Commit Graph

6402 Commits

Author SHA1 Message Date
Thomas Tuegel
6cd867dd4c Merge pull request #20433 from ttuegel/install-cd-kde-5
Use KDE 5 for the graphical installation DVD
2016-11-18 11:29:47 -06:00
Joachim F
2bb30e5d66 Merge pull request #20467 from ericsagnes/feat/module-enums-2
modules: use enum when relevant
2016-11-17 22:48:26 +01:00
Franz Pletz
6a5ae21c47 Merge pull request #20421 from mayflower/refactor/clamav-service
clamav service: refactor
2016-11-17 19:37:53 +01:00
aszlig
6cfb3b6364
nixos/tests: Use a patched QEMU for testing
The reason to patch QEMU is that with latest Nix, tests like "printing"
or "misc" fail because they expect the store paths to be owned by uid 0
and gid 0.

Starting with NixOS/nix@5e51ffb1c2, Nix
builds inside of a new user namespace. Unfortunately this also means
that bind-mounted store paths that are part of the derivation's inputs
are no longer owned by uid 0 and gid 0 but by uid 65534 and gid 65534.

This in turn causes things like sudo or cups to fail with errors about
insecure file permissions.

So in order to avoid that, let's make sure the VM always gets files
owned by uid 0 and gid 0 and does a no-op when doing a chmod on a store
path.

In addition, this adds a virtualisation.qemu.program option so that we
can make sure that we only use the patched version if we're *really*
running NixOS VM tests (that is, whenever we have imported
test-instrumentation.nix).

Tested against the "misc" and "printing" tests.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-11-17 17:16:16 +01:00
Joachim F
2c01da3654 Merge pull request #20384 from ericsagnes/feat/bspwm-refactor
bspwm module: refactor
2016-11-17 15:37:07 +01:00
Domen Kožar
2326c8de4d cloud-utils: 0.27 -> 0.29
We keep the existing hacks for growpart to work
inside the initrd

Fixes #15736 #17015
2016-11-17 15:15:42 +01:00
Jaka Hudoklin
5bc7ae7adb kubernetes module: support for kubernetes 1.4 2016-11-17 02:46:31 +01:00
Eelco Dolstra
69bea26ea9 sddm: Enable user switching
It was lacking the dbus configuration to bind to
org.freedesktop.DisplayManager, and it was passing fixed TTY/display
numbers to the X server (see 9be012f0d4).
2016-11-16 23:38:50 +01:00
Domen Kožar
67f3e2853b create-amis.sh: use nix-shell for convenience 2016-11-16 16:49:32 +01:00
Jörg Thalheim
7ad01f5f0c initrd-ssh: fix authorized_key generation with multiple keys
multiple entries should be separated by newline
2016-11-16 14:47:37 +00:00
Eric Sagnes
0ebc5ec7cb network-interfaces: use enum 2016-11-16 22:37:57 +09:00
Eric Sagnes
4a600b0437 raspberrypi module: use enum 2016-11-16 22:37:36 +09:00
Eric Sagnes
15d25df698 nsd module: use enum 2016-11-16 22:37:14 +09:00
Eric Sagnes
5259fb2181 nntp-proxy module: use enum 2016-11-16 22:36:53 +09:00
Eric Sagnes
fb26d561ed hostapd module: use enum 2016-11-16 22:36:26 +09:00
Eric Sagnes
9513ab45aa duosec module: use enum 2016-11-16 22:36:05 +09:00
Eric Sagnes
61efe92e68 fontconfig module: use enum 2016-11-16 22:35:46 +09:00
Joachim F
a105b3aff9 Merge pull request #20392 from jerith666/cp-48
crashplan: 4.7.0r2 -> 4.8.0r1
2016-11-15 22:34:38 +01:00
Thomas Tuegel
66d9772f0b
installation-cd-graphical-kde: put manual link directly on desktop 2016-11-15 07:21:40 -06:00
Thomas Tuegel
8c3aa5a484
kde5: add enableQt4Support option 2016-11-15 07:21:40 -06:00
Thomas Tuegel
c9146d7e5f
kde5: don't install oxygen-icons5 if breeze-icons is present 2016-11-15 07:21:39 -06:00
Thomas Tuegel
456414c519
installation-cd-graphical-kde: use KDE 5 2016-11-15 07:18:46 -06:00
Michael Stapelberg
9cbf8a0652 Fix buildMachines example: use lists, not string (#20361)
Using the example before this commit resulted in the following error:

```
error: value is a string while a list was expected, at /nix/var/nix/profiles/per-user/root/channels/nixos/nixpkgs/nixos/modules/services/misc/nix-daemon.nix:349:37
```
2016-11-15 07:04:32 +01:00
Franz Pletz
45854a02e8 services/tahoe: SFTP support (#20372) 2016-11-15 07:01:04 +01:00
Franz Pletz
9e1e3b2880
clamav service: refactor
* Sync systemd units with upstream. Upstream uses SIGUSR2 instead of SIGHUP
  to reload the clamd service.

* Convert freshclam service to a oneshot service activated by a systemd timer.
  This way we can make clamd wait for freshclam to finish fetching the virus
  database before failing to start if the database doesn't exist yet.

