Commit Graph

14575 Commits

Author SHA1 Message Date
talyz
dfc43f7d0a nixos/gitlab: Document the restriction introduced on statePath
The state path now, since the transition from initialization in
preStart to using systemd-tmpfiles, has the following restriction: no
parent directory can be owned by any other user than root or the user
specified in services.gitlab.user. This is a potentially breaking
change and the cause of the error isn't immediately obvious, so
document it both in the release notes and statePath description.
2019-09-23 17:55:58 +02:00
talyz
7e325c2251 nixos/gitlab: Mention secret option transition in release notes
Document the breaking secret option transition from literal secrets to
file-based ones.
2019-09-23 17:55:58 +02:00
Peter Hoeg
e537a0a11e home-assistant: set capabilities for bluetooth 2019-09-23 21:54:16 +08:00
Robin Gloster
30591314e5
Merge pull request #68970 from teto/rngd
qemu-guest: allow to override security.rngd
2019-09-23 15:53:38 +02:00
Aaron Andersen
32a38d50bb nixos/zabbixServer: move pid file from default (/tmp) to /run/zabbix to avoid issues with PrivateTmp=true 2019-09-23 09:35:51 -04:00
Franz Pletz
0dc4fe0a44
nixos/systemd: pick more upstream tmpfiles confs
In #68792 it was discovered that /dev/fuse doesn't have
wordl-read-writeable permissions anymore. The cause of this is that the
tmpfiles examples in systemd were reorganized and split into more files.
We thus lost some of the configuration we were depending on.

In this commit some of the new tmpfiles configuration that are
applicable to us are added which also makes wtmp/lastlog in the pam
module not necessary anymore.

Rationale for the new tmpfile configs:

  - `journal-nowcow.conf`: Contains chattr +C for journald logs which
  makes sense on copy-on-write filesystems like Btrfs. Other filesystems
  shouldn't do anything funny when that flag is set.

  - `static-nodes-permissions.conf`: Contains some permission overrides
  for some device nodes like audio, loop, tun, fuse and kvm.

  - `systemd-nspawn.conf`: Makes sure `/var/lib/machines` exists and old
  snapshots are properly removed.

  - `systemd-tmp.conf`: Removes systemd services related private tmp
  folders and temporary coredump files.

  - `var.conf`: Creates some useful directories in `/var` which we would
  create anyway at some point. Also includes
  `/var/log/{wtmp,btmp,lastlog}`.

Fixes #68792.
2019-09-23 15:23:31 +02:00
Florian Klink
6262e83f5f
nixos/gitlab: Add gnutar and gzip to gitlab-sidekiq's path (#68908)
nixos/gitlab: Add gnutar and gzip to gitlab-sidekiq's path
2019-09-23 06:40:52 +02:00
Peter Hoeg
55509279a9
Merge pull request #69260 from volth/patch-369
nixos/mailcatcher: add bind capabilities
2019-09-23 11:27:32 +08:00
Peter Hoeg
423eb16913
Merge pull request #15560 from peterhoeg/nm_dnsdhcp
nixos/networkmanager: tiny cleanups
2019-09-23 10:16:32 +08:00
volth
6c038cd409
nixos/mailcatcher: add bind capabilities 2019-09-22 19:49:26 +00:00
Minijackson
367cd2c7f8
nixos/shiori: init with test 2019-09-22 18:48:07 +02:00
Jan Tojnar
f2b9f5baa5
Merge branch 'staging-next' into staging 2019-09-22 16:39:56 +02:00
Jan Tojnar
11c2b06dd2
Merge branch 'master' into staging-next 2019-09-22 16:39:12 +02:00
Martin Milata
2adb03fdae nixos/wordpress: generate secrets locally
Use /dev/urandom to generate keys and salts instead of downloading them
from https://api.wordpress.org/secret-key/1.1/salt/
2019-09-22 14:33:08 +02:00
Peter Simons
a486f0178d
Merge pull request #68950 from peti/t/nixos-doc-fix
nixos: improve the example that shows how to include nvidia_x11 in boot.extraModulePackages
2019-09-22 11:53:52 +02:00
danbst
e557ad74ac move from 19.09 to 20.03 2019-09-22 12:27:39 +03:00
Jörg Thalheim
8c7667c325
Enable work variant firewall with iptables-compat (#66953)
Enable work variant firewall with iptables-compat
2019-09-22 09:28:16 +01:00
Jörg Thalheim
ffa80e75b7
nixos/firewall: rename iptables-compat to iptables-nftables-compat 2019-09-22 09:09:43 +01:00
Vladimír Čunát
6c567ed797
Merge branch 'staging-next' into staging 2019-09-22 10:06:45 +02:00
Vladimír Čunát
22a216849b
Re-Revert "Merge branch 'staging-next'"
This reverts commit f8a8fc6c7c.
2019-09-22 09:38:09 +02:00
Peter Hoeg
1c7aaf227c nixos/networkmanager: tiny cleanups
These are the leftovers of an older PR.

a. Send messages to auditd if auditing is enabled.
b. Add missing dbus configuration if dnsmasq is used for DNS
2019-09-22 13:33:43 +08:00
Mario Rodas
54433c443b
nixos/spotifyd: update spotifyd flags 2019-09-21 17:10:00 -05:00
Vladimír Čunát
f8a8fc6c7c
Revert "Merge branch 'staging-next'"
This reverts commit 41af38f372, reversing
changes made to f0fec244ca.

