Commit Graph

16078 Commits

Author SHA1 Message Date
worldofpeace
7651fcfe48 nixosTests.gnome3: wait_for_wayland at login
This prevents the default.target check from just failing.
Blaming it on using systemctl in wait_for_unit (and it's particularly
buggy for user units).
2020-01-30 17:51:01 -05:00
worldofpeace
9888b30924 nixosTests.gnome3: port to python 2020-01-30 17:51:00 -05:00
worldofpeace
ee2d307ef7
Merge pull request #78841 from worldofpeace/fix-typo-rl2003
rl-2003: fix typo
2020-01-30 17:49:21 -05:00
lewo
86f8732194
Merge pull request #78834 from nlewo/fix-two-layers-image
Fix dockerTools.buildLayerImage with 2 layers
2020-01-30 21:10:52 +01:00
Antoine Eiche
283bcc1003 dockerTools.buildLayeredImage: fix image with only 2 layers
A test is also added to ensure an image with 2 layers can be built.
2020-01-30 21:09:44 +01:00
Aaron Andersen
28c815e34b nixos/duosec: fix configuration issue with "groups" option 2020-01-30 14:16:17 -05:00
Jörg Thalheim
4fa2d4b5c3
nixos/restic: use optionalString/optionalAttrs where possible 2020-01-30 17:07:21 +00:00
Matt McHenry
1c9684abd6
restic: add dynamicFilesFrom 2020-01-30 17:00:10 +00:00
Matt McHenry
c6994e90dc
restic: add support for pruning 2020-01-30 16:59:34 +00:00
Silvan Mosberger
2118cddc82
nixos/freeswitch: init (#76821)
nixos/freeswitch: init
2020-01-30 16:45:47 +01:00
misuzu
0a43e431ca nixos/freeswitch: init 2020-01-30 17:16:49 +02:00
Jörg Thalheim
8a14852fd3
nixos/lxd: add package options for LXC, LXD and ZFS (#73902)
nixos/lxd: add package options for LXC, LXD and ZFS
2020-01-30 14:51:12 +00:00
Jörg Thalheim
ccb3846596
lxd: also use default text for other package options 2020-01-30 14:26:54 +00:00
Silvan Mosberger
32718c9992
VictoriaMetrics: init at v1.32.5, add module, tests (#78038)
VictoriaMetrics: init at v1.32.5, add module, tests
2020-01-30 14:02:42 +01:00
Jörg Thalheim
d72905c58b
Merge pull request #78615 from msteen/bitwarden_rs
bitwarden_rs: 1.9.1 -> 1.13.1
2020-01-30 11:02:48 +00:00
worldofpeace
1be8ee98f5 rl-2003: fix typo
networkd on your mind 😜
2020-01-30 05:50:03 -05:00
worldofpeace
1687c355e7 nixos/doc/xfce: claiify where xfce packages are 2020-01-30 05:44:02 -05:00
worldofpeace
251f0eb90a nixos/doc/xfce: mention thunar plugins 2020-01-30 05:43:14 -05:00
worldofpeace
c5108e541d nixos/doc/xfce: remove thunar volume mention
This doesn't even make sense.
2020-01-30 05:36:51 -05:00
worldofpeace
dd229f425e nixos/doc/xfce: drop polkit mention
We install a polkit agent automatically no
2020-01-30 05:36:14 -05:00
worldofpeace
b46a1b5dec
Merge pull request #78241 from andrew-d/andrew/systemd-tests-python
nixosTests.systemd: port to Python
2020-01-30 03:10:39 -05:00
Aaron Andersen
596e0fcb39
Merge pull request #76583 from aanderse/httpd-locations
nixos/httpd: add locations option to virtualHosts
2020-01-29 21:01:35 -05:00
Alyssa Ross
85a9743f13 spamassassin: use /etc/mail/spamassassin for config
Using a custom path in the Nix store meant that users of the module
couldn't add their own config files, which is a desirable feature.  I
don't think avoiding /etc buys us anything.
2020-01-30 00:47:10 +00:00
worldofpeace
c95612a5a2 nixos/display-managers/auto: remove
This module allows root autoLogin, so we would break that for users, but
they shouldn't be using it anyways. This gives the impression like auto
is some special display manager, when it's just lightdm and special pam
rules to allow root autoLogin. It was created for NixOS's testing
so I believe this is where it belongs.
2020-01-29 19:05:46 -05:00
Aaron Andersen
7adffb14cd
Merge pull request #78419 from utsl42/fix-unifi-install
nixos/unifi: use systemd tmpfiles instead of preStart
2020-01-29 18:55:57 -05:00
worldofpeace
c693bd142c
Merge pull request #78745 from bene1618/dhcpcd
nixos/dhcpcd: Add option for dhcpcd waiting behaviour
2020-01-29 18:08:20 -05:00
Izorkin
96e2669114 nixos/fail2ban: enable sandboxing 2020-01-29 23:15:56 +03:00
Izorkin
f1d7dfe29f nixos/fail2ban: add custom options 2020-01-29 23:15:56 +03:00
Izorkin
a55be8d794 nixos/fail2ban: update serviceConfig 2020-01-29 23:15:56 +03:00
Izorkin
182012ef43 nixos/fail2ban: add options to enable work service with iptables-compat 2020-01-29 23:15:56 +03:00
Izorkin
68d601d65c nixos/fail2ban: clean-up configuration 2020-01-29 23:15:56 +03:00
Yorick van Pelt
4b7d28b0f9
victoriametrics: add module, tests 2020-01-29 19:52:14 +01:00
Maximilian Bosch
c55809e256
Merge pull request #77985 from Ma27/drop-old-gcc
gcc: remove versions 4.9 and 5
2020-01-29 09:37:47 +01:00
Mario Rodas
deedf24c88
Merge pull request #75922 from tadfisher/kbfs-fixes
kbfs, nixos/keybase, nixos/kbfs: fix KBFS, add enableRedirector option
2020-01-28 19:13:40 -05:00
worldofpeace
138c94c75c
Merge pull request #77408 from petabyteboy/feature/geary-module
nixos/geary: init
2020-01-28 18:45:45 -05:00
Jörg Thalheim
6464a3b455
nixos: home-assistant: can dial out (#78009)
nixos: home-assistant: can dial out
2020-01-28 23:03:57 +00:00
Yorick
508343962e nixos/docker-containers: add imageFile and dependsOn options
- the `imageFile` option allows to load an image from a derivation
- the  `dependsOn` option can be used to specify dependencies between container systemd units.

