Commit Graph

4971 Commits

Author SHA1 Message Date
Eelco Dolstra
212dd84dd2
Cleanup 2018-02-27 20:03:12 +01:00
Nadrieril
297fac40ca nixos/usbguard: Do not check permissions on rules file (using undocumented -P flag) 2018-02-27 18:34:02 +00:00
Rodney Lorrimar
21dcead5f0
nixos/pump.io: remove
This would probably be better maintained in a separate repo as an
external NixOS module which gets imported into user's configuration.
2018-02-27 12:52:51 +00:00
Frederik Rietdijk
4f08b0fbac Merge remote-tracking branch 'upstream/master' into HEAD 2018-02-26 10:50:18 +01:00
Franz Pletz
37c009ca74
Merge pull request #34028 from florianjacob/matomo
piwik is now matomo
2018-02-26 06:53:58 +00:00
Peter Hoeg
f9cc3c08e2
Merge pull request #35432 from timokau/syncthing-deprecate-inotify
syncthing,qsyncthingtray: remove syncthing-inotify
2018-02-26 11:04:33 +08:00
Jan Tojnar
a31d98f312
tree-wide: autorename gnome packages to use dashes 2018-02-25 17:41:16 +01:00
Sarah Brofeldt
2ea8f8acdf nixos/mysql: Unbreak initial database creation 2018-02-24 20:07:55 +01:00
Timo Kaufmann
5643128ff2 syncthing,qsyncthingtray: remove syncthing-inotify
syncthing-inotify is replaced by the new syncthing "fswatcher" feature.
2018-02-24 01:08:44 +01:00
Tuomas Tynkkynen
ae9d4faff9 Merge remote-tracking branch 'upstream/master' into staging 2018-02-24 02:05:30 +02:00
Aristid Breitkreuz
e349ccc77f nixos/alsa: Do not make sound.enable conditional on stateVersion.
Eelco Dolstra wrote:

Hm, this is not really the intended use of stateVersion. From the description:

        Every once in a while, a new NixOS release may change
        configuration defaults in a way incompatible with stateful
        data. For instance, if the default version of PostgreSQL
        changes, the new version will probably be unable to read your
        existing databases. To prevent such breakage, you can set the
        value of this option to the NixOS release with which you want
        to be compatible. The effect is that NixOS will option
        defaults corresponding to the specified release (such as using
        an older version of PostgreSQL).

So this is only intended for options that have some corresponding on-disk state. AFAICT this is not the case for sound. In any case stateVersion is a necessary evil that only exists because we can't just upgrade Postgres databases or change SSH host keys. It's not necessary for things like whether sound is enabled. (If the user discovers that sound is suddenly disabled, they can just enable it.)

I had some vague recollection that we also had a configVersion option setting to control the defaults for non-state-related options, but I can't find it so maybe it was only discussed.
2018-02-23 23:14:42 +01:00
Tom Bereknyei
034d3fae3d tinc: enable invitations 2018-02-23 11:59:37 -05:00
Jan Tojnar
3b512ca185
Merge pull request #35065 from jtojnar/fwupd-1.0.5
fwupd: 1.0.5 update & cleanups
2018-02-23 17:22:47 +01:00
Nikolay Amiantov
9c1c424e52 cups service: fix client sockets
Use systemd to create the directory for UNIX socket. Also use localhost instead
of 127.0.0.1 as is done in default cupsd.conf so that IPv6 is enabled when
available.
2018-02-23 18:51:39 +03:00
Nikolay Amiantov
cc52eff6c6 Revert "cups service: fix client sockets"
This reverts commit cf4c077343.
2018-02-23 18:47:43 +03:00
Nikolay Amiantov
cf4c077343 cups service: fix client sockets
Use systemd to create the directory for UNIX socket. Also use localhost instead
of 127.0.0.1 as is done in default cupsd.conf so that IPv6 is enabled when
available.
2018-02-23 18:43:51 +03:00
Jörg Thalheim
df4963daca
Merge pull request #35343 from gnidorah/softether
softether module: fix dataDir option
2018-02-23 12:38:11 +00:00
Franz Pletz
6180eda1e4
Merge pull request #35026 from alesguzik/acpid_log_events
nixos/acpid: add option to log events
2018-02-23 04:36:33 +00:00
volth
985a4bb87c
nixos/tox-bootstrapd: new command line format 2018-02-23 03:26:18 +00:00
Franz Pletz
0dcf5df0ed
Merge pull request #34470 from WilliButz/fix-xautolock
nixos/xautolock: fix default defaults/examples, add assertions
2018-02-22 23:10:03 +00:00
Aristid Breitkreuz
a43e33d0e4 nixos: disable sound by default, if stateVersion >= 18.03 (#35355) 2018-02-22 22:06:31 +00:00
Florian Jacob
885e762d47 nixos/matomo: improve serverName default
when we need to change it anyway for the rename.
2018-02-22 22:03:55 +01:00
Florian Jacob
48e449ee70 nixos/piwik: rename to matomo 2018-02-22 22:03:55 +01:00
Frederik Rietdijk
d328ba753e
Merge pull request #35243 from FRidh/postgis
postgis: get rid of composableDerivation
2018-02-22 16:49:56 +00:00
gnidorah
fbeb32994b softether module: fix dataDir option 2018-02-22 18:37:59 +03:00
Jan Tojnar
30cc156c8c
nixos/fwupd: use manual list of etc files
Closes: #32142
2018-02-22 13:18:23 +01:00
Markus Hauck
1c3c80360b logkeys.service: Add 'device' option 2018-02-21 18:16:14 +01:00
Ales Huzik
444cdf0454 nixos/acpid: add option to log events 2018-02-21 22:17:33 +11:00
Marti Serra
30f27c49b9 crashplan-small-business: remove unneeded function 2018-02-21 09:25:58 +01:00
Frederik Rietdijk
b2f53c76f8 postgis: get rid of composableDerivation
In this change composableDerivation is removed in favor of
stdenv.mkDerivation.
2018-02-20 22:17:16 +01:00
Will Dietz
ce3de0399b
Merge pull request #30057 from dtzWill/feature/webos-novacomd
webos: init novacom, novacomd, cmake-modules; add nixos service
2018-02-20 13:49:06 -06:00
Joachim F
46afc63b6f
Merge pull request #32062 from volth/patch-73
nixos/varnish: check .vcl syntax at compile time
2018-02-20 19:22:28 +00:00
Joachim F
b30fae01cd
Merge pull request #32761 from xvapx/crashplan-small-business
crashplan-small-business: init at 6.6.0
2018-02-20 19:19:22 +00:00
Will Dietz
e5e29284a9 webos: init novacom, novacomd, cmake-modules; add nixos service 2018-02-20 10:34:19 -06:00
Franz Pletz
3942cbea67
Merge pull request #35161 from volth/patch-92
nixos/nat: support nat reflection
2018-02-20 16:26:26 +00:00
Franz Pletz
17952ee589
Merge pull request #35141 from abbradar/dhcpcd-order
dhcpcd service: fix service dependencies when default gateways are set
2018-02-20 16:07:49 +00:00
zimbatm
3b30e4355b
Merge pull request #35129 from rvl/buildkite-agent-hooks
buildkite-agent service: declarative hooks and extraConfig option
2018-02-20 11:28:42 +00:00
Richard Marko
7367918f44 nixos/nixops-dns: init (#34511) 2018-02-20 10:14:55 +00:00
Rodney Lorrimar
e552633c20
nixos/buildkite-agent: add coreutils to PATH of service
This simplifies the service script and it's probable that many builds
will need coreutils anyway.
2018-02-20 08:17:14 +00:00
Rodney Lorrimar
21e9a3eb6f
nixos/buildkite-agent: add a default value for name option
Use the default name value from:
https://buildkite.com/docs/agent/configuration
2018-02-20 08:17:14 +00:00
Rodney Lorrimar
8132b24cdf
nixos/buildkite-agent: remove obsolete config setting
Newer versions of buildkite-agent can find the bootstrap script
themselves.
2018-02-20 08:17:13 +00:00
Rodney Lorrimar
cf6463aa8c
nixos/buildkite-agent: enhance documentation for meta-data option
I assumed they were space-separated, which was wrong.

