Commit Graph

13337 Commits

Author SHA1 Message Date
Frederik Rietdijk
087b87758e Merge master into staging-next 2019-06-15 08:17:58 +02:00
Samuel Dionne-Riel
861bbbcb3c nixos/sshd: fixes validation for cross-compilation
See https://github.com/NixOS/nixpkgs/pull/62853
2019-06-15 00:56:42 -04:00
Samuel Dionne-Riel
8c14a6f641
Merge pull request #63135 from Ma27/captive-browser-regression
nixos/captive-browser: fix module
2019-06-14 21:29:26 -04:00
Florian Klink
e0818a1530
nixos/systemd: enable systemd-tmpfiles-setup and -clean for user sessions (#62813)
nixos/systemd: enable systemd-tmpfiles-setup and -clean for user sessions
2019-06-14 22:43:15 +02:00
Maximilian Bosch
d9f7bac91f
nixos/captive-browser: fix module
Fixes the broken metrics evaluation which was caused by a `trace`
warning in stdout which confused `jq` in `pkgs/top-level/metrics.nix`.

Also made the `bind-device` feature optional as suggested after the
merge.
2019-06-14 20:38:33 +02:00
Vladimír Čunát
788261a1a9
Merge branch 'master' into staging-next
Brings in Haskell rebuild.
Hydra nixpkgs: ?compare=1525186
2019-06-14 17:47:23 +02:00
aszlig
c26584f1e5
nixos: Fix build of manual
Manual build broken by 79f7f89442, which
is part of pull request #59179 (Fix Cassandra, improve config and
tests).

The issue was just a small error because of an unbalanced <literal/>
tag, so only a "/" was missing :-)

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @aanderse
2019-06-14 05:36:06 +02:00
Aaron Andersen
fadceeb075
Merge pull request #59179 from JohnAZoidberg/cassandra-module
Fix Cassandra, improve config and tests
2019-06-13 20:37:10 -04:00
Aaron Andersen
a49b546c92 nixos/httpd: remove unmaintained subservice (phabricator) 2019-06-13 17:12:13 -04:00
Aaron Andersen
e278ff48bc nixos/phd: remove unmaintained service 2019-06-13 17:09:45 -04:00
Aaron Andersen
b2ce867a91 phabricator: remove unreferenced test 2019-06-13 17:09:02 -04:00
Lasse Blaauwbroek
0515392ed3 Fix ddclient extraConfig
The the extraConfig variable is added below the domain variable in the
ddclient config file. The domain variable should always be last.

