Jörg Thalheim
67b1d6a16d
Merge pull request #34905 from vcunat/p/kresd-TLS
...
kresd service: add listenTLS option
2018-02-13 10:41:52 +00:00
Franz Pletz
eb862c48dd
systemd: 234 -> 237
...
Co-Authored-By: Florian Klink <flokli@flokli.de>
Co-Authored-By: Andreas Rammhold <andreas@rammhold.de>
2018-02-13 01:24:24 +01:00
Ruben Maher
ac52cb3aed
nixos/prometheus/alertmanager: double hyphenate long opts ( #34914 )
...
Alertmanager 0.13.0 doesn't support single dash long options, so '-config.file'
for example is parsed as '-c', which leads to the service not starting.
2018-02-12 18:02:38 -05:00
Vladimír Čunát
05d6a7edb6
kresd service: add listenTLS option
...
Also fix some deficiencies in the systemd multi-socket stuff.
2018-02-12 20:48:25 +01:00
Franz Pletz
74736f26c2
bird2: init at 2.0.1
2018-02-11 23:35:05 +01:00
Vladimír Čunát
968b866dcc
Merge #32774 : slurm-spank-x11: init at 0.2.5
2018-02-10 22:48:22 +01:00
Daniel Schaefer
713a69d083
nixos/acpid: pass event parameters to handler ( #34190 )
...
Previously the parameters were just dropped. Now they can be read
from within the handler script. An example to show this is added.
Makes use of the new writeShellScript function as suggested in:
issue #21557
resolves: #21557
2018-02-10 13:26:05 +00:00
Jörg Thalheim
2cab78bc1d
Merge pull request #34384 from gnidorah/nvidia-optimus
...
modules/nvidia-optimus: fix module blacklisting
2018-02-10 12:14:21 +00:00
Jörg Thalheim
9fab083b79
Merge pull request #34524 from Infinisil/physlock-allowAnyUser
...
nixos/physlock: add allowAnyUser option
2018-02-10 09:58:36 +00:00
Jörg Thalheim
7914e6be3e
Merge pull request #34655 from markus1189/zookeeper-package-option
...
zookeeper.service: option for package and add to environment
2018-02-10 09:54:12 +00:00
Netix (Espinet François)
2a2e885cd0
nixos/freeradius : init - Added freeradius service
...
Inspired from the dhcpd service implementation
Only 2 configurations options at the moment:
- enabled
- path to config directory (defaults to /etc/raddb)
Implementation was also inspired from ArchLinux
systemd file and corrected with @dotlambda and
@fpletz help.
2018-02-10 09:59:01 +01:00
Masayuki Takeda
65faff97ff
nixos/lxd: partial fix
2018-02-10 17:18:53 +09:00
Jörg Thalheim
79315b632e
Merge pull request #34728 from dpc/master
...
Add pam option to enable Google Authenticator
2018-02-10 08:16:50 +00:00
Jörg Thalheim
5be14cce39
Merge pull request #34753 from noqqe/master
...
Multiple users with hashedPassword is broken in mosquitto
2018-02-10 07:59:49 +00:00
markuskowa
bf53dc68c2
nixos/rdma-core: add module for soft RoCE and test ( #34607 )
2018-02-10 07:52:03 +00:00
Dawid Ciężarkiewicz
5c746a0a84
nixos/pam: support for Google Authenticator
2018-02-09 21:09:03 -08:00
Graham Christensen
5aabf0fc34
Merge pull request #33898 from oxij/nixos/related-packages-v5
...
nixos: doc: implement related packages in the manual (again)
2018-02-09 20:36:27 -05:00
Jan Malakhovski
0d1a643210
nixos/xen-dom0: add related packages, make it play well with them
...
This is a custom attribute set example of `relatedPackages` option usage.
2018-02-09 19:51:07 +00:00
Jan Malakhovski
e5268344fe
nixos/adb: add related package
...
This is an attribute path example of `relatedPackages` option usage.