Co-authored-by: Christian Höppner <mkaito@users.noreply.github.com>
2020-01-28 22:00:54 +01:00
Maximilian Bosch
dd583e7f12
nixos/release-notes: document gcc5 removal 2020-01-28 20:23:53 +01:00
Matthijs Steen
44dff89215 bitwarden_rs: 1.9.1 -> 1.13.1 2020-01-28 17:26:49 +01:00
Silvan Mosberger
766b78841f
Don't set background to black if ~/.background-image not prese… (#78346)
Don't set background to black if ~/.background-image not present
2020-01-28 16:42:44 +01:00
Benedikt Hunger
0767de3dc8 nixos/dhcpcd: Add option for dhcpcd waiting behaviour 2020-01-28 12:52:19 +01:00
Maximilian Bosch
69d127cc81
citrix_workspace_19_3_0: mark as unsupported
Will be unsupported within the lifespan of 20.03. Also there aren't any
known issues that require this version as workaround, so a removal
should be fairly safe.
2020-01-28 11:40:20 +01:00
Sean Buckley
83c36ee797 nixos/bash: configure $LS_COLORS for interactive shells 2020-01-28 00:11:43 -05:00
Ryan Mulligan
288cfc7d2f
Merge pull request #78643 from petabyteboy/feature/alertmanager-startup
nixos/alertmanager: Fix startup
2020-01-27 20:14:37 -08:00
Matthew Bauer
3a7fe07e3c
Merge pull request #69057 from volth/ld-linux
add config.environment.ld-linux
2020-01-27 20:08:12 -05:00
Milan Pässler
9414f03d97 nixos/alertmanager: Fix startup
Fixed a problem with quotation marks introduced in commit
23d5d9bbe9 merged with #78358.
2020-01-28 00:34:37 +01:00
worldofpeace
0f2536f15b nixos/release: rename iso_graphical to iso_plasma5
And all the other things and paths to match it
2020-01-27 16:34:37 -05:00
Danylo Hlynskyi
31601a3844 nixos/doc: add a section mentioning GitHub team for nixos release managers (#78625)
* nixos/doc: add a section mentioning GitHub team for nixos release managers

This team should be kept up-to-date with each release.

Previously this info had to be grepped from appropriate Discourse thread.

Co-authored-by: worldofpeace <worldofpeace@protonmail.ch>
2020-01-27 15:31:22 -05:00
Silvan Mosberger
34f020053d
Merge pull request #78307 from blanky0230/nixos-tuxedo-keyboard
Nixos tuxedo keyboard
2020-01-27 18:38:09 +01:00
Silvan Mosberger
80a2740991
Merge pull request #78265 from Synthetica9/https-homepages
treewide: fix redirected urls
2020-01-27 15:00:53 +01:00
Andreas Brenk
36da345caa nixos/sshguard: use nftables backend if enabled
The current module assumes use of iptables and breaks if nftables is
used instead.

