Commit Graph

6217 Commits

Author SHA1 Message Date
Peter J. Jones
d19967bf48 vsftpd service: add extraConfig option, set anon_root (#20069)
This commit includes two changes:

  1. A new `extraConfig` option to allow administrators to set any
     vsftpd configuration option that isn't directly supported by this
     derivation.

  2. Correctly set the `anon_root` vsftpd option to `anonymousUserHome`
2016-11-03 05:06:47 +01:00
Eric Sagnes
7fd38dc8b3 znc module: optionSet -> submodule (#20096) 2016-11-03 05:02:14 +01:00
Tim Steinbach
08fb099b82 Merge pull request #20085 from mbrgm/fix/smokeping-permissions
smokeping service: Fix permissions in $smokepingHome
2016-11-02 20:26:29 -04:00
Tim Steinbach
04b22dd935 Merge pull request #19982 from sternenseemann/netcat
Make netcat-openbsd the default netcat
2016-11-02 19:44:29 -04:00
Bjørn Forsman
2f8ac21e1b nixos: remove test-config-examples.sh (obsolete)
This file has been non-functional for over two years, since
commit f002a27a80 ("Remove obsolete directory") removed
.../doc/config-examples/.
2016-11-02 22:46:19 +01:00
Marius Bergmann
248bf519c9 smokeping service: Fix permissions in $smokepingHome
In the prestart config of the smokeping service, smokeping is executed
initially. This happens as the user root and writes some files to
$smokepingHome, which can't be overwritten by the smokeping user. This
gives an error message.

I fixed this by moving the chown step after the initial smokeping runs,
so that it also affects the generated files.
2016-11-02 13:18:57 +01:00
Ruben Maher
08d7fbb42d
matrix-synapse: Allow keys to be generated
The matrix-synapse user has `createHome = true;` which runs before the
`preStart` script, so the home directory will always exist and the block
will never execute.

Also don't include default path to keys in the configuration file,
because synapse will choke if it tries to open them before they
exist (even with `--generate-keys`).
2016-11-02 10:10:46 +01:00
romildo
a25e6bc8db lumina: init at 1.1.0-p1 2016-11-01 17:06:39 -02:00
Tim Steinbach
96e462cbe1 Merge pull request #19963 from groxxda/mpich
mpich: remove unused test
2016-11-01 09:22:37 -04:00
Edward Tjörnhammar
f7ad0c0fd5 Merge pull request #19675 from edwtjo/dictd-touchup
Dictd touchup
2016-10-31 13:08:57 +01:00
Jörg Thalheim
08ebb422c5
adb: init module 2016-10-31 11:30:07 +01:00
Aneesh Agrawal
3d99eea852 docs: use overrideAttrs instead of overrideDerivation 2016-10-30 14:34:40 -04:00
sternenseemann
e2372502d3 netcat: make netcat-openbsd the default netcat (#19411)
The motivation for this change is the following: As gnu-netcat,
e. g. does not support ipv6, it is not suitable as default netcat.

This commit also fixes all obvious build issues caused by this change.
2016-10-30 15:06:04 +01:00
Aristid Breitkreuz
db537ed87d opensmtpd service: fix evaluation error caused by Joachim's refactoring 2016-10-30 11:34:16 +01:00
Timofei Kushnir
faa6f9b6b3 grsecurity: fix 'isYes' and 'isNo' 2016-10-29 14:26:06 +03:00
Alexander Ried
bb8b48c794 mpich: remove unused test 2016-10-29 07:33:28 +02:00
Joachim Fasting
420cf50838
dnscrypt-proxy module: minor config example tweaks
- Indentation
- unbound automatically handles local forward addresses
2016-10-29 03:04:00 +02:00
Joachim Fasting
d198e474a8
dnscrypt-proxy service: remove use of mkEnableOption 2016-10-29 03:03:50 +02:00
aszlig
3d4b6257d6
nixos/stage1: Fix local keyword outside function
Thanks to @NeQuissimus in a5c1985fef for
updating busybox, which since version 1.25 doesn't allow local variables
outside of functions anymore (which is the desired behaviour).

See the following upstream commit of busybox which is the change that
let's this problem surface:

https://git.busybox.net/busybox/commit/?id=ef2386b80abfb22ccb697ddbdd4047aacc395c50

So this has been an error I've made on my end in
67223ee205, because I originally had a
function for killing the processes but desired to inline it because it's
only used in one place.

