Commit graph

7828 commits

Author SHA1 Message Date
Renaud
1503409aac
Merge pull request #30943 from csingley/nzbget
nzbget.service override nzbget.conf broken paths with current derivation
2017-11-11 22:04:29 +01:00
Orivej Desh
2dd9588834
Merge pull request #31071 from yegortimoshenko/nixos-install/mkdir-or-chmod
nixos-prepare-root: chmod if dir already exists, fixes #22413
2017-11-11 01:04:14 +00:00
Orivej Desh
30cbba9061
Merge pull request #31390 from Ma27/fix-buildphase-expressions
treewide: get rid of invalid `buildPhases` argument
2017-11-11 00:04:37 +00:00
Benjamin Staffin
64a9f5f0eb
fonts: fix fontconfig.localConf when used with penultimate
Fixes #31500
2017-11-10 16:57:45 -05:00
Jörg Thalheim
b72e2ecfe4
Merge pull request #31476 from florianjacob/network-interfaces-assertion-messages
nixos/network-interfaces: Add " around network interface names
2017-11-10 11:12:49 +00:00
Andreas Rammhold
5feed06535
babeld module: updated example config
Previosuly the example config did feature the deprecated `wired`
paramter. Wired can now be configured using the `type` parameter.
2017-11-10 11:54:21 +01:00
Andreas Rammhold
5d9073747a
babeld module: support non-boolean default arguments
Previosuly only boolean values would be rendered properly. All other
values would cause an error. Even the example configuration did fail.
2017-11-10 11:54:15 +01:00
Andreas Rammhold
236a7c5452
babeld module: separate default options by space
In the previous version multiple default values would generate an
invalid babeld config file since all options would be concatenated
without any separator.
2017-11-10 11:54:08 +01:00
aszlig
0e790b9f66
nixos/atlassian: Fix eval error in jrePackage
The error got introduced by 4f3d971ef5,
which removed the *Text attributes from the option.

This in turn leads to an evaluation error while building the
manual/manpage, because oraclejre8 is marked unfree.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @jbgi, @orivej, @globin
2017-11-09 20:31:41 +01:00
Florian Jacob
fe3751df8a nixos/network-interfaces: Add " around network interface names
in assertion messages to avoid misinterpretations when the interface name contains a dot.
2017-11-09 20:27:33 +01:00
Eelco Dolstra
54da9cc944
Amazon image: Add NVMe support to the initrd
This is required by the new c5.* instance types.

Note that this changes disk names from /dev/xvd* to
/dev/nvme0n*. Amazon Linux has a udev rule that calls a Python script
named "ec2nvme-nsid" to create compatibility symlinks. We could use
that, but it would mean adding Python to the AMI closure...
2017-11-09 17:53:26 +01:00
Jean-Baptiste Giraudeau
4f3d971ef5 Atlassian apps: remove misleading JRE switch logic
Only the Oracle JRE is supported by Atlassian appsAtlassian apps
 (see https://jira.atlassian.com/browse/JRASERVER-46152)
 Plus Atlassian apps are non free so the switch logic always chose
 Oracle JRE anyway.
 Option is kept in case someone want to patch apps to support openjdk.
2017-11-09 12:56:11 +01:00
Jean-Baptiste Giraudeau
3c06d9f0b0 Fix atlassian services (optional attr. and systemd)
- Properly handle optional configuration.
 - Use ExecStart/ExecStop instead of script/stopScript.
2017-11-09 12:56:11 +01:00
Maximilian Bosch
161e80e3fd
treewide: get rid of invalid buildPhases argument
I don't know where this comes from (I accidentally did that as well
once), but some derivations seem to use `buildPhases` rather than
`phases` in their derivations.

This kills all improper usages as the lack of a `phases` argument
didn't break the build, so this can be safely removed.
2017-11-08 21:38:06 +01:00
Jörg Thalheim
8d145da64a
Merge pull request #30127 from florianjacob/limit_interface_name_length
nixos/network-interfaces: assertion for too long interface names
2017-11-08 20:35:08 +00:00
Jörg Thalheim
999bcd098d
Merge pull request #31296 from ryantm/mattermost43
mattermost, nixos/mattermost: update to 4.3.0
2017-11-08 17:45:42 +00:00
Joerg Thalheim
00344162a7 Revert "nixos/test-instrumentation: softcode DISPLAY"
This reverts commit 4531ec5955.

This broke waitForX: b11ac5d29d (commitcomment-25486347)

cc @Lassulus
2017-11-08 17:04:39 +00:00
Jörg Thalheim
b11ac5d29d
Merge pull request #31198 from Lassulus/test-display
nixos/test-instrumentation: take DISPLAY from system-config
2017-11-08 14:44:16 +00:00
Renaud
792dc7a859
Merge pull request #31252 from shaunren/compton
compton: change extraOptions type to types.lines
2017-11-07 23:10:41 +01:00
lassulus
4531ec5955 nixos/test-instrumentation: softcode DISPLAY 2017-11-07 23:01:59 +01:00
gnidorah
d0bcade807 sway module: passthrough sway binary when needed 2017-11-07 22:02:22 +03:00
Maximilian Bosch
410f0f0db2
services.xserver: fix apply of default DM/WM
This is needed to pick the first enabled DM/WM
if the default is `none`
2017-11-07 12:18:24 +01:00
Jörg Thalheim
ea78f0f06c lxcfs: remove cgmanager dependency 2017-11-07 11:04:12 +00:00
Raphael Das Gupta
27c8fd24e5 nixos/mysql: fix typo in description of mysql.bind option 2017-11-07 11:09:40 +01:00
Vaibhav Sagar
eece8755d1 ihaskell: re-enable 2017-11-06 09:58:28 +01:00
Orivej Desh
4435bb8ba8
Merge pull request #30665 from michaelpj/imp/plymouth-themes
plymouth: fix breeze-plymouth (and other themes)
2017-11-06 06:18:38 +00:00
Orivej Desh
30bd994724
Merge pull request #31161 from nocent/master
networkmanager: add power saving and mac address randomization options for wifi devices
2017-11-06 06:17:16 +00:00
Orivej Desh
9431da5396
Merge pull request #30966 from csingley/plexpy
Add plexpy user id
2017-11-06 06:16:00 +00:00
Christopher Singley
1a38312dae plexpy: add user id 2017-11-06 06:15:28 +00:00
Ryan Mulligan
e8c8370425 nixos/mattermost: fix for webapp being renamed to client 2017-11-05 13:53:50 -08:00
Markus Mueller
4874862732
babeld module: init 2017-11-05 21:15:23 +01:00
Michal Rus
55344df089
users-groups module: use buildEnv in per-user profiles
Resolves #31253
2017-11-05 17:56:31 +01:00
Franz Pletz
711303952e
wireguard module: add device name environment var
This makes the interface name available as an environment variable for
the pre/post hooks.
2017-11-05 16:42:25 +01:00
Shaun Ren
eca212741e compton: change extraOptions type to types.lines 2017-11-05 20:23:44 +09:00
Frederik Rietdijk
dd851a8d75
Merge pull request #31254 from LumiGuide/graphite-python-overrides
graphite: override django and django_tagging
2017-11-05 09:40:59 +01:00
Maximilian Bosch
5b70c1855b
Revert "Revert "services.xserver: assert that either desktop- or window manager is not "none"""
This reverts commit e64dc25434.
2017-11-05 07:32:56 +01:00
Herwig Hochleitner
e64dc25434 Revert "services.xserver: assert that either desktop- or window manager is not "none""
This reverts commit 93c54acf97.
This reopens #30517 @nbp @Ma27

Breaking people's config for this is hardly reasonable as is. If it
absolutely cannot be avoided, at the very least, we need to provide
clear instructions on what people need to upgrade in their config. I
actually had to bisect to the commit, to even find out what property I
should change or define, as the error message was useless. It didn't
even mention a property name.

Discussion on the PR seems to be ongoing, so I'm reverting this, so we
don't break people's systems on unstable.
2017-11-05 01:51:13 +01:00
Guillaume Maudoux
7325ad9ab7 graphite: override django and django_tagging
instead of depending on specific versions in the django_tagging_0_4_3
and graphite_web derivations.

