Joachim F
5bea2997fe
nixos/hardened: blacklist old filesystems ( #70482 )
...
The rationale for this is that old filesystems have recieved little scrutiny
wrt. security relevant bugs.
Lifted from OpenSUSE[1].
[1]: 8cb42fb665
Co-Authored-By: Renaud <c0bw3b@users.noreply.github.com>
2019-10-12 10:08:44 +00:00
worldofpeace
361b5f7f65
nixos/pulseaudio: don't autospawn ever
...
This is long been superseded by socket activation.
Additonally using autospawn nudges some unpleasant
GDM related issues.
2019-10-11 21:41:15 -04:00
Jan Tojnar
6c8aed6391
Merge branch 'master' into staging-next
2019-10-12 00:50:21 +02:00
c0bw3b
1f7455cf0d
nixos.tests: silence getfacl absolute path message
...
Default getfacl behavior is to remove leading slash on absolute
paths in its header printed to stdout.
Before the header it will also print a message about it...
Switches -p -or --absolute-names can turn this off
and remove some noise from our tests logs.
2019-10-11 23:20:57 +02:00
Tor Hedin Brønner
5b7c900192
nixos/gdm: do not restart on reload switch ( #70357 )
...
Not entirely sure how this works, but this does seem to fix reload switch
killing the current graphical session.
2019-10-11 20:07:16 +02:00
Florian Klink
1aad3acf15
nixos/gitlab: Don't print sensitive data to log on startup ( #70861 )
...
nixos/gitlab: Don't print sensitive data to log on startup
2019-10-11 18:10:16 +02:00
Jan Tojnar
1739d34904
Merge pull request #70734 from jtojnar/nixos-rebuild-remote-fish
...
nixos-rebuild: Fix target-host using fish
2019-10-11 13:26:11 +02:00
Aaron Andersen
0b6067f93e
Merge pull request #68836 from Thra11/wacomtablet-kcm
...
wacomtablet: init at 3.2.0
2019-10-11 05:52:37 -04:00
Eelco Dolstra
9d0de0dc57
nix-daemon.nix: Shut up warning
2019-10-10 16:24:33 +02:00
Eelco Dolstra
27d2857a99
nix-daemon.nix: Use 'nix ping-store' to initialize directories
2019-10-10 16:24:33 +02:00
Eelco Dolstra
2c97f0669d
Typo
2019-10-10 16:24:33 +02:00
Eelco Dolstra
4b950c42cd
nix-daemon.nix: Drop Nix 1.x compatibility
...
Probably didn't work anyway anymore.
2019-10-10 16:24:33 +02:00
Eelco Dolstra
4e0d6a5ff8
Don't create /nix/var/nix/{gcroots,per-user}/per-user with 1777 permission
...
In fact, don't create them at all because Nix does that automatically.
Also remove modules/programs/shell.nix because everything it did is
now done automatically by Nix.
2019-10-10 16:24:33 +02:00
Eelco Dolstra
3ab3614e2b
nix: 2.3 -> 2.3.1
2019-10-10 16:23:33 +02:00
worldofpeace
1169336cd9
Merge pull request #70448 from worldofpeace/lightdm-improve-systemd
...
nixos/lightdm: improve systemd service
2019-10-09 21:22:19 +00:00
wodim
c5daa2cb3b
Fix typo
2019-10-09 20:42:36 +02:00
worldofpeace
f853bb4369
rl-1909: brief package version changes
2019-10-09 13:51:44 -04:00
Robin Gloster
0bf7300375
Merge pull request #70850 from yoohaemin/patch-1
...
Fix documentation typo
2019-10-09 17:35:41 +02:00
Robin Gloster
8e1fdad7c6
Merge pull request #70858 from manveru/nginx-map-hash-sizes
...
nginx: add map_hash_*_size options
2019-10-09 17:32:40 +02:00
Christoph Hrdinka
65be608330
Merge pull request #70371 from dminuoso/dovecot-fix-type
...
dovecot: fix wrong type in configFile option
2019-10-09 17:25:12 +02:00
talyz
dc29a45fc9
nixos/gitlab: Don't print sensitive data to log on startup
...
gitlab:db:configure prints the root user's password to stdout on
successful setup, which means it will be logged to the
journal. Silence this informational output. Errors are printed to
stderr and will thus still be let through.