This change configures the correct backend based on the
config.networking.nftables.enable setting.
2020-01-27 14:42:28 +01:00
Jörg Thalheim
43f117537f
Merge pull request #78426 from Mic92/tmpfiles
nixos/systemd: add all systemd tmpfiles files
2020-01-27 09:55:50 +00:00
Marek Mahut
61dbbe4121
Merge pull request #77826 from mmahut/fido2luks
FIDO2 luks support
2020-01-27 08:27:30 +01:00
Alyssa Ross
e99ec699a4 nixos/bitlbee: don't assign list to users.groups
Warns about loaOf deprecation warning.
2020-01-27 02:51:02 +00:00
worldofpeace
839be38cca
Merge pull request #78555 from tfc/limesurvey-utf8
nixosTests.limesurvey: port to python and drop badly utf encoded characters
2020-01-26 19:09:31 -05:00
worldofpeace
92c91c0923
Merge pull request #77570 from thefloweringash/nixos-tests-ec2
nixos/tests/ec2: return to passing state
2020-01-26 19:04:54 -05:00
WilliButz
c2be816ca8
Merge pull request #78469 from eonpatapon/postfix-exporter
nixos/prometheus-postfix-exporter: fix typo
2020-01-26 18:10:07 +01:00
Jacek Galowicz
ee2acd6c6c nixosTests.proxy: Port to python 2020-01-26 17:12:03 +01:00
Jacek Galowicz
4df1df986d nixosTests.limesurvey: Port to python 2020-01-26 17:11:59 +01:00
Jacek Galowicz
f63ef280df nixosTests: Drop invalid utf characters in command output 2020-01-26 17:11:59 +01:00
Jean-Philippe Braun
a63f916b87 nixos/prometheus-postfix-exporter: fix typo 2020-01-26 17:00:35 +01:00
blanky0230
f2fea8894d nixos/tuxedo-keyboard: init module. 2020-01-26 09:24:09 +01:00
worldofpeace
4c81350689
Merge pull request #78421 from worldofpeace/upstream-session-xfce
nixos/xfce: use sessionPackages
2020-01-25 18:10:46 -05:00
Maximilian Bosch
a0fd819a4a
nixos/networkd: add test for VRF configurations 2020-01-25 17:38:15 +01:00
Maximilian Bosch
bc130855a7
nixos/networkd: add vrfConfig option to netdevs 2020-01-25 17:38:15 +01:00
Aaron Andersen
0e0b8f2feb
Merge pull request #77983 from aanderse/solr
solr: 8.4.0 -> 8.4.1
2020-01-25 11:11:13 -05:00
Marek Mahut
942568b8ea
Merge pull request #77830 from 1000101/dokuwiki
nixos/dokuwiki: init module
2020-01-25 10:08:14 +01:00
snicket2100
a5ab947003 irqbalance: systemd service config aligned with upstream
Aligned systemd service config with the definition in the upstream repo:
https://github.com/Irqbalance/irqbalance/blob/master/misc/irqbalance.service#L7.

Other than adding some level of sandboxing it also fixes the "Daemon
couldn't be bound to the file-based socket." warning reported on
irqbalance startup due to the fact that the "/run/irqbalance" directory
didn't exist. The "RuntimeDirectory" property makes sure it gets
created. The aforementioned warning didn't cause any problems I could
spot though.

I have verified that both `irqbalance` as well as `irqbalance-ui` work
fine with this new systemd service config.
2020-01-25 00:28:25 +01:00
lewo
adcbe7baeb
Merge pull request #78427 from serokell/yorickvp/vault-reload
nixos/vault: add ExecReload entry
2020-01-24 20:02:13 +01:00
Yorick van Pelt
15e98e7428
nixos/vault: add ExecReload entry 2020-01-24 18:59:13 +01:00
Silvan Mosberger
342bc51089
Merge pull request #78358 from serokell/yorickvp/alertmanager-secret
nixos/alertmanager: add environmentFile, envsubst for secrets
2020-01-24 18:48:59 +01:00
Jörg Thalheim
3ef5115963
nixos/systemd: add all systemd tmpfiles files
Especially tmp.conf is important to create /tmp and /var/tmp with the correct
permissions.
2020-01-24 17:20:54 +00:00
Yorick van Pelt
ed6e4a936c
nixos/alertmanager: provide example of envsubst usage 2020-01-24 18:07:24 +01:00
edef
bfe1c69ede nixos/gnupg: actually use the configured gpg package
Previously, this would ignore the `package` option if `pinentryFlavor`
was set.
2020-01-24 15:54:57 +00:00
worldofpeace
966e56cdfb nixos/xfce: use sessionPackages 2020-01-24 10:47:55 -05:00
Nathan Hawkins
b0208cb80f nixos/unifi: use systemd tmpfiles instead of preStart 2020-01-24 10:06:29 -05:00
Franz Pletz
402b97fa1e
Merge pull request #78058 from mayflower/nixos/version-gitdir-symlink
nixos/version: fix case where .git is a symlink
2020-01-24 14:58:31 +00:00
Jan Hrnko
8bab2dec10 nixos/dokuwiki: init module at 2018-04-22b 2020-01-24 13:27:10 +01:00
Aaron Andersen
ae9980040f nixos/httpd: add services.httpd.virtualHosts.<name>.locations option to match nginx 2020-01-23 21:03:15 -05:00
Jörg Thalheim
2685806371
nixos/kresd: add listenDoH option 2020-01-23 23:22:37 +00:00
Jörg Thalheim
bfa278ee5a
nixos/knot: set defaultText for package option
the package attributes looks nicer in the manual
2020-01-23 23:17:04 +00:00
Silvan Mosberger
3a4e550944
nixos/amazon-init.nix: add git/tar/gz, fix AMI configuration (#78363)
nixos/amazon-init.nix: add git/tar/gz, fix AMI configuration
2020-01-23 23:05:27 +01:00
Aaron Andersen
b8cf3411d9
Merge pull request #78378 from Izorkin/unit-fix
nixos/unit: fix attrs
2020-01-23 15:46:23 -05:00
Profpatsch
166d8247d0 modules/at-spi2-core: add debugging help to description
This makes the error message greppable.
2020-01-23 19:31:05 +01:00
Izorkin
f2c9bcf009 nixos/unit: fix attrs 2020-01-23 20:40:49 +03:00
Michael Weiss
5a4b93e33c
Merge pull request #76787 from primeos/sway
sway: 1.2 -> 1.4, wlroots: 0.8.1 -> 0.10.0
2020-01-23 14:19:59 +01:00
Christian Höppner
4da3513960
Pass on nixos configuration to amazonImage 2020-01-23 14:16:25 +01:00
Christian Höppner
94899871b8
nixos/amazon-init.nix: Add gzip to amazon-init path 2020-01-23 14:15:26 +01:00
Christian Höppner
6d68699809
nixos/amazon-init.nix: Add gnutar to amazon-init PATH 2020-01-23 14:15:25 +01:00
Christian Höppner
52d5ce38fb
nixos/amazon-init.nix: add git to amazon-init script PATH 2020-01-23 14:15:18 +01:00
Yorick van Pelt
23d5d9bbe9
nixos/alertmanager: add environmentFile, envsubst for secrets 2020-01-23 13:51:00 +01:00
Silvan Mosberger
78d83650df
nixos/desktop-manager: Don't fall back to black background
Previously if ~/.background-image wasn't present, the background would
be set to black, which would override what the user could
set in e.g. services.xserver.windowManager.i3.extraSessionCommands
2020-01-23 05:01:39 +01:00
Silvan Mosberger
a149202c5a
nixos/docs: Fix nixos-install --system command (#77719)
nixos/docs: Fix nixos-install --system command
2020-01-23 03:39:38 +01:00
Silvan Mosberger
7a7b8d904b
nixos/desktop-managers: Remove needBGPackages thing
This value isn't used since 71a8dbb956
2020-01-23 02:35:01 +01:00
Andrew Dunham
2c9bff9f6f nixosTests.systemd: port to Python 2020-01-22 16:11:15 -08:00
Graham Christensen
ebb644a980
Merge pull request #76585 from serokell/mkaito/amazon-userdata-multiple-channels
virtualization/amazon-init: log multiple nix channels, fix nix path.
2020-01-22 19:02:44 -05:00
Maximilian Bosch
2d9e51adc3
Merge pull request #77532 from symphorien/roundcube
nixos/roundcube: security improvements
2020-01-22 21:58:25 +01:00
Michael Weiss
e99b32d27f
nixos/sway: Install the new default terminal emulator
The default changed in Sway 1.3 from rxvt_unicode to alacritty. For
backward compatibility we'll install both terminal emulators by default.
2020-01-22 21:38:01 +01:00
Marek Mahut
c4d75cbb0c boot.initrd.luks: adding a warning when using FIDO2 with kernel ≤ 5.4 2020-01-22 16:00:40 +01:00
Patrick Hilhorst
593e11fd94
treewide: fix redirected urls
According to https://repology.org/repository/nix_unstable/problems, we have a
lot of packages that have http links that redirect to https as their homepage.
This commit updates all these packages to use the https links as their
homepage.

