Commit Graph

18321 Commits

Author SHA1 Message Date
Sascha Grunert
2259fbdf4b
apparmor: add apparmor_parser config file
If the config does not exist, then apparmor_parser will throw a warning.
To avoid that and make the parser configurable, we now add a new option
to it.

Signed-off-by: Sascha Grunert <sgrunert@suse.com>
2020-08-22 22:59:26 +02:00
Justin Humm
6a7b11055c
Merge pull request #93532 from erictapen/gollum-h1-title
nixos/gollum: introduce --h1-title option
2020-08-22 22:45:43 +02:00
Maximilian Bosch
d61bb155dc
Merge pull request #96026 from bbigras/nixos-enter
nixos/manual: fix typo in man-nixos-enter.xml
2020-08-22 21:59:09 +02:00
Jamie McClymont
f5f2d89fb7 nixos/bitwarden_rs: add test 2020-08-23 07:29:42 +12:00
Maximilian Bosch
0436b98753
Merge pull request #95845 from WilliButz/update/prometheus-2.20.1
prometheus: 2.19.3 -> 2.20.1, fix thanos test
2020-08-22 21:22:38 +02:00
Bruno Bigras
c62fe0bea5 nixos/manual: fix typo in man-nixos-enter.xml 2020-08-22 15:08:37 -04:00
Lassulus
2fb9ee9caa
Merge pull request #87553 from JoeDupuis/enhancing-monit-module
nixos/monit: Allow splitting the config in multiple files
2020-08-22 19:21:55 +02:00
Silvan Mosberger
af1ac757ff
Merge pull request #95986 from turboMaCk/imwheel-service
nixos/services.imwheel: sleep 3s before restarting
2020-08-22 16:51:48 +02:00
Lassulus
d08b81c3b5
Merge pull request #89116 from wagdav/fix-args-create-amis
nixos/maintainers/scripts/ec2/create-amis.sh: fix argument check
2020-08-22 16:47:54 +02:00
Silvan Mosberger
f8e6745ad3
Merge pull request #82817 from pacien/smartd-fix-hostname-notifications
smartmontools: fix missing hostname in notifications
2020-08-22 16:09:14 +02:00
Lassulus
6a2c73031a
Merge pull request #89353 from wizeman/u/fix-zfs-ebusy
stage-1: retry mounting ZFS root a few times
2020-08-22 15:42:32 +02:00
rnhmjoj
1067236150
nixos/release-notes: mention GRUB password support 2020-08-22 15:29:23 +02:00
Lassulus
ab5a1fee33
Merge pull request #89532 from DIzFer/transmission-apparmor-test
tests: transmission is now tested with apparmor
2020-08-22 15:26:34 +02:00
rnhmjoj
b14e1581c8
nixos/release-notes: fix typo 2020-08-22 15:10:04 +02:00
Marek Fajkus
dcaa2d2c74
nixos/services.imwheel: sleep 3s before restarting 2020-08-22 14:52:18 +02:00
Lassulus
8a141825a3
Merge pull request #89779 from jktr/acme-extra-flags
nixos/acme: extra lego flags
2020-08-22 14:29:39 +02:00
Lassulus
d8e671676d
Merge pull request #89785 from buckley310/logstash
logstash: fix support for multiple plugin paths
2020-08-22 14:07:20 +02:00
Daniël de Kok
280147c510
Merge pull request #95489 from danieldk/rocm-3.7.0
Update ROCm to 3.7.0
2020-08-22 13:30:01 +02:00
Lassulus
82b424453b
Merge pull request #86632 from Atemu/undervolt-timer-optional
Undervolt: Make timer optional
2020-08-22 11:48:30 +02:00
Atemu
f5856db1b8 rl-2009: add note on undervolt timer changes 2020-08-22 11:02:23 +02:00
Atemu
ed83bac1d9 undervolt: make timer opt-in
It should no longer be needed but is worth keeping around in case it is
2020-08-22 10:42:20 +02:00
Atemu
e6f0a1e7eb undervolt: apply undervolt on boot and resume
The undervolt did not persist reboots or sleep/hibernation. With this
change you should no longer have to apply the undervolt on a timer
2020-08-22 10:42:19 +02:00
Matthew Bauer
47b56e7c19 runInLinuxVM, test-driver: use -cpu max instead of -cpu host
This appears to avoid requiring KVM when it’s not available. This is
what I originally though -cpu host did. Unfortunately not much
documentation available from the QEMU side on this, but this appears
to square with help:

$ qemu-system-x86 -cpu help
...
x86 host                  KVM processor with all supported host features
x86 max                   Enables all features supported by the accelerator in the current host
...