2019-10-09 16:59:18 +02:00
Franz Pletz
f024e7b769
Merge pull request #67890 from mguentner/mxisd_ma1sd
...
mxisd: 1.4.5 -> 1.4.6 ☺ ma1sd: init at 2.1.1
2019-10-09 14:36:56 +00:00
Milan Pässler
ff0148d868
nixos/nginx: use mailcap mime.types
...
The mime type definitions included with nginx are very incomplete, so
we use a list of mime types from the mailcap package, which is also
used by most other Linux distributions by default.
2019-10-09 14:20:40 +00:00
Michael Fellinger
2d0b34aa1c
nginx: add map_hash_*_size options
2019-10-09 15:59:03 +02:00
Konrad Borowski
7e1e138606
nixos/caddy: add tests ( #70778 )
2019-10-09 11:32:03 +00:00
Haemin Yoo
8fc5984e83
Fix documentation typo
2019-10-09 19:43:12 +09:00
José Romildo Malaquias
f251c29484
Merge pull request #70035 from mkf/cwm-windowManager
...
nixos/cwm: init. Added windowManager cwm, basing on the module for dwm.
2019-10-09 07:04:39 -03:00
Andreas Rammhold
633baf4273
Merge pull request #70843 from B4dM4n/systemd-tmpfiles
...
nixos/systemd: fix broken tmpfiles.d symlinks
2019-10-09 11:44:19 +02:00
Fabian Möller
996d846726
nixos/systemd: fix broken tmpfiles.d symlinks
2019-10-09 10:53:01 +02:00
Robin Gloster
b5449e65b5
Merge pull request #69344 from talyz/gitlab-create-database
...
nixos/gitlab: Fix databaseCreateLocally evaluation and operation
2019-10-09 00:28:21 +02:00
Robin Gloster
b648a710af
Merge pull request #68721 from talyz/gitlab-fix
...
nixos/gitlab: Fix state directory permissions, clean up initializers directory
2019-10-09 00:27:12 +02:00
Eelco Dolstra
b407822b85
locate.nix: Don't create /var/cache
...
Fixes
setting up tmpfiles
[/etc/tmpfiles.d/var.conf:19] Duplicate line for path "/var/cache", ignoring.
2019-10-08 21:45:42 +02:00
Michał Krzysztof Feiler
00633a3e13
nixos/window-managers: add cwm to imports
...
as per request from @romildo under #70035 https://github.com/NixOS/nixpkgs/pull/70035#pullrequestreview-298166798
2019-10-08 17:48:09 +00:00
Linus Heckemann
a3a441cd87
nixos/tests/{ferm,networking}: fix eval with networkd
...
The networking.virtual test does not work with networkd yet, for
multiple reasons:
- network-online.target is not reached, because tun0 and tap0 are
considered as required for online but _not_ brought up or assigned
the configured addresses
- the commands later in the test rely on some units from the scripted
network setup
cc @fpletz networkd exper
cc @globin we looked at this together
2019-10-08 17:14:26 +02:00
Thomas Tuegel
22b4014900
Merge pull request #69357 from mtetreault/plymouth-custom-logo
...
breeze-plymouth: allow usage of custom logo
2019-10-08 05:32:07 -05:00
Jörg Thalheim
692656daf8
nixos/zfs: avoid script derivation for trim service
...
Since we only have a single pipe we can save the overhead of building a derivation
when creating the zfs trim service file when building the system.
2019-10-08 11:11:06 +01:00
Frederik Rietdijk
a0c34f54cc
Merge master into staging-next
2019-10-08 11:56:52 +02:00
Jan Tojnar
316d4faba4
nixos-rebuild: Fix target-host using fish
...
I have `users.defaultUserShell = pkgs.fish;` set on my server and when I ran `nixos-rebuild switch --target-host …`, the command failed with the following error:
fish: Unsupported use of '='. To run 'nix-store' with a modified environment, please use 'env PATH=… nix-store…'
That is because fish requires env to set environment variables for a program. It should also work on other shells.
2019-10-08 11:43:05 +02:00
Vladimír Čunát
f760f0ef48
Revert "Merge #67232 : machinectl compliant NixOS installation"
...