(cherry picked from commit ba0ba6dc7934a6b4cc5d4090739a3a1c839afe67)
2019-06-13 18:25:59 +02:00
Wout Mertens
7938c1613d
kernel.nix: boot.vesa implies nomodeset
Without nomodeset the console is reset to 80x25 after Grub
2019-06-13 17:58:08 +02:00
Maximilian Bosch
d1990cff8d
Merge pull request #58036 from volth/captive-browser
nixos/programs.captive-browser: init
2019-06-13 14:05:13 +02:00
Danylo Hlynskyi
e718eb6243
Merge pull request #62712 from danbst/module-conflict-naming
NixOS module system: improve one of error messages
2019-06-13 11:59:54 +03:00
Daniel Schaefer
03503121da nixos/cassandra: Don't force SimpleSeedProvider
If the `seedAddresses` is not set, don't force `SimpleSeedProvider` to
be in `seed_provider`. This could cause problems in a multi-datacenter
deployment when a different seed provider is preferred.
2019-06-13 04:36:42 +02:00
Daniel Schaefer
8e5ba87b36 nixos/cassandra: Test remote auth only on v3.11+
Below that it works but only when supplying a custom password file with
restricted permissions (i.e. outside the nix-store). We can't do that
using an absolute path in the tests.
2019-06-13 04:36:41 +02:00
Daniel Schaefer
79f7f89442 nixos/cassandra: Use docbook instead of markdown style 2019-06-13 04:36:41 +02:00
Daniel Schaefer
9ecd584785 nixos/cassandra: Add option for password file path
If you're on a multi user system you don't want to have the password in
the nix-store. With the new jmxRolesFile option you can specify your own
protected file instead.
2019-06-13 04:36:41 +02:00
Daniel Schaefer
7d646f2605 nixos/cassandra: Test jmxRoles 2019-06-13 04:36:41 +02:00
Daniel Schaefer
3162f45388 nixos/cassandra: Test maxHeapSize 2019-06-13 04:36:41 +02:00
Daniel Schaefer
2368345052 nixos/cassandra: Set test VM IPs statically 2019-06-13 04:36:41 +02:00
Daniel Schaefer
545ac1820f nixos/cassandra: Test seedAddresses 2019-06-13 04:36:41 +02:00
Daniel Schaefer
2d014f4448 nixos/cassandra: Test clusterName 2019-06-13 04:36:41 +02:00
Daniel Schaefer
4c880fd742 nixos/cassandra: Use ipAddress and capital letters 2019-06-13 04:36:41 +02:00
Daniel Schaefer
35531f4016 nixos/cassandra: Allow setting JMX credentials
If we have the ability to enable remote JMX we should also support
setting credentials for that because they become required if you turn it
on.
2019-06-13 04:36:41 +02:00
Daniel Schaefer
2bcca9271a nixos/cassandra: Reenable tests 2019-06-13 04:36:41 +02:00
Daniel Schaefer
6778ee1862 nixos/cassandra: Fix test by listening on IP
Seems like you can't have a node as its own seed when it's listening on
an interface instead of an IP. At least the way it was done in the
test doesn't work and I can't figure out any other way than to just
listen on the IP address instead.
2019-06-13 04:36:41 +02:00
Daniel Schaefer
c1991fb18d nixos/cassandra: Add clusterName 2019-06-13 04:36:41 +02:00
Daniel Schaefer
f0031432ce nixos/cassandra: Add nixos conf for Java env 2019-06-13 04:36:40 +02:00
Daniel Schaefer
746b82bd4a nixos/cassandra: Allow setting of seed addresses
Allow for more intuitive specifying of seed node addresses with Nix
syntax.
2019-06-13 04:34:03 +02:00
Daniel Schaefer
a2aa01be0c nixos/cassandra: Enable CQL server by default
Resolves #50954
2019-06-13 04:34:03 +02:00
Maximilian Bosch
401360e15b
Merge pull request #61923 from aanderse/gitea
nixos/gitea: make use of declarative features where applicable
2019-06-13 01:01:18 +02:00
Wael Nasreddine
da3ec20a72
Merge pull request #63035 from rvolosatovs/update/go
go: 1.12.5->1.12.6, 1.11.10->1.11.11
2019-06-12 08:50:39 -07:00
Eelco Dolstra
734b3e7758
Merge pull request #62966 from bjornfor/nixos-generate-config-bcache
nixos-generate-config: add support for bcache
2019-06-12 10:06:17 +02:00
Frederik Rietdijk
7953a65269 Merge staging-next into staging 2019-06-12 09:24:00 +02:00
Frederik Rietdijk
7184efb40a Merge master into staging-next 2019-06-12 09:22:07 +02:00
Franz Pletz
9b2ee2c057
Merge pull request #62838 from mayflower/fix/cryptsetup-kernel-crypto
cryptsetup: enable kernel crypto api support again
2019-06-12 05:05:38 +00:00
Robin Gloster
68c30f0d9b
Merge pull request #62153 from WilliButz/avahi-refactor
avahi: set service directory and refactor module
2019-06-11 14:04:33 +00:00
pacien
7cc0c50e39 nixos/cgit: mention filters in configText example 2019-06-11 15:27:56 +02:00
Jörg Thalheim
e829aeefa3
Merge pull request #62101 from michaelpj/imp/lenovo-throttled
throttled: fix for Intel CPU throttling issues
2019-06-11 11:10:52 +01:00
Lucas Savva
24e974b904
bind: Remove deprecated flag from rndc-confgen
Fixes bind.service startup issue after NixOS/nixpkgs#61619
2019-06-11 09:05:56 +02:00
worldofpeace
814c4c1b9d
Merge pull request #61366 from romildo/upd.deepin.dde-file-manager
deepin.dde-file-manager: init at 4.8.6.2
2019-06-11 02:00:43 -04:00
José Romildo Malaquias
057016a2c5 nixos/deepin: add dde-file-manager services 2019-06-11 01:57:16 -04:00
Matthew Bauer
02698c4a61
Merge pull request #59803 from volth/patch-316
nixos/netboot: import -> callPackage
2019-06-10 21:30:23 -04:00
Matthew Bauer
049884ba12
Merge pull request #62941 from woffs/openvpn-url
openvpn: fix static key mini howto url
2019-06-10 21:24:53 -04:00
Aaron Andersen
7145cf224c nixos/gitea: replace deprecated usage of PermissionsStartOnly
see #53852
2019-06-10 20:32:35 -04:00
Aaron Andersen
9d251d8b21 nixos/gitea: define a gitea group to avoid "nogroup" ownership 2019-06-10 20:32:35 -04:00
Aaron Andersen
615f8b8982 nixos/gitea: utilize mysql|postgresql.ensureDatabases & ensureUsers to provision databases 2019-06-10 20:32:28 -04:00
Bjørn Forsman
4755811a12 nixos-generate-config: add support for bcache
Add "bcache" to boot.initrd.availableKernelModules if a bcache device is
detected.