Whether we actually want to support this not clear, since this only
happens when your CPU doesn’t have full KVM support. Some Nix builders
are lying about kvm support though. Things aren’t too slow without it
though.

Fixes https://github.com/NixOS/nixpkgs/issues/85394

Alternative to https://github.com/NixOS/nixpkgs/pull/83920
2020-08-21 23:42:07 -05:00
Silvan Mosberger
1b8a94db67
nixos/logrotate: Fix option reference
Fixes the manual build
2020-08-22 01:38:38 +02:00
Jonathan Ringer
19d2c0cb55
nixos/release-notes: minor fixes 2020-08-21 14:41:03 -07:00
Silvan Mosberger
b6d657adbe release-notes: Mention stricter option evaluation
As caused by https://github.com/NixOS/nixpkgs/pull/82743
2020-08-21 14:37:32 -07:00
Silvan Mosberger
d400dcaa48 release-notes: Mention freeform modules
As introduced by https://github.com/NixOS/nixpkgs/pull/82743
2020-08-21 14:37:32 -07:00
Aaron Andersen
4df837063f
Merge pull request #95809 from aanderse/logrotate
nixos/logrotate: switch `paths` option type from listOf to attrsOf
2020-08-21 17:31:52 -04:00
Aaron Andersen
91db1c8aec
Merge pull request #87712 from aanderse/zabbix
zabbix: 4.4.8 -> 5.0.2
2020-08-21 17:11:55 -04:00
Aaron Andersen
06d17caf92 nixos/httpd: configure log rotation 2020-08-21 17:04:07 -04:00
Aaron Andersen
00f08005af nixos/logrotate: switch paths option type from listOf to attrsOf 2020-08-21 17:04:04 -04:00
Silvan Mosberger
bf777413f9
Merge pull request #95722 from Infinisil/dovecot-mailboxes-improved
nixos/dovecot: Improve mailboxes type
2020-08-21 22:40:50 +02:00
Jörg Thalheim
6f4141507b
meguca: remove (#95920) 2020-08-21 13:00:40 -07:00
Janne Heß
540c033507
nixos/hardened: Port test to Python and fix it
Related to #72828
Replaces and closes #76708

Looks like `nix ping-store` does not output anything anymore but still
fails when the connection does not work.
2020-08-21 21:35:07 +02:00
Janne Heß
ff03800d3b
nixos/testing: Fix fail() function
The docs say this behaves as succeed(), but it does not return stdout as
succeed() does. This fixes that behaviour
2020-08-21 21:28:24 +02:00
Jörg Thalheim
b6e2e4c777
Merge pull request #93425 from helsinki-systems/feat/gitlab-shell-config 2020-08-21 19:20:42 +01:00
Lassulus
6f87509957
Merge pull request #91296 from cawilliamson/master
nixos/onlykey: fix typo
2020-08-21 18:27:46 +02:00
Lassulus
ebf11e405d
Merge pull request #95122 from rudolph9/nixos/xmonad
nixos/xmonad: Fix behavior of config opt
2020-08-21 08:51:42 +02:00
Daniël de Kok
95e5089607 nixos/manual: remove references to rocm-runtime-ext
rocm-runtime-ext is not needed anymore for OpenCL image support.
2020-08-21 08:50:51 +02:00
Sascha Grunert
71dd85bffa cri-o: add pinns path and witch to crio.conf.d config style
This adds the pinns path to the configuration let CRI-O start properly.
We also change the configuration to the new drop-in syntax.

