Commit Graph

8512 Commits

Author SHA1 Message Date
Florian Jacob
847beb558f nixos/firewall: Rename misleading rejected to refused in logging
as that's used as general term for rejected or dropped packets
in the rest of the config.
2017-10-11 20:12:58 +02:00
aszlig
20487112ed
nixos: Fix output path generation of runInMachine
Regression introduced by a02bb00156.

The fix is done by disabling writableStore, because the latter will set
up an overlayfs on the Nix store within the VM, which in turn will
discard all the outputs of the resulting output path.

However in runInMachine we actually *want* the contents of the generated
path and also don't want a writable store within the VM (except of
course for $out, which is writable anyway).

I've added a small regression test to verifify the output in
nixos/tests/run-in-machine.nix to make sure this won't break again in
the future.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-10-11 20:08:11 +02:00
Jörg Thalheim
659c7484d1 Merge pull request #30312 from florianjacob/locatedb-fix-systemd-path-capabilities
locatedb: fix startup fail due to systemd path capabilities
2017-10-11 14:59:13 +01:00
Florian Jacob
70c3f56bdd nixos/locatedb: fix first run when /var/cache doesn't exist
by using systemd-tmpfiles.
Also document what's happening there.
2017-10-11 14:59:18 +02:00
Jörg Thalheim
6b3b708501 Merge pull request #30280 from woffs/speed
nix-daemon: mention speedFactor in example
2017-10-11 11:26:39 +01:00
Florian Jacob
818b161e0a nixos/locatedb: path restriction options were renamed
in systemd 231.
2017-10-11 11:15:29 +02:00
aszlig
f4e742594d
nixos: Fix detection of btrfs root volume
Regression introduced by 801c920e95.

Since then, the btrfsSimple subtest of the installer VM test fails with:

Btrfs did not return a path for the subvolume at /

The reason for this is that the output for "btrfs subvol show" has
changed between version 4.8.2 and 4.13.1.

For example the output of "btrfs subvol show /" in version 4.8.2 was:

/ is toplevel subvolume

In version 4.13.1, the output now is the following and thus the regular
expressions used in nixos-generate-config.pl and install-grub.pl now
match (which results in the error mentioned above):

/
        Name:                   <FS_TREE>
        UUID:                   -
        Parent UUID:            -
        Received UUID:          -
        Creation time:          -
        Subvolume ID:           5
        Generation:             287270
        Gen at creation:        0
        Parent ID:              0
        Top level ID:           0
        Flags:                  -
        Snapshot(s):

In order to fix this I've changed nixos-generate-config.pl and
install-grub.pl, because both use "btrfs subvol show" in a similar vein,
so the regex for parsing the output now doesn't match anymore whenever
the volume path is "/", which should result in the same behaviour as we
had with btrfs-progs version 4.8.2.

Tested against the btrfsSimple, btrfsSubvols and btrfsSubvolDefault
subtests of the installer VM test and they all succeed now.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-10-11 04:30:52 +02:00
Yegor Timoshenko
274c9b7587 unbound: fix typo in systemd Before 2017-10-10 20:08:36 +00:00
Bjørn Forsman
d26f8b5e00 nixos/lighttpd: add missing modules to allKnownModules
The output of ./configure shows all modules/plugins, both enabled and
disabled. With this info we can finally build the _complete_ list of
modules. We were missing these:

  mod_authn_gssapi
  mod_authn_ldap
  mod_geoip

(I hit this as I was building lighttpd with ldap support and the NixOS
module said ldap was unsupported, due to these missing entries in
allKnownModules.)
2017-10-10 20:14:38 +02:00
elseym
aeeac71231 mattermost: create role and db with postgres superuser
Recently, the postgres superuser name has changed. Using the configured
and correct username here fixes database initialisation.
2017-10-10 20:08:21 +02:00
WilliButz
5e8d1757ef nixos/xautolock: rewrite and add some options 2017-10-10 19:02:27 +02:00
Yegor Timoshenko
f9415cb621 desktop-managers: do not leak feh to PATH
feh is used to set background image for desktop managers that do not support it directly, however there is no need to include it in PATH.

