Maximilian Bosch
28a95c4f7f
Merge pull request #60138 from grahamc/wireguard-generate-key
...
wireguard: add generatePrivateKeyFile option + test
2019-04-24 16:00:34 +02:00
Graham Christensen
06c83a14e1
Wrap 'wg' commands in <command>
2019-04-24 07:46:01 -04:00
Graham Christensen
f57fc6c881
wireguard: add generatePrivateKeyFile option + test
...
Ideally, private keys never leave the host they're generated on - like
SSH. Setting generatePrivateKeyFile to true causes the PK to be
generate automatically.
2019-04-24 07:46:01 -04:00
Andrew Dunham
9f7f367bf5
plex: rewrite to use FHS userenv
2019-04-23 20:19:33 -07:00
Matthew Bauer
84d00355e8
Merge remote-tracking branch 'NixOS/master' into staging
2019-04-23 22:00:42 -04:00
Silvan Mosberger
508fd8f133
Merge pull request #55413 from msteen/bitwarden_rs
...
bitwarden_rs: init at 1.8.0
2019-04-24 00:25:08 +02:00
Matthijs Steen
ef1a43030b
nixos/bitwarden_rs: init
2019-04-23 23:46:57 +02:00
Silvan Mosberger
ca37c23f91
Merge pull request #58096 from pacien/tedicross-init
...
tedicross: init at 0.8.7
2019-04-23 23:14:22 +02:00
pacien
d3423dd5c2
nixos/tedicross: add module
2019-04-23 22:52:23 +02:00
Jörg Thalheim
d43dc68db3
nixos/openldap: make rootpw option optional
...
This allows to store passwords in external files outside of the world-readable
nix store.
2019-04-23 16:35:33 +01:00
Janne Heß
5fbf306760
nixos/icingaweb2: Fix environment.etc assignment
2019-04-23 14:04:40 +02:00
ajs124
3e32e150cb
nixos/ejabberd: migrate to tmpfiles, drop runit
2019-04-23 14:00:49 +02:00
Dan Elkouby
83c9b6ee39
nginx: use fullchain.pem for ssl_trusted_certificate
...
Some ACME clients do not generate full.pem, which is the same as
fullchain.pem + the certificate key (key.pem), which is not necessary
for verifying OCSP staples.
2019-04-23 12:33:19 +03:00
markuskowa
d0e70ac2d3
Merge pull request #60010 from JohnAZoidberg/https-urls
...
HTTPS urls
2019-04-22 23:37:07 +02:00
Daniel Schaefer
92cccb6f83
treewide: Use HTTPS for readthedocs URLs
2019-04-22 20:46:18 +02:00
Aaron Andersen
c3f69d1373
Merge pull request #59381 from aanderse/automysqlbackup
...
automysqlinit: init at 3.0_rc6
2019-04-22 08:30:23 -04:00
mlvzk
113bb0a7e9
nixos/display-managers/startx: fix typos for startx option description
...
`~/.xinintrc` => `~/.xinitrc`
`autmatically` => `automatically`
2019-04-21 07:46:37 +00:00
Léo Gaspard
451961ead2
Merge pull request #59880 from florianjacob/matrix-synapse-identity-servers
...
nixos/matrix-synapse: correct trusted_third_party_id_servers default
2019-04-21 02:41:21 +02:00
Matthew Bauer
799fa4d404
Merge remote-tracking branch 'origin/master' into staging
2019-04-20 19:31:35 -04:00
Aaron Andersen
4a11ce7f26
cleanup redundant text in modules utilizing mkEnableOption
...
Closes #59911
2019-04-20 14:44:02 +02:00
Reno Reckling
abf60791e2
nixos/modules/networking/wg-quick Add wg-quick options support
...
This is an implementation of wireguard support using wg-quick config
generation.
This seems preferrable to the existing wireguard support because
it handles many more routing and resolvconf edge cases than the
current wireguard support.
It also includes work-arounds to make key files work.
This has one quirk:
We need to set reverse path checking in the firewall to false because
it interferes with the way wg-quick sets up its routing.
