Commit Graph

10594 Commits

Author SHA1 Message Date
Samuel Dionne-Riel
27c6bf0ef3
Merge pull request #29441 from oxij/nixos/luks
nixos: initrd/luks: allow to reuse passphrases, cleanup
2018-08-08 13:16:57 -04:00
Silvan Mosberger
565479374b
Merge pull request #42469 from ghuntley/patch-4
zerotier: added option to customise the port used
2018-08-08 17:02:25 +02:00
Geoffrey Huntley
5b66ddb943 nixos/zerotier: added option to customise the port used 2018-08-09 00:00:12 +10:00
Linus Heckemann
adba92b5ef systemd: improve unit script drv naming
Also store scripts directly in the nix store rather than having the
superfluous /bin/ tree.
2018-08-08 14:29:41 +02:00
Jan Tojnar
83a18e14d9
Merge pull request #39792 from Moredread/fwupd
WIP fwupd: 1.0.5 -> 1.1.0
2018-08-08 11:57:39 +02:00
Jan Malakhovski
456f97f2e6 doc: document luksroot.nix changes in release notes 2018-08-08 02:47:50 +00:00
Jan Malakhovski
8c83ba0386 nixos: initrd/luks: disable input echo for the whole stage 2018-08-08 02:47:50 +00:00
Jan Malakhovski
c35917e330 nixos: initrd/luks: simplify Yubikey handling code
From reading the source I'm pretty sure it doesn't support multiple Yubikeys, hence
those options are useless.

Also, I'm pretty sure nobody actually uses this feature, because enabling it causes
extra utils' checks to fail (even before applying any patches of this branch).

As I don't have the hardware to test this, I'm too lazy to fix the utils, but
I did test that with extra utils checks commented out and Yubikey
enabled the resulting script still passes the syntax check.
2018-08-08 02:47:49 +00:00
Jan Malakhovski
a9d69a74d6 nixos: initrd/luks: change passphrases handling
Also reuse common cryptsetup invocation subexpressions.

- Passphrase reading is done via the shell now, not by cryptsetup.
  This way the same passphrase can be reused between cryptsetup
  invocations, which this module now tries to do by default (can be
  disabled).
- Number of retries is now infinity, it makes no sense to make users
  reboot when they fail to type in their passphrase.
2018-08-08 02:47:47 +00:00
Jan Malakhovski
12e6907f33 nixos: initrd/luks: cleanup and generalize common shell expressions
Also fix Yubikey timeout handling mess.
2018-08-08 02:45:17 +00:00
Jan Malakhovski
dc653449c5 nixos: boot/stage-1: check syntax of the generated script 2018-08-08 02:43:17 +00:00
Vincent Bernat
57840dbffb nixos/cloud-init: order after network-online.target (#44633)
Some modules of cloud-init can cope with a network not immediately
available (notably, the EC2 module), but some others won't retry if
network is not available (notably, the Cloudstack module).
network.target doesn't give much guarantee about the network
availability. Applications not able to start without a fully
configured network should be ordered after network-online.target.

Also see #44573 and #44524.
2018-08-08 00:09:00 +02:00
Edmund Wu
aea2d822dd luksroot: Add missing quote (#44639) 2018-08-07 23:56:30 +02:00
André-Patrick Bubel
08547ff642
fwupd: 1.0.5 -> 1.1.0
We override the ESP mount point in the config file /etc/fwupd/uefi.conf
(available since version 1.0.6), as it is set to a path in the nix store
during build time.

Tests are disabled as it needs /etc/os-release, which is not available
when building with sandboxing enabled.
2018-08-07 23:25:22 +02:00
Janne Heß
690dac11f3 nixos/luksroot: Support keyfile offsets 2018-08-07 17:39:02 +02:00
Thomas Bach
31e11bdd60 cassandra: rewrote service from scratch
Adds a replacement for the previously broken
`services.database.cassandra` with tests for a multi-node setup.
2018-08-07 14:48:43 +00:00
Bob van der Linden
e1da32d887 set initialHashedPassword in installation-device.nix 2018-08-07 14:45:50 +02:00
adisbladis
8f36a3185f
Merge pull request #44544 from bkchr/plasma_activation_script_use_absolute_path
services.plasma5: Make activationscript use absolute path to
2018-08-07 17:56:54 +08:00
Bastian Köcher
60e1e81201 services.plasma5: Make activationscript use absolute path to
`kbuildsyscoca5`
2018-08-06 17:15:53 +02:00
Robin Gloster
fcf067a1aa nixos/release.nix: add docker-registry test 2018-08-06 16:31:33 +02:00
Robin Gloster
cb9d784e49 docker-registry: Revert "[bot]: remove unreferenced code"
This code was referenced.