* Fixes console tools to work as expected as they require hardcoded config
  file locations.
2016-11-15 04:47:14 +01:00
Franz Pletz
02e9c88d77
clamav: don't bundle freshclam config with package
Building clamav is expensive due to the bundled llvm.

Closes #20304.
2016-11-15 02:06:02 +01:00
Joachim Fasting
999ac3056d
cjdns test: fix typo
Noticed by @vcunat
daf3ba426b (commitcomment-19820962)
2016-11-15 01:57:30 +01:00
Corbin
2548fd6908 services/tahoe: SFTP support. 2016-11-13 17:13:18 -08:00
Matt McHenry
ee6dfa1e9e crashplan: 4.7.0r2 -> 4.8.0r1 2016-11-13 14:38:14 -05:00
Vladimír Čunát
1ac5869907
Merge #19936: vulkan / amdgpu-pro update 2016-11-13 20:06:40 +01:00
David McFarland
6bf27c2cae vulkan-loader: allow validation layers to be enabled
The loader now uses XDK_DATA_DIRS to find drivers and layers.
2016-11-13 12:44:27 -04:00
David McFarland
e783cc90a0 opengl: add driver paths to XDG_DATA_DIRS 2016-11-13 12:44:27 -04:00
Eric Sagnes
8ea1e93537 i3 module: refactor 2016-11-14 00:58:49 +09:00
Eric Sagnes
293da497c3 bspwm module: refactor 2016-11-14 00:41:05 +09:00
Marc Weber
b51f165334 apache-httpd
* Introduce listen = [ { ip = "*"; port = 443; } ]; configuartion.
* deprecated port = 443 option which is no longer needed
2016-11-12 15:35:38 +01:00
Graham Christensen
cbe7ca77db Merge pull request #20351 from bachp/etcd-new-port
etcd: make all service using etc go to 127.0.0.1:2379 by default
2016-11-12 07:18:18 -05:00
Joachim Fasting
852b365928
Revert "cjdns: Disable tests"
This reverts commit 0ba3d429a7.
2016-11-12 13:09:28 +01:00
Joachim Fasting
f059c7f754
Revert "cjdns test: exercise host builder logic"
This reverts commit daf3ba426b.

This is an alternative to 0ba3d429a7,
which disables the test outright.  Briefly, exercising builders which
rely on import-from-derivation can cause Hydra jobsets to time out.
2016-11-12 13:09:17 +01:00
Alex Ivanov
ccf8566bdd yandex-disk service: add exclude-dirs option 2016-11-12 12:36:33 +03:00
Alex Ivanov
5f8aa15e84 yandex-disk service: correct permissions 2016-11-12 12:02:33 +03:00
Pascal Bach
c1dca9e40b etcd: make all service using etc go to 127.0.0.1:2379 by default
The old etcd port 4001 is no longer enabled by default in etcd 3.
The new port is 2379 and is officially assigned by IANA.

There were still some services left that expect etcd on port 4001 by default.
This changes the default to 2379 everywhere.

It should not cause problems for users as the etcd by nix does listen on the new port only by default anyway.
2016-11-11 23:11:54 +01:00
Joachim F
7edd5ab54f Merge pull request #20340 from romildo/fix.lxqt
lxqt: it is capable of setting a background
2016-11-11 17:19:31 +01:00
Gregor Kleen
54199414e3 nsd service: fix typo
Closes #20343.
2016-11-11 14:06:07 +01:00
romildo
53c3cf3fb9 lxqt: it is capable of setting a background 2016-11-11 08:04:59 -02:00
Joachim F
e76b0fa7d9 Merge pull request #20241 from matthewbauer/patch-1
virtualbox-demo: Add modesetting to drivers
2016-11-10 22:44:17 +01:00
aszlig
c67a7ee731
Merge branch 'chromium-update-with-gn'
This brings in the new stable version 54 which also introduces a lot of
security fixes:

  CVE-2016-5198: Out of bounds memory access in V8
  CVE-2016-5181: Universal XSS in Blink
  CVE-2016-5182: Heap overflow in Blink
  CVE-2016-5183: Use after free in PDFium
  CVE-2016-5184: Use after free in PDFium
  CVE-2016-5185: Use after free in Blink
  CVE-2016-5187: URL spoofing
  CVE-2016-5188: UI spoofing
  CVE-2016-5192: Cross-origin bypass in Blink
  CVE-2016-5189: URL spoofing
  CVE-2016-5186: Out of bounds read in DevTools
  CVE-2016-5191: Universal XSS in Bookmarks
  CVE-2016-5190: Use after free in Internals
  CVE-2016-5193: Scheme bypass

Detailed announcements about these changes can be found here (latest to
oldest):

https://googlechromereleases.blogspot.de/2016/11/stable-channel-update-for-desktop.html
https://googlechromereleases.blogspot.de/2016/10/stable-channel-update-for-desktop_20.html
https://googlechromereleases.blogspot.de/2016/10/stable-channel-update-for-desktop.html

The update process of Chromium has been a bit bumpy on our side, because
version 54 also did the switch from GYP to GN so it wasn't just a matter
of updating the upstream-info file.