Let's delay this.  We have some serious regressions.
2019-09-21 20:05:09 +02:00
Sascha Grunert
2c3dcbb9d0 Add cri-o service to modules (#68153)
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
2019-09-21 14:18:42 +00:00
Vladimír Čunát
41af38f372
Merge branch 'staging-next' 2019-09-21 13:14:09 +02:00
Elis Hirwing
89b0ef6589
Merge pull request #69195 from c0deaddict/fix/gitea-dump
nixos/gitea: fix dump
2019-09-21 10:02:41 +02:00
Jos van Bakel
86b83f37b8
nixos/gitea: fix dump 2019-09-21 09:28:53 +02:00
danbst
fb863fceea nixos/postgresql: switch default 9.6 -> 11
This is designed for 19.09 release.
2019-09-21 10:18:56 +03:00
yvt
832ede6514 nixos/do-agent: init 2019-09-21 13:16:25 +09:00
Matthew Bauer
d8b7b95ac6 Merge remote-tracking branch 'origin/master' into staging 2019-09-20 23:25:24 -04:00
Silvan Mosberger
f47ef8fcf7
sdImage: use findmnt to get root device when resizing (#58059)
sdImage: use findmnt to get root device when resizing
2019-09-20 23:28:01 +02:00
worldofpeace
1e6f4fb2bc
Merge pull request #68983 from worldofpeace/xfce-cleanup
Touchups for nixos/xfce4-14 for 19.09
2019-09-19 13:25:03 -04:00
Eelco Dolstra
b0ccd6dd16
Revert "nixos/doc: re-format"
This reverts commit ea6e8775bd. The new
format is not an improvement.
2019-09-19 19:17:30 +02:00
worldofpeace
db3d31b903
Merge pull request #69093 from alexarice/xterm-default
nixos/xterm: Set default to xserver.enable
2019-09-19 13:05:49 -04:00
Frederik Rietdijk
f81d43b94c Merge staging-next into staging 2019-09-19 17:00:07 +02:00
Frederik Rietdijk
0b12d44c06 Merge master into staging-next 2019-09-19 16:59:42 +02:00
Eelco Dolstra
387a2f27ec
Merge pull request #68906 from edolstra/revert-interface-version
Revert systemd interface version to 2
2019-09-19 14:09:18 +02:00
Alex Rice
cf56cefd95
xterm: Set default to xserver.enable 2019-09-19 12:27:05 +01:00
Marek Mahut
0358bc174b nixos/jormungandr: moving to a new section topics_of_interest 2019-09-19 10:51:59 +02:00
worldofpeace
58f090cc7b
Merge pull request #69031 from worldofpeace/xcursor-update
nixos/xdg/icons: match XCURSOR_PATH spec
2019-09-18 17:42:20 -04:00
Jan Tojnar
0902f08e0d
Merge branch 'staging-next' into staging 2019-09-18 22:40:42 +02:00
Jan Tojnar
105abdd52c
Merge branch 'master' into staging-next 2019-09-18 22:40:03 +02:00
Jan Tojnar
c28659e2fb
doc: Disable wrapping source (#68181)
doc: Disable wrapping source
2019-09-18 22:33:56 +02:00
Jan Tojnar
ea6e8775bd
nixos/doc: re-format 2019-09-18 22:13:35 +02:00
Maximilian Bosch
713fda2eb5
nixos/sway: install swaybg by default 2019-09-18 21:50:18 +02:00
Jan Tojnar
641f6356d3
doc: Disable wrapping source
Even a simple typo fix can result in a reflow of a whole paragraph, leading to illegible diffs. The majority of text editors supports wrapping the source code to a comfortable width so it makes sense to me to sacrifice the few that do not rather than the unfortunately line-oriented diff tools.
2019-09-18 21:17:52 +02:00
Jan Tojnar
f5ef80b46d
Merge branch 'staging-next' into staging 2019-09-18 21:16:01 +02:00
Jan Tojnar
62791c3743
Merge branch 'master' into staging-next 2019-09-18 21:15:35 +02:00
worldofpeace
b3f4ce351e nixos/xdg/icons: match XCURSOR_PATH spec 2019-09-18 13:03:14 -04:00
worldofpeace
760b677c19
Merge pull request #68729 from worldofpeace/elementary-greeter/master
nixos/pantheon: use Pantheon's greeter
2019-09-18 11:16:21 -04:00
worldofpeace
ee29fbd9a2
Merge pull request #68492 from worldofpeace/pam-sessionvariables
Introduce environment.profileRelativeSessionVariables
2019-09-18 11:15:26 -04:00
worldofpeace
6663a795a3 nixos/environment: set GTK_EXE_PREFIX 2019-09-18 11:13:43 -04:00
worldofpeace
cc125810cb nixos/environment: set GTK_DATA_PREFIX
Many desktop environment modules are already setting
this so it already makes sense to just do this globally.
2019-09-18 11:13:43 -04:00
worldofpeace
5669b06235 lightdm-mini-greeter: put xgreeters in passthru 2019-09-18 11:13:43 -04:00
worldofpeace
b558eb8329 nixos/lightdm-gtk-greeter: don't wrap in module 2019-09-18 11:13:43 -04:00
worldofpeace
7814a2f566 nixos/enso-os: don't wrap in module 2019-09-18 11:13:42 -04:00
worldofpeace
feab607ae5 nixos/sddm: don't set XDG_DATA_DIRS
environment.profileRelativeSessionVariables should make this unneeded.
2019-09-18 11:13:42 -04:00
worldofpeace
453036c8a7 nixos/gdm: don't set XCURSOR_PATH 2019-09-18 11:13:42 -04:00
worldofpeace
df56adac53 nixos/xdg/icons: use profileRelativeSessionVariables 2019-09-18 11:13:42 -04:00
worldofpeace
671404509b nixos/terminfo: use profileRelativeSessionVariables 2019-09-18 11:13:42 -04:00
Robert Helgesson
866cc3e792 nixos/system-environment: introduce environment.profileRelativeSessionVariables
There is a need for having sessionVariables set relative to the Nix Profiles.
Such as in #68383.
2019-09-18 11:09:43 -04:00
Joachim Fasting
eb59755f70
tests/hardened: fix build
Bug introduced by 4ead3d2ec3

For ZHF https://github.com/NixOS/nixpkgs/issues/68361
2019-09-18 15:38:43 +02:00
worldofpeace
e2644036f6 fprintd: 0.8.1 -> 0.9.0
Resolves issues with StateDirectory not being set in
systemd unit.

