Commit Graph

10648 Commits

Author SHA1 Message Date
hyperfekt
3731835efc nixos/fish: generate autocompletions from man pages 2019-02-27 12:23:48 +01:00
Averell Dalton
7f7209ef9a nixos/docker: add enableNvidia option 2019-02-27 09:56:03 +01:00
Robert Schütz
029adf9619
Revert "nixos/fish: generate autocompletions from man pages" (#56439)
System rebuilds currently fail due to collisions.
See also https://github.com/NixOS/nixpkgs/issues/56432.
2019-02-27 00:08:57 +01:00
Dmitry Kalinkin
c9d5546635
openafs: minor documentation fix 2019-02-26 14:49:59 -05:00
Tom F
9f07fa719c Document the addresses Alertmanager will listen on (#56409)
https://github.com/golang/go/issues/9334 describes how net.Listen (as used by Alertmanager):
* listens on 127.0.0.1 if the listenAddress is "localhost"
* listens on all interfaces if the listenAddress is ""
2019-02-26 14:59:11 +01:00
Matthieu Coudron
20bbfc39e4 services.nextcloud: add logLevel (#56400)
a vlaue between 0 and 4 to help debug problems
2019-02-26 09:18:08 +01:00
Linus Heckemann
31f0972e27
Merge pull request #52464 from hyperfekt/fish_generate-completions
nixos/fish: generate autocompletions from man pages
2019-02-25 22:03:51 +01:00
Jan Tojnar
f93ff28c62 nixos/nginx: Enable TLS 1.3 support 2019-02-25 16:47:19 +01:00
hyperfekt
5cc6377647 nixos/fish: generate autocompletions from man pages 2019-02-25 16:39:04 +01:00
Andreas Rammhold
64c60a813d nixos/gnunet: fix typo in PrivateTmp parameter (#56343)
Systemd expects `PrivateTmp` and not `PrivateTemp` in the service
configuration.

I found this by chance while grepping through nixpkgs…
2019-02-25 15:53:36 +01:00
Linus Heckemann
dd25140305
Merge pull request #56326 from uvNikita/openssh/fix-socket
sshd: fix startWhenNeeded and listenAddresses combination
2019-02-25 12:06:11 +01:00
Elis Hirwing
0d3230f339
Merge pull request #56335 from Izorkin/nginx-fix-config
nginx: fix formating the config file
2019-02-25 10:59:37 +01:00
Silvan Mosberger
02db11d369
Merge pull request #55792 from sdier/fix/pam-update
Allow duosec to be used in nixos as a pam module.
2019-02-25 01:38:51 +01:00
Daiderd Jordan
50fec3dcd2 nixos-rebuild: add edit command (#56241) 2019-02-25 00:59:35 +01:00
Nikita Uvarov
131e31cd1b
sshd: fix startWhenNeeded and listenAddresses combination
Previously, if startWhenNeeded was set, listenAddresses option was
ignored and daemon was listening on all interfaces.
Fixes #56325.
2019-02-25 00:51:58 +01:00
Scott Dier
a3273e85e3 nixos/security: Fix pam configuration file generation. 2019-02-24 22:49:01 +00:00
Scott Dier
4e9ac79ef5 nixos/security: Allow configuration of pam for duosec. 2019-02-24 22:49:01 +00:00
Scott Dier
096e66a8ad nixos/security: Add duo-unix support to pam.
Also whitespace cleanup of surrounding code.
2019-02-24 22:48:56 +00:00
Izorkin
569248b3c2 nginx: fix formating the config file 2019-02-24 19:50:58 +03:00
Ryan Mulligan
d14f102334
Merge pull request #44573 from vincentbernat/feature/cloudstack
nixos/cloudstack-image: initial import
2019-02-24 08:28:42 -08:00
Léo Gaspard
5fa2c13696
Merge pull request #56257 from pacien/synapse-0.99.1.1-homeserverscript
matrix-synapse: restore service wrapper script
2019-02-24 17:11:41 +01:00
Frederik Rietdijk
c2eac6741b Merge master into staging-next 2019-02-24 09:19:12 +01:00
Elis Hirwing
d7ba376435
Merge pull request #56280 from Izorkin/nginx-config
nginx: formating the config file
2019-02-24 08:57:31 +01:00
Elis Hirwing
d4f487a78b
Merge pull request #56220 from SeTSeR/master
acpilight: init at 1.1
2019-02-24 08:28:51 +01:00
Izorkin
0394b177c7 nginx: formating the config file 2019-02-24 10:17:11 +03:00
Will Dietz
b5c0aa9ea3
squeezelite: fix 'cfg' reference (#56271) 2019-02-23 18:28:02 -06:00
Ryan Mulligan
7776de07f4
Merge pull request #38033 from peterhoeg/f/slite
squeezelite: 2016-05-27 -> 2018-08-14
2019-02-23 15:10:06 -08:00
Sergey Makarov
4cae259fce
acpilight: init at 1.1
Use pname instead of manual adding version to package name
2019-02-24 00:09:11 +03:00
pacien
cb15d762f4 Revert "nixos/matrix-synapse: use python to launch synapse"
This reverts commit eb753318b3.

The homeserver script has been restored with commit
0c663e9032.
2019-02-23 20:58:28 +01:00
Emanuel Evans
ddabdc0a1e
nixos/gnupg: set SSH_AUTH_SOCK in non-interactive settings
`SSH_AUTH_SOCK` is useful in some non-interactive settings, for instance
daemonized Emacs. Fixes #55733.
2019-02-23 10:49:32 -08:00
Robert Schütz
63b7732ed6
Merge pull request #56202 from dotlambda/home-assistant-availableComponents
nixos/home-assistant: use availableComponents of configured package
2019-02-23 13:38:03 +01:00
Silvan Mosberger
cc98350d55
Merge pull request #55843 from LnL7/nixos-nss-hosts
nixos-nsswitch: add option to configure nssHosts
2019-02-22 23:04:01 +01:00
Daiderd Jordan
11cd761dbf
nixos/nsswitch: add option to configure nssHosts
Enables adding or overriding the default nsswitch hosts in a generic
way for packages without a nixos module.
2019-02-22 23:00:24 +01:00
Elis Hirwing
5f00002a3c
Merge pull request #56167 from etu/iso-with-audio
installer: Enable pulseaudio in all graphical iso's
2019-02-22 21:24:12 +01:00
Silvan Mosberger
bcda0e37f6
Merge pull request #56012 from matix2267/logind-lid-switch-external-power
nixos/logind: Add defaultText to config option since it's not static value.
2019-02-22 20:55:46 +01:00
Silvan Mosberger
c0318efe9a
Merge pull request #50504 from symphorien/local-closureInfo
nixos: add preferLocalBuild=true; on derivations for config files and closureInfo
2019-02-22 20:53:17 +01:00
Symphorien Gibol
a915b33315 nixos: add preferLocalBuild=true; on derivations for config files 2019-02-22 20:11:27 +01:00
Lorenzo Manacorda
1bc0d79650 nixos/ledger: init 2019-02-22 19:26:47 +01:00
Vladimír Čunát
71f4ba29a3
Merge branch 'master' into staging-next
Hydra nixpkgs: ?compare=1506218
2019-02-22 17:51:01 +01:00
Robert Schütz
e211f55d87 nixos/home-assistant: use availableComponents of configured package
fixes #55958
2019-02-22 17:33:18 +01:00
aanderse
e5405f9ae8 nixos/beanstalkd: new service for existing package (#55953) 2019-02-22 14:10:02 +01:00
Elis Hirwing
d1c2805eb5
profiles/graphical.nix: Enable pulseaudio for virtualbox appliances 2019-02-22 07:23:59 +01:00
Elis Hirwing
6483e75afa
installer: Enable pulseaudio in all graphical iso's 2019-02-21 23:04:33 +01:00
Adam Finn Tulinius
291c809888 nixos/kubernetes: add missing systemd restart options 2019-02-21 14:57:57 +01:00
Michael Raskin
0b91fa43e4
Merge pull request #54980 from danbst/etc-relative
nixos: make symlinks in `/etc` relative (except `/etc/static`)
2019-02-21 09:45:42 +00:00
Jörg Thalheim
183919a0c0
Merge pull request #56004 from eskimor/add-nix-serve-help
nixos-nix-serve: Add some hint on howto get valid signing keys.
2019-02-21 09:43:50 +00:00
Michael Raskin
95039d0668
nixos/xserver: drop intel from videoDrivers (#55583)
* nixos/xserver: drop intel from videoDrivers

* Some more notes about possible regressions
2019-02-21 09:42:11 +00:00
Frederik Rietdijk
e2cd07b997 Merge staging-next into staging 2019-02-21 07:54:33 +01:00
Matthew Bauer
475c8aa018 nixos-rebuild: get Nix from channel
If our old Nix can’t evaluate the Nixpkgs channel, try the fallback
from the new channel /first/. That way we can upgrade Nix to a newer
version and support breaking changes to Nix (like seen in the upgrade
o Nix 2.0).

