Commit Graph

4260 Commits

Author SHA1 Message Date
Nikolay Amiantov
b2b58642fe nixos/dovecot: add 'protocols' option 2016-01-21 12:53:25 +03:00
Nikolay Amiantov
122929cda7 nixos/dovecot: use systemd's RuntimeDirectory instead of creating it by ourselves 2016-01-21 12:53:25 +03:00
Nikolay Amiantov
9c7b067c6a nixos/dovecot: create user/group only if they are default 2016-01-21 12:53:24 +03:00
Nikolay Amiantov
d1a9c55d91 nixos/dovecot: add reload command 2016-01-21 12:53:24 +03:00
Nikolay Amiantov
9fe72b34ed nixos changelog: mention postfix changes 2016-01-21 12:48:30 +03:00
Nikolay Amiantov
15ea50733d nixos changelog: mention ejabberd fixes 2016-01-21 12:48:30 +03:00
Edward Tjörnhammar
4948bdadd6 nixos: ihaskell, wrong type restriction redacted 2016-01-21 10:02:39 +01:00
Alexander V. Nikolaev
39bd9be5a9 postfix: use built-in set-permission tool to setup queue
Make top level /var/lib/postfix as root:root 0755

After generating custom configs in /var/lib/postfix/conf,
`postfix set-permissions` called, to perform all required tricks
related to queue handling (postfix use file mode bits to keep
some internal statuses, so `chmod -R` not recommended by authors,
see comments in $out/libexec/postfix/post-install for details)

Also post-install script was patched, to skip permission check/update
for files inside $out, as well as symlinks following to $NIX_STORE.

Config file `main.cf` extended with all default directory locations,
to prevent post-install script from guessing and overwrite them.

And finally all actions in activation script snippets performed
by postmap/postalias/postfix tools from current build, not random one
from paths.
2016-01-20 14:52:59 +02:00
Robin Gloster
eac8cb1ce1 Merge pull request #11896 from mayflower/upstream-networkd
networkd: add IPForward IPMasquerade options,  DHCPServer section
2016-01-20 13:06:44 +01:00
Rickard Nilsson
51c6383ebd nixos-rebuild: Build only the 'out' output of nix (not 'doc' and 'debug' too)
This fixes the failing NixOS installer tests.
2016-01-20 10:01:59 +01:00
Rickard Nilsson
fb2eae08d5 Revert "Revert "nixos-rebuild: Add option for building and/or deploying on a remote host""
This reverts commit 78be7f5a53.
2016-01-20 10:01:59 +01:00
Joachim Schiele
2a88417f03 nixos/doc: fix to: ~/.nix-defexpr wasn't created, fixes #6606 2016-01-20 04:59:16 +01:00
Rick Yang
f8c3130e0f softether: Fixed problems with using systemd services 2016-01-20 03:47:33 +01:00
Peter Jones
5b8c871842 If container name is already unique, don't append "-0"
When using `--ensure-unique-name`, don't needlessly append `"-0"` if the
container name is already unique.

This is especially helpful with NixOps since when it deploys to a
container it uses `--ensure-unique-name`.  This means that the container
name will never match the deployment host due to the `"-0"`.  Having the
container name and the host name match isn't exactly a requirement, but
it's nice to have and a small change.
2016-01-20 03:46:19 +01:00
Rok Garbas
109ba4c861 nixos: add test for postgresql, fixes #11146 2016-01-20 03:42:59 +01:00
Mark Laws
1c393cbb3c gale service: fix permissions configuration, fixes #12457 2016-01-20 02:09:40 +01:00
Tobias Geerinckx-Rice
df29b0d23f nixos: fix evaluation
After commit 5e468b9, evaluation failed with:

  error: undefined variable ‘dnsExtensionMechanism’ at
  .../nixpkgs/nixos/modules/config/networking.nix:177:33
2016-01-20 01:19:03 +01:00
Nathan Zadoks
df82096af0 activation-script module: add environment.usrbinenv option 2016-01-19 23:29:48 +01:00
Peter Simons
5e468b96b4 nixos: add 'networking.dnsExtensionMechanism' option to enable edns0 (for DNSSEC)
Set this option to 'true' (default: 'false') to enable extension mechanisms for
DNS (EDNS) in your local glibc resolver. This is required for supporting
DNSSEC, for example.

Implementation detail: the patch changes assignments to "resolv_conf_options"
to use "+=" instead of "=" to ensure that multiple users of that variable don't
overwrite each other. The generated config file is a shell script, after all,
so this should work fine.

Closes https://github.com/NixOS/nixpkgs/issues/12470.
2016-01-19 21:54:43 +01:00
Eric Sagnes
0dd8e03308 i3 service: added i3status and dmenu dependency 2016-01-19 09:32:49 +09:00
Nikolay Amiantov
148396c022 systemd service: add *.busname upstream units 2016-01-18 19:42:25 +03:00
Rickard Nilsson
ce543ebf27 elasticsearch: Fix some startup warnings 2016-01-18 15:57:59 +01:00
Rickard Nilsson
d6f9f13512 bosun: Create ledisDir in pre-start script 2016-01-18 15:57:59 +01:00
Robin Gloster
cd11d91f0a jobs -> systemd.services
missed an override
2016-01-17 22:05:13 +00:00
Robin Gloster
101125d184 Merge pull request #12441 from k0ral/acpid
Add volume and cd events to acpid configuration
2016-01-17 21:57:58 +01:00
Domen Kožar
9e8eba48ab xorg.xorgserver: wrap Xvfb with required flags 2016-01-17 21:14:49 +01:00
Robin Gloster
4a0692a5fb types: remove references to new packageSet
Reverts part of a04a7272aa

packageSet is slated to be introduced in #11866 but currently causes
evalation errors.