2018-02-09 19:51:06 +00:00
Jan Malakhovski
eb38b8676a
nixos/tmux: add related package
...
This is a trivial example of `relatedPackages` option usage.
2018-02-09 19:51:06 +00:00
Franz Pletz
1fcbc7055c
Merge pull request #33700 from roberth/nixos-externalpkgs
...
nixos: Add nixpkgs.pkgs option
2018-02-09 18:47:48 +00:00
Franz Pletz
3748f3aac8
Merge pull request #32582 from Ma27/yabar-module
...
yabar: add module
2018-02-09 18:43:59 +00:00
Andreas Rammhold
04051ee9d0
Merge pull request #34562 from griff/rspamd-workers
...
nixos/rspamd: worker configuration, socket activation and tests
2018-02-09 14:45:54 +01:00
Andreas Rammhold
7ae9699e1c
Merge pull request #34759 from dotlambda/dovecot
...
nixos/dovecot: no " in mailbox.name
2018-02-09 12:43:03 +01:00
Robert Schütz
6ceece6b59
nixos/dovecot: no " in mailbox.name
2018-02-09 12:20:55 +01:00
Hamish
3a2b0cdf5c
nixos/traefik: make group configurable for docker support ( #34749 )
2018-02-09 09:37:29 +00:00
Brian Olsen
908fc5e14b
nixos/rspamd: options for worker configuration and socket activation
2018-02-09 06:19:03 +01:00
Florian Baumann
7e76b127cd
Multiple users with hashedPassword is broken in mosquitto
...
If you have more than 1 User with hasedPassword Option set it generates
```
rm -f /var/lib/mosquitto/passwd
touch /var/lib/mosquitto/passwd
echo 'user1:$6$xxx' > /var/lib/mosquitto/passwd
echo 'user2:$6$xxx' > /var/lib/mosquitto/passwd
```
Which ends up in only having 1 user.
2018-02-08 22:46:06 +01:00
Joachim F
65e6fbf2b5
Merge pull request #34690 from dotlambda/tor
...
nixos/tor: add hiddenServices.<name>.authorizeClient
2018-02-08 17:08:44 +00:00
Eric Bailey
6b45dbd99c
services.mysql: properly quote database.name
2018-02-08 17:32:41 +01:00
Eelco Dolstra
6bc889205a
sshd: Remove UsePrivilegeSeparation option
...
This option is deprecated, see https://www.openssh.com/txt/release-7.5 .
2018-02-08 13:32:55 +01:00
Frederik Rietdijk
c0f6aac818
Merge pull request #34574 from dotlambda/home-assistant
...
nixos/home-assistant: support platform=... scheme for autoExtraComponents
2018-02-08 10:53:35 +00:00
Jörg Thalheim
b6bcba6537
nixos/zfs: fix typo in enableLegacyCrypto description
2018-02-08 10:24:47 +00:00
Robert Schütz
355de06fe4
nixos/tor: add hiddenServices.<name>.authorizeClient
2018-02-08 10:02:22 +01:00
sjau
0d65e2e0e5
zfs: add migration path for new crypto format
...
fixes #34559
2018-02-07 20:46:16 +00:00
rnhmjoj
5118b86800
nixos/monero: init
2018-02-07 08:04:36 -05:00
Tuomas Tynkkynen
a008a9cb3b
nixos/sd-image-armv7l-multiplatform: Port RPi config.txt changes from aarch64 image
...
As was done in commit cd2e740dde
.
2018-02-07 06:30:34 +02:00
Robert Schütz
b5ecdfa977
nixos/acme: Fix xml ( #34683 )
2018-02-06 23:27:28 +00:00
Joachim Schiele
edeacd00ad
security.acme: default name value via module system ( #34388 )
2018-02-06 21:08:57 +00:00
Joachim F
97ab8d8981
Merge pull request #17106 from spacefrogg/openafs
...
openafs: Refactor and introduce server module
2018-02-06 14:43:55 +00:00
Markus Hauck
77218de812
zookeeper.service: option for package and add to environment
2018-02-06 09:59:01 +01:00
Philipp Dörfler
35441b52d9
Wrapped ${mailbox.name} in "s to allow for space in mailbox names.
