Commit Graph

14346 Commits

Author SHA1 Message Date
SRGOM
5d08759f97
nixos.manual.installation.installing: nixos-hw
Add a brief note about nixos-hardware repo because it is in the official nixos organization. (and seemingly useful...)
2019-09-03 00:41:20 -06:00
worldofpeace
0c52651bb7
Merge pull request #67935 from jtojnar/gnome-fixes
gnome3.gvfs: fix eval with allowAliases = false
2019-09-02 22:14:30 -04:00
Jan Tojnar
fa03881954
gnome3.glib-networking: replace with alias
Since we moved gsettings-desktop-schemas to top-level, gnome3.glib-networking was the same as glib-networking.
We could try to make the top-level variant not depend on gsettings-desktop-schemas again but that is probably
pointless, as the dependency is rather small compared to things like libproxy. Instead, we will just drop
the package in gnome3 attr set and always rely on the top-level expression.
2019-09-03 03:48:06 +02:00
Nikolay Amiantov
0a29a2e37c syncplay module: init 2019-09-03 00:30:12 +02:00
Vladimír Čunát
f21211ebfe
Merge branch 'master' into staging 2019-09-02 23:25:24 +02:00
Andreas Rammhold
4e60699fa7
Merge pull request #67858 from flokli/local-fs-target-services
nixos: remove dependencies on local-fs.target
2019-09-02 09:16:41 +02:00
worldofpeace
b1326ffc81 nixos/pantheon: add onboard
It's used as an on-screen keyboard.
Hopefully in future they can ship their native app [0]

[0]: https://github.com/elementary/keyboard
2019-09-02 00:15:30 -04:00
Samuel Dionne-Riel
8a530a0bab
Merge pull request #67895 from lopsided98/sd-image-clone-config
sd-image: don't use installer.cloneConfig option that is not imported
2019-09-01 22:16:48 -04:00
worldofpeace
9b13731b72
Merge pull request #67522 from worldofpeace/gnome3/harmonize-defaults
Harmonize Gnome3 Defaults
2019-09-01 18:33:00 -04:00
worldofpeace
266db0820e rl-1909: note changes to gnome3 defaults 2019-09-01 18:27:28 -04:00
worldofpeace
acced1a381 rl-1909: note gnome3 profile style options 2019-09-01 18:27:28 -04:00
adisbladis
f140dfb161
nixos/desktop-managers/xterm: Disable by default
It's a confusing default for some display managers that will default
to it even when you have defined another display manager.
2019-09-01 22:17:35 +01:00
adisbladis
a36b2925a5
Merge pull request #67892 from jb55/altcoins-note
release-notes: add altcoins removal note
2019-09-01 21:14:17 +01:00
Maximilian Bosch
d8d759bb90
Merge pull request #67877 from WilliButz/fix/67874
nixos/prometheus-exporters: fix user generation
2019-09-01 21:15:35 +02:00
Ben Wolsieffer
9e5aa25c53 sd-image: don't use installer.cloneConfig option that is not imported
This once again allows sd-image.nix to imported standalone to build SD images
of arbitrary NixOS systems.
2019-09-01 14:15:33 -04:00
Florian Klink
f74735c9d7 nixos: remove dependencies on local-fs.target
Since https://github.com/NixOS/nixpkgs/pull/61321, local-fs.target is
part of sysinit.target again, meaning units without
DefaultDependencies=no will automatically depend on it, and the manual
set dependencies can be dropped.
2019-09-01 19:06:38 +02:00
Florian Klink
7f42adf7a2
Merge pull request #67848 from flokli/google-compute-config-units
google-compute-config.nix: fix comments, update google-*.service units, fix paths in gce
2019-09-01 19:04:06 +02:00
Florian Klink
8e7c47bf9e
Merge pull request #67888 from aanderse/deluge
nixos/deluge: fix directory creation errors
2019-09-01 19:03:20 +02:00
William Casarin
cec822a7bb release-notes: add altcoins removal note
Release notes for #67687 (bc08b42da4) [1]
Related issue: #25025 [2]

[1] https://github.com/NixOS/nixpkgs/issues/67687
[2] https://github.com/NixOS/nixpkgs/issues/25025

Suggested-by: @mmahut
Signed-off-by: William Casarin <jb55@jb55.com>
2019-09-01 10:03:18 -07:00
Aaron Andersen
c6b3ed4bfc nixos/deluge: fix directory creation errors 2019-09-01 10:20:42 -04:00
Florian Jacob
18a5d23b55 nixos/printers: declarative configuration 2019-09-01 15:38:30 +02:00
Florian Klink
c00c4b1940 nixos/redis: add test 2019-09-01 14:13:01 +02:00
Florian Klink
8680f72c88 nixos/redis: add changelog for #67768 2019-09-01 14:12:47 +02:00
Florian Klink
ff2fd6c4e5 nixos/redis: unbreak module
The redis module currently fails to start up, most likely due to running
a chown as non-root in preStart.

While at it, I hardcoded it to use systemd's StateDirectory and
DynamicUser to manage directory permissions, removed the unused
appendOnlyFilename option, and the pidFile option.

We properly tell redis now it's daemonized, and it'll use notify support
to signal readiness.
2019-09-01 14:08:42 +02:00
WilliButz
7786d0718c
nixos/prometheus-exporters: fix user generation 2019-09-01 12:51:39 +02:00
worldofpeace
d64d6c520e
Merge pull request #67473 from worldofpeace/wingpanel/fix-network-indicator
nixos/pantheon: fix launching nm-applet components
2019-09-01 04:36:06 -04:00
worldofpeace
83d60f72ae
Merge pull request #67667 from jtojnar/default-emoji
nixos/fontconfig: Allow setting default emoji font
2019-09-01 03:58:27 -04:00
Peter Simons
fa49f7ce6b nixos/redis: drop unnecessary dependencies from systemd unit 2019-09-01 09:04:11 +02:00
Peter Simons
0808f5ad1d
Merge pull request #67768 from peti/t/redis
nixos/redis: disable transparent huge pages (TLP) before starting Redis
2019-09-01 08:49:25 +02:00
worldofpeace
fcec3ff0dc rl-1909: add note about default emoji font 2019-09-01 00:12:12 -04:00
Jan Tojnar
eafe887671 nixos/fonts.enableDefaultFonts: add Noto Emoji
These days, emoji are ubiqitous so we need to add emoji font.
2019-09-01 00:09:25 -04:00
Jan Tojnar
ee7c590b60 nixos.tests.fontconfig-default-fonts: init
Make sure the fonts.enableDefaultFonts option works.
2019-09-01 00:09:25 -04:00
Jan Tojnar
b31c7e527e nixos/fontconfig: Allow setting default emoji font
In fontconfig’s 60-generic.conf, order of preference is estabilished for emoji
font family. Because fontconfig parses the config files in lexicographic order,
appending each <prefer> from <alias> element to the family’s prefer list
(to be prepended before the family) [1], our font family defaults stored
in 52-nixos-default-fonts.conf will take precedence. That is, of course, unless
the default „weak“ binding [2] is used. Emoji family binds strongly [3],
so we need to set binding to “same” for our <alias>es to be considered before
the ones from 60-generic.conf.

By default, we will set the option to all emoji fonts supported by fontconfig,
so that emoji works for user if they have at least one emoji font installed.
If they have multiple emoji fonts installed, we will use the fontconfig’s
order of preference [4].

