JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,991 Commits 2 Branches 0 Tags 12 GiB
02e0d7dbc3
Commit Graph

2119 Commits

Author SHA1 Message Date
Peter Simons
00e19c91e5 postfix: add option 'extraMasterConf' to extend the default master.cf file 2012-09-23 12:21:48 +02:00
Peter Simons
b8f09be5e0 Remove service for dovecot version 1.x. 2012-09-22 12:51:58 +02:00
Eelco Dolstra
0bd7bdfe0d Merge branch 'master' of github.com:NixOS/nixos 2012-09-21 11:03:25 -04:00
Eelco Dolstra
600d43ba93 Drop xfce-4.6 compatibility 2012-09-21 11:03:07 -04:00
Peter Simons
4476b875fc Add services.dovecot2.extraConfig option to configure arbitrary settings for which NixOS has no direct support. 2012-09-21 16:04:46 +02:00
Peter Simons
0573c7fcae modules/services/mail/dovecot2.nix: update syntax for SSL config options 2012-09-21 12:29:36 +02:00
Peter Simons
155495deb2 modules/services/mail/dovecot2.nix: accept plain text authentication only over secure channels when TLS is available 
Connects from 'localhost' are always considered secure.
 2012-09-21 12:29:36 +02:00
Peter Simons
1da16a5ea1 modules/services/mail/dovecot2.nix: log via syslog instead of writing a separate file 2012-09-21 12:29:36 +02:00
Eelco Dolstra
d4af6edd5e firewall.nix: Allow specifying trusted network interfaces 
Trusted network interfaces (such as "lo") will accept any incoming
traffic.
 2012-09-20 17:51:44 -04:00
Eelco Dolstra
1e666c10fa Get rid of the last use of mkThenElse 2012-09-20 16:55:32 -04:00
Rickard Nilsson
0de3a0cff3 nscd-invalidate: Invalidate passwd and group databases also 
I had some problems with LDAP user lookups not working properly
at boot. I found that invalidating passwd and group on the
ip-up event (when nscd-invalidate starts) helped a bit.
 2012-09-19 14:30:55 +02:00
Eelco Dolstra
d12dd340b6 firewall.nix: Respect networking.enableIPv6 = false 
Reported-by: Pablo Costa <modulistic@gmail.com>
 2012-09-18 17:20:46 -04:00
Eelco Dolstra
75583c7984 nixos-rebuild: Support --option 2012-09-14 13:23:19 -04:00
Peter Simons
ad65e807bd Add new 'hardware.cpu.amd.updateMicrocode' option. 2012-09-11 18:44:37 +02:00
Ludovic Courtès
f7530dc5ee avahi: Never set host-name' to the empty string in avahi-daemon.conf'. 2012-09-07 10:58:53 +02:00
Rob Vermaas
27880ed729 Change logstash job startOn attribute to include networking 2012-09-06 12:31:15 +02:00
Shea Levy
f701e8d420 d'oh 2012-09-03 12:11:07 -04:00
Shea Levy
4be367ec47 Damn NixOS lack of laziness... 2012-09-03 10:35:45 -04:00
Mathijs Kwik
bce1cdd59c fix kernel 3.4+ early cifs mounting (qemu-vm target) 
kernel 3.4+ needs cifs-utils to mount CIFS filesystems.
the kernel itself (and busybox's cifs mount code) are no longer able
to do this in some/most cases and will error out saying:
"CIFS VFS: connecting to DFS root not implemented yet"

Nixos' qemu-vm target is hurt by this, as it wants to mount /nix/store
via cifs very early in the boot process.

