Commit Graph

9580 Commits

Author SHA1 Message Date
talyz
513599a6d7
nixos/keycloak: Init 2020-10-27 19:01:26 +01:00
WORLDofPEACE
ace69f768b Revert "nixos/pantheon: install nixos wallpaper"
This reverts commit 5100e4f250.

Fixes https://github.com/NixOS/nixpkgs/issues/100293
Though it's only a workaround for now.
See https://github.com/elementary/switchboard-plug-pantheon-shell/issues/246#issuecomment-716713218
We trigger the broken scenario where we have two subdirectories. Reverting
that commit undoes this.
2020-10-26 13:45:19 -04:00
rnhmjoj
9e04bba0af nixos/dnscrypt-wrapper: fix key rotation script
Fix an error in the validation code when the public key is in a
nonstandard location. The check command fails and the key is
incorrectly assumed to be expiring.
2020-10-26 13:07:49 +01:00
Jörg Thalheim
dfaa313d43
Merge pull request #101737 from aneeshusa/nginx-allow-unsetting-ssl_ciphers
nixos/nginx: Allow unsetting ssl_ciphers
2020-10-26 06:41:19 +01:00
Aneesh Agrawal
924035bb97 nixos/nginx: Allow unsetting ssl_ciphers
When using the Modern config from the Mozilla SSL config generator,
the `ssl_ciphers` parameter does not need to be set
as only TLSv1.3 is permitted and all of its ciphers are reasonable.
2020-10-26 00:35:29 -04:00
Jörg Thalheim
b7a2a5f967
nixos/nextcloud: fix several php endpoints 2020-10-26 05:06:43 +01:00
Klemens Nanni
0b8a6e787c
nixos/avahi: Enable IPv6 by default
Treat it the same as IPv4 (I'm tempted to disable IPv4 by default);
this is the only option I still need to set manually to enjoy IPv6-only
networks including printer discovery!
2020-10-26 04:06:26 +01:00
WORLDofPEACE
4d71306596
Merge pull request #101516 from worldofpeace/gnome-polishing
GNOME polishing from Q.A findings
2020-10-25 18:41:34 -04:00
Benjamin Hipple
f98312fcb5
Merge pull request #79759 from lopsided98/syncoid-no-root
nixos/syncoid: automatically setup privilege delegation
2020-10-25 10:40:33 -04:00
Felix Tenley
542f75079b nixos/mosquitto: add passwordFile and hashedPasswordFile options 2020-10-25 10:53:38 +01:00
Vladimír Čunát
2f6b00b15e
Merge branch 'staging-next' into staging 2020-10-25 09:47:04 +01:00
Gabriel Ebner
a8a018ddc0
Merge pull request #101409 from rycee/dbus-warning 2020-10-25 09:16:28 +01:00
Aaron Andersen
a160fa008d
Merge pull request #100063 from aanderse/nixos/powerdns
nixos/powerdns: use upstream systemd unit
2020-10-24 18:47:43 -04:00
Andreas Rammhold
250fb4611f
Merge pull request #100456 from maralorn/boolToString
treewide: De-inline uses of lib.boolToString
2020-10-25 00:45:11 +02:00
Robert Helgesson
94819fdb5f
nixos/dbus: re-add a dummy socketActivated option
If set, then issue a warning instead of an error as previously.
2020-10-24 23:01:00 +02:00
Aaron Andersen
4f5d3794d3 nixos/powerdns: use upstream systemd unit 2020-10-24 16:40:20 -04:00
WORLDofPEACE
6bc94d149b
Merge pull request #101563 from worldofpeace/fix-pantheon-greeter-brightness
nixos/lightdm: make lightdm user shell bash
2020-10-24 11:56:34 -04:00
WORLDofPEACE
ef803ab1bb
Merge pull request #100199 from worldofpeace/seeded-config
nixos/tools: add desktopConfiguration option (to seed configuration into configuration.nix)
2020-10-24 11:35:33 -04:00
WORLDofPEACE
c134f6443a nixos/lightdm: make lightdm user shell bash
In https://github.com/NixOS/nixpkgs/issues/100119 pantheon's greeter
has g-s-d running which allows brightness controls via pkexec.
This is changed in newer versions of g-s-d (pantheon uses a fork currently),
but whenever brightness is changed with a shell of `shadow` we get
```
Oct 10 23:51:44 kirXps pkexec[18722]: lightdm: Executing command [USER=root] [TTY=unknown] [CWD=/var/lib/lightdm] [COMMAND=/run/current-system/sw/bin/elementary-settings-daemon/gsd-backlight-helper /sys/devices/pci0000:00/0000:00:02.0/drm/card0/card0-eDP-1/intel_backlight 65587]
```

I'm not sure this should be strictly needed, so we should try to
revert later on when pantheon's g-s-d is updated.
2020-10-24 11:28:18 -04:00
WORLDofPEACE
7df6af303e nixos/gnome3: add gnome-calendar to favorites 2020-10-24 11:14:41 -04:00
WORLDofPEACE
9cee7772e6 nixos/gnome3: add favoriteAppsOverride option
Rather messy and only needed for the installation cd, so it's
an internal option.
2020-10-24 11:14:22 -04:00
WORLDofPEACE
d89deddd5d nixos/flatpak: introduce guiPackages
This adds basically an indirection to systemPackages
to automatically install an interface for flatpak for their respective
environments. e.g if I enable pantheon and flatpak you'll get appcenter,
and on gnome you'll see gnome-software.

https://github.com/NixOS/nixpkgs/issues/99648#issuecomment-706691174
2020-10-24 11:14:02 -04:00
WORLDofPEACE
b1587f9e19 nixos/gnome3: don't ship gnome-software
This serves no purpose without flatpak https://github.com/NixOS/nixpkgs/issues/99648#issuecomment-706691174
2020-10-24 11:14:01 -04:00
WORLDofPEACE
70dc25abd9 nixos/gnome3: don't put epiphany in favorite apps 2020-10-23 20:20:07 -04:00
Jan Tojnar
61afd7f80e
tracker_2: drop
It does not seem to work and only semi-broken apps like Books and Documents depend on it.
2020-10-24 01:18:49 +02:00
Jan Tojnar
4dd2437068
gnome-photos: use Tracker 3 2020-10-24 01:18:48 +02:00
Jan Tojnar
20e21721c8
gnome3: do not use alias for gnome-photos 2020-10-24 01:18:48 +02:00
Jan Tojnar
87e3d553cf
gnome-photos: 3.37.2 → 3.38.0
https://ftp.gnome.org/pub/GNOME/sources/gnome-photos/3.37/gnome-photos-3.37.91.news
https://ftp.gnome.org/pub/GNOME/sources/gnome-photos/3.37/gnome-photos-3.37.91.1.news
https://ftp.gnome.org/pub/GNOME/sources/gnome-photos/3.38/gnome-photos-3.38.0.news
2020-10-24 01:18:48 +02:00
Jan Tojnar
ea1923841a
nixos/gnome3: re-add tracker 2 dbus services
They are still needed by Photos, Books and Documents.
2020-10-24 01:18:48 +02:00
Jan Tojnar
d1eeb643e2
gnome3.mutter: 3.38.0 → 3.38.1
https://ftp.gnome.org/pub/GNOME/sources/mutter/3.38/mutter-3.38.1.news

It requires some udev rules on some devices.
2020-10-24 01:18:01 +02:00
WORLDofPEACE
e1317b8b7b
nixos/telepathy: add sessionPath 2020-10-24 01:17:29 +02:00
WORLDofPEACE
9c9e519318
nixos/gnome3: add core-developer-tools
See these issues/PRs in gnome-build-meta:
https://gitlab.gnome.org/GNOME/gnome-build-meta/-/merge_requests/588
https://gitlab.gnome.org/GNOME/gnome-build-meta/-/issues/143

