Commit Graph

5777 Commits

Author SHA1 Message Date
Jörg Thalheim
156d2fbf5d
Merge pull request #48272 from avnik/fix/rmilter
nixos/rmilter: don't enable by default, if rspamd enabled
2018-10-12 22:34:08 +01:00
Jeff Slight
7bafe25553 add custom hooks directory to gitlab-shell
Add custom_hooks_dir to gitlab-shell yml config file.
2018-10-12 09:33:37 -07:00
Alexander V. Nikolaev
b61dd2bcb7 nixos/rmilter: don't enable by default, if rspamd enabled 2018-10-12 17:39:06 +03:00
Jan Tojnar
a112f16a75
Merge pull request #42562 from ambrop72/gdk-pixbuf-fix
Use a NixOS module for generating the gdk-pixbuf loaders cache.
2018-10-12 15:52:06 +02:00
Ben Wolsieffer
73c523a605 buildbot: add Python 3 support 2018-10-11 21:39:11 -04:00
Silvan Mosberger
c81ca5491f
Merge pull request #46041 from nh2/issue-46038-nix-daemon-ssh-path
nix-daemon service: Ensure `ssh` is on PATH. Fixes #46038.
2018-10-11 21:51:37 +02:00
Silvan Mosberger
c881a04a5d
Merge pull request #47902 from pvgoran/correct-mkEnableOption-uses
nixos: correct improper uses of mkEnableOption, clarify service descr…
2018-10-11 21:31:32 +02:00
Michael Raskin
a29603344a
Merge pull request #48189 from aanderse/redmine
redmine: refactor, cleanup, bug fix, and add functionality
2018-10-11 15:32:43 +00:00
Victor SENE
2dcd512e74 nixos/nextcloud: add poolConfig option (#48094) 2018-10-11 14:13:23 +00:00
Franz Pletz
0aabc77a03
Merge pull request #48055 from WilliButz/add-exporter-tests
nixos/tests: add test for prometheus exporters
2018-10-11 13:58:14 +00:00
Aaron Andersen
975f476cd2 quoting stateDir path in case it includes spaces 2018-10-11 08:04:47 -04:00
obadz
6fca3c5700 cups-googlecloudprint: init at 20160502 2018-10-11 09:19:58 +01:00
Aaron Andersen
1cb5b509f1 redmine: refactor, cleanup, bug fix, and add functionality
- added package option to specify which version of redmine
- added themes option back in to allow specifying redmine themes
- added plugins option back in to allow specifying redmine plugins
- added database.socket option to allow mysql unix socket authentication
- added port option to allow specifying the port rails runs on

- cleaned up Gemfile so it is much less hacky
- switched to ruby version 2.4 by default as suggested by documentation http://www.redmine.org/projects/redmine/wiki/redmineinstall#Installing-Redmine
- fixed an annoyance (bug) in the service causing recursive symlinks
- fixed ownership bug on log files generated by redmine
- updates reflecting renames in nixos options

- added a nixos test
2018-10-10 21:04:08 -04:00
xeji
af6e2464bb
nixos/display-managers/startx: init (#47773)
Dummy display manager that allows running X as a normal user.
The X server is started manually from a vt using `startx`.
Session startup commands must be provided by the user
in ~/.xinitrc, which is NOT automatically generated.
2018-10-10 23:07:44 +02:00
Peter Hoeg
98649aea0f
Merge pull request #48098 from peterhoeg/f/opti
nix-optimise: do not run in container
2018-10-10 20:57:10 +08:00
Maximilian Bosch
018573b757
nixos/weechat: add setuid wrapper for `screen' to ensure true multiuser capabilities
Previously you either had to set the setuid bit yourself or workaround
`isSystemUser = true` (for a loginable shell) to access the weechat
screen.

`programs.screen` shouldn't do this by default to avoid taking too much
assumptions about the setup, however `services.weechat` explicitly
requires tihs.

See #45728
2018-10-10 11:11:34 +02:00
Jörg Thalheim
af7c57232b
Merge pull request #48080 from Lassulus/gnome-gdm
nixos/gnome3: don't autoenable gdm
2018-10-09 23:22:41 +01:00
Vincent Ambo
5ead27394d journaldriver: 1.0.0 -> 1.1.0 (#48106)
Included changes:

* upstream repository has moved, URLs changed accordingly
* journaldriver bumped to new upstream release

The new release includes an important workaround for an issue that
could cause log-forwarding to fail after service restarts due to
invalid journal cursors being persisted.
2018-10-09 23:45:43 +02:00
Joachim F
5fc62fa49c
Merge pull request #48043 from Vskilet/emby
nixos/emby : use the dataDir option
2018-10-09 08:54:07 +00:00
lassulus
5a752ad879 nixos/gnome3: don't autoenable gdm
This seems to cause problems if people have other display-managers
enabled
2018-10-08 23:05:18 +02:00
Timo Kaufmann
a88dad2684
Merge pull request #48039 from lheckemann/murmur-mention-mumble
murmur: mention mumble in description
2018-10-08 21:46:38 +02:00
Matthew Bauer
dd6f6951cf
Merge pull request #45109 from jfrankenau/module-triggerhappy
nixos/triggerhappy: add module for triggerhappy hotkey daemon
2018-10-08 14:42:59 -05:00
Matthew Bauer
7432fde1ad
Merge pull request #44920 from eadwu/init/lightdm-enso-os-greeter
lightdm-enso-os-greeter: init at 0.2.1
2018-10-08 13:54:31 -05:00
WilliButz
fbb7e0c82f
nixos/prometheus-exporters: fix unapplied service config
Prior to this commit, the default values for `Restart`, `PrivateTmp` and
`WorkingDirectory` were falsely ignored.