This reverts commit 66967ec752
, reversing
changes made to fb6595eafd
.
Fixes #70442 ; discussion: https://github.com/NixOS/nixpkgs/pull/70027
2019-10-07 20:56:59 +02:00
Eelco Dolstra
37c22b9d30
Revive systemd.coredump.enable
2019-10-07 20:28:13 +02:00
Maximilian Güntner
176b1aeb4e
nixos/mxisd: add support for ma1sd
...
both servers only differ slighly so the module
can be reused
2019-10-07 18:57:15 +02:00
Eelco Dolstra
39c0e489d3
Revert "make-disk-image: replace nixos-install by nix-env calls"
...
This reverts commit e9bf955fd6
. We use
nixos-install to ensure that make-disk-image produces the same result
as a regular installation (9802da517f
)
and to reduce code duplication. If there is something broken in
nixos-install, it should be fixed there.
2019-10-07 17:21:28 +02:00
Linus Heckemann
25a36477c8
19.09 notes: document timesyncd issue
...
See #64922 .
2019-10-07 10:47:36 -04:00
Samuel Leathers
4d25ec0caf
nixos/manual: update 19.03 -> 19.09 in upgrading section
2019-10-07 10:38:14 -04:00
Mathieu A.-Tetreault
001b42db7f
breeze-plymouth: allow usage of custom logo
2019-10-07 09:43:23 -04:00
Jörg Thalheim
a412d90e10
nixos/zfs: only enable trim if zfs is enabled
...
Also don't fail the service if there are no pools yet.
This might happen on installation ISOs.
2019-10-07 10:44:56 +01:00
Linus Heckemann
0b754fbe54
Merge pull request #69302 from mayflower/networkd-disallow-dhcp
...
networkd: disallow useDHCP
2019-10-07 11:29:04 +02:00
markuskowa
11e0b8465c
Merge pull request #70027 from ck3d/fix-ova
...
make-disk-image: replace nixos-install by nix-env calls
2019-10-07 10:16:50 +02:00
Symphorien Gibol
d9cac95878
nixos/xfce4-14: add xfce4-volumed-pulse when not using the desktop
...
xfce4-volumed-pulse is not abandoned, but is superseded by a panel
plugin which is not available when not using the desktop.
Fixes: volume up/down keys support
2019-10-06 21:22:44 +02:00
worldofpeace
67ac11e072
nixos/lightdm: improve systemd service
...
These improvements come from shopping around
at what other downstreams have done with their
systemd units and recent changes like [0] to gdm.
Note there's no requries or after on dbus.socket because
settings BusName will set this up automaticallly and
give it a type of dbus.
[0]: 2d57f45962
2019-10-06 10:23:21 -04:00
Joachim F
103180155d
Merge pull request #70447 from joachifm/feat/containers-private-networking-lockKernelModules-compat
...
nixos/containers: explicitly load kernel modules for networking
2019-10-06 11:00:36 +00:00
Matthieu Coudron
2a25b5c3cb
Merge pull request #70503 from joachifm/feat/remove-blcr
...
Remove blcr package & nixos module
2019-10-06 17:23:12 +09:00
Joachim Fasting
923c449e9b
nixos/blcr: remove
2019-10-06 08:10:23 +02:00
(cdep)illabout
1137ac7785
nixos/steam-hardware: add uinput to boot.kernelModules
...
uinput needs to be added to boot.kernelModules in order for the udev
rules defined by steam to be run and set permissions correctly on
/dev/uinput.
See https://github.com/NixOS/nixpkgs/issues/70471 .
2019-10-06 11:34:54 +09:00
Albert Safin
0eaf29433e
nixos/doc: fix manpage format
...
Spaces inside <refname> cause stray double underscore in generated manual pages.
Fixes #70468
2019-10-05 15:55:49 +00:00
worldofpeace
60ddfac0c6
Merge pull request #70465 from worldofpeace/pam-home
...
nixos/system-environment: use pam syntax for home variable
2019-10-05 15:04:31 +00:00
worldofpeace
57481b7a1c
nixos/system-environment: use pam syntax for home variable
2019-10-05 09:43:47 -04:00
worldofpeace
789fcebdab
Merge pull request #46997 from worldofpeace/installer-autorun
...
installer: autorun xserver in graphical media
2019-10-05 11:34:27 +00:00
Maximilian Bosch
d72f4e2ae0
Merge pull request #70422 from elseym/documize-writable-home
...
documize: introduce state directory
2019-10-05 13:20:58 +02:00
worldofpeace
99df63be0a
nixos/pantheon: add elementary-default-settings for services
...