Signed-off-by: Sascha Grunert <sgrunert@suse.com>
2020-08-21 12:09:20 +10:00
adisbladis
7d6e7b3cd3
Merge pull request #95878 from adisbladis/emacs-26
emacs: Fix emacs26 attribute(s)
2020-08-21 01:26:44 +02:00
Aaron Andersen
b87b6abd17
Merge pull request #95294 from aanderse/postgresql-rootless
nixos/postgresql: run ExecStartPost as an unprivileged user
2020-08-20 19:16:23 -04:00
adisbladis
d1fdc67c53
nixos/editors: Remove any explicit mention of Emacs 25 2020-08-21 00:34:15 +02:00
Jan Tojnar
2adf17f8c2
Merge pull request #95869 from jtojnar/fc-local-regression
nixos/fontconfig: fix local.conf regression
2020-08-20 23:43:47 +02:00
Jan Tojnar
fe1b9ebaf1
nixos/fontconfig: fix local.conf regression
Another part of edf2541f02 was missed while
rebasing https://github.com/NixOS/nixpkgs/pull/93562, resulting in incorrect path
as described by https://github.com/NixOS/nixpkgs/issues/86601#issuecomment-675462227
2020-08-20 20:09:28 +02:00
davidak
5a3738d22b
nixos/systemPackages: clean up (#91213)
* nixos/systemPackages: clean up

* Update nixos/doc/manual/release-notes/rl-2009.xml

Co-authored-by: Jan Tojnar <jtojnar@gmail.com>

* Update nixos/doc/manual/release-notes/rl-2009.xml

Co-authored-by: 8573 <8573@users.noreply.github.com>

Co-authored-by: Jan Tojnar <jtojnar@gmail.com>
Co-authored-by: 8573 <8573@users.noreply.github.com>
2020-08-20 13:45:54 +00:00
WilliButz
876396cac0
prometheus: 2.19.3 -> 2.20.1, fix thanos test 2020-08-20 11:14:43 +02:00
Aaron Andersen
fd250d57bb
Merge pull request #79123 from aanderse/apachectl
nixos/httpd: remove impurity from /etc
2020-08-19 20:56:51 -04:00
zowoq
259dcd17ff rl-2009: remove modSha256 warning note 2020-08-20 08:02:36 +10:00
Anderson Torres
e7139f46cd
Merge pull request #93654 from Church-/jellyfin_10.6.0
jellyfin 10.5.5 -> 10.6.0
2020-08-19 10:21:16 -03:00
Frederik Rietdijk
4cf394ea3f Merge master into staging-next 2020-08-18 17:55:04 +02:00
Aaron Andersen
f6a3403055 nixos/zabbix: use proper character set and collation for mysql database 2020-08-18 10:30:27 -04:00
Aaron Andersen
5e630bf5d3 zabbix: 4.4.8 -> 5.0.2 2020-08-18 10:30:23 -04:00
Silvan Mosberger
cfd599e117
Merge pull request #95743 from Ma27/qemu-test-out
nixos/test-instrumentation: properly import `options` for `qemu`-check
2020-08-18 14:29:50 +02:00
Silvan Mosberger
fc121e2813
nixos/dovecot: Improve mailboxes type
The previous use of types.either disallowed assigning a list at one
point and an attrset an another.
2020-08-18 14:25:51 +02:00
Maximilian Bosch
2fbddb0ccb
nixos/test-instrumentation: properly import options for qemu-check
If `qemu-vm.nix` is imported, the option `virtualisation.qemu.consoles`
should be set to make sure that the machine's output isn't rendered on
the graphical window of QEMU.

This is needed when interactively running a NixOS test or in conjunction
with `nixos-build-vms(8)`.

The patch 2578557530 tries to only do this
if the option actually exists, however this condition used to be always
false since `options` wasn't imported in the module and pointed to
`lib.options` due to the `with lib;`-clause.
2020-08-18 12:26:49 +02:00
Frederik Rietdijk
fe7bab33d7
Merge pull request #95553 from zowoq/rename-maintainers
maintainers: prefix number with underscore
2020-08-18 11:30:24 +02:00
Silvan Mosberger
7db9fd1dbc
Merge pull request #81467 from dawidsowa/rss-bridge
rss-bridge: init at 2020-02-26
2020-08-18 05:00:41 +02:00
zowoq
0052523a18 maintainers: 1000101 -> _1000101 2020-08-18 07:59:48 +10:00
zowoq
7d9c49f8e6 maintainers: 0x4A6F -> _0x4A6F 2020-08-18 07:59:44 +10:00
Silvan Mosberger
c6aa9e4af6
Merge pull request #95681 from flokli/fontconfig-penultimate-remove
nixos/fonts: remove fontconfig-penultimate
2020-08-17 23:47:52 +02:00
Florian Klink
8425726f86 nixos/fontconfig: fix 50-user.conf handling
Apparently, edf2541f02 was missed while
rebasing https://github.com/NixOS/nixpkgs/pull/93562.