Fixes #17450.
2017-10-10 15:46:33 +00:00
Frank Doepper
08bf000fe2 nix-daemon: mention speedFactor in example 2017-10-10 15:07:35 +02:00
Eelco Dolstra
9df79de1a1
Enable command-not-found
5a5db609e5 disabled it by default, which
may have been unintentional. mkEnableOption considered harmful.
2017-10-10 12:26:24 +02:00
Eelco Dolstra
ee9a15b323
Set $NIX_DEBUG_INFO_DIRS when environment.enableDebugInfo is enabled
This allows it to co-exist with other debug info directories, such as
the one used by dwarffs
(https://github.com/edolstra/dwarffs/blob/master/module.nix).
2017-10-10 12:04:57 +02:00
Jörg Thalheim
a61304e3cb Merge pull request #30261 from Ekleog/fcron-hardlink
fcron module: fix use with hardlink-optimized store
2017-10-09 23:12:40 +01:00
Léo Gaspard
1afd97aa8f
fcron module: fix use with hardlink-optimized store 2017-10-09 23:44:28 +02:00
WilliButz
7002ca7e1c nixos/zsh-syntax-highlighting: refactor 2017-10-09 23:30:10 +02:00
Benjamin Staffin
b3df084c70 nixos: minor X11 option description improvements (#30035) 2017-10-09 12:07:19 -07:00
Sarah Brofeldt
7b81889394 nixos/config/timezone: Disallow spaces 2017-10-09 20:52:25 +02:00
Shea Levy
f6858e55c2
Reserve uid/gids for kanboard 2017-10-09 07:44:32 -04:00
Joerg Thalheim
e34e28e573 nixos/fcron: service needs fcron in PATH
otherwise fcronsighup is not found.
Set PATH to /run/current-system/sw/bin does not seems to be used by service file anyway.
2017-10-09 11:43:24 +01:00
Tim Steinbach
c643759d41
kbfs: Add package in module 2017-10-08 12:49:58 -04:00
Jörg Thalheim
28db3ad7ae Merge pull request #30216 from bachp/minio-exporter
Minio exporter
2017-10-08 15:09:32 +01:00
Joerg Thalheim
e7e4e0c3b6 nixos/prometheus-minio-exporter: only inherit keys from minio if set 2017-10-08 15:05:25 +01:00
Pascal Bach
8e10a4d862 prometheus-minio-exporter service: default to local minio server if enabled 2017-10-08 15:09:25 +02:00
Jörg Thalheim
eefae49f6d Merge pull request #30183 from Mic92/openafs
openafs-client: don't remove kernel module on stop
2017-10-08 12:13:29 +01:00
Jörg Thalheim
62922af208 Merge pull request #29994 from bachp/minio-update
minio: 20170613 -> 2017-09-29T19-16-56Z
2017-10-08 12:12:32 +01:00
Pascal Bach
aad88ddf5b prometheus-minio-exporter service: init version 2017-10-08 12:47:00 +02:00
Pascal Bach
1983e6c8cc minio: 20170613 -> 2017-09-29T19-16-56Z
The test was updated as minio now needs at least 1 GiB of free disk,
otherwise it won't start.
2017-10-08 12:24:29 +02:00
Guillaume Maudoux
10dcf5897c 18.03 release notes: mention ZNC mutability change 2017-10-08 00:43:40 +01:00
Jörg Thalheim
b256b2778a Merge pull request #30204 from lheckemann/powertop-fix
powertop module: add kmod to path
2017-10-07 22:06:46 +01:00
Linus Heckemann
fadb906b2f powertop module: add kmod to path
powertop attempt to load some kernel modules like msr by calling
modprobe. This is the counterpart to
88e43eb39b which has the powertop
executable search PATH for modprobe rather than hardcoding /sbin, and
actually adds the directory containing modprobe to its PATH for the
systemd service.
2017-10-07 21:48:50 +01:00
Guillaume Maudoux
15b7e102b6 Safer defaults for immutable znc config (#30155)
* Safer defaults for immutable znc config

I just lost all the options I configured in ZNC, because the mutable config was overwritten.
I accept any suggestions on the way to implement this, but overwriting a mutable config by default seems weird. If we want to do this, we should ensure that ZNC does not allow to edit the config via the webmin when cfg.mutable is false.

