Commit Graph

8524 Commits

Author SHA1 Message Date
gnidorah
9029ed933c nixos/gitweb: add gitwebTheme option 2018-04-17 20:07:01 +03:00
Matthew Justin Bauer
8691bb57d3
Merge pull request #36406 from alesguzik/bluez-midi
Bluetooth MIDI support
2018-04-17 10:54:23 -05:00
Matthew Justin Bauer
ef7f1c5e03
Merge pull request #36440 from dywedir/iwd
iwd: 2017-12-14 -> 0.1
2018-04-17 10:53:37 -05:00
Matthew Justin Bauer
4fe1c9e35f
Merge pull request #37388 from acowley/mlocate-updatedb
update-locatedb: fix update-locatedb service for mlocate
2018-04-17 10:42:20 -05:00
Matthew Justin Bauer
9e01411a7c
Merge pull request #37515 from MHOOO/patch-2
Fix permission on working directory
2018-04-17 10:40:49 -05:00
Matthew Justin Bauer
1a1f26ab3f
Merge pull request #37786 from woffs/fixing-quagga
quagga service: fix service and re-enable test
2018-04-17 10:12:11 -05:00
Matthew Justin Bauer
12ce909ac9
Merge pull request #38303 from LumiGuide/fix-pgmanage-sql_root
pgmanage: the data_root option is renamed to sql_root
2018-04-17 10:08:15 -05:00
Jean-Baptiste Giraudeau
15e44477b3
Add bash to jira PATH: required by health checks. 2018-04-17 16:44:04 +02:00
Jean-Baptiste Giraudeau
28e352cff8
azure-agent: add bash to service path.
as is often required by linux extensions.
2018-04-17 16:26:04 +02:00
Jean-Baptiste Giraudeau
1d971b7a9f
azure-agent: add option to control auto mount
of resource disk.
2018-04-17 16:04:04 +02:00
Graham Christensen
f4ff297cd5
Merge pull request #39031 from teto/loglevel
kernel: fix boot.consoleLogLevel description
2018-04-17 08:51:14 -04:00
Nikolay Amiantov
4fc0b4edca acme service: generate a CA for self-signed certificate
This is needed because simp_le expects two certificates in fullchain.pem, leading to error:

> Not enough PEM encoded messages were found in fullchain.pem; at least 2 were expected, found 1.

We now create a CA and sign the key with it instead, providing correct fullchain.pem.

Also cleanup service a bit -- use PATH and a private temporary directory (which
is more suitable).
2018-04-17 12:53:29 +03:00
Gabriel Ebner
d91caac6c3 services.tt-rss: do not unnecessarily start nginx 2018-04-17 11:44:52 +02:00
Nikolay Amiantov
b81aa02800 firewall service: run stop commands in reload
Do cleanup of user-created additional rules.

Of course it'd be much better to just use iptables-{save,restore} for
declarative management, but as it's still not there...
2018-04-17 12:41:36 +03:00
Jan Malakhovski
b57a6e9a5f nixos: rename.nix: fix bugs
Introduced in 286b007bd3 and then
in 2e6b796761.

This a proper fix for what 70c6f6572d tried to do.
Removing the "config" prefix triggers the bug on pure nixos too, not only
on nixops.
2018-04-17 09:05:21 +00:00
Jan Malakhovski
4018d44641 Revert "nixos/version: fix nixops pre 1.6 compatibility"
This reverts commit 70c6f6572d.
2018-04-17 09:05:20 +00:00
Matthieu Coudron
9f7eabcc21 kernel: fix boot.consoleLogLevel description
The current description describes the opposite influence of the setting
https://www.kernel.org/doc/Documentation/admin-guide/kernel-parameters.txt
2018-04-17 10:45:30 +09:00
Tuomas Tynkkynen
bd77849b2f nixos/installer/channel: Add some files that the channel also has
Nothing probably uses this, but let's be pedantic and have the
pre-included channel on the install media be as close as possible to
what 'nix-channel --update' will give them.

The only remaining difference is that the channel adds programs.sqlite,
which is fundamentally unfixable.
2018-04-16 20:39:51 +03:00
Yorick van Pelt
a037cbd46b
oauth2_proxy: add keyFile, make some options optional 2018-04-16 14:06:22 +02:00
adisbladis
247c97b699
Merge pull request #35896 from wucke13/master
Solving #30396
2018-04-16 20:04:52 +08:00
Yorick van Pelt
b901c40a8e
oauth2_proxy: update module for extraConfig support 2018-04-16 13:10:31 +02:00
Peter Hoeg
642c8a8d8d nixos ddclient: support multiple domains and run via systemd timer
a) Some providers can update multiple domains - support that.

b) Make "zone" and "script" configurable. Some providers require these.

c) Instead of leaving the ddclient daemon running all the time, use a systemd
timer to kick it off.

d) Don't use a predefined user - run everything via DynamicUser

e) Add documentation
2018-04-15 10:17:46 +08:00
Jörg Thalheim
02dfbab3be nixos/pulseaudio: pulseaudio.enable should imply sound.enable
cc @fpletz
2018-04-14 19:12:47 +01:00
Jörg Thalheim
7663de114a lxd: 2.16 -> 3.0.0 2018-04-14 11:02:24 +01:00
Ricardo M. Correia
0f3a628400 nixos/transmission: fix AppArmor profile to include libkrb5 2018-04-13 20:53:34 +02:00
Bjørn Forsman
80b6513fbf nixos: enable bash command completion by default
Because it improves out-of-the-box user experience a lot (IMHO).
(zsh completion is already on by default.)

