public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
131,362 Commits 1 Branch 0 Tags
Commit Graph

8119 Commits

Author SHA1 Message Date
Robin Stumm
72e50645a3 znapzend service: fix autostart 2017-05-15 15:09:50 +02:00
Tuomas Tynkkynen
3d79d8c28b sd-image-*.nix: Drop minimal profile 
It's annoying to not have manpages when installing.
 2017-05-14 23:52:47 +03:00
Franz Pletz
0cd0581b75
gitlab-runner service: only depend on docker if enabled 2017-05-14 22:47:35 +02:00
Joachim Fasting
e6c65ecb12
tree-wide: remove uses of features.grsecurity 2017-05-14 15:08:51 +02:00
Jörg Thalheim
ae12ded6bf Merge pull request #25381 from sargon/nullmailer 
nullmailer + service: init at 2.0
 2017-05-13 07:13:07 +01:00
tv
f46b3a038f users-groups module: add per-user packages 2017-05-12 20:30:22 +02:00
Michał Pałka
8aa756b64a gitlab service: fix uploading artifacts from gitlab-runner 
Add the binaries from gitlab-workhorse to the path of the
gitlab-workhorse service, as gitlab-zip-metadata is needed
by the service
 2017-05-12 06:52:33 +00:00
lassulus
fd7a8f1b91 nixos/security/acme: fix acme folder permissions 2017-05-11 18:49:26 +02:00
Tristan Helmich
d25bf8e72f elasticsearch service: remove postStart script 2017-05-11 12:10:18 +02:00
Michał Pałka
1c7629ce63 xen service: Fix removing netfilter rules while stopping xen-bridge 
This fixes a bug in the stopping script for the xen-bridge service,
which caused the script to crash and fail to remove some
netfilter rules.
 2017-05-11 09:52:36 +00:00
Jörg Thalheim
ad67c286e1 salt-minion: link to configuration documentation 2017-05-11 07:12:04 +01:00
Aneesh Agrawal
e22ccad978 salt: Add minion service module 2017-05-10 21:26:02 -04:00
Jörg Thalheim
731917a800
cups: mount private /tmp 
printer driver and wrapper are often not written with security in mind.

While reviewing https://github.com/NixOS/nixpkgs/pull/25654 I found
a symlink-race vulnerability within the wrapper code, when writing
unique files in /tmp.
I expect this script to be reused in other models as well
as similar vulnerabilities in the code of other vendors. Therefore
I propose to make /tmp of cups.service private so that only processes
with the same privileges are able to access these files.
 2017-05-10 18:03:42 +01:00
Jörg Thalheim
e33848568d
systemd-boot: document reasoning behind syncfs(2) 2017-05-10 10:32:26 +01:00
Patrick Callahan
3f6d21bafc
fish: resolve NixOS-related initialization problems 2017-05-10 10:16:10 +01:00
Jörg Thalheim
98ff062ed4 Merge pull request #25650 from Mic92/systemd-boot 
systemd-boot: sync efi filesystem after update
 2017-05-10 09:05:09 +01:00
Jörg Thalheim
7b211da119 Merge pull request #25531 from Infinisil/fix/ipfs-dataDir 
ipfs service: Fix dataDir being ignored
 2017-05-10 07:19:23 +01:00
Eric Sagnes
92bb3e8b9b i3: fix runtime dependencies 
Fixes #25633.
 2017-05-10 02:42:44 +02:00
Jörg Thalheim
9c90ff7e7d Merge pull request #25611 from Lassulus/copytoram-option 
nixos/iso-image: add option for copytoram
 2017-05-09 22:36:59 +01:00
Jörg Thalheim
e697585675
hardware.enableRedistributableFirmware: fix spelling error 2017-05-09 20:13:15 +01:00
Jörg Thalheim
e3beb07108
systemd-boot: sync efi filesystem after update 
Since fat32 provides little recovery facilities after a crash,
it can leave the system in an unbootable state, when a crash/outage
happens shortly after an update. To decrease the likelihood of this
event sync the efi filesystem after each update.
 2017-05-09 19:06:27 +01:00
Aneesh Agrawal
779ae06467 Add salt master module (#25632) 
* salt: 2016.11.2 -> 2016.11.4

* salt: Add master NixOS module
 2017-05-09 18:20:35 +01:00
Jason A. Donenfeld
6e50243d98 wireguard: preshared-key is now an attribute of the peer 
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
 2017-05-09 16:58:39 +02:00
Jörg Thalheim
5385a8e216 Merge pull request #25636 from Mic92/firmware 
hardware: add enableRedistributalFirmware
 2017-05-09 15:57:49 +01:00
Jörg Thalheim
05aa80c06a
hardware: add enableRedistributalFirmware 
Due the recent inclusion of broadcom-bt-firmware in enableAllFirmware,
it was required to set `nixpkgs.config.allowUnfree` to obtain the full
list. To make this dependency more explicit an assertion is added and an
alternative option `enableRedistributalFirmware` is provided to only
obtain firmware with an license allowing redistribution.
 2017-05-09 15:29:08 +01:00
Maximilian Bosch
9d1db321fe
services.xserver.xautolock: add module 2017-05-09 15:02:10 +02:00
Peter Hoeg
112b5556af Merge pull request #25397 from clefru/qemu-OVMF-on-channels 
Introduce virtualisation.libvirtd.qemuOvmf.
 2017-05-09 16:36:45 +08:00
Jörg Thalheim
ddb6d0962e
environment.profileRelativeEnvVars: remove sbin from example 
follow up of https://github.com/NixOS/nixpkgs/pull/25550
 2017-05-09 08:51:04 +01:00
Jörg Thalheim
33cfad8227 Merge pull request #25550 from Mic92/sbin 
environment: remove sbin from PATH
 2017-05-09 08:39:01 +01:00
lassulus
334ac4f043 nixos/iso-image: add option for copytoram 2017-05-08 10:40:00 +02:00
Jörg Thalheim
192f8e7699
broadcom-bt-firmware: revert to unfree 
license was misinterpreted, it is now only conditionally in the all
firmware list included, if `allowUnfree` is set.