https://gitlab.freedesktop.org/libfprint/fprintd/-/tags/V_0_9_0
2019-09-17 20:15:57 -04:00
worldofpeace
0b73294d60 fixup! nixos/xfce4-14: cleanup defaults slightly 2019-09-17 19:49:18 -04:00
Robin Gloster
9566ec034b
hardware.brightnessctl: add brightnessctl to env 2019-09-18 00:06:11 +02:00
worldofpeace
6bd2a8f08c
Merge pull request #68987 from worldofpeace/closures
nixos/release: add gnome3 closure
2019-09-17 17:53:32 -04:00
worldofpeace
fb45993a62 nixos/release: add gnome3 closure 2019-09-17 17:48:40 -04:00
worldofpeace
f6398d8ba2 nixos/xfce4-14: cleanup defaults slightly
We added
- parole
- pavucontrol
- xfce4-taskmanager
- xfwm4-themes

to the default packages.
2019-09-17 17:05:39 -04:00
worldofpeace
f85e126f8c nixos/xfce4-14: add gnome-themes-extra 2019-09-17 17:05:39 -04:00
worldofpeace
5bcec7642f nixos/xfce4-14: remove gtk-xfce-engine
Xfce 4.14 deprecated this.
It had many gtk2 themes that don't work that confused users #68977.
2019-09-17 17:05:39 -04:00
Alex Whitt
f01224374d nixos/jenkins: Copy plugins as .jpi to fix initialization errors 2019-09-17 19:54:57 +02:00
Antoine R. Dumont (@ardumont)
35fe50352f nixos/minidlna: Allow more configuration options
This commits allows the user to configure:
- more minidlna options
- the ones not yet disclosed in nix (extending the existing minimal subset)
2019-09-17 19:51:33 +02:00
Matthieu Coudron
c27360ae47 qemu-guest: allow to override security.rngd
... otherwise enabling it causes a merge conflict.

Enabling it was necessary to give enough entropy for the sshd daemon in
my libvirt/nixops VM to generate keys see
https://github.com/NixOS/nixops/issues/1199.
2019-09-18 00:35:04 +09:00
talyz
aceac9d531 nixos/gitlab: Add gnutar and gzip to gitlab-sidekiq's path
Tar and gzip are needed when importing GitLab project exports.
2019-09-17 09:27:16 +02:00
Peter Simons
be3dae2e3a nixos: improve the example that shows how to include nvidia_x11 in boot.extraModulePackages
Fixes https://github.com/NixOS/nixpkgs/issues/68931.
2019-09-17 08:37:56 +02:00
Elis Hirwing
c45bf10e9f
Merge pull request #68891 from aanderse/moodle
nixos/moodle: add extraConfig option
2019-09-17 07:20:07 +02:00
Thomas Kerber
cc5baf2d86
Various: Add support for raspberry pi 4. 2019-09-17 04:05:16 +01:00
volth
48086fbd70
nixos/matomo: fix escape 2019-09-17 00:27:13 +00:00
volth
432a2d73be
nixos/tt-rss: fix string escape 2019-09-17 00:23:51 +00:00
volth
4641b683f6
nixos/restya-board: fix string escape 2019-09-17 00:22:56 +00:00
volth
08195254aa
nixos/matomo: fix string escape 2019-09-17 00:22:11 +00:00
volth
b384420f2c
nixos/prosody: fix escape 2019-09-17 00:20:05 +00:00
volth
fbd2b55715
nixos/graphite: fix escape 2019-09-17 00:19:28 +00:00
volth
1aadcee68a
nixos/less: fix escape 2019-09-17 00:18:14 +00:00
volth
602a39c318
nixos/rspamd: fix fancy unicode quote 2019-09-16 23:40:32 +00:00
Léo Gaspard
ffaf2661fb
Merge branch 'master' into os-prober-test 2019-09-16 23:21:15 +02:00
Vladimír Čunát
268872d996
Merge branch 'staging-next' into staging 2019-09-16 19:25:54 +02:00
Vladimír Čunát
fa4a3af5a7
Merge branch 'master' into staging-next 2019-09-16 19:24:52 +02:00
Eelco Dolstra
b20a0e49c8
Revert systemd interface version to 2
The new systemd in 19.09 gives an "Access Denied" error when doing
"systemctl daemon-reexec" on an 19.03 system. The fix is to use the
previous systemctl to signal the daemon to re-exec itself. This
ensures that users don't have to reboot when upgrading from NixOS
19.03 to 19.09.
2019-09-16 16:51:19 +02:00
Eelco Dolstra
b9ed9c7fed
Typo 2019-09-16 16:50:39 +02:00
Eelco Dolstra
054f01ee1b
man-nixos-rebuild.xml: Improve layout 2019-09-16 14:42:59 +02:00
Aaron Andersen
7491f85e4f nixos/moodle: add extraConfig option 2019-09-16 08:03:37 -04:00
Silvan Mosberger
92e653b19b
Fix services.redshift.provider backwards-incompatibility (#68852)
Fix `services.redshift.provider` backwards-incompatibility
2019-09-15 21:45:25 +02:00
Silvan Mosberger
e686b39288
nixos/redshift: Add rename for provider option
This was an oversight in https://github.com/NixOS/nixpkgs/pull/64309
resulting it backwards incompatibilities
2019-09-15 18:26:53 +02:00
Silvan Mosberger
ecf5f85a81
nixos/redshift: Move option renames to the module 2019-09-15 18:25:40 +02:00
Tom Hall
3f52518048 nixos/plasma5: optionally include wacomtablet
When services.xserver.wacom.enable is true, include the KDE configuration
GUI for Wacom Tablets in the Plasma5 desktop.
2019-09-15 15:13:37 +01:00
Mikhail Klementev
d4e8f7908d NixOS/auto-upgrade: add gzip to service path
Resolves #28527
2019-09-15 16:13:29 +02:00
Maximilian Bosch
80e2c41b87
Merge pull request #68435 from averelld/nextcloud-fix-deprecation-warning
nextcloud: fix deprecation warning
2019-09-15 15:35:32 +02:00
Vladimír Čunát
b6c6e1f9e8
Merge branch 'master' into staging-next 2019-09-15 13:18:54 +02:00
worldofpeace
1ff3a0c498 networkmanager: 1.18.2 -> 1.20.2
* libnm-glib is gone 👋️
* correct dbus_conf_dir
* remove legacy service symlink
* upstream defaults to 'internal' for dhcp
  NixOS module reflects this.

https://gitlab.freedesktop.org/NetworkManager/NetworkManager/blob/1.20.2/NEWS
2019-09-14 09:01:46 -04:00
Will Dietz
447d625edc networkmanager,modemmanager: fix service symlinks for systemd v243
Fixes problems such as:

systemd[1]: Failed to put bus name to hashmap: File exists
systemd[1]: dbus-org.freedesktop.nm-dispatcher.service: Two services allocated for the same bus name org.freedesktop.nm_dispatcher, refusing operation.