I've tested the Flash plugin (which runs fine) and WideVine manually,
although I couldn't get WideVine to work (I was running this within a VM
though).

So if people want to use WideVine they need to use Chrome instead until
we got this sorted out.

VM test results along with builds for all platforms can be found here:

https://headcounter.org/hydra/eval/339328

I'm going to backport these changes to stable as soon as the
tests/builds succeed there as well.

Closes: #19565
Closes: #20120
2016-11-09 09:55:31 +01:00
aszlig
4e7eb75a79
nixos/tests/chromium: Fix popup detection
Sometimes it happens that the "Type to search or enter a URL to
navigate" popup doesn't show, but all we need to know at this time is
whether Chromium has finished starting up.

So checking for the "startup done" page is a better option here.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-11-09 09:41:10 +01:00
Eelco Dolstra
0ba3d429a7 cjdns: Disable tests
Since 8180922d23, the cjdns module
imports from a derivation, which is very bad. It causes all of stdenv
to be built at evaluation time. Since we have a hard 3600 second limit
on Hydra evaluations, this was causing NixOS jobsets to time out.

@joachifm
2016-11-08 20:35:03 +01:00
Robin Gloster
f422afd07d
errbot service: fix import config in plugins 2016-11-08 17:44:52 +01:00
Rob Vermaas
b0dd048cc5 hound: make mercurial indexing work
(cherry picked from commit 990716ce72f64be5da644e5eac73b5f145864e75)
2016-11-08 14:09:07 +00:00
Philipp Hausmann
632282300a nginx service: Add missing port toString conversion (#20252) 2016-11-08 13:34:04 +01:00
Maximilian Güntner
7fa157c558
services: Add Interplanetary File System service
Signed-off-by: Maximilian Güntner <code@klandest.in>
2016-11-07 22:01:38 +01:00
Matthew Justin Bauer
6de20a7fe4 virtualbox-demo: Add modesetting to drivers
This needs to be included for VirtualBox to detect that it needs to start the video driver. "modesetting" is also set in virtualbox-image.nix but this line seems to take precedence over that one (even though the virtualbox-image.nix has a higher override?) This should fix the problems that I and a few others have been having with the .ova files built for nixos.org.

Fixes #20007.
2016-11-07 14:36:41 -06:00
Andres Nötzli
95b5e4c46a NixOS manual: Update link to list of AMIs 2016-11-07 11:24:15 -08:00
Joachim F
858f088007 Merge pull request #20063 from romildo/new.lumina
lumina: init at 1.1.0-p1
2016-11-06 15:29:14 +01:00
Joachim Schiele
47d81ed347 leaps: 0.5.1 + add a service + test 2016-11-06 10:34:42 +01:00
Edward Tjörnhammar
4009dbe543
nixos: i2pd, update config options 2016-11-06 08:13:04 +01:00
Eric Sagnes
e14de56613 module system: extensible option types 2016-11-06 00:05:58 +01:00
Eric Sagnes
1fe1cdecb2 types: loeOf -> listOf 2016-11-05 21:46:42 +01:00
Joachim F
32715b8314 Merge pull request #17445 from joachifm/dnscrypt-proxy-update-list
dnscrypt-proxy service: auto-updated resolver list
2016-11-05 18:23:48 +01:00
Joachim Fasting
806e652e51
dnscrypt-proxy test: simplification 2016-11-05 17:45:02 +01:00
Joachim Fasting
2f912bf0a3
dnscrypt-proxy service: auto-update upstream resolver list
By default, we use the list of public DNSCrypt resolvers provided by
dnscrypt-proxy upstream. The list is updated at regular intervals.
2016-11-05 17:44:51 +01:00
Joachim F
2c567dbd4d Merge pull request #20144 from ericsagnes/feat/module-enums
modules: use enum when relevant
2016-11-05 12:18:04 +01:00
Vladimír Čunát
5d5efcea14
Merge #20001: docs: use overrideAttrs instead of overrideDerivation 2016-11-05 11:03:59 +01:00
Vladimír Čunát
559ddae410
nixos manual: clarify "attributes of function" 2016-11-05 11:02:04 +01:00
Eric Sagnes
986510de45 logcheck module: use enum 2016-11-05 13:24:53 +09:00
Sophie Taylor
20e81f7c0d nixos/cjdns: tightened permissions via systemd, added caps 2016-11-04 17:00:23 +01:00
uwap
d9134ddb5d Add a package option for quassel (#20159) 2016-11-04 16:33:47 +01:00
Joachim Fasting
daf3ba426b
cjdns test: exercise host builder logic 2016-11-04 13:45:04 +01:00
Joachim Fasting
222cfd3233
cjdns module: fix typo 2016-11-04 13:44:48 +01:00
Eric Sagnes
ffc0e2f4fc network-interfaces module: use enum 2016-11-04 13:05:44 +09:00
Eric Sagnes
80b854739c grub module: use enum 2016-11-04 13:05:13 +09:00
Eric Sagnes
797d40767d fcgiwrap module: use enum 2016-11-04 13:04:52 +09:00
Eric Sagnes
8f8184ece1 tinc module: use enum 2016-11-04 13:04:17 +09:00
Eric Sagnes
5a3c2e3db0 bitlbee module: use enum 2016-11-04 13:03:53 +09:00
Eric Sagnes
943f161fc5 ghost-one module: use enum 2016-11-04 13:03:18 +09:00
Joachim F
9f94595485 Merge pull request #20121 from mbrgm/fix/smokeping-setuid-fping
smokeping service: Use setuid-wrapped fping binary
2016-11-04 00:01:23 +01:00
Nikolay Amiantov
5187c28f91 parsoid service: don't run as a superuser 2016-11-03 19:20:19 +03:00
Nikolay Amiantov
0fa07f1b20 parsoid service: fix for new parsoid 2016-11-03 19:20:19 +03:00
Ricardo M. Correia
af01fa71e0 nixos.libvirtd: fix broken VMs due to emulator path changes
This had already been fixed in f52f9bf7cd,
but the problem was reintroduced in
bce59a1a8b because the path to the XML
files changed.
2016-11-03 14:55:44 +01:00
Andrew R. M
a31bf8961a grub bootloader: add forceInstall option
Using the --force option on GRUB isn't recommended, but there are very
specific instances where it makes sense. One example is installing on a
partitionless disk.
2016-11-03 05:50:42 -04:00
Marius Bergmann
51652ac3aa smokeping service: Use setuid-wrapped fping binary
The current default probe config uses the unwrapped fping binary, which
leads to an error because fping must be executed with elevated
permissions.

