636f9ac0ed
Merge pull request #8799 from ryantm/master
...
heyefi service: init
2015-07-24 10:11:26 +02:00
26d5a1fc62
postgresql: add reload command
2015-07-24 01:41:32 +00:00
d004ac6857
Oroborus: init at 2.0.20
...
Oroborus (named after the self-eating snake) is a minimalistic window manager.
2015-07-23 13:50:26 -03:00
e2b25f9434
Use environment.etc to manage /etc/crontab
...
Otherwise, /etc/crontab won't be deleted when cron is disabled.
2015-07-22 15:15:09 +02:00
201f9beddb
Don't enable cron by default
...
The rationale for disabling this is: 1) systemd timers are better; 2)
it gets rid of one usually unnecessary process, which makes containers
more light-weight.
Note that cron is still enabled if services.cron.systemCronJobs is
non-empty, so this only matters if you have no declarative cron jobs
but do have user cron jobs.
2015-07-22 15:15:09 +02:00
a6c95a3f7d
extlinux-conf-builder: Set menu title to force prompt display
...
Without a menu title, U-Boot's distro scripts just autoboot the first
entry by default.
When I initially wrote this, my board wasn't apparently running stock
U-Boot but had some local hacks saved in the U-Boot's environment
which made it always display the prompt.
2015-07-22 16:08:18 +03:00
8496f71e92
extlinux-conf-builder: Make it work on non-DTB systems
...
With this, boot.loader.generic-extlinux-compatible can be used with
linuxPackages_rpi on the Raspberry Pi.
2015-07-22 16:08:17 +03:00
6147909f8e
extlinux-conf-builder: Properly copy kernels for the default entry
...
When calling addEntry inside a subshell, the filesCopied array would
be updated only in the subshell's environment. This would only cause an
issue if no -g flag was passed to the script, causing no kernels
to be copied.
2015-07-22 16:08:17 +03:00
1947179036
nixos/rogue: Set WorkingDirectory to /tmp
...
Otherwise we can get an ugly /rogue.scr in the root of the filesystem
hierarchy.
2015-07-22 16:08:17 +03:00
fab3090693
Don't include wireless tools in containers
2015-07-22 12:51:21 +02:00
5d02c02a9b
systemd: Use upstream tmpfiles.d rules
...
This fixes a failing assert in systemd-timesyncd (issue #5913 ) as it
expects the directory /run/systemd/netif/links/ to exist, and nothing in
NixOS currently creates it.
Also we get a net reduction in our code as rules for /run/utmp and
/var/log/journal are also provided by the same upstream file.
(cherry picked from commit a278a9224a
2015-07-22 12:27:05 +02:00
925e1f91c5
Set up /etc/machine-id before starting systemd
...
Otherwise, systemd will try to populate /etc, which we don't want.
(cherry picked from commit c8501a4218
2015-07-22 12:24:32 +02:00
0ab320a884
stage-1: Shut up warnings about swap devices that don't exist yet
...
(cherry picked from commit 388dac478d
2015-07-22 12:24:06 +02:00
ec82157ac5
stage-2: Don't run hwclock in containers
...
(cherry picked from commit b978df019a
2015-07-22 12:23:52 +02:00
9647609e3e
stage-1: Don't mount /dev/shm if it's already mounted
...
(cherry picked from commit c8ef598945
2015-07-22 12:23:48 +02:00
6bd4e0b8cd
Create systemd-{network,resolve} user/group unconditionally
...
This shuts up this error from dbus:
May 11 13:52:16 machine dbus-daemon[259]: Unknown username "systemd-network" in message bus configuration file
May 11 13:52:16 machine dbus-daemon[259]: Unknown username "systemd-resolve" in message bus configuration file
which happens because the D-Bus config for networkd/resolved is
enabled unconditionally, and we don't have an easy way to turn it off.
(cherry picked from commit f19b58fb6a
2015-07-22 12:23:45 +02:00
65700b435c
Use ConditionVirtualization to disable some services in containers
...
(cherry picked from commit c52a983806
2015-07-22 12:23:40 +02:00
8d70b5cd91
Merge pull request #8904 from Fuuzetsu/docker-custom-postStart
...
docker: allow the user to override postStart
2015-07-21 19:13:54 +01:00
babb744b71
riak: new nixos service
2015-07-21 09:25:41 -04:00
bc1773fe16
Merge remote-tracking branch 'origin/staging' into systemd-219
...
Conflicts:
pkgs/os-specific/linux/kernel/linux-3.4.nix
pkgs/os-specific/linux/systemd/default.nix
2015-07-20 22:57:23 +02:00
23187c3431
docker: allow the user to override postStart
...
My use-case: passing -H SOM.EIP.ADD.RES:PORT doesn't result in a .sock
file so the service would never go up.
2015-07-20 14:28:49 +01:00
0c4fca7d61
Merge pull request #8690 from laMudri/synaptics
...
synaptics: fix to allow for more scrolling choices
2015-07-19 12:50:33 -05:00
08c192a40b
devmon: New service
2015-07-19 13:39:00 +01:00
9a80550cc4
Merge branch 'staging', discussion #8844
2015-07-19 08:09:29 +02:00
883517f37c
phpfpm: use latest php
2015-07-17 18:09:50 +02:00
19e5fd60b3
slim: use nixos theme by default
2015-07-17 17:01:07 +03:00
b1623385d0
nixos-generate-config: Container improvements
2015-07-17 11:27:33 +02:00
9f37e91ec5
Merge master into staging
...
There are larger-rebuild changes: gnutls and samba.
2015-07-17 06:38:04 +02:00
1306c11b94
bitlbee service: fix typo
2015-07-16 02:43:27 +02:00
6281c618cf
lightdm: Fix location of loaders.cache after 4982143324
2015-07-15 15:30:39 -07:00
2e0933787b
nixos: add AppArmor PAM support
...
Enables attaching AppArmor profiles at the user/group level.
This is not intended to be used directly, but as part of a
role-based access control scheme. For now, profile attachment
is 'session optional', but should be changed to 'required' once
a more comprehensive solution is in place.
2015-07-15 12:40:06 +02:00
2ff9129337
xen: fixes (authored by michalpalka)
...
Xen required a few changes in order to be usable:
* Include xenfs module in initrd as loading it in the activation
script was failing.
* Include /etc/default/xendomains, which is needed by
xen-domains service.
* Create /var/log/xen and /var/lib/xen directories in
the xen-store service, which are needed by the xl command.
The directories could be created by any other script as long as
they are guaranteed to exist before xl is called.
* Fix a reference to /bin/ls in the xendomains script.
2015-07-15 12:38:37 +02:00
25e60feb72
Merge branch 'master.upstream' into staging.upstream
2015-07-15 02:02:46 -07:00
be5ad1d07c
window-manager service: add notion
...
Add the notion window manager to the windowManager service definition.
2015-07-14 12:36:59 -04:00
9d485d9433
heyefi service: make uploadDir path more generic and a string
2015-07-14 06:56:30 -07:00
d11edff860
heyefi service: use mkEnableOption
2015-07-14 06:54:51 -07:00
d6cee31b04
heyefi service: init
2015-07-14 06:42:02 -07:00
333f145d76
Merge branch 'master.upstream' into staging.upstream
2015-07-13 15:11:31 -07:00
fd06533def
nixos-install: Don't barf if btrfs is missing
2015-07-13 17:55:49 +02:00
7b38cb699d
services.openssh.knownHosts.*.publicKey: Update description and add example
...
Note that it's no longer allowed to have multiple public keys
separated by a newline.
2015-07-13 16:21:57 +02:00
baab714b2e
charybdis service: fix preStart script
2015-07-13 15:11:18 +02:00
2e49828d9c
firefox sync-server service: make path to paster executable absolute
...
The systemd service was ignoring ExecStart because the path to the
paster executable was not absolute. Because ExecStart was ignored, the
service would not start.
2015-07-12 20:43:52 +12:00
a456168e5b
Merge pull request #6702 from joachifm/dnscrypt-proxy
...
nixos: some improvements for dnscrypt-proxy
2015-07-12 00:17:46 -07:00
dc62669335
Set ‘allowSubstitutes = false’ on various derivations
...
This reduces the number of binary cache requests. See
b64988bb35
2015-07-09 15:10:37 +02:00
7cda24c01e
Merge branch 'master.upstream' into staging.upstream
2015-07-08 14:11:16 -07:00
1e4483b1ec
nixos/bitlbee: fixed protocols option
2015-07-08 19:30:20 +02:00
c0de3b306b
nixos/bitlbee: add hostname, config dir and protocols options
2015-07-08 19:14:36 +02:00
95369cd831
Merge pull request #8679 from offlinehacker/kubernetes/fixes3
...
nixos/kubernetes: fix cadvisor, kubelet autoregistration
2015-07-08 12:16:18 +02:00
7e7371fe3c
Merge pull request #8639 from sjmackenzie/zerotierone
...
zerotier-one: service add
2015-07-08 02:15:14 +03:00
0f63a624f7
synaptics: fix to allow for more scrolling choices
2015-07-07 20:56:13 +01:00
08ff83eab3
nixos/btrfs: Fix parsing of `btrfs subvolume show` with btrfsprogs 4.1
2015-07-07 11:34:50 -07:00
9fa19cfcea
apache-httpd: Don't set default content encodings
...
In general, you don't want a .tar.gz file to be served with
"Content-Encoding: x-gzip", because this causes browsers (like Chrome
or "curl --compressed") to decompress the file on the fly. So you end
up with a .tar rather than .tar.gz file, which is unexpected.
If people want such encodings, they should set them in their own NixOS
configuration.
2015-07-07 12:12:49 +02:00
5aefc44da9
nixos/kubernetes: fix cadvisor, kubelet autoregistration
2015-07-07 11:34:33 +02:00
e85dac137e
sundtek init at 30-06-2015
2015-07-07 10:58:58 +02:00
41cf8be412
nixos nix-daemon: lower priority is 19. Closes #8675
2015-07-07 09:49:05 +02:00
ae28ff8b91
Merge branch 'master.upstream' into staging.upstream
2015-07-06 17:15:11 -07:00
5297371b95
zerotier-one: service add
2015-07-07 07:11:44 +08:00
4f2b22aff0
Merge pull request #8629 from telotortium/subsonic
...
subsonic: init at 5.2.1
2015-07-07 01:09:19 +03:00
bffc5789d5
Merge pull request #8656 from devhell/udisks2.service
...
udisks2 service: Fix ExecStart path
2015-07-06 01:11:53 -07:00
b35da0edee
Merge branch 'master.upstream' into staging.upstream
2015-07-05 19:35:50 -07:00
4b836fb680
nixos/installer: Add grub2_efi to the store so that it is available to install
2015-07-05 19:11:56 -07:00
fbfdc139d6
Merge branch 'master.upstream' into staging.upstream
2015-07-05 18:36:16 -07:00
cb343e7be6
nixos/install-grub: Fix symlink installation for boot filesystems which don't support symlinking
...
Some filesystems like fat32 don't support symlinking and need to be
supported on /boot as an efi system partition. Instead of creating the symlink directly in boot, create the symlink in
a temporary directory which has to support symlinking.
2015-07-05 18:34:47 -07:00
f64a5dd3f3
subsonic service: init
...
Add a systemd service and UID/GID for the Subsonic personal media
streamer server (<http://subsonic.org >).
2015-07-05 17:25:42 -07:00
c61d048427
nixos/quassel: Temporarily switch back to qt4 since qt5 tls in quassel is broken
2015-07-05 16:53:42 -07:00
d605663ae2
Merge branch 'master.upstream' into staging.upstream
2015-07-05 13:06:02 -07:00
4ee2d39fbf
grub installation: fix: simplify code
2015-07-05 21:55:56 +02:00
6befeb6818
udisks2 service: Fix ExecStart path
...
It seems that with the latest update to `udisks2`, the ExecStart path
for the daemon changed from `/lib/udisks2` to `/libexec/udisks2`. This
commit reflects that change for our purposes.
2015-07-05 19:36:26 +01:00
c38a9b607f
Merge pull request #8654 from ts468/upstream.trusted_grub_integration
...
grub installation: integrate trustedGRUB + fix broken equality check
2015-07-05 11:34:00 -07:00
65cbbc75b0
grub installation: integrate trustedGRUB + fix broken equality check
2015-07-05 19:51:53 +02:00
6c8e6aaa24
nixos docker: fix service and test
2015-07-05 13:57:23 +02:00
d7869f46ca
Merge pull request #8602 from ts468/upstream.pam
...
Security: integrate pam_mount into PAM of NixOS
2015-07-05 00:40:49 +02:00
7b6f279142
pam_mount module: integrate pam_mount into PAM of NixOS
2015-07-04 23:42:31 +02:00
2bd811155e
Merge pull request #8603 from ts468/upstream.xen
...
Xen related stuff
2015-07-04 16:13:33 +01:00
07bdaa97da
Merge pull request #8554 from dwe11er/luks-detached-header
...
allow for using LUKS devices with detached header
2015-07-04 13:17:54 +02:00
b15df9482a
Merge pull request #8573 from lihop/shellinabox-service
...
shellinabox service: initial implementation
2015-07-04 14:02:06 +03:00
093a8994f9
Merge pull request #8624 from ambrop72/minidlna-update
...
minidlna 1.1.4
2015-07-04 13:59:32 +03:00
1eb50ebbf2
shellinabox service: intial implementation
2015-07-04 21:18:13 +12:00
2fd9d56f51
nixos/skydns: fixed reference to skydns
2015-07-04 09:43:28 +02:00
42a5ad5c5e
minidlna: 1.0.25 -> 1.1.4
...
Changes:
- gettext is needed to build
- Switched to using non-legacy ffmpeg.
- Removed ffmpeg stuff from include path since it causes build errors related to
a time.h header.
- Removed unneeded patch.
- Adjusted NixOS service due to the binary being renamed.
2015-07-04 09:16:28 +02:00
11cd596aea
wordpress: language downloads are now reproducible
2015-07-03 13:06:44 +02:00
8f911263e9
Xen Dom0: add dnsmasq to xen-bridge.
2015-07-02 16:27:40 +02:00
b21fd5d066
nixos/postgresql: Fix initdb for existing, empty postgres partitions
2015-07-02 00:08:02 -07:00
7eae48871f
Merge branch 'master.upstream' into staging.upstream
2015-07-01 13:38:17 -07:00
dd9530c819
Merge remote-tracking branch 'projectorhq/riemann-tools'
...
Add riemann-tools package and service
2015-07-01 08:45:33 -04:00
f667310c06
Use mkAfter for services.postgresql.authentication
...
Authentication methods are tried in order, so if another NixOS module
defines a specific ident mapping like
local hydra all ident map=hydra-users
it should appear before the generic
local all all ident
2015-07-01 13:49:02 +02:00
612f0bdd67
Merge branch 'master.upstream' into staging.upstream
2015-06-30 23:58:07 -07:00
013f88ac7e
nixos: gnome-keyring: fix module description
2015-07-01 02:22:27 +02:00
bbb36ea039
Add riemann-tools to nixpkgs
...
Adds package via bundlerEnv and service for Riemann health.