[1]: https://github.com/bohoomil/fontconfig-ultimate/issues/51#issuecomment-64678322
[2]: https://www.freedesktop.org/software/fontconfig/fontconfig-user.html#AEN25
[3]: cc8442dec8
[4]: c41c922018
2019-09-01 00:09:25 -04:00
Florian Klink
645de3b611
Merge pull request #67840 from flokli/systemd-sysctl-sysrq-rl
release-notes: mention restricted SysRq key combinations
2019-09-01 03:59:34 +02:00
Aaron Andersen
3ee1adcf6e
Merge pull request #67818 from xvapx/remove/crashplan
Remove/crashplan
2019-08-31 21:47:27 -04:00
Marti Serra
d3de35967a crashplan, crashplan-small-business: remove pkg and module 2019-09-01 03:25:19 +02:00
Florian Klink
e95d4c734a google-compute-config.nix: use sysctl snippets from gce
We make them available at ${gce}/sysctl.d and add them to
environments.etc, like we do with the systemd ones.
2019-09-01 02:55:28 +02:00
Florian Klink
d658dd4ce0 google-compute-config.nix: add coreutils to google-instance-setup's $PATH
It executes bin/google_set_multiqueue which will execute basename
2019-09-01 01:23:18 +02:00
Florian Klink
106a1fe265 google-compute-config: sync with upstream units
With local-fs.target part of sysinit.target
(https://github.com/NixOS/nixpkgs/pull/61321), we don't need to add it
explicitly to certain units anymore, and can change dependencies like
they are in other distros (I picked from Google's official CentOS 7
image here).

Like them, use StandardOutput=journal+console to pipe google-*.service
output to the serial console as well.
2019-08-31 22:49:29 +02:00
Florian Klink
a811437e6e google-compute-config.nix: update comment about ssh login
also move OS Login next to it, for better understandability
2019-08-31 22:49:29 +02:00
Florian Klink
bbb525d541 google-compute-config: remove amazon pv-grub comment 2019-08-31 22:49:29 +02:00
Florian Klink
c48170ac02 release-notes: mention restricted SysRq key combinations
This was missing from #66482.
2019-08-31 18:44:35 +02:00
Silvan Mosberger
478e7184f8
nixos/modules: Remove all usages of types.string
And replace them with a more appropriate type

Also fix up some minor module problems along the way
2019-08-31 18:19:00 +02:00
Frederik Rietdijk
98ef78326d Merge staging-next into staging 2019-08-31 18:07:33 +02:00
Frederik Rietdijk
69d58ee245
Merge pull request #66822 from NixOS/staging-next
Staging next
2019-08-31 18:05:43 +02:00
Aaron Andersen
58163e633b
Merge pull request #62954 from abbradar/auditd
auditd service: make more useful
2019-08-31 12:04:59 -04:00
Frederik Rietdijk
96e5474329 Merge master into staging-next 2019-08-31 18:04:31 +02:00
Silvan Mosberger
4727a40be9
Merge pull request #65283 from averelld/add-x2goserver-module
Add x2goserver module
2019-08-31 17:49:41 +02:00
Aaron Andersen
5858a3693e
Merge pull request #67758 from etu/init-usbtop
usbtop: init at 1.0
2019-08-31 09:48:23 -04:00
Samuel Leathers
4b515cf6ef
Merge remote-tracking branch 'upstream/master' into staging-next
* upstream/master:
  vimPlugins: update (#67823)
  mattermost-desktop: 4.2.0 -> 4.2.3 (#67717)
  lightspark: init at 0.8.1 (#67425)
  anki: 2.1.11 -> 2.1.14 (#67738)
  nixos/{namecoind,bitcoind}: removing the altcoin prefix
  rust-cbindgen: 0.8.7 -> 0.9.0
2019-08-31 06:53:44 -04:00
Marek Mahut
3059cd038c
Merge pull request #67777 from mmahut/altcoins
nixos/{namecoind,bitcoind}: removing the altcoin prefix
2019-08-31 10:33:44 +02:00
Marek Mahut
74d7ce4248 nixos/{namecoind,bitcoind}: removing the altcoin prefix 2019-08-31 10:15:03 +02:00
Frederik Rietdijk
ad1d58c622 Merge staging-next into staging 2019-08-31 10:04:20 +02:00
Frederik Rietdijk
fc74ba8291 Merge master into staging-next 2019-08-31 09:50:38 +02:00
aszlig
d7c7fc4603 nixos/tests/systemd: Fix x-initrd-mount flakiness (#67798)
It turns out that checking for the last mount time of an ext4 file
system isn't a very reliable way to check whether the file system was
properly unmounted.

When creating that test in the first place (88530e02b6),
I was reluctant to inspect the file system when the VM is down and was
searching for a way to check for a clean unmount *after* the file system
was mounted again to make sure we don't need to create a 512 MB raw
image on the host.

Fortunately however, when converting from qcow2, qemu-img actually
writes a sparse file, so for most file systems (that is, file systems
supporting sparse files) this shouldn't waste a lot of disk space.

So when investigating the flakiness, I found that whenever the test is
failing, the unmount of /test-x-initrd-mount was done *before* the final
step during which systemd remounts+unmounts all the remaining file
systems.

I haven't investigated why this is the case, but the test is a
regression test for https://github.com/NixOS/nixpkgs/issues/35268, which
actually didn't unmount the file system *at* *all*, so really all we
need to take care here is whether the unmount has happened and not
*how*.

To make sure that checking the filesystem state is enough for this, I
temporarily replaced the $machine->shutdown call with $machine->crash
and verified that the file system state is "not clean".

Signed-off-by: aszlig <aszlig@nix.build>
Fixes: https://github.com/NixOS/nixpkgs/issues/67555
2019-08-31 00:30:50 -04:00
Florian Klink
4e586dea50
Merge pull request #63773 from flokli/installation-device-fixes
installation-device.nix: explain sshd usage, don't include clone-config
2019-08-31 02:59:23 +02:00
worldofpeace
7820be7a8f nixos/gnome3: additions to core-shell
Adds:

- gnome-color-manager
- services.avahi
  It appears that GeoClue requires its daemon and IIRC has
  been default enabled in other distros for a while.
- orca
  It's the default screen-reader.
2019-08-30 20:42:01 -04:00
worldofpeace
dcbad82b28 nixos/gnome3: cleanup core-utilities
core-utilities is meant to be the base utilities for a GNOME system.

The following are removed and the gnome3 module will no longer include:
- accerciser
- gnome-nettool
- gnome-power-manager
- gucharmap
- nautilus-sendto
  See https://gitlab.gnome.org/GNOME/gnome-build-meta/merge_requests/246
- gnome-usage
- vinagre
- gnome-documents
  See https://gitlab.gnome.org/GNOME/gnome-build-meta/merge_requests/157
- dconf-editor
- gnome-todo
- gnome-tweaks
- evolution

The following were added:
- cheese
- geary
2019-08-30 20:42:01 -04:00
worldofpeace
90319d5e33 nixos/seahorse: move to programs 2019-08-30 20:42:01 -04:00
worldofpeace
0d220e4ed6 nixos/fontconfig-penultimate: disable by default
It currently lacks an emoji font-family which means it has to be
disabled for them to function [0].  Additionally it's fallen out of
necessity to ship custom font rendering settings (as far as I'm aware
of).

