Franz Pletz
66fe192301
Merge pull request #28293 from makefu/module/gitlab-runner/configOptions
...
module gitlab-runner: introduce configOptions and configFile
2017-08-21 20:27:48 +02:00
Franz Pletz
cfb716e6a5
phpfpm service: remove NoNewPrivileges systemd option
...
This interferes with sendmail because suid won't work. Fixes #26611 .
2017-08-21 19:24:17 +02:00
Frederik Rietdijk
6bbc3a0b24
Merge commit '3b29468313bc8604fe8f85c8d9316fd276d3985c' into HEAD
2017-08-21 04:44:40 +02:00
Casey Rodarmor
ae02dd2d0a
nixos/mpd: allow configuring playlist directory ( #28252 )
2017-08-20 20:34:34 +00:00
Vladimír Čunát
7c7c83e233
buildLinux: allow overriding stdenv on each call
2017-08-20 08:24:52 +02:00
Tuomas Tynkkynen
affcf92287
nixos/tests: Make the UEFI boot test release-critical
...
Seems to be working fine, based on the history:
https://hydra.nixos.org/job/nixos/trunk-combined/nixos.tests.installer.simpleUefiGummiboot.i686-linux/all
https://hydra.nixos.org/job/nixos/trunk-combined/nixos.tests.installer.simpleUefiGummiboot.x86_64-linux/all
2017-08-19 08:46:48 +02:00
Tuomas Tynkkynen
0488cb1802
tests/installer: Rename simpleUefiGummiboot -> simpleUefiSystemdBoot
...
It hasn't been called Gummiboot for ages.
2017-08-19 08:46:48 +02:00
Michael Peyton Jones
e675296a9c
Release notes: add note for overlays via file
2017-08-17 22:13:39 +00:00
Maximilian Güntner
0f02879e01
ipfs: added defaultMode, added norouting service
2017-08-17 03:30:57 +02:00
makefu
e6785422ae
module gitlab-runner: introduce configOptions and configFile
...
Also removes configText, functionality is now provided more conveniently by configOptions.
Keep in mind that this breaks compatibility with previous configurations,
configFile provides a means to protect the CI token from being written into the nix store.
2017-08-15 16:06:55 +02:00
Peter Hoeg
698efcb7b5
open-vm-tools: do not pull x dependencies unconditionally
...
The "headless" configuration option is ignored because we unconditionally
reference pkgs.open-vm-tools.
This fixes that.
2017-08-15 17:05:30 +08:00
Jean-Pierre PRUNARET
e6157451c1
nixos/munin: scripts need to be executable in order to build a wrapper
...
"Builder called die: Cannot wrap
/nix/store/XXX-munin-available-plugins/plugin.sh because it is not an
executable file"
[Bjørn: Keep DRY, quote "$file".]
2017-08-14 07:50:32 +02:00
Joachim F
3e21f91a39
Merge pull request #27796 from LumiGuide/postage
...
postage: init at 3.2.17 & add NixOS module
2017-08-13 20:59:06 +00:00
Joachim Fasting
c0769dc6ef
nixos/hardened profile: increase ASLR entropy
2017-08-13 21:44:13 +02:00
Franz Pletz
2d5a04e5bd
nixos/agetty: override upstream default
...
Also see c2cf696430
.
2017-08-13 19:07:38 +02:00
Frederik Rietdijk
7ebcd39a0f
Merge commit '4c49205' into HEAD
2017-08-13 18:34:59 +02:00
Peter Hoeg
4ce76d9e1a
ddclient nixos module: follow best practice for running daemons
...
Couple of changes:
- move home to /var/lib/ddclient so we can enable ProtectSystem=full
- do not stick binary into systemPackages as it will only run as a daemon
- run as dedicated user/group
- document why we cannot run as type=forking (output is swallowed)
- secure things by running with ProtectSystem and PrivateTmp
- .pid file goes into /run/ddclient
- let nix create the home directory instead of handling it manually
- make the interval configurable
2017-08-13 21:56:48 +08:00
Peter Hoeg
beec141d84
ddclient: assign group for ddclient
2017-08-13 21:56:48 +08:00
Franz Pletz
9fda9f8c79
Merge pull request #27903 from volth/issue-27857-libvirt-xml-manipulation
...
libvirt: 3.5.0 -> 3.6.0
2017-08-12 21:45:01 +02:00
Frederik Rietdijk
c06fb4a269
Merge pull request #28188 from Nadrieril/ffsync-fix-pythonpath
...
firefox syncserver service: fix PYTHONPATH
2017-08-12 15:11:53 +02:00
Nadrieril
d6c1d2f793
firefox syncserver service: fix PYTHONPATH
2017-08-12 14:08:25 +01:00
Robin Gloster
79ac09ea06
ripple-rest: remove
...
marked as broken for > 1 yr, development is frozen and author recommends
moving to https://github.com/ripple/ripple-lib
2017-08-12 13:38:32 +02:00
Franz Pletz
5d2764eb68
prometheus-blackbox-exporter: 0.5.0 -> 0.8.1
2017-08-12 11:05:23 +02:00
Jörg Thalheim
c2e7b0e0b4
Merge pull request #27997 from richardlarocque/mosquitto_hashed_pass_docs
...
nixos/mosquitto: Fix instructions for password gen
2017-08-12 09:07:22 +01:00
Franz Pletz
59fa868b01
tests.plasma5: fix hash
2017-08-12 00:55:32 +02:00
Phil
b4d2cd6f6a
nixos/tor: add tor hidden service options ( #28081 )
...
