Commit Graph

6142 Commits

Author SHA1 Message Date
Maximilian Bosch
ad3a50e25b
nixos/gitea: add option to disable registration
Although this can be added to `extraOptions` I figured that it makes
sense to add an option to explicitly promote this feature in our
documentation since most of the self-hosted gitea instances won't be
intended for common use I guess.

Also added a notice that this should be added after the initial deploy
as you have to register yourself using that feature unless the install
wizard is used.
2019-01-14 16:04:02 +01:00
Jan Tojnar
e35acd7f1c gnome3: link nautilus-python paths to environment 2019-01-13 17:43:33 +01:00
Yorick
4d68e82dbc nixos/borgbackup: use coercedTo instead of apply on paths (#53756)
so multiple declarations merge properly
2019-01-10 16:34:02 +01:00
Vladimír Čunát
829ada37bf
Merge #53365: nixos/nsd: Don't override bind via nixpkgs.config 2019-01-10 11:00:40 +01:00
Aaron Andersen
fd5a88687c nixos/httpd: add options sslCiphers & sslProtocols 2019-01-09 11:30:19 -05:00
Robin Gloster
c75571d66c
Merge pull request #53598 from mayflower/atlassian-updates
atlassian updates
2019-01-08 17:56:13 +00:00
Silvan Mosberger
6a942aec5b
Merge pull request #52765 from Izorkin/datadog-agent
datadog-agent: 6.4.2 -> 6.8.3
2019-01-08 16:01:26 +01:00
Izorkin
47a8b13efa datadog-agent: 6.4.2 -> 6.8.3 2019-01-08 11:16:44 +03:00
Robin Gloster
89d24aca93
atlassian-crowd: 3.2.5 -> 3.3.3 2019-01-07 21:54:23 +01:00
Franz Pletz
b60f8fc6e2
atlassian modules: don't chown home recursively
This can take a long time and should not be necassary anyway.
2019-01-07 21:54:20 +01:00
Matthew Bauer
de30f4e61d
Merge pull request #51570 from eonpatapon/cassandra-logging
cassandra: add option to configure logging
2019-01-07 12:41:07 -06:00
Bas van Dijk
6ac10cd764
Merge pull request #53399 from LumiGuide/feat-wordpress-copy-plugins
apache-httpd/wordpress: copy plugins and themes instead of symlinking
2019-01-07 13:41:29 +01:00
Tim Steinbach
289fe57eea
urxvt: Allow switching out package 2019-01-07 07:35:20 -05:00
Falco Peijnenburg
9d2c9157d7 nixos/apache-httpd/wordpress: copy plugins and themes instead of symlinking
Symlinking works for most plugins and themes, but Avada, for instance, fails to
understand the symlink, causing its file path stripping to fail. This results in
requests that look like:

https://example.com/wp-content//nix/store/...plugin/path/some-file.js

Since hard linking directories is not allowed, copying is the next best thing.
2019-01-06 17:51:31 +01:00
Frederik Rietdijk
e5381cdece Merge master into staging-next 2019-01-06 09:36:23 +01:00
Jörg Thalheim
09fb07e4af
Merge pull request #52943 from ck3d/vdr-enableLirc
nixos vdr: introduce option enableLirc
2019-01-05 17:51:41 +01:00
Jörg Thalheim
9b2f0fbcdd
nixos/lirc: expose socket path via passthru 2019-01-05 13:22:39 +01:00
Frederik Rietdijk
9618abe87c Merge master into staging-next 2019-01-04 21:13:19 +01:00
aszlig
6446d9eee8
nixos/nsd: Improve checking for empty dnssec zones
While at it (see previous commit), using attrNames in combination with
length is a bit verbose for checking whether the filtered attribute set
is empty, so let's just compare it against an empty attribute set.

Signed-off-by: aszlig <aszlig@nix.build>
2019-01-04 01:59:28 +01:00
aszlig
751bdacc9b
nixos/nsd: Don't override bind via nixpkgs.config
When generating values for the services.nsd.zones attribute using values
from pkgs, we'll run into an infinite recursion because the nsd module
has a condition on the top-level definition of nixpkgs.config.

While it would work to push the definition a few levels down, it will
still only work if we don't use bind tools for generating zones.

As far as I could see, Python support for BIND seems to be only needed
for the dnssec-* tools, so instead of using nixpkgs.config, we now
directly override pkgs.bind instead of globally in nixpkgs.

To illustrate the problem with a small test case, instantiating the
following Nix expression from the nixpkgs source root will cause the
mentioned infinite recursion:

  (import ./nixos {
    configuration = { lib, pkgs, ... }: {
      services.nsd.enable = true;
      services.nsd.zones = import (pkgs.writeText "foo.nix" ''
        { "foo.".data = "xyz";
          "foo.".dnssec = true;
        }
      '');
    };
  }).vm

With this change, generating zones via import-from-derivation is now
possible again.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @pngwjpgh
2019-01-04 01:49:50 +01:00
Jean-Philippe Braun
4f99f8d2cb nixos/prometheus-bind-exporter: add module 2019-01-03 21:14:21 +01:00
Frederik Rietdijk
2da31b80bb Merge master into staging-next 2019-01-03 20:07:35 +01:00
Silvan Mosberger
2b1c9fd8a7
Merge pull request #53301 from cdepillabout/remove-cpufreqgov-alias
nixos/cpufreq: Remove the alias to set the cpu frequency governor
2019-01-03 17:47:53 +01:00
(cdep)illabout
46ecec8239
nixos/cpufreq: Remove the alias to set the cpu frequency governor
This PR temporarily fixes the issue with PR 53041 as explained
here:

https://github.com/NixOS/nixpkgs/pull/53041#commitcomment-31825338

The alias `powerManagement.cpufreq.governor` to
`powerManagement.cpuFreqGovernor` has been removed.
2019-01-03 20:57:49 +09:00
Сухарик
a285cead44 nixos/display-managers: allow pure wayland sessions 2019-01-03 09:38:36 +03:00
Frederik Rietdijk
092e3b50a8 Merge master into staging-next 2019-01-02 21:08:27 +01:00
ajs124
325e314aae
sshd: Add restartTrigger for sshd_config
Co-Authored-By: Franz Pletz <fpletz@fnordicwalking.de>
2019-01-02 20:11:01 +01:00
Franz Pletz
0ea65cd96c
shairport-sync service: fix default arguments 2019-01-02 19:17:22 +01:00
(cdep)illabout
b0f10d2d53
cpufreq: add option for setting the cpu max and min frequencies
This adds a NixOS option for setting the CPU max and min frequencies
with `cpufreq`.  The two options that have been added are:

- `powerManagement.cpufreq.max`
- `powerManagement.cpufreq.min`

It also adds an alias to the `powerManagement.cpuFreqGovernor` option as
`powerManagement.cpufreq.governor`.  This updates the installer to use
the new option name.  It also updates the manual with a note about
the new name.
2019-01-01 19:18:12 +09:00
Frederik Rietdijk
070290bda7 Merge master into staging-next 2018-12-31 12:00:36 +01:00
Silvan Mosberger
070254317e
Revert "nixos/ddclient: make RuntimeDirectory and configFile private" 2018-12-29 16:53:43 +01:00
Christian Kögler
987fdea1a8 nixos vdr: introduce option enableLirc
also introduce option socket for lirc, to have access to socket path
2018-12-26 22:59:06 +01:00
Frederik Rietdijk
e45ca47f14 Merge staging-next into staging 2018-12-26 09:30:32 +01:00
worldofpeace
c1599d29d9 gcr: rename from gnome3.gcr 2018-12-25 20:14:28 -05:00
worldofpeace
3f6c81da4d
Merge pull request #52592 from worldofpeace/geoclue/correct-sysconf
geoclue2: correct sysconfdir
2018-12-25 19:03:22 -05:00
worldofpeace
c65edd687f geoclue2: correct sysconfdir 2018-12-25 18:38:19 -05:00
Jan Tojnar
ef935fa101
Merge branch 'master' into staging 2018-12-24 15:02:29 +01:00
Jörg Thalheim
044ff3dc66
nixos/vdr: don't delete recordings 2018-12-23 18:54:39 +01:00
Jörg Thalheim
633bc1d09b
Merge pull request #52686 from Mic92/vdr
vdr: revisited version of https://github.com/NixOS/nixpkgs/pull/32050
2018-12-23 16:19:27 +01:00
Emery Hemingway
124d8ccc69
Add IPFS warning 2018-12-22 20:04:19 +01:00
Jörg Thalheim
45986ec587
nixos/vdr: create video directory automatically 2018-12-22 15:13:35 +01:00
Christian Kögler
dd3f755cf4
vdr: initial at 2.4.0 and nixos module
used same plugin mechanism as kodi does
2018-12-22 15:13:25 +01:00
worldofpeace
94af8ebde2 nixos/displayManager: only install wayland sessions if they exist in extraSessionFilePackages
Not everyone is using wayland just yet.
2018-12-22 01:15:09 -05:00
Samuel Dionne-Riel
3c38cc8058
Merge pull request #51813 from samueldr/aarch64/disable-non-arm-builds-part-1
aarch64: ZHF for aarch64 (1/??)
2018-12-20 21:06:52 -05:00
Maximilian Bosch
87ebc2ad0b
Merge pull request #52345 from r-ryantm/auto-update/clickhouse
clickhouse: 18.14.9 -> 18.14.18
2018-12-20 18:48:37 +01:00
Jörg Thalheim
2dd13d4ba0 nixos/glusterfs: remove unused PYTHONPATH
this directory does not exists
2018-12-20 14:54:56 +00:00
Maximilian Bosch
64d05bbdd2
clickhouse: fix module and package runtime
Although the package itself builds fine, the module fails because it
tries to log into a non-existant file in `/var/log` which breaks the
service. Patching to default config to log to stdout by default fixes
the issue. Additionally this is the better solution as NixOS heavily
relies on systemd (and thus journald) for logging.

Also, the runtime relies on `/etc/localtime` to start, as it's not
required by the module system we set UTC as sensitive default when using
the module.

To ensure that the service's basic functionality is available, a simple
NixOS test has been added.
2018-12-20 13:03:41 +01:00
Jeremy Apthorp
654c3124b2
shairport-sync: don't daemonize
This flag causes the shairport-sync server to attempt to daemonize, but it looks like systemd is already handling that. With the `-d` argument, shairport-sync immediately exits—it seems that something (systemd I'm guessing?) is sending it SIGINT or SIGTERM.

The [upstream systemd unit](https://github.com/mikebrady/shairport-sync/blob/master/scripts/shairport-sync.service.in#L10) doesn't pass `-d`.
2018-12-19 22:37:25 -08:00
Frederik Rietdijk
9ab61ab8e2 Merge staging-next into staging 2018-12-19 09:00:36 +01:00
volth
fed7914539
Merge branch 'staging' into make-perl-pathd 2018-12-18 17:13:27 +00:00
Silvan Mosberger
9673380261
Merge pull request #52168 from cdepillabout/add-bluezFull-package
Add bluez full package
2018-12-17 03:01:49 +01:00
Satoshi Shishiku
5a93f6149a
prosody service: set cafile
Fix s2s_secure_auth.
2018-12-17 01:01:41 +01:00
Jan Tojnar
aead6e12f9
Merge remote-tracking branch 'upstream/master' into staging 2018-12-16 22:55:06 +01:00
Florian Klink
91c65721f7 owncloud: remove server
pkgs.owncloud still pointed to owncloud 7.0.15 (from May 13 2016)

Last owncloud server update in nixpkgs was in Jun 2016.
At the same time Nextcloud forked away from it, indicating users
switched over to that.

cc @matej (original maintainer)
2018-12-16 15:05:53 +01:00
Florian Klink
50500219af apache-httpd/limesurvey.nix: fix copypasta from owncloud 2018-12-16 15:05:53 +01:00
Florian Klink
34d45007e2
Merge pull request #51053 from Ma27/draft-nextcloud-module-docs
nixos/nextcloud: add basic module documentation and warn about current upgrading issues
2018-12-16 12:16:47 +01:00
Rickard Nilsson
b20fcce195 nixos/nm-setup-hostsdir: RemainAfterExist -> RemainAfterExit 2018-12-15 08:33:28 +01:00
(cdep)illabout
9039cc3f28
Add explanation of using the bluezFull package in nixos documentation. 2018-12-15 14:49:41 +09:00
volth
bb9557eb7c lib.makePerlPath -> perlPackages.makePerlPath 2018-12-15 03:50:31 +00:00
Florian Klink
da6a3271bb
Merge pull request #51624 from dasJ/slapd-log
nixos/openldap: Support configuring the log level
2018-12-14 11:12:43 +01:00
Elis Hirwing
6fa51fe5cf
nixos/lightdm: Fix spelling of option in docs 2018-12-13 22:26:12 +01:00
Elis Hirwing
c974813b92
nixos/sddm: Fix spelling of option in docs 2018-12-13 22:25:19 +01:00
Bas van Dijk
5d970e740e pythonPackages.elasticsearch-curator: 5.5.4 -> 5.6.0 2018-12-13 20:58:58 +01:00
Janne Heß
3c54d6b2f8 nixos/openldap: Support configuring the log level 2018-12-13 15:14:59 +01:00
Arian van Putten
1d5f4cbb78 nixos/nscd: Add a descriptive comment to the nscd configuration 2018-12-12 15:35:46 +01:00
Arian van Putten
a74619c1ae nixos/nscd: also add netgroup to the config
It was the last database that wasn't listed.
2018-12-12 15:35:40 +01:00
Arian van Putten
de76c16f9c nixos/nscd: Merge nscd and sssd-nscd config 2018-12-12 15:35:40 +01:00
Arian van Putten
99d3279952 nixos/nscd: Disable negative caching of hosts
Hopefully fixes #50290
2018-12-12 15:35:40 +01:00
Arian van Putten
e712417936 nixos/nscd: Disable caching of group and passwd
Systemd provides an option for allocating DynamicUsers
which we want to use in NixOS to harden service configuration.
However, we discovered that the user wasn't allocated properly
for services. After some digging this turned out to be, of course,
a cache inconsistency problem.

When a DynamicUser creation is performed, Systemd check beforehand
whether the requested user already exists statically. If it does,
it bails out. If it doesn't, systemd continues with allocating the
user.

