Commit Graph

4643 Commits

Author SHA1 Message Date
Léo Gaspard
cb506e6e2e
nixos/clamsmtp: init 2018-01-06 16:08:54 +01:00
Orivej Desh
b249907d04
Merge pull request #33197 from bgamari/gitlab-jws-fix
gitlab: Rename jws_private_key to openid_connect_signing_key
2018-01-06 03:08:57 +00:00
José Romildo Malaquias
d0eb40b311 lightdm-gtk-greater: add configuration options for clock format and indicators 2018-01-06 02:20:53 +00:00
zimbatm
80f13dc31d fixup! buildkite-agent: change hooksPath type to 'path' (and prevent it from hitting the store) 2018-01-05 22:55:20 +00:00
Robin Gloster
cfed96ca51 nixos/service.tt-rss: improve pgsql support, do not use static uid/gid 2018-01-05 14:47:54 +01:00
Jaakko Luttinen
c26ff43905 nixos/service.tt-rss: improve mysql automatic setup
If the user chooses MySQL, it is enabled by default. Also, the used database is
created automatically along with the user and permissions.
2018-01-05 14:47:54 +01:00
Jaakko Luttinen
68855595ce nixos/service.tt-rss: enable nginx automatically 2018-01-05 14:47:54 +01:00
Jaakko Luttinen
13eaae1610 nixos/service.tt-rss: use tt_rss user
- Add tt_rss system user.
- Use tt_rss as the user by default.
- Create tt_rss user and group automatically if used.
2018-01-05 14:47:54 +01:00
Jaakko Luttinen
c9b46ccea1 nixos/service.tt-rss: fix #27048 2018-01-05 14:47:54 +01:00
rnhmjoj
c883311327
nixos/dnscrypt-wrapper: fix rotate script failing to restart the service 2018-01-05 02:37:09 +01:00
Jörg Thalheim
f29ecd56c1
Merge pull request #33372 from Mic92/memcache
nixos/memcached: make unix sockets usuable
2018-01-04 18:39:48 +01:00
Jörg Thalheim
c9c8a2c5b3 nixos/memcached: make unix sockets usuable
before:
  - /var/run/memcached is a bad default for a socket path, since its
    parent directory must be writeable by memcached.
  - Socket directory was not created by the module itself -> this was
    left as a burden to the user?
  - Having a static uid with a dynamic user name is not very useful.

after:
  - Replace services.memcached.socket by a boolean flag. This simplifies
    our code, since we do not have to check if the user specifies a
    path with a parent directory that should be owned by memcached
    (/run/memcached/memcached.sock -> /run/memcached).
  - Remove fixed uid/gid allocation. The only file ever owned by the
    daemon is the socket that will be recreated on every start.
    Therefore user and group ids do not need to be static.
  - only create the memcached user, if the user has not specified a
    different one. The major use case for changing option is to allow
    existing services (such as php-fpm) opening the local unix socket.
    If we would unconditionally create a user that option would be
    useless.
2018-01-03 12:33:36 +01:00
Jörg Thalheim
453e15ec91 nixos/redis: remove static uid/gid assignment
all files are chowned on startup
2018-01-03 11:18:04 +01:00
Léo Gaspard
aa241aed14 nixos/dkimproxy-out: init (#33229) 2018-01-03 01:23:02 +00:00
Casey Ransom
f3cba4f6bb netdata service: fix permissions for apps.plugin
apps.plugin requires capabilities for full process monitoring. with
1.9.0, netdata allows multiple directories to search for plugins and the
setuid directory can be specified here.

the module is backwards compatible with older configs. a test is
included that verifies data gathering for the elevated privileges. one
additional attribute is added to make configuration more generic than
including configuration in string form.
2018-01-02 17:57:19 -05:00
Ryan Trinkle
f1a6fa6eec
Merge pull request #32258 from ryantrinkle/add-nat-extraCommands
nat: add extraCommands option
2018-01-02 14:32:42 -05:00
Frederik Rietdijk
804285f589 Merge remote-tracking branch 'upstream/staging' into HEAD 2018-01-02 19:10:45 +01:00
Uli Schlachter
5465d6f7de awesome: Use --search instead of $LUA_PATH/$LUA_CPATH
Instead of polluting the environment with environment variables which
are inherited by processes spawned from awesome, use the command line
argument "--search" to add things to the search path.

cc #33169
2018-01-02 17:24:56 +00:00
Jörg Thalheim
54b16bcd11
Merge pull request #33227 from Ekleog/fcron-opensmtpd
fcron module: be compatible with non-wrapped sendmail's, like opensmt…
2018-01-02 09:26:53 +01:00
Bas van Dijk
803077ef1c elk: add elasticsearch6, logstash6, kibana6 and the beats at v6.1.0
This change is backwards compatible since the ELK tools at version 5.x
remain unchanged.