This change should be backported to older NixOS versions!
2019-02-20 20:02:20 -05:00
Franz Pletz
2935a67eb9
Merge pull request #45670 from johanot/kubernetes-1.11
nixos/kubernetes: Module refactor
2019-02-20 23:31:47 +00:00
Jaka Hudoklin
97a27fd2d2
nixos/kubernetes: fix flannel and kubelet startup 2019-02-21 00:26:11 +01:00
Tor Hedin Brønner
bba6de611a
Merge pull request #56046 from callahad/bolt
Add and enable Bolt to support Thunderbolt 3 settings in GNOME
2019-02-20 21:43:02 +01:00
Franz Pletz
3a02205496
nixos/kubernetes: bootstrap docker without networking
Before flannel is ready there is a brief time where docker will be
running with a default docker0 bridge. If kubernetes happens to spawn
containers before flannel is ready, docker can't be restarted when
flannel is ready because some containers are still running on the
docker0 bridge with potentially different network addresses.

Environment variables in `EnvironmentFile` override those defined via
`Environment` in the systemd service config.

Co-authored-by: Christian Albrecht <christian.albrecht@mayflower.de>
2019-02-20 21:08:58 +01:00
Johan Thomsen
7028fac35b
nixos/kubernetes: use system.path to handle dependency on flannel subnet.env
The current postStart step on flannel causes flannel.service to
sometimes hang, even when it's commanded to stop.
2019-02-20 21:08:56 +01:00
Johan Thomsen
466beb0214
nixos/kubernetes: let flannel use kubernetes as storage backend
+ isolate etcd on the master node by letting it listen only on loopback
+ enabling kubelet on master and taint master with NoSchedule

The reason for the latter is that flannel requires all nodes to be "registered"
in the cluster in order to setup the cluster network. This means that the
kubelet is needed even at nodes on which we don't plan to schedule anything.
2019-02-20 21:08:56 +01:00
Johan Thomsen
1f49c2160a
nixos/kubernetes: CoreDNS privileges has to be assigned by addon manager bootstrap
- because the kube-addon-manager drops most of its privileges after
startup.
2019-02-20 21:08:55 +01:00
Johan Thomsen
6334796370
nixos/kubernetes: use the certmgr-selfsigned variant 2019-02-20 21:08:54 +01:00
Johan Thomsen
e2380e79e1
nixos/kubernetes: major module refactor
- All kubernetes components have been seperated into different files
- All TLS-enabled ports have been deprecated and disabled by default
- EasyCert option added to support automatic cluster PKI-bootstrap
- RBAC has been enforced for all cluster components by default
- NixOS kubernetes test cases make use of easyCerts to setup PKI
2019-02-20 21:08:01 +01:00
aanderse
a9358c4356 nixos/httpd: update documentation to reflect changes from https://github.com/NixOS/nixpkgs/pull/54529 (#56079) 2019-02-20 14:43:25 +02:00
Robert Klotzner
9f3fe63b5f Add some hint on howto get valid signing keys. 2019-02-20 12:32:08 +01:00
Vladimír Čunát
32767d139f
Merge branch 'staging-next'
This round is without the systemd CVE,
as we don't have binaries for that yet.
BTW, I just ignore darwin binaries these days,
as I'd have to wait for weeks for them.
2019-02-20 09:38:45 +01:00
Elis Hirwing
f342be2c06
Merge pull request #56062 from elseym/jackett-module
jackett module: add more options and refactor
2019-02-20 09:14:36 +01:00
Elis Hirwing
66404f0742
Merge pull request #56061 from elseym/radarr-module
radarr module: add more options and refactor
2019-02-20 09:14:23 +01:00
Domen Kožar
ae3a807a21
Merge pull request #47334 from bfortz/autojump
autojump: new program.autojump.enable flag to automatically load autojump
2019-02-20 15:12:51 +07:00
Peter Hoeg
ecb3c507f5
Merge pull request #54917 from peterhoeg/f/vmware
vmware: move from services to virtualisation and add support for paravirtual controller
2019-02-20 14:34:25 +08:00
Florian Klink
c8b33d15d1
Merge pull request #56076 from telotortium/patch-1
tt-rss: Fix syntax error in config.php DB_PASS field
2019-02-20 01:58:28 +01:00
Florian Klink
11699d03bc
Merge pull request #56072 from bgamari/gitlab-database-config
nixos/gitlab: Introduce database pool size option
2019-02-20 01:56:28 +01:00
Robert Irelan
7ae4b4897a
tt-rss: Fix syntax error in config.php DB_PASS field
Empty password case would write `define('DB_PASS', )` instead of `define('DB_PASS', '')`.
2019-02-19 16:24:17 -08:00
Ben Gamari
bd5ba09b79 nixos/gitlab: Introduce database pool size option
As well as a extraDatabaseConfig option.
2019-02-19 17:49:15 -05:00
Dan Callahan
d20ad56ca7
nixos/gnome3: enable bolt by default
GNOME's support for Thunderbolt 3 requires the bolt daemon.

Fixes #55938
2019-02-19 20:54:39 +00:00
Dan Callahan
139e12323f
nixos/bolt: init at 0.7 2019-02-19 20:54:38 +00:00
elseym
a73817ed82
jackett module: add more options and refactor 2019-02-19 20:45:00 +01:00
Sarah Brofeldt
45fceae236
Merge pull request #56001 from johanot/coredns-1.3.1-dashboard-1.10.1
nixos/kubernetes: Bump CoreDNS and Dashboard
2019-02-19 20:31:31 +01:00
elseym
7b58ca7797
radarr module: add more options and refactor 2019-02-19 20:25:58 +01:00
Vladimír Čunát
024407bf9a
Merge branch 'master' into staging-next
Hydra nixpkgs: ?compare=1505754
2019-02-19 12:11:04 +01:00
Matthew Bauer
6fc5ce2c4f nixos/system-path.nix: add 3 to every priority
We can’t use lowPrio here because it erases the differences in
priority of the packages by setting it to a constant value. see this
comment for info:

https://github.com/NixOS/nixpkgs/issues/55886#issuecomment-464766877
2019-02-18 21:16:30 -05:00
Matthew Bauer
b1bbd94bb6 Merge remote-tracking branch 'NixOS/master' into staging 2019-02-18 20:36:48 -05:00
Kai Wohlfahrt
de7abf63b8 nixos/ssh: apply options after extraConfig
Otherwise, the standard options (e.g. AddressFamily) cannot be overriden
in extraConfig, as the option is applied on the first (not most
specific) match. Closes #52267
2019-02-18 21:58:46 +00:00
Mateusz Gołębiewski
ddcf485386 nixos/logind: Add defaultText to config option since it's not static value. 2019-02-18 20:37:02 +01:00
Johan Thomsen
f738618637 nixos/kubernetes: dashboard 1.8.3 -> 1.10.1
- add option to specify extra cmdline arguments to the dashboard
2019-02-18 17:34:30 +01:00
Johan Thomsen
5af74e19e6 nixos/kubernetes: coredns 1.2.5 -> 1.3.1 2019-02-18 17:34:30 +01:00
Frederik Rietdijk
815b77cbe6 Merge master into staging-next 2019-02-18 14:18:04 +01:00
Silvan Mosberger
a3f85f0dc0
Merge pull request #55410 from aanderse/apache-defaults
nixos/httpd: improve security in configuration file
2019-02-18 03:27:18 +01:00
Silvan Mosberger
ac953a4a6b
Merge pull request #55766 from Lucus16/bump-quassel
nixos/quassel: Add support for certificate file
2019-02-18 03:04:56 +01:00
rembo10
8e151c1e86
Merge branch 'master' into headphones 2019-02-18 09:14:14 +08:00
Ryan Mulligan
a52d280cc4
Merge pull request #55955 from rnhmjoj/diod
Fixes for diod
2019-02-17 14:23:26 -08:00
Justin Bedő
05ab1a6e5a
Merge branch 'master' into singularity 2019-02-17 21:49:37 +00:00
Ryan Mulligan
c3f9fdbf42
Merge pull request #55957 from dasJ/icingaweb2-module
nixos/icingaweb2: Init the module
2019-02-17 11:12:23 -08:00
Janne Heß
1caa886f6c nixos/icingaweb2: Init the module
The module is indeed very large but allows configuring every aspect of
icingaweb2. The built-in monitoring module is in an own file because
there are actually more (third-party) modules and this structure means
every module can get an own file.
2019-02-17 19:08:47 +01:00
rnhmjoj
6871e43937
nixos/diod: fix permissions 2019-02-17 18:26:00 +01:00
Ryan Mulligan
b2a04d4484
Merge pull request #55922 from tek/master
fix syntax error in tt-rss pre-start script
2019-02-17 05:11:36 -08:00
Torsten Schmits
97bb693927 nixos/tt-rss: fix syntax error in pre-start script 2019-02-17 10:50:24 +01:00
Vladimír Čunát
f7f1a2f54e
Merge branch 'master' into staging-next
A mass darwin rebuild from master (#55784).
2019-02-17 08:05:24 +01:00
Ryan Mulligan
55fa356613
Merge pull request #55920 from matix2267/logind-lid-switch-external-power
nixos/logind: Add option for HandleLidSwitchExternalPower
2019-02-16 22:01:14 -08:00
Mateusz Gołębiewski
fb9619ca03 nixos/logind: Add option for HandleLidSwitchExternalPower
The default according to `man logind.conf` is to perform the same action as in
HandleLidSwitch.
2019-02-16 23:56:22 +01:00
Thomas Tuegel
3c9e2820ac
Merge pull request #55351 from timor/kio-extras-man-protocol
kio-extras: enable man protocol
2019-02-16 13:47:56 -06:00
Frederik Rietdijk
fd48a94b62 Merge staging-next into staging 2019-02-16 09:30:46 +01:00
Frederik Rietdijk
6fe10d2779 Merge master into staging-next 2019-02-16 09:29:54 +01:00
Jan Tojnar
23eff453a2
Merge pull request #55742 from aanderse/php-fpm
nixos/phpfpm: allow configuring php.ini files per-pool
2019-02-16 07:28:07 +01:00
Graham Christensen
a1525c5d48
docs: give matomo an ID 2019-02-15 17:51:00 -05:00
Jaka Hudoklin
5ae048071d
Merge pull request #55649 from johanot/flannel-with-kubernetes-backend
nixos/flannel: add kubernetes as storage backend (and fix test)
2019-02-15 19:55:56 +01:00
Peter Hoeg
507855e56c
Merge pull request #55667 from amazari/master
zoneminder: fix build issue when using createLocally database
2019-02-15 22:00:31 +08:00
Silvan Mosberger
b1bda29f5c
Merge pull request #55517 from florianjacob/cups-fix-ssl-dir
nixos/cups: Fix Unable to encrypt connection:
2019-02-14 21:19:57 +01:00
Silvan Mosberger
8a5925b7eb
Merge pull request #55301 from telotortium/tt-rss_disable_automatic_updates
Remove option config.services.tt-rss.checkForUpdates (forced to false)
2019-02-14 21:15:30 +01:00
Silvan Mosberger
3df95cfd9a
Merge pull request #55540 from florianjacob/matomo
Security: Matomo 3.7.0 -> 3.8.1
2019-02-14 21:13:57 +01:00
Silvan Mosberger
c84488329b
Merge pull request #47747 from florianjacob/matomo-archive-processing-service
Matomo archive processing service
2019-02-14 21:05:16 +01:00
Florian Jacob
33b3272692 nixos/cups: Fix Unable to encrypt connection:
Unable to create server credentials
by creating /var/lib/cups/ssl directory.
2019-02-14 20:43:26 +01:00
Silvan Mosberger
80480598d4
Merge pull request #55515 from rycee/wpa_supplicant_citerefentry
nixos/wpa_supplicant: use `<citerefentry>`
2019-02-14 20:38:05 +01:00
Lars Jellema
85675c139f
nixos/quassel: Add support for certificate file 2019-02-14 14:36:21 +01:00
Frederik Rietdijk
a25d48cd4f Merge master into staging 2019-02-14 11:35:50 +01:00
Jan Tojnar
606ceda352
gnome3: stop using aliases 2019-02-14 02:31:15 +01:00
Aaron Andersen
5eef3590ae nixos/phpfpm: allow configuring php.ini files per-pool 2019-02-13 19:58:02 -05:00
Michael Raskin
f539a6a70e
Merge pull request #55138 from oxij/tree/random-fixes
random cleanups and a tiny fix
2019-02-13 20:16:07 +00:00
Alex Whitt
58d6951971 nzbget: Fix script for copying default config file template (#51235)
* nzbget: Fix configFile / dataDir checking in service script