Provide 50-user.conf in fontconfig if includeUserConf is true (the
default), and don't try removing the non-existent one if it's disabled

Fixes https://github.com/NixOS/nixpkgs/issues/95685
Fixes https://github.com/NixOS/nixpkgs/issues/95712
2020-08-17 23:12:57 +02:00
Jörg Thalheim
8b18e07c40
Merge pull request #95522 from doronbehar/fix/transmission
nixos/transmission: handle watch-dir
2020-08-17 19:54:48 +01:00
Jörg Thalheim
914d37cbc9
Merge pull request #95686 from ju1m/transmission-fix
transmission: fix BindReadOnlyPaths=
2020-08-17 19:52:27 +01:00
Frederik Rietdijk
0ac85bc455 Merge master into staging-next 2020-08-17 14:54:39 +02:00
Julien Moutinho
f6c3d4f723 transmission: fix BindReadOnlyPaths= 2020-08-17 14:09:12 +02:00
Martin Weinelt
a153452e54
Merge pull request #95508 from Ma27/nextcloud-nginx
nixos/nextcloud: update nginx config
2020-08-17 13:46:47 +02:00
Olli Helenius
5f5c990ea0
nixosTests.virtualbox: Port to python 2020-08-17 14:31:00 +03:00
Olli Helenius
e64e92fd08
nixosTests.virtualbox: Disable predictable interface names in guest 2020-08-17 14:30:06 +03:00
Florian Klink
1d51b526e4 nixos/fonts/fontconfig-penultimate: remove module 2020-08-17 13:25:46 +02:00
ajs124
696357c376 sogo: remove SOGoZipPath
sogo links against libzip now
2020-08-17 12:15:16 +02:00
Izorkin
5c70c5eeaa nginxModules: renamed module ngx_aws_auth to aws-auth 2020-08-17 10:42:54 +03:00
Izorkin
36c95f331d nginxModules.cache-purge: 2.5 -> 2.5.1 2020-08-17 10:42:01 +03:00
pacien
ea37c9caa1 smartmontools: use standard subject in notification emails
This makes the notification script use the subject generated by smartmontools
itself both for consistency with other distros and to include the hostname.
2020-08-16 20:48:42 +02:00
pacien
f1922cdbdc smartmontools: fix missing hostname in notifications
This properly registers some missing dependencies of smartd_warning.sh.
2020-08-16 20:48:03 +02:00
Florian Klink
431b08cafd
Merge pull request #95158 from Izorkin/mariadb
mariadb: 10.4.13 -> 10.4.14
2020-08-16 20:32:57 +02:00
Florian Klink
bda86eee87
Merge pull request #95222 from eadwu/kresd/runtime-fixes
kresd: runtime fixes
2020-08-16 18:44:27 +02:00
Florian Klink
16fc531784
Merge pull request #95505 from flokli/remove-mathics
mathics: remove package, module and test
2020-08-16 18:42:10 +02:00
Vladimír Čunát
0a3386369c
qemu: fix build with environment.noXlibs = true
In some tests, e.g. -f nixos/release.nix tests.simple.x86_64-linux
we use noXlibs and qemu.ga.  Now that output is tiny but to get it
a full qemu build is done, and some dependencies like gtk3 won't build
with noXlibs due to their dependencies being too stripped down.

