Peter Hoeg
69d8b81b4b
sshguard: make it run
2017-10-14 14:38:04 +08:00
Peter Hoeg
3571163858
display-manager: systemd-udev-settle serves no purpose
2017-10-14 14:38:04 +08:00
Peter Hoeg
8f21e089a8
networkd: only wait for network to be online if configured to do so
2017-10-14 14:38:04 +08:00
Peter Hoeg
8758f476b3
networking: add option to toggle the wait-online service
2017-10-14 14:38:04 +08:00
Peter Hoeg
0944d44f1b
hyperv-daemons: add nixos module
2017-10-14 14:38:04 +08:00
Peter Hoeg
41306ca505
smartd: set drive timeout
2017-10-14 14:38:04 +08:00
Peter Hoeg
1917e69b54
dnsmasq nixos: make sure it always runs
...
By default we only restart if the dnsmasq daemon fails but we introduce an
option to always keep it running.
2017-10-14 14:38:04 +08:00
Peter Hoeg
65b73d71cb
ssh: deprecate use of old DSA keys
...
They are not safe and shouldn't be used.
2017-10-14 14:38:04 +08:00
Jörg Thalheim
b90f50862f
Merge pull request #30324 from florianjacob/firewall-clarify-logging
...
nixos/firewall: Rename misleading rejected to refused in logging
2017-10-13 20:25:21 +01:00
Dan Peebles
56e18c50cc
Revert "Simple proof of concept for how to do other types of services"
...
This reverts commit 7c3253e519
.
I included this in another push by accident and never intended for it to
be in mainline. See https://github.com/NixOS/nixpkgs/pull/26075 if you
want more.
2017-10-13 09:17:13 -04:00
Franz Pletz
5ec10da86b
Merge pull request #30356 from bflyblue/plex-1.9.5
...
plex: 1.9.2 -> 1.9.5
2017-10-13 13:10:58 +02:00
Franz Pletz
c6218193dd
Merge pull request #30364 from Ma27/compton/opacity-rules-support
...
services.compton: add `opacityRules` option
2017-10-13 13:09:53 +02:00
Yegor Timoshenko
22505d8df4
connman: do not restart after suspend
2017-10-13 13:05:02 +02:00
Matt McHenry
bbec429f7a
djbdns: fix root server list at build time
...
as suggested by @peterhoeg in
1b7e5eaa79 (commitcomment-24560631)
fixes #30379
2017-10-13 10:29:12 +01:00
Profpatsch
2864bc8fd9
Revert "desktop-managers: do not leak feh to PATH"
2017-10-13 10:48:07 +02:00
Peter Hoeg
f7ba92bfa3
Merge pull request #30286 from yegortimoshenko/patch-2
...
desktop-managers: do not leak feh to PATH
2017-10-13 11:13:21 +08:00
Peter Hoeg
829730d38f
nixos user: reserve kodi
2017-10-13 10:34:27 +08:00
Maximilian Bosch
4b50d543bd
services.compton: add opacityRules
option
2017-10-12 21:14:01 +02:00
Shaun Sharples
caee93f3d4
Fix warning about unknown escape sequences
...
systemd warns about:
Ignoring unknown escape sequences: "/nix/store/8f0l1w9g7iv2gz63xzsxfl66ri1cfbkl-plex-1.9.5.4339/usr/lib/plexmediaserver/Plex\ Media\ Server
From a discussion on the forums it seems the 'sh -c' is not needed:
https://forums.plex.tv/discussion/216757/ubuntu-16-04-executable-path-contains-special-characters-error-with-systemd
2017-10-12 19:44:58 +02:00
Franz Pletz
e13d0c3435
Merge pull request #30172 from mayflower/cleanup/firmware-modules
...
nixos: clean up wifi firmware & default kernel modules
2017-10-12 16:32:01 +02:00
Patrick Chilton
e3675fedc7
mate-power-manager: init at 1.18.0
2017-10-12 08:22:21 +02:00
Peter Hoeg
c640e790d5
pykms: nixos module
2017-10-12 08:51:34 +08:00
aszlig
829566a23d
nixos/docker-containers: Fix submodule usage
...
The submodule of the "docker-containers" option isn't recognized as a
proper submodule and thus neither properly type-checks nor are its
options included in the manual.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-10-12 02:07:47 +02:00
Thomas Tuegel
d9aa539340
Merge branch 'phonon-backend-qt5'
2017-10-11 18:35:08 -05:00
Thomas Tuegel
b25deccd1a
nixos/plasma5: install phonon backends for each current Qt version
...