Remove "programs.bash.enableCompletion = true" from
nixos-generate-config.pl, which feels superflous now.
2018-04-13 18:36:51 +02:00
Nikolay Amiantov
803dca34bb
Merge pull request #38896 from abbradar/shadowsocks
Update shadowsocks-libuv and add shadowsocks service
2018-04-13 15:55:55 +03:00
Nikolay Amiantov
dccd5a8601 dnscache service: cleanup and add forwardOnly 2018-04-13 15:38:13 +03:00
Nikolay Amiantov
98270cb959 dnscache service: fix bug with several assigned DNS servers 2018-04-13 15:35:03 +03:00
Nikolay Amiantov
f7651b35b8 shadowsocks service: init 2018-04-13 13:39:21 +03:00
Jörg Thalheim
0cb8413b02
Merge pull request #38885 from lopsided98/grafana-unix-socket
grafana: support socket protocol
2018-04-13 11:14:02 +01:00
Robert Schütz
3ea1f1dd8b
Merge pull request #38820 from brainrape/nixos-prosody-add-user-group
nixos/prosody: add user/group options, fix pidfile path
2018-04-13 11:55:10 +02:00
Márton Boros
ec1419bad8 nixos/prosody: fix pidfile path 2018-04-13 11:38:52 +02:00
Márton Boros
d260e95cb9 nixos/prosody: add user, group options 2018-04-13 11:38:29 +02:00
Florian Klink
8fccc7e1df deluge: use mkEnableOption 2018-04-13 10:07:09 +02:00
Ben Wolsieffer
ed6f1761cc grafana: support socket protocol 2018-04-12 22:49:15 -04:00
xeji
a82aae3084 nixos/containers: add extraFlags option
to pass extra flags to systemd-nspawn
2018-04-12 23:29:20 +02:00
adisbladis
fbcbac6769
Merge pull request #38704 from roconnor-blockstream/trezor
trezord: 1.2.1 -> 2.0.12
2018-04-12 23:10:24 +08:00
volth
49ed1229b6
exfat-utils, fuse_exfat -> exfat
`exfat-utils' and `fuse_exfat' are both aliases of `exfat'
2018-04-12 11:23:52 +00:00
Reuben D'Netto
42a84598fb Added cross-references to NixOS manual 2018-04-12 09:39:14 +10:00
Austin Seipp
7413eb8b49 nixos/postgresql: remove ancient hack for postgres 8.4
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-04-11 12:25:11 -05:00
Yegor Timoshenko
9a9c38eee8
Merge pull request #38773 from bandresen/zfsAutoSnapshot
zfs.autoSnapshot: make `frequent` run every 15 mins
2018-04-11 14:58:51 +00:00
Benjamin Andresen
96f10e7e49 zfs.autoSnapshot: make frequent run every 15 mins
fixes bug that there is 30 minutes between hh:45 and hh:15 every hour.
2018-04-11 16:45:00 +02:00
Russell O'Connor
a60e17438e trezord: 1.2.1 -> 2.0.12
The old trezord is obsolete and no longer functions with Trezor's password manager app.
2018-04-11 09:53:15 -04:00
Frederik Rietdijk
ee6894ca12 Merge staging into master 2018-04-11 14:55:52 +02:00
Daniel Frank
e0de2d7ae6 murmur: fix /tmp usage 2018-04-10 20:27:59 +02:00
BjornMelgaard
46c270c5a6 safeeyes: restart only on failure 2018-04-10 21:19:13 +03:00
BjornMelgaard
2f4a220130 safeeyes: add module 2018-04-10 21:19:13 +03:00
Frederik Rietdijk
6023849ba1 Merge master into staging 2018-04-10 19:23:42 +02:00
Jörg Thalheim
d8647f96bd
Merge pull request #38643 from brainrape/prosody-add-dataDir
nixos/prosody: add dataDir option
2018-04-10 09:08:50 +01:00
Robert Schütz
80fc5f2a24 Merge branch 'master' into staging 2018-04-10 09:13:36 +02:00
Matthew Justin Bauer
07886aaf5a
Merge pull request #33794 from yrashk/onlykey
config.hardware.onlykey configuration option
2018-04-09 14:29:31 -05:00
Frederik Rietdijk
0aa59a08d6 Merge master into staging 2018-04-09 15:12:32 +02:00
Márton Boros
615fefb3a5 nixos/prosody: add dataDir option 2018-04-09 14:19:42 +02:00
Jörg Thalheim
41ec2c2223
Merge pull request #38362 from orbekk/acme-path
fix: nixos/nginx certificate location
2018-04-09 09:02:51 +01:00
Jörg Thalheim
e8cfda7f13 lxc: enable pam_cgfs and fix module
pam_cgfs was part in lxcfs before and moved here

fixes #37985
2018-04-09 08:15:00 +01:00
Jörg Thalheim
53611a9b6c
Merge pull request #38629 from ivanbrennan/less-configFile
nixos/less: add configFile option
2018-04-09 07:03:29 +01:00
Matthew Justin Bauer
1381606b8e
Merge pull request #38533 from nyanloutre/duplicati-package
duplicati: init at 2.0.3.3
2018-04-08 21:49:48 -05:00
ivanbrennan
6e4096d792 nixos/less: add configFile option
Expose the path to a lesskey file as a module option. This makes it
possible to maintain a single lesskey file, used for both NixOS and
non-nix systems. An example of how this can be done follows.