This reverts commit 87f5930c3f.

cc @volth
2018-08-06 16:31:33 +02:00
Silvan Mosberger
66793d9284
Merge pull request #44058 from borisbabic/feature/choose-trackpoint-device
trackpoint: Make the device name configurable
2018-08-06 03:14:16 +02:00
Boris Babic
0ef3119c69 trackpoint: Make the device name configurable 2018-08-06 02:56:32 +02:00
Sander van der Burg
9748d7c60b nixos/disnix: undo dysnomia rename to fix disnix and retain compatibility with previous release 2018-08-06 01:25:38 +02:00
Silvan Mosberger
47b3cdf9be
Merge pull request #44108 from bennofs/gen-config-extlinux
nixos-generate-config: detect extlinux bootloader
2018-08-05 22:59:46 +02:00
Austin Seipp
3dc65650ea nixos/manual: add release note entry for FoundationDB
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-08-05 08:47:20 -05:00
Austin Seipp
d80d0bc3d2 Revert "nixos/manual: add release note entry for FoundationDB"
This reverts commit be1124a537.
2018-08-05 08:42:58 -05:00
Austin Seipp
be1124a537 nixos/manual: add release note entry for FoundationDB
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-08-05 08:42:43 -05:00
Austin Seipp
d5eccebda5 nixos/manual: wordsmithing on fdb chapter
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-08-05 08:42:43 -05:00
Robert Schütz
2215834789
simp_le: use python3Packages (#44476) 2018-08-05 01:17:38 +02:00
Jesper
0254ae4e80 netdata: 1.9.0 -> 1.10.0 (#44472)
The web_access.patch would no longer apply.
It disabled a check that required the static files
for the web UI to be owned by the user the daemon runs as
(not root, so it doesn't work well with nix).

Besides updating netdata, this commit removes that patch,
changes the netdata service config to set the "web files owner/group"
option to "root" and adds a test that checks that the web UI is being served.

This allows the web files to be owned by root without patching.
2018-08-05 00:05:48 +02:00
Austin Seipp
f42f0a1c48 nixos/foundationdb: show an example python script in the documentation
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-08-04 16:56:16 -05:00
Austin Seipp
aa79ae0c64 foundationdb: install python bindings
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-08-04 16:56:16 -05:00
Silvan Mosberger
31dda068db
Merge pull request #42877 from Infinisil/systemd-boot/consoleMode
nixos/systemd-boot: Add consoleMode option
2018-08-04 23:21:31 +02:00
Bas van Dijk
5a43f6ffeb graphite: make systemd create /run directory for us (#44392) 2018-08-04 20:55:59 +02:00
xeji
1258e6dd3a
Merge pull request #43421 from rembo10/lightdm-gtk-greeter
nixos/lightdm-gtk-greeter: svg icon support
2018-08-04 17:55:54 +02:00
smithtim
9bf7ff3b57 nixos/doc: added MATE to list of desktop managers in manual (#44442) 2018-08-04 07:23:54 +01:00
Daiderd Jordan
e2a32b747f
Revert "nixos/disnix: fix broken service because of rename"
Broke evaluation of the nixos options.

  The option `services.dysnomia' defined in `.../nixos/modules/rename.nix' does not exist.

This reverts commit 5c897b4eff.
2018-08-04 00:26:34 +02:00
Sander van der Burg
5c897b4eff nixos/disnix: fix broken service because of rename 2018-08-03 22:01:56 +02:00
xeji
c9f3382a39
Merge pull request #43934 from jfrankenau/mpd-smb
mpd: add nfs and smb support
2018-08-03 21:59:30 +02:00
Johannes Frankenau
b9234ea49c nixos/mpd: allow storage plugins in musicDirectory 2018-08-03 21:36:38 +02:00
Okina Matara
36ab89900b nixos/meguca: Various fixes 2018-08-03 10:59:06 -05:00
Okina Matara
d49b5bdfb9 nixos/hydron: Various fixes, create db_conf.json and link to it 2018-08-03 10:43:53 -05:00
Silvan Mosberger
fcb4254276
Merge pull request #43610 from jfrankenau/fix-pulse-module-x11-publish
nixos/display-managers: fix loading of module-x11-publish
2018-08-03 17:00:14 +02:00
Silvan Mosberger
d31f89df44
Merge pull request #44127 from johanot/nixos-cfssl
nixos/cfssl: Add new module for cfssl
2018-08-03 16:39:12 +02:00
Bas van Dijk
70e7235510 nixos/doc: add the new strongswan-swanctl service to the 18.09 release notes 2018-08-03 16:06:02 +02:00
Franz Pletz
cb691b987f
Merge pull request #44394 from mayflower/exporter-firewall-fix
nixos/prometheus-exporters: use nixos-fw chain
2018-08-03 13:21:00 +00:00
Matthew Harm Bekkema
a6c7132abc doc: change git:// links to https:// (#44395)
The server is not verified over the git:// transfer protocol. If you
clone a repository over git://, you should check if the latest commit's
hash is correct.

On the other hand, https:// will always verify the server automatically,
using certificate authorities.
2018-08-03 14:01:34 +01:00
Jan Tojnar
f735d6a38d
Merge pull request #43992 from jtojnar/upstream-sessions
Upstream sessions
2018-08-03 14:23:17 +02:00
WilliButz
9216da8928
nixos/prometheus-exporters: use nixos-fw chain
Use nixos-fw chain instead of INPUT so that the rules don't keep
stacking everytime the firewall is reloaded.
This also adds a comment to each rule about the associated exporter.
2018-08-03 13:20:53 +02:00