[0]: https://github.com/NixOS/nixpkgs/pull/67215
2019-08-30 19:50:30 -04:00
Evan Stoll
e9b167bef4 nixos/hardware/openrazer: init at 2.6.0 2019-08-30 17:22:53 -04:00
edef
722940fcdc nixos/release-notes: fix indentation 2019-08-30 19:32:25 +00:00
edef
e6c35cd704 nixos/release-notes: fix indentation 2019-08-30 19:25:55 +00:00
Averell Dalton
f0d23b6343 x2goserver: add module 2019-08-30 19:54:12 +02:00
Eric Wolf
edf538f7b9 yubico-pam: make local authentication possible
using challenge response

see https://developers.yubico.com/yubico-pam/Authentication_Using_Challenge-Response.html
2019-08-30 19:33:08 +02:00
Elis Hirwing
aacf9235d8
nixos/usbtop: Add module to install usbtop and to enable kernel module 2019-08-30 18:54:33 +02:00
Peter Simons
eedf3dc6e2 nixos/mailman: decouple the mailman module from the postfix module
https://github.com/NixOS/nixpkgs/pull/67708#discussion_r319579987 suggested
that simply appending the necessary maps to the appropriate attributes in
services.postfix.config gets the job done; we don't special support in the
postfix module to accomplish that.
2019-08-30 18:44:47 +02:00
adisbladis
f7b5be81a8
Merge pull request #66301 from adisbladis/emacspackages-deprecated-drop
emacs-packages: Drop deprecated package sets
2019-08-30 17:18:20 +01:00
Peter Simons
afd448a9fa nixos/redis: disable transparent huge pages (TLP) before starting Redis 2019-08-30 18:10:06 +02:00
Peter Simons
6b87772ca4 nixos/mailman: don't reserve a static uid in the system
Any system uid will do, so we let the system allocate
one for us. The 'mailman' group is gone entirely since
we don't need it. Users who wish to run the 'mailman'
administration utility can do so via 'sudo':

    $ sudo -u mailman mailman info

Also, simplify the syntax of our user.users entry to
rely on an attribute set rather than a list.
2019-08-30 18:00:36 +02:00
worldofpeace
da456aff25
Merge pull request #67702 from mweinelt/pr/fwupd-cfg.package
nixos/fwupd: add package option
2019-08-30 11:54:42 -04:00
adisbladis
41d1b8fa88
emacsPackages: Drop old emacsPackages (non-NG) sets
These have been deprecated for a long time now and has not seen much maintenance.
2019-08-30 16:43:16 +01:00
Peter Simons
28dee92fff nixos/redis: move 'redis_init.service' into the preStart hook of 'redis.service' 2019-08-30 15:39:50 +02:00
Peter Simons
5a81797119 nixos/mailman: cosmetic 2019-08-30 15:38:43 +02:00
Peter Simons
4eaf714454
Merge pull request #67708 from peti/t/mailman
NixOS module for GNU Mailman Core
2019-08-30 10:27:40 +02:00
worldofpeace
2f7d0993b7
Merge pull request #67363 from worldofpeace/dbus-datadir
dbus: don't make datadir /etc, set runstatedir to /run
2019-08-29 19:46:51 -04:00
Matthew Bauer
c2ef4fd2ba
Merge pull request #67728 from kisik21/bash-module-emacs-eterm-remote-prompt-fix
nixos/bash: Improve Emacs detection for PS1
2019-08-29 18:01:27 -04:00
Vika
844200a06f
nixos/bash: Improve Emacs detection for PS1
That's one of my itches - when I'm sshing from Emacs' term to a NixOS
machine, it doesn't detect that I'm running emacs and showing a title
escape sequence. This commit fixes it, checking against $TERM to
prevent this from ever bothering anyone again.
2019-08-30 00:28:57 +03:00
Martin Weinelt
af1c07b679 nixos/fwupd: add package option 2019-08-29 20:45:22 +02:00
Peter Simons
c1c1ce7221 mailman: add NixOS module to install and deploy the mailing list server 2019-08-29 20:29:35 +02:00
Peter Simons
19a1e15501 rl-1909.xml: fix XML syntax error that broke the NixOS manual 2019-08-29 20:29:19 +02:00
Arian van Putten
604b7c139f Fix letsencrypt (#60219)
* nixos/acme: Fix ordering of cert requests

When subsequent certificates would be added, they would
not wake up nginx correctly due to target units only being triggered
once. We now added more fine-grained systemd dependencies to make sure
nginx always is aware of new certificates and doesn't restart too early
resulting in a crash.

Furthermore, the acme module has been refactored. Mostly to get
rid of the deprecated PermissionStartOnly systemd options which were
deprecated. Below is a summary of changes made.

* Use SERVICE_RESULT to determine status
This was added in systemd v232. we don't have to keep track
of the EXITCODE ourselves anymore.

* Add regression test for requesting mutliple domains

* Deprecate 'directory' option
We now use systemd's StateDirectory option to manage
create and permissions of the acme state directory.

* The webroot is created using a systemd.tmpfiles.rules rule
instead of the preStart script.

* Depend on certs directly

By getting rid of the target units, we make sure ordering
is correct in the case that you add new certs after already
having deployed some.

Reason it broke before:  acme-certificates.target would
be in active state, and if you then add a new cert, it
would still be active and hence nginx would restart
without even requesting a new cert. Not good!  We
make the dependencies more fine-grained now. this should fix that

* Remove activationDelay option

It complicated the code a lot, and is rather arbitrary. What if
your activation script takes more than activationDelay seconds?

Instead, one should use systemd dependencies to make sure some
action happens before setting the certificate live.

e.g. If you want to wait until your cert is published in DNS DANE /
TLSA, you could create a unit that blocks until it appears in DNS:

```
RequiredBy=acme-${cert}.service
After=acme-${cert}.service
ExecStart=publish-wait-for-dns-script
```
2019-08-29 16:32:59 +02:00
Florian Klink
132a8382b0
Merge pull request #66922 from davidak/netdata_enableCgroupAccounting
netdata: enable cgroup accounting
2019-08-29 11:56:57 +02:00
Jaka Hudoklin
8d1510abfb
Merge pull request #67606 from endocrimes/r-vault-1.2.2
vault: 1.0.2 -> 1.2.2
2019-08-29 07:07:09 +00:00
Pascal Bach
02ed974bba nixos/gitlab-runner: add missing HOME to environment (#67450)
Gitlab runner fails to start if HOME is not set.
2019-08-28 20:27:28 +00:00
worldofpeace
b49a76566d
Merge pull request #67626 from worldofpeace/xfce4-14-doc
rl-1909: add note about Xfce 4.14
2019-08-28 13:54:16 -04:00
Danielle Lancashire
4b99f9ba0b
vault: add raft backend to vault service 2019-08-28 18:42:18 +02:00
Silvan Mosberger
6233291d95
Merge pull request #64738 from rnhmjoj/magnetico
magnetico: init package and service
2019-08-28 18:39:21 +02:00
Silvan Mosberger
fb7611a496
Merge pull request #65661 from davidak/containers
nixos-containers: add TimeoutStartSec option
2019-08-28 18:37:30 +02:00
Matthew Bauer
b8f9e09ad1
Merge pull request #67260 from pstch/fix/xsession-allow-session-choice
nixos/x11: provide selected session to custom session
2019-08-28 11:07:19 -04:00
Hugo Geoffroy
a23798e478 nixos/x11: provide selected session to custom session
The custom session script is always executed (when it exists). This change
passes the selected session script and select session name to the custom session
script, so that it can defer to the selected session script based on the value
of the selected session name.
2019-08-28 16:58:12 +02:00
worldofpeace
722746c056 rl-1909: add note about Xfce 4.14 2019-08-28 09:57:01 -04:00
davidak
eba686ddfa nixos-containers: add TimeoutStartSec option
Default is now 1m instead of global default of 15sec. It is also
configurable.