This fixes the boot-stage1 NixOS test.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-10-28 22:50:44 +02:00
Joachim Fasting
6977b94e9b
Revert "xserverArgs fuckup"
This reverts commit c2922a9157.

See https://github.com/NixOS/nixpkgs/issues/19930

While the above commit is designed to allow GDM to work, it appears to
break other use cases.  In particular, it breaks tests involving X
usage (e.g., i3wm[1] and firefox[2]), which makes it difficult to assess
the impact of other changes and so hampers development of unrelated
features.

https://hydra.nixos.org/build/42852015
https://hydra.nixos.org/build/42851666
2016-10-28 19:30:12 +02:00
Joachim F
1da6dd3eee Merge pull request #19875 from joachifm/cjdns-for-upstream
Cjdns module enhancments
2016-10-28 13:01:58 +02:00
Joachim Fasting
8180922d23 cjdns service: refactor cjdns hosts builder
The old version would export two lists to a bash builder and do pairwise
processing on the bash side.  In the new version we instead generate a
logic free builder on the Nix side. This is not only conceptually
simpler but reduces the amount of code and intermediate values.
2016-10-27 14:15:54 +02:00
Joachim Fasting
9654e09b5a cjdns service: ensure that generated passwd has requested length
`head -cNUM ... | tr -dc SET` might generate output containing fewer
than NUM characters.  Given the limited alphabet, this could result in a
fairly weak passphrase. The construction `tr </dev/urandom | head
-cNUM`, however, is sure to give us the full `NUM`.
2016-10-27 14:15:53 +02:00
Joachim Fasting
e94bd6f31d cjdns service: protect /home and /tmp 2016-10-27 14:15:52 +02:00
Joachim Fasting
5fba586650 cjdns service: better types
- types.string -> str, string is deprecated
- change type of confFile option to nullOr path, makes more sense
2016-10-27 14:15:52 +02:00
Joachim Fasting
afe67f28a3 cjdns service: use cfg.enable shortcut 2016-10-27 14:15:51 +02:00
Joachim Fasting
79d216b8f4 cjdns service: whitespace cleanup 2016-10-27 14:15:51 +02:00
Joachim F
371a595f3c Merge pull request #19874 from joachifm/opensmtpd-refactorings
Opensmtpd module refactorings
2016-10-27 13:39:09 +02:00
Joachim F
709c6a6238 Merge pull request #19876 from joachifm/fix-virtualbox-test
virtualbox-{systemd-detect-virt,net-hostonlyif} test: fix dbus socket dir
2016-10-27 13:02:16 +02:00
Frederik Rietdijk
7077a270bf Merge remote-tracking branch 'upstream/master' into HEAD 2016-10-26 13:06:43 +02:00
Joachim Fasting
ab1e216942 opensmtpd service: remove redundant wants network.target
Already part of normal bootup.
2016-10-26 03:01:56 +02:00
Joachim Fasting
f24ffc4919 opensmtpd service: require serverConfiguration
If the daemon won't function without a valid config, it makes no sense
to default to an empty config.  Instead, turn that case into a build
failure.
2016-10-26 03:01:56 +02:00
Joachim Fasting
3851afc8eb opensmtpd service: path -> package for option procPackages 2016-10-26 03:01:56 +02:00
Joachim Fasting
946fe73b56 opensmtpd service: use explicit pkgs for consistency 2016-10-26 03:01:56 +02:00
Joachim Fasting
37afc5cda1 opensmtpd service: serviceConfiguration option as types.lines 2016-10-26 03:01:56 +02:00
Joachim Fasting
c86fe2224e virtualbox-{systemd-detect-virt,net-hostonlyif} test: fix dbus socket dir
The test complains[1][2] that

   Failed to start message bus: Failed to bind socket "/run/dbus/system_bus_socket": No such file or directory

In 639e5401ff, the dbus socket dir is set
to `/run/dbus`; in the test vm `/var/run/dbus` is used, but the standard
`/run -> /var/run` link is typically not created until stage 2 init, not
in the minimal init used here.  Thus, dbus fails to run within the test
environment .  Fix by changing `/var/run/dbus` to simply `/run/dbus`.

