Bastian Köcher
179c504a66
lxd: 2.0.2 -> 2.12 ( #25685 )
...
* Upgrades lxd to version 2.12
* Adds missing packages to path for lxd
2017-05-24 19:29:38 +01:00
Vladimír Čunát
bba5b1c434
plasma5 tests: fix by using older fontconfig-penultimate
...
enable = false; didn't help, but downgrading did. It's a mystery to me.
Discussion: https://github.com/NixOS/nixpkgs/commit/c9f8fb4d127a
2017-05-24 14:56:43 +02:00
Nikolay Amiantov
ee4f8c2dc9
nixos doc: document coercedTo type
...
Also mention about docs in types.nix and fix a small error in related
documentation.
Fixes #26055 .
2017-05-24 15:52:26 +03:00
Jörg Thalheim
323f28d40e
nsswitch: use libnss_resolve if resolved is enabled
2017-05-24 01:10:36 +01:00
Franz Pletz
2d12d2b70e
Merge pull request #25971 from Ma27/systemd/logind-config
...
services.logind: add options for lid-switch behavior
2017-05-23 23:17:36 +02:00
Jörg Thalheim
0e9e777508
znc: document password generation better
...
cc @rtjre
2017-05-23 21:22:28 +01:00
Antoine Eiche
7b80f4c344
nixos/cloudinit: add cloudinit test
...
An iso containing metadatas is created and attached as a cdrom to the
qemu VM used for this test.
The cloudinit service is enabled. The test case ensures the root
authorized_keys file is populated and the cloudinit write_file module is
working well.
2017-05-23 20:51:05 +02:00
Maximilian Bosch
23d1c7f474
services.logind: add options for lid-switch behavior
2017-05-23 18:57:57 +02:00
Christian Kögler
f3cfc10ebb
NixOS: fix XCURSOR_PATH expansion
...
This fix allows expansion of XCURSORPATH by using type array instead of
a string.
2017-05-23 18:53:55 +02:00
Samuel Leathers
61def1ef1e
buildbot: fix maintainer
2017-05-23 00:02:23 -04:00
Franz Pletz
02bb7c2ec0
Revert "gitlab service: fix preStart script"
...
This reverts commit 31a5e065b0
.
See #26000 .
2017-05-23 00:06:00 +02:00
Silvan Mosberger
3497ba5c3a
znapzend service: options for logging/nodestroy/restart on failure
...
fixes #25960
2017-05-22 21:47:51 +01:00
Samuel Leathers
31a5e065b0
gitlab service: fix preStart script
2017-05-22 22:07:35 +02:00
Arseniy Seroka
c734781158
Merge pull request #25958 from Mic92/iwd
...
iwd: init at unstable-2017-04-21
2017-05-22 20:04:04 +03:00
Frederik Rietdijk
a2598e4ca1
Merge pull request #23024 from phile314/cloud-init-update
...
cloud-init: 0.7.6 -> 0.7.9 + module improvements
2017-05-22 16:33:31 +02:00
Mateusz Kowalczyk
cb5cb0bf95
services.jenkins.plugins: fix initial case
2017-05-22 12:01:27 +01:00
Jörg Thalheim
7e40287d00
Merge pull request #25835 from therealpxc/fish
...
Fish: source NixOS environment on non-login shells + source shell init on NixOS even when parent shell has done so
2017-05-22 07:08:30 +01:00
Calum MacRae
abe0da425b
kbfs service: init ( #25610 )
...
* kbfs service: init
2017-05-22 08:14:12 +08:00
Joachim F
8f89e43427
Merge pull request #25700 from michalpalka/xen-bridge-stop-fix
...
xen service: Fix removing netfilter rules while stopping xen-bridge
2017-05-21 17:22:33 +01:00
Joachim F
07ceaa2ec8
Merge pull request #25896 from joachifm/ovmf
...
ovmf: split firmware image files
2017-05-21 14:48:29 +01:00
Niklas Hambüchen
2df7d4d63a
manual: Fix addCheck
example having arguments in wrong order.
...
`addCheck` takes first the type, then the check.
2017-05-21 15:03:16 +02:00
Jörg Thalheim
a527a47cd3
iwd: init at unstable-2017-04-21
2017-05-21 11:05:35 +01:00
Jörg Thalheim
f279508648
Merge pull request #25934 from nh2/nixos-manual-module-option-never-fix
...