Fixes issue where start of many containers (40+) fail
https://github.com/NixOS/nixpkgs/issues/65001
2019-08-28 14:54:51 +02:00
rnhmjoj
ea40c66bf5
nixos/magnetico: add test 2019-08-28 14:19:24 +02:00
rnhmjoj
182830f542
nixos/magnetico: init service 2019-08-28 14:19:24 +02:00
volth
08f68313a4 treewide: remove redundant rec 2019-08-28 11:07:32 +00:00
Linus Heckemann
5e2f89bbce
Merge pull request #67394 from Ma27/drop-keys.target-dependency
nixos/treewide: drop dependencies to `keys.target`
2019-08-28 12:01:22 +02:00
Peter Hoeg
73701a7a05
Merge pull request #67487 from dasJ/suspend-then-hibernate
nixos/systemd: Add suspend-then-hibernate units
2019-08-28 17:29:17 +08:00
Frederik Rietdijk
5061fe0c2c Merge staging-next into staging 2019-08-28 08:26:42 +02:00
worldofpeace
27a4afefbe
Merge pull request #66859 from worldofpeace/xfce4-14-module
nixos/xfce4-14: init
2019-08-27 22:37:03 -04:00
Peter Hoeg
33bf2acc5e nixos/darkhttpd: fix package reference 2019-08-28 09:04:58 +08:00
Eelco Dolstra
35c1c170d7 nix.conf: Set sandbox-fallback = false
For security, we don't want the sandbox to be disabled silently.
2019-08-27 21:17:20 +02:00
worldofpeace
156f335161
Merge pull request #67549 from worldofpeace/gnome-control-center/fix-sharing
Fix sharing in gnome-control-center
2019-08-27 14:28:15 -04:00
Maximilian Bosch
56a7bc05e1
nixos/treewide: drop dependencies to keys.target
The `keys.target` is used to indicate whether all NixOps keys were
successfully uploaded on an unattended reboot. However this can cause
startup issues e.g. with NixOS containers (see #67265) and can block
boots even though this might not be needed (e.g. with a dovecot2
instance running that doesn't need any of the NixOps keys).

As described in the NixOps manual[1], dependencies to keys should be
defined like this now:

``` nix
{
  systemd.services.myservice = {
    after = [ "secret-key.service" ];
    wants = [ "secret-key.service" ];
  };
}
```

However I'd leave the issue open until it's discussed whether or not to
keep `keys.target` in `nixpkgs`.

[1] https://nixos.org/nixops/manual/#idm140737322342384
2019-08-27 18:55:55 +02:00
Matthew Bauer
4081bec5ac
zsh: remove unfunction on TERM=dumb
Unfortunately this gives an error when precmd or preexec exists. Removing to avoid that.
2019-08-27 11:00:58 -04:00
Frederik Rietdijk
98640fd482 Merge master into staging-next 2019-08-27 16:36:47 +02:00
Marek Mahut
b40ee82685
Merge pull request #67556 from mmahut/matomo
nixos/matomo: fixing the configuration path
2019-08-27 16:13:34 +02:00
rnhmjoj
05ddde928d
nixos/dnschain: disable DNSSEC for namecoin TLDs 2019-08-27 14:42:06 +02:00
Silvan Mosberger
210756a450
nixos/pdns-recursor: implement a settings option (#67251)
nixos/pdns-recursor: implement a `settings` option
2019-08-27 14:34:32 +02:00
Marek Mahut
3a9d17ef04 nixos/matomo: fixing the configuration path 2019-08-27 11:44:34 +02:00
Florian Klink
9a02d9c75e
Merge pull request #66984 from flokli/systemd-cgroup-accounting
nixos/systemd: enable systemd cgroup accounting by default
2019-08-27 11:38:28 +02:00
worldofpeace
8a24bc2e08 nixos/gnome-user-share: cleanup
* No sessionPath!

* add to systemd.packages
  This is for the gnome-user-share-webdav.service.

* Update option description
2019-08-27 03:07:57 -04:00
Aaron Andersen
87fdc06a97
Merge pull request #63634 from aanderse/moodle
moodle: init at 3.7.1
2019-08-26 21:12:44 -04:00
volth
35d68ef143 treewide: remove redundant quotes 2019-08-26 21:40:19 +00:00
Matthew Bauer
ed87d12187
Merge pull request #67476 from matthewbauer/fix-66745
nixos/update-users-groups.pl: chomp hashedPassword
2019-08-26 15:54:13 -04:00
rnhmjoj
d5f098a96c
nixos/doc: mention extraConfig -> settings change in pdns-recursor 2019-08-26 17:47:25 +02:00
rnhmjoj
0e0a533d9a
nixos/pdns-recursor: add luaConfig option 2019-08-26 17:46:04 +02:00
rnhmjoj
92d956267a
nixos/pdns-recursor: implement a settings option 2019-08-26 17:46:03 +02:00
Peter Simons
95c021393f mailman: reserve uid & gid in NixOS 2019-08-26 16:17:39 +02:00
Peter Hoeg
c876affce0 nixos darkhttpd: module to enable darkhttpd 2019-08-26 19:57:49 +08:00
worldofpeace
450a180542
Merge pull request #67466 from worldofpeace/gnome3-defaults-cleanup
nixos/gnome3: split up
2019-08-26 05:56:38 -04:00
worldofpeace
70e506cf7c nixos/gnome3: split out gnome-flashback 2019-08-26 05:36:11 -04:00
worldofpeace
fca8d35531 nixos/gnome3: split up
This introduces the following options under the services.gnome3 namespace:

* core-os-services.enable
* core-shell.enable
* core-utilities.enable
* games.enable

The first three are all default enabled by gnome3.enable
and their purpose is to make gnome3 more flexable for users
usecases. In the case of core-utilities and games, it allows
users to easily switch on the default gnome3 applications
and games packages. Previously we had lists in gnome-3/default.nix
but they weren't visible to the user. By having options we have
generated documentation and an interface.
2019-08-26 05:19:05 -04:00
Janne Heß
c8e863e25e nixos/systemd: Add suspend-then-hibernate units
Pretty useful for laptops. I use them with:

```
services.logind.lidSwitch = "suspend-then-hibernate";
environment.etc."systemd/sleep.conf".text = "HibernateDelaySec=8h";
```
2019-08-26 11:04:10 +02:00
Peter Hoeg
f729a79eae
Merge pull request #62974 from peterhoeg/f/zmtrigger
zoneminder: add perlPackages.DeviceSerialPort for zmtrigger.pl
2019-08-26 14:47:32 +08:00
Peter Hoeg
574ec28ef1 nixos/zoneminder: open telnet port for remote admin 2019-08-26 14:47:00 +08:00
Matthew Bauer
fc565c1b9d nixos/update-users-groups.pl: chomp hashedPassword
We don’t want any trailing whitespace, otherwise we mess up the
formating of the shadow file. Some things like readFile may have the
trailing new line.

Fixes #66745
2019-08-25 23:42:31 -04:00
worldofpeace
ae3fc3a688 nixos/pantheon: fix launching nm-applet components
For some reason nm-applet has to be running for an authentication
dialog to be spawned by wingpanel-indicator-network.

This also fixes storing NetworkManager secrets in the keyring, but this
is still broken because we lack the proper PAM configuration.
2019-08-25 22:23:54 -04:00
Marek Mahut
81fe072a8f nixos/unifi: restarting on failure (#67456) 2019-08-25 18:22:03 -06:00
Florian Klink
6b075ddc8f nixos/systemd: add cgroup accounting test 2019-08-25 22:26:12 +02:00
Florian Klink
0fb17141fb nixos/systemd: enable cgroup accounting by default
If this is the default for OpenShift already, we probably can enable it
as well.

see https://github.com/openshift/machine-config-operator/pull/581
2019-08-25 22:26:12 +02:00
Florian Klink
f3a18d4562 nixos/systemd: add new Default{BlockIO,IP}Accounting settings 2019-08-25 22:25:19 +02:00
Florian Klink
f34f38ef1c nixos/systemd: honor default enableCgroupAccounting settings
systemd defaults DefaultMemoryAccounting and DefaultTasksAccounting to
yes, so no need to enable explicitly
2019-08-25 22:25:19 +02:00
Marek Mahut
18dfe1a3f5
Merge pull request #67449 from mmahut/jormungandr
nixos/jormungandr: adding genesis tests
2019-08-25 19:54:03 +02:00
Marek Mahut
4ca0df1539
Merge pull request #67444 from dasJ/fix-memcached-privateusers
nixos/memcached: Remove PrivateUsers
2019-08-25 19:18:26 +02:00
Marek Mahut
1a6d3f5bc2 nixos/jormungandr: adding genesis tests 2019-08-25 18:33:13 +02:00
Marek Mahut
f6ced211e6 nixos/jormungandr: changing the port to match upstream 2019-08-25 18:33:13 +02:00
Aaron Andersen
5b8c2295b0
Merge pull request #67393 from c0deaddict/feature/transmission-user-configurable
nixos/transmission: make user configurable
2019-08-25 10:47:40 -04:00
Janne Heß
cabab90ad2 nixos/memcached: Remove PrivateUsers
Seems to break systems using the hardened profile.
Ref #62936
cc @Izorkin
2019-08-25 16:34:06 +02:00
Vladimír Čunát
985d1ac425
Merge branch 'master' into staging-next
There were several more conflicts from name -> pname+version;
all auto-solved by kdiff3, hopefully OK.