* nzbget: improve the description for the `configFile` option

* nzbget: Add detail to the `configFile` option description

* nzbget: Improve wording of `configFile` option

* nzbget: Refactor dataDir management into systemd config

* nzbget: Remove debug
2019-02-13 17:38:32 +01:00
Johan Thomsen
94136fdc1b nixos/flannel: node name needs to be configured for flannel to work with kubernetes storage backend 2019-02-13 17:17:52 +01:00
Frederik Rietdijk
7257dedd7c Merge master into staging-next 2019-02-13 12:33:29 +01:00
Francesco Zanini
ab912cf744 atlassian services: allow overriding package (#55685) 2019-02-13 08:08:13 +00:00
Alexandre Mazari
b93ea9c26f zoneminder: fix build issue when using createLocally database 2019-02-12 22:32:11 +01:00
Johan Thomsen
9522ca5ce9 nixos/flannel: add options to configure kubernetes as config backend for flannel 2019-02-12 18:26:39 +01:00
lewo
b2f3738336
Merge pull request #55589 from johanot/docker-preloader-mkif-guard
nixos/dockerPreloader: guard the entire implemetation with mkIf on image list
2019-02-12 10:16:21 +01:00
Franz Pletz
adb837eea7
Merge pull request #55024 from telotortium/airsonic-virtualHost
airsonic: Add virtualHost option to set up nginx virtual host
2019-02-12 02:09:25 +00:00
Johan Thomsen
302c4df41d nixos/dockerPreloader: guard the entire implemetation with mkIf on image list 2019-02-11 23:35:25 +01:00
Florian Klink
4aa2592905
Merge pull request #55550 from edude03/patch-2
Push plex logs to syslog/journald
2019-02-11 22:28:57 +01:00
Florian Klink
e6df4dfe59
Merge pull request #54800 from nlewo/nova
Remove cloud-init from the Openstack image configuration
2019-02-11 22:23:32 +01:00
Antoine Eiche
933da6de91 nixos: Add ec2-metadata-fetcher.nix file
To share the metadata fetcher script between ec2 and Openstack images.
2019-02-11 20:58:45 +01:00
Antoine Eiche
78acac050f nixos/openstackImage: default hostname is empty string
This is to let the `ec2-data.nix` module sets the hostname from the
metadata API value.
2019-02-11 20:58:45 +01:00
Antoine Eiche
d190b204f0 Rename novaImage to openstackImage
People don't necessary know `nova` is related to Openstack (it is a
component of Openstack). So, it is more explicit to call it
`openstackImage`.
2019-02-11 20:58:44 +01:00
Florian Jacob
faac33bc77 nixos/matomo: 3.8.0 introduces matomo.{php,js} files 2019-02-11 17:33:44 +01:00
Eelco Dolstra
07208e7a0b
nixos-generate-config: Don't suggest setting a uid
This hasn't been needed for a long time, even when `mutableUsers =
false`. Setting a uid manually is potentially risky since it could
collide with non-declarative user accounts. (We do check for
collisions between declarative accounts.)
2019-02-11 10:49:25 +01:00
Michael Francis
34cf79c6d2
Push plex logs to syslog/journald 2019-02-11 10:47:21 +08:00
Robert Helgesson
488a3f09cd
nixos/wpa_supplicant: use <citerefentry>
Fixes #55505
2019-02-10 13:23:28 +01:00
Jörg Thalheim
393b1510c9
Merge pull request #55440 from Mic92/teamspeak
nixos/teamspeak: ipv6 support
2019-02-10 09:02:20 +00:00
Jörg Thalheim
d59f9c0e5f
Merge pull request #55432 from Mic92/ttrss
ttrss: database.passwordFile, ldap plugin, configureable socket
2019-02-10 09:01:45 +00:00
Sharif Olorin
3755577ba6 nixos/systemd: update max line length in systemd units
The length check was introduced[0] to match systemd's max line
length. This limit has been increased[1][2] to 1MiB, starting with
systemd v235.

[0] https://github.com/nixos/nixpkgs/issues/3403
[1] e6dde451a5
    (relevant systemd commit)
[2] https://github.com/systemd/systemd/issues/3302
    (more context on systemd change)
2019-02-10 00:39:29 +00:00
Lorenzo
1dca9d763c
nixos/xautolock: improve doc of time parameer
Specify that the `time` parameter expresses minutes.
2019-02-09 20:47:01 +01:00
Matthew Bauer
5c09d977c7 Merge remote-tracking branch 'origin/master' into staging 2019-02-09 12:14:06 -05:00
Robert Schütz
efe98cbdc8 nixos/home-assistant: make config.http.server_port an integer 2019-02-09 15:26:55 +01:00
Jeff Slight
c95407b327 boot/raspberrypi: replace deprecated configuration option 2019-02-08 11:36:09 -08:00
Sarah Brofeldt
8049fafb5d
Merge pull request #55443 from ptman/patch-1
nixos/docker-registry: fix listenAddress
2019-02-08 20:01:22 +01:00
Maximilian Bosch
6fb825b057 nixos/roundcube: add package option
With this option it's possible to specify a custom expression for
`roundcube`, i.e. a roundcube environment with third-party plugins as
shown in the testcase.
2019-02-08 13:35:09 +00:00
Paul Tötterman
23a84e939e nixos/docker-registry: fix listenAddress
listenAddress config option was previously unused in config generation
2019-02-08 14:39:22 +02:00
Jörg Thalheim
6c28dd858b
teamspeak: ipv6 support
Unlike the options descriptions the service was not listen to any
IPs because the address family was limited to ipv4.
2019-02-08 10:28:20 +00:00
Jörg Thalheim
f636bb2016
tt-rss: read listen socket from pool
This allows to use a different socket.
The configuration was tested on my server.
2019-02-08 07:08:13 +00:00
Jörg Thalheim
367b1e10cb
tt-rss: add database.passwordFile option 2019-02-08 07:08:10 +00:00
Lily Ballard
b0e79359bd nixos/unifi: Update TCP ports
Fixes #55377
2019-02-07 13:18:57 -08:00
Aaron Andersen
1bec75301b nixos/httpd: don't advertise php 2019-02-07 14:25:55 -05:00
Aaron Andersen
70be5b6bb2 nixos/httpd: disable HTTP TRACE method by default 2019-02-07 14:13:45 -05:00
Aaron Andersen
dd610ce84f nixos/httpd: disable TLSv1 by default for better security 2019-02-07 14:05:44 -05:00
Léo Gaspard
a59a9a7e60
Merge branch 'pr-55320'
* pr-55320:
  nixos/release-notes: mention breaking changes with matrix-synapse update
  nixos/matrix-synapse: reload service with SIGHUP
  nixos/tests/matrix-synapse: generate ca and certificates
  nixos/matrix-synapse: use python to launch synapse
  pythonPackages.pymacaroons-pynacl: remove unmaintained fork
  matrix-synapse: 0.34.1.1 -> 0.99.0
  pythonPackages.pymacaroons: init at 0.13.0
2019-02-07 17:12:04 +01:00
Maximilian Bosch
6a0d2ff7c1
nixos/iotop: don't install the package globally
The binary will be in `/run/wrappers/bin` and adding `pkgs.iotop` won't
have any effect.