This commit makes sure the initrd for affected kernels is built with
cifs-utils if needed.
 2012-08-30 18:31:45 +02:00
Mathijs Kwik
a502ce1128 networking: add proxy_arp / proxy_ndp options. 
proxy_arp (and proxy_ndp for ipv6) can be turned on on a few
interfaces (at least 2).
This is mainly useful for creating pseudo-bridges between a real
interface and a virtual network such as VPN or a virtual machine for
interfaces that don't support real bridging (most wlan interfaces).
As ARP proxying acts slightly above the link-layer, below-ip traffic
isn't bridged, so things like DHCP won't work. The advantage above
using NAT lies in the fact that no IP addresses are shared, so all
hosts are reachable/routeable.
 2012-08-29 22:59:36 +02:00
Mathijs Kwik
0dd46d1335 networking: add options for configuring virtual devices (tun/tap) 
These are mainly useful for network tunnels (vpn/ipv6) and creating
bridges for virtual machines
 2012-08-29 22:59:36 +02:00
Mathijs Kwik
d106a8a296 logcheck: make sure directories are writable during merge phase 2012-08-29 22:59:28 +02:00
Peter Simons
51e58dafca spamassassin: use a dedicated user for running spamd 2012-08-28 16:27:28 +02:00
Mathijs Kwik
2769f594f3 add logcheck module 2012-08-26 16:04:49 +02:00
Mathijs Kwik
aba9f76105 change permission of /run/lock to allow non-root access to subdirectories 2012-08-26 10:17:22 +02:00
Mathijs Kwik
05262ad35d postfix: allow specifying 'virtual' mappings 
mainly useful for having a few local addresses (me@host.domain.com) while the majority of
addresses are on the domain (you@domain.com)
 2012-08-24 00:27:07 +02:00
Peter Simons
16713db4e2 modules/programs/bash/bashrc.sh: adapt bash completion for version 2.0 of the package 2012-08-20 16:37:14 +02:00
Petr Rockai
5dc8bc5f2a Do not assume that /dev/console can always be written. 2012-08-18 14:29:09 +02:00
Eelco Dolstra
7e99541afe Fix initrd for the latest lvm2 2012-08-16 15:37:13 -04:00
Eelco Dolstra
a025e7e7e2 Provide a common share between VMs to allow easy communication 
Every VM now mounts a common SMB share on /tmp/shared.
 2012-08-16 10:47:33 -04:00
Eelco Dolstra
0e3f03106f postgresql.nix: Add an option for overriding the PostgreSQL package 2012-08-15 17:02:03 -04:00
Peter Simons
a025e848e0 modules/security/sudo.nix: added 'wheelNeedsPassword' option (default: true) 
Change this setting to 'false' to allow users in the 'wheel' group to execute
commands as super user without entering a password.
 2012-08-13 14:37:32 +02:00
Shea Levy
85997a6692 mingetty: Don't make restartIfChanged optional 2012-08-12 11:44:00 -04:00
aszlig
c9e05f1ed8 stage-1: Load boot-time keymap by default. 
This also removes the configuration option, as suggested by @edolstra.
 2012-08-12 16:54:31 +02:00
aszlig
d809a9e6b2 mingetty: Option to not restart on service change. 
This especially annoyed me whenver I was doing nixos-rebuild switch and getting
logged out on all consoles. With this there now is services.mingetty.dontRestart
for heavy VT users to deactivate this behaviour.
 2012-08-12 13:50:50 +02:00
aszlig
eb0b2651b8 stage-1: Add option to load keymap during bootup. 
As non-QWERTY keyboards don't feel so warm and cozy if they hug QWERTY LUKS
password prompts, it was on honor for me to serve King Dvorak XV to fight the
glorious keyboard war against... what?! Yes, I'm awake!

We're fighting with loadkeys to spit out busybox binary keymaps against loadkmap
(loadkeys does have a special target -b for that).

And yep, I'm somewhat abusing preLVMCommands, if someone got issues with that,
feel free to introduce a new substitute in stage-i-init.sh.

