Matthew Bauer
01cd4663d6
tests/printing: don’t wait for unit services
...
These are now socket activated, we don’t need it to start up front.
2019-08-14 11:47:48 -04:00
Matthew Bauer
011b12c3ca
nixos: Add release notes for CUPS changes
2019-08-14 11:47:48 -04:00
Matthew Bauer
c068488817
nixos/cupsd: use socket-based activation by default
...
Make socket-based activation the
default (services.printing.startWhenNeeded)
2019-08-14 11:47:12 -04:00
Matthew Bauer
28040465be
nixos/cupsd: include /run/cups/cups.sock in ListenStreams
...
This socket should always be created by systemd.
2019-08-14 11:47:12 -04:00
Matthew Bauer
35e633bde5
nixos/cupsd: only enable cups when startWhenNeeded = false
...
cups-browsed was pulling in cups.service even when we were using the
socket-based initialization.
2019-08-14 11:47:12 -04:00
Matthew Bauer
04ea093eb6
nixos/cupsd: Set CUPS_DATADIR globally
...
This is used by some programs that need CUPS data files. For instance,
print-manager looks here for printing test pages.
2019-08-14 11:47:12 -04:00
worldofpeace
dd49cf711e
Merge pull request #66338 from worldofpeace/installer/no-root
...
installer: Don't run as root
2019-08-14 11:20:54 -04:00
Matthew Bauer
3411c1566a
Merge pull request #66480 from primeos/nixos-fuse
...
nixos/fuse: init
2019-08-14 10:16:02 -04:00
Ben Gamari
d7d873b8cb
nixos/gitlab: Delete stale hooks directories with -R
...
These can be directories.
2019-08-14 15:29:50 +02:00
Frederik Rietdijk
8d56f2472e
Merge master into staging-next
2019-08-14 13:45:54 +02:00
WilliButz
ddf15d321f
Merge pull request #66612 from fadenb/oxidized_permission_issue
...
nixos/oxidized: Use symlinks for config files
2019-08-14 11:56:34 +02:00
Tristan Helmich (omniIT)
02dfc07a04
nixos/oxidized: Use symlinks for config files
...
The old `cp` suffers from a permission issue on the 2nd start of the
service. The files were copied from the read-only nix store. On the 2nd
start of the service the `cp` failed.
The new version force creates a symlink which does not suffer from this.
2019-08-14 09:30:51 +00:00
Tim Digel
5bbde1e1ca
nixos/riemann-tools: Add ExtraArgs Config Option
...
Added option "extraArgs" to forward any switches to riemann-tools.
2019-08-14 08:26:13 +02:00
worldofpeace
d66f89022f
Merge pull request #66593 from aaronjanse/crashdump-poll-fix
...
fix crashDump overheating
2019-08-13 19:11:26 -04:00
Aaron Janse
011fa89b92
nixos/modules/misc/crashdump: remove idle=poll ( fix #66464 )
...
Previously, "idle=poll" would severely overheat some CPUs
2019-08-13 16:08:22 -07:00
Aaron Andersen
9af06755f3
nixos/zabbixProxy: fix database initialization logic
2019-08-13 18:50:28 -04:00
Leon Schuermann
415993d6b7
nixos-enter: silent activation script option
...
Also, fix a few shellcheck errors.
2019-08-13 23:48:58 +02:00
Matthew Bauer
329e097828
Merge pull request #66425 from Gerschtli/fix/path-order
...
environment.profiles: fix order of profiles and PATH
2019-08-13 15:06:09 -04:00
Marek Mahut
cb8f4b0552
Merge pull request #65439 from aanderse/httpd-extra-modules
...
nixos/httpd: remove duplicate module entries from httpd.conf
2019-08-13 18:51:15 +02:00
Aaron Andersen
6f6468bef3
Merge pull request #65728 from Infinisil/types-eithers
...
lib/types: Add oneOf, extension of either to a list of types
2019-08-13 11:48:42 -04:00
Peter Hoeg
16bd66818a
Merge pull request #63716 from peterhoeg/f/mosquitto
...
nixos/mosquitto: make the tests run
2019-08-13 22:45:38 +08:00
WilliButz
7a29431da9
Merge pull request #66561 from Ma27/document-user-services-on-rebuild
...
nixos/doc: document that services defined with `systemd.users` aren't restarted by nixos-rebuild
2019-08-13 16:43:40 +02:00
Maximilian Bosch
551230b7f6
nixos/doc: document that services defined with systemd.users
aren't restarted by nixos-rebuild
2019-08-13 16:26:09 +02:00
WilliButz
bab5455d80
Merge pull request #62914 from Ma27/improve-nixos-rebuild-manpage
...
doc/nixos-rebuild(8): add Nix options to summary
2019-08-13 15:54:51 +02:00
Domen Kožar
0047672d58
Merge pull request #66436 from domenkozar/nixos-options-doc-nix
...
make-options-doc: expose Nix set and add asciidoc variant
2019-08-13 12:20:18 +02:00
Marek Mahut
4754ca7d2e
Merge pull request #62936 from dasJ/sandbox-memcached
...
nixos/memcached: Isolate the service
2019-08-13 08:56:34 +02:00
Marek Mahut
c78fead206
Merge pull request #63735 from Ekleog/drop-old-kernels
...
manual: remind to drop kernels that will get EOL'd
2019-08-12 23:31:00 +02:00
Jeff Slight
2ee14c34ed
nixos/gitlab: properly clear out initializers
2019-08-12 12:50:02 -07:00
worldofpeace
397c7d26fc
installer: Don't run as root
...
There's many reason why it is and is going to
continue to be difficult to do this:
1. All display-managers (excluding slim) default PAM rules
disallow root auto login.
2. We can't use wayland
3. We have to use system-wide pulseaudio
4. It could break applications in the session.
This happened to dolphin in plasma5
in the past.
This is a growing technical debt, let's just use
passwordless sudo.
2019-08-12 14:45:27 -04:00
Franz Pletz
f3160a2db6
Merge pull request #66476 from WilliButz/fix-prometheus-alertmanager-option
...
nixos/prometheus2: replace alertmanagerURL with new alertmanagers option
2019-08-12 17:59:27 +00:00
Maximilian Bosch
f0d6955052
Merge pull request #66470 from WilliButz/update-blackbox-exporter
...
prometheus-blackbox-exporter: 0.12.0 -> 0.14.0, run tests and check config
2019-08-12 19:38:43 +02:00
Silvan Mosberger
a7c7bb156f
clight: init ( #64309 )
...
clight: init
2019-08-12 18:18:05 +02:00
Graham Christensen
5d807f80c7
Merge pull request #63864 from cransom/datadog-agent-integrations-fix
...
datadog-agent: fix extraIntegrations
2019-08-12 12:15:48 -04:00
Edmund Wu
7c8ea897be
clight: include module
2019-08-12 11:56:47 -04:00
Edmund Wu
c4de0bf492
timezone.nix -> locale.nix
...
Also includes geolocation information abstracted from redshift.nix
2019-08-12 11:56:40 -04:00
Michael Weiss
62f7711e29
Fix the indentation
...
Co-Authored-By: Alexey Shmalko <rasen.dubi@gmail.com>
2019-08-12 13:37:15 +02:00
Domen Kožar
dcd50c0ea0
pkgs.lib -> lib
2019-08-12 11:46:53 +02:00
WilliButz
c28ded36ef
nixos/prometheus-blackbox-exporter: add config check
2019-08-12 10:53:00 +02:00
WilliButz
a8847c870a
nixos/rename: add prometheus2 change
2019-08-12 10:42:29 +02:00
WilliButz
543f219b30
nixos/prometheus: replace 'alertmanagerURL' options for prometheus2
...
Prometheus2 does no longer support the command-line flag to specify
an alertmanager. Instead it now supports both service discovery and
configuration of alertmanagers in the alerting config section.
Simply mapping the previous option to an entry in the new alertmanagers
section is not enough to allow for complete configurations of an
alertmanager.
Therefore the option alertmanagerURL is no longer used and instead
a full alertmanager configuration is expected.
2019-08-12 10:42:28 +02:00
worldofpeace
e9e165fa23
Merge pull request #66449 from delroth/no-ibus-qt
...
nixos/ibus: do not default-install ibus-qt
2019-08-11 22:41:02 -04:00
Lassulus
612871e2ec
Merge pull request #66375 from emmanuelrosa/syncthing-1.2.1
...
syncthing: 1.1.4 -> 1.2.1
2019-08-12 00:22:25 +02:00
worldofpeace
bddce34e49
Merge pull request #66478 from aanderse/nylas-mail
...
nylas-mail-bin: drop package which is no longer supported upstream
2019-08-11 17:52:26 -04:00
Aaron Andersen
26f128c1af
nylas-mail-bin: drop package which is no longer supported upstream
2019-08-11 17:44:05 -04:00
Danylo Hlynskyi
329fa4b01e
Merge pull request #66401 from eadwu/postgresql/fix-quoted-query
...
nixos/postgresql: fix quoted queries
2019-08-11 22:46:50 +03:00
Notkea
4ff9a48398
nixos/postgresql-wal-receiver: add module ( #63799 )
2019-08-11 20:09:42 +03:00
Michael Weiss
2473d902e6
nixos/fuse: init
...