2019-04-20 14:02:54 +02:00
Jan Tojnar
d3259ed673
Merge branch 'master' into staging
2019-04-20 12:49:01 +02:00
Florian Jacob
34aa25b8dc
nixos/matrix-synapse: correct trusted_third_party_id_servers default
...
the servers are equivalent and synchronized, but Riot defaults to use vector.im
Source: https://github.com/matrix-org/synapse/blob/v0.99.3/docs/sample_config.yaml#L701
2019-04-19 11:54:06 +02:00
Aaron Andersen
3464b50c61
Merge pull request #59389 from aanderse/issue/53853-1
...
replace deprecated usage of PermissionsStartOnly (part 1)
2019-04-18 20:46:28 -04:00
markuskowa
dac0051e60
Merge pull request #59188 from gnidorah/maxx
...
maxx: 1.1.0 -> 2.0.1
2019-04-18 21:48:01 +02:00
Bas van Dijk
cccc7a93d2
Merge pull request #59828 from basvandijk/prometheus-refactoring
...
nixos/prometheus: refactored & added more missing options
2019-04-18 13:43:53 +02:00
Bas van Dijk
cdd82681b3
nixos/prometheus: add more missing options
2019-04-18 12:53:13 +02:00
Bas van Dijk
285fd3c05a
nixos/prometheus: abstract over optional option creation
2019-04-18 11:55:43 +02:00
Frederik Rietdijk
2346182c2c
Merge staging-next into staging
2019-04-18 08:26:30 +02:00
worldofpeace
7abeda982a
gnome3.gsettings-desktop-schemas -> gsettings-desktop-schemas
...
gnome3.pomodoro is left out because I don't want to create a conflict.
2019-04-17 13:39:23 -04:00
Robin Gloster
b278cd86e1
Merge branch 'master' into kube-apiserver-preferred-address-types
2019-04-17 16:40:06 +00:00
Robin Gloster
44afc81af1
Merge pull request #57693 from mayflower/kube-apiserver-proxy-client-certs
...
nixos/kubernetes: Add proxy client certs to apiserver
2019-04-17 16:38:51 +00:00
Robin Gloster
7dc6e77bc2
Merge pull request #56789 from mayflower/upstream-k8s-refactor
...
nixos/kubernetes: stabilize cluster deployment/startup across machines
2019-04-17 16:37:58 +00:00
Bas van Dijk
55ef5d4246
nixos/prometheus: set optional attributes to type types.nullOr
...
This makes sure that when a user hasn't set a Prometheus option it
won't show up in the prometheus.yml configuration file. This results
in smaller and easier to understand configuration files.
2019-04-17 14:49:09 +02:00
Bas van Dijk
57e5b75f9c
nixos/prometheus: filter out the _module attr in a central place
...
We previously filtered out the `_module` attribute in a NixOS
configuration by filtering it using the option's `apply` function.
This meant that every option that had a submodule type needed to have
this apply function. Adding this function is easy to forget thus this
mechanism is error prone.
We now recursively filter out the `_module` attributes at the place we
construct the Prometheus configuration file. Since we now do the filtering
centrally we don't have to do it per option making it less prone to errors.
2019-04-17 14:08:16 +02:00
Bas van Dijk
a913d0891c
nixos/prometheus: filter out empty srcape_configs attributes
...
This results in a smaller prometheus.yml config file.
It also allows us to use the same options for both prometheus-1 and
prometheus-2 since the new options for prometheus-2 default to null
and will be filtered out if they are not set.
2019-04-16 16:06:11 +02:00
Bas van Dijk
a23db5db08
nixos/prometheus: add new ec2_sd_config options for prometheus2
2019-04-16 16:04:33 +02:00
Andrew Childs
ad7e232f88
nixos/prometheus: add ec2_sd_configs
section to scrape_configs
2019-04-16 13:43:52 +02:00
Bas van Dijk
d1940beb3a
nixos/prometheus/pushgateway: add module and test
2019-04-16 08:09:38 +02:00
Aaron Andersen
5f4df8e509
automysqlinit: init at 3.0_rc6
2019-04-15 21:51:55 -04:00
worldofpeace
2d6247a414
gnome3.gnome-keyring: CAP_IPC_LOCK gnome-keyring-daemon
...
From gkd-capability.c:
This program needs the CAP_IPC_LOCK posix capability.