Problem is that systemd treats symlinks to files outside the service
path differently, causing our old workaround to look like two separate services.

These symlinks are intended to be a means for manually emulating
the behavior of the `Alias=` directive in these services.
Unfortunately even making these symlinks relative isn't enough,
since they don't make it to where it matters--
that only makes the links in /etc/static/systemd/system/*
relative, with systemd still being shown non-relative links
in /etc/systemd/system/*.

To fix this, drop all of this at the package level
and instead simply specify the aliases in the NixOS modules.

Also handle the same for modemmanager,
since the networkmanager NixOS module also handles that.
2019-09-14 08:05:27 -04:00
worldofpeace
3cb0ae999f
Revert "networkmanager,modemmanager: fix service symlinks for systemd v243" 2019-09-14 08:04:28 -04:00
worldofpeace
e8bc2a6ac0
Merge pull request #68731 from dtzWill/fix/networkmanager-dbus-service-aliases
networkmanager,modemmanager: fix service symlinks for systemd v243
2019-09-14 08:03:12 -04:00
Maximilian Bosch
5d853163cf
Merge pull request #68372 from obadz/citrix-receiver-decomission
citrix-receiver: decomission in favor of citrix-workspace.
2019-09-14 13:22:32 +02:00
WilliButz
cbb6293dce
Merge pull request #68291 from Ma27/bump-hydra
hydra: 2019-05-06 -> 2019-08-30
2019-09-14 13:16:07 +02:00
Maximilian Bosch
ce37a040c2
nixos/hydra: incorporate upstream changes and update test
During the last update, `hydra-notify` was rewritten as a daemon which
listens to postgresql notifications for each build[1]. The module
uses the `hydra-notify.service` unit from upstream's Hydra module and
the VM test ensures that email notifications are sent properly.

Also updated `hydra-init.service` to install `pg_trgm` on a local
database if needed[2].

[1] c7861b85c4
[2] 8a0a5ec3a3
2019-09-14 12:58:42 +02:00
obadz
e5e6b514f5 citrix-receiver: decomission in favor of citrix-workspace.
Already documented in #64645
2019-09-14 11:11:44 +01:00
Maximilian Bosch
7f136b5a56
nixos/hydra: fix test
We ship `https://cache.nixos.org` as binary cache by default which
automatically substitutes the test derivation used inside the Hydra
test. However it needs to be built locally to confirm that
`hydra-queue-runner` works properly.

Also inherited the platform name for the test derivation from `system`
to ensure that the build can be tested on each supported platform.

ZHF #68361
2019-09-14 11:48:48 +02:00
schneefux
bab6e6eb04
nixos/gitlab: Remove todo about mysql support
GitLab has ended MySQL support.
https://about.gitlab.com/2019/06/27/removing-mysql-support/
2019-09-14 11:26:22 +02:00
Will Dietz
f99bdb2b61
networkmanager,modemmanager: fix service symlinks for systemd v243
Fixes problems such as:

systemd[1]: Failed to put bus name to hashmap: File exists
systemd[1]: dbus-org.freedesktop.nm-dispatcher.service: Two services allocated for the same bus name org.freedesktop.nm_dispatcher, refusing operation.

Problem is that systemd treats symlinks to files outside the service
path differently, causing our old workaround to look like two separate services.

These symlinks are intended to be a means for manually emulating
the behavior of the `Alias=` directive in these services.
Unfortunately even making these symlinks relative isn't enough,
since they don't make it to where it matters--
that only makes the links in /etc/static/systemd/system/*
relative, with systemd still being shown non-relative links
in /etc/systemd/system/*.

To fix this, drop all of this at the package level
and instead simply specify the aliases in the NixOS modules.

Also handle the same for modemmanager,
since the networkmanager NixOS module also handles that.
2019-09-13 21:02:39 -05:00
worldofpeace
5e936cab20 nixos/pantheon: use Pantheon's greeter
I now consider this usable in NixOS without reflecting
negatively on NixOS as a whole. For example this greeter
is immune to issues like #60651.
2019-09-13 21:36:23 -04:00
worldofpeace
a99ef0345d nixos/lightdm/pantheon: provide xgreeters in package 2019-09-13 21:31:12 -04:00
worldofpeace
4828df8ab7 nixos/pantheon: add gtk settings.ini 2019-09-13 21:31:11 -04:00
worldofpeace
d5766ef6b3 nixos/pantheon: use sessionVariables 2019-09-13 21:31:11 -04:00
worldofpeace
4b2e250f9e nixos/lightdm/pantheon: drop warning
This issue has been fixed in the latest release.
2019-09-13 21:31:03 -04:00
Tim Steinbach
c1fae7ccc8
xmonad: Fix test 2019-09-13 15:16:56 -04:00
Christian Kögler
db9b5f5525
nixos: deactivate immutablity for /var/empty in container 2019-09-13 17:33:38 +02:00
Christian Kögler
ba37b3c622
nixos: added installation doc for nspawn container 2019-09-13 17:33:38 +02:00
Christian Kögler
930ac600d2
nixos-install: ensure activation script is always called
The activation script is needed to get the missing files in etc/ created.
Needed for container manager like systemd-nspawn.
2019-09-13 17:33:34 +02:00
Christian Kögler
65792923af
nixos: added machinectl test 2019-09-13 17:33:11 +02:00
Christian Kögler
28853d8954
container config: better default in case of resolved
Avoid assertion in nixos/modules/system/boot/resolved.nix
if service systemd-resolved is enabled.
2019-09-13 17:29:50 +02:00
WilliButz
ef394409b2
nixos/tests/mumble: update test to use systemd-journal 2019-09-13 16:49:06 +02:00
Robin Gloster
1987bddea8
Merge pull request #68649 from talyz/gitlab-fix
nixos/gitlab: Fix swap of secrets
2019-09-13 13:36:00 +02:00
Robin Gloster
7782ffb89a
Merge pull request #64364 from JohnAZoidberg/nm-wireless
Allow NetworkManager and wireless together
2019-09-13 13:18:14 +02:00
talyz
4b6ba5b27c nixos/gitlab: Fix swap of secrets
Fix accidental swap of the otp and db secrets in the secrets.yml
file. Fixes #68613.
2019-09-13 08:40:59 +02:00
Vincent Bernat
cf3e491cef nginx: remove gzip_disable directive
IE6 is long gone and this directive is not useful anymore. We can
spare a few CPU cycles (and maybe skip some bugs) by not trying to
disable gzip for MSIE6.
2019-09-12 11:55:32 -05:00
Austin Seipp
5a1ae55bbc nixos/chrony: keep in foreground
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2019-09-12 11:45:51 -05:00
Austin Seipp
b8bda8cb4f nixos/chrony: remove redundant 'initstepslew.servers' option
This option was added in 6336048c58 but it
is essentially a complete duplicate of the existing cfg.servers and
there seems to be no reason to keep maintaining it.