In future it might be better to allow specifying an attrset of strings
for the option.
2018-02-20 08:17:13 +00:00
Rodney Lorrimar
66586c86b9
nixos/buildkite-agent: declarative hooks configuration
Instead of having to set up a directory containing hook scripts, you
can now directly set module options to add hooks.
2018-02-20 08:17:12 +00:00
Rodney Lorrimar
efefba7c9b
nixos/buildkite-agent: add extraConfig option
This is useful for things like enabling debugging and increasing agent
priority, which don't warrant extra module options.
2018-02-20 08:17:12 +00:00
Nikolay Amiantov
5ff25fcd7e dhcpcd service: want for both IP stacks
We want to wait for both stacks to be active before declaring that network is active.
So either both default gateways must be specified or only IPv4 if IPv6 is disabled to
avoid dhcpcd for network-online.target.
2018-02-19 23:33:54 +03:00
Nikolay Amiantov
996ed0830e dhcpcd service: always want by multi-user
When default gateways were specified the service wasn't wanted by anything at
all before.
2018-02-19 23:31:45 +03:00
Michael Raskin
1e23a5a6e9
Merge pull request #34795 from oxij/os/nixosLabel-pt2
nixos: labels part 2
2018-02-19 14:45:17 +00:00
Michael Raskin
10b3f7d356
Merge pull request #27688 from rnhmjoj/routes
nixos/networking-interfaces: make static routes configurable
2018-02-19 14:12:58 +00:00
volth
328f8a6cba nixos/nat: support nat reflection 2018-02-19 13:16:09 +00:00
Jan Malakhovski
2e6b796761 nixos: rename config.system.nixos* -> config.system.nixos.* 2018-02-18 12:56:30 +00:00
Bjørn Forsman
d84f18e288 nixos/postfix: document that *Alias options support comma separated values
For the longest time I thought there could be only one rootAlias.
2018-02-18 13:04:08 +01:00
Silvan Mosberger
c2b8d14b56
nixos/znapzend: fix when no previous zetup
When the znapzend module was enabled for the first time with pure =
true; then the list of previous entries is empty, but xargs still tried
to execute a znapzendzetup delete command with no arguments, which made
it fail
2018-02-17 15:50:48 +01:00
rnhmjoj
e81811a579
nixos/modules: rename IP addresses/routes options 2018-02-17 14:57:07 +01:00
rnhmjoj
c1bed05e34
nixos/networking-interfaces: rename IP addresses/routes options 2018-02-17 14:01:24 +01:00
Alexei Robyn
ab45e13e07 nixos/dante: order after network-online.target (#34435)
network-online.target properly depends on the underlying network
management tool (e.g. NixOS static configuration scripts, dhcpcd,
NetworkManager, networkd) signalling that all interfaces are up and
appropriately configured (to whatever degree possible/required), whereas
network.target only indicates that the network management tool itself
has started.
2018-02-17 10:18:05 +00:00
Joachim F
faf072166b
Merge pull request #29869 from Nadrieril/syncserver-fup
syncserver service: follow-up of #28189
2018-02-17 10:09:42 +00:00
Niklas Hambüchen
f00a1514f9 nixos/nginx: validate config syntax in preStart (#24664) 2018-02-17 09:45:25 +00:00
Joachim F
71a32c36fe
Merge pull request #34587 from netixx/add-freeradius-service
nixos/freeradius : init - Added freeradius service
2018-02-17 09:17:35 +00:00
Tim Steinbach
87559028ef
Merge pull request #33954 from kuznero/pr/kubernetes
kubernetes: 1.7.9 -> 1.9.1
2018-02-16 13:56:59 +00:00
Vladimír Čunát
b5aaaf87a7
Merge staging and PR #35021
It's the last staging commit (mostly) built on Hydra,
and a minimal fix for Darwin regression in pysqlite.
2018-02-16 09:13:12 +01:00
Herwig Hochleitner
b7b2a4ffa4 connmand: add extraFlags option to service 2018-02-15 23:37:12 +01:00
Franz Pletz
79e7f7af9a
radvd service: fix due to systemd upgrade
After the systemd 237 upgrade, radvd wouldn't start anymore because the
PID file cannot be written. It seems that directories in /run has to be
explicitely defined as RuntimeDirectory now. The PID file isn't needed
due to systemd, though, so it was removed along with forking and loggia
via syslog.