Fix typo in manual about options without defaults
2017-05-21 09:13:59 +01:00
Willi Butz
4e4f7a2f66
zsh module: rename option syntax-highlighting
...
rename zsh-option "syntax-highlighting" -> "syntaxHighlighting"
2017-05-21 01:26:51 +02:00
Franz Pletz
b411968774
lldpd: init at 0.9.7
2017-05-21 01:16:42 +02:00
Franz Pletz
4ec09476f2
matrix-synapse service: restart on failure
2017-05-21 01:16:41 +02:00
Mateusz Kowalczyk
41ea71a347
jenkins service: add declarative plugin support
2017-05-20 22:54:07 +01:00
Mateusz Kowalczyk
a2c900dc87
GCE-service: Update fetch-ssh-keys API usage
2017-05-20 22:54:07 +01:00
Jörg Thalheim
6fae5631b2
systemd-nspawn: add NotifyRead fixup
2017-05-20 20:32:45 +01:00
Jörg Thalheim
4698012c52
systemd-nspawn: add NotifyRead option
2017-05-20 20:31:38 +01:00
Niklas Hambüchen
aed1986f2f
Fix typo about options without defaults
2017-05-20 17:05:02 +02:00
Pascal Bach
f469bd83bb
mysql service: change default data directory for 17.09
...
The new directory is now moved to /var/lib/mysql. This makes it consistent with
with upstream.
2017-05-20 15:46:13 +02:00
Jörg Thalheim
f1b2b99005
Merge pull request #25798 from biappi/patch-1
...
removing the advise to add virtualbox's guest additions in configuration.nix
2017-05-20 14:07:47 +01:00
Jörg Thalheim
7587a4a4f4
Merge pull request #25802 from dermetfan/fix-znapzend-autostart
...
znapzend service: fix autostart
2017-05-20 14:06:55 +01:00
Joachim Fasting
252dcd62f3
OVMF: separate output for ovmf binaries
...
OVMF{,CODE,VARS}.fd are now available in a dedicated fd output, greatly
reducing the closure in the common case where only those files are used (a
few MBs versus several hundred MBs for the full OVMF).
Note: it's unclear why `dontPatchELF` is now necessary for the build to
pass (on my end, at any rate) but it doesn't make much sense to run this
fixup anyway,
Note: my reading of xen's INSTALL suggests that --with-system-ovmf should
point directly to the OVMF binary. As such, the previous invocation was
incorrect (it pointed to the root of the OVMF tree). In any case, I have
only built xen with `--with-system-ovmf`, I have not tested it.
Fixes https://github.com/NixOS/nixpkgs/issues/25854
Closes https://github.com/NixOS/nixpkgs/pull/25855
2017-05-20 12:33:48 +02:00
Jörg Thalheim
376fe51da2
Merge pull request #25877 from nocoolnametom/update-znc
...
znc service: refactor config generation
2017-05-20 09:49:26 +01:00
Jörg Thalheim
f059ddf85d
Merge pull request #25938 from bachp/emby-datadir
...
emby service: allow changing data directory
2017-05-20 09:33:37 +01:00
Jörg Thalheim
7c9437104a
Merge pull request #25925 from selaux/networkmanager_fortisslvpn
...
networkmanager_fortisslvpn: init at 1.2.4
2017-05-20 09:18:22 +01:00
Pascal Bach
1541140473
emby service: allow changing data directory
2017-05-20 09:56:06 +02:00
Patrick Callahan
42c768c8e8
fish: (NixOS only) source configuration sections anew in all child shells
...
this fixes issue #25800 : https://github.com/NixOS/nixpkgs/issues/25800
2017-05-19 21:00:24 -07:00
Stefan Lau
a3696aa090
networkmanager_fortisslvpn: init at 1.2.4
2017-05-19 19:18:30 +02:00
Niklas Hambüchen
ff4eb1eaa6
glusterfs service: Copy hooks to /var at startup.
...