See also https://github.com/NixOS/nixpkgs/pull/51749#discussion_r254724170
2019-02-07 16:52:01 +01:00
Maximilian Bosch
1ac5612be8
Merge pull request #51749 from Ma27/add-iotop-module
nixos/iotop: add module
2019-02-07 16:12:11 +01:00
Graham Christensen
11a819c724
Manual: make reproducible 2019-02-06 22:35:58 -05:00
Maximilian Bosch
de79d418ba
Merge pull request #53874 from atopuzov/grafana-config
Grafana configuration
2019-02-06 23:41:25 +01:00
Ioannis Koutras
6642f3f213 nixos/syncthing: setup user only on system service 2019-02-06 20:23:13 +01:00
timor
366da7c17c kio-extras: enable man protocol
This installs the kio "man:" protocol handler, which fixes the UNIX manual
section in the KDE Help Center.

Note that kde currently parses "/etc/man.conf" manually, if `$MANPATH` is not
set, to build its man page index. (if https://bugs.kde.org/show_bug.cgi?id=404022
is addressed, the "/etc/man.conf" symlink should not be necessary anymore)
2019-02-06 17:39:28 +01:00
nyanloutre
524e26c69a nixos/matrix-synapse: reload service with SIGHUP
This is used to load new certificates without restarting the service
2019-02-06 16:28:18 +01:00
nyanloutre
eb753318b3 nixos/matrix-synapse: use python to launch synapse
launch synapse with the python executable because the startup script is
no longer available
2019-02-06 16:21:07 +01:00
Aleksandar Topuzović
092eab7228
nixos/grafana: implement dashboard & datasource provisioning
Adds the ability to automatically provision datasources and dashboards.
2019-02-06 12:50:24 +01:00
Robert Irelan
eab69d998b Remove option config.services.tt-rss.checkForUpdates (forced to false)
Force this option to false. Leaving this as true (currently the default)
is dangerous. If the TT-RSS installation upgrades itself to a newer
version requiring a schema update, the installation will break the next
time the TT-RSS systemd service is restarted.

Ideally, the installation itself should be immutable (see
https://github.com/NixOS/nixpkgs/issues/55300).
2019-02-05 23:05:23 -08:00
Graham Christensen
013c7fa4ba
efi-image_eltorito: make reproducible
'./*' produces arguments ordered by inode.

efiDir produces, reliably, ./EFI, so just make all the directories
known explicitly.
2019-02-05 21:33:37 -05:00
Peter Hoeg
7003a28916
Merge pull request #54541 from dotlambda/home-assistant-0.86
home-assistant: 0.85.1 -> 0.86.4
2019-02-06 09:02:28 +08:00
Silvan Mosberger
dfce20e4e3
Merge pull request #51980 from ToxicFrog/munin-plugins
nixos/munin: New options (and some bugfixes) for service configuration
2019-02-05 19:35:03 +01:00
aanderse
b8a9c3fbfd redmine: 3.4.8 -> 4.0.1 (#55234)
* redmine: 3.4.8 -> 4.0.1

* nixos/redmine: update nixos test to run against both redmine 3.x and 4.x series

* nixos/redmine: default new installs from 19.03 onward to redmine 4.x series, while keeping existing installs on redmine 3.x series

* nixos/redmine: add comment about default redmine package to 19.03 release notes

* redmine: add aandersea as a maintainer
2019-02-05 11:51:33 +00:00
Robert Irelan
027d4188b2 airsonic: Add virtualHost option to set up nginx virtual host
Modeled after nixos/modules/services/web-apps/tt-rss.nix. The setup is
slightly non-intuitive, so I think it's worth adding upstream.
2019-02-05 00:15:54 -08:00
Ben Kelly
ace4855cf6 nixos/munin: enable munin_update and disable munin_stats
munin_update relies on a stats file that exists, but isn't found in the
default location on NixOS; the appropriate plugin configuration is
added.

munin_stats relies on munin-cron writing a logfile, which the NixOS
build of munin does not. (This is probably fixable in the munin package,
but I don't have time to dig into that right now.)
2019-02-04 20:17:26 -05:00
Ben Kelly
e7c1449ae9 nixos/munin: add types to Munin options
Some options were missing their types.
2019-02-04 20:17:26 -05:00
Ben Kelly
c4437fee7e nixos/munin: add extraCSS option
This permits custom styling of the generated HTML without needing to
build your own Munin package from source. Also comes with an example
that works as a passable dark theme for Munin.
2019-02-04 20:17:26 -05:00
Ben Kelly
6c907851f4 nixos/munin: add extraPlugins and extraAutoPlugins options [#17895]
extraAutoPlugins lets you list plugins and plugin directories to be
autoconfigured, and extraPlugins lets you enable plugins on a one-by-one
basis. This can be used to enable plugins from contrib (although you'll
need to download and check out contrib yourself, then point these
options at it), or plugins you've written yourself.
2019-02-04 20:17:26 -05:00
Ben Kelly
b5b82b2cae nixos/munin: require DejaVu fonts if enabled
munin-graph is hardcoded to use DejaVu Mono for the graph legends; if it
can't find it, there's no guarantee it finds a monospaced font at all,
and if it can't find a monospaced font the legends come out badly
misformatted.
2019-02-04 20:17:26 -05:00
Ben Kelly
0c3208a8e4 nixos/munin: add disabledPlugins option
This is just a set of globs to remove from the active plugins directory
after autoconfiguration is complete.

I also removed the hard-coded disabling of "diskstats", since it seems
to work just fine now.
2019-02-04 20:17:26 -05:00
Ben Kelly
c74abf763a nixos/munin: add extraPluginConfig option
This lets you specify additional plugin-specific configuration to go in
plugin-conf.d, and complements the extraConfig and extraGlobalConfig
options.
2019-02-04 20:17:26 -05:00
Ben Kelly
c02564e37c nixos/munin: fix documentation links
Since this module was written, Munin has moved their documentation from
munin-monitoring.org/wiki to guide.munin-monitoring.org. Most of the
links were broken, and the ones that weren't went to "please use the new
site" pages.
2019-02-04 20:17:26 -05:00
Silvan Mosberger
2d6f84c109
Merge pull request #45412 from costrouc/costrouc/minecraft-server
minecraft-server: 1.12.2 -> 1.13.2 + service refactor
2019-02-05 01:49:24 +01:00
Maximilian Bosch
ae7e8c6a2f
Merge pull request #55222 from thefloweringash/nextcloud-nginx-config
nixos/nextcloud: use matching nginx package when configuring nginx
2019-02-05 00:46:43 +01:00
Maximilian Bosch
5a3a543078
Merge pull request #55122 from elseym/ndppd-module
ndppd module: refactor and fix
2019-02-04 21:51:00 +01:00
Andrew Childs
a7d9dcab7e nixos/nextcloud: use matching nginx package when configuring nginx
NixOS currently defaults services.nginx.package to
nginxStable. Including configuration files from nginxMainline could
potentially cause incompatible configuration.
2019-02-05 02:59:42 +09:00
Michael Raskin
7ff8a16f07
Merge pull request #55050 from aanderse/redmine-extra-env
nixos/redmine: add an extraEnv option, enable automatic log rotation
2019-02-04 16:28:58 +00:00
Florian Franzen
1278615a48 thinkfan: add option for libatasmart support 2019-02-03 22:34:41 +01:00
Jan Malakhovski
cefbe69105 nixos: rippled: fix type
The old state is clearly a bug.
2019-02-03 20:10:13 +00:00
Jan Malakhovski
234ba7446c nixos: version: cleanup a bit 2019-02-03 20:10:12 +00:00
Jan Malakhovski
08cabdf4a9 nixos: rippled: fix indent 2019-02-03 20:10:11 +00:00
Olivier Marty
7a878660a7 nixos/duplicity: init
Add a simple module that wrap duplicity in a systemd service.
2019-02-03 19:13:01 +01:00
Michael Weiss
ebe36008d6
nixos/sway-beta: Install swaylock and swayidle by default 2019-02-03 15:35:07 +01:00
Franz Pletz
2746973061
ndppd: don't use weird upstream systemd service unit 2019-02-03 14:39:28 +01:00
aanderse
c01eeda8e9 nixos-generate-config: account for mount points & devices with spaces & tabs in the name (#50234) 2019-02-03 14:33:31 +01:00
elseym
4ce1c59389
ndppd module: refactor 2019-02-03 14:28:54 +01:00
Robert Schütz
f85453f060 nixos/home-assistant: add configWritable option 2019-02-03 13:08:11 +01:00
Franz Pletz
14dd9ca1b2
Merge pull request #54706 from pbogdan/lightdm-cursors
nixos/lightdm: allow cursor theme customisation.
2019-02-03 09:09:48 +00:00
Franz Pletz
60c4686bb9
Merge pull request #54709 from pbogdan/lightdm-dpi
nixos/lightdm: inherit DPI settings from xserver config
2019-02-03 09:08:07 +00:00
Franz Pletz
65b26c6555
Merge pull request #54959 from jslight90/gitlab-depenencies
gitlab: add openssh dependency to gitaly
2019-02-03 08:48:16 +00:00
Chris Ostrouchov
58c89ec26a
nixos/mincraft-server: refactor
- allow for options to (added 2 options):
   - agree to eula (eula.txt) true/false will create symlink over
     existing eula.txt to `/nix/store/...`.
   - whitelist users (optional and will symlink over existing
     whitelist.json and create backup)
   - server.properties can be configured with the serverProperties
     option. If there is an existing server.properties it will
     copy it to a server.properties.old to keep the old
     one. server.properties MUST be writable thus symlinking is not
     an option.
  - all ports that are stated in `server.properties` are exposed
    properly in the firewall.