Furthermore, it requires annoying duplication if you try to do option
merging, e.g. merging in sets into your configuration.nix that add
`services.chrony.initstepslew` options will overwrite the servers option
unless you keep it, but that means you just have to duplicate
config.networking.timeServers again anyway which is an implementation
detail!

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2019-09-12 11:45:51 -05:00
Austin Seipp
83180ea41f nixos/chrony: set iburst for ntp servers
'iburst' allows chrony to make very quick adjustments to the clock by
doing a couple rapid measurements outside of the default 'minpoll'
option. This helps improve rapid time adjustment at boot, and is enabled
by default.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2019-09-12 11:45:51 -05:00
Austin Seipp
f0ad5ebdfb nixos/{chrony,ntpd,openntpd}: add myself as maintainer
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2019-09-12 11:45:51 -05:00
Austin Seipp
a61e94329f nixos: shuffle all ntp services into their own dir
This is reckless, ill-advised, pointless, and I will be scorned for it,
but it makes me feel a lot better.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2019-09-12 11:45:51 -05:00
Marek Mahut
f16bc2ff5f
Merge pull request #68365 from aanderse/zabbix
nixos/zabbixWeb: fix a string reference as well as the phpfpm socket path
2019-09-12 15:40:34 +02:00
Averell Dalton
56e5dddf7c nextcloud: fix deprecation warning 2019-09-12 14:19:42 +02:00
Linus Heckemann
6711f1940d
Merge pull request #67985 from SRGOM/patch-8
nixos.manual.installation.installing: nixos-hw
2019-09-12 12:08:48 +02:00
Maximilian Bosch
99b291c73c
Merge pull request #68507 from peterhoeg/f/mtr
nixos/mtr: support for selecting the package
2019-09-12 09:34:22 +02:00
Maximilian Bosch
848ea3af65
Merge pull request #68496 from WilliButz/add-rspamd-exporter
add prometheus rspamd exporter and test
2019-09-11 16:55:26 +02:00
Alyssa Ross
27b459ce1e
nixos/mailman: types.string -> types.str 2019-09-11 14:14:09 +00:00
Peter Simons
d0dba96e1d nixos/mailman: properly wrap the mailman-web script 2019-09-11 15:22:37 +02:00
Peter Simons
a7941fe210 nixos/mailman: create "mailman" executable as a proper wrapper script 2019-09-11 15:11:34 +02:00
Peter Simons
1cb5cff611 nixos/mailman: clean up our variable names 2019-09-11 14:58:16 +02:00
Peter Simons
0cc37b3cfa nixos/mailman: httpd.services requires mailman-web in the systemd sense
When mailman-web restarts, it removes the generated "static" directory. This
breaks a currently running httpd process, which needs a re-start, too, to
obtain a new handle for the newly generated path.
2019-09-11 14:52:47 +02:00
Peter Simons
86f8895abb python-mailman-web: turn these Djando configuration files into a make-shift Python library
Suggested in https://github.com/NixOS/nixpkgs/pull/67951#issuecomment-530309702.
2019-09-11 14:48:51 +02:00
WilliButz
ccf00bce12
nixos/tests: add prometheus-rspamd-exporter test 2019-09-11 14:21:36 +02:00
WilliButz
bcce960d7d
nixos/prometheus-exporters: add rspamd-exporter
This adds a module that configures the json exporter,
which then acts as an exporter for rspamd.
2019-09-11 14:21:36 +02:00
Peter Simons
72c7ba5aba nixos/mailman: add support for the Mailman Web UI (Postorius & Hyperkitty) 2019-09-11 12:19:23 +02:00
worldofpeace
64b11ebf1c
Merge pull request #68392 from worldofpeace/fix-desktop-tests
Fix desktop tests
2019-09-11 02:34:03 -04:00
SRGOM
c17e66afe4
nixos.manual.installation.installing: nixos-hw
Fixed repo name gh:nixos/nixos-hardware
2019-09-10 23:04:00 +05:30
worldofpeace
e99786076a
Merge pull request #68390 from worldofpeace/portal-gnome-shell
nixos/gnome3: add gnome-shell xdg portal
2019-09-10 10:56:36 -04:00
worldofpeace
20f8c3b984 nixosTests.xfce4-14: bump memorySize 2019-09-10 09:16:21 -04:00
worldofpeace
baf36d9afa nixosTests.xfce: bump memorySize 2019-09-10 09:15:56 -04:00
worldofpeace
bbcc947c46 nixosTests.plasma5: fix test by enabling sound
Same issue as f59b4cb8d5
2019-09-10 09:15:39 -04:00
worldofpeace
0eb814ea88 nixosTests.xfce: fix test by enabling sound
Same issue as f59b4cb8d5
2019-09-10 09:15:32 -04:00
worldofpeace
17877eaa68 nixosTests.xfce4-14: fix test by enabling sound
Same issue as f59b4cb8d5
2019-09-10 09:14:54 -04:00
worldofpeace
bfb2389a84 nixos/gnome3: add gnome-shell xdg portal 2019-09-09 19:28:59 -04:00
Sander van der Burg
e987e3fef9 nixos/dysnomia: enable InfluxDB support 2019-09-09 23:28:10 +02:00
adisbladis
b8f2f6ff9d
Merge pull request #68363 from worldofpeace/xterm-stateversion
nixos/xterm: stateVersion disable by default
2019-09-09 18:50:20 +01:00
Michael Bishop
7256d10d00
Merge pull request #68368 from toonn/toxvpn-typo
nixos/toxvpn: Fix typo in option description
2019-09-09 14:35:22 -03:00
toonn
a34b61ab30 nixos/toxvpn: Fix typo in option description 2019-09-09 19:31:48 +02:00
Matthew Bauer
c270c0ce6a
Merge pull request #67795 from matthewbauer/remove-hidden-bins
nixos/system-path: remove wrappers from system-path
2019-09-09 12:26:55 -04:00
Matthew Bauer
54d039f8f4 nixos/system-path: remove wrappers from system-path
Remove .*-wrapped files from system-path. These files aren’t needed in
the path for users.
2019-09-09 12:26:20 -04:00
Aaron Andersen
a0edbc5b4d nixos/zabbixWeb: fix a string reference as well as the phpfpm socket path 2019-09-09 12:24:39 -04:00
worldofpeace
456c42c3e8 nixos/xterm: stateVersion disable by default 2019-09-09 12:07:11 -04:00
Léo Gaspard
a80eef922d rss2email: 3.9 -> 3.10 2019-09-09 18:03:17 +02:00
Samuel Leathers
01268fda85
20.03 is Markhor
* Markhor is a spiral horned animal that is on the endangered species list
* https://en.wikipedia.org/wiki/Markhor
2019-09-09 11:26:58 -04:00
worldofpeace
787eabd7c1
Merge pull request #68218 from worldofpeace/cups-pk/no-auth-wheel
nixos/cupsd: passwordless admin for wheel with polkit
2019-09-09 04:42:19 -04:00
Linus Heckemann
c8c04bc96c
Merge pull request #68310 from rnhmjoj/xkb
services.xserver.extraLayouts fixes
2019-09-09 10:19:58 +02:00
Frederik Rietdijk
e3f25191c4 Merge staging-next into staging 2019-09-09 08:11:34 +02:00
Frederik Rietdijk
731c82a447
Merge pull request #68244 from NixOS/staging-next
Staging next that includes gcc8
2019-09-09 08:09:36 +02:00
volth
7b8fb5c06c treewide: remove redundant quotes 2019-09-08 23:38:31 +00:00
Silvan Mosberger
916603c03c
Merge pull request #67241 from kcalvinalvin/cmt
nixos/modules/services/x11/hardware/: add cmt module
2019-09-08 22:33:30 +02:00
Frederik Rietdijk
4b929acf67 Merge staging-next into staging 2019-09-08 22:33:17 +02:00
Frederik Rietdijk
47caef475f Merge master into staging-next 2019-09-08 20:45:29 +02:00
Vladimír Čunát
7e91247596
Merge branch 'staging-next' into staging 2019-09-08 18:28:11 +02:00
Andreas Rammhold
f59b4cb8d5
nixos/tests/login: fix the seat test by loading sound drivers
It turned out that /dev/snd/* always exists even if there are no sound
drivers loaded at all. Loading `snd` and `snd_timer` fixes that
situation. It is probably fair to assume someone that wants to use sound
also enables that in the NixOS configuration.
2019-09-08 17:14:14 +02:00
Andreas Rammhold
2b605e96c2
nixos/networkd: continue supporting 99-main with wildcard interface match
With systemd version 243 network units with empty match block will
generate warnigs. The reasoning seems to be that the intended behaviour
is hard to infere. Being explicit about really meaning any interface is
the reasonable thing here.