1. Write a derivation that fetches lesskey from a known location:

  { stdenv, fetchgit }:
  stdenv.mkDerivation {
    name = "foo";
    src = fetchgit { .. };
    phases = [ "unpackPhase" "installPhase" ];
    installPhase = "mkdir -p $out && cp $src/lesskey $out/lesskey";
  }

2. Set programs.less.configFile to the corresponding path:

    programs.less = {
      enable = true;
      configFile = "${pkgs.foo}/lesskey";
    };
2018-04-08 22:37:35 -04:00
Matthew Justin Bauer
9c66871784
Merge pull request #38094 from volth/patch-120
nixos/network-scripted: print error details
2018-04-08 21:27:38 -05:00
obadz
f3657a05d8 minidlna nixos module: add loglevel config 2018-04-09 00:16:06 +01:00
Jörg Thalheim
6fd1520e45
Merge pull request #38547 from Ma27/iftop-module
nixos/iftop: add module
2018-04-08 14:05:20 +01:00
aszlig
99ba1cb424
Increase max group name length to 32 characters
With #36556, a check was introduced to make sure the user and group
names do not exceed their respective maximum length. This is in part
because systemd also enforces that length, but only at runtime.

So in general it's a good idea to catch as much as we can during
evaluation time, however the maximum length of the group name was set to
16 characters according groupadd(8).

The maximum length of the group names however is a compile-time option
and even systemd allows more than 16 characters. In the mentioned pull
request (#36556) there was already a report that this has broken
evaluation for people out there.

I have also checked what other distributions are doing and they set the
length to either 31 characters or 32 characters, the latter being more
common.

Unfortunately there is a difference between the maximum length enforced
by the shadow package and systemd, both for user name lengths and group
name lengths. However, systemd enforces both length to have a maximum of
31 characters and I'm not sure if this is intended or just a off-by-one
error in systemd.

Nevertheless, I choose 32 characters simply to bring it in par with the
maximum user name length.

For the NixOS assertion however, I use a maximum length of 31 to make
sure that nobody accidentally creates services that contain group names
that systemd considers invalid because of a length of 32 characters.

Signed-off-by: aszlig <aszlig@nix.build>
Closes: #38548
Cc: @vcunat, @fpletz, @qknight
2018-04-08 12:51:33 +02:00
Frederik Rietdijk
595a72589f Merge master into staging 2018-04-08 10:54:17 +02:00
Wout Mertens
fc6ab8dfa7
google-compute-image: provide correct MTU 2018-04-08 08:46:42 +02:00
nyanloutre
b3aa9ecdf8
duplicati: create service 2018-04-07 21:23:04 +02:00
Maximilian Bosch
50a34e55b2
nixos/iftop: add module
This patch is heavily inspired by bd0d8ed807 which added
a setcap wrapper for `mtr` in order to allow running `mtr` without
`sudo`. The need for the capability `cap_net_raw` that can be registered using
`setcap` has been documented in the Arch Wiki: https://wiki.archlinux.org/index.php/Capabilities#iftop

A simple testcase has been added which starts two machines, one with a
setcap wrapper for `iftop`, one without. Both testcases monitor the
bandwidth usage of the machine using the options `-t -s 1` once, the
machine with setcap wrapper is expected to succeed, the `iftop` on the
machine without setcap wrapper is expected to return a non-zero exit
code.
2018-04-07 15:06:51 +02:00
Wout Mertens
d55e830982
Merge pull request #38527 from gnidorah/gitweb
nixos/nginx: fix gitweb submodule
2018-04-07 14:39:51 +02:00
gnidorah
073089914e nixos/nginx: fix gitweb submodule 2018-04-06 22:36:03 +03:00
John Ericson
c6f7d43678 nixpkgs module: Clean up platform options
- `localSystem` is added, it strictly supercedes system

 - `crossSystem`'s description mentions `localSystem` (and vice versa).