2015-06-30 17:16:51 -04:00
96b325b0b7
Remove option ec2.metadata
2015-06-30 17:25:56 +02:00
32b9ca3219
EC2: Don't blackhole 169.254.169.254
...
https://github.com/NixOS/nixops/issues/267
2015-06-30 17:04:19 +02:00
a9b3d75e9e
nix.buildMachines: Fewer required fields
2015-06-30 00:51:07 +02:00
c1becad3eb
nixos/modules/system/boot/luksroot.nix: allow for LUKS devices with detached header
2015-06-29 17:36:47 +02:00
f9bd72f24c
nixos/iso-image: Allow to customize menu label.
...
It comes in handy to alter the menu label if you're not building a NixOS
installer image but for example if you want to build a live system and
still want to re-use the iso-image.nix module.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-06-28 23:30:17 +02:00
ed9dc1fd9e
nixos: added gitit service
2015-06-28 12:39:52 +02:00
b6322e1215
krb5: Break out into a lib and not lib version
2015-06-26 22:05:47 -07:00
ef253212f4
Merge branch 'master.upstream' into staging.upstream
2015-06-26 17:25:49 -07:00
fee9ef8659
nixos: Replace pkgs.openssh with config.programs.ssh.package
2015-06-26 17:09:58 -07:00
1f3f31b2a8
Add options nix.{trustedUsers,allowedUsers}
...
These are just trusted-users and allowed-users in nix.conf. It's
useful to have options for them so that different modules can specify
trusted/allowed users.
2015-06-26 18:45:27 +02:00
fb203a34c0
nix.buildMachines: Don't require sshUser
2015-06-26 18:44:44 +02:00
449c14d20b
Merge pull request #8520 from hrdinka/fix/postfix-recipient_delimiter
...
postfix: fix recipient_delimiter option
2015-06-26 14:18:58 +02:00
6839ad653a
postfix: fix recipient_delimiter option
...
This reverts commit 88f4b75a00
2015-06-26 14:05:53 +02:00
ffe164d758
Merge pull request #8484 from DamienCassou/fix-blocking-stumpwm-module
...
Don't block the system after starting stumpwm
2015-06-26 11:40:59 +02:00
0bd3737bd0
stumpwm: don't block after starting stumpwm
...
This is important to let nixos configure everything, e.g., a desktop
manager.
2015-06-26 11:38:04 +02:00
011993c86a
wordpress: usability updates
2015-06-25 16:21:14 +02:00
a8c52d0958
Merge branch 'master' into staging
2015-06-25 09:15:05 -05:00
0aa8e64967
kde5: JSON manifest format
2015-06-25 09:03:40 -05:00
d405d036c5
redmine service: fixing a typo, pointing to bundler package
2015-06-25 15:24:57 +02:00
46f06ccde7
uwsgi-service: Add user/group for uwsgi service.
...
Also add a uwsgi directory under /run (defaulting to /run/uwsgi) where the uwsgi user can place sockets.
2015-06-24 14:48:53 +00:00
9dab1a840c
tvheadend: init at 4.0.4
2015-06-24 13:22:09 +00:00
6532863ac4
unifi: 3.2.10 -> 4.6.3
2015-06-23 10:09:44 -07:00
282d03befa
Merge branch 'master.upstream' into staging.upstream
2015-06-22 10:57:36 -07:00
f00440fac5
nixos/x11: start session with dbus-launch
...
This is needed by most window managers. Desktop environments
usually launch dbus-launch if a session hasn't been started yet
so this shouldn't hurt. The worst it can happen is that one
dbus session will be unused in case it's started twice.
The GDM change is backported from recent gdm.
2015-06-22 16:12:20 +00:00
88f4b75a00
nixos: recipientDelimiter is no longer a valid configuration option in Postfix 2.11.x or later
...
Note that this change in Postfix might affect the mlmmj.nix service in
ways I don't fully understand.
2015-06-22 12:47:23 +02:00
e08074ff6d
nixos: fix code that sets up /etc/postfix
...
The sample config files have moved from ${postfix}/share to ${postfix}/etc in
version 2.11.4.
2015-06-22 12:47:23 +02:00
cf44a27fc4
fix argument in mkEnableOption
2015-06-21 18:21:21 +03:00
90912f8aa5
Merge pull request #8401 from DamienCassou/document-desktopManagerHandlesLidAndPower-in-systemd
...
Explanation to desktopManagerHandlesLidAndPower
2015-06-19 14:02:04 +02:00
26e424a4aa
Explanation to desktopManagerHandlesLidAndPower
...
With this patch, systemd-inhibit outputs a descriptive message when
desktopManagerHandlesLidAndPower=true (the default).
Before the patch:
$ systemd-inhibit
Who: /nix/store/[...]-xsession [...] (UID 1000/cassou, PID 18561/systemd-inhibit)
What: handle-power-key:handle-lid-switch
Why: Unknown reason
Mode: block
After the patch:
$ systemd-inhibit
Who: /nix/store/[...]-xsession [...] (UID 1000/cassou, PID 18561/systemd-inhibit)
What: handle-power-key:handle-lid-switch
Why: See NixOS configuration option 'services.xserver.displayManager.desktopManagerHandlesLidAndPower' for more information.
Mode: block
2015-06-19 11:16:32 +02:00
61596bf405
Merge #8363 : pure-darwin stdenv
2015-06-18 22:38:08 +02:00
295846a254
nixos/nix-serve: Run as a separate user and add a signing key parameter
2015-06-17 19:10:39 -07:00
8e19ac8d7c
Merge branch 'master.upstream' into staging.upstream
2015-06-17 11:57:40 -07:00
d4fc2b4d99
nixos/install-grub: Fix grub1 installation
2015-06-17 11:47:36 -07:00
d9c56c696f
Replaces https://github.com/NixOS/nixpkgs/pull/8368
2015-06-17 19:26:17 +02:00
8170e74d9f
Revert "Make it possible to boot NixOS from a SCSI Disk on KVM"
2015-06-17 19:13:08 +02:00
ee3768b9ba
Make it possible to boot NixOS from a SCSI Disk on KVM
...
Currently NixOS can't boot from a SCSI disk as a KVM Guest.
I found this out while installing it on the new [Linode KVM
platform](https://www.linode.com/docs/platform/kvm#custom-kernel-configuration ).
2015-06-17 17:28:07 +02:00
f93d8425c3
Installer test: Fix booting from SCSI
...
This is required by the GRUB 1 test.
2015-06-17 15:47:43 +02:00
d5628c982d
Bypass /etc/gdm/Xsession. Closes #8351
2015-06-16 11:20:20 +00:00
aa800fa0fe
Merge branch 'master' into staging
2015-06-15 09:56:29 +02:00
e08bbc0bc1
Merge pull request #8159 from cransom/dd-agent
...
Allow custom tags to be set for datadog monitoring
2015-06-15 18:43:14 +02:00
d3212beff9
Allow custom tags to be set for datadog monitoring
2015-06-15 16:37:27 +00:00
6e6a96d42c
Some more type cleanup
2015-06-15 18:18:46 +02:00
c63bc92d4c
types.uniq types.str -> types.str
2015-06-15 18:12:32 +02:00
19ffa212af
types.uniq types.int -> types.int
...
types.int already implies uniqueness.
2015-06-15 18:11:32 +02:00
c738b309ee
types.uniq types.bool -> types.bool
2015-06-15 18:10:26 +02:00
9366af1b94
"types.uniq types.string" -> "types.str"
2015-06-15 18:08:49 +02:00
74d5adcb4d
nixos: move environment.{variables => sessionVariables}.MODULE_DIR
...
This solves the problem that modprobe does not know about $MODULE_DIR
when run via sudo, and instead wrongly tries to read /lib/modules/:
$ sudo strace -efile modprobe foo |& grep modules
open("/lib/modules/3.14.37/modules.softdep", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/lib/modules/3.14.37/modules.dep.bin", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/lib/modules/3.14.37/modules.dep.bin", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/lib/modules/3.14.37/modules.alias.bin", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
Without this patch, one would have to use sudo -E (preserves environment
vars). But that option is reserved for sudo users with extra rights
(SETENV), so it's not a solution.
environment.sessionVariables are set by PAM, so they are included in the
environment used by sudo.
2015-06-14 18:56:58 +02:00
a2deb7a2c9
Merge pull request #8322 from unaizalakain/master
...
The user specified in the conf should run MPD
2015-06-14 11:41:36 +02:00
ebde5fd9d4
Use the right nix when doing things in our amazoninit
2015-06-13 21:26:50 -04:00
8811724ec9
The user specified in the conf should run MPD
2015-06-13 23:24:19 +02:00
2434ee4aab
Allow setting mediatomb interface
2015-06-13 15:16:28 +00:00
033605e87f
Merge branch 'nixos-subdir'
...
Conflicts:
nixos/modules/system/boot/loader/grub/grub.nix
2015-06-13 15:18:12 +02:00
c3e832b323
stage-1: mkdir -p /mnt-root, it may be created earlier by some hooks
2015-06-13 15:02:51 +02:00
3754de550f
nixos/grub: allow customization of the nix store path
2015-06-13 15:02:00 +02:00
954801a9a8
Merge branch 'master.upstream' into staging.upstream
2015-06-12 13:47:46 -07:00
5ee75e236c
apache-kafka: Enable overriding the kafka package
2015-06-12 15:56:06 -04:00
fd187980c7
Put dysnomia in system environment if Disnix is enabled
2015-06-12 16:18:42 +00:00
ffc6275e55
dnscrypt-proxy service: support custom providers
...
The primary use-case is private DNSCrypt providers.
Also rename the `port` option to differentiate it from the
`customResolver.port` option.
2015-06-12 15:12:33 +02:00
8131065b63
dnscrypt-proxy service: use mkEnableOption
2015-06-12 15:12:33 +02:00
2e8bc2bd5c
nixos: cosmetic improvements to dnscrypt-proxy service module
...
Remove superflous whitespace & comments
2015-06-12 15:12:33 +02:00
a88a6bc676
nixos: additional hardening for dnscrypt-proxy
...
- Run as unprivileged user/group via systemd, obviating the need to
specify capabilities, etc.
- Run with private tmp and minimal device name space
2015-06-12 15:12:33 +02:00
823bb5dd4d
nixos: implement socket-activation for dnscrypt-proxy
...
The socket definition is derived from upstream with the
exception that it does not depend on network.target, as
this creates a cycle between basic.target and sockets.target.
The apparmor profile has been updated to account for additional
runtime dependencies introduced by enabling systemd support.
2015-06-12 15:12:33 +02:00
dfe20de782
nixos: permit dnscrypt-proxy service to read basic user/group info
...
If nscd is not running, dnscrypt-proxy crashes without read access
to /etc/{password,group,nsswitch.conf}.
2015-06-12 15:12:30 +02:00
07aa0f7f21
Revert "Use nixUnstable by default"
...
This reverts commit 64a41b7a90
2015-06-12 13:20:18 +02:00
da7748a6fc
nixos: set high fs.inotify.max_user_watches when xserver is enabled
2015-06-12 13:02:35 +02:00
399b549611
Fix: xen-bridge systemd service
2015-06-12 12:52:14 +02:00
a6e12c23fc
Link Xen scripts to /etc/xen
2015-06-12 12:52:14 +02:00
4b758e374e
Initial attempt at configuring from EC2 userdata (with input from cstrahan). Now with VM tests!
2015-06-11 23:16:35 -04:00
ffcd8acee6
nixos/pulseaudio: Fix description
2015-06-11 17:26:12 -07:00
7a0ca52267
scollector: Change type of collectors to allow proper merging
2015-06-11 16:49:43 +02:00
502a19b2b4
nixos/grub: Support labeling efi bootloaders with independent id's
2015-06-10 15:47:08 -07:00
4a57b07653
Merge remote-tracking branch 'origin/master' into staging
2015-06-11 00:18:24 +02:00
c891134b77
nixos/grub: Prevent module errors and make gfxmode configurable
2015-06-10 11:50:35 -07:00
aece1407d5
pulseaudio: Add a flag for supporting 32-bit
2015-06-10 11:50:35 -07:00
6e73884c31
Merge pull request #8204 from copumpkin/modulesPath
...
An importable modulesPath, once again
2015-06-10 12:32:04 -04:00
d906939e74
Installer tests: Don't use the ISO
...
We already have separate tests for checking whether the ISO boots
correctly, so it's not necessary to do that here. So now
tests/installer.nix just tests nixos-install, from a regular NixOS VM
that uses the host's Nix store. This makes running the tests more
convenient because we don't have to build a new ISO after every
change.
2015-06-10 15:28:56 +02:00
e5db79a859
Move stuff to modules/profiles/installation-device.nix
2015-06-10 15:28:55 +02:00
1c22734cd2
Forcing the load of atkbd in initrd.
...
In some computers, having the module available does not really load it,
therefore, it results in not having the keyboard avaiable in initrd.
2015-06-10 12:16:25 +02:00
6d859229e1
Remove unnecessary option. My mistake...
2015-06-10 08:36:55 +00:00
42323dc155
Merge cwoac:mysql_socket
2015-06-10 08:31:12 +00:00
d5b8dda043
mediatomb: fix hardcoded paths
2015-06-10 02:32:33 +02:00
0b68b92062
nixos i18n.consoleFont: choose a different default
...
Distros often choose Terminus as the default, and it supports some
non-ASCII characters that we use in config. Fixes #8107 .
2015-06-09 20:13:42 +02:00
48381b7621
nixos-artwork: Make into a derivation and use fetchfromgithub
2015-06-08 18:32:32 -07:00
b79a5e812a
nixos/quassel: Use qt5 instead of qt4
...
This really speeds up building quassel daemon since qt5 can be built in
parallel while qt4 cannot.
2015-06-08 15:37:34 -07:00
7464908ae4
Merge pull request #8232 from dezgeg/pr-installer-fix
...
install-cd: Include nixos-artwork to fix installer tests
With the move from storing grub images in the nixpkgs repo to storing them in the nix store, we broke the installer tests as the iso does not contain the artwork needed for the grub splash. This commit fixes the inclusion of the artwork in the iso.
2015-06-08 14:42:57 -07:00
16165ddc38
install-cd: Include nixos-artwork to fix installer tests
...
Should fix at least nixos.tests.installer.simple.x86_64-linux
http://hydra.nixos.org/build/23001712 :
machine# error: cannot download Encode-Locale-1.03.tar.gz from any mirror
machine# builder for ‘/nix/store/y8gbx2d2fdcvvjy1z53xksfgq66ydlx0-Encode-Locale-1.03.tar.gz.drv’ failed with exit code 1
machine# cannot build derivation ‘/nix/store/y1knci7rix3asnh2b4kfv8jhl2j99xih-perl-Encode-Locale-1.03.drv’: 1 dependencies couldn't be built
machine# cannot build derivation ‘/nix/store/7xspjwh48kg16drv1jjg5cffaqbxbp8p-perl-libwww-perl-6.05.drv’: 1 dependencies couldn't be built
machine# cannot build derivation ‘/nix/store/8qsmz3bbk1jwhh50c3i9700bkmn8ns5c-nss-cacert-3.19.1.drv’: 1 dependencies couldn't be built
machine# cannot build derivation ‘/nix/store/0rgf2l3mdszs4a989ympwc9gk2k8wq6z-nixos-artwork-e71b684.drv’: 1 dependencies couldn't be built
...