Add a module for /etc/fuse.conf.
Fixes #30923 .
2019-08-11 16:13:23 +02:00
Jean Potier
9847967594
Fix typo in assert in grafana module
...
Current assert prevents using secretKeyFile entirely
2019-08-11 13:21:26 +03:00
Emmanuel Rosa
d80670bdc2
syncthing: 1.1.4 -> 1.2.1
...
syncthing-gtk: add missing runtime dependencies
NixOS: fix syncthing-init NixOS test
2019-08-11 08:35:04 +07:00
Domen Kožar
6cf861c617
make-options-doc: add asciidoc variant
2019-08-10 20:11:04 +02:00
Silvan Mosberger
ca3820dd00
nixos/misc: Fix nixpkgs.config merge function
...
Previously nested attrsets would override each other
2019-08-10 20:03:11 +02:00
Pierre Bourdon
67d1cf4707
nixos/ibus: do not default-install ibus-qt
...
ibus-qt has not seen a release in 5 years and is only relevant for Qt
4.x, which is becoming more and more rare. Using my current laptop as a
data point, ibus-qt is the only dependency left that drags in qt-4.8.7.
2019-08-10 19:37:12 +02:00
worldofpeace
2eaef474f2
Merge pull request #66236 from worldofpeace/test-reorganize
...
Reorganize GNOME tests, re-enable LightDM for release-combined
2019-08-10 11:23:57 -04:00
worldofpeace
1ce7ece4b2
Merge pull request #66398 from worldofpeace/gnome3-option-renames
...
Move certain GNOME3 options to programs
2019-08-10 11:17:47 -04:00
worldofpeace
0722e88665
nixos/gpaste: don't set sessionPath
...
Not needed since f63d94eba3
2019-08-10 11:17:18 -04:00
worldofpeace
be3fe4a869
nixos/gpaste: move to programs
2019-08-10 11:17:18 -04:00
Domen Kožar
3a93fcfd1e
make-options-doc: expose Nix set
2019-08-10 14:24:11 +02:00
Domen Kožar
5ce8864c54
Merge pull request #66328 from domenkozar/nixos-options-doc
...
Extract NixOS options documentation generation to a function
2019-08-10 14:07:19 +02:00
Tobias Happ
33c834f2fb
environment.profiles: fix order of profiles
...
This change is needed because the order of profiles correlate to the
order in PATH, therefore "/etc/profiles/per-user/$USER" always appeared
after the system packages directories.
2019-08-10 10:28:12 +02:00
Alex Guzman
9fec6dfa39
roon-server: add back state directory
2019-08-09 22:21:46 -07:00
Silvan Mosberger
ce82d0b61a
Couchdb: Don't chown /var/log to couchdb ( #65347 )
...
Couchdb: Don't chown /var/log to couchdb
2019-08-10 01:36:15 +02:00
Alex Guzman
d830ae9af3
[roon-server] Use non-deprecated string type
2019-08-09 13:02:46 -07:00
Edmund Wu
18d176dc20
nixos/postgresql: fix quoted queries
2019-08-09 15:11:24 -04:00
Matthew Bauer
ddf38a8241
Merge pull request #65002 from matthewbauer/binfmt-wasm
...
Add binfmt interpreter for wasm
2019-08-09 14:04:21 -04:00
Matthieu Coudron
2da1ad60a8
boot.kernelPackages: check for conflicts
...
It's currently possible to set conflicting `boot.kernelPackages` several times
which can prove confusing.
This is an attempt to warn for this.
2019-08-10 02:27:52 +09:00
worldofpeace
f12f2bb828
nixos/gnome-documents: move to programs
2019-08-09 12:56:11 -04:00
worldofpeace
6c525b1076
nixos/gnome-disks: move to programs
2019-08-09 12:56:11 -04:00
worldofpeace
ff0e3aae35
nixos/file-roller: move to programs
2019-08-09 12:56:11 -04:00
worldofpeace
db69d2dfe7
nixos/evince: move to programs
2019-08-09 12:56:11 -04:00
Silvan Mosberger
013d403f30
nixos/dwm-status: add module ( #51319 )
...
nixos/dwm-status: add module
2019-08-09 15:39:50 +02:00
Bas van Dijk
fae25242e9
Merge pull request #66327 from basvandijk/parameterizable-nixos-generate-config
...
nixos-generate-config: enable overriding configuration.nix
2019-08-09 14:39:34 +02:00
Frederik Rietdijk
9bd78cb048
Merge master into staging-next
2019-08-09 14:00:27 +02:00
Marek Mahut
f14628e576
Merge pull request #66341 from Ma27/bump-prometheus-wireguard-exporter
...
prometheus-wireguard-exporter: 3.0.0 -> 3.0.1
2019-08-09 13:12:06 +02:00
Periklis Tsirakidis
95dec03601
[throttled] Enable custom config
2019-08-09 09:22:38 +02:00
Silvan Mosberger
88bb9fa403
nixos/modules: Replace all nested types.either's with types.oneOf's
2019-08-08 23:35:52 +02:00
Maximilian Bosch
41b9c5f1da
nixos/prometheus-wireguard-exporter: add support for -r
switch
...
With this switch activated, the exporter also exposes the remote IP of
each active WireGuard peer.
2019-08-08 21:54:49 +02:00
Bas van Dijk
810388afd2
nixos-generate-config: enable overriding configuration.nix
2019-08-08 17:00:10 +02:00
Domen Kožar
5cfd034af0
Extract NixOS options documentation generation to a function
...
Motivation is to support other repositories containing nixos
modules that would like to generate options documentation:
- nix-darwin
- private repos
- arion
- ??
2019-08-08 16:18:09 +02:00
Alex Guzman
9f9b458ce3
[roon-server] don't create user if user changes defaults
...
If the user changes the user for roon, we can assume they handled the setup for it
2019-08-07 13:23:36 -07:00
Alex Guzman
6572b5e4a1
[roon-server] make roon user a system user
2019-08-07 13:12:57 -07:00
worldofpeace
45643baf22
nixosTests.pantheon: enable for all platforms
2019-08-07 15:55:39 -04:00
worldofpeace
63a1787ed5
nixosTests.gnome{xorg}: re-enable on aarch64
2019-08-07 15:53:26 -04:00
Alex Guzman
f160233793
roon-server: let nix assign ids
2019-08-07 12:34:52 -07:00
Alex Guzman
62d242d1cd
roon-server: Add actual user piping
...
Adds defined IDs
2019-08-07 12:27:52 -07:00
Alex Guzman
8becc897ea
roon-server: disable DynamicUser
...
DynamicUser currently breaks the backup functionality provided by roon,
as the roon server cannot write to non-canonical directories and the
recycled UIDs/GIDs would make managing permissions for the directory
impossible. On top of that, it would break the ability to manage the
local music library files (as it would not be able to delete them).
2019-08-07 11:57:42 -07:00
Thomas Tuegel
38f3c6afa1
Merge pull request #66226 from xvello/xvello/bluez-qt
...
Add bluez-qt as an explicit dependency of plasma5
2019-08-07 08:46:02 -05:00
Kai Wohlfahrt
28cf80acf8
nixos/hardware.deviceTree: Move things around
...
In response to comments, create a sub-folder for deviceTree packages
(starting with rpi), and a top-level package for helpers.
2019-08-07 13:51:22 +01:00
Kai Wohlfahrt
dd0a951279
nixos/hardware.deviceTree: new module
...
Add support for custom device-tree files, and applying overlays to them.
This is useful for supporting non-discoverable hardware, such as sensors
attached to GPIO pins on a Raspberry Pi.
2019-08-07 13:51:22 +01:00
vdot0x23
386f9739b5
nixos/stubby: Clearer wording for upstreamServers
...
Indicate that upstreamServers actually replaces defaults instead of adding to default.
2019-08-07 12:23:20 +00:00
Danylo Hlynskyi
0730e81785
postgresql: running initdb
from command line now works ( #65309 )
...
The issue was only with NixOS service, `postgresql` installed through
`nix-env` was not affected.
Fixes https://github.com/NixOS/nixpkgs/issues/23655
2019-08-07 14:17:36 +03:00
Nikola Knezevic
d0ef94258d
Make hostname in tests overridable
...
The original form effectively forbade any NixOS configuration that is under
test to explicitly set the hostname.
2019-08-07 10:31:13 +02:00
worldofpeace
6f86c002dd
nixosTests.lightdm: add me to maintainers
2019-08-06 20:51:44 -04:00
worldofpeace
9d0996ff11
nixosTests.gnome3{xorg}: add gnome3 maintainers
2019-08-06 20:51:44 -04:00
worldofpeace
feb4b30074
nixos/release-combined: re-enable lightdm test
...