[1]: https://hydra.nixos.org/build/42534725
[2]: https://hydra.nixos.org/build/42523834
2016-10-26 03:00:54 +02:00
Bjørn Forsman
cd1b09af5d nixos/tftpd: change default dir from /home/tftp to /srv/tftp
/home is for real users. /srv is recommended by FHS (although there is
no consensus for what to name subdirs under /srv).
2016-10-25 17:20:52 +02:00
Bjørn Forsman
d03dbfcbb8 nixos/tftpd: mention that it runs as an xinetd service 2016-10-25 17:20:52 +02:00
Domen Kožar
1622a21c68 Merge pull request #19453 from ryantrinkle/openfire-fix
openfire: fix service expression
2016-10-24 11:35:16 +02:00
Joachim F
bdc4397303 Merge pull request #19805 from joachifm/startAt-fixups
Fixup remaining uses of startAt
2016-10-23 20:39:53 +02:00
Emery Hemingway
7c6a4e6c35 nixos/octoprint: fixup extraConfig 2016-10-23 19:47:28 +02:00
Emery Hemingway
b675619391 nixos: use types.lines for extraConfig 2016-10-23 19:41:43 +02:00
Joachim Fasting
4c41c412a0
nix gc service: fix use of startAt
`startAt = ""` as in `startAt = optionalString false ...` results
in an invalid timer unit (due to "" being promoted to a singleton
list and not filtered out).

Ref: c9941c4b5e
2016-10-23 17:56:49 +02:00
Joachim Fasting
645ff13a4b
nixos autoUpgrade: fix use of startAt
`startAt = ""` as in `startAt = optionalString false ...` results
in an invalid timer unit (due to "" being promoted to a singleton
list and not filtered out).

Ref: c9941c4b5e
2016-10-23 17:56:39 +02:00
Jörg Thalheim
eb3f23d9ba
openldap: apply correct type for configDir
null is not a path
2016-10-23 16:00:22 +02:00
Luca Bruno
202cd28edb Merge pull request #19795 from womfoo/fix/openldap-configDir
openldap: set configDir as null
2016-10-23 14:35:37 +01:00
Kranium Gikos Mendoza
1e3f622dbd openldap: set configDir as null
fixes an error #19794 with this new option f3404b7 when using plain configuration files
2016-10-23 11:55:23 +00:00
José Romildo Malaquias
8b7e3c3537 oblogout: init at 2009-11-18 2016-10-23 11:45:30 +02:00
Bram Duvigneau
f1d45add3b brltty: 5.2 -> 5.4 2016-10-22 22:03:45 +00:00
Jörg Thalheim
fba9d231b4 Merge pull request #17394 from schneefux/znc-module
ZNC: 1.6.2 -> 1.6.3, push 2015-12-07 -> 2016-07-28, module refactor
2016-10-22 19:58:24 +02:00
Alexander Ried
459da7b86e gnome3: default to 3.22 (#19743)
* gnome3: default to 3.22

* zuki-themes: add src for gnome 3.22, remove 3.18

* gnome3_22.vte_290: copy from gnome3.20

* termite: use vte-select-text from gnome3_20
2016-10-22 19:54:20 +02:00
Jörg Thalheim
4bb91b315d Merge pull request #19601 from Hinidu/fix/neo4j-update-3
neo4j: 2.1.3 -> 3.0.6
2016-10-22 19:49:37 +02:00
Jörg Thalheim
fafe3ec40a Merge pull request #19624 from bjornfor/improve-atftpd-service
nixos/atftpd: various improvements
2016-10-22 18:08:53 +02:00
Frederik Rietdijk
e56832d730 Merge remote-tracking branch 'upstream/master' into HEAD 2016-10-22 17:23:24 +02:00
obadz
cf94cdb59b lightdm module: require accounts daemon module 2016-10-22 14:46:00 +01:00
schneefux
ee42e000dd
znc module: refactor 2016-10-22 13:52:20 +02:00
Jörg Thalheim
b0c38f450f Merge pull request #19347 from cedeel/bspwm-git
bspwm-unstable: init at 2016-09-30
2016-10-22 11:49:24 +02:00
Jörg Thalheim
6f99aa9a7e Merge pull request #19289 from DerTim1/openldap-add-configDir-option
openldap: add configDir option
2016-10-22 09:33:15 +02:00
Jörg Thalheim
20383d2606 Merge pull request #19635 from nhooyr/sshgen
sshd: separate key generation into another service
2016-10-21 23:40:16 +02:00
uwap
42e93b5f2a quassel-webserver: init at 2.1.1 2016-10-21 23:31:50 +02:00
Eelco Dolstra
e6088f77be initrd: Include i8042 kernel module
For some reason, between Linux 4.4.19 and 4.4.20, the atkbd and libps2
kernel modules lost their dependency on i8042 in modules.dep, causing
i8042 not to be included in the initrd. This breaks keyboard in the
initrd, in turn breaking LUKS.

