Commit Graph

11802 Commits

Author SHA1 Message Date
Aaron Andersen
ebbf93136f nixos/zabbixServer: explicitely set security.wrappers ownership 2021-11-17 11:26:14 -05:00
Bas van Dijk
dd1edacb7b
Merge pull request #142654 from yrd/prometheus-config-modules
nixos/prometheus: add new configuration options
2021-11-07 15:37:12 +01:00
Izorkin
d1a8806e39 nixos/mastodon: allow '@resources' filter to mastodon-web service 2021-11-07 11:59:36 +01:00
Victor Freire
46180e407e nixos/xmrig: init 2021-11-06 15:04:14 -03:00
Aaron Andersen
a97d32da9c
Merge pull request #144895 from arcnmx/ddclient-privs
nixos/ddclient: password permission fixes
2021-11-06 12:17:01 -04:00
arcnmx
cdd385510a nixos/ddclient: customizable package option 2021-11-06 08:50:39 -07:00
arcnmx
7deb5247a5 nixos/ddclient: fix privs when loading password 2021-11-06 08:50:39 -07:00
Izorkin
a71576b07b nixos/mastodon/streaming: add '@memlock' SystemCallFilter 2021-11-06 16:45:20 +01:00
Izorkin
91e510ae22 nixos/mastodon: add '@ipc' SystemCallFilter 2021-11-06 16:45:20 +01:00
Izorkin
700ea62f54 nixos/mastodon: remove duplicates SystemCallFilters 2021-11-06 16:45:20 +01:00
Izorkin
943f15d4b7 nixos/mastodon: add new sandboxing options 2021-11-06 16:45:20 +01:00
Thomas Tuegel
a506f9c797
Merge pull request #143673 from oxalica/fix/sddm-default-session
plasma5: set default session to plasma X11 and fix sddm
2021-11-06 09:55:47 -05:00
Jörg Thalheim
185aeb4ab8
Merge pull request #142765 from pennae/mosquitto-fixes
nixos/mosquitto: restore checkPasswords=false from old module, add module doc chapter
2021-11-06 10:08:43 +00:00
Pascal Bach
0f60c45e9c nixos/unifi: refactor mountpoints
Use service internal bind mounts instead of global ones.

This also moves the logs to /var/log/unifi on the host
and the run directory to /run/unifi.

Closes #61424
2021-11-05 12:20:40 +01:00
Yannik Rödel
7d34d32b3d nixos/prometheus: add remaining service discovery options 2021-11-05 12:18:13 +01:00
Bernardo Meurer
1403ce522d
Merge pull request #144239 from illustris/hadoop
nixos/hadoop: Add HA services and HTTPFS
2021-11-04 23:30:47 -07:00
Bernardo Meurer
a13bfe7fbc
roon-server: 1.8-831 -> 1.8-846 2021-11-04 09:40:19 -07:00
Yannik Rödel
b3d4f6d841 nixos/prometheus: add service discovery options 2021-11-04 15:07:18 +00:00
Yannik Rödel
904d29e1c4 nixos/prometheus: add new configuration options 2021-11-04 15:02:00 +00:00
Bas van Dijk
0140e239f3
Merge pull request #143147 from basvandijk/prometheus-reload
nixos/prometheus: optionally support reloading on config changes
2021-11-04 13:54:18 +01:00
Robert Hensing
3bccce68d1
Merge pull request #144440 from SuperSandro2000/lib-fromJSON
treewide: switch ``builtins.fromJSON(builtins.readFile ./file.json)``…
2021-11-04 12:17:40 +01:00
Bas van Dijk
f12e976ade module/prometheus: optionally support reloading on config changes
The new option `services.prometheus.enableReload` has been introduced
which, when enabled, causes the prometheus systemd service to reload
when its config file changes.

More specifically the following property holds: switching to a
configuration (`switch-to-configuration`) that changes the prometheus
configuration only finishes successully when prometheus has finished
loading the new configuration.