I'm unsure if devhelp gets API docs in a straightforward way in NixOS.
2020-10-24 01:17:29 +02:00
WORLDofPEACE
11d6c2fb35
nixos/gnome3: long lists 2020-10-24 01:17:28 +02:00
WORLDofPEACE
cd48c50e35
nixos/gnome3: update links 2020-10-24 01:17:28 +02:00
WORLDofPEACE
0b767c8b3d
nixos/gnome3: add gnome-connections to core-utilities
When we redid the default apps we didn't add gnome-boxes for
rdp/vnc. (plus it doesn't really work well in nixos). With gnome-connections
we can now have this functionality, as file sharing is a default function
in g-c-c Sharing.
2020-10-24 01:17:27 +02:00
Piotr Bogdan
f1f85419d2
nixos/gdm: add gdm to systemd.packages
GDM now provides gnome-session@gnome-login.target.d/session.conf though I'm not even sure if it's needed.
2020-10-24 01:15:14 +02:00
Doron Behar
c90450014f
Merge pull request #101480 from Flakebi/salt 2020-10-24 01:31:41 +03:00
Jan Tojnar
3a73543401
Merge pull request #93725 from nglen/pipewire 2020-10-24 00:05:33 +02:00
WilliButz
993437d0d6
Merge pull request #96511 from Zopieux/rtl_433_prom
Add rtl_433 Prometheus exporter
2020-10-23 23:24:38 +02:00
Nathaniel Glen
57510bf522 pipewire: cleanup path testing 2020-10-23 16:35:48 -04:00
Alexandre Macabies
121bc17ab9 nixos/prometheus-rtl_433-exporter: new module 2020-10-23 20:33:42 +02:00
Nathaniel Glen
f6745d06f5 nixos/pipewire: cleanup module 2020-10-23 13:51:41 -04:00
Flakebi
e0ea4826f4
salt: remove aneeshusa and add Flakebi as maintainer 2020-10-23 19:48:48 +02:00
WORLDofPEACE
b44e32988c
Merge pull request #101274 from worldofpeace/gnome-logout-button
nixos/display-managers: add sessionData.desktops to XDG_DATA_DIRS
2020-10-23 11:46:46 -04:00
Maximilian Bosch
98170761a8
Merge pull request #101222 from omasanori/ssh-kex
nixos/sshd: update kexAlgorithms, fix links
2020-10-22 13:27:47 +02:00
Eelco Dolstra
05bdfd6f2f
Merge pull request #98973 from Ma27/bump-hydra
hydra-unstable: 2020-09-02 -> 2020-10-20
2020-10-22 12:01:13 +02:00
symphorien
9e8eaea484
nixos/sslh: fix usage of the now removed ssl probe (#101087)
and document
2020-10-21 21:34:35 +02:00
WORLDofPEACE
755ba171c7 nixos/display-managers: add sessionData.desktops to XDG_DATA_DIRS
Fixes #100108

Alternative to https://github.com/NixOS/nixpkgs/pull/100112 which doesn't break stuff.
2020-10-21 14:39:39 -04:00
Maximilian Bosch
1308817e05
nixos/hydra: remove hydra-migration upgrade path
This should NOT be backported to 20.09!

When 21.03 is released, the DB changes are about a year old and
operators had two release cycles for the upgrade. At this point it
should be fair to remove the compat layer to reduce the complexity of
the module itself.
2020-10-21 18:03:04 +02:00
Izorkin
d59bfded58
nixos/dhcpcd: if disabled IPv6 don't solicit or accept IPv6 2020-10-21 14:56:08 +03:00
Martin Weinelt
c821e0d4be nixos/babeld: lock down service
→ Overall exposure level for babeld.service: 2.2 OK 🙂
2020-10-21 12:26:02 +02:00
Masanori Ogino
8875db4976 nixos/sshd: update kexAlgorithms, fix links
The `curve25519-sha256` key exchange method is defined in RFC 8731 that
is identical to curve25519-sha256@libssh.org. OpenSSH supports the
method since version 7.4, released on 2016-12-19. It is literally a
violation of the "both in Secure Secure Shell and Mozilla guidelines"
rule, but it provides essentially the same but a future-proof default.

Also, links to the Mozilla OpenSSH guidelines are updated to refer to
the current place.

Signed-off-by: Masanori Ogino <167209+omasanori@users.noreply.github.com>
2020-10-21 07:39:50 +09:00
Florian Klink
6e5ccaa34f
Merge pull request #100657 from flokli/network-manager-sstp
networkmanager-sstp: init at unstable-2020-04-20, bump sstp from 1.0.12 to 1.0.13
2020-10-21 00:33:13 +02:00
Florian Klink
72cd3086cc networkmanager-sstp: init at unstable-2020-04-20 2020-10-21 00:02:18 +02:00
Kevin Cox
e25cd7827e
Merge pull request #98176 from minijackson/jellyfin-systemd-security
nixos/jellyfin: add some systemd security options
2020-10-20 16:44:32 -04:00
Minijackson
4e51247318
nixos/jellyfin: add some systemd security options 2020-10-20 21:09:28 +02:00
midchildan
e2a3a02b9b
epgstation: 1.7.4 -> 1.7.5 2020-10-21 00:05:48 +09:00
midchildan
323b47d96e
epgstation: add updateScript 2020-10-20 23:18:03 +09:00
Jörg Thalheim
46bd18fff6
Merge pull request #99541 from acelpb/jenkins
nixos/jenkins: switch to openjdk11 as openjdk14 is not supported
2020-10-19 19:50:20 +02:00
V
580f0faa75 nixos/caddy: remove services.caddy.agree
This option is no longer referenced anywhere as of #99371.
2020-10-19 14:29:48 +02:00
Aaron Andersen
5265d49a36
Merge pull request #100892 from aanderse/pdns-recursor
nixos/pdns-recursor: use upstream systemd unit
2020-10-18 20:13:06 -04:00
Aaron Andersen
6c39180b37 nixos/pdns-recursor: declare module user as system user 2020-10-18 08:15:29 -04:00
Aaron Andersen
1627bef9c1 nixos/pdns-recursor: use upstream systemd unit 2020-10-18 08:15:29 -04:00
Dustin Frisch
762ca640c4
nixos/nginx: Do not remove headers while proxying
Removing the `Accept-Encoding` header breaks applications which may
produce already compressed content.

Removing this header is staded in the nginx docs but is ment as an
example, not as an recomendation.
2020-10-16 12:50:52 +02:00
ajs124
7ce8117238
Merge pull request #100604 from helsinki-systems/fix/icingaweb2
nixos/icingaweb2: Fix php packages
2020-10-15 19:18:53 +02:00
Janne Heß
e2da1219d4
nixos/icingaweb2: Fix php packages 2020-10-15 16:16:33 +02:00
Jan Tojnar
2a4607f442
Revert "nixos/display-managers: install sessionData.desktops"
This reverts commit 3cd2b59b8c.