This only happens on the 16.03 branch; on 16.09, it appears i8042 is
pulled into the initrd anyway (through some other dependency,
presumably). But let's include it explicitly.

http://hydra.nixos.org/build/40468431
2016-10-21 14:27:11 +02:00
Domen Kožar
41c490b75e acme: we do want to support ipv4 afterall 2016-10-21 13:25:11 +02:00
Domen Kožar
d8f21b3ca3 acme: provide full nginx example
(cherry picked from commit 2af7382f76a6523f1220637b3ec49ad25a02b040)
Signed-off-by: Domen Kožar <domen@dev.si>
2016-10-21 13:19:04 +02:00
Anmol Sethi
1a74eedd07 sshd: separate key generation into another service
Fixes #19589
2016-10-20 23:14:37 -04:00
Joachim F
858f54dd88 Merge pull request #19664 from eqyiel/revert-19591-master
Revert "matrix-synapse: Pass required --report-stats opt"
2016-10-21 01:47:12 +02:00
Tim Steinbach
99d9d32899 Merge pull request #19668 from groxxda/timers
systemd.timers: automatically convert string to list
2016-10-20 17:37:28 -04:00
Vladimír Čunát
4d5b893002 Merge #19081: gnome-3.22
Also master commits are brought in.
2016-10-20 23:04:10 +02:00
Tim Steinbach
0cbc4551ed Merge pull request #19729 from groxxda/supplicant
supplicants: fix wants and wantedBy
2016-10-20 16:39:59 -04:00
Jörg Thalheim
5f886fb8cb Merge pull request #19262 from chris-martin/riemann-health-ps
Fix riemann-health service (add missing procps dependency)
2016-10-20 22:11:43 +02:00
Alexander Ried
57d9c69c6a supplicant: fix wants and wantedBy 2016-10-20 20:17:17 +02:00
Tim Steinbach
42093f3592 Merge pull request #19722 from ericsagnes/feat/nspawn-optionSet
nspawn module: optionSet -> submodule
2016-10-20 12:45:25 -04:00
Eric Sagnes
87318e9820 nspawn module: optionSet -> submodule 2016-10-21 01:31:54 +09:00
Eelco Dolstra
e6bcff4d53 display-manager: Require systemd-udev-settle.service
It was already ordered after systemd-udev-settle.service, but that
doesn't do anything if no other units require
systemd-udev-settle.service. This was causing random failures during X
server startup, e.g.

machine# [   12.691372] display-manager[607]: (EE) open /dev/dri/card0: No such file or directory

http://hydra.nixos.org/build/41062823
2016-10-20 17:49:40 +02:00
Robin Gloster
d05d063572
nginx: set correct acme permissions 2016-10-20 11:18:25 +02:00
Robin Gloster
c2eb39faba
gitlab: start sidekiq when starting gitlab 2016-10-20 11:18:21 +02:00
Peter Hoeg
1026bebee6
syncthing: use service files from upstream
Currently only for the user services as NixOS handles the named system
instances slightly differently.

syncthing and syncthing-inotify are done the same way.