This fixes the ipv6 NixOS test.
2018-02-15 07:02:08 +01:00
Jan Tojnar
640916d55d
nixos/fwupd: add maintainers 2018-02-15 01:11:13 +01:00
Frederik Rietdijk
177cfe3370
Merge pull request #34974 from dotlambda/prosody
nixos/prosody: add package option
2018-02-14 20:35:01 +00:00
Lassulus
8acde7b612 nixos/gnunet: set private TMPDIR (#34945) 2018-02-14 15:35:30 +00:00
Robert Schütz
de74ffb8f8 nixos/prosody: add package option 2018-02-14 14:56:00 +01:00
adisbladis
1de98e8568
plasma: 5.11.5 -> 5.12.1 2018-02-14 17:24:20 +08:00
Jan Tojnar
44695e7045
Merge pull request #34507 from jtojnar/pipewire
pipewire: init at 0.1.8
2018-02-14 02:29:39 +01:00
Jörg Thalheim
67b1d6a16d
Merge pull request #34905 from vcunat/p/kresd-TLS
kresd service: add listenTLS option
2018-02-13 10:41:52 +00:00
Ruben Maher
ac52cb3aed nixos/prometheus/alertmanager: double hyphenate long opts (#34914)
Alertmanager 0.13.0 doesn't support single dash long options, so '-config.file'
for example is parsed as '-c', which leads to the service not starting.
2018-02-12 18:02:38 -05:00
Vladimír Čunát
05d6a7edb6
kresd service: add listenTLS option
Also fix some deficiencies in the systemd multi-socket stuff.
2018-02-12 20:48:25 +01:00
Franz Pletz
74736f26c2
bird2: init at 2.0.1 2018-02-11 23:35:05 +01:00
Vladimír Čunát
968b866dcc
Merge #32774: slurm-spank-x11: init at 0.2.5 2018-02-10 22:48:22 +01:00
Daniel Schaefer
713a69d083 nixos/acpid: pass event parameters to handler (#34190)
Previously the parameters were just dropped. Now they can be read
from within the handler script. An example to show this is added.

Makes use of the new writeShellScript function as suggested in:
issue #21557

resolves:  #21557
2018-02-10 13:26:05 +00:00
Jörg Thalheim
2cab78bc1d
Merge pull request #34384 from gnidorah/nvidia-optimus
modules/nvidia-optimus: fix module blacklisting
2018-02-10 12:14:21 +00:00
Jörg Thalheim
9fab083b79
Merge pull request #34524 from Infinisil/physlock-allowAnyUser
nixos/physlock: add allowAnyUser option
2018-02-10 09:58:36 +00:00
Jörg Thalheim
7914e6be3e
Merge pull request #34655 from markus1189/zookeeper-package-option
zookeeper.service: option for package and add to environment
2018-02-10 09:54:12 +00:00
Netix (Espinet François)
2a2e885cd0 nixos/freeradius : init - Added freeradius service
Inspired from the dhcpd service implementation
Only 2 configurations options at the moment:
- enabled
- path to config directory (defaults to /etc/raddb)

Implementation was also inspired from ArchLinux
systemd file and corrected with @dotlambda and
@fpletz help.
2018-02-10 09:59:01 +01:00
Jörg Thalheim
5be14cce39
Merge pull request #34753 from noqqe/master
Multiple users with hashedPassword is broken in mosquitto
2018-02-10 07:59:49 +00:00
markuskowa
bf53dc68c2 nixos/rdma-core: add module for soft RoCE and test (#34607) 2018-02-10 07:52:03 +00:00
Andreas Rammhold
04051ee9d0
Merge pull request #34562 from griff/rspamd-workers
nixos/rspamd: worker configuration, socket activation and tests
2018-02-09 14:45:54 +01:00
Andreas Rammhold
7ae9699e1c
Merge pull request #34759 from dotlambda/dovecot
nixos/dovecot: no " in mailbox.name
2018-02-09 12:43:03 +01:00
Robert Schütz
6ceece6b59 nixos/dovecot: no " in mailbox.name 2018-02-09 12:20:55 +01:00
Hamish
3a2b0cdf5c nixos/traefik: make group configurable for docker support (#34749) 2018-02-09 09:37:29 +00:00
Brian Olsen
908fc5e14b
nixos/rspamd: options for worker configuration and socket activation 2018-02-09 06:19:03 +01:00
Florian Baumann
7e76b127cd
Multiple users with hashedPassword is broken in mosquitto
If you have more than 1 User with hasedPassword Option set it generates 

```
rm -f /var/lib/mosquitto/passwd
touch /var/lib/mosquitto/passwd
echo 'user1:$6$xxx' > /var/lib/mosquitto/passwd
echo 'user2:$6$xxx' > /var/lib/mosquitto/passwd
```

Which ends up in only having 1 user.
2018-02-08 22:46:06 +01:00
Joachim F
65e6fbf2b5
Merge pull request #34690 from dotlambda/tor
nixos/tor: add hiddenServices.<name>.authorizeClient
2018-02-08 17:08:44 +00:00
Eric Bailey
6b45dbd99c services.mysql: properly quote database.name 2018-02-08 17:32:41 +01:00
Eelco Dolstra
6bc889205a
sshd: Remove UsePrivilegeSeparation option
This option is deprecated, see https://www.openssh.com/txt/release-7.5.
2018-02-08 13:32:55 +01:00
Frederik Rietdijk
c0f6aac818
Merge pull request #34574 from dotlambda/home-assistant
nixos/home-assistant: support platform=... scheme for autoExtraComponents
2018-02-08 10:53:35 +00:00
Robert Schütz
355de06fe4 nixos/tor: add hiddenServices.<name>.authorizeClient 2018-02-08 10:02:22 +01:00
Thomas Pham
f0bafef6a1 add Serviio Media server package and service 2018-02-07 20:45:30 +01:00
rnhmjoj
5118b86800 nixos/monero: init 2018-02-07 08:04:36 -05:00
Matthieu Coudron
fe4f4de1c9 strongswan module: make it work with ipsec l2tp
l2tp saves its secrets into /etc/ipsec.d but strongswan would not read
them. l2tp checks for /etc/ipsec.secrets includes /etc/ipsec.d and if
not tries to write into it.

