Commit Graph

15619 Commits

Author SHA1 Message Date
Silvan Mosberger
c7ade6844f
Revert "lib/types: Allow paths as submodule values"
This reverts commit eec83d41e3.

This broke hydra evaluation because with this commit submodule values
are allowed to be paths, however the certmgr module uses `either
(submodule ...) path` in its type, meaning it already used paths for
something else which would now be interpreted as a submodule.
2020-01-03 05:21:01 +01:00
Bernardo Meurer
d80570f3f5
rogue: boot.extraTTYs -> console.extraTTYs 2020-01-02 16:59:43 -08:00
Bernardo Meurer
992245f844
nixos-manual: boot.extraTTYs -> console.extraTTYs 2020-01-02 16:53:15 -08:00
aszlig
845e92835d
Merge Last-Modified fix for nginx (#76697)
This fixes the patch for nginx to clear the Last-Modified header if a
static file is served from the Nix store.

So far we only used the ETag from the store path, but if the
Last-Modified header is always set to "Thu, 01 Jan 1970 00:00:01 GMT",
Firefox and Chrome/Chromium seem to ignore the ETag and simply use the
cached content instead of revalidating.

Alongside the fix, this also adds a dedicated NixOS VM test, which uses
WebDriver and Firefox to check whether the content is actually served
from the browser's cache and to have a more real-world test case.
2020-01-02 21:41:59 +01:00
Christian Kauhaus
129c73802f
Merge pull request #76153 from arcnmx/connman-iwd
nixos/connman: optional iwd backend
2020-01-02 21:35:54 +01:00
Florian Klink
03212a7f03
Merge pull request #76606 from flokli/mysql-tests
nixosTests.mysql: add more tests
2020-01-02 21:30:55 +01:00
Matthew Bauer
81daa1e5dc
Merge pull request #76546 from matthewbauer/nvidia-fix-udev-rules
nvidia: fix $ substitution in udev rules
2020-01-02 15:04:33 -05:00
Silvan Mosberger
cdf79db19d
Module system improvements for NixOS as a submodule (#75031)
Module system improvements for NixOS as a submodule
2020-01-02 20:38:45 +01:00
Marek Mahut
7d90e34e9f
Merge pull request #76817 from misuzu/3proxy-test-python
nixosTests.3proxy: port test to python
2020-01-02 18:19:43 +01:00
Aaron Andersen
ebf58a3404
Merge pull request #76709 from aanderse/httpd-ssl
nixos/httpd: update default ssl protocols
2020-01-02 11:28:25 -05:00
misuzu
9980eb8734 nixosTests.3proxy: port test to python 2020-01-02 14:25:20 +02:00
Silvan Mosberger
eec83d41e3
lib/types: Allow paths as submodule values 2020-01-02 09:59:35 +01:00
Silvan Mosberger
bc42515736
nixos/syncthing: Fix submodule name usage
Module arguments should be taken from the arguments directly. This
allows evalModule's specialArgs to override them if necessary
2020-01-02 09:59:35 +01:00
Silvan Mosberger
90c82bfee7
nixos/docs: Add docs for types.submoduleWith 2020-01-02 09:59:32 +01:00
Atemu
a461f3fa9c Consider the exit status of docker run in ExecStop (#76444)
We don't need to stop the container if it already exited sucessfully
2020-01-01 18:28:46 -05:00
Florian Klink
2393fa23f2
Merge pull request #76560 from nh2/kexec-test-python
nixosTests.kexec: port to python and mark as broken
2020-01-01 19:05:09 +01:00
Tim J. Baumann
36b98fdf26 networkmanager: fix dispatcherScripts example
Before, the example script didn't actually exit when the event type
didn't match "up".
2020-01-01 15:32:15 +01:00
Jörg Thalheim
a82f07cecf
netdata: 1.18.1 -> 1.19.0 (#75173)
netdata: 1.18.1 -> 1.19.0
2020-01-01 12:52:29 +00:00
zimbatm
5f5df51bf0
Merge pull request #76758 from alyssais/ruby_2_7
Some Ruby 2.7 updates and fixes
2020-01-01 11:29:44 +00:00
Silvan Mosberger
fd7a019c70
nixosTests.haka: port to python (#76707)
nixosTests.haka: port to python
2020-01-01 03:31:11 +01:00
zimbatm
ab64518d0f
nixos/redmine: update example to more recent Ruby 2020-01-01 00:27:14 +00:00
Jörg Thalheim
a45447a3d5
bandwhich: init at 0.6.0 (#76689)
bandwhich: init at 0.6.0
2019-12-31 14:23:19 +00:00
Jakub Sokołowski
3238beab0a nixos/transmission: fix from where service loads config
Currently if you specify home to be someplace else than ~/ for user
then Transmissions always attempts to load the config from the
default location which is $HOME/.config/transmission-daemon based on documentation:
https://github.com/transmission/transmission/wiki/Configuration-Files