This is needed for the AccountsService interfaces (in systemPackages).
2019-10-05 06:43:38 -04:00
Joachim Fasting
fe3da83b7e
nixos/containers: explicitly load kernel modules for networking
...
List all modules that *may* be required depending on individual container
configurations; don't expect that further modules can be loaded after boot.
Fixes https://github.com/NixOS/nixpkgs/issues/38676
2019-10-05 12:25:12 +02:00
Bas van Dijk
82259b5d54
thanos: 0.6.1 -> 0.7.0
2019-10-05 10:35:52 +02:00
Tor Hedin Brønner
9be5321097
nixos/gdm: follow upstream's service config
2019-10-05 05:15:29 +02:00
Tor Hedin Brønner
1efac91ca4
nixos/gdm: make config dir for gnome-initial-setup
...
Observed failure to lauch gdm in a VM due to missing /run/gdm.config.
2019-10-05 05:15:29 +02:00
worldofpeace
1f91fd0a03
Merge pull request #70362 from worldofpeace/gnome-shell-overides
...
nixos/gnome3: copy gnome-shell override
2019-10-05 02:53:52 +00:00
elseym
93fa16f939
documize: introduce state directory
2019-10-05 00:40:44 +02:00
lassulus
9d04a64a8f
iso-image: add loopback.cfg support to boot iso from grub
2019-10-04 23:24:52 +02:00
Linus Heckemann
141b7210cb
Merge pull request #70256 from Ma27/drop-nodejs-11_x
...
nodejs-11_x: remove
2019-10-04 18:14:15 +02:00
Jörg Thalheim
bf3360cdcf
nixos/zeronet: Improved config, dynamic user, remove static UI… ( #70305 )
...
nixos/zeronet: Improved config, dynamic user, remove static UID and GID
2019-10-04 10:23:13 +01:00
Victor Nawothnig
187c0b3aef
Specify correct option type
2019-10-04 09:57:06 +02:00
worldofpeace
eb14b000e5
nixos/gnome3: copy gnome-shell override
...
Without this these default settings overrides to gnome-shell
don't appear to be used completely.
2019-10-03 22:27:04 -04:00
Aaron Andersen
2448733001
Merge pull request #69371 from dasJ/memcached-sysuser
...
nixos/memcached: Switch to a system user
2019-10-03 18:11:00 -04:00
Okinan
5c18c08da9
nixos/zeronet: improved config, dynamic user
2019-10-03 17:03:32 -05:00
talyz
c6efa9fd2d
nixos/gitlab: Clean up the initializers on start
...
The initializers directory is populated with files from the gitlab
distribution on start, but old files will be left in the state folder
even if they're removed from the distribution, which can lead to
startup failures. Fix this by always purging the directory on start
before populating it.
2019-10-03 14:38:54 +02:00
Maximilian Bosch
334641d112
nodejs-11_x: remove
...
Package is EOLed by upstream: https://github.com/nodejs/Release
Fixes #69008
2019-10-03 14:33:34 +02:00
talyz
0f8133d633
nixos/gitlab: Fix state directory permissions
...
Since the preStart script is no longer running in privileged mode, we
reassign the files in the state directory and its config subdirectory
to the user we're running as. This is done by splitting the preStart
script into a privileged and an unprivileged part where the privileged
part does the reassignment.
Also, delete the database.yml symlink if it exists, since we want to
create a real file in its place.
Fixes #68696 .
2019-10-03 09:02:00 +02:00
Okinan
f2fc1b0046
nixos/zeronet: remove static uid and gid
2019-10-03 01:25:08 -05:00
worldofpeace
7e89933127
Merge pull request #70296 from worldofpeace/targets-want-gsd
...
nixos/gnome-settings-daemon: move systemd config here
2019-10-03 03:19:46 +00:00
worldofpeace
fb7b158dda
nixos/gnome-settings-daemon: move systemd config here
...
