Commit Graph

4218 Commits

Author SHA1 Message Date
Rickard Nilsson
65c1c6525b network-manager: Big overhaul
* Add group 'networkmanager' and implement polkit configuration
    that allows users in this group to make persistent, system-wide
    changes to NetworkManager settings.

  * Add support for ModemManager. 3G modems should work out of the
    box now (it does for me...). This introduces a dependency on
    pkgs.modemmanager.

  * Write NetworkManger config file to Nix store, and let the
    daemon use it from there.
2012-09-27 09:26:07 +02:00
Peter Simons
af7c192f2a postfix: convert service to systemd 2012-09-25 16:38:09 -04:00
Peter Simons
5ef71c6d22 smartd: convert service to systemd 2012-09-25 16:38:05 -04:00
Eelco Dolstra
a139fa14b1 Optionally make the Nix store read-only to enforce immutability
This will be the default once Nix 1.2 is released.
2012-09-25 16:33:21 -04:00
Eelco Dolstra
fcebb3f3cd Clean up the nscd job 2012-09-25 15:22:55 -04:00
Peter Simons
2d6d678bb9 dovecot.nix: correct bogus reference to dovecot in Nixpkgs 2012-09-25 11:24:35 +02:00
Peter Simons
a7700202f2 Rename dovecot2 module to dovecot.
We no longer support more than one version.
2012-09-25 11:23:53 +02:00
Shea Levy
bf116c7876 busyboxKeymap: Support unicode keymaps 2012-09-24 17:15:26 -04:00
Peter Simons
573b6b710f Merge pull request #26 from aszlig/boottime-keymap
stage-1: Add option to load keymap during bootup.
2012-09-24 07:33:03 -07:00
Peter Simons
c1949c36e9 Merge pull request #31 from peti/master
Drop service for dovecot 1.x.
2012-09-24 07:31:04 -07:00
Lluis Batlle
5ee79c5722 Adding a parameter 'ttyEmergency'
It specifies what mingetty will be stopped, if a bad filesystem
triggers an emergency shell.

That should be ttyS0 on headless systems, and in that case,
nixos should stop the ttyS0 mingetty from getting in.
2012-09-24 00:16:52 +02:00
Peter Simons
97c74bf050 alsa.nix: initialize the sound card before restoring previously stored settings
The sound card in my ThinkPad won't work unless "init" is run explicitly.
2012-09-23 22:40:19 +02:00
Peter Simons
00e19c91e5 postfix: add option 'extraMasterConf' to extend the default master.cf file 2012-09-23 12:21:48 +02:00
Peter Simons
b8f09be5e0 Remove service for dovecot version 1.x. 2012-09-22 12:51:58 +02:00
Eelco Dolstra
1ad655bdcf Don't join the cpuset controller with cpu/cpuacct
This works around the problem described here:

http://lists.freedesktop.org/archives/systemd-devel/2012-September/006648.html
2012-09-21 22:56:13 -04:00
Eelco Dolstra
4fa9b4b257 Restart systemd if necessary 2012-09-21 14:58:28 -04:00
Eelco Dolstra
0bd7bdfe0d Merge branch 'master' of github.com:NixOS/nixos 2012-09-21 11:03:25 -04:00
Eelco Dolstra
600d43ba93 Drop xfce-4.6 compatibility 2012-09-21 11:03:07 -04:00
Peter Simons
4476b875fc Add services.dovecot2.extraConfig option to configure arbitrary settings for which NixOS has no direct support. 2012-09-21 16:04:46 +02:00
Peter Simons
0573c7fcae modules/services/mail/dovecot2.nix: update syntax for SSL config options 2012-09-21 12:29:36 +02:00
Peter Simons
155495deb2 modules/services/mail/dovecot2.nix: accept plain text authentication only over secure channels when TLS is available
Connects from 'localhost' are always considered secure.
2012-09-21 12:29:36 +02:00
Peter Simons
1da16a5ea1 modules/services/mail/dovecot2.nix: log via syslog instead of writing a separate file 2012-09-21 12:29:36 +02:00
Eelco Dolstra
d4af6edd5e firewall.nix: Allow specifying trusted network interfaces
Trusted network interfaces (such as "lo") will accept any incoming
traffic.
2012-09-20 17:51:44 -04:00
Eelco Dolstra
1e666c10fa Get rid of the last use of mkThenElse 2012-09-20 16:55:32 -04:00
Rickard Nilsson
0de3a0cff3 nscd-invalidate: Invalidate passwd and group databases also
I had some problems with LDAP user lookups not working properly
at boot. I found that invalidating passwd and group on the
ip-up event (when nscd-invalidate starts) helped a bit.
2012-09-19 14:30:55 +02:00
Eelco Dolstra
83c6b1cf3a Set $LOCALE_ARCHIVE in systemd services
Systemd sets locale variables like $LANG when running services, so
$LOCALE_ARCHIVE should also be set to prevent warnings like "perl:
warning: Setting locale failed.".
2012-09-18 18:12:39 -04:00
Eelco Dolstra
d12dd340b6 firewall.nix: Respect networking.enableIPv6 = false
Reported-by: Pablo Costa <modulistic@gmail.com>
2012-09-18 17:20:46 -04:00
Eelco Dolstra
b96835f8dd Merge remote-tracking branch 'origin/master' into systemd 2012-09-14 13:24:03 -04:00
Eelco Dolstra
75583c7984 nixos-rebuild: Support --option 2012-09-14 13:23:19 -04:00
Peter Simons
ad65e807bd Add new 'hardware.cpu.amd.updateMicrocode' option. 2012-09-11 18:44:37 +02:00
Eelco Dolstra
aac6fe44b6 Merge branch 'master' of github.com:NixOS/nixos into systemd 2012-09-11 10:58:57 -04:00
Eelco Dolstra
b53842df3e Don't set the passno field for tmpfs and other FSs that have no device
If passno is set, then systemd will instantiate a systemd-fsck unit,
which in turn will instantiate a <device>.device unit
(e.g. "none.device").  Since no such device exists, mounting will
fail.  So don't set passno.
2012-09-11 10:55:56 -04:00
Ludovic Courtès
f7530dc5ee avahi: Never set host-name' to the empty string in avahi-daemon.conf'. 2012-09-07 10:58:53 +02:00
Rob Vermaas
27880ed729 Change logstash job startOn attribute to include networking 2012-09-06 12:31:15 +02:00
Shea Levy
f701e8d420 d'oh 2012-09-03 12:11:07 -04:00
Shea Levy
4be367ec47 Damn NixOS lack of laziness... 2012-09-03 10:35:45 -04:00
Eelco Dolstra
e0e0e57c26 Fix the OpenVPN jobs 2012-08-30 21:11:36 -04:00
Mathijs Kwik
bce1cdd59c fix kernel 3.4+ early cifs mounting (qemu-vm target)
kernel 3.4+ needs cifs-utils to mount CIFS filesystems.
the kernel itself (and busybox's cifs mount code) are no longer able
to do this in some/most cases and will error out saying:
"CIFS VFS: connecting to DFS root not implemented yet"