2015-06-08 19:12:59 +03:00
b570c644c9
Merge pull request #8223 from offlinehacker/pkgs/rippled/update
...
rippled: Update to 0.28.1
2015-06-08 16:49:39 +02:00
a5d0ac2003
Merge pull request #8227 from offlinehacker/nixos/consul/alerts-fix
...
nixos/consul: fix consul alerts enable
2015-06-08 14:34:48 +02:00
161418537c
rippled: Update to 0.28.1
2015-06-08 14:15:07 +02:00
2e5dbc4746
Add ripple rest module
2015-06-08 13:48:23 +02:00
c9da002a07
nixos/consul: fix consul alerts enable
2015-06-08 13:41:43 +02:00
cc96e474d3
Merge pull request #8226 from offlinehacker/kubernetes/skydns
...
Add skydns module
2015-06-08 13:37:39 +02:00
23504e5bf2
Add skydns module
2015-06-08 13:36:05 +02:00
e24eefedd6
Merge pull request #8217 from ip1981/mwlib
...
mwlib uses pdftk to create books
2015-06-08 14:28:12 +03:00
f7a452c8c1
nixos/kubernetes: skydns integration
2015-06-08 13:15:26 +02:00
392fc849e4
Update kubernetes to 0.18.0, fix module
2015-06-08 13:10:32 +02:00
8b79a09f78
Merge pull request #7553 from offlinehacker/pkgs/python-packages/graphite-beacon
...
Add graphite beacon package and module
2015-06-08 12:17:01 +02:00
509afe860b
Merge pull request #7547 from offlinehacker/nixos/docker-registry/fixes
...
nixos/docker-registry: docker independant docker registry
2015-06-08 12:15:35 +02:00
98d5b81dad
nixos: add grafana module
2015-06-08 12:13:15 +02:00
d85be1cfa3
mwlib uses pdftk to create books
2015-06-08 08:35:12 +00:00
b13cb54614
Bring an importable modulesPath back from the dead, in the only way I know
2015-06-08 01:55:49 +00:00
514a9fdf87
Merge pull request #8173 from dezgeg/pr-kernel-config
...
kernel-config: Enable framebuffer console for BIOS systems & /proc/config.gz for ARM
2015-06-07 10:14:51 -07:00
42c65fd1c9
Merge pull request #8206 from bjornfor/postfix-var-mail
...
nixos/postfix: make symlink /var/mail -> /var/spool/mail
2015-06-07 18:10:11 +02:00
46b05f0e08
Merge pull request #8193 from lostdj/patch-1
...
bittorrentsync: fix storage_path.
2015-06-07 17:53:19 +02:00
12e84c6378
nixos/postfix: make symlink /var/mail -> /var/spool/mail
...
This solves the problem of e.g. mutt not finding mail unless the user
sets MAIL=/var/spool/mail/$USER.
The default MAIL variable seems come from bash. Reasons for adding
symlink instead of changing MAIL default in bash:
- No need to rebuild world
- FHS recommends /var/mail over /var/spool/mail anyway[1]. Better fix
NixOS mail location than change MAIL in bash to something that doesn't
work on non-NixOS (however unlikely that users run nixpkgs bash on a
non-NixOS distro...).
[1] http://www.pathname.com/fhs/pub/fhs-2.3.html#VARMAILUSERMAILBOXFILES
2015-06-07 10:38:11 +02:00
9d6555dc0a
Merge branch 'master.upstream' into staging.upstream
2015-06-06 12:04:42 -07:00
ffd0539eba
cacert: store ca-bundle.crt in $out/etc/ssl/certs instead of $out
2015-06-05 13:00:52 -07:00
714377f8dc
bittorrentsync: fix storage_path.
...
If this path is a symlink, btsync won't be able to read it if it's not ending with "/".
As seen in f02d4ec9ed0539ed4771
2015-06-05 18:39:01 +03:00
f1d465f429
pulseaudio: Revert to regular style
...
Also, the NixOS module uses pulseaudioLight in order to prevent
excessive dependency bloat.
2015-06-04 14:54:54 +02:00
7318ff0e38
Add option ‘system.extraDependencies’ for including stuff in the system closure
...
Mostly useful for installer tests that don't have network access. This
generalizes virtualisation.pathsInNixDB and isoImage.storeContents.
2015-06-04 11:06:44 +02:00
6bf1853387
Don't include 4 editors in the minimal installation CD
...
Emphasis on "minimal".
2015-06-04 11:06:44 +02:00
9c2f2bc893
kernel-config: Enable FB_VESA and FRAMEBUFFER_CONSOLE
...
Commit 159fed47bcFixes #8139
2015-06-04 11:26:20 +03:00
d144ece04e
Merge pull request #8127 from ip1981/mwlib
...
Add more dependencies for mwlib
2015-06-03 12:50:02 +02:00
a278a9224a
systemd: Use upstream tmpfiles.d rules
...
This fixes a failing assert in systemd-timesyncd (issue #5913 ) as it
expects the directory /run/systemd/netif/links/ to exist, and nothing in
NixOS currently creates it.
Also we get a net reduction in our code as rules for /run/utmp and
/var/log/journal are also provided by the same upstream file.
2015-06-03 10:49:01 +02:00
0666ee4739
Merge pull request #6732 from oconnorr/master
...
Use mktemp to create temporary files to hold ssh host keys and authorized keys
2015-06-02 20:34:43 +02:00
c12e1d7278
minimal-iso: enable nixos-manual
2015-06-02 18:14:45 +02:00
95c6b835cb
mwlib may use pyfribidi
2015-06-02 06:14:34 +00:00
58f6da5cc6
mwlib may use imagemagick (convert)
2015-06-02 06:06:02 +00:00
70cb6e67c0
nixos/apcupsd: don't evaluate event hooks at build time
...
Better replace the double quotes in 'echo "${commands}"' with single
quotes, to prevent the shell from doing command substitution etc. at
configuration build time.
2015-06-01 22:14:03 +02:00
64a41b7a90
Use nixUnstable by default
2015-06-01 18:20:28 +02:00
3b6dbb1917
Merge pull request #7984 from rushmorem/marathon-module-update
...
Make it easy to override the marathon framework user
2015-06-01 17:06:50 +02:00
dc3316268e
Merge branch 'master' into staging
2015-06-01 11:00:51 +02:00
7edb27b7af
Hide the option fonts.enableCoreFonts
...
We shouldn't have options that simply enable a package.
2015-06-01 10:43:43 +02:00
867d2c5c46
openssl: Remove References to OPENSSL_X509_CERT_FILE
2015-05-31 15:50:51 -07:00
3588cd8c4e
nixos/pulseaudio: Use libpulseaudio
2015-05-29 20:36:46 -07:00
d6cbb061e3
cacert: Build directly from nss instead of our own tarball
2015-05-29 13:52:07 -07:00
aa5d6922c5
Revert "Set boot.loader.grub.configurationLimit to 1 for gce/azure/amazon images. Setting to 0 results in empty grub config."
...
The issue was that grub was not building the default entry which would
leave systems unbootable. This can now be safely reverted as the default
entry is being built once again.
This reverts commit fd1fb0403c
2015-05-29 13:26:51 -07:00
1e98da6d99
nixos/grub: Use nixos artwork
2015-05-29 13:26:32 -07:00
159fed47bc
nixos/grub: Fix video display on efi
2015-05-29 13:26:32 -07:00
d4f3930201
nixos/grub: Fix defaultConfig
2015-05-29 13:26:32 -07:00
29b7d76ec8
Remove use of && in fetch-ssh-keys service.
...
Scripts are run with -e so will abort when a command fails.
2015-05-29 19:53:58 +00:00
4744e3541a
[GCE] Put temp files for fetch-ssh-keys service in /run
2015-05-29 19:53:57 +00:00
1badfabc4d
Use mktemp to create temporary files to hold ssh host keys and authorized keys when downloading them from the metadata server.
2015-05-29 19:53:57 +00:00
fd1fb0403c
Set boot.loader.grub.configurationLimit to 1 for gce/azure/amazon images. Setting to 0 results in empty grub config.
2015-05-29 19:36:16 +00:00
9c7fae83ee
Make it easy to override the marathon framework user
...
Currently the module hardcodes the systemd service user to "marathon".
With this change one would not need to create an extra systemd config to
override the user.
So why would one need to override the Marathon user? Some apps require
root access to run. You can't run those with Marathon unless you
override the default user to root. Marathon also provides a
`--mesos_user` command line flag which allows you to run apps using
arbitrary users. You need to run the framework as root to enable this
functionality.
2015-05-29 18:07:07 +02:00
cb02d37c31
Merge pull request #8034 from ragnard/apache-kafka-exit-code
...
apache-kafka: Treat exit code 143 as success.
2015-05-28 11:59:06 +02:00
9f25762d29
apache-kafka: Treat exit code 143 as success.
...
JVMs exit with exit code 128+signal when receiving a (terminating)
signal. This means graceful termination of a JVM will result in 143, so
add that to `SuccessExitStatus` in systemd service unit.
2015-05-28 10:52:50 +01:00
ab0ac154f9
Merge pull request #7302 from ragnard/mesos-slave-without-docker
...
mesos-slave: Docker optional & IP address configurable
2015-05-28 11:43:01 +02:00
045e93e0a6
mesos-slave: docker and IP address config options
...
- Usage of docker containerizer is currently hardcoded, this PR makes it
optional. Default is to enable it if docker is enabled.
- Make IP address to listen on part of service configuration.
2015-05-28 06:58:12 +01:00
7355066bfe
nixos: add support for exfat filesystem
2015-05-27 18:59:33 +03:00
71fc9aac4d
Merge pull request #7992 from ip1981/mwlib
...
Added mwlib services
2015-05-27 16:59:57 +02:00
7ed1fb30e2
Added mwlib services
...
Simple local usage:
mwlib = {
nserve = {
enable = true;
};
qserve = {
enable = true;
};
};
For MediaWiki:
$wgCollectionMWServeURL = 'http://localhost:8899 ';
$wgCollectionFormats = array(
'rl' => 'PDF',
'odf' => 'ODT',
);
$wgCollectionPortletFormats = array (
'odf', 'rl'
);
2015-05-27 14:55:22 +00:00
43690ae4ee
Merge pull request #7987 from magnetophon/das_watchdog-master
...
add das_watchdog: a realtime watchdog
2015-05-27 11:47:15 +03:00
2a1c342887
Disable the manual in the minimal profile
2015-05-26 20:20:53 +02:00
ae2279bcdb
nixos-containers: bindMounts: change default to readOnly. use EXTRA_NSPAWN_FLAGS
2015-05-26 13:41:31 +00:00
c3b7a8b053
add das_watchdog: a realtime watchdog
2015-05-26 15:13:59 +02:00
4d551227c9
nixos-container: rename extraBinds to bindMounts and use attribute set format.
2015-05-26 11:56:42 +00:00
1113efec5e
Merge pull request #7559 from offlinehacker/openvswitch/ipsec
...
openvswitch: ipsec support
2015-05-26 11:26:02 +01:00
4fd0f2cf4d
Merge pull request #7558 from offlinehacker/nixos/docker/typefix
...
nixos/docker: set extraOptions to separatedString type
2015-05-26 11:22:50 +01:00
a35e1ddfb2
Merge pull request #7566 from offlinehacker/nixos/node-docker-registry/module
...
nixos: add node docker registry server
2015-05-26 11:07:22 +01:00
002c687edf
nova-image: Delete no longer used comment
2015-05-26 11:05:52 +01:00
0d454d863f
Merge pull request #7876 from rzetterberg/issue-7869
...
nixos: Fixes eval and build error of nova image builder
2015-05-26 11:05:06 +01:00
aff1c293ef
Merge pull request #7998 from dezgeg/pr-ddclient-ssl
...
ddclient: Set SSL_CERT_FILE environment variable
2015-05-26 10:25:47 +02:00
b07d2a447b
nixos/grub: Fix assertion
2015-05-25 23:03:31 -07:00
2966068968
ddclient: Set SSL_CERT_FILE environment variable
...
Otherwise connection to SSL hosts fails like this:
May 26 06:44:05 kbuilder ddclient[17084]: WARNING: cannot connect to dynamicdns.park-your-domain.com:443 socket:
IO::Socket::IP configuration failed SSL connect attempt failed with unknown error
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
2015-05-26 06:45:25 +03:00
fd5b273e82
nixos/grub: Add the ability to mirror grub to multiple partitions
2015-05-25 20:23:06 -07:00
f42d2503d7
Merge pull request #7643 from Shados/fix-grub-efi-only
...
grub2: Fix EFI-only installation
2015-05-25 13:55:20 -07:00
c4f66eb85d
unify extraBindsRW/RO into extraBinds. Now arbitrary mount point is supported.
2015-05-25 19:09:53 +00:00
4835763e13
Trackpoint scrolling on T450s et al
2015-05-25 20:00:35 +02:00
847f8297fc
Added config options for systemd-coredump functionality.
2015-05-24 18:22:53 -06:00
cac38c8664
extraBindsRO/extraBindsRW
2015-05-24 16:31:59 +00:00
50fa9d8eea
Merge pull request #7941 from peti/allow-custom-ssh-moduli-file
...
nixos: add config.services.openssh.moduliFile option so that users can replace the default file from OpenSSH
2015-05-22 20:51:42 +02:00
86d299bc6e
nixos: add config.services.openssh.moduliFile option so that users can replace the default file from OpenSSH
...
The man page for ssh-keygen(1) has a section "MODULI GENERATION" that describes
how to generate your own moduli file. The following script might also be helpful:
| #! /usr/bin/env bash
|
| moduliFiles=()
|
| generateModuli()
| {
| ssh-keygen -G "moduli-$1.candidates" -b "$1"
| ssh-keygen -T "moduli-$1" -f "moduli-$1.candidates"
| rm "moduli-$1.candidates"
| }
|
| for (( i=0 ; i <= 16 ; ++i )); do
| let bitSize="2048 + i * 128"
| generateModuli "$bitSize" &
| moduliFiles+=( "moduli-$bitSize" )
| done
| wait
|
| echo >moduli "# Time Type Tests Tries Size Generator Modulus"
| cat >>moduli "${moduliFiles[@]}"
| rm "${moduliFiles[@]}"
Note that generating moduli takes a long time, i.e. several hours on a fast
machine!
This patch resolves https://github.com/NixOS/nixpkgs/pull/5870 .
2015-05-22 16:28:45 +02:00
bcfa84cae2
Merge pull request #7878 from dezgeg/pr-extlinux
...
generic-extlinux-compatible: Add new bootloader for ARM
2015-05-22 16:02:22 +02:00
09d06f5ffd
Merge remote-tracking branch 'origin/master' into systemd-219
...
Conflicts:
pkgs/development/libraries/libseccomp/default.nix
2015-05-22 15:57:36 +02:00
588b92a7d2
systemd: Update to 220
2015-05-22 15:34:08 +02:00
31a273cb14
nixos/tinc: users are system users
2015-05-21 20:11:13 -07:00
4f943ef237
nixos/lightdm: More changes
2015-05-21 20:10:52 -07:00
f134150180
Merge pull request #7857 from rushmorem/marathon-module-update
...
Update Marathon module
2015-05-21 16:52:14 +03:00
b5820a5ebd
Update Marathon module
...
The new module makes it possible to pass extra commandline
arguments to Marathon as well as environment variables.
2015-05-21 15:45:13 +02:00
4ed8cdc3d4
nixos/bird: Fix doc compilation
2015-05-20 18:53:54 -07:00
acdc3e6c9a
nixos/lightdm: Some fixups
2015-05-20 18:32:12 -07:00
a9171953c6
Merge pull request #7860 from Lassulus/bird
...
nixos: add bird module
2015-05-21 03:24:20 +03:00
e98da673e4
nixos-checkout: Add nixpkgs-channels as a remote
...