2018-02-05 17:06:49 +01:00
Frederik Rietdijk
ba34a70086
Merge pull request #33866 from yesbox/fix_newgrp
...
nixos: sg/newgrp should always be available, not chfn
2018-02-05 10:47:23 +00:00
David McFarland
fbba0d0ee5
matrix-synapse: default server_name to hostname
2018-02-04 21:22:55 -04:00
David McFarland
a4b7de74a5
matrix-synapse: default to postgresql on 18.03
2018-02-04 21:22:55 -04:00
David McFarland
1472fa8685
matrix-synapse: create and connect to local postgresql db
2018-02-04 21:22:54 -04:00
Thomas Tuegel
4688dd0cf5
Merge pull request #34526 from ttuegel/bugfix/plasma-integration/font-style
...
plasma-integration: Fix font style name bug with Qt >= 5.8
2018-02-04 17:41:50 -06:00
Sarah Brofeldt
bf58890a5a
nixos/k8s: Enable Node authorizer and NodeRestriction by default
2018-02-04 21:23:36 +01:00
Thomas Tuegel
77a607aa88
nixos/plasma5: Fix font style names in kdeglobals
2018-02-04 13:31:04 -06:00
Robert Schütz
59eb19224b
nixos/home-assistant: support platform=... scheme for autoExtraComponents
...
See https://home-assistant.io/components/sensor.luftdaten/ for an example component using that scheme.
2018-02-04 11:09:55 +01:00
Vladimír Čunát
dd57c63793
Merge branch 'staging'
...
There are some Darwin regressions and a mysterious Lisp issue,
but also a security update of curl...
2018-02-03 10:56:07 +01:00
Vladimír Čunát
84fb5c6a0d
nixos/availableKernelModules: add a keyboard module
...
Non-working keyboards during boot are quite a problem; see:
https://github.com/NixOS/nixpkgs/pull/33529#issuecomment-361164997
2018-02-03 10:46:53 +01:00
adisbladis
7ebb82e04f
home-assistant: Fix incorrect xml closing tag
2018-02-03 16:54:02 +08:00
Frederik Rietdijk
55e0f12761
Merge remote-tracking branch 'upstream/master' into HEAD
2018-02-03 09:48:42 +01:00
Frederik Rietdijk
db58049f75
Merge pull request #34494 from dotlambda/home-assistant
...
home-assistant: compute extraComponents from config
2018-02-03 08:01:50 +00:00
Tuomas Tynkkynen
10c8e6d0c5
Merge remote-tracking branch 'upstream/master' into staging
2018-02-03 02:50:21 +02:00
Jörg Thalheim
a4170403e6
Merge pull request #33897 from rnhmjoj/digits
...
Avoid package attributes starting with a digit
2018-02-02 19:30:23 +00:00
Michael Raitza
d0ebdbd308
nixos/openafsServer: OpenAFS server nixos module
2018-02-02 16:43:44 +01:00
Shea Levy
43f647e5b4
Merge branch 'dynamic-function-args'
2018-02-02 09:41:16 -05:00
Vladimír Čunát
bbfca0f371
knot-resolver: 1.5.3 -> 2.0.0 (feature update)
...
Also split extraFeatures into a wrapper derivation.
So far, no changes like user renaming nor systemd unit rework.
2018-02-02 15:26:36 +01:00
Silvan Mosberger
cfd22b733b
physlock: add allowAnyUser option
2018-02-02 14:03:00 +01:00
Robert Schütz
78c2ca326e
home-assistant: compute extraComponents from config
2018-02-02 09:48:50 +01:00
Jan Tojnar
dfe7a54d19
nixos/pipewire: init
2018-02-01 22:40:51 +01:00
Michael Raitza
ce74e1cc36
nixos/openafsClient: Extend client service functionality
...