I fixed this by changing the path to the default binary to the
setuid-wrapped version.
2016-11-03 09:44:21 +01:00
Franz Pletz
8085aff315 Merge pull request #20015 from Mic92/adb
adb: init module
2016-11-03 06:29:28 +01:00
Peter J. Jones
d19967bf48 vsftpd service: add extraConfig option, set anon_root (#20069)
This commit includes two changes:

  1. A new `extraConfig` option to allow administrators to set any
     vsftpd configuration option that isn't directly supported by this
     derivation.

  2. Correctly set the `anon_root` vsftpd option to `anonymousUserHome`
2016-11-03 05:06:47 +01:00
Eric Sagnes
7fd38dc8b3 znc module: optionSet -> submodule (#20096) 2016-11-03 05:02:14 +01:00
Tim Steinbach
08fb099b82 Merge pull request #20085 from mbrgm/fix/smokeping-permissions
smokeping service: Fix permissions in $smokepingHome
2016-11-02 20:26:29 -04:00
Tim Steinbach
04b22dd935 Merge pull request #19982 from sternenseemann/netcat
Make netcat-openbsd the default netcat
2016-11-02 19:44:29 -04:00
Bjørn Forsman
2f8ac21e1b nixos: remove test-config-examples.sh (obsolete)
This file has been non-functional for over two years, since
commit f002a27a80 ("Remove obsolete directory") removed
.../doc/config-examples/.
2016-11-02 22:46:19 +01:00
Marius Bergmann
248bf519c9 smokeping service: Fix permissions in $smokepingHome
In the prestart config of the smokeping service, smokeping is executed
initially. This happens as the user root and writes some files to
$smokepingHome, which can't be overwritten by the smokeping user. This
gives an error message.

I fixed this by moving the chown step after the initial smokeping runs,
so that it also affects the generated files.
2016-11-02 13:18:57 +01:00
Ruben Maher
08d7fbb42d
matrix-synapse: Allow keys to be generated
The matrix-synapse user has `createHome = true;` which runs before the
`preStart` script, so the home directory will always exist and the block
will never execute.

Also don't include default path to keys in the configuration file,
because synapse will choke if it tries to open them before they
exist (even with `--generate-keys`).
2016-11-02 10:10:46 +01:00
romildo
a25e6bc8db lumina: init at 1.1.0-p1 2016-11-01 17:06:39 -02:00
Tim Steinbach
96e462cbe1 Merge pull request #19963 from groxxda/mpich
mpich: remove unused test
2016-11-01 09:22:37 -04:00
Edward Tjörnhammar
f7ad0c0fd5 Merge pull request #19675 from edwtjo/dictd-touchup
Dictd touchup
2016-10-31 13:08:57 +01:00
Jörg Thalheim
08ebb422c5
adb: init module 2016-10-31 11:30:07 +01:00
Aneesh Agrawal
3d99eea852 docs: use overrideAttrs instead of overrideDerivation 2016-10-30 14:34:40 -04:00
sternenseemann
e2372502d3 netcat: make netcat-openbsd the default netcat (#19411)
The motivation for this change is the following: As gnu-netcat,
e. g. does not support ipv6, it is not suitable as default netcat.

This commit also fixes all obvious build issues caused by this change.
2016-10-30 15:06:04 +01:00
Aristid Breitkreuz
db537ed87d opensmtpd service: fix evaluation error caused by Joachim's refactoring 2016-10-30 11:34:16 +01:00
Timofei Kushnir
faa6f9b6b3 grsecurity: fix 'isYes' and 'isNo' 2016-10-29 14:26:06 +03:00
Alexander Ried
bb8b48c794 mpich: remove unused test 2016-10-29 07:33:28 +02:00
Joachim Fasting
420cf50838
dnscrypt-proxy module: minor config example tweaks
- Indentation
- unbound automatically handles local forward addresses
2016-10-29 03:04:00 +02:00
Joachim Fasting
d198e474a8
dnscrypt-proxy service: remove use of mkEnableOption 2016-10-29 03:03:50 +02:00
aszlig
3d4b6257d6
nixos/stage1: Fix local keyword outside function
Thanks to @NeQuissimus in a5c1985fef for
updating busybox, which since version 1.25 doesn't allow local variables
outside of functions anymore (which is the desired behaviour).