* Do not backup old config files.

There seems to be little need for backups if mutable becomes a voluntary opt-out.

* fixup
2017-10-07 16:38:14 +01:00
Graham Christensen
30524ca860 Merge pull request #30171 from NeQuissimus/keybase_modules
keybase/kbfs: Fix modules
2017-10-07 09:51:44 -04:00
Joerg Thalheim
912ec467db openafs-client: don't remove kernel module on stop
Otherwise it cannot re-insert the kernel module after a kernel upgrade
when boot kernel != running kernel.
2017-10-07 10:11:30 +01:00
Tuomas Tynkkynen
e86b78363d nixos/filesystems/ext: Don't try to load ext3 module
This module doesn't exist since v4.3, where the ext3 driver was removed
as ext4.ko can mount ext3 filesystems as well.
2017-10-07 11:01:01 +03:00
Franz Pletz
801c920e95
btrfs-progs: 4.8.2 -> 4.13.1 2017-10-07 04:04:20 +02:00
Franz Pletz
3855b7977c
nixos: clean up kernel modules
* the keyboard modules in all-hardware.nix are already defaults of
   boot.initrd.availableKernelModules
 * ide modules, hid_lenovo_tpkbd and scsi_wait_scan have been removed
   because they're not available anymore
 * i8042 was a duplicate (see few lines abowe)
2017-10-07 01:48:03 +02:00
Franz Pletz
3df126dbf7
nixos/modules: clean up wireless firmware options
All available options were just enabling
hardware.enableRedistributableFirmware. There were nix files without
modules which weren't referenced anywhere.
2017-10-07 01:48:02 +02:00
Tim Steinbach
8840eaf223
keybase: Fix modules 2017-10-06 18:49:58 -04:00
michael bishop
0ee6f8612e
dd-agent: fix multiple tags in the config file 2017-10-05 19:33:18 -03:00
Orivej Desh
184f80aeb8 Merge pull request #29781 from rick68/softether
softether: 4.18 -> 4.20
2017-10-05 08:26:23 +00:00
Joerg Thalheim
c2c843adf7 nixos/traefik: guard example path 2017-10-04 14:51:20 +01:00
WilliButz
3539e16cfa
nixos/tests: clean up pgjwt test
- removed unneeded initscript
- use default postgres version for the test
2017-10-04 13:04:49 +02:00
Joerg Thalheim
a3200348b7 nixos/traefik: owner/group should be changed recursivly 2017-10-04 11:59:38 +01:00
Joachim F
0625110d1a Merge pull request #29927 from WilliButz/fix-pgjwt-test
nixos/tests: fix pgjwt test
2017-10-04 10:57:43 +00:00
Jörg Thalheim
b8288f137f Merge pull request #29865 from hamhut1066/traefik-module
nixos/traefik create service
2017-10-04 11:53:11 +01:00
Joerg Thalheim
3468c9e5cc nixos/traefik: create /var/lib/traefik with correct permissions 2017-10-04 11:49:42 +01:00
Hamish Hutchings
2e5297217d nixos/traefik create service 2017-10-04 11:26:39 +01:00
Franz Pletz
d6f7e2f6f6 Merge pull request #29942 from elitak/ipfs
Ipfs: prepare for autoMigrate fix
2017-10-04 03:07:25 +02:00
Alexander Foremny
03a5d729ef
nixos/gitlab: fix gitlab service
Fix GitLab service and update documentation. Fixes #30059.
2017-10-04 02:40:07 +02:00
Franz Pletz
eb59961855
Revert "pinentry: make GTK3 the default front-end"
This reverts commit 3f7e3db744.