This is where glusterfs expects them; see also
https://github.com/gluster/glusterfs/blob/v3.10.1/extras/hook-scripts/Makefile.am#L4
Also see upstream bug https://bugzilla.redhat.com/show_bug.cgi?id=1452761
2017-05-19 16:56:31 +02:00
Volth
e5fbeb2f11
test-driver: sendKeys() support for capital letters
2017-05-19 13:56:24 +00:00
Jörg Thalheim
2f22bbe150
Merge pull request #25578 from Ma27/module/xautolock
...
services.xserver.xautolock: add module
2017-05-19 07:09:10 +01:00
Nikolay Amiantov
e17744067a
displaylink: 1.1.62 -> 1.3.52
2017-05-19 02:51:45 +03:00
Jascha Geerds
d4e2cbd5c9
miredo: Improve service description
2017-05-18 15:57:26 +02:00
Tom Doggett
e28203fd48
Adding options to enable bitlbee and slack gateways in znc config.
2017-05-17 16:13:18 -07:00
Jörg Thalheim
64acaa1e2d
Merge pull request #25646 from zx2c4/wg-psk-change
...
wireguard: 0.0.20170421 -> 0.0.20170517
2017-05-17 23:58:51 +01:00
Jörg Thalheim
9464df56a0
Merge pull request #25712 from 4z3/per-user-pkgs
...
users-groups module: add per-user packages
2017-05-17 22:18:19 +01:00
Eric Sagnes
5b30f246cb
varnish module: remove unneeded gcc runtime dependency
2017-05-17 16:14:29 +02:00
Bjørn Forsman
f9633c7791
nixos/gnome3: fix screen sharing
...
Without this change there will be silent errors when enabling screen
sharing. The GUI thinks it enables the service when it in fact does not
(errors are seen in the system journal).
vino is already in the closure of gnome-control-center, so this is
basically free.
Configuration of screen sharing is done in GNOME control center.
2017-05-17 15:23:11 +02:00
Matthew Maurer
b0ec4b8cc7
typo: powerManagment -> powerManagement ( #25813 )
2017-05-16 18:22:44 +02:00
Jörg Thalheim
9c3b926448
Merge pull request #25823 from rickynils/luks_crypsetup_quiet
...
nixos/luks: Silence killall complain about non-existing cryptsetup pr…
2017-05-16 12:40:27 +01:00
Joachim Schiele
d5e18499d9
on error, add a reference to the configuration file ( #25825 )
...
error now adds the zone file in the output which makes 'reasonable' debugging possible!
[root@nixdoc:~/nixpkgs_nsd]# nixos-rebuild -I nixpkgs=. switch
building Nix...
building the system configuration...
these derivations will be built:
/nix/store/318a7mhwlz1x0cy4hl1259n8x9z0jacy-nsd-env.drv
/nix/store/fnbhk8grwk7vfdk3gby49bv6kml8hjcc-unit-script.drv
/nix/store/xf80mq1f1c3pm37fci0vi5ixy4gb1rcp-unit-nsd.service.drv
/nix/store/bfmkkykqksmvkhvh3ppl36k86lbw9v4i-system-units.drv
/nix/store/ja97mwl2r0wdrxccl82dx8jln7jlmnyb-etc.drv
/nix/store/yh8m6b3j8vapz2r1wzffq8zq09j56q8p-nixos-system-nixdoc.io-17.09.git.0afb6d7.drv
building path(s) ‘/nix/store/sg7w3k6qg2yr02a0sbrgbv5yiqn9pzcq-nsd-env’
created 2 symlinks in user environment
checking zone files
|- checking zone '/nix/store/sg7w3k6qg2yr02a0sbrgbv5yiqn9pzcq-nsd-env/zones/lastlog.de.'