Hydra nixpkgs: ?compare=1538611
2019-08-25 14:57:11 +02:00
Marek Mahut
9ffc980ef7
Merge pull request #67391 from avnik/drop-rmilter
rmilter: remove deprecated package (and module)
2019-08-25 14:24:06 +02:00
Aaron Andersen
3bd03d2c0a nixos/moodle: init service 2019-08-25 08:12:28 -04:00
Jos van Bakel
c3e93d5ad4
nixos/transmission: make user configurable 2019-08-25 13:19:48 +02:00
Daniel Schaefer
b4044a3f2a networkmanager: Allow NetworkManager and wireless together
When NetworkManager is configured to not manage all interfaces, it's
perfectly fine to have the rest be managed by the standard nixos
wireless scripts.

I use
  networking.networkmanager.unmanaged = [
    "*" "except:type:wwan" "except:type:gsm"
  ];
to control everything using networking.wireless except for the mobile
LTE modem which only works with NetworkManager.
2019-08-25 12:00:31 +02:00
worldofpeace
e075227b00
Merge pull request #67407 from jtojnar/gnome-bg
nixos/gnome3: fix default background setting
2019-08-24 18:33:41 -04:00
Jan Tojnar
305cb5c6f3
nixos/gnome3: fix default background setting
Fix the following error when opening Background panel in GNOME Settings:

    URI '/nix/store/…-simple-dark-gray-2016-02-19/share/artwork/gnome/nix-wallpaper-simple-dark-gray.png' is invalid
2019-08-24 22:10:01 +02:00
Marek Mahut
8a41fcb552
Merge pull request #67409 from duhirsch/module/gpg/addToSystemPackages
nixos/gnupg: Add gpg to systemPackages
2019-08-24 22:09:02 +02:00
Jan Tojnar
edcecfee00
Merge pull request #67358 from jtojnar/ofono-progress
nixos/ofono: various improvements
2019-08-24 21:37:42 +02:00
Daniel Hirschberger
9a6adc1619 nixos/gnupg: Add gpg to systemPackages 2019-08-24 21:30:49 +02:00
worldofpeace
53a7d67344 nixos/doc: document share/dbus-1/*.d 2019-08-24 15:07:44 -04:00
Jan Tojnar
d90aa7dc62
Merge pull request #67389 from jtojnar/xdg-user-dirs
Allow changing xdg-user-dirs with environment.etc
2019-08-24 19:22:45 +02:00
worldofpeace
d9cf3ee80f
Merge pull request #67351 from worldofpeace/fix-vte-prompt-command
nixos/vte: ensure bash vte snippet appears first
2019-08-24 11:40:34 -04:00
Alexander V. Nikolaev
885511cb5c rmilter: remove deprecated package (and module) 2019-08-24 17:33:48 +03:00
Jan Tojnar
48426833c8
nixos/environment: prepend /etc/xdg to XDG_CONFIG_DIRS
Previously, we were only adding profile-relative paths to XDG_CONFIG_DIRS
variable. That required very ugly hacks like
https://github.com/NixOS/nixpkgs/issues/33282#issuecomment-524550842
to be able to configure XDG stuff.

Now, we are prepending the variable with /etc/xdg, allowing us to
simply use `environment.etc."xdg/…"` options.
2019-08-24 16:01:01 +02:00
Samuel Leathers
5f06052e75
Merge pull request #31064 from disassembler/release-manager-docs
nixos docs: add release manager section
2019-08-24 09:42:02 -04:00
Aaron Andersen
825d023c8a
Merge pull request #65706 from aanderse/phpfpm
nixos/phpfpm: module cleanup
2019-08-24 08:25:24 -04:00
Marek Mahut
b8b35816c3
Merge pull request #67356 from alexbakker/libvirt-onboot
libvirtd: add onBoot option
2019-08-24 11:59:07 +02:00
Vladimír Čunát
2e6bf42a22
Merge branch 'master' into staging-next
There ver very many conflicts, basically all due to
name -> pname+version.  Fortunately, almost everything was auto-resolved
by kdiff3, and for now I just fixed up a couple evaluation problems,
as verified by the tarball job.  There might be some fallback to these
conflicts, but I believe it should be minimal.

