Michael Weiss
15010f0436
sway: Read the configuration from /etc before /nix/store ( #60319 )
...
This change will load all configuration files from /etc, to make it easy
to override them, but fallback to /nix/store/.../etc/sway/config to make
Sway work out-of-the-box with the default configuration on non NixOS
systems.
2019-04-27 22:38:18 +02:00
Michael Weiss
753e1e0bab
nixos/sks: Fix the module (the pre-start script was broken)
...
Unfortunately the changes in ab5dcc7068
introduced a typo (took me a while to spot that...) that broke the
whole module (or at least the sks-db systemd unit).
The systemd unit was failing with the following error message:
...-unit-script-sks-db-pre-start[xxx]: KDB/DB_CONFIG exists but is not a symlink.
2019-04-27 19:19:27 +02:00
Sarah Brofeldt
22348f951c
Merge pull request #60197 from etu/patch-gitea-generated-config
...
nixos/gitea: Don't include not needed database options depending on type
2019-04-27 19:16:33 +02:00
Benjamin Hipple
d084937fe7
nixos.grafana: fix docstring typo
2019-04-27 13:09:48 -04:00
Alberto Berti
47f62b4821
grafana_reporter: Fix library function name
2019-04-27 19:09:06 +02:00
Florian Klink
033882e0b7
Merge pull request #60019 from aanderse/nzbget
...
nzbget: fix broken service, as well as some improvements
2019-04-27 18:26:50 +02:00
Aaron Andersen
8d64ec7a17
Merge pull request #59424 from florianjacob/journalwatch
...
journalwatch: fix broken package, general maintenance
2019-04-27 10:58:45 -04:00
Lassulus
9cda3faecd
Merge pull request #53444 from wedens/earlyoom-notifications
...
nixos/earlyoom: add notificationsCommand option
2019-04-27 21:34:37 +09:00
aszlig
7ba9b0a41b
nixos: Fix build of manual
...
The build error has been introduced by 56dcc319cf
.
Using a <simplesect/> within a <para/> is not allowed and subsequently
fails to validate while building the manual.
So instead, I moved the <simplesect/> further down and outside of the
<para/> to fix this.
Signed-off-by: aszlig <aszlig@nix.build>
Cc: @aaronjanse, @Lassulus, @danbst
2019-04-27 12:39:37 +02:00
Matthieu Coudron
03fb00d565
Merge pull request #60223 from Ma27/write-i3cfg-to-etc
...
nixos/window-managers/i3: write config file to `/etc/i3/config`
2019-04-27 18:46:57 +09:00
Lassulus
f099d3d8b6
Merge pull request #57561 from aaronjanse/patch-5
...
nixos/manual: document auto-login
2019-04-27 16:07:06 +09:00
Lassulus
21fe4fd176
Merge pull request #58181 from fgaz/nixos/zeronet/fix1
...
nixos/zeronet: add fileserverPort option
2019-04-27 15:45:30 +09:00
Frederik Rietdijk
883232c00d
Merge master into staging-next
2019-04-27 07:01:38 +02:00
Maximilian Bosch
a1ffabe4de
nixos/window-managers/i3: write config file to /etc/i3/config
...
The default config of i3 provides a key binding to reload, so changes
take effect immediately:
```
bindsym $mod+Shift+c reload
```
Unfortunately the current module uses the store path of the `configFile`
option. So when I change the config in NixOS, a store path will be
created, but the current i3 process will continue to use the old one,
hence a restart of i3 is required currently.
This change links the config to `/etc/i3/config` and alters the X
startup script accordingly so after each rebuild, the config can be
reloaded.
2019-04-26 21:12:52 +02:00
Peter Hoeg
eb6ce1c8a9
Merge pull request #60146 from peterhoeg/f/packagekit
...
nixos/packagekit: make it not error out + test
2019-04-26 14:19:46 +08:00
Aaron Andersen
5b76046db3
nixos/nzbget: fix broken service, add a nixos test, as well as some general improvements
2019-04-25 20:28:39 -04:00
Linus Heckemann
4d667685c2
nixos/kexec: don't clobber existing kexec-loaded kernel
2019-04-26 00:35:10 +02:00
Linus Heckemann
d4cd164082
nixos/tinc: remove ordering dependency on network.target
...
This allows configuring IP addresses on a tinc interface using
networking.interfaces."tinc.${n}".ipv[46].addresses.
Previously, this would fail with timeouts, because of the dependency
chain
tinc.${netname}.service
--after--> network.target
--after--> network-addresses-tinc.${n}.service (and network-link-…)
--after--> sys-subsystem-net-devices-tinc.${n}.device
But the network interface doesn't exist until tinc creates it! So
systemd waits in vain for the interface to appear, and by then the
network-addresses-* and network-link-* units have failed. This leads
to the network link not being brought up and the network addresses not
being assigned, which in turn stops tinc from actually working.
2019-04-25 22:54:11 +02:00
volth
c01ea27ce3
nixos-generate-config: do not build btrfs-tools when btrfs is not used
...
cross-compilation of `btrfs-tools` is broken, and this usually needless dependency of each system closure on `btrfs-tools` prevents cross-compilation of whole system closures
2019-04-25 12:08:20 +00:00
Elis Hirwing
71450b1c1a
nixos/gitea: Don't include not needed database options depending on type
...