The test suite now both tests ELK-5 and ELK-6.
2018-01-02 01:15:29 +01:00
Frederik Rietdijk
1869e7e5b0 Merge remote-tracking branch 'upstream/master' into HEAD 2018-01-01 15:09:55 +01:00
Tristan Helmich
3b74349661
lldpd module: create a lldpd user as system user 2018-01-01 14:22:58 +01:00
Léo Gaspard
70a085b62f nixos/rspamd: add extraConfig parameter (#33226) 2017-12-31 15:11:15 +00:00
Vladimír Čunát
1fcd92ce92
Merge branch 'master' into staging
A few thousand rebuilds from master, again.
Hydra: ?compare=1422362
2017-12-31 09:53:49 +01:00
Orivej Desh
dac8f27f96 nixos/beegfs: fix the build of the NixOS manual 2017-12-31 07:52:32 +00:00
Markus Kowalewski
b7fdefc8a4 beegfs: init at 6.17
package, kernel module, nixos module, and nixos test
2017-12-31 07:07:02 +00:00
Yegor Timoshenko
0dd6bd214d
xfce: resolve conflict with KDE
This resolves some aspects of #33231, but GDK_PIXBUF_MODULE_FILE doesn't really belong to any DE module.
2017-12-31 05:22:15 +00:00
Orivej Desh
54d01b0e97
Merge pull request #32914 from Infinisil/znapzendzetup
znapzend service: stateless setup
2017-12-31 03:45:40 +00:00
Léo Gaspard
341583b2d2
fcron module: be compatible with non-wrapped sendmail's, like opensmtpd's 2017-12-31 03:34:11 +01:00
Yegor Timoshenko
c31ac41810
libinput: disableWhileTyping = false by default 2017-12-30 22:02:16 +00:00
Ben Gamari
b95cdd4f6c gitlab: Rename jws_private_key to openid_connect_signing_key
See
24d56df29b
2017-12-29 22:11:04 -05:00
Vladimír Čunát
f29000b002
Merge branch 'master' into staging
Hydra: ?compare=1421760
2017-12-29 10:13:33 +01:00
Nadrieril
95fde40b71 usbguard service: rules option should be of type 'lines' 2017-12-29 03:19:36 +01:00
Robin Gloster
86c7db0ac4 mysql module: cleanup obsolete checks 2017-12-29 02:18:35 +01:00
Robin Gloster
445e3d7390 ghostOne: remove
broken and unmaintained
2017-12-29 02:18:35 +01:00
Christoph Hrdinka
3e14b2826b
nsd module: make use of NSDs configFile option
Signed-off-by: Christoph Hrdinka <c.github@hrdinka.at>
2017-12-28 14:34:06 +01:00
adisbladis
563078184e
services.xserver.desktopManager.plasma5: add qtvirtualkeyboard to systemPackages 2017-12-28 21:13:46 +08:00
Kosyrev Serge
097719147a buildkite-agent: change hooksPath type to 'path' (and prevent it from hitting the store)
(cherry picked from commit 3aec59c99ff6692468a069fa8a8d6a05000fca81)
Signed-off-by: Domen Kožar <domen@dev.si>
2017-12-28 12:16:05 +00:00
Kosyrev Serge
9f5593559b buildkite: address review suggestions 2017-12-28 12:16:05 +00:00
Kosyrev Serge
bbb6072f10 buildkite: allow configuration and actual use of agent-specific hooks
(cherry picked from commit 775e49439fe25a4cdc2a93e31dfb3968b9b02311)
Signed-off-by: Domen Kožar <domen@dev.si>
2017-12-28 12:16:05 +00:00
Silvan Mosberger
66fefb82e7
nixos/znapzend: stateless setup
This enables znapzend users to specify its full configuration through
NixOS options, without ever needing to use the stateful `znapzendzetup`
command.