This broke the gpg-agent user service. See #27468.
2017-10-04 02:16:37 +02:00
Eelco Dolstra
9b3aa19a88
Add NixOS 17.09 AMIs
Fixes #29976.
2017-10-03 16:56:59 +02:00
Jörg Thalheim
0b18fa4f09 Merge pull request #30014 from eqyiel/krb5-fixes
nixos/krb5: complete rewrite
2017-10-03 11:04:58 +01:00
Joerg Thalheim
1406e249b3 krb5: add deprecation date for old configuration 2017-10-03 11:01:05 +01:00
Joachim F
cb3d443787 Merge pull request #29452 from jerith666/pfix-srsd-1709
nixos/pfix-srsd: add module
2017-10-03 00:51:59 +00:00
Bob van der Linden
9d841295f3 gogs: avoid creating symlinks each run 2017-10-02 22:11:46 +02:00
Wei-Ming Yang
7e4e2667ae softether: 4.18 -> 4.20 2017-10-03 01:35:20 +08:00
The-M1k3y
0f2b46cdba nixos/gogs: fixed user creation if non-default user 2017-10-02 15:53:30 +02:00
Graham Christensen
5af263c2af Merge pull request #27468 from jtojnar/fix/pinentry-gnome
pinentry: add GNOME frontend
2017-10-02 07:29:23 -04:00
Jörg Thalheim
2354e0f05a cloud-utils: 0.29 -> 0.30 2017-10-02 09:11:20 +01:00
Ruben Maher
06e15e59f9 nixos/krb5: complete rewrite
The `krb5` service was a bit lacking.

Addresses NixOS/nixpkgs#11268, partially addresses NixOS/nixpkgs#29623.
2017-10-02 14:30:19 +10:30
WilliButz
7d09fc6ea7
nixos/tests: rewrite pgjwt test
- now using the test contained in the pgjwt source repo
- also compatible with the new `superUser` option of the
  `postgresql` service
2017-10-01 20:12:58 +02:00
Pascal Bach
2239dc6234 glusterfs service: fix issues with useRpcbind 2017-10-01 19:39:22 +02:00
Nikita Uvarov
a2ce4f25fe 17.09 release notes: fix typo 2017-10-01 12:44:06 +02:00
Jan Tojnar
3f7e3db744
pinentry: make GTK3 the default front-end
See: https://github.com/NixOS/nixpkgs/issues/18559
2017-10-01 01:40:03 +02:00
Robin Gloster
40ed226507 treewide: mark a bunch of failing builds as broken
(cherry picked from commit 23fdbaa37599f490435056b9865023870656571b)
[dezgeg: Un-mark shotcut, tokei & uchiwa that do build on master]
2017-10-01 00:26:52 +03:00
Joachim F
74db6fabcb Merge pull request #29868 from nh2/nh2-glusterfs-improvements-for-17.09-master
glusterfs service: a few fixes and improvements
2017-09-30 12:19:19 +00:00
Eric Litak
f46616db5a ipfs: disable autoMigrate option for now 2017-09-29 18:07:55 -07:00
Rok Garbas
748ef34f09 assertion should check for encrypted.label of the defined fileSystem 2017-09-29 19:55:28 +02:00
Joerg Thalheim
44b6a1509d nixos/bcc: init module
Looks trival, but it is easy to make the mistake
to add linuxPackages.bcc to systemPackages,
which breaks if the not the default kernel is used.
2017-09-29 15:18:25 +01:00
Joerg Thalheim
5572062674 nixos/sysdig: init module 2017-09-29 15:01:21 +01:00
Franz Pletz
5b8a798137
17.09 release notes: mention KDE upgrades 2017-09-29 01:52:17 +02:00
Franz Pletz
c22d717c75
17.09 release notes: fix typos & ordering 2017-09-29 01:52:17 +02:00
Peter Hoeg
963435a462 Merge pull request #29748 from fadenb/security.pam.usb_link_fix
security.pam.usb: fix url
2017-09-29 07:49:10 +08:00
Franz Pletz
49f175cd0c
17.09 release notes: add network interface rename note
Fixes #29197.
2017-09-29 00:07:37 +02:00
Robin Gloster
83405798e6
17.09 release notes: update information on gitlab 2017-09-28 23:14:31 +02:00
Robin Gloster
57ed9e7e1d
gitlab: 9.5.5 -> 10.0.2 2017-09-28 23:14:31 +02:00
Jörg Thalheim
12ac88af1d Merge pull request #29890 from mbrgm/nullmailer-fix
nixos/nullmailer: fixes and `remotesFile` option
2017-09-28 21:29:37 +01:00
Cray Elliott
d4bdf302a3 nvidia-x11: fix eval error from 4ef82339c9 2017-09-28 13:11:16 -07:00
Eelco Dolstra
6c72efe0ba
Don't generate instance-store AMIs
These are obsolete, use EBS AMIs instead.
2017-09-28 17:33:13 +02:00
Jan Tojnar
dfdfb97f0f nixos/tests/gnome3-gdm: Increase memory limit
The test was failing on x86_64 prematurely due to memory being exhausted.

