Commit Graph

1085 Commits

Author SHA1 Message Date
github-actions[bot]
b95da5efb6
Merge master into staging-next 2021-04-22 18:14:27 +00:00
lassulus
f3aa040bcb treewide: use auto diskSize for make-disk-image 2021-04-22 19:52:49 +02:00
github-actions[bot]
8248f4db36
Merge master into staging-next 2021-04-22 06:05:51 +00:00
Philipp Mildenberger
f5922de1d7 nixos/oci-containers: add support for environment files 2021-04-15 10:57:56 +02:00
Luke Granger-Brown
08b22e605b Merge remote-tracking branch 'upstream/staging-next' into down-integrate-staging 2021-04-12 18:49:01 +00:00
Jörg Thalheim
9af991a1b1
Merge pull request #117618 from Mic92/docker
nixos/docker: re-add network.target
2021-04-09 12:43:13 +01:00
Dmitry Kalinkin
219590673c
Merge branch 'staging-next' into staging
Conflicts:
	pkgs/development/python-modules/panel/default.nix
	pkgs/os-specific/linux/kernel/generic.nix
	pkgs/servers/home-assistant/default.nix
2021-04-08 22:42:26 -04:00
Luke Granger-Brown
1ce6b05ea1 nixos/libvirtd: add package option
At the moment, it's not possible to override the libvirtd package used
without supplying a nixpkgs overlay. Adding a package option makes
libvirtd more consistent and allows enabling e.g. ceph and iSCSI support
more easily.
2021-04-09 01:20:19 +02:00
Phillip Cloud
7c36ce8d3a nixos/containers: move extraConfig to settings model 2021-04-07 16:08:18 -04:00
Jan Tojnar
70babe5bcf Merge branch 'staging-next' into staging 2021-04-06 16:25:41 +02:00
Alyssa Ross
25208eeaba linux: remove xen_dom0 feature entirely
Xen is now enabled unconditionally on kernels that support it, so the
xen_dom0 feature doesn't do anything.  The isXen attribute will now
produce a deprecation warning and unconditionally return true.
Passing in a custom value for isXen is no longer supported.
2021-04-05 09:25:39 +00:00
Sandro Jäckel
9378fdf87e
iproute: deprecate alias 2021-04-04 01:43:46 +02:00
Sandro
da7bf30372
nixos/containers: update example path to match defaults 2021-03-29 03:40:44 +02:00
Jörg Thalheim
0f4872b4c4
nixos/docker: re-add network.target
Currently if docker starts concurrently with
firewall.service/systemd-networkd it breaks both due to iptables/netlink
logs.
2021-03-25 22:06:54 +01:00
Domen Kožar
b992a92fa0
Merge pull request #117021 from AmineChikhaoui/gcp-cloud-images
add new Google Cloud image for the current release
2021-03-25 10:42:06 +01:00
zowoq
4b11122749 nixos/containers: add catatonit / init_path
https://github.com/containers/common/blob/master/docs/containers.conf.5.md

- Also drop unneeded true from ociSeccompBpfHook
2021-03-21 20:57:28 +01:00
AmineChikhaoui
606b49721f
add new Google Cloud image for the current release
update the create-gce.sh script with the ability to create public images
out of a GS object.
2021-03-21 14:04:09 -04:00
Lassulus
ba6d848c40
Merge pull request #112332 from urbas/amazon-init-options
virtualization/amazon-init: enable option
2021-03-07 18:39:05 +01:00
Johan Thomsen
7b5c38e973 nixos/kubernetes: docker -> containerd
also, nixos/containerd: module init
2021-03-07 12:51:14 +10:00
rnhmjoj
c0c288b70b nixos/libvirtd: remove systemd-udev-settle
This dependency has been added in 65eae4d, when NixOS switched to
systemd, as a substitute for the previous udevtrigger and hasn't been
touched since. It's probably unneeded as the upstream unit[1] doesn't
do it and I haven't found any mention of any problem in NixOS or the
upstream issue trackers.

[1]: https://gitlab.com/libvirt/libvirt/-/blob/master/src/remote/libvirtd.service.in
2021-03-05 23:44:28 +01:00
rnhmjoj
24e45e308d
nixos/lxd: fixup of 4adcb006 2021-03-03 01:16:41 +01:00
Michele Guerini Rocco
ccc4bbdbe6
Merge pull request #114772 from rnhmjoj/anbox-no-udev-settle
nixos/anbox: remove systemd-udev-settle
2021-03-02 08:04:08 +01:00
rnhmjoj
879fcdf778
nixos/anbox: remove systemd-udev-settle
The anbox session manager seems to start without issues when
systemd-udev-settle is masked or the dependency removed.
2021-03-01 19:29:32 +01:00
rnhmjoj
b9dc818bd5
nixos/lxd: make start timeout configurable 2021-02-28 14:02:56 +01:00
rnhmjoj
4adcb00642
nixos/lxd: cleanup and misc fixes
- Actually use the zfsSupport option
- Add documentation URI to lxd.service
- Add lxd.socket to enable socket activatation
- Add proper dependencies and remove systemd-udev-settle from lxd.service
- Set up /var/lib/lxc/rootfs using systemd.tmpfiles
- Configure safe start and shutdown of lxd.service
- Configure restart on failures of lxd.service
2021-02-28 14:02:56 +01:00
Florian Klink
1624ae8a96
Merge pull request #100433 from Patryk27/fixes/38509
nixos/containers: allow containers with long names to create private networks
2021-02-26 21:35:07 +01:00
Patryk Wychowaniec
336ef2de99
nixos/containers: allow containers with long names to create private networks
Launching a container with a private network requires creating a
dedicated networking interface for it; name of that interface is derived
from the container name itself - e.g. a container named `foo` gets
attached to an interface named `ve-foo`.