This should fix: https://github.com/NixOS/nixpkgs/pull/30277#discussion_r145393088

This was joint work of @basvandijk and @layus at NixCon 2017.
2017-11-04 17:53:35 +01:00
Yegor Timoshenko
2c9e195eed nixos-prepare-root: chmod if dir already exists 2017-11-04 15:07:36 +00:00
Maximilian Bosch
93c54acf97 services.xserver: assert that either desktop- or window manager is not "none"
resolves #11064
2017-11-04 15:30:20 +01:00
Frederik Rietdijk
ae23084237
Merge pull request #30107 from danbst/patch-13
declarative containers: improve example config
2017-11-04 09:59:09 +01:00
Tim Steinbach
5925aebc03
Merge pull request #31201 from gnidorah/sway
sway module: setcap binary, not wrapper
2017-11-03 17:34:58 -04:00
Benjamin Staffin
600f393bc7
keybase service: Turn off debug logging
Keybase is _extremely_ verbose with its debug output when run with -d.
2017-11-03 14:45:08 -04:00
gnidorah
194d7852f7 sway module: setcap binary, not wrapper 2017-11-03 21:00:46 +03:00
Daiderd Jordan
9a1534496a
Merge pull request #31149 from LumiGuide/pgmanage-10.0.2
postage: replaced by pgmanage-10.0.2
2017-11-03 12:32:29 +01:00
Joerg Thalheim
2e6daff704 nixos/unbound: correct indented interface/access lists 2017-11-03 08:37:02 +00:00
Bas van Dijk
c894327215 postage: replaced by pgmanage-10.0.2
postage is no longer maintained and has been replaced by the identical pgmanage. See:

https://github.com/workflowproducts/postage#postage-has-been-replaced-with-pgmanage

The following error is raised when a user enables the deprecated `services.postage.enable` option:

Failed assertions:
- services.postage is deprecated in favor of pgmanage. They have the same options so just substitute postage for pgmanage.
2017-11-03 00:14:00 +01:00
nocent
af13b05dda networkmanager: add power saving and mac address randomization options for wifi devices 2017-11-02 21:57:25 +00:00
Andrew Dunham
7f921735e7
strongswan: allow configuring enabled plugins 2017-11-02 14:39:14 +01:00
José Romildo Malaquias
62204a59c7
Merge branch 'master' into upd.lxqt 2017-11-02 10:27:39 -02:00
zimbatm
c34c737172
Merge pull request #31100 from zimbatm/hashcat4
Hashcat4
2017-11-02 11:23:07 +00:00
Pierre-Etienne Meunier
538acd9060 ACME module: add server option (#31122) 2017-11-02 11:10:47 +01:00
José Romildo Malaquias
c07835a11b
Merge branch 'master' into upd.lxqt 2017-11-02 00:29:12 -02:00
José Romildo Malaquias
b6d27b7271 lxqt: remove lxqt-common 2017-11-02 00:14:46 -02:00
Richard Marko
4e26054ff5 pam, lxcfs: enable pam_cgfs
Related to #30023
2017-11-02 02:52:08 +01:00
Richard Marko
0810111ced lxcfs: don't enable cgmanager
Related to #30023
2017-11-02 02:52:07 +01:00
Sarah Brofeldt
2ddcdcce26 nixos/postfix: support alternate smtp ports when relaying (#30685)
* postfix: support alternate smtp ports when relaying

* fix missing ; after merge
2017-11-01 19:06:27 +01:00
zimbatm
309373ea68 intel-ocl: r4.0-59481 -> 5.0-63503 2017-11-01 17:59:49 +00:00
Satoshi Shishiku
c75528bd56 prosody service: add extra SSL options 2017-11-01 13:38:01 +01:00
Satoshi Shishiku
57f3dd5a2f prosody service: add restart trigger 2017-11-01 13:38:01 +01:00
Satoshi Shishiku
2e55e164eb prosody service: forking 2017-11-01 13:37:58 +01:00
Satoshi Shishiku
1e45a6459e prosody service: add types 2017-11-01 13:37:57 +01:00
Danylo Hlynskyi
398705ba86
containers: autoStart doc typo 2017-11-01 10:25:26 +02:00
Orivej Desh
efea96ddca
Merge pull request #31007 from yegortimoshenko/nixos-generate-config/umask
nixos-generate-config: enforce umask 0022, fixes #30954
2017-11-01 01:58:34 +00:00
Sander van der Burg
6d1317ab31
Merge pull request #31058 from rnhmjoj/dnschain
DNSChain: move expression to new nodePackages
2017-10-31 23:44:02 +01:00
Bas van Dijk
cb4b9b1cc1 owncloud: fix some but not all errors
* Don't set timezone when it's null

* Don't create the postgres role because the postgresqsl service
  already does that.

* Fix documentation

* Add a test suite
2017-10-31 23:03:33 +01:00
Graham Christensen
2d583f7275
Merge pull request #31039 from LumiGuide/fix-graphite-api
graphite: fix the graphiteApi service
2017-10-31 17:53:02 -04:00
Graham Christensen
e5a44f3034
Merge pull request #31044 from LumiGuide/fix-apache-httpd
apache-httpd: fix nix evaluation error
2017-10-31 17:50:57 -04:00
Graham Christensen
486c125dc3
Merge pull request #31050 from pbogdan/wordpress-disable-autoupdates
apache-httpd/wordpress: disable built-in WordPress autoupdater
2017-10-31 17:50:02 -04:00
rnhmjoj
ea8714ecb1
nixos/dnschain: use nodePackages.dnschain 2017-10-31 22:03:38 +01:00
mingchuan
e0318379ae nixos/ssh: fix example 2017-11-01 02:54:38 +08:00
Piotr Bogdan
3165c56db9 apache-httpd/wordpress: disable built-in WordPress autoupdater 2017-10-31 17:37:11 +00:00
Bas van Dijk
527781ebc4 apache-httpd: fix nix evaluation error
This only sets the timezone when it's not null to prevent:

  error: cannot coerce null to a string, at
  nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix:676:7
2017-10-31 17:33:54 +01:00
Bas van Dijk
04b2460eb6 graphite: fix the graphiteApi service 2017-10-31 15:49:59 +01:00
Yegor Timoshenko
f2621d4ba8 nixos-generate-config: enforce umask 0022, fixes #30954 2017-10-30 21:59:37 +00:00
lassulus
440178d729 gdm: don't start getty@tty1 if enabled 2017-10-30 21:43:10 +01:00
Bas van Dijk
07e0c0e0a2 network-interfaces-scripted: fix NixOS/nixops#640
Reverse the PartOf dependency between network-setup and network-addresses-*

