William A. Kennington III
c38a9b607f
Merge pull request #8654 from ts468/upstream.trusted_grub_integration
...
grub installation: integrate trustedGRUB + fix broken equality check
2015-07-05 11:34:00 -07:00
Thomas Strobel
65cbbc75b0
grub installation: integrate trustedGRUB + fix broken equality check
2015-07-05 19:51:53 +02:00
Luca Bruno
6c8e6aaa24
nixos docker: fix service and test
2015-07-05 13:57:23 +02:00
lethalman
d7869f46ca
Merge pull request #8602 from ts468/upstream.pam
...
Security: integrate pam_mount into PAM of NixOS
2015-07-05 00:40:49 +02:00
Thomas Strobel
7b6f279142
pam_mount module: integrate pam_mount into PAM of NixOS
2015-07-04 23:42:31 +02:00
Mateusz Kowalczyk
2bd811155e
Merge pull request #8603 from ts468/upstream.xen
...
Xen related stuff
2015-07-04 16:13:33 +01:00
lethalman
07bdaa97da
Merge pull request #8554 from dwe11er/luks-detached-header
...
allow for using LUKS devices with detached header
2015-07-04 13:17:54 +02:00
Arseniy Seroka
b15df9482a
Merge pull request #8573 from lihop/shellinabox-service
...
shellinabox service: initial implementation
2015-07-04 14:02:06 +03:00
Arseniy Seroka
093a8994f9
Merge pull request #8624 from ambrop72/minidlna-update
...
minidlna 1.1.4
2015-07-04 13:59:32 +03:00
Leroy Hopson
1eb50ebbf2
shellinabox service: intial implementation
2015-07-04 21:18:13 +12:00
Pascal Wittmann
2fd9d56f51
nixos/skydns: fixed reference to skydns
2015-07-04 09:43:28 +02:00
Ambroz Bizjak
42a5ad5c5e
minidlna: 1.0.25 -> 1.1.4
...
Changes:
- gettext is needed to build
- Switched to using non-legacy ffmpeg.
- Removed ffmpeg stuff from include path since it causes build errors related to
a time.h header.
- Removed unneeded patch.
- Adjusted NixOS service due to the binary being renamed.
2015-07-04 09:16:28 +02:00
aszlig
9bc2f77daa
nixos/tests/chromium: Improve sandbox checking.
...
We no longer need have "SUID sandbox" enabled in the chrome://sandbox
status page and we now also check for "You are adequately sandboxed." to
be absolutely sure that we're running with proper sandboxing.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-07-04 02:31:45 +02:00
Joachim Schiele
11cd596aea
wordpress: language downloads are now reproducible
2015-07-03 13:06:44 +02:00
Thomas Strobel
8f911263e9
Xen Dom0: add dnsmasq to xen-bridge.
2015-07-02 16:27:40 +02:00
William A. Kennington III
b21fd5d066
nixos/postgresql: Fix initdb for existing, empty postgres partitions
2015-07-02 00:08:02 -07:00
William A. Kennington III
7eae48871f
Merge branch 'master.upstream' into staging.upstream
2015-07-01 13:38:17 -07:00
Shea Levy
dd9530c819
Merge remote-tracking branch 'projectorhq/riemann-tools'
...
Add riemann-tools package and service
2015-07-01 08:45:33 -04:00
Eelco Dolstra
f667310c06
Use mkAfter for services.postgresql.authentication
...
Authentication methods are tried in order, so if another NixOS module
defines a specific ident mapping like
local hydra all ident map=hydra-users
it should appear before the generic
local all all ident
2015-07-01 13:49:02 +02:00
William A. Kennington III
612f0bdd67
Merge branch 'master.upstream' into staging.upstream
2015-06-30 23:58:07 -07:00
Tobias Geerinckx-Rice
013f88ac7e
nixos: gnome-keyring: fix module description
2015-07-01 02:22:27 +02:00
Robert Pitts and Trenton Strong
bbb36ea039
Add riemann-tools to nixpkgs
...
Adds package via bundlerEnv and service for Riemann health.
2015-06-30 17:16:51 -04:00
Eelco Dolstra
96b325b0b7
Remove option ec2.metadata
2015-06-30 17:25:56 +02:00
Eelco Dolstra
32b9ca3219
EC2: Don't blackhole 169.254.169.254
...
https://github.com/NixOS/nixops/issues/267
2015-06-30 17:04:19 +02:00
Eelco Dolstra
a9b3d75e9e
nix.buildMachines: Fewer required fields
2015-06-30 00:51:07 +02:00
Marcin Falkiewicz
c1becad3eb
nixos/modules/system/boot/luksroot.nix: allow for LUKS devices with detached header
2015-06-29 17:36:47 +02:00
aszlig
f9bd72f24c
nixos/iso-image: Allow to customize menu label.