We want to get rid of this mechanism in the long run but as long as we
do not have a replacement we should stick with it and keep it in
reasonable good shape.
2019-09-08 17:14:13 +02:00
Sarah Brofeldt
0771a1273d
Merge pull request #68308 from srhb/rerec-utils
nixos/lib/utils: Make the set recursive again, unbreak eval
2019-09-08 15:36:59 +02:00
rnhmjoj
7468809e72
nixos/doc: inform users of startx about -xkbdir argument needed 2019-09-08 15:16:16 +02:00
rnhmjoj
e57c0f3bf9
nixos/xserver: export configuration with startx and extra layouts
If the X server is run manually it must be started with an `-xkbdir` argument
pointing to the custom xkb directory. So we export it to /etc/X11/xkb.
2019-09-08 14:51:23 +02:00
Frederik Rietdijk
e73f871285 Merge master into staging-next 2019-09-08 14:49:25 +02:00
worldofpeace
362c2f67f9
Merge pull request #68037 from dtzWill/update/upower-0.99.11
upower: 0.99.10 -> 0.99.11
2019-09-08 08:14:35 -04:00
Sarah Brofeldt
7ca5b39125 nixos/lib/utils: Make the set recursive again, unbreak eval 2019-09-08 13:31:18 +02:00
worldofpeace
16083defb5 nixos/upower: drop resumeCommands hack
Introduced 7 years ago, it's likely the issue has
been fixed. Even possible this could cause issues
with recent upower.
2019-09-08 07:02:58 -04:00
worldofpeace
92740dd4a8 nixos/upower: drop custom unit
All of these changes ++ are in the upstream unit
Also drop glib in path of unit as I don't believe
this should be needed anymore.
2019-09-08 07:02:58 -04:00
worldofpeace
ab48ede4c3 nixos/upower: don't use activation script to create statedir
Systemd now handles this completely.
2019-09-08 07:02:57 -04:00
Vladimír Čunát
707c7e4ea8
deluge service: fix my bad conflict resolution from f21211ebf
I'm sorry.  Thanks to aszlig.
2019-09-08 08:42:53 +02:00
Florian Klink
2f3b9cd52c
Merge pull request #66274 from talyz/gitlab
nixos/gitlab: Add support for secure secrets and more
2019-09-07 12:52:44 -07:00
Calvin Kim
fa53852804 nixos/cmt: add cmt module
Adds custom touchpad drivers for Chromebooks.
2019-09-08 03:02:25 +09:00
adisbladis
8e2fc57a80
postgresql_9_4: Remove package
It's only supported until February 13, 2020 which is during the 19.09 life cycle.
2019-09-07 15:31:27 +01:00
Jan Tojnar
9fcdb3bd16
Merge branch 'master' into staging-next 2019-09-07 14:55:03 +02:00
adisbladis
88a70c9669
nixos/kibana: Filter empty lists
Some options (in particular elasticsearch.ssl.certificateAuthorities)
are not allowed to be empty.
2019-09-07 13:24:24 +01:00
Marek Mahut
a2550e2af5
Merge pull request #68243 from mmahut/jormungandr
nixos/jormungandr: adding RUST_BACKTRACE until service is stable
2019-09-07 11:29:51 +02:00
Frederik Rietdijk
7e9e5cab45 Merge master into staging-next 2019-09-07 09:53:09 +02:00
worldofpeace
416f057bc3
Merge pull request #68213 from worldofpeace/ead/fix
nixos/iwd: add tmpfiles rule for ead service
2019-09-07 03:40:06 -04:00
worldofpeace
04bd834d69 iso-image-kde: link new nixos-manual desktop item to desktop 2019-09-07 03:34:06 -04:00
adisbladis
da8019bfce iso-image: Enable nouveau by default
This is a much more sensible default for modern hardware.
2019-09-07 03:34:06 -04:00
adisbladis
b3a06f10d1 iso-image-kde: Disable synaptics
It's been deprecated since 17.09 and libinput is a better default
2019-09-07 03:30:45 -04:00
worldofpeace
93e5683353
Merge pull request #68182 from worldofpeace/chrome-gnome-shell
nixos/gnome3: enable chrome-gnome-shelll
2019-09-07 03:13:22 -04:00
Marek Mahut
af9c515c8b nixos/jormungandr: adding RUST_BACKTRACE until service is stable 2019-09-07 08:31:28 +02:00
Florian Klink
db1f05c763
Merge pull request #66405 from NeQuissimus/virtualbox_6_0_10
virtualbox: 6.0.8 -> 6.0.10
2019-09-06 20:33:35 -07:00
worldofpeace
e49049493a
Merge pull request #68233 from worldofpeace/plasma5-enable-libinput
nixos/plasma5: enable libinput
2019-09-06 19:23:28 -04:00
worldofpeace
466f5e5346 nixos/plasma5: enable libinput 2019-09-06 19:18:52 -04:00
worldofpeace
4e89375846
Merge pull request #67917 from worldofpeace/lightdm-pam-gnome-keyring
nixos/lightdm: fix pam rules
2019-09-06 18:50:07 -04:00
worldofpeace
0c602541a3 nixos/lightdm: fix pam rules
Rules are a translation of what's done in the
GDM module and adjustments based of looking at
Arch Linux's configuration and upstream's.