See the following upstream commit of busybox which is the change that
let's this problem surface:

https://git.busybox.net/busybox/commit/?id=ef2386b80abfb22ccb697ddbdd4047aacc395c50

So this has been an error I've made on my end in
67223ee205, because I originally had a
function for killing the processes but desired to inline it because it's
only used in one place.

This fixes the boot-stage1 NixOS test.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-10-28 22:50:44 +02:00
Joachim Fasting
6977b94e9b
Revert "xserverArgs fuckup"
This reverts commit c2922a9157.

See https://github.com/NixOS/nixpkgs/issues/19930

While the above commit is designed to allow GDM to work, it appears to
break other use cases.  In particular, it breaks tests involving X
usage (e.g., i3wm[1] and firefox[2]), which makes it difficult to assess
the impact of other changes and so hampers development of unrelated
features.

https://hydra.nixos.org/build/42852015
https://hydra.nixos.org/build/42851666
2016-10-28 19:30:12 +02:00
Joachim F
1da6dd3eee Merge pull request #19875 from joachifm/cjdns-for-upstream
Cjdns module enhancments
2016-10-28 13:01:58 +02:00
Joachim Fasting
8180922d23 cjdns service: refactor cjdns hosts builder
The old version would export two lists to a bash builder and do pairwise
processing on the bash side.  In the new version we instead generate a
logic free builder on the Nix side. This is not only conceptually
simpler but reduces the amount of code and intermediate values.
2016-10-27 14:15:54 +02:00
Joachim Fasting
9654e09b5a cjdns service: ensure that generated passwd has requested length
`head -cNUM ... | tr -dc SET` might generate output containing fewer
than NUM characters.  Given the limited alphabet, this could result in a
fairly weak passphrase. The construction `tr </dev/urandom | head
-cNUM`, however, is sure to give us the full `NUM`.
2016-10-27 14:15:53 +02:00
Joachim Fasting
e94bd6f31d cjdns service: protect /home and /tmp 2016-10-27 14:15:52 +02:00
Joachim Fasting
5fba586650 cjdns service: better types
- types.string -> str, string is deprecated
- change type of confFile option to nullOr path, makes more sense
2016-10-27 14:15:52 +02:00
Joachim Fasting
afe67f28a3 cjdns service: use cfg.enable shortcut 2016-10-27 14:15:51 +02:00
Joachim Fasting
79d216b8f4 cjdns service: whitespace cleanup 2016-10-27 14:15:51 +02:00
Joachim F
371a595f3c Merge pull request #19874 from joachifm/opensmtpd-refactorings
Opensmtpd module refactorings
2016-10-27 13:39:09 +02:00
Joachim F
709c6a6238 Merge pull request #19876 from joachifm/fix-virtualbox-test
virtualbox-{systemd-detect-virt,net-hostonlyif} test: fix dbus socket dir
2016-10-27 13:02:16 +02:00
Michał Pałka
fc3eed2cb0 xen service: fix wrong netmask handed out by xen-bridge.service
The dnsmasq instance run by the xen-bridge.service errorenously
hands out 172.16.0.0 as the netmask over DHCP to the VMs. This
commit removes the option responsible for that from dnsmasq.conf,
so that the proper netmask is inferred by dnsmasq instead.

Addresses https://github.com/NixOS/nixpkgs/issues/19883
2016-10-26 16:26:01 +00:00
Frederik Rietdijk
7077a270bf Merge remote-tracking branch 'upstream/master' into HEAD 2016-10-26 13:06:43 +02:00
Joachim Fasting
ab1e216942 opensmtpd service: remove redundant wants network.target
Already part of normal bootup.
2016-10-26 03:01:56 +02:00
Joachim Fasting
f24ffc4919 opensmtpd service: require serverConfiguration
If the daemon won't function without a valid config, it makes no sense
to default to an empty config.  Instead, turn that case into a build
failure.
2016-10-26 03:01:56 +02:00
Joachim Fasting
3851afc8eb opensmtpd service: path -> package for option procPackages 2016-10-26 03:01:56 +02:00
Joachim Fasting
946fe73b56 opensmtpd service: use explicit pkgs for consistency 2016-10-26 03:01:56 +02:00
Joachim Fasting
37afc5cda1 opensmtpd service: serviceConfiguration option as types.lines 2016-10-26 03:01:56 +02:00
Joachim Fasting
c86fe2224e virtualbox-{systemd-detect-virt,net-hostonlyif} test: fix dbus socket dir
The test complains[1][2] that

   Failed to start message bus: Failed to bind socket "/run/dbus/system_bus_socket": No such file or directory

In 639e5401ff, the dbus socket dir is set
to `/run/dbus`; in the test vm `/var/run/dbus` is used, but the standard
`/run -> /var/run` link is typically not created until stage 2 init, not
in the minimal init used here.  Thus, dbus fails to run within the test
environment .  Fix by changing `/var/run/dbus` to simply `/run/dbus`.

