:00
Domen Kožar
42c421adc3 Merge pull request #7180 from jagajaga/fix_generator
Fixing nixos-generate-config
2015-04-07 12:24:04 +02:00
Arseniy Seroka
e52e160190 Merge pull request #7215 from cwoac/btsync2
Add support for btsync 2.x branch
2015-04-06 18:50:05 +03:00
Oliver Matthews
0539ed4771 Add support for btsync 2.x branch 2015-04-06 15:31:40 +00:00
Domen Kožar
ad197d89ae Merge pull request #7181 from jagajaga/teamviewer
Teamviewer
2015-04-06 14:13:07 +02:00
Tobias Geerinckx-Rice
f02651ee9b Merge pull request #7204 from fpletz/fix/hotplug_helper
Check if /proc/sys/kernel/hotplug exists before writing
2015-04-06 13:55:29 +02:00
Domen Kožar
7c7f426b3f Merge pull request #7164 from rzetterberg/master
Fixes minetest mesa 10.* incompatibility, adds minetest server service
2015-04-06 10:46:26 +02:00
Franz Pletz
16d25f4fa6 Check if /proc/sys/kernel/hotplug exists before writing
If a kernel without CONFIG_UEVENT_HELPER set is used with NixOS, the file
/proc/sys/kernel/hotplug does not exist. Before writing to it to disable
this deprecated mechanism, we have to ensure it actually exists because
otherwise the activation script will fail.
2015-04-06 09:23:58 +02:00
Arseniy Seroka
0998212640 impl: teamviewer daemon 2015-04-05 20:47:01 +03:00
Arseniy Seroka
b11f662617 fix https://github.com/NixOS/nixpkgs/issues/3560 2015-04-05 16:12:14 +03:00
William A. Kennington III
b3c423757e nixos/rdnssd: Major refactoring
This updates rdnssd to the following:
* Using the systemd interfaces directly
* Using the rdnssd user instead of the root user
* Integrating with resolvconf instead of writing directly to /etc/resolv.conf
2015-04-04 21:20:07 -07:00
Richard Zetterberg
0b1f994f29 Adds minetest server service 2015-04-04 12:36:43 +02:00
Joachim Fasting
66bfc3bbe6 tarsnap module: add options for controlling bandwidth
Annoyingly, these do not appear to accept SI prefixes.
2015-04-04 12:03:02 +02:00
Joachim Fasting
7cb7c57132 tarsnap module: inline optionalNullStr 2015-04-04 11:34:37 +02:00
William A. Kennington III
c0cb4e1ef7 nixos/nvidia: Add a temporary hack to support kernel 4.0 2015-04-03 21:53:34 -07:00
Nicolas B. Pierron
6de931a0f8 Merge rename.nix changes. 2015-04-03 23:12:12 +02:00
Arseniy Seroka
8592c6c004 Merge pull request #7150 from joachifm/grsec-types
grsecurity module: use types.enum
2015-04-03 16:03:49 +03:00
Joachim Fasting
3e847d512d grsecurity module: configure gradm iff RBAC is enabled 2015-04-03 13:45:57 +02:00
Joachim Fasting
ba93a75724 grsecurity module: use types.enum
Also
- set desktop as default system
- make virtualisationSoftware nullOr
- make virtualisationConfig nullOr
2015-04-03 13:45:45 +02:00
Joachim Fasting
66c4f51046 grsecurity module: simplify assertion 2015-04-03 13:38:32 +02:00
Joachim Fasting
2e88605a91 grsecurity module: remove reference to systemd-sysctl
First, that's not what the service is called, and secondly it's
most likely irrelevant to the user.
2015-04-03 13:38:32 +02:00
Austin Seipp
1c1083345b Merge pull request #7058 from joachifm/sysctl-kptr-restrict
nixos: condition sysctl.kptr_restrict on features.grsecurity
2015-04-03 04:13:19 -05:00
Arseniy Seroka
4fa554e32b Merge pull request #7017 from obadz/sg+sudo-g
Ability to switch groups with sg and sudo -g
2015-04-02 02:11:10 +03:00
William A. Kennington III
ff21171921 Fix references to current-system/sw/sbin 2015-04-01 13:57:36 -07:00
William A. Kennington III
a9f2e107d0 Revert "Remove obsolete .../sbin directories from $PATH"
This reverts commit 98cedb3d22.
2015-04-01 13:57:36 -07:00
aszlig
224ed7e798
nixos/hardware: Add option to enable KSM.
This is essentially what's been done for the official NixOS build slaves
and I'm using it as well for a few of my machines and my own Hydra
slaves.

Here's the same implementation from the Delft server configurations:

f47c2fc7f8/delft/common.nix (L91-L101)

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-04-01 20:00:27 +02:00
Eelco Dolstra
1c39a47ac8 Reload, don't restart, dbus.service
Many bus clients get hopelessly confused when dbus-daemon is
restarted. So let's not do that.

Of course, this is not ideal either, because we end up stuck with a
possibly outdated dbus-daemon. But that issue will become irrelevant
in the glorious kdbus-based future.