This way, you can do things like
git checkout channels/nixos-14.12
to get the latest tested and built version of NixOS.
2015-05-20 14:16:36 +02:00
8ed3ab50ea
azure-image: common: add sg3_utils
2015-05-20 13:25:01 +03:00
2fe9084397
azure-image: fix, split into bootstrap and regular configurations
...
Conflicts:
nixos/modules/virtualisation/azure-image.nix
2015-05-20 13:24:38 +03:00
db991a4024
nixos/libvirtd: remove --verbose flag
...
Because it spams the log:
.libvirtd-wrapp[1950]: OBJECT_UNREF: obj=0x7f5d900b4200
.libvirtd-wrapp[1950]: EVENT_POLL_UPDATE_HANDLE: watch=874 events=13
.libvirtd-wrapp[1950]: OBJECT_UNREF: obj=0x7f5d900b4200
.libvirtd-wrapp[1950]: EVENT_POLL_RUN: nhandles=24 timeout=-1
.libvirtd-wrapp[1950]: EVENT_POLL_DISPATCH_HANDLE: watch=874 events=1
.libvirtd-wrapp[1950]: OBJECT_REF: obj=0x7f5d900b4200
.libvirtd-wrapp[1950]: [137B blob data]
2015-05-20 12:14:18 +02:00
3d2d78cb39
nixos/libvirtd: add 'extraOptions' option
...
And move the '--verbose' flag to extraOptions, so that users can easily
disable it.
2015-05-20 12:14:18 +02:00
3e35ea305f
postgresql-backup: cleanup
2015-05-19 18:35:22 +03:00
9d07c54fa1
nixos: add bird module
...
patch bird to look in /var/run for birc.ctl
2015-05-19 15:42:24 +02:00
25f9555599
Drop GNOME 3.12
2015-05-18 12:24:08 +02:00
c8501a4218
Set up /etc/machine-id before starting systemd
...
Otherwise, systemd will try to populate /etc, which we don't want.
2015-05-18 11:35:00 +02:00
6d176afe5e
generic-extlinux-compatible: Add new bootloader for ARM
...
This module generates a /boot/extlinux/extlinux.conf bootloader
configuration file that is supported by e.g. U-Boot:
http://git.denx.de/?p=u-boot.git;a=blob;f=doc/README.distro;hb=refs/heads/master
With this, all ARM boards supported by U-Boot can be booted in a common
way (a single boot file generator, all boards booting via initrd like
x86) and with same boot menu functionality as GRUB has.
-- sample extlinux.conf file --
# Generated file, all changes will be lost on nixos-rebuild!
# Change this to e.g. nixos-42 to temporarily boot to an older configuration.
DEFAULT nixos-default
TIMEOUT 50
LABEL nixos-default
MENU LABEL NixOS - Default
LINUX ../nixos/n7vxfk60nb5h0mcbhkwwxhcz2q2nvxzv-linux-4.1.0-rc3-cpufreq-zImage
INITRD ../nixos/0ss2zs8sb6d1qn4gblxpwlxkfjsgs5f0-initrd-initrd
FDTDIR ../nixos/n7vxfk60nb5h0mcbhkwwxhcz2q2nvxzv-linux-4.1.0-rc3-cpufreq-dtbs
APPEND systemConfig=/nix/store/469qvr43ln8bfsnk5lzcz6m6jfcgdd4r-nixos-15.06.git.0b7a7a6M init=/nix/store/469qvr43ln8bfsnk5lzcz6m6jfcgdd4r-nixos-15.06.git.0b7a7a6M/init loglevel=8 console=ttyS0,115200n8 drm.debug=0xf
LABEL nixos-71
MENU LABEL NixOS - Configuration 71 (2015-05-17 21:32 - 15.06.git.0b7a7a6M)
LINUX ../nixos/n7vxfk60nb5h0mcbhkwwxhcz2q2nvxzv-linux-4.1.0-rc3-cpufreq-zImage
INITRD ../nixos/0ss2zs8sb6d1qn4gblxpwlxkfjsgs5f0-initrd-initrd
FDTDIR ../nixos/n7vxfk60nb5h0mcbhkwwxhcz2q2nvxzv-linux-4.1.0-rc3-cpufreq-dtbs
APPEND systemConfig=/nix/store/469qvr43ln8bfsnk5lzcz6m6jfcgdd4r-nixos-15.06.git.0b7a7a6M init=/nix/store/469qvr43ln8bfsnk5lzcz6m6jfcgdd4r-nixos-15.06.git.0b7a7a6M/init loglevel=8 console=ttyS0,115200n8 drm.debug=0xf
2015-05-17 23:38:03 +03:00
bd5011fc34
Fixes eval and build error of nova image builder
2015-05-17 20:55:07 +02:00
0b3e2becca
Merge pull request #7829 from joamaki/vmware_guest
...
VMWare guest support and open-vm-tools package
2015-05-15 15:13:30 +03:00
6a0d21eb86
VMWare guest support and open-vm-tools package
2015-05-15 12:43:21 +02:00
946e7dca61
Merge pull request #7842 from dezgeg/pr-nix-serve
...
nix-serve: Add nixos module
2015-05-14 22:44:43 +03:00
1103392dd9
Merge pull request #7794 from womfoo/kbdlight
...
Add kbdlight package and setuid wrapper
2015-05-14 17:09:28 +02:00
fd8cb1ff2d
nix-serve: Add nixos module
...
This allows sharing the Nix store of the machine as a binary cache
simply by setting 'services.nix-serve.enable = true'.
2015-05-14 12:27:28 +03:00
fc8011ad8d
Ensure that nscd, sshd are created as system users
...
c0f70b4694http://hydra.nixos.org/build/22182588
2015-05-13 16:23:36 +02:00
e9679ce32a
postgresql-backup: use system postgresql package
2015-05-13 16:06:50 +03:00
2806491cc4
nixos/consul: Add shell for health checks
2015-05-11 17:44:07 -07:00
b6e26aa8df
nixos/consul: Support a config directory for health checks
2015-05-11 16:45:04 -07:00
1938dc9b54
nixos/consul: Remove the joinNodes and joinRetries options as they are now built in consul options
2015-05-11 16:27:53 -07:00
388dac478d
stage-1: Shut up warnings about swap devices that don't exist yet
2015-05-11 18:18:36 +02:00
76055df52d
Allow systemd-journald to be restarted
...
With systemd 219, this is fine because systemd will cause the new
journald to re-use the file descriptors of the old one. So existing
connections to the journal are unaffected.
2015-05-11 18:18:36 +02:00
b978df019a
stage-2: Don't run hwclock in containers
2015-05-11 18:18:36 +02:00
c8ef598945
stage-1: Don't mount /dev/shm if it's already mounted
2015-05-11 18:18:36 +02:00
f19b58fb6a
Create systemd-{network,resolve} user/group unconditionally
...
This shuts up this error from dbus:
May 11 13:52:16 machine dbus-daemon[259]: Unknown username "systemd-network" in message bus configuration file
May 11 13:52:16 machine dbus-daemon[259]: Unknown username "systemd-resolve" in message bus configuration file
which happens because the D-Bus config for networkd/resolved is
enabled unconditionally, and we don't have an easy way to turn it off.
2015-05-11 18:18:36 +02:00
c52a983806
Use ConditionVirtualization to disable some services in containers
2015-05-11 18:18:35 +02:00
fe952a42a7
systemd: Update to 219
2015-05-11 18:18:35 +02:00
26492cdba3
Merge pull request #7434 from Forkk/plex-media-server
...
plex: add support for managing plugins via Nix
2015-05-11 14:48:30 +03:00
492471b453
Apply some overrides to upstream systemd units
...
This removes the need for the following patches:
9a6cade9939f7e832c90
2015-05-11 12:43:35 +02:00
c0727fb751
Merge pull request #7788 from Lassulus/charybdis
...
add charybdis nixos module
2015-05-11 12:57:58 +03:00
304cab2b46
add charybdis nixos module
2015-05-11 11:38:53 +02:00
bb4d658f64
Merge branch 'master' into staging
...
Conflicts:
nixos/doc/manual/release-notes/rl-unstable.xml
nixos/modules/services/printing/cupsd.nix
pkgs/applications/misc/calibre/default.nix
pkgs/development/haskell-modules/hackage-packages.nix
pkgs/development/libraries/libsodium/default.nix
pkgs/misc/emulators/wine/unstable.nix
pkgs/top-level/all-packages.nix
2015-05-11 10:05:23 +02:00
6f634e3c3a
Add kbdlight package and setuid wrapper
...
update nixos/modules/programs/kbdlight.nix to use mkEnableOption
2015-05-11 13:23:01 +08:00
aa75bb25d8
grsecurity: Update stable and test patches
...
stable: 3.1-3.14.41-201505072056 -> 3.1-3.14.41-201505101121
test: 3.1-4.0.2-201505072057 -> 3.1-4.0.2-201505101122
2015-05-11 02:45:38 +02:00
ba186ec4b9
mesos service: only pass --zk if quorum > 0
...
The ZooKeeper URL is not necessary when using in-memory slave
registration.
2015-05-10 19:36:20 -04:00
760169663e
mesos: fix indentation in service definition
2015-05-10 17:23:33 -04:00
19dbe42aeb
Revert "cups: Rename "browsing" config option to "advertise""
...
This reverts commit 48e65cec4e
2015-05-10 20:47:50 +02:00
652d06207d
cups: Rename "browsing" config option to "advertise"
2015-05-10 13:46:32 +02:00
6f69dd46d7
cups: Add defaultShared, browsing and webInterace config option
2015-05-10 13:46:32 +02:00
f4d9c9043c
cups: Remove deprecated config options from cupsd.conf
2015-05-10 13:46:32 +02:00
e9cf6cd34f
cups: Use systemd files provided by CUPS
2015-05-10 13:46:32 +02:00
48e65cec4e
cups: Rename "browsing" config option to "advertise"
2015-05-10 12:41:21 +02:00
2cc8d15653
cups: Add defaultShared, browsing and webInterace config option
2015-05-10 12:41:21 +02:00
3710dbec05
cups: Remove deprecated config options from cupsd.conf
2015-05-10 12:41:20 +02:00
4ac95ab328
cups: Use systemd files provided by CUPS
2015-05-10 12:41:20 +02:00
21dd114f82
Revert "Making nixos keep a ref to its stdenv"
...
This reverts commit d170c98d13
2015-05-09 21:11:49 +00:00
d170c98d13
Making nixos keep a ref to its stdenv
...
This will help a lot on ARM, where nix-collect-garbage erases gcc; then, any
change to a small system config file requires rebuilding gcc again.
I don't know why it does not happen on x86. Maybe it just pulls the gcc from
hydra, if garbage is collected.
2015-05-09 20:19:34 +00:00
d8a2bb86c0
Raspberry Pi 2 changes to make it boot.
...
It boots, but some things still don't work:
1) Installation of DTBs
2) Boot of initrd
Booting still needs a proper config.txt in /boot, which could probably be
managed by NixOS.
2015-05-09 17:05:24 +00:00
c9395e1e92
Merge branch 'master' into staging
2015-05-08 05:59:50 -07:00
650d3f8fc4
Revert restartIfChanged on fetch-ec2-data, as it breaks deployments that set ec2.metadata = true, as the existing (default) blackhole will not be cleared.
...
(cherry picked from commit ccf672ca6b055e5e862e45b65d122754c16cf7d1)
2015-05-07 08:51:38 +00:00
074c4a7f78
Merge remote-tracking branch 'upstream/master' into staging
2015-05-07 01:44:49 -07:00
7aed6ddbb4
Merge pull request #7482 from qknight/mysql_socket_permissions
...
/run/mysqld now 0755 (instead 0700)
2015-05-07 01:55:00 +02:00
db79335c07
mysql: /run/mysql now 0755 (instead 0700)
...
see https://github.com/NixOS/nixpkgs/pull/7482
2015-05-07 01:51:05 +02:00
40b9e938b6
postfix service: description enhancement
...
closes #7651
2015-05-06 21:53:39 +02:00
a6ebccfbb8
Sane default configuration for sabnzbd module
...
Added option to set user. Use unpriviledged user by default. Add sane
default for configuration location.
2015-05-05 00:18:22 -04:00
5ccbfb2dcc
tarsnap: fix up permissions of existing cache directories
2015-05-04 18:58:35 +00:00
4239e276ea
fetch-ec2-data: Don't restart
...
This service only needs to run once on system startup, so it doesn't
need to be restarted by switch-to-configuration.
2015-05-04 16:56:46 +02:00
28e49dcb41
Style fix
2015-05-04 14:18:14 +02:00
c2bf9c3ee3
Typo
2015-05-04 14:16:19 +02:00
f2870bd77d
Merge pull request #7601 from cstrahan/iso-name-fix
...
nixos: fix infinite recursion in isoImage.isoName
2015-05-04 10:24:38 +02:00
2325791c2b
plasma53: patch upstream startkde
...
Rather than shipping our own startkde script, we will go back to
patching upstream's script. This will be less confusing to potential
contributors.
2015-05-03 17:09:50 -05:00
2216728979
add support for pam_u2f to nixos pam module
...
This adds support for authenticating using a U2F device such as a
yubikey neo.
2015-05-03 19:22:00 +01:00
2a8577d7fe
Correct spelling
2015-05-03 19:15:03 +10:00
00ef77f426
Merge pull request #7565 from offlinehacker/nixos/confd/module
...
nixos: add confd module
2015-05-02 14:43:02 +02:00
00df204c82
Merge remote-tracking branch 'upstream/master' into staging
2015-05-01 15:57:09 -07:00
ba50d48400
mbpfan: service improvements
...
* add verbosity setting
* don't set mbpfan as a setuid program
2015-05-01 17:11:55 -04:00
d83399dcd9
mgpfan: new service
2015-04-30 21:21:15 -04:00
6823b5e657
Merge pull request #7636 from bramd/brltty
...
Added BRLTTY package
2015-05-01 00:21:49 +02:00
60da99ea2a
grub module: removed invalid device check for grub EFI installation
2015-04-30 19:28:34 +10:00
4cdb4a4fef
networkd: Fix evaluation of systemd.network units.
...
During the refactor of the networkd stuff in f8dbe5ffix #7505 for at least DHCP-based configuration.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-04-30 06:49:10 +02:00
49fa00cded
networkd: Fix disabled networkd units.
...
In f8dbe5f#7505 .
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-04-30 06:49:10 +02:00
9a535b9023
Added BRLTTY package
2015-04-29 23:02:09 +02:00
ff88f4bcda
nixos-install: correctly detect stdin
2015-04-29 18:48:21 +02:00
1fe28a1132
Merge remote-tracking branch 'upstream/master' into staging
2015-04-29 11:33:28 -05:00
ad0bd73775
Work around infinite recursion issue in nixops.
2015-04-29 09:55:20 +00:00
8150cf11b0
Merge pull request #7605 from ip1981/wiki
...
Mediawiki updates
2015-04-28 19:00:27 +03:00
f5e7190572
nixos.system_tarball_pc: Fix evaluation
...
