Commit Graph

413 Commits

Author SHA1 Message Date
Minijackson
3fce272478 nixos/shiori: harden service with systemd 2020-10-28 20:46:30 +01:00
davidak
4166a767de doc: improve 20.09 release notes 2020-10-27 21:11:22 +01:00
talyz
513599a6d7
nixos/keycloak: Init 2020-10-27 19:01:26 +01:00
Jörg Thalheim
b7a2a5f967
nixos/nextcloud: fix several php endpoints 2020-10-26 05:06:43 +01:00
ajs124
7ce8117238
Merge pull request #100604 from helsinki-systems/fix/icingaweb2
nixos/icingaweb2: Fix php packages
2020-10-15 19:18:53 +02:00
Janne Heß
e2da1219d4
nixos/icingaweb2: Fix php packages 2020-10-15 16:16:33 +02:00
Linus Heckemann
3e3f81aeac
Merge pull request #99658 from Ma27/nextcloud-copy-fix
nixos/nextcloud: fix nginx config to allow copy/move-operations again
2020-10-08 09:35:32 +02:00
Maximilian Bosch
9cbe30e129
nixos/nextcloud: --database-pass must not be empty for pgsql/mysql
This is a breaking change from `nextcloud20`. However, the affected test
is still passing with an unused database password and socket
authentication.
2020-10-06 20:22:48 +02:00
Maximilian Bosch
227ba90b28
nixos/nextcloud: update nginx config for nextcloud20
See #97666 for further context.
2020-10-06 20:22:47 +02:00
Maximilian Bosch
5f67a62d59
nixos/nextcloud: update upgrade-path for nextcloud20
Please note that this is only for 21.03 since `nextcloud19` is intended
to be the default for the already feature-frozen 20.09 (the bump itself
is supposed to get backported however).
2020-10-06 20:22:47 +02:00
Maximilian Bosch
609c4f497d
nixos/nextcloud: fix nginx config to allow copy/move-operations again 2020-10-05 22:25:30 +02:00
Maximilian Bosch
71098fba81
nextcloud20: init 2020-10-04 21:55:58 +02:00
Maximilian Bosch
08cc63b20b
Merge pull request #97666 from Ma27/nextcloud-nginx
nixos/nextcloud: fix `nginx`-config for Nextcloud 19 and older
2020-10-04 13:51:52 +02:00
Jonas Meurer
07988a0f88
nixos/moodle: add missing PHP module (#99163) 2020-10-03 11:41:56 +02:00
Maximilian Bosch
71426f2cfa
Merge pull request #98333 from Ma27/bump-nextcloud
nextcloud: 19.0.1 -> 19.0.3, deprecate/remove older versions
2020-09-27 20:02:38 +02:00
Maximilian Bosch
6b48deee54
nixos/nextcloud: drop nextcloud17, deprecate nextcloud18
Both packages will get EOLed within the lifetime of 20.09. `nextcloud17`
can be removed entirely (the attribute-path is kept however to provide
meaningful errors), however `nextcloud18` must be kept as `insecure` to
make sure that users from `nextcloud17` can properly upgrade to
`nextcloud19` on NixOS 20.09.
2020-09-27 19:21:21 +02:00
WilliButz
403c215bdd
nixos/codimd: add option environmentFile for injecting secrets
Secrets are injected from the environment into the rendered
configuration before each startup using envsubst.
The test now makes use of this feature for the db password.
2020-09-23 11:59:44 +02:00
Maximilian Bosch
8d8871c565
nixos/nextcloud: fix nginx-config for Nextcloud 19 and older
It seems as I misconfigured `nginx` for certain cases such as the
`ldap`-plugin[1] in 42f6244899. This patch
fixes the `nginx`-config to match the upstream recommendations[2].

Also added a comment to the module to remind myself to ensure that
`nginx` will work with both v19 and v20 as soon as the latter is
released and can be packaged in `nixpkgs`.