We want to allow either setuid root or file system based capabilies
to work. If file system based capabilities, this is a no-op unless
the root user is running the program. In that case we just drop
capabilities down to IPC_LOCK. If we are setuid root, then change to the
invoking user retaining just the IPC_LOCK capability. The application
is aborted if for any reason we are unable to drop privileges.
2019-04-15 14:59:56 -04:00
worldofpeace
27ac8cb2c4
Merge pull request #59185 from worldofpeace/glib-networking
...
nixos/glib-networking: init
2019-04-15 13:17:58 -04:00
worldofpeace
7802b18958
nixos/pantheon: use glib-networking module
2019-04-15 13:11:58 -04:00
worldofpeace
b0e9f85f47
nixos/glib-networking: init
...
Note that we were previously didn't have glib-networking
in systemd.packages so the PacRunner was non-functional.
2019-04-15 13:04:06 -04:00
adisbladis
9a176d669a
nixos/tox-node: Add descriptions to module options.
...
Missing these broke the tarball build
https://hydra.nixos.org/build/92258938/nixlog/1
2019-04-15 17:11:10 +01:00
José Romildo Malaquias
c32b50a5f7
Merge pull request #59520 from romildo/upd.deepin.deepin-daemon
...
nixos/dde-daemon: init
2019-04-15 10:30:51 -03:00
adisbladis
4b4caa9413
Merge pull request #59368 from suhr/tox-node
...
nixos/tox-node: init
2019-04-15 12:28:27 +03:00
adisbladis
454aa43213
nixos/tox-node: Dont hardcode bootstrap nodes
...
Get these from upstream tox-node package instead.
This is likely to cause less maintenance overhead over time and
following upstream bootstrap node changes is automated.
2019-04-15 09:27:32 +01:00
Сухарик
6cb40f7b0b
nixos/tox-node: init
2019-04-15 09:27:27 +01:00
Bas van Dijk
e5724e8e66
Merge pull request #59514 from basvandijk/elk-7.0.0
...
elk7: init at 7.0.0
2019-04-15 07:05:13 +02:00
José Romildo Malaquias
46a4e92d92
nixos/deepin-daemon: init
2019-04-14 21:47:45 -03:00
Bas van Dijk
13352f28d2
elk7: init at 7.0.0
...
This adds the following new packages:
+ elasticsearch7
+ elasticsearch7-oss
+ logstash7
+ logstash7-oss
+ kibana7
+ kibana7-oss
+ filebeat7
+ heartbeat7
+ metricbeat7
+ packetbeat7
+ journalbeat7
The default major version of the ELK stack stays at 6. We should
probably set it to 7 in a next commit.
2019-04-14 21:39:46 +02:00
Silvan Mosberger
a63c182d53
Merge pull request #59315 from Infinisil/znc-docs-url
...
nixos/znc: Fix URL XML for config option
2019-04-14 17:33:49 +02:00
worldofpeace
6846d4ab85
nixos/fprintd: use systemd.packages
...
Upstream has a systemd service.
2019-04-14 10:19:57 -04:00
worldofpeace
4616b4ec85
Merge pull request #21860 from e-user/bugfix/upstream/gnome-pam
...
nixos/gdm: use provided PAM login configuration wherever possible
2019-04-14 09:52:17 -04:00
Alexander Kahl
5b9895b1a0
nixos/gdm: use provided PAM login configuration wherever possible
...
Fixes #21859
2019-04-14 09:49:01 -04:00
worldofpeace
c9a925d82b
Merge pull request #59433 from romildo/upd.deepin.deepin-menu
...
nixos/deepin-menu: init
2019-04-14 09:18:15 -04:00
José Romildo Malaquias
9e99eed443
nixos/deepin-menu: init
2019-04-14 10:00:44 -03:00
Sarah Brofeldt
f839011719
Merge pull request #58512 from aanderse/solr
...