It created infinite recursion when using LXQt, since lxqt module
uses `config.system.path` in `services.xserver.desktopManager.session`.
`config.system.path` is a `buildEnv` that depends on `environment.systemPackages`.
2020-10-15 07:32:08 +02:00
Malte Brandy
cebf9198f3
treewide: De-inline uses of lib.boolToString
This commit should not change eval results
2020-10-14 01:46:17 +02:00
Frederik Rietdijk
9e1943edc0 Merge master into staging-next 2020-10-13 19:34:34 +02:00
Lassulus
53f810cb4b
Merge pull request #100141 from xaverdh/xmonad-correct-path
xmonad: put the correct xmonad binary in PATH
2020-10-13 19:01:56 +02:00
WORLDofPEACE
99d5111246 nixos/tools: add desktopConfiguration option
We now have a GNOME ISO so it would be nice to seed that one
with configuration on how to enable it.
2020-10-12 22:03:16 -04:00
Florian Klink
399a2ab954
Merge pull request #98917 from lovesegfault/klipper-init
klipper: init at 0.8.0
2020-10-13 00:20:24 +02:00
Michele Guerini Rocco
9b6fc07d15
Merge pull request #100060 from aanderse/dnsdist
nixos/dnsdist: use upstream systemd unit
2020-10-12 21:20:33 +02:00
Dominik Xaver Hörl
7389407490 nixos/xmonad: add lassulus and xaverdh as maintainers 2020-10-12 21:00:43 +02:00
Aaron Andersen
f4ff303c3b nixos/dnsdist: use upstream systemd unit 2020-10-12 12:17:11 -04:00
Dominik Xaver Hörl
206c668d7f nixos/xmonad: improve module docs 2020-10-12 14:48:07 +02:00
Bernardo Meurer
97eadef0c3
nixos/klipper: init 2020-10-11 15:55:50 -07:00
Florian Klink
a6fec75d04
Merge pull request #93426 from helsinki-systems/feat/gitlab-pages
nixos/gitlab: Support pages
2020-10-11 23:50:19 +02:00
Ben Wolsieffer
8294af0284 nixos/avahi: fix nss module
mdns_minimal must be placed before resolve in nsswitch.conf
2020-10-11 20:15:13 +02:00
Simon Pettersson
b2efedd5e5 nixos/xserver: fix xkbvalidate for cross compiling.
xserver uses the wrong version of xkbvalidate, the one from
buildPackages should be used or else the resulting xkbvalidate binary is
compiled for the target architecture.
2020-10-11 20:08:57 +02:00
Ryan Mulligan
8ebf265923
Merge pull request #86404 from nuxeh/nuxeh/domoticz-init-2020.2
domoticz: init at 2020.2
2020-10-11 05:59:28 -07:00
Ryan Mulligan
4a3fe8d306 nixos/domoticz: use DynamicUser and StateDirectory 2020-10-11 11:15:56 +01:00
WORLDofPEACE
13b192749c nixos/gnome3: don't install epiphany default
See https://github.com/NixOS/nixpkgs/issues/98819
2020-10-10 22:12:59 -04:00
Dominik Xaver Hörl
67eb45ddce xmonad: put the correct xmonad binary in PATH 2020-10-10 13:20:04 +02:00
Vladimír Čunát
338b25697c
Merge branch 'master' into staging-next
Quite many rebuilds from master:
> Estimating rebuild amount by counting changed Hydra jobs.
>    3926 x86_64-darwin
>    4645 x86_64-linux
2020-10-10 11:32:10 +02:00
WORLDofPEACE
7a2eccfab0
Merge pull request #100112 from worldofpeace/fix-gnome-logout-multisession
nixos/display-managers: install sessionData.desktops
2020-10-09 19:31:05 -04:00
WORLDofPEACE
3cd2b59b8c nixos/display-managers: install sessionData.desktops
Fixes https://github.com/NixOS/nixpkgs/issues/100108
2020-10-09 18:38:16 -04:00
Frederik Rietdijk
ec28e32c9e Merge master into staging-next 2020-10-08 21:47:26 +02:00
Timo Kaufmann
a4cde0f969 nixos/mediatomb: fix doc errors
Follow-up to #93450 to fix the manual build.
2020-10-08 16:04:11 +02:00
Timo Kaufmann
19ac436cf5
Merge pull request #93450 from ardumont/gerbera-service
mediatomb: Improve service + add gerbera support and tests
2020-10-08 14:20:07 +02:00
Linus Heckemann
3e3f81aeac
Merge pull request #99658 from Ma27/nextcloud-copy-fix
nixos/nextcloud: fix nginx config to allow copy/move-operations again
2020-10-08 09:35:32 +02:00
Antoine R. Dumont (@ardumont)
3248506a00
mediatomb/gerbera: Improve firewall rules and open firewall option
This changes the default behavior which opened by default the firewall rules.
The users now need to declare explicitely they want to open the firewall.
2020-10-08 08:59:49 +02:00
Antoine R. Dumont (@ardumont)
86e56d5322
mediatomb/gerbera: Add missing types to options
This also fixes some various small limitations:
- Drop unnecessary quoting
- Drop duplicated gerbera interface definition
- Fix configuration indentation
2020-10-08 08:59:48 +02:00
Antoine R. Dumont (@ardumont)
fcb38d6773
mediatomb/gerbera: Make the actual configuration generation lazy
Also use verbose flag in cli command to make the intent clearer.
2020-10-08 08:59:48 +02:00
Antoine R. Dumont (@ardumont)
de838249c7
mediatomb/gerbera: Introduce the mediaDirectories option
So users can declare their autoscan directories configuration from nix.
2020-10-08 08:59:48 +02:00
Antoine R. Dumont (@ardumont)
96d1844746
mediatomb/gerbera: Introduce the pcDirectoryHide option 2020-10-08 08:59:48 +02:00
Antoine R. Dumont (@ardumont)
1db9813dd3
mediatomb/gerbera: Make transcoding option lazy and runnable if activated
In the sense that the pkgs dependency will be pulled if the service is
transcoding enabled. Otherwise, the transcoding part is completely dropped from
the generated configuration.
2020-10-08 08:59:48 +02:00
Edward Tjörnhammar
3bb5cc6849
mediatomb: make service compatible with the gerbera fork
The duplication of the interface xml tag is needed for
the daemon to respect the setting.
2020-10-08 08:59:47 +02:00
markuskowa
d8d52410a7
Merge pull request #100053 from markuskowa/upd-snapper
nixos/snapper: 0.8.12 -> 0.8.14
2020-10-09 00:05:27 +02:00
Silvan Mosberger
6ee8491cb1
Merge pull request #99520 from endgame/ssm-agent-user-fix
ssm-agent: fix bad user declaration
2020-10-08 23:28:13 +02:00
Markus Kowalewski
90aa6c93e2
nixos/snapper: add snapperd dbus service
Since snapper 0.8.13 a systemd service is required for DBus activation.
2020-10-08 23:17:44 +02:00
Jan Tojnar
00e3a3a855
Merge pull request #99601 from jtojnar/blackfire-agent 2020-10-07 19:02:11 +02:00
Linus Heckemann
8e2796d64a
Merge pull request #99934 from mayflower/murmur-env
nixos/murmur: add option `environmentFile` for injecting secrets
2020-10-07 13:56:32 +02:00
elseym
533560de5b
nixos/murmur: add option environmentFile for injecting secrets
Secrets are injected from the environment into the rendered
configuration before each startup using envsubst.
The test now makes use of this feature for the server password.
2020-10-07 13:35:50 +02:00
Vladimír Čunát
420f89ceb2
Revert "apparmor: fix and improve the service"
This reverts commit fb6d63f3fd.

I really hope this finally fixes #99236: evaluation on Hydra.
This time I really did check basically the same commit on Hydra:
https://hydra.nixos.org/eval/1618011

Right now I don't have energy to find what exactly is wrong in the
commit, and it doesn't seem important in comparison to nixos-unstable
channel being stuck on a commit over one week old.
2020-10-07 12:22:18 +02:00
Robert Hensing
0504b01100
Merge pull request #98107 from roberth/cassandra-add-extraEnvSh
nixos/cassandra: Add cfg.extraEnvSh
2020-10-07 11:28:39 +02:00
Jan Tojnar
991a67d453
nixos/blackfire: init 2020-10-07 10:44:54 +02:00
Linus Heckemann
41c0f49681
Merge pull request #99596 from Ma27/nextcloud20
nextcloud20: init
2020-10-07 08:10:38 +02:00
Jack Kelly
0d417929bf ssm-agent: fix bad user declaration 2020-10-07 09:36:21 +10:00
Maximilian Bosch
9cbe30e129
nixos/nextcloud: --database-pass must not be empty for pgsql/mysql
This is a breaking change from `nextcloud20`. However, the affected test
is still passing with an unused database password and socket
authentication.
2020-10-06 20:22:48 +02:00
Maximilian Bosch
227ba90b28
nixos/nextcloud: update nginx config for nextcloud20
See #97666 for further context.
2020-10-06 20:22:47 +02:00
Maximilian Bosch
5f67a62d59
nixos/nextcloud: update upgrade-path for nextcloud20
Please note that this is only for 21.03 since `nextcloud19` is intended
to be the default for the already feature-frozen 20.09 (the bump itself
is supposed to get backported however).
2020-10-06 20:22:47 +02:00
Frederik Rietdijk
692d219a93 Merge staging-next into staging 2020-10-06 10:25:58 +02:00
WORLDofPEACE
89281dd1df
Merge pull request #98510 from mvnetbiz/gnome3-excludepackages
nixos/gnome3: don't enable modules for excludePackages
2020-10-06 01:19:04 -04:00
WORLDofPEACE
d83e5a1ff6
Merge pull request #99697 from worldofpeace/rt-sched-optional-and-off-by-default
nixos/gnome3: add realtime-scheduling option
2020-10-06 16:30:27 -04:00
adisbladis
f26d6639f2
Merge pull request #99693 from worldofpeace/spectacle-in-plasma5-default
nixos/plasma5: add spectacle default
2020-10-06 15:22:31 +02:00
WORLDofPEACE
afdeb406b0 nixos/gnome3: fixup unconditional code 2020-10-06 07:37:47 -04:00
WORLDofPEACE
656cd70ea8 nixos/gnome3: add realtime-scheduling option
This adds an option services.gnome3.experimental-features.realtime-scheduling
See this comment for the motivation [0].
Having gnome-shell launched with capability seemed harmless at first,
but it caused these issues [1] [2] for people who aren't even using
the feature. It makes more sense to make this optional.