Sent from my iPhone
 2012-08-12 13:38:36 +02:00
Shea Levy
15a1efe023 find modules/ -name \*.nix -print0 | xargs -0 sed -i 's/RT73Firmware/RalinkFirmware/g' 2012-08-11 12:34:35 -04:00
Lluís Batlle i Rossell
50350a15f1 Adding a rename line for rt73 -> ralink. 2012-08-11 14:54:43 +02:00
Lluís Batlle i Rossell
9e753f3a46 Removing rt73 module, adding ralink module. 
The rt73 fw were a subset of ralink, and the nixpkgs url
for rt73 didn't work either. Ralink should make any rt73 card work.
 2012-08-11 14:53:34 +02:00
Lluís Batlle i Rossell
746b572ee6 stage2init: fix respecting 'noatime' mount options for / 
We had a "mount -o remount,rw none /" that was setting back 'relatime',
although we had set 'noatime' at initrd mount. Removing the word 'none' fixed
it.

Specifying a device (in this case 'none'), makes mount to forget previous
device options. According to manpage, it says not to read fstab or mtab. But the
effect is that of setting 'relatime', if it was mounted 'noatime.
 2012-08-10 20:51:13 +02:00
Eelco Dolstra
f31ab09b85 Set uniq type on boot.loader.kernelFile 2012-08-09 11:00:35 -04:00
Shea Levy
20d4dee426 The efi boot stub code should only be run if it is enabled 2012-08-09 10:37:43 -04:00
Eelco Dolstra
6b2a14d698 Fix NixOS evaluation 2012-08-09 10:04:25 -04:00
Eelco Dolstra
5ae6385175 qemu-vm.nix: Use ext4 instead of ext3 2012-08-09 10:00:49 -04:00
Shea Levy
da787e3071 efi-boot-stub: List required kernel config 2012-08-08 23:02:46 -04:00
Eelco Dolstra
21da462ad5 Merge pull request #25 from shlevy/required-kernel-config 
Required kernel config
 2012-08-08 10:33:41 -07:00
Shea Levy
c39f493ebb Minor reorganization 2012-08-07 18:09:08 -04:00
Shea Levy
d9c03b6447 The kernel needs swap support if swapDevices are enabled 2012-08-07 17:34:10 -04:00
Shea Levy
d28876ea70 qemu tests use the virtio console to run commands 2012-08-07 17:04:00 -04:00
Shea Levy
9d8ddd90f9 qemu mounts /nix/store via CIFS 2012-08-07 16:44:15 -04:00
Shea Levy
13d8856a4f qemu requires VIRTIO_NET (and dependencies) for virtio networking 2012-08-07 16:25:11 -04:00
Eelco Dolstra
66ff6a382a stage-1-init: Close temporary file descriptor 
Otherwise this fd will be inherited all the way into the Upstart jobs.
 2012-08-07 10:05:33 -04:00
Shea Levy
805d37db48 qemu-vm creates an ext3 filesystem 2012-08-07 07:02:08 -04:00
Shea Levy
0ea2643c63 The initrd mounts some tmpfses 2012-08-07 06:57:01 -04:00
Shea Levy
11e5207a2d qemu requires VIRTIO_BLK (and dependencies) for virtio drives 2012-08-06 17:10:54 -04:00
Shea Levy
64d0069be3 udev requires unix sockets and inotify 2012-08-06 17:02:35 -04:00
Rickard Nilsson
e33dfa936f Use busybox mount instead of klibc nfsmount for nfs mounts in initrd. 2012-08-06 16:25:22 -04:00
Shea Levy
e66bcbd58a The kernel needs SERIAL_8250_CONSOLE when using a real serial port as a console 2012-08-06 08:13:06 -04:00
Shea Levy
1b615f460b Allow overriding all NixOS tests to run with the minimal kernel possible for that test's config(s) (based on requiredKernelConfig) 2012-08-04 09:45:26 -04:00
Peter Simons
d13a3c741a spamassassin: call daemon with complete path 2012-08-03 18:07:06 +02:00
Eelco Dolstra
d5d8acfacd Assign uid/gid 54 to wwwrun 2012-08-03 11:05:25 -04:00
Eelco Dolstra
23cb924fbf Don't try to change the uid/gid of existing users 
Unless we search the entire filesystem to do a chown *and* restart
existing processes owned by that user, there is no sensible way that
we can change uids/gids.  So don't try.
 2012-08-03 11:03:56 -04:00
Eelco Dolstra
0a0c28f812 Revert "Add services.httpd.fixUidAndGid option to assign reliable numeric UID and GID for the Apache user." 
This reverts commit 0ef085d58a.
 2012-08-03 10:52:53 -04:00
Peter Simons
0ef085d58a Add services.httpd.fixUidAndGid option to assign reliable numeric UID and GID for the Apache user. 
The option is disabled by default so that previously existing installations
aren't affected.