Therefore let's reduce qemu features in noXlibs case.
The `sdlSupport = false;` part probably wasn't needed,
but I added it for consistency.
2020-08-16 18:25:31 +02:00
Edmund Wu
68366adf3c
nixos/kresd: ensure /run/knot-resolver exists 2020-08-16 12:20:10 -04:00
Edmund Wu
6c67af2fac
nixos/kresd: ensure /var/lib/knot-resolver exists 2020-08-16 12:20:03 -04:00
Edmund Wu
1a6240bde4
nixos/kresd: fix CacheDirectory permissions as per tmpfiles 2020-08-16 12:18:32 -04:00
Edmund Wu
ed89d043dc
nixos/kresd: remove derivation from systemd.tmpfiles
Using per-unit directives as per https://github.com/NixOS/nixpkgs/pull/95222#issuecomment-674512571
2020-08-16 12:17:14 -04:00
Maximilian Bosch
e8bdadb864
Merge pull request #95109 from Ma27/nextcloud-reverse-proxy
nixos/nextcloud: add documentation for alternative reverse-proxies
2020-08-16 18:09:45 +02:00
Noah Hendrickson
ce9f0c42f9 nixos/jellyfin: added a package option to the options section, defaults to using the default jellyfin package if nixos version is 20.09 or greater, otherwise will default to using the new jellyfin_10_5 derivation for older systems. 2020-08-16 11:41:41 -04:00
Florian Klink
36a162edc3
Merge pull request #95342 from flokli/systemd-initctl
nixos/systemd: don't try to install systemd-initctl.{service,socket}
2020-08-16 17:17:18 +02:00
Ben Wolsieffer
23b4356a5f nixos/nixos-*: use runtimeShell
Fix shebangs and other shell uses in the NixOS tools, allowing them to work
correctly on cross-compiled systems.
2020-08-16 13:08:33 +00:00
Izorkin
d35d990025 nixos/tests/mariadb: disable check TokuDB in aarch32 and aarch64 2020-08-16 16:08:14 +03:00
Florian Klink
b2f3bbd3fb
Merge pull request #95507 from flokli/remove-mesos
mesos: remove package, module and test (and chronos/marathon which depends on it)
2020-08-16 14:46:24 +02:00
Jörg Thalheim
aeffd67cec
Merge pull request #95493 from Izorkin/nginx-unit 2020-08-16 13:20:31 +01:00
Robert Hensing
cf568e31f8
Merge pull request #95584 from hercules-ci/fix-nixos-test-instrumentation
nixos/test-instrumentation.nix: Fix evaluation error
2020-08-16 13:59:50 +02:00
Robert Hensing
2578557530 nixos/test-instrumentation.nix: Fix evaluation error
Discovered via https://github.com/NixOS/nixpkgs/pull/82743 which
improved option checking, causing an evaluation error that was
hard to understand without running the evaluation manually.
2020-08-16 13:50:53 +02:00
Jörg Thalheim
0cb79c953d nixos/ec2: remove dependency on NIX_PATH
This is required when migrating to flakes
2020-08-16 10:56:44 +00:00
Sergey Lukjanov
da4e029edf nixos/zfs: enable encryption test for stable zfs 2020-08-16 10:36:48 +00:00
Ben Wolsieffer
8f1de2e7c0 environment.noXlibs: disable X11 support in cairo 2020-08-16 10:33:44 +00:00
Florian Klink
b3909d1cb1
Merge pull request #95565 from vcunat/p/symlinkJoin
nixos/systemd.tmpfiles.packages: fix an edge case
2020-08-16 12:27:19 +02:00
Florian Klink
609eb86db7
Merge pull request #95444 from doronbehar/fix/mount+s
nixos/wrappers: make mount have the +s bit.
2020-08-16 12:23:12 +02:00
paumr
d420369354 nixos/emacs: formatted with nixpkgs-fmt 2020-08-16 10:22:56 +00:00
Doron Behar
22abe3202f nixos/transmission: handle watch-dir as incomplete-dir
`watch-dir` was neglected after #92106 - this change makes using this
setting work.
2020-08-16 12:43:02 +03:00
Vladimír Čunát
3937923f81
nixos/systemd.tmpfiles.packages: fix an edge case
symlinkJoin can break (silently) when the passed paths contain symlinks
to directories.  This should work now.