This has been tested in the Pantheon test
for a year now and it does fine on hydra.
2019-08-06 20:51:44 -04:00
worldofpeace
71d42da8f5
nixos/release-combined: add gnome3 test for wayland
...
We should be ensuring that this session functions
as well because it's default.
2019-08-06 20:51:44 -04:00
worldofpeace
5efe51ccc2
nixosTests.gnome3: rename from gnome3-gdm
...
The actual only difference from the gnome3-xorg
test is that this tests the wayland session.
It's also more accurate to call it just "gnome3"
since wayland is default here.
2019-08-06 20:51:44 -04:00
worldofpeace
087c640e1a
nixosTests.gnome3-xorg: rename from gnome3
2019-08-06 19:13:35 -04:00
worldofpeace
a4c6a7b336
Merge pull request #63790 from chpatrick/gdm-autosuspend-option
...
nixos/gdm: add autoSuspend option
2019-08-06 18:09:20 -04:00
Patrick Chilton
7c854aa974
nixos/gdm: add autoSuspend option
2019-08-06 18:08:21 -04:00
Xavier Vello
e383d99244
Add bluez-qt as an explicit dependency of plasma5
...
When bluetooth is enabled, we install bluedevil, but
its applet cannot work without the qml components in
bluez-qt.
Superseedes #65440 that failed to address the issue.
2019-08-06 21:53:30 +02:00
Franz Pletz
666b291d19
Merge pull request #66073 from WilliButz/fix-unifi
...
nixos/unifi: create data directory with correct permissions
2019-08-06 16:34:30 +00:00
Silvan Mosberger
9a44f44d4c
lib/types: Add oneOf, extension of either to a list of types
2019-08-06 14:08:42 +02:00
Andreas Rammhold
955480e6bf
Merge pull request #65950 from aanderse/mysql-update
...
mysql57: 5.7.25 -> 5.7.27
2019-08-06 08:15:50 +00:00
worldofpeace
7a53b1cbe7
Merge pull request #65860 from etu/surf-display-kiosk-session
...
Surf display kiosk session
2019-08-05 14:41:56 -04:00
Elis Hirwing
792da0c4d4
nixos/surf-display: Add kiosk display manager session
2019-08-05 17:50:06 +02:00
WilliButz
d6a4902662
nixos/unifi: create data directory with correct permissions
2019-08-05 15:09:16 +02:00
danbst
29ba0a0adf
add release notes
2019-08-05 14:34:51 +03:00
Danylo Hlynskyi
7585496eff
Merge branch 'master' into flip-map-foreach
2019-08-05 14:09:28 +03:00
danbst
0f8596ab3f
mass replace "flip map -> forEach"
...
See `forEach`-introduction commit.
```
rg 'flip map ' --files-with-matches | xargs sed -i 's/flip map /forEach /g'
```
2019-08-05 14:03:38 +03:00
danbst
91bb646e98
Revert "mass replace "flip map -> foreach""
...
This reverts commit 3b0534310c
.
2019-08-05 14:01:45 +03:00
worldofpeace
d745487c1e
nixos/pantheon: use filechooser module
...
Setting GTK_CSD=1 works around the issue
we were having with this [0]
[0]: https://github.com/elementary/files/issues/971
2019-08-05 05:43:48 -04:00
worldofpeace
399ff42d73
nixos/pantheon: set GTK_CSD
...
Causes various issues when not set
* https://github.com/elementary/files/issues/971
* https://github.com/elementary/default-settings/pull/103
* https://github.com/cassidyjames/ideogram/issues/26
However this can cause certain problems in gala
* https://github.com/elementary/gala/issues/244
2019-08-05 05:42:35 -04:00
David Anderson
089da1c14d
nixos/sshguard: create ipsets before starting, and clean up after stopping.
...
The fix for #62874 introduced a race condition on startup: the postStart
commands that configure the firewall run concurrently with sshguard's
creation of the ipsets that the rules depend on. Unfortunately iptables
fails hard when referencing an ipset that doesn't exist, so this causes
non-deterministic crashlooping until sshguard wins the race.
This change fixes that race condition by always creating the ipset and
reconfiguring the firewall before starting sshguard, so that the order
of operations is always deterministic.
This change also cleans up the ipsets on sshguard shutdown, so that
removing sshguard from a running system doesn't leave state behind.
Fixes #65985 .
2019-08-04 16:23:22 -07:00
Aaron Andersen
f1faec8249
nixos/mysql: test the mysql package, not just mariadb
2019-08-04 10:41:55 -04:00
bake
9e2a710117
nixos/gitolite: dataDir group-readable
2019-08-04 18:47:02 +09:00
Frederik Rietdijk
27e030a1cc
Merge pull request #62812 from Tomahna/bloop
...
bloop: 1.2.5 -> 1.3.2
2019-08-04 10:07:16 +02:00
Jörg Thalheim
d02ead41f8
Merge pull request #65407 from alunduil/add-zfs-replication
...
Add zfs replication
2019-08-03 09:14:08 +01:00
Sarah Brofeldt
bf4cddf13b
Merge pull request #65616 from JohnAZoidberg/cassandra-jmxport-test
...
nixos/tests/cassandra: Test jmxPort
2019-08-03 08:40:17 +02:00
Frederik Rietdijk
7560e2d64f
Merge pull request #65376 from abbradar/mdadm-upstream
...
Use upstream units for mdadm
2019-08-03 08:06:07 +02:00
Frederik Rietdijk
d20a59d2e5
Merge master into staging-next
2019-08-02 23:27:18 +02:00
WilliButz
370370aa2c
nixos/release-notes: add note about prometheus-exporters
2019-08-02 18:50:02 +02:00
WilliButz
1ce989cce6
nixos/prometheus-exporters: update documentation
2019-08-02 18:50:01 +02:00
WilliButz
29d765e250
nixos/prometheus-wireguard-exporter: use ExecStart instead of script
2019-08-02 18:50:01 +02:00
WilliButz
afd0dc17d6
nixos/prometheus-exporters: use DynamicUser by default
...
Only define seperate users and groups when necessary.
2019-08-02 18:50:01 +02:00
WilliButz
495222a840
nixos/prometheus-exporter: use separate user for each exporter
...
Stop using nobody/nogroup by default and use seperate users for each
exporter instead.
2019-08-02 18:49:56 +02:00
WilliButz
c221f9fdf2
Merge pull request #65751 from mayflower/pkgs/prometheus-postgres-exporter
...
prometheus-postgres-exporter: init at 0.5.1
2019-08-02 18:45:32 +02:00
Susan Potter
6923b76eb5
nixos/doc+manual: change copyright year 2018->2019
2019-08-02 10:45:04 -05:00
Alex Brandt
bdd7b5a3ab
nixos/zfs: add autoReplication functionality
...
This adds a simple configuration for sending snapshots to a remote
system using zfs-replicate that ties into the autoSnapshot settings
already present in services.zfs.autoSnapshot.
2019-08-02 08:04:21 -07:00
Franz Pletz
e4c60a1e42
prometheus-postgres-exporter: init at 0.5.1
2019-08-02 15:59:29 +02:00
Vladimír Čunát
a89f245f3b
Merge branch 'master' into openssl-1.1
...
... to avoid the accidental gnupatch rebuild
2019-08-02 09:47:38 +02:00
Frederik Rietdijk
6f723b9bad
Merge master into staging-next
2019-08-02 09:18:37 +02:00
Peter Hoeg
f2639566b5
Merge pull request #30712 from peterhoeg/f/service
...
systemd user services shouldn't run as root and other "non-interactive" users
2019-08-02 11:58:27 +08:00
Robin Gloster
30969073f0
Merge remote-tracking branch 'upstream/master' into openssl-1.1
2019-08-02 03:01:30 +02:00
adisbladis
9e9c6de50c
nodejs-8_x: Drop package
...
It will be EOL within the support period of 19.09
2019-08-02 02:34:47 +02:00
Robin Gloster
443b0f6332
Merge pull request #65566 from rasendubi/syncthing-group-fix
...
syncthing: create default group if not overridden
2019-08-01 23:17:37 +00:00
Robin Gloster
41dac4bf9f
Merge pull request #65582 from WilliButz/add-mailexporter
...
prometheus-mail-exporter: init at 2019-07-14, add module and test
2019-08-01 23:14:21 +00:00
Robin Gloster
19c737fd79
Merge pull request #65699 from jslight90/patch-5
...
nixos/gitlab: fix config initializer permissions
2019-08-01 23:08:39 +00:00
worldofpeace
64b4a24047
nixos/xdg/portal: set GTK_USE_PORTAL with lib.mkIf
...
If lib.optional is given a false value it will return an empty list.
Thusly the set-environment script can have
```
export GTK_USE_PORTAL=
```
This can rub certain bugs the wrong way #65679
so lets make sure this isn't set in the environment
at all.