It was broken due to 57b05765c9
2015-04-28 17:15:02 +02:00
8233fd5c6a
i2p: add service to module-list
2015-04-28 14:35:36 +02:00
f5bc58d733
Merge pull request #7545 from offlinehacker/pkgs/kubernetes/fixes
...
kubernetes: update to 0.15, module fixes
2015-04-28 14:12:53 +02:00
7b878a7ca9
Merge pull request #7555 from offlinehacker/nixos/nginx/reload
...
nixos/nginx: enable service/config reload
2015-04-28 14:12:21 +02:00
ef6b88690d
Merge pull request #7549 from offlinehacker/nixos/ripple-data-api/importmode
...
nixos/ripple-data-api: add import mode option
2015-04-28 14:10:50 +02:00
71910be9ea
nixos-install: Fix chroot flag not defaulting to Bash outside NixOS.
...
Passing the chroot flag to nixos-install without arguments should now give you a
Bash shell as intended rather than try an empty path.
This was masked by the user's shell (usually /bin/bash) being defaulted to by
chroot, and being found since their paths used NixOS conventions.
2015-04-28 06:37:04 -04:00
7b37a5f168
nixos-install: Fix password prompt failing outside NixOS.
...
When bootstrapping from other distributions, nixos-install is unable to find
various tools in the chroot since their paths aren't aware of NixOS conventions.
This makes a small change to existing code by specifying nixpkgs/nixos instead
of just nixos when running nix-instantiate in the chroot. I haven't tested this
outside of bootstrapping, but the same specification is used elsewhere in the
code so I don't see why it wouldn't work.
2015-04-28 06:34:47 -04:00
4855b0b3fb
Mediawiki 1.23.9
2015-04-28 08:05:16 +00:00
bca76e46f0
Apache servedFiles: fixed a typo in example
2015-04-28 08:05:15 +00:00
8388bd3280
wiki: do not rewrite served files
2015-04-28 08:05:08 +00:00
a64e90bdef
nixos: fix infinite recursion in isoImage.isoName
2015-04-27 23:10:53 -04:00
c600f5af25
gnome3: move definition of package sets into pkgs
2015-04-28 02:54:14 +02:00
19366a10fc
Remove redundant i18n.supportedLocales setting
...
This is already set in profiles/minimal.nix.
Probably fixes #7589 .
2015-04-27 19:21:28 +02:00
534b84a9ac
Don't require sslServerChain to be set
2015-04-27 18:24:16 +02:00
9807dbc142
Merge pull request #7486 from oxij/actkbd-and-media-keys
...
add actkbd; nixos: add support for volume control with media keys
2015-04-27 12:31:15 +02:00
30f31c9afc
Merge 'master' into staging
...
(relatively simple conflicts)
2015-04-26 22:52:08 +02:00
ff12c3274a
Merge pull request #7548 from offlinehacker/etcdfix
...
nixos/etcd: fix enable type, so it could be enabled on multiple places
2015-04-25 22:14:55 +02:00
a9cd286cd0
Merge pull request #7546 from offlinehacker/nixos/panamax/reload
...
nixos/fluentd: add support for config reload
2015-04-25 16:29:34 +02:00
ffea231652
Merge pull request #7550 from offlinehacker/nixos/rippled/changes
...
nixos/rippled: new options, fixes
2015-04-25 16:28:15 +02:00
b7d8d5dd30
Add graphite beacon package and module
2015-04-25 16:25:26 +02:00
ff095f5002
nixos: add node docker registry server
2015-04-25 16:16:34 +02:00
6ca12344b3
nixos: add confd module
2015-04-25 16:10:49 +02:00
34f1c39fe0
nixos: fix cjdns json config
...
filter extraneous attributes from config modules
2015-04-25 09:40:44 -04:00
ec6ecce8cf
nixos/openvswitch: add ipsec gre tunnels support
2015-04-25 15:35:02 +02:00
b5114de4ac
nixos: add racoon ipsec IKE deamon
2015-04-25 15:31:27 +02:00
d6660af8ac
nixos/docker: set extraOptions to separatedString type
...
This change is needed if you want to pass extraOptions to docker in multiple
nixos modules.
2015-04-25 15:25:15 +02:00
fb8bc4da21
nixos/etcd: fix enable type, so it could be enabled on multiple places
2015-04-25 15:21:49 +02:00
494d1820e3
nixos/nginx: enable service/config reload
2015-04-25 15:17:06 +02:00
54ddf2176b
nixos/rippled: new options, fixes
2015-04-25 14:39:24 +02:00
5984c04f1f
nixos/ripple-data-api: add import mode option
2015-04-25 14:38:05 +02:00
b7cb0420ca
nixos/docker-registry: docker independant docker registry
2015-04-25 14:26:35 +02:00
f6bb49ad4a
nixos/fluentd: add support for config reload
2015-04-25 14:21:27 +02:00
6cb195a83d
nixos/kubernetes: fix module
2015-04-25 14:18:25 +02:00
db3b86560f
GNOME 3.16.1, closes #7357
2015-04-25 12:02:33 +02:00
4ea47155af
Merge pull request #7498 from k0ral/sslh
...
sslh: argument to -F can no longer be separated from the option by a space
2015-04-23 21:35:46 +02:00
81d8074881
Add hologram service
2015-04-23 14:30:12 -04:00
a498b28322
wait for filesystem before starting btsync; bump to latest package version
2015-04-23 13:09:34 +00:00
88ce17b6e1
sslh: argument to -F can no longer be separated from the option by a space
2015-04-21 16:29:25 +00:00
7585d42d2b
Fix #7354 - Accept _module attributes added to every submodule.
2015-04-20 23:58:32 +02:00
57ab189e78
nixos: add actkbd module and sound.enableMediaKeys option
2015-04-20 17:11:19 +00:00
0f5d5f9d12
lambdabot: add named pipe for incoming commands
2015-04-20 18:56:48 +03:00
d5f187de03
Typo
2015-04-20 16:12:28 +02:00
d4d6b8cc61
Grmbl
2015-04-20 14:24:42 +02:00
fc91ba52df
ntfs.nix: Remove copypasta jfs stuff
...
Thanks to @wizeman for spotting this!
2015-04-20 14:06:44 +02:00
11a9774c75
Use "mkdir -p" when creating ~/.nix-defexpr
...
Otherwise, simultaneous invocations of /etc/profile can fail, e.g.
mkdir: cannot create directory ‘/.nix-defexpr’: File exists
2015-04-20 13:03:04 +02:00
d69b205527
Remove sysvtools from the system path
...
All programs in sysvtools (except killall5) are also provided by
util-linux or procps.
Issue #7117 .
2015-04-20 11:33:42 +02:00
56f66dad97
Fix #7476
2015-04-20 11:32:29 +02:00
650492c5c8
minimal.nix: Get rid of most Glibc locales
...
This cuts ~100 MB from the system closure.
Issue #7117 .
2015-04-20 11:32:28 +02:00
bad3211893
Disable some more unnecessary stuff in containers
2015-04-20 11:32:28 +02:00
abeb4a9c96
stage-2-init: Don't depend on sysvtools
2015-04-20 11:32:28 +02:00
e66970417b
Remove obsolete "eject" entry from the system path
...
It's an alias for util-linux, so included anyway.
2015-04-20 11:21:20 +02:00
3d2b24d161
Remove pciutils and usbutils from the default system path
...
Issue #7117 .
2015-04-20 11:21:20 +02:00
479f5f4ae6
fix rebuild when using ntfs partitions
...
needed to define inInitrd, used vfat.nix as a template
2015-04-19 15:17:23 -07:00
2b6d011bec
Include cifs-utils only when needed
...
Issue #7117 .
2015-04-19 22:06:45 +02:00
1cb5583c05
container.nix -> docker-container.nix
2015-04-19 22:06:45 +02:00
57b05765c9
Don't include ntfs-3g by default
...
Issue #7117 .
2015-04-19 22:06:45 +02:00
c0f70b4694
Remove fixed uids for nscd, sshd
...
These services don't create files on disk, let alone on a network
filesystem, so they don't really need a fixed uid. And this also gets
rid of a warning coming from <= 14.12 systems.
2015-04-19 22:06:45 +02:00
c87977e97d
Don't include networkd units unless enabled
...
Otherwise, the enabled -> disabled transition won't be handled
correctly (switch-to-configuration currently assumes that if a unit is
running and exists, it should be restarted).
2015-04-19 22:06:45 +02:00
f8dbe5f376
systemd: Move networkd into separate modules
...
The systemd module was getting rather bloated.
2015-04-19 22:06:45 +02:00
1f513c21f9
Merge pull request #7461 from dezgeg/pr-ddclient-unit-type
...
ddclient: Fix capitalization of systemd unit keys
2015-04-19 15:27:21 +02:00
e7843efe12
ddclient: Fix incorrectly capitalized systemd unit key
...
This avoids the following warning:
Apr 19 10:53:48 xen systemd[1]: [/nix/store/...-unit-ddclient.service/ddclient.service:19] Unknown lvalue 'type' in section 'Service'
As `Type=simple` is the default in systemd, the assignment to the
service type can be simply dropped.
2015-04-19 15:58:34 +03:00
e6b664cafe
Merge pull request #7443 from ts468/fixgrub
...
Fix grub for "nodev" targets.
2015-04-18 21:19:04 +02:00
5676e8b391
lightdm: allow the user to specify extra Seat opts
2015-04-18 20:14:10 +01:00
1713184b11
xserver.nix: fix indentation issues under Device
2015-04-18 19:04:03 +01:00
d7810b4303
Hard tabs be gone!
2015-04-18 18:52:15 +01:00
70aa758c34
Fix RightOf for xrandrHeads
...
Closes #7441
2015-04-18 18:34:28 +01:00
66c73da5f9
Fix grub for "nodev" targets.
2015-04-18 19:22:25 +02:00
771c7fb496
plex: add support for managing plugins via Nix
...
Added support for managing Plex plugins via Nix. This is done via an
"extraPlugins" configuration option which takes a list of paths to
plugin bundles, which are then symlinked into Plex's plugin directory
when the service is started.
2015-04-17 14:45:49 -05:00
079da8cdcd
plex: init at 0.9.11.16.958
...
Added a package and module for Plex Media Server, an application for
managing media collections across multiple devices.
2015-04-17 12:11:30 -05:00
cdb174c18d
Added NixOS module for Asterisk server
2015-04-16 17:41:37 -06:00
405e4bd099
nixos.samba: update required mounts
2015-04-16 20:18:03 +03:00
0d38958b61
nixos.samba: fix booleans in smb.conf
2015-04-16 20:17:59 +03:00
a0f69df10e
dnsmasq: Add some types
2015-04-16 19:13:26 +02:00
5a5a43ea25
dbus: Reload if /etc/dbus-1 changes
...
Specifically, this fixes dnsmasq, which failed with
Apr 16 19:00:30 mandark dnsmasq[23819]: dnsmasq: DBus error: Connection ":1.260" is not allowed to own the service "uk.org.thekelleys.dnsmasq" due to security policies in the configuration file
Apr 16 19:00:30 mandark dnsmasq[23819]: DBus error: Connection ":1.260" is not allowed to own the service "uk.org.thekelleys.dnsmasq" due to security policies in the configuration file
after being enabled, due to dbus not being reloaded.
2015-04-16 19:13:20 +02:00
1d6723c085
lambdabot: add nixos service
2015-04-16 13:33:40 +03:00
dfc8e5ab05
ihaskell: cleanup wrapper and service
2015-04-15 23:00:03 +02:00
09f9178a78
Merge pull request #7392 from joelmo/master
...
Some i2p changes
2015-04-15 17:13:15 +02:00
0144849f67
Allow allowing local access to mysql socket
2015-04-15 14:35:38 +00:00
8330d64af4
Merge pull request #7372 from dezgeg/getty-autologin
...
[nixos] agetty: Add autologinUser config option
2015-04-15 15:37:12 +02:00
5b075eb400
i2p: add nixos service
2015-04-15 12:52:06 +02:00
4dd1b8cc22
Merge pull request #7347 from sargon/pr-x11
...
services.x11: Add option for additional InputClass sections.
2015-04-14 18:23:29 +03:00
65822005f0
Merge pull request #7314 from edwtjo/ihaskell-fixups
...
IHaskell fixes
2015-04-14 14:21:44 +02:00
6edc3022ef
Merge pull request #7345 from joachifm/conditional-shadow-setuids
...
nixos: condition shadow setuid-wrappers on mutableUsers
2015-04-14 13:23:19 +02:00
3fe102b797
Merge pull request #7349 from aszlig/custom-channels
...
Make it easy to add system-wide custom channels.
2015-04-14 13:00:34 +02:00
25062f56d4
Installation CD: automatic log in at virtual consoles
2015-04-14 12:51:24 +03:00
7d916bb27e
agetty: Add autologinUser config option
...
This option causes the specified user to be automatically logged in at
the virtual console.
While at it, refactor and make a helper function for building the getty
command line.
2015-04-14 10:45:28 +03:00
75ab7bf960
nixos: condition shadow setuid-wrappers on mutableUsers
...
Having junk setuid wrappers in PATH is annoying.
2015-04-14 00:27:11 +02:00
8d3b8d0dc8
Merge pull request #7149 from joachifm/grsec-gradm-optional
...
grsecurity module: configure gradm iff RBAC is enabled
2015-04-13 17:11:29 -05:00
b86f6a3ed6
Merge pull request #7148 from joachifm/grsec-trivial
...
grsecurity module: trivial improvements
2015-04-13 17:10:47 -05:00
409da39c08
Merge pull request #7163 from joachifm/tarsnap-bandwidth-options
...
tarsnap module: add options for controlling bandwidth
2015-04-13 17:10:04 -05:00
574173f0e6
Merge pull request #7027 from ecraven/apache-sslchain
...
apache-httpd: adding support for sslServerChain
2015-04-13 16:48:20 +02:00
3837ef82ad
fixing documentation
2015-04-13 15:42:01 +02:00
e5b3918f85
apache-httpd: adding support for sslServerChain
2015-04-13 15:41:10 +02:00
69b18fc4b6
fixing indentation
2015-04-13 13:46:42 +02:00
44ea83b986
changed config to only include the minimum necessary
2015-04-13 13:10:04 +02:00
49eb77b26c
apache-httpd: adding subservice moodle
2015-04-13 13:06:39 +02:00
df31a338dc
nixos-rebuild: Conditionally update channels.
...
This partially reverts commit 3a4fd0bfc6
2015-04-13 12:54:19 +02:00
4466707ddf
switch-to-configuration: Better error checking
2015-04-13 12:28:12 +02:00
5075cbe696
nixos: Put root's channels to the end of NIX_PATH.
...
My original reason to put it at the beginning of NIX_PATH was to allow
shipping a particular version <nixpkgs> with a channel. But in order to
do that, we can still let the channel expression ship with a custom
version of nixpkgs by something like <channel/nixpkgs> and the builder
of the channel could also rewrite self-references.
So the inconvenience is now shifted towards the maintainer of the
channel rather than the user (which isn't nice, but better err on the
side of the developer rather than on the user), because as @edolstra
pointed out: Having the channels of root at the beginning of NIX_PATH
could have unintended side-effects if there a channel called nixpkgs.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-04-13 12:20:58 +02:00
85c454ab1d
Merge pull request #6785 from qknight/wordpress
...
zef hemel's wordpress.nix adapted to extraSubservices
2015-04-13 10:27:55 +02:00
3a4fd0bfc6
nixos-rebuild: Update all channels of user root.
...
