Commit Graph

9084 Commits

Author SHA1 Message Date
Lassulus
dd966067ae
Merge pull request #97381 from xaverdh/xmonad-configurable
nixos/xmonad: give users some build and runtime control
2020-09-08 20:57:17 +02:00
Maximilian Bosch
40f7a4ecec
Merge pull request #97371 from WilliButz/bitwarden_rs/environment-file
nixos/bitwarden_rs: add environmentFile option
2020-09-08 20:25:28 +02:00
Maciej Krüger
8c4dd13e3f
nixos/cinnamon: add warpinator & blueberry pkgs 2020-09-08 17:09:12 +02:00
Peter Hoeg
5882e3072a
Merge pull request #97325 from peterhoeg/m/mailhog
nixos/mailhog: run with DynamicUser
2020-09-08 22:55:47 +08:00
Oleksii Filonenko
45d7f59da8
Merge pull request #97217 from sephii/nixos-caddy-v2-migration 2020-09-08 11:17:55 +03:00
Linus Heckemann
ef4e81d756
Merge pull request #96830 from mayflower/unifi-poller
unifi-poller: add service and prometheus-exporter
2020-09-08 09:53:07 +02:00
Sylvain Fankhauser
b8bfe941fa
caddy: address remaining MR comments for v2 2020-09-08 09:29:04 +02:00
Thomas Tuegel
0b3cc29f09
Merge pull request #97242 from ttuegel/qt-5.15
Qt 5.15.0
2020-09-07 20:18:57 -05:00
Maciej Krüger
04ea3a0ff6
nixos/cinnamon: init
Co-Authored-By: WORLDofPEACE <worldofpeace@protonmail.ch>
2020-09-08 01:44:09 +02:00
Dominik Xaver Hörl
10ecd1f45b nixos/xmonad: allow passing compile time options to ghc invocation 2020-09-07 20:16:25 +02:00
Dominik Xaver Hörl
15d87cb81c nixos/xmonad: allow passing command line arguments 2020-09-07 19:25:45 +02:00
WilliButz
76362dd7eb
nixos/bitwarden_rs: add environmentFile option
Add the option `environmentFile` to allow passing secrets to the service
without adding them to the Nix store, while keeping the current
configuration via the existing environment file intact.
2020-09-07 17:39:53 +02:00
Evan Stoll
a31736120c nixos/lorri: add package option 2020-09-07 15:46:15 +02:00
Thomas Tuegel
20bfb27eaf nixos/plasma5: Use Qt 5.14 2020-09-07 08:06:33 -05:00
Peter Hoeg
9123308be5 nixos/mailhog: run with DynamicUser 2020-09-07 17:56:53 +08:00
WilliButz
5d51096839
nixos/prometheus-exporters: fix default firewall filter
Instead of always using the default port of one exporter for its default
firewall filter, the port from the current service configuration is used.
2020-09-07 10:28:36 +02:00
Oleksii Filonenko
6322325a53
caddy: 1.0.5 -> 2.0.0
Rename legacy v1 to `caddy1`
2020-09-07 09:39:16 +02:00
Maximilian Bosch
cac5339531
nixos/doc/borgbackup: correct install instructions for vorta
No need to fiddle around with `flatpack` to get `vorta`, a graphical
desktop-client for `borgbackup` running as it's available in `nixpkgs`.
2020-09-06 22:44:37 +02:00
Silvan Mosberger
f822080b05
Merge pull request #68887 from teto/ssh_banner
services.openssh: add banner item
2020-09-06 22:15:25 +02:00
Matthieu Coudron
1835fc455b services.openssh: add banner
Add the possibility to setup a banner.

Co-authored-by: Silvan Mosberger <github@infinisil.com>
2020-09-06 21:32:20 +02:00
Florian Klink
d7046947e5
Merge pull request #91121 from m1cr0man/master
Restructure acme module
2020-09-06 18:26:22 +02:00
elseym
aaf0002f68
prometheus-unifi-poller-exporter: init module 2020-09-06 17:48:19 +02:00
elseym
b381aacbba
nixos/unifi-poller: init unifi-poller service 2020-09-06 17:47:52 +02:00
Peter Hoeg
6e22c6ea6a
Merge pull request #96769 from peterhoeg/m/phpfpm
nixos/phpfpm: always restart service on failure
2020-09-06 21:41:38 +08:00
Florian Klink
569fdb2c35
Merge pull request #93424 from helsinki-systems/feat/gitlab-mailroom
nixos/gitlab: Support incoming mail
2020-09-06 15:34:02 +02:00
Peter Hoeg
5483b1e216
Merge pull request #97123 from peterhoeg/m/fscache
nixos/cachefilesd: don't set up manually
2020-09-06 10:23:32 +08:00
Evan Stoll
854a229ae5
nixos/terraria: allow dataDir to be configured (#89033)
* nixos/terraria: allow dataDir to be configured