This fixes a problem I've had one too many times: I install NixOS and
forget to add "bcache", resulting in an unbootable machine (until fixed
with Live CD). Now NixOS will do it for me.
2019-06-10 21:22:07 +02:00
adisbladis
32b374f780
Merge pull request #62315 from adisbladis/pulseaudio/resample-method
nixos/pulseaudio: Set speex-float-5 as default resample-method
2019-06-10 15:05:44 +02:00
Frank Doepper
f7ef7bacb7 openvpn: fix static key mini howto url 2019-06-10 13:02:45 +02:00
Maximilian Bosch
338a6e3f38
Merge pull request #62935 from danieldk/cargo-vendor-change-doc
nixos/release-notes: document changed CargoSha256 hashes
2019-06-10 10:56:33 +02:00
Frederik Rietdijk
e58f0f6c99 Merge master into staging-next 2019-06-10 10:35:50 +02:00
Daniël de Kok
b5b5648be8 nixos/release-notes: document changed CargoSha256 hashes
cargoSha256 hashes change as result of changes in cargo-vendor, as
discussed in #60668.
2019-06-10 08:42:19 +02:00
Roman Volosatovs
8e489018d3
systemd-networkd: Only generate [Match] if present 2019-06-09 19:09:10 +02:00
Jörg Thalheim
98e3b90b6c
Merge pull request #62269 from dasJ/fix-bird-reload
nixos/bird: Fix reload
2019-06-09 17:34:30 +01:00
Klemens Nanni
03d6c406fc
nixos/documentation: nixos-help: use w3m(1) by default
It is referenced in various places, but does not work out of the box:

	$ nixos-help
	/run/current-system/sw/bin/nixos-help: unable to start a web browser; please set $BROWSER

In the user-hidden fallbacks to xdg-open(1) and w3m(1), `nixos-help`
expects tools to be deliberately installed by users.

For default installations and new users in general, this is unlikely to
be the case.  Conversely, chances to use `nixos-help` are even higher
in such cases.

Use w3m-nographics by default to ensure documentation is always
available.  The documentation browser on ttyS8 already does so, but is
not accessible in every installation, e.g. VMs with only ttyS0 and SSH
available.

This obsoletes including it in the base profile's systemPackages,
so remove the @TODO as done.
2019-06-09 17:11:20 +02:00
Robin Gloster
2e49cb9772
Merge pull request #62887 from etu/php72-to-php73
php: Upgrade to php73 as default php
2019-06-09 15:06:38 +00:00
Frederik Rietdijk
d3afcac771 Merge master into staging-next 2019-06-09 12:28:52 +02:00
WilliButz
f491e94bac nixos/wireguard: add peer service to interface dependencies (#62828)
Previously each oneshot peer service only ran once and was not
restarted together with the interface unit. Because of this,
defined peers were missing after restarting their corresponding
interface unit.