However, by checking whether the user exists,  nscd will store
the fact that the user does not exist in it's negative cache.
When the service tries to lookup what user is associated to its
uid (By calling whoami, for example), it will try to consult
libnss_systemd.so However this will read from the cache and tell
report that the user doesn't exist, and thus will return that
there is no user associated with the uid. It will continue
to do so for the cache duration time.  If the service
doesn't immediately looks up its username, this bug is not
triggered, as the cache will be invalidated around this time.
However, if the service is quick enough, it might end up
in a situation where it's incorrectly reported that the
user doesn't exist.

Preferably, we would not be using nscd at all. But we need to
use it because glibc reads  nss modules from /etc/nsswitch.conf
by looking relative to the global LD_LIBRARY_PATH.  Because LD_LIBRARY_PATH
is not set globally (as that would lead to impurities and ABI issues),
glibc will fail to find any nss modules.
Instead, as a hack, we start up nscd with LD_LIBRARY_PATH set
for only that service. Glibc will forward all nss syscalls to
nscd, which will then respect the LD_LIBRARY_PATH and only
read from locations specified in the NixOS config.
we can load nss modules in a pure fashion.

However, I think by accident, we just copied over the default
settings of nscd, which actually caches user and group lookups.
We already disable this when sssd is enabled, as this interferes
with the correct working of libnss_sss.so as it already
does its own caching of LDAP requests.
(See https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/deployment_guide/usingnscd-sssd)

Because nscd caching is now also interferring with libnss_systemd.so
and probably also with other nsss modules, lets just pre-emptively
disable caching for now for all options related to users and groups,
but keep it for caching hosts ans services lookups.

Note that we can not just put in /etc/nscd.conf:
enable-cache passwd no

As this will actually cause glibc to _not_ forward the call to nscd
at all, and thus never reach the nss modules. Instead we set
the negative and positive cache ttls  to 0 seconds as a workaround.
This way, Glibc will always forward requests to nscd, but results
will never be cached.

Fixes #50273
2018-12-12 15:35:40 +01:00
Kai Wohlfahrt
f5b4918de4 kerberos_server: ensure only one realm configured
Leave options for multiple realms for similarity to krb5, and future
expansion. Currently not tested because I can't make it work and don't need
it.
2018-12-11 13:33:10 +00:00
Kai Wohlfahrt
4e4a599e7e kerberos_server: Keep ACL file in store
Could also move kdc.conf, but this makes it inconvenient to use command line
utilities with heimdal, as it would require specifying --config-file with every
command.
2018-12-11 13:33:10 +00:00
Kai Wohlfahrt
6cca9c0f9f kerberos-server: add kerberos option
Allow switching out kerberos server implementation.

Sharing config is probably sensible, but implementation is different enough to
be worth splitting into two files. Not sure this is the correct way to split an
implementation, but it works for now.

Uses the switch from config.krb5 to select implementation.
2018-12-11 13:33:10 +00:00
Kai Wohlfahrt
fe8f2b8813 kerberos-server: switch to ExecStart
script causes problems for forking services like MIT Kerberos.
2018-12-11 13:33:10 +00:00
Kai Wohlfahrt
4f9af77287 kerberos-server: cleanup of kerberos.nix
General cleanup before adding more options.
2018-12-11 13:33:10 +00:00
Kai Wohlfahrt
ee3bd730d4 kerberos-server: move kadmind to systemd
Don't use socket activation, as inetd is discouraged by heimdal documentation.
2018-12-11 13:33:10 +00:00
Kai Wohlfahrt
dfdd348206 kerberos-server: Fix sbin paths
tcpd doesn't have sbin anymore (so it was broken), and heimdal just symlinks to
bin.
2018-12-11 13:33:10 +00:00
Jappie Klooster
e576c3b385 doc: Fix insecure nginx docs (#51840) 2018-12-11 11:02:56 +00:00
markuskowa
9fba490258
Merge pull request #50862 from markuskowa/fix-slurm-module
nixos/slurm: set slurmd KillMode and add extraConfigPaths
2018-12-11 00:45:47 +01:00
Samuel Dionne-Riel
abcb25bd8d aerospike: Disables build on aarch64
The issue with its inclusion in the manual has been side-stepped by
matching on the platforms in supports.
2018-12-10 14:55:19 -05:00
Tor Hedin Brønner
3c0e70402f nixos/displayManager: Note that sessionCommands aren't run on Wayland 2018-12-10 10:36:25 +01:00
Tor Hedin Brønner
cdd266c73b nixos/gnome3: Implement sessionPath through environment.extraInit
This will simply make the `sessionPath` more likely to work.
2018-12-10 10:36:25 +01:00
Tor Hedin Brønner
48a9a24910 nixos/sddm: Enable wayland-sessions
LightDM is unable to separate between `wayland-sessions/gnome.desktop` and
`xsessions/gnome.desktop` so I ommitted adding this to LightDM.
2018-12-10 10:36:24 +01:00
Florian Jacob
959ba6f055 nixos/matomo: rename matomo_setup_update to matomo-setup-update
to make it consistent with other NixOS systemd services and `matomo-archive-processing.service`.
Also, consistently spell Matomo with capital M.
2018-12-09 14:42:27 +01:00
Florian Jacob
ed6a60de1e nixos/matomo: add automatic archive processing 2018-12-09 14:42:27 +01:00
Tor Hedin Brønner
9895ce24b4 nixos/displayManager: Install wayland sessions from extraSessionFilePackages 2018-12-09 11:04:42 +01:00
markuskowa
9a7ce7d69a
Merge pull request #51728 from ck3d/fix-lirc-runtime-owner-ship
nixos lirc: fix owner-ship of runtime directory
2018-12-08 18:08:14 +01:00
Jörg Thalheim
da4e257fce
Merge pull request #51670 from Mic92/quassel-webserver
quassel-webserver: remove
2018-12-08 16:26:45 +00:00
Frederik Rietdijk
3e950d584c Merge staging-next into master 2018-12-08 16:29:21 +01:00
markuskowa
86d80a7b78
Merge pull request #51583 from WilliButz/grafana-update
grafana: 5.3.4 -> 5.4.0
2018-12-08 15:42:15 +01:00
Christian Kögler
4bb55815be nixos lirc: fix owner-ship of runtime directory 2018-12-08 14:37:02 +01:00
Frederik Rietdijk
e0950ae9ad Merge master into staging-next 2018-12-08 12:40:13 +01:00
Graham Christensen
ca3f089a83
Merge pull request #51314 from Izorkin/mariadb-my.cnf
mariadb: change location configuration file to /etc/my.cnf
2018-12-07 15:37:53 -05:00
Jörg Thalheim
40c8969b4c
quassel-webserver: remove
Package is broken and the original maintainer does not respond.
Unless someone wants to pick it up, I propose the removal.

fixes #51614
2018-12-07 16:46:36 +00:00
Frederik Rietdijk
5f554279ec Merge master into staging-next 2018-12-07 15:22:35 +01:00
Renaud
0eb2f4b5f5
Merge pull request #50809 from sorki/wireguard_containers_wont_modprobe
wireguard: don't modprobe if boot.isContainer is set
2018-12-07 11:06:28 +01:00
WilliButz
60eff0eecb
nixos/grafana: use new default for connMaxLifetime 2018-12-05 20:49:45 +01:00
Jean-Philippe Braun
691932bba6 cassandra: add option to configure logging
As cassandra start script hardcodes the location of logback
configuration to `CASSANDRA_CONF_DIR/logback.xml` there is no way to
pass an alternate file via `$JVM_OPTS` for example.