 - No more weird special casing I don't even understand

TEMP
2018-04-06 12:41:44 -04:00
Rob Vermaas
b894dd8b82
Update create-gce.sh script. Set default option for GCE images to disable host key replacement by service.
(cherry picked from commit 748d96ffa3c51c3127bcdf23a88d54afad6406e9)
2018-04-06 10:57:31 +02:00
Tim Engler
d488a9dc7a nixos/lxqt: enable upower if config.powerManagement is enabled (#38318) 2018-04-06 08:49:55 +01:00
Corey O'Connor
c0de2454bd nixos/transmission: Refactor out explicit listing of managed directories 2018-04-05 22:07:49 +02:00
Corey O'Connor
9eec034d75 nixos/transmission: refactor preStart into script 2018-04-05 22:07:49 +02:00
Jörg Thalheim
f55a6ab844
Merge pull request #38302 from johannesloetzsch/master
mate/mate-screensaver: fixed unixAuth
2018-04-05 21:02:18 +01:00
Frederik Rietdijk
a9f37d1c25 Merge master into staging 2018-04-05 19:25:05 +02:00
Rob Vermaas
ced3a201e3
gce: needs bigger diskSize
(cherry picked from commit ac3437aa061e80604d28aa3dd09013417f3193b1)
2018-04-05 12:19:05 +02:00
Rob Vermaas
0164c94a51
ec2-amis.nix: add 18.03 images
(cherry picked from commit e5a4fb31bded4b4e6a7952455f97850e2f013002)
2018-04-05 11:58:53 +02:00
Michael Raskin
b07ce1fb74
Merge pull request #38114 from oxij/nixos/doc-module
nixos: doc module
2018-04-05 07:09:32 +00:00
Michael Raskin
195521350a
Merge pull request #38111 from oxij/tree/cleanups
assorted cleanups
2018-04-05 07:08:05 +00:00
Franz Pletz
20ad4be383
Merge pull request #38405 from volth/patch-121
network-interfaces-scripted: wlanInterfaces have .device, …
2018-04-05 04:45:50 +00:00
Charles Strahan
5c066e2bba
Merge pull request #37218 from cstrahan/kube-test-fix
nixos: kubernetes fixes
2018-04-04 19:14:48 -04:00
Frederik Rietdijk
23741692fa Merge master into staging 2018-04-04 19:36:39 +02:00
Jörg Thalheim
b6ec6fd525
Merge pull request #38431 from volth/patch-122
network-interfaces.nix: dead code removal
2018-04-04 15:30:22 +01:00
Joachim Schiele
7be79f22f2
nixos/dhcp: fix permissions of statedir
nixos/dhcp: fix permissions of statedir
2018-04-04 16:26:25 +02:00
Graham Christensen
9b30d48b2b
Merge pull request #37288 from cleverca22/improve-make-tarball
make-system-tarball: allow alternate compression methods
2018-04-04 10:11:25 -04:00
volth
b9e01e64b7
network-interfaces.nix: dead code removal
`wlanDeviceUdevScript` is not used below in the text
2018-04-04 13:45:49 +00:00
Eelco Dolstra
0236a947d0
mkdir -> install -d
Fixes #38421.
2018-04-04 13:04:35 +02:00
nyanloutre
172ca5884b
transmission: settings doc location changed 2018-04-03 22:32:36 +02:00
volth
dd9f776509
network-interfaces-scripted: wlanInterfaces have .device, no "${dev}-netdev.service" 2018-04-03 20:00:12 +00:00
Michael Bishop
3c9e579d1e
make-system-tarball: allow alternate compression methods 2018-04-03 11:30:43 -03:00
Kjetil Ørbekk
8614e22297 fix: nixos/nginx certificate location
Fix issue when using a cert location other than the default.
2018-04-02 20:34:01 -04:00
Tuomas Tynkkynen
747ebe3f66 Merge remote-tracking branch 'upstream/master' into staging
Conflicts:
	pkgs/top-level/all-packages.nix
2018-04-03 02:22:54 +03:00
Silvan Mosberger
e9fc2558f9
nixos/systemd: Fix environment type -> allows overriding 2018-04-03 00:36:52 +02:00
Tuomas Tynkkynen
1e5cb384d5 nixos/sd-image-*: Raspberry Pi firmware no longer falls under unfree
It's just unfreeRedistributableFirmware now.
2018-04-02 23:46:18 +03:00
Nikolay Amiantov
37546be900 nodePackages.parsoid: pin service-runner to 2.3.0
service-runner had a backwards incompatible update, and parsoid 0.9.0
doesn't work with current stable MediaWiki. Instead use as a source
a repository with 0.8.0 and pinned service-runner version.
2018-04-02 22:38:40 +03:00
Tuomas Tynkkynen
4c21180a13 nixos/sd-image: Make it more similar to iso-image.nix
- Add `imageName` and `imageBaseName` options similar to the `isoName`
  and `isoBaseName` options
- Make the filename of the iso match what iso-image.nix does
- Generate a nix-support/hydra-build-products like iso-image.nix does
2018-04-02 15:18:25 +03:00
Franz Pletz
35f474d61d
nixos/unbound: don't fail on root trust anchor updates
Exit code on updates is 1 which makes the inital start of unbound fail.
2018-04-01 23:56:42 +02:00
Bas van Dijk
c8eef1d771 pgmanage: the data_root option is renamed to sql_root 2018-04-01 19:16:04 +02:00
Johannes Lötzsch
1ab3736146 mate/mate-screensaver: fixed unixAuth
Without this fix, it's not possible to unlock the mate-screensaver.
2018-04-01 19:01:26 +02:00
Joachim Schiele
1b0cb040d9 user/group assertion to not exceed the 32 character limit 2018-03-30 23:43:23 +02:00
Charles Strahan
709b6f664e
nixos: kubernetes fixes
* Fix reference CNI plugins
  * The plugins were split out of the upstream cni repo around version
    0.6.0