Solution:
Have the strongswan module create /etc/ipsec.d and /etc/ipsec.secrets
when networkmanager_l2tp is installed.
Include /etc/ipsec.secrets in
/nix/store/hash-strongswan/etc/ipsec.secrets so that it can find l2tp
secrets.

Also when the ppp 'nopeerdns' option is used, the DNS resolver tries to
write into an alternate file /etc/ppp/resolv.conf. This fails when
/etc/ppp does not exist so the module creates it by default.
2018-02-07 13:21:49 +09:00
Joachim F
97ab8d8981
Merge pull request #17106 from spacefrogg/openafs
openafs: Refactor and introduce server module
2018-02-06 14:43:55 +00:00
Markus Hauck
77218de812 zookeeper.service: option for package and add to environment 2018-02-06 09:59:01 +01:00
Philipp Dörfler
35441b52d9
Wrapped ${mailbox.name} in "s to allow for space in mailbox names. 2018-02-05 17:06:49 +01:00
David McFarland
fbba0d0ee5 matrix-synapse: default server_name to hostname 2018-02-04 21:22:55 -04:00
David McFarland
a4b7de74a5 matrix-synapse: default to postgresql on 18.03 2018-02-04 21:22:55 -04:00
David McFarland
1472fa8685 matrix-synapse: create and connect to local postgresql db 2018-02-04 21:22:54 -04:00
Thomas Tuegel
4688dd0cf5
Merge pull request #34526 from ttuegel/bugfix/plasma-integration/font-style
plasma-integration: Fix font style name bug with Qt >= 5.8
2018-02-04 17:41:50 -06:00
Sarah Brofeldt
bf58890a5a nixos/k8s: Enable Node authorizer and NodeRestriction by default 2018-02-04 21:23:36 +01:00
Thomas Tuegel
77a607aa88
nixos/plasma5: Fix font style names in kdeglobals 2018-02-04 13:31:04 -06:00
Robert Schütz
59eb19224b nixos/home-assistant: support platform=... scheme for autoExtraComponents
See https://home-assistant.io/components/sensor.luftdaten/ for an example component using that scheme.
2018-02-04 11:09:55 +01:00
adisbladis
7ebb82e04f
home-assistant: Fix incorrect xml closing tag 2018-02-03 16:54:02 +08:00
Frederik Rietdijk
db58049f75
Merge pull request #34494 from dotlambda/home-assistant
home-assistant: compute extraComponents from config
2018-02-03 08:01:50 +00:00
Jörg Thalheim
a4170403e6
Merge pull request #33897 from rnhmjoj/digits
Avoid package attributes starting with a digit
2018-02-02 19:30:23 +00:00
Michael Raitza
d0ebdbd308 nixos/openafsServer: OpenAFS server nixos module 2018-02-02 16:43:44 +01:00
Vladimír Čunát
bbfca0f371
knot-resolver: 1.5.3 -> 2.0.0 (feature update)
Also split extraFeatures into a wrapper derivation.
So far, no changes like user renaming nor systemd unit rework.
2018-02-02 15:26:36 +01:00
Silvan Mosberger
cfd22b733b
physlock: add allowAnyUser option 2018-02-02 14:03:00 +01:00
Robert Schütz
78c2ca326e home-assistant: compute extraComponents from config 2018-02-02 09:48:50 +01:00
Jan Tojnar
dfe7a54d19
nixos/pipewire: init 2018-02-01 22:40:51 +01:00
Michael Raitza
ce74e1cc36 nixos/openafsClient: Extend client service functionality
Add a lot of options to the client to make it more usable and compatible
with the OpenAFS server module.
2018-02-01 16:35:24 +01:00
Michael Raitza
c389d705f3 nixos/openafsClient: relocate nixos module 2018-02-01 16:35:18 +01:00
Frederik Rietdijk
d30735f889
Merge pull request #34188 from dotlambda/home-assistant
home-assistant: init at 0.62.1
2018-02-01 08:44:48 +00:00
Eelco Dolstra
700e21d6da nix-daemon.nix: Updates for Nix 2.0
* The environment variables NIX_CONF_DIR, NIX_BUILD_HOOK and
  NIX_REMOTE are no longer needed.

* A /bin/sh (from busybox) is provided by default in sandboxes.

* Various options were renamed.
2018-01-31 22:26:05 +01:00
WilliButz
c2fa5f1729
nixos/xautolock: fix default defaults/examples, add assertions
see issue #34371
2018-01-31 21:43:23 +01:00
Robert Schütz
bacbc48cfe home-assistant: add NixOS module 2018-01-31 12:30:31 +01:00
Peter Hoeg
dc52fc6dda aria2 (nixos): actually load the module
Fixes #33991
2018-01-31 09:42:03 +08:00
gnidorah
7b2482ea54 modules/nvidia-optimus: fix module blacklisting 2018-01-29 15:46:15 +03:00
Jan Tojnar
0f21306ca3
Merge pull request #33900 from jtojnar/nginx-acme
nixos/nginx: allow using existing ACME certificate
2018-01-29 01:38:45 +01:00
Luke Adams
1537ce9dc7 samba4/sambaMaster: Modify services to align with Samba project usage 2018-01-26 22:37:17 +01:00
Franz Pletz
cb7fe51ee6
nixos/postfix: separate list option elements with commas 2018-01-26 14:10:17 +01:00
Markus Kowalewski
85ca8f121b slurm-spank-x11: init at 0.2.5 2018-01-25 13:58:14 -08:00
WilliButz
9bd7798d9c
nixos/postfix: fix default postfix config
`services.postfix.config` is now correctly merged with the default attrset
specified in the module. Some options that are lists in postfix also
have to be lists in nix to be merged correctly. Other default options are
now set with `mkDefault` so they can be overridden via the module system.
2018-01-24 23:35:28 +01:00
Michael Raitza
8a77ae81ad openafsClient: rename to openafs 2018-01-24 13:20:47 +01:00
Leon Schuermann
04c4c01089 nixos/stunnel: add module (#33151) 2018-01-21 11:23:07 +00:00
Sarah Brofeldt
ed792d3a45
Merge pull request #33842 from mimadrid/fix/resilio-sync
resilio-sync: fixed typo knownHosts -> entry.knownHosts
2018-01-21 12:11:29 +01:00
Vladimír Čunát
5402412b97
Merge #33600: xfce: cleanup, hyphenate attributes 2018-01-21 09:52:58 +01:00
Jörg Thalheim
dfa6a81a31
Merge pull request #33331 from cransom/netdata-module
netdata service: fix permissions for apps.plugin
2018-01-19 23:19:29 +00:00
Jan Tojnar
d2d1a2dfba
Merge pull request #28882 from jtojnar/chrome-gnome-shell
chrome-gnome-shell: refactor
2018-01-19 13:40:42 +01:00
Leon Schuermann
c61a9dfd2e
sshd: provide option to disable firewall altering 2018-01-18 22:55:28 +08:00
Roman Kuznetsov
f63604a598
kubernetes-dashboard (module): 1.6.3 -> 1.8.2 2018-01-17 09:01:32 +01:00
Francesco Gazzetta
356eeb0d4f nixos/mighttpd2: init 2018-01-16 21:04:09 +00:00
rnhmjoj
c946c101d6
avoid package attributes starting with a digit 2018-01-16 21:13:16 +01:00
Jörg Thalheim
822c949833
Merge pull request #33915 from lheckemann/remove-amd-hybrid-graphics
amd-hybrid-graphics module: remove
2018-01-16 15:57:37 +00:00
Leon Schuermann
22e83d2667 openvpn: add warning about world-readable credentials 2018-01-16 11:40:16 +07:00
Linus Heckemann
730f8530a8 amd-hybrid-graphics module: remove
This was only applicable to very specific hardware, and the only person
with an apparent interest in maintaining it (me) no longer uses the
hardware in question.
2018-01-15 23:17:12 +00:00
Jan Tojnar
41d252d7a4
nixos/nginx: allow using existing ACME certificate
When a domain has a lot of subdomains, it is quite easy to hit the rate limit:

https://letsencrypt.org/docs/rate-limits/

Instead you can define the certificate manually in `security.acme.certs` and list the subdomains in the `extraDomains` option.
2018-01-15 13:48:45 +01:00
Leon Schuermann
e45a06ebd1 openvpn: add option to store credentials 2018-01-15 14:34:58 +07:00
Joachim F
b6c696cc6f
Merge pull request #33444 from rnhmjoj/dnscrypt-wrapper
nixos/dnscrypt-wrapper: fix rotate script failing to restart the service
2018-01-14 11:33:02 +00:00
Sarah Brofeldt
ee4e6ebbfa
Merge pull request #32822 from LumiGuide/elk6
ELK: 5.6.1 -> 5.6.5 & add ELK 6.1.0
2018-01-14 10:40:50 +01:00
Miguel Madrid Mencía
22341c42e7
resilio-sync: fixed typo knownHosts -> entry.knownHosts 2018-01-13 23:44:39 +01:00
Jan Tojnar
38b6d7b60e
nixos/chrome-gnome-shell: init 2018-01-13 15:19:19 +01:00
Joachim F
ed250d8093
Merge pull request #27131 from richardlarocque/mosquitto_pw
mosquitto: Explicitly configure password file
2018-01-13 12:02:45 +00:00
Eelco Dolstra
dddcd10ecc
Don't set 'config.xorg = {}'
This makes memoization of Nixpkgs evaluation less effective, since
some Nixpkgs invocations may have 'config = {}' while others may have
'config = { xorg = {}; }'.

Instead set 'config = {}'.
2018-01-11 19:31:05 +01:00
Jörg Thalheim
788c5195f3 Revert "nixos/udev: fix outdated udev rules for network devices"
This reverts commit 45c5a915980fbe1fa6f0ff80ab2d11b60b844d9e.

This breaks PredictableNetworkInterfaceNames on systems without networkd.
We should only include this file from systemd, when networkd is enabled.
2018-01-11 11:21:16 +00:00
Joachim F
a6912f589e
Merge pull request #33629 from rnhmjoj/dnscrypt-proxy
Restore dnscrypt-proxy
2018-01-09 21:34:14 +00:00
Vladimír Čunát
d6bf8eb71b
Merge #33614: nixos/kresd improvements
The PR was extended with other fixes.  All tested by me atop 17.09.
2018-01-09 17:26:31 +01:00
Vladimír Čunát
4bc4c08838
nixos/kresd: service nitpicks 2018-01-09 17:25:18 +01:00
Vladimír Čunát
3ab85ed1ac
nixos/kresd: use DNSSEC root trust anchor from nixpkgs
in read-only way.  If the cache directory is empty and you use the
very same service for system's DNS, kresd is unable to bootstrap root
trust anchors, as it would need a DNS lookup.

Also, if we don't rely on bootstrap, the extra lua deps of kresd could
be dropped by default, but let's not do that now, as the difference in
closure size is only ~4 MB, and there may be other use cases than
running the package as nixos service this way.
2018-01-09 17:24:49 +01:00
Vladimír Čunát
f312e6d993
nixos/kresd: use systemd.tmpfiles
Since 4e4161c212 it works on nixos-rebuild.
2018-01-09 17:11:36 +01:00
José Romildo Malaquias
8b416450ea mate: let caja find extensions and gsettings schemas 2018-01-09 02:40:04 +02:00
José Romildo Malaquias
598c6c13f0 mate-panel: let mate-panel find applets in config system path 2018-01-09 02:40:04 +02:00
José Romildo Malaquias
ca27392d9c mate-control-center: add gsettings schemas path to XDG vars
mate-control-center depends on mate-settings-daemon, but the later needs
gsettings schemas  provided by the former. To fix this the gsettings schema
path from mate-control-center is added to XDG_DATA_DIRS at session
startup.
2018-01-09 02:40:04 +02:00
José Romildo Malaquias
1bacb88c6a mate-session-manager: add debug option to mate service 2018-01-09 02:40:04 +02:00
Andreas Rammhold
637d5dd00c tomcat9: 9.0.0.M17 -> 9.0.2
also renamed from tomcatUnstable to tomcat9
2018-01-09 01:31:06 +01:00
rnhmjoj
94d28f3672
nixos/dnscrypt-proxy: use new dyne.org repository 2018-01-09 00:33:19 +01:00
Jörg Thalheim
71cce26342 nixos/udev: fix outdated udev rules for network devices
Udev changed its internal naming, so this rule file no longer applied correctly.
Therefore some properties such as network driver no longer matched in
systemd-networkd.

After updating we have more properties in systemd-networkd:

$ sudo networkctl status wlp3s0
...
   Driver: iwlwifi
...

