Commit Graph

740 Commits

Author SHA1 Message Date
Eelco Dolstra
13185280fe Fix tests broken due to the firewall being enabled by default 2014-04-11 17:16:44 +02:00
Eelco Dolstra
017408e048 Use iptables' ‘-w’ flag
This prevents errors like "Another app is currently holding the
xtables lock" if the firewall and NAT services are starting in
parallel.  (Longer term, we should probably move to a single service
for managing the iptables rules.)
2014-04-11 17:16:44 +02:00
Eelco Dolstra
b9281e6a2d Fix NAT module 2014-04-11 17:16:44 +02:00
Eelco Dolstra
2da09363bf nix: Update to 1.7 2014-04-11 12:24:48 +02:00
Peter Simons
ad65a1e064 Revert "nixos: fix shell on conatiners"
This reverts commit c69577b7d6.
See https://github.com/NixOS/nixpkgs/pull/2198 for further details.
2014-04-11 12:07:00 +02:00
Eelco Dolstra
d2155649af Merge branch 'containers'
Fixes #2105.
2014-04-10 15:55:51 +02:00
Eelco Dolstra
6a7a8a144f Document NixOS containers 2014-04-10 15:07:29 +02:00
Eelco Dolstra
a34bfbab4c Add option networking.nat.internalInterfaces
This allows applying NAT to an interface, rather than an IP range.
2014-04-10 15:07:29 +02:00
Eelco Dolstra
ac8c924c09 nixos-container: Add ‘run’ and ‘root-login’ commands
And remove ‘root-shell’.
2014-04-10 15:07:29 +02:00
Eelco Dolstra
da4f180252 Bring back ‘nixos-container update’ 2014-04-10 15:07:29 +02:00
Eelco Dolstra
3dca6b98cb Fix permissions on /var/lib/startup-done 2014-04-10 15:07:28 +02:00
Peter Simons
26d8f54587 Merge pull request #2198 from offlinehacker/nixos/shadow/login_containers_fix
nixos: fix shell on conatiners
2014-04-10 12:39:19 +02:00
Peter Simons
0e147530ef Merge pull request #2199 from offlinehacker/nixos/ntp/containers_fix
nixos: disable ntp on containers by default
2014-04-10 12:33:35 +02:00
Jaka Hudoklin
0b170187e3 nixos: disable ntp on containers by default 2014-04-10 12:30:03 +02:00
Jaka Hudoklin
c69577b7d6 nixos: fix shell on conatiners 2014-04-10 12:28:09 +02:00
aszlig
5dd14a1059
nixos/phpfpm: Add option to set PHP package.
This allows to easily override the used PHP package, especially for
example if you want to use PHP 5.5 or if you want to override the
derivation.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-10 07:52:26 +02:00
Shea Levy
9dcffe951d Merge branch 'cjdns' of git://github.com/ehmry/nixpkgs
cjdns: update to 20130303
2014-04-09 20:34:32 -04:00
Bjørn Forsman
e856584e1a nixos/jenkins-service: fix 'group' option documentation
Both for master and slave.
2014-04-09 21:52:46 +02:00
Emery Hemingway
316e809ff8 cjdns: update to 20130303
build system is now nodejs based
new nixos module to start cjdns
2014-04-09 10:30:57 -04:00
Domen Kožar
e5e27cfd64 Merge pull request #2153 from lethalman/gnome3
accounts-daemon service, fix gnome-shell, add libgnomekbd, musicbrainz5, sushi, gnome-contacts
2014-04-09 15:01:17 +02:00
Luca Bruno
a3115707dd Add environment.gnome3.excludePackages
Give the user a full desktop, and the possibility to exclude
non-base packages from the default list of packages.
2014-04-09 00:36:53 +02:00
Luca Bruno
c56af6102a at-spi2-core: add dbus module, enabled on gnome3 by default 2014-04-09 00:36:53 +02:00
Luca Bruno
8553993887 telepathy-mission-control: add dbus service, enabled by default on gnome3 2014-04-09 00:36:52 +02:00
Luca Bruno
2bc0f7b701 evolution-data-server: fix gsettings schemas and add dbus service 2014-04-09 00:36:51 +02:00
Shea Levy
452a1f9318 Revert "Turn on user-controlled wpa-cli on the livecd"
user-controlled wpa-cli requires explicit interface setting for some
reason