Down-side: when lib/tmpfiles.d doesn't exist for some passed package,
the error message is a little less explicit, because we never get
to the postBuild phase (and symlinkJoin doesn't provide a better way):
/nix/store/HASH-NAME/lib/tmpfiles.d: No such file or directory

Also, it seemed pointless to create symlinks for whole package trees
and using only a part of the result (usually very small part).
2020-08-16 10:23:53 +02:00
Aaron Andersen
8e045b42fd nixos/postgresql: move ExecStartPost into postStart 2020-08-15 16:59:53 -04:00
Aaron Andersen
ec82ae3c39 nixos/postgresql: run ExecStartPost as an unprivileged user 2020-08-15 16:59:49 -04:00
Doron Behar
2519e54bef tests/misc: Test mount +s permission
For #95444
Co-authored-by: Florian Klink <flokli@flokli.de>
2020-08-15 22:21:30 +03:00
Doron Behar
a854b77b08 nixos/wrappers: make (u)mount have the +s bit.
See
https://discourse.nixos.org/t/how-to-make-a-derivations-executables-have-the-s-permission/8555
and:
https://www.linuxquestions.org/questions/slackware-14/must-be-superuser-to-use-mount-fstab-is-correct-however-144932/
2020-08-15 21:57:16 +03:00
Florian Klink
01684d6e9b nixos/mathics: remove module 2020-08-15 20:16:13 +02:00
Florian Klink
b7be00ad5e
Merge pull request #93358 from helsinki-systems/fix/gitlab-customrb
nixos/gitlab: Fix extra-gitlab.rb
2020-08-15 20:13:28 +02:00
Maximilian Bosch
42f6244899
nixos/nextcloud: update nginx config
This patch ensures that latest Nextcloud works flawlessly again on our
`nginx`. The new config is mostly based on upstream recommendations
(again)[1]:

* Trying to access internals now results in a 404.
* All `.php`-routes get properly resolved now.
* Removed 404/403 handling from `nginx` as the app itself takes care of
  this. Also, this breaks the `/ocs`-API.
* `.woff2?`-files expire later than other assets like images.