Co-authored-by: nivadis <nivadis@users.noreply.github.com>

[1] https://github.com/nextcloud/server/issues/16194#issuecomment-688839888
[2] https://docs.nextcloud.com/server/19/admin_manual/installation/nginx.html
2020-09-10 16:50:36 +02:00
Ryan Mulligan
531c08a1d9 nixos/jitsi-meet: add docs 2020-09-09 22:18:20 -07:00
Lassulus
e357d0ec8c
Merge pull request #95678 from helsinki-systems/upd/sogo
sogo: 4.3.2 -> 5.0.0
2020-08-26 00:04:36 +02:00
Frederik Rietdijk
fe7bab33d7
Merge pull request #95553 from zowoq/rename-maintainers
maintainers: prefix number with underscore
2020-08-18 11:30:24 +02:00
Silvan Mosberger
7db9fd1dbc
Merge pull request #81467 from dawidsowa/rss-bridge
rss-bridge: init at 2020-02-26
2020-08-18 05:00:41 +02:00
zowoq
0052523a18 maintainers: 1000101 -> _1000101 2020-08-18 07:59:48 +10:00
Martin Weinelt
a153452e54
Merge pull request #95508 from Ma27/nextcloud-nginx
nixos/nextcloud: update nginx config
2020-08-17 13:46:47 +02:00
ajs124
696357c376 sogo: remove SOGoZipPath
sogo links against libzip now
2020-08-17 12:15:16 +02:00
Maximilian Bosch
e8bdadb864
Merge pull request #95109 from Ma27/nextcloud-reverse-proxy
nixos/nextcloud: add documentation for alternative reverse-proxies
2020-08-16 18:09:45 +02:00
Maximilian Bosch
42f6244899
nixos/nextcloud: update nginx config
This patch ensures that latest Nextcloud works flawlessly again on our
`nginx`. The new config is mostly based on upstream recommendations
(again)[1]:

* Trying to access internals now results in a 404.
* All `.php`-routes get properly resolved now.
* Removed 404/403 handling from `nginx` as the app itself takes care of
  this. Also, this breaks the `/ocs`-API.
* `.woff2?`-files expire later than other assets like images.

Closes #95293

[1] https://docs.nextcloud.com/server/latest/admin_manual/installation/nginx.html
2020-08-15 17:12:11 +02:00
dawidsowa
9aaf34bdb8 nixos/rss-bridge: init 2020-08-13 19:51:30 +02:00
Florian Klink
962e15aebc nixos: remove StandardOutput=syslog, StandardError=syslog lines
Since systemd 243, docs were already steering users towards using
`journal`:

eedaf7f322

systemd 246 will go one step further, it shows warnings for these units
during bootup, and will [automatically convert these occurences to
`journal`](f3dc6af20f):

> [    6.955976] systemd[1]: /nix/store/hwyfgbwg804vmr92fxc1vkmqfq2k9s17-unit-display-manager.service/display-manager.service:27: Standard output type syslog is obsolete, automatically updating to journal. Please update│······················
 your unit file, and consider removing the setting altogether.

So there's no point of keeping `syslog` here, and it's probably a better
idea to just not set it, due to:

> This setting defaults to the value set with DefaultStandardOutput= in
> systemd-system.conf(5), which defaults to journal.
2020-08-13 18:49:15 +02:00
Maximilian Bosch
fddeb7cb73
Revert "nextcloud: use mkDefault for whole nginx config"
This breaks the Nextcloud vhost declaration when adding e.g. another
vhost as the `services.nginx.virtualHosts` option has `{ nextcloud =
...; }` as *default* value which will be replaced by another
`virtualHosts`-declaration with a higher (e.g. the default) priority.

The following cases are now supported & covered by the module:

* `nginx` is enabled with `nextcloud` enabled and other vhosts can be
  added / other options can be declared without having to care
  about the declaration's priority.

* Settings in the `nextcloud`-vhost in `nginx` have to be altered using
  `mkForce` as this is the only way how we officially support `nginx`
  for `nextcloud` and customizations have to be done explicitly using
  `mkForce`.

* `nginx` will be completely omitted if a user enables nextcloud
  and disables nginx using `services.nginx.enable = false;`. (because
  nginx will be enabled by this module using `mkDefault`).

This reverts commit 128dbb31cc.
Closes #95259
2020-08-12 18:28:45 +02:00
Maximilian Bosch
dd957c2cb7
nixos/nextcloud: add documentation for alternative reverse-proxies
Follow-up for #93584[1]. This change adds a simple example how to use
`Nextcloud` with `httpd`.