...
It comes in handy to alter the menu label if you're not building a NixOS
installer image but for example if you want to build a live system and
still want to re-use the iso-image.nix module.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-06-28 23:30:17 +02:00
Edward Tjörnhammar
ed9dc1fd9e
nixos: added gitit service
2015-06-28 12:39:52 +02:00
William A. Kennington III
b6322e1215
krb5: Break out into a lib and not lib version
2015-06-26 22:05:47 -07:00
William A. Kennington III
ef253212f4
Merge branch 'master.upstream' into staging.upstream
2015-06-26 17:25:49 -07:00
William A. Kennington III
fee9ef8659
nixos: Replace pkgs.openssh with config.programs.ssh.package
2015-06-26 17:09:58 -07:00
Eelco Dolstra
1f3f31b2a8
Add options nix.{trustedUsers,allowedUsers}
...
These are just trusted-users and allowed-users in nix.conf. It's
useful to have options for them so that different modules can specify
trusted/allowed users.
2015-06-26 18:45:27 +02:00
Eelco Dolstra
fb203a34c0
nix.buildMachines: Don't require sshUser
2015-06-26 18:44:44 +02:00
Peter Simons
449c14d20b
Merge pull request #8520 from hrdinka/fix/postfix-recipient_delimiter
...
postfix: fix recipient_delimiter option
2015-06-26 14:18:58 +02:00
Christoph Hrdinka
6839ad653a
postfix: fix recipient_delimiter option
...
This reverts commit 88f4b75a00
and fixes the
recipientDelimiter config option. Till then the camel case variant was used
while recipient_delimiter would have been right.
2015-06-26 14:05:53 +02:00
Damien Cassou
ffe164d758
Merge pull request #8484 from DamienCassou/fix-blocking-stumpwm-module
...
Don't block the system after starting stumpwm
2015-06-26 11:40:59 +02:00
Damien Cassou
0bd3737bd0
stumpwm: don't block after starting stumpwm
...
This is important to let nixos configure everything, e.g., a desktop
manager.
2015-06-26 11:38:04 +02:00
Joachim Schiele
011993c86a
wordpress: usability updates
2015-06-25 16:21:14 +02:00
Thomas Tuegel
a8c52d0958
Merge branch 'master' into staging
2015-06-25 09:15:05 -05:00
Thomas Tuegel
0aa8e64967
kde5: JSON manifest format
2015-06-25 09:03:40 -05:00
Rok Garbas
d405d036c5
redmine service: fixing a typo, pointing to bundler package
2015-06-25 15:24:57 +02:00
Russell O'Connor
46f06ccde7
uwsgi-service: Add user/group for uwsgi service.
...
Also add a uwsgi directory under /run (defaulting to /run/uwsgi) where the uwsgi user can place sockets.
2015-06-24 14:48:53 +00:00
Simon Vandel Sillesen
9dab1a840c
tvheadend: init at 4.0.4
2015-06-24 13:22:09 +00:00
William A. Kennington III
6532863ac4
unifi: 3.2.10 -> 4.6.3
2015-06-23 10:09:44 -07:00
Arseniy Seroka
266531b5b0
Merge pull request #8422 from travisbhartwell/update/atom-shell-to-electron
...
atom-shell: renamed to electron and updated 0.19.1 -> 0.28.2
2015-06-23 18:54:22 +03:00
William A. Kennington III
282d03befa
Merge branch 'master.upstream' into staging.upstream
2015-06-22 10:57:36 -07:00
Luca Bruno
f00440fac5
nixos/x11: start session with dbus-launch
...
This is needed by most window managers. Desktop environments
usually launch dbus-launch if a session hasn't been started yet
so this shouldn't hurt. The worst it can happen is that one
dbus session will be unused in case it's started twice.
The GDM change is backported from recent gdm.
2015-06-22 16:12:20 +00:00
Peter Simons
88f4b75a00
nixos: recipientDelimiter is no longer a valid configuration option in Postfix 2.11.x or later
...
Note that this change in Postfix might affect the mlmmj.nix service in
ways I don't fully understand.
2015-06-22 12:47:23 +02:00
Peter Simons
e08074ff6d
nixos: fix code that sets up /etc/postfix
...
The sample config files have moved from ${postfix}/share to ${postfix}/etc in
version 2.11.4.
2015-06-22 12:47:23 +02:00
Arseniy Seroka
cf44a27fc4
fix argument in mkEnableOption
2015-06-21 18:21:21 +03:00
Travis B. Hartwell
caa216b640
atom-shell: renamed to electron and updated 0.19.1 -> 0.28.2
...
Added systemd to buildEnv path because of new libudev dependency.