This works by running znapzendzetup with the specified config in
ExecPre, just before the znapzend daemon is started.

There is also the `pure` option which will clear all previous znapzend setups,
making it as stateless as can get, as only the setup declared in
configuration.nix will be persisted.
2017-12-28 01:40:01 +01:00
Peter Hoeg
7798051817
Merge pull request #32927 from peterhoeg/u/kdeapp
kde-applications: 17.08.3 -> 17.12.0
2017-12-28 08:22:27 +08:00
Christoph Hrdinka
d890212ac8 nginx module: only turn on HTTP2 when SSL is enabled
Signed-off-by: Christoph Hrdinka <c.github@hrdinka.at>
2017-12-28 00:32:24 +01:00
Jörg Thalheim
f1c236a987
Merge pull request #33035 from corpix/feature/ssh-systemd-deps
sshd: Start after network target
2017-12-26 09:11:04 +01:00
Robin Gloster
c4036762b2
gitlab: remove unnecessary assertion
It also gives less information than the error from the module system.
2017-12-26 01:11:16 +01:00
José Romildo Malaquias
6e0387a1e6 mate: fix XDG_MENU_PREFIX 2017-12-25 07:15:07 +01:00
José Romildo Malaquias
248e3983b0 gnome3: fix XDG_MENU_PREFIX 2017-12-25 07:15:07 +01:00
José Romildo Malaquias
1e147fee02 enlightenment: fix XDG_MENU_PREFIX 2017-12-25 07:15:07 +01:00
Dmitry Moskowski
ed26bc5931
sshd: Start after network target 2017-12-24 14:57:14 +00:00
Yegor Timoshenko
b792b3ca61
thinkfan: proper case in IBM, Lenovo, ThinkPad 2017-12-24 12:54:43 +00:00
gnidorah
22596e8995 breeze-qt4: drop 2017-12-24 12:54:04 +03:00
Yegor Timoshenko
f89bc2718b
Merge pull request #32995 from NixOS/yegortimoshenko-patch-1
mbpfan: improve description, resolves #32266
2017-12-23 17:31:13 +03:00
Yegor Timoshenko
ca7472b1a7
mbpfan: improve description, resolves #32266 2017-12-23 14:28:37 +00:00
Silvan Mosberger
0b0df8f9cf nixos/logkeys: fix evaluation 2017-12-23 01:44:14 +00:00
Bjørn Forsman
7c481aa7c1 nixos/gitolite: copy hooks with force
This makes the commonHook option work also for (read-only) Nix store
paths. Currently it fails on the second activation, because the
destination is read-only.
2017-12-21 08:41:59 +01:00
Yegor Timoshenko
71a8dbb956 nixos/desktop-managers: do not leak feh to PATH
(originally from f9415cb621)

feh is used to set background image for desktop managers that do not
support it directly, however there is no need to include it in PATH.

Fixes #17450.
2017-12-21 01:43:38 +00:00
Sander van der Burg
9cee2e5c95 dysnomia module: use postgres as default user and always publish container properties 2017-12-20 21:45:07 +01:00
Franz Pletz
cf12bc44b6
Merge pull request #32858 from nh2/nginx-add-http2-option
nginx service: Make http2 an option.
2017-12-20 11:18:33 +00:00
Yurii Rashkovskii
26a59f70a2 nixos/tarsnap: update doc for printStats
after the change made in 15567e6d8e
2017-12-20 10:16:10 +00:00
Wei Tang
62a974bbbf xfce: delay package selection for pulseaudio volume to nixos modules (#23382)
Now there are separate `xfce4.xfce4mixer_pulse` and `xfce4.xfcevolumed_pulse` attributes for PulseAudio versions of these packages, instead of relying on Nixpkgs option. Mind that xfce4-volumed and xfce4-volumed-pulse are actually two separate programs without much overlap.
2017-12-19 22:28:12 +03:00
Niklas Hambüchen
afa97cb981 nginx service: Make http2 an option.
HTTP 2 can break some things, for example due to this Chrome bug:

  https://bugs.chromium.org/p/chromium/issues/detail?id=796199

So the service hardcoding it to be enabled is not helpful.

