Aaron Andersen
9d251d8b21
nixos/gitea: define a gitea group to avoid "nogroup" ownership
2019-06-10 20:32:35 -04:00
Aaron Andersen
615f8b8982
nixos/gitea: utilize mysql|postgresql.ensureDatabases & ensureUsers to provision databases
2019-06-10 20:32:28 -04:00
William Casarin
9a81e9cd9e
xinetd: exec xinetd on launch
...
I noticed xinetd process doesn't get exec'd on launch, exec here so the bash
process doesn't stick around.
Signed-off-by: William Casarin <jb55@jb55.com>
2019-05-20 10:37:35 +01:00
Florian Klink
cd96b50d90
nixos/postgresql: add ensureDatabases & ensureUsers options ( #56720 )
...
nixos/postgresql: add ensureDatabases & ensureUsers options
2019-05-20 10:58:48 +02:00
lassulus
a3e7e1bbc8
nixos/syncthing: add options for declarative device/folder config
2019-05-20 17:56:17 +09:00
Aaron Andersen
b5a0c38e55
Merge pull request #59401 from mguentner/mxisd_1_3
...
mxisd: 1.2.0 -> 1.4.3
2019-05-19 07:00:47 -04:00
Neil Mayhew
f14cf438b4
nixos/modules: Ensure the colord user is a system user
...
Ideally, it should have an assigned uid and gid
2019-05-18 16:48:34 -06:00
Maximilian Güntner
e2c58c19c4
tests: add mxisd to all-tests
2019-05-18 22:18:01 +02:00
Robin Gloster
6e546e0326
Merge pull request #60087 from dasJ/icingaweb-etc
...
nixos/icingaweb2: Fix environment.etc assignment
2019-05-18 10:03:40 +00:00
Robin Gloster
a1dcac5104
Merge pull request #57523 from mayflower/kube-apiserver-preferred-address-types
...
nixos/kubernetes: Add preferredAddressTypes option to apiserver
2019-05-18 09:57:12 +00:00
Robin Gloster
6cf583cf2f
Merge pull request #60406 from JohnAZoidberg/remove-isnull
...
treewide: Remove usage of isNull
2019-05-18 09:36:24 +00:00
Robin Gloster
dac48ea4a1
Merge pull request #61025 from azazel75/upgrade-coredns
...
nixos/kubernetes: upgrade CoreDNS 1.3.1 -> 1.5.0
2019-05-18 09:19:04 +00:00
Silvan Mosberger
85c0a4dc33
Merge pull request #61512 from c0bw3b/pkg/winstone
...
winstone: drop package and service
2019-05-17 17:36:38 +02:00
Renaud
c5fd2a457e
Merge pull request #60670 from nyanloutre/factorio_sandbox
...
nixos/factorio: sandbox service using systemd
2019-05-17 13:40:02 +02:00
nyanloutre
85b3448e6a
nixos/factorio: sandbox service using systemd
...
- DynamicUser enabled instead of static uid/gid
- Enables most sandboxing options systemd offers
2019-05-17 10:25:49 +02:00
Vladimír Čunát
fc67de1802
Merge branch 'staging-next'
...
A few thousand Darwin jobs are still pending, but there we're depending
on this merge to fix the channel-blocking lz4 failure.
https://hydra.nixos.org/eval/1519778?compare=1519770
2019-05-17 09:43:32 +02:00
Bas van Dijk
240ae5eb87
Merge pull request #61604 from basvandijk/tinydns-nixos-test
...
nixos: add test for tinydns
2019-05-17 01:48:40 +02:00
LeOtaku
efcdac63fe
nixos/pantheon: add geoclue application configuration
...
Co-authored-by: worldofpeace <worldofpeace@protonmail.ch>
2019-05-16 18:46:07 -04:00
LeOtaku
00d8fc1cde
nixos/gnome3: add geoclue application configuration
...
Co-authored-by: worldofpeace <worldofpeace@protonmail.ch>
2019-05-16 18:46:07 -04:00
LeOtaku
2d93f57db5
nixos/geoclue2: make configurable, can whitelist applications
...
All options within geoclue.conf[0] have been made configurable.
Additonally, we can now specify whether or not GeoClue
should ask the agent to authorize an application like so:
```
services.geoclue2.appConfig."redshift" = {
isAllowed = true;
isSystem = true;
};
```
[0]: https://gitlab.freedesktop.org/geoclue/geoclue/blob/2.5.2/data/geoclue.conf.in
Co-authored-by: worldofpeace <worldofpeace@protonmail.ch>
2019-05-16 18:46:07 -04:00
Bas van Dijk
71fdb69314
nixos: add test for tinydns
2019-05-16 23:46:17 +02:00
Austin Seipp
e2bbc6fb46
nixos: fix services.foundationdb.traceFormat for older server versions
...
This was a testing oversight that came from #61009 -- I forgot to test
the new traceFormat option with older server versions while I was
working on FDB 6.1.
Since trace_format is only available in 6.1+, emitting it
unconditionally caused older versions of the database fail to start,
reporting an error. We simply gate it behind a version check instead,
and assert the format is always XML on older versions. This avoids the
case where the user has an old version, changes traceFormat willingly,
and then is confused by why it didn't work.