This reverts commit c6797b373f.
2014-04-08 18:26:52 -04:00
Eelco Dolstra
2bb8d963b1 Die tabs die 2014-04-09 00:17:16 +02:00
Eelco Dolstra
e09250d41c Disable allowUnfree by default
Fixes #2134.
2014-04-09 00:09:31 +02:00
Eelco Dolstra
caf98828bb nixos-generate-config: Fix PCI/USB checks
As reported by Kirill Elagin, read_file doesn't chomp its output. So
the equality tests on PCI/USB vendor and device IDs were failing.
2014-04-08 15:13:27 +02:00
Luca Bruno
ea3644cb09 sushi: new package
A quick previewer for Nautilus

http://en.wikipedia.org/wiki/Sushi_(software)
2014-04-08 13:41:29 +02:00
Luca Bruno
06614031d6 accountservice: add dbus and systemd services
Enable by default with gnome3.
2014-04-08 13:39:48 +02:00
Eelco Dolstra
2ba552fb2e Revert "Fix services.udisks.enable."
This reverts commit 02a30bea44,
necessary after reverting to udisks 1.0.4.

http://hydra.nixos.org/build/10194840
2014-04-08 13:28:24 +02:00
Rickard Nilsson
604306c34a Don't add users if createUser is false 2014-04-08 12:36:03 +02:00
Eelco Dolstra
694cc6172a Enable the firewall by default
Fixes #2135.
2014-04-08 09:44:01 +02:00
Shea Levy
efdb8a10ed Merge branch 'postgresql-user-fix' of git://github.com/ocharles/nixpkgs into fix-new-conduit
Create 'postgres' user and use pg_isready
2014-04-07 16:37:43 -04:00
Bjørn Forsman
8cd95471d7 nixos: add type definitions to virtualisation.libvirtd.* options 2014-04-07 21:31:29 +02:00
Eelco Dolstra
eb22e5f026 Remove ignored argument to sync 2014-04-07 13:22:12 +02:00
Eelco Dolstra
2f51ca9609 Add a regression test for udisks 2014-04-07 13:22:12 +02:00
Eelco Dolstra
1f6bfa19ad Gnome 3 should not be a release blocker 2014-04-07 12:24:17 +02:00
Luca Bruno
5174e6db80 gnome-backgrounds: new package 2014-04-06 15:23:11 +02:00
Oliver Charles
e206684110 Use PostgreSQL 9.3's pg_isready to wait for connectivity
The postgresql module has a postStart section that waits for a database
to accept connections before continuing. However, this assumes various
properties about the database - specifically the database user
and (implicitly) the database name. This means that for old
installations, this command fails because there is no 'postgres' user,
and the service never starts.

While 7deff39 does create the 'postgres' user, a better solution is to
use `pg_isready`, who's sole purpose is to check if the database is
accepting connections. This has no dependency on users, so should be
more robust.
2014-04-06 12:38:02 +01:00
Oliver Charles
7de29bd26f Create the 'postgres' superuser
Old PostgreSQL installations were created using the 'root' database
user. In this case, we need to create a new 'postgres' account, as we
now assume that this is the superuser account.