[1] https://github.com/NixOS/nixpkgs/pull/93584#discussion_r465233063
2020-08-10 22:09:01 +02:00
Jörg Thalheim
ba930d8679
nixos/modules: remove trailing whitespace
This leads to ci failure otherwise if the file gets changed.
git-blame can ignore whitespace changes.
2020-08-07 14:45:39 +01:00
aszlig
1365b9ac70
nixos/manual: Fix build
In fd9eb16b24, the option
"services.nextcloud.nginx.enable" has been removed since the module now
exclusively supports nginx only.

Unfortunately, with the option gone from the manual, the link in the
Nextcloud-specific documentation referencing the NixOS option also
became a dead link and thus the manual will no longer build.

I also removed a second reference to this option in the Nextcloud-
specific documentation, which while it doesn't lead to a build error in
the manual is nevertheless a good idea to remove as well to ensure we
don't present outdated information to readers of the manual.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @DavHau, @Ma27
2020-08-07 03:27:42 +02:00
Maximilian Bosch
50d8cdb3ca
Merge pull request #93584 from DavHau/nextcloud-improvements
nextcloud: restrict web server support to nginx; stop sharing nginx user/group; improve setup service
2020-08-06 19:00:21 +02:00
Aaron Andersen
4e3b009778
Merge pull request #94624 from dadada/dadada/dokuwiki-acl-path
nixos/dokuwiki: fix path to ACL
2020-08-05 07:28:12 -04:00
Marek Mahut
0bc37f7cb4
Merge pull request #94609 from 1000101/dokuwiki
nixos/dokuwiki: drop SSL forcing and document incompatibility
2020-08-05 11:54:42 +02:00
Marek Mahut
6cf131d54e
Merge pull request #94340 from 1000101/maintainer
nixos/modules: add myself as maintainer of several services
2020-08-05 11:54:29 +02:00
DavHau
128dbb31cc nextcloud: use mkDefault for whole nginx config 2020-08-05 11:50:26 +07:00
Ryan Mulligan
c4814c03b7 treewide: add Jitsi maintainers
* makes jitsi maintainer team
2020-08-04 13:07:36 -07:00
dadada
938bd67988
nixos/dokuwiki: fix path to ACL 2020-08-03 23:40:41 +02:00
Ryan Mulligan
4162c69b3c
Merge pull request #92468 from petabyteboy/jitsi-meet
nixos/jitsi-meet: init
2020-08-03 12:43:37 -07:00
1000101
850b3ea028 nixos/dokuwiki: drop SSL forcing 2020-08-03 16:10:05 +02:00
DavHau
ca916e8cb3 nextcloud: deprecate nginx, use chgrp, mkDefault for nginx, fix tests 2020-08-03 14:21:45 +07:00
Stijn DW
f7b6bfd113 nixos/dokuwiki: fix https redirect
Even if the webserver had https disabled, the user would still get redirected to an https url when attemting to login.
2020-08-02 16:08:40 +02:00
1000101
b5d21137f3 nixos/modules: add myself as maintainer of several services 2020-07-31 15:53:46 +02:00
DavHau
b90a70d53f
nextcloud: shorten nginx group reference
Co-authored-by: Aaron Andersen <aaron@fosslib.net>
2020-07-27 20:20:13 +07:00
DavHau
5823ed7841 nextcloud: fix group permissions on startup 2020-07-27 12:41:42 +07:00
DavHau
fd9eb16b24 nextcloud: restrict web server support to nginx only 2020-07-27 12:06:04 +07:00
DavHau
6ee3004132 nextcloud improve user/group handling
- remove optons cfg.user, cfg.groups
- add option `serverUser` which is required when not using nginx
- add `serverUser` to nextcloud group
- set user/group to "nextcloud" for nextcloud services
- make setup-service non-root
2020-07-26 15:54:23 +07:00
DavHau
07076e9fe0 nextcloud: configurable user and group, enabled nginx, improve setup 2020-07-21 08:23:45 +00:00
Finn Behrens
832d2289c3
moodle: update to 3.9.1
use phpEnv to provide xmlrpc
2020-07-16 23:48:08 +02:00
Milan Pässler
5ff05249cf nixos/jitsi-meet: allow more room names 2020-07-09 00:20:34 +02:00
Milan Pässler
dcc12e4df6 nixos/jitsi-meet: enableACME by default 2020-07-09 00:20:34 +02:00
Martin Milata
3f68a83c88 nixos/jitsi-meet: init 2020-07-09 00:00:04 +02:00
Jakob Klepp
e340e24d3a plantuml-server: init at 1.2020.14 2020-07-08 19:45:16 +02:00
Samuel Gräfenstein
5bb0b72720
nixos/*: wheter -> whether 2020-07-04 15:20:41 +02:00
Samuel Gräfenstein
850d7d1790
nixos/*: wether -> whether 2020-07-04 15:17:03 +02:00
Stig Palmquist
042a2d8baf
nixos/convos: init 2020-06-22 13:58:34 +02:00
edef
c27fc6a5e5
nixos/gerrit: allow configuring replication declaratively (#91200) 2020-06-21 08:54:14 +00:00
Maximilian Bosch
c9462630bd
Merge pull request #91149 from nlewo/nextcloud-expose-occ
nixos/nextcloud: add occ internal option
2020-06-20 19:28:25 +02:00
Maximilian Bosch
f326e5a35e
nixos/nextcloud: update upgrade-path for nextcloud19
Enhance the heuristics to make sure that a user doesn't accidentally
upgrade across two major versions of Nextcloud (e.g. from v17 to v19).