* Fix RBAC and DNS tests
  * Fix broken apiVersion fields
  * Change plugin linking to look in ${package}/bin rather than
    ${package.plugins}

* Initial work towards a working e2e test
  * Test still fails, but at least the expression evaluates now

Continues @srhb's work in #37199

Fixes #37199
2018-03-30 17:33:45 -04:00
Léo Gaspard
b59570eac0 nixos/gogs: allow git operations over ssh
Without `ROOT_PATH` set, `gogs serv` tries to open logs in writing in
its store directory. This blocks cloning or pushing over ssh, and
results in a gogs internal error.
2018-03-30 16:37:36 +02:00
Jan Malakhovski
44b8202cab nixos: tcpcrypt: /var/run -> /run, don't drop files out of rundir 2018-03-30 06:56:38 +00:00
Jan Malakhovski
02da27de52 nixos: dysnomia: move into services subtree 2018-03-30 06:56:12 +00:00
Jan Malakhovski
98fd9b7f86 nixos: doc: introduce documentation config subtree 2018-03-30 06:52:26 +00:00
Jan Malakhovski
302c170e1c nixos: replace optionals -> optional in nsswitch 2018-03-30 06:44:18 +00:00
Jan Malakhovski
6d7854a9a8 nixos: users-groups: cleanup 2018-03-30 06:40:13 +00:00
Frederik Rietdijk
9d2ff98571 Merge remote-tracking branch 'upstream/master' into HEAD 2018-03-30 08:14:35 +02:00
volth
a6c8e48840
nixos/network-scripted: print error details 2018-03-30 01:18:18 +00:00
Wout Mertens
b4e92e0b34
Merge pull request #37921 from gnidorah/gitweb
nixos/nginx: add gitweb sub-service
2018-03-30 00:18:44 +02:00
Robin Gloster
68c4605f1a
gitlab: disable
The last rubygems update broke this
2018-03-29 19:17:49 +02:00
Franz Pletz
e0ae89007b
Merge pull request #37955 from mayflower/fix/nixops-pre-1.6-eval
nixos/version: fix nixops pre 1.6 compatibility
2018-03-29 14:44:27 +00:00
gnidorah
05b535c850 git: add more deps to gitweb 2018-03-29 16:46:11 +03:00
gnidorah
2821d3fed7 gitweb: use common options 2018-03-29 16:45:32 +03:00
gnidorah
69a0c9721e nixos/nginx: add gitweb sub-service 2018-03-29 09:06:54 +03:00
Ryan Mulligan
690fcc97ef nixos/monit: restart if config changes 2018-03-28 15:21:56 -07:00
obadz
0a9d7f0809 zerotier module: add option to join networks and open port 2018-03-28 22:18:25 +01:00
Franz Pletz
e53d195c4a
Merge pull request #38000 from ryantm/auto-update/dovecot
dovecot: 2.3.0.1 -> 2.3.1
2018-03-28 20:05:54 +00:00
Maximilian Bosch
5caa22fe0a Revert restrictive validation behavior for DM/WM defaults in the X module
The original idea behind this change (described in ticket #11064) was to
improve the assertions to avoid that users of the X server accidentally
forget to configure a DM or WM.

However this caused several issues with setups that require X, but no DM
or WM. The keymap testcases became instable as well as now disabling DMs
needs to be done explicitly.
(see https://github.com/NixOS/nixpkgs/pull/31268#issuecomment-347080036)

In the end the idea behind the change and #11064 was obviously a
mistake, so reverting it completely for now should be fine.
2018-03-28 20:34:05 +02:00
Franz Pletz
6a15c8d6f7
nixos/dovecot: set group in config
The dovecot bump to 2.3.1 caused the dovecot service to fail to start
because it would try to chgrp sockets to dovecot whereas our default
dovecot group is called dovecot2.
2018-03-28 19:16:41 +02:00
Shea Levy
05e375d710
Merge remote-tracking branch 'origin/master' into staging 2018-03-28 09:36:47 -04:00
gnidorah
30a56d72db hans: rename option 2018-03-28 10:36:04 +03:00
gnidorah
33c34aff2f hans, iodine: correct script 2018-03-28 10:34:57 +03:00
Anthony Cowley
1f8382547f locate: fix update-locatedb service for mlocate
This fixes the `update-locatedb` service when using the `mlocate`
package.

The service as-is does not properly handle flags during update of the
relevant database when configured to use the `mlocate` package.

The man entry for `updatedb` associated with `mlocate` does not say
that it supports environment variables in place of command line flags,
whereas the `findutils` package's updatedb does so.

To support this distinction, we pass the relevant settings as flags to
the `updatedb` program when using the `mlocate` package.

Fixes #29279
2018-03-27 23:34:11 -04:00
Justin Humm
169468c406
apache-httpd: fix typo in config servedFiles 2018-03-28 03:47:25 +02:00
Franz Pletz
70c6f6572d
nixos/version: fix nixops pre 1.6 compatibility
We should be able to deploy a NixOS 18.03 system with the current nixops
stable release. Some options were renamed, so instead of
`mkRenamedOptionModule` we introduce them as read-only interal options
that won't be rendered in the manual.