As reported by @TimothyKlim in the comments on commit
c55b9236f0
. See
c55b9236f0 (r33566132)
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2019-05-16 15:16:50 -05:00
Maximilian Güntner
1a84bfc0a2
mxisd: 1.2.0 -> 1.4.3
2019-05-16 21:14:13 +02:00
Frederik Rietdijk
d4464ff8fe
Merge master into staging-next
2019-05-16 08:17:55 +02:00
Aaron Andersen
ed6ccd1b27
Merge pull request #61363 from aanderse/miniupnpc
...
miniupnpc_2: 2.1 -> 2.1.20190408, miniupnpd: 2.1 -> 2.1.20190502
2019-05-15 20:56:59 -04:00
c0bw3b
582fd549fb
winstone: drop package and service
...
Close #56294
Upstream package is unmaintained for years
and nixpkgs provides alternatives
2019-05-15 20:30:48 +02:00
Austin Seipp
2525b88c80
nixos/foundationdb: default to ssd storage engine
...
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2019-05-15 09:54:11 -05:00
Austin Seipp
427f1e58a4
nixos/foundationdb: chmod 0770 for logs/data files
...
Slight oversight: this allows members of the FoundationDB group to read
logs.
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2019-05-15 09:54:11 -05:00
Austin Seipp
c55b9236f0
nixos: add services.foundationdb.traceFormat option
...
This allows us to specify JSON trace logging, which is useful for
tooling to injest/transform logs.
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2019-05-15 09:54:11 -05:00
Linus Heckemann
89b64ab5e1
nixos-generate-config: add rudimentary high-DPI detection
...
Fixes the main remaining part of #12345
2019-05-15 06:34:40 +02:00
Linus Heckemann
2b13c29c3c
Merge pull request #60231 from mayflower/tinc-allow-networking-interfaces
...
nixos/tinc: remove ordering dependency on network.target
2019-05-14 17:51:20 +02:00
Frederik Rietdijk
8abe5ee07e
Merge master into staging-next
2019-05-14 10:23:13 +02:00
lewo
42ee7cdf9d
Merge pull request #61089 from nlewo/pr-fix-layer-order
...
dockerTools: Fix Docker layers order
2019-05-13 15:27:43 +02:00
worldofpeace
b5f26f3803
Merge pull request #59480 from worldofpeace/fprintd-systemd
...
nixos/fprintd: use systemd.packages
2019-05-13 03:30:24 -04:00
Eelco Dolstra
de9e238469
FIx some malformed XML in option descriptions
...
E.g. these were using "<para>" at the *end* of a description. The real
WTF is that this is possible at all...
2019-05-13 09:15:17 +02:00
John Ericson
395bcc0b27
Merge pull request #61257 from matthewbauer/add-binfmt-emulated-systems
...
nixos/binfmt: handle emulatedSystems
2019-05-12 19:11:52 -04:00
Markus Schmidl
147621f7db
nixos/luksroot: GPG Smartcard support for luks encrypted volumes
2019-05-12 20:05:10 +02:00
Frederik Rietdijk
ef0dbef7f1
Merge master into staging-next
2019-05-12 19:59:09 +02:00
Joachim F
b4a43a278b
Merge pull request #60187 from joachifm/feat/configurable-malloc
...
nixos: configurable system-wide malloc
2019-05-12 15:18:07 +00:00
Joachim F
428ddf0619
Merge pull request #61306 from joachifm/feat/fix-apparmor-boot-linux_5_1
...
Fix apparmor boot on linux 5.1
2019-05-12 15:17:38 +00:00
Aaron Andersen
496d9f97e6
nixos/miniupnpd: update test to use pkgs.miniupnpc_2
2019-05-12 07:53:30 -04:00
Maximilian Bosch
fa2c6dc3c2
Merge pull request #61311 from turboMaCk/xss-lock-locker-options
...
xss-lock: improve locker options passing
2019-05-12 11:07:54 +02:00
Maximilian Bosch
d27431b362
nixos/xss-lock: add testcase for lockerCommand
with several CLI options.
2019-05-12 03:22:29 +02:00
Maximilian Bosch
775146165d
nixos/xss-lock: improve module
...
* Don't use `literalExample`, raw Nix values can directly be specified
as an option example which provides support for highlighting in the
manual as well.
* Escape shell args for `extraOptions`: I.e. the `-n` option might be
problematic as a longer notification command might be misinterpreted.
2019-05-12 03:20:44 +02:00
Renaud
e8d7f17c81
Merge pull request #61032 from dtzWill/feature/rngd-harden
...
rngd: harden service config, settings from arch
2019-05-11 23:36:57 +02:00
Marek Fajkus
7fef2e38ea
xss-locker: improve options passing
...
- allow locker options without hacks
- add extraOptions
2019-05-11 19:33:10 +02:00
Joachim Fasting
92d41f83fd
nixos/tests/hardened: check that apparmor is properly loaded
2019-05-11 18:21:44 +02:00
Joachim Fasting
68f5d1fa4c
nixos/apparmor: ensure that apparmor is selected at boot
...
Otherwise we're subject to whatever defaults were selected at kernel build
time.
See also: https://github.com/NixOS/nixpkgs/issues/61145
2019-05-11 18:21:38 +02:00
Vladimír Čunát
e8f4ad0169
Merge branch 'master' into staging-next
...
~5k rebuilds per platform.
Hydra nixpkgs: ?compare=1518759
2019-05-11 09:41:36 +02:00
Matthew Bauer
93a522cf0c
nixos/binfmt: fixup
2019-05-10 22:53:14 -04:00