This was discovered in https://github.com/NixOS/nixpkgs/pull/60014
2019-04-25 08:30:14 +02:00
Florian Jacob
e916cdf02d
nixos/journalwatch: permissionsStartOnly is deprecated
...
See #53852 for details,
related to the efforts in #56265
2019-04-24 21:26:29 +02:00
Graham Christensen
857069293d
Merge pull request #56565 from andrew-d/adunham/plex-fhs
...
plex: rewrite to use FHS userenv
2019-04-24 15:00:30 -04:00
Robin Gloster
b2c1ed6355
Merge pull request #53043 from exi/wg-quick
...
nixos/modules/networking/wg-quick Add wg-quick options support
2019-04-24 17:16:32 +00:00
Frederik Rietdijk
0a7bcb3b03
Merge staging into staging-next
2019-04-24 18:38:11 +02:00
Peter Hoeg
ab15949f81
nixos/packagekit: add test
2019-04-24 22:31:36 +08:00
Peter Hoeg
1bc408ec3a
nixos/packagekit: make it not error out and use upstream systemd unit
2019-04-24 22:31:36 +08:00
Peter Hoeg
f81ddbf8e7
Merge pull request #60149 from peterhoeg/u/mosquitto_160
...
mosquitto: 1.5.8 -> 1.6 + nixos tests
2019-04-24 22:29:08 +08:00
Maximilian Bosch
28a95c4f7f
Merge pull request #60138 from grahamc/wireguard-generate-key
...
wireguard: add generatePrivateKeyFile option + test
2019-04-24 16:00:34 +02:00
Graham Christensen
06c83a14e1
Wrap 'wg' commands in <command>
2019-04-24 07:46:01 -04:00
Graham Christensen
f57fc6c881
wireguard: add generatePrivateKeyFile option + test
...
Ideally, private keys never leave the host they're generated on - like
SSH. Setting generatePrivateKeyFile to true causes the PK to be
generate automatically.
2019-04-24 07:46:01 -04:00
Peter Hoeg
c5af9fd4dd
nixos/mosquitto: add test
2019-04-24 17:02:20 +08:00
Andrew Dunham
9f7f367bf5
plex: rewrite to use FHS userenv
2019-04-23 20:19:33 -07:00
Matthew Bauer
84d00355e8
Merge remote-tracking branch 'NixOS/master' into staging
2019-04-23 22:00:42 -04:00
Silvan Mosberger
508fd8f133
Merge pull request #55413 from msteen/bitwarden_rs
...
bitwarden_rs: init at 1.8.0
2019-04-24 00:25:08 +02:00
Matthijs Steen
ef1a43030b
nixos/bitwarden_rs: init
2019-04-23 23:46:57 +02:00
Silvan Mosberger
ca37c23f91
Merge pull request #58096 from pacien/tedicross-init
...
tedicross: init at 0.8.7
2019-04-23 23:14:22 +02:00
pacien
d3423dd5c2
nixos/tedicross: add module
2019-04-23 22:52:23 +02:00
Jörg Thalheim
d43dc68db3
nixos/openldap: make rootpw option optional
...
This allows to store passwords in external files outside of the world-readable
nix store.
2019-04-23 16:35:33 +01:00
Janne Heß
5fbf306760
nixos/icingaweb2: Fix environment.etc assignment
2019-04-23 14:04:40 +02:00
ajs124
3e32e150cb
nixos/ejabberd: migrate to tmpfiles, drop runit
2019-04-23 14:00:49 +02:00
Dan Elkouby
83c9b6ee39
nginx: use fullchain.pem for ssl_trusted_certificate
...
Some ACME clients do not generate full.pem, which is the same as
fullchain.pem + the certificate key (key.pem), which is not necessary
for verifying OCSP staples.
2019-04-23 12:33:19 +03:00
markuskowa
d0e70ac2d3
Merge pull request #60010 from JohnAZoidberg/https-urls
...
HTTPS urls
2019-04-22 23:37:07 +02:00
Daniel Schaefer
92cccb6f83
treewide: Use HTTPS for readthedocs URLs
2019-04-22 20:46:18 +02:00
Samuel Dionne-Riel
8a74ebeb01
nixos/virtualbox: Fixes configuration to evaluate
...
Fixes issue introduced by #57557
2019-04-22 11:22:00 -04:00
Aaron Andersen
c3f69d1373
Merge pull request #59381 from aanderse/automysqlbackup
...
automysqlinit: init at 3.0_rc6
2019-04-22 08:30:23 -04:00
Joachim Fasting
b33da46a8e
nixos/hardened: split description of allowUserNamespaces into paras
2019-04-21 13:11:25 +02:00
mlvzk
113bb0a7e9
nixos/display-managers/startx: fix typos for startx option description
...
`~/.xinintrc` => `~/.xinitrc`
`autmatically` => `automatically`
2019-04-21 07:46:37 +00:00
Samuel Dionne-Riel
429e554714
nixos/virtualbox: Fixes configuration to evaluate
...