[2017-05-16 10:30:34.628] nsd-checkzone[27696]: error: lastlog.de.:17: syntax error
[2017-05-16 10:30:34.628] nsd-checkzone[27696]: error: lastlog.de.:17: unrecognized RR type 'lastlog'
zone lastlog.de. file lastlog.de. has 2 errors
builder for ‘/nix/store/318a7mhwlz1x0cy4hl1259n8x9z0jacy-nsd-env.drv’ failed with exit code 1
cannot build derivation ‘/nix/store/xf80mq1f1c3pm37fci0vi5ixy4gb1rcp-unit-nsd.service.drv’: 1 dependencies couldn't be built
cannot build derivation ‘/nix/store/bfmkkykqksmvkhvh3ppl36k86lbw9v4i-system-units.drv’: 1 dependencies couldn't be built
cannot build derivation ‘/nix/store/ja97mwl2r0wdrxccl82dx8jln7jlmnyb-etc.drv’: 1 dependencies couldn't be built
cannot build derivation ‘/nix/store/yh8m6b3j8vapz2r1wzffq8zq09j56q8p-nixos-system-nixdoc.io-17.09.git.0afb6d7.drv’: 1 dependencies couldn't be built
error: build of ‘/nix/store/yh8m6b3j8vapz2r1wzffq8zq09j56q8p-nixos-system-nixdoc.io-17.09.git.0afb6d7.drv’ failed
2017-05-16 12:40:09 +02:00
J M
03d190d54f
shibboleth: Add Myself as a Maintainer ( #25817 )
2017-05-16 10:11:55 +01:00
Rickard Nilsson
a92bdc54e3
nixos/luks: Silence killall complain about non-existing cryptsetup processes
2017-05-16 09:50:10 +02:00
jammerful
d9df350695
ssh: Add Newline to KnownHostsText
...
SSH expects a new line at the end of known_hosts file.
Without a new line the next entry goes on the same line
as the last entry in known_hosts causing errors.
2017-05-15 23:49:43 -04:00
Robin Stumm
72e50645a3
znapzend service: fix autostart
2017-05-15 15:09:50 +02:00
Antonio Malara
f1ab9f3175
removing the advise to add virtualbox's guest additions in configuration.nix
...
... because `nixos-generate-config` currently understand it's running under virtualbox, and correctly adds the configuration in `/etc/nixos/hardware-configuration.nix`
2017-05-15 14:23:50 +02:00
Tuomas Tynkkynen
3d79d8c28b
sd-image-*.nix: Drop minimal profile
...
It's annoying to not have manpages when installing.
2017-05-14 23:52:47 +03:00
Franz Pletz
0cd0581b75
gitlab-runner service: only depend on docker if enabled
2017-05-14 22:47:35 +02:00
Joachim Fasting
e6c65ecb12
tree-wide: remove uses of features.grsecurity
2017-05-14 15:08:51 +02:00
Jörg Thalheim
ae12ded6bf
Merge pull request #25381 from sargon/nullmailer
...
nullmailer + service: init at 2.0
2017-05-13 07:13:07 +01:00
tv
f46b3a038f
users-groups module: add per-user packages
2017-05-12 20:30:22 +02:00
Michał Pałka
8aa756b64a
gitlab service: fix uploading artifacts from gitlab-runner
...
Add the binaries from gitlab-workhorse to the path of the
gitlab-workhorse service, as gitlab-zip-metadata is needed
by the service
2017-05-12 06:52:33 +00:00
lassulus
fd7a8f1b91
nixos/security/acme: fix acme folder permissions
2017-05-11 18:49:26 +02:00
Tristan Helmich
d25bf8e72f
elasticsearch service: remove postStart script
2017-05-11 12:10:18 +02:00
Michał Pałka
1c7629ce63
xen service: Fix removing netfilter rules while stopping xen-bridge
...
This fixes a bug in the stopping script for the xen-bridge service,
which caused the script to crash and fail to remove some
netfilter rules.
2017-05-11 09:52:36 +00:00
Jörg Thalheim
ad67c286e1
salt-minion: link to configuration documentation
2017-05-11 07:12:04 +01:00
Aneesh Agrawal
e22ccad978
salt: Add minion service module
2017-05-10 21:26:02 -04:00
Jörg Thalheim
e33848568d
systemd-boot: document reasoning behind syncfs(2)
2017-05-10 10:32:26 +01:00
Patrick Callahan
3f6d21bafc
fish: resolve NixOS-related initialization problems
2017-05-10 10:16:10 +01:00
Jörg Thalheim
98ff062ed4
Merge pull request #25650 from Mic92/systemd-boot
...
systemd-boot: sync efi filesystem after update
2017-05-10 09:05:09 +01:00
Jörg Thalheim
7b211da119
Merge pull request #25531 from Infinisil/fix/ipfs-dataDir
...
ipfs service: Fix dataDir being ignored
2017-05-10 07:19:23 +01:00
Eric Sagnes
92bb3e8b9b
i3: fix runtime dependencies
...