solr: init at 8.0.0
2019-04-14 11:16:28 +02:00
gnidorah
1a4072e90f
maxx: 1.1.0 -> 2.0.1
2019-04-14 09:51:29 +03:00
Aaron Andersen
55ddb04a8a
nixos/zookeeper: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:01 -04:00
Aaron Andersen
a1c48c3f63
nixos/vault: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:01 -04:00
Aaron Andersen
053c9a7992
nixos/sonarr: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:01 -04:00
Aaron Andersen
bb649d96b0
nixos/smokeping: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:00 -04:00
Aaron Andersen
484e896d7a
nixos/radarr: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:00 -04:00
Aaron Andersen
021b287b84
nixos/peerflix: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:00 -04:00
Aaron Andersen
0672f867bc
nixos/mysql-backup: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:00 -04:00
Aaron Andersen
89cbee4d3e
nixos/mxisd: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:00 -04:00
Aaron Andersen
cd46038ae5
nixos/jackett: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:59 -04:00
Aaron Andersen
b7f376c01b
nixos/ipfs: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:59 -04:00
Aaron Andersen
b1be2f1584
nixos/influxdb: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:59 -04:00
Aaron Andersen
6ac630bad3
nixos/etcd: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:59 -04:00
Aaron Andersen
062efe018d
nixos/couchdb: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:58 -04:00
Aaron Andersen
56c7960d66
nixos/codimd: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:58 -04:00
Aaron Andersen
e51f86a018
nixos/clickhouse: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:58 -04:00
Aaron Andersen
e5d8ba59cc
nixos/traefik: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:58 -04:00
Aaron Andersen
cefbee3edc
nixos/syncthing: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:58 -04:00
Aaron Andersen
0113cc0de9
nixos/stanchion: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:57 -04:00
Aaron Andersen
a585d29bfd
nixos/rss2email: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:57 -04:00
Aaron Andersen
2ebbe3988b
nixos/rabbitmq: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:57 -04:00
Aaron Andersen
7b2be9b328
nixos/postgresqlBackup: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:57 -04:00
Aaron Andersen
64fdacc580
nixos/nullmailer: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:57 -04:00
Aaron Andersen
a6bbc55ae1
nixos/nexus: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:56 -04:00
Aaron Andersen
7808202b38
nixos/munge: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:56 -04:00
Aaron Andersen
919c87a106
nixos/mpd: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:56 -04:00
Aaron Andersen
8c48c55c2d
nixos/minio: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:56 -04:00
Aaron Andersen
89081eef5d
nixos/mesos: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:56 -04:00
Aaron Andersen
2f50cd06dc
nixos/memcached: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:55 -04:00
Aaron Andersen
5f9a639f69
nixos/liquidsoap: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:55 -04:00
Aaron Andersen
8fe1c5b30f
nixos/lidarr: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:55 -04:00
Aaron Andersen
09af9fcd34
nixos/collectd: replace deprecated usage of PermissionsStartOnly
...
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:55 -04:00
markuskowa
7d363d46ba
Merge pull request #59362 from matthiasbeyer/ympd-port-int
...
ympd service: Allow webPort to be int
2019-04-12 20:59:13 +02:00
Maximilian Bosch
f975bbae11
nixos/hostapd: escape interface names for hostapd
...
Same problem as described in acbadcdbba
.
When using multiple interfaces for wifi with `networking.wlanInterfaces`
and the interface for `hostapd` contains a dash, this will fail as
systemd escapes dashes in its device names.
2019-04-12 19:27:19 +02:00
Matthias Beyer
31884f788e
ympd service: Allow webPort to be int
...
Signed-off-by: Matthias Beyer <mail@beyermatthias.de>
2019-04-12 18:17:10 +02:00
Silvan Mosberger
92ae299998
Merge pull request #59081 from Yarny0/hylafax-updates
...
HylaFAX: fix ModemGroup, also minor metadata updates
2019-04-12 16:30:46 +02:00
Bas van Dijk
08b277e0da
Merge pull request #56017 from elohmeier/prom-tls
...
prometheus: add tls_config
2019-04-12 12:57:54 +02:00
Joachim F
5dafbb2cb1
Merge pull request #56719 from bricewge/miniflux-service
...
miniflux: add service
2019-04-12 09:57:30 +00:00
Yarny0
e57156bcaa
nixos/hylafax: fix faxq ModemGroup
setting
...
The manpage claims that the "limit" in the setting::
<name>:[<limit>:]<regex>
is optional and defaults to zero, implying no limit.
However, tests confirmed that it actually isn't optional.
Without limit, the setting ``any:.*`` places
outbound jobs on infinite hold if no particular
modem was specified on the sendfax command line.