Add a lot of options to the client to make it more usable and compatible
with the OpenAFS server module.
2018-02-01 16:35:24 +01:00
Michael Raitza
c389d705f3
nixos/openafsClient: relocate nixos module
2018-02-01 16:35:18 +01:00
rnhmjoj
1fec496f38
nixos/networking-interfaces: add preferTempAddress option
2018-02-01 13:14:09 +01:00
Jörg Thalheim
57d72d4140
Merge pull request #34442 from rnhmjoj/virtual
...
Fix virtualType for network-interfaces-scripted
2018-02-01 10:35:13 +00:00
rnhmjoj
e28ecd5528
fix
2018-02-01 10:51:35 +01:00
Frederik Rietdijk
d30735f889
Merge pull request #34188 from dotlambda/home-assistant
...
home-assistant: init at 0.62.1
2018-02-01 08:44:48 +00:00
Vladimír Čunát
2fb4606f38
Merge branch 'master' into staging
...
Haskell rebuild.
Hydra: ?compare=1430378
2018-02-01 09:36:23 +01:00
Eelco Dolstra
700e21d6da
nix-daemon.nix: Updates for Nix 2.0
...
* The environment variables NIX_CONF_DIR, NIX_BUILD_HOOK and
NIX_REMOTE are no longer needed.
* A /bin/sh (from busybox) is provided by default in sandboxes.
* Various options were renamed.
2018-01-31 22:26:05 +01:00
WilliButz
c2fa5f1729
nixos/xautolock: fix default defaults/examples, add assertions
...
see issue #34371
2018-01-31 21:43:23 +01:00
Shea Levy
943592f698
Add setFunctionArgs lib function.
...
Among other things, this will allow *2nix tools to output plain data
while still being composable with the traditional
callPackage/.override interfaces.
2018-01-31 14:02:19 -05:00
Robert Schütz
bacbc48cfe
home-assistant: add NixOS module
2018-01-31 12:30:31 +01:00
rnhmjoj
46c158a32f
nixos/networking-interfaces: set default value for virtualType
2018-01-31 05:51:09 +01:00
Peter Hoeg
dc52fc6dda
aria2 (nixos): actually load the module
...
Fixes #33991
2018-01-31 09:42:03 +08:00
Vladimír Čunát
c9171e5a4c
Merge branch 'master' into staging
...
Hydra: ?compare=1430035
2018-01-30 19:51:33 +01:00
Tuomas Tynkkynen
71631a922b
runInLinuxVM: Use QEMU command line that works on other architectures
...
... by moving the existing definition to qemu-flags.nix and reusing
that.
2018-01-30 16:57:27 +02:00
Tuomas Tynkkynen
8e83158f12
nixos/qemu: Deduplicate QEMU serialDevice into qemu-flags.nix
2018-01-30 16:57:27 +02:00
Robert Hensing
f2a45a47d4
nixos: Add nixpkgs.pkgs option
...
This lets the user set pkgs directly, so that it can be injected
externally and be reused among evaluations of NixOS.
2018-01-30 12:57:03 +01:00
Jörg Thalheim
add22af095
Merge pull request #34381 from JohnAZoidberg/less
...
nixos/less configure less with module
2018-01-30 10:41:39 +00:00
Daniel Schaefer
288898d6f1
nixos/less: use lesspipe package for preprocessing
...
Rather than a custom script the less config now uses the lesspipe
package config by default.
2018-01-29 22:08:32 +07:00
gnidorah
7b2482ea54
modules/nvidia-optimus: fix module blacklisting
2018-01-29 15:46:15 +03:00
Daniel Schaefer
192c2330d0
nixos/less configure less with module
2018-01-29 18:40:22 +07:00
Jan Tojnar
0f21306ca3
Merge pull request #33900 from jtojnar/nginx-acme
...
nixos/nginx: allow using existing ACME certificate
2018-01-29 01:38:45 +01:00
Graham Christensen
e2a54266c4
openssh: Build with Kerberos by default
...