Fixes #27050 , where the phonon backend was not found.
2017-10-11 18:29:43 -05:00
Florian Jacob
847beb558f
nixos/firewall: Rename misleading rejected to refused in logging
...
as that's used as general term for rejected or dropped packets
in the rest of the config.
2017-10-11 20:12:58 +02:00
Jörg Thalheim
659c7484d1
Merge pull request #30312 from florianjacob/locatedb-fix-systemd-path-capabilities
...
locatedb: fix startup fail due to systemd path capabilities
2017-10-11 14:59:13 +01:00
Florian Jacob
70c3f56bdd
nixos/locatedb: fix first run when /var/cache doesn't exist
...
by using systemd-tmpfiles.
Also document what's happening there.
2017-10-11 14:59:18 +02:00
Jörg Thalheim
6b3b708501
Merge pull request #30280 from woffs/speed
...
nix-daemon: mention speedFactor in example
2017-10-11 11:26:39 +01:00
Florian Jacob
818b161e0a
nixos/locatedb: path restriction options were renamed
...
in systemd 231.
2017-10-11 11:15:29 +02:00
aszlig
f4e742594d
nixos: Fix detection of btrfs root volume
...
Regression introduced by 801c920e95
.
Since then, the btrfsSimple subtest of the installer VM test fails with:
Btrfs did not return a path for the subvolume at /
The reason for this is that the output for "btrfs subvol show" has
changed between version 4.8.2 and 4.13.1.
For example the output of "btrfs subvol show /" in version 4.8.2 was:
/ is toplevel subvolume
In version 4.13.1, the output now is the following and thus the regular
expressions used in nixos-generate-config.pl and install-grub.pl now
match (which results in the error mentioned above):
/
Name: <FS_TREE>
UUID: -
Parent UUID: -
Received UUID: -
Creation time: -
Subvolume ID: 5
Generation: 287270
Gen at creation: 0
Parent ID: 0
Top level ID: 0
Flags: -
Snapshot(s):
In order to fix this I've changed nixos-generate-config.pl and
install-grub.pl, because both use "btrfs subvol show" in a similar vein,
so the regex for parsing the output now doesn't match anymore whenever
the volume path is "/", which should result in the same behaviour as we
had with btrfs-progs version 4.8.2.
Tested against the btrfsSimple, btrfsSubvols and btrfsSubvolDefault
subtests of the installer VM test and they all succeed now.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-10-11 04:30:52 +02:00
Yegor Timoshenko
274c9b7587
unbound: fix typo in systemd Before
2017-10-10 20:08:36 +00:00
Bjørn Forsman
d26f8b5e00
nixos/lighttpd: add missing modules to allKnownModules
...
The output of ./configure shows all modules/plugins, both enabled and
disabled. With this info we can finally build the _complete_ list of
modules. We were missing these:
mod_authn_gssapi
mod_authn_ldap
mod_geoip
(I hit this as I was building lighttpd with ldap support and the NixOS
module said ldap was unsupported, due to these missing entries in
allKnownModules.)
2017-10-10 20:14:38 +02:00
elseym
aeeac71231
mattermost: create role and db with postgres superuser
...
Recently, the postgres superuser name has changed. Using the configured
and correct username here fixes database initialisation.
2017-10-10 20:08:21 +02:00
WilliButz
5e8d1757ef
nixos/xautolock: rewrite and add some options
2017-10-10 19:02:27 +02:00
Yegor Timoshenko
f9415cb621
desktop-managers: do not leak feh to PATH
...
feh is used to set background image for desktop managers that do not support it directly, however there is no need to include it in PATH.
Fixes #17450 .
2017-10-10 15:46:33 +00:00
Frank Doepper
08bf000fe2
nix-daemon: mention speedFactor in example
2017-10-10 15:07:35 +02:00
Eelco Dolstra
9df79de1a1
Enable command-not-found
...
5a5db609e5
disabled it by default, which
may have been unintentional. mkEnableOption considered harmful.
2017-10-10 12:26:24 +02:00
Eelco Dolstra
ee9a15b323
Set $NIX_DEBUG_INFO_DIRS when environment.enableDebugInfo is enabled
...
This allows it to co-exist with other debug info directories, such as
the one used by dwarffs
(https://github.com/edolstra/dwarffs/blob/master/module.nix ).