Fixes issue introduced by #57557
2019-04-20 23:04:13 -04:00
Matthew Bauer
2a8ca24215
Merge pull request #59435 from furrycatherder/fix-tarball
...
nixos: fix system-tarball
2019-04-20 20:58:42 -04:00
Léo Gaspard
451961ead2
Merge pull request #59880 from florianjacob/matrix-synapse-identity-servers
...
nixos/matrix-synapse: correct trusted_third_party_id_servers default
2019-04-21 02:41:21 +02:00
Matthew Bauer
799fa4d404
Merge remote-tracking branch 'origin/master' into staging
2019-04-20 19:31:35 -04:00
Aaron Andersen
4a11ce7f26
cleanup redundant text in modules utilizing mkEnableOption
...
Closes #59911
2019-04-20 14:44:02 +02:00
Reno Reckling
abf60791e2
nixos/modules/networking/wg-quick Add wg-quick options support
...
This is an implementation of wireguard support using wg-quick config
generation.
This seems preferrable to the existing wireguard support because
it handles many more routing and resolvconf edge cases than the
current wireguard support.
It also includes work-arounds to make key files work.
This has one quirk:
We need to set reverse path checking in the firewall to false because
it interferes with the way wg-quick sets up its routing.
2019-04-20 14:02:54 +02:00
Jan Tojnar
d3259ed673
Merge branch 'master' into staging
2019-04-20 12:49:01 +02:00
Matthew Bauer
c1fd154fb6
Merge pull request #57557 from matthewbauer/ova-swap
...
nixos/virtualbox: add swap file
2019-04-19 10:17:36 -04:00
Matthew Bauer
dbc4543812
nixos/virtualbox: add swap file
...
Puts 2G swap in /var/swap of OVA. This serves as backup when you hit
the memory cap for the image.
Fixes #57171 and fixes #22696
2019-04-19 10:15:48 -04:00
ajs124
2b84c8d560
nixos/ejabberd: add basic test
2019-04-19 12:44:43 +02:00
Florian Jacob
34aa25b8dc
nixos/matrix-synapse: correct trusted_third_party_id_servers default
...
the servers are equivalent and synchronized, but Riot defaults to use vector.im
Source: https://github.com/matrix-org/synapse/blob/v0.99.3/docs/sample_config.yaml#L701
2019-04-19 11:54:06 +02:00
AmineChikhaoui
548932640b
ec2-amis.nix: add 19.03 amis
2019-04-18 23:07:14 -04:00
Aaron Andersen
3464b50c61
Merge pull request #59389 from aanderse/issue/53853-1
...
replace deprecated usage of PermissionsStartOnly (part 1)
2019-04-18 20:46:28 -04:00
markuskowa
dac0051e60
Merge pull request #59188 from gnidorah/maxx
...
maxx: 1.1.0 -> 2.0.1
2019-04-18 21:48:01 +02:00
Linus Heckemann
42c107c2aa
Merge pull request #49537 from mayflower/stage1-symlink-fix
...
nixos stage-1: fix init existence test
2019-04-18 17:59:08 +02:00
Pierre Bourdon
5d2bb3d715
nixos/stage-1: "find-libs" shell script is for the host
2019-04-18 15:02:51 +02:00
Bas van Dijk
cccc7a93d2
Merge pull request #59828 from basvandijk/prometheus-refactoring
...
nixos/prometheus: refactored & added more missing options
2019-04-18 13:43:53 +02:00
Bas van Dijk
cdd82681b3
nixos/prometheus: add more missing options
2019-04-18 12:53:13 +02:00
Bas van Dijk
285fd3c05a
nixos/prometheus: abstract over optional option creation
2019-04-18 11:55:43 +02:00
Domen Kožar
9bc23f31d2
Merge pull request #48337 from transumption/201810/nginx-etag
...
nginx: if root is in Nix store, use path's hash as ETag
2019-04-18 16:41:49 +07:00
aszlig
d533285224
nixos/tests/nginx: Add subtest for Nix ETag patch
...
This is to make sure that we get different ETag values whenever we
switch to a different store path but with the same file contents.
I've checked this against the old behaviour without the patch and it
fails as expected.
Signed-off-by: aszlig <aszlig@nix.build>
2019-04-18 09:41:13 +02:00
Frederik Rietdijk
2346182c2c
Merge staging-next into staging
2019-04-18 08:26:30 +02:00
ajs124
e03932bbca
xmpp-sendmessage: init script file, use in prosody test
2019-04-17 23:36:07 +02:00
worldofpeace
7abeda982a
gnome3.gsettings-desktop-schemas -> gsettings-desktop-schemas
...
gnome3.pomodoro is left out because I don't want to create a conflict.
2019-04-17 13:39:23 -04:00
Robin Gloster
b278cd86e1
Merge branch 'master' into kube-apiserver-preferred-address-types
2019-04-17 16:40:06 +00:00
Robin Gloster
44afc81af1
Merge pull request #57693 from mayflower/kube-apiserver-proxy-client-certs
...
nixos/kubernetes: Add proxy client certs to apiserver
2019-04-17 16:38:51 +00:00
Robin Gloster
7dc6e77bc2
Merge pull request #56789 from mayflower/upstream-k8s-refactor
...
nixos/kubernetes: stabilize cluster deployment/startup across machines
2019-04-17 16:37:58 +00:00
Bas van Dijk
55ef5d4246
nixos/prometheus: set optional attributes to type types.nullOr
...