Co-Authored-By: Franz Pletz <fpletz@fnordicwalking.de>
2019-06-09 11:51:45 +02:00
gnidorah
fe01afae42 nixos/jack: option to adjust dmix buffering (#62854) 2019-06-09 11:40:22 +02:00
Elis Hirwing
40af20b472
php: Upgrade to php73 as default php 2019-06-09 11:18:44 +02:00
Nikolay Amiantov
1d7d5d9be6
Merge pull request #62885 from abbradar/mtproxy
mtprotoproxy: init package and service
2019-06-09 12:17:41 +03:00
Nikolay Amiantov
05c1addde3 mtprotoproxy service: init 2019-06-09 11:49:03 +03:00
Izorkin
82ad143a51
nixos/zsh: move zsh setopt 2019-06-09 00:13:01 +02:00
Sarah Brofeldt
635e3b1e6f
Merge pull request #62758 from peterhoeg/f/zm
nixos/zoneminder: font files cannot be found
2019-06-08 14:36:04 +02:00
Franz Pletz
c51786bd5d
nixos/tests: fix luksroot installer test name
Both tests were previously called "luksroot-luks2".
2019-06-08 12:14:03 +02:00
Daiderd Jordan
9b52ff5335
Merge pull request #62133 from LnL7/nixos-uwsgi
nixos: add test for uwsgi
2019-06-08 11:25:51 +02:00
lewo
0e28092a56
Merge pull request #62773 from danieldk/docker-shared-layer-test
nixos/tests/docker-tools: check layer sharing with buildLayeredImage
2019-06-08 09:01:11 +02:00
Samuel Dionne-Riel
fd0f8adaab nixos/desktop-managers/xterm: Defaults to xserver's state
This enhances #61423, which removed the gating of desktop-managers from
being linked to the xserver's state.

This, though, brought in xterm into all systems, even those without X
servers.

This change sets the *default* of the xterm desktop-manager to the state
of the xserver, keeping it enabled by default as a sane fallback.

The xterm desktop-manager can still be enabled or disabled as needed,
without it being affected by xserver's state.
2019-06-08 01:01:22 -04:00
Franz Pletz
2587df7f02
cryptsetup: enable kernel crypto api support again
This is needed for tcrypt and the benchmark subcommand. If enabled,
it is also used to unlock LUKS2 volumes and therefore the kernel modules
providing this feature need to be available in our initrd.

Fixes #42163. #54019.
2019-06-07 22:15:35 +02:00
Franz Pletz
3827343aec
Merge pull request #62452 from Ma27/package-wireguard-prometheus-exporter
prometheus-wireguard-exporter: init at 2.0.1
2019-06-07 16:50:39 +00:00
Maximilian Bosch
bf09e6a14e
prometheus-wireguard-exporter: init at 2.0.1
This is a simple exporter which exports the information
provided by `wg show all dump` to prometheus.

Co-authored-by: Franz Pletz <fpletz@fnordicwalking.de>
2019-06-07 17:40:44 +02:00
zimbatm
18ae1ecf03
nixos/cryptpad: add module 2019-06-07 13:02:51 +02:00
Jörg Thalheim
48bb168e26
zfs: 0.7.13 -> 0.8.0 (#62763)
zfs: 0.7.13 -> 0.8.0
2019-06-07 11:15:37 +01:00
Peter Hoeg
255550e003 nixos/systemd: enable systemd-tmpfiles-setup and -clean for user sessions 2019-06-07 14:52:46 +08:00
worldofpeace
29cc54c383 rl-1909: add note about PulseAudio resample-method 2019-06-06 18:50:33 -04:00
Graham Christensen
9d11c30cf9
Merge pull request #62779 from grahamc/containers-restart
Restart declarative containers when their host environment configuration changes
2019-06-06 12:57:23 -04:00
Graham Christensen
b2fbbad107
nixos containers: restart containers with autoStart = true when their conf changes 2019-06-06 11:57:08 -04:00
Graham Christensen
e7872cda4b
nixos containers: don't shadow config, rename to containerConfig 2019-06-06 11:57:05 -04:00
Daniël de Kok
3b0d5b5ed3 nixos/tests/docker-tools: check layer sharing with buildLayeredImage
Adapted from grahamc's blog post on layered Docker images in Nix:

https://grahamc.com/blog/nix-and-layered-docker-images
2019-06-06 15:03:08 +02:00
Aaron Andersen
fae95c2c82
Merge pull request #60021 from aanderse/httpd-cleanup
nixos/httpd: cleanup old apache2.2 syntax
2019-06-06 06:46:05 -04:00
Eelco Dolstra
4bb48e7f99
wireguard: Don't fail if modprobe fails
This can lead to unnecessary failures if the kernel module is already
loaded:

  Jun 06 12:38:50 chef bglisn9bz0y5403vdw9hny0ij43r41jk-unit-script-wireguard-wg0-start[13261]: modprobe: FATAL: Module wireguard not found in directory /run/booted-system/kernel-modules/lib/modules/4.19.36
2019-06-06 12:40:30 +02:00
Jörg Thalheim
11b8a5f20e
zfs: 0.7.13 -> 0.8.0
Same as zfsUnstable for the moment.
We still keep the zfsUnstable expression as we likely
need it in the near future again.
Also remove spl since it is no longer needed.
2019-06-06 10:07:43 +01:00
Robin Gloster
2cca7180c1
Merge pull request #60029 from Ma27/configure-ipv4-for-imperative-container
nixos-container: allow setting custom local and host address
2019-06-06 07:35:07 +00:00
Peter Hoeg
527876038e nixos/zoneminder: font files cannot be found 2019-06-06 14:15:01 +08:00
Matthew Bauer
f8c12edfdf
Merge pull request #62333 from kampka/buildPackages-for-config-builders
Build packages for config builders
2019-06-05 14:47:16 -04:00
markuskowa
0bf6841a21
Merge pull request #62570 from r-ryantm/auto-update/slurm
slurm: 18.08.7.1 -> 19.05.0.1
2019-06-05 14:46:41 +02:00
Markus Kowalewski
fcde305932
nixos/slurm: fix test
The entry slurmdbd seems to be delayed.
Increasing the waiting time make the test more reliable.
2019-06-05 14:14:46 +02:00
Vladimír Čunát
c0ccf42c69
Merge branch 'staging-next' into staging 2019-06-05 11:12:34 +02:00
worldofpeace
094e150804
Merge pull request #61729 from worldofpeace/geoclue/no-root
nixos/geoclue2: don't run as root
2019-06-04 23:11:34 -04:00
worldofpeace
cc5ec447a0
Merge pull request #62623 from michaelpj/fix/localtime-geoclue
localtime: set geoclue config
2019-06-04 22:36:28 -04:00
worldofpeace
87ec4fa2d1
Merge pull request #62624 from michaelpj/fix/redshift-geoclue
redshift: add geoclue config
2019-06-04 22:35:25 -04:00
danbst
f7940bb95d nixos/containers: give a name to an anonymous container module
See https://github.com/NixOS/nixpkgs/issues/15747. Previously this module was called `<unknown-file>`
in error messages, now it is called a bit more close to real:
```
module at /home/danbst/dev/nixpkgs/nixos/modules/virtualisation/containers.nix:470
```
2019-06-05 03:11:09 +03:00
Michael Peyton Jones
efbd890f99
nixos: add throttled service 2019-06-04 22:30:38 +01:00
Silvan Mosberger
08f2e282e1
nixos/deluge: add autFile, config and port options (#58552)
nixos/deluge: add autFile, config and port options
2019-06-04 23:16:06 +02:00
Matthew Bauer
22039a182e
Merge pull request #62606 from Shados/fix-62602
nixos/grub: Add defaultText for font option
2019-06-04 14:34:13 -04:00
Brice Waegeneire
2fa256bd55 nixos/deluge: add authFile, config & port options 2019-06-04 18:08:11 +02:00
WilliButz
dbf4be4642
nixos/tests/avahi: add test for extra service definitions 2019-06-04 02:09:59 +02:00
WilliButz
229e7834eb
nixos/doc: add section about avahi changes 2019-06-04 00:23:49 +02:00
WilliButz
1800e49a0b
nixos/ids: remove avahi uid/gid 2019-06-04 00:22:49 +02:00
WilliButz
49302dc593
nixos/avahi: refactor module, add option extraServiceFiles
Types are now specified for all options.
The fixed uid and gid for the avahi user have been removed
and the user avahi is now in the group avahi.
The the generic opening of the firewall for UDP port 5353 is
now optional, but still defaults to true.

The option `extraServiceFiles` was added to specify avahi
service definitions, which are then placed in `/etc/avahi/services`.
2019-06-04 00:22:48 +02:00
Bas van Dijk
f6ba5b91e8
Merge pull request #62616 from basvandijk/strongswan-5.8.0
strongswan: 5.7.2 -> 5.8.0
2019-06-03 23:43:20 +02:00
Vladimír Čunát
ee86a325dd
Merge branch 'staging-next' into staging
Conflicts (simple):
	nixos/doc/manual/release-notes/rl-1909.xml
2019-06-03 22:34:49 +02:00
Silvan Mosberger
b9ffded489
jack module: init (#57712)
jack module: init
2019-06-03 19:18:04 +02:00
Michael Peyton Jones
01d06dc35f
redshift: add geoclue config
The geoclue module now lets us set application config. This should make
it more robust in desktop environments that don't define a geoclue
agent.