The following script was used to make these updates:

```

curl https://repology.org/api/v1/repository/nix_unstable/problems \
    | jq '.[] | .problem' -r \
    | rg 'Homepage link "(.+)" is a permanent redirect to "(.+)" and should be updated' --replace 's@$1@$2@' \
    | sort | uniq > script.sed

find -name '*.nix' | xargs -P4 -- sed -f script.sed -i
```
2020-01-22 11:26:22 +01:00
Matt Layher
50c661c447 nixos/corerad: update test for new configuration 2020-01-22 01:19:35 -08:00
Marek Mahut
a5798cf78e rl-2003.xml: adding note about FIDO2 luks 2020-01-22 08:38:16 +01:00
Marek Mahut
b02d479323 doc: FIDO2 luks file system 2020-01-22 08:38:16 +01:00
Marek Mahut
dea2fe9f39 boot.initrd.luks: Adding FIDO2 support 2020-01-22 08:38:16 +01:00
Florian Klink
dea2d64c35
Merge pull request #78134 from NinjaTrappeur/nin-harden-syncthing
nixos/syncthing.nix: Sandbox the systemd service.
2020-01-21 22:30:04 +01:00
Florian Klink
a3d67f417e
Merge pull request #77665 from zaninime/ifxfrm
systemd-networkd: add configuration for XFRM interfaces
2020-01-21 22:14:53 +01:00
Florian Klink
0daae2e08c nixos/buildkite: drop user option (#78160)
* nixos/buildkite: drop user option

This reverts 8c6b1c3eaa.

Turns out, buildkite-agent has logic to write .ssh/known_hosts files and
only really works when $HOME and the user homedir are in sync.

On top of that, we provision ssh keys in /var/lib/buildkite-agent, which
doesn't work if that other users' homedir points elsewhere (we can cheat
by setting $HOME, but then getent and $HOME provide conflicting
results).

So after all, it's better to only run the system-wide buildkite agent as
the "buildkite-agent" user only - if one wants to run buildkite as
different users, systemd user services might be a better fit.

* nixosTests.buildkite-agent: add node with separate user and no ssh key
2020-01-21 13:21:57 +00:00
zimbatm
ab10bac1b1
nixos-rebuild: fix the maybeSudo usage
* properly expand the command using arrays instead of strings
* also handle sudo on the localhost
2020-01-21 13:17:38 +01:00
zimbatm
93204f1d8a
nixos/matterbridge: fix package access
was broken by 4371ecb8a6 due to the
switch to buildGoModule
2020-01-21 13:17:18 +01:00
zimbatm
b54c60b689
nixos/zerotierone: simplify the unit
There is no need to stop/start the unit when the machine is online or
offline.