(infinisil) nixos/minecraft-server: Fix, refactor and polish

Adds an option `declarative` (defaulted to false), in order to stay
(mostly) backwards compatible. The only thing that's not backwards
compatible is that you now need to agree to the EULA on evaluation time,
but that's guarded by an assertion and therefore doesn't need a release
note.
2019-02-03 02:16:11 +01:00
Pierre Bourdon
3674bdf204
nixos/tasks/encrypted-devices: fix regression from #54637
27982b408e introduced a bug when
refactoring the encrypted-devices module, causing some encrypted
filesystem options to not be recognized anymore.

See e.g. https://hydra.nixos.org/build/88145490
2019-02-02 17:31:31 +01:00
Silvan Mosberger
b185e5970f
Merge pull request #55042 from markuskowa/fix-update-service
NixOS/auto-upgrade: add git to service path
2019-02-02 00:32:35 +01:00
Markus Kowalewski
d788874bdb
NixOS/auto-upgrade: add git to service path
Resolves https://github.com/NixOS/nixpkgs/issues/54946
where nixos-rebuild can not find git, when executed
from inside the systemd service
2019-02-01 23:10:51 +01:00
Aaron Andersen
52bd7c5f2a nixos/redmine: add an extraEnv option (which could be used to turn on debug logging, etc...), enable automatic log rotation 2019-02-01 09:17:05 -05:00
Vladimír Čunát
8ba516664b
Merge branch 'staging-next' into staging 2019-02-01 09:42:53 +01:00
Jan Tojnar
65e6d80ecd
Merge pull request #53425 from dtzWill/update/fwupd-1.2.3
fwupd: 1.2.1 -> 1.2.3

Co-authored-by: Jan Tojnar <jtojnar@gmail.com>
2019-01-31 23:22:38 +01:00
forficate
dd705fb45f nixos/transmission: Bug fix Appamor Transmission startup errors (#54873) 2019-01-31 17:51:48 +00:00
Jörg Thalheim
ecb265f106
nixos/singularity: fix singularity output 2019-01-31 11:04:16 +00:00
Jörg Thalheim
a1233ecdcf
nixos/singularity: fix indentation 2019-01-31 10:58:01 +00:00
danbst
f47bfce584 make back /etc/static absolute symlink 2019-01-31 09:29:44 +02:00
Florian Jacob
fc8e1745c0 nixos/etc: Make symlinks relative instead of absolute
so that the links can be followed if the NixOS installation is not mounted as filesystem root.
In particular, this makes /etc/os-release adhere to the standard:
https://www.freedesktop.org/software/systemd/man/os-release.html
Fixes #28833.
2019-01-31 09:17:35 +02:00
aanderse
c6cd07707b nixos/httpd: rename apache log files to have a .log file extension (#54529)
nixos/httpd: rename apache log files to have a .log file extension
2019-01-31 04:04:58 +02:00
Danylo Hlynskyi
30c312341f
Merge pull request #54637 from danbst/small-eval-optimization
module system: small eval optimization
2019-01-31 00:42:24 +02:00
danbst
27982b408e types.optionSet: deprecate and remove last usages 2019-01-31 00:41:10 +02:00
Justin Bedo
3bab170088
singularity: update module to correctly wrap suid binary 2019-01-31 09:21:18 +11:00
Jeff Slight
059e5e0ba0 gitlab: add openssh dependency to gitaly 2019-01-30 11:29:32 -08:00
Florian Klink
d3c2ed21d0
Merge pull request #53762 from ju1m/nslcd
Improving integration of `nslcd`, PAM and `openldap`.
2019-01-30 19:34:40 +01:00
Chris Ostrouchov
5a5def3753
munge: fix module munge.key permissions from 0700 -> 0400 readonly 2019-01-30 12:53:54 -05:00
Franz Pletz
72f324dbc7
Merge pull request #45567 from johanot/certmgr-rootca-patch
certmgr: Add patch for optional trust of self-signed certificates at remote cfssl apiserver
2019-01-30 17:37:42 +00:00
Robert Schütz
0525fa54e8
Merge pull request #54739 from Nadrieril/fix-ffsync
Fix firefox sync-server
2019-01-30 16:26:31 +01:00
Nadrieril
375020cf99 nixos/syncserver: mild cleanup 2019-01-30 15:59:01 +01:00
Nadrieril
63c7fe0819 nixos/syncserver: use gunicorn
As described in `syncserver`'s documentation.
Makes it possible to run behind a reverse proxy.
2019-01-30 15:59:00 +01:00
Nadrieril
957d0589ad pythonPackages.syncserver: move to all-packages.nix and fix dependencies 2019-01-30 15:59:00 +01:00
worldofpeace
50b83e7b6a nixos/pantheon: use gnome3.file-roller 2019-01-29 19:37:41 -05:00
Michael Raskin
423e26a1c5
Merge pull request #54524 from aanderse/redmine
redmine: add missing 'migrate' command prior to starting the application
2019-01-29 22:27:57 +00:00
Silvan Mosberger
400912df0f
Merge pull request #53002 from delroth/nginx-sso
nginx-sso: init at 0.15.1 (+ nixos service/test)
2019-01-29 20:10:37 +01:00
Silvan Mosberger
997cd3159e
Merge pull request #54475 from Izorkin/mysql-restartTrigger
mysql: add restartTrigger for my.cnf
2019-01-29 19:54:24 +01:00
Pierre Bourdon
43fcfc274d
nixos: add nginx-sso service 2019-01-29 19:54:14 +01:00
Graham Christensen
0fe1645987
Merge pull request #53245 from Izorkin/zsh-syntaxHighlighting
zsh.syntaxHighlighting: add option to customize styles
2019-01-29 12:27:43 -05:00
Wael Nasreddine
f072cfe1eb
nixos/pam: refactor U2F, docs about u2f_keys path (#54756)
* change enableU2F option to u2f.* set
* add few u2f options (not all) to customize pam-u2f module
* document default u2f_keys locations

Co-authored-by: Tomasz Czyż <tomasz.czyz@gmail.com>
Co-authored-by: Arda Xi <arda@ardaxi.com>
2019-01-29 08:45:26 -08:00
Aaron Andersen
d13d35104d Merge remote-tracking branch 'upstream/master' into redmine 2019-01-29 09:24:33 -05:00
Silvan Mosberger
f73df1862c
Merge pull request #54495 from peterhoeg/f/sshguard
nixos/sshguard: fix syslog identifiers and pid file
2019-01-29 09:35:36 +01:00
Robert Schütz
f908f6c982 nixos/home-assistant: don't run json2yaml at every start 2019-01-29 08:56:51 +01:00
Robert Schütz
7cc7c5374c nixos/home-assistant: add lovelaceConfig option 2019-01-29 08:56:51 +01:00
Silvan Mosberger
2146511740
Merge pull request #54562 from pjones/pjones/netdata-plugins/master
nixos/netdata: Add option to include extra plugins
2019-01-28 19:56:24 +01:00
Piotr Bogdan
6e581656d1 nixos/lightdm: inherit DPI settings from xserver config 2019-01-28 18:00:28 +00:00
Piotr Bogdan
4ad82dd6cd nixos/lightdm: allow cursor theme customisation. 2019-01-28 17:59:28 +00:00
Peter Jones
0da9489c6a
nixos/netdata: Add option to include extra plugins
New option `extraPluginPaths' that allows users to supply additional
paths for netdata plugins.  Very useful for when you want to use
custom collection scripts.
2019-01-28 09:02:47 -07:00
Antoine Eiche
849460f878 nova-image: add amazon-init module to the nova image
This allows the VM to provide a `configuration.nix` file to the VM.

The test doesn't work in sandbox because it needs Internet (however it
works interactively).
2019-01-28 14:44:41 +01:00
Elis Hirwing
3d6ed83d5b
Merge pull request #54726 from etu/nixos-sks-db-config
nixos/sks: Add option to configure database settings
2019-01-28 14:43:17 +01:00
Florian Klink
38be383a6f
Merge pull request #53419 from uvNikita/containers/fix-bridge
nixos/containers: add bridge without address specified
2019-01-28 12:39:13 +01:00
Antoine Eiche
2858b35100 nova-image: use wget instead of cloud-init (via EC2 API)
The Openstack metadata service exposes the EC2 API. We use the
existing `ec2.nix` module to configure the hostname and ssh keys of an
Openstack Instance.

A test checks the ssh server is well configured.