Only the options that are needed to make nixops evaluations succeed were
added.

This commit should probably be reverted after or before the 18.09 release,
depending on the nixops 1.6 release.

The user will not get the warning that these have been renamed but
this change is mentioned in the release notes.

Fixes #34253.
2018-03-28 02:30:50 +02:00
Matthew Justin Bauer
75616ceb49
Merge pull request #37840 from matthewbauer/unixtools
Cross-platform "unixtools"
2018-03-27 18:43:03 -05:00
gnidorah
276d10dae6 nixos/iodine: passwordFile option #24288 2018-03-27 22:44:29 +03:00
gnidorah
16c5866cec nixos/hans: passwordFile option #24288 2018-03-27 22:25:31 +03:00
gnidorah
b2be363fea nixos/hans: init 2018-03-27 22:25:22 +03:00
Yegor Timoshenko
e61d69bfd3
Merge pull request #37897 from mkaito/tarsnap-symlinks-and-restore
Tarsnap: add symlink options and a restore service
2018-03-27 16:21:28 +00:00
Michishige Kaito
c515f7036e Address @yegortimoshenko review 2018-03-27 16:35:54 +01:00
Shea Levy
cd7047c461
Merge branch 'riscv-limitations' 2018-03-27 11:32:38 -04:00
Nikolay Amiantov
25ac79647c linuxPackages.nvidia_x11_legacy173: drop
There's no kernel in nixpkgs suitable for this old driver -- tested with 4.4.
2018-03-27 16:43:53 +03:00
Shea Levy
cdf9a78a3e
kexectools: Disable only on RISC-V if Linux.
The isKexecable flag treated Linux without kexec as just a normal
variant, when it really should be treated as a special case incurring
complexity debt to support.
2018-03-27 08:15:07 -04:00
davidak
41676002b2 nixos/systemd: add option for cgroup accounting 2018-03-27 09:15:22 +02:00
Michishige Kaito
bde525aaaf Add restore service for tarsnap archives
This service will never run automatically, but it encapsulates the
necessary logic and configuration to run a restore of the latest
archive, and allows to hook more specific logic, such as loading
a database dump, via `postStart`.
2018-03-27 01:19:02 +01:00
Michishige Kaito
d462595600 Add support for tarsnap options -H and -L
A new option `explicitSymlinks` will set `-H` when creating an archive.
This option makes tarsnap follow any symlinks specified explicitly on
the commandline, but not any found inside the file tree.

A new option `followSymlinks` will set `-L` when creating an archive.
This option makes tarsnap follow any symlinks found anywhere in the file
tree instead of storing them as-is.
2018-03-27 01:19:02 +01:00
Bas van Dijk
e9de38eb61 strongswan-swanctl: actually removed the strongswan parameter files 2018-03-26 17:18:08 +02:00
Joachim F
1c889be474
Merge pull request #37827 from oxij/pull/28938-tor-control-port
nixos/tor: expose control socket
2018-03-26 13:05:27 +00:00
Nikolay Amiantov
cdf1079665 opengl service: don't override mesa non-drivers in runtime 2018-03-26 14:02:06 +03:00
Nikolay Amiantov
220d0decaf qemu-vm service: quote arguments in qemu runner 2018-03-26 14:01:49 +03:00
Nikolay Amiantov
4f0b59de9a xserver service: cleanup LD_LIBRARY_PATH
X libraries in LD_LIBRARY_PATH seem to not be needed anymore.
I've tracked this addition as far as I could
(02cef04c81) and they seem to be added for unfree
NVIDIA and ATI drivers but at least for NVIDIA they are not needed anymore. We
can add them with patchelf instead if it turns out to be the case with ATI.
2018-03-26 14:01:49 +03:00
Nikolay Amiantov
d61e6c5ed7 opengl service: move options under common hardware.opengl tree
Purely cosmetic.
2018-03-26 14:01:49 +03:00
Nikolay Amiantov
0934c8f49b nvidia service: rely on libglvnd 2018-03-26 14:01:49 +03:00
Jaka Hudoklin
cb9c1c63c9 nixos/tor: expose control socket 2018-03-26 00:41:10 +00:00
Will Dietz
cb30a1b425 wrapper.c: fixup includes to work w/musl 2018-03-25 18:06:02 -05:00
Guillaume Maudoux
c948613a65 almir: also remove the corresponding module.
The almir package was removed in 30291227f2 at about 2017-08
This module can no more be used without it.
2018-03-25 21:41:19 +01:00
Frank Doepper
66deb3aa29 quagga service: fix service and re-enable test
adding quagga to quaggavty
reverting 8a18e1f
2018-03-25 21:26:45 +02:00
Michael Raskin
296dca019b
Merge pull request #35073 from Infinisil/fix/znapzend
nixos/znapzend: fix when no previous zetup
2018-03-25 17:29:08 +00:00
Matthew Justin Bauer
8f3091939b
Merge pull request #37752 from ryantm/fix-urls
treewide: use more HTTPS URLs
2018-03-25 00:40:17 -05:00
Ryan Mulligan
b189247ba0 treewide: use more HTTPS URLs
Uses the HTTPS url for cases where the existing URL has a permanent
redirect. For each domain, at least one fixed derivation URL was
downloaded to test the domain is properly serving downloads.