[0]: https://github.com/NixOS/nixpkgs/issues/90201#issuecomment-683304279
[1]: https://github.com/NixOS/nixpkgs/issues/90201
[2]: https://github.com/NixOS/nixpkgs/issues/86730
2020-10-06 01:58:51 -04:00
WORLDofPEACE
55bc3e44b7 nixos/plasma5: add spectacle default
Fixes https://github.com/NixOS/nixpkgs/issues/99680.

In the future I think it would be nice if plasma5 could assume
an approach for an interface we have in the gnome3 module [0].
Notably being able to exclude packages with an option from
the default environment and having a default environment that
is useful to the average user. See [1], currently plasma5 defaults
are very "hard core hacker" with the most bare bones setup.

[0]: https://github.com/NixOS/nixpkgs/issues/67310
[1]: https://github.com/NixOS/nixpkgs/issues/67310#issuecomment-524649585
2020-10-06 01:25:22 -04:00
Léo Gaspard
e0c48efc17
matrix-synapse module: fix documentation and add release notes (#99564) 2020-10-05 23:35:28 +02:00
Maximilian Bosch
609c4f497d
nixos/nextcloud: fix nginx config to allow copy/move-operations again 2020-10-05 22:25:30 +02:00
Michele Guerini Rocco
04670f8b3d
Merge pull request #96697 from hir12111/fix-font-dir
fontdir: Consider scalable fonts in index fonts.dir
2020-10-05 21:20:06 +02:00
Maximilian Bosch
71098fba81
nextcloud20: init 2020-10-04 21:55:58 +02:00
rnhmjoj
eda7e23ea4 nixos/fontdir: add the directory to the xserver font paths 2020-10-04 14:56:29 +01:00
rnhmjoj
1fdd3921a2 nixos/xserver: add option to configure the "Files" section 2020-10-04 14:56:29 +01:00
Maximilian Bosch
08cc63b20b
Merge pull request #97666 from Ma27/nextcloud-nginx
nixos/nextcloud: fix `nginx`-config for Nextcloud 19 and older
2020-10-04 13:51:52 +02:00
Augustin Borsu
685ae84cb0 nixos/jenkins: switch to openjdk11 as openjdk14 is not supported 2020-10-04 11:45:02 +02:00
Doron Behar
9544c6078e
Merge pull request #96672 from doronbehar/module/samba
nixos/samba: remove upstream deprecated syncPasswordsByPam option
2020-10-04 11:29:56 +03:00
Martin Weinelt
23c1374bd7
Merge pull request #90067 from mmilata/sympa-6.2.56
nixos/sympa: fix PATH_INFO splitting for sympa-6.2.56
2020-10-04 04:33:41 +02:00
Gabriel Ebner
f26dcb4850
Merge pull request #93201 from symphorien/dovecot-namespace-mailbox
nixos/dovecot: configure mailboxes for all processes
2020-10-03 14:46:40 +02:00
Jonas Meurer
07988a0f88
nixos/moodle: add missing PHP module (#99163) 2020-10-03 11:41:56 +02:00
Anderson Torres
26108ada86
Merge pull request #99371 from zowoq/rm-caddy1
caddy1: remove
2020-10-02 20:49:50 -03:00
WORLDofPEACE
bd52e7f8d3
Merge pull request #99039 from worldofpeace/dnscrypt-proxy2-harden
nixos/dnscrypt-proxy2: harden and improve service
2020-10-02 11:48:58 -04:00
zowoq
8f74e9e905 nixos/caddy: remove caddy1 2020-10-02 23:50:59 +10:00
Andreas Rammhold
66c3ba64b8
Merge pull request #99340 from andir/nftables-fix-iptables-conflict-errormsg
nftables: Warn about correct firewall setting
2020-10-02 11:13:26 +02:00
Klemens Nanni
fb13347d2a nixos/plasma5: Enable browser integration
This option is not documented anywhere and while it may be set
in configuration.nix to enable integration, having it on by
default when using both plasma and firefox is a great convenience;
just like all other desktop environments do it already.
2020-10-02 13:07:09 +08:00
WORLDofPEACE
332dcda646
Merge pull request #98996 from NixOS/worldofpeace-patch-1
nixos/dnscrypt-proxy2: version the example file
2020-10-02 00:32:45 -04:00
Matt Votava
bc970e94e7 nixos/gnome3: don't enable modules for excludePackages 2020-10-02 00:24:24 -04:00
WORLDofPEACE
6e7e633a54 nixos/dnscrypt-proxy2: harden and improve service 2020-10-02 00:00:22 -04:00
Klemens Nanni
e438d4a04f
nftables: Warn about correct firewall setting
services.networking.firewall might have existed during import of this
module in 2016, but it is unknown as of today.

Point to the proper boolean knob to avoid confusion.
2020-10-02 00:25:57 +02:00
Sumner Evans
8c72cf16fa
nixos/redshift: add executable option
Added ability to configure the executable that the redshift service
uses.
2020-09-30 17:00:38 -06:00
Maximilian Bosch
6148b0e59f
Merge pull request #99079 from mayflower/openvpn-exporter-upstream
nixos/prometheus-exporters/openvpn: init
2020-09-30 15:37:03 +02:00
Linus Heckemann
a560936cab nixos/prometheus-exporters/openvpn: init
Co-Authored-By: Franz Pletz <fpletz@fnordicwalking.de>
Co-Authored-By: Robin Gloster <mail@glob.in>
2020-09-29 10:53:04 +02:00
Linus Heckemann
2c1e72ee6a prometheus exporters: always set user and group
systemd.exec(5) on DynamicUser:
> If a statically allocated user or group of the configured name
> already exists, it is used and no dynamic user/group is allocated.

Using DynamicUser while still setting a group name can be
useful for granting access to resources that can otherwise only be
accessed with entirely static IDs.
2020-09-29 10:53:04 +02:00
Emery Hemingway
e7d0500cb3 nixos/rsyncd: convert module to an INI generator 2020-09-29 08:07:53 +02:00
Jan Tojnar
32b4375f10
Merge branch 'staging-next' into staging 2020-09-29 00:12:29 +02:00
Emery Hemingway
9fa50bea78 nixos/molly-brown: refactor module to use a TOML generator 2020-09-28 14:38:31 +02:00
WORLDofPEACE
46e5b14b4a
nixos/dnscrypt-proxy2: version the example file
I've frequently used the master version that has non backwards compatible keys.
2020-09-28 06:28:12 -04:00
WilliButz
e736a990c1
Merge pull request #98746 from mayflower/postfix-exporter-group
prometheus postfix exporter: misc
2020-09-27 22:37:38 +02:00
Maximilian Bosch
71426f2cfa
Merge pull request #98333 from Ma27/bump-nextcloud
nextcloud: 19.0.1 -> 19.0.3, deprecate/remove older versions
2020-09-27 20:02:38 +02:00
Maximilian Bosch
6b48deee54
nixos/nextcloud: drop nextcloud17, deprecate nextcloud18
Both packages will get EOLed within the lifetime of 20.09. `nextcloud17`
can be removed entirely (the attribute-path is kept however to provide
meaningful errors), however `nextcloud18` must be kept as `insecure` to
make sure that users from `nextcloud17` can properly upgrade to
`nextcloud19` on NixOS 20.09.
2020-09-27 19:21:21 +02:00
Michael Raskin
31a4e2e28b
Merge pull request #93457 from ju1m/apparmor
apparmor: fix and improve the service
2020-09-27 13:07:38 +00:00
Aaron Andersen
1032e90b52
Merge pull request #97390 from axelf4/picom-experimentalBackends-option
nixos/picom: add experimentalBackends option
2020-09-26 14:03:31 -04:00
Florian Klink
8d52cf501f nixos/datadog: Don't recommend dd_url for sites, add proper option
Turns out, `dd_url` should only be used in proxy scenarios, not to point
datadog to their EU endpoint - `site` should be used for that.