/cc @ts468
2016-01-17 19:49:38 +00:00
Thomas Strobel
a04a7272aa Add missing 'type', 'defaultText' and 'literalExample' in module definitions
- add missing types in module definitions
- add missing 'defaultText' in module definitions
- wrap example with 'literalExample' where necessary in module definitions
2016-01-17 19:41:23 +01:00
rnhmjoj
641a951c61 i18n: Fix vconsole colorscheme generation
Close #12442.
abbradar: remove trailing spaces.
2016-01-17 20:24:45 +03:00
Nikolay Amiantov
47017474fd cupsd service: move root directory to /var/lib/cups 2016-01-17 15:50:40 +03:00
Nikolay Amiantov
c311901810 cupsd service: don't allow overriding necessary configuration options 2016-01-17 15:50:40 +03:00
Nikolay Amiantov
d93f866f55 cupsd service: add gutenprint support 2016-01-17 15:50:40 +03:00
Nikolay Amiantov
8377b4e5d6 cupsd service: move all default drivers to the bindir directly 2016-01-17 15:50:40 +03:00
Nikolay Amiantov
06865208e8 cupsd service: use cups-pk-helper is policykit is enabled 2016-01-17 15:50:40 +03:00
koral
9327982486 Add volume and cd events to acpid configuration 2016-01-17 13:04:54 +01:00
Pascal Wittmann
a3e7adf509 nixos/plex: fix service startup, see #12422 2016-01-17 13:01:42 +01:00
Domen Kožar
07dcea52e6 Merge pull request #12419 from avnik/rmilter+rspamd
Rmilter+rspamd packages and NixOS modules
2016-01-17 12:57:51 +01:00
Domen Kožar
2d681fdcf7 Merge pull request #12202 from thoughtpolice/nixos/tarsnap/sep-cachedirs
nixos: tarsnap - allow and document concurrent backups
2016-01-17 12:48:59 +01:00
Domen Kožar
75284b09e1 Fix ISO building from a channel
Building config.system.build.isoImage would fail with the following
error using the channel:

  ln: failed to create symbolic link
'/nix/store/zz0hzi5imrg4927v6f8mv281qs6v6pbq-nixos-16.03pre69762.e916273/nixos/nixpkgs/.': File exists

The fix skips symlink as it already exists if the channel
nixpkgs copy is used.

Fixes #10367
2016-01-16 21:58:40 +01:00
Sander van der Burg
4fafd77f7e disnix: propagate ejabberd username to the activation module 2016-01-16 18:08:07 +00:00
Franz Pletz
cac1041ced Merge pull request #12328 from makefu/zsh-allow-override-history-defaults
programs.zsh: allow override of history defaults
2016-01-16 17:25:20 +01:00
makefu
ed83b8a61c programs.zsh: allow override of history defaults 2016-01-16 16:55:30 +01:00
Alexander V. Nikolaev
de8dea4821 nixos: add module for rmilter 2016-01-16 15:12:30 +02:00
Alexander V. Nikolaev
14926f08a3 nixos: Add module for rspamd 2016-01-16 15:11:36 +02:00
aszlig
5caa8ab55e
nixos/tests/quake3: Don't quote +set arguments
With the new upstream Git version of ioquake3 introduced in 7fc7502, the
arguments to the quake3(server) binaries/wrappers may no longer be
passed as full single arguments (like "+set foo bar") but rather as
separate arguments (like "+set" "foo" "bar"), otherwise they will be
completely ignored.

Ran the x86_64-linux test on my machine and it now succeeds.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-01-16 01:13:36 +01:00
aszlig
c4de45b7ca
nixos/tests/quake3: Fix eval due to unfree license
Regression introduced by 6b447a3c9b.

In this commit the Quake 3 demo data now have a meta attribute which
specifies the license as unfreeRedistributable.

While I haven't found anything official about that on the web, let's
just allow it to be used in the test because first of all, we have been
using it for a long time (since 2009, introduced in 497760b) and second,
because it will be quite some effort to rewrite the test with something
like OpenArena (particularily because we need coverage data and need to
use the ioquake3 version plus OpenArena-specific patches).

Tested evaluation on my local system, but the VM test still fails.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-01-16 01:13:02 +01:00
Louis Taylor
6309f48137 rkt: 0.14.0 -> 0.15.0 2016-01-15 18:09:58 +00:00
Robin Gloster
00b2e1f704 Merge pull request #11809 from mayflower/fix/libvirtd_service
libvirtd service: Move mutable configs to /var
2016-01-15 18:58:40 +01:00
aszlig
7e36514c90
nixos/postfix: Set type for extraConfig to "lines"
Regression introduced by 3891d3e654.

Merging multiple options with type "str" won't work and give an
evaluation error. For extra configuration lines in the Postfix config it
really should be "lines", especially because even the description
mentions "extra lines".

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-01-15 17:57:09 +01:00
roblabla
7e10bf4327 matrix-synapse: init at 0.12.0 2016-01-15 15:17:14 +01:00
Tristan Helmich
bce59a1a8b libvirtd service: Move mutable configs to /var
Modifies libvirt package to search for configs in /var/lib and changes
libvirtd service to copy the default configs to the new location.

This enables the user to change e.g. the networking configuration with
virsh or virt-manager and keep those settings.
2016-01-15 14:26:20 +01:00
Vladimír Čunát
98218971c2 Merge #12299: make firefox-like browsers wrapped by default 2016-01-15 08:53:58 +01:00
Vladimír Čunát
5fe68602cc release notes: document renames of firefox-like browsers 2016-01-15 08:37:02 +01:00
Domen Kožar
8525936f80 nixos: Document "jobs" option removal 2016-01-14 13:08:56 +01:00
Mark Laws
e7ba7fba01 gale: init at 1.1happy 2016-01-13 12:00:50 -08:00
Nikolay Amiantov
b292e19fbd xserver service: wait for systemd-logind
This seems the right thing to do, and most likely has fixed the race condition
described at https://github.com/NixOS/nixpkgs/issues/12132#issuecomment-171284532
2016-01-13 17:31:23 +03:00
Peter Simons
ae6fc4c5be Merge pull request #12293 from abbradar/postfix-updates
Rework postfix module and package
2016-01-13 14:12:50 +01:00
Luca Bruno
27928a020a gnome3: default to gnome 3.18 2016-01-13 12:13:27 +00:00
Vladimír Čunát
3bcf8ae879 nixos manuals: bring back package references
This reverts most of 89e983786a, as those references are sanitized now.
Fixes #10039, at least most of it.

The `sane` case wasn't fixed, as it calls a *function* in pkgs to get
the default value.
2016-01-13 12:04:31 +01:00
Vladimír Čunát
b9f6dfe8c5 nixos manuals: allow displaying package references
The manuals are now evaluated with each derivation in `pkgs` (recursively)
replaced by a fake with path "\${pkgs.path.to.the.attribute}".
It isn't perfect, but it seems to cover a vast majority of use cases.
Caveat: even if the package is reached by a different means,
the path above will be shown and not e.g. `${config.services.foo.package}`.

As before, defaults created by `mkDefault` aren't displayed,
but documentation shouldn't (mostly) be a reason to use that anymore.