2019-08-01 17:51:51 -04:00
Frederik Rietdijk
55e4555b77
Merge master into staging-next
2019-08-01 09:42:54 +02:00
Colin L Rice
d7aa6df31f
nix-daemon: Fix builduser count to work when maxJobs is auto
2019-08-01 01:54:28 -04:00
Aaron Andersen
a1f738ba87
Merge pull request #62748 from aanderse/mediawiki
...
nixos/mediawiki: init service to replace httpd subservice
2019-07-31 22:12:23 -04:00
Artemis Tosini
42c3eefd77
nixos/xonsh: Use the package specified in the package option
2019-07-31 23:28:13 +00:00
Nikolay Amiantov
717b8b3219
systemd service: remove generator-packages option
...
Use systemd.packages instead, it's less error prone and more in line with
what's expected.
2019-08-01 00:55:35 +03:00
Nikolay Amiantov
ca780f4a18
swraid service: use upstream units
...
This fixes a serious bug on NixOS with swraid where mdadm arrays weren't
properly stopped on shutdown. Rather than fixing the unit by adding
`Before=final.target` we completely move to upstream units, which uses
systemd shutdown hooks instead. This also drives down maintenance costs
for us.
2019-08-01 00:55:35 +03:00
Nikolay Amiantov
b458121105
stage-1 initrd: replace absolute paths for mdadm
...
We don't patch basename and readlink now too as they were added for
mdadm in 8ecd3a5e1d
.
2019-08-01 00:55:35 +03:00
Nikolay Amiantov
5636fe572b
systemd test: add test for systemd-shutdown scripts
2019-08-01 00:55:35 +03:00
Nikolay Amiantov
a304fc5d75
systemd service: add support for shutdown packages
...
Shutdown hooks are executed right before the shutdown, which is useful
for some applications. Among other things this is needed for mdadm hook
to run.
2019-08-01 00:55:35 +03:00
Nikolay Amiantov
fd405dab3e
systemd service: rename generator-packages
2019-08-01 00:55:35 +03:00
Jeff Slight
7efcbead2c
nixos/gitlab: fix config initializer permissions
2019-07-31 14:55:08 -07:00
edef
4bcc6e11d3
Merge pull request #65227 from NixOS/openssh-known-hosts-ca
...
nixos/programs/ssh: allow specifying known host CAs
2019-07-31 12:08:58 +00:00
worldofpeace
bb4f61f73d
Merge pull request #64121 from tadeokondrak/nixos/programs/shell.nix/remove-gnu-specific-option
...
nixos/programs/shell.nix: don't use unnecessary GNU-specific option
2019-07-31 02:19:59 -04:00
worldofpeace
ea8fc75160
Merge pull request #64948 from ambrop72/videodrivers-radeon-alias
...
nixos/xserver: Make radeon in videoDrivers an alias for ati.
2019-07-31 02:13:24 -04:00
worldofpeace
6a79f6fb71
nixosTests.flatpak-builder: enable portals
...
Forgot about this test. Shouldn't fail with an assertion
error anymore.
2019-07-30 23:52:25 -04:00
Daniel Schaefer
8fbf9559df
nixos/tests/cassandra: Test jmxPort
...
The test sets it to a non-standard port so it won't work accidentally
now and we'll be sure that our NixOS option works.
2019-07-31 00:55:04 +02:00
WilliButz
deedad80c7
nixos/tests/prometheus-exporters: add mail exporter
2019-07-30 19:29:22 +02:00
WilliButz
5818c73d95
nixos/prometheus-exporters: add mail exporter module
2019-07-30 19:24:26 +02:00
Joachim F
a7d71da84d
Merge pull request #65585 from delroth/hardened-pti
...
nixos/hardened: make pti=on overridable
2019-07-30 10:35:31 +00:00
Janne Heß
ae608faa85
nixos/xfs: Add xfs_repair to the initrd
...
Closes #8820
2019-07-30 09:28:34 +02:00
worldofpeace
7f2f31a812
Merge pull request #65449 from worldofpeace/disable-portals
...
nixos/xdg: disable portals (again, again)
2019-07-29 21:47:51 -04:00
worldofpeace
1b21c9db91
nixos/xdg: add gtkUsePortal option to portals
...
Prior to this change GTK_USE_PORTAL was unconditionally
set to "1". For this to not break things you have to have some
sort of portal implementation in extraPortals.
Setting GTK_USE_PORTAL in this manner is actually only useful
when using portals for applications outside flatpak. For example
people using non-flatpak Firefox who want native filechoosers.
It's also WIP for electron applications to support this.
2019-07-29 21:47:09 -04:00
Pierre Bourdon
67b7e70865
nixos/hardened: make pti=on overridable
...
Introduces a new security.forcePageTableIsolation option (default false
on !hardened, true on hardened) that forces pti=on.
2019-07-30 02:24:56 +02:00
Robin Gloster
9b750c2474
shibboleth-sp: 2.6.1 -> 3.0.4.1
2019-07-30 00:06:12 +02:00
Alexey Shmalko
e50539f7b5
syncthing: create default group if not overridden
...
The following configuration generates a systemd unit that doesn't
start.
```nix
{
services.syncthing = {
enable = true;
user = "my-user";
};
}
```
It fails with
```
systemd[1]: Started Syncthing service.
systemd[6745]: syncthing.service: Failed to determine group credentials: No such process
systemd[6745]: syncthing.service: Failed at step GROUP spawning /nix/store/n1ydz3i08nqp1ajc50ycy1zribmphqc9-syncthing-1.1.4-bin/bin/syncthing: No such process
systemd[1]: syncthing.service: Main process exited, code=exited, status=216/GROUP
systemd[1]: syncthing.service: Failed with result 'exit-code'.
```
This is due to the fact that `syncthing` group (default) is not
created if the user is overridden.
Add a separate check for setting up the default group, so that
user/group are created independently.
2019-07-29 21:56:12 +03:00
Andrew Childs
a5328e1386
fluentd: add simple test
2019-07-30 00:37:21 +09:00
Jörg Thalheim
3b0f0741ea
Merge pull request #65335 from Baughn/wifi-crda
...
wifi: Include CRDA regulatory database
2019-07-29 07:02:22 +01:00
Svein Ove Aas
d28a8cc4af
nixos/pantheon: Include CRDA regulatory database
2019-07-28 22:17:19 +01:00
Svein Ove Aas
186dd1ce58
nixos/gnome3: Include CRDA regulatory database
2019-07-28 22:17:10 +01:00
Svein Ove Aas
7ee6226bdd
nixos/networkmanager: Include CRDA regulatory database
2019-07-28 22:10:28 +01:00
Svein Ove Aas
ac50d8e709
nixos/wpa_supplicant: Include CRDA regulatory database
2019-07-28 22:10:28 +01:00
Bas van Dijk
9ff408a2a4
Merge pull request #60500 from basvandijk/thanos-init
...
thanos: init at 0.6.0 & NixOS module
2019-07-28 19:14:55 +02:00
edef
9897956d36
Merge pull request #65485 from arcnmx/pr-taskserver-nixos
...
nixos/taskserver: crl file is optional
2019-07-28 13:02:05 +00:00
Bas van Dijk
0a59be7136
thanos: 0.5.0 -> 0.6.0
2019-07-28 13:28:27 +02:00
Bas van Dijk
6a59dc35f6
nixos/tests/prometheus-2.nix: increase diskSize of the store machine
...
This is to fix the following error in the test on aarch64-linux:
store# [ 126.911144] thanos[739]: level=error ts=2019-06-16T14:00:26.59870538Z caller=main.go:182 msg="running command failed" err="error executing compaction: first pass of downsampling failed: create dir: mkdir /var/lib/thanos-compact/downsample: no space left on device"
store# [ 126.942655] systemd[1]: thanos-compact.service: Main process exited, code=exited, status=1/FAILURE
2019-07-28 13:28:27 +02:00
Bas van Dijk
dc69b3e6ad
nixos/thanos: code style: don't use a space before a colon
2019-07-28 13:28:27 +02:00
Bas van Dijk
e32e0e6e02
nixos/thanos: assert that prometheus2 is running and has labels set
2019-07-28 13:28:27 +02:00
Bas van Dijk
13da811853
nixos/thanos: allow overriding arguments to the thanos subcommands
2019-07-28 13:28:27 +02:00
Bas van Dijk
2d0243c187
thanos: 0.4.0 -> 0.5.0-rc.0
2019-07-28 13:28:27 +02:00
Bas van Dijk
ebc65a5f21
nixos/thanos: add module for the thanos service
2019-07-28 13:28:27 +02:00
Frederik Rietdijk
cb3ce5d26d
Merge master into staging-next
2019-07-28 12:11:37 +02:00
Frederik Rietdijk
cca5ee9c07
Merge staging-next into staging
2019-07-28 09:10:03 +02:00
arcnmx
c604b38791
nixos/taskserver: crl file is optional
2019-07-27 15:49:46 -07:00
Ashish SHUKLA
d3c2b992d4
sshguard: do not create ipset in post-start
...