To prevent this in future, the file is no copied from systemd directly
2018-01-08 16:59:33 +01:00
Andrey Golovizin
f19d959ef1 nixos/kresd: fix systemd dependency cycle
The unnecessary dependency of sockets.target on kresd.service causes a
dependency cycle preventing kresd.service from starting at boot:

sockets.target -> kresd.service -> basic.target -> sockets.target
2018-01-08 15:52:26 +01:00
Yegor Timoshenko
85b84527f6
mopidy: fix, resolves #32234 2018-01-08 14:32:36 +00:00
rnhmjoj
4ebb9621f4
Revert "nixos/dnscrypt-proxy: remove"
This reverts commit 5dc2853981.
The project has a new maintainer.
2018-01-08 15:09:33 +01:00
Yegor Timoshenko
f7a9f96725
nixos/xfce: clean up, use hyphenated attributes 2018-01-08 05:12:05 +00:00
Johannes Bornhold
a88b4d4db1 nixos/matrix-synapse: Add module parameter extraConfigFiles (#33276)
This allows to configure additional configuration files for Synapse. This way
secrets can be kept in a secure place on the file system without a need to go
through the Nix store.
2018-01-07 20:13:48 +00:00
Joachim Fasting
5dc2853981 nixos/dnscrypt-proxy: remove
The upstream project ceased.

See https://github.com/NixOS/nixpkgs/issues/33540
2018-01-07 17:00:32 +01:00
Robin Gloster
e606bb252b
gitlab module: config changes for gitlab 10.3 2018-01-07 05:02:56 +01:00
Robin Gloster
69c396f273
gitlab module: gitaly fixes 2018-01-07 05:02:35 +01:00
Graham Christensen
013580caf0
Merge pull request #30518 from Infinisil/usbmuxd-service
usbmuxd service: init
2018-01-06 15:53:42 -05:00
Léo Gaspard
7b878a443a
nixos/clamav: replace mkIf [] with optional 2018-01-06 16:52:14 +01:00
Léo Gaspard
cb506e6e2e
nixos/clamsmtp: init 2018-01-06 16:08:54 +01:00
Orivej Desh
b249907d04
Merge pull request #33197 from bgamari/gitlab-jws-fix
gitlab: Rename jws_private_key to openid_connect_signing_key
2018-01-06 03:08:57 +00:00
José Romildo Malaquias
d0eb40b311 lightdm-gtk-greater: add configuration options for clock format and indicators 2018-01-06 02:20:53 +00:00
zimbatm
80f13dc31d fixup! buildkite-agent: change hooksPath type to 'path' (and prevent it from hitting the store) 2018-01-05 22:55:20 +00:00
Robin Gloster
cfed96ca51 nixos/service.tt-rss: improve pgsql support, do not use static uid/gid 2018-01-05 14:47:54 +01:00
Jaakko Luttinen
c26ff43905 nixos/service.tt-rss: improve mysql automatic setup
If the user chooses MySQL, it is enabled by default. Also, the used database is
created automatically along with the user and permissions.
2018-01-05 14:47:54 +01:00
Jaakko Luttinen
68855595ce nixos/service.tt-rss: enable nginx automatically 2018-01-05 14:47:54 +01:00
Jaakko Luttinen
13eaae1610 nixos/service.tt-rss: use tt_rss user
- Add tt_rss system user.
- Use tt_rss as the user by default.
- Create tt_rss user and group automatically if used.
2018-01-05 14:47:54 +01:00
Jaakko Luttinen
c9b46ccea1 nixos/service.tt-rss: fix #27048 2018-01-05 14:47:54 +01:00
rnhmjoj
c883311327
nixos/dnscrypt-wrapper: fix rotate script failing to restart the service 2018-01-05 02:37:09 +01:00
Jörg Thalheim
f29ecd56c1
Merge pull request #33372 from Mic92/memcache
nixos/memcached: make unix sockets usuable
2018-01-04 18:39:48 +01:00
Jörg Thalheim
c9c8a2c5b3 nixos/memcached: make unix sockets usuable
before:
  - /var/run/memcached is a bad default for a socket path, since its
    parent directory must be writeable by memcached.
  - Socket directory was not created by the module itself -> this was
    left as a burden to the user?
  - Having a static uid with a dynamic user name is not very useful.

after:
  - Replace services.memcached.socket by a boolean flag. This simplifies
    our code, since we do not have to check if the user specifies a
    path with a parent directory that should be owned by memcached
    (/run/memcached/memcached.sock -> /run/memcached).
  - Remove fixed uid/gid allocation. The only file ever owned by the
    daemon is the socket that will be recreated on every start.
    Therefore user and group ids do not need to be static.
  - only create the memcached user, if the user has not specified a
    different one. The major use case for changing option is to allow
    existing services (such as php-fpm) opening the local unix socket.
    If we would unconditionally create a user that option would be
    useless.
2018-01-03 12:33:36 +01:00
Jörg Thalheim
453e15ec91 nixos/redis: remove static uid/gid assignment
all files are chowned on startup
2018-01-03 11:18:04 +01:00
Léo Gaspard
aa241aed14 nixos/dkimproxy-out: init (#33229) 2018-01-03 01:23:02 +00:00
Casey Ransom
f3cba4f6bb netdata service: fix permissions for apps.plugin
apps.plugin requires capabilities for full process monitoring. with
1.9.0, netdata allows multiple directories to search for plugins and the
setuid directory can be specified here.

the module is backwards compatible with older configs. a test is
included that verifies data gathering for the elevated privileges. one
additional attribute is added to make configuration more generic than
including configuration in string form.
2018-01-02 17:57:19 -05:00
Ryan Trinkle
f1a6fa6eec
Merge pull request #32258 from ryantrinkle/add-nat-extraCommands
nat: add extraCommands option
2018-01-02 14:32:42 -05:00
Frederik Rietdijk
804285f589 Merge remote-tracking branch 'upstream/staging' into HEAD 2018-01-02 19:10:45 +01:00
Uli Schlachter
5465d6f7de awesome: Use --search instead of $LUA_PATH/$LUA_CPATH
Instead of polluting the environment with environment variables which
are inherited by processes spawned from awesome, use the command line
argument "--search" to add things to the search path.

cc #33169
2018-01-02 17:24:56 +00:00
Jörg Thalheim
54b16bcd11
Merge pull request #33227 from Ekleog/fcron-opensmtpd
fcron module: be compatible with non-wrapped sendmail's, like opensmt…
2018-01-02 09:26:53 +01:00
Bas van Dijk
803077ef1c elk: add elasticsearch6, logstash6, kibana6 and the beats at v6.1.0
This change is backwards compatible since the ELK tools at version 5.x
remain unchanged.