If you'd like to migrate to the fixed numeric id for Apache, set "fixUidAndGid
= true", edit the file "/etc/groups" and replace the old GID value with 54.
(NixOS can't do that for you because it refuses to change a GID that identifies
the primary group of a user.) Then run

  find / -xdev -uid $oldUID -exec chown 54 {} +
  find / -xdev -gid $oldGID -exec chgrp 54 {} +

to update ownership of all files that are supposed to be owned by Apache.
 2012-08-03 16:39:55 +02:00
Eelco Dolstra
29f721ba54 Only create the Apache user/group if it's "wwwrun" 2012-08-03 09:35:06 -04:00
Peter Simons
1b249eaf05 Initial version of a SpamAssassin service. 
The configuration is expected to be managed by the user in /etc/spamassassin.
 2012-08-03 15:11:28 +02:00
Eelco Dolstra
1fcef0a0e0 Don't use nixUnstable 2012-08-02 13:31:57 -04:00
Rickard Nilsson
a6039e1be2 LUKS root: Fix key file check 
Check for null instead of empty string
 2012-08-02 11:39:31 +02:00
Rickard Nilsson
0958b224ac LUKS root: Add option for using a key file instead of a passphrase. 2012-08-02 11:30:33 +02:00
Rickard Nilsson
ecdbc94e05 LUKS root: Add option allowDiscards (for SSD disks) 2012-08-02 11:27:28 +02:00
Shea Levy
feb010a366 NixOS kernels should support ELF executables 2012-08-02 00:47:36 -04:00
Shea Levy
3d20a308af tests/minimal-kernel: Add CIFS timeout patch 2012-08-01 23:36:48 -04:00
Shea Levy
9e300052bd Add test to check that a machine with a minimal kernel but all of the requiredKernelConfig options set boots and shuts down 2012-08-01 22:32:16 -04:00
Shea Levy
2a983acaff Enable specifying which kernel config options are needed for a given module 2012-08-01 21:50:43 -04:00
Eelco Dolstra
5f57110e1f install-grub.pl: Fix Xen support 2012-08-01 21:48:29 +02:00
Mathijs Kwik
52fd5ea6ca gogoclient: setup config and dirs on service start, not on system activation 2012-07-31 20:07:05 +02:00
Eelco Dolstra
6576d81ff1 Fix "please: command not found" in switch-to-configuration 2012-07-30 15:19:30 -04:00
Eelco Dolstra
2678ff3726 Use /sys/fs/cgroup instead of /dev/cgroup 2012-07-30 13:49:18 -04:00
Eelco Dolstra
174d6a07e0 Fix whitespace 2012-07-30 13:49:10 -04:00
Eelco Dolstra
a559a2a606 mediawiki.nix: Use the right PHP build 2012-07-30 17:19:23 +02:00
Florian Friesdorf
14a8532ee0 add NIX_CONF_DIR to sudo env_keep variables (suggested by Eelco Dolstra) 
this enables nix-collect-garbage under sudo to respect nix.conf, e.g.:

    gc-keep-outputs = true
    gc-keep-derivations = true
 2012-07-27 12:25:11 +02:00
Peter Simons
e988324534 Use a dedicated user ('named') for BIND instead of running the daemon as super user. 2012-07-27 00:08:41 +02:00
Shea Levy
51765e6333 Merge pull request #20 from chaoflow/setuid-wrapper-newgrp 
add setuid wrapper for newgrp
 2012-07-26 11:11:10 -07:00
Florian Friesdorf
7c1c4c757c add setuid wrapper for newgrp 2012-07-26 16:52:38 +02:00
Eelco Dolstra
16da4a14f1 amazon-image.nix: Don't put any old configurations in the GRUB menu 2012-07-25 16:38:05 -04:00
Eelco Dolstra
557f39aa0f install-grub.pl: Apply the configuration limit only to old generations 2012-07-25 16:37:29 -04:00
Eelco Dolstra
8cae5e5782 Remove jfsrec from the minimal CD because it pulls in Boost 2012-07-25 11:39:41 -04:00
Eelco Dolstra
b52117c34d Treat init-script as a boot loader 2012-07-25 11:30:16 -04:00
Eelco Dolstra
8b91a5f2ff Move boot loader modules to modules/system/boot/loader 2012-07-25 10:59:03 -04:00
Eelco Dolstra
b15e1fbb08 Boot loader refactoring 
- Renamed system.build.menuBuilder to system.build.installBootLoader.

- ‘install-grub.pl’ (formerly grub-menu-builder.pl) now generates the
  GRUB menu *and* installs GRUB (if necessary).

- ‘switch-to-configuration.sh’ has no boot loader specific knowledge
  anymore.  It just calls installBootLoader.
 2012-07-25 10:47:32 -04:00
Eelco Dolstra
1b743526bd grub.nix: Handle null values 
http://hydra.nixos.org/build/2894714
 2012-07-25 09:27:51 -04:00
Eelco Dolstra
be4c4d79cf grub-menu-builder: GRUB now installs unicode.pf2 automatically 2012-07-24 22:37:16 -04:00
Eelco Dolstra
a0721ad2b3 stage-1-init: Use mount --move to move /sys etc. to the target root 
This fixes warnings about /sys/kernel/security during shutdown and
cleans up /proc/mounts.
 2012-07-24 22:04:28 -04:00
Eelco Dolstra
fb15b1894e Add missing progress message 2012-07-24 19:27:16 -04:00
Eelco Dolstra
f0c82f4543 Pass the ‘--recheck’ flag to grub-install 2012-07-24 19:22:19 -04:00
Eelco Dolstra
f07f221f0e Replace grub-menu-builder with a much faster version 
The old GRUB menu builder script is quite slow, typically taking
several seconds.  This is a real annoyance since it's run every time
you switch to a new configuration.  Therefore this patch replaces the
Bash script with a much faster Perl script.  In a VirtualBox test, the
execution time went from 2.7s to 0.1s.  The Perl version is also more
correct because it uses XML to get the GRUB configuration (through
builtins.toXML), so there are no shell escaping issues.

The new script currently lacks support for subconfigurations defined
through "nesting.children".
 2012-07-24 19:16:27 -04:00
Eelco Dolstra
b3b6b8ad60 virtualbox-image.nix: VirtualBox disks are /dev/sda, not /dev/vda 2012-07-24 19:07:03 -04:00
Phreedom
cb063afcbf F-Prot virus signaure database updater: package 2012-07-24 10:52:04 +03:00
Shea Levy
0f65521df2 Merge pull request #17 from MarcWeber/fix-init-script-builder 
fix init-script-builder
 2012-07-23 17:44:37 -07:00
Peter Simons
e8e19bbb1f modules/services/web-servers/apache-httpd: rename 'apacheHttpd' option to 'package' 2012-07-24 01:01:48 +02:00