See also 3b9f0c6a46
2017-09-28 17:20:23 +02:00
Robin Gloster
4ca4d6afca
18.03 release notes: reformat 2017-09-28 16:41:20 +02:00
Robin Gloster
a19c52a101
17.09 release notes: reformat and generate added services 2017-09-28 16:41:20 +02:00
Tristan Helmich
c6761f8578 security.pam.usb: link to wiki on github.com
pamusb.org no longer serves the intended content.
2017-09-28 16:00:28 +02:00
Robin Gloster
990b5a5388
release.nix: add mesos test back
This is working now again
2017-09-28 14:25:17 +02:00
Robin Gloster
4aeb38e5b9
Revert "kubernetes: fix hashes after dockerTools change"
This reverts commit 9ba024f6d8.
2017-09-28 14:09:49 +02:00
Robin Gloster
69344de783
Revert "dockerTools.pullImage: release note regarding sha256 argument value"
This reverts commit ea6d37c2bb.
2017-09-28 14:09:49 +02:00
Joerg Thalheim
91eb6cf82c nullmailer: simplify config generation 2017-09-28 11:04:39 +01:00
Marius Bergmann
e741cc4881 nullmailer: add remotesFile option
The current `remotes` option is a string option containing nullmailer remote
definitions. However, those definitions may contain secret credentials and
should therefore not be put world-readable in the nix store.

I added a `remotesFile` option, which allows to specify a path to the remotes
definition file instead. This way, the definitions can be kept outside of the
nix store with more secure file permissions.
2017-09-28 08:52:21 +02:00
Marius Bergmann
02e89de71c nullmailer: use proper description for remotes option 2017-09-28 08:52:21 +02:00
Marius Bergmann
f9d64a068b nullmailer: fix relative -> absolute path in preStart script 2017-09-28 08:52:21 +02:00
Franz Pletz
d0435ba032
network-interfaces: device routes for default gateway
Iff interface is set, it makes sense to add device route by default.
2017-09-28 02:14:07 +02:00
Jörg Thalheim
0a6fca15fd Merge pull request #29881 from volth/patch-67
nixos/tinc: add "restartTriggers" back
2017-09-28 00:57:26 +01:00
Ryan Mulligan
c6f513b56a nixos/monit: install monit as system package, use default config file path 2017-09-28 01:20:20 +02:00
volth
ddd13e1375 nixos/tinc: add "restartTriggers" back
Add "restartTriggers" back to restart the Tinc daemon when its peer is removed.
Reverted #27660
2017-09-27 23:16:02 +00:00
Robin Gloster
d05b0b6b70
mesos test: fix python handling
Still does not succeed but advances further

(cherry picked from commit 30d09f717aa94a78105bff22da548b904887b394)
2017-09-28 01:15:41 +02:00
Bjørn Forsman
3c6eb3a247 nixos/iso-image.nix: add top-level /version.txt file
This makes it easy to identify which NixOS version is written to an USB
stick without actually booting it.
2017-09-28 00:54:28 +02:00
Niklas Hambüchen
f4c53f1940 consul service: Restart on failure.
Consul is a service you typically want to have running all the time;
it's not supposed to quit by itself.
2017-09-28 00:41:15 +02:00