Note: t wouldn't be enough to just use `lib.mapAttrsRecursive`,
because derivations are also (special) attribute sets.
2016-01-13 12:03:18 +01:00
Nikolay Amiantov
b4179c5612 nixos/dspam: add module 2016-01-13 13:08:55 +03:00
Nikolay Amiantov
f5efac09aa nixos/opendkim: add module 2016-01-13 13:07:46 +03:00
Nikolay Amiantov
c51d08cf27 nixos/postsrsd: add module 2016-01-13 13:04:12 +03:00
Sander van der Burg
23772ef0a2 ejabberd: make config parameter nullable, so that the default bundled config can be used if none is given 2016-01-12 17:12:47 +00:00
Shea Levy
dbe94f2ec3 Merge branch 'swap-norestart' of git://github.com/abbradar/nixpkgs 2016-01-12 10:05:52 -05:00
Nikolay Amiantov
d3a19f1b8e nixos/postfix: backwards compatibility with /var/postfix 2016-01-12 18:01:27 +03:00
Nikolay Amiantov
1edb62b40a nixos/postfix: add options to compile additional maps and aliases 2016-01-12 18:00:54 +03:00
Nikolay Amiantov
9c502abb1c nixos/postfix: use path instead of direct package mentions 2016-01-12 17:56:54 +03:00
Nikolay Amiantov
902dd35d47 nixos/postfix: move scripts to serviceConfig 2016-01-12 17:54:44 +03:00
Nikolay Amiantov
ef3102b27e nixos/postfix: move /var/postfix to /var/lib/postfix, fix access rights 2016-01-12 17:54:41 +03:00
Sander van der Burg
b1d6e6a38b Fix running apache tomcat as a daemon 2016-01-12 14:32:22 +00:00
Nikolay Amiantov
9df07753ce swap service: don't restart mkswap.service on switches
Sadly, we can't instruct systemd to properly restart device-name.swap when this service restarts (or I haven't found the way to do so). As of now blindly restarting it would only get you a bunch of errors about device already used -- let's avoid it.
2016-01-12 17:27:21 +03:00
Nikolay Amiantov
54bc19270b nixos/postfix: add users and groups only if needed, fix group name 2016-01-12 16:41:35 +03:00
Nikolay Amiantov
22fb0cb058 nixos/postfix: don't emit alias_maps config option if we don't have aliases set 2016-01-12 16:41:34 +03:00
Nikolay Amiantov
8d4bc5c029 nixos/swap: fix stopping mkswap for encrypted device 2016-01-12 14:54:51 +03:00
Nikolay Amiantov
d82c0f9790 nixos/cdemu: use system kernel modules 2016-01-12 14:44:41 +03:00
Domen Kožar
7fe7138968 nixos: fix acme service @abbradar 2016-01-12 11:50:34 +01:00
Domen Kožar
7b0613d51e Revert "nixos/qemu-vm: Disable cache for $NIX_DISK_IMAGE"
This reverts commit 6353f580f9.

Unfortunately cache=none doesn't work with all filesystem options.

Hydra tests error out with: file system may not support O_DIRECT

See http://hydra.nixos.org/build/30323625/
2016-01-11 11:29:16 +01:00
Pascal Wittmann
0d21ba2361 Merge pull request #12283 from abbradar/acme-allowgroup
nixos/acme: add allowKeysForGroup
2016-01-11 07:45:49 +01:00
Pascal Wittmann
009f944b9f Merge pull request #12315 from tlevine/trackpoint-typo
trackpoint: fix typo in trackpoint speed description
2016-01-11 07:44:52 +01:00
Thomas Levine
2d6ebc9189 trackpoint: fix typo in configuration description
I fixed a typo in the description for hardware.trackpoint.speed.
2016-01-11 04:12:04 +00:00
Tobias Geerinckx-Rice
228774aaf5 wis_go7007: remove dead package & module
Broken since 2014, but basically a package from 2008 with no
upstream.
2016-01-11 00:16:01 +01:00
Tobias Geerinckx-Rice
521f903b80 xorgVideoUnichrome: remove dead package
Broken since 2013, upstream very dead.
2016-01-11 00:16:01 +01:00
goibhniu
8b8f864e48 Merge pull request #12103 from rick68/ostinato
Ostinato
2016-01-11 00:09:32 +01:00
Aristid Breitkreuz
01eea878ad Merge pull request #12291 from abbradar/ejabberd
Update ejabberd, new NixOS module for it
2016-01-10 21:15:33 +01:00
Aristid Breitkreuz
9c92faf370 Merge pull request #12133 from dwe11er/new-package/irqbalance
irqbalance: init at 1.1.0
2016-01-10 21:06:50 +01:00
Aristid Breitkreuz
bca9ecdd05 Merge pull request #12238 from bfrog/postgresql95
postgresql: 9.4 -> 9.5
2016-01-10 21:01:19 +01:00
Nikolay Amiantov
d0510febe1 nixos/ejabberd: update service 2016-01-10 21:28:27 +03:00
Domen Kožar
82af770fa6 correctly fix 313fa2ebc6 2016-01-10 18:24:29 +01:00
Domen Kožar
78be7f5a53 Revert "nixos-rebuild: Add option for building and/or deploying on a remote host"
This reverts commit ca0c460406.

All the installer tests are failing due to this change. cc @rickynils
2016-01-10 17:50:50 +01:00
Domen Kožar
313fa2ebc6 nixos installer tests: use -A nix-env flag to prevent out of memory 2016-01-10 17:48:35 +01:00
Evgeny Egorochkin
ada9b3b666 azure-image: azure resource manager doesn't base64-encode custom data, unlike azure service manager 2016-01-10 11:35:44 +02:00
Evgeny Egorochkin
01130e502a systemd: backslashes are no longer allowed in script names 2016-01-10 11:31:38 +02:00
Vladimír Čunát
22184c4cfa release-notes: document $NIX_AUTO_RUN from #12000 2016-01-10 10:15:44 +01:00
Nikolay Amiantov
f92cec4c1b nixos/acme: add allowKeysForGroup 2016-01-10 07:28:19 +03:00
Nikolay Amiantov
3891d3e654 nixos/postfix: add types 2016-01-10 06:07:38 +03:00
Arseniy Seroka
c03fe79265 Merge pull request #10996 from oxij/nixos-label
nixos: introduce system.nixosLabel support
2016-01-09 20:52:08 +03:00
Jan Malakhovski
119c8f91e7 nixos: introduce system.nixosLabel option and use it where appropriate
Setting nixosVersion to something custom is useful for meaningful GRUB
menus and /nix/store paths, but actuallly changing it rebulids the
whole system path (because of `nixos-version` script and manual
pages). Also, changing it is not a particularly good idea because you
can then be differentitated from other NixOS users by a lot of
programs that read /etc/os-release.