Unfortunately, these machines will be left with a 'root' user as
well (which will have ownership of some databases). While PostgreSQL
does let you rename superuser accounts, you can only do that when you
are connected as a *different* database user. Thus we'd have to create a
special superuser account to do the renaming. As we default to using
ident authentication, we would have to create a system level user to do
this. This all feels rather complex, so I'm currently opting to keep the
'root' user on these old machines.
2014-04-06 12:38:01 +01:00
Rickard Nilsson
bf129a2c23 Allow undefined uids and gids when mutableUsers = true
Groups and users without gid/uid are created with
useradd/groupadd after the passwd/group merge phase
if mutableUsers = true.

This should fix #2114.
2014-04-06 12:42:55 +02:00
Austin Seipp
8d0259caf4 nixos: reserve some uids/gids
I have some NixOS modules that I keep out of tree, and having UIDs/GIDs
reserved is quite helpful.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-06 01:05:56 -05:00
Shea Levy
d35619429a Merge branch 'cache.su' of git://github.com/wkennington/nixpkgs
su: Make the su package a provider of only the su binary

Fixes #1877
2014-04-05 18:49:30 -04:00
William A. Kennington III
28ab3acb58 su: Make the su package a provider of only the su binary
Additionally, provide su with the base system and remove su from the
util-linux package as it is now provided by shadow.
2014-04-05 16:01:52 -05:00
Shea Levy
ad4965f54c Merge branch 'master.xauth' of git://github.com/wkennington/nixpkgs
ssh: Don't set xuth if not running xserver
2014-04-05 15:32:31 -04:00
Shea Levy
a46d2e3150 Merge branch 'murmur' of git://github.com/thoughtpolice/nixpkgs
nixos: add Murmur module (Mumble chat)

Conflicts:
	nixos/modules/misc/ids.nix
2014-04-05 15:18:14 -04:00
Shea Levy
ea9c8d6a13 Merge branch 'rippled' of git://github.com/ehmry/nixpkgs
rippled: initial pkg and module expressions

Had to change the rippled uid.

Conflicts:
	nixos/modules/misc/ids.nix
2014-04-05 14:23:29 -04:00
Domen Kožar
13bef7f403 Merge pull request #2127 from lethalman/gnome3
Gnome3 session changes, gnome-control-center icons
2014-04-05 00:35:06 +02:00
Luca Bruno
671e346eb2 gnome3: add glib-networking gio modules
With glib-networking, epiphany and other gnome apps
can access https and other networking protocols.
2014-04-04 23:45:06 +02:00
Shea Levy
c6797b373f Turn on user-controlled wpa-cli on the livecd
Fixes #1204
2014-04-04 17:05:57 -04:00
Eelco Dolstra
6905aa1cf4 Merge pull request #2095 from geo-kollias/master
Added MonetDB NixOS module.
2014-04-04 13:55:24 +02:00
Domen Kožar
f530ead0ba syncthing: add preStart script to create dataDir 2014-04-04 10:46:30 +02:00
Matej Cotman
7df1ce5088 syncthing: new package and nixos module 2014-04-04 10:46:29 +02:00
Shea Levy
8b5c617237 Add fuse to env by default
Fixes #458
2014-04-03 21:36:13 -04:00
Domen Kožar
52fbaee8d7 solr: add extraJars option 2014-04-03 22:46:45 +02:00
William A. Kennington III
6c6d7dc11d ssh: Don't set xauth if not running xserver 2014-04-03 14:28:45 -05:00
Eelco Dolstra
6e086caa8a xterm: Don't enable unless X11 is enabled 2014-04-03 20:44:57 +02:00
Eelco Dolstra
819e7c9fbd Add a test for NixOS containers 2014-04-03 16:36:24 +02:00
Eelco Dolstra
1e4fa227fe nixos-container: Don't destroy declarative containers 2014-04-03 16:36:24 +02:00
Eelco Dolstra
b0b3fa928a Disable container support in containers
Systemd-nspawn doesn't support nesting, so providing nixos-container
inside a container doesn't make sense.
2014-04-03 16:36:23 +02:00
Eelco Dolstra
1ad9a654be Make starting a container synchronous
So now "systemctl start container@foo" will only return after the
container has reached multi-user.target.
2014-04-03 16:36:23 +02:00
Eelco Dolstra
269926df0d container-login.nix -> container-config.nix 2014-04-03 16:36:16 +02:00
Eelco Dolstra
fee81c3739 Always enable container logins 2014-04-03 16:35:36 +02:00
Austin Seipp
788354cc34 nixos: add mumble test
This tests that both the client and server work. With screenshots!

