Commit Graph

6586 Commits

Author SHA1 Message Date
Maximilian Bosch
28a95c4f7f
Merge pull request #60138 from grahamc/wireguard-generate-key
wireguard: add generatePrivateKeyFile option + test
2019-04-24 16:00:34 +02:00
Graham Christensen
06c83a14e1
Wrap 'wg' commands in <command> 2019-04-24 07:46:01 -04:00
Graham Christensen
f57fc6c881
wireguard: add generatePrivateKeyFile option + test
Ideally, private keys never leave the host they're generated on - like
SSH. Setting generatePrivateKeyFile to true causes the PK to be
generate automatically.
2019-04-24 07:46:01 -04:00
Andrew Dunham
9f7f367bf5 plex: rewrite to use FHS userenv 2019-04-23 20:19:33 -07:00
Matthew Bauer
84d00355e8 Merge remote-tracking branch 'NixOS/master' into staging 2019-04-23 22:00:42 -04:00
Silvan Mosberger
508fd8f133
Merge pull request #55413 from msteen/bitwarden_rs
bitwarden_rs: init at 1.8.0
2019-04-24 00:25:08 +02:00
Matthijs Steen
ef1a43030b nixos/bitwarden_rs: init 2019-04-23 23:46:57 +02:00
Silvan Mosberger
ca37c23f91
Merge pull request #58096 from pacien/tedicross-init
tedicross: init at 0.8.7
2019-04-23 23:14:22 +02:00
pacien
d3423dd5c2 nixos/tedicross: add module 2019-04-23 22:52:23 +02:00
Jörg Thalheim
d43dc68db3
nixos/openldap: make rootpw option optional
This allows to store passwords in external files outside of the world-readable
nix store.
2019-04-23 16:35:33 +01:00
Janne Heß
5fbf306760 nixos/icingaweb2: Fix environment.etc assignment 2019-04-23 14:04:40 +02:00
ajs124
3e32e150cb nixos/ejabberd: migrate to tmpfiles, drop runit 2019-04-23 14:00:49 +02:00
Dan Elkouby
83c9b6ee39 nginx: use fullchain.pem for ssl_trusted_certificate
Some ACME clients do not generate full.pem, which is the same as
fullchain.pem + the certificate key (key.pem), which is not necessary
for verifying OCSP staples.
2019-04-23 12:33:19 +03:00
markuskowa
d0e70ac2d3
Merge pull request #60010 from JohnAZoidberg/https-urls
HTTPS urls
2019-04-22 23:37:07 +02:00
Daniel Schaefer
92cccb6f83 treewide: Use HTTPS for readthedocs URLs 2019-04-22 20:46:18 +02:00
Aaron Andersen
c3f69d1373
Merge pull request #59381 from aanderse/automysqlbackup
automysqlinit: init at 3.0_rc6
2019-04-22 08:30:23 -04:00
mlvzk
113bb0a7e9 nixos/display-managers/startx: fix typos for startx option description
`~/.xinintrc` => `~/.xinitrc`
`autmatically` => `automatically`
2019-04-21 07:46:37 +00:00
Léo Gaspard
451961ead2
Merge pull request #59880 from florianjacob/matrix-synapse-identity-servers
nixos/matrix-synapse: correct trusted_third_party_id_servers default
2019-04-21 02:41:21 +02:00
Matthew Bauer
799fa4d404 Merge remote-tracking branch 'origin/master' into staging 2019-04-20 19:31:35 -04:00
Aaron Andersen
4a11ce7f26
cleanup redundant text in modules utilizing mkEnableOption
Closes #59911
2019-04-20 14:44:02 +02:00
Reno Reckling
abf60791e2 nixos/modules/networking/wg-quick Add wg-quick options support
This is an implementation of wireguard support using wg-quick config
generation.

This seems preferrable to the existing wireguard support because
it handles many more routing and resolvconf edge cases than the
current wireguard support.

It also includes work-arounds to make key files work.