Upstream switched to a different type of ipset table, whereas we
create ipset in post-start which overrides upstream, and renders
sshguard ineffective.
Remove ipset creation from post-start, and let it get automatically
by upstream script (sshg-fw-ipset) as part of startup
2019-07-27 10:59:50 +05:30
worldofpeace
1e4d9e08cd
nixos/plasma5: enable xdg.portal
2019-07-26 22:36:32 -04:00
worldofpeace
16c6f169a2
nixos/gnome3: enable xdg.portal
2019-07-26 22:36:14 -04:00
worldofpeace
785158fd64
nixos/flatpak: require xdg.portal to be enabled
2019-07-26 22:35:50 -04:00
worldofpeace
c4d06eff3f
nixos/xdg: disable portal (again)
2019-07-26 22:33:49 -04:00
Aaron Andersen
1ab91bee65
Merge pull request #65418 from mmahut/proxy_server
...
nixos/zabbixProxy: server is a mandatory parameter
2019-07-26 18:46:21 -04:00
Aaron Andersen
5596b69771
nixos/httpd: remove duplicate module entries from httpd.conf
2019-07-26 17:51:06 -04:00
Silvan Mosberger
d3dfe06c38
nixos/xserver: add option to install custom xkb layouts ( #47764 )
...
nixos/xserver: add option to install custom xkb layouts
2019-07-26 20:43:37 +02:00
rnhmjoj
e91f0c38c0
docs/xserver: use <note> tag for notes
2019-07-26 18:08:05 +02:00
rnhmjoj
3effc55b5b
docs/xserver: document xserver.extraLayouts
2019-07-26 18:08:04 +02:00
rnhmjoj
171d5c9200
nixos/xserver: add option to install custom xkb layouts
2019-07-26 18:08:04 +02:00
Marek Mahut
6e762653de
module zabbixProxy: server is a mandatory parameter
2019-07-26 16:22:47 +02:00
Frederik Rietdijk
0f6bda38fe
Merge staging-next into staging
2019-07-26 14:45:31 +02:00
Jörg Thalheim
741046a4d6
Merge pull request #65331 from Mic92/zfs-trim
...
nixos/zfs: add trim service
2019-07-26 07:53:33 +01:00
Léo Gaspard
5f33bcd953
matrix-synapse: fix documentation better
2019-07-25 15:37:32 +02:00
Jörg Thalheim
1d86714a2b
nixos/zfs: add trim service
...
Introduces a trim timer similar to the fstrim service.
According to zpool(8) for consumer hardware periodic manual TRIM
is preferred over automatic TRIM that ZFS implements.
The period of one week is based on recommendations of fstrim.
2019-07-25 12:47:43 +01:00
Orivej Desh
32fbbc6f9b
Merge master into staging
2019-07-25 09:23:21 +00:00
Kevin Rauscher
17c2f79e39
bloop: allow specifying extra cli options
2019-07-25 09:28:13 +02:00
Thomas Tuegel
294e75e832
Merge pull request #65339 from ttuegel/wrap-pinentry_qt5
...
pinentry: Use qt5.wrapQtApps as needed
2019-07-24 16:07:40 -05:00
Thomas Tuegel
9235a8eaef
nixos/config/no-x-libs: Fix pinentry arguments
2019-07-24 15:22:07 -05:00
Kevin Rauscher
d6b6015d34
bloop: get closer to standard bloop packaging
2019-07-24 21:42:40 +02:00
Robin Gloster
5806e71834
Merge pull request #65299 from Ma27/fix-nextcloud-test
...
nixos/nextcloud: fix inclusion of trusted_domains in override config
2019-07-24 19:28:06 +00:00
Silvan Mosberger
12eb0f524b
nixos/tests: Reenable couchdb
...
Works just fine in current master
2019-07-24 20:53:02 +02:00
Silvan Mosberger
5e974362be
nixos/couchdb: Prevent it from chowning /var/log to couchdb:couchdb
...
The default for logFile is /var/log/couchdb.log, and the tmpfile rules chown
${dirOf cfg.logFile}, which is just /var/log, to couchdb:couchdb.
This was found by Edes' report on IRC, which looked like
Detected unsafe path transition /var/log → /var/log/journal during canonicalization of /var/log/journal
While this bug has been present since the initial couchdb module in
62438c09f7
by @garbas, this wasn't a
problem, because the initial module only created and chowned /var/log
if it didn't exist yet, which can't occur because this gets created in
the initial phases of NixOS startup.
However with the recent move from manual preStart chown scripts to
systemd.tmpfiles.rules in 062efe018d
(#59389 ),
this chown is suddenly running unconditionally at every system
activation, therefore triggering the above error.
2019-07-24 20:52:53 +02:00
Thomas Tuegel
3d76d810ed
Merge pull request #65090 from eadwu/compton/7
...
compton: 6.2 -> 7
2019-07-24 06:41:09 -05:00
Peter Hoeg
bede9851a1
Merge pull request #65078 from peterhoeg/f/st
...
nixos/syncthing: do not use nogroup
2019-07-24 13:22:08 +08:00
Aaron Andersen
ebd9067473
nixos/mediawiki: add release notes for 19.09
2019-07-23 22:03:20 -04:00
Aaron Andersen
455d33f514
nixos/mediawiki: init service to replace httpd subservice
2019-07-23 22:02:33 -04:00
Aaron Andersen
72ef4786e1
Merge pull request #64151 from aanderse/httpd-extraSubservices
...
nixos/httpd: module cleanup
2019-07-23 21:58:40 -04:00
Florian Klink
101a4be5a7
Add spotifyd package and service ( #65092 )
...
Add spotifyd package and service
2019-07-24 00:54:24 +02:00
Silvan Mosberger
8403187566
thelounge: init at 3.0.1 ( #51947 )
...
thelounge: init at 3.0.1
2019-07-23 13:45:43 +02:00
Maximilian Bosch
c5e515f5c7
nixos/nextcloud: fix inclusion of trusted_domains in override config
...
Regression I caused with 3944aa051c
, sorry
for this! The Nextcloud installer broke back then because
`trusted_domains` was an empty value by default (a.k.a an empty array)
which seemed to break the config merger of Nextcloud as Nextcloud
doesn't do recursive merging and now no domain was trusted because of
that, hence Nextcloud was unreachable for the `curl` call.
2019-07-23 13:29:43 +02:00
Mrmaxmeier
37a2f058ed
nixos/thelounge: init
...
The Lounge is the official and community-managed fork of Shout.
This intends to replace the `shout` service.
2019-07-23 13:18:01 +02:00
Danylo Hlynskyi
d54e52276b
postgresql: update docs
...
https://github.com/NixOS/nixpkgs/issues/32156
2019-07-23 14:17:14 +03:00
Domen Kožar
cfd507d581
system-boot: configurationLimit should be null as default
2019-07-23 10:20:09 +02:00
WilliButz
5dc50eab68
Merge pull request #65102 from d-goldin/patch-1
...
docs prometheus.exporters: typo fix.
2019-07-23 10:06:20 +02:00
worldofpeace
356d9ad758
nixos/pantheon: don't add extraPortals
...
Pantheon's XDG Portal is still WIP and we
it's probably not proper to use gtk's one.
2019-07-23 03:43:41 -04:00
steve-chavez
dfd3a0269c
Shorten mkEnableOption description
2019-07-23 12:19:28 +09:00
steve-chavez
5ccfa0c816
nixos/modules: add greenclip user service
2019-07-23 12:19:28 +09:00
worldofpeace
b1bc0645ea
gdk-pixbuf: rename from gdk_pixbuf
2019-07-22 18:50:57 -04:00
Robin Gloster
da2eda65e3
Merge pull request #65179 from delroth/bind-extraconfig
...
nixos/bind: allow manual additions to zone config fragments
2019-07-22 17:53:49 +00:00
Robin Gloster
e891178dde
Merge pull request #63900 from Ma27/nextcloud-declarative-dbconfig
...
nixos/nextcloud: write config to additional config file
2019-07-22 16:50:02 +00:00
Johan Thomsen
bbd4a0c100
nixos/gitlab: gitlab-workhorse requires exiftool on path to process uploaded images
2019-07-22 16:41:16 +00:00
Maximilian Bosch
3944aa051c
nixos/nextcloud: write config to additional config file
...
One of the main problems of the Nextcloud module is that it's currently
not possible to alter e.g. database configuration after the initial
setup as it's written by their imperative installer to a file.
After some research[1] it turned out that it's possible to override all values
with an additional config file. The documentation has been
slightly updated to remain up-to-date, but the warnings should
remain there as the imperative configuration is still used and may cause
unwanted side-effects.
Also simplified the postgresql test which uses `ensure{Databases,Users}` to
configure the database.