This reverts commit 09696e32c390c232ec7ac506df6457fb93c1f536.
which reverted f596aa0f4a
to move it to staging
2018-01-28 16:36:01 -05:00
Graham Christensen
15a4977409
Revert "openssh: Build with Kerberos by default"
...
This reverts commit a232dd66ee
.
Moving to staging
2018-01-28 16:36:01 -05:00
Aneesh Agrawal
716d1612af
openssh: Build with Kerberos by default
...
This can be disabled with the `withKerberos` flag if desired.
Make the relevant assertions lazy,
so that if an overlay is used to set kerberos to null,
a later override can explicitly set `withKerberos` to false.
Don't build with GSSAPI by default;
the patchset is large and a bit hairy,
and it is reasonable to follow upstream who has not merged it
in not enabling it by default.
2018-01-28 16:36:00 -05:00
Graham Christensen
f596aa0f4a
Revert "openssh: Build with Kerberos by default"
...
This reverts commit a232dd66ee
.
Moving to staging
2018-01-28 16:32:52 -05:00
Aneesh Agrawal
a232dd66ee
openssh: Build with Kerberos by default
...
This can be disabled with the `withKerberos` flag if desired.
Make the relevant assertions lazy,
so that if an overlay is used to set kerberos to null,
a later override can explicitly set `withKerberos` to false.
Don't build with GSSAPI by default;
the patchset is large and a bit hairy,
and it is reasonable to follow upstream who has not merged it
in not enabling it by default.
2018-01-28 16:30:46 -05:00
Franz Pletz
36103e9863
nixos/powerManagement: remove duplicate definition
...
When not set just use the kernel default. `nixos-generate-config` will pick
a reasonable default.
cc #34350
2018-01-28 21:53:07 +01:00
Franz Pletz
50dda062d8
Merge pull request #34350 from Ma27/fix-powermanagement-default
...
nixos/powerManagement: set `cpuFreqGovernor` with `mkOptionDefault`
2018-01-28 14:46:51 +00:00
Jesper
2b270c1596
nixos/containers: Enable use of the network.useHostResolvConf option ( #34354 )
2018-01-28 14:42:15 +00:00
Maximilian Bosch
8ed3a90cdf
nixos/powerManagement: set cpuFreqGovernor
with mkOptionDefault
...
`nixos-generate-config` detects the `cpuFreqGovernor` suited best for my
machine, e.g. `powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";`.
However the `powerManagement` module sets a sensitive default for
`cpuFreqGovernor` using `mkDefault` to avoid breackage with older
setups. Since 140ac2f1
the `hardware-configuration.nix` sets the
gorvernor with `mkDefault` as well which causes evaluation errors if the
powermanagement module is enabled:
```
error: The unique option `powerManagement.cpuFreqGovernor' is defined multiple times, in `/home/ma27/Projects/nixos-config/hardware-configuration.nix' and `/nix/var/nix/profiles/per-user/root/channels/nixos/nixpkgs/nixos/modules/config/power-management.nix'.
```
Using `mkOptionDefault` rather than `mkDefault` in the powermanagement
module fixes this issue as it decreases the priority of the module and
prefers the value set in `hardware-configuration.nix`.
I have confirmed the change using the following VM declaration:
```
{
cpuFreq = { lib, ... }: {
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
powerManagement.enable = true;
};
}
```
2018-01-28 09:38:45 +01:00
Luke Adams
1537ce9dc7
samba4/sambaMaster: Modify services to align with Samba project usage
2018-01-26 22:37:17 +01:00
Franz Pletz
cb7fe51ee6
nixos/postfix: separate list option elements with commas
2018-01-26 14:10:17 +01:00
Markus Kowalewski
85ca8f121b
slurm-spank-x11: init at 0.2.5
2018-01-25 13:58:14 -08:00
WilliButz
9bd7798d9c
nixos/postfix: fix default postfix config
...