This has one quirk:
We need to set reverse path checking in the firewall to false because
it interferes with the way wg-quick sets up its routing.
2019-04-20 14:02:54 +02:00
Jan Tojnar
d3259ed673
Merge branch 'master' into staging 2019-04-20 12:49:01 +02:00
Florian Jacob
34aa25b8dc nixos/matrix-synapse: correct trusted_third_party_id_servers default
the servers are equivalent and synchronized, but Riot defaults to use vector.im
Source: https://github.com/matrix-org/synapse/blob/v0.99.3/docs/sample_config.yaml#L701
2019-04-19 11:54:06 +02:00
Aaron Andersen
3464b50c61
Merge pull request #59389 from aanderse/issue/53853-1
replace deprecated usage of PermissionsStartOnly (part 1)
2019-04-18 20:46:28 -04:00
markuskowa
dac0051e60
Merge pull request #59188 from gnidorah/maxx
maxx: 1.1.0 -> 2.0.1
2019-04-18 21:48:01 +02:00
Bas van Dijk
cccc7a93d2
Merge pull request #59828 from basvandijk/prometheus-refactoring
nixos/prometheus: refactored & added more missing options
2019-04-18 13:43:53 +02:00
Bas van Dijk
cdd82681b3 nixos/prometheus: add more missing options 2019-04-18 12:53:13 +02:00
Bas van Dijk
285fd3c05a nixos/prometheus: abstract over optional option creation 2019-04-18 11:55:43 +02:00
Frederik Rietdijk
2346182c2c Merge staging-next into staging 2019-04-18 08:26:30 +02:00
worldofpeace
7abeda982a gnome3.gsettings-desktop-schemas -> gsettings-desktop-schemas
gnome3.pomodoro is left out because I don't want to create a conflict.
2019-04-17 13:39:23 -04:00
Robin Gloster
b278cd86e1
Merge branch 'master' into kube-apiserver-preferred-address-types 2019-04-17 16:40:06 +00:00
Robin Gloster
44afc81af1
Merge pull request #57693 from mayflower/kube-apiserver-proxy-client-certs
nixos/kubernetes: Add proxy client certs to apiserver
2019-04-17 16:38:51 +00:00
Robin Gloster
7dc6e77bc2
Merge pull request #56789 from mayflower/upstream-k8s-refactor
nixos/kubernetes: stabilize cluster deployment/startup across machines
2019-04-17 16:37:58 +00:00
Bas van Dijk
55ef5d4246 nixos/prometheus: set optional attributes to type types.nullOr
This makes sure that when a user hasn't set a Prometheus option it
won't show up in the prometheus.yml configuration file. This results
in smaller and easier to understand configuration files.
2019-04-17 14:49:09 +02:00
Bas van Dijk
57e5b75f9c nixos/prometheus: filter out the _module attr in a central place
We previously filtered out the `_module` attribute in a NixOS
configuration by filtering it using the option's `apply` function.

This meant that every option that had a submodule type needed to have
this apply function. Adding this function is easy to forget thus this
mechanism is error prone.

We now recursively filter out the `_module` attributes at the place we
construct the Prometheus configuration file. Since we now do the filtering
centrally we don't have to do it per option making it less prone to errors.
2019-04-17 14:08:16 +02:00
Bas van Dijk
a913d0891c nixos/prometheus: filter out empty srcape_configs attributes
This results in a smaller prometheus.yml config file.

It also allows us to use the same options for both prometheus-1 and
prometheus-2 since the new options for prometheus-2 default to null
and will be filtered out if they are not set.
2019-04-16 16:06:11 +02:00
Bas van Dijk
a23db5db08 nixos/prometheus: add new ec2_sd_config options for prometheus2 2019-04-16 16:04:33 +02:00
Andrew Childs
ad7e232f88 nixos/prometheus: add ec2_sd_configs section to scrape_configs 2019-04-16 13:43:52 +02:00
Bas van Dijk
d1940beb3a nixos/prometheus/pushgateway: add module and test 2019-04-16 08:09:38 +02:00
Aaron Andersen
5f4df8e509 automysqlinit: init at 3.0_rc6 2019-04-15 21:51:55 -04:00
worldofpeace
2d6247a414 gnome3.gnome-keyring: CAP_IPC_LOCK gnome-keyring-daemon
From gkd-capability.c:

This program needs the CAP_IPC_LOCK posix capability.
We want to allow either setuid root or file system based capabilies
to work. If file system based capabilities, this is a no-op unless
the root user is running the program. In that case we just drop
capabilities down to IPC_LOCK. If we are setuid root, then change to the
invoking user retaining just the IPC_LOCK capability. The application
is aborted if for any reason we are unable to drop privileges.
2019-04-15 14:59:56 -04:00
worldofpeace
27ac8cb2c4
Merge pull request #59185 from worldofpeace/glib-networking
nixos/glib-networking: init
2019-04-15 13:17:58 -04:00
worldofpeace
7802b18958 nixos/pantheon: use glib-networking module 2019-04-15 13:11:58 -04:00
worldofpeace
b0e9f85f47 nixos/glib-networking: init
Note that we were previously didn't have glib-networking
in systemd.packages so the PacRunner was non-functional.
2019-04-15 13:04:06 -04:00
adisbladis
9a176d669a
nixos/tox-node: Add descriptions to module options.
Missing these broke the tarball build
https://hydra.nixos.org/build/92258938/nixlog/1
2019-04-15 17:11:10 +01:00
José Romildo Malaquias
c32b50a5f7
Merge pull request #59520 from romildo/upd.deepin.deepin-daemon
nixos/dde-daemon: init
2019-04-15 10:30:51 -03:00
adisbladis
4b4caa9413
Merge pull request #59368 from suhr/tox-node
nixos/tox-node: init
2019-04-15 12:28:27 +03:00
adisbladis
454aa43213
nixos/tox-node: Dont hardcode bootstrap nodes
Get these from upstream tox-node package instead.
This is likely to cause less maintenance overhead over time and
following upstream bootstrap node changes is automated.
2019-04-15 09:27:32 +01:00
Сухарик
6cb40f7b0b
nixos/tox-node: init 2019-04-15 09:27:27 +01:00
Bas van Dijk
e5724e8e66
Merge pull request #59514 from basvandijk/elk-7.0.0
elk7: init at 7.0.0
2019-04-15 07:05:13 +02:00
José Romildo Malaquias
46a4e92d92 nixos/deepin-daemon: init 2019-04-14 21:47:45 -03:00
Bas van Dijk
13352f28d2 elk7: init at 7.0.0
This adds the following new packages:

+ elasticsearch7
+ elasticsearch7-oss
+ logstash7
+ logstash7-oss
+ kibana7
+ kibana7-oss
+ filebeat7
+ heartbeat7
+ metricbeat7
+ packetbeat7
+ journalbeat7