Fixes #25633 .
2017-05-10 02:42:44 +02:00
Jörg Thalheim
9c90ff7e7d
Merge pull request #25611 from Lassulus/copytoram-option
...
nixos/iso-image: add option for copytoram
2017-05-09 22:36:59 +01:00
Jörg Thalheim
e697585675
hardware.enableRedistributableFirmware: fix spelling error
2017-05-09 20:13:15 +01:00
Jörg Thalheim
e3beb07108
systemd-boot: sync efi filesystem after update
...
Since fat32 provides little recovery facilities after a crash,
it can leave the system in an unbootable state, when a crash/outage
happens shortly after an update. To decrease the likelihood of this
event sync the efi filesystem after each update.
2017-05-09 19:06:27 +01:00
Aneesh Agrawal
779ae06467
Add salt master module ( #25632 )
...
* salt: 2016.11.2 -> 2016.11.4
* salt: Add master NixOS module
2017-05-09 18:20:35 +01:00
Jason A. Donenfeld
6e50243d98
wireguard: preshared-key is now an attribute of the peer
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-09 16:58:39 +02:00
Jörg Thalheim
5385a8e216
Merge pull request #25636 from Mic92/firmware
...
hardware: add enableRedistributalFirmware
2017-05-09 15:57:49 +01:00
Jörg Thalheim
05aa80c06a
hardware: add enableRedistributalFirmware
...
Due the recent inclusion of broadcom-bt-firmware in enableAllFirmware,
it was required to set `nixpkgs.config.allowUnfree` to obtain the full
list. To make this dependency more explicit an assertion is added and an
alternative option `enableRedistributalFirmware` is provided to only
obtain firmware with an license allowing redistribution.
2017-05-09 15:29:08 +01:00
Maximilian Bosch
9d1db321fe
services.xserver.xautolock: add module
2017-05-09 15:02:10 +02:00
Peter Hoeg
112b5556af
Merge pull request #25397 from clefru/qemu-OVMF-on-channels
...
Introduce virtualisation.libvirtd.qemuOvmf.
2017-05-09 16:36:45 +08:00
Jörg Thalheim
ddb6d0962e
environment.profileRelativeEnvVars: remove sbin from example
...
follow up of https://github.com/NixOS/nixpkgs/pull/25550
2017-05-09 08:51:04 +01:00
Jörg Thalheim
33cfad8227
Merge pull request #25550 from Mic92/sbin
...
environment: remove sbin from PATH
2017-05-09 08:39:01 +01:00
lassulus
334ac4f043
nixos/iso-image: add option for copytoram
2017-05-08 10:40:00 +02:00
Jörg Thalheim
192f8e7699
broadcom-bt-firmware: revert to unfree
...
license was misinterpreted, it is now only conditionally in the all
firmware list included, if `allowUnfree` is set.
fixes #25567
2017-05-08 09:18:11 +01:00
Franz Pletz
cce8aab9de
mattermost service: PrivateTmp broken with local postgresql
2017-05-08 09:18:32 +02:00
Joachim F
a1dc3fdf23
Merge pull request #25562 from montag451/gnome-disks-dbus
...
gnome-disks: add D-Bus service
2017-05-07 18:54:19 +01:00
Graham Christensen
4d44810fe7
Merge pull request #25365 from armijnhemel/mediawiki
...
mediawiki: 1.27.1 -> 1.27.3
2017-05-07 06:58:32 -04:00
Jörg Thalheim
6b0d8027ef
zfs: zed service is now called zfs-zed
...
fixes #25566
2017-05-07 10:22:14 +01:00
Peter Simons
71ae259627
nixos: revert changes from 3ab45f4b36
in taskserver module
...
See 3ab45f4b36 (commitcomment-22029298)
.
Fixes https://github.com/NixOS/nixpkgs/issues/25529 (I hope).