This makes sure that when a user hasn't set a Prometheus option it
won't show up in the prometheus.yml configuration file. This results
in smaller and easier to understand configuration files.
2019-04-17 14:49:09 +02:00
Bas van Dijk
57e5b75f9c
nixos/prometheus: filter out the _module attr in a central place
...
We previously filtered out the `_module` attribute in a NixOS
configuration by filtering it using the option's `apply` function.
This meant that every option that had a submodule type needed to have
this apply function. Adding this function is easy to forget thus this
mechanism is error prone.
We now recursively filter out the `_module` attributes at the place we
construct the Prometheus configuration file. Since we now do the filtering
centrally we don't have to do it per option making it less prone to errors.
2019-04-17 14:08:16 +02:00
Joachim F
d7da5e2af2
Merge pull request #53826 from delroth/randstruct-custom-seed
...
nixos: allow customizing the kernel RANDSTRUCT seed
2019-04-16 17:49:19 +00:00
Bas van Dijk
a913d0891c
nixos/prometheus: filter out empty srcape_configs attributes
...
This results in a smaller prometheus.yml config file.
It also allows us to use the same options for both prometheus-1 and
prometheus-2 since the new options for prometheus-2 default to null
and will be filtered out if they are not set.
2019-04-16 16:06:11 +02:00
Bas van Dijk
a23db5db08
nixos/prometheus: add new ec2_sd_config options for prometheus2
2019-04-16 16:04:33 +02:00
Andrew Childs
ad7e232f88
nixos/prometheus: add ec2_sd_configs
section to scrape_configs
2019-04-16 13:43:52 +02:00
Bas van Dijk
e7fadde7a7
nixos/doc: remove prometheus2 notes from the 19.09 release notes
...
prometheus2 has been backported to 19.03 so it won't be new for 19.09.
2019-04-16 09:47:45 +02:00
Bas van Dijk
d1940beb3a
nixos/prometheus/pushgateway: add module and test
2019-04-16 08:09:38 +02:00
Aaron Andersen
5f4df8e509
automysqlinit: init at 3.0_rc6
2019-04-15 21:51:55 -04:00
worldofpeace
2d6247a414
gnome3.gnome-keyring: CAP_IPC_LOCK gnome-keyring-daemon
...
From gkd-capability.c:
This program needs the CAP_IPC_LOCK posix capability.
We want to allow either setuid root or file system based capabilies
to work. If file system based capabilities, this is a no-op unless
the root user is running the program. In that case we just drop
capabilities down to IPC_LOCK. If we are setuid root, then change to the
invoking user retaining just the IPC_LOCK capability. The application
is aborted if for any reason we are unable to drop privileges.
2019-04-15 14:59:56 -04:00
worldofpeace
27ac8cb2c4
Merge pull request #59185 from worldofpeace/glib-networking
...
nixos/glib-networking: init
2019-04-15 13:17:58 -04:00
worldofpeace
7802b18958
nixos/pantheon: use glib-networking module
2019-04-15 13:11:58 -04:00
Eelco Dolstra
5399f34ad9
nix: 2.2 -> 2.2.2
2019-04-15 19:06:57 +02:00
worldofpeace
b0e9f85f47
nixos/glib-networking: init
...
Note that we were previously didn't have glib-networking
in systemd.packages so the PacRunner was non-functional.
2019-04-15 13:04:06 -04:00
adisbladis
9a176d669a
nixos/tox-node: Add descriptions to module options.
...
Missing these broke the tarball build
https://hydra.nixos.org/build/92258938/nixlog/1
2019-04-15 17:11:10 +01:00
José Romildo Malaquias
c32b50a5f7
Merge pull request #59520 from romildo/upd.deepin.deepin-daemon
...
nixos/dde-daemon: init
2019-04-15 10:30:51 -03:00
adisbladis
4b4caa9413
Merge pull request #59368 from suhr/tox-node
...
nixos/tox-node: init
2019-04-15 12:28:27 +03:00
adisbladis
454aa43213
nixos/tox-node: Dont hardcode bootstrap nodes
...
Get these from upstream tox-node package instead.
This is likely to cause less maintenance overhead over time and
following upstream bootstrap node changes is automated.
2019-04-15 09:27:32 +01:00
Сухарик
6cb40f7b0b
nixos/tox-node: init
2019-04-15 09:27:27 +01:00
Bas van Dijk
e5724e8e66
Merge pull request #59514 from basvandijk/elk-7.0.0
...
elk7: init at 7.0.0
2019-04-15 07:05:13 +02:00
José Romildo Malaquias
46a4e92d92
nixos/deepin-daemon: init
2019-04-14 21:47:45 -03:00
Bas van Dijk
13352f28d2
elk7: init at 7.0.0
...