Hopefully this also gets rid of systemd getting stuck after
dbus-daemon is restarted:

Apr 01 15:37:50 mandark systemd[1]: Failed to register match for Disconnected message: Connection timed out
Apr 01 15:37:50 mandark systemd[1]: Looping too fast. Throttling execution a little.
Apr 01 15:37:51 mandark systemd[1]: Looping too fast. Throttling execution a little.
...
2015-04-01 16:57:16 +02:00
Eelco Dolstra
98cedb3d22 Remove obsolete .../sbin directories from $PATH 2015-04-01 16:22:12 +02:00
Eelco Dolstra
fdfe4b7cde Remove unnecessary symlinks in /nix/var/nix/gcroots 2015-04-01 14:45:02 +02:00
William A. Kennington III
8028357084 nixos/mysql: Cleanups 2015-03-31 16:17:55 -07:00
Vladimír Čunát
81fc066900 Merge #4678: nixos iso-image: support USB booting
by using syslinux (i.e. support the dd-method in addition to unetbootin).
@vcunat tidied the PR by squashing closely related changes together.
2015-03-31 15:12:16 +02:00
obadz
be7f104502 sg: add setuid wrapper. (newgrp is a symlink to sg and was already setuid).
sudo: add ability for wheel users to change group (as well as user)
2015-03-30 23:50:45 +01:00
Nikolay Amiantov
7c03829024 Merge pull request #7060 from abbradar/nm-l2tp
Support L2TP in NetworkManager
2015-03-30 23:05:42 +03:00
Edward Tjörnhammar
1092b9da48 Merge pull request #7066 from edwtjo/xbmc-pruning
Remove XBMC expressions in favor of the Kodi ones
2015-03-30 21:46:29 +02:00
Edward Tjörnhammar
1345a65765 Remove XBMC expressions in favor of the Kodi ones 2015-03-30 21:43:32 +02:00
lethalman
f72b0c43f6 Merge pull request #6762 from lethalman/nixos-install
nixos-install: support -j, --cores and --option. Closes #6755
2015-03-30 18:06:53 +02:00
lethalman
dc560b5b02 Merge pull request #7031 from cwoac/mediatomb
Add MediaTomb service
2015-03-30 17:49:46 +02:00
Luca Bruno
eac32cf697 Revert "Merge pull request #7032 from flosse/change-option-names"
This reverts commit c265aafb55, reversing
changes made to c9bbf2228f.

Breaks evaluation, see https://github.com/NixOS/nixpkgs/pull/7032#issuecomment-87641471
2015-03-30 13:45:07 +02:00
lethalman
c265aafb55 Merge pull request #7032 from flosse/change-option-names
nixos: prosody service - rename 'enabled' to 'enable'
2015-03-30 12:47:11 +02:00
lethalman
321b2e0439 Merge pull request #7073 from oxij/x11support-dbus
dbus: rename useX11 option into x11Support, cleanup a bit
2015-03-30 10:28:45 +02:00
William A. Kennington III
113c6c8f6a nixos/initrd: Do a lazy library copy in hopes to save some space for replaced binaries 2015-03-29 21:53:25 -07:00
William A. Kennington III
6b3cf366d7 nixos/initrd: Allow overriding of binaries 2015-03-29 21:26:39 -07:00
Jan Malakhovski
380ee53fff dbus: rename useX11 option into x11Support, cleanup a bit 2015-03-29 23:28:30 +00:00
William A. Kennington III
ca149f2be0 nixos/mysql: All versions of mysql have mysqld in /bin 2015-03-29 13:30:05 -07:00
Vladimír Čunát
299da40f9f iso: make efi FS size adaptive, make deterministic
Fixes #6795.
This was co-authored with @bobvanderlinden.

(cherry picked from commit e19ac248ae59fd327c32b1ae3e37792c22a7c7ac)
Signed-off-by: Domen Kožar <domen@dev.si>