This was joint work of: @nh2, @domenkozar, @fpletz, @aszlig and @basvandijk
at the NixCon 2017 hackathon.
2017-10-30 20:45:32 +01:00
Chris Martin
0581038e8e nixos/acme: remove doc note about restarting nginx
Discussion from #30945 indicates that it is no longer true that you have
to restart nginx.
2017-10-30 13:51:35 -04:00
Márton Boros
c556c72a2e nixos/gitlab: fix secret generation
This line previously produced an error and an empty secret file.
2017-10-30 12:49:27 +01:00
Márton Boros
00c03e9003 nixos/gitlab: fix preStart script 2017-10-30 12:49:27 +01:00
Márton Boros
29e80bde40 nixos/gitlab: fix hard-coded database name 2017-10-30 12:49:27 +01:00
Christopher Singley
b2c2944998 nzbget.service override nzbget.conf broken paths with current derivation 2017-10-29 19:37:56 -05:00
Christopher Singley
95dc36235c PlexPy service 2017-10-29 19:29:25 -05:00
Jonas Schwabe
4a180dac60 gdm: fix restart of display-manager after nixos-rebuild
- fix restart of display-manager due to a conflict with getty@tty1
- fixes #21439
2017-10-28 15:52:03 +02:00
Joachim F
9ab20a4a04
Merge pull request #30787 from lheckemann/nixos-help-doc
Document nixos-help more obviously
2017-10-28 10:41:59 +00:00
zimbatm
74a2d53e0d buildkite-agent service: add bash to the runtimePackages
bash is necessary for nix-shell to work properly
2017-10-26 17:44:44 +01:00
symphorien
6dfbef0ae2 nixos/crashdump: fix evaluation. (#30415)
The module would fail to evaluate:
```The option value `boot.crashDump.kernelPackages' in ... is not a package.```

Removed the option boot.crashDump.kernelPackage in favor of using
boot.kernelPatches which automatically chooses the same kernel version
as boot.kernelPackage instead of overriding it.

Added option boot.crashDump.reservedMemory to customized crash kernel
memory.

Changed the default of boot.crashDump.kernelParams as the current one
seemed to have no effect.
2017-10-25 20:00:52 +00:00
Tuomas Tynkkynen
0676d69172 sd-image-*: Include profiles/base.nix
This brings useful goodies like lspci and lsusb that were missing
previously.
2017-10-25 22:56:20 +03:00
Tuomas Tynkkynen
21f4a5f1b1 sd-image-aarch64.nix: Document serial ports used
Also drop boot.consoleLogLevel which already comes from
installation-device.nix
2017-10-25 22:56:20 +03:00
Tuomas Tynkkynen
a3b11bd056 sd-image-armv7l-multiplatform.nix: Document serial consoles used 2017-10-25 22:56:20 +03:00
gnidorah
130c61f8f2 sway module: better defaults 2017-10-25 20:53:44 +01:00
Jörg Thalheim
cb217f87a0 Merge pull request #30800 from gnidorah/sway
sway module: make it useful to end user
2017-10-25 20:20:50 +01:00
gnidorah
e18afa63b7 sway module: more options 2017-10-25 21:52:02 +03:00
Franz Pletz
a26b6c4290
prometheus-node-exporter service: delete dead code 2017-10-25 20:18:33 +02:00
Franz Pletz
ce301ef21a
prometheus-node-exporter service: add disabledCollectors option 2017-10-25 20:10:20 +02:00
Drew Hess
ad933bb096 postfix: add relayPort option. (#30520) 2017-10-25 19:11:55 +02:00
Franz Pletz
63bbada520
prometheus-node-exporter service: run as nobody again
Using DynamicUser breaks the systemd and logind collectors.

cc #30535
2017-10-25 17:49:40 +02:00
Eelco Dolstra
8f349a3bf3
Add function closureInfo to replace pathsFromGraph
Unlike pathsFromGraph, on Nix 1.12, this function produces a
registration file containing correct NAR hash/size information.

https://hydra.nixos.org/build/62832723
2017-10-25 15:38:14 +02:00
Linus Heckemann
b2c5075e8a nixos-manual service: show nixos-help option
Part of improving accessibility (#30760). Makes the manual easier to
access e.g. on serial consoles.
2017-10-25 10:16:15 +01:00
Franz Pletz
666d9c09c1 Merge pull request #30339 from pvgoran/fileSystems-silentFormatOptions
filesystems: use non-interactive formatOptions by default
2017-10-25 10:46:46 +02:00
Franz Pletz
f561dab0ad Merge pull request #30774 from plutotulp/plymouth-defaults
plymouth service: fix symlink to defaults
2017-10-25 10:06:17 +02:00
Franz Pletz
fd9ae9226d Merge pull request #30319 from peterhoeg/f/dnsmasq
dnsmasq nixos: make sure it always runs
2017-10-25 04:07:27 +02:00
Rickard Nilsson
2fd11b762f nixos/elasticsearch: Do not try to run sysctl if running in container, since it fails 2017-10-24 22:31:06 +02:00
Erlend Pedersen
3f013b806b plymouth service: fix symlink to defaults
Symlink for plymouthd.defaults was pointing to nonexisting target
because of a spelling error.
2017-10-24 20:10:13 +02:00
Franz Pletz
de917326a9
atlassian-crowd service: run crowd in foreground 2017-10-24 14:21:05 +02:00
Ryan Hendrickson
c522aaafde nixos/postfix: allow dollar parameters in lists (#30612) 2017-10-23 17:57:20 +02:00
joachim schiele
61089ddcee opendkim: automated key generation (no manual changes for service initialization required anymore) 2017-10-23 15:53:55 +02:00
Jan Tojnar
3c48a1e06d nixos/services.nginx: Fix globalRedirect example
Virtual host globalRedirect attribute accepts a hostname not a URL

09a9a472ee/nixos/modules/services/web-servers/nginx/default.nix (L167)
2017-10-22 15:38:08 +02:00
Martin Potier
ff562459cc nixos/libreswan: add missing runtime dependencies 2017-10-22 15:36:26 +02:00
Márton Boros
a89b28f8b7 nixos/gitlab: fix startup script
The preStart script used a hardcoded "git" user instead of the cfg value.
2017-10-22 15:23:25 +02:00
Pascal Bach
0f0f0cbc6f prometheus-node-exporter service: update for new arguments handling
The behaviour have changed again. Listed collectors are now enabled in
addition to the default one.

Also run as DynmicUser instead of user nobody as the exporter doesn't need
any state.
2017-10-22 14:45:48 +02:00
Simon Lackerbauer
414720709b
gitlab-module: fix hooks links for older repositories 2017-10-22 14:28:56 +02:00
Michael Peyton Jones
0966f8282a plasma5: use mkDefault for a few options that users might want to set 2017-10-22 00:18:21 +02:00
Michael Peyton Jones
e6a199b95d plasma5: set default theme for plymouth 2017-10-21 22:45:48 +01:00
Michael Peyton Jones
2ac89a612c redshift: allow using geoclue2 loation provider 2017-10-21 22:34:14 +01:00
Michael Peyton Jones
d96b0ac7f7 geoclue2: fix typo 2017-10-21 22:34:14 +01:00
Michael Peyton Jones
18d286b6c9 plymouth: try to remove more references in themes 2017-10-21 22:29:45 +01:00
Florian Jacob
43f94ff5a9 nixos/munin: move munin-cron to systemd.tmpfiles
to match with munin-node.
2017-10-21 11:27:42 +01:00
Florian Jacob
3338985aab nixos/munin: Create MUNIN_PLUGSTATE dir to fix munin_stats plugin 2017-10-21 11:27:42 +01:00
zimbatm
96b339fbc9 buildkite-agent: 2.1.13 -> 2.6.6
Build the package from source

Re-organise the module a bit to allow custom version of the package
2017-10-21 11:23:30 +01:00
Danylo Hlynskyi
dab7ecc054 nixos-generate-config: lessen priority for cpuFreqGovernor (#30221)
In particular, it conflicts with `services.tlp.enable` option.

There exists workaround:
```
  powerManagement.cpuFreqGovernor = lib.mkForce null;
  services.tlp.enable = true;
```
But should it?
2017-10-20 19:59:31 +00:00
edef
ea35bc94bf nixos/ecryptfs: init
Currently, ecryptfs support is coupled to `security.pam.enableEcryptfs`, but one
might want to use ecryptfs without enabling the PAM functionality. This commit
splits it out into a `boot.supportedFilesystems` switch.
2017-10-20 17:42:04 +01:00
gnidorah
7867b50881 nixos/pam: add swaylock (#29919) 2017-10-20 16:30:28 +00:00
Joachim F
815bebf9e8 Merge pull request #30173 from dmjio/patch-1
oauth2_proxy: default address updated
2017-10-20 16:28:40 +00:00
Joachim F
6991438df9 Merge pull request #30486 from rnhmjoj/compton
nixos/compton: default to xrender backend
2017-10-20 15:49:40 +00:00
Thomas Tuegel
ae8d9cbf71 Merge pull request #30610 from ttuegel/plasma-wayland
Plasma: Experimental Wayland support
2017-10-20 09:47:14 -05:00
Thomas Tuegel
ebcccaf754
