Commit Graph

3028 Commits

Author SHA1 Message Date
Michael Raskin
f88aa22706 Allow non-SSL connections to vsftpd by default to let tests not specify certificate 2013-10-20 21:16:12 +04:00
Michael Raskin
a0bbc3e838 Add apparently missing option to vsftpd configuration 2013-10-20 20:39:37 +04:00
Michael Raskin
9b6f7c14ec Merge pull request #1060 from MarcWeber/submit/vsftpd
small vsftpd improvements
2013-10-20 08:58:21 -07:00
Domen Kožar
c1b9775821 Merge pull request #1090 from NixOS/munin-rework
munin: refactor package and add nixos service
2013-10-20 08:10:28 -07:00
Domen Kožar
9230ae6522 munin: refactor package and add nixos service 2013-10-20 15:08:07 +02:00
Rok Garbas
af0e2ccf45 zope2 service... indentation fix 2013-10-20 01:35:09 +02:00
Evgeny Egorochkin
89854548e7 Add services.xserver.s3tcSupport option 2013-10-19 00:40:45 +03:00
Eelco Dolstra
ad0568e64a mkEnableOption: Add a period at the end of the description 2013-10-17 14:29:51 +02:00
Eelco Dolstra
82ad8c5ce0 Make manual generation not depend on the user's configuration
Previously changing the value of certain options in configuration.nix
would cause the manual to be regenerated, because some option defaults
depend on the configuration.  This is undesirable because rebuilding
the manual is kind of slow.  So now the manual reflects an empty
configuration.

The downside is that this requires another call to fixMergeModules,
which adds about 14% to evaluation time.  Probably worth it.
2013-10-17 13:43:40 +02:00
Shea Levy
a5a13c4e43 Add gurobi token server service
Not yet tested, I don't have a license yet

Signed-off-by: Shea Levy <shea@shealevy.com>
2013-10-16 11:02:05 -04:00
Eelco Dolstra
e0db0aaa4d Rename /etc/nix.machines to /etc/nix/machines
Since we have a /etc/nix directory, we should use it and not pollute
/etc.
2013-10-16 10:57:25 +02:00
Eelco Dolstra
16cd8b039b Remove nix.manualNixMachines
Suggested by Marc Weber.  Fixes #1059.

Generate /etc/nix.machines only if buildMachines is not empty.  Thus,
if you want to manage /etc/nix.machines in some other way, you can set
nix.distributedBuilds to true but not set nix.buildMachines.
2013-10-16 10:53:23 +02:00
Eelco Dolstra
7c7bfa817a fail2ban: Update to 0.8.10
Also fix random start failures due to a race between the fail2ban
server and the postStart script.
2013-10-16 10:03:43 +02:00
Domen Kožar
c9acee7ee0 Merge pull request #1073 from offlinehacker/nixos/graphite/fix_carbon
nixos/graphite: carbon, use syslog for logging
2013-10-15 14:59:51 -07:00
Eelco Dolstra
bbe265e8c2 slim: Only enable if the X server is enabled
http://hydra.nixos.org/build/6494972

Disabling slim revealed that services.xserver.displayManager.job had
an incorrect type, so fixed that as well.
2013-10-15 17:24:33 +02:00
Eelco Dolstra
ae74b0ae58 sshd: Remove the usePAM option
Sshd *must* use PAM because we depend on it for proper session
management.  The original goal of this option (disabling password
logins) can also be implemented by removing pam_auth authentication
from sshd's PAM service.
2013-10-15 15:05:49 +02:00
Eelco Dolstra
a2c820c678 Turn security.pam.services into an attribute set
That is, you can say

  security.pam.services.sshd = { options... };

instead of

  security.pam.services = [ { name = "sshd"; options... } ];

making it easier to override PAM settings from other modules.
2013-10-15 14:47:51 +02:00
Eelco Dolstra
3f2c0bf9bd slim: Fix session handling 2013-10-15 13:41:03 +02:00
Eelco Dolstra
5b702be29f Add support for slimlock, slim's simple screen locker 2013-10-15 13:23:40 +02:00
Eelco Dolstra
873662b8ad slim: Work around broken PAM session handling
Previously logging in via SLiM more than once didn't work because SLiM
doesn't clean up its PAM session properly (that is, in a child rather
than in the parent).  Thus the slim process becomes part of the user
session's cgroup, among other things.  This patch causes SLiM to exit
after the session has finished, after which systemd will restart
display-manager.service.

Fixes NixOS/nixops#137.
2013-10-15 13:23:40 +02:00
Jaka Hudoklin
63539b2844 nixos/graphite: carbon, use syslog for logging
Twisted provides option to log with syslog, this enables nicer logging.
Imagine what happens in a case of exception. If logs are written to stdout,
traceback won't be merged thus giving ugly logs. This commit fixes that.
This is also one of the official ways of starting carbon, so no worries.
2013-10-13 23:18:22 +02:00
Domen Kožar
e28ddcfbec Merge pull request #1063 from offlinehacker/nixos/graphite/listen_defaults_fix
nixos: graphite, listen on localhost by default
2013-10-12 12:23:34 -07:00
Domen Kožar
a8dd839c1f Merge pull request #1067 from offlinehacker/nixos/statsd/mgmt_ip_port
nixos/statsd: Add support to specify managment ip/port
2013-10-12 12:23:11 -07:00
Jaka Hudoklin
fd0d2872a4 nixos/elasticsearch: change loglevel from DEBUG to INFO 2013-10-12 12:43:33 +02:00
Jaka Hudoklin
285f447c49 nixos/statsd: Add support to specify managment ip/port 2013-10-12 12:37:52 +02:00
Jaka Hudoklin
677ecf4868 nixos/graphite: listen on localhost by default 2013-10-12 12:34:26 +02:00
Marc Weber
4683774277 experimental/vsftpd
vsftpd improvements:
- intorduce one declarative list of options
- make docummentation strings more understandable and add missing options
  such as SSL/TLS support
- Use environment.etc."vsftpd".text because I can't think about any
  reason why a shell script should be used.
  That code was written in 2009.
2013-10-12 01:05:13 +02:00
Eelco Dolstra
5c1f8cbc70 Move all of NixOS to nixos/ in preparation of the repository merge 2013-10-10 13:28:20 +02:00