As I've decided that it doesn't make sense for the module to be shared [0]
we can move this config here.
[0]: 68ab37aa44
2019-10-02 22:51:11 -04:00
worldofpeace
159b12bee7
rl-2003: graphical image autoruns X
2019-10-02 22:11:40 -04:00
worldofpeace
489548310f
nixos/iso-image: add menu entry to disable display-manager
2019-10-02 22:10:18 -04:00
worldofpeace
f6f5151d57
installer: autorun xserver in graphical media
2019-10-02 22:10:18 -04:00
Elias Probst
86dea5559f
nixos/networkmanager: allow iwd as Wi-Fi backend
...
This introduces an option wifi.backend to the networkmanager module.
Co-authored-by: Cole Mickens <cole.mickens@gmail.com>
Co-authored-by: worldofpeace <worldofpeace@protonmail.ch>
2019-10-02 21:52:58 -04:00
worldofpeace
5edb20533d
Merge pull request #70041 from worldofpeace/desktopmanager-compat
...
Fix certain desktop managers building together
2019-10-03 01:32:12 +00:00
Jan Tojnar
b3fcd9375d
Merge branch 'master' into staging-next
2019-10-03 01:47:08 +02:00
worldofpeace
355425b7cb
Merge pull request #70293 from schmittlauch/cawbird2
...
corebird: move deprecation warning to aliases and release notes
2019-10-02 23:08:14 +00:00
Trolli Schmittlauch
45a9542a37
corebird: move deprecation warning to aliases and release notes
2019-10-03 00:41:33 +02:00
Jan Tojnar
4655669483
Gnome 3.34 ( #68608 )
...
Gnome 3.34
2019-10-03 00:38:54 +02:00
worldofpeace
dd86155fe4
nixos/gnome3: use sessionVariables
...
Without this GNOME_SESSION_DEBUG
likely won't be set in the systemd user environment.
2019-10-03 00:09:18 +02:00
worldofpeace
38147b9215
nixos/gnome-initial-setup: prevent run on existing systems
...
GNOME initial setup's run is conditioned on whether
the gnome-initial-setup-done file exists in XDG_CONFIG_HOME
Because of this, every existing user will have initial setup
running because they never ran it before.
To prevent this we create the file if the users stateVersion
is older than 20.03 (the release we added this module).
Also drop uneeded manual conflicts as systemd.packages
does handle this.
2019-10-03 00:09:12 +02:00
worldofpeace
f462b376bb
nixos/gdm: prevent g-i-s from running
2019-10-03 00:09:12 +02:00
worldofpeace
f9b44934bc
nixos/gnome-initial-setup: init
...
It tries to start during the GDM session even
with the conflicts.
2019-10-03 00:09:12 +02:00
Silvan Mosberger
899937e1ca
Merge pull request #69868 from Infinisil/config-check-warning
...
nixos/nix-daemon: Prevent network warning when checking config
2019-10-02 23:15:13 +02:00
Silvan Mosberger
643a329a4c
do-agent: init at 3.5.6 ( #69186 )
...
do-agent: init at 3.5.6
2019-10-02 22:34:26 +02:00
Peter Simons
8cd5aa8a82
Merge pull request #69194 from danbst/pg11-nixos
...
nixos/postgresql: switch default 9.6 -> 11
2019-10-02 20:02:25 +02:00
yvt
00a54207e0
nixos/do-agent: Depend on network-online.target
2019-10-03 02:44:33 +09:00
yvt
e3c1ecf111
nixos/do-agent: Use DynamicUser
2019-10-03 01:30:41 +09:00
Tim Steinbach
25295972d4
kafka: Add 2.3
2019-10-02 07:37:44 -04:00
Frank Doepper
3065d00d74
nixos module zfs: provide /etc/zfs/zpool.d
...
The scripts for zpool iostat -c and zpool status -c are located in
/etc/zfs/zpool.d
2019-10-02 12:34:09 +02:00
worldofpeace
49bc1bf44a
Merge pull request #70137 from michaelpj/fix-pam-variable-subst
...
nixos/system-environment: fix variable substitution
2019-10-02 01:20:28 +00:00