This is mainly to reduce the size of the image (700MB). Also,
declarative features provided by cloud-init are not really useful
since we would prefer to use our `configuration.nix` file instead.
2019-01-28 11:59:18 +01:00
Elis Hirwing
ab5dcc7068
nixos/sks: Add option to configure database settings
This can be used for options to tweak the behavior around the database.
2019-01-28 11:14:37 +01:00
Silvan Mosberger
51d2eed83b
Merge pull request #42838 from teto/kernel_autoconf
[RFC] add ability to merge structured configs
2019-01-28 10:38:00 +01:00
Peter Hoeg
ee472e4521 nixos/sshguard: fix syslog ids, no more pid file, cleanups
1. Allow syslog identifiers with special characters
2. Do not write a pid file as we are running in foreground anyway
3. Clean up the module for readability

Without this, when deploying using nixops, restarting sshguard would make
nixops show an error about restarting the service although the service is
actually being restarted.
2019-01-28 11:36:29 +08:00
Craig Younkins
6f6287fbf9 nixos/systemd: add StartLimitIntervalSec to unit config 2019-01-28 00:29:43 +00:00
Matthieu Coudron
3bb7b3f02e linux: ability to merge structured configs
This should make the composability of kernel configurations more straigthforward.

- now distinguish freeform options from tristate ones
- will look for a structured config in kernelPatches too
one can now access the structuredConfig from a kernel via linux_test.configfile.structuredConfig
in order to reinject it into another kernel, no need to rewrite the config from scratch

The following merge strategies are used in case of conflict:
-- freeform items must be equal or they conflict (mergeEqualOption)
-- for tristate (y/m/n) entries, I use the mergeAnswer strategy which takes the best available value, "best" being defined by the user (by default "y" > "m" > "n", e.g. if one entry is both marked "y" and "n", "y" wins)
-- if one item is both marked optional/mandatory, mandatory wins (mergeFalseByDefault)
2019-01-28 09:06:33 +09:00
Jan Tojnar
dd06999e32
fwupd: fix installed tests 2019-01-28 00:15:00 +01:00
Graham Christensen
18119f2d93
Merge pull request #54519 from devhell/modify_ngc.pl
nixos-generate-config: Include extraGroups "wheel"
2019-01-27 15:59:29 -05:00
devhell
c3d22fdca1 nixos-generate-config: Include extraGroups "wheel"
I've been asked, on numerous occasions, by my students and others, how
to 'sudo' on NixOS.

Of course new users could read up in the manual on how to do that, or we
could make it more accessible for them by simply making it visible in
the default `configuration.nix` file.

Additionally, as raised in [1], replacing `guest` with something more
recognizable could be potentially beneficial to new users. I've
opted for `jane` for now.

[1]: https://github.com/NixOS/nixpkgs/pull/54519#issuecomment-457012223
2019-01-27 20:33:36 +00:00
Will Dietz
55fa570046
fwupd: blacklist test plugin by default
Don't add the testing "webcam" device,
which is unexpected to see when querying
what devices fwupd believes exist :).

Won't change behavior for anyone defining
the blacklistPlugin option already,
but doesn't seem worth making more complicated.
2019-01-27 21:26:42 +01:00
worldofpeace
dc923b6ad1 nixos/pulseaudio: disable flat-volumes by default
The motivation for this is that some applications are unaware
of this feature and can set their volume to 100% on startup
harming people ears and possiblly blowing someone's audio
setup.

I noticed this in #54594 and by extension epiphany[0].

Please also note that many other distros have this default for
the reason outlined above.

Closes #5632 #54594

[0]: https://bugzilla.gnome.org/show_bug.cgi?id=675217
2019-01-27 19:51:26 +00:00
Silvan Mosberger
f2daf4295e
Merge pull request #54708 from erictapen/unifi-maintainer
unifi, nixos/unifi: add erictapen as maintainer
2019-01-27 19:02:40 +01:00
Justin Humm
38f23046a3
unifi, nixos/unifi: add erictapen as maintainer 2019-01-27 17:28:15 +01:00
Maximilian Bosch
acbadcdbba
nixos/wpa_supplicant: escape interface names to listen on
Systemd provides some functionality to escape strings that are supposed
to be part of a unit name[1]. This seems to be used for interface names
in `sys-subsystem-net-devices-{interface}.device` and breaks
wpa_supplicant if the wireless interface name has a dash which is
encoded to \x2d.

Such an interface name is rather rare, but used i.e. when configuring
multiple wireless interfaces with `networking.wlanInterfaces`[2] to have on
interface for `wpa_supplicant` and another one for `hostapd`.

[1] https://www.freedesktop.org/software/systemd/man/systemd-escape.html
[2] https://nixos.org/nixos/options.html#networking.wlaninterfaces
2019-01-27 11:59:18 +01:00
Matthew Bauer
92f0f8dd68 Merge remote-tracking branch 'NixOS/master' into staging 2019-01-27 00:01:13 -05:00
Jörg Thalheim
e9b5bd9813
Merge pull request #54600 from volth/patch-301
nixos/collectd: restart on failure
2019-01-26 11:23:02 +00:00
Milan Pässler
24d5e30b5f nixos/prosody: add ExecReload
Add an ExecReload command to the prosody service, to allow reloading
prosody by sending SIGHUP to the main process, for example to update
certificates without restarting the server. This is exactly how the
`prosodyctl` tool does it.

Note: Currently there is a bug which prevents mod_http from reloading the
certificates properly: https://issues.prosody.im/1216.
2019-01-26 03:12:09 +01:00
volth
b3c5e9ac1e
nixos/collectd: restart on failure
`collectd' might fail because of a failure in any of numerous plugins.
For example `virt' plugin sometimes fails if `collectd' is started before `libvirtd'
2019-01-26 00:31:32 +00:00
Joachim F
f6414428ed
Merge pull request #53511 from joachifm/kernel-32bit-emu-feature-flag
linux: flag to indicate 32bit emulation support
2019-01-25 14:13:45 +00:00
worldofpeace
78da8d668b pantheon: init a 5.0 2019-01-24 20:54:14 +00:00
Janne Heß
9a1b53304a nixos/mysql: Support bootstrapping a Galera cluster
The default galera_new_cluster script tries to set this environment
variable using systemctl set-environment which doesn't work if the
variable is not being used in the unit file ;)
2019-01-24 17:39:19 +01:00
Franz Pletz
4602b43a33
certmgr service: add package option 2019-01-24 12:11:15 +01:00
John Wiegley
0305c55888
Merge pull request #53702 from aanderse/apache-ssl-opt
nixos/httpd: add options sslCiphers & sslProtocols
2019-01-23 19:27:17 -08:00
Danylo Hlynskyi
0abf181066
Merge pull request #48153 from Ma27/fix-nixos-option-for-invalid-options
nixos-option: don't abort with shell failures if options are not existant
2019-01-24 02:38:02 +02:00
Danylo Hlynskyi
a866551226
nixos-option: prune backtick from output
It doesn't work good with double-click selection in terminal (it gets into selection buffer of some terminals)
2019-01-24 02:37:29 +02:00
Silvan Mosberger
968eb6b3e0
Merge pull request #54514 from LeOtaku/fix/restic-timer-config
nixos/restic: change type of timerConfig option
2019-01-24 00:40:52 +01:00
Silvan Mosberger
7222fd9e21
Merge pull request #53986 from Ma27/document-dovecot-prometheus-exporter-issues
nixos/prometheus-dovecot-exporter: enhance `socketPath` documentation
2019-01-24 00:17:20 +01:00
Maximilian Bosch
ca72dbd125
nixos/prometheus-dovecot-exporter: enhance socketPath documentation
In Dovecot 2.3[1] the stats module changed and now the UNIX socket
provided by Dovecot by default isn't compatible anymore with the
exporter[2]. By enabling the `old-stats` plugin in Dovecot this issue
can be solved which should be documented in this module.

[1] https://wiki2.dovecot.org/Upgrading/2.3
[2] https://github.com/kumina/dovecot_exporter/issues/8
2019-01-23 23:51:48 +01:00
Pascal Bach
8347722775 nixos/plex: allow access to hardware acceleration libraries
CUDA and OpenCL libraries are located in /run/opengldriver/lib and Plex
can make use of them if available.
2019-01-23 23:07:40 +01:00
Silvan Mosberger
d9f39b7252
Merge pull request #54310 from Mic92/postgresq-backup
nixos/postgresqlBackup: add backupAll option
2019-01-23 21:40:39 +01:00
LeOtaku
63ed962e4b nixos/restic: change type of timerConfig option to attrsOf unitOption
This is needed for correctly passing the option to "systemd.timer"
2019-01-23 21:29:02 +01:00
Danylo Hlynskyi
ab31b13401
Merge pull request #52991 from danbst/zram-zstd
zramSwap: allow configure compression algorithm + cleanups
2019-01-23 09:30:55 +02:00
Jörg Thalheim
6ad1271a4c
Merge pull request #54113 from telotortium/xrdp-clipboard-fix
xrdp: fix clipboard for non-ASCII characters
2019-01-22 18:51:04 +00:00
Izorkin
ea02ddc0be mysql: add restartTrigger for my.cnf 2019-01-22 21:05:21 +03:00
Robert Irelan
8844f09d53 xrdp: fix clipboard for non-ASCII characters
Without this line, attempting to copy and paste non-ASCII characters
will result in error messages like the following (and pasting from the
server to the client will not work):

```
CLIPBOARD  clipboard_send_data_response_for_text: 823 : ERROR: clipboard_send_data_response_for_text: bad string
```
2019-01-22 09:52:53 -08:00
Silvan Mosberger
120ce2f399
Merge pull request #54197 from dermetfan/fix/nixos-mysql
nixos/mysql: fix option `ensureDatabases`
2019-01-22 15:35:16 +01:00
Silvan Mosberger
115cf2e2cf
Merge pull request #54339 from avdv/avoid-duplicate-luks-device
installer/tools: Avoid duplicate LUKS device entries in hw config
2019-01-22 15:23:09 +01:00
Silvan Mosberger
2f9ef8c563
Merge pull request #54051 from Ma27/optional-prometheus-source_labels
nixos/prometheus: make `source_labels` optional
2019-01-22 15:18:06 +01:00
Jörg Thalheim
859ce47b02
Merge pull request #53965 from mayflower/zfs-autoscrub-fix
nixos/zfs: autoscrub only after boot is complete
2019-01-22 10:48:17 +00:00
Florian Klink
0b4db9fa22
Merge pull request #54273 from flokli/ssh-known-hosts-example
programs.ssh.knownHosts: update example to be an attrset
2019-01-21 17:15:27 +01:00
Jan Tojnar
dd3626c036
Merge pull request #53695 from chpatrick/gnome-flashback-session
nixos/gnome3: add GNOME Flashback sessions option
2019-01-21 12:01:32 +01:00
Patrick Chilton
b25095bcda nixos/gnome3: add GNOME Flashback sessions option 2019-01-21 11:17:49 +01:00
Wout Mertens
e445eabbe8
Merge pull request #41440 from wmertens/php-per-pool
phpfpm: allow configuring PHP package per-pool
2019-01-21 08:35:49 +01:00
Claudio Bley
352e06d3da installer/tools: Avoid duplicate LUKS device entries in hw config
There are situations where several filesystems reside on a single encrypted LUKS
device (e.g. when using BTRFS subvolumes).