Conflicts:
	nixos/modules/installer/cd-dvd/iso-image.nix
2015-03-29 22:25:41 +02:00
William A. Kennington III
553105310a nixos/stage-1: Fix the initrd builder for shell scripts 2015-03-29 13:20:54 -07:00
Nikolay Amiantov
16f047a60f nixos/networkmanager: support l2tp 2015-03-29 13:09:02 +03:00
William A. Kennington III
9718561589 nixos/vfat: Readd fsck.reiserfs 2015-03-28 19:07:45 -07:00
William A. Kennington III
c379847fda nixos/vfat: Readd fsck.vfat 2015-03-28 19:06:43 -07:00
William A. Kennington III
4868649f03 nixos/initrd: Generic library copying 2015-03-28 18:37:29 -07:00
Aristid Breitkreuz
1901f3fe77 fix initrd now that cryptsetup switched to libgcrypt 1.6 2015-03-28 23:59:19 +00:00
Joachim Fasting
5cb2cee954 nixos: condition sysctl.kptr_restrict on features.grsecurity
Conditioning `sysctl.kptr_restrict` on `features.grsecurity` supports
any grsecurity enabled kernel without having to enable the grsecurity
module.
2015-03-29 00:42:58 +01:00
Arseniy Seroka
a639c710ae Merge pull request #6968 from oxij/unquestionably-good
Easy to check to be unquestionably good changes
2015-03-28 13:16:13 +03:00
Markus Kohlhase
47aa6725e2 nixos: prosody service - rename virtualHosts option 'enabled' to 'enable' 2015-03-27 21:36:05 +00:00
Oliver Matthews
51b06c5865 Add MediaTomb service 2015-03-27 12:45:25 +01:00
Jaka Hudoklin
d3c6d4175a Merge pull request #6940 from offlinehacker/pkgs/ripple-data-api/add
Add ripple data api package and nixos service
2015-03-26 20:04:51 +01:00
Jaka Hudoklin
75169aabc3 Add ripple data api package and nixos service 2015-03-26 20:02:39 +01:00
Jan Malakhovski
5c6d86540b nixos: use types.enum instead of ad-hoc check in sshd service 2015-03-26 12:43:42 +00:00
Jan Malakhovski
dc4fa2da8a nixos: udev: build rules locally 2015-03-26 12:43:42 +00:00
Rob Vermaas
cbb14299c9 GCE image: Remove some unnecessary lib prefixes. 2015-03-26 09:15:09 +00:00
Rob Vermaas
80202fbd25 GCE image: Add some recommended sysctl settings. Disable OS level firewall by default for GCE images (GCE provides external firewall). Disable passwordAuthentication. Related to issue #6991. 2015-03-26 09:09:40 +00:00
William A. Kennington III
8b3c7af358 Merge pull request #6981 from layus/systemd-escape-colon
nixos/systemd: Also escape ':' characters
2015-03-25 15:33:21 -07:00
William A. Kennington III
86666893f0 nixos/microcode-amd: Update to early initrd loader 2015-03-25 14:44:36 -07:00
William A. Kennington III
b4fedf5315 nixos/intel-microcode: Support early initrd ucode loading 2015-03-25 14:14:46 -07:00
William A. Kennington III
f2655e4fa0 makeInitrd: Support prepending other initrds 2015-03-25 14:14:46 -07:00
Guillaume Maudoux
6ca7fb8f73 nixos/systemd: Also escape ':' characters 2015-03-25 22:11:35 +01:00
Bob van der Linden
58112832a7 nixos: iso-image: use label "EFIBOOT" for efi.img 2015-03-24 22:15:32 +01:00
Bob van der Linden
f0fd1c9bcf nixos: iso-image: use memtest86 params in syslinux
See also #6593.
2015-03-24 22:15:11 +01:00
Bob van der Linden
9ff9949896 nixos: iso-image: removed com32 entries from syslinux menu
These entries result in incorrect entries when UNetbootin writes
the image to an USB disk.
2015-03-24 22:09:06 +01:00
Bob van der Linden
af68f24003 nixos: iso-image: solve UNetbootin compatiblity
There are a number of hidden restrictions on the syslinux
configuration file that come into play when UNetbootin
compatiblity is desired. With this commit these are documented.
2015-03-24 22:08:52 +01:00
Bob van der Linden
a12ddc1964 nixos: iso-image: use generic boot-loader timeout
Syslinux uses different values than grub for timeout.
It uses 1/10 seconds as its unit and it uses 0 to disable timeouts.

In response to PR #5772.
2015-03-24 22:03:30 +01:00
Bob van der Linden
8d092270d2 nixos: iso-image: use syslinux bootloader for USB booting support
This changes the bootloader for iso generation from Grub to
syslinux. In addition this adds USB booting support, so that
"dd" can be used to burn the generated ISO to USB thumbdrives
instead of needing applications like UnetBootin.
2015-03-24 22:01:04 +01:00
Arseniy Seroka
ff22e19fc4 Merge pull request #6893 from hrdinka/nsd-config-options
nsd: Fix automatic config options
2015-03-23 13:19:29 +03:00
Jaka Hudoklin
491c8f82b2 Merge pull request #6917 from offlinehacker/rippled/module/awesome
rippled: expose more options, make compatible with new rippled version
2015-03-22 23:13:48 +01:00
Jaka Hudoklin
ad10db7617 Merge pull request #6882 from offlinehacker/nixos/fluentd
Add fluentd package and module
2015-03-21 22:37:48 +01:00
Jaka Hudoklin
916aab2927 Merge pull request #6875 from offlinehacker/nixos/cadvisor/fix
nixos/cadvisor: fixes
2015-03-21 22:36:11 +01:00
William Casarin
ea2baa8abf spectrwm window manager 2015-03-21 11:02:44 -07:00
Jaka Hudoklin
4947bacd52 rippled: expose more options, make compatible with new rippled version 2015-03-21 12:52:06 +01:00
Edward Tjörnhammar
664592561d nixos: added aiccu service 2015-03-20 22:01:35 +01:00
Austin Seipp
3ff22a924f Merge pull request #6871 from joachifm/apparmor-fixups
Apparmor fixups
2015-03-20 15:36:42 -05:00
aszlig
ea2fd84ecd
nixos/mpd: Fix creation of "mpd" group.
The group is specified using a singleton list, so the loaOf merging is
done by iterating through the list items with imap, so it enumerates
every element and sets that as the default "name" attribute.

From lib/types:143:

name = elem.name or "unnamed-${toString defIdx}.${toString elemIdx}";

So, people get groups like "unnamed-X.Y" instead of "mpd".

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Reported-by: devhell <"^"@regexmail.net>
Tested-by: devhell <"^"@regexmail.net>
2015-03-20 20:58:13 +01:00
Jaka Hudoklin
89f41b90fa Merge pull request #6874 from offlinehacker/pkgs/kubernetes/update
kubernetes: update to 0.12.1, fix module
2015-03-20 11:22:48 +01:00
Ricardo M. Correia
4d2317e6eb nixos/zfs: Don't default to git version for kernels >= 3.19
Stable version 0.6.3-1.3 works with kernels 3.19.x.
2015-03-19 19:37:33 +01:00
Arseniy Seroka
9cfdeba324 Merge pull request #6611 from jagajaga/slurm
Slurm module
2015-03-19 21:06:49 +03:00
Christoph Hrdinka
d3a2edb8ce nsd: Fix automatic config options 2015-03-19 12:10:55 +01:00
Jaka Hudoklin
1b99f0aeb6 Merge pull request #6873 from offlinehacker/pkgs/panamax/update
panamax: update, fix module
2015-03-19 09:18:48 +01:00
Arseniy Seroka
15f7afa6b4 Merge pull request #6885 from hrdinka/update-nsd
nsd: Update from 4.1.0 -> 4.1.1
2015-03-19 03:15:35 +03:00
Jaka Hudoklin
fca0aa7077 Add fluentd package and module 2015-03-18 21:18:47 +01:00
Rickard Nilsson
bdbdaee3c0 scollector module: Add extraOpts option 2015-03-18 21:16:31 +01:00
Christoph Hrdinka
6db8155e37 nsd: Update from 4.1.0 -> 4.1.1 2015-03-18 21:01:35 +01:00
Luca Bruno
b94b08488f nixos/pulseaudio: don't put 32bit libs in systemPackages
Fixes the useless collisions in the system path.
The 64bit and 32bit variants have the same files, hence
it's pointless to put the 32bit pulseaudio in systemPackages.
2015-03-18 14:10:02 +00:00
Luca Bruno
cb45b7ec3e Revert "nixos: Multiple service instances, apply to nginx. See #6784"
This reverts commit 7ef59c4fe2.