Also fixes jbake source URL, which was broken.
2018-03-24 22:04:25 -07:00
Wout Mertens
527e97f333
acme module: update for simp_le v0.8
Hopefully fixes #37689
2018-03-24 17:43:32 +01:00
Shea Levy
0f854cd2d1
Merge branch 'master' into staging 2018-03-24 01:34:53 -04:00
Florian Klink
6ac74d60ad networkmanager-pptp: remove package
Currently broken on NixOS due to hardcoded modprobe binary path (see
bug #30756 from Oct 2017), no activity on a proposed fix for months.
As the protocol is terribly broken anyways, let's better remove it
completely, and not talk about anymore ;-)

Closes #30756.
2018-03-23 22:24:50 +01:00
Nikolay Amiantov
91072b7b23
Merge pull request #37647 from abbradar/systemd-238
[WIP] Update systemd and unbreak staging
2018-03-23 01:11:32 +03:00
Nikolay Amiantov
0ccab4946d systemd: 237 -> 238 2018-03-22 22:37:26 +03:00
Matthew Justin Bauer
779c25b2fe
Merge pull request #34053 from thpham/serviio
serviio: init at 1.9
2018-03-22 11:11:17 -05:00
Robin Gloster
fda705527d
nixbot: remove
obsoleted mostly by ofborg
2018-03-22 16:17:12 +01:00
WilliButz
c54aa1f293
nixos/prometheus-exporters: add postfix exporter & documentation 2018-03-22 14:52:23 +01:00
WilliButz
f4d03b5c9c
nixos/prometheus-exporters: rewrite and restructure
- prometheus exporters are now configured with
  `services.prometheus.exporters.<name>`
- the exporters are now defined by attribute sets
  from which the options for each exporter are generated
- most of the exporter definitions are used unchanged,
  except for some changes that should't have any impact
  on the functionality.
2018-03-22 14:46:17 +01:00
Robin Gloster
76ea0e1b2e
Merge pull request #32960 from florianjacob/prosody-0.10
Prosody 0.10.0
2018-03-22 14:12:57 +01:00
volth
f68871764d treewide: replace depecated alias s/mssys/ms-sys/g 2018-03-22 10:13:21 +00:00
Robin Gloster
0a80f2c0f4
prosody: improve module handling 2018-03-22 03:40:46 +01:00
Franz Pletz
e5a854e740
gitlab service: use recommended unicorn config 2018-03-22 02:29:28 +01:00
Simon Lackerbauer
1b55905806
gitlab: 10.3.4 -> 10.5.4 2018-03-22 02:29:28 +01:00
Robin Gloster
31d77fd4f3
gitlab-shell: fix config path finding
and remove TimeoutSec for gitlab
2018-03-22 02:29:27 +01:00
Robin Gloster
fa347164b6
graylog: use jre_headless 2018-03-22 02:29:27 +01:00
Geoffrey Huntley
a88ec5e8a5 duosec: use root uid as sshd uid has been retired (#33597)
* fix: use root uid as sshd uid has been retired

fixes https://github.com/NixOS/nixpkgs/issues/10088
related PR (abandoned) at https://github.com/NixOS/nixpkgs/pull/15391

* must use "sshd" user otherwise duosec does not work in multi user mode

see https://github.com/duosecurity/duo_unix/issues/89#issuecomment-272062632
2018-03-21 18:46:35 -05:00
Dan Peebles
6fa9d9cdbd hologram-server module: add cache timeout option
The version of hologram we're using has supported this option for a
while, but we didn't expose it through the NixOS module
2018-03-21 12:58:25 -04:00
Thomas Karolski
e5073bcb80
Fix permission on working directory
The working directory needs the x flag, otherwise executors (e.g. sparks executor) are unable to cd into their sandbox and create e.g. temporary files.
2018-03-21 02:26:04 +01:00
Eelco Dolstra
7db841512a
Remove obsolete /nix/var/nix/{manifests,channel-cache} 2018-03-20 18:26:13 +01:00
Jörg Thalheim
35eddf5ef1
Merge pull request #37412 from volth/varnish456
varnish4: init at 4.1.9; varnish6: init at 6.0.0
2018-03-20 07:55:52 +00:00
Joel Thompson
fe2e4d6fb9 hologram: Enable configuring LDAP authorization
In AdRoll/hologram#62 support was added to hologram to configure
LDAP-based authorization of which roles a user was allowed to get
credentials for. This adds the ability to configure that.