A side effect of this change is that gnome-keyring
and kwallet modules should work as expected when in-
cluded.

Fixes #64259 #62045
2019-09-06 18:22:22 -04:00
volth
8b93e5c8a4
'udev' needs absolute path to 'echo' 2019-09-06 21:27:10 +00:00
volth
efccc442d9
network-interfaces.nix: escape '.' in interface names passed to sysctl 2019-09-06 21:13:28 +00:00
Frederik Rietdijk
9894a70299 Merge staging into staging-next 2019-09-06 22:47:40 +02:00
Frederik Rietdijk
66bc7fc1b3 Merge master into staging-next 2019-09-06 22:46:05 +02:00
WilliButz
9118eb3482
nixos/tests: remove prometheus_1 test 2019-09-06 21:55:24 +02:00
WilliButz
bb62066225
nixos/prometheus: remove prometheus1 module, rename prometheus2
Prometheus 1 is no longer supported, instead 'services.prometheus'
now configures the Prometheus 2 service.
2019-09-06 21:55:23 +02:00
worldofpeace
b9d9045d57 nixos/cupsd: passwordless admin for wheel with polkit 2019-09-06 13:51:38 -04:00
Nikolay Amiantov
daa9ea2987 murmur service: fix typo in description 2019-09-06 20:29:20 +03:00
worldofpeace
5d4890b58d
Merge pull request #67585 from worldofpeace/system-config-printer
nixos/system-config-printer: init
2019-09-06 12:08:23 -04:00
worldofpeace
998f59ccda nixos/mate: enable system-config-printer
After some research this should be installed as a program
in Mate or Cinnamon.
2019-09-06 12:06:32 -04:00
worldofpeace
335b8c65c7 nixos/plasma5: use system-config-printer module 2019-09-06 12:06:32 -04:00
worldofpeace
146532b272 nixos/xfce4-14: use system-config-printer module 2019-09-06 12:06:32 -04:00
worldofpeace
2fe7bd3ab3 nixos/gnome3: use system-config-printer module 2019-09-06 12:06:32 -04:00
worldofpeace
6b99ec2dbe nixos/pantheon: use system-config-printer module 2019-09-06 12:06:32 -04:00
worldofpeace
c6abb69785 rl-1909: note about system-config-printer 2019-09-06 12:06:32 -04:00
Silvan Mosberger
cd9f199c2b
Merge pull request #68210 from ivan/nixos-railcar-string
nixos/railcar: remove use of the deprecated string type
2019-09-06 17:42:50 +02:00
worldofpeace
3722f1d20e nixos/iwd: add tmpfiles rule for ead service
This is needed for the wired service ead.service.
(in ReadWritePaths)
2019-09-06 11:32:55 -04:00
talyz
240649a510 nixos/gitlab: Extract arbitrary secrets from extraConfig
Adds the ability to make any parameter specified in extraConfig secret
by defining it an attrset containing the attr _secret, which in turn
is a path to a file containing the actual secret.
2019-09-06 16:57:23 +02:00
talyz
64358cb0e9 nixos/utils: Handle arbitrary secrets in JSON output files
Introduce new functions which allows modules to define options where,
if the input is an attrset and the output is JSON, the user can define
arbitrary secrets.
2019-09-06 16:56:25 +02:00
talyz
b351454cac nixos/gitlab: Use postgresql module options to provision local db
Use the postgresql module to provision a local db (if
databaseCreateLocally is true) instead of doing this locally.