Wrong push! Sorry!
2015-03-18 14:09:24 +00:00
Luca Bruno
7ef59c4fe2 nixos: Multiple service instances, apply to nginx. See #6784 2015-03-18 14:07:29 +00:00
Jaka Hudoklin
2482b75eae kubernetes: update to 0.12.1, fix module 2015-03-18 14:37:03 +01:00
Jaka Hudoklin
079520ced5 panamax: update, fix module 2015-03-18 14:35:24 +01:00
Jaka Hudoklin
536694bcd4 nixos/cadvisor: fixes
- run as non root user, because of docker
- run docker by default
2015-03-18 14:31:08 +01:00
Joachim Fasting
532337d673 Cleanup AppArmor module
Remove excessive whitespace & comment sections
2015-03-18 12:07:43 +01:00
Eelco Dolstra
224d0d5302 Set stricter permissions on /nix/store
The nixbld group doesn't need read permission, it only needs write and
execute permission.

(cherry picked from commit 066758758e7c0768ff8da51d208cdae0f33b368c)
2015-03-18 10:58:08 +01:00
lethalman
cdbeb7143c Merge pull request #6832 from k0ral/icecast
Added icecast module
2015-03-17 16:43:02 +01:00
koral
54857abfc9 Added icecast module. 2015-03-17 14:21:57 +00:00
lethalman
c91ccb4b9c Merge pull request #6842 from philandstuff/hash-owncloud-admin-password
owncloud: don't store plaintext adminPassword in nix store
2015-03-17 12:59:58 +01:00
lethalman
70b059fb59 Merge pull request #5936 from j-keck/nixos-container-usage
nixos-container: add missing 'nixos-container update' in usage
2015-03-17 12:43:29 +01:00
lethalman
359bc60ec8 Merge pull request #6448 from eduarrrd/ddclient
ddclient module: fix module
2015-03-17 12:38:12 +01:00
Philip Potter
7ad6dac43b owncloud: don't store plaintext adminPassword in nix store
Rather than using openssl to hash the password at build time, and hence
leaving the plaintext password world-readable in the nix store, we can
instead hash the password in the nix expression itself using
builtins.hashString.
2015-03-16 22:42:22 +00:00
Peter Simons
56bb114905 Merge pull request #6722 from joachifm/fix-id-mismatches
Fix id mismatches
2015-03-16 18:46:38 +01:00
Joachim Fasting
3518b761ba TCSD: use tss user/group instead of nginx
For some reason TCSD is configured to use the nginx uid/gid.
Use the newly created tss uid/gid instead.
2015-03-16 09:58:16 +01:00
Joachim Fasting
e9cd877921 nixos: resolve uid/gid conflicts
This patch resolves all uid/gid conflicts except for nobody/nogroup (seems
to make sense that these are the same).
All conflicts where determined mechanically, but resolutions were manual.
This patch also marks uids/gids with no corresponding group/user as "unused"
(aka. reserved).