This patch introduces an alternative option that does all you want
from nixosVersion, but rebuilds only the very top system level and
/etc while using your label in the names of system /nix/store paths,
GRUB and other boot loaders' menus, getty greetings and so on.
2016-01-08 22:26:15 +00:00
Thomas Tuegel
fdefc0cb2c Merge branch 'kdenetwork-filesharing' 2016-01-08 14:20:46 -06:00
Thomas Tuegel
049357bb30 nixos/kde5: install kio-extras 2016-01-08 14:20:07 -06:00
Thomas Tuegel
fa0057be39 nixos/kde5: install kdenetwork-filesharing if Samba enabled 2016-01-08 14:20:05 -06:00
Tom Burdick
2c23a311cd postgresql: (94 -> 95)
Updates postgresql to its latest versions
2016-01-08 10:13:01 -06:00
Marcin Falkiewicz
7636359c89 irqbalance: init at 1.1.0 2016-01-08 12:37:43 +01:00
Nathan Zadoks
8cb22c0a63 consul service: add package option 2016-01-08 01:44:28 +01:00
Shea Levy
4a511911bb Merge branch 'rm-notbit' of git://github.com/jgillich/nixpkgs 2016-01-07 14:34:40 -05:00
Daniel Peebles
57cb5ab17a Merge pull request #12198 from mayflower/remove-upstart-layer
Remove upstart layer
2016-01-07 13:47:39 -05:00
Eelco Dolstra
e4b4e9b986 linux: Make Unix domain sockets builtin
This hopefully fixes intermittent initrd failures where udevd cannot
create a Unix domain socket:

  machine# running udev...
  machine# error getting socket: Address family not supported by protocol
  machine# error initializing udev control socket
  machine# error getting socket: Address family not supported by protocol

The "unix" kernel module is supposed to be loaded automatically, and
clearly that works most of the time, but maybe there is a race
somewhere. In any case, no sane person would run a kernel without Unix
domain sockets, so we may as well make it builtin.

http://hydra.nixos.org/build/30001448
2016-01-07 13:20:53 +01:00
Austin Seipp
7a01badef5 nixos: tarsnap - allow keys for individual archives
Two concurrent tarsnap backups cannot be run at the same time with the
same keys - completely separate sets of keys must be generated for each
archive in this case, if you want backups to overlap.

This extends the archives attrset to support a 'keyfile' option, which
defaults to /root/tarsnap.key like the top-level attribute.

With this change, if you generate two keys with tarsnap-keygen(1) and
use each of those separately for each archive, you can backup
concurrently.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2016-01-07 05:54:41 -06:00
Austin Seipp
ec70f64ecd nixos: tarsnap - separate archive cachedirs
Tarsnap locks the cachedir during backup, meaning if you specify
multiple backups with a shared cache that might overlap (for example,
one backup may take an hour), secondary backups will fail. This isn't
very nice behavior for the obvious reasons.

This splits the cache dirs for each archive appropriately. Note that
this will require a rebuild of your archive caches (although if you were
only using one archive for your whole system, you can just move the
directory).

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2016-01-07 05:54:36 -06:00
Tanner Doshier
ad796f155b nixos: tarsnap - make systemd timer persistent
A machine may not always be active (or online!) when a backup timer
triggers, meaning backups can be missed - now we properly set the
tarsnap timer's Persistent option so systemd will run the command even
when the machine wasn't online at that exact time.

However, we also need to make sure that we can contact the tarsnap
server reliably before we start the backup. So, we attempt to ping the
access endpoint in a loop with a sleep, before continuing.

This fixes #8823.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2016-01-07 05:52:18 -06:00
Peter Simons
a68450e509 Merge pull request #12009 from mayflower/tinc-module
tinc module: Ed25519PrivateKeyFile, BindToAddress
2016-01-07 12:48:35 +01:00
Austin Seipp
472a5192fd Revert "nixos: tarsnap - separate archive cachedirs"
This reverts commit 5f0253ace6.

I didn't intend to push this - I meant to push it to *my fork's*
remote...
2016-01-07 04:51:58 -06:00
Austin Seipp
5f0253ace6 nixos: tarsnap - separate archive cachedirs
Tarsnap locks the cachedir during backup, meaning if you specify
multiple backups with a shared cache that might overlap (for example,
one backup may take an hour), secondary backups will fail. This isn't
very nice behavior for the obvious reasons.

This splits the cache dirs for each archive appropriately. Note that
this will require a rebuild of your archive caches (although if you were
only using one archive for your whole system, you can just move the
directory).

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2016-01-07 04:26:57 -06:00
Austin Seipp
4dc7cab40e nixos: btsync - switch to using systemd user services
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2016-01-07 03:33:38 -06:00
Tristan Helmich
1a0d004cc2 tinc module: Ed25519PrivateKeyFile, listenAddress 2016-01-07 09:13:28 +00:00
Robin Gloster
88292fdf09 jobs -> systemd.services 2016-01-07 06:39:06 +00:00
Robin Gloster
af50b03f50 fuppes: remove obsolete broken package and service 2016-01-07 06:39:05 +00:00
Austin Seipp
d89454bb79 nixos: btsync - add directoryRoot option
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2016-01-07 00:09:20 -06:00
Jakob Gillich
57d6dfe932 notbit: removed dead package
The Bitmessage protocol v3 became mandatory on 16 Nov 2014 and notbit does not support it, nor has there been any activity in the project repository since then.
2016-01-07 04:39:51 +01:00
Dan Peebles
668179f31e tests.ec2-config: fix to not try to talk to the internet (which breaks on Hydra) 2016-01-07 03:25:56 +00:00
Dan Peebles
63bfe20b72 security.audit: add NixOS module
Part of the way towards #11864. We still don't have the auditd
userland logging daemon, but journald also tracks audit logs so we
can already use this.
2016-01-07 03:06:10 +00:00
Robin Gloster
246f0e91cd wpa_supplicant service: Warn about plaintext keys in docs 2016-01-06 03:58:39 +00:00
Robin Gloster
391c330042 wpa_supplicant service: jobs -> systemd.services
Fixes an occurence of `jobs` usage causing tests to fail to evaluate.