Hydra nixpkgs: ?compare=1538299
2019-08-24 08:55:37 +02:00
Matthew Bauer
1329703616
Merge pull request #67225 from matthewbauer/tramp-zshrc-fix
nixos/zsh: Fix tramp support
2019-08-23 15:14:46 -04:00
Jan Tojnar
5db762126c
nixos/ofono: allow adding 3rd party plug-ins 2019-08-23 19:50:53 +02:00
Jan Tojnar
f66613b3b6
nixos/ofono: add module 2019-08-23 19:50:53 +02:00
Jan Tojnar
a8d3aebdce
Merge pull request #67318 from jtojnar/gnome-photos
gnome-photos: 3.32.0 → 3.32.1
2019-08-23 19:49:43 +02:00
Jan Tojnar
c6eb691fb8
gnome-photos: add installed tests 2019-08-23 19:31:14 +02:00
Alexander Bakker
d20022018e libvirtd: add onBoot option
This adds a new ``onBoot`` option that allows specifying the action taken on
guests when the host boots. Specifying "start" ensures all guests that were
running prior to shutdown are started, regardless of their autostart settings.
Specifying "ignore" will make libvirtd ignore such guests. Any guest marked as
autostart will still be automatically started by libvirtd.
2019-08-23 17:52:12 +02:00
Linus Heckemann
d1d602f559 Merge remote-tracking branch 'origin/master' into openssl-1.1 2019-08-23 17:27:39 +02:00
Sarah Brofeldt
3a64303a20
Merge pull request #63539 from ivan/usbguard-nox
usbguard-nox: init at 0.7.4
2019-08-23 16:25:13 +02:00
worldofpeace
9d5f1eb581 nixos/vte: ensure bash vte snippet appears first
Fixes #67312
2019-08-23 10:11:48 -04:00
Samuel Leathers
bb1b96373b
nixos docs: add release manager section 2019-08-23 10:10:12 -04:00
Aaron Andersen
400c6aac71 nixos/phpfpm: deprecate extraConfig options in favor of settings options 2019-08-23 07:56:27 -04:00
Aaron Andersen
d2db3a338c nixos/phpfpm: Use systemd's RuntimeDirectory 2019-08-23 07:56:27 -04:00
Aaron Andersen
a30a1e2795 nixos/phpfpm: add user and group option to each pool 2019-08-23 07:56:27 -04:00
Aaron Andersen
62b774a700 nixos/phpfpm: add socket option to replace the listen option 2019-08-23 07:56:21 -04:00
Aaron Andersen
2b5f663015 nixos/phpfpm: merge pool-options.nix into default.nix 2019-08-23 07:54:51 -04:00
Aaron Andersen
0ce8317c46 nixos/phpfpm: deprecate poolConfigs option 2019-08-23 07:54:51 -04:00
Lassulus
8b12bfcb83
Merge pull request #66215 from ajs124/ejabberd/19.08
ejabberd: 19.05 -> 19.08
2019-08-23 13:27:55 +02:00
Marek Mahut
882e5b0e05
Merge pull request #67213 from mmahut/jormungandr
nixos: adding jormungandr service
2019-08-23 11:07:49 +02:00
Marek Mahut
4aef2212ee
Revert "nixos/containers: add unprivileged option" 2019-08-23 08:24:06 +02:00
Marek Mahut
27acea73b8
Merge pull request #67130 from uvNikita/containers/unprivileged
nixos/containers: add unprivileged option
2019-08-23 08:00:35 +02:00
Jan Tojnar
b8ba71d633
tracker-miners: move from gnome3 2019-08-23 02:55:42 +02:00
Jan Tojnar
4919db9cbb
tracker: move from gnome3 2019-08-23 02:53:43 +02:00
Jan Tojnar
fac090c8dd
gnome-online-accounts: move from gnome3 2019-08-23 02:47:21 +02:00
Jan Tojnar
91b46353a5
Merge pull request #67308 from jtojnar/libxmlb-0.1.11
libxmlb: 0.1.10 → 0.1.11
2019-08-23 02:06:41 +02:00
Robin Gloster
c7e75df21f
Merge remote-tracking branch 'upstream/master' into openssl-1.1 2019-08-23 02:00:31 +02:00
Jan Tojnar
93f4d6f6ae
nixos/tests/libxmlb: init 2019-08-23 01:34:48 +02:00
Marek Mahut
f4ca6e3dd1
Merge pull request #66722 from mmahut/trezord-emulator
trezord: adding emulator support (plus test)
2019-08-22 23:25:18 +02:00
Marek Mahut
8d0776be66 nixos/tests: adding jormungandr service test 2019-08-22 07:10:16 +02:00
Marek Mahut
ddc0521ebf nixos: adding jormungandr service 2019-08-22 07:10:16 +02:00
worldofpeace
fd7d31b50e nixosTests.xfce4-14: init
This is pretty much identical to the xfce test we currently have.
2019-08-21 22:04:29 -04:00
worldofpeace
ae1cb0bdf9 nixos/xfce4-14: init 2019-08-21 21:51:00 -04:00
Matthew Bauer
ac773d1607 nixos/zsh: Fix tramp support
For a long time, TRAMP has not worked with ZSH NixOS servers. I
thought I fixed this in 0740f57e63af61694d14796286cb9204, but now
realize that was only half the problem. For TRAMP to start working
again ‘unsetopt zle’ was needed, otherwise the connection would hang.
In addition, I have a few more settings added that can apparenty
interfere with these settings.
2019-08-21 21:24:45 -04:00
Robin Gloster
948b3e34a5
squid: remove v3, default to v4 2019-08-22 00:39:52 +02:00
worldofpeace
1156146e74 nixos/mate: enable vte integration
Default terminal is mate-terminal which uses vte.
2019-08-21 17:20:49 -04:00
worldofpeace
034eb3b3cd nixos/pantheon: enable vte integration
Default terminal is elementary-terminal which uses vte.
2019-08-21 17:20:49 -04:00
worldofpeace
4ba10fbbfd
Merge pull request #66990 from worldofpeace/gnome-vte-config
nixos/gnome-terminal: init
2019-08-21 16:17:05 -04:00
worldofpeace
4a46140d29 nixos/gnome-terminal: init
This module obsoletes services.gnome3.gnome-terminal-server
as that's a confusing option for users, and sounds internal.
It's much simpler to have a gnome-terminal module.
2019-08-21 16:16:04 -04:00
worldofpeace
79dd78b911 nixos/vte: init
This module correctly includes the vte.sh script
required for vte terminals like gnome-terminal to show the
CWD in the window title and preserved across instances.

This is achieved with the options:
* programs.bash.vteIntegration
* programs.zsh.vteIntegration

as it's best to keep this configuration unguarded by gnome3.enable
to support other vte terminals (such as elementary-terminal).
Note the distinction between Zsh and Bash doesn't include
a different script, as this script only supports those two shells.
2019-08-21 16:16:04 -04:00
Sarah Brofeldt
f20fbeedcf
Merge pull request #67179 from uvNikita/containers/fix-imperative
nixos/containers: fix imperative containers
2019-08-21 21:04:52 +02:00
Nikita Uvarov
578d712af4
nixos/containers: fix imperative containers
Fixes #67174.
2019-08-21 20:48:27 +02:00
Jan Tojnar
d736138b00
Merge pull request #67071 from jtojnar/fontconfig-harmonization
nixos/fontconfig: harmonize with penultimate
2019-08-21 17:44:30 +02:00
Danylo Hlynskyi
855be67358
nginx: expose generated config and allow nginx reloads (#57429)
* nginx: expose generated config and allow nginx reloads

Fixes: https://github.com/NixOS/nixpkgs/issues/15906
Another try was done, but not yet merged in https://github.com/NixOS/nixpkgs/pull/24476

This add 2 new features: ability to review generated Nginx config
(and NixOS has sophisticated generation!) and reloading
of nginx on config changes. This preserves nginx restart on package
updates.

I've modified nginx test to use this new feature and check reload/restart
behavior.

* rename to enableReload

* add sleep(1) in ETag test (race condition) and rewrite rebuild-switch using `nesting.clone`
2019-08-21 16:52:46 +03:00
Florian Klink
9f237fe444
Merge pull request #45392 from dguibert/dg/wireguard
nixos/wireguard: setup interface with systemd-networkd
2019-08-21 15:48:05 +02:00
Robin Gloster
f4fc845e5b
Merge remote-tracking branch 'upstream/master' into openssl-1.1 2019-08-21 14:25:13 +02:00
Félix Baylac-Jacqué
0528816570 systemd-networkd: add tests
(cherry picked from commit ec073e41a0)
2019-08-21 11:11:28 +02:00
David Guibert
7fd91a898b systemd-networkd: add support for wireguard netdev. 2019-08-21 11:11:24 +02:00
Aaron Andersen
249b4ad942
Merge pull request #66492 from aanderse/extra-subservice-cleanup
nixos/httpd: extraSubservices cleanup
2019-08-20 18:55:08 -04:00
Nikita Uvarov
7e7fc6471e
nixos/containers: add unprivileged option
Fixes #57083.
2019-08-21 00:01:29 +02:00
Marek Mahut
5dcc65a25b
Merge pull request #67109 from 1000101/master
trezord: add docs
2019-08-20 22:12:16 +02:00
Jan Hrnko
8033c66389 trezord: add docs 2019-08-20 21:09:32 +02:00
Matthew Bauer
1ab1e11257
Merge pull request #66992 from oxij/nixos/fix-zsh-prompt
nixos: zsh: setopt prompt_sp to workaround a zsh bug
2019-08-20 13:20:30 -04:00
worldofpeace
f9d58edf07 nixos/pantheon: use qt5 module for adwaita-qt 2019-08-20 12:53:00 -04:00
worldofpeace
fd7fa0aa5d
Merge pull request #66392 from worldofpeace/qt-theme/module
nixos/qt5: init
2019-08-20 12:44:28 -04:00
worldofpeace
1d0d69a214 nixos/qt5: init
This moduule has the following options:
* platformTheme
* style