The default major version of the ELK stack stays at 6. We should
probably set it to 7 in a next commit.
2019-04-14 21:39:46 +02:00
Silvan Mosberger
a63c182d53
Merge pull request #59315 from Infinisil/znc-docs-url
nixos/znc: Fix URL XML for config option
2019-04-14 17:33:49 +02:00
worldofpeace
6846d4ab85 nixos/fprintd: use systemd.packages
Upstream has a systemd service.
2019-04-14 10:19:57 -04:00
worldofpeace
4616b4ec85
Merge pull request #21860 from e-user/bugfix/upstream/gnome-pam
nixos/gdm: use provided PAM login configuration wherever possible
2019-04-14 09:52:17 -04:00
Alexander Kahl
5b9895b1a0 nixos/gdm: use provided PAM login configuration wherever possible
Fixes #21859
2019-04-14 09:49:01 -04:00
worldofpeace
c9a925d82b
Merge pull request #59433 from romildo/upd.deepin.deepin-menu
nixos/deepin-menu: init
2019-04-14 09:18:15 -04:00
José Romildo Malaquias
9e99eed443 nixos/deepin-menu: init 2019-04-14 10:00:44 -03:00
Sarah Brofeldt
f839011719
Merge pull request #58512 from aanderse/solr
solr: init at 8.0.0
2019-04-14 11:16:28 +02:00
gnidorah
1a4072e90f maxx: 1.1.0 -> 2.0.1 2019-04-14 09:51:29 +03:00
Aaron Andersen
55ddb04a8a nixos/zookeeper: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:01 -04:00
Aaron Andersen
a1c48c3f63 nixos/vault: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:01 -04:00
Aaron Andersen
053c9a7992 nixos/sonarr: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:01 -04:00
Aaron Andersen
bb649d96b0 nixos/smokeping: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:00 -04:00
Aaron Andersen
484e896d7a nixos/radarr: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:00 -04:00
Aaron Andersen
021b287b84 nixos/peerflix: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:00 -04:00
Aaron Andersen
0672f867bc nixos/mysql-backup: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:00 -04:00
Aaron Andersen
89cbee4d3e nixos/mxisd: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:01:00 -04:00
Aaron Andersen
cd46038ae5 nixos/jackett: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:59 -04:00
Aaron Andersen
b7f376c01b nixos/ipfs: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:59 -04:00
Aaron Andersen
b1be2f1584 nixos/influxdb: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:59 -04:00
Aaron Andersen
6ac630bad3 nixos/etcd: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:59 -04:00
Aaron Andersen
062efe018d nixos/couchdb: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:58 -04:00
Aaron Andersen
56c7960d66 nixos/codimd: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:58 -04:00
Aaron Andersen
e51f86a018 nixos/clickhouse: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:58 -04:00
Aaron Andersen
e5d8ba59cc nixos/traefik: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:58 -04:00
Aaron Andersen
cefbee3edc nixos/syncthing: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:58 -04:00
Aaron Andersen
0113cc0de9 nixos/stanchion: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:57 -04:00
Aaron Andersen
a585d29bfd nixos/rss2email: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:57 -04:00
Aaron Andersen
2ebbe3988b nixos/rabbitmq: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:57 -04:00
Aaron Andersen
7b2be9b328 nixos/postgresqlBackup: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:57 -04:00
Aaron Andersen
64fdacc580 nixos/nullmailer: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:57 -04:00
Aaron Andersen
a6bbc55ae1 nixos/nexus: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:56 -04:00
Aaron Andersen
7808202b38 nixos/munge: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:56 -04:00
Aaron Andersen
919c87a106 nixos/mpd: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:56 -04:00
Aaron Andersen
8c48c55c2d nixos/minio: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:56 -04:00
Aaron Andersen
89081eef5d nixos/mesos: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:56 -04:00
Aaron Andersen
2f50cd06dc nixos/memcached: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:55 -04:00
Aaron Andersen
5f9a639f69 nixos/liquidsoap: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:55 -04:00
Aaron Andersen
8fe1c5b30f nixos/lidarr: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:55 -04:00
Aaron Andersen
09af9fcd34 nixos/collectd: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
2019-04-13 07:00:55 -04:00
markuskowa
7d363d46ba
Merge pull request #59362 from matthiasbeyer/ympd-port-int
ympd service: Allow webPort to be int
2019-04-12 20:59:13 +02:00
Maximilian Bosch
f975bbae11
nixos/hostapd: escape interface names for hostapd
Same problem as described in acbadcdbba.

When using multiple interfaces for wifi with `networking.wlanInterfaces`
and the interface for `hostapd` contains a dash, this will fail as
systemd escapes dashes in its device names.
2019-04-12 19:27:19 +02:00
Matthias Beyer
31884f788e ympd service: Allow webPort to be int
Signed-off-by: Matthias Beyer <mail@beyermatthias.de>
2019-04-12 18:17:10 +02:00
Silvan Mosberger
92ae299998
Merge pull request #59081 from Yarny0/hylafax-updates
HylaFAX: fix ModemGroup, also minor metadata updates
2019-04-12 16:30:46 +02:00
Bas van Dijk
08b277e0da
Merge pull request #56017 from elohmeier/prom-tls
prometheus: add tls_config
2019-04-12 12:57:54 +02:00
Joachim F
5dafbb2cb1
Merge pull request #56719 from bricewge/miniflux-service
miniflux: add service
2019-04-12 09:57:30 +00:00
Yarny0
e57156bcaa nixos/hylafax: fix faxq ModemGroup setting
The manpage claims that the "limit" in the setting::
  <name>:[<limit>:]<regex>
is optional and defaults to zero, implying no limit.
However, tests confirmed that it actually isn't optional.