Should make it even easier to use custom channels, because whenever the
user does a "nixos-rebuild --upgrade", it will also upgrade possibly
used ("used" as in referenced in configuration.nix) channels besides
"nixos". And if you also ship a channel tied to a particular version of
nixpkgs or even remove the "nixos" channels, you won't run into
unexpected situations where the system is not updating your custom
channels.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-04-13 00:09:00 +02:00
65e569cc37
nixos: Add all of root's channels to NIX_PATH.
...
This is very useful if you want to distribute channels (and thus
expressions as well) in a similar fashion to Debians APT sources (or
PPAs or whatnot).
So, for example if you have a channel with some additional functions
or packages, you simply add that channel with:
sudo nix-channel --add https://example.com/my-nifty-channel foo
And you can access that channel using <foo>, for example in your
configuration.nix:
{
imports = [ <foo/modules/shiny-little-module> ];
environment.systemPackages = with import <foo/pkgs> {}; [ bar blah ];
services.udev.extraRules = import <foo/lib/udev/mkrule.nix> {
kernel = "eth*";
attr.address = "00:1D:60:B9:6D:4F";
name = "my_fast_network_card";
};
}
Within nixpkgs, we shouldn't have <nixos> used anywhere anymore, so we
shouldn't get into conflicts.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-04-12 23:50:20 +02:00
057f01b11e
services.x11: Add option for additional InputClass sections.
...
Implement support for additional InputClass sections, e.g. for non
keyboard input devices.
2015-04-12 23:49:48 +02:00
7d0ddbd154
nixos: add ihaskell service
2015-04-11 00:09:31 +02:00
3620b27a66
mpd: Make it possible to specify db file path
2015-04-10 23:10:14 +02:00
d923a6eab5
Make environment.checkConfigurationOptions an alias
...
NixOps uses it, and we can't change it there for
backward-compatibility reasons.
2015-04-10 16:11:07 +02:00
9647a72835
Fix amazon default configuration.nix file.
2015-04-09 22:18:13 +02:00
5aa9b72400
nixos: typo in docker option description
2015-04-09 20:58:20 +02:00
296e6c4991
Fix #7252 - NixOS Manual: Carry the current system value to evaluation of the manual.
2015-04-08 23:14:19 +02:00
3eef61a6eb
NixOS Manual: Do not use unfree packages as default value.
2015-04-08 23:14:19 +02:00
c5ec6ef609
window-managers: add missing import ratpoison
2015-04-08 14:14:37 +02:00
6ffd44c4c3
nvidia: 346.47 -> 346.59
2015-04-07 13:24:55 -07:00
09179b603f
allow changing minecraft data dir + allow opening firewall
2015-04-07 14:10:13 +00:00
a38f130126
Revert "Set stricter permissions on /nix/store"
...
This reverts commit 066758758e7c0768ff8da51d208cdae0f33b368c because
it breaks NixOS VM tests.
2015-04-07 15:10:41 +02:00
42c421adc3
Merge pull request #7180 from jagajaga/fix_generator
...
Fixing nixos-generate-config
2015-04-07 12:24:04 +02:00
e52e160190
Merge pull request #7215 from cwoac/btsync2
...
Add support for btsync 2.x branch
2015-04-06 18:50:05 +03:00
0539ed4771
Add support for btsync 2.x branch
2015-04-06 15:31:40 +00:00
ad197d89ae
Merge pull request #7181 from jagajaga/teamviewer
...
Teamviewer
2015-04-06 14:13:07 +02:00
f02651ee9b
Merge pull request #7204 from fpletz/fix/hotplug_helper
...
Check if /proc/sys/kernel/hotplug exists before writing
2015-04-06 13:55:29 +02:00
7c7f426b3f
Merge pull request #7164 from rzetterberg/master
...
Fixes minetest mesa 10.* incompatibility, adds minetest server service
2015-04-06 10:46:26 +02:00
16d25f4fa6
Check if /proc/sys/kernel/hotplug exists before writing
...
If a kernel without CONFIG_UEVENT_HELPER set is used with NixOS, the file
/proc/sys/kernel/hotplug does not exist. Before writing to it to disable
this deprecated mechanism, we have to ensure it actually exists because
otherwise the activation script will fail.
2015-04-06 09:23:58 +02:00
0998212640
impl: teamviewer daemon
2015-04-05 20:47:01 +03:00
b11f662617
fix https://github.com/NixOS/nixpkgs/issues/3560
2015-04-05 16:12:14 +03:00
b3c423757e
nixos/rdnssd: Major refactoring
...
This updates rdnssd to the following:
* Using the systemd interfaces directly
* Using the rdnssd user instead of the root user
* Integrating with resolvconf instead of writing directly to /etc/resolv.conf
2015-04-04 21:20:07 -07:00
0b1f994f29
Adds minetest server service
2015-04-04 12:36:43 +02:00
66bfc3bbe6
tarsnap module: add options for controlling bandwidth
...
Annoyingly, these do not appear to accept SI prefixes.
2015-04-04 12:03:02 +02:00
7cb7c57132
tarsnap module: inline optionalNullStr
2015-04-04 11:34:37 +02:00
c0cb4e1ef7
nixos/nvidia: Add a temporary hack to support kernel 4.0
2015-04-03 21:53:34 -07:00
6de931a0f8
Merge rename.nix changes.
2015-04-03 23:12:12 +02:00
8592c6c004
Merge pull request #7150 from joachifm/grsec-types
...
grsecurity module: use types.enum
2015-04-03 16:03:49 +03:00
3e847d512d
grsecurity module: configure gradm iff RBAC is enabled
2015-04-03 13:45:57 +02:00
ba93a75724
grsecurity module: use types.enum
...
Also
- set desktop as default system
- make virtualisationSoftware nullOr
- make virtualisationConfig nullOr
2015-04-03 13:45:45 +02:00
66c4f51046
grsecurity module: simplify assertion
2015-04-03 13:38:32 +02:00
2e88605a91
grsecurity module: remove reference to systemd-sysctl
...
First, that's not what the service is called, and secondly it's
most likely irrelevant to the user.
2015-04-03 13:38:32 +02:00
1c1083345b
Merge pull request #7058 from joachifm/sysctl-kptr-restrict
...
nixos: condition sysctl.kptr_restrict on features.grsecurity
2015-04-03 04:13:19 -05:00
4fa554e32b
Merge pull request #7017 from obadz/sg+sudo-g
...
Ability to switch groups with sg and sudo -g
2015-04-02 02:11:10 +03:00
ff21171921
Fix references to current-system/sw/sbin
2015-04-01 13:57:36 -07:00
a9f2e107d0
Revert "Remove obsolete .../sbin directories from $PATH"
...
This reverts commit 98cedb3d22
2015-04-01 13:57:36 -07:00
224ed7e798
nixos/hardware: Add option to enable KSM.
...
This is essentially what's been done for the official NixOS build slaves
and I'm using it as well for a few of my machines and my own Hydra
slaves.
Here's the same implementation from the Delft server configurations:
f47c2fc7f8/delft/common.nix (L91-L101)
2015-04-01 20:00:27 +02:00
1c39a47ac8
Reload, don't restart, dbus.service
...
Many bus clients get hopelessly confused when dbus-daemon is
restarted. So let's not do that.
Of course, this is not ideal either, because we end up stuck with a
possibly outdated dbus-daemon. But that issue will become irrelevant
in the glorious kdbus-based future.
Hopefully this also gets rid of systemd getting stuck after
dbus-daemon is restarted:
Apr 01 15:37:50 mandark systemd[1]: Failed to register match for Disconnected message: Connection timed out
Apr 01 15:37:50 mandark systemd[1]: Looping too fast. Throttling execution a little.
Apr 01 15:37:51 mandark systemd[1]: Looping too fast. Throttling execution a little.
...
2015-04-01 16:57:16 +02:00
98cedb3d22
Remove obsolete .../sbin directories from $PATH
2015-04-01 16:22:12 +02:00
fdfe4b7cde
Remove unnecessary symlinks in /nix/var/nix/gcroots
2015-04-01 14:45:02 +02:00
8028357084
nixos/mysql: Cleanups
2015-03-31 16:17:55 -07:00
81fc066900
Merge #4678 : nixos iso-image: support USB booting
...
by using syslinux (i.e. support the dd-method in addition to unetbootin).
@vcunat tidied the PR by squashing closely related changes together.
2015-03-31 15:12:16 +02:00
be7f104502
sg: add setuid wrapper. (newgrp is a symlink to sg and was already setuid).
...
sudo: add ability for wheel users to change group (as well as user)
2015-03-30 23:50:45 +01:00
7c03829024
Merge pull request #7060 from abbradar/nm-l2tp
...
Support L2TP in NetworkManager
2015-03-30 23:05:42 +03:00
1092b9da48
Merge pull request #7066 from edwtjo/xbmc-pruning
...
Remove XBMC expressions in favor of the Kodi ones
2015-03-30 21:46:29 +02:00
1345a65765
Remove XBMC expressions in favor of the Kodi ones
2015-03-30 21:43:32 +02:00
f72b0c43f6
Merge pull request #6762 from lethalman/nixos-install
...
nixos-install: support -j, --cores and --option. Closes #6755
2015-03-30 18:06:53 +02:00
dc560b5b02
Merge pull request #7031 from cwoac/mediatomb
...
Add MediaTomb service
2015-03-30 17:49:46 +02:00
eac32cf697
Revert "Merge pull request #7032 from flosse/change-option-names"
...
This reverts commit c265aafb55c9bbf2228fhttps://github.com/NixOS/nixpkgs/pull/7032#issuecomment-87641471
2015-03-30 13:45:07 +02:00
c265aafb55
Merge pull request #7032 from flosse/change-option-names
...
nixos: prosody service - rename 'enabled' to 'enable'
2015-03-30 12:47:11 +02:00
321b2e0439
Merge pull request #7073 from oxij/x11support-dbus
...
dbus: rename useX11 option into x11Support, cleanup a bit
2015-03-30 10:28:45 +02:00
113c6c8f6a
nixos/initrd: Do a lazy library copy in hopes to save some space for replaced binaries
2015-03-29 21:53:25 -07:00
6b3cf366d7
nixos/initrd: Allow overriding of binaries
2015-03-29 21:26:39 -07:00
380ee53fff
dbus: rename useX11 option into x11Support, cleanup a bit
2015-03-29 23:28:30 +00:00
ca149f2be0
nixos/mysql: All versions of mysql have mysqld in /bin
2015-03-29 13:30:05 -07:00
299da40f9f
iso: make efi FS size adaptive, make deterministic
...
Fixes #6795 .
This was co-authored with @bobvanderlinden.
(cherry picked from commit e19ac248ae59fd327c32b1ae3e37792c22a7c7ac)
Signed-off-by: Domen Kožar <domen@dev.si>
Conflicts:
nixos/modules/installer/cd-dvd/iso-image.nix
2015-03-29 22:25:41 +02:00
553105310a
nixos/stage-1: Fix the initrd builder for shell scripts
2015-03-29 13:20:54 -07:00
16f047a60f
nixos/networkmanager: support l2tp
2015-03-29 13:09:02 +03:00
9718561589
nixos/vfat: Readd fsck.reiserfs
2015-03-28 19:07:45 -07:00
c379847fda
nixos/vfat: Readd fsck.vfat
2015-03-28 19:06:43 -07:00
4868649f03
nixos/initrd: Generic library copying
2015-03-28 18:37:29 -07:00
1901f3fe77
fix initrd now that cryptsetup switched to libgcrypt 1.6
2015-03-28 23:59:19 +00:00
5cb2cee954
nixos: condition sysctl.kptr_restrict on features.grsecurity
...
Conditioning `sysctl.kptr_restrict` on `features.grsecurity` supports
any grsecurity enabled kernel without having to enable the grsecurity
module.
2015-03-29 00:42:58 +01:00
a639c710ae
Merge pull request #6968 from oxij/unquestionably-good
...
Easy to check to be unquestionably good changes
2015-03-28 13:16:13 +03:00
47aa6725e2
nixos: prosody service - rename virtualHosts option 'enabled' to 'enable'
2015-03-27 21:36:05 +00:00
51b06c5865
Add MediaTomb service
2015-03-27 12:45:25 +01:00
d3c6d4175a
Merge pull request #6940 from offlinehacker/pkgs/ripple-data-api/add
...
Add ripple data api package and nixos service
2015-03-26 20:04:51 +01:00
75169aabc3
Add ripple data api package and nixos service
2015-03-26 20:02:39 +01:00
5c6d86540b
nixos: use types.enum instead of ad-hoc check in sshd service
2015-03-26 12:43:42 +00:00
dc4fa2da8a
nixos: udev: build rules locally
2015-03-26 12:43:42 +00:00
cbb14299c9
GCE image: Remove some unnecessary lib prefixes.
2015-03-26 09:15:09 +00:00
80202fbd25
GCE image: Add some recommended sysctl settings. Disable OS level firewall by default for GCE images (GCE provides external firewall). Disable passwordAuthentication. Related to issue #6991 .
2015-03-26 09:09:40 +00:00
8b3c7af358
Merge pull request #6981 from layus/systemd-escape-colon
...
nixos/systemd: Also escape ':' characters
2015-03-25 15:33:21 -07:00
86666893f0
nixos/microcode-amd: Update to early initrd loader
2015-03-25 14:44:36 -07:00
b4fedf5315
nixos/intel-microcode: Support early initrd ucode loading
2015-03-25 14:14:46 -07:00
f2655e4fa0
makeInitrd: Support prepending other initrds
2015-03-25 14:14:46 -07:00
6ca7fb8f73
nixos/systemd: Also escape ':' characters
2015-03-25 22:11:35 +01:00
58112832a7
nixos: iso-image: use label "EFIBOOT" for efi.img
2015-03-24 22:15:32 +01:00
f0fd1c9bcf
nixos: iso-image: use memtest86 params in syslinux
...
See also #6593 .
2015-03-24 22:15:11 +01:00
9ff9949896
nixos: iso-image: removed com32 entries from syslinux menu
...
These entries result in incorrect entries when UNetbootin writes
the image to an USB disk.
2015-03-24 22:09:06 +01:00
af68f24003
nixos: iso-image: solve UNetbootin compatiblity
...
There are a number of hidden restrictions on the syslinux
configuration file that come into play when UNetbootin
compatiblity is desired. With this commit these are documented.
2015-03-24 22:08:52 +01:00
a12ddc1964
nixos: iso-image: use generic boot-loader timeout
...
Syslinux uses different values than grub for timeout.
It uses 1/10 seconds as its unit and it uses 0 to disable timeouts.
In response to PR #5772 .
2015-03-24 22:03:30 +01:00
8d092270d2
nixos: iso-image: use syslinux bootloader for USB booting support
...
This changes the bootloader for iso generation from Grub to
syslinux. In addition this adds USB booting support, so that
"dd" can be used to burn the generated ISO to USB thumbdrives
instead of needing applications like UnetBootin.
2015-03-24 22:01:04 +01:00
ff22e19fc4
Merge pull request #6893 from hrdinka/nsd-config-options
...
nsd: Fix automatic config options
2015-03-23 13:19:29 +03:00
491c8f82b2
Merge pull request #6917 from offlinehacker/rippled/module/awesome
...
rippled: expose more options, make compatible with new rippled version
2015-03-22 23:13:48 +01:00
ad10db7617
Merge pull request #6882 from offlinehacker/nixos/fluentd
...