This allows us to configure the Qt5 theme engine and style.
2019-08-20 12:24:55 -04:00
Silvan Mosberger
dc0d945bdf
Merge pull request #66291 from reanimus/roon-no-dynamic
roon-server: disable DynamicUser
2019-08-20 18:12:36 +02:00
Jan Tojnar
67367587eb
nixos/fontconfig: harmonize comments 2019-08-20 13:59:28 +02:00
Jan Tojnar
e7dc9d0b90
nixos/fontconfig: harmonize file names 2019-08-20 13:57:46 +02:00
Jan Tojnar
0d4fc97686
nixos/fontconfig: harmonize folder variables 2019-08-20 13:56:00 +02:00
Jan Tojnar
be2cf1f093
nixos/fontconfig: harmonize indentation 2019-08-20 13:54:18 +02:00
Jan Tojnar
1a3f604de3
nixos/fontconfig-penultimate: reorder
to be more in line with fontconfig.nix
2019-08-20 13:50:52 +02:00
ajs124
9a0e820f5d nixos/ejabberd: fix test for new release 2019-08-20 11:09:40 +02:00
Matthieu Coudron
0f32b32c95
Merge pull request #63150 from Izorkin/prosody-test
nixos/tests/prosody: update prosody tests
2019-08-20 17:52:58 +09:00
Michael Raskin
0cbeac4f66
Merge pull request #66736 from markuskowa/upd-gluster
glusterfs: 4.0 -> 6.5
2019-08-20 08:08:57 +00:00
Izorkin
89c69bfb79 prosody: fix work after update luadbi packages 2019-08-20 10:24:49 +03:00
Izorkin
bb4816d41c nixos/tests/prosodyMysql: add check work prosody with MySQL database 2019-08-20 10:24:49 +03:00
Izorkin
e328ea9c11 nixos/tests/prosody: checking work prosody through local network 2019-08-20 10:24:48 +03:00
Izorkin
691da63cba nixos/tests: move ejabberd and prosody test to xmpp folder 2019-08-20 10:24:47 +03:00
Matthieu Coudron
3b205ad3a7
Merge pull request #58207 from teto/kernelPackages_check
boot.kernelPackages: check for conflicts
It's currently possible to set conflicting `boot.kernelPackages` several times.
Nixos now warns when this is the case instead of just picking one.
2019-08-20 14:15:51 +09:00
worldofpeace
4b90f549ee
Merge pull request #66956 from worldofpeace/cleanup-gvfs-envars
nixos/gvfs: set GIO_EXTRA_MODULES
2019-08-19 19:36:29 -04:00
worldofpeace
ffe7999f3d nixos/lxqt: use gvfs module 2019-08-19 19:03:38 -04:00
worldofpeace
5c5791c134 nixos/xfce: use gvfs module 2019-08-19 19:03:37 -04:00
worldofpeace
45eac0537d nixos/mate: don't set GiO_EXTRA_MODULES 2019-08-19 19:03:37 -04:00
worldofpeace
a686dc071c nixos/pantheon: don't set GIO_EXTRA_MODULES 2019-08-19 19:03:37 -04:00
worldofpeace
5b09814b57 nixos/gnome3: don't set GIO_EXTRA_MODULES 2019-08-19 19:03:37 -04:00
worldofpeace
4bb6625767 nixos/gvfs: set GIO_EXTRA_MODULES 2019-08-19 19:03:37 -04:00
Jan Malakhovski
065c6ed96e nixos: zsh: setopt prompt_sp to workaround a zsh bug
See #38535, properly fixing the prompt seems complicated, and this seems
to work in all the ttys I checked.

Suggested by @Mic92.
2019-08-19 22:58:13 +00:00
worldofpeace
eb127d2005 nixos/gvfs: add package option 2019-08-19 18:56:41 -04:00
worldofpeace
67ad8a788f nixos/gvfs: move out of GNOME 2019-08-19 18:53:43 -04:00
Marek Mahut
3b6258946f
Merge pull request #64407 from dasJ/icingaweb-test
nixos/icingaweb: Fix module path; Add test
2019-08-19 21:27:16 +02:00
Marek Mahut
c4592aa161
Merge pull request #63973 from apvodney/master
u9fs service: start after network.target
2019-08-19 21:11:19 +02:00
Marek Mahut
d7b3d2d0fd
Merge pull request #65995 from danderson/master
nixos/sshguard: create ipsets before starting, and clean up after stopping.
2019-08-19 21:05:42 +02:00
Marek Mahut
7c15694c29
Merge pull request #66271 from vdot0x23/patch-1
nixos/stubby: clearer wording for upstreamServers
2019-08-19 20:58:45 +02:00
Marek Mahut
7a4b296c8d
Merge pull request #66687 from joachifm/feat/hardened-nixos-revert-graphene-malloc
Revert "nixos/hardened: use graphene-hardened malloc by default"
2019-08-19 20:56:07 +02:00
Marek Mahut
94c51859df
Merge pull request #66846 from uvNikita/containers/ephemeral
nixos/containers: add 'ephemeral' option
2019-08-19 20:55:33 +02:00
Nikolay Amiantov
fca97dfebc stage-1 init: fix debug menu
* Read one char at a time, so user doesn't have to enter "i<ENTER>"
  contrary to the menu;
* Exec shell inside setsid.
2019-08-19 19:54:00 +03:00
worldofpeace
9125f51b70
Merge pull request #66860 from worldofpeace/dconf-update
nixos/dconf: cleanup
2019-08-19 11:59:06 -04:00
Florian Klink
d6eb5b068f nixos/doc/clone-config.xml: add line about installation media = installation target 2019-08-19 16:34:06 +02:00
Florian Klink
1515afe879 nixos/doc: update installation-device.nix
This got quite outdated. We now have both the nixos and root user
available for example.
2019-08-19 16:34:06 +02:00
Florian Klink
0aa5e3165c sd-image.nix: set installer.cloneConfig to false
As SD Card images are both installation media and installation target,
don't copy over a /etc/nixos/configuration.nix

Closes #63576.
2019-08-19 16:34:06 +02:00
Florian Klink
f71fd79ff0 nixos/installation-device.nix: explain sshd usage 2019-08-19 16:34:06 +02:00
Florian Klink
93a03177f2
Merge pull request #66482 from flokli/systemd-sysctl
nixos/systemd: install sysctl snippets
2019-08-19 16:32:00 +02:00
Nikita Uvarov
c740f0d400
nixos/containers: add 'ephemeral' option 2019-08-19 15:21:35 +02:00
davidak
6d4c69e640 netdata: enable cgroup accounting 2019-08-19 14:57:41 +02:00
Marek Mahut
f0d1db99db
Merge pull request #66857 from nrdxp/fix/caddy
caddy: remove 'bin' attribute
2019-08-19 13:50:14 +02:00
Nikolay Amiantov
9b30cf0cb4 nixos release notes: mention systemd.packages changes 2019-08-19 13:25:15 +03:00
worldofpeace
38c7d55d5d nixos/pantheon: use programs.dconf 2019-08-18 21:56:52 -04:00
worldofpeace
a7b5d6142f nixos/gnome3: use programs.dconf 2019-08-18 21:55:52 -04:00
worldofpeace
918b7d572f nixos/dconf: cleanup
Add dconf to systemPackages and make GIO_EXTRA_MODULES
a list so it can actually merge.
2019-08-18 21:54:00 -04:00
Timothy DeHerrera
98e6c1432e
caddy: remove 'bin' attribute 2019-08-18 18:46:21 -06:00
Silvan Mosberger
918e1e0925
nixos/cadvisor: allow passing custom arguments (#66855)
nixos/cadvisor: allow passing custom arguments
2019-08-19 02:28:38 +02:00
Aaron Andersen
8227b2f29e
Merge pull request #66399 from mmahut/metabase
metabase: service module and test
2019-08-18 19:49:05 -04:00
tilpner
944a3a0dfc
nixos/cadvisor: allow passing custom arguments 2019-08-19 01:32:01 +02:00
Sarah Brofeldt
e0cf7d6093 nixos/sd-image: Increase default firmware partition size 2019-08-18 22:55:39 +02:00
Nikolay Amiantov
79ebe562fb shadowsocks service: support dual-stack server
Enable IPv6 by default.
2019-08-18 23:07:51 +03:00
WilliButz
4835f65e95
Merge pull request #66814 from mguentner/synapse_1_3_1
matrix-synapse: 1.2.1 -> 1.3.1
2019-08-18 19:30:14 +02:00
Markus Kowalewski
6104ad00a1
nixos/glusterfs: add test 2019-08-18 18:58:00 +02:00
Eric Litak
ccf3557015 nixos/cjdns: add extraConfig option (#53502) 2019-08-18 18:47:56 +02:00
Marek Mahut
e6fb350cf6
Merge pull request #66606 from DerTim1/riemann-config
nixos/riemann-tools: Add ExtraArgs Config Option
2019-08-18 18:47:19 +02:00
Florian Klink
8e923dfe36 nixosTests.systemd: add fq_codel test 2019-08-18 17:54:26 +02:00
Florian Klink
bafc256915 nixos/systemd: remove separate coredump module 2019-08-18 17:54:26 +02:00
Florian Klink
9be0327a49 nixos/systemd: install sysctl snippets
systemd provides two sysctl snippets, 50-coredump.conf and
50-default.conf.