[1]: https://hydra.nixos.org/build/42534725
[2]: https://hydra.nixos.org/build/42523834
2016-10-26 03:00:54 +02:00
Bjørn Forsman
cd1b09af5d nixos/tftpd: change default dir from /home/tftp to /srv/tftp
/home is for real users. /srv is recommended by FHS (although there is
no consensus for what to name subdirs under /srv).
2016-10-25 17:20:52 +02:00
Bjørn Forsman
d03dbfcbb8 nixos/tftpd: mention that it runs as an xinetd service 2016-10-25 17:20:52 +02:00
Michał Pałka
9553928486 xen service: fix iptables race condition in xen-bridge.service
The calls to iptables in xen-bridge.service were missing the -w switch,
which caused them to fail if another script was calling iptables
at the same time. Fix it by adding the -w switch.

Addresses https://github.com/NixOS/nixpkgs/issues/19849 .
2016-10-25 07:55:22 +00:00
Domen Kožar
1622a21c68 Merge pull request #19453 from ryantrinkle/openfire-fix
openfire: fix service expression
2016-10-24 11:35:16 +02:00
Joachim F
bdc4397303 Merge pull request #19805 from joachifm/startAt-fixups
Fixup remaining uses of startAt
2016-10-23 20:39:53 +02:00
Emery Hemingway
7c6a4e6c35 nixos/octoprint: fixup extraConfig 2016-10-23 19:47:28 +02:00
Emery Hemingway
b675619391 nixos: use types.lines for extraConfig 2016-10-23 19:41:43 +02:00
Joachim Fasting
4c41c412a0
nix gc service: fix use of startAt
`startAt = ""` as in `startAt = optionalString false ...` results
in an invalid timer unit (due to "" being promoted to a singleton
list and not filtered out).

Ref: c9941c4b5e
2016-10-23 17:56:49 +02:00
Joachim Fasting
645ff13a4b
nixos autoUpgrade: fix use of startAt
`startAt = ""` as in `startAt = optionalString false ...` results
in an invalid timer unit (due to "" being promoted to a singleton
list and not filtered out).

Ref: c9941c4b5e
2016-10-23 17:56:39 +02:00
Jörg Thalheim
eb3f23d9ba
openldap: apply correct type for configDir
null is not a path
2016-10-23 16:00:22 +02:00
Luca Bruno
202cd28edb Merge pull request #19795 from womfoo/fix/openldap-configDir
openldap: set configDir as null
2016-10-23 14:35:37 +01:00
Kranium Gikos Mendoza
1e3f622dbd openldap: set configDir as null
fixes an error #19794 with this new option f3404b7 when using plain configuration files
2016-10-23 11:55:23 +00:00
José Romildo Malaquias
8b7e3c3537 oblogout: init at 2009-11-18 2016-10-23 11:45:30 +02:00
Bram Duvigneau
f1d45add3b brltty: 5.2 -> 5.4 2016-10-22 22:03:45 +00:00
Jörg Thalheim
fba9d231b4 Merge pull request #17394 from schneefux/znc-module
ZNC: 1.6.2 -> 1.6.3, push 2015-12-07 -> 2016-07-28, module refactor
2016-10-22 19:58:24 +02:00
Alexander Ried
459da7b86e gnome3: default to 3.22 (#19743)
* gnome3: default to 3.22

* zuki-themes: add src for gnome 3.22, remove 3.18

* gnome3_22.vte_290: copy from gnome3.20

* termite: use vte-select-text from gnome3_20
2016-10-22 19:54:20 +02:00
Jörg Thalheim
4bb91b315d Merge pull request #19601 from Hinidu/fix/neo4j-update-3
neo4j: 2.1.3 -> 3.0.6
2016-10-22 19:49:37 +02:00
Jörg Thalheim
fafe3ec40a Merge pull request #19624 from bjornfor/improve-atftpd-service
nixos/atftpd: various improvements
2016-10-22 18:08:53 +02:00
Frederik Rietdijk
e56832d730 Merge remote-tracking branch 'upstream/master' into HEAD 2016-10-22 17:23:24 +02:00
obadz
cf94cdb59b lightdm module: require accounts daemon module 2016-10-22 14:46:00 +01:00
schneefux
ee42e000dd
znc module: refactor 2016-10-22 13:52:20 +02:00
Jörg Thalheim
b0c38f450f Merge pull request #19347 from cedeel/bspwm-git
bspwm-unstable: init at 2016-09-30
2016-10-22 11:49:24 +02:00
Jörg Thalheim
6f99aa9a7e Merge pull request #19289 from DerTim1/openldap-add-configDir-option
openldap: add configDir option
2016-10-22 09:33:15 +02:00
Jörg Thalheim
20383d2606 Merge pull request #19635 from nhooyr/sshgen
sshd: separate key generation into another service
2016-10-21 23:40:16 +02:00
uwap
42e93b5f2a quassel-webserver: init at 2.1.1 2016-10-21 23:31:50 +02:00
Eelco Dolstra
e6088f77be initrd: Include i8042 kernel module
For some reason, between Linux 4.4.19 and 4.4.20, the atkbd and libps2
kernel modules lost their dependency on i8042 in modules.dep, causing
i8042 not to be included in the initrd. This breaks keyboard in the
initrd, in turn breaking LUKS.