This adds the following new packages:
+ elasticsearch7
+ elasticsearch7-oss
+ logstash7
+ logstash7-oss
+ kibana7
+ kibana7-oss
+ filebeat7
+ heartbeat7
+ metricbeat7
+ packetbeat7
+ journalbeat7
The default major version of the ELK stack stays at 6. We should
probably set it to 7 in a next commit.
2019-04-14 21:39:46 +02:00
Silvan Mosberger
a63c182d53
Merge pull request #59315 from Infinisil/znc-docs-url
...
nixos/znc: Fix URL XML for config option
2019-04-14 17:33:49 +02:00
worldofpeace
6846d4ab85
nixos/fprintd: use systemd.packages
...
Upstream has a systemd service.
2019-04-14 10:19:57 -04:00
worldofpeace
4616b4ec85
Merge pull request #21860 from e-user/bugfix/upstream/gnome-pam
...
nixos/gdm: use provided PAM login configuration wherever possible
2019-04-14 09:52:17 -04:00
Alexander Kahl
56bd0110e7
nixos/pam: Add GNOME keyring use_authtok directive to password group
2019-04-14 09:50:22 -04:00
Alexander Kahl
5b9895b1a0
nixos/gdm: use provided PAM login configuration wherever possible
...
Fixes #21859
2019-04-14 09:49:01 -04:00
worldofpeace
c9a925d82b
Merge pull request #59433 from romildo/upd.deepin.deepin-menu
...
nixos/deepin-menu: init
2019-04-14 09:18:15 -04:00
José Romildo Malaquias
9e99eed443
nixos/deepin-menu: init
2019-04-14 10:00:44 -03:00
Linus Heckemann
0fc80a576a
Merge pull request #59423 from lheckemann/initramfs-improvements
...
Initramfs improvements
2019-04-14 12:10:26 +02:00
Sarah Brofeldt
f839011719
Merge pull request #58512 from aanderse/solr
...
solr: init at 8.0.0
2019-04-14 11:16:28 +02:00
gnidorah
1a4072e90f
maxx: 1.1.0 -> 2.0.1
2019-04-14 09:51:29 +03:00
Sean Haugh
040d159eb4
nixos: fix system-tarball
2019-04-13 22:14:37 -05:00
Danylo Hlynskyi
eddb31be99
Merge pull request #55121 from Ma27/add-option-support-to-nixos-build-vms
...
nixos-build-vms: pass `--option` to `nix-build`
2019-04-14 02:57:57 +03:00
Linus Heckemann
b499c52de5
stage-1: provide meaningful names to initrd and module tree
2019-04-13 23:22:56 +02:00
Aaron Andersen
55ddb04a8a
nixos/zookeeper: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:01 -04:00
Aaron Andersen
a1c48c3f63
nixos/vault: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:01 -04:00
Aaron Andersen
053c9a7992
nixos/sonarr: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:01 -04:00
Aaron Andersen
bb649d96b0
nixos/smokeping: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:00 -04:00
Aaron Andersen
484e896d7a
nixos/radarr: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:00 -04:00
Aaron Andersen
021b287b84
nixos/peerflix: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:00 -04:00
Aaron Andersen
0672f867bc
nixos/mysql-backup: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:00 -04:00
Aaron Andersen
89cbee4d3e
nixos/mxisd: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:00 -04:00
Aaron Andersen
cd46038ae5
nixos/jackett: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:59 -04:00
Aaron Andersen
b7f376c01b
nixos/ipfs: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:59 -04:00
Aaron Andersen
b1be2f1584
nixos/influxdb: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:59 -04:00
Aaron Andersen
6ac630bad3
nixos/etcd: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:59 -04:00
Aaron Andersen
062efe018d
nixos/couchdb: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:58 -04:00
Aaron Andersen
56c7960d66
nixos/codimd: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:58 -04:00
Aaron Andersen
e51f86a018
nixos/clickhouse: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:58 -04:00
Aaron Andersen
e5d8ba59cc
nixos/traefik: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:58 -04:00
Aaron Andersen
cefbee3edc
nixos/syncthing: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:58 -04:00
Aaron Andersen
0113cc0de9
nixos/stanchion: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:57 -04:00
Aaron Andersen
a585d29bfd
nixos/rss2email: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:57 -04:00
Aaron Andersen
2ebbe3988b
nixos/rabbitmq: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:57 -04:00
Aaron Andersen
7b2be9b328
nixos/postgresqlBackup: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:57 -04:00
Aaron Andersen
64fdacc580
nixos/nullmailer: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:57 -04:00
Aaron Andersen
a6bbc55ae1
nixos/nexus: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:56 -04:00
Aaron Andersen
7808202b38
nixos/munge: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:56 -04:00
Aaron Andersen
919c87a106
nixos/mpd: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:56 -04:00
Aaron Andersen
8c48c55c2d
nixos/minio: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:56 -04:00
Aaron Andersen
89081eef5d
nixos/mesos: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:56 -04:00
Aaron Andersen
2f50cd06dc
nixos/memcached: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:55 -04:00
Aaron Andersen
5f9a639f69
nixos/liquidsoap: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:55 -04:00
Aaron Andersen
8fe1c5b30f
nixos/lidarr: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:55 -04:00
Aaron Andersen
09af9fcd34
nixos/collectd: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:55 -04:00
markuskowa
7d363d46ba
Merge pull request #59362 from matthiasbeyer/ympd-port-int
...
ympd service: Allow webPort to be int
2019-04-12 20:59:13 +02:00
Maximilian Bosch
f975bbae11
nixos/hostapd: escape interface names for hostapd
...