The new default value ``any:0:.*`` from
this commit uses any available modem to
send jobs if not modem was given to sendfax.
2019-04-12 11:11:49 +02:00
Yarny0
1438f7b664
nixos/hylafax: add 'yarny' (= myself) as maintainer
...
I forgot to do this when I submitted this module with
commit 12fa95f2d6
.
2019-04-12 11:11:48 +02:00
Silvan Mosberger
2d1fa68c83
Merge pull request #59044 from teto/strongswan_path
...
strongswan module: use strings for secrets.
2019-04-11 22:51:24 +02:00
Enno Lohmeier
da7aeb1b7d
prometheus: add tls_config
2019-04-11 20:34:31 +02:00
Silvan Mosberger
b8dc0f9a5b
nixos/znc: Fix URL XML for config option
2019-04-11 16:59:19 +02:00
Frederik Rietdijk
230c67f43b
Merge master into staging-next
2019-04-11 07:50:23 +02:00
Ryan Mulligan
0960fc72b7
Merge pull request #49868 from jfrankenau/fix-triggerhappy
...
nixos/triggerhappy: add option user
2019-04-10 20:56:19 -07:00
Matthieu Coudron
08b8c6caf2
nixos/strongswan: use strings for secrets.
...
The nixos module artifically enforces type.path whereas the ipsec secret configuration files
accept pattern or relative paths.
Enforcing absolute paths already caused problems with l2tp vpn:
https://github.com/nm-l2tp/NetworkManager-l2tp/issues/108
2019-04-11 11:44:49 +09:00
Aaron Andersen
ee7565af9d
solr: init at 8.0.0
2019-04-10 20:12:41 -04:00
Bas van Dijk
cd4486ecc3
nixos/prometheus/alertmanager: use DynamicUser instead of nobody
...
See issue #55370
2019-04-10 20:38:40 +02:00
Bas van Dijk
739bdff4a4
nixos/prometheus/alertmanager: use ExecStart instead of script
...
This results in a simpler service unit which doesn't first have to
start a shell:
> cat /nix/store/s95nsr8zbkblklanqpkiap49mkwbaq45-unit-alertmanager.service/alertmanager.service
...
ExecStart=/nix/store/4g784lwcy7kp69hg0z2hfwkhjp2914lr-alertmanager-0.16.2-bin/bin/alertmanager \
--config.file /nix/store/p2c7fyi2jkkwq04z2flk84q4wyj2ggry-checked-config \
--web.listen-address [::1]:9093 \
--log.level warn
...
2019-04-10 15:03:09 +02:00
Linus Heckemann
4557373d68
Merge pull request #58858 from worldofpeace/pantheon/lightdm-gtk-greeter
...
nixos/pantheon: enable lightdm gtk greeter
2019-04-10 09:36:20 +02:00
Robin Gloster
f370553f8f
Merge pull request #58804 from Ma27/roundcube-fixes
...
roundcube: minor fixes
2019-04-09 18:30:00 +00:00
Frederik Rietdijk
d108b49168
Merge master into staging-next
2019-04-09 16:38:35 +02:00
Bas van Dijk
2f2e2971d6
Merge pull request #58255 from jbgi/prometheus2
...
Add Prometheus 2 service in parallel with 1.x version (continuation)
2019-04-09 14:14:18 +02:00
Bas van Dijk
c95179b52f
nixos/prometheus: add back the option services.prometheus.dataDir
...
This is to ensure more backwards compatibility. Note this is not 100%
backwards compatible because we now require dataDir to begin with /var/lib/.
2019-04-09 13:13:34 +02:00
Robin Gloster
a58ab8fc05
Merge pull request #58398 from Ma27/package-documize
...
documize-community: init at 2.2.1
2019-04-08 22:34:11 +00:00
Maximilian Bosch
acbb74ed18
documize-community: init at 2.2.1
...
Documize is an open-source alternative for wiki software like Confluence
based on Go and EmberJS. This patch adds the sources for the community
edition[1], for commercial their paid-plan[2] needs to be used.
For commercial use a derivation that bundles the commercial package and
contains a `$out/bin/documize` can be passed to
`services.documize.enable`.
The package compiles the Go sources, the build process also bundles the
pre-built frontend from `gui/public` into the binary.