Also, without logback configuration DEBUG level is used which is not
necessary for standard usage.

With this commit a default logback configuration is set with log level
INFO.

Configuration borrowed from:
https://docs.datastax.com/en/cassandra/3.0/cassandra/configuration/configLoggingLevels.html
2018-12-05 15:17:37 +01:00
Pierre Bourdon
3873f43fc3 prometheus/exporters: fix regression in DynamicUser behavior
Instead of setting User/Group only when DynamicUser is disabled, the
previous version of the code set it only when it was enabled. This
caused services with DynamicUser enabled to actually run as nobody, and
services without DynamicUser enabled to run as root.

Regression from fbb7e0c82f.
2018-12-05 11:26:38 +01:00
Pierre Bourdon
199b4c4743 prometheus/exporters/tor: make CPython happy by defining $HOME 2018-12-05 11:26:38 +01:00
Austin Seipp
2a22554092 nixos/cockroachdb: simplify dataDir management, tweaks
This cleans up the CockroachDB expression, with a few suggestions from
@aszlig.

However, it brought up the note of using systemd's StateDirectory=
directive, which is a nice feature for managing long-term data files,
especially for UID/GID assigned services. However, it can only manage
directories under /var/lib (for global services), so it has to introduce
a special path to make use of it at all in the case someone wants a path
at a different root.

While the dataDir directive at the NixOS level is _occasionally_ useful,
I've gone ahead and removed it for now, as this expression is so new,
and it makes the expression cleaner, while other kinks can be worked out
and people can test drive it.

CockroachDB's dataDir directive, instead, has been replaced with
systemd's StateDirectory management to place the data under
/var/lib/cockroachdb for all uses.

There's an included RequiresMountsFor= clause like usual though, so if
people want dependencies for any kind of mounted device at boot
time/before database startup, it's easy to specify using their own
mount/filesystems clause.

This can also be reverted if necessary, but, we can see if anyone ever
actually wants that later on before doing it -- it's a backwards
compatible change, anyway.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-12-04 19:44:16 -06:00
Red Davies
4173b845ca mediawiki: 1.29.1 -> 1.31.1
1.29.1 is out of support and has security vulnerabilities. 1.31.1 is current LTS.
2018-12-03 21:04:08 +00:00
Bjørn Forsman
bb94d419fb nixos/jenkins-job-builder: add accessTokenFile option
The new option allows storing the secret access token outside the world
readable Nix store.
2018-12-03 17:07:29 +01:00
Bjørn Forsman
8ebfd5c45c nixos/jenkins-job-builder: stop reloadScript on error
Currently there are two calls to curl in the reloadScript, neither which
check for errors. If something is misconfigured (like wrong authToken),
the only trace that something wrong happened is this log message:

  Asking Jenkins to reload config
  <h1>Bad Message 400</h1><pre>reason: Illegal character VCHAR='<'</pre>

The service isn't marked as failed, so it's easy to miss.

Fix it by passing --fail to curl.

While at it:
* Add $curl_opts and $jenkins_url variables to keep the curl command
  lines DRY.
* Add --show-error to curl to show short error message explanation when
  things go wrong (like HTTP 401 error).
* Lower-case the $CRUMB variable as upper case is for exported environment
  variables.

The new behaviour, when having wrong accessToken:

  Asking Jenkins to reload config
  curl: (22) The requested URL returned error: 401

And the service is clearly marked as failed in `systemctl --failed`.
2018-12-03 17:07:29 +01:00
Frederik Rietdijk
a510aa2672 Merge master into staging-next 2018-12-03 12:18:43 +01:00
Piotr Bogdan
9ca3414e05 nixos/cockroachdb: supply defaultText for the package option 2018-12-02 20:50:57 -06:00
Austin Seipp
4594b18070 nixos/chrony: fix misplaced ConditionCapability= directive
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-12-02 20:32:47 -06:00
Izorkin
953be3e283 mariadb: change location configuration file to /etc/my.cnf 2018-12-02 22:15:02 +03:00
Silvan Mosberger
4afae70e2b
Merge pull request #48423 from charles-dyfis-net/bees
bees: init at 0.6.1; nixos/modules: services.bees init
2018-12-02 18:38:47 +01:00
markuskowa
506d4c7e44
Merge pull request #51329 from c0bw3b/cleanup/gnu-https
Favor HTTPS URLs - the GNU edition
2018-12-02 16:52:33 +01:00
c0bw3b
0498ccd076 Treewide: use HTTPS on GNU domains
HTTP -> HTTPS for :
- http://gnu.org/
- http://www.gnu.org/
- http://elpa.gnu.org/
- http://lists.gnu.org/
- http://gcc.gnu.org/
- http://ftp.gnu.org/ (except in fetchurl mirrors)
- http://bugs.gnu.org/
2018-12-02 15:51:59 +01:00
Bas van Dijk
7035598251
Merge pull request #51225 from LumiGuide/elk-6.5.1
elk: 6.3.2 -> 6.5.1
2018-12-02 14:44:47 +01:00
John Boehr
4226ddc034 nixos/cockroachdb: create new service
This also includes a full end-to-end CockroachDB clustering test to
ensure everything basically works. However, this test is not currently
enabled by default, though it can be run manually. See the included
comments in the test for more information.

Closes #51306. Closes #38665.

Co-authored-by: Austin Seipp <aseipp@pobox.com>
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-12-01 19:07:49 -06:00
Bas van Dijk
fbf0efc6a7 elk: 6.3.2 -> 6.5.1 2018-12-01 12:47:12 +01:00
Austin Seipp
ee14496ae2 nixos/dhcpcd: (try to) restart chrony in the exitHook
As the comment notes, restarts/exits of dhcpcd generally require
restarting the NTP service since, if name resolution fails for a pool of
servers, the service might break itself. To be on the safe side, try
restarting Chrony in these instances, too.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-11-30 18:50:33 -06:00
Austin Seipp
7b8d9700e1 nixos/chrony: don't emit initstepslew when servers is empty
Setting the server list to be empty is useful e.g. for hardware-only
or virtualized reference clocks that are passed through to the system
directly. In this case, initstepslew has no effect, so don't emit it.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-11-30 18:50:32 -06:00
Jan Tojnar
e02516db75
nixos/gnome3: enable remote desktop on wayland 2018-11-30 21:35:21 +01:00
Jan Tojnar
d359635ab4
gnome3.gnome-remote-desktop: init at 0.1.6 2018-11-30 21:35:21 +01:00
Tor Hedin Brønner
2c8565a3ce
nixos/gdm: use XDG_DATA_DIRS to find sessions
Gdm now searches for session files in XDG_DATA_DIRS so we no longer need the
sessions_dir.patch.
2018-11-30 21:34:47 +01:00
Robert Schütz
74e283403c
nixos/borgbackup: allow paths to be empty or relative (#51275)
This former necessary in order to exclusively use `--pattern` or `--patterns-from`.
Fixes #51267.
2018-11-30 17:37:50 +01:00
Florian Klink
aa490a543e
Merge pull request #48049 from Vskilet/roundcube-module
nixos/roundcube: add roundcube module
2018-11-30 13:29:00 +01:00
Charles Duffy
86db2f394c
nixos/modules: services.bees init 2018-11-29 20:27:45 -06:00
Maximilian Bosch
216a954540
nixos/nextcloud: add basic module documentation and warn about current upgrading issues
Part of #49783. NextCloud tracks in its `config.php` the application's
state which makes it hard for the module to modify configurations during
upgrades.