I also added myself as maintainer.
2018-10-08 17:21:49 +02:00
WilliButz
24320f4a9e
nixos/prometheus-varnish-exporter: avoid crash on restart 2018-10-08 17:21:48 +02:00
Victor SENE
7d43e2a861 nixos/emby : use the dataDir option 2018-10-08 14:49:09 +02:00
Linus Heckemann
68a2fceed5 nixos/murmur: mention mumble in description
This makes the option easier to find with the options search or in the
manpage.
2018-10-08 13:33:36 +02:00
lassulus
99c8dc4a11 charybdis service: bin/charybdis-ircd -> bin/charybdis 2018-10-07 13:10:50 +02:00
Andrew Childs
c477d6658c nixos/prometheus-snmp-exporter: fix command line argument format 2018-10-07 11:35:55 +09:00
Matthew Bauer
907afd17f9
Merge pull request #46068 from azazel75/alertmanager-flags
Prometheus Alertmanager: Allow the definition of extra options on commandline
2018-10-05 22:52:48 -05:00
Matthew Bauer
91078ee339
Merge pull request #46106 from NickHu/psd
profile-sync-daemon: 5.53 -> 6.33
2018-10-05 22:51:59 -05:00
Matthew Bauer
33d24042d4
Merge pull request #46443 from bobvanderlinden/pr-test-upnp
Miniupnpd and bittorrent improvements
2018-10-05 22:48:24 -05:00
Matthew Bauer
ef7d2215a5
Merge pull request #46856 from dasJ/tt_rss_uid
nixos/tt_rss: Give a proper UID
2018-10-05 22:41:27 -05:00
nyanloutre
bb06b5b442 nixos/emby: fixes binary name change introduced by #47659 2018-10-05 09:25:39 +02:00
Pavel Goran
858b263bf0 nixos: correct improper uses of mkEnableOption, clarify service descriptions
Several service definitions used `mkEnableOption` with text starting
with "Whether to", which produced funny option descriptions like
"Whether to enable Whether to run the rspamd daemon..".

This commit corrects this, and adds short descriptions of services
to affected service definitions.
2018-10-05 13:14:45 +07:00
Peter Hoeg
c81d370bb9
Merge branch 'master' into f/activation 2018-10-05 10:08:56 +08:00
Peter Hoeg
4dada63a17 plasma5: run kbuildsycoca5 in the user context 2018-10-05 10:06:40 +08:00
Pascal Wittmann
b9e7935eff
Merge pull request #47603 from Mic92/bitlbee
nixos/bitlbee: add pam option
2018-10-04 12:48:09 +02:00
Peter Hoeg
6b4d336651
Merge pull request #47838 from peterhoeg/f/plasma
kcheckpass: it is in kscreenlocker, not plasma-workspace
2018-10-04 15:42:46 +08:00
Matthew Bauer
1ffe83caa7
Merge pull request #42846 from ambrop72/optimus-prime-config-master
nixos/xserver: Implement configuration of NVIDIA Optimus via PRIME
2018-10-03 22:56:53 -05:00
Peter Hoeg
d10a84eb21 kcheckpass: it is in kscreenlocker, not plasma-workspace 2018-10-04 10:17:40 +08:00
Jörg Thalheim
6a995e986a
Merge pull request #47159 from eqyiel/nextcloud
nextcloud module: init
2018-10-03 23:42:40 +01:00
Florian Jacob
c54aa26a2d nixos/munin: move from /var/run to /run
as using /var/run now emits a warning by systemd's tmpfiles.d.
As /var/run is already a symlink to /run, this can't break anything, and
data does not need to be migrated.
2018-10-03 17:36:37 +02:00
Peter Simons
1af8f3a980 nixos: include system-level dconf resources in GDM's profile
This is necessary when system-wide dconf settings must be configured, i.e. to
disable GDM's auto-suspending of the machine when no user is logged in.

Related to https://github.com/NixOS/nixpkgs/issues/42053.
2018-10-02 13:27:59 +02:00
Alyssa Ross
c1dbb90bfd lightdm: add extraConfig option (#47630) 2018-10-02 00:35:32 +02:00
Franz Pletz
11ba2f270f
nixos/clamav: fix freshclam service if db up to date 2018-10-02 00:26:38 +02:00
Franz Pletz
f8d681a91f
nixos/clamav: fix daemon/updater services toggling 2018-10-02 00:26:38 +02:00
Jörg Thalheim
d334c1c1d0 nixos/bitlbee: option to use pam 2018-10-01 18:25:11 +01:00
Franz Pletz
ebd38185c8 nixos/nextcloud: init
Co-authored-by: Franz Pletz <fpletz@fnordicwalking.de>
Co-authored-by: Robin Gloster <mail@glob.in>
Co-authored-by: Janne Heß <janne@hess.ooo>
Co-authored-by: Florian Klink <flokli@flokli.de>
2018-10-01 02:07:43 +09:30
Johan Thomsen
a91c293aaf kubernetes: 1.11.3 -> 1.12.0
- kubelet CAdvisor port has been removed
2018-09-30 14:49:26 +02:00
Graham Christensen
8413f22bb3
docs: format 2018-09-29 20:51:11 -04:00
Will Dietz
243e28bc96 nix-daemon: only add channels dir to NIX_PATH if exists
Per reviewer comment (thanks!).
2018-09-29 20:29:33 -04:00
Will Dietz
f3a114e088 NIX_PATH: don't prepend $HOME-based value in session variable, set later
environment.sessionVariables cannot refer to the values of env vars,
and as a result this has caused problems in a variety of scenarios.