`enableReload` is `false` by default in which case the old semantics
of restarting the prometheus systemd service are in effect.
2021-11-04 11:15:21 +00:00
illustris
57225575df nixos/hadoop: fix errors in HTTPFS 2021-11-04 11:26:32 +05:30
illustris
8331b56701 nixos/hadoop: correct openFirewall options 2021-11-04 11:18:11 +05:30
illustris
c8df915e0e nixos/hadoop: add links for config files 2021-11-04 11:07:32 +05:30
Aaron Andersen
0c5d86b18c
Merge pull request #135601 from stackshadow/code-server-bin
code-server: init code-server-module
2021-11-03 22:15:26 -04:00
illustris
42e14ff69f nixos/hadoop: replace enable = mkoption bools with mkEnableOption 2021-11-03 22:44:25 +05:30
illustris
c3d147f507 nixos/hadoop: replace "enabled" options with "enable" options
The module has been using "enabled" in place of enable since init ( 0c10b2baa6 )
2021-11-03 22:44:25 +05:30
illustris
9ca4363191 nixos/hadoop: add HTTPFS 2021-11-03 22:44:25 +05:30
illustris
39c007ce9c nixos/hadoop: Add HA capabilities
- Add HDFS journalnode and ZKFC services
- Test failover of HDFS and YARN master services in full hadoop test
- Check if a minimal HDFS cluster works in the minimal HDFS test
2021-11-03 22:44:24 +05:30
Sandro Jäckel
8547db919a
treewide: switch `builtins.fromJSON(builtins.readFile ./file.json)` to lib.importJSON ./file.json 2021-11-03 14:43:52 +01:00
Maciej Krüger
e7fd175e97
nixos/lxd-image-server: init
Co-authored-by: Aaron Andersen <aaron@fosslib.net>
2021-11-03 14:32:44 +01:00
Maciej Krüger
f9bbc60cfb
nixos/odoo: apply suggestions from review 2021-11-03 12:40:59 +01:00
Pascal Bach
b01c019afd
Merge pull request #136191 from LeSuisse/nixos-unifi-poller-loki
nixos/unifi-poller: add support of Loki
2021-11-03 08:25:13 +01:00
Maciej Krüger
abc90b4851
nixos/odoo: init 2021-11-03 03:52:41 +01:00
Aaron Andersen
45891c5f1c
Merge pull request #143705 from felschr/ddclient-password-file
nixos/ddclient: replace password with passwordFile option
2021-11-02 19:42:49 -04:00
Michele Guerini Rocco
b67e752c29
Merge pull request #144210 from evils/fancontrol
nixos/fancontrol: restart on-failure
2021-11-02 10:22:25 +01:00
Evils
9cb2107476 nixos/fancontrol: restart on-failure 2021-11-02 09:24:31 +01:00
github-actions[bot]
4b2ca106c9
Merge master into staging-next 2021-11-02 06:01:22 +00:00
Jonas Heinrich
50029ed89c nixos/dokuwiki: add missing option enable 2021-11-02 09:23:06 +09:00
github-actions[bot]
d27dd6653e
Merge master into staging-next 2021-11-02 00:01:32 +00:00
Sandro
c3051ea7c2
Merge pull request #144024 from SuperSandro2000/fix-plasma-users 2021-11-01 23:56:12 +01:00
Niklas Hambüchen
29f4f7110c nixos/smokeping: Add nh2 to maintainers 2021-11-01 23:20:40 +01:00
Niklas Hambüchen
c7ed7466c3 nixos/smokeping: Don't listen on all interfaces by default.
In general, NixOS services are configured such that by default
they are not exposed to the Internet for security, see #100192.
2021-11-01 23:20:40 +01:00
Niklas Hambüchen
bb2a6ec751 nixos/smokeping: Use requiredBy instead of wantedBy.
This makes switch-configuration fail if something is wrong with it,
which is desired especially for NixOps deployments.
2021-11-01 23:20:40 +01:00
Niklas Hambüchen
123171b557 nixos/smokeping: Remove partOf to ensure restarts work.
Details on https://github.com/NixOS/nixops/issues/1063#issuecomment-453253666.

`partOf` makes that if `smokeping.service` is stopped, `thttpd.service` will
be stopped as well.
(But not that `thttpd` will be started when `smokeping` is started).

Once `thttpd.service` is stopped that way, `Restart = always` will not apply.

When the smokeping config options are changed, NixOS's `switch-configuration.pl`
will stop `smokeping` (whit shuts down thttpd due to `partOf`), and then restart
smokeping; but this does not start thttpd.
As a result, thttpd will be off after changing the config, which isn't desired.

This commit fixes it by removing the `partOf`, which makes `Restart` work
as expected.
2021-11-01 23:20:40 +01:00
Niklas Hambüchen
17e4387b38 nixos/smokeping: Make default imgUrl relative.
This avoids a common problem:

Until now, port forwarding to multiple hosts running smokeping did not work;
they all show the data of the first smokeping instance.
That ws because the image URLs generated by smokeping are absolute
(`imgurl` setting).
Consequently, if you ran
  ssh node-1 -L 8081:localhost:8081
  ssh node-2 -L 8081:localhost:8082
  ssh node-3 -L 8081:localhost:8083
and try to open http://localhost:8081, http://localhost:8082 and
http://localhost:8083, they all would show the images of node-1!

Using a relative `imgurl` fixes that.
As per smokeping docs on `imgurl`:

> Either an absolute URL to the `imgcache` directory or one relative to the
> directory where you keep the SmokePing cgi.
2021-11-01 23:20:40 +01:00
Niklas Hambüchen
2760695df0 nixos/smokeping: Add host option.
Allows setting smokeping to not listen on the public Internet.
2021-11-01 23:20:40 +01:00
Niklas Hambüchen
0a2103547f nixos/smokeping: Remove bash wrapper, refactor.
The bash wrapper process served no purpose, and systemd directly controlling the
processes is more reliable / more responsive to systemctl commands.
2021-11-01 23:20:40 +01:00
Martin
f4d551c0d4 maintainer: add stackshadow 2021-11-01 18:47:04 +01:00