The `dd_url` setting doesn't affect APM, Logs or Live Process intake
which have their own "*_dd_url" settings.
2020-09-25 22:30:55 +02:00
Andreas Rammhold
bb33cdd44b
Merge pull request #98738 from mayflower/prometheus-retention
nixos/prometheus: add retentionTime
2020-09-25 17:11:27 +02:00
Linus Heckemann
edcb73f6b5 nixos/prometheus/postfix: enable systemd by default 2020-09-25 14:29:16 +02:00
Linus Heckemann
e80fa27968 nixos/prometheus/postfix: correct default showqPath 2020-09-25 14:28:32 +02:00
WilliButz
f412df1f6b nixos/prometheus-postfix-exporter: set default group
The postfix exporter needs to access postfix's `queue/public/` directory
to read the `showq` socket inside. Instead of making the public
directory world accessible, this sets the postfix exporter's group to
`postdrop` by default, when the postfix service is enabled.
2020-09-25 13:59:46 +02:00
Robin Gloster
5c0a2e8c60 nixos/prometheus: add retentionTime 2020-09-25 13:44:13 +02:00
Jan Tojnar
d471c5d1f3
Merge branch 'staging-next' into staging 2020-09-24 23:09:00 +02:00
Jan Tojnar
6d518ddf77
Merge pull request #98503 from jtojnar/doc-prompts 2020-09-24 22:48:38 +02:00
WilliButz
403c215bdd
nixos/codimd: add option environmentFile for injecting secrets
Secrets are injected from the environment into the rendered
configuration before each startup using envsubst.
The test now makes use of this feature for the db password.
2020-09-23 11:59:44 +02:00
Jan Tojnar
e6ce041cae
nixos/doc: Improve code listings
By adding prompts and replaceables and removing unnecessary indentation.
2020-09-23 01:25:25 +02:00
Frederik Rietdijk
7bff759fac Merge staging-next into staging 2020-09-22 18:31:56 +02:00
Kirill Elagin
a4afd525cb prometheus: Unbreak IPv6 listenAddress
The format of the listenAddress option was recently changed to separate
the address and the port parts. There is now a legacy check that
tells users to update to the new format. This legacy check produces
a false positive on IPv6 addresses, since they contain colons.

Fix the regex to make it not match colons within IPv6 addresses.
2020-09-21 07:53:47 +02:00
WORLDofPEACE
34aaac6d7c Merge branch 'staging-next' into staging 2020-09-20 18:41:15 -04:00
Gabriel Ebner
0c550170d1
Merge pull request #97469 from Emantor/bump/thermald 2020-09-20 16:55:30 +02:00
Nathaniel Glen
59cbf9746c nixos/pipewire: fix variable merging
While both strings and lists are valid, lists are the more accurate type
and only they can properly merge with each other.
2020-09-19 18:00:44 -04:00
Nathaniel Glen
888c1fbf96 nixos/pipewire: add missing dbus dependency
Without this it is possible for PipeWire to fail in binding the dbus socket.
2020-09-19 16:33:02 -04:00
Nathaniel Glen
c603619042 nixos/pipewire: use provided udev rules
As of PipeWire 0.3.8, the library is bundled with a slightly modified
version of PulseAudio's udev rules.
2020-09-19 16:33:02 -04:00
Nathaniel Glen
3377257d0b pipewire: split pulse and jack emulation out
This splits PulseAudio and JACK emulation into separate outputs. Doing
so provides a number of benefits.

First it fixes pw-pulse and pw-jack. Prior to this they pointed to bogus
locations because the environment variables were not evaluated.
Technically fixing this only requires setting libpulse-path and
libjack-path to any absolute path not necessarily separate outputs but
it comes as a nice result.

Secondly it allows overriding libpulseaudio with pipewire.pulse in many
packages. This is possible because the new outputs have a more standard
layout.
2020-09-19 16:33:01 -04:00
Nathaniel Glen
f01be2978b nixos/pipewire: use globs for the version 2020-09-19 16:33:01 -04:00
Nathaniel Glen
e879eb6db6 pipewire: add testing
This adds two tests. One is for whether the paths used by the module are
present, while the other is for testing functionality of PipeWire
itself. This is done with the recent addition of installed tests by
upstream.
2020-09-19 16:33:01 -04:00
Nathaniel Glen
ccefdd9dae nixos/pipewire: add jack/pulse emulation
This allows for transparent JACK and PulseAudio emulation. With this you
can essentially replace your entire audio framework with just PipeWire
for almost no configuration.
2020-09-19 16:33:00 -04:00
Nathaniel Glen
cd81d4043e nixos/pipewire: add ALSA routing
This code is based on the similar implementation for JACK.
2020-09-19 16:33:00 -04:00
Mario Rodas
8b8f54d38b
Merge pull request #98263 from asdf8dfafjk/patch-3
nixos/onedrive: Remove verbose flag
2020-09-19 13:46:17 -05:00
Ryan Mulligan
5ea751ca70
Merge pull request #98258 from ryantm/remove-heyefi
nixos/heyefi: remove module and package
2020-09-19 11:00:41 -07:00
asdf8dfafjk
5e166f892d
nixos/onedrive: Remove verbose flag 2020-09-19 11:32:42 +05:30
Ryan Mulligan
16b94bf231 nixos/monit: add ryantm as maintainer 2020-09-18 22:09:22 -07:00
Ryan Mulligan
61863c5155
Revert "nixos/monit: Allow splitting the config in multiple files" 2020-09-18 21:57:54 -07:00
Ryan Mulligan
ad1c7eb7b6 nixos/heyefi: remove module and package
heyefi is no longer maintained by me; the company that made the sd
cards is defunct and the cards depended on their servers to work.
2020-09-18 21:55:07 -07:00
Marek Mahut
52532b7c36
Merge pull request #91256 from prusnak/seeks
seeks: remove, upstream unmaintained
2020-09-18 16:32:33 +02:00
Sebastian Zivota
4560d7ed70 nixos/calibre-server: Allow multiple libraries
Also add options for group and user.
2020-09-17 12:04:39 +02:00
Rouven Czerwinski
0aaa5addfb nixos/thermald: add adaptive mode
thermald >=2.3 supports the adaptive DPTF mode, in conjunction with
kernel 5.8.
2020-09-16 18:27:16 +02:00
Robert Hensing
2d2612a020 nixos/cassandra: Add cfg.extraEnvSh 2020-09-16 17:19:39 +02:00
Dominik Xaver Hörl
c3be76580f nixos/xserver: clean up the useXFS option
It had confusing semantics, being somewhere between a boolean option and
a FontPath specification. Introduce fontPath to replace it and mark the
old option as removed.
2020-09-15 14:13:34 +02:00
WORLDofPEACE
d23f814eb3
Merge pull request #98004 from romildo/upd.nm-applet
nixos/nm-applet: starts the applet with Appindicator support
2020-09-14 20:44:51 -04:00
José Romildo Malaquias
0c6e1ddf61 nixos/pantheon: disable nm-applet indicator 2020-09-14 21:27:00 -03:00
aszlig
7447bdc523
nixos/plasma5: Fix eval of colord-kde/wacomtablet
Regression introduced by 053b05d14d.