Fixes #45994.
2019-06-03 18:13:21 +01:00
Michael Peyton Jones
d3a4a5bd95
localtime: set geoclue config
The geoclue module now lets us set application config. This should make
it more robust in environments that don't provide a geoclue agent.

Fixes #44725.
2019-06-03 18:12:33 +01:00
Bas van Dijk
1959799d51 strongswan: 5.7.2 -> 5.8.0 2019-06-03 18:01:55 +02:00
Maximilian Bosch
0dbdb2e21d
Merge pull request #62528 from eadwu/compton/wintypes-conflict
compton: try not to conflict wintypes
2019-06-03 15:41:37 +02:00
Andreas Rammhold
7508490770
nixos/test: remove the stateVersion statement from the test-instrumentation
We set stateVersion to `mkDefault 18.03` in
`nixos/modules/testing/test-instrumentation.nix` and in
`modules/installer/cd-dvd/installation-cd-base.nix`.

Accessing the stateVersion in the module system from within the tests
results in the following error:
> The unique option `system.stateVersion' is defined multiple times, in
> `nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-base.nix' and
> `nixpkgs/nixos/modules/testing/test-instrumentation.nix'.

There are other tests that use it as well. Namely the radicale test also
verifies behaviour between state versions is as expected. It switches a
package default value. Others switched on the state directory default.
It seems like having the timesyncd switch as part of every rendered
activationScript might cause this weird error.

Removing this line seems like a reasonable thing to do since we actually
set the default to the very same value in the module system. This line
should have been no-op besides the issue that we've two statements
setting it in this very specific case.
2019-06-03 15:05:24 +02:00
Andreas Rammhold
9077623324
nixos/misc: warn when someone is using the nixops autoLuks module
The autoLuks module is not really compatible with the updated systemd
version anymore. We started dropping NixOS specific patches that caused
unwanted side effects that we had to work around otherwise.

This change points users towards the relevant PR and spits out a bit of
information on how to deal with the situation.
2019-06-03 15:05:23 +02:00
Andreas Rammhold
024a383d64
nixos/systemd: migrate systemd-timesync state when required
Somewhen between systemd v239 and v242 upstream decided to no longer run
a few system services with `DyanmicUser=1` but failed to provide a
migration path for all the state those services left behind.

For the case of systemd-timesync the state has to be moved from
/var/lib/private/systemd/timesync to /var/lib/systemd/timesync if
/var/lib/systemd/timesync is currently a symlink.

We only do this if the stateVersion is still below 19.09 to avoid
starting to have an ever growing activation script for (then) ancient
systemd migrations that are no longer required.

See https://github.com/systemd/systemd/issues/12131 for details about
the missing migration path and related discussion.
2019-06-03 15:05:19 +02:00
Florian Klink
bc71b6eaf6
nixosTests.containers-imperative: add tmpfiles test
(cherry picked from commit 92600a90e248aa27f2aedcce4ad309f987a390df)
2019-06-03 15:05:18 +02:00
Andreas Rammhold
1b7b1dbe2f
nixos/networkd: rename GatewayOnlink to GatewayOnLink
This follows upstreams renaming of the option [1].

[1] 9cb8c55934
2019-06-03 15:05:17 +02:00
Andreas Rammhold
d600da7045
nixos/networkd: use the route section for default routes
With systemd v242 using the `Gateway` attribute of the `[Network]`
section will lead to "onlink" routes on all the device that are matched
by the default configuration (typically all devices) causing multiple
default routes (even on localhost).