This only happens on the 16.03 branch; on 16.09, it appears i8042 is
pulled into the initrd anyway (through some other dependency,
presumably). But let's include it explicitly.

http://hydra.nixos.org/build/40468431
2016-10-21 14:27:11 +02:00
Domen Kožar
41c490b75e acme: we do want to support ipv4 afterall 2016-10-21 13:25:11 +02:00
Domen Kožar
d8f21b3ca3 acme: provide full nginx example
(cherry picked from commit 2af7382f76a6523f1220637b3ec49ad25a02b040)
Signed-off-by: Domen Kožar <domen@dev.si>
2016-10-21 13:19:04 +02:00
Anmol Sethi
1a74eedd07 sshd: separate key generation into another service
Fixes #19589
2016-10-20 23:14:37 -04:00
Joachim F
858f54dd88 Merge pull request #19664 from eqyiel/revert-19591-master
Revert "matrix-synapse: Pass required --report-stats opt"
2016-10-21 01:47:12 +02:00
Tim Steinbach
99d9d32899 Merge pull request #19668 from groxxda/timers
systemd.timers: automatically convert string to list
2016-10-20 17:37:28 -04:00
Vladimír Čunát
4d5b893002 Merge #19081: gnome-3.22
Also master commits are brought in.
2016-10-20 23:04:10 +02:00
Tim Steinbach
0cbc4551ed Merge pull request #19729 from groxxda/supplicant
supplicants: fix wants and wantedBy
2016-10-20 16:39:59 -04:00
Jörg Thalheim
5f886fb8cb Merge pull request #19262 from chris-martin/riemann-health-ps
Fix riemann-health service (add missing procps dependency)
2016-10-20 22:11:43 +02:00
Alexander Ried
57d9c69c6a supplicant: fix wants and wantedBy 2016-10-20 20:17:17 +02:00
Tim Steinbach
42093f3592 Merge pull request #19722 from ericsagnes/feat/nspawn-optionSet
nspawn module: optionSet -> submodule
2016-10-20 12:45:25 -04:00
Eric Sagnes
87318e9820 nspawn module: optionSet -> submodule 2016-10-21 01:31:54 +09:00
Eelco Dolstra
e6bcff4d53 display-manager: Require systemd-udev-settle.service
It was already ordered after systemd-udev-settle.service, but that
doesn't do anything if no other units require
systemd-udev-settle.service. This was causing random failures during X
server startup, e.g.

machine# [   12.691372] display-manager[607]: (EE) open /dev/dri/card0: No such file or directory

http://hydra.nixos.org/build/41062823
2016-10-20 17:49:40 +02:00
Robin Gloster
d05d063572
nginx: set correct acme permissions 2016-10-20 11:18:25 +02:00
Robin Gloster
c2eb39faba
gitlab: start sidekiq when starting gitlab 2016-10-20 11:18:21 +02:00
Peter Hoeg
1026bebee6
syncthing: use service files from upstream
Currently only for the user services as NixOS handles the named system
instances slightly differently.

syncthing and syncthing-inotify are done the same way.

There are 4 parts to this:

 1) Copy in the upstream unit files
 2) Make the nixos module use the definition from upstream
 3) Enable restarting of all instances (system and user) on resume
 4) Allow the traffic in the firewall on default ports if wanted

fixes #18973
2016-10-19 21:20:57 +02:00
Ryan Trinkle
928341132e openfire: fix service expression
openfire is not in scope
2016-10-19 11:06:07 -04:00
Edward Tjörnhammar
eacb020a0c
nixos: dictd, make wiktionary and wordnet default dicts 2016-10-19 08:43:30 +02:00
Edward Tjörnhammar
642366d103
nixos: dictd config location; bind to cfg 2016-10-19 08:43:30 +02:00
Alexander Ried
8bb4fc1039 systemd.timers: filter timers with empty startAt 2016-10-19 02:22:12 +02:00
Alexander Ried
89ef1a1756 nix-optimise module: fix startAt 2016-10-19 02:22:12 +02:00
Alexander Ried
c9941c4b5e systemd.timers.startOn: automatically convert string to list 2016-10-19 02:22:12 +02:00
Ruben Maher
2e0d0af1c8 Revert "matrix-synapse: Pass required --report-stats opt" 2016-10-19 08:28:38 +10:30
Bjørn Forsman
f3876cbba0 nixos/atftpd: various improvements
* Add extraOptions option, to pass arbitrary command line options to
  atftp. Especially useful to specify which address to bind to
  (--bind-addres ...).
* Improve descriptions (fix a typo, document default bind address,
  don't repeat service name in systemd description + capitalize)
* Change default server directory from /var/empty to /srv/tftp, and
  change types.str to types.path.
2016-10-17 16:20:24 +02:00
Nikolay Amiantov
0842bc94e5 cachefilesd service: init 2016-10-16 19:58:33 +03:00
Bjørn Forsman
8cbdd9d0c2 nixos/release-notes: move "PHP config-file-scan-dir" from 16.09 to 17.03
Commits