* nixos/tor: add hiddenServices option
This change allows to configure hidden services more conveniently.
* nixos/tor: fix default/example mixup
* nixos/tor: use docbook in documentation
Also use more elegant optionalString for optional strings.
* tor: seperate hidden service port by newline
* tor: better example for hidden service path
a path below /var/lib/tor is usually used for hidden services
2017-08-11 22:59:52 +01:00
Keith Amidon
f9204b9762
nixos/samba: fix pam service name typo ( #28049 )
...
The PAM service name used before this commit was "sambda", with an
extra 'd'. For some reason I don't quite fully understand this typo
prevents GDM from starting. This change fixes that as tested in VMs
built using "nixos-rebuild -I nixpkgs=<mypkgs> build-vm".
2017-08-11 20:13:33 +00:00
Robin Gloster
350a6c3726
tests.plasma5: fix eval
2017-08-11 21:53:17 +02:00
Franz Pletz
991745046f
Merge pull request #27993 from Nadrieril/rsync-run-as-user
...
rsync service: allow running as user (plus some tweaks)
2017-08-11 19:12:46 +02:00
Peter Hoeg
b6f7713d33
Merge pull request #28127 from peterhoeg/f/collectd
...
influxdb (on nixos): reduce closure size by 99.99% (and a bit)
2017-08-12 00:01:46 +08:00
Franz Pletz
9f7f85a3cd
nixos/tests/nginx: fix name
2017-08-11 17:37:14 +02:00
Franz Pletz
61d133c1ee
Merge pull request #27939 from evujumenuk/wireguard-rt_tables
...
wireguard: add per-peer routing table option
2017-08-11 16:27:07 +02:00
Peter Hoeg
211593fe49
influxdb nixos module: allow customizing the collectd dependency
2017-08-11 22:12:49 +08:00
Joachim F
793523d7bc
Merge pull request #28089 from volth/patch-9
...
nixos/tinc: do not tell systemd where is pidfile
2017-08-11 13:31:57 +00:00
Tristan Helmich
aa8e60d934
graylog module: adapt to Graylog version 2.3.0
2017-08-11 13:07:30 +02:00
Domen Kožar
486e1c3c16
Merge pull request #27998 from davidak/macOS
...
replace "Mac OS X" and "OS X" with "macOS"
2017-08-11 13:01:36 +02:00
Peter Simons
1b30d15369
Merge pull request #28123 from jerith666/post-fix-up
...
Post fix up
2017-08-11 09:36:58 +02:00
Dan Peebles
ca99ec3f58
amazon-image: fix typo in last commit
2017-08-11 02:12:39 +00:00
Dan Peebles
5def5bab3c
amazon-image: make image size configurable
2017-08-11 01:57:43 +00:00
Matt McHenry
9186dda4a9
postfix: wakeup value should be used even if wakeupUnusedComponent is not defined
2017-08-10 21:32:03 -04:00
Matt McHenry
01fbf30041
postfix: warn about deprecated extraMasterConf option
2017-08-10 21:32:03 -04:00
Matt McHenry
edd4a0efe3
postfix: fix typo in transport_maps path
2017-08-10 21:32:02 -04:00
Dan Peebles
5f372ef67f
amazon-image: support VPC/VHD as an output format for the builder
2017-08-10 22:57:26 +00:00
Dan Peebles
f3f8c584a4
amazon-image: Add disk format option to image builder module
2017-08-10 21:40:42 +00:00
volth
15351c4780
apply 'restartIfChanged = false' to all libvirtd services
...
Although it is quite safe to restart ```libvirtd``` when there are only ```qemu``` machines, in case if there are ```libvirt_lxc``` containers, a restart may result in putting the whole system into an odd state: the containers go on running but the new ```libvirtd``` daemons do not see them.
2017-08-10 11:34:32 +00:00
Joachim Fasting
767b2ae327
nixos/dnscrypt-proxy: default to random upstream resolver
2017-08-10 01:19:17 +02:00
volth
b32b18631e
nixos/tinc: do not tell systemd where is pidfile
...
```Tinc```'s pid file has more info than just a pid
```
# cat /run/tinc.dmz.pid
12209 7BD4A657B4A04364D268D188A0F4AA972A05247D802149246BBE1F1E689CABA1 127.0.0.1 port 656
```
so ```systemd``` fails to parse it.
It results in long (re)start times when ```systemd``` waits for a correct pid file to appear.
2017-08-09 22:35:20 +00:00
volth
7e5332c868
tinc: allow the daemon to write to files in /etc/tinc/${network}/hosts
...
Follow up https://github.com/NixOS/nixpkgs/pull/27756 : tinc daemon may also create new files in ```/etc/tinc/$network/hosts```
2017-08-10 00:09:45 +02:00
Dan Peebles
b48ffa332b
services.fluentd: add plugins option
...
This allows us to pass in additional ad-hoc fluentd plugins for custom
output formats and other goodness.
2017-08-08 22:02:56 +00:00
Michael Raskin
29c3ea0cf0
Merge pull request #27925 from adisbladis/networkmanager_unbound
...
networkmanager service: use unbound if enabled
2017-08-08 12:13:42 +02:00