This should fix the shutdown locking issues.

nixos zerotier: sometimes it doesn't shutdown
2020-01-21 13:14:38 +01:00
Jörg Thalheim
71c19d3efa
Merge pull request #76537 from Izorkin/unit
unit: 1.13.0 -> 1.14.0
2020-01-21 11:39:41 +00:00
worldofpeace
348e48fdcc
Merge pull request #78004 from worldofpeace/mtrack-remove
nixos/multitouch: remove (properly known as mtrack)
2020-01-20 17:07:59 -05:00
Silvan Mosberger
3929a0fbca
nixos/traceroute: init (#77953)
nixos/traceroute: init
2020-01-20 22:32:33 +01:00
worldofpeace
afe27e517b nixos/multitouch: remove
On numerous occasions I have seen users mistake this
module as libinput because it being called "multitouch"
and them being unaware that the actually module they want
is libinput. They then run into several decrepit bugs due
to the completely out-of-date nature of the underlying package.
The underlying package hasn't been changed to an up-to-date
fork in a period of 8 years. I don't consider this to be production quality.
However, I'm not opposed for the module being readded to NixOS
with new packaging, and a better name.
2020-01-20 16:09:29 -05:00
Félix Baylac-Jacqué
ff8f2928ee
nixos/syncthing.nix: Sandbox the systemd service.
Using systemd sandboxing features to harden the syncthing service.
2020-01-20 21:48:48 +01:00
zimbatm
e20de6b57a
Merge pull request #78045 from flokli/buildkite-agent-user-runtime-test
nixos/buildkite: add option to configure user, add nix-required packages to runtime, add test
2020-01-20 13:50:10 +00:00
Florian Klink
4b73d3c444 nixos/buildkite: make privateSshKeyPath optional
When only cloning public repos, or when the ssh key is provided by
different means, we don't need to manage it here.
2020-01-20 11:10:56 +01:00
Florian Klink
a208e6eb99 nixosTests.buildkite: add test 2020-01-20 10:30:24 +01:00
Florian Klink
70308a7daf nixos/buildkite-agent: add gnutar, gzip and git to runtimePackages
These are required for nix to do builtins.fetchTarball and
builtins.fetchGit, so most likely we want them to be around.
2020-01-20 10:30:24 +01:00
Florian Klink
7838f00824 nixos/buildkite: stop using deprecated option 2020-01-20 10:30:22 +01:00
Franz Pletz
46773a15b3
nixos/version: fix case where .git is a symlink
Before c9214c394b and
9d396d2e42 if .git is symlink the version
would gracefully default to no git revision. With those changes an
exception is thrown instead.

This introduces a new function `pathIsGitRepo` that checks if
`commitIdFromGitRepo` fails without error so we don't have to
reimplement this logic again and can fail gracefully.
2020-01-20 00:53:44 +01:00
Alexey Lebedeff
ed16f830b0 rabbitmq: make all dependencies explicit
Some things were provided by default, some by systemd unit and some
were just miraculously working. This turns them into explicit
dependencies of the package itself, making everything properly
overrideable.

+ providing glibcLocales fixes elixir compile warnings

+ providing systemd dependency allows rabbit to use systemctl for unit
  activation check instead of falling back to sleep. This was seen as
  a warning during startup.
2020-01-19 23:24:27 +01:00
Florian Klink
764aba4c1b
Merge pull request #77587 from singron/fix-shared
test-driver.py: Share the shared dir between VMs
2020-01-19 22:07:31 +01:00
Florian Klink
8c6b1c3eaa nixos/buildkite-agent: add "user" option
This allows buildkite-agent to run as another user.

It'll still run builds from /var/lib/buildkite-agent and setup things in
there.
2020-01-19 21:21:15 +01:00
Florian Klink
5ed3474ca5
Merge pull request #77540 from singron/fix-certmgr-test
nixos/tests/certmgr: Fix file permissions
2020-01-19 19:50:41 +01:00
Eric Culp
6795a4002c test-driver.py: Use /tmp/shared for copy_from_vm
The docstring says it uses a directory shared among all vms, although
that doesn't seem necessary for the functionality. However, it does need
to be consistent between the guest and host.
2020-01-19 10:33:46 -08:00
Lucas Savva
769fbf9254 nixos/acme: fix some descriptions, default acceptTerms to false 2020-01-19 18:24:04 +00:00
Florian Klink
eba10dcbcb
Merge pull request #77950 from flokli/buildkite-3
nixos/buildkite-agent: move to v3
2020-01-19 14:23:49 +01:00
Florian Klink
b32b29963f
Merge pull request #78018 from rnhmjoj/typo
nixos/unclutter: fix old typo
2020-01-19 14:19:32 +01:00
Markus S. Wamser
d4718f180b minidlna: provide configuration option for announce interval
Signed-off-by: Markus S. Wamser <github-dev@mail2013.wamser.eu>
2020-01-19 14:06:27 +01:00
rnhmjoj
bac3e6841b
nixos/unclutter: fix old typo 2020-01-19 10:09:12 +01:00
Cole Mickens
90d297c4cd nixos: home-assistant: can dial out 2020-01-19 00:03:44 -08:00
Antonio Nuno Monteiro
e2c11ad3c0 nixos/kubernetes: allow configuring cfssl API server SANs 2020-01-18 23:39:21 -08:00
Jan Tojnar
0a65c2b7e9
Merge pull request #77960 from jtojnar/declarative-check-modules
nixos/doc: suggest checking options for declarative package mgmt
2020-01-19 02:57:36 +01:00
worldofpeace
765afd38fa
Merge pull request #76985 from Elyhaka/gdm_hides_gnome
gdm: refactor to properly handle wayland sessions
2020-01-18 20:39:07 -05:00
worldofpeace
c6022f7abf nixos/gnome3: add gnome-shell to systemd.packages
This actually gets added via xdg.portal having gnome-shell.
However, that could change and it still for sure should be here.
2020-01-18 20:26:45 -05:00
worldofpeace
ffcfb80781
Merge pull request #77690 from gnidorah/way-cooler
way-cooler: Remove
2020-01-18 14:50:41 -05:00
Matthias Beyer
29bb16a9cd way-cooler: Remove
As of 2020-01-09, way-cooler is officially dead:

    http://way-cooler.org/blog/2020/01/09/way-cooler-post-mortem.html

hence, remove the package and the module.