thanks @domenkozar
2016-01-06 03:58:39 +00:00
Robin Gloster
609457458e wpa_supplicant module: remove preStart hack
If the config file is managed imperatively we shouldn't touch it.
2016-01-06 03:58:39 +00:00
Robin Gloster
d03b35f881 wpa_supplicant module: add networks option 2016-01-06 03:58:39 +00:00
Robin Gloster
3a5f488445 wpa_supplicant module: refactor 2016-01-06 03:58:39 +00:00
Robin Gloster
7d973a56d0 wpa_supplicant module: remove obsolete option
networking.WLANInterface has been obsolete for years
2016-01-06 03:58:39 +00:00
William A. Kennington III
ce8c8f1e1b Merge pull request #11890 from Baughn/zfs
zfs:Add option for zpool import -d, and set it to /dev/disk/by-id.
2016-01-05 14:37:19 -08:00
Arseniy Seroka
1fc685ae64 Merge pull request #11945 from jgillich/fish
fish: add module to support it as default shell
2016-01-06 01:25:37 +03:00
Peter Simons
49d18bdfcb Revert "Basic Declaritive Network Configuration in wpa_supplicant Service" 2016-01-05 19:32:41 +01:00
Peter Simons
d807b057ed Merge pull request #11920 from bjornfor/rename-host-to-listen-address
Rename NixOS option names: 'host' to 'listenAddress'
2016-01-05 12:54:15 +01:00
Peter Simons
f4b2c3d510 Merge pull request #12155 from vkleen/postfix-configuration-options
Postfix configuration options
2016-01-05 12:32:23 +01:00
Eelco Dolstra
22848d55e2 kdmrc: Build locally 2016-01-05 12:17:32 +01:00
Viktor Kleen
ebd8e2c380 postfix service: include configuration option for transport maps 2016-01-05 02:59:16 -08:00
Viktor Kleen
8fad959b15 postfix service: make SMTP services optional using enableSmtp option 2016-01-05 02:57:52 -08:00
Peter Simons
94e6323de0 Merge pull request #12015 from mayflower/wpa_supplicant-service
Basic Declaritive Network Configuration in wpa_supplicant Service
2016-01-05 10:53:13 +01:00
Tobias Geerinckx-Rice
a133ef9a0c liferea, graphite service: fix typo (agregator -> aggregator) 2016-01-05 01:03:50 +01:00
Svein Ove Aas
f16594e18b nixos/fail2ban: Enable jails by default
With jails defaulting to 'enabled = true', the sshd jail that NixOS
defines will now be enabled.

[Bjørn: tweak commit message]
2016-01-04 21:52:32 +01:00
Eelco Dolstra
6d02d7e740 NixOS tests: Increase hung_task_timeout_secs
This hopefully fixes intermittent test failures like

  http://hydra.nixos.org/build/29962437

  router# [  240.128835] INFO: task mke2fs:99 blocked for more than 120 seconds.
  router# [  240.130135]       Not tainted 3.18.25 #1-NixOS
  router# [  240.131110] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.

assuming that these are caused by high load on the host.
2016-01-04 16:53:42 +01:00
Vladimír Čunát
0e1fe66aad kernel: do not load configs module (close #10912)
... because we make it built-in by default.
I can't imagine anyone who wanted to purge this module from his/her system,
so let's keep it simple, at least for now.
2016-01-04 13:59:53 +01:00
Eelco Dolstra
104c252b61 Merge pull request #11279 from rickynils/nixos-rebuild-remote
nixos-rebuild: Add option for building and/or deploying on a remote host
2016-01-04 11:52:25 +01:00
Wei-Ming Yang
bd035405f4 ostinato: add ostinato in NixOS services 2016-01-04 14:29:02 +08:00
Tobias Geerinckx-Rice
82419575aa btrfsProgs -> canonical btrfs-progs 2016-01-03 20:38:44 +01:00
Shea Levy
06356c90dc Merge branch 'kmscon-extraoptions' of git://github.com/nathan7/nixpkgs 2016-01-03 10:01:43 -05:00
Tobias Geerinckx-Rice
99075fb402 saneBackends{,Git} -> sane-backends{,-git}
Fixes xsane evaluation.
2016-01-03 03:31:38 +01:00
Nikolay Amiantov
e312276b01 Merge pull request #12000 from nathan7/nix-auto-run
command-not-found: add NIX_AUTO_RUN option, to automatically invoke nix-shell
2016-01-03 03:22:50 +03:00
Rickard Nilsson
7772293a0a Merge pull request #12099 from jmitchell/patch-1
Fix package name typo
2016-01-02 23:53:41 +01:00
Arseniy Seroka
1d2accb8fe Merge pull request #9716 from benley/mathics-service
Add a Mathics notebook service (with test)
2016-01-03 01:37:06 +03:00
Benjamin Staffin
fe8498f609 nixos/mathics: New service and test 2016-01-02 14:34:55 -08:00
Nathan Zadoks
d396f1e99b kmscon service: add extraOptions option 2016-01-02 22:21:54 +01:00
Jacob Mitchell
7ce9699a6a Fix package name typo 2016-01-02 12:37:20 -08:00
Tobias Geerinckx-Rice
a88b771ae7 Merge pull request #11936 from dezgeg/pr-cd-touchpad
installation-cd-graphical: Enable the 'synaptics' touchpad driver
2016-01-02 20:13:29 +01:00
Domen Kožar
8225e1b1c1 Merge pull request #12086 from bmorphism/master
thinkfan levels option to control actuation points
2016-01-02 10:56:37 +01:00
Barton Yadlowski
d732a7f5c5 thinkfan levels option to control actuation points 2016-01-02 04:49:58 -05:00
Rickard Nilsson
448a2af041 nixos-rebuild: Document --build-host and --target-host options 2016-01-01 18:22:11 +01:00
Rickard Nilsson
ca0c460406 nixos-rebuild: Add option for building and/or deploying on a remote host
This commit adds the options --build-host and --target-host to nixos-rebuild.

--build-host instructs nixos-rebuild to perform all nix builds on the
specified host (via ssh). Build results are then copied back to the
local machine and used when activating the system.

--build-target instructs nixos-rebuild to activate the configuration
not on the local machine but on the specified remote host. Build
results are copied to the target machine and then activated there (via ssh).

It is possible to combine the usage of --build-host and --target-host,
in which case you can perform the build on one remote machine and deploy
the configuration to another remote machine. The only requirement is that
the build host has a working ssh connection to the target host (if the
target is not local), and that the local machine can connect to both
the target and the build host. Also, your user must be allowed to copy
nix closures between the local machine and the target and host machines.

At no point in time are the configuration sources (the nix files) copied
anywhere. Instead, nix evaluation always happens locally
(with nix-instantiate). The drv-file is then copied and realised remotely
(with nix-store).

As a convenience, if only --target-host is specified, --build-host is
implicitly set to that host too. So if you want to build locally and deploy
remotely you have to explicitly set "--build-host localhost".

To activate (test, boot or switch) you need to have root access to the
target host. You can specify this by "--target-host root@myhost".