plasma-workspace: enable Wayland session support 2017-10-20 09:28:56 -05:00
Joachim F
3c62474d08 Merge pull request #30528 from disassembler/gitea
gitea: init at 1.2.1
2017-10-20 14:01:54 +00:00
Joachim F
5f1d6bc5c7 Merge pull request #30563 from michaelpj/imp/tzupdate
tzupdate: init at 1.2.0 (+ service)
2017-10-20 13:55:09 +00:00
James Earl Douglas
aae32e15af
nixos/jenkins: add an option for the package
This allows NixOS configuration to specify the desired Jenkins package.
2017-10-20 01:16:12 +02:00
Jörg Thalheim
e09f070951 Merge pull request #30493 from disassembler/sway
sway: 0.13.0 -> 0.14.0
2017-10-19 16:28:12 +01:00
Joerg Thalheim
f8085cb1dd nixos/sway: add module 2017-10-19 10:46:31 -04:00
Thomas Tuegel
dae260034c
nixos/sddm: delete QML cache
Prior to Qt 5.9.2, there is a QML cache invalidation bug which causes SDDM to
segfault when upgrading Plasma.

See also: https://bugreports.qt.io/browse/QTBUG-62302
2017-10-19 07:09:01 -05:00
Michael Peyton Jones
281bf1dded tzupdate service: init 2017-10-19 05:15:32 +01:00
Silvan Mosberger
2d019b3de3
usbmuxd service: user and group options 2017-10-18 22:21:29 +02:00
Samuel Leathers
66201d49bb gitea: add nixos service module 2017-10-18 12:50:36 -04:00
Peter Simons
757a759005 Merge pull request #30166 from LumiGuide/graphite-1.0.2
Fix graphite crash by upgrading from 0.9.15 -> 1.0.2
2017-10-18 12:58:55 +01:00
Silvan Mosberger
f3df7da4f9
usbmuxd service: init 2017-10-17 18:55:57 +02:00
Jörg Thalheim
9aa6337c3d Merge pull request #30467 from adisbladis/display-managers-session/sessionvars
display-managers: Import DBUS session bus address & Xauthority
2017-10-17 11:32:26 +01:00
Robert Helgesson
c4088dd0af
nixos/resolved: clean up option descriptions
Also change LLMNR RFC to the correct id 4795.
2017-10-17 10:11:19 +02:00
adisbladis
40f402cf65
display-managers: Import DBUS session bus address & Xauthority in systemd user session 2017-10-17 10:06:05 +08:00
Graham Christensen
ab8b14cf92 Merge pull request #30397 from grahamc/nix-help
nix-info: init
2017-10-16 21:37:00 -04:00
rnhmjoj
3918385f29
nixos/compton: use xrender by default 2017-10-17 00:50:34 +02:00
rnhmjoj
36bbc3cfda
nixos/compton: improve options type-checking 2017-10-17 00:50:34 +02:00
Jörg Thalheim
6838762997 Merge pull request #30477 from Lassulus/encrypted-devices
Encrypted devices: don't override crytpoModules, fix example
2017-10-16 19:00:41 +01:00
Bjørn Forsman
497108b456 nixos/atd: remove "batch" from setuid wrappers
"batch" is a shell script so invoking it via setuid wrapper never worked
anyway. (The kernel drops perms on executables with shebang.) A previous
nixpkgs commit made "batch" invoke the NixOS setuid "at" wrapper to gain
needed privileges.

Thanks to @yesbox for noticing.
2017-10-16 19:08:19 +02:00
lassulus
77be4d91f7 encrypted devices: provide working example 2017-10-16 17:46:46 +02:00
lassulus
f804a8ff98 encrypted devices: don't override default cryptoModules 2017-10-16 17:46:06 +02:00
Jason A. Donenfeld
f6d8a96993 nsswitch: use [NOTFOUND=return] for mdns
Commit 987aac7 and issue #18183 were intended to fix support for other
things, but in the process, changed mdns_minimal to use the wrong return
setting, resulting in permanent failures in early boot, affecting things
like issue #30459.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-16 15:11:58 +02:00
Markus Mueller
60b0db0e08
gitlab: link tmp/ directory to writable path 2017-10-16 14:58:02 +02:00
Markus Mueller
f250015ea3
nixos/gitlab: fix uploades directory permissions 2017-10-16 14:58:02 +02:00
Graham Christensen
b16f3b2131
nix-info: include in nixos' default system-path, nixpkgs's channel 2017-10-14 22:01:30 -04:00
Graham Christensen
55bc53d1dd Merge pull request #30258 from srhb/tz-nospace
nixos/config/timezone: Disallow spaces
2017-10-14 10:27:09 -04:00
Bjørn Forsman
0ff4bb5f87 nixos: run parted with --script option
-s, --script: never prompts for user intervention

Sometimes the NixOS installer tests fail when they invoke parted, e.g.
https://hydra.nixos.org/build/62513826/nixlog/1. But instead of exiting
right there, the tests hang until the Nix builder times out (and kills
the build). With this change the tests would instead fail immediately,
which is preferred.

While at it, use "parted --script" treewide, so nobody gets build
timeout due to parted error (or misuse). (Only nixos/ use it, and only
non-interactive.)

A few instances already use the short option "-s", convert them to long
option "--short".
2017-10-14 15:29:02 +02:00
Peter Hoeg
07bc859e9a Revert "ssh: deprecate use of old DSA keys"
This reverts commit 65b73d71cb.
2017-10-14 14:42:49 +08:00
Peter Hoeg
bdbba026f3 Revert "dnsmasq nixos: make sure it always runs"
This reverts commit 1917e69b54.
2017-10-14 14:42:49 +08:00
Peter Hoeg
e01bb0c0d0 Revert "smartd: set drive timeout"
This reverts commit 41306ca505.
2017-10-14 14:42:49 +08:00
Peter Hoeg
b366760cf5 Revert "hyperv-daemons: add nixos module"
This reverts commit 0944d44f1b.
2017-10-14 14:42:49 +08:00
Peter Hoeg
6fd4209594 Revert "networking: add option to toggle the wait-online service"
This reverts commit 8758f476b3.
2017-10-14 14:42:49 +08:00
Peter Hoeg
0f486c46b2 Revert "networkd: only wait for network to be online if configured to do so"
This reverts commit 8f21e089a8.
2017-10-14 14:42:49 +08:00
Peter Hoeg
2cd4ebfe93 Revert "display-manager: systemd-udev-settle serves no purpose"
This reverts commit 3571163858.
2017-10-14 14:42:49 +08:00
Peter Hoeg
3211098632 Revert "sshguard: make it run"
This reverts commit 69d8b81b4b.
2017-10-14 14:42:49 +08:00
Peter Hoeg
2b5aab4b0f Revert "sensu: nixos module"
This reverts commit 707c3ac435.
2017-10-14 14:42:49 +08:00
Peter Hoeg
279ca5738a Revert "nixos: kodi user"
This reverts commit 1faa5b6b36.
2017-10-14 14:42:49 +08:00
Peter Hoeg
8df1c9ac17 Revert "firewalld: init at 0.4.4.4"
This reverts commit 178a96f99b.
2017-10-14 14:42:48 +08:00
Peter Hoeg
ff3fd1027c Revert "networkmanager: dns and extraConfig"
This reverts commit 0dd25e585f.
2017-10-14 14:42:48 +08:00
Peter Hoeg
2c67873b7d Revert "include firmware with enableAllFirmware"
This reverts commit bd5fd61967.
2017-10-14 14:42:48 +08:00
Peter Hoeg
f359096210 Revert "sddm: silence error about missing wayland directory"
This reverts commit 46a92333e9.
2017-10-14 14:42:48 +08:00
Peter Hoeg
46a92333e9 sddm: silence error about missing wayland directory 2017-10-14 14:38:04 +08:00
Peter Hoeg
bd5fd61967 include firmware with enableAllFirmware 2017-10-14 14:38:04 +08:00
Peter Hoeg
0dd25e585f networkmanager: dns and extraConfig 2017-10-14 14:38:04 +08:00
Peter Hoeg
178a96f99b firewalld: init at 0.4.4.4
Includes systemd module.
2017-10-14 14:38:04 +08:00
Peter Hoeg
1faa5b6b36 nixos: kodi user 2017-10-14 14:38:04 +08:00
Peter Hoeg
707c3ac435 sensu: nixos module 2017-10-14 14:38:04 +08:00
Peter Hoeg
69d8b81b4b sshguard: make it run 2017-10-14 14:38:04 +08:00
Peter Hoeg
3571163858 display-manager: systemd-udev-settle serves no purpose 2017-10-14 14:38:04 +08:00
Peter Hoeg
8f21e089a8 networkd: only wait for network to be online if configured to do so 2017-10-14 14:38:04 +08:00
Peter Hoeg
8758f476b3 networking: add option to toggle the wait-online service 2017-10-14 14:38:04 +08:00
Peter Hoeg
0944d44f1b hyperv-daemons: add nixos module 2017-10-14 14:38:04 +08:00
Peter Hoeg
41306ca505 smartd: set drive timeout 2017-10-14 14:38:04 +08:00
Peter Hoeg
1917e69b54 dnsmasq nixos: make sure it always runs
By default we only restart if the dnsmasq daemon fails but we introduce an
option to always keep it running.
2017-10-14 14:38:04 +08:00
Peter Hoeg
65b73d71cb ssh: deprecate use of old DSA keys
They are not safe and shouldn't be used.
2017-10-14 14:38:04 +08:00
Jörg Thalheim
b90f50862f Merge pull request #30324 from florianjacob/firewall-clarify-logging