`services.postfix.config` is now correctly merged with the default attrset
specified in the module. Some options that are lists in postfix also
have to be lists in nix to be merged correctly. Other default options are
now set with `mkDefault` so they can be overridden via the module system.
2018-01-24 23:35:28 +01:00
Tuomas Tynkkynen
d02c2d694e
nixos/sd-image-*.nix: Bring back high consoleLogLevel
...
3d040f9305
removed it from installation-device.nix, but the default
loglevel is just too low for ARM and the like.
2018-01-24 18:23:32 +02:00
Tuomas Tynkkynen
cd2e740dde
nixos/sd-image-aarch64.nix: Set avoid_warnings in RPi config.txt
...
Also add some comments on the existing config settings as well.
2018-01-24 18:23:31 +02:00
Michael Raitza
8a77ae81ad
openafsClient: rename to openafs
2018-01-24 13:20:47 +01:00
Jörg Thalheim
e45dfded2b
Merge pull request #34052 from volth/patch-86
...
nixos/libvirtd: add qemu-img to $PATH of the daemon
2018-01-22 14:39:29 +00:00
Tuomas Tynkkynen
95880aaf06
nixos/initrd: Don't include some x86-specific modules unconditionally
2018-01-22 12:53:33 +02:00
Tuomas Tynkkynen
962e79ef32
nixos/make-disk-image.nix: Support EFI images
...
- Add a new parameter `imageType` that can specify either "efi" or
"legacy" (the default which should see no change in behaviour by
this patch).
- EFI images get a GPT partition table (instead of msdos) with a
mandatory ESP partition (so we add an assert that `partitioned`
is true).
- Use the partx tool from util-linux to determine exact start + size
of the root partition. This is required because GPT stores a secondary
partition table at the end of the disk, so we can't just have
mkfs.ext4 create the filesystem until the end of the disk.
- (Unrelated to any EFI changes) Since we're depending on the
`-E offset=X` option to mkfs which is only supported by e2fsprogs,
disallow any attempts of creating partitioned disk images where
the root filesystem is not ext4.
2018-01-22 11:18:23 +02:00
Graham Christensen
931a0b8be8
Merge pull request #34128 from teto/doc_simple
...
Doc: simple precisions
2018-01-21 22:40:36 -05:00
Matthieu Coudron
91648a2f22
environment.variables: give an example
2018-01-22 10:40:23 +09:00
Matthieu Coudron
d9ebd0d35b
zsh doc: precise environment.shellAliases
2018-01-22 10:40:23 +09:00
Jörg Thalheim
a1e2f2a339
nixos/initrd-network: fix docbook syntax
2018-01-22 00:01:49 +00:00
Svein Ove Aas
5c5259d68d
initrd-network: Document the need for modules
2018-01-21 17:43:41 +00:00
Leon Schuermann
04c4c01089
nixos/stunnel: add module ( #33151 )
2018-01-21 11:23:07 +00:00
Sarah Brofeldt
ed792d3a45
Merge pull request #33842 from mimadrid/fix/resilio-sync
...
resilio-sync: fixed typo knownHosts -> entry.knownHosts
2018-01-21 12:11:29 +01:00
Vladimír Čunát
5402412b97
Merge #33600 : xfce: cleanup, hyphenate attributes
2018-01-21 09:52:58 +01:00
Jörg Thalheim
dfa6a81a31
Merge pull request #33331 from cransom/netdata-module
...
netdata service: fix permissions for apps.plugin
2018-01-19 23:19:29 +00:00
volth
c4eb23062e
nixos/libvirtd: add qemu-img to $PATH of the daemon
...
...because daemon's $PATH does not include "/run/current-system/sw/bin"
2018-01-19 16:28:01 +00:00
Jan Tojnar
d2d1a2dfba
Merge pull request #28882 from jtojnar/chrome-gnome-shell
...
chrome-gnome-shell: refactor
2018-01-19 13:40:42 +01:00
Leon Schuermann
c61a9dfd2e
sshd: provide option to disable firewall altering
2018-01-18 22:55:28 +08:00
Rob Vermaas
38538f3206
Merge pull request #33423 from AmineChikhaoui/gce-ssh-keys
...