Add fluentd package and module
2015-03-21 22:37:48 +01:00
916aab2927
Merge pull request #6875 from offlinehacker/nixos/cadvisor/fix
...
nixos/cadvisor: fixes
2015-03-21 22:36:11 +01:00
ea2baa8abf
spectrwm window manager
2015-03-21 11:02:44 -07:00
4947bacd52
rippled: expose more options, make compatible with new rippled version
2015-03-21 12:52:06 +01:00
664592561d
nixos: added aiccu service
2015-03-20 22:01:35 +01:00
3ff22a924f
Merge pull request #6871 from joachifm/apparmor-fixups
...
Apparmor fixups
2015-03-20 15:36:42 -05:00
ea2fd84ecd
nixos/mpd: Fix creation of "mpd" group.
...
The group is specified using a singleton list, so the loaOf merging is
done by iterating through the list items with imap, so it enumerates
every element and sets that as the default "name" attribute.
From lib/types:143:
name = elem.name or "unnamed-${toString defIdx}.${toString elemIdx}";
So, people get groups like "unnamed-X.Y" instead of "mpd".
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Reported-by: devhell <"^"@regexmail.net>
Tested-by: devhell <"^"@regexmail.net>
2015-03-20 20:58:13 +01:00
89f41b90fa
Merge pull request #6874 from offlinehacker/pkgs/kubernetes/update
...
kubernetes: update to 0.12.1, fix module
2015-03-20 11:22:48 +01:00
4d2317e6eb
nixos/zfs: Don't default to git version for kernels >= 3.19
...
Stable version 0.6.3-1.3 works with kernels 3.19.x.
2015-03-19 19:37:33 +01:00
9cfdeba324
Merge pull request #6611 from jagajaga/slurm
...
Slurm module
2015-03-19 21:06:49 +03:00
d3a2edb8ce
nsd: Fix automatic config options
2015-03-19 12:10:55 +01:00
1b99f0aeb6
Merge pull request #6873 from offlinehacker/pkgs/panamax/update
...
panamax: update, fix module
2015-03-19 09:18:48 +01:00
15f7afa6b4
Merge pull request #6885 from hrdinka/update-nsd
...
nsd: Update from 4.1.0 -> 4.1.1
2015-03-19 03:15:35 +03:00
fca0aa7077
Add fluentd package and module
2015-03-18 21:18:47 +01:00
bdbdaee3c0
scollector module: Add extraOpts option
2015-03-18 21:16:31 +01:00
6db8155e37
nsd: Update from 4.1.0 -> 4.1.1
2015-03-18 21:01:35 +01:00
b94b08488f
nixos/pulseaudio: don't put 32bit libs in systemPackages
...
Fixes the useless collisions in the system path.
The 64bit and 32bit variants have the same files, hence
it's pointless to put the 32bit pulseaudio in systemPackages.
2015-03-18 14:10:02 +00:00
cb45b7ec3e
Revert "nixos: Multiple service instances, apply to nginx. See #6784 "
...
This reverts commit 7ef59c4fe2
2015-03-18 14:09:24 +00:00
7ef59c4fe2
nixos: Multiple service instances, apply to nginx. See #6784
2015-03-18 14:07:29 +00:00
2482b75eae
kubernetes: update to 0.12.1, fix module
2015-03-18 14:37:03 +01:00
079520ced5
panamax: update, fix module
2015-03-18 14:35:24 +01:00
536694bcd4
nixos/cadvisor: fixes
...
- run as non root user, because of docker
- run docker by default
2015-03-18 14:31:08 +01:00
532337d673
Cleanup AppArmor module
...
Remove excessive whitespace & comment sections
2015-03-18 12:07:43 +01:00
224d0d5302
Set stricter permissions on /nix/store
...
The nixbld group doesn't need read permission, it only needs write and
execute permission.
(cherry picked from commit 066758758e7c0768ff8da51d208cdae0f33b368c)
2015-03-18 10:58:08 +01:00
cdbeb7143c
Merge pull request #6832 from k0ral/icecast
...
Added icecast module
2015-03-17 16:43:02 +01:00
54857abfc9
Added icecast module.
2015-03-17 14:21:57 +00:00
c91ccb4b9c
Merge pull request #6842 from philandstuff/hash-owncloud-admin-password
...
owncloud: don't store plaintext adminPassword in nix store
2015-03-17 12:59:58 +01:00
70b059fb59
Merge pull request #5936 from j-keck/nixos-container-usage
...
nixos-container: add missing 'nixos-container update' in usage
2015-03-17 12:43:29 +01:00
359bc60ec8
Merge pull request #6448 from eduarrrd/ddclient
...
ddclient module: fix module
2015-03-17 12:38:12 +01:00
7ad6dac43b
owncloud: don't store plaintext adminPassword in nix store
...
Rather than using openssl to hash the password at build time, and hence
leaving the plaintext password world-readable in the nix store, we can
instead hash the password in the nix expression itself using
builtins.hashString.
2015-03-16 22:42:22 +00:00
56bb114905
Merge pull request #6722 from joachifm/fix-id-mismatches
...
Fix id mismatches
2015-03-16 18:46:38 +01:00
3518b761ba
TCSD: use tss user/group instead of nginx
...
For some reason TCSD is configured to use the nginx uid/gid.
Use the newly created tss uid/gid instead.
2015-03-16 09:58:16 +01:00
e9cd877921
nixos: resolve uid/gid conflicts
...
This patch resolves all uid/gid conflicts except for nobody/nogroup (seems
to make sense that these are the same).
All conflicts where determined mechanically, but resolutions were manual.
This patch also marks uids/gids with no corresponding group/user as "unused"
(aka. reserved).
Briefly,
- tss group conflicts with dhcpcd
The tss group id conflicts with dhcpcd: assign
a new number and add a corresponding tss user.
- elasticsearch uid conflicts with haproxy gid
- resolve firebird/munin conflict
- fix fourstorehttp{,d} typo
- fix ghostOne typo: the service module refers to gids.ghostone, so use that
in ids
- memcached uid conflicts with users gid
- nagios uid conflicts with disks gid
- nscd uid conflicts with wheel gid
- ntp uid conflicts with tty gid
- resolve postfix/postdrop id uid
- redis uid conflicts with keys gid
- sshd uid conflicts with kmem gid
- tcryptd uid conflicts with openldap gid
- unifi uid conflicts with docker gid
- uptimed uid conflicts with utmp gid
- zope2 uid conflicts with connman gid
- tomcat uid/gid mismatch
2015-03-16 09:58:13 +01:00
ef95600372
Merge pull request #6771 from joachifm/apparmor-2.9
...
Apparmor 2.9
2015-03-15 14:16:24 -05:00
05e8a48fb4
Document and rename internal option of modules.
2015-03-15 14:45:42 +01:00
7c8247a8c5
grsecurity: Update stable and test patches
...
stable: 3.1-3.14.35-201503071140 -> 3.1-3.14.35-201503092203
test: 3.1-3.18.9-201503071142 -> 3.1-3.19.1-201503122205
2015-03-15 03:49:58 +01:00
c200c1e0a1
Merge pull request #6813 from globin/fix/elantech-trackpoint-scrolling
...
Add Elanthec PS/2 Trackpoint (Thinkpad L430)
2015-03-14 17:01:13 -07:00
a8a350e679
Add Elanthec PS/2 Trackpoint (Thinkpad L430)
2015-03-15 00:09:04 +01:00
9c4cbaa553
Fix mpd configuration (enclosing quotes needed).
2015-03-14 12:15:34 +00:00
d74ea7d34f
zef hemels' wordpress.nix adapted to extraSubservices
2015-03-13 14:19:48 +01:00
f72d1abb79
Merge pull request #5846 from arno01/nginx
...
nginx service improvements
2015-03-13 11:41:27 +01:00
9f2865515d
Fix infinite loop in fontconfig-ultimate.nix
...
With the new evaluation of arguments, pkgs is now defined by the
configuration, which implies that option declaration with pkgs.lib
will cause an infinite loop.
2015-03-12 23:42:58 +01:00
3177d37652
Fix import using module args
2015-03-12 23:42:57 +01:00
f69ce50529
Move most extra args out of eval-config.nix
2015-03-12 23:42:57 +01:00
e3eff53037
evalModules: Add internal option for the check argument
2015-03-12 23:42:57 +01:00
e4a06f35b1
nixos: Don't evaluate twice to get the value of config.nixpkgs
2015-03-12 23:42:57 +01:00
1d62ad4746
modules.nix: Generate the extra argument set from the configuration
...
This allows for module arguments to be handled modularly, in particular
allowing the nixpkgs module to handle the nixpkgs import internally.
This creates the __internal option namespace, which should only be added
to by the module system itself.
2015-03-12 23:42:57 +01:00
208d1f24db
xfce: more update fallout
...
- forgotten mousepad update, including some wrapping magic
- dealing with panel plugins (either fix or mark as broken)
CC maintainer @AndersonTorres.
- remove some libxfcegui4 occurrences, as it's being phased out
- minor stuff
2015-03-12 23:02:15 +01:00
14ed261fc7
Merge pull request #6765 from gebner/ibus-plugins
...
Add ibus-qt and ibus-anthy.
2015-03-12 14:35:23 +01:00
7a9a24a95e
Update AppArmor service module
...
- Use AppArmor 2.9
- Enable PAM support
2015-03-12 11:49:05 +01:00
356810b178
cupsd: rename `cupsd.service` to `cups.service`
2015-03-12 09:00:56 +03:00
d23ed364b5
Add ibus-qt.
2015-03-11 21:54:04 +01:00
59da79c733
ibus: Enable XIM support.
...
This allows firefox to use ibus.
2015-03-11 21:54:04 +01:00
f222abea44
Add programs.ibus config option to enable ibus and plugins.
2015-03-11 21:53:34 +01:00
61cf7e1265
Merge branch 'kde5'
2015-03-11 11:49:45 -05:00
f370af91ad
kde5: use ksshaskpass for SSH_ASKPASS
2015-03-11 11:49:29 -05:00
4b10907152
ssh: make askPassword an option
...
By making askPassword an option, desktop environment modules can
override the default x11_ssh_askpassword with their own equivalent for
better integration. For example, KDE 5 uses plasma5.ksshaskpass instead.
2015-03-11 11:49:29 -05:00
5b5b7aa951
kde5: add kde-workspace and kde-runtime to systemPackages
2015-03-11 11:49:28 -05:00
fe6b0b15e6
nixos-install: support -j, --cores and --option. Closes #6755
2015-03-11 16:47:44 +00:00
fe79bf34a5
Merge pull request #6512 from bjornfor/nixos-haproxy-cleanup
...
nixos/haproxy: remove broken default 'config'
2015-03-11 16:29:06 +01:00
c8ac069772
Merge pull request #6724 from anderspapitto/local
...
Add x11 service for unclutter
2015-03-11 15:32:40 +01:00
ef37154c82
Merge pull request #6739 from joachifm/refactor-tarsnap-service
...
nixos: refactor tarsnap backup service module
2015-03-11 11:22:32 +03:00
1c58c3a772
Merge pull request #6345 from puffnfresh/feature/mtrack-options
...
Add more options to multitouch (mtrack) module
2015-03-11 11:10:51 +03:00
26020cfe8a
nixos/lightdm: Add a background option
2015-03-10 15:57:46 -07:00
e519414e1f
nixos/lightdm: Fix data directory
2015-03-10 14:55:54 -07:00
3a67a51689
nixos/lightdm: Small cleanup
2015-03-10 14:35:49 -07:00
ffed8a85bc
nixos/sddm: Hide users which don't have login shells
2015-03-10 14:32:53 -07:00
5893d2ecd3
nixos/lightdm: More Cleanups
2015-03-10 14:23:43 -07:00
7b6e2e1c68
lightdm: Fix rendering
2015-03-10 14:03:18 -07:00
27f3f254d3
Merge pull request #6540 from k0ral/transmission
...
Simplify (and fix) settings for transmission module
2015-03-10 13:26:03 +01:00
70527b87a1
Merge pull request #6440 from k0ral/fcgiwrap
...
Updated fcgiwrap's systemd unit to match upstream version.
2015-03-10 13:18:46 +01:00
1bdd12ed69
nixos: refactor tarsnap backup service module
...
Major changes
- Port to systemd timers: for each archive configuration is created a
tarsnap@archive-name.timer which triggers the instanced service unit
- Rename the `config` option to `archives`
Minor/superficial improvements
- Restrict tarsnap service capabilities
- Use dirOf builtin
- Set executable bit for owner of tarsnap cache directory
- Set IOSchedulingClass to idle
- Humanize numbers when printing stats
- Rewrite most option descriptions
- Simplify assertion
2015-03-10 12:35:58 +01:00
4940e643cc
nixos/display-manager: Support configurable hidden users
2015-03-09 18:10:31 -07:00
66bfdf6eb0
nixos/lightdm: We now use a global lightdm.conf
2015-03-09 17:59:21 -07:00
475df1a350
switch-to-configuration: Don't print already active target units
...
Since we restart all active target units (of which there are many),
it's hard to see the units that actually matter. So don't print that
we're starting target units that are already active.
2015-03-09 16:51:06 +01:00
a574065a81
nixos-rebuild: Add ‘dry-activate’ command
...
‘nixos-rebuild dry-activate’ builds the new configuration and then
prints what systemd services would be stopped, restarted etc. if the
configuration were actually activated. This could be extended later to
show other activation actions (like uids being deleted).
To prevent confusion, ‘nixos-rebuild dry-run’ has been renamed to
‘nixos-rebuild dry-build’.
2015-03-09 16:50:59 +01:00
8cb3e3b864
httpd: Disable insecure protocols/ciphers by default
...
This makes us resistant to FREAK and similar attacks.
2015-03-09 14:18:12 +01:00
d31202fba2
sshd: Enable seccomp sandboxing
2015-03-09 11:27:19 +01:00
9867f4bdef
Merge pull request #6720 from nslqqq/nmhooks
...
New NetworkManager Dispatcher scripts options
2015-03-09 10:36:10 +01:00
887a547ac9
Add x11 service for unclutter
...
modeled after the redshift service
2015-03-08 20:12:18 -07:00
5b059416b8
Merge pull request #6699 from hakuch/fix_samba
...
Samba: Fixed "syncPasswordsByPam".
2015-03-08 16:09:29 -07:00
e5d4624420
PAM/eCryptfs now able to mount ecryptfs'd home directories on login
2015-03-08 16:03:51 -07:00
579159c72b
Add dispatcher configuration options to NetworkManager module
2015-03-08 20:24:53 +01:00
581a90bad8
Optional user and group to run the MPD
2015-03-08 10:18:40 +00:00
5a1950d985
Samba: Fixed "syncPasswordsByPam".
2015-03-07 17:56:46 +00:00
b802018482
stage-1: fix hibernation ( close #6675 )
...
Fixes #6617 .
2015-03-07 13:00:08 +01:00
30e6f1b4ea
slurm: impl basic configuration
2015-03-07 00:26:57 +03:00
0b1cc3cd51
slurm: impl simple service
2015-03-07 00:26:57 +03:00
69e59e9962
munge: add service
2015-03-07 00:26:52 +03:00
3b9b620656
Revert "linux: disable UEVENT_HELPER*"
...
This reverts commit 9f87f3ccb0
2015-03-06 15:59:06 +01:00
4fde098eec
Merge pull request #6677 from abbradar/sddm
...