Additionally, AdRoll/hologram/#94 added support to customize the LDAP
group query, so this also feeds that configuration through.

fixes #37393
2018-03-20 07:36:23 +00:00
volth
002b460822 varnish4: init at 4.1.9; varnish6: init at 6.0.0 2018-03-20 07:10:36 +00:00
Robert Schütz
c484079ac7
Merge pull request #36927 from dotlambda/borg-module
nixos/borgbackup: init
2018-03-19 20:30:32 +01:00
WilliButz
ca7b29050f grafana: 5.0.2 -> 5.0.3, fix headless phantomjs 2018-03-19 19:59:10 +01:00
Matthew Justin Bauer
ce01740dae
Merge pull request #33685 from corngood/amdgpu-pro-upgrade
amdgpu-pro: 17.10 -> 17.40
2018-03-19 12:40:03 -05:00
Robert Schütz
fdf0f037be nixos/borgbackup: init 2018-03-19 13:12:47 +01:00
Jörg Thalheim
86dd3f854b
Merge pull request #35687 from volth/libvirt-4.1.0
libvirt: 3.10.0 -> 4.1.0
2018-03-19 11:42:06 +00:00
Sarah Brofeldt
45241c5cd1
Merge pull request #37272 from erictapen/manual-networking
nixos/manual: fixed example config for networking.interfaces
2018-03-18 17:50:37 +01:00
Jörg Thalheim
705fee5150
Merge pull request #37198 from giraffito/patch-2
nixos/sudo: fix description of sudo.wheelNeedsPassword
2018-03-18 12:27:43 +00:00
Peter Hoeg
2859483fe9 nixos home-assistant: a couple of fixes (#36338)
a) set path to /run/wrappers so ping works
b) run via a target so we can easily inject other components (config copier,
appdaemon)
2018-03-18 12:46:36 +01:00
Jörg Thalheim
5c1c4fbb06
Merge pull request #37084 from herrwiese/evilwm
nixos/window-managers: actually add evilwm to default.nix
2018-03-18 11:13:23 +00:00
Jörg Thalheim
ac9818fa70
Merge pull request #37216 from teto/qemu_comma_fix
qemu-vm: passing QEMU_NET_OPTS would fail
2018-03-18 10:17:50 +00:00
Elis Hirwing
fa76c9a385
gitea: fix usage over ssh
Using gitea over ssh had two isses:
 1. No shell was set for the user
 2. Gitea tried to write logs to
 /nix/store/x83q12kyd9gw1pay036dxz2dq0apf17h-gitea-1.3.2-bin/log when
 serving the ssh usage.
2018-03-18 10:11:02 +01:00
Yurii Rashkovskii
738bcfdef8
config.hardware.onlykey configuration option
By default, OnlyKey device (https://crp.to/p/) won't work on Linux (and,
therefore, NixOS). This is unintuitive and requires one to search for a
solution in the documentation.

This change allows one to enable OnlyKey device support directly from
their NixOS configuration.
2018-03-18 12:49:13 +07:00
Corey O'Connor
28a55f5bd6 jenkins: Add "java.awt.headless=true" to JDK options.
This is consistent with the recommended jenkins startup script. See:

* https://wiki.jenkins.io/display/JENKINS/JenkinsLinuxStartupScript
2018-03-17 22:16:59 -07:00
Corey O'Connor
241160aacc jenkins: Include Deja-Vu fonts in system environment to silence jenkins warning. 2018-03-17 22:16:26 -07:00
Justin Humm
d69e0d99e0
nixos/manual: fixed example config for networking.interfaces
The former example gave a "value is a list while a set was expected" error.
2018-03-17 19:53:06 +01:00
Matthieu Coudron
33b0ad83e9 qemu-vm: passing QEMU_NET_OPTS would fail
because of a change in #36850.
spotted by @jtojnar b7a2333ebe (commitcomment-28134992)
2018-03-17 23:21:27 +09:00
giraffito
b9639d7e1f
nixos/security: fix description of sudo.wheelNeedsPassword
the previous description mistakenly described the opposite semantics
2018-03-16 21:50:46 +00:00
Vladimír Čunát
03cf538ef2
18.09: Jackrabbit -> Jellyfish
See eb0fa09232 and github discussion on that.
My misgiving about the t-shirts was refuted.
I don't think this flip may negatively affect anyone.
2018-03-16 12:26:03 +01:00
Tuomas Tynkkynen
ef64208eba Merge commit '3ab2949' from staging into master
Conflicts:
	pkgs/development/compilers/llvm/6/llvm.nix
	pkgs/servers/home-assistant/component-packages.nix
2018-03-15 22:30:56 +02:00
Samuel Leathers
5931f463ad
Merge pull request #36924 from etu/gitea-postgres-autocreate-database
Gitea postgres autocreate database
2018-03-15 14:01:01 -04:00
Elis Hirwing
1ad75d0c50
gitea: enable and configure postgres service if selected as database 2018-03-15 18:34:54 +01:00
Andreas Wiese
c7e1dff94e nixos/window-managers: actually add evilwm to default.nix
Commit 1f2b938 introduced a module for evilwm as a window-manager, but
did not actually add this module to window-manager's default.nix which
renders it useless.
2018-03-15 10:22:53 +01:00
Jan Malakhovski
8bbd48e40f nixos: fix install-grub.pl dependencies
fallback from updates to perl
2018-03-15 04:51:12 +00:00
Tuomas Tynkkynen
9e78baf5c7 nixos/qemu-vm: Add virtualized display + HID devices on AArch64 2018-03-14 21:18:20 +02:00