2017-05-06 19:50:02 +02:00
montag451
3be53fca60
gnome-disks: add D-Bus service
2017-05-06 19:40:37 +02:00
Joachim F
dc2fc5ed57
Merge pull request #25495 from michalpalka/xen-forward-dns
...
xen service: Forward DNS queries from Xen guests
2017-05-06 13:56:10 +01:00
Joachim F
6ef9875edb
Merge pull request #25494 from michalpalka/xendomains
...
xen service: Add the possibility to override configuration of xendomains
2017-05-06 13:55:59 +01:00
Joachim F
e2f9c1b97b
Merge pull request #25281 from michalpalka/master
...
xen service: fix xen-bridge not setting the configured netmask
2017-05-06 13:55:50 +01:00
Jörg Thalheim
539b091f6e
environment: remove sbin from PATH
...
sbin is a symlink to bin. /run/current-system/sw/sbin and related
profiles only contains packages, which have this symlink. It is a subset
of bin.
2017-05-06 08:39:27 +01:00
Silvan Mosberger
91ee3530a7
ipfs service: Fix dataDir being ignored
...
IPFS uses the environment variable IPFS_PATH to determine where to look for it's data, which wasn't set previously therefore ignoring the dataDir attribute
2017-05-05 11:25:36 +02:00
Jörg Thalheim
6ad804324f
environment: remove lib/kde4/libexec from PATH
...
kde4 is gone and does need to be in $PATH anymore by default
2017-05-05 07:50:34 +01:00
Joachim F
a2bfdd05ed
Merge pull request #25451 from volth/xrdp-dont-restart
...
xrdp: do not restart xrdp-sesman on nixos-rebuild
2017-05-05 00:20:45 +01:00
Jörg Thalheim
3156ef2dfd
Merge pull request #25478 from zraexy/zraexy-broadcom-bt-firmware
...
broadcom-bt-firmware: init at 12.0.1.1011
2017-05-04 22:33:06 +01:00
Domen Kožar
14f5a3d760
nixos datadog module: add processConfig option
2017-05-04 13:25:45 +02:00
Rob Vermaas
a9f054c834
dd-agent: Add default config files of dd-agent and auto_conf dir
...
to /etc/dd-agent/conf.d by default, and make sure
/etc/dd-agent/conf.d is used.
Before NixOS 17.03, we were using dd-agent 5.5.X which
used configuration from /etc/dd-agent/conf.d
In NixOS 17.03 the default conf.d location is first used relative,
meaning that $out/agent/conf.d was used without NixOS overrides.
This change implements similar functionality as PR #25288 , without
breaking backwards compatibility.
(cherry picked from commit 77c85b0ecb
)
2017-05-04 09:47:21 +00:00
Michał Pałka
e7203cb03d
xen service: Forward DNS queries from Xen guests
...
Provide the option forwardDns in virtualisation.xen.bridge, which
enables forwarding of DNS queries to the default resolver, allowing
outside internet access for the xen guests.
2017-05-04 08:48:03 +00:00
Michał Pałka
3b0daa1a28
xen service: Add the possibility to override configuration of xendomains
...
Add the option virtualisation.xen.domain.extraConfig, which
allows overriding options passed to xendomains.
2017-05-04 08:31:40 +00:00
zraexy
d900478e3c
broadcom-bt-firmware: init at 12.0.1.1011
...
broadcom-bt-firmware: init at 12.0.1.1011
2017-05-03 12:51:32 -08:00
Frederik Rietdijk
9e48fc3268
Merge pull request #24131 from nand0p/buildbot-0.9.5
...
buildbot: 0.9.4 -> 0.9.5
2017-05-03 07:56:29 +02:00
jammerful
d8c1977bb5
shibboleth-sp module: Set Config File Path for FastCGI Units
...
Without this environment variable both shibauthorizer and
shibresponder default to ${pkgs.shibboleth-sp}etc/shibboleth/shibboleth2.xml
2017-05-02 19:58:03 -04:00
aszlig
9dca737d62
Merge pull request #15353 (improve xrandrHeads)
...
When you have a setup consisting of multiple monitors, the default is
that the first monitor detected by xrandr is set to the primary monitor.
However this may not be the monitor you need to be set as primary. In
fact this monitor set to primary may in fact be disconnected.