Fix ssh keys retrieval in GCE instances
2018-01-18 13:06:00 +01:00
Leon Schuermann
f297ddb5c9
sudo: define extra rules in Nix language ( #33905 )
2018-01-17 14:56:08 +00:00
Roman Kuznetsov
f63604a598
kubernetes-dashboard (module): 1.6.3 -> 1.8.2
2018-01-17 09:01:32 +01:00
Francesco Gazzetta
356eeb0d4f
nixos/mighttpd2: init
2018-01-16 21:04:09 +00:00
rnhmjoj
c946c101d6
avoid package attributes starting with a digit
2018-01-16 21:13:16 +01:00
Robin Gloster
9bceb2b353
oh-my-zsh module: reword & fix manual build
...
docbook interpreted this as a tag and this sounded as if the option
defaulted to putting the cached directory into the nix store.
cc @Ma27 @fpletz
2018-01-16 21:02:54 +01:00
Maximilian Bosch
b55d4c0564
programs.zsh.ohMyZsh: add cacheDir
option ( #33150 )
...
The default cache directory set by oh-my-zsh is $ohMyZsh/cache which
lives in the Nix store in our case. This causes issues with several
completion plugins provided by oh-my-zsh.
2018-01-16 17:29:46 +00:00
Jörg Thalheim
822c949833
Merge pull request #33915 from lheckemann/remove-amd-hybrid-graphics
...
amd-hybrid-graphics module: remove
2018-01-16 15:57:37 +00:00
Leon Schuermann
22e83d2667
openvpn: add warning about world-readable credentials
2018-01-16 11:40:16 +07:00
Linus Heckemann
730f8530a8
amd-hybrid-graphics module: remove
...
This was only applicable to very specific hardware, and the only person
with an apparent interest in maintaining it (me) no longer uses the
hardware in question.
2018-01-15 23:17:12 +00:00
Jan Tojnar
41d252d7a4
nixos/nginx: allow using existing ACME certificate
...
When a domain has a lot of subdomains, it is quite easy to hit the rate limit:
https://letsencrypt.org/docs/rate-limits/
Instead you can define the certificate manually in `security.acme.certs` and list the subdomains in the `extraDomains` option.
2018-01-15 13:48:45 +01:00
Leon Schuermann
e45a06ebd1
openvpn: add option to store credentials
2018-01-15 14:34:58 +07:00
Jesper Geertsen Jonsson
8c0558dbb2
sg/newgrp should always be available, not chfn
...
sg and newgrp only changes the current user session and should be
available to users even if the "users.mutableUsers" option is set.
These are common, useful commands.
chfn does modify the /etc/passwd GECOS field which is also controlled
by the option "users.users.<name?>.description", so it's less
appropriate to make it available when "users.mutableUsers" is set.
However, because CHFN_RESTRICT in login.defs is never set in current
NixOS the chfn functionality is never available to users anyway and
may as well have its SUID disabled, as only root is able to use it.
This is recommended in the chfn man page in this case.
2018-01-14 20:54:40 +01:00
Joachim F
b6c696cc6f
Merge pull request #33444 from rnhmjoj/dnscrypt-wrapper
...
nixos/dnscrypt-wrapper: fix rotate script failing to restart the service
2018-01-14 11:33:02 +00:00
Sarah Brofeldt
ee4e6ebbfa
Merge pull request #32822 from LumiGuide/elk6
...
ELK: 5.6.1 -> 5.6.5 & add ELK 6.1.0
2018-01-14 10:40:50 +01:00
Miguel Madrid Mencía
22341c42e7
resilio-sync: fixed typo knownHosts -> entry.knownHosts
2018-01-13 23:44:39 +01:00
Jan Tojnar
38b6d7b60e
nixos/chrome-gnome-shell: init
2018-01-13 15:19:19 +01:00
Joachim F
ed250d8093
Merge pull request #27131 from richardlarocque/mosquitto_pw
...
mosquitto: Explicitly configure password file
2018-01-13 12:02:45 +00:00
Eelco Dolstra
dddcd10ecc
Don't set 'config.xorg = {}'
...