An interface name can span up to IFNAMSIZ characters, which means that a
container name must contain at most IFNAMSIZ - 3 - 1 = 11 characters;
it's a limit that we validate using a build-time assertion.

This limit has been upgraded with Linux 5.8, as it allows for an
interface to contain a so-called altname, which can be much longer,
while remaining treated as a first-class citizen.

Since altnames have been supported natively by systemd for a while now,
due diligence on our side ends with dropping the name-assertion on newer
kernels.

This commit closes #38509.

systemd/systemd#14467
systemd/systemd#17220
https://lwn.net/Articles/794289/
2021-02-26 17:48:49 +01:00
WORLDofPEACE
1546bea850
Merge pull request #111462 from jakobrs/msize
nixos/qemu-vm: add virtualisation.msize option
2021-02-25 21:06:27 -05:00
nicoo
d7c15d0eec nixos/hyperv-guest: rngd was removed, no need to disable it 2021-02-21 01:34:56 +01:00
Florian Klink
d0be6dcd70
Merge pull request #110784 from talyz/gce-fetch-ssh-keys
google-compute-config: Reintroduce fetch-ssh-keys
2021-02-20 22:19:53 +01:00
talyz
95f96de78e
gce/fetch-ssh-keys: Put script in separate file, use PrivateTmp...
...check the script with shfmt and shellcheck + some other minor
refactoring.
2021-02-19 15:17:12 +01:00
ilian
29a6c9b9a3 nixos/hypervGuest: add Microsoft Synthetic Keyboard driver
Ensure that the HyperV keyboard driver is available in the early
stages of the boot process. This allows the user to enter a disk
encryption passphrase or repair a boot problem in an interactive
shell.
2021-02-17 08:01:34 +00:00
Matej Urbas
a6766bee7b virtualization/amazon-init: enable option 2021-02-15 18:44:34 +00:00
Maciej Krüger
8429831b67
Merge pull request #112746 from mkg20001/qemu-extra-disks 2021-02-14 13:20:44 +01:00
zowoq
37f1ed7ca4 nixos/podman: install systemd files
- install podman service and socket
- install podman tmpfile
2021-02-14 06:57:39 +10:00
Maciej Krüger
45b8e83128
qemu-vm: add virtualisation.fileSystems to allow extra vm mounts 2021-02-11 11:02:45 +01:00
adisbladis
6caa6cb3f5
Merge pull request #111924 from saschagrunert/cri-o-oci-hook
nixos/cri-o: add OCI seccomp bpf hook support
2021-02-06 12:03:44 +01:00
adisbladis
3c6035cd9a
Merge pull request #106767 from erikarvstedt/fix-container-pkgs-2
nixos-container: fix `nixpkgs` container options being ignored
2021-02-06 11:57:14 +01:00
Sascha Grunert
e2b7bdd08d
nixos/cri-o: add OCI seccomp bpf hook support
We now set the hooks dir correctly if the OCI hook is enabled. CRI-O
supports this specific hook from v1.20.0.

Signed-off-by: Sascha Grunert <mail@saschagrunert.de>
2021-02-05 11:04:49 +01:00
Jörg Thalheim
57cfa03b03
Merge pull request #111591 from Mic92/zfs-kube 2021-02-02 11:56:58 +00:00
Robert Hensing
a4f4d86e92
Merge pull request #111583 from mikroskeem/more-docker-fixes
docker: fix socket activation race
2021-02-01 19:13:38 +01:00
Jörg Thalheim
9c6a9d0458
nixos/lxd: refactor to use zfs.package/enabled property 2021-02-01 17:59:18 +01:00
Mark Vainomaa
9360e789c6
docker: fix socket activation race 2021-02-01 18:14:43 +02:00
jakobrs
278843e979 nixos/qemu-vm: add virtualisation.msize option 2021-01-31 18:41:22 +01:00
Fritz Otlinghaus
d7c39c01ae
nixos/xen: add types 2021-01-31 13:47:57 +01:00
Simon Žlender
ede24160fc nixos/oci-containers: Remove dep on system.path 2021-01-29 18:29:07 +01:00
Simon Žlender
683f0b8938 nixos/oci-containers: Use docker.package 2021-01-28 21:27:50 +01:00
talyz
dd6ebb7871
google-compute-config: Reintroduce fetch-ssh-keys
Reintroduce the `fetch-ssh-keys` service so that GCE images that work
with NixOps can once again be built. Also, reformat the code a bit.

The service was removed in 88570538b3,
likely due to a comment saying it should be removed. It was still
needed for images to work with NixOps, however, and probably needed to
be replaced or rewritten rather than removed.
2021-01-25 14:14:00 +01:00
volth
bc0d605cf1 treewide: fix double quoted strings in meta.description
Signed-off-by: Ben Siraphob <bensiraphob@gmail.com>
2021-01-24 19:56:59 +07:00
Pavol Rusnak
66dc9dbb59
nixos/modules: stdenv.lib -> lib 2021-01-17 21:40:51 +01:00