I have tested the obvious scenarios and they are working. Some of the
combinations of --build-host and --target-host and the various actions might
not make much sense, and should maybe be forbidden (like setting a remote
target host when building a VM), and some combinations might not work at all.
2016-01-01 18:21:59 +01:00
Austin Seipp
59acfd4f16 nixos/plex: Add 'package' option to module
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2015-12-30 20:20:25 -06:00
Peter Simons
e402a2e670 Merge pull request #12042 from anderspapitto/docs
docs
2015-12-30 21:08:52 +01:00
Anders Papitto
58cc890d2b sysctl: use literalExample in docs 2015-12-30 10:22:04 -08:00
Domen Kožar
f41603d8a6 Merge pull request #11940 from jgillich/dnsmasq-leases
dnsmasq: create state dir for dhcp leases file
2015-12-30 16:50:14 +01:00
Arseniy Seroka
640d861d13 Merge pull request #12020 from ehmry/windowlab
WindowLab: initial pkg at 1.40
2015-12-30 18:07:20 +03:00
Eelco Dolstra
146c727924 waitForUnit: Fail if the unit reaches inactive state with no pending jobs
This prevents waitForUnit for looping for many minutes before giving
up.
2015-12-30 15:17:52 +01:00
Eelco Dolstra
e78bad5262 etc: Use a friendlier name than "etc-file" 2015-12-30 15:17:30 +01:00
Eelco Dolstra
1ba2015450 install-grub: Make more robust against GC'ed system profile entries
Previously this barfed with:

  updating GRUB 2 menu...
  fileparse(): need a valid pathname at /nix/store/zldbbngl0f8g5iv4rslygxwp0dbg1624-install-grub.pl line 391.
  warning: error(s) occured while switching to the new configuration
2015-12-30 15:07:18 +01:00
Emery
952563d620 WindowLab: initial pkg at 1.40
http://nickgravgaard.com/windowlab/
2015-12-30 11:10:30 +01:00
Dan Peebles
cd7612b841 amazon-image: enable configure-from-userdata and the corresponding VM test 2015-12-30 04:59:52 +00:00
Robin Gloster
4bf7afc78e wpa_supplicant module: remove preStart hack
If the config file is managed imperatively we shouldn't touch it.
2015-12-29 18:49:39 +00:00
Robin Gloster
56a53ff458 wpa_supplicant module: add networks option 2015-12-29 18:49:39 +00:00
Robin Gloster
9dceabc95d wpa_supplicant module: refactor 2015-12-29 18:49:39 +00:00
Robin Gloster
57210ce1c1 wpa_supplicant module: remove obsolete option
networking.WLANInterface has been obsolete for years
2015-12-29 18:49:38 +00:00
Eelco Dolstra
7906169ce1 Add some preferLocalBuild 2015-12-29 17:21:49 +01:00
Eelco Dolstra
74aac17878 Force rebuild of some corrupted files 2015-12-29 16:39:26 +01:00
Arda Xi
e60c4995fd command-not-found: pass all of argv to helper 2015-12-28 15:09:48 +01:00
Nathan Zadoks
254eebd8a0 command-not-found: add NIX_AUTO_RUN 2015-12-28 15:09:48 +01:00
Rodney Lorrimar
5d682e515e release-notes: add pump.io as a new service 2015-12-27 13:32:44 +00:00
Domen Kožar
fe9a7c6d5b Merge pull request #11956 from zimbatm/nm-openvpn-uid-gid
networkmanager: set uid/gid for the networkmanager openvpn agent
2015-12-27 11:02:55 +01:00
Domen Kožar
bd8731ab9d Merge pull request #11963 from anderspapitto/typo
NixOS manual: fix typo
2015-12-27 01:18:54 +01:00
Anders Papitto
bbcc08cb30 NixOS manual: fix typo 2015-12-26 10:38:17 -08:00
Drew Carey Buglione
0f52d33f96 nixos/manual: typo 2015-12-26 12:36:19 -06:00
Jakob Gillich
ae4a7f9351 hostapd: rename extraCfg -> extraConfig, added asserts 2015-12-26 11:37:00 +01:00
Vladimír Čunát
5a2f0541a1 nixos/xserver: fix evaluation of xkbDir
I solved it this way because it seems the current state-of-the-art 89e983786
The problem was introduced in #11930. Close #11951 (a different solution).
2015-12-26 09:09:15 +01:00
Jakob Gillich
ac7e923104 fish: add module to support it as default shell
* Patched fish to load /etc/fish/config.fish if it exists (by default,
  it only loads config relative to itself)
* Added fish-foreign-env package to parse the system environment

closes #5331
2015-12-26 06:25:23 +01:00
Arseniy Seroka
7e14e28a80 Merge pull request #11870 from lancelotsix/improve_slurm_service
Improve slurm service configuration
2015-12-25 18:36:18 +03:00
Lancelot SIX
4994f0f7d0 slurm service: add tests 2015-12-25 15:55:07 +01:00
Lancelot SIX
ca4c354789 slurm service: improve config 2015-12-25 15:54:35 +01:00
Shea Levy
384a4ca4e4 Merge branch 'fix-gwwndsz' of git://github.com/tk-ecotelecom/nixpkgs
Maybe option defaultGatewayWindowSize is used very rarely, but when it is used there will be an error.
2015-12-25 09:27:36 -05:00
Arseniy Seroka
4f2f99d9b6 Merge pull request #11930 from exi/xdgDir-configurable
xserver: make xkbdir configurable
2015-12-25 17:25:28 +03:00
Timofei Kushnir
5925f9f709 Network script module fix 2015-12-25 03:43:49 +03:00
Jakob Gillich
a193ea3700 dnsmasq: create state dir for dhcp leases file
ref #11718
2015-12-24 22:36:19 +01:00
Shea Levy
c26062884b Merge branch 'pr-cd-nomodeset' of git://github.com/dezgeg/nixpkgs 2015-12-24 13:50:26 -05:00
Tuomas Tynkkynen
269f261c73 installation-cd: Add separate boot entry that has 'nomodeset'
We seem to be in an unfortunate situation: booting without 'nomodeset'
causes hangs when booting on some NVIDIA cards (6948c3ab80), but on the
other hand adding 'nomodeset' prevents X from starting on other hardware
(e.g. issue #10381 and my Thinkpad X250 with an integrated Broadwell GPU).