This commit adds an option so you can turn it off.
2017-12-19 19:59:15 +01:00
Kevin Hanselman
65fb15aaf8 nixos/smartd: allow extra cli options for daemon
This enables further customization of smartd.
2017-12-19 18:43:49 +01:00
Yegor Timoshenko
209cbf9fc7 xfce: SVG icon support in xfce4-panel, fixes #18536
Thanks to Yuriy Pitomets, Jonathan Curran, and David Kleuker.
2017-12-18 01:11:20 +00:00
Peter Simons
0fe9785305
Merge pull request #32584 from manoj23/davfs2-v3
davfs2: create user/group davfs2 if not specified in the configuration
2017-12-17 08:53:18 +01:00
Philipp Dörfler
4b0c9418c0 nixos/logcheck: replace rm with rm -r to delete the empty logcheck.logfiles.d/
Fixes #29906
2017-12-17 04:02:26 +00:00
Orivej Desh
b256afac58
Merge pull request #32578 from michaelpj/imp/plymouth-theme-defaut
plymouth: add breeze-plymouth as default theme
2017-12-15 20:20:24 +00:00
Bjørn Forsman
b53407461a nixos/lighttpd: update allKnownModules list
lighttpd 1.4.46+ got three new modules.
2017-12-15 07:47:45 +01:00
David Kleuker
ffc0bfa5b7 nixos/samba: increase LimitNOFILE to recommended value (#32085)
fixes warning:

    rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)

https://serverfault.com/a/641411
2017-12-14 17:12:44 +00:00
Franz Pletz
2754d1a8c3
xmr-stak module: init 2017-12-14 16:03:09 +01:00
Franz Thoma
9e486344a9 nixos.gnome3.at-spi2-core: Set environment variable NO_AT_BRIDGE=1 if disabled
As suggested in #16327 (https://github.com/NixOS/nixpkgs/issues/16327#issuecomment-315729994).
2017-12-13 04:55:35 +01:00
Georges Savoundararadj
9724654c74 davfs2: create user/group davfs2 if not specified in the configuration
* Add options:
  - enable
  - davUser (default: "davfs2")
  - davGroup (default: "davfs2)
* Add davfs2 user or group if they are not specified in the
configuration
2017-12-11 19:30:25 -08:00
Joachim F
90accc093e
Merge pull request #32216 from LumiGuide/networkmanager-strongswan
networkmanager_strongswan: fix package
2017-12-11 23:26:21 +00:00
Joachim F
4792523a3d
Merge pull request #32500 from srhb/logstash-locallisten
nixos/logstash: Listen on 127.0.0.1 instead of 0.0.0.0
2017-12-11 22:00:38 +00:00
Michael Peyton Jones
638d24950d plymouth: add breeze-plymouth as default theme 2017-12-11 20:42:00 +00:00
Andreas Rammhold
104de603cb networkmanager: remove restart after suspend from resume
In commit ec9dc73 restarting NetworkManager after resume from
suspend/hibernate was introduced.

When I initially switch to NixOS I started noticing a high delay between
wakeup and re-connecting to WiFi & wired networks. The delay increased
from a few seconds (on my previous distro, same software stack) to
almost half a minute with NixOS.

I (locally) applied the change in this commit a few weeks ago and tested
since then. The notebook/mobile device experience has improved a lot.
Reconnects are as before switching to NixOS.

Issue #24401 could be related to this. Since I am not using KDE/plasma5
I can only guess…
2017-12-10 00:19:15 +01:00
Sarah Brofeldt
b694fa0054 nixos/logstash: Listen on 127.0.0.1 instead of 0.0.0.0 2017-12-09 11:32:14 +01:00
Orivej Desh
40950f6a2d
Merge pull request #31006 from florianjacob/prosody
Improvements for Prosody
2017-12-09 09:19:24 +00:00
Joachim F
1541211c31
Merge pull request #32261 from erictapen/osrm-module
osrm service: init
2017-12-07 21:32:42 +00:00
Justin Humm
bfc3844a15 osrm service: init 2017-12-07 18:51:39 +01:00
Ryan Trinkle
ab2b3a5d0a nat: add extraCommands and extraStopCommands options 2017-12-06 11:17:38 -05:00
Pierre-Etienne Meunier
3b79220a41 nixos/gollum: enable emoji and file uploads (#32373) 2017-12-06 09:10:54 +00:00
Pierre Carrier
5a5325d11f nixos/modules/services/hardware/u2f: init 2017-12-06 07:37:44 +01:00
Pierre-Etienne Meunier
8e97f8fac4 nixos/gollum: Add optional MathJax support (#32338) 2017-12-05 12:20:31 +00:00
Maximilian Bosch
aaf1e1c4fb statsd: restore support for {influx,librato,stackdriver} backends
These packages will be placed into an environment using
`backendsToPackages`. This function explicitly maps backends to
`pkgs.nodePackages.${type}` unless it's a builtin. This ensures that only
valid backends that work on NixOS are used (if not, the build already
breaks at evaluation time).