The test suite now both tests ELK-5 and ELK-6.
2018-01-02 01:15:29 +01:00
Frederik Rietdijk
1869e7e5b0 Merge remote-tracking branch 'upstream/master' into HEAD 2018-01-01 15:09:55 +01:00
Tristan Helmich
3b74349661
lldpd module: create a lldpd user as system user 2018-01-01 14:22:58 +01:00
Léo Gaspard
70a085b62f nixos/rspamd: add extraConfig parameter (#33226) 2017-12-31 15:11:15 +00:00
Vladimír Čunát
1fcd92ce92
Merge branch 'master' into staging
A few thousand rebuilds from master, again.
Hydra: ?compare=1422362
2017-12-31 09:53:49 +01:00
Orivej Desh
dac8f27f96 nixos/beegfs: fix the build of the NixOS manual 2017-12-31 07:52:32 +00:00
Markus Kowalewski
b7fdefc8a4 beegfs: init at 6.17
package, kernel module, nixos module, and nixos test
2017-12-31 07:07:02 +00:00
Yegor Timoshenko
0dd6bd214d
xfce: resolve conflict with KDE
This resolves some aspects of #33231, but GDK_PIXBUF_MODULE_FILE doesn't really belong to any DE module.
2017-12-31 05:22:15 +00:00
Orivej Desh
54d01b0e97
Merge pull request #32914 from Infinisil/znapzendzetup
znapzend service: stateless setup
2017-12-31 03:45:40 +00:00
Léo Gaspard
341583b2d2
fcron module: be compatible with non-wrapped sendmail's, like opensmtpd's 2017-12-31 03:34:11 +01:00
Yegor Timoshenko
c31ac41810
libinput: disableWhileTyping = false by default 2017-12-30 22:02:16 +00:00
Ben Gamari
b95cdd4f6c gitlab: Rename jws_private_key to openid_connect_signing_key
See
24d56df29b
2017-12-29 22:11:04 -05:00
Vladimír Čunát
f29000b002
Merge branch 'master' into staging
Hydra: ?compare=1421760
2017-12-29 10:13:33 +01:00
Nadrieril
95fde40b71 usbguard service: rules option should be of type 'lines' 2017-12-29 03:19:36 +01:00
Robin Gloster
86c7db0ac4 mysql module: cleanup obsolete checks 2017-12-29 02:18:35 +01:00
Robin Gloster
445e3d7390 ghostOne: remove
broken and unmaintained
2017-12-29 02:18:35 +01:00
Christoph Hrdinka
3e14b2826b
nsd module: make use of NSDs configFile option
Signed-off-by: Christoph Hrdinka <c.github@hrdinka.at>
2017-12-28 14:34:06 +01:00
adisbladis
563078184e
services.xserver.desktopManager.plasma5: add qtvirtualkeyboard to systemPackages 2017-12-28 21:13:46 +08:00
Kosyrev Serge
097719147a buildkite-agent: change hooksPath type to 'path' (and prevent it from hitting the store)
(cherry picked from commit 3aec59c99ff6692468a069fa8a8d6a05000fca81)
Signed-off-by: Domen Kožar <domen@dev.si>
2017-12-28 12:16:05 +00:00
Kosyrev Serge
9f5593559b buildkite: address review suggestions 2017-12-28 12:16:05 +00:00
Kosyrev Serge
bbb6072f10 buildkite: allow configuration and actual use of agent-specific hooks
(cherry picked from commit 775e49439fe25a4cdc2a93e31dfb3968b9b02311)
Signed-off-by: Domen Kožar <domen@dev.si>
2017-12-28 12:16:05 +00:00
Silvan Mosberger
66fefb82e7
nixos/znapzend: stateless setup
This enables znapzend users to specify its full configuration through
NixOS options, without ever needing to use the stateful `znapzendzetup`
command.

This works by running znapzendzetup with the specified config in
ExecPre, just before the znapzend daemon is started.

There is also the `pure` option which will clear all previous znapzend setups,
making it as stateless as can get, as only the setup declared in
configuration.nix will be persisted.
2017-12-28 01:40:01 +01:00
Peter Hoeg
7798051817
Merge pull request #32927 from peterhoeg/u/kdeapp
kde-applications: 17.08.3 -> 17.12.0
2017-12-28 08:22:27 +08:00
Christoph Hrdinka
d890212ac8 nginx module: only turn on HTTP2 when SSL is enabled
Signed-off-by: Christoph Hrdinka <c.github@hrdinka.at>
2017-12-28 00:32:24 +01:00
Jörg Thalheim
f1c236a987
Merge pull request #33035 from corpix/feature/ssh-systemd-deps
sshd: Start after network target
2017-12-26 09:11:04 +01:00
Robin Gloster
c4036762b2
gitlab: remove unnecessary assertion
It also gives less information than the error from the module system.
2017-12-26 01:11:16 +01:00
José Romildo Malaquias
6e0387a1e6 mate: fix XDG_MENU_PREFIX 2017-12-25 07:15:07 +01:00
José Romildo Malaquias
248e3983b0 gnome3: fix XDG_MENU_PREFIX 2017-12-25 07:15:07 +01:00
José Romildo Malaquias
1e147fee02 enlightenment: fix XDG_MENU_PREFIX 2017-12-25 07:15:07 +01:00
Dmitry Moskowski
ed26bc5931
sshd: Start after network target 2017-12-24 14:57:14 +00:00
Yegor Timoshenko
b792b3ca61
thinkfan: proper case in IBM, Lenovo, ThinkPad 2017-12-24 12:54:43 +00:00
gnidorah
22596e8995 breeze-qt4: drop 2017-12-24 12:54:04 +03:00
Yegor Timoshenko
f89bc2718b
Merge pull request #32995 from NixOS/yegortimoshenko-patch-1
mbpfan: improve description, resolves #32266
2017-12-23 17:31:13 +03:00
Yegor Timoshenko
ca7472b1a7
mbpfan: improve description, resolves #32266 2017-12-23 14:28:37 +00:00
Silvan Mosberger
0b0df8f9cf nixos/logkeys: fix evaluation 2017-12-23 01:44:14 +00:00
Bjørn Forsman
7c481aa7c1 nixos/gitolite: copy hooks with force
This makes the commonHook option work also for (read-only) Nix store
paths. Currently it fails on the second activation, because the
destination is read-only.
2017-12-21 08:41:59 +01:00
Yegor Timoshenko
71a8dbb956 nixos/desktop-managers: do not leak feh to PATH
(originally from f9415cb621)

feh is used to set background image for desktop managers that do not
support it directly, however there is no need to include it in PATH.