Switch to using the local unix socket for db connections by default;
this is needed since dbs created by the postgresql module only support
peer authentication.

Instead of running the rake tasks db:schema:load, db:migrate and
db:seed_fu, run gitlab:db:configure, which in turn runs these tasks
when needed.

Solves issue #53852 for gitlab.
2019-09-06 16:56:20 +02:00
Jan Tojnar
8563088e69
Merge branch 'staging-next' into staging 2019-09-06 16:55:45 +02:00
Jan Tojnar
f9237f3152
Merge branch 'master' into staging-next 2019-09-06 16:55:11 +02:00
talyz
cbdf94c0f3 nixos/gitlab: Add support for storing secrets in files
Add support for storing secrets in files outside the nix store, since
files in the nix store are world-readable and secrets therefore can't
be stored safely there.

The old string options are kept, since they can potentially be handy
for testing purposes, but their descriptions now state that they
shouldn't be used in production. The manual section is updated to use
the file options rather than the string options and the tests now test
both.
2019-09-06 16:54:22 +02:00
Ivan Kozik
5a03f90525 nixos/railcar: remove use of the deprecated string type
This fixes the warning being emitted by nixos-rebuild switch:

building Nix...
building the system configuration...
trace: warning: types.string is deprecated because it quietly concatenates strings

It started emitting a warning in #66346.
2019-09-06 14:53:11 +00:00
worldofpeace
792444af84 nixos/system-config-printer: init 2019-09-06 09:40:17 -04:00
adisbladis
194aac9eed
elk-stack: Add release note about elk-5 stack removal 2019-09-06 14:30:49 +01:00
adisbladis
a3032415f7
kibana5: Remove EOL package 2019-09-06 14:30:49 +01:00
adisbladis
4e30b30a65
logstash5: Remove EOL package 2019-09-06 14:22:15 +01:00
adisbladis
0cce8856b2
elk-5: Remove tests
These packages are EOL and are about to be removed
2019-09-06 14:22:14 +01:00
Domen Kožar
d7c4106ce0
Merge pull request #68197 from jtojnar/nixos-doc-make-fix
nixos/doc/manual: Fix Makefile
2019-09-06 14:10:23 +02:00
Jan Tojnar
81e755f305
nixos/doc/manual: Fix Makefile
We had `./options-to-docbook.xsl` as a dependency for `generated` target but it was moved to a package in https://github.com/NixOS/nixpkgs/pull/66328.
2019-09-06 12:40:06 +02:00
Jan Tojnar
4564295b3b
rl-1909: make services.gnome3 links sensible (#68196)
rl-1909: make services.gnome3 links sensible
2019-09-06 12:29:12 +02:00
worldofpeace
270b4866e3 rl-1909: make services.gnome3 links sensible 2019-09-06 05:25:27 -04:00
talyz
7648b4f8ba nixos/gitlab: Fix missing ca_file for SMTP
Work around upstream issue #790 by explicitly referencing the
ca-certificates.crt file.
2019-09-06 10:17:31 +02:00
Sarah Brofeldt
57b66eb3f2
Merge pull request #68138 from johanot/ceph-14.2.3
ceph: 14.2.1 -> 14.2.3
2019-09-06 07:31:45 +02:00
worldofpeace
ca5ec234ce nixos/gnome3: enable chrome-gnome-shelll 2019-09-05 23:10:09 -04:00
worldofpeace
2f14615ddc nixos/chrome-gnome-shell: enable in firefox 2019-09-05 23:07:59 -04:00
Jan Tojnar
306cc9b311
Merge branch 'staging-next' into staging 2019-09-06 03:21:30 +02:00
Jan Tojnar
cdf426488b
Merge branch 'master' into staging-next
Fixed trivial conflicts caused by removing rec.
2019-09-06 03:20:09 +02:00
Jan Tojnar
ed54a5b51d
Merge branch 'gtk-no-plus' 2019-09-06 02:57:51 +02:00
Jan Tojnar
72e7d569a7
tree-wide: s/GTK+/GTK/g
GTK was renamed.
2019-09-06 02:54:53 +02:00
Linus Heckemann
734da72661
Merge pull request #68110 from Ma27/weechat-python3
weechat: build with python3 by default
2019-09-05 20:05:47 +02:00
Maximilian Bosch
e4bc0e2b5f
weechatScripts.weechat-xmpp: remove
This plugin is fairly outdated and depends on python2 libraries that
don't receive any updates either (xmpppy for instance[1]).

[1] https://pypi.org/project/xmpppy/
2019-09-05 20:03:46 +02:00
Craige McWhirter
169cb996c5 postgresql: improve identMap description
This patch provides example usage for identMap based upon PostrgeSQL documentation

@thoughtpolice
2019-09-05 12:28:21 -05:00
Ambroz Bizjak
a97a047419
tests/virtualbox: Clean up unnecessary things.
Always enable the UART because the VirtualBug bug that required running without the UART was fixed in 6.0.10. Stop using an old kernel version because the tests work with the default kernel.

(cherry picked from commit ae93571e8d04cebd69491a789d902d6481e05d3f)
2019-09-05 09:30:05 -04:00
Johan Thomsen
161855c033 ceph: 14.2.1 -> 14.2.3 2019-09-05 14:33:29 +02:00
Vladimír Čunát
e5dece4cbf
Merge branch 'staging-next' into staging 2019-09-05 10:23:46 +02:00