Attempt to remedy this situation a bit by adding a separate entry in the
ISOLINUX menu (with the non-'nomodeset' being the default).
2015-12-24 20:12:26 +02:00
Tuomas Tynkkynen
9ac80c1f15 installation-cd-graphical: Enable the 'synaptics' touchpad driver
This is needed to get touchpad working in the installer on several
laptops. Tested on a Thinkpad X250.
2015-12-24 17:45:51 +02:00
Reno Reckling
92e48a4383 xserver: make xkbdir configurable 2015-12-24 13:45:27 +01:00
Benno Fünfstück
79b4e5a8d7 docker module: fix kernel module loading
The docker module used different code for socket-activated docker daemon than for the non-socket activated daemon.
In particular, if the socket-activated daemon is used, then modprobe wasn't set up to be usable and in PATH for
the docker daemon, which resulted in a failure to start the daemon with overlayfs as storageDriver if the
`overlay` kernel module wasn't already loaded. This commit fixes that bug (which only appears if socket
activation is used), and also reduces the duplication between code paths so that it's easier to keep
both in sync in future.
2015-12-24 12:07:45 +01:00
Tobias Geerinckx-Rice
09c8911bd7 redshift: don't busy-loop like crazy on NixOS start-up 2015-12-24 04:05:57 +01:00
Bjørn Forsman
c7c3c95d92 nixos/kibana: rename 'host' to 'listenAddress'
More descriptive option name.
2015-12-24 00:28:27 +01:00
Bjørn Forsman
7334ecd41a nixos/elasticsearch: rename 'host' to 'listenAddress'
More descriptive option name.
2015-12-24 00:28:09 +01:00
Bjørn Forsman
46924e77a2 nixos/sslh: rename 'host' to 'listenAddress'
More descriptive option name.
2015-12-24 00:23:51 +01:00
Bjørn Forsman
6c2fc3a5ac nixos/shout: rename 'host' to 'listenAddress'
More descriptive option name.
2015-12-24 00:22:47 +01:00
Bjørn Forsman
19aed49163 nixos/statsd: rename 'host' to 'listenAddress'
More descriptive option name.
2015-12-24 00:20:56 +01:00
Bjørn Forsman
8b9f3c8c35 nixos/graphite: rename 'host' to 'listenAddress'
More descriptive option name.
2015-12-24 00:20:39 +01:00
Bjørn Forsman
38ca880612 nixos/cadvisor: rename 'host' to 'listenAddress'
More descriptive option name.
2015-12-24 00:14:40 +01:00
Bjørn Forsman
6b10df7eaa nixos/subsonic: rename 'host' to 'listenAddress'
More descriptive option name.
2015-12-24 00:13:15 +01:00
Bjørn Forsman
e0b0b9723c nixos/docker-registry: rename 'host' to 'listenAddress'
More descriptive option name.
2015-12-24 00:06:40 +01:00
Bjørn Forsman
79367816a9 nixos/mpd: rename 'host' to 'listenAddress'
More descriptive option name.
2015-12-24 00:04:04 +01:00
Bjørn Forsman
873a9202f6 nixos/neo4j: rename 'host' to 'listenAddress'
More descriptive option name.
2015-12-24 00:01:02 +01:00
Bjørn Forsman
b2d0886b37 nixos/jenkins: fix typo in docstring (s/adress/address/) 2015-12-23 23:49:01 +01:00
Bjørn Forsman
c6b251f5d5 nixos/jenkins: rename option 'host' to 'listenAddress'
I think the name 'listenAddress' is more descriptive. Other NixOS
modules that define 'host' either use it as listen address or as address
a client connects to. listenAddress is unambiguous.

The addition of 'host' was added earlier today[1], so not bothering with
./nixos/modules/rename.nix.

[1]: 44ea184997 ("jenkins ci enhancement: add port and prefix option")
2015-12-23 23:48:49 +01:00
Augustin Borsu
1c120c55fb jenkins-job-builder fix: use prefix and host from jenkins cfg, fixes #11897 2015-12-23 11:39:32 +01:00
Augustin Borsu
44ea184997 jenkins ci enhancement: add port and prefix option
As named these options enable to specify a bind host and url prefix
to be used by jenkins. Adding these options in the config rather than
using extra arguments allows us to re-use those information in other
services using jenkins such as jenkins-job-builder or a reverse proxy.
2015-12-23 11:38:57 +01:00
Christian Albrecht
83a64cecc9 networkd: add DHCPServer config section 2015-12-23 06:04:39 +01:00
Christian Albrecht
2307d24544 networkd: add IPForward and IPMasquerade options
to Network config section
2015-12-23 06:02:59 +01:00
Jakob Gillich
db1086f3a1 gnome3: removed duplicate line, fixes #11891 2015-12-23 02:06:30 +01:00
Svein Ove Aas
7688206a0b zfs:Change default for -d to /dev/disk/by-id 2015-12-23 00:33:06 +01:00
Svein Ove Aas
9a82dd87f7 zfs:Add zfs.devNodes option for zpool import -d 2015-12-23 00:32:25 +01:00
Nikolay Amiantov
0d7c0efa7d udisks2: fix udev rules file (close #11743)
This properly hides system partitions (like EFI or Windows recovery) from UDisks.
2015-12-22 08:09:34 +01:00
Thomas Strobel
d856841ba4 nixos trustedGRUB: add support for HP laptops 2015-12-22 03:12:30 +01:00
Kevin Cox
3acf8132c3 murmur: sslCa and extraConfig options, fixes #11419 2015-12-22 01:28:39 +01:00
Kevin Cox
a2fb70b6df Fix fleet certfile argument, fixes #11794 2015-12-22 01:24:47 +01:00
Kevin Cox
d038464e6e Use the right prefix for fleet extra config. 2015-12-22 01:24:28 +01:00
Thomas Strobel
2b9b9dc611 nixos cups-browsed: better link to avahi-daemon
Link cups browsed daemon to reload or exit with the avahi-daemon.
2015-12-21 18:20:52 +01:00
Thomas Strobel
cdd7310a50 nixos avahi-daemon: add new option declarations
Add new option declarations to control what information is published
by the avahi daemon. The default values are chosen to respect the
privacy of the user over the connectivity of the system.
2015-12-21 18:20:35 +01:00
Thomas Tuegel
5ff1c58606 Merge pull request #11839 from ttuegel/qt-5.4
Qt infrastructure update
2015-12-20 08:11:52 -06:00
Thomas Tuegel
298c4befda phonon-backend-vlc: normalize attribute name to upstream 2015-12-20 08:03:26 -06:00
Thomas Tuegel
27c522cc3b phonon-backend-gstreamer: normalize attribute name to upstream 2015-12-20 08:02:42 -06:00
Peter Simons
2b2d26f88b Merge pull request #11767 from aaronlevin/scsi-power-mgmnt-policy
Set `link_power_policy_management` default to "max_performance"
2015-12-20 11:55:02 +01:00
Evgeny Egorochkin
dac2c65109 azure agent service: provide SSL certificates path 2015-12-19 22:10:35 +02:00
Thomas Tuegel
540d028bf5 Merge pull request #11750 from ttuegel/emacs-packages
Emacs packages
2015-12-19 09:33:45 -06:00
Thomas Tuegel
dd89ee1c3b release-notes: note addition of ELPA and MELPA packages 2015-12-19 09:32:21 -06:00
Eelco Dolstra
af6732e503 nixos autoUpgrade: add a 'dates' option
(cherry picked from commit 80917d2473d321d7a990cf991c6353547976638c)
Originally merged #11808 to release-15.09 directly. Close #11821.
2015-12-19 08:46:13 +01:00
aszlig
4c61faa009
nixos/tests/networking: Add a test for loopback
It serves as a regression test, because right now if you enable
networking.useNetworkd the default loopback interface doesn't get
assigned any IP addresses.