Signed-off-by: Matthias Beyer <mail@beyermatthias.de>

docs/release-notes: remove way-cooler

way-cooler: show warnings about removal

Apply suggestions from code review

Co-Authored-By: worldofpeace <worldofpeace@protonmail.ch>

way-cooler: add suggestion by @Infinisil
2020-01-18 18:25:01 +03:00
Symphorien Gibol
b5d692e123 nixos/roundcube: provide path to mime.types file
fixes this warning:
WARNING: Mimetype to file extension mapping doesn't work properly!
2020-01-18 16:12:50 +01:00
Symphorien Gibol
b6e6bec57c nixos/roundcube: don't use the default and insecure des_key
The php installer creates a random one, but we bypass it, so we have
to create one ourselves.

This should be backward compatible as encryption is used for session
cookies only: users at the time of the upgrade will be logged out but
nothing more.

259b7fa065/config/config.inc.php.sample (L73)
2020-01-18 16:12:50 +01:00
Symphorien Gibol
52cf727a53 nixos/roundcube: do not write passwords to the store nor run php as root
If the database is local, use postgres peer authentication.
Otherwise, use a password file.

Leave database initialisation to postgresql.ensure*.
Leave /var/lib/roundcube creation to systemd.
Run php upgrade script as unpriviledged user.
2020-01-18 15:27:45 +01:00
Aaron Andersen
acd9e87ebe solr: drop 7.x series 2020-01-18 08:50:35 -05:00
Elyhaka
d18ac2bca1 gdm: refactor to properly handle wayland sessions 2020-01-18 10:56:11 +01:00
Jan Tojnar
6b3c3c817a
nixos/doc: suggest checking options for declarative package mgmt
Some programs might not work without systemd services registered or do not work at full capacity without NixOS module.
2020-01-18 02:17:36 +01:00
Florian Klink
b9182529b4 nixos/buildkite: add release notes 2020-01-17 23:11:26 +01:00
Florian Klink
63c310c07e nixos/buildkite-agent: change option meta-data into tags attrset
This is called tags in the buildkite 3.
2020-01-17 23:11:26 +01:00
volth
d5d1293fe3 nixos/traceroute: init 2020-01-17 21:28:54 +00:00
worldofpeace
b3c8534911
Merge pull request #77294 from worldofpeace/systemd-packages-duplicates
nixos/systemd-lib: don't fail on systemd.packages duplicates
2020-01-17 13:16:59 -05:00
Yorick van Pelt
e1ad9d1685 nixos/buildkite-agent: add a shell attribute to specify the shell being used
This gets passed to BUILDKITE_SHELL, which will specify the shell being
used to executes script in.

Defaults to `${pkgs.bash}/bin/bash -e -c`, matching how buildkite
behaves on other distros.
2020-01-17 18:40:11 +01:00
Florian Klink
99d0f4c380 nixos/buildkite-agent: tweak TimeoutStopSec and KillMode
This improves behaviour when the service is being stopped.
2020-01-17 18:40:11 +01:00
Florian Klink
9237767277 nixos/buildkite-agent: actually use services.buildkite-agent.package
We were currently just using pkgs.buildkite-agent, no matter what was
configured in services.buildkite-agent.package
2020-01-17 18:40:11 +01:00
Florian Klink
c154dd5101 nixos/buildkite-agent: stop deploying public keys, make ssh private key optional.
SSH public keys aren't needed to clone private repos, and if we only
need to configure a single attribute, there's no need for the "openssh"
attrset anymore.
2020-01-17 18:40:11 +01:00
Florian Klink
ed0b5b6133
Merge pull request #77662 from marijanp/verbose-python-test-driver
nixos/test: added verbose output for failed tests
2020-01-17 13:50:49 +01:00
Matt Layher
5089214a3d nixos/corerad: init 2020-01-16 12:38:36 -08:00
Maximilian Bosch
d77b68e487
nixos/liboping: add module
This creates setcap wrappers for oping and noping to allow unprivileged
users to use those as well.
2020-01-16 18:09:35 +01:00
Aaron Andersen
fc1bee555e
Merge pull request #75602 from vanyaklimenko/nginx-gitweb-more-options
nixos/nginx/gitweb: add some (crucial) options
2020-01-15 21:16:24 -05:00
Aaron Andersen
7260d2eb13
Merge pull request #77326 from aanderse/apacheHttpd
nixos/httpd: symlink apache configuration to /etc/httpd/httpd.conf for use in the apachectl command
2020-01-15 21:02:05 -05:00
volth
2bd296a7e9 runInLinuxVM, test-driver: pass host's cpu type to guest vm
'kvm64' is the most generic CPU, which does not support SSE4.2, AVX and other ISA extentions.
2020-01-15 23:35:00 +00:00
Mark Karpov
a8cdfd30ff
Make buildkite agent service compatible with buildkite-agent3 2020-01-15 17:16:44 +01:00
Lucas Savva
61665e3363 nixos/acme: ignore tmpfiles rules for null webroots 2020-01-15 09:17:11 +00:00
Nikola Knezevic
900e288d22 Enable elasticsearch-curator on elasticsearch 7
The current nixpkgs use elasticsearch-curator 5.8.1. As of version 5.7.0,
elasticsearch-curator supports elasticsearch 7, thus this change enables tests
with ES 7.
2020-01-15 10:12:19 +01:00
Bas van Dijk
b0b37569a7
Merge pull request #77669 from basvandijk/hydra-sync-buildMachinesFiles-with-upstream
hydra: only set buildMachinesFiles when nix.buildMachines is defined
2020-01-15 09:39:25 +01:00
Bas van Dijk
b517409c6b
Merge pull request #77668 from basvandijk/hydra-rm-option-build-use-substitutes
hydra: remove the build-use-substitutes option
2020-01-15 09:30:18 +01:00
Silvan Mosberger
241e9c10ba
nixos/docs: Fix nixos-install --system command 2020-01-15 05:39:12 +01:00
Florian Klink
4b4e59b18d
Merge pull request #77664 from tfc/transmission-torrent-test-fix
nixos/transmisison: Transmission torrent test fix
2020-01-15 00:58:31 +01:00
Erik Arvstedt
5bdb653baf test-driver.py: fix decoding of VM output
The codec format 'unicode_escape' was introduced in 52ee102 to handle
undecodable bytes in boot menus.