Closes #95293

[1] https://docs.nextcloud.com/server/latest/admin_manual/installation/nginx.html
2020-08-15 17:12:11 +02:00
Florian Klink
645ea787c9 nixos/marathon: remove module
The corresponding package failed to build for >9 months.
2020-08-15 16:59:58 +02:00
Florian Klink
a90b929020 nixos/chronos: remove module
The chronos package has been broken for > 9 months due to the breakage
of the mesos package.
2020-08-15 16:59:38 +02:00
Florian Klink
34d91a8cba nixos/mesos*: remove
The mesos package has been broken for >9 months.
2020-08-15 16:59:37 +02:00
Florian Klink
3c65c53f2c nixosTests.mesos: remove
The `mesos` package has been broken for >9 months.
2020-08-15 16:51:23 +02:00
Florian Klink
d71cae4275 nixosTests.mathics: remove
The mathics package is unmaintained and doesn't build. Remove the test
using it.
2020-08-15 16:16:40 +02:00
Robert Hensing
6d0a85fe52
Merge pull request #82743 from Infinisil/partially-typed-v2
Freeform modules
2020-08-15 12:13:58 +02:00
Izorkin
26898b8518 nixos/unit: update sandboxing options 2020-08-15 11:21:09 +03:00
Jörg Thalheim
7acb961c67
Merge pull request #93395 from hmenke/zfs
ZFS: Request credentials only for selected pools
2020-08-15 09:19:49 +01:00
Frederik Rietdijk
cfe6081cee Merge staging-next into staging 2020-08-15 09:12:42 +02:00
Silvan Mosberger
25d75155f3
nixos/doc: Add freeform modules documentation
Co-Authored-By: Robert Hensing <robert@roberthensing.nl>
2020-08-14 22:49:35 +02:00
Martin Weinelt
f1efdd2c0b
Merge pull request #89444 from mweinelt/pinnwand-module
nixos/pinnwand: init; steck: init at 0.5.0; nixos/tests/pinnwand: init
2020-08-14 22:09:33 +02:00
worldofpeace
bea5560354
Merge pull request #94878 from stigtsp/package/firejail-test
nixos/tests: add test for firejail
2020-08-14 14:05:39 -04:00
Marek Mahut
f43fa60f02
Merge pull request #95010 from StijnDW/dokuwiki
dokuwiki: 2018-04-22b -> 2020-07-29
2020-08-14 16:27:38 +02:00
Martin Weinelt
9c8c31b241
Merge pull request #95086 from danieldk/manual-intel-opencl
nixos/manual: add a section about enabling OpenCL for Intel GPUs
2020-08-14 12:09:49 +02:00
Daniël de Kok
0c135e5f85
Merge pull request #95336 from danieldk/gpu-accel-common-issues
nixos/manual: add a section about common GPU acceleration issues
2020-08-14 08:30:24 +02:00
Aaron Andersen
f1f4cc6e1b
Merge pull request #95231 from aanderse/mysql-cleanup
nixos/mysql: run postStart as an unprivileged user
2020-08-13 21:38:44 -04:00
Aaron Andersen
806253800b nixos/mysql: update release notes 2020-08-13 17:03:23 -04:00
Aaron Andersen
f08049e712 nixos/mysql: move ExecStartPost into postStart 2020-08-13 17:03:22 -04:00
Jan Tojnar
afe22f645a
Merge branch 'staging-next' into staging 2020-08-13 21:59:15 +02:00
Florian Klink
f3ba51f148
Merge pull request #95353 from flokli/systemd-output-journal
nixos: remove StandardOutput=syslog, StandardError=syslog lines
2020-08-13 21:45:12 +02:00
Jan Tojnar
0a4a62459a
nixos/fontconfig: Reintroduce unversioned fonts.conf
Turns out lot of software (including Chromium) use bundled fontconfig
so we either need to wrap every one of those, or re-introduce the global unversioned config.
The latter is easier but weakens hermetic configs. But perhaps those are not really worth the effort.
2020-08-13 20:56:43 +02:00
Florian Klink
d85d7c7179 nixosTests.systemd: update output
systemd shows minutes as `min`, not `m`.
2020-08-13 20:51:42 +02:00
Florian Klink
7361f6f252 nixos/boot: handle systemd-udevd being a symlink to udevadm 2020-08-13 20:51:39 +02:00
Florian Klink
4f7636dafc nixos/systemd: don't try to install systemd-initctl.{service,socket}
These are now only installed by systemd if HAVE_SYSV_COMPAT is true,
which only is the case if you set sysvinit-path and sysvrcnd-path (which
we explicitly unset in the systemd derivation for quite some time)
2020-08-13 20:51:39 +02:00
Florian Klink
2f9d719061 nixos/systemd: remove mymachines nss module from passwd: and group: lines
From the systemd release notes:

nss-mymachines lost support for resolution of users and groups, and now
only does resolution of hostnames. This functionality is now provided by
nss-systemd. Thus, the 'mymachines' entry should be removed from the
'passwd:' and 'group:' lines in /etc/nsswitch.conf (and 'systemd' added
if it is not already there).
2020-08-13 20:51:39 +02:00
dawidsowa
9aaf34bdb8 nixos/rss-bridge: init 2020-08-13 19:51:30 +02:00
Daniël de Kok
9c14f5d56e nixos/manual: add a section about common GPU acceleration issues 2020-08-13 19:35:47 +02:00
Florian Klink
962e15aebc nixos: remove StandardOutput=syslog, StandardError=syslog lines
Since systemd 243, docs were already steering users towards using
`journal`:

eedaf7f322

systemd 246 will go one step further, it shows warnings for these units
during bootup, and will [automatically convert these occurences to
`journal`](f3dc6af20f):

> [    6.955976] systemd[1]: /nix/store/hwyfgbwg804vmr92fxc1vkmqfq2k9s17-unit-display-manager.service/display-manager.service:27: Standard output type syslog is obsolete, automatically updating to journal. Please update│······················
 your unit file, and consider removing the setting altogether.