Which means that the changes done to the config under settingsDir in
ExecPreStart have no effect because they are modifying a file that is never loaded.

I've added an explicit --config-dir ${settingsDir} to make sure
that Transmission loads the correct config file even when home is changed.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2019-12-31 15:21:29 +01:00
Florian Klink
d6bbe6c0f5
Merge pull request #76719 from flokli/containers-poweroff
nixos/containers: use machinectl poweroff
2019-12-31 14:41:58 +01:00
Daniel Frank
6d671372b5
nextcloud module: https is important not only for proxies 2019-12-31 13:01:46 +01:00
Oleksii Filonenko
1a477dc895
bandwhich: 0.5.1 -> 0.6.0
- Rename from `what` to `bandwhich`
- Add Security for darwin
2019-12-31 10:20:07 +02:00
Florian Klink
90a3908ec3 nixos/containers: use machinectl poweroff
Previously, we were storing the leader pid in a runtime file and
signalled SIGRTMIN+4 manually.

In systemd 219, the `machinectl poweroff` command was introduced, which
does that for us.
2019-12-30 22:28:53 +01:00
Aaron Andersen
66bf75415f
Merge pull request #76551 from symphorien/nagios2
nagios: various improvements
2019-12-30 14:21:03 -05:00
Matthew Bauer
b43479d49f nixos/nvidia: add nvidia-uvm-tools device
Related to https://bugs.launchpad.net/ubuntu/+source/nvidia-graphics-drivers-390/+bug/1767777
2019-12-30 13:15:10 -05:00
Ryan Mulligan
3a644e30b9
Merge pull request #46131 from ju1m/shorewall
shorewall: init at 5.2.3.3
2019-12-30 10:04:31 -08:00
Julien Moutinho
56a73dfb35 shorewall: init at 5.2.3.3
nixos/shorewall: init
2019-12-30 09:42:03 -08:00
Aaron Andersen
6777926911 nixos/httpd: update default ssl protocols 2019-12-30 11:24:11 -05:00
Aaron Andersen
7c8d98f8df nixos/sysstat: provide a type for each module option 2019-12-30 17:10:53 +01:00
Oleksii Filonenko
ab63902d1f
nixosTests.haka: port to python 2019-12-30 17:57:00 +02:00
Symphorien Gibol
cb38bf33e7 nagios: add nixos test 2019-12-30 16:41:18 +01:00
symphorien+git@xlumurb.eu
be25e45fc8 nagios: various improvements
* structured config for main config file allows to launch nagios in
debug mode without having to write the whole config file by hand
* build time syntax check
* all options have types, one more example
* I find it misleading that the main nagios config file is linked in
/etc but that if you change the link in /etc/ and restart nagios, it
has no effect. Have nagios use /etc/nagios.cfg
* fix paths in example nagios config files, which allows to reuse it:
  services.nagios.objectDefs =
   (map (x: "${pkgs.nagios}/etc/objects/${x}.cfg")
   [ "templates" "timeperiods" "commands" ]) ++ [ ./main.cfg ]
* for the above reason, add mailutils to default plugins

Co-Authored-By: Aaron Andersen <aaron@fosslib.net>
2019-12-30 16:40:52 +01:00
aszlig
ccf55bead1
nginx: Clear Last-Modified if ETag is from store
This is what I've suspected a while ago[1]:

> Heads-up everyone: After testing this in a few production instances,
> it seems that some browsers still get cache hits for new store paths
> (and changed contents) for some reason. I highly suspect that it might
> be due to the last-modified header (as mentioned in [2]).
>
> Going to test this with last-modified disabled for a little while and
> if this is the case I think we should improve that patch by disabling
> last-modified if serving from a store path.