One use for these is that they're injected into /etc/profile,
elewhere these are used to populate an 'envfile' for pam
(`pam 5 pam_env.conf`) which mentions use of HOME being
potentially problematic.

Anyway if the goal is to make things easier for users,
simply do the NIX_PATH modification as extraInit.

This fixes the annoying problems generated by the current approach
(#40165 and others) while hopefully serving the original goal.

One way to check if things are borked is to try:

$ sudo env | grep NIX_PATH

Which (before this change) prints NIX_PATH variable with
an unexpanded $HOME in the value.

-------

This does mean the following won't contain user channels for 'will':
$ sudo -u will nix-instantiate --eval -E builtins.nixPath

However AFAICT currently they won't be present either,
due to unescaped $HOME.  Unsure if similar situation for other users
of sessionVariables (not sudo) work with current situation
(if they exist they will regress after this change AFAIK).
2018-09-29 20:29:33 -04:00
Dominik Xaver Hörl
73de073405 nixos/kmscon: Add autologin option 2018-09-29 21:55:14 +02:00
Elis Hirwing
aba95986d2
lidarr: init at 0.3.1.471
Fork of sonarr (as radarr) but for music instead of series and movies.
2018-09-29 21:40:29 +02:00
Matthew Bauer
21c26ca390
Merge pull request #46607 from rembo10/sickbeard
Sickbeard/Sickgear/Sickrage: Init and module
2018-09-29 13:58:43 -05:00
Brian Olsen
783a58f363
nixos/rspamd: Remove non-working socket activation
The socket activation I added to the rspamd module doesn't actually work
and can't be made to work without changes to rspamd.

See: #47421
See: rspamd/rspamd#2035
2018-09-28 19:43:34 +02:00
Jörg Thalheim
2dc1d75eb4
Merge pull request #35690 from griff/rspamd-socketruntime
nixos/rspamd: Preserve runtime directory when using socket activation
2018-09-27 14:09:12 +01:00
Robert Hensing
6c568b6644 rabbitmq module: Update documentation
Elaborate on the two config file formats.
2018-09-27 13:13:27 +02:00
Franz Pletz
e7ca9af4cc
shairport-sync: fix pulseaudio support & default arguments 2018-09-26 18:12:02 +02:00
Domen Kožar
82feb4b66e
postgresql: give postgres user a shell 2018-09-26 12:11:40 +01:00
aszlig
c5bb43188d
nixos: Fix eval error for documentation.nixos
Introduced by 0f3b89bbed.

If services.nixosManual.showManual is enabled and
documentation.nixos.enable is not, there is no
config.system.build.manual available, so evaluation fails. For example
this is the case for the installer tests.

There is however an assertion which should catch exactly this, but it
isn't thrown because the usage of config.system.build.manual is
evaluated earlier than the assertions.

So I split the assertion off into a separate mkIf to make sure it is
shown appropriately and also fixed the installation-device profile to
enable documentation.nixos.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @oxij
2018-09-25 23:39:44 +02:00
Alexey Lebedeff
afa2be4464 rabbitmq module: modernize after package upgrade
- Use socket-activated epmd - that way there won't be any trouble when
  more than one erlang system is used within a single host.
- Use new automation-friendly configuration file format
- Use systemd notifications instead of buggy 'rabbitmqctl wait' for
  confirming successful server startup.
  'wait' bug: https://github.com/rabbitmq/rabbitmq-server/issues/463
- Use 'rabbitmqctl shutdown' instead of 'stop', because it's not
  pid-file based
- Use sane systemd unit defaults from RabbitMQ repo:
  https://github.com/rabbitmq/rabbitmq-server/blob/master/docs/rabbitmq-server.service.example
- Support for external plugins
2018-09-25 11:19:23 +02:00
Michael Raskin
61abf3bbd9
Merge pull request #47298 from oxij/nixos/doc-in-installer
nixos: fix fallout from #46193
2018-09-25 09:00:43 +00:00
WilliButz
78ad8d4a62 nixos/gitlab: rebuild authorized_keys during preStart
This updates the path to the 'gitlab-shell' to the
correct store path when gitlab is restarted.
2018-09-25 03:53:32 +02:00
Robin Gloster
dc915565ba gitlab module: workhorse may start before gitlab 2018-09-25 03:53:32 +02:00
Kristoffer Thømt Ravneberg
f17f59ca8e nixos/gitlab: avoid creating recursive symlinks, add gitlab-rake deps 2018-09-25 03:53:32 +02:00
Jan Malakhovski
3c0cced272 nixos: doc: nixos-manual: fix assert 2018-09-24 21:07:55 +00:00
Austin Seipp
0ce90d58cc nixos/chrony: clean up, rework to be a little closer to upstream
Most importantly, this sets PrivateTmp, ProtectHome, and ProtectSystem
so that Chrony flaws are mitigated, should they occur.

Moving to ProtectSystem=full however, requires moving the chrony key
files under /var/lib/chrony -- which should be fine, anyway.

This also ensures ConditionCapability=CAP_SYS_TIME is set, ensuring
that chronyd will only be launched in an environment where such a
capability can be granted.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-09-24 15:42:44 -05:00
1000101
082bf52e31 nixos/trezord: revised and updated udev rules
nixos/trezord: revised and updated udev rules
2018-09-24 19:55:14 +02:00
Eelco Dolstra
9c53116d49
Revert "nixos: set nixos in nixPath"
This reverts commit 67c8c49177.