nixos/firewall: Rename misleading rejected to refused in logging
2017-10-13 20:25:21 +01:00
Dan Peebles
56e18c50cc Revert "Simple proof of concept for how to do other types of services"
This reverts commit 7c3253e519.

I included this in another push by accident and never intended for it to
be in mainline. See https://github.com/NixOS/nixpkgs/pull/26075 if you
want more.
2017-10-13 09:17:13 -04:00
Franz Pletz
5ec10da86b Merge pull request #30356 from bflyblue/plex-1.9.5
plex: 1.9.2 -> 1.9.5
2017-10-13 13:10:58 +02:00
Franz Pletz
c6218193dd Merge pull request #30364 from Ma27/compton/opacity-rules-support
services.compton: add `opacityRules` option
2017-10-13 13:09:53 +02:00
Yegor Timoshenko
22505d8df4 connman: do not restart after suspend 2017-10-13 13:05:02 +02:00
Matt McHenry
bbec429f7a djbdns: fix root server list at build time
as suggested by @peterhoeg in
1b7e5eaa79 (commitcomment-24560631)

fixes #30379
2017-10-13 10:29:12 +01:00
Profpatsch
2864bc8fd9 Revert "desktop-managers: do not leak feh to PATH" 2017-10-13 10:48:07 +02:00
Peter Hoeg
f7ba92bfa3 Merge pull request #30286 from yegortimoshenko/patch-2
desktop-managers: do not leak feh to PATH
2017-10-13 11:13:21 +08:00
Peter Hoeg
829730d38f nixos user: reserve kodi 2017-10-13 10:34:27 +08:00
Maximilian Bosch
4b50d543bd
services.compton: add opacityRules option 2017-10-12 21:14:01 +02:00
Shaun Sharples
caee93f3d4 Fix warning about unknown escape sequences
systemd warns about:

Ignoring unknown escape sequences: "/nix/store/8f0l1w9g7iv2gz63xzsxfl66ri1cfbkl-plex-1.9.5.4339/usr/lib/plexmediaserver/Plex\ Media\ Server

From a discussion on the forums it seems the 'sh -c' is not needed:

https://forums.plex.tv/discussion/216757/ubuntu-16-04-executable-path-contains-special-characters-error-with-systemd
2017-10-12 19:44:58 +02:00
Franz Pletz
e13d0c3435 Merge pull request #30172 from mayflower/cleanup/firmware-modules
nixos: clean up wifi firmware & default kernel modules
2017-10-12 16:32:01 +02:00
Patrick Chilton
e3675fedc7 mate-power-manager: init at 1.18.0 2017-10-12 08:22:21 +02:00
Peter Hoeg
0034f9e52c dnsmasq nixos: make sure it always runs
By default we only restart if the dnsmasq daemon fails but we introduce an
option to always keep it running.
2017-10-12 12:55:12 +08:00
Pavel Goran
e3f97e514d filesystems: use non-interactive formatOptions by default
When autoFormat is enabled, in order to successfully create a filesystem,
certain filesystems require specific options to be passed to mkfs to prevent
it from asking questions. This commit sets default formatOptions to "-q"
for "jfs" and "reiserfs" filesystems for this purpose.

Resolves #29140.
2017-10-12 09:53:43 +07:00
Peter Hoeg
c640e790d5 pykms: nixos module 2017-10-12 08:51:34 +08:00
aszlig
829566a23d
nixos/docker-containers: Fix submodule usage
The submodule of the "docker-containers" option isn't recognized as a
proper submodule and thus neither properly type-checks nor are its
options included in the manual.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-10-12 02:07:47 +02:00
Thomas Tuegel
d9aa539340
Merge branch 'phonon-backend-qt5' 2017-10-11 18:35:08 -05:00
Thomas Tuegel
b25deccd1a
nixos/plasma5: install phonon backends for each current Qt version
Fixes #27050, where the phonon backend was not found.
2017-10-11 18:29:43 -05:00
Florian Jacob
847beb558f nixos/firewall: Rename misleading rejected to refused in logging
as that's used as general term for rejected or dropped packets
in the rest of the config.
2017-10-11 20:12:58 +02:00
Jörg Thalheim
659c7484d1 Merge pull request #30312 from florianjacob/locatedb-fix-systemd-path-capabilities
locatedb: fix startup fail due to systemd path capabilities
2017-10-11 14:59:13 +01:00
Florian Jacob
70c3f56bdd nixos/locatedb: fix first run when /var/cache doesn't exist
by using systemd-tmpfiles.
Also document what's happening there.
2017-10-11 14:59:18 +02:00
Jörg Thalheim
6b3b708501 Merge pull request #30280 from woffs/speed
nix-daemon: mention speedFactor in example
2017-10-11 11:26:39 +01:00
Florian Jacob
818b161e0a nixos/locatedb: path restriction options were renamed
in systemd 231.
2017-10-11 11:15:29 +02:00
aszlig
f4e742594d
nixos: Fix detection of btrfs root volume
Regression introduced by 801c920e95.

Since then, the btrfsSimple subtest of the installer VM test fails with:

Btrfs did not return a path for the subvolume at /

The reason for this is that the output for "btrfs subvol show" has
changed between version 4.8.2 and 4.13.1.

For example the output of "btrfs subvol show /" in version 4.8.2 was:

/ is toplevel subvolume

In version 4.13.1, the output now is the following and thus the regular
expressions used in nixos-generate-config.pl and install-grub.pl now
match (which results in the error mentioned above):

/
        Name:                   <FS_TREE>
        UUID:                   -
        Parent UUID:            -
        Received UUID:          -
        Creation time:          -
        Subvolume ID:           5
        Generation:             287270
        Gen at creation:        0
        Parent ID:              0
        Top level ID:           0
        Flags:                  -
        Snapshot(s):

In order to fix this I've changed nixos-generate-config.pl and
install-grub.pl, because both use "btrfs subvol show" in a similar vein,
so the regex for parsing the output now doesn't match anymore whenever
the volume path is "/", which should result in the same behaviour as we
had with btrfs-progs version 4.8.2.

Tested against the btrfsSimple, btrfsSubvols and btrfsSubvolDefault
subtests of the installer VM test and they all succeed now.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-10-11 04:30:52 +02:00
Yegor Timoshenko
274c9b7587 unbound: fix typo in systemd Before 2017-10-10 20:08:36 +00:00
Bjørn Forsman
d26f8b5e00 nixos/lighttpd: add missing modules to allKnownModules
The output of ./configure shows all modules/plugins, both enabled and
disabled. With this info we can finally build the _complete_ list of
modules. We were missing these:

  mod_authn_gssapi
  mod_authn_ldap
  mod_geoip

(I hit this as I was building lighttpd with ldap support and the NixOS
module said ldap was unsupported, due to these missing entries in
allKnownModules.)
2017-10-10 20:14:38 +02:00
elseym
aeeac71231 mattermost: create role and db with postgres superuser
Recently, the postgres superuser name has changed. Using the configured
and correct username here fixes database initialisation.
2017-10-10 20:08:21 +02:00
WilliButz
5e8d1757ef nixos/xautolock: rewrite and add some options 2017-10-10 19:02:27 +02:00
Yegor Timoshenko
f9415cb621 desktop-managers: do not leak feh to PATH
feh is used to set background image for desktop managers that do not support it directly, however there is no need to include it in PATH.

Fixes #17450.
2017-10-10 15:46:33 +00:00
Frank Doepper
08bf000fe2 nix-daemon: mention speedFactor in example 2017-10-10 15:07:35 +02:00
Eelco Dolstra
9df79de1a1
Enable command-not-found
5a5db609e5 disabled it by default, which
may have been unintentional. mkEnableOption considered harmful.
2017-10-10 12:26:24 +02:00
Eelco Dolstra
ee9a15b323
Set $NIX_DEBUG_INFO_DIRS when environment.enableDebugInfo is enabled
This allows it to co-exist with other debug info directories, such as
the one used by dwarffs
(https://github.com/edolstra/dwarffs/blob/master/module.nix).
2017-10-10 12:04:57 +02:00
Jörg Thalheim
a61304e3cb Merge pull request #30261 from Ekleog/fcron-hardlink
fcron module: fix use with hardlink-optimized store
2017-10-09 23:12:40 +01:00
Léo Gaspard
1afd97aa8f
fcron module: fix use with hardlink-optimized store 2017-10-09 23:44:28 +02:00
WilliButz
7002ca7e1c nixos/zsh-syntax-highlighting: refactor 2017-10-09 23:30:10 +02:00