Briefly,

- tss group conflicts with dhcpcd
  The tss group id conflicts with dhcpcd: assign
  a new number and add a corresponding tss user.
- elasticsearch uid conflicts with haproxy gid
- resolve firebird/munin conflict
- fix fourstorehttp{,d} typo
- fix ghostOne typo: the service module refers to gids.ghostone, so use that
  in ids
- memcached uid conflicts with users gid
- nagios uid conflicts with disks gid
- nscd uid conflicts with wheel gid
- ntp uid conflicts with tty gid
- resolve postfix/postdrop id uid
- redis uid conflicts with keys gid
- sshd uid conflicts with kmem gid
- tcryptd uid conflicts with openldap gid
- unifi uid conflicts with docker gid
- uptimed uid conflicts with utmp gid
- zope2 uid conflicts with connman gid
- tomcat uid/gid mismatch
2015-03-16 09:58:13 +01:00
Austin Seipp
ef95600372 Merge pull request #6771 from joachifm/apparmor-2.9
Apparmor 2.9
2015-03-15 14:16:24 -05:00
Nicolas B. Pierron
05e8a48fb4 Document and rename internal option of modules. 2015-03-15 14:45:42 +01:00
Ricardo M. Correia
7c8247a8c5 grsecurity: Update stable and test patches
stable: 3.1-3.14.35-201503071140 -> 3.1-3.14.35-201503092203
test:   3.1-3.18.9-201503071142  -> 3.1-3.19.1-201503122205
2015-03-15 03:49:58 +01:00
William A. Kennington III
c200c1e0a1 Merge pull request #6813 from globin/fix/elantech-trackpoint-scrolling
Add Elanthec PS/2 Trackpoint (Thinkpad L430)
2015-03-14 17:01:13 -07:00
Robin Gloster
a8a350e679 Add Elanthec PS/2 Trackpoint (Thinkpad L430) 2015-03-15 00:09:04 +01:00
koral
9c4cbaa553 Fix mpd configuration (enclosing quotes needed). 2015-03-14 12:15:34 +00:00
Joachim Schiele
d74ea7d34f zef hemels' wordpress.nix adapted to extraSubservices 2015-03-13 14:19:48 +01:00
lethalman
f72d1abb79 Merge pull request #5846 from arno01/nginx
nginx service improvements
2015-03-13 11:41:27 +01:00
Nicolas B. Pierron
9f2865515d Fix infinite loop in fontconfig-ultimate.nix
With the new evaluation of arguments, pkgs is now defined by the
configuration, which implies that option declaration with pkgs.lib
will cause an infinite loop.
2015-03-12 23:42:58 +01:00
Shea Levy
3177d37652 Fix import using module args 2015-03-12 23:42:57 +01:00
Shea Levy
f69ce50529 Move most extra args out of eval-config.nix 2015-03-12 23:42:57 +01:00
Shea Levy
e3eff53037 evalModules: Add internal option for the check argument 2015-03-12 23:42:57 +01:00
Shea Levy
e4a06f35b1 nixos: Don't evaluate twice to get the value of config.nixpkgs 2015-03-12 23:42:57 +01:00
Shea Levy
1d62ad4746 modules.nix: Generate the extra argument set from the configuration
This allows for module arguments to be handled modularly, in particular
allowing the nixpkgs module to handle the nixpkgs import internally.
This creates the __internal option namespace, which should only be added
to by the module system itself.
2015-03-12 23:42:57 +01:00
Vladimír Čunát
208d1f24db xfce: more update fallout
- forgotten mousepad update, including some wrapping magic
- dealing with panel plugins (either fix or mark as broken)
	CC maintainer @AndersonTorres.
- remove some libxfcegui4 occurrences, as it's being phased out
- minor stuff
2015-03-12 23:02:15 +01:00
lethalman
14ed261fc7 Merge pull request #6765 from gebner/ibus-plugins
Add ibus-qt and ibus-anthy.
2015-03-12 14:35:23 +01:00
Joachim Fasting
7a9a24a95e Update AppArmor service module
- Use AppArmor 2.9
- Enable PAM support
2015-03-12 11:49:05 +01:00
Kirill Elagin
356810b178 cupsd: rename cupsd.service to cups.service 2015-03-12 09:00:56 +03:00
Gabriel Ebner
d23ed364b5 Add ibus-qt. 2015-03-11 21:54:04 +01:00
Gabriel Ebner
59da79c733 ibus: Enable XIM support.
This allows firefox to use ibus.
2015-03-11 21:54:04 +01:00
Gabriel Ebner
f222abea44 Add programs.ibus config option to enable ibus and plugins. 2015-03-11 21:53:34 +01:00
Thomas Tuegel
61cf7e1265 Merge branch 'kde5' 2015-03-11 11:49:45 -05:00
Thomas Tuegel
f370af91ad kde5: use ksshaskpass for SSH_ASKPASS 2015-03-11 11:49:29 -05:00
Thomas Tuegel
4b10907152 ssh: make askPassword an option
By making askPassword an option, desktop environment modules can
override the default x11_ssh_askpassword with their own equivalent for
better integration. For example, KDE 5 uses plasma5.ksshaskpass instead.
2015-03-11 11:49:29 -05:00
Thomas Tuegel
5b5b7aa951 kde5: add kde-workspace and kde-runtime to systemPackages 2015-03-11 11:49:28 -05:00
Luca Bruno
fe6b0b15e6 nixos-install: support -j, --cores and --option. Closes #6755 2015-03-11 16:47:44 +00:00
lethalman
fe79bf34a5 Merge pull request #6512 from bjornfor/nixos-haproxy-cleanup
nixos/haproxy: remove broken default 'config'
2015-03-11 16:29:06 +01:00
lethalman
c8ac069772 Merge pull request #6724 from anderspapitto/local
Add x11 service for unclutter
2015-03-11 15:32:40 +01:00
Arseniy Seroka
ef37154c82 Merge pull request #6739 from joachifm/refactor-tarsnap-service
nixos: refactor tarsnap backup service module
2015-03-11 11:22:32 +03:00
Arseniy Seroka
1c58c3a772 Merge pull request #6345 from puffnfresh/feature/mtrack-options
Add more options to multitouch (mtrack) module
2015-03-11 11:10:51 +03:00
William A. Kennington III
26020cfe8a nixos/lightdm: Add a background option 2015-03-10 15:57:46 -07:00
William A. Kennington III
e519414e1f nixos/lightdm: Fix data directory 2015-03-10 14:55:54 -07:00
William A. Kennington III
3a67a51689 nixos/lightdm: Small cleanup 2015-03-10 14:35:49 -07:00
William A. Kennington III
ffed8a85bc nixos/sddm: Hide users which don't have login shells 2015-03-10 14:32:53 -07:00
William A. Kennington III
5893d2ecd3 nixos/lightdm: More Cleanups 2015-03-10 14:23:43 -07:00
William A. Kennington III
7b6e2e1c68 lightdm: Fix rendering 2015-03-10 14:03:18 -07:00
lethalman
27f3f254d3 Merge pull request #6540 from k0ral/transmission
Simplify (and fix) settings for transmission module
2015-03-10 13:26:03 +01:00
lethalman
70527b87a1 Merge pull request #6440 from k0ral/fcgiwrap
Updated fcgiwrap's systemd unit to match upstream version.
2015-03-10 13:18:46 +01:00
Joachim Fasting
1bdd12ed69 nixos: refactor tarsnap backup service module
Major changes
- Port to systemd timers: for each archive configuration is created a
  tarsnap@archive-name.timer which triggers the instanced service unit
- Rename the `config` option to `archives`

