9f358f809d
Configure a default trust store for openssl
2016-02-03 12:42:01 +01:00
53e0f8b1cd
Merge branch 'fontconfig-caches' into staging
...
Closes #12668 , fixes #12648
2016-02-01 12:20:06 +03:00
39b5bc3b2f
fontconfig service: add pre-generated fonts caches
2016-01-29 14:41:26 +03:00
de0af30716
Merge branch 'master' into staging
2016-01-29 10:19:48 +01:00
bfebc7342e
Fix some references to deprecated /etc/ssl/certs/ca-bundle.crt
2016-01-29 02:32:05 +01:00
2352e2589e
audit: Disable in containers
...
This barfs:
Jan 18 12:46:32 machine 522i0x9l80z7gw56iahxjjsdjp0xi10q-audit-start[506]: The audit system is disabled
2016-01-26 16:25:40 +01:00
b52acfdf01
nixos xserver: remove vaapiDrivers
...
Use hardware.opengl.extraPackages instead.
2016-01-26 13:42:40 +03:00
1ae1791e8e
nixos opengl: add extraPackages and extraPackages32
2016-01-26 13:42:39 +03:00
c95bd5d085
sddm: add numlock switch
...
- added numlock on boot switch
- simply add :
services.xserver.displayManager.sddm.autoNumlock = true;
to configuration.nix and sddm will start
with numlock enabled.
2016-01-26 06:17:32 +00:00
e395cb0214
Merge pull request #12601 from tomberek/gateone_update
...
Gateone: fix cacerts dependency
2016-01-25 23:14:53 +03:00
310aadc48b
Merge pull request #12557 from ryanartecona/nixos-manual-custom-options
...
NixOS manual: allow options from nix packages
2016-01-25 10:43:39 +01:00
ff51021920
Merge pull request #12590 from exi/askpass-in-env
...
nixos-ssh: set SSH_ASKPASS globally and not just on interactive shells
2016-01-25 10:42:31 +01:00
2af19df364
Merge branch 'master' into staging
2016-01-25 10:02:25 +01:00
3e1599f57b
nixos-generate-config: fix #12595 : broadcom quoting
2016-01-25 07:57:53 +01:00
80d38d12b4
Gateone: fix cacerts dependency
2016-01-24 16:52:06 -05:00
312bae7fc0
nixos-ssh: set SSH_ASKPASS globally and not just on interactive shells
...
If we limit SSH_ASKPASS to interactive shells, users are unable to trigger
the ssh-passphrase dialog from their desktop environment autostart scripts.
Usecase: I call ssh-add during my desktop environment autostart and want to have
the passphrase dialog immediately after startup.
For this to work, SSH_ASKPASS needs to be propagated properly on
non-interactive shells.
2016-01-24 11:18:30 +01:00
dd18447055
grsecurity: add NixOS VM test
2016-01-24 04:06:19 +00:00
e409d0fed3
nixos: update-locatedb - harden via systemd ( #7220 )
...
Also, use systemd timers.
Most of the work is by @thoughtpolice but I changed enough of it to warrant changing commit author.
2016-01-23 20:44:30 +00:00
7ccda42007
nixos: uptimed - rewrite and harden a bit ( #7220 )
...
This is mostly @thoughtpolice's work, but I cleaned it up a bit.
2016-01-23 19:28:01 +00:00
bf208745ab
Merge pull request #12290 from abbradar/dovecot-updates
...
Rework dovecot module, add and update plugins, default Dovecot to 2.2
2016-01-23 12:02:23 +03:00
e6cd147ae7
nixos manual: allow options from nix packages
2016-01-22 14:22:12 -05:00
c3abcd8415
Merge pull request #12368 from abbradar/ghostscript-update
...
Ghostscript and CUPS updates
2016-01-22 21:46:52 +03:00
e6d42dfe04
Merge pull request #12459 from avnik/fix-var-lib-postfix-permissions
...
Make /var/lib/postfix world-readable
2016-01-22 17:25:07 +01:00
9ee5a6b858
Merge pull request #12481 from nathan7/usrbinenv-option
...
activation-script module: add environment.usrbinenv option
2016-01-22 11:18:37 +01:00
eda3e938d7
IHaskell: remove un-needed inherit
2016-01-21 17:21:00 -05:00
b39c51a362
Merge pull request #12323 from kragniz/rkt-v0.15.0
...
rkt: 0.14.0 -> 0.15.0
2016-01-21 22:27:33 +01:00
e473a424fb
Merge pull request #12324 from rickynils/nixos-rebuild-remote-try2
...