This makes memoization of Nixpkgs evaluation less effective, since
some Nixpkgs invocations may have 'config = {}' while others may have
'config = { xorg = {}; }'.
Instead set 'config = {}'.
2018-01-11 19:31:05 +01:00
zimbatm
1276a3b12a
nixos/acme: configurable TOS hash ( #33522 )
...
This hash tends to change and upstream simp_le doesn't seem to keep up
with the changes.
2018-01-11 14:19:15 +00:00
Jörg Thalheim
788c5195f3
Revert "nixos/udev: fix outdated udev rules for network devices"
...
This reverts commit 45c5a915980fbe1fa6f0ff80ab2d11b60b844d9e.
This breaks PredictableNetworkInterfaceNames on systems without networkd.
We should only include this file from systemd, when networkd is enabled.
2018-01-11 11:21:16 +00:00
Eelco Dolstra
6bbd67d45a
EC2 AMIs: 17.09.2356.cb751f9b1c3 -> 17.09.2681.59661f21be6
2018-01-10 13:16:49 +01:00
Joachim F
a6912f589e
Merge pull request #33629 from rnhmjoj/dnscrypt-proxy
...
Restore dnscrypt-proxy
2018-01-09 21:34:14 +00:00
John Ericson
eec050f395
Merge pull request #33577 from dtzWill/fix/cross-2
...
Minor cross fixes, 2
2018-01-09 12:36:53 -05:00
Vladimír Čunát
d6bf8eb71b
Merge #33614 : nixos/kresd improvements
...
The PR was extended with other fixes. All tested by me atop 17.09.
2018-01-09 17:26:31 +01:00
Ben Gamari
b2cbffae64
nixos/security-wrapper: Fix cross-compilation
2018-01-09 11:25:19 -05:00
Vladimír Čunát
4bc4c08838
nixos/kresd: service nitpicks
2018-01-09 17:25:18 +01:00
Vladimír Čunát
3ab85ed1ac
nixos/kresd: use DNSSEC root trust anchor from nixpkgs
...
in read-only way. If the cache directory is empty and you use the
very same service for system's DNS, kresd is unable to bootstrap root
trust anchors, as it would need a DNS lookup.
Also, if we don't rely on bootstrap, the extra lua deps of kresd could
be dropped by default, but let's not do that now, as the difference in
closure size is only ~4 MB, and there may be other use cases than
running the package as nixos service this way.
2018-01-09 17:24:49 +01:00
Vladimír Čunát
f312e6d993
nixos/kresd: use systemd.tmpfiles
...
Since 4e4161c212
it works on nixos-rebuild.
2018-01-09 17:11:36 +01:00
José Romildo Malaquias
8b416450ea
mate: let caja find extensions and gsettings schemas
2018-01-09 02:40:04 +02:00
José Romildo Malaquias
598c6c13f0
mate-panel: let mate-panel find applets in config system path
2018-01-09 02:40:04 +02:00
José Romildo Malaquias
ca27392d9c
mate-control-center: add gsettings schemas path to XDG vars
...
mate-control-center depends on mate-settings-daemon, but the later needs
gsettings schemas provided by the former. To fix this the gsettings schema
path from mate-control-center is added to XDG_DATA_DIRS at session
startup.
2018-01-09 02:40:04 +02:00
José Romildo Malaquias
1bacb88c6a
mate-session-manager: add debug option to mate service
2018-01-09 02:40:04 +02:00
Andreas Rammhold
637d5dd00c
tomcat9: 9.0.0.M17 -> 9.0.2
...
also renamed from tomcatUnstable to tomcat9
2018-01-09 01:31:06 +01:00