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-02 03:55:37 -05:00
Austin Seipp
f61110d65d nixos: murmur service
Murmur is the headless server component of the Mumble chat system.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-02 00:11:00 -05:00
George Kollias
ec1acce4e9 fixed monetdb's gid to be the same with its id. 2014-04-01 20:41:37 +03:00
George Kollias
0ded8e6de3 Added MonetDB NixOS module. 2014-04-01 20:20:33 +03:00
Vladimír Čunát
6445ac90ad Merge master into x-updates 2014-04-01 10:49:31 +02:00
Emery Hemingway
def448f127 rippled: added comment on commented out config options 2014-03-31 22:59:01 -04:00
Shea Levy
c37bbda4a3 Merge branch 'psql-fix' of git://github.com/proger/nixpkgs
postgresql: properly fix permissions issue by in postStart
2014-03-31 21:45:11 -04:00
Eelco Dolstra
6da72a4456 nixos-container: Rewrite in Perl
Also fix race condition when multiple containers are created
simultaneously (as NixOps tends to do).
2014-03-31 19:49:15 +02:00
Eelco Dolstra
7ebd856a38 Provide nixos-container unconditionally 2014-03-31 19:49:01 +02:00
aszlig
9d8a8126e9
systemd: Add support for path units.
This allows to define systemd.path(5) units, for example like this:

{
  systemd = let
    description = "Set Key Permissions for xyz.key";
  in {
    paths.set-key-perms = {
      inherit description;
      before = [ "network.target" ];
      wantedBy = [ "multi-user.target" ];
      pathConfig.PathChanged = "/run/keys/xyz.key";
    };

    services.set-key-perms = {
      inherit description;
      serviceConfig.Type = "oneshot";
      script = "chown myspecialkeyuser /run/keys/xyz.key";
    };
  };
}

The example here is actually useful in order to set permissions for the
NixOps keys target to ensure those permisisons aren't reset whenever the
key file is reuploaded.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-03-31 12:33:25 +02:00
Vladimir Kirillov
c66be6378d postgresql: properly fix permissions issue by in postStart
as per postgresql manual, interactions with psql should be carried
out with the postgresql system user and postgresql db user by default.

ensure it happens in postStart.
2014-03-31 18:06:06 +08:00
Eelco Dolstra
5ba0d51f68 Fix VirtualBox image generation
http://hydra.nixos.org/build/9905410
2014-03-31 11:15:11 +02:00
Eelco Dolstra
c20383e756 Another fix to the installer tests 2014-03-31 11:10:56 +02:00
Eelco Dolstra
0469f92faf Bring back mkOrder 2014-03-30 20:35:25 +02:00
Eelco Dolstra
0fdd641b21 Ensure that slim's theme applies to slimlock 2014-03-30 19:33:28 +02:00
Eelco Dolstra
075168ca81 nixos-hardware-scan: Detect QEMU 2014-03-30 17:27:18 +02:00
Eelco Dolstra
aaf01268ff Revert "slim: remove duplicate code"
This reverts commit f7d5e83abb.  It
breaks the Firefox and Xfce tests:

  in job ‘tests.firefox.x86_64-linux’:
  cannot coerce a boolean to a string

  in job ‘tests.xfce.x86_64-linux’:
  infinite recursion encountered
2014-03-30 17:06:01 +02:00
Eelco Dolstra
1c192e1fea Another attempt to fix the installer test
http://hydra.nixos.org/build/9904133
2014-03-30 16:53:23 +02:00
Emery Hemingway
6c77690b28 rippled: initial pkg and module expressions
rippled is the Ripple P2P payment network reference server
https://ripple.com
2014-03-29 15:31:37 -04:00
Shea Levy
ac68dc6dc6 Merge branch 'minecraft-server' of git://github.com/thoughtpolice/nixpkgs
nixpkgs: add Minecraft Server & a service module
2014-03-29 12:51:49 -04:00
Austin Seipp
1acca1c396 nixos: add minecraft-server service
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-03-29 05:31:27 -05:00
Jaka Hudoklin
227997d8ca nixos/rabbitmq: rewrite
- rewrite from old jobs options to new services
- add simple test
- add dataDir option
2014-03-29 10:56:07 +01:00
Shea Levy
c23464672e sloppy sloppy Shea 2014-03-29 05:28:37 -04:00
Shea Levy
38cc80f4d8 D'oh 2014-03-29 05:25:16 -04:00
Shea Levy
1aa5589eef Merge branch 'virtualbox' of git://github.com/Calrama/nixpkgs
Update VirtualBox (and implicitly VirtualBox Guest Additions) to 4.3.6
and Oracle VM VirtualBox Extension Pack to 91406

Conflicts due to minor upgrade in the mean time

Conflicts:
	nixos/modules/virtualisation/virtualbox-guest.nix
	pkgs/applications/virtualization/virtualbox/default.nix
	pkgs/applications/virtualization/virtualbox/guest-additions/default.nix
2014-03-29 00:23:54 -04:00
Shea Levy
63f97fe9db Merge branch 'slim_fix' of git://github.com/jagajaga/nixpkgs
add normal theme support for slim and slimlock
2014-03-29 00:17:52 -04:00
Shea Levy
a82ca6a7f9 Merge branch 'disable-acpid' of git://github.com/ambrop72/nixpkgs
power-management: Don't enable acpid.
2014-03-28 23:52:56 -04:00
Shea Levy
7cebcb995d Merge branch 'cache.pcscd' of git://github.com/wkennington/nixpkgs
Update Smartcard Utils + Fix Daemon Expression
2014-03-28 23:45:00 -04:00
Shea Levy
701cb6b099 Merge branch 'nixos/containers/fix1' of git://github.com/offlinehacker/nixpkgs
nixos: fix linux containers (systemd-nspawn, lxc, lxc-libvirt)
2014-03-28 23:39:01 -04:00
Eelco Dolstra
c704f6bb4e VM tests: Run hwclock in the initrd
Needed for the installer tests, since otherwise mounting a filesystem
may fail as it has a last-mounted date in the future.

http://hydra.nixos.org/build/9846712
2014-03-28 16:52:08 +01:00
Vladimír Čunát
576e9289dd Merge master into x-updates 2014-03-27 21:34:06 +01:00
Moritz Ulrich
02a30bea44 Fix services.udisks.enable.
Latest update to udisks in 344f2e65 broke it for me. Fix it by doing the
following:

- Add udisks.service to /etc/systemd/system (via systemd.packages)
- Fix path to udisks-daemon in udisks.service (libexec/ instead of lib/)
2014-03-25 16:52:45 +01:00
Jaka Hudoklin
70a4c7b1df nixos: fix linux containers (systemd-nspawn, lxc, lxc-libvirt)
- Make dhcp work, use dhcpcd without udev in container
- Make login shell work, patch getty to not wait for /dev/tty0
- Make ssh work, sshd/pam do not start session
2014-03-24 23:59:50 +01:00
Eelco Dolstra
07adfae551 Remove hard-coded SSH key 2014-03-24 12:19:28 +01:00
Eelco Dolstra
6010b0e886 nixos-container: NixOps helper functions 2014-03-24 12:19:28 +01:00
Eelco Dolstra
29c469b88d Allow dashes in container names 2014-03-24 12:19:28 +01:00