So there's no point of keeping `syslog` here, and it's probably a better
idea to just not set it, due to:

> This setting defaults to the value set with DefaultStandardOutput= in
> systemd-system.conf(5), which defaults to journal.
2020-08-13 18:49:15 +02:00
Florian Klink
e37941e4e4 nixos/systemd: don't try to install systemd-initctl.{service,socket}
Since systemd 246, these are only installed by systemd if
HAVE_SYSV_COMPAT is true, which only is the case if you set
sysvinit-path and sysvrcnd-path (which we explicitly unset in the
systemd derivation for quite some time)
2020-08-13 17:00:24 +02:00
Jörg Thalheim
28224516e5
Merge pull request #92964 from lopsided98/initrd-secrets-compressor 2020-08-13 07:54:01 +01:00
Frederik Rietdijk
7e189c56a1 Merge staging-next into staging 2020-08-13 08:52:48 +02:00
Jörg Thalheim
0f2ee10cbf
Merge pull request #94270 from jerith666/postfix-dane
postfix: add useDane config option
2020-08-13 06:53:53 +01:00
Matt McHenry
a45f1453eb postfix: add useDane config option 2020-08-12 21:18:36 -04:00
Matthew Bauer
6fffd50623
Merge pull request #95220 from obsidiansystems/ipfs-quic-socket-activated
nixos/ipfs: Allow QUIC connections to socket activate too
2020-08-12 13:47:29 -05:00
Justin Humm
90ed2c01f0
Merge pull request #95266 from Lassulus/gollum-text
nixos/gollum: replace toFile with writeText
2020-08-12 19:28:41 +02:00
lassulus
957da625c5 nixos/gollum: replace toFile with writeText 2020-08-12 19:16:05 +02:00
Florian Klink
22e8ada3b3
Merge pull request #95264 from flokli/nginx-config-reload
nixos/nginx: move configuration testing script into reload command
2020-08-12 18:47:02 +02:00
Maximilian Bosch
fddeb7cb73
Revert "nextcloud: use mkDefault for whole nginx config"
This breaks the Nextcloud vhost declaration when adding e.g. another
vhost as the `services.nginx.virtualHosts` option has `{ nextcloud =
...; }` as *default* value which will be replaced by another
`virtualHosts`-declaration with a higher (e.g. the default) priority.

The following cases are now supported & covered by the module:

* `nginx` is enabled with `nextcloud` enabled and other vhosts can be
  added / other options can be declared without having to care
  about the declaration's priority.

* Settings in the `nextcloud`-vhost in `nginx` have to be altered using
  `mkForce` as this is the only way how we officially support `nginx`
  for `nextcloud` and customizations have to be done explicitly using
  `mkForce`.

* `nginx` will be completely omitted if a user enables nextcloud
  and disables nginx using `services.nginx.enable = false;`. (because
  nginx will be enabled by this module using `mkDefault`).

This reverts commit 128dbb31cc.
Closes #95259
2020-08-12 18:28:45 +02:00
Florian Klink
300049ca51 nixos/nginx: move configuration testing script into reload command
nginx -t not only verifies configuration, but also creates (and chowns)
files. When the `nginx-config-reload` service is used, this can cause
directories to be chowned to `root`, causing nginx to fail.

This moves the nginx -t command into a second ExecReload command, which
runs as nginx's user. While fixing above issue, this will also cause the
configuration to be verified when running `systemctl reload nginx`, not
only when restarting the dummy `nginx-config-reload` unit. The latter is
mostly a workaround for missing features in our activation script
anyways.
2020-08-12 18:13:29 +02:00
Daniël de Kok
2c0034d5fb
Merge pull request #91938 from spacefrogg/openafs-1.6-deprecation
openafs: 1.6.23 -> 1.6.24, mark broken due to EOL
2020-08-12 17:11:28 +02:00
Michael Raitza
b3c794d610 openafs: 1.6.23 -> 1.6.24, mark broken due to EOL
Last old stable release. Enforce switch to openafs_1_8 by marking broken while
leaving a reasonable short-term alternative.

Ref #90927
2020-08-12 15:31:11 +02:00
Florian Klink
bab13cc0df nixos/doc/manual/release-notes: document fontconfig 2.10.x config and cache removal 2020-08-12 13:40:46 +02:00
Florian Klink
f527651a67 nixos/fontconfig: stop generating fontconfig_210 config and cache
This fontconfig version isn't used anywhere inside nixpkgs anymore.
2020-08-12 13:40:45 +02:00