Add SDDM display manager
2015-03-05 21:03:43 +03:00
4f317767da
lightdm: don't leave a shell running
2015-03-05 20:49:45 +03:00
264c6892f2
nixos/uim: capitalize description
2015-03-05 20:49:45 +03:00
db5b08cfaf
nixos/sddm: add display manager
2015-03-05 20:49:26 +03:00
9bb586943a
Deal with virtualisation.xen.stored in a more standard way
2015-03-05 12:46:50 +01:00
b93e8bab3a
nixos/xen: do not use derivation in the default values
...
The xen package is broken on i686, so this would break the generation
of the nixos manual.
2015-03-04 12:05:58 +01:00
1002fb6433
Add "input" group
...
This is required by systemd >= 215.
2015-03-03 20:27:09 +01:00
8546ec7c74
Fix some uid/gid clashes
2015-03-03 20:26:36 +01:00
a4e0278fcd
Create /dev/nvidia-uvm for CUDA support
2015-03-03 20:24:14 +01:00
7ce77b5752
slurm: add pkg
2015-03-02 22:10:58 +03:00
c97d7819ab
Merge pull request #6624 from joachifm/grsec-lock
...
nixos: grsec-lock service fixes
2015-03-02 18:49:39 +01:00
18320d3b21
nixos: fix grsec-lock requires
2015-03-02 18:39:04 +01:00
ccd6f5a313
nixos: make the grsec-lock unit depend on the path it writes to
...
The grsec-lock unit fails unless /proc/sys/kernel/grsecurity/grsec_lock
exists and so prevents switching into a new configuration after enabling
grsecurity.sysctl.
2015-03-02 18:39:01 +01:00
373c4ce0ec
Merge pull request #6605 from AndersonTorres/afterstep
...
Adding Afterstep to nixos window manager modules
2015-03-02 18:00:28 +01:00
9f87f3ccb0
linux: disable UEVENT_HELPER*
...
Deprecated since 2006: http://lwn.net/Articles/166954/
2015-03-01 03:31:59 +01:00
307064ceb5
Don't use machinectl to shut down containers
...
If the host is shutting down, machinectl may fail because it's
bus-activated and D-Bus will be shutting down. So just send a signal
to the leader process directly.
Fixes #6212 .
2015-02-28 19:23:00 +01:00
929485b645
Adding Afterstep to nixos modules
2015-02-28 11:14:33 -03:00
5472af91f2
Fluxbox: update to 1.3.7
2015-02-28 11:04:20 -03:00
6dc0938a3e
Merge pull request #6591 from lseppala/master
...
Fix rebooting containers where resolv.conf is a symlink
2015-02-28 12:19:01 +01:00
0473b4ae8d
nixos: citerefentry markup in lxc option descriptions
2015-02-28 09:21:48 +01:00
d375550ead
nixos: add a few missing type specifiers under boot.*
2015-02-28 09:19:23 +01:00
4106a3b74e
Fix rebooting containers where resolv.conf is a symlink
2015-02-27 10:27:18 -07:00
22d2fc3657
Fix "systemctl reload container@"
...
Fixes #5179 .
2015-02-27 14:32:54 +01:00
24e0565407
Only start fetch-keys for GCE image after ip-up.
2015-02-27 10:48:15 +00:00
c1cefa1a58
Simplify (and fix) settings for transmission module.
2015-02-26 22:21:27 +00:00
e4928b8955
GCE image: Pass header to metadata service calls.
2015-02-26 19:20:43 +00:00
7b27af61fb
Add NixOS global binaries to the PATH
2015-02-26 17:29:49 +00:00
6177710ac7
Merge pull request #6046 from ts468/xen
...
Update: Xen 4.5 + NixOS Xen modules
2015-02-26 10:15:05 +01:00
b6672f232a
Merge pull request #6283 from mdorman/master
...
Fix initial-install issues with couchdb.nix.
2015-02-26 10:11:18 +01:00
d791335ac2
Merge pull request #6518 from ehmry/u9fs
...
U9fs
2015-02-26 09:41:18 +01:00
9ce0c1cb71
nixos/consul: Fix timeout bugs and json formatting
2015-02-25 15:42:43 -08:00
3d4fbb874c
Update: add new Xen versions + update NixOS Xen modules
...
Versions of XEN:
- Xen 4.5
- Xen 4.5 + XenServer patches
- Xen 4.4.1
2015-02-25 23:30:44 +01:00
f27fa79aa9
nixos/dnsmasq: Fix service name typo
2015-02-25 09:22:16 -08:00
36d0f367de
ssh-agent: Fix asking for confirmation via $SSH_ASKPASS
...
This was lost back in
ffedee6ed5
2015-02-25 14:31:17 +01:00
93902ea108
nsswitch.conf: Omit ldap unless ldap is enabled
...
This prevents programs from trying to find nss_ldap.
2015-02-25 14:31:13 +01:00
e453f99446
nixos/networkd: Add an assertion for unsupported rstp
2015-02-24 13:09:34 -08:00
b26e939111
fix pam (OATH related)
...
the pam config was wrong.
Issue #6551
2015-02-24 17:52:41 +01:00
16cf3ee9da
Ensure that the home directory exists even if the user already exists
2015-02-24 11:57:38 +01:00
4bf66ba89c
ddclient module: fix module
...
* rewrite to systemd.services
* disable forking to give systemd better control
* verifiably run as ddclient user
* expose ssl option
* unset default value for dyndns server
* rename option "web" to "use" to be consistent with ddclient docs
* add descriptions
* add types to options
* clean up formatting
2015-02-23 22:37:20 -05:00
1cddb5be20
mongodb: remove lock file on restart
2015-02-23 20:40:13 +01:00
b70bd0879b
sshd: Generate a ed25519 host key
2015-02-23 17:00:07 +01:00
446580f3cd
nixos: u9fs service module
2015-02-22 12:16:58 -05:00
d5017499a2
nixos/redis: capitalize service description
2015-02-22 16:54:14 +01:00
25a6745310
nixos/fail2ban: capitalize service description
2015-02-22 16:54:14 +01:00
4e99901961
nixos: Adding OATH in pam.
...
(cherry picked from commit cb3cba54a1b87c376d0801238cb827eadb18e39e)
Conflicts:
nixos/modules/security/pam.nix
2015-02-22 15:25:38 +01:00
ffb4797dd3
nixos/haproxy: remove broken default 'config'
...
HAProxy fails to start with the default 'config'. Better disable it and
assert that the user provides a suitable 'config'. (AFAICS, there cannot
really be a default config file for HAProxy.)
2015-02-22 12:30:14 +01:00
419a4166a7
nixos/haproxy: small cleanup
...
* Add option types
* Rewrite option descriptions
* /var/run/haproxy.pid => /run/haproxy.pid (canonical location)
2015-02-22 12:29:34 +01:00
030895f075
nixos/dhcpcd: Only run resume commands if enabled.
...
The networkd implementation sets systemd.services.dhcpcd.enable to
false in nixos/modules/tasks/network-interfaces-systemd.nix. So we need
to respect that in the dhcpcd module.
If we don't, the resumeCommand is set nevertheless, which causes the
post-resume.service to fail after resuming:
Failed to reload dhcpcd.service: Unit dhcpcd.service is masked.
post-resume.service: main process exited, code=exited, status=1/FAILURE
Failed to start Post-Resume Actions.
Dependency failed for Post-Resume Actions.
Unit post-resume.service entered failed state.
post-resume.service failed.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-02-22 08:09:04 +01:00
d15d0bebc3
kde5: remove file collisions
2015-02-21 20:58:43 -06:00
68f2db74ff
kde5: always use plasma-nm
2015-02-21 13:59:28 -06:00
7eb8a9b41f
kde5: install media-player-info udev rules for solid
2015-02-21 11:39:21 -06:00
532650e4bb
kde5: change notice about default Phonon backend
2015-02-21 11:39:21 -06:00
e5de75bf2a
kde5: install kde-frameworks version used by plasma
2015-02-21 11:39:21 -06:00
b050babd3e
kde5: fix Phonon GStreamer backend
2015-02-21 11:39:20 -06:00
a79936561b
environment: use Qt 5 Qml import paths
2015-02-21 11:39:20 -06:00
a3a467ce77
nixos/nvidia: use correct 32-bit legacy libs; refactor
...
Fixes #6127 .
Now we avoid multiple switches among the version possibilities.
2015-02-21 16:34:24 +01:00
97875ac175
bridge-utils: align attrname with pkgname
2015-02-20 22:30:51 +01:00
c62e42e9c5
Enhance stage-1/2 scripts for better dealing with squashfs
2015-02-20 17:42:22 +01:00
263a49be20
Merge pull request #5704 from eduarrrd/nixos-version
...
Add option to display git revision to nixos-version
2015-02-20 16:35:56 +01:00
2fe3a3c203
Merge branch 'grub' of git://github.com/ts468/nixpkgs
...
Fix grubTarget on nodev installs
2015-02-20 07:47:06 -05:00
86cb16965a
exim: add version 4.85 incl. nixos module
2015-02-20 10:49:15 +01:00
3e44f99055
Fix grub 1 install
2015-02-19 19:33:17 -05:00
5762f8f95c
Add options to support signed binary caches
...
Typical use:
nix.requireSignedBinaryCaches = true;
nix.binaryCachePublicKeys = [ "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" ];
(The public key of cache.nixos.org is included by default.)
Note that this requires Nix 1.9 and that most of cache.nixos.org
hasn't been signed yet.
2015-02-19 14:22:43 +01:00
ebfadc2fc9
Merge pull request #6452 from rushmorem/update-chronos-port
...
Update chronos default port
2015-02-19 14:13:00 +01:00
74b40e9a43
Add marathon mesos framework
2015-02-19 13:30:00 +02:00
a661802d29
Update chronos default port
...
Update chronos default port to match the one documented on
their website (http://airbnb.github.io/chronos ). The one in
their repo (the current one) clashes with the marathon documented
one.
2015-02-19 12:31:12 +02:00
d9078d03a3
Updated fcgiwrap's systemd unit to match upstream version.
2015-02-18 21:19:12 +00:00
4ac280ec49
Blacklist the nouveau driver on EC2
2015-02-18 13:04:10 +01:00
f8dbd6f9ae
Merge pull request #6427 from grwlf/vsftpd-port
...
vsftpd.nix: add 'portPromiscuous' option
2015-02-18 19:18:34 +08:00
ac65a757f0
vsftpd.nix: add 'portPromiscuous' option
2015-02-18 11:51:43 +03:00
2fe44b95d0
nixos/wpa_supplicant: fix conflicting documentation
...
fixes #6298
2015-02-17 22:16:20 +01:00
6daf9aa922
Merge pull request #5995 from ts468/qemu-vm
...
Update QEMU Nixos Virtual Machine
2015-02-16 13:13:26 -08:00
c61ff9b51e
Fix grubTarget on nodev installs
2015-02-16 20:19:44 +01:00
80afabd5b5
Update QEMU Nixos Virtual Machine
...
The Nixos Qemu VM that are used for VM tests can now start without
boot menu even when using a bootloader.
The Nixos Qemu VM with bootloader can emulate a EFI boot now.
2015-02-16 20:07:42 +01:00
4621f16b34
azure: add a job to download ssh host and root keys if they are made available via "custom data"; see #3986
2015-02-16 16:54:30 +02:00
5d7000df68
Automatically set nix.nrBuildUsers to at least nix.maxJobs
2015-02-16 12:02:49 +01:00
65438da88a
Merge pull request #6357 from NixOS/jobs-vs-users
...
nix-daemon: Sanity check maxJobs vs nrBuildUsers
2015-02-16 11:42:24 +01:00
824fccd3e9
Move amazon option out of amazon-image.nix, needed to make ec2.hvm usable from nixops, without breaking evaluation for other backends.
...
(cherry picked from commit 213fe8427c5ce455b893c0c5c56cc38175bf36b7)
2015-02-16 09:57:19 +00:00
5092d625d6
/etc/ssl/certs/ca-bundle.crt -> ca-certificates.crt
...
Even though there is no "official" standard location, it's better to
stick to what most distros are using.
2015-02-15 19:06:31 +01:00
75e1b5e317
Provide symlinks to ca-bundle.crt for compat with other distros
...
There is no "standard" location for the certificate bundle, so many
programs/libraries have various hard-coded default locations that
don't exist on NixOS. To make these more likely to work, provide
some symlinks.
2015-02-15 19:06:31 +01:00
f19ed980a2
Sawfish (git): New Package
...
Sawfish is a versatile, Lisp-based window manager
In that commit I include all Sawfish stack:
- librep, a lisp system;
- rep-gtk, bindings for gtk
- sawfish, the window manager
2015-02-15 19:42:53 +03:00
d41367735d
nix-daemon: Sanity check maxJobs vs nrBuildUsers
2015-02-15 15:37:30 +01:00
33550b6efe
Merge pull request #5665 from joachifm/dnscrypt-proxy-apparmor-updates
...
dnscrypt-proxy service: update AppArmor profile
2015-02-14 22:02:31 -08:00
28a9ed618f
Add more options to multitouch (mtrack) module
2015-02-14 14:56:12 -07:00
lethalman
danbst
AndersonTorres
Eelco Dolstra
Tuomas Tynkkynen
Mateusz Kowalczyk
Charles Strahan
Austin Seipp
Oliver Charles
Vladimír Čunát
Luca Bruno
Arseniy Seroka
tv
William A. Kennington III
Joachim Fasting
Thomas Strobel
James Felix Black
Ryan Mulligan
Leroy Hopson
James Cook
Pascal Wittmann
Jaka Hudoklin
Arseniy Seroka
laMudri
Simon Vandel Sillesen
Stewart Mackenzie
Robert Irelan
devhell
Ambroz Bizjak
Joachim Schiele
Shea Levy
Tobias Geerinckx-Rice
Robert Pitts and Trenton Strong
Marcin Falkiewicz
aszlig
Edward Tjörnhammar
Peter Simons
Christoph Hrdinka
Damien Cassou
Thomas Tuegel
Rok Garbas
Russell O'Connor
rushmorem
Casey Ransom
Bjørn Forsman
Domen Kožar
Dan Peebles
Unai Zalakain
Oliver Matthews
Sander van der Burg
Rickard Nilsson
Daniel Peebles
Lluís Batlle i Rossell
Rob Vermaas
Anders Lundstedt
Igor Pashev
Dan Peebles
Timofey Lagutin
Wout Mertens
Ragnar Dahlén
Nikolay Amiantov
Ian-Woo Kim
Bart Brouns
Aristid Breitkreuz
Jonathan Glines
Evgeny Egorochkin
lassulus
Richard Zetterberg
Jussi Maki
Kranium Gikos Mendoza
Ricardo M. Correia
Jascha Geerds
Stephen Weinberg
Philip Potter
Steven Shaw
Alexei Robyn
Bram Duvigneau
Herwig Hochleitner
Jookia
Emery Hemingway
koral
Nicolas B. Pierron
Jan Malakhovski
Cray Elliott
Forkk
Joel Moberg
Peter Feigl
Daniel Ehlers
Franz Pletz
obadz
Markus Kohlhase
Guillaume Maudoux
Bob van der Linden
William Casarin
Robin Gloster
Kirill Elagin
Gabriel Ebner
Anders Papitto
Nikita Mikhailov
Jesse Haber-Kucharsky
Lane Seppala
Eduard Bachmakov
Sou Bunnbu
Sergey Mironov
Mathijs Kwik
Brian McKenna