Fix NixOS installer tests failures introduced by nixos-rebuild changes
2016-01-21 21:20:57 +01:00
3ade072aad
nixos changelog: mention CUPS changes
2016-01-21 20:02:50 +03:00
c92d7481a5
multipath_tools: Rename to multipath-tools
...
See http://nixos.org/nixpkgs/manual/#sec-package-naming
I've added an alias for multipath_tools to make sure that we don't break
existing configurations referencing the old name.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-01-21 16:18:38 +01:00
5b5e2c05c4
nixos/dovecot: add mail user and group
2016-01-21 12:53:26 +03:00
b781cf1a12
nixos/dovecot: add sieveScripts support
2016-01-21 12:53:26 +03:00
39bbac96af
nixos/dovecot: symlink system-wide config and use it
2016-01-21 12:53:25 +03:00
70e77f9b53
nixos/dovecot: use new modules directory
2016-01-21 12:53:25 +03:00
94a43b41af
nixos/dovecot: add dovecot package to modules, force proper dovecot version
2016-01-21 12:53:25 +03:00
b2b58642fe
nixos/dovecot: add 'protocols' option
2016-01-21 12:53:25 +03:00
122929cda7
nixos/dovecot: use systemd's RuntimeDirectory instead of creating it by ourselves
2016-01-21 12:53:25 +03:00
9c7b067c6a
nixos/dovecot: create user/group only if they are default
2016-01-21 12:53:24 +03:00
d1a9c55d91
nixos/dovecot: add reload command
2016-01-21 12:53:24 +03:00
9fe72b34ed
nixos changelog: mention postfix changes
2016-01-21 12:48:30 +03:00
15ea50733d
nixos changelog: mention ejabberd fixes
2016-01-21 12:48:30 +03:00
4948bdadd6
nixos: ihaskell, wrong type restriction redacted
2016-01-21 10:02:39 +01:00
39bd9be5a9
postfix: use built-in set-permission tool to setup queue
...
Make top level /var/lib/postfix as root:root 0755
After generating custom configs in /var/lib/postfix/conf,
`postfix set-permissions` called, to perform all required tricks
related to queue handling (postfix use file mode bits to keep
some internal statuses, so `chmod -R` not recommended by authors,
see comments in $out/libexec/postfix/post-install for details)
Also post-install script was patched, to skip permission check/update
for files inside $out, as well as symlinks following to $NIX_STORE.
Config file `main.cf` extended with all default directory locations,
to prevent post-install script from guessing and overwrite them.
And finally all actions in activation script snippets performed
by postmap/postalias/postfix tools from current build, not random one
from paths.
2016-01-20 14:52:59 +02:00
eac8cb1ce1
Merge pull request #11896 from mayflower/upstream-networkd
...
networkd: add IPForward IPMasquerade options, DHCPServer section
2016-01-20 13:06:44 +01:00
51c6383ebd
nixos-rebuild: Build only the 'out' output of nix (not 'doc' and 'debug' too)
...
This fixes the failing NixOS installer tests.
2016-01-20 10:01:59 +01:00
fb2eae08d5
Revert "Revert "nixos-rebuild: Add option for building and/or deploying on a remote host""
...
This reverts commit 78be7f5a53
2016-01-20 10:01:59 +01:00
2a88417f03
nixos/doc: fix to: ~/.nix-defexpr wasn't created, fixes #6606
2016-01-20 04:59:16 +01:00
f8c3130e0f
softether: Fixed problems with using systemd services
2016-01-20 03:47:33 +01:00
5b8c871842
If container name is already unique, don't append "-0"
...
When using `--ensure-unique-name`, don't needlessly append `"-0"` if the
container name is already unique.
This is especially helpful with NixOps since when it deploys to a
container it uses `--ensure-unique-name`. This means that the container
name will never match the deployment host due to the `"-0"`. Having the
container name and the host name match isn't exactly a requirement, but
it's nice to have and a small change.
2016-01-20 03:46:19 +01:00
109ba4c861
nixos: add test for postgresql, fixes #11146
2016-01-20 03:42:59 +01:00
1c393cbb3c
gale service: fix permissions configuration, fixes #12457
2016-01-20 02:09:40 +01:00
Guillaume Maudoux
Nikolay Amiantov
Vladimír Čunát
Eelco Dolstra
Tony White
Arseniy Seroka
Franz Pletz
Thomas Bereknyei
Reno Reckling
Dan Peebles
Ryan Artecona
Peter Simons
Domen Kožar
aszlig
Edward Tjörnhammar
Alexander V. Nikolaev
Robin Gloster
Rickard Nilsson
Joachim Schiele
Rick Yang
Peter Jones
Rok Garbas
Mark Laws