2017-10-10 12:04:57 +02:00
Jörg Thalheim
a61304e3cb
Merge pull request #30261 from Ekleog/fcron-hardlink
...
fcron module: fix use with hardlink-optimized store
2017-10-09 23:12:40 +01:00
Léo Gaspard
1afd97aa8f
fcron module: fix use with hardlink-optimized store
2017-10-09 23:44:28 +02:00
WilliButz
7002ca7e1c
nixos/zsh-syntax-highlighting: refactor
2017-10-09 23:30:10 +02:00
Benjamin Staffin
b3df084c70
nixos: minor X11 option description improvements ( #30035 )
2017-10-09 12:07:19 -07:00
Sarah Brofeldt
7b81889394
nixos/config/timezone: Disallow spaces
2017-10-09 20:52:25 +02:00
Shea Levy
f6858e55c2
Reserve uid/gids for kanboard
2017-10-09 07:44:32 -04:00
Joerg Thalheim
e34e28e573
nixos/fcron: service needs fcron in PATH
...
otherwise fcronsighup is not found.
Set PATH to /run/current-system/sw/bin does not seems to be used by service file anyway.
2017-10-09 11:43:24 +01:00
Tim Steinbach
c643759d41
kbfs: Add package in module
2017-10-08 12:49:58 -04:00
Jörg Thalheim
28db3ad7ae
Merge pull request #30216 from bachp/minio-exporter
...
Minio exporter
2017-10-08 15:09:32 +01:00
Joerg Thalheim
e7e4e0c3b6
nixos/prometheus-minio-exporter: only inherit keys from minio if set
2017-10-08 15:05:25 +01:00
Pascal Bach
8e10a4d862
prometheus-minio-exporter service: default to local minio server if enabled
2017-10-08 15:09:25 +02:00
Jörg Thalheim
eefae49f6d
Merge pull request #30183 from Mic92/openafs
...
openafs-client: don't remove kernel module on stop
2017-10-08 12:13:29 +01:00
Pascal Bach
aad88ddf5b
prometheus-minio-exporter service: init version
2017-10-08 12:47:00 +02:00
Bas van Dijk
5b8ff5ed49
graphite: 0.9.15 -> 1.0.2
...
Fixes : #29961
Also added the option:
services.graphite.web.extraConfig
for configuring graphite_web.
2017-10-08 03:03:22 +02:00
Jörg Thalheim
b256b2778a
Merge pull request #30204 from lheckemann/powertop-fix
...
powertop module: add kmod to path
2017-10-07 22:06:46 +01:00
Linus Heckemann
fadb906b2f
powertop module: add kmod to path
...
powertop attempt to load some kernel modules like msr by calling
modprobe. This is the counterpart to
88e43eb39b
which has the powertop
executable search PATH for modprobe rather than hardcoding /sbin, and
actually adds the directory containing modprobe to its PATH for the
systemd service.
2017-10-07 21:48:50 +01:00
Guillaume Maudoux
15b7e102b6
Safer defaults for immutable znc config ( #30155 )
...
* Safer defaults for immutable znc config
I just lost all the options I configured in ZNC, because the mutable config was overwritten.
I accept any suggestions on the way to implement this, but overwriting a mutable config by default seems weird. If we want to do this, we should ensure that ZNC does not allow to edit the config via the webmin when cfg.mutable is false.
* Do not backup old config files.
There seems to be little need for backups if mutable becomes a voluntary opt-out.
* fixup
2017-10-07 16:38:14 +01:00
Graham Christensen
30524ca860
Merge pull request #30171 from NeQuissimus/keybase_modules
...
keybase/kbfs: Fix modules
2017-10-07 09:51:44 -04:00
Joerg Thalheim
912ec467db
openafs-client: don't remove kernel module on stop
...
Otherwise it cannot re-insert the kernel module after a kernel upgrade
when boot kernel != running kernel.
2017-10-07 10:11:30 +01:00
Tuomas Tynkkynen
e86b78363d
nixos/filesystems/ext: Don't try to load ext3 module
...
This module doesn't exist since v4.3, where the ext3 driver was removed
as ext4.ko can mount ext3 filesystems as well.
2017-10-07 11:01:01 +03:00
Franz Pletz
801c920e95
btrfs-progs: 4.8.2 -> 4.13.1
2017-10-07 04:04:20 +02:00
David Johnson
5b530d4568
oauth2_proxy: default address updated
...
Go will fail to parse this otherwise.
https://github.com/golang/go/issues/19297
2017-10-06 16:52:22 -07:00
Franz Pletz
3855b7977c
nixos: clean up kernel modules
...