Minor/superficial improvements
- Restrict tarsnap service capabilities
- Use dirOf builtin
- Set executable bit for owner of tarsnap cache directory
- Set IOSchedulingClass to idle
- Humanize numbers when printing stats
- Rewrite most option descriptions
- Simplify assertion
2015-03-10 12:35:58 +01:00
William A. Kennington III
4940e643cc nixos/display-manager: Support configurable hidden users 2015-03-09 18:10:31 -07:00
William A. Kennington III
66bfdf6eb0 nixos/lightdm: We now use a global lightdm.conf 2015-03-09 17:59:21 -07:00
Eelco Dolstra
475df1a350 switch-to-configuration: Don't print already active target units
Since we restart all active target units (of which there are many),
it's hard to see the units that actually matter. So don't print that
we're starting target units that are already active.
2015-03-09 16:51:06 +01:00
Eelco Dolstra
a574065a81 nixos-rebuild: Add ‘dry-activate’ command
‘nixos-rebuild dry-activate’ builds the new configuration and then
prints what systemd services would be stopped, restarted etc. if the
configuration were actually activated. This could be extended later to
show other activation actions (like uids being deleted).

To prevent confusion, ‘nixos-rebuild dry-run’ has been renamed to
‘nixos-rebuild dry-build’.
2015-03-09 16:50:59 +01:00
Eelco Dolstra
8cb3e3b864 httpd: Disable insecure protocols/ciphers by default
This makes us resistant to FREAK and similar attacks.
2015-03-09 14:18:12 +01:00
Eelco Dolstra
d31202fba2 sshd: Enable seccomp sandboxing 2015-03-09 11:27:19 +01:00
lethalman
9867f4bdef Merge pull request #6720 from nslqqq/nmhooks
New NetworkManager Dispatcher scripts options
2015-03-09 10:36:10 +01:00
Anders Papitto
887a547ac9 Add x11 service for unclutter
modeled after the redshift service
2015-03-08 20:12:18 -07:00
William A. Kennington III
5b059416b8 Merge pull request #6699 from hakuch/fix_samba
Samba: Fixed "syncPasswordsByPam".
2015-03-08 16:09:29 -07:00
obadz
e5d4624420 PAM/eCryptfs now able to mount ecryptfs'd home directories on login 2015-03-08 16:03:51 -07:00
Nikita Mikhailov
579159c72b Add dispatcher configuration options to NetworkManager module 2015-03-08 20:24:53 +01:00
Unai Zalakain
581a90bad8 Optional user and group to run the MPD 2015-03-08 10:18:40 +00:00
Jesse Haber-Kucharsky
5a1950d985 Samba: Fixed "syncPasswordsByPam". 2015-03-07 17:56:46 +00:00
Nikolay Amiantov
b802018482 stage-1: fix hibernation (close #6675)
Fixes #6617.
2015-03-07 13:00:08 +01:00
Arseniy Seroka
30e6f1b4ea slurm: impl basic configuration 2015-03-07 00:26:57 +03:00
Arseniy Seroka
0b1cc3cd51 slurm: impl simple service 2015-03-07 00:26:57 +03:00
Arseniy Seroka
69e59e9962 munge: add service 2015-03-07 00:26:52 +03:00
Eelco Dolstra
3b9b620656 Revert "linux: disable UEVENT_HELPER*"
This reverts commit 9f87f3ccb0 because
it causes /proc/sys/kernel/hotplug to not be cleared on Linux <= 3.14.
2015-03-06 15:59:06 +01:00
Nikolay Amiantov
4fde098eec Merge pull request #6677 from abbradar/sddm
Add SDDM display manager
2015-03-05 21:03:43 +03:00
Nikolay Amiantov
4f317767da lightdm: don't leave a shell running 2015-03-05 20:49:45 +03:00
Nikolay Amiantov
264c6892f2 nixos/uim: capitalize description 2015-03-05 20:49:45 +03:00
Nikolay Amiantov
db5b08cfaf nixos/sddm: add display manager 2015-03-05 20:49:26 +03:00
Eelco Dolstra
9bb586943a Deal with virtualisation.xen.stored in a more standard way 2015-03-05 12:46:50 +01:00
Luca Bruno
b93e8bab3a nixos/xen: do not use derivation in the default values
The xen package is broken on i686, so this would break the generation
of the nixos manual.
2015-03-04 12:05:58 +01:00
Eelco Dolstra
1002fb6433 Add "input" group
This is required by systemd >= 215.
2015-03-03 20:27:09 +01:00
Eelco Dolstra
8546ec7c74 Fix some uid/gid clashes 2015-03-03 20:26:36 +01:00
Eelco Dolstra
a4e0278fcd Create /dev/nvidia-uvm for CUDA support 2015-03-03 20:24:14 +01:00
Arseniy Seroka
7ce77b5752 slurm: add pkg 2015-03-02 22:10:58 +03:00
lethalman
c97d7819ab Merge pull request #6624 from joachifm/grsec-lock
nixos: grsec-lock service fixes
2015-03-02 18:49:39 +01:00
Joachim Fasting
18320d3b21 nixos: fix grsec-lock requires 2015-03-02 18:39:04 +01:00
Joachim Fasting
ccd6f5a313 nixos: make the grsec-lock unit depend on the path it writes to
The grsec-lock unit fails unless /proc/sys/kernel/grsecurity/grsec_lock
exists and so prevents switching into a new configuration after enabling
grsecurity.sysctl.
2015-03-02 18:39:01 +01:00
lethalman
373c4ce0ec Merge pull request #6605 from AndersonTorres/afterstep
Adding Afterstep to nixos window manager modules
2015-03-02 18:00:28 +01:00
Tobias Geerinckx-Rice
9f87f3ccb0 linux: disable UEVENT_HELPER*
Deprecated since 2006: http://lwn.net/Articles/166954/
2015-03-01 03:31:59 +01:00
Eelco Dolstra
307064ceb5 Don't use machinectl to shut down containers
If the host is shutting down, machinectl may fail because it's
bus-activated and D-Bus will be shutting down. So just send a signal
to the leader process directly.