There are 4 parts to this:

 1) Copy in the upstream unit files
 2) Make the nixos module use the definition from upstream
 3) Enable restarting of all instances (system and user) on resume
 4) Allow the traffic in the firewall on default ports if wanted

fixes #18973
2016-10-19 21:20:57 +02:00
Ryan Trinkle
928341132e openfire: fix service expression
openfire is not in scope
2016-10-19 11:06:07 -04:00
Edward Tjörnhammar
eacb020a0c
nixos: dictd, make wiktionary and wordnet default dicts 2016-10-19 08:43:30 +02:00
Edward Tjörnhammar
642366d103
nixos: dictd config location; bind to cfg 2016-10-19 08:43:30 +02:00
Alexander Ried
8bb4fc1039 systemd.timers: filter timers with empty startAt 2016-10-19 02:22:12 +02:00
Alexander Ried
89ef1a1756 nix-optimise module: fix startAt 2016-10-19 02:22:12 +02:00
Alexander Ried
c9941c4b5e systemd.timers.startOn: automatically convert string to list 2016-10-19 02:22:12 +02:00
Ruben Maher
2e0d0af1c8 Revert "matrix-synapse: Pass required --report-stats opt" 2016-10-19 08:28:38 +10:30
Bjørn Forsman
f3876cbba0 nixos/atftpd: various improvements
* Add extraOptions option, to pass arbitrary command line options to
  atftp. Especially useful to specify which address to bind to
  (--bind-addres ...).
* Improve descriptions (fix a typo, document default bind address,
  don't repeat service name in systemd description + capitalize)
* Change default server directory from /var/empty to /srv/tftp, and
  change types.str to types.path.
2016-10-17 16:20:24 +02:00
Nikolay Amiantov
0842bc94e5 cachefilesd service: init 2016-10-16 19:58:33 +03:00
Bjørn Forsman
8cbdd9d0c2 nixos/release-notes: move "PHP config-file-scan-dir" from 16.09 to 17.03
Commits

  351d12437 ("nixos/release-notes: PHP config-file-scan-dir /etc -> /etc/php.d")
  41c8aa8d6 ("php: change config-file-scan-dir from /etc to /etc/php.d")

were merged to master _after_ NixOS 16.09. Commit 351d12437 then wrongly
updated the NixSO 16.09 release notes. Fix by moving the entry to NixOS
17.03.
2016-10-16 17:21:24 +02:00
Pavel Platto
b835446563 neo4j: 2.1.3 -> 3.0.6 2016-10-16 17:11:05 +02:00
Ruben Maher
443d833947 matrix-synapse: Pass required --report-stats opt 2016-10-16 18:12:54 +10:30
Chris Darnell
137ce58317 bspwm-unstable: init at 2016-09-30 2016-10-16 01:28:11 -04:00
Graham Christensen
31b286467c
hound: Add description to services.hound.config 2016-10-15 19:09:33 -04:00
Benno Fünfstück
796264a708 nixos/avahi: use more upstream-like systemd units
The new units mirror the upstream systemd units as closely as possible.
I could not find a reason why the service would need to be restarted on
resuming from suspend, and the upstream units also do not contain such a
restriction, so I removed the `partOf = [ "post-resume.target"]`.
This fixes #19525.
2016-10-15 22:51:39 +02:00
Alexander Ried
4094d63dea NetworkManager-strongswan: init at 1.4.0 2016-10-15 20:32:16 +02:00
Alexander Ried
c2922a9157 xserverArgs fuckup
gnome-x-session provides good defaults which we really should not
override.
We have to add assertions to gdm.nix if the user specified one of those.

enableTCP must be configured through a gnome setting

dunno why we have terminate but it probably breaks stuff

We should expose configFile so we can use it from gdm module.
2016-10-15 20:32:14 +02:00
Alexander Ried
56d24b8e1d gdm module: enable user dbus session 2016-10-15 20:32:14 +02:00
Alexander Ried
a5aa926902 gdm module: only make xserver args overrideable 2016-10-15 20:32:14 +02:00
Alexander Ried
5125161a77 gnome3_22.gnome-session: lookup of gnome-settings-daemon.desktop 2016-10-15 20:32:14 +02:00
Alexander Ried
50adbbe65c displayManager.gdm: only gnome-session needs to be on path 2016-10-15 20:32:12 +02:00
Alexander Ried
e8ade4ff78 gnome3.gvfs module: make systemd services available 2016-10-15 20:32:12 +02:00
Alexander Ried
38212f6a0f gnome3.tracker module: add self to systemd path
fixes GDBus.Error:org.freedesktop.systemd1.NoSuchUnit: Unit
tracker-store.service not found. - indexing for (null) will not work
2016-10-15 20:32:12 +02:00
Alexander Ried
47dc33ded2 gnome3.evolution-data-server module: add self to systemd path 2016-10-15 20:32:12 +02:00