It will take time until the issue is properly fixed, therefore we
decided to warn about this in the manual.

This PR addresses two things:

* Adding a basic example for nextcloud. I figured it to be helpful to
  add some basic usage instructions when adding a new manual entry.
  Advanced documentation may follow later.

  For now this document actively links to the service options, so users
  are guided to the remaining options that can be helpful in certain
  cases.

* Add a warning about upgrades and manual changes in
  `/var/lib/nextcloud`. This will be fixed in the future, but it's
  definetely helpful to document the current issues in the manual (as
  proposed in https://github.com/NixOS/nixpkgs/issues/49783#issuecomment-439691127).
2018-11-29 11:59:54 +01:00
Florian Klink
3caeeabb14 gitlab: stop regenerating the authorized_keys file 2018-11-28 23:09:23 +01:00
Robin Gloster
1262a5ca97
roundcube: apply code review suggestions 2018-11-28 18:53:37 +01:00
Robin Gloster
9ace7f6409
roundcube: clean-up and add test 2018-11-28 18:52:10 +01:00
Victor SENE
2f8073bd92
roundcube: IPv6 by default 2018-11-28 18:52:10 +01:00
Victor SENE
b5120953c6
nixos/roundcube: add roundcube module and default configuration 2018-11-28 18:52:08 +01:00
Léo Gaspard
f161f02552
Merge branch 'pr-51043'
* pr-51043:
  nixos/urxvtd: remove socket activation
2018-11-29 00:50:01 +09:00
Brandon Black
dacbd5a61a nixos/ntp: use upstream default restrictions to avoid DDoS (#50762)
Fixes #50732
2018-11-28 10:15:25 +00:00
Domen Kožar
d04fedd715
postgresql: Enable systemd integration for 9.6+
This allows, finally, proper detection when postgresql is ready to
accept connections. Until now, it was possible that services depending
on postgresql would fail in a race condition trying to connect
to postgresql.
2018-11-27 19:16:21 +00:00
Jean-Philippe Braun
cdacdc0686 nixos/kubernetes: allow to disable clusterCidr
Fix option type and set --allocate-node-cidr to false if no clusterCidr
is defined.
2018-11-26 16:36:30 +01:00
fishyfriend
b34b39cab4 nixos/urxvtd: remove socket activation
This fixes #23193. urxvtd is not presently compatible with socket activation.
2018-11-25 15:25:19 -05:00
Silvan Mosberger
b5f4f228d6
Merge pull request #51012 from griff/rspamd-proxy-type
nixos/rspamd: Allow worker type to be proxy again
2018-11-25 21:07:42 +01:00
Renaud
6a5fff3741
Merge pull request #51001 from c0bw3b/cleanup/more-https
Treewide: use more HTTPS-enabled sources
2018-11-25 16:22:34 +01:00
Brian Olsen
0d753af661
nixos/rspamd: Allow worker type to be proxy again
When reworking the rspamd workers I disallowed `proxy` as a type and
instead used `rspamd_proxy` which is the correct name for that worker
type. That change breaks peoples existing config and so I have made this
commit which allows `proxy` as a worker type again but makes it behave
as `rspamd_proxy` and prints a warning if you use it.
2018-11-25 16:03:34 +01:00
Franz Pletz
c1d760f0bf
Merge pull request #50469 from mguentner/mxisd
mxisd: init at 1.2.0 plus service with test
2018-11-25 13:26:05 +00:00
Maximilian Güntner
efae5d43ef
modules: add mxisd with test 2018-11-25 14:24:10 +01:00
Craig Younkins
eff461c8ef treewide: systemd timeout arguments to use infinity instead of 0 (#50934)
Fixes https://github.com/NixOS/nixpkgs/issues/49700
2018-11-25 13:33:22 +01:00
c0bw3b
5e4ceba7bf nixos/mediawiki: fetch over https 2018-11-24 23:18:26 +01:00
c0bw3b
c615b0504b nixos/flashpolicyd: fix url and use https 2018-11-24 23:13:09 +01:00
c0bw3b
434eab9955 nixos/systemhealth: fix url and use https 2018-11-24 23:07:30 +01:00
Joachim F
e426613174
Merge pull request #50950 from jonasnick/nixos-tor-hiddenservice-version
nixos/tor: add HiddenServiceVersion option
2018-11-24 12:41:37 +00:00
Michael Raskin
5e159d463b
Merge pull request #49228 from Ekleog/rss2email-module
rss2email module: init
2018-11-23 22:30:29 +00:00
Jonas Nick
5640aa2814 nixos/tor: add HiddenServiceVersion option 2018-11-23 20:53:02 +00:00
Andreas Rammhold
51c3082119 nixos/prometheus: require one alertmanager configuration parameter
This commit adds an assertion that checks that either `configFile` or
`configuration` is configured for alertmanager. The alertmanager config
can not be an empty attributeset. The check executed with `amtool` fails
before the service even has the chance to start. We should probably not
allow a broken alertmanager configuration anyway.

This also introduces a test for alertmanager configuration that piggy
backs on the existing prometheus tests.
2018-11-23 19:45:17 +01:00
Andreas Rammhold
b1032db5a9 nixos/prometheus: check alertmanager configuration 2018-11-23 19:45:17 +01:00
Andreas Rammhold
d1ef00ebee nixos/prometheus: add package option to alertmanager 2018-11-23 19:45:17 +01:00
Jörg Thalheim
d3aeed389c
Merge pull request #50641 from blaxill/firewallMerge
nixos/firewall: Always use global firewall.allowed rules
2018-11-23 11:42:16 +00:00
Ben Blaxill
308ab4ea25 Rename back to default and better release notes 2018-11-22 19:24:23 -05:00
Markus Kowalewski
25af518845
nixos/slurm: add extraConfigPaths options 2018-11-22 11:43:05 +01:00
Jörg Thalheim
769735d8a1
netdata: create missing /etc/netdata
Since netdata 1.11.0 updated in https://github.com/NixOS/nixpkgs/pull/50459
it needs to have a /etc/netdata directory, which we did not create by default.
fixes #50893
2018-11-21 23:00:04 +00:00
Matthew Bauer
75999d4e38
Merge pull request #41887 from gmarmstrong/fix/seahorse-update
nixos/seahorse: require gnome3.dconf
2018-11-21 15:15:32 -06:00
Ben Blaxill
32779b4c74 Refactor out the set operations 2018-11-20 21:29:33 -05:00
Markus Kowalewski
ae93ed0f0d
nixos/slurm: set slurmd KillMode to process
The default of systemd is to kill the
the whole cgroup of a service. For slurmd
this means that all running jobs get killed
as well whenever the configuration is updated (and activated).