To be sure, I have bisected this and it has been introduced with the
update to systemd 228 in 1da87d4.

Only the "scripted" networking tests have to succeed in order to trigger
a channel update of nixos-unstable, so I'm leaving this test as broken
and we have to figure out next what's the *exact* reason for the
breakage.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-12-18 07:09:42 +01:00
Rickard Nilsson
c634e5cd24 Merge pull request #11730 from spwhitt/mopidy
Mopidy Improvements
2015-12-17 20:42:13 +01:00
aaron levin
c3e0107201 Remove default scsiLinkPolicy 2015-12-17 16:40:35 +01:00
Ricardo M. Correia
92a8037b69 Merge pull request #11668 from Baughn/zfs
zfs:Always import from /dev/disk/by-id
2015-12-17 16:12:45 +01:00
michael bishop
301c74bc16 nixos: improve mime DB cache generation (close #11785) 2015-12-17 14:58:24 +01:00
Peter Simons
8f575eb0bf Merge pull request #11573 from hrdinka/refactor/dovecot
dovecot service: refactor module
2015-12-17 14:32:19 +01:00
Vladimír Čunát
acf320f691 nixos release notes: mention enableCtrlAltBackspace
/cc #11228.
2015-12-17 12:31:34 +01:00
Eelco Dolstra
b475afcf60 Merge pull request #11228 from ocharles/x-ctrl-alt-backspace
services.xserver: Disable Ctrl+Alt+Backspace by default
2015-12-17 11:49:54 +01:00
aaron levin
3b3be7a74b link_power_policy_management default to max_performance
The kernel default for `link_power_management_policy` is `"max_performance"`.
This commit:
f169f60575
set the NixOS default to `"min_performance"`.

This issue (https://github.com/NixOS/nixpkgs/issues/11276) details my long
journey to discover this after several file system failures incorrectly
attributed to `TRIM` and `NCQ` settings.

I think we should use the kernel default of `"max_performance"` to assure
the best experience for new users with SSDs and to conform to the defaults of
the kernel and other distros.
2015-12-16 23:34:36 +01:00
Thomas Tuegel
06f491d762 nixos/xserver: fix typos 2015-12-16 10:22:44 -06:00
Thomas Tuegel
cc058eff70 kde5_latest: merge all package sets
The three KDE package sets now have circular dependencies between them,
so they can only be built if they are merged into a single package set
during evaluation.
2015-12-16 10:22:43 -06:00
Oliver Charles
35f8952a8c Merge pull request #11338 from obadz/light-locker
light-locker (lockscreen for lightdm)
2015-12-16 13:45:05 +00:00
Spencer Whitt
3bc477e2f2 mopidy module: use buildEnv fixes #11706 2015-12-15 22:38:15 -05:00
obadz
9be012f0d4 lightdm & xserver service: add ability to spawn more than one X server
- if xserver.tty and/or display are set to null, then don't specify
  them, or the -logfile argument in the xserverArgs
- For lightdm, we set default tty and display to null and we determine
  those at runtime based on arguments passed. This is necessary because
  we run multiple X servers so they can't all be on the same display
2015-12-15 08:49:28 -06:00
aszlig
00934bb908
nixos/tests: Revert setting min_free_kbytes
This reverts commit 02b568414d.

With a5bc11f and 6353f58 in place, we really don't need this anymore.

After running about 500 VM tests on my Hydra, it still didn't improve
very much.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-12-14 17:40:28 +01:00
aszlig
6353f580f9
nixos/qemu-vm: Disable cache for $NIX_DISK_IMAGE
As @domenkozar noted in #10828, cache=writeback seems to do more harm
than good:

https://github.com/NixOS/nixpkgs/issues/10828#issuecomment-164426821

He has tested it using the openstack NixOS tests and found that
cache=none significantly improves startup performance.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-12-14 17:36:22 +01:00
aszlig
a5bc11f9eb
nixos/vm-tests: Remove msize mount option
This seems to be the root cause of the random page allocation failures
and @wizeman did a very good job on not only finding the root problem
but also giving a detailed explanation of it in #10828.

Here is an excerpt:

  The problem here is that the kernel is trying to allocate a contiguous
  section of 2^7=128 pages, which is 512 KB. This is way too much:
  kernel pages tend to get fragmented over time and kernel developers
  often go to great lengths to try allocating at most only 1 contiguous
  page at a time whenever they can.

  From the error message, it looks like the culprit is unionfs, but this
  is misleading: unionfs is the name of the userspace process that was
  running when the system ran out of memory, but it wasn't unionfs who
  was allocating the memory: it was the kernel; specifically it was the
  v9fs_dir_readdir_dotl() function, which is the code for handling the
  readdir() function in the 9p filesystem (the filesystem that is used
  to share a directory structure between a qemu host and its VM).

  If you look at the code, here's what it's doing at the moment it tries
  to allocate memory:

    buflen = fid->clnt->msize - P9_IOHDRSZ;

    rdir = v9fs_alloc_rdir_buf(file, buflen);

  If you look into v9fs_alloc_rdir_buf(), you will see that it will try
  to allocate a contiguous buffer of memory (using kzalloc(), which is a
  wrapper around kmalloc()) of size buflen + 8 bytes or so.

  So in reality, this code actually allocates a buffer of size
  proportional to fid->clnt->msize. What is this msize? If you follow
  the definition of the structures, you will see that it's the
  negotiated buffer transfer size between 9p client and 9p server. On
  the client side, it can be controlled with the msize mount option.

  What this all means is that, the reason for running out of memory is
  that the code (which we can't easily change) tries to allocate a
  contiguous buffer of size more or less equal to "negotiated 9p
  protocol buffer size", which seems to be way too big (in our NixOS
  tests, at least).

After that initial finding, @lethalman tested the gnome3 gdm test
without setting the msize parameter at all and it seems to have resolved
the problem.

The reason why I'm committing this without testing against all of the
NixOS VM test is basically that I think we can only go better but not
worse than the current state.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-12-14 17:26:24 +01:00
Aristid Breitkreuz
10b8c8496a Merge pull request #11575 from rvlander/fix_container_manual
nixos-manual: fix incomplete container doc
2015-12-13 23:02:54 +01:00
Arseniy Seroka
7bb418e02c Merge pull request #11681 from jgillich/upnpd-fw
miniupnpd: firewall config
2015-12-13 23:03:11 +03:00
Domen Kožar
3fca941aeb virtualisation.qemu.options: specify type 2015-12-13 19:06:22 +01:00