'nix run nixos.firefox' is *not* supposed to work - the Nix 2.x
interface attempts to standardize on nixpkgs.*, to get rid of the
nixos/nixpkgs confusion that existed with the channels interface. So
let's not bring that confusion back.
2018-09-24 10:42:01 +02:00
Samuel Dionne-Riel
ebf041d4bd
Merge pull request #46193 from oxij/nixos/manual-to-doc
nixos: doc: implement #12542
2018-09-24 00:09:23 -04:00
Jörg Thalheim
5e5cd96189
Merge pull request #47180 from avnik/fix/rmilter
Fix rmilter socket path, add deprecation notice
2018-09-24 01:40:13 +01:00
Matthew Bauer
cc72143f7d
Merge pull request #47206 from matthewbauer/add-nixos-to-nixpath
nixos: set nixos in nixPath
2018-09-23 18:47:44 -05:00
Matthew Bauer
1f0626a789
Merge pull request #47205 from matthewbauer/add-kdoctools
kde: add kdoctools to default environment
2018-09-23 18:46:36 -05:00
Jan Malakhovski
0f3b89bbed nixos: doc: move non-service parts of service.nixosManual to documentation.nixos 2018-09-23 20:50:47 +00:00
Jan Malakhovski
fe744d3fb1 nixos: doc: rename manual to manualHTML, cleanup references
Because when I see "config.system.build.manual.manual" after I forgot
what it means I ask "Why do I need that second `.manual` there again?".
Doesn't happen with `config.system.build.manual.manualHTML`.
2018-09-23 20:47:58 +00:00
Matthew Bauer
611cc31aa4 kde: add kdoctools to default environment
khelpcenter needs meinproc5 to work properly. Hopefully doesn’t effect
closure sizes too much - kdoctools is rather small.

Fixes #46539

/cc @ttuegel
2018-09-23 13:38:50 -05:00
Sarah Brofeldt
7ac9e75583
Merge pull request #46959 from worldofpeace/emby/correct-permission
nixos/emby: ensure plugins are writeable
2018-09-23 20:33:29 +02:00
Sarah Brofeldt
7fb0194d41
Merge pull request #45161 from Gerschtli/update/ts3
teamspeak_server: 3.0.13.6 -> 3.3.0
2018-09-23 20:24:48 +02:00
Alexander V. Nikolaev
868040ee22 rmilter: deprecation notice 2018-09-23 18:51:40 +03:00
Pavel Goran
5e16e671ea nixos/tomcat: add aliases sub-option for virtual hosts 2018-09-23 21:49:17 +07:00
Vladyslav Mykhailichenko
3b7ecaa798 iwd: 0.7 -> 0.8 2018-09-23 15:26:55 +03:00
Frederik Rietdijk
56853dc6d8
Merge pull request #45941 from NixOS/staging-next
Staging next
2018-09-23 09:31:28 +02:00
Matthew Bauer
67c8c49177 nixos: set nixos in nixPath
This makes using the nixos channel work out of the box with the new
Nix commands. For example:

$ nix run nixos.firefox -c firefox

Fixes #46536
2018-09-23 00:14:27 -05:00
Alexander V. Nikolaev
08f266490b rmilter: move rmilter.sock out of /run/rmilter
/run/rmilter is set by systemd, and have root:root ownership, which
prevent pid file to write.

This fix suggested to be promoted to 18.09 branch.
(Although rmilter itself is deprecated, and I plan to remove it, after
18.09 would be released)
2018-09-22 20:57:08 +03:00
Michael Peyton Jones
5b3c8485d6 sddm: link whole sddm directory, not just themes (#47174) 2018-09-22 19:23:31 +02:00
Christian Kögler
1ce496bfab nixos lircd: fix deletion of lircd socket 2018-09-21 23:47:26 +02:00
Jan Tojnar
93408aecc4
Merge pull request #46274 from mvnetbiz/libratbag
libratbag: init at v0.9.903
2018-09-21 22:49:17 +02:00
Matt Votava
9a859fb7f9 libratbag: init at v0.9.903
Add package libratbag and service module ratbagd
Libratbag contains ratbagd daemon and ratbagctl cli to configure
buttons, dpi, leds, etc. of gaming mice.
Add mvnetbiz to maintainers.
2018-09-21 02:13:49 -07:00
Jörg Thalheim
9046673696 nixos/grafana: option to configure smtp 2018-09-20 23:06:10 +01:00
Jörg Thalheim
7eb9c348fb nixos/grafana: options to store secrets not in nix store 2018-09-20 23:06:10 +01:00
Maximilian Bosch
18d461533b
zsh: patch _setxkbmap completion script
Instead of searching `/usr` it should search for the `xkb`,
$XDG_DATA_DIRS will be searched. With this approach we allow compliance
on NixOS and non-NixOS systems to find `symbols` in the `xkb` directory.

The patch has been accepted by upstream, but isn't released yet, so this
is mainly a temporary fix until we can bump ZSH to the next stable version.

The `xserver` module links `/share/X11/xkb` to `/run/current-system` to
make this possible.