To avoid this behaviour we set "KillMode=process"
to kill only slurmd on reload. This is how
slurm configures the systemd service.

See:
https://bugs.schedmd.com/show_bug.cgi?id=2095#c24
508f866ea1
2018-11-20 22:26:42 +01:00
Samuel Dionne-Riel
a041dc8ab7
Merge pull request #50499 from delroth/syncthing-relay
syncthing-relay module: init
2018-11-20 01:40:23 +00:00
Richard Marko
3ffda36356 wireguard: don't modprobe if boot.isContainer is set 2018-11-20 01:17:04 +01:00
Linus Heckemann
388d36951c
Merge pull request #49735 from pvgoran/mysql-support-mysql57
nixos/mysql: support package=mysql57
2018-11-19 20:49:08 +01:00
Ben Blaxill
551d2f7ed2 nixos/firewall: Always use global firewall.allowed rules
Apply global firewall.allowed* rules separately from the
interface specific rules.
2018-11-18 22:50:01 -05:00
Pierre Bourdon
08f24cadaa syncthing-relay module: init 2018-11-19 01:09:54 +01:00
Renaud
7f84561cc3
Merge pull request #49631 from janikrabe/master
oidentd: 2.2.2 -> 2.3.1
2018-11-19 00:31:02 +01:00
Benno Fünfstück
773e8d07bc nixos/accountsservice: set XDG_DATA_DIRS correctly 2018-11-18 17:16:24 +01:00
Pavel Goran
21e9c35f5f nixos/mysql: support package=mysql57 2018-11-18 12:25:36 +07:00
Jörg Thalheim
31d2593ced
netdata: fix python plugins
fixes #33366
2018-11-17 15:38:15 +00:00
Jörg Thalheim
dfd77bc26f
Merge pull request #50459 from marsam/feature/netdata-darwin
netdata: 1.10.0 -> 1.11.0
2018-11-17 15:01:06 +00:00
Samuel Dionne-Riel
07eaaf6c8b
Merge pull request #49838 from dasJ/mysql-datadir
nixos/mysql: Explicitly set datadir in my.cnf
2018-11-16 19:21:01 +00:00
Jörg Thalheim
348b7b8be9 nixos/netdata: own plugins must the looked up first
Otherwise netdata will not find python modules.
To make sure netdata still pick up our setuid version of apps.plugin
we rename the original executable.
2018-11-16 11:24:27 -05:00
Eelco Dolstra
5835b2796e
Merge pull request #50440 from Mic92/nix-cores
nixos/nix-daemon: default to build with all cores available
2018-11-16 09:13:44 +01:00
Jörg Thalheim
ced57f7888
nixos/nix-daemon: default to build with all cores available
These days build systems are more robust w.r.t. to concurrency.
Most users will have at least two cores in their machines.
Therefore I suggest to increase the number of cores used for building.

fixes #50376
2018-11-16 02:05:30 +00:00
Ryan Mulligan
23dfa4e073 nixos/mysql: fix ensureUsers example formatting
closes #50441
2018-11-15 17:46:09 -08:00
Rafael García Gallego
8bf4fe85f1 selfoss (service): fix port in service config (#50411) 2018-11-15 19:22:20 +00:00
Léo Gaspard
0483ce0eee
rss2email module: init
Also adding `system-sendmail` package for sharing the code with other
modules or packages needing it.
2018-11-15 23:44:16 +09:00
Linus Heckemann
f73afe6ccf
Merge pull request #50356 from mayflower/gitlab-smtp-fix
gitlab: fix smtp setting
2018-11-15 12:13:18 +01:00
Vladimír Čunát
e229065842
Merge #50280: xorg: init xf86-video-vboxvideo ...
Based on reports X wouldn't start out of the box and seems OK now.
In case there are still some problems, we can improve later.
I checked that nixos.tests.virtualbox.* still succeed.
2018-11-14 20:34:48 +01:00
Robin Gloster
74df0823f3
gitlab: fix smtp setting
fixes #50163
2018-11-14 18:58:45 +01:00
Daniel Peebles
9b7c57cdc8
Merge pull request #50348 from DzmitrySudnik/exhibitor-service-fix
exhibitor: fix paths for zookeeper shell scripts
2018-11-14 09:32:14 -05:00
Dzmitry Sudnik
5517661935 exhibitor: fix paths for zookeeper shell scripts to point to local folders 2018-11-14 09:30:01 -05:00
Linus Heckemann
231e671758
Merge pull request #49736 from nh2/glusterfs-service-simple-unit-no-forking
glusterfs service: Switch to simple unit instead of forking
2018-11-14 12:35:57 +01:00
Samuel Dionne-Riel
58c0c2574c
Merge pull request #49840 from markuskowa/fix-pgBackup
nixos/postgresqlBackup: set to umask to 0077
2018-11-14 01:40:38 +00:00
Tobias Happ
4839403dd6 nixos/{lightdm,sddm,xpra}: remove enabling of logToFile 2018-11-13 21:52:37 +01:00
Jörg Thalheim
e3ac65f4c1
Merge pull request #50186 from dingxiangfei2009/cloud-init-btrfs
Allow cloud-init to support creating btrfs partitions
2018-11-13 14:17:30 +00:00
Jörg Thalheim
a5c74762cb
nixos/cloud-init: add enable suffix to ext4/btrfs
Makes the optional more self-describing and allows future extensions
2018-11-13 10:28:40 +00:00
Robert Hensing
9871fe3564
Merge pull request #47346 from NixOS/roberth-patch-1
rabbitmq module: Update documentation
2018-11-13 10:03:38 +01:00
Ding Xiang Fei
a965921af9 allow cloud-init to support creating btrfs partitions 2018-11-13 13:14:34 +08:00
Vladimír Čunát
9108b24253
xorg: init xf86-video-vboxvideo at 1.0.0
... and switch to it by default in virtualbox guests
2018-11-12 20:29:14 +01:00
Edward Tjörnhammar
888d01da48
nixos/minetest fix: add missing uid/gid for minetest 2018-11-11 12:47:09 +01:00
Silvan Mosberger
e888a997d0
Merge pull request #49743 from nh2/glusterfs-4.0.0
glusterfs: 3.12.12 -> 4.0.0
2018-11-11 01:42:48 +01:00
Jörg Thalheim
1d261945c7
Merge pull request #50113 from ryantm/monit
nixos/monit: change type of 'config' option to lines
2018-11-10 14:47:38 +00:00
Jörg Thalheim
4ec41a9a9e
Merge pull request #50115 from Ekleog/nextcloud-pgsql-unix
nextcloud module: document process for using with pgsql unix auth
2018-11-10 14:37:18 +00:00
Silvan Mosberger
9c984b06c4
Merge pull request #38514 from disassembler/grafana-reporter
grafana-reporter: init at 2.0.1
2018-11-10 15:15:21 +01:00
Silvan Mosberger
e468a1091b
Merge pull request #48687 from danielrutz/port-type
Add port type
2018-11-10 15:12:07 +01:00
Léo Gaspard
221e0fae38
nextcloud module: document process for using with pgsql unix auth 2018-11-10 12:30:54 +09:00
Silvan Mosberger
38b2520b96
Merge pull request #37365 from proteansec/pkgs/bacula
bacula: 5.2.13 -> 9.2.1
2018-11-10 04:23:28 +01:00
volth
5ea22a5b00 nixos/nix: ignore nix.checkConfig when cross-compiling (#48225)
* nixos/nix: ignore nix.checkConfig when cross-compiling

the check always fails because of architecture mismatch

* typos
2018-11-09 19:18:06 -06:00
Ryan Mulligan
8d0b95dc09 nixos/monit: change type of 'config' option to lines
By using types.lines for 'config', we can specify monit configurations
in lots of modules and they can all be automatically combined together
with newlines. This is desireable because different modules might want
to each specify the small monitoring task specific to their service.