The NixOS module generates a simple `systemd` unit which starts the
service as a dynamic user, database and a reverse proxy won't be
configured.
[1] https://www.documize.com/get-started/
[2] https://www.documize.com/pricing/
2019-04-08 23:54:57 +02:00
worldofpeace
acedc516fe
nixos/pantheon: use evince module
2019-04-08 16:40:54 -04:00
Ingo Blechschmidt
efff2e1aa6
iodine: improve password handling ( #58806 )
...
Before this change, only passwords not containing shell metacharacters could be
used, and because the password was passed as a command-line argument, local
users could (in a very small window of time) record the password and (in an
indefinity window of time) record the length of the password.
We also use the opportunity to add a call to `exec` in the systemd start
script, so that no shell needs to hang around waiting for iodine to stop.
2019-04-08 21:20:26 +02:00
Bas van Dijk
eed84d1f8d
nixos/prometheus: fix indentation and unnecessary parenthesis
2019-04-08 19:14:42 +02:00
Bas van Dijk
7cf27feb2f
nixos/prometheus: get rid of empty arguments
...
Previously the prometheus.service file looked like:
ExecStart=/nix/store/wjkhfw3xgkmavz1akkqir99w4lbqhak7-prometheus-1.8.2-bin/bin/prometheus -storage.local.path=/var/lib/prometheus/metrics \
-config.file=/nix/store/zsnvzw51mk3n1cxjd0351bj39k1j6j27-prometheus.yml-check-config-checked \
-web.listen-address=0.0.0.0:9090 \
-alertmanager.notification-queue-capacity=10000 \
-alertmanager.timeout=10s \
\
Restart=always
Now it's:
ExecStart=/nix/store/wjkhfw3xgkmavz1akkqir99w4lbqhak7-prometheus-1.8.2-bin/bin/prometheus \
-storage.local.path=/var/lib/prometheus/metrics \
-config.file=/nix/store/zsnvzw51mk3n1cxjd0351bj39k1j6j27-prometheus.yml-check-config-checked \
-web.listen-address=0.0.0.0:9090 \
-alertmanager.notification-queue-capacity=10000 \
-alertmanager.timeout=10s
Restart=always
2019-04-08 14:59:12 +02:00
Bas van Dijk
a59c92903e
nixos/prometheus: use ExecStart instead of a shell script
...
This uses fewer lines of code and one less process.
2019-04-08 14:59:12 +02:00
Aneesh Agrawal
24ae4ae604
nixos/sshd: Remove obsolete Protocol options ( #59136 )
...
OpenSSH removed server side support for the v.1 Protocol
in version 7.4: https://www.openssh.com/txt/release-7.4 ,
making this option a no-op.
2019-04-08 09:49:31 +02:00
worldofpeace
8f93650fe4
nixos/pantheon: add warning when not using LightDM
2019-04-07 17:51:41 -04:00
worldofpeace
d3d5c674ba
nixos/lightdm-greeters/pantheon: add warning
2019-04-07 17:51:19 -04:00
Florian Klink
2457510db4
Merge pull request #51918 from bobvanderlinden/var-run
...
tree-wide: nixos: /var/run -> /run
2019-04-07 20:09:46 +02:00
Frederik Rietdijk
7f7da0a16f
Merge master into staging-next
2019-04-07 15:14:52 +02:00
Robin Gloster
0498ba6e06
Merge pull request #59078 from dtzWill/fix-and-update/nextcloud
...
nextcloud: fix use of mismatched php versions, updates
2019-04-07 09:55:39 +00:00
Frederik Rietdijk
4a125f6b20
Merge master into staging-next
2019-04-07 08:33:41 +02:00
Léo Gaspard
07fdcb348f
Merge pull request #59056 from aanderse/mod_php-sendmail
...
nixos/httpd: replace ssmtp with system-sendmail
2019-04-06 20:57:58 +02:00
Will Dietz
27d78f4c6c
nextcloud: use same php package throughout!
...
`phpPackage` is 7.3 by default, but `pkgs.php` is 7.2,
so this saves the need for an extra copy of php
for the purpose of running nextcloud's cron;
more importantly this fixes problems with extensions
not loading since they are built against a different php.