Without limit, the setting ``any:.*`` places
outbound jobs on infinite hold if no particular
modem was specified on the sendfax command line.
The new default value ``any:0:.*`` from
this commit uses any available modem to
send jobs if not modem was given to sendfax.
2019-04-12 11:11:49 +02:00
Yarny0
1438f7b664 nixos/hylafax: add 'yarny' (= myself) as maintainer
I forgot to do this when I submitted this module with
commit 12fa95f2d6.
2019-04-12 11:11:48 +02:00
Silvan Mosberger
2d1fa68c83
Merge pull request #59044 from teto/strongswan_path
strongswan module: use strings for secrets.
2019-04-11 22:51:24 +02:00
Enno Lohmeier
da7aeb1b7d prometheus: add tls_config 2019-04-11 20:34:31 +02:00
Silvan Mosberger
b8dc0f9a5b
nixos/znc: Fix URL XML for config option 2019-04-11 16:59:19 +02:00
Frederik Rietdijk
230c67f43b Merge master into staging-next 2019-04-11 07:50:23 +02:00
Ryan Mulligan
0960fc72b7
Merge pull request #49868 from jfrankenau/fix-triggerhappy
nixos/triggerhappy: add option user
2019-04-10 20:56:19 -07:00
Matthieu Coudron
08b8c6caf2 nixos/strongswan: use strings for secrets.
The nixos module artifically enforces type.path whereas the ipsec secret configuration files
accept pattern or relative paths.
Enforcing absolute paths already caused problems with l2tp vpn:
https://github.com/nm-l2tp/NetworkManager-l2tp/issues/108
2019-04-11 11:44:49 +09:00
Aaron Andersen
ee7565af9d solr: init at 8.0.0 2019-04-10 20:12:41 -04:00
Bas van Dijk
cd4486ecc3 nixos/prometheus/alertmanager: use DynamicUser instead of nobody
See issue #55370
2019-04-10 20:38:40 +02:00
Bas van Dijk
739bdff4a4 nixos/prometheus/alertmanager: use ExecStart instead of script
This results in a simpler service unit which doesn't first have to
start a shell:

  > cat /nix/store/s95nsr8zbkblklanqpkiap49mkwbaq45-unit-alertmanager.service/alertmanager.service
  ...
  ExecStart=/nix/store/4g784lwcy7kp69hg0z2hfwkhjp2914lr-alertmanager-0.16.2-bin/bin/alertmanager \
    --config.file /nix/store/p2c7fyi2jkkwq04z2flk84q4wyj2ggry-checked-config \
    --web.listen-address [::1]:9093 \
    --log.level warn
  ...
2019-04-10 15:03:09 +02:00
Linus Heckemann
4557373d68
Merge pull request #58858 from worldofpeace/pantheon/lightdm-gtk-greeter
nixos/pantheon: enable lightdm gtk greeter
2019-04-10 09:36:20 +02:00
Robin Gloster
f370553f8f
Merge pull request #58804 from Ma27/roundcube-fixes
roundcube: minor fixes
2019-04-09 18:30:00 +00:00
Frederik Rietdijk
d108b49168 Merge master into staging-next 2019-04-09 16:38:35 +02:00
Bas van Dijk
2f2e2971d6
Merge pull request #58255 from jbgi/prometheus2
Add Prometheus 2 service in parallel with 1.x version (continuation)
2019-04-09 14:14:18 +02:00
Bas van Dijk
c95179b52f nixos/prometheus: add back the option services.prometheus.dataDir
This is to ensure more backwards compatibility. Note this is not 100%
backwards compatible because we now require dataDir to begin with /var/lib/.
2019-04-09 13:13:34 +02:00
Robin Gloster
a58ab8fc05
Merge pull request #58398 from Ma27/package-documize
documize-community: init at 2.2.1
2019-04-08 22:34:11 +00:00
Maximilian Bosch
acbb74ed18
documize-community: init at 2.2.1
Documize is an open-source alternative for wiki software like Confluence
based on Go and EmberJS. This patch adds the sources for the community
edition[1], for commercial their paid-plan[2] needs to be used.

For commercial use a derivation that bundles the commercial package and
contains a `$out/bin/documize` can be passed to
`services.documize.enable`.

The package compiles the Go sources, the build process also bundles the
pre-built frontend from `gui/public` into the binary.