Much earlier[2] when I reviewed the patch, I wrote this:

> Other than that, it looks good to me.
>
> However, I'm not sure what we should do with Last-Modified header.
> From RFC 2616, section 13.3.4:
>
> - If both an entity tag and a Last-Modified value have been
>   provided by the origin server, SHOULD use both validators in
>   cache-conditional requests. This allows both HTTP/1.0 and
>   HTTP/1.1 caches to respond appropriately.
>
> I'm a bit nervous about the SHOULD here, as user agents in the wild
> could possibly just use Last-Modified and use the cached content
> instead.

Unfortunately, I didn't pursue this any further back then because
@pbogdan noted[3] the following:

> Hmm, could they (assuming they are conforming):
>
>  * If an entity tag has been provided by the origin server, MUST
>    use that entity tag in any cache-conditional request (using If-
>    Match or If-None-Match).

Since running with this patch in some deployments, I found that both
Firefox and Chrome/Chromium do NOT re-validate against the ETag if the
Last-Modified header is still the same.

So I wrote a small NixOS VM test with Geckodriver to have a test case
which is closer to the real world and I indeed was able to reproduce
this.

Whether this is actually a bug in Chrome or Firefox is an entirely
different issue and even IF it is the fault of the browsers and it is
fixed at some point, we'd still need to handle this for older browser
versions.

Apart from clearing the header, I also recreated the patch by using a
plain "git diff" with a small description on top. This should make it
easier for future authors to work on that patch.

[1]: https://github.com/NixOS/nixpkgs/pull/48337#issuecomment-495072764
[2]: https://github.com/NixOS/nixpkgs/pull/48337#issuecomment-451644084
[3]: https://github.com/NixOS/nixpkgs/pull/48337#issuecomment-451646135

Signed-off-by: aszlig <aszlig@nix.build>
2019-12-30 14:30:36 +01:00
Oleksii Filonenko
bf17262578
nixos/what: init 2019-12-30 13:59:52 +02:00
Jan Tojnar
480fc1856a
Merge branch 'master' into staging-next 2019-12-30 05:22:23 +01:00
lewo
885c4cc97c
Merge pull request #76151 from Ma27/bump-hydra
hydra: 2019-08-30 -> 2019-11-13
2019-12-29 10:28:44 +01:00
Frederik Rietdijk
fb66525297 Merge master into staging-next 2019-12-29 10:19:39 +01:00
Tor Hedin Brønner
3d70d4ba0b
nixos/displayManager: fix typo in legacy sessions (#76626)
xsession gets passed `dm` `wm`, so the desktop manager would be launched
before the window manager resulting in a regular desktop manager
session.

Fixes https://github.com/NixOS/nixpkgs/issues/76625
2019-12-29 02:02:24 +01:00
Jan Tojnar
332cfab4ce
Merge pull request #76591 from lourkeur/set_XKB_CONFIG_ROOT
Fix services.xserver.extraLayouts under GNOME 3
2019-12-28 20:34:56 +01:00
Robert Hensing
71358c4f1e swapDevices.<name>.device can be a swap file. 2019-12-28 20:00:50 +01:00
Florian Klink
bf7841aae1 nixosTests.mysql: add additional test{db,user}2
Test that other users are not able to access the mysql database, and
unix socket auth actually works.
2019-12-28 15:31:12 +01:00
Florian Klink
7d64f7a534 nixosTests.mysql: add missing () to start_all()
Because mysql.wait_for_unit() starts the vm as well, we didn't notice
that.
2019-12-28 15:31:12 +01:00
Louis Bettens
636dabcf80 nixos/xserver: set $XKB_CONFIG_ROOT 2019-12-28 12:34:56 +01:00
Linus Heckemann
b9bf846080
Merge pull request #76189 from Ma27/nixos-install-verbosity-level
nixos/nixos-installer: add flags for verbosity and build logs
2019-12-28 11:50:25 +01:00
Aaron Andersen
c95aef92b9 nixos/awstats: add missing description to extraConfig option (#76575) 2019-12-28 01:09:47 +02:00
Vladimír Čunát
c3d4998e41
Merge #75803: kresd service: unify listen declarations 2019-12-27 15:55:38 +01:00