2015-06-19 15:32:12 -06:00
Damien Cassou
90912f8aa5
Merge pull request #8401 from DamienCassou/document-desktopManagerHandlesLidAndPower-in-systemd
...
Explanation to desktopManagerHandlesLidAndPower
2015-06-19 14:02:04 +02:00
Damien Cassou
26e424a4aa
Explanation to desktopManagerHandlesLidAndPower
...
With this patch, systemd-inhibit outputs a descriptive message when
desktopManagerHandlesLidAndPower=true (the default).
Before the patch:
$ systemd-inhibit
Who: /nix/store/[...]-xsession [...] (UID 1000/cassou, PID 18561/systemd-inhibit)
What: handle-power-key:handle-lid-switch
Why: Unknown reason
Mode: block
After the patch:
$ systemd-inhibit
Who: /nix/store/[...]-xsession [...] (UID 1000/cassou, PID 18561/systemd-inhibit)
What: handle-power-key:handle-lid-switch
Why: See NixOS configuration option 'services.xserver.displayManager.desktopManagerHandlesLidAndPower' for more information.
Mode: block
2015-06-19 11:16:32 +02:00
Vladimír Čunát
61596bf405
Merge #8363 : pure-darwin stdenv
2015-06-18 22:38:08 +02:00
William A. Kennington III
295846a254
nixos/nix-serve: Run as a separate user and add a signing key parameter
2015-06-17 19:10:39 -07:00
William A. Kennington III
8e19ac8d7c
Merge branch 'master.upstream' into staging.upstream
2015-06-17 11:57:40 -07:00
William A. Kennington III
d4fc2b4d99
nixos/install-grub: Fix grub1 installation
2015-06-17 11:47:36 -07:00
rushmorem
d9c56c696f
Replaces https://github.com/NixOS/nixpkgs/pull/8368
2015-06-17 19:26:17 +02:00
Rushmore Mushambi
8170e74d9f
Revert "Make it possible to boot NixOS from a SCSI Disk on KVM"
2015-06-17 19:13:08 +02:00
rushmorem
ee3768b9ba
Make it possible to boot NixOS from a SCSI Disk on KVM
...
Currently NixOS can't boot from a SCSI disk as a KVM Guest.
I found this out while installing it on the new [Linode KVM
platform](https://www.linode.com/docs/platform/kvm#custom-kernel-configuration ).
2015-06-17 17:28:07 +02:00
Eelco Dolstra
f93d8425c3
Installer test: Fix booting from SCSI
...
This is required by the GRUB 1 test.
2015-06-17 15:47:43 +02:00
Luca Bruno
d5628c982d
Bypass /etc/gdm/Xsession. Closes #8351
2015-06-16 11:20:20 +00:00
Luca Bruno
aa800fa0fe
Merge branch 'master' into staging
2015-06-15 09:56:29 +02:00
lethalman
e08bbc0bc1
Merge pull request #8159 from cransom/dd-agent
...
Allow custom tags to be set for datadog monitoring
2015-06-15 18:43:14 +02:00
Casey Ransom
d3212beff9
Allow custom tags to be set for datadog monitoring
2015-06-15 16:37:27 +00:00
Eelco Dolstra
6e6a96d42c
Some more type cleanup
2015-06-15 18:18:46 +02:00
Eelco Dolstra
c63bc92d4c
types.uniq types.str -> types.str
2015-06-15 18:12:32 +02:00
Eelco Dolstra
19ffa212af
types.uniq types.int -> types.int
...
types.int already implies uniqueness.
2015-06-15 18:11:32 +02:00
Eelco Dolstra
c738b309ee
types.uniq types.bool -> types.bool
2015-06-15 18:10:26 +02:00
Eelco Dolstra
9366af1b94
"types.uniq types.string" -> "types.str"
2015-06-15 18:08:49 +02:00
Bjørn Forsman
74d5adcb4d
nixos: move environment.{variables => sessionVariables}.MODULE_DIR
...
This solves the problem that modprobe does not know about $MODULE_DIR
when run via sudo, and instead wrongly tries to read /lib/modules/:
$ sudo strace -efile modprobe foo |& grep modules
open("/lib/modules/3.14.37/modules.softdep", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/lib/modules/3.14.37/modules.dep.bin", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/lib/modules/3.14.37/modules.dep.bin", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/lib/modules/3.14.37/modules.alias.bin", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
Without this patch, one would have to use sudo -E (preserves environment
vars). But that option is reserved for sudo users with extra rights
(SETENV), so it's not a solution.
environment.sessionVariables are set by PAM, so they are included in the
environment used by sudo.
2015-06-14 18:56:58 +02:00
Domen Kožar
a2deb7a2c9
Merge pull request #8322 from unaizalakain/master
...