This commit also updates the module to use current idioms.
2018-11-09 16:07:42 -08:00
Franz Pletz
8ba51ef5ec
Merge pull request #49809 from griff/rspamd-workers
nixos/rspamd: Multiple workers, extraConfig priority & postfix integration
2018-11-09 02:55:02 +00:00
Brian Olsen
e01605be15
nixos/rspamd: Add options for postfix integration
The `rmilter` module has options for configuring `postfix` to use it but
since that module is deprecated because rspamd now has a builtin worker
that supports the milter protocol this commit adds similar `postfix`
integration options directly to the `rspamd` module.
2018-11-09 01:31:27 +01:00
Renaud
6399b103d8
Merge pull request #49814 from aanderse/gitea
nixos/gitea: fix mysql issue, add mysql socket auth, and add a nixos test
2018-11-08 23:45:46 +01:00
Aaron Andersen
3ed52c7804 nixos/gitea: add mysql socket authentication as an option 2018-11-08 17:30:58 -05:00
Aaron Andersen
0bbb6f4f2a nixos/gitea: fix systemd after target when mysql is the database of choice 2018-11-08 17:30:36 -05:00
Sander van der Burg
530b4bcadd nixos/alerta: create new module + add kapacitor integration 2018-11-08 22:34:23 +01:00
Janik Rabe
49e97f8f88 oidentd: 2.2.2 -> 2.3.1
* Added license: GPLv2.
* Updated homepage and description.
* CFLAGS are no longer necessary as of version 2.2.0.
* Option '-a ::' is no longer necessary as of version 2.2.0.
2018-11-07 14:51:45 +02:00
Markus Kowalewski
a0371d4761
nixos/postgresqlBackup: set to umask to 0077
* Ensure that the backup file is only readable by the owner
* Add file permission test to tests
2018-11-06 21:59:29 +01:00
sveitser
13892da3e7 nixos/jupyter: wait for network.target 2018-11-06 20:40:20 +01:00
Franz Pletz
159a5f31bc
Merge pull request #49792 from griff/rspamd-multifile-enable
nixos/rspamd: Fix enable for locals and overrides
2018-11-06 18:25:47 +00:00
Janne Heß
c7f5457aa6 nixos/mysql: Explicitly set datadir in my.cnf
While this seems silly at first (it's already given as start parameter
to mysqld), it seems like xtrabackup needs that sometimes.
Without it, a Galera cluster cannot be run using the xtrabackup
replication method.
2018-11-06 18:38:28 +01:00
Peter Simons
a7afcff928 nixos: packagekit can no longer use "nix" default back-end
The code in question does not support Nix 2.0 yet.

Closes https://github.com/NixOS/nixpkgs/issues/49793.
2018-11-06 12:13:14 +01:00
Sarah Brofeldt
81de3e39b0
Merge pull request #49516 from johanot/kubedns-to-coredns
nixos/kubernetes: KubeDNS -> CoreDNS
2018-11-06 10:30:49 +01:00
Brian Olsen
fba69f388b
nixos/rspamd: Put extraConfig in included files
The lines stored in `extraConfig` and `worker.<name?>.extraConfig`
should take precedent over values from included files but in order to do
this in rspamd UCL they need to be stored in a file that then gets
included with a high priority. This commit uses the overrides option to
store the value of the two `extraConfig` options in `extra-config.inc`
and `worker-<name?>.inc` respectively.
2018-11-06 00:34:23 +01:00
Brian Olsen
46ef075e7d
nixos/rspamd: Add defaults for rspamd_proxy worker 2018-11-06 00:32:14 +01:00
Brian Olsen
3a4459a305
nixos/rspamd: Support multiple workers
When the workers option for rspamd was originally implemented it was
based on a flawed understanding of how workers are configured in rspamd.
This meant that while rspamd supports configuring multiple workers of
the same type, so that different controller workers could have different
passwords, the NixOS module did not support this because it would write
an invalid configuration file if you tried.

Specifically a configuration like the one below:

```
workers.controller = {};
workers.controller2 = {
  type = "controller";
};
```

Would result in a rspamd configuration of:

```
worker {
  type = "controller";
  count = 1;
  .include "$CONFDIR/worker-controller.inc"
}
worker "controller2" {
  type = "controller";
  count = 1;
}
```

While to get multiple controller workers it should instead be:

```
worker "controller" {
  type = "controller";
  count = 1;
  .include "$CONFDIR/worker-controller.inc"
}
worker "controller" {
  type = "controller";
  count = 1;
}
```
2018-11-06 00:26:55 +01:00
Brian Olsen
c853b34824
nixos/rspamd: Fix enable for locals and overrides
When implementing #49620 I included an enable option for both the
locals and overrides options but the code writing the files didn't
actually look at enable and so would write the file regardless of its
value. I also set the type to loaOf which should have been attrsOf
since the code was not written to handle the options being lists.

This fixes both of those issues.
2018-11-05 17:50:34 +01:00
Michael Raskin
6b8252d367
Merge pull request #44303 from pvgoran/tomcat-clean-basedir
nixos/tomcat: add purifyOnStart option
2018-11-04 17:50:38 +00:00
Andreas Rammhold
6795bdd58c nixos/prometheus: check configuration before starting service
With `promtool` we can check the validity of a configuration before
deploying it. This avoids situations where you would end up with a
broken monitoring system without noticing it - since the monitoring
broke down. :-)
2018-11-04 15:08:44 +01:00
Andreas Rammhold
0de150e0f2 nixos/prometheus: add package option
With a package option we can let the user decide what package to use for
prometheus without requiring an overlay.
2018-11-04 15:08:44 +01:00
Andreas Rammhold
c891dac82f
Merge pull request #49283 from aanderse/solr
solr: 4.10.3 -> 7.5.0, refactor service to reflect major changes in version bump
2018-11-04 13:24:15 +01:00
Niklas Hambüchen
c3cddfcef1 glusterfs: 3.12.2 -> 4.0.0 2018-11-04 11:18:15 +01:00
Niklas Hambüchen
92f40bab2b glusterfs service: Switch to simple unit instead of forking.
Gluster's pidfile handling is bug-ridden.

I have fixed https://bugzilla.redhat.com/show_bug.cgi?id=1509340
in an attempt to improve it but that is far from enough.

The gluster developers describe another pidfile issue as
"our brick-process management is a total nightmare", see
f1071f17e0/xlators/mgmt/glusterd/src/glusterd-utils.c (L5907-L5924)

I have observed multiple cases where glusterd doesn't start correctly
and systemd doesn't notice because of the erroneous pidfile handling.