The fix can be tested inside the following VM:

```
{
  zshtest = {
    programs.zsh.enable = true;
    users.extraUsers.vm = {
      password = "vm";
      isNormalUser = true;
    };
    services.xserver.enable = true;
  };
}
```

Fixes #46025
2018-09-20 12:54:34 +02:00
worldofpeace
a16c6d85a1 nixos/emby: ensure plugins are writeable 2018-09-20 06:35:51 -04:00
Domen Kožar
5715aa1951
datadog-agent: remove privateTmp=true
This allows postgres integration to connect to socket in /tmp
2018-09-19 18:53:51 +01:00
Edmund Wu
1a15b10ae3 lightdm: fix tmpfiles path (#46886) 2018-09-19 16:54:13 +02:00
WilliButz
3961cab52f codimd: remove unneeded defaults 2018-09-18 23:15:34 +02:00
WilliButz
fc93264f59 codimd: fix option configuration.saml.idpCert 2018-09-18 23:15:34 +02:00
Janne Heß
be6e995085 nixos/tt_rss: Give a proper UID 2018-09-18 21:46:52 +02:00
Frederik Rietdijk
de419917a3 Merge master into staging-next 2018-09-18 18:44:48 +02:00
Jörg Thalheim
f8b2c1318c
Merge pull request #46634 from mdorman/airsonic-parameters
airsonic: provide additional jvm configuration
2018-09-18 08:20:53 +01:00
Jean-Paul Calderone
57834da7fc nixos/tor: Correct "transparent" typo 2018-09-17 16:13:11 +02:00
Graham Christensen
c8cc8d496d
Merge pull request #46777 from erikarvstedt/docs
Improve docs
2018-09-17 09:31:30 -04:00
WilliButz
db846a88a8 nixos/codimd: add module 2018-09-17 15:18:52 +02:00
Erik Arvstedt
4c755e1218 nixos display-managers: fix typo in description 2018-09-17 15:03:01 +02:00
worldofpeace
67e9571ba4 nixos/lightdm: use systemd.tmpfiles (#46734)
This also makes logs appear at /var/log/lightdm
2018-09-17 11:02:21 +02:00
Peter Hoeg
f456d7f575
Merge pull request #32045 from ck3d/nixos-lirc
initial NixOS module for LIRC
2018-09-17 11:35:15 +08:00
Peter Hoeg
3904016a3d
Merge pull request #43812 from binarin/epmd-systemd-pr
epmd: Introduce erlang port mapper daemon service
2018-09-17 11:33:09 +08:00
Jörg Thalheim
8ceaf29f3b
Merge pull request #46741 from pacien/exim-module-package-opt
exim: parametrise package
2018-09-16 22:53:02 +01:00
Jörg Thalheim
fc41ea8c8e
Merge pull request #46144 from dasJ/nullidentdmod-module
nixos/nullidentdmod: Init
2018-09-16 22:06:59 +01:00
rembo10
f1c9d5cf23 Add sickbeard module (with SickGear & SickRage) 2018-09-16 21:54:16 +02:00
pacien
d73ed4264f exim: parametrise package
This allows the definition of a custom derivation of Exim,
which can be used to enable custom features such as LDAP and PAM support.

The default behaviour remains unchanged (defaulting to pkgs.exim).
2018-09-16 15:19:29 +02:00
Bob van der Linden
d3eff01076
nixos: miniupnpd: use iptables scripts 2018-09-15 23:10:24 +02:00
Christian Kögler
533efd0cfd initial NixOS module for LIRC 2018-09-14 03:57:51 +02:00
Michael Alan Dorman
c76312aea5 airsonic: provide additional jvm configuration
This allows the user, among other things, to configure jukebox output
to go to non-default alsa devices.
2018-09-13 20:05:02 -04:00
Nick Hu
574f4c4069 profile-sync-daemon: 5.53 -> 6.33 2018-09-13 17:15:13 +09:00
Domen Kožar
bef541c569 datadog: add live process monitoring 2018-09-13 09:11:06 +01:00
Domen Kožar
049b3a6cc2 nixos: remove unneeded api_key from config 2018-09-13 09:11:06 +01:00
Uli Baum
1df2560dde Merge branch 'master' into staging-next 2018-09-13 10:08:53 +02:00
Robin Gloster
929f71d381
grafana module: allow path for extraConfig vals 2018-09-12 14:21:46 +02:00
Joachim F
e02575b906
Merge pull request #46381 from Chiiruno/dev/zeronet
nixos/zeronet: Fix TOR permissions, add torAlways option
2018-09-11 10:28:32 +00:00
Jörg Thalheim
1bdba70b71
Merge pull request #44496 from Yarny0/hylafaxplus
Hylafaxplus
2018-09-11 10:48:19 +01:00
Jörg Thalheim
c8ccc433df
nixos/hylafax: show correct option in warning message. 2018-09-11 10:38:04 +01:00
Edward Tjörnhammar
9dc661aa72
nixos/i2pd: Update options to encompass recent additions to the daemon
Also:
  * switch to flat sysdir
  * remove nixos default reseeds, rely on program defaults
  * refactor config expressions
2018-09-09 18:48:51 +02:00
Markus Kowalewski
0051772890
nixos/slurm: add option clusterName
slurm 18.08 requires ClusterName to be set
(set to default).
2018-09-08 23:14:54 +02:00
Okina Matara
9c97f37761 nixos/zeronet: Fix TOR permissions, add torAlways option 2018-09-08 12:12:11 -05:00
Michael Weiss
53ef5441bb nixos/sks: Make the webroot option optional
That way the built-in web server is usable by default but users can use
$HOME/web directly (instead of having to use a symlink), if they want to
customize the webpage.
2018-09-08 17:01:35 +02:00
Michael Weiss
eb0050ca45 nixos/sks: Use a group and don't add sks to systemPackages
Without a group the gid will default to 65534 (2^16 - 2) which maps to
"nogroup". IMO it makes more sense to explicitly set a valid group.