Fixes #49783
[1] https://github.com/NixOS/nixpkgs/issues/49783#issuecomment-483063922
2019-07-22 18:29:52 +02:00
WilliButz
294bed66dc
nixos/release-notes: add note about nginx-exporter
2019-07-22 16:41:10 +02:00
WilliButz
c64f621bfd
nixos/prometheus-nginx-exporter: update module
...
Update exporter submodule to match the new exporter version.
2019-07-22 16:41:10 +02:00
WilliButz
fb6f0a48bb
nixos/prometheus-exporters: add option renaming for submodules
...
Adds the functionality to create option renamings and removals
for exporter submodules as in nixos/modules/rename.nix.
2019-07-22 16:41:10 +02:00
WilliButz
77ccb1fe6a
nixos/tests/prometheus-exporters: replace 'with lib;'
...
Replace 'with lib;' by explicit function imports.
2019-07-22 16:41:10 +02:00
WilliButz
774221191d
nixos/prometheus-exporters: refactor imports, replace 'with lib;'
...
Pass through 'options' to exporter definitions and replace 'with lib;'
by explicit function imports.
2019-07-22 16:41:09 +02:00
WilliButz
01ee2ee2ba
nixos/test: fix prometheus-{bind,varnish}-exporter tests
2019-07-22 16:41:09 +02:00
Nikolay Amiantov
a0ba42e3f4
Merge pull request #64268 from jameysharp/nscd-dynamicuser
...
nixos/nscd: DynamicUser and other cleanups
2019-07-22 16:23:07 +03:00
Nikolay Amiantov
5f4288d49d
boot tests: don't use globbing
...
Turns out I broke all the boot tests except netboot.
Instead of relying on build-time search for .iso we can use a proper attribute.
2019-07-22 14:44:53 +03:00
Andrew Childs
d2144755a4
nixos-test-driver: allow configuration of net frontend and backend
...
When IPXE tests were added, an option was added for configuring only
the frontend, and the backend configuration was dropped entirely. This
caused most installer tests to fail.
2019-07-22 13:44:27 +03:00
Franz Pletz
376b5fd000
Merge pull request #64463 from Ma27/graylog-test
...
nixos/graylog: minor fixes, add test
2019-07-21 20:53:39 +00:00
Aaron Andersen
44565adda5
Merge pull request #60436 from nbardiuk/master
...
nixos/tiddlywiki: init
2019-07-21 16:39:42 -04:00
Franz Pletz
bc418837d5
Merge pull request #65225 from Ma27/bump-prometheus-wireguard-exporter
...
prometheus-wireguard-exporter: 2.0.1 -> 3.0.0
2019-07-21 20:19:22 +00:00
Maximilian Bosch
7095bdf988
nixos/prometheus-exporters/wireguard: add support for -s
switch
...
Since version 3.0 all allowed IPs and subnets are exposed by the
exporter. With `-s` set on the CLI, instead of a comma-separated list,
each allowed IP and subnet will be in a single field with the schema
`allowed_ip_<index>`.
2019-07-21 21:39:49 +02:00
Maximilian Bosch
543ef567d9
prometheus-wireguard-exporter: 2.0.1 -> 3.0.0
...
Two new releases are available:
* https://github.com/MindFlavor/prometheus_wireguard_exporter/releases/tag/3.0.0
* https://github.com/MindFlavor/prometheus_wireguard_exporter/releases/tag/2.0.2
The main new feature is that the exporter exposes all allowed ips and
subnets.
2019-07-21 21:39:48 +02:00
Danylo Hlynskyi
caa0f82bf8
docs: update docs for postgresql plugins ( #64899 )
...
docs: update docs for postgresql plugins
Co-Authored-By: Mario Rodas <marsam@users.noreply.github.com>
2019-07-21 22:05:41 +03:00
edef
1c9a2d4d7f
nixos/programs/ssh: allow specifying known host CAs
2019-07-21 14:23:41 +00:00
Anders Lundstedt
53841fcea9
nixos/spotifyd: init
2019-07-21 00:58:20 +02:00
Aaron Andersen
9b970d07f3
nixos/httpd: drop postgresql reference
2019-07-20 18:36:24 -04:00
Aaron Andersen
0fd69629c7
nixos/httpd: mark extraSubservices option as deprecated
2019-07-20 18:36:19 -04:00
Aaron Andersen
505df09d50
nixos/httpd: drop the port option
2019-07-20 18:29:46 -04:00
Thomas Tuegel
a071bfa7e7
Merge pull request #65188 from xvello/master
...
plasma5: allow to configure the default phonon backend
2019-07-20 15:35:09 -05:00
Xavier Vello
df748aeefe
nixos/plasma5: allow to configure the default phonon backend
...
Introduce a new .plasma5.phononBackend option. Default value
"gstreamer" installs the same packages as before. "vlc" installs
only the vlc phonon backend.
2019-07-20 21:53:46 +02:00
Samuel Dionne-Riel
56836c31ad
nixos/tests: drop tomcat connector test
...
The httpd subservice was dropped in #64052 .
2019-07-20 15:19:45 -04:00
Pierre Bourdon
6332bc25cd
nixos/bind: allow manual additions to zone config fragments
2019-07-20 17:50:37 +02:00
Aaron Andersen
30920fbf69
Merge pull request #64741 from dasJ/gitea-smtp-pw
...
nixos/gitea: Support SMTP without pw in the store
2019-07-20 08:32:51 -04:00
Aaron Andersen
faf884ca9b
Merge pull request #64365 from aanderse/tt-rss
...
nixos/tt-rss: remove deprecated usage of PermissionsStartOnly, specify a group to run service as, and fix local pgsql database creation
2019-07-20 08:23:48 -04:00
worldofpeace
d734750608
nixos/xdg: default portal from xserver.enable
...
same affect as f84a4ef892
but we won't need to enable the module independently for DE
modules.
2019-07-19 19:47:02 -04:00
Samuel Dionne-Riel
f84a4ef892
nixos/xdg: Disables portal by default...
...
Left to do: re-enable as needed in the usual situations.
This added ~286MiB to the base system closure, which is enough to bring
the sd images over the limit allowed on Hydra.
2019-07-19 19:28:51 -04:00
Graham Christensen
a463582040
Merge pull request #65079 from mmahut/typo
...
Renaming security.virtualization.flushL1DataCache to virtualisation
2019-07-19 16:12:52 -04:00
Graham Christensen
d51b522a6e
Merge pull request #64052 from aanderse/tomcat-connector
...
nixos/httpd: drop tomcat-connector httpd subservice
2019-07-19 15:25:44 -04:00
Dima
186222ce7b
Fixing minor typo in prometheus exporters doc
2019-07-19 21:13:57 +02:00
Edmund Wu
23ae47a2d0
compton: 6.2 -> 7
2019-07-19 13:07:21 -04:00
Marek Mahut
e72f25673d
Renaming security.virtualization.flushL1DataCache to virtualisation
...
Fixes #65044
2019-07-19 15:49:37 +02:00
worldofpeace
00eef848b2
nixos/doc: fix build
...
Adjusts to options renamed in 90b1197301
2019-07-18 20:40:24 -04:00
worldofpeace
3531a229d1
nixos/pantheon: add gtk xdg desktop portal
2019-07-18 20:03:12 -04:00
worldofpeace
69f2836c1b
Merge pull request #64575 from pasqui23/portal
...
nixos/xdg: add portal option
2019-07-18 20:00:09 -04:00
Pasquale
90b1197301
nixos/xdg: add portal option
...
This factors the configuration out of the flatpak module.
2019-07-18 19:59:07 -04:00
Peter Simons
c768e1ff48
Merge pull request #64794 from peti/t/postfix-module
...
nixos: add 'localRecipients' config option for Postfix
2019-07-18 19:14:36 +02:00
fuwa
562b5061a7
nixos/tor: fix obfs4 package
2019-07-19 04:11:17 +08:00
Florian Klink
9d339e3b45
Merge pull request #61312 from Yarny0/tsm-client
...
TSM client
2019-07-18 02:46:31 +02:00
Matthew Bauer
857f7fb4af
nixos/binfmt: update release notes and provide examples
2019-07-17 17:09:20 -04:00
Matthew Bauer
1acc701fdb
nixos/binfmt: handle wasm binaries
...
This adds handling for WASM binaries to binfmt’s emulatedSystems. To
enable, add this to your configuration:
boot.binfmt.emulatedSystems = [ "wasm32-wasi" ];
After rebuilding with nixos-rebuild switch, you can run wasm binaries
directly.
2019-07-17 17:00:46 -04:00
Robin Gloster
0972409c95
Merge pull request #64550 from bgamari/gitlab-12.0
...
gitlab: 11.10.8 -> 12.0.3
2019-07-17 16:01:03 +00:00
Jamey Sharp
d4e5748c1b
nixos/openldap: fix assertion
...
In commit d43dc68db3
, @Mic92 split the
rootpw option to allow specifying it in a file kept outside the Nix
store, as an alternative to specifying the password directly in the
config.