This has happened for the original submitter of the pull request and it
affected these programs:
* XMonad: Gets confused with Super + {w,e,r}
* SDDM: Puts the login screen on the wrong monitor, and does not
currently duplicate the login screen on all monitors
* XMobar: Puts the XMobar on the wrong monitor, as it only puts the
taskbar on the primary monitor
These changes should fix that not only by setting a primary monitor in
xrandrHeads but also make it possible to make a different monitor the
primary one.
The changes are also backwards-compatible.
2017-05-02 23:14:26 +02:00
Volth
9bce416637
xrdp: environment.pathsToLink from xserver.nix
2017-05-02 21:08:07 +00:00
Volth
830669ca05
xrdp: do not restart xrdp-sesman on nixos-rebuild
2017-05-02 21:08:07 +00:00
jammerful
9f18af5991
Add Shibboleth Service Provider Module
2017-05-02 11:29:58 -04:00
Daniel Ehlers
4338f096f5
nullmailer + service: init at 2.0
2017-05-02 01:46:12 +02:00
Jörg Thalheim
4c576fd946
Merge pull request #25323 from Ma27/zsh/support-pattern-highlighters
...
programs.zsh.syntax-highlighting: support custom highlighting patterns
2017-05-01 22:23:36 +02:00
Maximilian Bosch
f6e612bb8f
programs.zsh.syntax-highlighting: support custom highlighting patterns
...
see https://github.com/zsh-users/zsh-syntax-highlighting/blob/master/docs/highlighters/pattern.md
for further reference.
2017-05-01 20:58:56 +02:00
goibhniu
248a06695f
Merge pull request #22236 from Baughn/mediawiki
...
apache-httpd: Add 'extensions' config option for mediawiki
2017-05-01 19:17:36 +02:00
Clemens Fruhwirth
df5d588f13
Introduce virtualisation.libvirtd.qemuOvmf.
2017-05-01 18:36:13 +02:00
Renzo Carbonara
9a5916dc47
tarsnap service: add 'verbose' config option ( #25353 )
2017-05-01 16:09:45 +01:00
Daniel Peebles
daf16b5679
Merge pull request #25391 from Mic92/nixos-prepare-root
...
nixos-prepare-root: force symlink at /run
2017-05-01 10:15:36 -04:00
Jörg Thalheim
361314ca71
nixos-prepare-root: force symlink at /run
...
Otherwise a reinstall will fail.
2017-05-01 16:10:58 +02:00
Michael Raskin
3ecaf3b4b5
Merge pull request #25168 from tadfisher/ups-fix
...
ups: fix config generation
2017-05-01 16:09:18 +02:00
Michael Raskin
938fbf6873
Merge pull request #25116 from rvl/gogs
...
Gogs service password handling improvements
2017-05-01 14:26:22 +02:00
Michael Raskin
b28e2788e2
Merge pull request #25009 from dermetfan/fix-znapzend-service
...
znapzend service: fix reload
2017-05-01 13:24:24 +02:00
Michael Raskin
98a36b2847
Merge pull request #23709 from lheckemann/xserver-layout-existence
...
xserver: check that selected layout exists
2017-05-01 12:16:59 +02:00
Jörg Thalheim
036e0f114a
gogs: improve cookieSecure documentation
2017-05-01 11:37:12 +02:00
Michael Raskin
4d2f7b63e0
Merge pull request #24803 from pajowu/master
...
browserpass: init at 1.0.2
2017-05-01 11:27:17 +02:00
Peter Marheine
fd1f1aca9e
release notes: incompatible flexget upgrade
2017-05-01 10:10:34 +02:00
Michael Raskin
7e19fcddcc
Merge pull request #24366 from rvl/longview-password-file
...
longview service: don't write passwords to nix store
2017-05-01 09:39:35 +02:00
Michael Raskin
90ce1aa28a
Merge branch 'master' into clickhouse
2017-05-01 07:33:31 +02:00
Michael Raskin
01ba1a40d3
Merge pull request #24341 from LumiGuide/cadviser-storageDriverPasswordFile
...
cadviser: add storageDriverPasswordFile option
2017-05-01 02:01:49 +02:00
Michael Raskin
6b31de49cf
Merge pull request #24005 from ambrop72/xcursor-path
...
nixos: Define XCURSOR_PATH environment variable.