Fixes #17450.
2017-12-21 01:43:38 +00:00
Sander van der Burg
9cee2e5c95 dysnomia module: use postgres as default user and always publish container properties 2017-12-20 21:45:07 +01:00
Franz Pletz
cf12bc44b6
Merge pull request #32858 from nh2/nginx-add-http2-option
nginx service: Make http2 an option.
2017-12-20 11:18:33 +00:00
Yurii Rashkovskii
26a59f70a2 nixos/tarsnap: update doc for printStats
after the change made in 15567e6d8e
2017-12-20 10:16:10 +00:00
Wei Tang
62a974bbbf xfce: delay package selection for pulseaudio volume to nixos modules (#23382)
Now there are separate `xfce4.xfce4mixer_pulse` and `xfce4.xfcevolumed_pulse` attributes for PulseAudio versions of these packages, instead of relying on Nixpkgs option. Mind that xfce4-volumed and xfce4-volumed-pulse are actually two separate programs without much overlap.
2017-12-19 22:28:12 +03:00
Niklas Hambüchen
afa97cb981 nginx service: Make http2 an option.
HTTP 2 can break some things, for example due to this Chrome bug:

  https://bugs.chromium.org/p/chromium/issues/detail?id=796199

So the service hardcoding it to be enabled is not helpful.

This commit adds an option so you can turn it off.
2017-12-19 19:59:15 +01:00
Kevin Hanselman
65fb15aaf8 nixos/smartd: allow extra cli options for daemon
This enables further customization of smartd.
2017-12-19 18:43:49 +01:00
Marti Serra
f24b642587 crashplan-small-business: init at 6.6.0 2017-12-18 07:20:18 +01:00
Yegor Timoshenko
209cbf9fc7 xfce: SVG icon support in xfce4-panel, fixes #18536
Thanks to Yuriy Pitomets, Jonathan Curran, and David Kleuker.
2017-12-18 01:11:20 +00:00
Peter Simons
0fe9785305
Merge pull request #32584 from manoj23/davfs2-v3
davfs2: create user/group davfs2 if not specified in the configuration
2017-12-17 08:53:18 +01:00
Philipp Dörfler
4b0c9418c0 nixos/logcheck: replace rm with rm -r to delete the empty logcheck.logfiles.d/
Fixes #29906
2017-12-17 04:02:26 +00:00
Orivej Desh
b256afac58
Merge pull request #32578 from michaelpj/imp/plymouth-theme-defaut
plymouth: add breeze-plymouth as default theme
2017-12-15 20:20:24 +00:00
Bjørn Forsman
b53407461a nixos/lighttpd: update allKnownModules list
lighttpd 1.4.46+ got three new modules.
2017-12-15 07:47:45 +01:00
David Kleuker
ffc0bfa5b7 nixos/samba: increase LimitNOFILE to recommended value (#32085)
fixes warning:

    rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)

https://serverfault.com/a/641411
2017-12-14 17:12:44 +00:00
Franz Pletz
2754d1a8c3
xmr-stak module: init 2017-12-14 16:03:09 +01:00
Franz Thoma
9e486344a9 nixos.gnome3.at-spi2-core: Set environment variable NO_AT_BRIDGE=1 if disabled
As suggested in #16327 (https://github.com/NixOS/nixpkgs/issues/16327#issuecomment-315729994).
2017-12-13 04:55:35 +01:00
Georges Savoundararadj
9724654c74 davfs2: create user/group davfs2 if not specified in the configuration
* Add options:
  - enable
  - davUser (default: "davfs2")
  - davGroup (default: "davfs2)
* Add davfs2 user or group if they are not specified in the
configuration
2017-12-11 19:30:25 -08:00
Joachim F
90accc093e
Merge pull request #32216 from LumiGuide/networkmanager-strongswan
networkmanager_strongswan: fix package
2017-12-11 23:26:21 +00:00
Joachim F
4792523a3d
Merge pull request #32500 from srhb/logstash-locallisten
nixos/logstash: Listen on 127.0.0.1 instead of 0.0.0.0
2017-12-11 22:00:38 +00:00
Michael Peyton Jones
638d24950d plymouth: add breeze-plymouth as default theme 2017-12-11 20:42:00 +00:00
Andreas Rammhold
104de603cb networkmanager: remove restart after suspend from resume
In commit ec9dc73 restarting NetworkManager after resume from
suspend/hibernate was introduced.

When I initially switch to NixOS I started noticing a high delay between
wakeup and re-connecting to WiFi & wired networks. The delay increased
from a few seconds (on my previous distro, same software stack) to
almost half a minute with NixOS.

I (locally) applied the change in this commit a few weeks ago and tested
since then. The notebook/mobile device experience has improved a lot.
Reconnects are as before switching to NixOS.

Issue #24401 could be related to this. Since I am not using KDE/plasma5
I can only guess…
2017-12-10 00:19:15 +01:00
Sarah Brofeldt
b694fa0054 nixos/logstash: Listen on 127.0.0.1 instead of 0.0.0.0 2017-12-09 11:32:14 +01:00
Orivej Desh
40950f6a2d
Merge pull request #31006 from florianjacob/prosody
Improvements for Prosody
2017-12-09 09:19:24 +00:00
volth
bfee336614
nixos/varnish: it does not matter where to check syntax, only when 2017-12-09 08:29:44 +00:00
Nadrieril
ae416b47cf firefox.syncserver service: Fix missing dependency 2017-12-08 22:18:57 +00:00
Nadrieril
8851ef84c8 firefox.syncserver service: Add nadrieril to maintainers 2017-12-08 22:18:57 +00:00