The log will be redirected to `stdout` to be able to watch the entire
output using `journalctl`.

Configuration parameters for the backends need to be set using
`services.statsd.extraConfig` as each backend has its own options and
all of them shouldn't be validated and checked explicitly and manually.
2017-12-04 16:56:16 +01:00
zimbatm
3807408c38
Merge pull request #32212 from ryantrinkle/nat-port-forwarding-ranges
Nat port forwarding ranges
2017-12-04 12:05:05 +00:00
Ryan Trinkle
4f8a65a163 nixos/nat: add dmzHost option (#32257) 2017-12-04 09:21:58 +00:00
Jaka Hudoklin
bc557912a1
Merge pull request #28939 from xtruder/nixos/tor/trans_proxy
tor module: add support for transparent proxy and dns
2017-12-03 21:47:11 +01:00
Domen Kožar
d64ba1c060
Add localtime package and nixos module
Simple daemon for keeping system timezone up-to-date via geoclue2.

Sadly i3 status needs to be restarted for timezone changes.
2017-12-03 11:42:51 +01:00
Joachim F
58e4f8a14b
Merge pull request #32186 from jbboehr/patch-1
nixos/i2pd: tunnel configuration fixes
2017-12-03 07:58:36 +00:00
Ryan Trinkle
a8f1ebf52c nat: support port ranges in networking.nat.forwardPorts 2017-12-02 13:28:01 -05:00
John Boehr
67c3f7f65f nixos/i2pd: tunnel config fixes
Tunnel configuration has no member named "host" - i2pd does but it's called "address" in the options. As a result, no tunnel configuration is generated.

* Fix attribute check in inTunnels
* Fix integer to string coercion in inTunnels
* Add destinationPort option for outTunnels
2017-11-30 17:13:42 -08:00
Orivej Desh
dd7738d13f
Merge pull request #32203 from jtojnar/xorg-localectl
nixos/xserver: Move the keyboard configuration to 00-keyboard.conf
2017-12-01 00:29:47 +00:00
Bas van Dijk
460a4b0832 networkmanager_strongswan: fix package
Added the boolean option:

  networking.networkmanager.enableStrongSwan

which enables the networkmanager_strongswan plugin and adds
strongswanNM to the dbus packages.

This was contributed by @wucke13, @eqyiel and @globin.

Fixes: #29873
2017-11-30 23:03:32 +01:00
Jan Tojnar
1d868aa8de
nixos/xserver: Move the keyboard configuration to 00-keyboard.conf
localectl looks for keyboard settings in /X11/xorg.conf.d/00-keyboard.conf

Closes: #29959, #14318
2017-11-30 14:10:34 +01:00
James Earl Douglas
00cda0d18d nixos/nexus: fix typo
Nexus is produced by [Sonatype][1], not SonarType.

[1]: https://www.sonatype.org/
2017-11-29 22:39:37 +01:00
Philipp Hausmann
5f59913c74 FusionInventory: 3.18 -> 3.21 2017-11-29 14:58:36 +00:00
Vladimír Čunát
5f020d5627
Merge branch 'staging'
There are security fixes in multiple packages /cc #32117,
so I'm merging a little earlier, with a few thousand jobs
still not finished on Hydra for x86_64-darwin and aarch64-linux.
2017-11-29 10:02:40 +01:00
Orivej Desh
0e6ca9e85d
Merge pull request #31970 from The-M1k3y/master
nixos/factorio: add stateDir and requireUserVerification option
2017-11-29 08:36:52 +00:00
Orivej Desh
b8ddde411c
Merge pull request #32060 from elitak/ipfs
ipfs: add swarmAddress option
2017-11-29 01:59:08 +00:00
Orivej Desh
7d69f11293
Merge pull request #32141 from yellowgh0st/compton
compton: adding missing xr_glx_hybrid backend
2017-11-28 23:28:56 +00:00