2019-04-06 10:34:14 -05:00
Aaron Andersen
9c9a6f380e
nixos/httpd: replace ssmtp with system-sendmail
2019-04-06 06:34:46 -04:00
Silvan Mosberger
82b8ff405b
Merge pull request #58778 from aanderse/davmail
...
nixos/davmail: set logging default to warn, instead of debug
2019-04-06 06:23:48 +02:00
Jeremy Apthorp
e8b68dd4f4
miniflux: add service
2019-04-06 03:52:15 +02:00
Gabriel Ebner
ad5cabf575
nixos/evince: init
2019-04-05 15:03:31 +02:00
Tor Hedin Brønner
c99a666aac
nixos/gnome3: add new default fonts
...
- source-code-pro is now the default monospace font
- source-sans-pro seems to be used somewhere too:
https://wiki.gnome.org/Engagement/BrandGuidelines
2019-04-05 12:13:39 +02:00
Jan Tojnar
cb1a20499a
Merge branch 'master' into staging
2019-04-05 11:37:15 +02:00
Jörg Thalheim
6dd7483ce1
Merge pull request #57979 from 4z3/writeNginxConfig
...
nixos/nginx: use nginxfmt and gixy
2019-04-04 20:23:58 +01:00
Silvan Mosberger
fab50f0e91
Merge pull request #57716 from dasJ/redo-icingaweb2
...
nixos/icingaweb2: Replace most options with toINI
2019-04-04 21:20:01 +02:00
Maximilian Bosch
6b6348eaba
nixos/roundcube: only configure postgres config if localhost is used as database
...
When using a different database, the evaluation fails as
`config.services.postgresql.package` is only set if `services.postgresql` is enabled.
Also, the systemd service shouldn't have a relation to postgres if a
remote database is used.
2019-04-02 16:02:53 +02:00
Aaron Andersen
01cec5155f
nixos/davmail: set logging default to warn, instead of debug
2019-04-02 09:52:32 -04:00
Franz Pletz
ff36d95878
nixos/quicktun: init
2019-04-02 12:16:48 +02:00
Simon Lackerbauer
88c31ae57c
nixos/openldap: add new options
2019-04-01 17:24:33 +02:00
John Ericson
4ccb74011f
Merge commit '18aa59b0f26fc707e7313f8467e67159e61600c2' from master into staging
...
There was one conflict in the NixOS manual; I checked that it still
built after resolving it.
2019-04-01 00:40:03 -04:00
Silvan Mosberger
81e2fb5303
Merge pull request #58458 from worldofpeace/colord/no-root
...
nixos/colord: don't run as root
2019-03-30 04:06:55 +01:00
worldofpeace
099cc0482b
nixos/pantheon: enable lightdm gtk greeter
...
Pantheon's greeter has numerous issues that cannot be
fixed in a timely manner, and users are better off if they just
didn't use it by default.
2019-03-29 21:29:59 -04:00
worldofpeace
f22fbe1175
nixos/colord: don't run as root
...
Using systemd.packages because there's
a system colord service and colord-session user service
included.
2019-03-29 20:56:06 -04:00
Florian Klink
aa2878cfcf
Merge pull request #58284 from bgamari/gitlab-rails
...
nixos/gitlab: Package gitlab-rails
2019-03-28 21:12:15 +01:00
Silvan Mosberger
9d4a6cceb7
Merge pull request #57550 from florianjacob/typed-mysql-options
...
nixos/mysql: specify option types, add tests
2019-03-28 18:55:53 +01:00
Ben Gamari
af909b3238
nixos/gitlab: Package gitlab-rails
...
This utility (particularly `gitlab-rails console`) is packaged by GitLab
Omnibus and is used for diagnostics and maintenance operations.
2019-03-28 11:45:31 -04:00
Ben Gamari
b90f5f03c2
nixos/gitaly: Run gitaly with procps in scope
...
Gitaly uses `ps` to track the RSS of `gitlab-ruby` and kills it when it
detects excessive memory leakage. See
https://gitlab.com/gitlab-org/gitaly/issues/1562 .
2019-03-28 10:48:51 -04:00
Maximilian Bosch
3fc3096da8
Merge pull request #58432 from aanderse/mailcatcher
...
nixos/mailcatcher: init module for existing package
2019-03-27 16:11:15 +01:00