Benjamin Staffin
b3df084c70 nixos: minor X11 option description improvements (#30035) 2017-10-09 12:07:19 -07:00
Sarah Brofeldt
7b81889394 nixos/config/timezone: Disallow spaces 2017-10-09 20:52:25 +02:00
Shea Levy
f6858e55c2
Reserve uid/gids for kanboard 2017-10-09 07:44:32 -04:00
Joerg Thalheim
e34e28e573 nixos/fcron: service needs fcron in PATH
otherwise fcronsighup is not found.
Set PATH to /run/current-system/sw/bin does not seems to be used by service file anyway.
2017-10-09 11:43:24 +01:00
Tim Steinbach
c643759d41
kbfs: Add package in module 2017-10-08 12:49:58 -04:00
Jörg Thalheim
28db3ad7ae Merge pull request #30216 from bachp/minio-exporter
Minio exporter
2017-10-08 15:09:32 +01:00
Joerg Thalheim
e7e4e0c3b6 nixos/prometheus-minio-exporter: only inherit keys from minio if set 2017-10-08 15:05:25 +01:00
Pascal Bach
8e10a4d862 prometheus-minio-exporter service: default to local minio server if enabled 2017-10-08 15:09:25 +02:00
Jörg Thalheim
eefae49f6d Merge pull request #30183 from Mic92/openafs
openafs-client: don't remove kernel module on stop
2017-10-08 12:13:29 +01:00
Pascal Bach
aad88ddf5b prometheus-minio-exporter service: init version 2017-10-08 12:47:00 +02:00
Bas van Dijk
5b8ff5ed49 graphite: 0.9.15 -> 1.0.2
Fixes: #29961

Also added the option:

  services.graphite.web.extraConfig

for configuring graphite_web.
2017-10-08 03:03:22 +02:00
Jörg Thalheim
b256b2778a Merge pull request #30204 from lheckemann/powertop-fix
powertop module: add kmod to path
2017-10-07 22:06:46 +01:00
Linus Heckemann
fadb906b2f powertop module: add kmod to path
powertop attempt to load some kernel modules like msr by calling
modprobe. This is the counterpart to
88e43eb39b which has the powertop
executable search PATH for modprobe rather than hardcoding /sbin, and
actually adds the directory containing modprobe to its PATH for the
systemd service.
2017-10-07 21:48:50 +01:00
Guillaume Maudoux
15b7e102b6 Safer defaults for immutable znc config (#30155)
* Safer defaults for immutable znc config

I just lost all the options I configured in ZNC, because the mutable config was overwritten.
I accept any suggestions on the way to implement this, but overwriting a mutable config by default seems weird. If we want to do this, we should ensure that ZNC does not allow to edit the config via the webmin when cfg.mutable is false.

* Do not backup old config files.

There seems to be little need for backups if mutable becomes a voluntary opt-out.

* fixup
2017-10-07 16:38:14 +01:00
Graham Christensen
30524ca860 Merge pull request #30171 from NeQuissimus/keybase_modules
keybase/kbfs: Fix modules
2017-10-07 09:51:44 -04:00
Joerg Thalheim
912ec467db openafs-client: don't remove kernel module on stop
Otherwise it cannot re-insert the kernel module after a kernel upgrade
when boot kernel != running kernel.
2017-10-07 10:11:30 +01:00
Tuomas Tynkkynen
e86b78363d nixos/filesystems/ext: Don't try to load ext3 module
This module doesn't exist since v4.3, where the ext3 driver was removed
as ext4.ko can mount ext3 filesystems as well.
2017-10-07 11:01:01 +03:00
Franz Pletz
801c920e95
btrfs-progs: 4.8.2 -> 4.13.1 2017-10-07 04:04:20 +02:00
David Johnson
5b530d4568 oauth2_proxy: default address updated
Go will fail to parse this otherwise.
https://github.com/golang/go/issues/19297
2017-10-06 16:52:22 -07:00
Franz Pletz
3855b7977c
nixos: clean up kernel modules
* the keyboard modules in all-hardware.nix are already defaults of
   boot.initrd.availableKernelModules
 * ide modules, hid_lenovo_tpkbd and scsi_wait_scan have been removed
   because they're not available anymore
 * i8042 was a duplicate (see few lines abowe)
2017-10-07 01:48:03 +02:00
Franz Pletz
3df126dbf7
nixos/modules: clean up wireless firmware options
All available options were just enabling
hardware.enableRedistributableFirmware. There were nix files without
modules which weren't referenced anywhere.
2017-10-07 01:48:02 +02:00
Tim Steinbach
8840eaf223
keybase: Fix modules 2017-10-06 18:49:58 -04:00
michael bishop
0ee6f8612e
dd-agent: fix multiple tags in the config file 2017-10-05 19:33:18 -03:00
Florian Jacob
6091e2aa33 nixos/network-interfaces: assertion for too long interface names 2017-10-05 15:49:49 +02:00
Orivej Desh
184f80aeb8 Merge pull request #29781 from rick68/softether
softether: 4.18 -> 4.20
2017-10-05 08:26:23 +00:00
Danylo Hlynskyi
dc8500165c declarative containers: improve example config
Container config example code mentions `postgresql` service, but the correct use of that service involves setting `system.stateVersion` option (as discovered in https://github.com/NixOS/nixpkgs/issues/30056).

The actual system state version is set randomly to 17.03 because I have no preferences here
2017-10-05 00:42:50 +00:00
Joerg Thalheim
c2c843adf7 nixos/traefik: guard example path 2017-10-04 14:51:20 +01:00
Joerg Thalheim
a3200348b7 nixos/traefik: owner/group should be changed recursivly 2017-10-04 11:59:38 +01:00
Jörg Thalheim
b8288f137f Merge pull request #29865 from hamhut1066/traefik-module
nixos/traefik create service
2017-10-04 11:53:11 +01:00
Joerg Thalheim
3468c9e5cc nixos/traefik: create /var/lib/traefik with correct permissions 2017-10-04 11:49:42 +01:00
Hamish Hutchings
2e5297217d nixos/traefik create service 2017-10-04 11:26:39 +01:00
Franz Pletz
d6f7e2f6f6 Merge pull request #29942 from elitak/ipfs
Ipfs: prepare for autoMigrate fix
2017-10-04 03:07:25 +02:00
Alexander Foremny
03a5d729ef
nixos/gitlab: fix gitlab service
Fix GitLab service and update documentation. Fixes #30059.
2017-10-04 02:40:07 +02:00
Franz Pletz
eb59961855
Revert "pinentry: make GTK3 the default front-end"
This reverts commit 3f7e3db744.

This broke the gpg-agent user service. See #27468.
2017-10-04 02:16:37 +02:00
Eelco Dolstra
9b3aa19a88
Add NixOS 17.09 AMIs
Fixes #29976.
2017-10-03 16:56:59 +02:00
Jörg Thalheim
0b18fa4f09 Merge pull request #30014 from eqyiel/krb5-fixes
nixos/krb5: complete rewrite
2017-10-03 11:04:58 +01:00
Joerg Thalheim
1406e249b3 krb5: add deprecation date for old configuration 2017-10-03 11:01:05 +01:00
Joachim F
cb3d443787 Merge pull request #29452 from jerith666/pfix-srsd-1709
nixos/pfix-srsd: add module
2017-10-03 00:51:59 +00:00
Bob van der Linden
9d841295f3 gogs: avoid creating symlinks each run 2017-10-02 22:11:46 +02:00
Wei-Ming Yang
7e4e2667ae softether: 4.18 -> 4.20 2017-10-03 01:35:20 +08:00
The-M1k3y
0f2b46cdba nixos/gogs: fixed user creation if non-default user 2017-10-02 15:53:30 +02:00
Graham Christensen
5af263c2af Merge pull request #27468 from jtojnar/fix/pinentry-gnome
pinentry: add GNOME frontend
2017-10-02 07:29:23 -04:00
Jörg Thalheim
2354e0f05a cloud-utils: 0.29 -> 0.30 2017-10-02 09:11:20 +01:00
Ruben Maher
06e15e59f9 nixos/krb5: complete rewrite
The `krb5` service was a bit lacking.

Addresses NixOS/nixpkgs#11268, partially addresses NixOS/nixpkgs#29623.
2017-10-02 14:30:19 +10:30
Pascal Bach
2239dc6234 glusterfs service: fix issues with useRpcbind 2017-10-01 19:39:22 +02:00
Jan Tojnar
3f7e3db744
pinentry: make GTK3 the default front-end
See: https://github.com/NixOS/nixpkgs/issues/18559
2017-10-01 01:40:03 +02:00
Joachim F
74db6fabcb Merge pull request #29868 from nh2/nh2-glusterfs-improvements-for-17.09-master
glusterfs service: a few fixes and improvements
2017-09-30 12:19:19 +00:00
Eric Litak
f46616db5a ipfs: disable autoMigrate option for now 2017-09-29 18:07:55 -07:00
Rok Garbas
748ef34f09 assertion should check for encrypted.label of the defined fileSystem 2017-09-29 19:55:28 +02:00
Joerg Thalheim
44b6a1509d nixos/bcc: init module
Looks trival, but it is easy to make the mistake
to add linuxPackages.bcc to systemPackages,
which breaks if the not the default kernel is used.
2017-09-29 15:18:25 +01:00
Joerg Thalheim