We can only avoid that - while keeping our default route option - when
we mark the route as explicitly not on link. Only gateways that are
within a subnet of one of the assigned interface addresses will be
installed into the routing table.
2019-06-03 15:05:16 +02:00
Andreas Rammhold
a32cd7d84a
nixos/networkd: use no instead of none for DHCP= option
systemd has deprecated the use of `none` and recommends using `no`
instead.
2019-06-03 15:05:15 +02:00
Andreas Rammhold
4743ad7392
nixos/tests/radicale: be a bit more permissive when matching logs
With the systemd update to v242 five lines are not longer sufficient to
verify that the storage was verified. In order to reduce future test
failures increasing it to 10 lines sounds like a sane amount.
2019-06-03 15:05:14 +02:00
Andreas Rammhold
1f03f6fc43
nixos/udev: switch networking.usePredicatableInterfaceNames to a kernel param
The udev rules we are shipping no longer work with systemd v242 and were
remove upstream some time ago. It seems like the entire renaming is now
done in C and not in the udev rules.
2019-06-03 15:05:12 +02:00
Jörg Thalheim
2a0f85d882
nixos/os-release: add documentation url 2019-06-03 15:05:10 +02:00
Jörg Thalheim
e8e1dc71c5
Merge pull request #62529 from danieldk/remove-btsync-module
nixos/btsync: remove
2019-06-03 13:21:58 +01:00
Alexei Robyn
fd9dec7177 nixos/grub: Add defaultText for font option
Fixes #62602.
2019-06-03 22:19:44 +10:00
Nikolay Amiantov
fa2e4bfb61 nixos/systemd-boot: don't remove directories from EFI dir
This will only result in an error. These directories might be created by, for example, fwupdmgr.
2019-06-03 11:55:48 +03:00
Daniël de Kok
344ccd0d6d nixos/release-notes: mention removal of Bittorrent Sync 2019-06-03 09:18:39 +02:00
Daniël de Kok
c619bbbbef nixos/btsync: remove
Remove the btsync module. Bittorrent Sync was renamed to Resilio Sync in
2016, which is supported by the resilio module. Since Resilio Sync had
some security updates since 2016, it is not safe to run Bittorrent Sync
anymore.
2019-06-03 09:16:13 +02:00
worldofpeace
c6748ef63f
Merge pull request #61746 from abbradar/gnome-pa
nixos/gdm: use Fedora's PulseAudio configuration
2019-06-02 18:16:04 -04:00
Nikolay Amiantov
00972dc89c nixos/gdm: use Fedora's PulseAudio configuration
This is needed to avoid GDM PulseAudio instance acting as a network
source/sink or grabing the A2DP bluetooth sink making A2DP unusable
for any other user. In the future having this fixed in PulseAudio
would be preferred [0]. Current possible upstream fix could be [1].

[0]: https://github.com/NixOS/nixpkgs/pull/61746#issuecomment-493956980
[1]: https://gitlab.freedesktop.org/pulseaudio/pulseaudio/merge_requests/10
2019-06-02 18:01:53 -04:00
Izorkin
5612650767 nixos/nginx: add ipv6 options to resolver 2019-06-02 19:29:30 +00:00
Edmund Wu
3207f7e1ce
compton: try not to conflict wintypes 2019-06-02 14:16:31 -04:00
Aaron Andersen
ce778b8292 nixos: remove duplicate section from release notes 2019-06-02 10:14:16 -04:00
Florian Klink
640afe964e
Barco clickshare (#59891)
Barco clickshare
2019-06-02 12:41:21 +02:00
Matthew Bauer
f21b846afe
Merge pull request #57752 from aanderse/limesurvey
limesurvey: 2.05_plus_141210 -> 3.17.1+190408, init module
2019-06-01 17:31:15 -04:00
Matthew Bauer
002cce23f7
Merge pull request #62050 from aanderse/hydron
nixos/hydron: replace deprecated usage of PermissionsStartOnly
2019-06-01 17:29:24 -04:00
Gabriel Ebner
a40660a6da
octoprint: 1.3.10 -> 1.3.11 (#62321)
octoprint: 1.3.10 -> 1.3.11
2019-06-01 11:27:56 +02:00
Franz Pletz
4bb4df32aa
Merge pull request #62329 from WilliButz/split-prometheus-tests
nixos/tests/prometheus-exporters: split into single tests
2019-05-31 22:58:32 +00:00
Matthew Bauer
f2a8948078 treewide: use buildPackages for config builders
Partially reapplies 35af6e3605