add dataDir option to terraria module

* Update nixos/modules/services/games/terraria.nix

Co-authored-by: WORLDofPEACE <worldofpeace@protonmail.ch>

Co-authored-by: WORLDofPEACE <worldofpeace@protonmail.ch>
2020-09-05 16:37:52 -04:00
Lassulus
964606d40f
Merge pull request #96659 from doronbehar/module/syncthing
nixos/syncthing: add ignoreDelete folder option
2020-09-05 22:05:04 +02:00
Oleksii Filonenko
d71cadacd9
nixos/caddy: use v2 by default 2020-09-05 14:09:17 +02:00
Oleksii Filonenko
8cc592abfa
nixos/caddy: add support for v2 2020-09-05 14:09:16 +02:00
Peter Hoeg
6ef2152b5d nixos/cachefilesd: don't set up manually
Use our available infrastructure instead of manually handling setup.
2020-09-04 16:11:55 +08:00
Philipp Bartsch
47928442a8 nixos/opendkim: add keyPath to ReadWritePaths 2020-09-03 17:54:16 +02:00
Philipp Bartsch
118f341723 nixos/opendkim: add systemd service sandbox 2020-09-03 17:54:15 +02:00
Lucas Savva
61dbf4bf89
nixos/acme: Add proper nginx/httpd config reload checks
Testing of certs failed randomly when the web server was still
returning old certs even after the reload was "complete". This was
because the reload commands send process signals and do not wait
for the worker processes to restart. This commit adds log watchers
which wait for the worker processes to be restarted.
2020-09-02 19:25:30 +01:00
Lucas Savva
982c5a1f0e
nixos/acme: Restructure module
- Use an acme user and group, allow group override only
- Use hashes to determine when certs actually need to regenerate
- Avoid running lego more than necessary
- Harden permissions
- Support "systemctl clean" for cert regeneration
- Support reuse of keys between some configuration changes
- Permissions fix services solves for previously root owned certs
- Add a note about multiple account creation and emails
- Migrate extraDomains to a list
- Deprecate user option
- Use minica for self-signed certs
- Rewrite all tests

I thought of a few more cases where things may go wrong,
and added tests to cover them. In particular, the web server
reload services were depending on the target - which stays alive,
meaning that the renewal timer wouldn't be triggering a reload
and old certs would stay on the web servers.

I encountered some problems ensuring that the reload took place
without accidently triggering it as part of the test. The sync
commands I added ended up being essential and I'm not sure why,
it seems like either node.succeed ends too early or there's an
oddity of the vm's filesystem I'm not aware of.

- Fix duplicate systemd rules on reload services

Since useACMEHost is not unique to every vhost, if one cert
was reused many times it would create duplicate entries in
${server}-config-reload.service for wants, before and
ConditionPathExists
2020-09-02 19:22:43 +01:00
Félix Baylac-Jacqué
09c383c17a
Merge pull request #94917 from ju1m/biboumi
nixos/biboumi: init
2020-09-02 17:43:27 +02:00
WORLDofPEACE
18348c7829
Merge pull request #96042 from rnhmjoj/loaOf
treewide: completely remove types.loaOf
2020-09-02 08:45:37 -04:00
Julien Moutinho
f333296776 nixos/biboumi: init 2020-09-02 08:31:53 +02:00
John Ericson
1965a241fc
Merge pull request #61019 from volth/gcc.arch-amd
platform.gcc.arch: support for AMD CPUs
2020-09-01 22:31:16 -04:00
rnhmjoj
bc62423a87
nixos/doc: convert loaOf options refs to attrsOf 2020-09-02 00:42:51 +02:00
rnhmjoj
20d491a317
treewide: completely remove types.loaOf 2020-09-02 00:42:50 +02:00
Aaron Andersen
c51e7b7874 nixos/beanstalkd: add openFirewall option 2020-09-01 10:07:28 -04:00
Lassulus
a081e99e41
Merge pull request #83780 from hax404/robustirc-bridge
robustirc-bridge: init at 1.8
2020-08-31 18:14:45 +02:00
Frederik Rietdijk
303e0bca3b
Merge pull request #96610 from romildo/rm.deepin
deepin: remove from nixpkgs
2020-08-31 17:58:11 +02:00
Peter Hoeg
07408cac94 nixos/phpfpm: always restart service on failure 2020-08-31 21:19:54 +08:00
Silvan Mosberger
6716867eb3
Merge pull request #96686 from nixy/add/tor-package-option
tor: Add option to tor service for package
2020-08-30 23:02:37 +02:00
Andrew R. M
168a9c8d38 Add option to tor service for package 2020-08-30 14:35:36 -04:00
José Romildo Malaquias
b768afb2e9 deepin: remove from nixpkgs
The Deepin Desktop Environment (DDE) is not yet fully packaged in
nixpkgs and it has shown a very difficult task to complete, as
discussed in https://github.com/NixOS/nixpkgs/issues/94870. The
conclusion is that it is better to completely remove it.
2020-08-30 15:27:42 -03:00
Georg Haas
9376dd8516
nixos/modules/robustirc-bridge: init 2020-08-30 18:34:22 +02:00
Doron Behar
5789ffc509 nixos/syncthing: add ignoreDelete folder option 2020-08-30 10:55:03 +03:00