The commit in question essentially removed the "with pkgs;" from the
scope around the various packages added to environment.systemPackages.

Since services.colord.enable and services.xserver.wacom.enable are false
by default, the change above didn't directly result in an evaluation
error.

Tested evaluation before and after this change via:

  for cfg in hardware.bluetooth.enable \
             networking.networkmanager.enable \
             hardware.pulseaudio.enable \
             powerManagement.enable \
             services.colord.enable \
             services.samba.enable \
             services.xserver.wacom.enable; do
    nix-instantiate --eval nixos --arg configuration '{
      services.xserver.desktopManager.plasma5.enable = true;
      '"$cfg"' = true;
    }' -A config.environment.systemPackages > /dev/null
  done

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @ttuegel
2020-09-15 01:19:15 +02:00
Henri Menke
9d60354fae nixos/shadowsocks: add test without plugin 2020-09-14 22:35:05 +02:00
Henri Menke
e587b5a8a8 nixos/shadowsocks: add extraConfig 2020-09-14 22:35:05 +02:00
Timo Kaufmann
8e13daea7b
Merge pull request #49413 from midchildan/add-epgstation
epgstation: init at 1.7.4
2020-09-14 10:28:33 +02:00
WORLDofPEACE
4085eee678
Merge pull request #97801 from rycee/user-session-dbus2
Make socket activated user dbus session mandatory
2020-09-14 00:37:09 -04:00
Robert Helgesson
f292a27f44
nixos/dbus: always use socket activates user session
This removes the `services.dbus.socketActivated` and
`services.xserver.startDbusSession` options. Instead the user D-Bus
session is always socket activated.
2020-09-13 11:17:16 +02:00
Sarah Brofeldt
701064bb10
Merge pull request #96446 from saschagrunert/k8s
kubernetes: 1.18.8 -> 1.19.1
2020-09-13 00:45:56 +02:00
Ryan Mulligan
cba76f9ee6
Merge pull request #97632 from ryantm/jitsi-meet-doc
nixos/jitsi-meet: add docs
2020-09-12 14:21:45 -07:00
Florian Klink
2865a8867f
nixos/datadog: allow specifying dd_url (#97775)
Useful when you want to point datadog to another endpoint, either
because you need a proxy to send out data, or because you use their EU
endpoint.
2020-09-12 21:02:20 +02:00
Silvan Mosberger
e0759a4973
Merge pull request #97758 from yorickvP/patch-3
nixos/victoriametrics: escape newlines in ExecStart
2020-09-11 23:11:59 +02:00
WORLDofPEACE
b552ded466 nixos/gdm: fix option descriptions
If we use '' '' for strings with mkEnableOption they get a trailing space
before the period.
2020-09-11 14:14:41 -04:00
Damien Cassou
607f5a6755
Merge pull request #84246 from lostnet/couchdbpr
couchdb: add support for version 3.0.0
2020-09-11 17:47:47 +02:00
midchildan
36c16fa7e3
nixos/epgstation: add module 2020-09-12 00:34:47 +09:00
midchildan
090305169d
nixos/mirakurun: expose setting 'unixSocket'
and improve documentation along the way
2020-09-12 00:34:46 +09:00
Sebastian Zivota
b619f322d3 nixos/samba: install package when module is enabled 2020-09-11 15:28:01 +02:00
Will Young
0ef1be0aa1 couchdb: add support for version 3.1.0 2020-09-11 14:03:16 +02:00
Yorick
c1bef53ab5
nixos/victoriametrics: escape newlines in ExecStart
Fixes #96206
2020-09-11 12:44:33 +02:00
Thomas Tuegel
98754abe78
Merge pull request #97735 from orivej/plasma5-bluetooth
nixos/plasma5: fix build with hardware.bluetooth.enable after #97456
2020-09-11 05:35:57 -05:00
Doron Behar
35521e4ea7
Merge pull request #95599 from doronbehar/module/mpd/passwordFile
nixos/mpd: Allow to configure a credentialsFile
2020-09-11 09:11:13 +03:00
Orivej Desh
21b2900bd4 nixos/plasma5: fix build with hardware.bluetooth.enable = true after #97456 2020-09-11 05:29:57 +00:00
Vladimír Čunát
538e558f48
Revert "Merge #96844: nixos/nfsd: run rpc-statd as a normal user"
This reverts commit 42eebd7ade, reversing
changes made to b169bfc9e2.

This breaks nfs3.simple test and even current PR #97656 wouldn't fix it.
Therefore let's revert for now to unblock the channels.
2020-09-10 21:31:35 +02:00
Florian Klink
484632983f
Merge pull request #97631 from Izorkin/nginx-sandboxing
nixos/nginx: remove option enableSandbox
2020-09-10 20:33:25 +02:00
Doron Behar
b4756fe0c4 nixos/mpd: Mention in /etc/mpd.conf it was autogenerated 2020-09-10 18:00:29 +03:00
Maximilian Bosch
8d8871c565
nixos/nextcloud: fix nginx-config for Nextcloud 19 and older
It seems as I misconfigured `nginx` for certain cases such as the
`ldap`-plugin[1] in 42f6244899. This patch
fixes the `nginx`-config to match the upstream recommendations[2].

Also added a comment to the module to remind myself to ensure that
`nginx` will work with both v19 and v20 as soon as the latter is
released and can be packaged in `nixpkgs`.

Co-authored-by: nivadis <nivadis@users.noreply.github.com>

[1] https://github.com/nextcloud/server/issues/16194#issuecomment-688839888
[2] https://docs.nextcloud.com/server/19/admin_manual/installation/nginx.html
2020-09-10 16:50:36 +02:00
Kevin Cox
91032af924
Merge pull request #97592 from NixOS/kevincox-chrony-state
chrony: Create state directory with correct owner.
2020-09-10 09:49:55 -04:00
Sascha Grunert
35f7a3347c
kubernetes: fix certificate generation
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
2020-09-10 13:07:32 +02:00
Izorkin
535896671b
nixos/nginx: remove option enableSandbox 2020-09-10 08:19:20 +03:00
Ryan Mulligan
531c08a1d9 nixos/jitsi-meet: add docs 2020-09-09 22:18:20 -07:00
ajs124
c97fcc3fe0
Merge pull request #97438 from pbogdan/openvpn-path
nixos/openvpn: path now requires conversion to a string
2020-09-09 23:59:01 +02:00
Kevin Cox
57b9d5c144
chrony: Create state directory with correct owner.
Fixes https://github.com/NixOS/nixpkgs/issues/97546
2020-09-09 15:48:48 -04:00
Thomas Tuegel
959c0bf468
Merge pull request #97456 from ttuegel/master--plasma5-no-qt-5.15
Remove Qt 5.15 from the Plasma 5 closure
2020-09-09 05:14:21 -05:00
Axel Forsman
b6139e58e3 nixos/picom: add experimentalBackends option
This option is only available as a command-line flag and not from the
config file, that is `services.picom.settings`. Therefore it is more
important that it gets its own option.

One reason one might need this set is that blur methods other than
kernel do not work with the old backends, see yshui/picom#464.

For reference, the home-manager picom module exposes this option too.
2020-09-09 11:30:48 +02:00
WORLDofPEACE
e044909aba
Merge pull request #93764 from evenbrenden/xdg-session-id-user-units
nixos/displayManager: add XDG_SESSION_ID to systemd user environment
2020-09-08 21:29:24 -04:00
Peter Hoeg
42eebd7ade
Merge pull request #96844 from peterhoeg/m/nfs
nixos/nfsd: run rpc-statd as a normal user
2020-09-09 09:10:46 +08:00
Lassulus
dd966067ae
Merge pull request #97381 from xaverdh/xmonad-configurable
nixos/xmonad: give users some build and runtime control
2020-09-08 20:57:17 +02:00
Maximilian Bosch
40f7a4ecec
Merge pull request #97371 from WilliButz/bitwarden_rs/environment-file
nixos/bitwarden_rs: add environmentFile option
2020-09-08 20:25:28 +02:00
Maciej Krüger
8c4dd13e3f
nixos/cinnamon: add warpinator & blueberry pkgs 2020-09-08 17:09:12 +02:00
Peter Hoeg
5882e3072a
Merge pull request #97325 from peterhoeg/m/mailhog
nixos/mailhog: run with DynamicUser
2020-09-08 22:55:47 +08:00
Thomas Tuegel
053b05d14d
Remove Qt 5.15 from Plasma closure 2020-09-08 08:47:34 -05:00
Piotr Bogdan
cb141359bf nixos/openvpn: path now requires conversion to a string
Following changes in https://github.com/NixOS/nixpkgs/pull/91092 the `path` attribute is now a list
instead of being a string. This resulted resulted in the following evaluation error:

"cannot coerce a list to a string, at [...]/nixos/modules/services/networking/openvpn.nix:16:18"

so we now need to convert it to the right type ourselves.