The user specified in the conf should run MPD
2015-06-14 11:41:36 +02:00
Dan Peebles
10e75453b2
Factor the NixOS channel building code out into its own file, so I can use it elsewhere
2015-06-13 21:55:29 -04:00
Dan Peebles
ebde5fd9d4
Use the right nix when doing things in our amazoninit
2015-06-13 21:26:50 -04:00
Unai Zalakain
8811724ec9
The user specified in the conf should run MPD
2015-06-13 23:24:19 +02:00
Oliver Matthews
2434ee4aab
Allow setting mediatomb interface
2015-06-13 15:16:28 +00:00
Luca Bruno
033605e87f
Merge branch 'nixos-subdir'
...
Conflicts:
nixos/modules/system/boot/loader/grub/grub.nix
2015-06-13 15:18:12 +02:00
Luca Bruno
c3e832b323
stage-1: mkdir -p /mnt-root, it may be created earlier by some hooks
2015-06-13 15:02:51 +02:00
Luca Bruno
3754de550f
nixos/grub: allow customization of the nix store path
2015-06-13 15:02:00 +02:00
William A. Kennington III
954801a9a8
Merge branch 'master.upstream' into staging.upstream
2015-06-12 13:47:46 -07:00
Shea Levy
5ee75e236c
apache-kafka: Enable overriding the kafka package
2015-06-12 15:56:06 -04:00
Sander van der Burg
fd187980c7
Put dysnomia in system environment if Disnix is enabled
2015-06-12 16:18:42 +00:00
Joachim Fasting
ffc6275e55
dnscrypt-proxy service: support custom providers
...
The primary use-case is private DNSCrypt providers.
Also rename the `port` option to differentiate it from the
`customResolver.port` option.
2015-06-12 15:12:33 +02:00
Joachim Fasting
8131065b63
dnscrypt-proxy service: use mkEnableOption
2015-06-12 15:12:33 +02:00
Joachim Fasting
2e8bc2bd5c
nixos: cosmetic improvements to dnscrypt-proxy service module
...
Remove superflous whitespace & comments
2015-06-12 15:12:33 +02:00
Joachim Fasting
a88a6bc676
nixos: additional hardening for dnscrypt-proxy
...
- Run as unprivileged user/group via systemd, obviating the need to
specify capabilities, etc.
- Run with private tmp and minimal device name space
2015-06-12 15:12:33 +02:00
Joachim Fasting
823bb5dd4d
nixos: implement socket-activation for dnscrypt-proxy
...
The socket definition is derived from upstream with the
exception that it does not depend on network.target, as
this creates a cycle between basic.target and sockets.target.
The apparmor profile has been updated to account for additional
runtime dependencies introduced by enabling systemd support.
2015-06-12 15:12:33 +02:00
Joachim Fasting
dfe20de782
nixos: permit dnscrypt-proxy service to read basic user/group info
...
If nscd is not running, dnscrypt-proxy crashes without read access
to /etc/{password,group,nsswitch.conf}.
2015-06-12 15:12:30 +02:00
Thomas Tuegel
2a2448bcb7
Merge pull request #8182 from ttuegel/openblas
...
Numerical computing overhaul
2015-06-12 08:06:03 -05:00
Thomas Tuegel
c02dd4a726
Update release notes about OpenBLAS
2015-06-12 08:04:02 -05:00
Eelco Dolstra
07aa0f7f21
Revert "Use nixUnstable by default"
...
This reverts commit 64a41b7a90
.
2015-06-12 13:20:18 +02:00
Luca Bruno
da7748a6fc
nixos: set high fs.inotify.max_user_watches when xserver is enabled
2015-06-12 13:02:35 +02:00
Thomas Strobel
399b549611
Fix: xen-bridge systemd service
2015-06-12 12:52:14 +02:00
Thomas Strobel
a6e12c23fc
Link Xen scripts to /etc/xen
2015-06-12 12:52:14 +02:00
Dan Peebles
4b758e374e
Initial attempt at configuring from EC2 userdata (with input from cstrahan). Now with VM tests!
2015-06-11 23:16:35 -04:00
Dan Peebles
b6c589b2da
Simple EC2 user-data VM test
2015-06-11 22:54:04 -04:00
William A. Kennington III
ffcd8acee6
nixos/pulseaudio: Fix description
2015-06-11 17:26:12 -07:00
Eelco Dolstra
cd28c5517c
Revert "Drop tests.installer.grub1 as release critical"
...
This reverts commit 1907ca8a2a
. See
1907ca8a2a (commitcomment-9719007)
2015-06-12 01:37:45 +02:00
Rickard Nilsson
7a0ca52267
scollector: Change type of collectors to allow proper merging
2015-06-11 16:49:43 +02:00
William A. Kennington III
502a19b2b4
nixos/grub: Support labeling efi bootloaders with independent id's
2015-06-10 15:47:08 -07:00