Fixes #6212.
2015-02-28 19:23:00 +01:00
AndersonTorres
929485b645 Adding Afterstep to nixos modules 2015-02-28 11:14:33 -03:00
AndersonTorres
5472af91f2 Fluxbox: update to 1.3.7 2015-02-28 11:04:20 -03:00
Jaka Hudoklin
6dc0938a3e Merge pull request #6591 from lseppala/master
Fix rebooting containers where resolv.conf is a symlink
2015-02-28 12:19:01 +01:00
Joachim Fasting
0473b4ae8d nixos: citerefentry markup in lxc option descriptions 2015-02-28 09:21:48 +01:00
Joachim Fasting
d375550ead nixos: add a few missing type specifiers under boot.* 2015-02-28 09:19:23 +01:00
Lane Seppala
4106a3b74e Fix rebooting containers where resolv.conf is a symlink 2015-02-27 10:27:18 -07:00
Eelco Dolstra
22d2fc3657 Fix "systemctl reload container@"
Fixes #5179.
2015-02-27 14:32:54 +01:00
Rob Vermaas
24e0565407 Only start fetch-keys for GCE image after ip-up. 2015-02-27 10:48:15 +00:00
koral
c1cefa1a58 Simplify (and fix) settings for transmission module. 2015-02-26 22:21:27 +00:00
Rob Vermaas
e4928b8955 GCE image: Pass header to metadata service calls. 2015-02-26 19:20:43 +00:00
Sander van der Burg
7b27af61fb Add NixOS global binaries to the PATH 2015-02-26 17:29:49 +00:00
Eelco Dolstra
6177710ac7 Merge pull request #6046 from ts468/xen
Update: Xen 4.5 + NixOS Xen modules
2015-02-26 10:15:05 +01:00
lethalman
b6672f232a Merge pull request #6283 from mdorman/master
Fix initial-install issues with couchdb.nix.
2015-02-26 10:11:18 +01:00
lethalman
d791335ac2 Merge pull request #6518 from ehmry/u9fs
U9fs
2015-02-26 09:41:18 +01:00
William A. Kennington III
9ce0c1cb71 nixos/consul: Fix timeout bugs and json formatting 2015-02-25 15:42:43 -08:00
Thomas Strobel
3d4fbb874c Update: add new Xen versions + update NixOS Xen modules
Versions of XEN:
- Xen 4.5
- Xen 4.5 + XenServer patches
- Xen 4.4.1
2015-02-25 23:30:44 +01:00
William A. Kennington III
f27fa79aa9 nixos/dnsmasq: Fix service name typo 2015-02-25 09:22:16 -08:00
Eelco Dolstra
36d0f367de ssh-agent: Fix asking for confirmation via $SSH_ASKPASS
This was lost back in
ffedee6ed5. Getting this to work is
slightly tricky because ssh-agent runs as a user unit, and so doesn't
know the user's $DISPLAY.
2015-02-25 14:31:17 +01:00
Eelco Dolstra
93902ea108 nsswitch.conf: Omit ldap unless ldap is enabled
This prevents programs from trying to find nss_ldap.
2015-02-25 14:31:13 +01:00
William A. Kennington III
e453f99446 nixos/networkd: Add an assertion for unsupported rstp 2015-02-24 13:09:34 -08:00
Lluís Batlle i Rossell
b26e939111 fix pam (OATH related)
the pam config was wrong.

Issue #6551
2015-02-24 17:52:41 +01:00
Eelco Dolstra
16cf3ee9da Ensure that the home directory exists even if the user already exists 2015-02-24 11:57:38 +01:00
Eduard Bachmakov
4bf66ba89c ddclient module: fix module
* rewrite to systemd.services
* disable forking to give systemd better control
* verifiably run as ddclient user
* expose ssl option
* unset default value for dyndns server
* rename option "web" to "use" to be consistent with ddclient docs
* add descriptions
* add types to options
* clean up formatting
2015-02-23 22:37:20 -05:00
Jaka Hudoklin
1cddb5be20 mongodb: remove lock file on restart 2015-02-23 20:40:13 +01:00
Eelco Dolstra
b70bd0879b sshd: Generate a ed25519 host key 2015-02-23 17:00:07 +01:00
Emery Hemingway
446580f3cd nixos: u9fs service module 2015-02-22 12:16:58 -05:00
Bjørn Forsman
d5017499a2 nixos/redis: capitalize service description 2015-02-22 16:54:14 +01:00
Bjørn Forsman
25a6745310 nixos/fail2ban: capitalize service description 2015-02-22 16:54:14 +01:00
Lluís Batlle i Rossell
4e99901961 nixos: Adding OATH in pam.
(cherry picked from commit cb3cba54a1b87c376d0801238cb827eadb18e39e)