fixes #25567
 2017-05-08 09:18:11 +01:00
Franz Pletz
cce8aab9de
mattermost service: PrivateTmp broken with local postgresql 2017-05-08 09:18:32 +02:00
Joachim F
a1dc3fdf23 Merge pull request #25562 from montag451/gnome-disks-dbus 
gnome-disks: add D-Bus service
 2017-05-07 18:54:19 +01:00
Graham Christensen
4d44810fe7 Merge pull request #25365 from armijnhemel/mediawiki 
mediawiki: 1.27.1 -> 1.27.3
 2017-05-07 06:58:32 -04:00
Jörg Thalheim
6b0d8027ef
zfs: zed service is now called zfs-zed 
fixes #25566
 2017-05-07 10:22:14 +01:00
Peter Simons
71ae259627 nixos: revert changes from 3ab45f4b369c in taskserver module 
See 3ab45f4b36 (commitcomment-22029298).

Fixes https://github.com/NixOS/nixpkgs/issues/25529 (I hope).
 2017-05-06 19:50:02 +02:00
montag451
3be53fca60 gnome-disks: add D-Bus service 2017-05-06 19:40:37 +02:00
Joachim F
dc2fc5ed57 Merge pull request #25495 from michalpalka/xen-forward-dns 
xen service: Forward DNS queries from Xen guests
 2017-05-06 13:56:10 +01:00
Joachim F
6ef9875edb Merge pull request #25494 from michalpalka/xendomains 
xen service: Add the possibility to override configuration of xendomains
 2017-05-06 13:55:59 +01:00
Joachim F
e2f9c1b97b Merge pull request #25281 from michalpalka/master 
xen service: fix xen-bridge not setting the configured netmask
 2017-05-06 13:55:50 +01:00
Jörg Thalheim
539b091f6e
environment: remove sbin from PATH 
sbin is a symlink to bin. /run/current-system/sw/sbin and related
profiles only contains packages, which have this symlink. It is a subset
of bin.
 2017-05-06 08:39:27 +01:00
Silvan Mosberger
91ee3530a7 ipfs service: Fix dataDir being ignored 
IPFS uses the environment variable IPFS_PATH to determine where to look for it's data, which wasn't set previously therefore ignoring the dataDir attribute
 2017-05-05 11:25:36 +02:00
Jörg Thalheim
6ad804324f
environment: remove lib/kde4/libexec from PATH 
kde4 is gone and does need to be in $PATH anymore by default
 2017-05-05 07:50:34 +01:00
Joachim F
a2bfdd05ed Merge pull request #25451 from volth/xrdp-dont-restart 
xrdp: do not restart xrdp-sesman on nixos-rebuild
 2017-05-05 00:20:45 +01:00
Jörg Thalheim
3156ef2dfd Merge pull request #25478 from zraexy/zraexy-broadcom-bt-firmware 
broadcom-bt-firmware: init at 12.0.1.1011
 2017-05-04 22:33:06 +01:00
Domen Kožar
14f5a3d760
nixos datadog module: add processConfig option 2017-05-04 13:25:45 +02:00
Rob Vermaas
a9f054c834
dd-agent: Add default config files of dd-agent and auto_conf dir 
to /etc/dd-agent/conf.d by default, and make sure
/etc/dd-agent/conf.d is used.

Before NixOS 17.03, we were using dd-agent 5.5.X which
used configuration from /etc/dd-agent/conf.d

In NixOS 17.03 the default conf.d location is first used relative,
meaning that $out/agent/conf.d was used without NixOS overrides.

This change implements similar functionality as PR #25288, without
breaking backwards compatibility.

(cherry picked from commit 77c85b0ecbc1070d7adff31b339bede92e4193fa)
 2017-05-04 09:47:21 +00:00
Michał Pałka
e7203cb03d xen service: Forward DNS queries from Xen guests 
Provide the option forwardDns in virtualisation.xen.bridge, which
enables forwarding of DNS queries to the default resolver, allowing
outside internet access for the xen guests.
 2017-05-04 08:48:03 +00:00
Michał Pałka
3b0daa1a28 xen service: Add the possibility to override configuration of xendomains 
Add the option virtualisation.xen.domain.extraConfig, which
allows overriding options passed to xendomains.
 2017-05-04 08:31:40 +00:00
zraexy
d900478e3c broadcom-bt-firmware: init at 12.0.1.1011 
broadcom-bt-firmware: init at 12.0.1.1011
 2017-05-03 12:51:32 -08:00