Same problem as described in acbadcdbba
.
When using multiple interfaces for wifi with `networking.wlanInterfaces`
and the interface for `hostapd` contains a dash, this will fail as
systemd escapes dashes in its device names.
2019-04-12 19:27:19 +02:00
Graham Christensen
628ba24e77
Merge pull request #59349 from mogorman/manual-upgrading
...
nixos/manual: update 17.03 -> 19.03 in upgrading section
2019-04-12 12:19:12 -04:00
Matthias Beyer
31884f788e
ympd service: Allow webPort to be int
...
Signed-off-by: Matthias Beyer <mail@beyermatthias.de>
2019-04-12 18:17:10 +02:00
Matthew O'Gorman
da035d3ad6
nixos/manual: update 17.03 -> 19.03 in upgrading section
2019-04-12 12:16:30 -04:00
Silvan Mosberger
92ae299998
Merge pull request #59081 from Yarny0/hylafax-updates
...
HylaFAX: fix ModemGroup, also minor metadata updates
2019-04-12 16:30:46 +02:00
Bas van Dijk
08b277e0da
Merge pull request #56017 from elohmeier/prom-tls
...
prometheus: add tls_config
2019-04-12 12:57:54 +02:00
Joachim F
5dafbb2cb1
Merge pull request #56719 from bricewge/miniflux-service
...
miniflux: add service
2019-04-12 09:57:30 +00:00
Yarny0
e57156bcaa
nixos/hylafax: fix faxq ModemGroup
setting
...
The manpage claims that the "limit" in the setting::
<name>:[<limit>:]<regex>
is optional and defaults to zero, implying no limit.
However, tests confirmed that it actually isn't optional.
Without limit, the setting ``any:.*`` places
outbound jobs on infinite hold if no particular
modem was specified on the sendfax command line.
The new default value ``any:0:.*`` from
this commit uses any available modem to
send jobs if not modem was given to sendfax.
2019-04-12 11:11:49 +02:00
Yarny0
1438f7b664
nixos/hylafax: add 'yarny' (= myself) as maintainer
...
I forgot to do this when I submitted this module with
commit 12fa95f2d6
.
2019-04-12 11:11:48 +02:00
Silvan Mosberger
2d1fa68c83
Merge pull request #59044 from teto/strongswan_path
...
strongswan module: use strings for secrets.
2019-04-11 22:51:24 +02:00
Enno Lohmeier
da7aeb1b7d
prometheus: add tls_config
2019-04-11 20:34:31 +02:00
Silvan Mosberger
b8dc0f9a5b
nixos/znc: Fix URL XML for config option
2019-04-11 16:59:19 +02:00
Frederik Rietdijk
230c67f43b
Merge master into staging-next
2019-04-11 07:50:23 +02:00
Ryan Mulligan
0960fc72b7
Merge pull request #49868 from jfrankenau/fix-triggerhappy
...
nixos/triggerhappy: add option user
2019-04-10 20:56:19 -07:00
Matthieu Coudron
08b8c6caf2
nixos/strongswan: use strings for secrets.
...
The nixos module artifically enforces type.path whereas the ipsec secret configuration files
accept pattern or relative paths.
Enforcing absolute paths already caused problems with l2tp vpn:
https://github.com/nm-l2tp/NetworkManager-l2tp/issues/108
2019-04-11 11:44:49 +09:00
Aaron Andersen
ee7565af9d
solr: init at 8.0.0
2019-04-10 20:12:41 -04:00
Bas van Dijk
38ae3fe584
Merge pull request #59270 from basvandijk/alertmanager-DynamicUser
...
nixos/prometheus/alertmanager: use DynamicUser instead of nobody
2019-04-10 22:56:17 +02:00
Bas van Dijk
cd4486ecc3
nixos/prometheus/alertmanager: use DynamicUser instead of nobody
...
See issue #55370
2019-04-10 20:38:40 +02:00
Jörg Thalheim
4d4f110ca5
Merge pull request #59181 from Izorkin/nginx-format
...
nixos/nginx: fix error in writeNginxConfig
2019-04-10 19:23:34 +01:00
Bas van Dijk
739bdff4a4
nixos/prometheus/alertmanager: use ExecStart instead of script
...
This results in a simpler service unit which doesn't first have to
start a shell:
> cat /nix/store/s95nsr8zbkblklanqpkiap49mkwbaq45-unit-alertmanager.service/alertmanager.service
...
ExecStart=/nix/store/4g784lwcy7kp69hg0z2hfwkhjp2914lr-alertmanager-0.16.2-bin/bin/alertmanager \
--config.file /nix/store/p2c7fyi2jkkwq04z2flk84q4wyj2ggry-checked-config \
--web.listen-address [::1]:9093 \
--log.level warn
...