Conflicts:
	nixos/modules/security/pam.nix
2015-02-22 15:25:38 +01:00
Bjørn Forsman
ffb4797dd3 nixos/haproxy: remove broken default 'config'
HAProxy fails to start with the default 'config'. Better disable it and
assert that the user provides a suitable 'config'. (AFAICS, there cannot
really be a default config file for HAProxy.)
2015-02-22 12:30:14 +01:00
Bjørn Forsman
419a4166a7 nixos/haproxy: small cleanup
* Add option types
* Rewrite option descriptions
* /var/run/haproxy.pid => /run/haproxy.pid (canonical location)
2015-02-22 12:29:34 +01:00
aszlig
030895f075
nixos/dhcpcd: Only run resume commands if enabled.
The networkd implementation sets systemd.services.dhcpcd.enable to
false in nixos/modules/tasks/network-interfaces-systemd.nix. So we need
to respect that in the dhcpcd module.

If we don't, the resumeCommand is set nevertheless, which causes the
post-resume.service to fail after resuming:

Failed to reload dhcpcd.service: Unit dhcpcd.service is masked.
post-resume.service: main process exited, code=exited, status=1/FAILURE
Failed to start Post-Resume Actions.
Dependency failed for Post-Resume Actions.
Unit post-resume.service entered failed state.
post-resume.service failed.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-02-22 08:09:04 +01:00
Thomas Tuegel
d15d0bebc3 kde5: remove file collisions 2015-02-21 20:58:43 -06:00
Thomas Tuegel
68f2db74ff kde5: always use plasma-nm 2015-02-21 13:59:28 -06:00
Thomas Tuegel
7eb8a9b41f kde5: install media-player-info udev rules for solid 2015-02-21 11:39:21 -06:00
Thomas Tuegel
532650e4bb kde5: change notice about default Phonon backend 2015-02-21 11:39:21 -06:00
Thomas Tuegel
e5de75bf2a kde5: install kde-frameworks version used by plasma 2015-02-21 11:39:21 -06:00
Thomas Tuegel
b050babd3e kde5: fix Phonon GStreamer backend 2015-02-21 11:39:20 -06:00
Thomas Tuegel
a79936561b environment: use Qt 5 Qml import paths 2015-02-21 11:39:20 -06:00
Vladimír Čunát
a3a467ce77 nixos/nvidia: use correct 32-bit legacy libs; refactor
Fixes #6127.
Now we avoid multiple switches among the version possibilities.
2015-02-21 16:34:24 +01:00
Bjørn Forsman
97875ac175 bridge-utils: align attrname with pkgname 2015-02-20 22:30:51 +01:00
Thomas Strobel
c62e42e9c5 Enhance stage-1/2 scripts for better dealing with squashfs 2015-02-20 17:42:22 +01:00
Peter Simons
263a49be20 Merge pull request #5704 from eduarrrd/nixos-version
Add option to display git revision to nixos-version
2015-02-20 16:35:56 +01:00
Shea Levy
2fe3a3c203 Merge branch 'grub' of git://github.com/ts468/nixpkgs
Fix grubTarget on nodev installs
2015-02-20 07:47:06 -05:00
tv
86cb16965a exim: add version 4.85 incl. nixos module 2015-02-20 10:49:15 +01:00
Shea Levy
3e44f99055 Fix grub 1 install 2015-02-19 19:33:17 -05:00
Eelco Dolstra
5762f8f95c Add options to support signed binary caches
Typical use:

    nix.requireSignedBinaryCaches = true;
    nix.binaryCachePublicKeys = [ "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" ];

(The public key of cache.nixos.org is included by default.)

Note that this requires Nix 1.9 and that most of cache.nixos.org
hasn't been signed yet.
2015-02-19 14:22:43 +01:00
Jaka Hudoklin
ebfadc2fc9 Merge pull request #6452 from rushmorem/update-chronos-port
Update chronos default port
2015-02-19 14:13:00 +01:00
rushmorem
74b40e9a43 Add marathon mesos framework 2015-02-19 13:30:00 +02:00
rushmorem
a661802d29 Update chronos default port
Update chronos default port to match the one documented on
their website (http://airbnb.github.io/chronos). The one in
their repo (the current one) clashes with the marathon documented
one.
2015-02-19 12:31:12 +02:00
koral
d9078d03a3 Updated fcgiwrap's systemd unit to match upstream version. 2015-02-18 21:19:12 +00:00
Eelco Dolstra
4ac280ec49 Blacklist the nouveau driver on EC2 2015-02-18 13:04:10 +01:00
Sou Bunnbu
f8dbd6f9ae Merge pull request #6427 from grwlf/vsftpd-port
vsftpd.nix: add 'portPromiscuous' option
2015-02-18 19:18:34 +08:00
Sergey Mironov
ac65a757f0 vsftpd.nix: add 'portPromiscuous' option 2015-02-18 11:51:43 +03:00
Mathijs Kwik
2fe44b95d0 nixos/wpa_supplicant: fix conflicting documentation
fixes #6298
2015-02-17 22:16:20 +01:00
James Cook
6daf9aa922 Merge pull request #5995 from ts468/qemu-vm
Update QEMU Nixos Virtual Machine
2015-02-16 13:13:26 -08:00
Thomas Strobel
c61ff9b51e Fix grubTarget on nodev installs 2015-02-16 20:19:44 +01:00