Prior to that, rootpw's type was `str`, but in order to allow both
alternatives, it had to become `nullOr str` with a default of `null`. So
I can see why this assertion, that either rootpw or rootpwFile are
specified, makes sense to add here.
However, these options aren't used if the configDir option is set, so as
written this assertion breaks valid configurations, including the
configuration used by nixos/tests/ldap.nix.
So this patch fixes the assertion so that it doesn't fire if configDir
is set.
2019-07-17 11:08:10 +03:00
Nikolay Amiantov
294751a4fc
Merge pull request #62955 from abbradar/resolvconf
...
resolvconf service: init
2019-07-17 11:07:12 +03:00
Peter Hoeg
db858b4d30
Merge pull request #64806 from peterhoeg/f/exec
...
nixos/systemd: 242 supports Type = exec
2019-07-17 14:09:20 +07:00
Nazarii Bardiuk
976928daa2
nixos/tiddlywiki: init
...
Service that runs TiddlyWiki nodejs server
2019-07-16 23:12:16 +01:00
Ambroz Bizjak
4f309207c7
nixos/xserver: Make radeon in videoDrivers an alias for ati.
...
The old open-source driver for AMD/ATI GPUs is commonly known as "radeon"
despite the historical package name xf86-video-ati. For example it presents
itself as RADEON in the Xorg log. So adding "radeon" to videoDrivers should
work.
Also changed the docs for the videoDrivers option to use "radeon" in the
default value instead of "ati".
Fixes #37917
2019-07-16 23:02:09 +02:00
Vladimír Čunát
2b28e4c96f
Merge #64892 : 'staging-next' (another iteration)
...
It's not completely without regressions, but I believe we can deal with
the rest directly on master. This is required for Firefox security fixes.
2019-07-16 19:32:17 +02:00
Frederik Rietdijk
a28a9ac156
Merge master into staging-next
2019-07-16 11:15:46 +02:00
Danylo Hlynskyi
475f1ebd98
Merge branch 'master' into postgresql-plugins-bin
2019-07-16 11:32:52 +03:00
Robin Gloster
52fd300b8c
gitlab module: fix permissions
2019-07-16 03:51:17 +02:00
Robin Gloster
3469c206f2
gitlab-shell: better gitlab_shell_secret location
...
So this won't be cleaned up by removing config/*
2019-07-16 03:51:11 +02:00
Aaron Andersen
ee1231890d
Merge pull request #64810 from WilliButz/grafana-extend-test
...
nixos/tests: extend grafana test, nixos/grafana: use group grafana instead of nogroup
2019-07-15 20:43:36 -04:00
Robin Gloster
783c2f6106
gitlab module: clean up permission handling
...
This is WIP to get rid of PermissionsStartOnly=true
2019-07-16 01:19:07 +02:00
Nikolay Amiantov
b392c5ab4d
Merge pull request #64815 from abbradar/ipxe-efi
...
IPXE EFI netboot fix
2019-07-15 21:21:29 +03:00
Nikolay Amiantov
01b90dce78
resolvconf service: init
...
This is a refactor of how resolvconf is managed on NixOS. We split it
into a separate service which is enabled internally depending on whether
we want /etc/resolv.conf to be managed by it. Various services now take
advantage of those configuration options.
We also now use systemd instead of activation scripts to update
resolv.conf.
NetworkManager now uses the right option for rc-manager DNS
automatically, so the configuration option shouldn't be exposed.
2019-07-15 20:25:39 +03:00
Nikolay Amiantov
a2e8be9fc3
boot tests: add UEFI PXE netboot testing
...
Generalize netboot testing and add tests for UEFI PXE netboot.
2019-07-15 19:34:19 +03:00
WilliButz
b01b1fd62d
nixos/tests: extend grafana test
...
Also test configurations with postgresql and mariadb.
2019-07-15 18:33:26 +02:00
Nikolay Amiantov
81d35a9d7e
nixos-test-driver: support netRomFile
...
Needed for UEFI PXE netboot testing.
2019-07-15 19:33:26 +03:00
Nikolay Amiantov
e4837acf21
nixos netboot: explicitly specify initrd
...
Needed for iPXE on UEFI, see http://forum.ipxe.org/archive/index.php/thread-7589.html
2019-07-15 19:33:21 +03:00
WilliButz
a9ce5f6c59
nixos/grafana: add grafana user to group 'grafana'
2019-07-15 18:33:19 +02:00
Peter Simons
59bacaca3d
nixos: add 'localRecipients' config option for Postfix
...
The new option services.postfix.localRecipients allows
configuring the postfix option 'local_recipient_maps'. When
set to a list of user names (or patterns), that map
effectively replaces the lookup in the system's user
database that's used by default to determine which local
users are valid.
This option is useful to explicitly set local users that are
allowed to receive e-mail from the outside world. For local
injection i.e. via the 'sendmail' command this option has no
effect.
2019-07-15 17:36:20 +02:00
Peter Hoeg
eb55dd5e6b
nixos/systemd: 242 supports Type = exec
2019-07-15 20:28:26 +08:00
Yarny0
d99462ff5a
nixos/backup/tsm: init module
...
Based on the programs/tsm-client module,
this commit introduces a systemd service that uses the
tsm-client to create regular backups of the machine.
2019-07-15 09:41:37 +02:00
Yarny0
f5b873f43c
nixos/tsm-client: init module
...
This commit brings a module that installs the
IBM Spectrum Protect (Tivoli Storage Manager)
command-line client together with its
system-wide client system-options file `dsm.sys`.
2019-07-15 09:41:37 +02:00
Vladimír Čunát
3686036e02
Merge branch 'master' into staging-next
...
Hydra nixpkgs: ?compare=1530372
2019-07-15 09:39:03 +02:00
Janne Heß
1e23007dcd
nixos/gitea: Support SMTP without pw in the store
2019-07-14 22:48:10 +02:00
Linus Heckemann
a935eff7fa
Merge pull request #62835 from lheckemann/ipv6-privacy-extensions
...
Ipv6 privacy extensions
2019-07-14 19:27:54 +02:00
Silvan Mosberger
5eac339829
nixos/redmine: add database.createLocally option ( #63932 )
...
nixos/redmine: add database.createLocally option
2019-07-14 16:22:37 +02:00
danbst
3b0534310c
mass replace "flip map -> foreach"
...
See `foreach`-introduction commit.
```
rg 'flip map ' --files-with-matches | xargs sed -i 's/flip map /foreach /g'
```
2019-07-14 13:46:10 +03:00
Nikolay Amiantov
8951505dc9
Merge pull request #62956 from abbradar/nm-fixes
...
NetworkManager fixes
2019-07-13 22:31:13 +03:00
Léo Gaspard
8f38f0341c
Merge pull request #63639 from Ekleog/fix-matrix-doc
...
matrix-synapse: fix documentation
2019-07-13 18:17:14 +02:00
José Romildo Malaquias
c3282487dd
xfce4-13: rename to xfce4-14
2019-07-13 08:42:05 -03:00
caadar
6fea6dbc00
manual: mention jmacs as emacs imitation
2019-07-13 11:01:17 +02:00
Frederik Rietdijk
54065ae20d
Merge master into staging-next
2019-07-13 09:45:40 +02:00
Silvan Mosberger
2d7bce29d1
nixos/install-grub: include child configs in grub menu ( #45345 )
...
nixos/install-grub: include child configs in grub menu
2019-07-13 03:07:02 +02:00
Jamey Sharp
d79584c902
nixos/nscd: document why it is configured this way
2019-07-12 12:07:45 -07:00
Silvan Mosberger
5b8b5a694c
Merge pull request #64112 from davidtwco/deluge/users-groups-firewalls
...
nixos/deluge: add user/group/openFirewall opts and extraction packages to path
2019-07-12 20:26:55 +02:00
Florian Klink
a234b91271
Merge pull request #64621 from gloaming/dhcpcd-before-network-online
...
nixos/dhcpcd: Before network-online.target
2019-07-12 12:48:01 +02:00
Aaron Andersen
c13fbe0551
Merge pull request #63844 from aanderse/zabbix-cleanup
...
nixos/zabbix: overhaul package & module
2019-07-12 06:12:51 -04:00
Vladimír Čunát
2c3f18721e
Merge #59924 : knot-resolver: 3.2.1 -> 4.1.0 (security)
2019-07-12 09:14:53 +02:00
Daniel Frank
ed86bbad84
system.autoUpgrade: optionally allow rebooting the system on kernel change ( #64267 )
...