2019-04-10 15:03:09 +02:00
Linus Heckemann
4557373d68
Merge pull request #58858 from worldofpeace/pantheon/lightdm-gtk-greeter
...
nixos/pantheon: enable lightdm gtk greeter
2019-04-10 09:36:20 +02:00
Robin Gloster
f370553f8f
Merge pull request #58804 from Ma27/roundcube-fixes
...
roundcube: minor fixes
2019-04-09 18:30:00 +00:00
aszlig
f98b4b0fda
nixos: Fix build of manual
...
Commit 29d7d8f44d
has introduced another
section with the ID "sec-release-19.09-incompatibilities", which
subsequently causes the build to fail.
I just merged both sections and the manual is now building again.
Signed-off-by: aszlig <aszlig@nix.build>
2019-04-09 17:18:43 +02:00
Frederik Rietdijk
d108b49168
Merge master into staging-next
2019-04-09 16:38:35 +02:00
Bas van Dijk
2f2e2971d6
Merge pull request #58255 from jbgi/prometheus2
...
Add Prometheus 2 service in parallel with 1.x version (continuation)
2019-04-09 14:14:18 +02:00
Bas van Dijk
b423b73adc
nixos/doc: add Prometheus stateDir handling to rl-1909.xml
2019-04-09 13:13:44 +02:00
Bas van Dijk
c95179b52f
nixos/prometheus: add back the option services.prometheus.dataDir
...
This is to ensure more backwards compatibility. Note this is not 100%
backwards compatible because we now require dataDir to begin with /var/lib/.
2019-04-09 13:13:34 +02:00
Bas van Dijk
7062a073e8
elk: 6.5.1 -> 6.7.1
2019-04-09 12:34:01 +02:00
Robin Gloster
a58ab8fc05
Merge pull request #58398 from Ma27/package-documize
...
documize-community: init at 2.2.1
2019-04-08 22:34:11 +00:00
Maximilian Bosch
acbb74ed18
documize-community: init at 2.2.1
...
Documize is an open-source alternative for wiki software like Confluence
based on Go and EmberJS. This patch adds the sources for the community
edition[1], for commercial their paid-plan[2] needs to be used.
For commercial use a derivation that bundles the commercial package and
contains a `$out/bin/documize` can be passed to
`services.documize.enable`.
The package compiles the Go sources, the build process also bundles the
pre-built frontend from `gui/public` into the binary.
The NixOS module generates a simple `systemd` unit which starts the
service as a dynamic user, database and a reverse proxy won't be
configured.
[1] https://www.documize.com/get-started/
[2] https://www.documize.com/pricing/
2019-04-08 23:54:57 +02:00
worldofpeace
acedc516fe
nixos/pantheon: use evince module
2019-04-08 16:40:54 -04:00
Linus Heckemann
0ce382d868
rl-1903: pantheon notes phrasing/organisation
2019-04-08 16:22:58 -04:00
Ingo Blechschmidt
efff2e1aa6
iodine: improve password handling ( #58806 )
...
Before this change, only passwords not containing shell metacharacters could be
used, and because the password was passed as a command-line argument, local
users could (in a very small window of time) record the password and (in an
indefinity window of time) record the length of the password.
We also use the opportunity to add a call to `exec` in the systemd start
script, so that no shell needs to hang around waiting for iodine to stop.
2019-04-08 21:20:26 +02:00
Bas van Dijk
29d7d8f44d
nixos/doc: added the Prometheus changes to the 19.09 release notes
2019-04-08 19:39:22 +02:00
Bas van Dijk
eed84d1f8d
nixos/prometheus: fix indentation and unnecessary parenthesis
2019-04-08 19:14:42 +02:00
Samuel Dionne-Riel
ef0ca61215
Merge pull request #58027 from DanielFabian/gfxpayload
...
grub: Add gfxpayload
2019-04-08 10:06:59 -04:00
Izorkin
496a73d46d
nixos/nginx: fix error in writeNginxConfig
2019-04-08 16:44:23 +03:00
Bas van Dijk
394970047e
nixos/tests: register the prometheus2 test
2019-04-08 15:24:23 +02:00
Bas van Dijk
7cf27feb2f
nixos/prometheus: get rid of empty arguments
...
Previously the prometheus.service file looked like:
ExecStart=/nix/store/wjkhfw3xgkmavz1akkqir99w4lbqhak7-prometheus-1.8.2-bin/bin/prometheus -storage.local.path=/var/lib/prometheus/metrics \
-config.file=/nix/store/zsnvzw51mk3n1cxjd0351bj39k1j6j27-prometheus.yml-check-config-checked \
-web.listen-address=0.0.0.0:9090 \
-alertmanager.notification-queue-capacity=10000 \
-alertmanager.timeout=10s \
\
Restart=always
Now it's:
ExecStart=/nix/store/wjkhfw3xgkmavz1akkqir99w4lbqhak7-prometheus-1.8.2-bin/bin/prometheus \
-storage.local.path=/var/lib/prometheus/metrics \
-config.file=/nix/store/zsnvzw51mk3n1cxjd0351bj39k1j6j27-prometheus.yml-check-config-checked \
-web.listen-address=0.0.0.0:9090 \
-alertmanager.notification-queue-capacity=10000 \
-alertmanager.timeout=10s
Restart=always
2019-04-08 14:59:12 +02:00
Bas van Dijk
a59c92903e
nixos/prometheus: use ExecStart instead of a shell script
...