Closes https://github.com/NixOS/nixpkgs/issues/97360.
2020-09-08 11:09:04 +01:00
Oleksii Filonenko
45d7f59da8
Merge pull request #97217 from sephii/nixos-caddy-v2-migration 2020-09-08 11:17:55 +03:00
Linus Heckemann
ef4e81d756
Merge pull request #96830 from mayflower/unifi-poller
unifi-poller: add service and prometheus-exporter
2020-09-08 09:53:07 +02:00
Sylvain Fankhauser
b8bfe941fa
caddy: address remaining MR comments for v2 2020-09-08 09:29:04 +02:00
Richard Marko
f54612264e nixos/jack,pulseaudio: fix pulse connection to jackd service
This fixes the case when Jack Audio Daemon is running
as a service via `services.jack.jackd` and Pulseaudio
running as a *user* service.

Two issues prevented connecting `pulse` with `jackd`:
* Missing `JACK_PROMISCUOUS_SERVER` environment variable for `pulse` user service,
  resulting in `pulse` trying to access `jackd` as if it was running as part of
  the users session.
* `jackd` not being able to access socket created by `pulse` due to socket
  created using user ID and `users` group. Change allows `jackd` to access
  the socket created by `pulse` correctly.

`pulse` now also autoloads `module-jack-sink` and `module-jack-source`
if `services.jack.jackd.enable` is set.

The default `pulse` package is now set to `pulseaudioFull` automatically
if `services.jack.jackd.enable` is set.
2020-09-08 08:44:20 +02:00
Thomas Tuegel
0b3cc29f09
Merge pull request #97242 from ttuegel/qt-5.15
Qt 5.15.0
2020-09-07 20:18:57 -05:00
Maciej Krüger
04ea3a0ff6
nixos/cinnamon: init
Co-Authored-By: WORLDofPEACE <worldofpeace@protonmail.ch>
2020-09-08 01:44:09 +02:00
Dominik Xaver Hörl
10ecd1f45b nixos/xmonad: allow passing compile time options to ghc invocation 2020-09-07 20:16:25 +02:00
Dominik Xaver Hörl
15d87cb81c nixos/xmonad: allow passing command line arguments 2020-09-07 19:25:45 +02:00
WilliButz
76362dd7eb
nixos/bitwarden_rs: add environmentFile option
Add the option `environmentFile` to allow passing secrets to the service
without adding them to the Nix store, while keeping the current
configuration via the existing environment file intact.
2020-09-07 17:39:53 +02:00
Evan Stoll
a31736120c nixos/lorri: add package option 2020-09-07 15:46:15 +02:00
Thomas Tuegel
20bfb27eaf nixos/plasma5: Use Qt 5.14 2020-09-07 08:06:33 -05:00
Dominique Martinet
f462cf15f8 wakeonlan service: use powerUpCommands
powerDownCommands is supposed to run before shutdown, but the current
implementation only runs before-sleep, thus not enabling wakeonlan on
devices when powering off even if the hardware supports it.

Taking into consideration the possibility of unexpected shutdown, it is
preferable to move the commands to powerUpCommands instead which is
executed at boot time as well as after resume - that should cover all
use cases for wakeonlan.

Fixes #91352
2020-09-07 14:56:59 +02:00
Peter Hoeg
d6264419f5 nixos/nfsd: run rpc-statd as a normal user 2020-09-07 18:04:03 +08:00
Peter Hoeg
9123308be5 nixos/mailhog: run with DynamicUser 2020-09-07 17:56:53 +08:00
WilliButz
5d51096839
nixos/prometheus-exporters: fix default firewall filter
Instead of always using the default port of one exporter for its default
firewall filter, the port from the current service configuration is used.
2020-09-07 10:28:36 +02:00
Oleksii Filonenko
6322325a53
caddy: 1.0.5 -> 2.0.0
Rename legacy v1 to `caddy1`
2020-09-07 09:39:16 +02:00
Maximilian Bosch
cac5339531
nixos/doc/borgbackup: correct install instructions for vorta
No need to fiddle around with `flatpack` to get `vorta`, a graphical
desktop-client for `borgbackup` running as it's available in `nixpkgs`.
2020-09-06 22:44:37 +02:00
Silvan Mosberger
f822080b05
Merge pull request #68887 from teto/ssh_banner
services.openssh: add banner item
2020-09-06 22:15:25 +02:00
Matthieu Coudron
1835fc455b services.openssh: add banner
Add the possibility to setup a banner.

Co-authored-by: Silvan Mosberger <github@infinisil.com>
2020-09-06 21:32:20 +02:00
Florian Klink
d7046947e5
Merge pull request #91121 from m1cr0man/master
Restructure acme module
2020-09-06 18:26:22 +02:00
elseym
aaf0002f68
prometheus-unifi-poller-exporter: init module 2020-09-06 17:48:19 +02:00
elseym
b381aacbba
nixos/unifi-poller: init unifi-poller service 2020-09-06 17:47:52 +02:00
Peter Hoeg
6e22c6ea6a
Merge pull request #96769 from peterhoeg/m/phpfpm
nixos/phpfpm: always restart service on failure
2020-09-06 21:41:38 +08:00
Florian Klink
569fdb2c35
Merge pull request #93424 from helsinki-systems/feat/gitlab-mailroom
nixos/gitlab: Support incoming mail
2020-09-06 15:34:02 +02:00
Julien Moutinho
fb6d63f3fd apparmor: fix and improve the service 2020-09-06 07:43:03 +02:00
Peter Hoeg
5483b1e216
Merge pull request #97123 from peterhoeg/m/fscache
nixos/cachefilesd: don't set up manually
2020-09-06 10:23:32 +08:00
Evan Stoll
854a229ae5
nixos/terraria: allow dataDir to be configured (#89033)
* nixos/terraria: allow dataDir to be configured

add dataDir option to terraria module

* Update nixos/modules/services/games/terraria.nix

Co-authored-by: WORLDofPEACE <worldofpeace@protonmail.ch>

Co-authored-by: WORLDofPEACE <worldofpeace@protonmail.ch>
2020-09-05 16:37:52 -04:00
Lassulus
964606d40f
Merge pull request #96659 from doronbehar/module/syncthing
nixos/syncthing: add ignoreDelete folder option
2020-09-05 22:05:04 +02:00
Even Brenden
660882d883 nixos/displayManager: add XDG_SESSION_ID to systemd user environment
xss-lock needs XDG_SESSION_ID to respond to loginctl lock-session(s)
(and possibly other session operations such as idle hint management).
This change adds XDG_SESSION_ID to the list of imported environment
variables when starting systemctl.

Inspired by home-manager, add importVariables configuration.

Set session to XDG_SESSION_ID when running xss-lock as a service.