5572062674 nixos/sysdig: init module 2017-09-29 15:01:21 +01:00
Peter Hoeg
963435a462 Merge pull request #29748 from fadenb/security.pam.usb_link_fix
security.pam.usb: fix url
2017-09-29 07:49:10 +08:00
Robin Gloster
57ed9e7e1d
gitlab: 9.5.5 -> 10.0.2 2017-09-28 23:14:31 +02:00
Jörg Thalheim
12ac88af1d Merge pull request #29890 from mbrgm/nullmailer-fix
nixos/nullmailer: fixes and `remotesFile` option
2017-09-28 21:29:37 +01:00
Cray Elliott
d4bdf302a3 nvidia-x11: fix eval error from 4ef82339c9 2017-09-28 13:11:16 -07:00
Tristan Helmich
c6761f8578 security.pam.usb: link to wiki on github.com
pamusb.org no longer serves the intended content.
2017-09-28 16:00:28 +02:00
Robin Gloster
4aeb38e5b9
Revert "kubernetes: fix hashes after dockerTools change"
This reverts commit 9ba024f6d8.
2017-09-28 14:09:49 +02:00
Joerg Thalheim
91eb6cf82c nullmailer: simplify config generation 2017-09-28 11:04:39 +01:00
Marius Bergmann
e741cc4881 nullmailer: add remotesFile option
The current `remotes` option is a string option containing nullmailer remote
definitions. However, those definitions may contain secret credentials and
should therefore not be put world-readable in the nix store.

I added a `remotesFile` option, which allows to specify a path to the remotes
definition file instead. This way, the definitions can be kept outside of the
nix store with more secure file permissions.
2017-09-28 08:52:21 +02:00
Marius Bergmann
02e89de71c nullmailer: use proper description for remotes option 2017-09-28 08:52:21 +02:00
Marius Bergmann
f9d64a068b nullmailer: fix relative -> absolute path in preStart script 2017-09-28 08:52:21 +02:00
Franz Pletz
d0435ba032
network-interfaces: device routes for default gateway
Iff interface is set, it makes sense to add device route by default.
2017-09-28 02:14:07 +02:00
Jörg Thalheim
0a6fca15fd Merge pull request #29881 from volth/patch-67
nixos/tinc: add "restartTriggers" back
2017-09-28 00:57:26 +01:00
Ryan Mulligan
c6f513b56a nixos/monit: install monit as system package, use default config file path 2017-09-28 01:20:20 +02:00
volth
ddd13e1375 nixos/tinc: add "restartTriggers" back
Add "restartTriggers" back to restart the Tinc daemon when its peer is removed.
Reverted #27660
2017-09-27 23:16:02 +00:00
Bjørn Forsman
3c6eb3a247 nixos/iso-image.nix: add top-level /version.txt file
This makes it easy to identify which NixOS version is written to an USB
stick without actually booting it.
2017-09-28 00:54:28 +02:00
Niklas Hambüchen
f4c53f1940 consul service: Restart on failure.
Consul is a service you typically want to have running all the time;
it's not supposed to quit by itself.
2017-09-28 00:41:15 +02:00
Franz Pletz
8237fa43d3 Merge pull request #29697 from zimbatm/gdm-on-nvidia
GDM fixes
2017-09-28 00:20:18 +02:00
Rostislav Beneš
0cad98dde1
nixos/xserver,gdm: let GDM handle X server verbosity. 2017-09-28 00:18:57 +02:00
Rostislav Beneš
4ef82339c9
nixos/gdm,nvidia: new options to enable GDM on Wayland and disabling it for nvidia drivers. 2017-09-28 00:18:57 +02:00
Rostislav Beneš
4f91397c98
nixos/nvidia: populating /dev with nvidia devices at boot 2017-09-28 00:18:57 +02:00
Jörg Thalheim
2b8cba2ff5 Merge pull request #29874 from mbrgm/znc-fix
znc: fix openFirewall option
2017-09-27 23:08:51 +01:00
Franz Pletz
0ee866ed72
kbd service: systemd-vconsole-setup is triggered by udev
cc #22470
2017-09-27 23:38:29 +02:00
Franz Pletz
725dee203a
wpa_supplicant service: restart instead of stop & start
We now wait for dhcpcd to acquire a lease but dhcpcd is restarted on
system activation. As wpa_supplicant is stopped while dhcpcd is
restarting a significant delay is introduced on systems with wireless
network connections only. This changes the wpa_supplicant service to
also be restarted together with dhcpcd in case both services were
changed.
2017-09-27 23:38:03 +02:00
Alexander Ried
4a2442032e Revert "kbd service: use /dev/tty1 for systemd-vconsole-setup"
This reverts commit 0c81594a29.

It's no longer needed since systemd-vconsole-setup enumerates all ttys
until it finds a suitable one since systemd v234.
2017-09-27 23:37:24 +02:00
Joerg Thalheim
23f398012b nixos: skip restarting systemd-logind to not break x11 2017-09-27 22:28:27 +01:00
Marius Bergmann
dd50575d5a znc: fix openFirewall option
The current version is broken:
- there's no `openFirewall` attribute directly in the `cfg` set
- the `port` option is an attribute of the `confOptions` set

I used the proper attribute for the firewall port and moved the `openFirewall`
option directly up to the `services.znc` set, as it's rather a general option
for the whole service than a znc-specific option (which are located inside the
`confOptions` set).
2017-09-27 22:18:03 +02:00
Niklas Hambüchen
18eecae4b6 glusterfs service: Change default killMode to "control-group".
This is a better default for NixOS because it ensures that config
changes happen fully when NixOS users expect it.
2017-09-27 20:54:13 +02:00
Niklas Hambüchen
08f7e4516c glusterfs service: Ensure log directory exists for glustereventsd.
Prevents glustereventsd failing at startup in case it starts
before glusterd has started (whose `preStart` would also
create the needed directory).
2017-09-27 20:53:42 +02:00
Niklas Hambüchen
e233a518bd glusterfs service: Add killMode and stopKillTimeout options 2017-09-27 20:53:39 +02:00
Niklas Hambüchen
bd54b72676 glusterfs service: Add settings to disable rpcbind and the events daemon.
See also https://github.com/NixOS/nixpkgs/pull/22225#pullrequestreview-26459886
2017-09-27 19:51:42 +02:00
Niklas Hambüchen
5e2815dfb7 glusterfs service: Don't make it a prerequisite of network-online.target.
This introduces dependency cycles.

A network file system to be running is not required for a network
connection to be available.

19759cfeab (commitcomment-22044519)
2017-09-27 19:17:23 +02:00
Rodney Lorrimar
56eba66f77 mysqlBackup service: let it work with default settings
* Grants enough privileges to the configured user so that it can run
  mysqldump.

* Adds a nixos test.

* Use systemd timers instead of a cronjob (by @fadenb).

* Creates a new user for backups by default, instead of using mysql
  user.

* Ensures that backup user has write permissions on backup location.

* Write backup to a temporary file before renaming so that a failed
  backup won't overwrite the previous backup, and so that the backup
  location will never contain a partial backup.

Breaking changes:

 * Renamed period to calendar to reflect the change in how to
   configure the backup time.

 * A failed backup will no longer result in cron sending an e-mail --
   users' monitoring systems must be updated.

Resolves #24728
2017-09-27 18:44:49 +02:00
Joerg Thalheim
75ba415fbc nixos/tinc: remove useless script argument
ExecStart is sufficient and more transparent to the user.
2017-09-27 17:57:39 +02:00
Joerg Thalheim
ad8cb0917f nixos/tinc: do not add Device= by default
tinc can figure this out based on DeviceType.
I also got `/dev/net/tun FD in bad state` after a particular upgrade.
2017-09-27 17:57:39 +02:00
Eelco Dolstra
79d547b4bb
nix-daemon: Bump the default number of build users
While it's annoying to pollute the user database with a lot of nixbld*
users, 10 users is really too low for many modern systems.
2017-09-27 17:13:16 +02:00
Peter Simons
99e24590cb nixos(spamassassin): fix trailing whitespace 2017-09-27 14:50:52 +02:00
Peter Simons
bfab392e6e nixos(spamassassin): provide /etc/spamassassin to fix sa-learn et al
Spamassassin expects its system-wide configuration at /etc/spamassassin, and
some user tools (like sa-learn) need to read those configuration files.
Therefore, we provide a symlink from /etc/spamassassin to the appropriate Nix
store path to make sure those tools work without the user having to pass an