This uses fewer lines of code and one less process.
2019-04-08 14:59:12 +02:00
Daniel Fabian
84ff0956a8
grub: Add support for gfxpayload in grub. Needed for NVIDIA drivers before KMS, afaik
2019-04-08 11:34:39 +01:00
Aneesh Agrawal
24ae4ae604
nixos/sshd: Remove obsolete Protocol options ( #59136 )
...
OpenSSH removed server side support for the v.1 Protocol
in version 7.4: https://www.openssh.com/txt/release-7.4 ,
making this option a no-op.
2019-04-08 09:49:31 +02:00
Samuel Dionne-Riel
40d59c6e8e
Merge pull request #58976 from gilligan/remove-nodejs6
...
Remove nodejs-6_x which is about to enter EOL
2019-04-07 19:49:24 -04:00
worldofpeace
8f93650fe4
nixos/pantheon: add warning when not using LightDM
2019-04-07 17:51:41 -04:00
worldofpeace
d3d5c674ba
nixos/lightdm-greeters/pantheon: add warning
2019-04-07 17:51:19 -04:00
Florian Klink
2457510db4
Merge pull request #51918 from bobvanderlinden/var-run
...
tree-wide: nixos: /var/run -> /run
2019-04-07 20:09:46 +02:00
Frederik Rietdijk
7f7da0a16f
Merge master into staging-next
2019-04-07 15:14:52 +02:00
Robin Gloster
0498ba6e06
Merge pull request #59078 from dtzWill/fix-and-update/nextcloud
...
nextcloud: fix use of mismatched php versions, updates
2019-04-07 09:55:39 +00:00
Frederik Rietdijk
4a125f6b20
Merge master into staging-next
2019-04-07 08:33:41 +02:00
Léo Gaspard
07fdcb348f
Merge pull request #59056 from aanderse/mod_php-sendmail
...
nixos/httpd: replace ssmtp with system-sendmail
2019-04-06 20:57:58 +02:00
Will Dietz
27d78f4c6c
nextcloud: use same php package throughout!
...
`phpPackage` is 7.3 by default, but `pkgs.php` is 7.2,
so this saves the need for an extra copy of php
for the purpose of running nextcloud's cron;
more importantly this fixes problems with extensions
not loading since they are built against a different php.
2019-04-06 10:34:14 -05:00
aszlig
6fe989eaed
nixos/tests/acme: Use exact match in TOS location
...
Since the switch to check the nginx config with gixy in
59fac1a6d7
, the ACME test doesn't build
anymore, because gixy reports the following false-positive (reindented):
>> Problem: [alias_traversal] Path traversal via misconfigured alias.
Severity: MEDIUM
Description: Using alias in a prefixed location that doesn't ends with
directory separator could lead to path traversal
vulnerability.
Additional info: https://github.com/yandex/gixy/blob/master/docs/en/plugins/aliastraversal.md
Pseudo config:
server {
server_name letsencrypt.org;
location /documents/2017.11.15-LE-SA-v1.2.pdf {
alias /nix/store/y4h5ryvnvxkajkmqxyxsk7qpv7bl3vq7-2017.11.15-LE-SA-v1.2.pdf;
}
}
The reason this is a false-positive is because the destination is not a
directory, so something like "/foo.pdf../other.txt" won't work here,
because the resulting path would be ".../destfile.pdf../other.txt".
Nevertheless it's a good idea to use the exact match operator (=), to
not only shut up gixy but also gain a bit of performance in lookup (not
that it would matter in our test).
Signed-off-by: aszlig <aszlig@nix.build>
2019-04-06 12:51:56 +02:00
Aaron Andersen
9c9a6f380e
nixos/httpd: replace ssmtp with system-sendmail
2019-04-06 06:34:46 -04:00
Pierre Bourdon
f8eec8dc34
environment.noXlibs: disable gnome3 support for pinentry ( #59051 )
2019-04-06 10:06:55 +00:00
Silvan Mosberger
82b8ff405b
Merge pull request #58778 from aanderse/davmail
...
nixos/davmail: set logging default to warn, instead of debug
2019-04-06 06:23:48 +02:00
Jeremy Apthorp
e8b68dd4f4
miniflux: add service
2019-04-06 03:52:15 +02:00
Silvan Mosberger
cddafbcc60
Merge pull request #57782 from bkchr/gnupg_program
...
programs.gnupg: Support setting the gnupg program
2019-04-05 15:43:18 +02:00
Gabriel Ebner
ad5cabf575
nixos/evince: init
2019-04-05 15:03:31 +02:00
Tor Hedin Brønner
c99a666aac
nixos/gnome3: add new default fonts
...
- source-code-pro is now the default monospace font
- source-sans-pro seems to be used somewhere too:
https://wiki.gnome.org/Engagement/BrandGuidelines
2019-04-05 12:13:39 +02:00