* autoUpgrade: optionally allow rebooting the system on kernel change
* system.autoUpgrade: Better documentation and readability
2019-07-12 09:09:50 +03:00
Aaron Andersen
08286b4f29
nixos/httpd: drop tomcat-connector httpd subservice
2019-07-11 20:58:55 -04:00
Aaron Andersen
649ec93c37
foswiki: drop package & httpd subservice
2019-07-11 19:46:30 -04:00
Aaron Andersen
6a1de5460b
nixos/httpd: remove broken trac subservice
2019-07-11 19:19:27 -04:00
Aaron Andersen
4191c80c31
nixos/zabbixProxy: init module
2019-07-11 18:55:58 -04:00
Aaron Andersen
70092c9acb
nixos/zabbixAgent & nixos/zabbixServer: various module updates
2019-07-11 18:54:15 -04:00
Aaron Andersen
6891fb4103
nixos/zabbixWeb: replace httpd subservice with new module
2019-07-11 18:45:46 -04:00
Matthew Bauer
99c04c74cf
Merge pull request #63581 from PsyanticY/zabbix-4.0
...
zabbix:1.8 -> 4.0 | remove old packages
2019-07-11 15:05:05 -04:00
worldofpeace
c924032b68
Merge pull request #63894 from ambrop72/no-opengl-xdg-data-dirs
...
nixos/opengl: Don't set XDG_DATA_DIRS.
2019-07-11 13:16:08 -04:00
worldofpeace
a6ce6c1052
Merge pull request #61981 from ambrop72/no-opengl-ld-library-path
...
nixos: Don't set LD_LIBRARY_PATH for graphics drivers that don't need it.
2019-07-11 13:15:51 -04:00
PsyanticY
16f8a17416
zabbix:1.8 -> 4.0 | remove old packages
2019-07-11 17:22:26 +01:00
Nikolay Amiantov
48b3e70534
Update nixos/modules/services/networking/networkmanager.nix
...
Co-Authored-By: worldofpeace <worldofpeace@protonmail.ch>
2019-07-11 18:37:51 +03:00
Venkateswara Rao Mandela
bc68f85326
nixos/tests: add test for showing child configuration in grub menu
...
- Create a child configuration named "Work" with an extra config file.
- Name the default configuration as "Home" :-)
- Once the VM is setup, reboot and verify that it has booted into
default configuration.
- Reboot into the "Work" configuration via grub.
- Verify that we have booted into the "Work" configuration and that
the extra config file is present.
This test works for the simple grub configuration and simple UEFI
Grub configuration. UEFI Systemd is not included in the test.
2019-07-11 17:40:25 +05:30
Venkateswara Rao Mandela
b08400a4d2
nixos/tests: installer: restructure simpleUefiGrub test data
2019-07-11 17:38:25 +05:30
Venkateswara Rao Mandela
c400ab55d6
nixos/tests: installer: restructure simple test data
2019-07-11 17:38:25 +05:30
Venkateswara Rao Mandela
7f363b034e
nixos/install-grub: include child configs in grub menu
...
Add configs listed under the fine-tune subdirectory to the grub menu.
Use specified configuration name for the entry if available.
2019-07-11 17:38:25 +05:30
Craig Hall
2ae58dfc79
nixos/dhcpcd: Before network-online.target
...
Instead of network.target. Fixes #60900 (delayed boot).
2019-07-11 12:23:41 +01:00
Frederik Rietdijk
22cb7f25f2
Merge master into staging-next
2019-07-11 09:40:10 +02:00
worldofpeace
0ad1b80a3b
Merge pull request #64588 from eadwu/libinput/additional-options-type-lines
...
nixos/libinput: use `types.lines` for additionalOptions
2019-07-10 22:24:50 -04:00
edef
4a633b5618
Merge pull request #64548 from NixOS/etcd-3.3.13
...
etcd: 3.3.1 -> 3.3.13
2019-07-10 17:11:44 +00:00
Edmund Wu
7d95bc0c85
nixos/libinput: use types.lines
for additionalOptions
2019-07-10 12:22:57 -04:00
Vladimír Čunát
9efdd2e434
knot-resolver: 3.2.1 -> 4.0.0
...
https://lists.nic.cz/pipermail/knot-resolver-users/2019/000136.html
Similar commit worked fine for me, including the nixos service.
I'd like to still improve the service to support easy passing of sockets
to http module.
2019-07-10 17:40:04 +02:00
Peter Hoeg
8317663b94
nixos/syncthing: do not use nogroup
...
We were already creating a group for the user under which to run syncthing but
we were defaulting to running as `nogroup`.
Additionally, use `install` instead of multiple calls to mkdir/cp/chown.
2019-07-10 21:29:25 +08:00
Frederik Rietdijk
da96a4119f
Merge staging-next into staging
2019-07-10 08:52:50 +02:00
Frederik Rietdijk
fb6260fcf7
Merge pull request #64236 from NixOS/staging-next
...
Staging next
2019-07-10 08:52:04 +02:00
edef
b3bce2cfa2
nixos/tests/etcd-cluster: be more lenient about member addition
2019-07-10 00:42:48 +00:00
edef
950d91cc9c
nixos/tests: include the etcd-cluster test in all-tests.nix
...
We seem to have had this test for quite a while, but nothing seems to
reference it.
2019-07-09 23:46:57 +00:00
Austin Seipp
acb1134074
nixos/foundationdb: s/pidFile/pidfile/
...
Fixes an evaluation regression introduced by a case-typo in
de6e5ea815
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2019-07-09 17:11:31 -05:00
Maximilian Bosch
16d0b8dcbd
nixos/graylog: add test
...
Basic test which confirms new inputs can be created and that messages
can be sent to a UDP-GELF input using `netcat`.
This test requires 4GB of RAM to avoid issues due insufficient
memory (please refer to `nixos/tests/elk.nix` for a detailed explanation of
the issue) for elasticsearch.
Also it's ensured that elasticsearch has an open HTTP port for communication
when starting `graylog`. This is a workaround to ensure that all services
are started in proper order, even in test environments with less power.
However this shouldn't be implemented in the `nixos/graylog` module as
this might be harmful when using elasticsearch clusters that require e.g.
authentication and/or run on different servers.
2019-07-09 23:57:45 +02:00
Aaron Andersen
ca336ac985
Merge pull request #64050 from aanderse/mercurial
...
nixos/httpd: drop mercurial httpd subservice
2019-07-09 12:54:01 -04:00
Frederik Rietdijk
79a03641d5
Merge staging-next into staging
2019-07-09 15:46:26 +02:00
Frederik Rietdijk
74c24385cb
Merge master into staging-next
2019-07-09 15:46:00 +02:00
Frederik Rietdijk
7cf5909fad
Merge staging-next into staging
2019-07-09 15:44:08 +02:00
rnhmjoj
1738283e6e
nixos/network-interfaces: make preferTempAddr=false
work again
2019-07-09 08:08:45 +02:00
Ben Wolsieffer
d82840dbd1
nixos/release-notes: fix bad merge of cargo-vendor entry and overall indentation
2019-07-08 21:13:58 -04:00
Nikolay Amiantov
13b8156030
kvmgt service: use modprobe, force-load module
2019-07-08 22:21:09 +03:00
WilliButz
d902420290
nixos/tests: add test for loki
2019-07-08 16:10:00 +02:00
WilliButz
3f598c0faa
nixos/loki: add module
2019-07-08 16:09:56 +02:00
Elis Hirwing
3b354cc037
Merge pull request #64412 from davidtwco/lidarr/fix-home
...
nixos/lidarr: re-add home attribute
2019-07-07 21:35:06 +02:00
Elis Hirwing
89bc406be5
Merge pull request #64413 from davidtwco/jackett/package
...
nixos/jackett: add package option
2019-07-07 21:33:11 +02:00
Jamey Sharp
f7c776760b
nixos/nscd: only drop privs after nss module init
...
NixOS usually needs nscd just to have a single place where
LD_LIBRARY_PATH can be set to include all NSS modules, but nscd is also
useful if some of the NSS modules need to read files which are only
accessible by root.
For example, nixos/modules/config/ldap.nix needs this when
users.ldap.enable = true;
users.ldap.daemon.enable = false;
and users.ldap.bind.passwordFile exists. In that case, the module
creates an /etc/ldap.conf which is only readable by root, but which the
NSS module needs to read in order to find out what LDAP server to
connect to and with what credentials.
If nscd is started as root and configured with the server-user option in
nscd.conf, then it gives each NSS module the opportunity to initialize
itself before dropping privileges. The initialization happens in the
glibc-internal __nss_disable_nscd function, which pre-loads all the
configured NSS modules for passwd, group, hosts, and services (but not
netgroup for some reason?) and, for each loaded module, calls an init
function if one is defined. After that finishes, nscd's main() calls
nscd_init() which ends by calling finish_drop_privileges().
There are provisions in systemd for using DynamicUser with a service
which needs to drop privileges itself, so this patch does that.
2019-07-07 08:43:41 -07:00
Maximilian Bosch
beff2f8d75
nixos/graylog: use types.lines
for extraConfig
...
The `types.lines` type makes it possible to define `extraConfig` in
multiple files and simply concat the contents.
2019-07-07 14:49:39 +02:00
David Wood
e2247dceb3
nixos/lidarr: re-add home attribute
...
This was accidentally removed in a previous PR and broke things.
2019-07-07 12:31:28 +01:00