The original idea/discussion has been documented in the nixpkgs manual[1].

This includes the following changes:

* `nextcloud19` will be selected automatically when having a stateVersion
  greater or equal than 20.09. For existing setups, the package has to
  be selected manually to avoid accidental upgrades.

* When using `nextcloud18` or older, a warning will be thrown which recommends
  upgrading to `nextcloud19`.

* Added a brief paragraph about `nextcloud19` in the NixOS 19.09 release
  notes.

* Restart `phpfpm` if the Nextcloud-package (`cfg.package`) changes[2].

[1] https://nixos.org/nixos/manual/index.html#module-services-nextcloud-maintainer-info
[2] https://github.com/NixOS/nixpkgs/pull/89427#issuecomment-638885727
2020-06-20 11:30:11 +02:00
Antoine Eiche
7d994ad445 nixos/nextcloud: add occ internal option
This option exposes the prefconfigured nextcloud-occ
program. nextcloud-occ can then be used in other systemd services or
added in environment.systemPackages.

The nextcloud test shows how it can be add in
environment.systemPackages.
2020-06-20 09:59:27 +02:00
Maximilian Bosch
a2a5aa2634
nextcloud19: init at 19.0.0
https://nextcloud.com/blog/nextcloud-hub-brings-productivity-to-home-office/
2020-06-19 22:16:52 +02:00
Antoine Eiche
cb682317b0 nixos/nextcloud: preserve OC_PASS env variable in the occ wrapper
The OC_PASS environment variable can be used to create a user with
`occ user:add --password-from-env`. It is currently not possible to
use the `nextcloud-occ` to "non-interactively" create a user since
this variable is ignored by sudo.
2020-06-07 20:47:11 +02:00
Kim Lindberger
825e20ff46
Merge pull request #82753 from Kloenk/feature/engelsystem
engelsystem: init at 3.1.0
2020-05-24 16:31:23 +02:00
Finn Behrens
fc4d6f4215
nixos/engelsystem: init 2020-05-24 15:44:04 +02:00
Lassulus
d84d8e802e
Merge pull request #79175 from helsinki-systems/init/sogo
sogo: init at 4.3.2
2020-05-22 11:04:39 +02:00
Aaron Andersen
f82e267fb2
Merge pull request #87261 from symphorien/tt-rss
nixos/tt-rss: small improvements
2020-05-18 16:59:05 -04:00
ajs124
511b578c93 nixos/sogo: init module 2020-05-12 18:49:43 +02:00
Pavol Rusnak
6abf4a43ad
treewide: per RFC45, remove more unquoted URLs 2020-05-08 15:20:47 +02:00
Symphorien Gibol
8fc8eec0e7 nixos/tt-rss.service: set syslogidentifier 2020-05-08 12:00:00 +00:00
Symphorien Gibol
e96c52efdb tt-rss: restart on failure
as should be the default with all long-running services
2020-05-08 12:00:00 +00:00
Symphorien Gibol
c7db8c1927 tt-rss: make less insanely verbose.
Fixes #74427
2020-05-08 12:00:00 +00:00
Frederik Rietdijk
484ee79050 Merge staging-next into staging 2020-05-01 08:57:10 +02:00
Aaron Andersen
5445b8d8d0
Merge pull request #83436 from mmilata/mediawiki-default-extensions
nixos/mediawiki: allow using default extensions
2020-04-30 21:03:15 -04:00
zowoq
c59c4e3589 nixos/*: use $out instead of $bin with buildGoPackage 2020-04-28 20:30:29 +10:00
talyz
2ba7926959
php.buildEnv: Provide a list of currently enabled extensions
Rework withExtensions / buildEnv to handle currently enabled
extensions better and make them compatible with override. They now
accept a function with the named arguments enabled and all, where
enabled is a list of currently enabled extensions and all is the set
of all extensions. This gives us several nice properties:

 - You always get the right version of the list of currently enabled
   extensions

 - Invocations chain

 - It works well with overridden PHP packages - you always get the
   correct versions of extensions

As a contrived example of what's possible, you can add ImageMagick,
then override the version and disable fpm, then disable cgi, and
lastly remove the zip extension like this:

{ pkgs ? (import <nixpkgs>) {} }:
with pkgs;

let
  phpWithImagick = php74.withExtensions ({ all, enabled }: enabled ++ [ all.imagick ]);

  phpWithImagickWithoutFpm743 = phpWithImagick.override {
    version = "7.4.3";
    sha256 = "wVF7pJV4+y3MZMc6Ptx21PxQfEp6xjmYFYTMfTtMbRQ=";
    fpmSupport = false;
  };

  phpWithImagickWithoutFpmZip743 = phpWithImagickWithoutFpm743.withExtensions (
    { enabled, all }:
      lib.filter (e: e != all.zip) enabled);

  phpWithImagickWithoutFpmZipCgi743 = phpWithImagickWithoutFpmZip743.override {
    cgiSupport = false;
  };
in
  phpWithImagickWithoutFpmZipCgi743
2020-04-26 16:43:05 +02:00
dadada
2d86cca35e
nixos/dokuwiki: change default of aclFile and usersFile
`aclFile` and `usersFile` will be set to a default value if `aclUse` is
specified and aclFile is not overriden by `acl`.
2020-04-18 23:37:19 +02:00
dadada
9460fb5788
nixos/dokuwiki: modify usersFile and aclFile
Use types.str instead of types.path to exclude private information from
the derivation.
Add a warinig about the contents of acl beeing included in the nix
store.
2020-04-18 23:37:19 +02:00
dadada
2b67a89f29
nixos/dokuwiki: dokuwiki user 2020-04-18 23:37:19 +02:00
dadada
2e699f1db1
nixos/dokuwiki: add option disableActions 2020-04-18 23:37:18 +02:00
dadada
a58dc30d34
nixos/dokuwiki: set default value for usersFile
If usersFile is not set, a file is created along the stateDir that can
hold the users and supports dynamically adding users using the web GUI.
2020-04-18 23:37:18 +02:00
dadada
0228046eec
nixos/dokuwiki: add assertion for usersFile 2020-04-18 23:37:18 +02:00
dadada
af6a7a0486
nixos/dokuwiki: add plugins and templates options
Adds support for additional plugins and templates similarly to how
wordpress.nix does it.

Plugins and templates need to be packaged as in the example.
2020-04-18 23:37:18 +02:00
dadada
71baf4801c
nixos/dokuwiki: refactor 2020-04-18 23:37:18 +02:00
dadada
dc7ed06615
nixos/dokuwiki: add <name?> option
Enables multi-site configurations.