This made the problem worse as unicode chars outside of iso-8859-1
produce garbled output and valid utf-8 strings (such as "\x" ) trigger
decoding errors.

Fix this by using the default 'utf-8' codec and by explicitly ignoring
decoding errors.
2020-01-14 15:52:44 -08:00
Erik Arvstedt
caa435fd1d test-driver.py: specify coreutils dependency
Otherwise the driver script fails when coreutils are not in PATH.
2020-01-14 15:52:44 -08:00
Susan Potter
16fc4dd77d
nixos/doc+manual: update copyright year range end 2019->2020 2020-01-14 07:01:39 -06:00
Bas van Dijk
ad554b3e4e hydra: only set buildMachinesFiles when nix.buildMachines is defined
This applies [hydra PR #432](https://github.com/NixOS/hydra/pull/432)
to the NixOS module in nixpkgs:

```
commit 4efd078977e5ea20e1104783efc324cba11690bc
Author: Bas van Dijk <v.dijk.bas@gmail.com>
Date:   Sun Dec 11 15:35:38 2016 +0100

    Only set buildMachinesFiles when nix.buildMachines is defined
```
2020-01-14 12:32:40 +01:00
Bas van Dijk
f34aaa6646 hydra: remove the build-use-substitutes option
The following commit from 2016 in hydra removed the `--option
build-use-substitutes` from the hydra-queue-runner service:

```
commit ee2e9f5335c8c0288c102975b506f6b275793cfe
Author: Eelco Dolstra <edolstra@gmail.com>
Date:	Fri Oct 7 20:23:05 2016 +0200

    Update to reflect BinaryCacheStore changes

    BinaryCacheStore no longer implements buildPaths() and ensurePath(),
    so we need to use copyPath() / copyClosure().
```

It would be better if the hydra module in NixOS matches the upstream
module.
2020-01-14 12:14:25 +01:00
Francesco Zanini
9974bb16b0 systemd-networkd: add configuration for XFRM interfaces 2020-01-14 11:33:18 +01:00
Jacek Galowicz
adf5642ba6 nixosTests.bittorrent: Refactor declarative part 2020-01-14 10:22:46 +01:00
Jacek Galowicz
e1b1f5a484 nixosTests.bittorrent: Fix declarative httpd description 2020-01-14 10:11:57 +01:00
Jacek Galowicz
7f69fdd182 nixos/transmission: Fix module code 2020-01-14 10:10:45 +01:00
Marijan Petričević
61c61f80e5 nixos/test: added verbose output for failed tests 2020-01-14 09:33:10 +01:00
Peter Hoeg
41d333e024
Merge pull request #60981 from thefloweringash/usb-modeswitch
usb_modeswitch: fixes
2020-01-14 10:48:45 +08:00
Vanya Klimenko
ed52a6567c nixos/nginx/gitweb: add some (crucial) options
This replaces some hardcoded values in nginx's VirtualHosts's
configuration with customizable options. Previous values are kept as
default, so nothing should break for existing users.