These enable:
 - Loose reverse path filtering
 - Source route filtering
 - `fq_codel` as a packet scheduler (this helps to fight bufferbloat)

This also configures the kernel to pass coredumps to `systemd-coredump`.
These sysctl snippets can be found in `/etc/sysctl.d/50-*.conf`,
and overridden via `boot.kernel.sysctl`
(which will place the parameters in `/etc/sysctl.d/60-nixos.conf`.

Let's start using these, like other distros already do for quite some
time, and remove those duplicate `boot.kernel.sysctl` options we
previously did set.

In the case of rp_filter (which systemd would set to 2 (loose)), make
our overrides to "1" more explicit.
2019-08-18 17:54:26 +02:00
Florian Klink
e5965bd489 nixos/sysctl: rename /etc/sysctl.d/nixos.conf -> 60-nixos.conf
sysctl.d(5) recommends prefixing all filenames in /etc/sysctl.d with a
two-digit number and a dash, to simplify the ordering of the files.

Some packages provide custom files, often with "50-" prefix.
To ensure user-supplied configuration takes precedence over the one
specified via `boot.kernel.sysctl`, prefix the file generated there with
"60-".
2019-08-18 17:54:26 +02:00
Florian Klink
368be910fc
Merge pull request #66825 from flokli/nixos-systemd-test-dup
nixosTests.systemd: remove duplicate copypasta
2019-08-18 17:54:09 +02:00
danbst
d80cd26ff9 Merge branch 'master' into flip-map-foreach 2019-08-18 18:00:25 +03:00
Danylo Hlynskyi
2b393c8913
elasticsearch: add example on how to use plugins (#55115)
See https://discourse.nixos.org/t/elastic-search-plugins/1997
2019-08-18 17:11:20 +03:00
Florian Klink
36ece762e5
Merge pull request #66621 from flokli/gitlab-12.1.6
gitlab-ce: 12.0.3 -> 12.1.6
2019-08-18 14:08:14 +02:00
Marek Mahut
d2ebcec779 tests: adding metabase service test 2019-08-18 13:44:26 +02:00
Marek Mahut
69089e990e modules: adding metabase service 2019-08-18 13:44:26 +02:00
Florian Klink
ffef31459a nixosTests.systemd: remove duplicate copypasta
It seems the regression test for #35268 sneaked in twice.
2019-08-18 13:11:51 +02:00
Frederik Rietdijk
f65aa21bb2 Merge master into staging-next 2019-08-18 12:53:44 +02:00
worldofpeace
4f3e9ca93a
Merge pull request #65291 from worldofpeace/xdg-updates
Flatpak updates
2019-08-18 04:23:54 -04:00
worldofpeace
ce0511e302 nixos/flatpak: add comment about selinux 2019-08-18 04:23:17 -04:00
worldofpeace
1728bc8d22 flatpak: 1.2.4 -> 1.4.2
* Regenerated all patches for 1.4.2 and resolved
  any conflicts.

* fix-test-paths.patch doesn't copy the whole locale archive
  because we have C.UTF8 now.

* nixos/flatpak creates a Flatpak system helper user
  Change introduced in 1.3.2.

Changes:
See https://github.com/flatpak/flatpak/releases/tag/1.3.1 through
1.4.2.
2019-08-18 04:23:17 -04:00
Maximilian Güntner
dac8fe9cee
nixos/matrix-synapse: use notify instead of simple
Starting with 1.3.0, matrix-synapse supports notifying
systemd. Relevant PR: matrix-org/synapse#5732
2019-08-18 09:41:33 +02:00
Frederik Rietdijk
295888c622
Merge pull request #66381 from NixOS/staging-next
Staging next
2019-08-18 08:54:45 +02:00
worldofpeace
5892773eb6 nixos/pantheon: adjust to renamed gnome3 options 2019-08-17 16:34:55 -04:00
Marek Mahut
caf9b8cc35
Merge pull request #66591 from aanderse/zabbix-proxy
nixos/zabbixProxy: fix database initialization logic
2019-08-17 20:55:13 +02:00
Symphorien Gibol
c3e1e64e4c remove all instances of nix-env -i without -A in the NixOS manual
motivation: https://nixos.wiki/wiki/FAQ/Why_not_use_nix-env_-i_foo%3F
2019-08-17 18:04:43 +02:00
WilliButz
ecd4d03dfe
grafana-loki: fix typo in service config 2019-08-17 12:08:51 +02:00
Frederik Rietdijk
fe9a3e3e63 Merge staging-next into staging 2019-08-17 09:39:23 +02:00
Frederik Rietdijk
c68f58d95c Merge master into staging-next 2019-08-17 09:30:16 +02:00
Samuel Dionne-Riel
b750ebf1b3
Merge pull request #60422 from kwohlfahrt/device-tree
nixos/hardware.deviceTree: new module
2019-08-16 13:26:48 -04:00
Marek Mahut
20ea4b6dd3 tests: adding trezord 2019-08-16 17:05:13 +02:00
Marek Mahut
5712bea91b trezord: adding emultor support 2019-08-16 16:58:48 +02:00
Edmund Wu
aa251bbc3e
systemd-networkd: link: Name -> OriginalName 2019-08-15 21:58:24 -04:00
Aaron Andersen
efbdce2e96 nixos/mantisbt: drop unmaintained module 2019-08-15 21:01:23 -04:00
Aaron Andersen
265163da07 nixos/systemhealth: drop unmaintained module 2019-08-15 21:01:23 -04:00
Aaron Andersen
1dcf51f8eb nixos/tests/subversion: drop unreferenced/unmaintained test 2019-08-15 21:00:27 -04:00
Aaron Andersen
d1129a5688 nixos/tests/php-pcre: replace usage of deprecated services.httpd.extraSubservices 2019-08-15 21:00:27 -04:00
Aaron Andersen
ac4327c025 nixos/awstats: replace usage of deprecated services.httpd.extraSubservices 2019-08-15 21:00:27 -04:00
Joachim Fasting
4ead3d2ec3
Revert "nixos/hardened: use graphene-hardened malloc by default"
This reverts commit 48ff4f1197.

Causes too much breakage to be enabled by default [1][2].

[1]: https://github.com/NixOS/nixpkgs/issues/61489
[2]: https://github.com/NixOS/nixpkgs/issues/65000
2019-08-15 18:49:57 +02:00
Joachim Fasting
da0b67c946
nixos-hardened: disable unprivileged userfaultfd syscalls
New in 5.2 [1]

[1]: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cefdca0a86be517bc390fc4541e3674b8e7803b0
2019-08-15 18:43:34 +02:00