Simply generating a `boot.init.luks.devices.NAME.device` entry for each mounted
filesystem will result in an error later when evaluating the nix expression in
`hardware-configuration.nix`.
2019-01-19 22:02:49 +01:00
Samuel Dionne-Riel
50555a6d35
Merge pull request #54330 from samueldr/fix/disable-tests-shell-access
Revert "Add ssh backdoor to VM tests infrastructure."
2019-01-19 14:20:15 -05:00
Samuel Dionne-Riel
3aab228d09 Revert "Add ssh backdoor to VM tests infrastructure."
This reverts commit d6e3db44cf.

See #53935 for explanations. In short, it may be causing issues with
tests on the build infrastructure.
2019-01-19 13:24:39 -05:00
Jörg Thalheim
1af4f366ca
nixos/postgresqlBackup: add backupAll option
For large setups it is useful to list all databases explicit
(for example if temporary databases are also present) and store them in extra
files.
For smaller setups it is more convenient to just backup all databases at once,
because it is easy to forget to update configuration when adding/renaming
databases. pg_dumpall also has the advantage that it backups users/passwords.

As a result the module becomes easier to use because it is sufficient
in the default case to just set one option (services.postgresqlBackup.enable).
2019-01-19 11:41:06 +00:00
worldofpeace
9d6fc7ad04 nixos/file-roller: init 2019-01-18 15:04:36 -05:00
Florian Klink
4f11c06fac programs.ssh.knownHosts: update example to be an attrset
We shouldn't encourage using a list here, but prefer the attrset.
Using a list here causes very unintuitive effects during merging.
2019-01-18 15:33:07 +01:00
Peter Hoeg
9f5b5fee9c
Merge pull request #48101 from peterhoeg/f/pykms_master
nixos pykms: run via DynamicUser
2019-01-18 15:52:12 +08:00
Peter Hoeg
eaa665e243
Merge pull request #53495 from peterhoeg/p/zm
zoneminder: init at 1.32.3 and add NixOS module
2019-01-18 15:49:28 +08:00
Julien Moutinho
65cfba23af nixos/tests: test LDAP password changing through nslcd
NOTE: slapd.conf is deprecated, hence use cn=config.
2019-01-18 05:13:42 +01:00
danbst
34a764ce87 zramSwap: remove basic.target for zram devices
This creates a dependency cycle when used with boot.tmpOnTmpfs:
basic.target <- tmp.mount <- swap.target <- zram-init-dev0 <- basic.target

This same fix is done already for tmp.mount

Fixes https://github.com/NixOS/nixpkgs/issues/47474
2019-01-17 21:18:45 +02:00
Robin Stumm
429c0bf60c nixos/mysql: fix option ensureDatabases
The database name needs to be quoted
in case it contains special characters
so the MySQL service does not fail to start.
2019-01-17 19:08:50 +01:00
Jan Tojnar
23c1a234dc
Merge pull request #54124 from jtojnar/remove-packages-by-name
nixos/desktops: deduplicate removePackagesByName
2019-01-17 16:05:14 +01:00
danbst
8d8a7210e4 zramSwap: allow configure compression algorithm + cleanups
- add `zramSwap.algorithm` option, which allows to change compressor
declaratively. zstd as default
- add `zramSwap.swapDevices` option, which allows to define how many zram
devices will be used as swap. Rest devices can be managed freely
- simpler floating calculations
- fix udev race condition
- some documentation changes
- replaced `/sys/block/zram*` handling with `zramctl`, because I had occasional
"Device is busy" error (looks like zram has to be configured in predefined order)
- added `memoryPercent` and `algorithm` as restart triggers. I think, it was
a bug that changing `memoryPercent` in configuration wasn't applied immediately.
- removed a bind to .swap device. While it looks natural (when swap device goes
off, so should zram device), it wasn't implemented properly. This caused problems
with swapon/swapoff:
```
$ cat /proc/swaps
Filename                                Type            Size    Used    Priority
/dev/zram0                              partition       8166024 0       -2
/var/swapfile                           file            5119996 5120    1

$ sudo swapoff -a

$ sudo swapon -a
swapon: /dev/zram0: read swap header failed

$ cat /proc/swaps
Filename                                Type            Size    Used    Priority
/var/swapfile                           file            5119996 0       1
```
2019-01-17 15:58:53 +02:00
Jörg Thalheim
a6b97bd1bb
Merge pull request #42183 from kisik21/master
nixos/stage-1, nixos/f2fs: added F2FS resizing
2019-01-17 07:42:32 +00:00
Jan Tojnar
bedc81fcb6
nixos/desktops: deduplicate removePackagesByName
GNOME, MATE and LxQt all use removePackagesByName. Let’s move it to a single
place, rename the attributes to meaningful name and add docs.
2019-01-17 07:13:25 +01:00
Maximilian Bosch
003132c2dd
nixos/prometheus: make source_labels optional
It's possible to skip `source_labels` entirely, an example for this is
the blackbox exporter configuration:

https://github.com/prometheus/blackbox_exporter#prometheus-configuration
2019-01-16 14:01:43 +01:00
Vladyslav M
95a0e24381
Merge pull request #53952 from Ma27/improve-gitea-module
nixos/gitea: minor fixes
2019-01-15 23:55:16 +02:00
gnidorah
30ff54c348 way-cooler: 0.8.0 -> 0.8.1 (#53220) 2019-01-15 23:05:17 +02:00
Peter Hoeg
982354284d zoneminder (nixos): add basic module 2019-01-15 21:27:45 +08:00
Peter Hoeg
9260623a18 zoneminder: add user for NixOS 2019-01-15 21:27:45 +08:00
Robert Hensing
db70173627 Revert "nixos/modules/misc/nixpkgs.nix: Use pure Nixpkgs function"
As a workaround for #51025 and
https://github.com/NixOS/nix/issues/1232

This reverts commit 5f894a67f5.
2019-01-15 13:11:09 +01:00
Claudio Bley
4dbf45bc5e programs/nano: Generate nanorc if syntaxHighlight enabled
* prepend a newline to the `include` directive
* generate the nanorc by default, since `cfg.syntaxHighlight` is `true`
2019-01-14 23:27:04 +01:00
Linus Heckemann
783f2c84e8 nixos/zfs: autoscrub only after boot is complete
Fixes #53583
2019-01-14 21:00:20 +01:00
Franz Pletz
d947944d70
Merge pull request #53962 from elseym/sonarr
sonarr service: add more options to module
2019-01-14 19:33:58 +00:00
elseym
44e1aabd02
nzbget service: fix preStart script and add more options to module 2019-01-14 20:30:44 +01:00
elseym
31ad79f432
sonarr service: add more options to module 2019-01-14 20:30:10 +01:00
Maximilian Bosch
f90bd42c89
nixos/gitea: add git to the service path
Otherwise commands like `git push` will fail if the machine doesn't have
git installed.
2019-01-14 16:04:02 +01:00
Maximilian Bosch
ad3a50e25b
nixos/gitea: add option to disable registration
Although this can be added to `extraOptions` I figured that it makes
sense to add an option to explicitly promote this feature in our
documentation since most of the self-hosted gitea instances won't be
intended for common use I guess.