This break compatibility with prior configurations that expect options
for a single dokuwiki instance in `services.dokuwiki`.
2020-04-18 23:37:18 +02:00
Pavol Rusnak
fadcfc3ea4
treewide: per RFC45, remove more unquoted URLs 2020-04-18 14:04:37 +02:00
worldofpeace
15d5a2adc1
Merge pull request #84849 from samueldr/fix/nextcloud-upgrade-wording
nextcloud: Review installation upgrade warning wording
2020-04-10 22:55:20 -04:00
Michael Reilly
84cf00f980
treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
Samuel Dionne-Riel
a1efbdb600 nextcloud: Review installation upgrade warning wording
The new wording does not assume the user is upgrading.

This is because a user could be setting up a new installation on 20.03
on a server that has a 19.09 or before stateVersion!!

The new wording ensures that confusion is reduced by stating that they
do not have to care about the assumed 16→17 transition.

Then, the wording explains that they should, and how to upgrade to
version 18.

It also reviews the confusing wording about "multiple" upgrades.

* * *

The only thing we cannot really do is stop a fresh install of 17 if
there was no previous install, as it cannot be detected. That makes a
useless upgrade forced for new users with old state versions.

It is also important to state that they must set their package to
Nextcloud 18, as future upgrades to Nextcloud will not allow an uprade
from 17!

I assume future warning messages will exist specifically stating what to
do to go from 18 to 19, then 19 to 20, etc...
2020-04-09 16:52:25 -04:00
Jörg Thalheim
cf3328e7e3
treewide: use runtimeShell in nixos/
This is needed for cross-compilation.
2020-04-07 07:26:47 +01:00
Elis Hirwing
3b6539896b
Merge pull request #83896 from etu/slim-down-default-php-v3
PHP: Make the default package more sane [v3]
2020-04-05 20:00:03 +02:00
talyz
5ace72cd6c
nixos/nextcloud: Use php.enabledExtensions 2020-04-05 16:46:44 +02:00
talyz
4ff523f691
php: Simplify php-packages import, rename exts -> extensions 2020-04-05 16:45:41 +02:00
Elis Hirwing
a2099156ec
php: split php.packages to php.packages and php.extensions
So now we have only packages for human interaction in php.packages and
only extensions in php.extensions. With this php.packages.exts have
been merged into the same attribute set as all the other extensions to
make it flat and nice.

The nextcloud module have been updated to reflect this change as well
as the documentation.
2020-04-05 16:45:17 +02:00
Elis Hirwing
fc1034a1fa
nixos/nextcloud: upgrade to php74 2020-04-05 16:44:48 +02:00
talyz
ed20aae86c
nixos/nextcloud: Get nextcloud working 2020-04-05 16:44:42 +02:00
Silvan Mosberger
eb0148e90b
Merge pull request #84074 from Infinisil/fix-literal-option-examples
nixos/treewide: Fix incorrectly rendered examples
2020-04-03 15:41:53 +02:00
Martin Milata
f35d65850e nixos/moinmoin: fix maintainer reference 2020-04-02 13:49:28 +02:00
Silvan Mosberger
1d0fc9729d
nixos/treewide: Fix incorrectly rendered examples
Many options define their example to be a Nix value without using
literalExample. This sometimes gets rendered incorrectly in the manual,
causing confusion like in https://github.com/NixOS/nixpkgs/issues/25516

This fixes it by using literalExample for such options. The list of
option to fix was determined with this expression:

  let
    nixos = import ./nixos { configuration = {}; };
    lib = import ./lib;
    valid = d: {
      # escapeNixIdentifier from https://github.com/NixOS/nixpkgs/pull/82461
      set = lib.all (n: lib.strings.escapeNixIdentifier n == n) (lib.attrNames d) && lib.all (v: valid v) (lib.attrValues d);
      list = lib.all (v: valid v) d;
    }.${builtins.typeOf d} or true;

    optionList = lib.optionAttrSetToDocList nixos.options;

  in map (opt: {
    file = lib.elemAt opt.declarations 0;
    loc = lib.options.showOption opt.loc;
  }) (lib.filter (opt: if opt ? example then ! valid opt.example else false) optionList)

which when evaluated will output all options that use a Nix identifier
that would need escaping as an attribute name.
2020-04-02 07:49:25 +02:00