buildPackages need to be used only for image builders.
Otherwise, the bootloader builder may be setup using the wrong arch,
rendering it unusable
2019-05-31 23:27:49 +02:00
Christian Kampka
0d570e020e Revert "treewide: use buildPackages for config builders"
This reverts commit 35af6e3605.
2019-05-31 23:27:49 +02:00
Christian Kampka
fd15f37b37 Revert "extlinux-conf: fix cross compilation"
This reverts commit f17dd04f12.
2019-05-31 23:27:49 +02:00
Florian Klink
b3dd39ca0e
Merge pull request #62325 from grahamc/wireguard-master
wireguard: 0.0.20190406 -> 0.0.20190531 and Change peers without tearing down the interface, handle DNS failures better
2019-05-31 23:17:18 +02:00
Florian Klink
5ea7a3eb21 nixos/mysql: drop services.mysql.pidDir
mysql already has its socket path hardcoded to to
/run/mysqld/mysqld.sock.
There's not much value in making the pidDir configurable, which also
points to /run/mysqld by default.

We only seem to use `services.mysql.pidDir` in the wordpress startup
script, to wait for mysql to boot up, but we can also simply wait on the
(hardcoded) socket location too.

A much nicer way to accomplish that would be to properly describe a
dependency on mysqld.service. This however is not easily doable, due to
how the apache-httpd module was designed.
2019-05-31 22:27:55 +02:00
Florian Klink
edd10c12f7 nixos/mysql: run as mysql user and group
As we don't need to setup data directories from ExecStartPre= scripts
anymore, which required root, but use systemd.tmpfiles.rules instead,
everything can be run as just the mysql user.
2019-05-31 22:27:55 +02:00
Florian Klink
25494cc193 nixos/mysql: reformat, move logical steps into variables
define commands like "waiting for the mysql socket to appear" or "setup
initial databases" in a let expression, so the main control flow becomes
more readable.
2019-05-31 22:27:48 +02:00
Florian Klink
50dda813e2 nixos/mysql: use systemd.tmpfiles to setup dataDir and pidDir
We need to keep using `RuntimeDirectory=mysqld`, which translates to
`/run/mysqld`, as this is used for the location of the file socket, that
could differ with what is configured via `cfg.pidDir`.
2019-05-31 22:20:42 +02:00
WilliButz
7884354c0f
nixos/tests/prometheus-exporters: split into single tests
Generates a set of tests, rather than one large test for all exporters.
2019-05-31 22:02:56 +02:00
Andreas Rammhold
d9238d723b
Merge pull request #62136 from flokli/tmux-tmpdir
tmux module: Fix escaping in TMUX_TMPDIR
2019-05-31 21:42:47 +02:00
Graham Christensen
1de35c7f5e
wireguard: attempt infinity times to resolve a peer 2019-05-31 14:51:31 -04:00
Graham Christensen
dc44fc1760
wireguard: add each peer in a separate service
Before, changing any peers caused the entire WireGuard interface to
be torn down and rebuilt. By configuring each peer in a separate
service we're able to only restart the affected peers.

Adding each peer individually also means individual peer
configurations can fail, but the overall interface and all other peers
will still be added.

A WireGuard peer's internal identifier is its public key. This means
it is the only reliable identifier to use for the systemd service.
2019-05-31 14:51:25 -04:00
WilliButz
ba17b32b43
nixos/prometheus-fritzbox-exporter: update binary name 2019-05-31 18:50:27 +02:00
adisbladis
b19e8388c9
nixos/pulseaudio: Set speex-float-5 as default resample-method
The upstream default (speex-float-1) results in audible artifacts
2019-05-31 16:05:39 +01:00
Klemens Nanni
7f104aa6e2 tmux module: Fix escaping in TMUX_TMPDIR
5404595b55 relocated code but kept
one backslah too many, leading to

	$ tmux
	error creating /run/user/$(id -u)/tmux-1000 (No such file or directory)

/run/user/$UID/ is created by pam_systemd(3) which also populates
XD_RUNTIME_DIR with that value.

Alternatively, TMUX_TMPDIR might simply default to XDG_RUNTIME_DIR
without providing the same directory yet again as default string in
parameter substitution, however such behaviour change is subject to
another patch.

In fact, with `security.polkit.enable = false` systemd_logind(8) fails
to start and /run/user/$UID/ is never created for unprivileged users
in proper login sessions;  XDG_RUNTIME_DIR would consequently not be
set either.

Removing the fallback to /run/user/$UID/ would have caused TMUX_TMPDIR
to be empty, which in turn would lead tmux(1) to use /tmp/.  This
effectively breaks the idea of isolated sockets entirely while hiding
errors from the user.
2019-05-31 15:09:59 +02:00