The NixOS module generates a simple `systemd` unit which starts the
service as a dynamic user, database and a reverse proxy won't be
configured.

[1] https://www.documize.com/get-started/
[2] https://www.documize.com/pricing/
2019-04-08 23:54:57 +02:00
worldofpeace
acedc516fe nixos/pantheon: use evince module 2019-04-08 16:40:54 -04:00
Ingo Blechschmidt
efff2e1aa6 iodine: improve password handling (#58806)
Before this change, only passwords not containing shell metacharacters could be
used, and because the password was passed as a command-line argument, local
users could (in a very small window of time) record the password and (in an
indefinity window of time) record the length of the password.

We also use the opportunity to add a call to `exec` in the systemd start
script, so that no shell needs to hang around waiting for iodine to stop.
2019-04-08 21:20:26 +02:00
Bas van Dijk
eed84d1f8d nixos/prometheus: fix indentation and unnecessary parenthesis 2019-04-08 19:14:42 +02:00
Bas van Dijk
7cf27feb2f
nixos/prometheus: get rid of empty arguments
Previously the prometheus.service file looked like:

  ExecStart=/nix/store/wjkhfw3xgkmavz1akkqir99w4lbqhak7-prometheus-1.8.2-bin/bin/prometheus -storage.local.path=/var/lib/prometheus/metrics \
    -config.file=/nix/store/zsnvzw51mk3n1cxjd0351bj39k1j6j27-prometheus.yml-check-config-checked \
    -web.listen-address=0.0.0.0:9090 \
    -alertmanager.notification-queue-capacity=10000 \
    -alertmanager.timeout=10s \
     \

  Restart=always

Now it's:

  ExecStart=/nix/store/wjkhfw3xgkmavz1akkqir99w4lbqhak7-prometheus-1.8.2-bin/bin/prometheus \
    -storage.local.path=/var/lib/prometheus/metrics \
    -config.file=/nix/store/zsnvzw51mk3n1cxjd0351bj39k1j6j27-prometheus.yml-check-config-checked \
    -web.listen-address=0.0.0.0:9090 \
    -alertmanager.notification-queue-capacity=10000 \
    -alertmanager.timeout=10s
  Restart=always
2019-04-08 14:59:12 +02:00
Bas van Dijk
a59c92903e
nixos/prometheus: use ExecStart instead of a shell script
This uses fewer lines of code and one less process.
2019-04-08 14:59:12 +02:00
Aneesh Agrawal
24ae4ae604 nixos/sshd: Remove obsolete Protocol options (#59136)
OpenSSH removed server side support for the v.1 Protocol
in version 7.4: https://www.openssh.com/txt/release-7.4,
making this option a no-op.
2019-04-08 09:49:31 +02:00
worldofpeace
8f93650fe4 nixos/pantheon: add warning when not using LightDM 2019-04-07 17:51:41 -04:00
worldofpeace
d3d5c674ba nixos/lightdm-greeters/pantheon: add warning 2019-04-07 17:51:19 -04:00
Florian Klink
2457510db4
Merge pull request #51918 from bobvanderlinden/var-run
tree-wide: nixos: /var/run -> /run
2019-04-07 20:09:46 +02:00
Frederik Rietdijk
7f7da0a16f Merge master into staging-next 2019-04-07 15:14:52 +02:00
Robin Gloster
0498ba6e06
Merge pull request #59078 from dtzWill/fix-and-update/nextcloud
nextcloud: fix use of mismatched php versions, updates
2019-04-07 09:55:39 +00:00
Frederik Rietdijk
4a125f6b20 Merge master into staging-next 2019-04-07 08:33:41 +02:00
Léo Gaspard
07fdcb348f
Merge pull request #59056 from aanderse/mod_php-sendmail
nixos/httpd: replace ssmtp with system-sendmail
2019-04-06 20:57:58 +02:00
Will Dietz
27d78f4c6c nextcloud: use same php package throughout!
`phpPackage` is 7.3 by default, but `pkgs.php` is 7.2,
so this saves the need for an extra copy of php
for the purpose of running nextcloud's cron;
more importantly this fixes problems with extensions
not loading since they are built against a different php.
2019-04-06 10:34:14 -05:00
Aaron Andersen
9c9a6f380e nixos/httpd: replace ssmtp with system-sendmail 2019-04-06 06:34:46 -04:00
Silvan Mosberger
82b8ff405b
Merge pull request #58778 from aanderse/davmail
nixos/davmail: set logging default to warn, instead of debug
2019-04-06 06:23:48 +02:00
Jeremy Apthorp
e8b68dd4f4 miniflux: add service 2019-04-06 03:52:15 +02:00
Gabriel Ebner
ad5cabf575 nixos/evince: init 2019-04-05 15:03:31 +02:00
Tor Hedin Brønner
c99a666aac
nixos/gnome3: add new default fonts
- source-code-pro is now the default monospace font
- source-sans-pro seems to be used somewhere too:
  https://wiki.gnome.org/Engagement/BrandGuidelines
2019-04-05 12:13:39 +02:00
Jan Tojnar
cb1a20499a
Merge branch 'master' into staging 2019-04-05 11:37:15 +02:00
Jörg Thalheim
6dd7483ce1
Merge pull request #57979 from 4z3/writeNginxConfig
nixos/nginx: use nginxfmt and gixy
2019-04-04 20:23:58 +01:00
Silvan Mosberger
fab50f0e91
Merge pull request #57716 from dasJ/redo-icingaweb2
nixos/icingaweb2: Replace most options with toINI
2019-04-04 21:20:01 +02:00
Maximilian Bosch
6b6348eaba
nixos/roundcube: only configure postgres config if localhost is used as database
When using a different database, the evaluation fails as
`config.services.postgresql.package` is only set if `services.postgresql` is enabled.