Adding pkgs.sks to environment.systemPackages is not required (IIRC we
want to avoid bloating environment.systemPackages). Instead it seems
like a better idea to make the relevant binaries available to the user
sks and enable useDefaultShell so that "su -l sks" can be used for
manual interaction (that way the files will always have the correct
owner).
2018-09-08 16:24:05 +02:00
Michael Weiss
a0d3d098ff nixos/sks: Add a webroot option
The module will now, by default, serve a simple webpage via the built-in
web server (instead of displaying an error message).
2018-09-08 16:24:05 +02:00
Yarny0
12fa95f2d6 modules: HylaFAX server configuration
This commit adds the following
* the uucp user
* options for HylaFAX server to control startup and modems
* systemd services for HylaFAX server processes
  including faxgettys for modems
* systemd services to maintain the HylaFAX spool area,
  including cleanup with faxcron and faxqclean
* default configuration for all server processes
  for a minimal working configuration

Some notes:

* HylaFAX configuration cannot be initialized with faxsetup
  (as it would be common on other Linux distributions).
  The hylafaxplus package contains a template spool area.
* Modems are controlled by faxgetty.
  Send-only configuration (modems controlled by faxq)
  is not supported by this configuration setup.
* To enable the service, one or more modems must be defined with
  config.services.hylafax.modems .
* Sending mail *should* work:
  HylaFAX will use whatever is in
  config.services.mail.sendmailSetuidWrapper.program
  unless overridden with the sendmailPath option.
* The admin has to create a hosts.hfaxd file somewhere
  (e.g. in /etc) before enabling HylaFAX.
  This file controls access to the server (see hosts.hfaxd(5) ).
  Sadly, HylaFAX does not permit account-based access
  control as is accepts connections via TCP only.
* Active fax polling should work; I can't test it.
* Passive fax polling is not supported by HylaFAX.
* Pager transmissions (with sendpage) are disabled by default.
  I have never tested or used these.
* Incoming data/voice/"extern"al calls
  won't be handled by default.
  I have never tested or used these.
2018-09-08 14:21:40 +02:00
Michael Weiss
28a46c2c6f
Merge pull request #46361 from primeos/nixos-sks
nixos/sks: Minor improvements
2018-09-08 14:16:55 +02:00
Tad Fisher
56b3c5b2dd nixos/networkmanager: fix VPN plugin service definition targets (#46201) 2018-09-08 14:10:51 +02:00
Michael Weiss
6764d41ecc nixos/sks: Update the descriptions and add meta.maintainers
TODO: Merge this module with https://github.com/NixOS/nixpkgs/pull/24516
2018-09-08 13:44:11 +02:00
Michael Weiss
a0d7b88911 nixos/sks: Add a dataDir option 2018-09-08 13:44:08 +02:00
Jan Tojnar
667e54bdb0
Merge pull request #45045 from jtojnar/rygel
Rygel
2018-09-08 06:22:37 +01:00
Jan Tojnar
60ae12f5de
nixos/rygel: init 2018-09-08 06:57:14 +02:00
Timo Kaufmann
e326c0156d
Merge pull request #45728 from Ma27/nixos/weechat-module
nixos/weechat: add module
2018-09-07 17:19:46 +02:00
Maximilian Bosch
18d419141d
nixos/weechat: cleanup module, add module documentation
This adds several improvements the previously introduced
`services.weechat` module:

* Dropped `services.weechat.init` as the initialization script can now
  be done on package-level since 2af41719bc using the `configure`
  function.

* Added `sessionName` option to explicitly configure a name for the
  `screen` session (by default: weechat-screen).

* Added `binary` option to configure the binary name (e.g.
  `weechat-headless`).

* Added docs regarding `screen` session and `weechat.service`.
2018-09-07 13:45:13 +02:00
Yegor Timoshenko
b54987715b
weechat: add NixOS module 2018-09-07 13:09:08 +02:00
David Smith
1d497bbff1 nixos/riemann: refactor config
Previously it was only possible to use very simple Riemann config.
For more complicated scenarios you need a directory of clojure
files and the config file that riemann starts with should be in this
directory.
2018-09-07 09:46:46 +01:00
Silvan Mosberger
aed92ec2e9
Merge pull request #44134 from dasJ/iperf
nixos/iperf: Init the module
2018-09-06 18:52:30 +02:00
Janne Heß
32a2d08b23 nixos/nullidentdmod: Init 2018-09-06 16:31:20 +02:00
Shea Levy
18337f3ece
Merge branch 'no-toPath' 2018-09-06 08:09:53 -04:00
Janne Heß
9e25ebc03a nixos/iperf: Init the module 2018-09-06 12:38:30 +02:00
Matthew Bauer
4120a9dda7
Merge pull request #42295 from avnik/libprefixed-to-multioutput/heimdal
Libprefixed to multioutput/heimdal
2018-09-05 13:50:13 -05:00
Alberto Berti
69e4e4934d Allow the definition of extra options on commandline
I stumbled upon an issue with the Alertmanager that required
an additional comand line option. See https://groups.google.com/forum/#!msg/prometheus-users/-5wd-P13xCI/lGLBHHgnBgAJ
2018-09-04 23:19:26 +02:00
Niklas Hambüchen
31919bce6b nix-daemon service: Ensure ssh is on PATH. Fixes #46038.
This fixes a regression introduced in commit
  700e21d6da

nix needs ssh on path for the SSH substituter functionality,
not only the distributed builds functionality.