Also added a notice that this should be added after the initial deploy
as you have to register yourself using that feature unless the install
wizard is used.
2019-01-14 16:04:02 +01:00
Franz Pletz
ca0639837c
Merge pull request #53871 from elseym/fix-container-extraveths
nixos/containers: explicitly set link up on host for extraVeths
2019-01-14 03:59:19 +00:00
Jörg Thalheim
bfbadab4a4
Merge pull request #53801 from Mic92/nixos-builders
nixos-rebuild: allow to override builders
2019-01-13 21:59:43 +00:00
Jan Tojnar
e35acd7f1c gnome3: link nautilus-python paths to environment 2019-01-13 17:43:33 +01:00
Profpatsch
c8c53fcb11 modules/profiles/minimal: sound is disabled by default
The option is `false` by default since
e349ccc77f, so we don’t need to mention
it explicitely in these minimal configs.
2019-01-13 13:47:36 +01:00
elseym
8a8bf886b5
nixos/containers: explicitly set link up on host for extraVeths 2019-01-13 11:27:39 +01:00
Vladimír Čunát
bde8efe792
Merge branch 'master' into staging-next
A couple thousand rebuilds have accumulated on master.
2019-01-12 12:19:34 +01:00
Eelco Dolstra
94ea1c2d83
nix: 2.1.3 -> 2.2 2019-01-11 12:47:06 +01:00
Jörg Thalheim
e40bfa4d85
nixos-rebuild: allow to override builders
Since nix 2.0 the no-build-hook option was replaced by the builders options
that allows to override remote builders ad-hoc.
Since it is useful to disable remote builders updating nixos without network,
this commit reintroduces the option.
2019-01-11 11:40:25 +00:00
Yorick
4d68e82dbc nixos/borgbackup: use coercedTo instead of apply on paths (#53756)
so multiple declarations merge properly
2019-01-10 16:34:02 +01:00
Vladimír Čunát
287144e342
Merge branch 'master' into staging-next 2019-01-10 13:07:21 +01:00
Vladimír Čunát
829ada37bf
Merge #53365: nixos/nsd: Don't override bind via nixpkgs.config 2019-01-10 11:00:40 +01:00
Julien Moutinho
eb90d97009 nixos/nslcd: use systemd's RuntimeDirectory 2019-01-09 17:45:19 +01:00
Julien Moutinho
4af7db9c73 nixos/nslcd: restart when nslcd.conf changes 2019-01-09 17:45:15 +01:00
Aaron Andersen
fd5a88687c nixos/httpd: add options sslCiphers & sslProtocols 2019-01-09 11:30:19 -05:00
Claudio Bley
cb0b629894 nixos/luksroot: Fix typo Verifiying -> Verifying 2019-01-08 15:45:02 -05:00
Robin Gloster
c75571d66c
Merge pull request #53598 from mayflower/atlassian-updates
atlassian updates
2019-01-08 17:56:13 +00:00
Silvan Mosberger
6a942aec5b
Merge pull request #52765 from Izorkin/datadog-agent
datadog-agent: 6.4.2 -> 6.8.3
2019-01-08 16:01:26 +01:00
Jörg Thalheim
ba9f589180
Merge pull request #53446 from Mic92/systemd-udev-settle
nixos/systemd-udev-settle: don't restart on upgrades
2019-01-08 13:05:25 +01:00
Izorkin
47a8b13efa datadog-agent: 6.4.2 -> 6.8.3 2019-01-08 11:16:44 +03:00
Matthew Bauer
04373fd3cc
Merge pull request #52594 from matthewbauer/fix-51025
make-disk-image: use filterSource instead of cleanSource
2019-01-07 16:29:58 -06:00
Matthew Bauer
f05d8f31ec make-disk-image: use filterSource instead of cleanSource
cleanSource does not appear to work correctly in this case. The path
does not get coerced to a string, resulting in a dangling symlink
produced in channel.nix.  Not sure why, but this
seems to fix it.

Fixes #51025.

/cc @elvishjericco
2019-01-07 16:28:50 -06:00
Robin Gloster
89d24aca93
atlassian-crowd: 3.2.5 -> 3.3.3 2019-01-07 21:54:23 +01:00
Franz Pletz
b60f8fc6e2
atlassian modules: don't chown home recursively
This can take a long time and should not be necassary anyway.
2019-01-07 21:54:20 +01:00
Matthew Bauer
de30f4e61d
Merge pull request #51570 from eonpatapon/cassandra-logging
cassandra: add option to configure logging
2019-01-07 12:41:07 -06:00
Nikita Uvarov
53013ead39
nixos/containers: add bridge without address specified
According to systemd-nspawn(1), --network-bridge implies --network-veth,
and --port option is supported only when private networking is enabled.
Fixes #52417.
2019-01-07 14:21:17 +01:00
Bas van Dijk
6ac10cd764
Merge pull request #53399 from LumiGuide/feat-wordpress-copy-plugins
apache-httpd/wordpress: copy plugins and themes instead of symlinking
2019-01-07 13:41:29 +01:00
Tim Steinbach
289fe57eea
urxvt: Allow switching out package 2019-01-07 07:35:20 -05:00
Matthew Bauer
751c03e8fd
Merge pull request #47665 from erikarvstedt/initrd-improvements
Minor initrd improvements
2019-01-06 21:48:26 -06:00
Joachim Fasting
ab070d1b0b
nixos/opengl: assert 32bit emu support if 32bit support is enabled
See https://github.com/NixOS/nixpkgs/issues/51097
2019-01-06 19:52:08 +01:00
Falco Peijnenburg
9d2c9157d7 nixos/apache-httpd/wordpress: copy plugins and themes instead of symlinking
Symlinking works for most plugins and themes, but Avada, for instance, fails to
understand the symlink, causing its file path stripping to fail. This results in
requests that look like:

https://example.com/wp-content//nix/store/...plugin/path/some-file.js

Since hard linking directories is not allowed, copying is the next best thing.
2019-01-06 17:51:31 +01:00
Frederik Rietdijk
a4250d1478 Merge staging-next into staging 2019-01-06 09:48:31 +01:00
Frederik Rietdijk
e5381cdece Merge master into staging-next 2019-01-06 09:36:23 +01:00
Jörg Thalheim
09fb07e4af
Merge pull request #52943 from ck3d/vdr-enableLirc
nixos vdr: introduce option enableLirc
2019-01-05 17:51:41 +01:00
Jörg Thalheim
8a2389e4a1
Merge pull request #53404 from Mic92/xsslock
nixos/xss-lock: specify a default locker
2019-01-05 16:44:29 +01:00
Jörg Thalheim
2614c8a6c5
nixos/xss-lock: specify a default locker
Having a default locker is less error-prone and more convenient.
Incorrect values might leave the machine vulnerable since there is no
fallback.
2019-01-05 16:42:30 +01:00
Vladimír Čunát
d84a33d85b
Merge branch 'master' into staging-next
A few more rebuilds (~1k on x86_64-linux).
2019-01-05 15:02:04 +01:00
Joachim Fasting
167578163a
nixos/hardened profile: always enable pti 2019-01-05 14:07:39 +01:00
Joachim Fasting
3f1f443125
nixos/hardened profile: slab/slub hardening
slab_nomerge may reduce surface somewhat

slub_debug is used to enable additional sanity checks and "red zones" around
allocations to detect read/writes beyond the allocated area, as well as
poisoning to overwrite free'd data.

The cost is yet more memory fragmentation ...
2019-01-05 14:07:37 +01:00
Jörg Thalheim
0a2c8cc1db
nixos/systemd-udev-settle: don't restart on upgrades
The idea is that we only need this target during boot,
however there is no point on restarting it on every upgrade.

This hopefully fixes #21954
2019-01-05 13:57:29 +01:00
Jörg Thalheim
9b2f0fbcdd
nixos/lirc: expose socket path via passthru 2019-01-05 13:22:39 +01:00
Frederik Rietdijk
60a3973a55 Merge staging-next into staging 2019-01-05 10:15:00 +01:00
worldofpeace
21327795ce nixos/version: add LOGO to /etc/os-release 2019-01-05 00:03:39 -05:00
Frederik Rietdijk
9618abe87c Merge master into staging-next 2019-01-04 21:13:19 +01:00
Michael Weiss
65c953976c
Merge pull request #53138 from gnidorah/sway
nixos/sway: Improve the wrapper
2019-01-04 11:49:07 +01:00
aszlig
6446d9eee8
nixos/nsd: Improve checking for empty dnssec zones
While at it (see previous commit), using attrNames in combination with
length is a bit verbose for checking whether the filtered attribute set
is empty, so let's just compare it against an empty attribute set.

Signed-off-by: aszlig <aszlig@nix.build>
2019-01-04 01:59:28 +01:00
aszlig
751bdacc9b
nixos/nsd: Don't override bind via nixpkgs.config
When generating values for the services.nsd.zones attribute using values
from pkgs, we'll run into an infinite recursion because the nsd module
has a condition on the top-level definition of nixpkgs.config.

While it would work to push the definition a few levels down, it will
still only work if we don't use bind tools for generating zones.

As far as I could see, Python support for BIND seems to be only needed
for the dnssec-* tools, so instead of using nixpkgs.config, we now
directly override pkgs.bind instead of globally in nixpkgs.

To illustrate the problem with a small test case, instantiating the
following Nix expression from the nixpkgs source root will cause the
mentioned infinite recursion:

  (import ./nixos {
    configuration = { lib, pkgs, ... }: {
      services.nsd.enable = true;
      services.nsd.zones = import (pkgs.writeText "foo.nix" ''
        { "foo.".data = "xyz";
          "foo.".dnssec = true;
        }
      '');
    };
  }).vm

With this change, generating zones via import-from-derivation is now
possible again.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @pngwjpgh
2019-01-04 01:49:50 +01:00
Matthew Bauer
9c5cde46a6 nixos/all-firmware: include raspberrypiWirelessFirmware when building 2019-01-03 15:05:38 -06:00