Nixos' qemu-vm target is hurt by this, as it wants to mount /nix/store
via cifs very early in the boot process.

This commit makes sure the initrd for affected kernels is built with
cifs-utils if needed.
2012-08-30 18:31:45 +02:00
Mathijs Kwik
a502ce1128 networking: add proxy_arp / proxy_ndp options.
proxy_arp (and proxy_ndp for ipv6) can be turned on on a few
interfaces (at least 2).
This is mainly useful for creating pseudo-bridges between a real
interface and a virtual network such as VPN or a virtual machine for
interfaces that don't support real bridging (most wlan interfaces).
As ARP proxying acts slightly above the link-layer, below-ip traffic
isn't bridged, so things like DHCP won't work. The advantage above
using NAT lies in the fact that no IP addresses are shared, so all
hosts are reachable/routeable.
2012-08-29 22:59:36 +02:00
Mathijs Kwik
0dd46d1335 networking: add options for configuring virtual devices (tun/tap)
These are mainly useful for network tunnels (vpn/ipv6) and creating
bridges for virtual machines
2012-08-29 22:59:36 +02:00
Mathijs Kwik
d106a8a296 logcheck: make sure directories are writable during merge phase 2012-08-29 22:59:28 +02:00
Peter Simons
51e58dafca spamassassin: use a dedicated user for running spamd 2012-08-28 16:27:28 +02:00
Mathijs Kwik
2769f594f3 add logcheck module 2012-08-26 16:04:49 +02:00
Mathijs Kwik
aba9f76105 change permission of /run/lock to allow non-root access to subdirectories 2012-08-26 10:17:22 +02:00
Mathijs Kwik
05262ad35d postfix: allow specifying 'virtual' mappings
mainly useful for having a few local addresses (me@host.domain.com) while the majority of
addresses are on the domain (you@domain.com)
2012-08-24 00:27:07 +02:00
Eelco Dolstra
8adc1ee92e switch-to-configuration: Stop sockets corresponding to services
If a service has a corresponding socket unit, then stop the socket
before stopping the service.  This prevents it from being restarted
behind our backs.  Also, don't restart the service; it will be
restarted on demand via the socket.
2012-08-23 12:12:58 -04:00
Eelco Dolstra
e194d41b9c cpufreq: Don't complain if a CPU doesn't support the desired governor 2012-08-23 12:12:25 -04:00
Eelco Dolstra
4c65a5d95c Don't restart agetty 2012-08-23 11:13:33 -04:00
Eelco Dolstra
dfb6e891b9 switch-to-configuration: Don't restart systemd-user-sessions.service
Restarting it causes all user sessions to be killed.
2012-08-23 11:11:14 -04:00
Eelco Dolstra
af550048e8 switch-to-configuration: Don't restart the suspend/hibernate targets
Restarting them has the side effect of suspending/hibernating the
system again.
2012-08-23 11:11:04 -04:00