Co-authored-by: misuzu <bakalolka@gmail.com>
2020-09-05 20:36:18 +02:00
Oleksii Filonenko
d71cadacd9
nixos/caddy: use v2 by default 2020-09-05 14:09:17 +02:00
Oleksii Filonenko
8cc592abfa
nixos/caddy: add support for v2 2020-09-05 14:09:16 +02:00
Peter Hoeg
6ef2152b5d nixos/cachefilesd: don't set up manually
Use our available infrastructure instead of manually handling setup.
2020-09-04 16:11:55 +08:00
Philipp Bartsch
47928442a8 nixos/opendkim: add keyPath to ReadWritePaths 2020-09-03 17:54:16 +02:00
Philipp Bartsch
118f341723 nixos/opendkim: add systemd service sandbox 2020-09-03 17:54:15 +02:00
Lucas Savva
61dbf4bf89
nixos/acme: Add proper nginx/httpd config reload checks
Testing of certs failed randomly when the web server was still
returning old certs even after the reload was "complete". This was
because the reload commands send process signals and do not wait
for the worker processes to restart. This commit adds log watchers
which wait for the worker processes to be restarted.
2020-09-02 19:25:30 +01:00
Lucas Savva
982c5a1f0e
nixos/acme: Restructure module
- Use an acme user and group, allow group override only
- Use hashes to determine when certs actually need to regenerate
- Avoid running lego more than necessary
- Harden permissions
- Support "systemctl clean" for cert regeneration
- Support reuse of keys between some configuration changes
- Permissions fix services solves for previously root owned certs
- Add a note about multiple account creation and emails
- Migrate extraDomains to a list
- Deprecate user option
- Use minica for self-signed certs
- Rewrite all tests

I thought of a few more cases where things may go wrong,
and added tests to cover them. In particular, the web server
reload services were depending on the target - which stays alive,
meaning that the renewal timer wouldn't be triggering a reload
and old certs would stay on the web servers.

I encountered some problems ensuring that the reload took place
without accidently triggering it as part of the test. The sync
commands I added ended up being essential and I'm not sure why,
it seems like either node.succeed ends too early or there's an
oddity of the vm's filesystem I'm not aware of.

- Fix duplicate systemd rules on reload services

Since useACMEHost is not unique to every vhost, if one cert
was reused many times it would create duplicate entries in
${server}-config-reload.service for wants, before and
ConditionPathExists
2020-09-02 19:22:43 +01:00
Félix Baylac-Jacqué
09c383c17a
Merge pull request #94917 from ju1m/biboumi
nixos/biboumi: init
2020-09-02 17:43:27 +02:00
WORLDofPEACE
18348c7829
Merge pull request #96042 from rnhmjoj/loaOf
treewide: completely remove types.loaOf
2020-09-02 08:45:37 -04:00
Julien Moutinho
f333296776 nixos/biboumi: init 2020-09-02 08:31:53 +02:00
John Ericson
1965a241fc
Merge pull request #61019 from volth/gcc.arch-amd
platform.gcc.arch: support for AMD CPUs
2020-09-01 22:31:16 -04:00
rnhmjoj
bc62423a87
nixos/doc: convert loaOf options refs to attrsOf 2020-09-02 00:42:51 +02:00
rnhmjoj
20d491a317
treewide: completely remove types.loaOf 2020-09-02 00:42:50 +02:00
Aaron Andersen
c51e7b7874 nixos/beanstalkd: add openFirewall option 2020-09-01 10:07:28 -04:00
Janne Heß
d85f50b71f
nixos/gitlab: Support pages
Fixes #84525
2020-09-01 12:08:36 +02:00
Lassulus
a081e99e41
Merge pull request #83780 from hax404/robustirc-bridge
robustirc-bridge: init at 1.8
2020-08-31 18:14:45 +02:00
Frederik Rietdijk
303e0bca3b
Merge pull request #96610 from romildo/rm.deepin
deepin: remove from nixpkgs
2020-08-31 17:58:11 +02:00
Peter Hoeg
07408cac94 nixos/phpfpm: always restart service on failure 2020-08-31 21:19:54 +08:00
Silvan Mosberger
6716867eb3
Merge pull request #96686 from nixy/add/tor-package-option
tor: Add option to tor service for package
2020-08-30 23:02:37 +02:00
Andrew R. M
168a9c8d38 Add option to tor service for package 2020-08-30 14:35:36 -04:00
José Romildo Malaquias
b768afb2e9 deepin: remove from nixpkgs
The Deepin Desktop Environment (DDE) is not yet fully packaged in
nixpkgs and it has shown a very difficult task to complete, as
discussed in https://github.com/NixOS/nixpkgs/issues/94870. The
conclusion is that it is better to completely remove it.
2020-08-30 15:27:42 -03:00
Georg Haas
9376dd8516
nixos/modules/robustirc-bridge: init 2020-08-30 18:34:22 +02:00
Doron Behar
8cd4d59a32 nixos/samba: remove upstream deprecated syncPasswordsByPam option 2020-08-30 14:29:13 +03:00
Doron Behar
5789ffc509 nixos/syncthing: add ignoreDelete folder option 2020-08-30 10:55:03 +03:00
Matthew Bauer
fc726e3494 Revert "nixos/nix-daemon.nix: assert distributedBuilds and buildMachines!=[]"
This reverts commit 67b6e56391.
This reverts commit 250885d0ca.

Causes issues for some configs, see 67b6e56391
2020-08-29 22:39:24 -05:00
Lassulus
a55bb108fc
Merge pull request #85328 from langston-barrett/lb/restart-dispatcher
nixos/networkmanager: restart dispatcher when nameservers change
2020-08-29 16:24:28 +02:00
Aaron Andersen
af25b37814
Merge pull request #96316 from aanderse/redmine
nixos/redmine: replace extraConfig option with settings option
2020-08-29 09:13:13 -04:00
Aaron Andersen
bcdcd5d9fc
Merge pull request #95880 from aanderse/postgresql-settings
nixos/postgresql: replace extraConfig option with settings option
2020-08-29 09:12:54 -04:00
Robert Hensing
4841b30784
Merge pull request #94804 from hercules-ci/init-nixos-hercules-ci-agent
nixos/hercules-ci-agent: init
2020-08-29 10:20:14 +02:00
Symphorien Gibol
7200fde2d5 nixos/dovecot: configure mailboxes for all processes
Notably fts plugins need them for fts_autoindex_exclude = \SomeFlag
2020-08-28 22:24:04 +02:00
Nick Hackman
626bd1f111 Fix typo in services/editors/emacs documentation
In section `sec-modify-via-packageOverrides`: is -> if
2020-08-27 16:58:52 -04:00
Matthew Bauer
3814422afa
Merge pull request #96218 from matthewbauer/cage-supply-pam-environment
nixos/cage: supply pamEnvironment
2020-08-27 10:15:29 -05:00
Matthew Bauer
fe8d0c2e0b nixos/cage: supply pamEnvironment
Without this, you don’t get any of the sessionVariables in the cage
application. Things like XDG_DATA_DIRS, XCURSOR_PATH, etc. are
missing.
2020-08-27 10:11:45 -05:00
Lassulus
c265ca02ca
Merge pull request #85963 from seqizz/g_physlock_message
physlock: add optional lock message
2020-08-27 10:18:34 +02:00
Aaron Andersen
2a44265608 nixos/postgresql: replace extraConfig option with settings option 2020-08-26 17:06:48 -04:00
Lassulus
e453860b8f
Merge pull request #86236 from ThibautMarty/fix-nullOr-types
treewide: fix modules options types where the default is null
2020-08-26 18:21:29 +02:00
Lassulus
12baef56e4
Merge pull request #96127 from hmenke/shadowsocks
shadowsocks service: support plugins
2020-08-26 16:49:55 +02:00
Aaron Andersen
a7c69047df nixos/redmine: remove database.password option 2020-08-26 07:08:07 -04:00
Aaron Andersen
6cf743e52d nixos/redmine: allow user to override contents of additional_environment.rb 2020-08-26 07:08:07 -04:00
Aaron Andersen
dee97b8b44 nixos/redmine: replace extraConfig option with settings option 2020-08-26 07:08:07 -04:00
Henri Menke
d35cb15153
nixos/shadowsocks: support plugins 2020-08-26 14:01:41 +12:00
Lassulus
e357d0ec8c
Merge pull request #95678 from helsinki-systems/upd/sogo
sogo: 4.3.2 -> 5.0.0
2020-08-26 00:04:36 +02:00
Herwig Hochleitner
49dba2c4ad
Merge pull request #96263 from bendlas/warn-wpa-supplicant-config
nixos: wpa_supplicant: warn on unused config
2020-08-25 23:34:18 +02:00