  351d12437 ("nixos/release-notes: PHP config-file-scan-dir /etc -> /etc/php.d")
  41c8aa8d6 ("php: change config-file-scan-dir from /etc to /etc/php.d")

were merged to master _after_ NixOS 16.09. Commit 351d12437 then wrongly
updated the NixSO 16.09 release notes. Fix by moving the entry to NixOS
17.03.
2016-10-16 17:21:24 +02:00
Pavel Platto
b835446563 neo4j: 2.1.3 -> 3.0.6 2016-10-16 17:11:05 +02:00
Ruben Maher
443d833947 matrix-synapse: Pass required --report-stats opt 2016-10-16 18:12:54 +10:30
Chris Darnell
137ce58317 bspwm-unstable: init at 2016-09-30 2016-10-16 01:28:11 -04:00
Graham Christensen
31b286467c
hound: Add description to services.hound.config 2016-10-15 19:09:33 -04:00
Benno Fünfstück
796264a708 nixos/avahi: use more upstream-like systemd units
The new units mirror the upstream systemd units as closely as possible.
I could not find a reason why the service would need to be restarted on
resuming from suspend, and the upstream units also do not contain such a
restriction, so I removed the `partOf = [ "post-resume.target"]`.
This fixes #19525.
2016-10-15 22:51:39 +02:00
Alexander Ried
4094d63dea NetworkManager-strongswan: init at 1.4.0 2016-10-15 20:32:16 +02:00
Alexander Ried
c2922a9157 xserverArgs fuckup
gnome-x-session provides good defaults which we really should not
override.
We have to add assertions to gdm.nix if the user specified one of those.

enableTCP must be configured through a gnome setting

dunno why we have terminate but it probably breaks stuff

We should expose configFile so we can use it from gdm module.
2016-10-15 20:32:14 +02:00
Alexander Ried
56d24b8e1d gdm module: enable user dbus session 2016-10-15 20:32:14 +02:00
Alexander Ried
a5aa926902 gdm module: only make xserver args overrideable 2016-10-15 20:32:14 +02:00
Alexander Ried
5125161a77 gnome3_22.gnome-session: lookup of gnome-settings-daemon.desktop 2016-10-15 20:32:14 +02:00
Alexander Ried
50adbbe65c displayManager.gdm: only gnome-session needs to be on path 2016-10-15 20:32:12 +02:00
Alexander Ried
e8ade4ff78 gnome3.gvfs module: make systemd services available 2016-10-15 20:32:12 +02:00
Alexander Ried
38212f6a0f gnome3.tracker module: add self to systemd path
fixes GDBus.Error:org.freedesktop.systemd1.NoSuchUnit: Unit
tracker-store.service not found. - indexing for (null) will not work
2016-10-15 20:32:12 +02:00
Alexander Ried
47dc33ded2 gnome3.evolution-data-server module: add self to systemd path 2016-10-15 20:32:12 +02:00
Alexander Ried
6457d1bbe3 gnome3.gnome-terminal-server: init module
since gnome3.22 gnome-terminal uses a systemd service for it's backend
server.
2016-10-15 20:32:12 +02:00
Graham Christensen
fbadf2da23 Merge pull request #19498 from grahamc/hound
Initialize Hound package / module
2016-10-15 13:56:24 -04:00
Graham Christensen
6c7a605714
hound: init module 2016-10-15 13:54:59 -04:00
Alexander Ried
d91365d714 audit module: only enable service if kernel has audit (#19569) 2016-10-15 16:03:41 +02:00
romildo
0efba3b99c qlipper: init at 2016-09-26 2016-10-15 07:46:12 -03:00
romildo
0f78fcec7a
screengrab: init at 2016-02-24
fixes #19561
2016-10-15 12:10:16 +02:00
Frederik Rietdijk
cffdffe1f6 Merge pull request #19309 from FRidh/outputs
Python: use separate output for tkinter
2016-10-13 10:40:14 +02:00
Vladimír Čunát
727fc259d6 Merge branch 'master' into staging 2016-10-13 09:53:16 +02:00
Vladimír Čunát
54a76b3f5d release-notes: fixup bad conflict resolution in bef6bef
/cc #19324.
2016-10-13 09:49:47 +02:00
Frederik Rietdijk
ad33e71c55 Merge pull request #19490 from regnat/taskserver
taskserver : use pythonPackage.buildPythonPackage
2016-10-12 18:24:43 +02:00
regnat
f697486122 taskserver : use pythonPackage.buildPythonPackage 2016-10-12 18:09:13 +02:00
Arseniy Seroka
ce3624f6b4 Merge pull request #19438 from primeos/vim-service
vim module: init
2016-10-12 16:30:43 +03:00
Robin Gloster
dabcd7d4c8 dockerRegistry module: re-init with new underlying software 2016-10-12 14:05:09 +02:00
Robin Gloster
a0e791a14c errbot module: init 2016-10-12 13:17:46 +02:00
Franz Pletz
1749e86577 crowd module: init 2016-10-12 13:17:24 +02:00