Also, the systemd service shouldn't have a relation to postgres if a
remote database is used.
2019-04-02 16:02:53 +02:00
Aaron Andersen
01cec5155f nixos/davmail: set logging default to warn, instead of debug 2019-04-02 09:52:32 -04:00
Franz Pletz
ff36d95878
nixos/quicktun: init 2019-04-02 12:16:48 +02:00
Simon Lackerbauer
88c31ae57c
nixos/openldap: add new options 2019-04-01 17:24:33 +02:00
John Ericson
4ccb74011f Merge commit '18aa59b0f26fc707e7313f8467e67159e61600c2' from master into staging
There was one conflict in the NixOS manual; I checked that it still
built after resolving it.
2019-04-01 00:40:03 -04:00
Silvan Mosberger
81e2fb5303
Merge pull request #58458 from worldofpeace/colord/no-root
nixos/colord: don't run as root
2019-03-30 04:06:55 +01:00
worldofpeace
099cc0482b nixos/pantheon: enable lightdm gtk greeter
Pantheon's greeter has numerous issues that cannot be
fixed in a timely manner, and users are better off if they just
didn't use it by default.
2019-03-29 21:29:59 -04:00
worldofpeace
f22fbe1175 nixos/colord: don't run as root
Using systemd.packages because there's
a system colord service and colord-session user service
included.
2019-03-29 20:56:06 -04:00
Florian Klink
aa2878cfcf
Merge pull request #58284 from bgamari/gitlab-rails
nixos/gitlab: Package gitlab-rails
2019-03-28 21:12:15 +01:00
Silvan Mosberger
9d4a6cceb7
Merge pull request #57550 from florianjacob/typed-mysql-options
nixos/mysql: specify option types, add tests
2019-03-28 18:55:53 +01:00
Ben Gamari
af909b3238 nixos/gitlab: Package gitlab-rails
This utility (particularly `gitlab-rails console`) is packaged by GitLab
Omnibus and is used for diagnostics and maintenance operations.
2019-03-28 11:45:31 -04:00
Ben Gamari
b90f5f03c2 nixos/gitaly: Run gitaly with procps in scope
Gitaly uses `ps` to track the RSS of `gitlab-ruby` and kills it when it
detects excessive memory leakage. See
https://gitlab.com/gitlab-org/gitaly/issues/1562.
2019-03-28 10:48:51 -04:00
Maximilian Bosch
3fc3096da8
Merge pull request #58432 from aanderse/mailcatcher
nixos/mailcatcher: init module for existing package
2019-03-27 16:11:15 +01:00