2017-04-30 23:01:57 +02:00
Armijn Hemel
cdebfa80ab
mediawiki: 1.27.1 -> 1.27.3
2017-04-30 22:38:00 +02:00
Michael Raskin
1c8d388201
Merge pull request #23865 from volth/xrdp-tests
...
xrdp: init at 0.9.2
2017-04-30 22:35:48 +02:00
Michael Raskin
d5ec7bc748
Merge pull request #23697 from sargon/master
...
sshguard + service: init at 2.0.0
2017-04-30 21:43:12 +02:00
Bjørn Forsman
c282de7103
nixos/munin: remove duplicated /run/current-system/sw/bin path
...
A side effect of commit ff21171921
("Fix references to current-system/sw/sbin"). It changed "sbin" to "bin"
but didn't check for duplicates.
2017-04-30 21:04:51 +02:00
Michael Raskin
eedc0f0a78
Merge pull request #23333 from romildo/upd.qt5ct
...
qt5ct: 0.24 -> 0.30
2017-04-30 19:42:31 +02:00
Michael Raskin
929ae39dbe
Merge pull request #22683 from aneeshusa/add-nixos-test-for-radicale
...
Add nixos test for radicale
2017-04-30 18:51:46 +02:00
Michael Raskin
a5d36429dc
Merge pull request #22489 from avnik/nixos-locales
...
nixos: allow supply customized locale package
2017-04-30 18:19:31 +02:00
Joachim Fasting
56e1133d75
nixos/lock-kernel-modules: fix typo in unitConfig
...
I managed to miss this one somehow ... meh
2017-04-30 15:17:29 +02:00
Joachim Fasting
a1678269f9
nixos/hardened profile: disable user namespaces at runtime
2017-04-30 15:17:27 +02:00
Thomas Tuegel
4e0d21edd1
Merge pull request #25285 from ttuegel/qt--fix-plugin-paths
...
Qt: purify plugin paths, unify Linux and Darwin builders
2017-04-30 07:33:50 -05:00
Vladimír Čunát
eb4792a03f
nixos manual: add a note about "nofail" FS option
...
Close #1858 , as I think the points have been well resolved.
2017-04-30 14:10:30 +02:00
Michael Raskin
689916b98f
Merge pull request #25337 from benley/nm-dnsmasq
...
nixos: optional NetworkManager dnsmasq integration
2017-04-30 12:18:34 +02:00
Joachim Fasting
1dd3ba924b
nixos/hardened profile: disable hibernation
...
Recommended by KSPP
2017-04-30 12:06:11 +02:00
Joachim Fasting
ffa83edf4a
nixos/tests: add tests for exercising various hardening features
...
This test exercises the linux_hardened kernel along with the various
hardening features (enabled via the hardened profile).
Move hidepid test from misc, so that misc can go back to testing a vanilla
configuration.
2017-04-30 12:05:42 +02:00
Joachim Fasting
ab4fa1cce4
tree-wide: prune some dead grsec leaves
...
The beginning of pruning grsecurity/PaX from the tree.
2017-04-30 12:05:41 +02:00
Joachim Fasting
8c98e8ca2f
nixos/hardened profile: use the linux_hardened kernel
2017-04-30 12:05:40 +02:00
Joachim Fasting
6a5a5728ee
nixos/hardened profile: lock kernel modules
2017-04-30 12:05:38 +02:00
Joachim Fasting
878ad1ce6e
nixos: add option to lock kernel modules
...
Adds an option `security.lockKernelModules` that, when enabled, disables
kernel module loading once the system reaches its normal operating state.
The rationale for this over simply setting the sysctl knob is to allow
some legitmate kernel module loading to occur; the naive solution breaks
too much to be useful.
The benefit to the user is to help ensure the integrity of the kernel
runtime: only code loaded as part of normal system initialization will be
available in the kernel for the duration of the boot session. This helps
prevent injection of malicious code or unexpected loading of legitimate
but normally unused modules that have exploitable bugs (e.g., DCCP use
after free CVE-2017-6074, n_hldc CVE-2017-2636, XFRM framework
CVE-2017-7184, L2TPv3 CVE-2016-10200).
From an aestethic point of view, enabling this option helps make the
configuration more "declarative".
Closes https://github.com/NixOS/nixpkgs/pull/24681
2017-04-30 12:05:37 +02:00