To improve the situation, we don't let glusterd daemonize itself any more
and instead use `--no-daemon` and the `Simple` service type.
2018-11-04 11:09:30 +01:00
Robin Gloster
eadb998581
gitlab module: fix config handling 2018-11-04 00:26:01 +01:00
Joachim F
9c44eebbbd
Merge pull request #49620 from griff/rspamd-multifile
nixos/rspamd: Add support for included files
2018-11-03 19:06:02 +00:00
Robert Hensing
4aa30166d1 rabbitmq module: Update documentation after proofreading
Thanks @c0bw3b, @lsix!
2018-11-03 19:19:04 +01:00
Niklas Hambüchen
2cb7f5fb1e consul: 0.9.3 -> 1.3.0.
Removes the old UI build tooling; it is no longer necessary
because as of 1.2.0 it's bundled into the server binary.
It doesn't even need to have JS built, because it's bundled into
the release commit's source tree (see #48714).

The UI is enabled by default, so the NixOS service is
updated to directly use `ui = webUi;` now.

Fixes #48714.
Fixes #44192.
Fixes #41243.
Fixes #35602.

Signed-off-by: Niklas Hambüchen <mail@nh2.me>
2018-11-03 18:39:46 +01:00
Aaron Andersen
1b725def23 solr: 4.10.3 -> 7.5.0, refactor service to reflect major changes in version bump, NixOS test included 2018-11-03 13:14:13 -04:00
Robin Gloster
ec7cb84bf0
gitlab: refactor and fix test 2018-11-02 22:40:21 +01:00
Austin Seipp
2266f2014b nixos/postgresql: add myself as maintainer
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-11-02 13:52:33 -05:00
Austin Seipp
93aa285376 nixos: fix #48917 by setting SYSTEMD_TIMEDATED_NTP_SERVICES
Setting this variable in the environment of systemd-timedated allows
'timedatectl' to tell if an NTP service is running.

Closes #48917.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-11-02 09:10:15 -05:00
Joachim F
2dc0fc6516
Merge pull request #47526 from rnhmjoj/syncthing
nixos/syncthing: move configuration to condigDir
2018-11-02 12:02:51 +00:00
Brian Olsen
0810d631a4
nixos/rspamd: Add support for included files
By default rspamd will look for multiple files in /etc/rspamd/local.d
and /etc/rspamd/override.d to be included in subsections of the merged
final config for rspamd. Most of the config snippets in the official
rspamd documentation are made to these files and so it makes sense for
NixOS to support them and this is what this commit does.

As part of rspamd 1.8.1 support was added for having custom Lua
rules stored in $LOCAL_CONFDIR/rspamd.local.lua which means that it is
now possible for NixOS to support such rules and so this commit also
adds support for this to the rspamd module.
2018-11-02 01:46:57 +01:00
obadz
c8c1ed2c78 nixos/zerotier: binds to network-online.target to avoid the 1m30s timeout before kill on shutdown 2018-11-01 23:00:25 +00:00
Sander van der Burg
60298d1e08 nixos/kapacitor: new service 2018-11-01 21:53:45 +01:00
Dejan Lukan
02a3726a12 bacula: 5.2.13 -> 9.2.1 2018-11-01 21:28:16 +01:00
Peter Hoeg
db1a40a882 home-assistant: use SIGINT instead of SIGTERM to shut down (#49571)
hass will ignore the standard SIGTERM sent by systemd during stop/restart and we
then have to wait for the timeout after which systemd will forcefully kill the
process.

If instead if we send SIGINT, hass will shut down nicely.

There are many issues reported upstream about the inability to shut down/restart
and it is *supposed* to work with SIGTERM but doesn't.
2018-11-01 16:39:37 +01:00
Johan Thomsen
2617b6800d nixos/kubernetes: Replace KubeDNS with CoreDNS 2018-10-31 13:41:04 +01:00
Will Dietz
2603e3a5e9 gtk: don't hardcode glibc use
(cherry picked from commit 6e6f839093ad080c3a61810e9720165faf103e81)
2018-10-30 19:52:03 -05:00
xeji
6efd811062
Merge pull request #49348 from markuskowa/mod-slurm-upgrade
nixos/slurm: add slurmdbd, run daemons as user
2018-10-31 00:16:11 +01:00
Markus Kowalewski
b388beeca3
nixos/slurm: add maintainer to module and test 2018-10-30 19:50:52 +01:00
Markus Kowalewski
d2799d1835
nixos/slurm: node/partitionName option -> list
Make the node and partitionname options lists.
There can be more than paratition or set of nodes.

Add changes to release notes
2018-10-30 19:50:52 +01:00
Markus Kowalewski
f51f753416
nixos/slurm: fix obselete string type 2018-10-30 19:50:52 +01:00
Markus Kowalewski
79c9dbfb40
nixos/slurm: add slurmdbd to module
* New options "services.slurm.dbdserver.[enable,config]"
* Add slurmdbd to test slurm.nix
2018-10-30 19:50:52 +01:00
Markus Kowalewski
111d4eb090
nixos/slurm: run ctld as user and fix spool dir
* run as user 'slurm' per default instead of root
* add user/group slurm to ids.nix
* fix default location for the state dir of slurmctld:
  (/var/spool -> /var/spool/slurmctld)
* Update release notes with the above changes
2018-10-30 19:50:46 +01:00
Léo Gaspard
b9faae955c
redsocks module: add self as maintainer 2018-10-31 01:06:14 +09:00
Léo Gaspard
930bcbda83
dkimproxy-out module: add self as maintainer 2018-10-31 01:06:04 +09:00
Léo Gaspard
9b34f47b7c
clamsmtp module: add self as maintainer 2018-10-31 01:05:49 +09:00
Jörg Thalheim
6c7ec02503
Merge pull request #48499 from aneeshusa/restart-salt-on-config-changes
nixos/salt: restart on config changes
2018-10-30 15:40:56 +00:00
xeji
1d9481a127
Merge pull request #49395 from dtzWill/update/upower-0.99.9
upower: 0.99.7 -> 0.99.9, lock down service
2018-10-30 15:57:11 +01:00
Lancelot SIX
f68cf486d8
Merge pull request #48664 from alyssais/postgres11
postgresql_11: init at 11.0
2018-10-30 15:54:42 +01:00
Lassulus
334dd6f964 nixos/bitlbee: use purple-2 as purple_plugin_path (#49440) 2018-10-30 15:37:41 +01:00
Alyssa Ross
c6c7d55790
postgresql*: use underscores in version numbers 2018-10-30 14:32:21 +00:00
Will Dietz
d7e4c49ffc nixos/upower: lockdown service using upstream settings 2018-10-29 08:09:52 -05:00
Pavel Goran
a57bbf4e63 nixos/tomcat: add purifyOnStart option
With this option enabled, before creating file/directories/symlinks in baseDir
according to configuration, old occurences of them are removed.

This prevents remainders of an old configuration (libraries, webapps, you name
it) from persisting after activating a new configuration.
2018-10-29 18:26:22 +07:00
Jörg Thalheim
eb70af18f4
Merge pull request #48875 from Izorkin/nginx-prestart
nginx: add custom options
2018-10-28 23:13:20 +00:00