elaborate --siteconfig path that, potentially, changes every time the system
updates.

Fixes https://github.com/NixOS/nixpkgs/issues/29414.
2017-09-27 14:50:52 +02:00
Daniel Peebles
79d8ccf4f0 Merge pull request #28777 from copumpkin/installer-chroot
nixos-install: re-enable --chroot option
2017-09-26 12:23:19 -07:00
Dan Peebles
186c120bed nixos-install: re-enable --chroot option
I forgot to implement it the first time around. Whoops!
2017-09-26 07:25:14 -07:00
Jörg Thalheim
c74418a4e6 Merge pull request #29426 from Mic92/zfsUnstable
nixos/zfs: import encrypted datasets by default for zfsUnstable
2017-09-26 09:10:44 +01:00
Jörg Thalheim
9164517c18 nixos/zfs: import encrypted datasets by default for zfsUnstable 2017-09-26 09:08:53 +01:00
Jörg Thalheim
b303aa0155 Merge pull request #29762 from samueldr/pr/update-mediawiki
mediawiki: 1.27.3 -> 1.29.1
2017-09-26 08:04:08 +01:00
Jörg Thalheim
bda2d25a50 Merge pull request #28856 from jtojnar/at-spi2-core
gnome3.at-spi2-core: fix service not found error
2017-09-26 00:39:49 +01:00
Pavel Goran
cee657f9a3 nixos/gitolite: add enableGitAnnex option 2017-09-25 22:03:00 +02:00
Joerg Thalheim
194c4002b6 wireguard: fix function for adding routes 2017-09-25 20:42:03 +01:00
Jörg Thalheim
08b827ae8e Merge pull request #29753 from andir/wireguard-allowed-ips-as-route-optional
networking.wireguard: added `allowedIpsAsRoutes` boolean to control p…
2017-09-25 20:32:11 +01:00
Andreas Rammhold
846070e028
networking.wireguard: added allowedIpsAsRoutes boolean to control peer routes
Sometimes (especially in the default route case) it is required to NOT
add routes for all allowed IP ranges. One might run it's own custom
routing on-top of wireguard and only use the wireguard addresses to
exchange prefixes with the remote host.
2017-09-25 21:30:52 +02:00
Joachim F
ffd6cbe3d1 Merge pull request #28503 from phile314/fusion-inventory
Fusion inventory: Init at 2.3.18
2017-09-25 12:58:44 +00:00
Franz Pletz
263185aa68
nixos/network-interfaces: ensure slave interfaces are up
Fixes #28620.
2017-09-25 14:06:38 +02:00
Franz Pletz
13a110e696
nixos/network-interfaces: cannot delay device units
Systemd is complaining that it can't delay the startup of device units.
We have a before dependency on the respective device unit for every
netdev service, which doesn't make any sense because we create the
actual interface in this service.
2017-09-25 14:06:38 +02:00
Franz Pletz
3a670daa98
nixos/network-interfaces: IPs must always be set
Previously, depending on the environment and the type of interface that
was created, the configured IPs of an interface wouldn't be applied on a
nixos-rebuild switch. It works after a reboot.

This patch ensures that the network-addresses service is started
either via the network-link service or if the networking target is
activated (i.e. on system activation).

Fixes #28474 #16230.
2017-09-25 14:06:38 +02:00
Silvan Mosberger
a8c97ad23e nixos/radicale: fix default version (#29743) 2017-09-25 10:18:42 +00:00
Philipp Hausmann
1a23ff8a13 FusionInventory: Code cleanup 2017-09-25 10:39:11 +02:00
Philipp Hausmann
6b788e36df FusionInventory: Add NixOS module. 2017-09-25 10:39:11 +02:00
Samuel Dionne-Riel
0b1c73f4da mediawiki: 1.27.3 -> 1.29.1 2017-09-24 22:49:22 -04:00
Jörg Thalheim
975c7b2204 Merge pull request #29450 from jerith666/djb-1709
Add modules for tinydns and dnscache from djbdns
2017-09-24 15:39:29 +01:00
Joerg Thalheim
735b41c34f nixos/tinydns: default data to empty string
(not strictly required to start the service)
2017-09-24 15:38:25 +01:00
Kranium Gikos
412fa16bff influxdb sevice: make postStart test work with non-localhost configurations (#29734)
make postStart test work with non-localhost configurations
2017-09-24 15:37:17 +01:00
Jörg Thalheim
d20bd77c93 Merge pull request #29717 from fare-patches/nfsd
nfsd: add extraNfsdConfig
2017-09-24 15:13:42 +01:00
Robin Gloster
43404d9acf
systemd-tmpfiles: fix docs
We have been doing this since 4e4161c212
2017-09-24 13:17:46 +02:00
Jan Tojnar
69698ec11c gnome3: only maintain single GNOME 3 package set (#29397)
* gnome3: only maintain single GNOME 3 package set

GNOME 3 was split into 3.10 and 3.12 in #2694. Unfortunately, we barely have the resources
to update a single version of GNOME. Maintaining multiple versions just does not make sense.
Additionally, it makes viewing history using most Git tools bothersome.

This commit renames `pkgs/desktops/gnome-3/3.24` to `pkgs/desktops/gnome-3`, removes
the config variable for choosing packageset (`environment.gnome3.packageSet`), updates
the hint in maintainer script, and removes the `gnome3_24` derivation from `all-packages.nix`.

Closes: #29329

* maintainers/scripts/gnome: Use fixed GNOME 3 directory

Since we now allow only a single GNOME 3 package set, specifying
the working directory is not necessary.

This commit sets the directory to `pkgs/desktops/gnome-3`.
2017-09-24 12:15:50 +01:00
Robin Gloster
9ba024f6d8
kubernetes: fix hashes after dockerTools change 2017-09-24 12:09:07 +02:00
Matej Cotman
6ea272ced4 kubernetes: fix dns addon hashes, fix clusterDns, enable proxy on master 2017-09-24 11:44:25 +02:00
Jaka Hudoklin
ddf5de5de0 kubernetes module: refactor module system, kube-dns as module 2017-09-24 11:44:25 +02:00
Jaka Hudoklin
2beadcf181 kubernetes module: seedDockerImages option for seeding docker images built with nix 2017-09-24 11:44:25 +02:00
Jaka Hudoklin
9d97c92d68 kubernetes module: webhook authorization for kubelet 2017-09-24 11:44:25 +02:00
Jaka Hudoklin
7c893623d4 kubernetes module: fix documentation links 2017-09-24 11:44:25 +02:00
Jaka Hudoklin
74f99525e0 kubernetes module: add featureGates option 2017-09-24 11:44:25 +02:00
Jaka Hudoklin
55dbbfd899 kubernetes module: kubelet, add socat to path for kubectl portforward 2017-09-24 11:44:25 +02:00
Jaka Hudoklin
8e48fff268 kubernetes module: enable leader elect by default 2017-09-24 11:44:25 +02:00
Jaka Hudoklin
856ca7347f kubernetes module: add storage and tolerations addmission controllers 2017-09-24 11:44:25 +02:00
Jaka Hudoklin
d842d539d9 kubernetes module: fix cidr ranges 2017-09-24 11:44:25 +02:00
Jaka Hudoklin
b25d155976 kubernetes module: default auth mode to only RBAC 2017-09-24 11:44:25 +02:00
Jaka Hudoklin
c2622910ab kubernetes module: add support for common CA file 2017-09-24 11:44:25 +02:00
Jaka Hudoklin
c96ca5f3bd kubernetes module: per service kubeconfig support 2017-09-24 11:44:25 +02:00
Jaka Hudoklin
7dfeac88ac kubernetes module: flannel support, minor fixes
- add flannel support
- remove deprecated authorizationRBACSuperAdmin option
- rename from deprecated poratalNet to serviceClusterIpRange
- add nodeIp option for kubelet
- kubelet, add br_netfilter to kernelModules
- enable firewall by default
- enable dns by default on node and on master
- disable iptables for docker by default on nodes
- dns, restart on failure
- update tests

and other minor changes
2017-09-24 11:44:25 +02:00
Matej Cotman
8e14e978c8 kubernetes: fix minor issues 2017-09-24 11:44:25 +02:00
Matej Cotman
ed322f4235 kubernetes: update service 2017-09-24 11:44:25 +02:00
Jaka Hudoklin
90d5468ad6 kubernetes module: authorization improvements 2017-09-24 11:44:25 +02:00
Matej Cotman
c3cfd92d24 kubernetes: 1.5.6 -> 1.6.4 2017-09-24 11:44:25 +02:00
Graham Christensen
f3b9ac73e2
nixos/rabbitmq: fix restarts and sasl logs
1. The chmod 400 with the preset cookie prevented restarts, as
on the second boot it would fail to write to the cookie. Oops.

2. As far as I can tell, sasl logs were disabled because of the
following error:

{error,{cannot_log_to_tty,sasl_report_tty_h,not_installed}}

Not because we actually wanted to disable them. This meant the
management plugin wasn't usable due to a bug set to be fixed in
3.7.0.
2017-09-23 17:58:43 -04:00