Co-Authored-By: Florian Klink <flokli@flokli.de>
2020-01-14 00:11:10 +00:00
Silvan Mosberger
55b0129a14
Merge pull request #76178 from 0x4A6F/master-xandikos
xandikos: add tests and module
2020-01-13 23:48:22 +01:00
Martin Milata
d9319e8e87 nixos/ndppd: enable systemd sandboxing 2020-01-13 11:11:32 +00:00
Robin Gloster
8305186bb4
Merge pull request #77554 from lheckemann/fix-wpa-multiple1
nixos/wpa_supplicant: fix use with multiple interfaces
2020-01-13 12:07:54 +01:00
Linus Heckemann
247c25d302
Merge pull request #77473 from mayflower/worktrees
lib.commitIdFromGitRepo: support git-worktree
2020-01-13 12:01:49 +01:00
markuskowa
9bedc18507
Merge pull request #77553 from c0deaddict/fix/gitea-typo
nixos/gitea: fix typo
2020-01-13 09:29:08 +01:00
Andrew Childs
e4fa8192da nixos/tests/ec2: return to passing state
Updates required:

- Use vpc image format (new default, supported by Amazon)
- Pass full image filename to makeEc2Test
- Increase memory allocation for nixos-rebuild
- Set a networking.hostName for services.httpd
- Add appropriate escaping in literal userdata

While I'm here, try to make it fail fast.
2020-01-13 15:52:37 +09:00
Erik Arvstedt
9ed03f2103 nixos/paperless: fix tmpfiles rules
Previously, the service expected the paperless user to have a group with
the user's name. This is not necessarily the case for custom users.
2020-01-13 02:01:23 +00:00
Erik Arvstedt
5ad5d2321f nixos/paperless: don't use deprecated types.loaOf
This removes a warning.
2020-01-13 02:01:23 +00:00
Eric Culp
21f567bdd9 test-driver.py: Share the shared dir between VMs
This changes the python test driver to match the behavior of the perl
test driver.  I.e. the directory mounted into /tmp/shared should be the
same for all machines.

This probably fixes many tests, but I found this while investigating
failures in nixos/tests/ceph-multi-node.nix.
2020-01-12 15:49:17 -08:00
Lucas Savva
9467f2ba2c nixos/acme: Add logic to select right email address 2020-01-12 21:52:28 +00:00
Lucas Savva
1e3607d331 nixos/acme: replace simp-le with lego client
Lego allows users to use the DNS-01 challenge to validate their
certificates. It is mostly backwards compatible, with a few
caveats.

 - extraDomains can no longer have different webroots to the
   main webroot for the cert.
 - An email address is now mandatory for account creation

The following other changes were required:
 - Deprecate security.acme.certs.<name>.plugins, as this was
   specific to simp-le
 - Rename security.acme.validMin to validMinDays, to avoid
   confusion and errors. Lego requires the TTL to be specified in
   days
 - Add options to cover DNS challenge (dnsProvider,
   credentialsFile, dnsPropagationCheck)
 - A shared state directory is now used (/var/lib/acme/.lego)
   to avoid account creation rate limits and share credentials
   between certs
2020-01-12 21:28:53 +00:00
worldofpeace
d04c6e0c26
Merge pull request #77324 from worldofpeace/buildbot-eval
nixos/buildbot: fix eval, and some twin issues
2020-01-12 15:17:19 -05:00
worldofpeace
2af959e579 nixos/jenkins/slave: fix eval 2020-01-12 15:17:05 -05:00
Jan Tojnar
61cf52bc17
Merge pull request #77501 from jtojnar/more-loaof-fxes
tree-wide: fix more warning related to loaOf deprecation
2020-01-12 18:47:34 +01:00
Franz Pletz
23bdc67f8b
Merge pull request #77561 from Mic92/openldap
nixos/openldap: check configuration with slaptest
2020-01-12 16:33:34 +00:00
Silvan Mosberger
d6ad9ce105
nixos/usbmuxd: Fix users.groups assignment
A mistake was introduced in https://github.com/NixOS/nixpkgs/pull/63103
2020-01-12 16:53:27 +01:00
Jörg Thalheim
382b0aa52d
nixos/openldap: check configuration with slaptest
slapd does only print the error and not the line number.
Sometimes it is not even clear that it fails to start
due to an incorrect configuration file.

Example output of slaptest:

5e1b2179 /nix/store/gbn2v319d4qgw851sg41mcmjm5dpn39i-slapd.conf: line 134 objectClass: Missing closing parenthesis before end of input
ObjectClassDescription = "(" whsp
  numericoid whsp                 ; ObjectClass identifier
  [ "NAME" qdescrs ]
  [ "DESC" qdstring ]
  [ "OBSOLETE" whsp ]
  [ "SUP" oids ]                ; Superior ObjectClasses
  [ ( "ABSTRACT" / "STRUCTURAL" / "AUXILIARY" ) whsp ]
                                  ; default structural
  [ "MUST" oids ]               ; AttributeTypes
  [ "MAY" oids ]                ; AttributeTypes
  whsp ")"
slaptest: bad configuration file!
2020-01-12 14:25:49 +00:00
Robert Hensing
9884cb3ed0
Merge pull request #76861 from Infinisil/paths-as-submodules
lib/types: Allow paths as submodule values
2020-01-12 14:19:04 +01:00
Linus Heckemann
bbd6d219e4 nixos/wpa_supplicant: fix #61391 2020-01-12 14:14:16 +01:00
Jos van Bakel
a171244455
nixos/gitea: fix typo 2020-01-12 12:51:01 +01:00
Eric Culp
dc6451f08c nixos/tests/certmgr: Fix file permissions
This test has been broken since 2a413da57e, which stopped running the
nginx master process as root.
2020-01-11 16:18:10 -08:00
volth
6abba2294d nixos/nat: use nixos-nat-out instead of OUTPUT 2020-01-12 00:06:49 +01:00
snicket2100
1657acd5d4 actkbd: fixed the description of the services.actkbd.bindings option
The description referred to `<option>sound.enableMediaKeys</option>`,
which is actually called `<option>sound.mediaKeys.enable</option>`.
2020-01-11 13:07:19 -08:00