Signed-off-by: Niklas Hambüchen <mail@nh2.me>
2018-09-04 16:19:35 +02:00
Vladimír Čunát
1428d00aa4
Merge branch 'master' into staging-next
Hydra: ?compare=1477053
2018-09-04 13:06:45 +02:00
Graham Christensen
61deecdc34
nixos docs: more IDs 2018-09-02 15:56:24 -04:00
Graham Christensen
146f8bac7e
Merge pull request #45911 from samueldr/fix/nixos-help-browser
nixos/manual: nixos-help knows about colon-separated BROWSER
2018-09-02 14:30:22 -04:00
Yorick
1ee3ad6732 wireguard: change preStop to postStop, require network.target (#45569)
* wireguard: change preStop to postStop, require network.target

* wireguard service: network.target -> network-online.target
2018-09-02 17:07:55 +02:00
Frederik Rietdijk
b910b697f6 Merge master into staging 2018-09-02 12:10:33 +02:00
Uli Baum
5f72169b03 nixos/displayManagers/auto: allow root auto-login
The switch from slim to lightdm in #30890 broke some nixos tests
because lightdm by default doesn't permit auto-login for root.
Override /etc/pam.d/lightdm-autologin to allow it.
2018-09-02 08:18:10 +02:00
Florian Klink
953b77f07b bird: set reloadIfChanged to true (#45924)
This will trigger the reload instead of restart command if a definition
changes, which is much more desireable for a routing daemon.
2018-09-02 06:51:32 +02:00
Samuel Dionne-Riel
ca47cc90c2
Merge pull request #39142 from teto/nm_dispatchers
[RDY] networkmanager: enrich dispatcher PATH
2018-09-01 23:26:36 -04:00
Uli Baum
15e6e1ff6f nixos/nginx: fix type of sslTrustedCertificate option
The option was added in 1251b34b5b
with type `types.path` but default `null`, so eval failed with
the default setting. This broke the acme and certmgr tests.

cc: @vincentbernat @fpletz
2018-09-02 01:35:59 +02:00
Graham Christensen
34d2ec7c09
nixos docs: give IDs to things 2018-09-01 16:20:49 -04:00
volth
2413fcdfeb services.xserver.windowManager.session: handle duplicate names (#37690) 2018-09-01 21:27:17 +02:00
Samuel Dionne-Riel
4ff5f304b9 nixos/manual: nixos-help knows about colon-separated BROWSER
This is the semantics as understood by `xdg-open`. Using these semantics
on a non-colon-separated variable works because it acts as if it was a
one element long list.

This fixes an issue where it would try to exec
`google-chrome-beta:google-chrome:chromium:firefox` on a system
configured with these semantics in mind.
2018-09-01 13:48:49 -04:00
Vladimír Čunát
2d6179d1e8
Merge branch 'master' into staging
A few trivial conflicts due to *Platforms mass replace.
2018-09-01 17:38:18 +02:00
xeji
ff679f86a2
Merge pull request #30890 from Lassulus/slim-lightdm
display-managers: make lightdm the default
2018-09-01 16:11:38 +02:00
Jörg Thalheim
58c29e9e75
Merge pull request #45875 from wizeman/u/fix-transmission-mod2
nixos/transmission: fix AppArmor profile to include keyutils
2018-09-01 12:13:22 +01:00
Vladimír Čunát
0473466ba5
Merge #45731: artwork update (replacing old logo) 2018-09-01 10:43:20 +02:00
lassulus
fc035da4a4 xserver.displayManager: change default
Switch from slim to lightdm as the display-manager.
    If plasma5 is used as desktop-manager use sdddm.
    If gnome3 is used as desktop-manager use gdm.

    Based on #12516
2018-08-31 17:57:39 +02:00
Ricardo M. Correia
6376c5df87 nixos/transmission: fix AppArmor profile to include keyutils 2018-08-31 17:19:29 +02:00
Tobias Happ
8f0bafcaff nixos/gitea: fix pre start script (#44979)
The gitea path is hardcoded in hooks directory in files of paths like:
    repositories/<user>/<repo>.git/hooks/update.d/gitea
2018-08-31 16:39:58 +02:00
John Ericson
2c4a75e9ef
Merge pull request #45820 from obsidiansystems/dont-use-obsolete-platform-aliases
treewide: Dont use obsolete platform aliases
2018-08-31 09:56:10 -04:00
チルノ
17564e0ed9 nixos/zeronet: init (#44842) 2018-08-31 11:40:23 +01:00
Sarah Brofeldt
bb321a2624
Merge pull request #45811 from Nadrieril/fix-usbguard-auditfile
nixos/usbguard: ensure the audit log file can be created 
nixos/usbguard: disable debug output
2018-08-31 11:40:13 +02:00
Franz Pletz
1cc916b5b2
Merge pull request #45810 from vincentbernat/fix/nginx-stapling
nixos/nginx: ensure TLS OCSP stapling works out of the box with LE
2018-08-31 07:18:40 +00:00
Jan Tojnar
f0136e4bc8
Merge pull request #45638 from aanderse/incron
incron: init at 0.5.12
2018-08-31 06:54:58 +01:00
Aaron Andersen
9b12db6928 changed from forking to simple as recommended by @aszlig 2018-08-31 03:03:04 +00:00
Aaron Andersen
d7d7533c18 changes as per requested by @aszlig 2018-08-31 02:52:49 +00:00
Aaron Andersen
7bc2a0dd64 removed quotes when not needed as suggested by @aszlig 2018-08-31 02:17:38 +00:00
John Ericson
2c2f1e37d4 reewide: Purge all uses stdenv.system and top-level system
It is deprecated and will be removed after 18.09.
2018-08-30 17:20:32 -04:00
Nadrieril
9b9ba8405b nixos/usbguard: ensure the audit log file can be created
Since version 0.7.3, usbguard-daemon won't start if the file cannot be opened.
2018-08-30 21:54:22 +01:00
Nadrieril
08148a746a nixos/usbguard: disable debug output 2018-08-30 21:54:22 +01:00
Vincent Bernat
1251b34b5b nixos/nginx: ensure TLS OCSP stapling works out of the box with LE
The recommended TLS configuration comes with `ssl_stapling on` and
`ssl_stapling_verify on`. However, this last directive also requires
the use of `ssl_trusted_certificate` to verify the received answer.
When using `enableACME` or similar, we can help the user by providing
the correct value for the directive.

The result can be tested with:

    openssl s_client -connect web.example.com:443 -status 2> /dev/null

Without OCSP stapling, we get:

    OCSP response: no response sent

After this change, we get:

    OCSP Response Data:
        OCSP Response Status: successful (0x0)
        Response Type: Basic OCSP Response
        Version: 1 (0x0)
        Responder Id: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
        Produced At: Aug 30 20:46:00 2018 GMT
2018-08-30 22:47:41 +02:00
Jan Tojnar
8a8056c302
Merge pull request #45058 from michaelpj/imp/freedesktop-modules
freedesktop modules: init
2018-08-30 16:14:35 +01:00
Vladimír Čunát
6f2f91f307
Merge #42880: libinput: split .bin output 2018-08-30 15:29:32 +02:00
Vladimír Čunát
ab539ab863
libinput: make .bin the first output
That's the convention:
2018-08-30 15:27:26 +02:00
Johannes Lötzsch
bb08d1c13f nixos/zabbix: fix initial database creation (#45750)
without this fix the database setup fails with „could not connect to database postgres: FATAL:  role "root" does not exist“
2018-08-30 08:25:13 +01:00
Nikolay Amiantov
69407cb013 firewall service: respect marks in rpfilter (#39054)
This allows one to add rules which change a packet's routing table:

iptables -t raw -I PREROUTING 1 -m set --match-set myset src -j MARK --set-mark 2
ip rule add fwmark 2 table 1 priority 1000
ip route add default dev wg0 table 1

to the beginning of raw table PREROUTING chain, and still have rpfilter.
2018-08-29 20:50:53 +02:00
Samuel Dionne-Riel
bc5b26b4ab Reviews use of old nixos wallpaper to use one with the new logo.
The wallpaper used is *structurally compatible* with the other one,
meaning that the logo is at the same location, and not bigger.

It has one drawback: the logo is brighter, which clashes with the grub
usage. This is to be fixed with new options in grub.
2018-08-29 00:04:58 -04:00
Aaron Andersen
d9943e6bba added option to specify which packages are available to the system incrontab
recommendation by @jtojnar and @maurer
2018-08-29 00:43:28 +00:00
Aaron Andersen
3d1091eb5b added a check to make sure a situation where a defined configuration wouldn't be unused as per recommended by @maurer 2018-08-28 23:50:55 +00:00
Tuomas Tynkkynen
69b4f427b6 nixos/zabbix-agent: Make the Zabbix package user-configurable 2018-08-28 17:43:12 +03:00
Aaron Andersen
b77f38c3cd added a comment about the PATH variable under which incrontab commands will run 2018-08-27 21:31:55 +00:00
Aaron Andersen
7840d00532 clarified the descriptions of the allow and deny options 2018-08-27 21:15:03 +00:00
Aaron Andersen
fc1f33bc2c fixed issue with system jobs 2018-08-27 15:23:19 +00:00
Vincent Bernat
bd075eb914 nginx: add more gzipped MIME types
The additions are:

 - image/svg+xml for SVG images
 - application/atom+xml for Atom feeds

These types are also present in mime.types. For better readability,
the list is sorted and formatted with one type per line.
2018-08-26 21:48:55 +02:00
Vincent Bernat
06a5fb2ada nginx: use a compression level of 5 in recommended configuration
While there is little gain of space to use a compression level of 9,
the CPU usage is significant. Many experiments point to use something
between 4 and 6. For example:

 - https://mjanja.ch/2015/03/finding-the-nginx-gzip_comp_level-sweet-spot/
 - 3bda5b93ed/nginx.conf (L93)
2018-08-26 21:43:34 +02:00
Jörg Thalheim
a78b364ed4
Merge pull request #44890 from dywedir/iwd
iwd: 0.4 -> 0.7
2018-08-26 17:25:42 +01:00
Augustin Borsu
4d3ce5ca36 nixos/jupyter: init service 2018-08-26 12:00:54 +02:00
Aaron Andersen
fc03a9f5b7 initial work on incron service 2018-08-25 18:08:24 -04:00
Bas van Dijk
32200033a6 elasticsearch-curator: include the module in the module-list & fix bug 2018-08-25 18:53:10 +02:00
David Smith
2ec33f527b elasticsearch-curator: don't need to add enable to elasticsearch-curator service 2018-08-25 18:53:10 +02:00
David Smith
3744467589 nixos/curator: init elasticsearch curator
https://www.elastic.co/guide/en/elasticsearch/client/curator/5.5/index.html
2018-08-25 18:53:10 +02:00
Bas van Dijk
7d04961c95
Merge pull request #44389 from Mic92/es6
elasticsearch: use 6.x as default version, remove unsupported releases
2018-08-25 17:04:07 +02:00
Vladyslav Mykhailichenko
d73fd69952 iwd: 0.4 -> 0.7 2018-08-25 15:26:52 +03:00