* the keyboard modules in all-hardware.nix are already defaults of
boot.initrd.availableKernelModules
* ide modules, hid_lenovo_tpkbd and scsi_wait_scan have been removed
because they're not available anymore
* i8042 was a duplicate (see few lines abowe)
2017-10-07 01:48:03 +02:00
Franz Pletz
3df126dbf7
nixos/modules: clean up wireless firmware options
...
All available options were just enabling
hardware.enableRedistributableFirmware. There were nix files without
modules which weren't referenced anywhere.
2017-10-07 01:48:02 +02:00
Tim Steinbach
8840eaf223
keybase: Fix modules
2017-10-06 18:49:58 -04:00
michael bishop
0ee6f8612e
dd-agent: fix multiple tags in the config file
2017-10-05 19:33:18 -03:00
Orivej Desh
184f80aeb8
Merge pull request #29781 from rick68/softether
...
softether: 4.18 -> 4.20
2017-10-05 08:26:23 +00:00
Joerg Thalheim
c2c843adf7
nixos/traefik: guard example path
2017-10-04 14:51:20 +01:00
Joerg Thalheim
a3200348b7
nixos/traefik: owner/group should be changed recursivly
2017-10-04 11:59:38 +01:00
Jörg Thalheim
b8288f137f
Merge pull request #29865 from hamhut1066/traefik-module
...
nixos/traefik create service
2017-10-04 11:53:11 +01:00
Joerg Thalheim
3468c9e5cc
nixos/traefik: create /var/lib/traefik with correct permissions
2017-10-04 11:49:42 +01:00
Hamish Hutchings
2e5297217d
nixos/traefik create service
2017-10-04 11:26:39 +01:00
Franz Pletz
d6f7e2f6f6
Merge pull request #29942 from elitak/ipfs
...
Ipfs: prepare for autoMigrate fix
2017-10-04 03:07:25 +02:00
Alexander Foremny
03a5d729ef
nixos/gitlab: fix gitlab service
...
Fix GitLab service and update documentation. Fixes #30059 .
2017-10-04 02:40:07 +02:00
Franz Pletz
eb59961855
Revert "pinentry: make GTK3 the default front-end"
...
This reverts commit 3f7e3db744
.
This broke the gpg-agent user service. See #27468 .
2017-10-04 02:16:37 +02:00
Eelco Dolstra
9b3aa19a88
Add NixOS 17.09 AMIs
...
Fixes #29976 .
2017-10-03 16:56:59 +02:00
Jörg Thalheim
0b18fa4f09
Merge pull request #30014 from eqyiel/krb5-fixes
...
nixos/krb5: complete rewrite
2017-10-03 11:04:58 +01:00
Joerg Thalheim
1406e249b3
krb5: add deprecation date for old configuration
2017-10-03 11:01:05 +01:00
Joachim F
cb3d443787
Merge pull request #29452 from jerith666/pfix-srsd-1709
...
nixos/pfix-srsd: add module
2017-10-03 00:51:59 +00:00
Bob van der Linden
9d841295f3
gogs: avoid creating symlinks each run
2017-10-02 22:11:46 +02:00
Wei-Ming Yang
7e4e2667ae
softether: 4.18 -> 4.20
2017-10-03 01:35:20 +08:00
The-M1k3y
0f2b46cdba
nixos/gogs: fixed user creation if non-default user
2017-10-02 15:53:30 +02:00
Graham Christensen
5af263c2af
Merge pull request #27468 from jtojnar/fix/pinentry-gnome
...
pinentry: add GNOME frontend
2017-10-02 07:29:23 -04:00
Jörg Thalheim
2354e0f05a
cloud-utils: 0.29 -> 0.30
2017-10-02 09:11:20 +01:00
Ruben Maher
06e15e59f9
nixos/krb5: complete rewrite
...
The `krb5` service was a bit lacking.
Addresses NixOS/nixpkgs#11268 , partially addresses NixOS/nixpkgs#29623 .
2017-10-02 14:30:19 +10:30
Pascal Bach
2239dc6234
glusterfs service: fix issues with useRpcbind
2017-10-01 19:39:22 +02:00
Jan Tojnar
3f7e3db744
pinentry: make GTK3 the default front-end
...
See: https://github.com/NixOS/nixpkgs/issues/18559
2017-10-01 01:40:03 +02:00
Joachim F
74db6fabcb
Merge pull request #29868 from nh2/nh2-glusterfs-improvements-for-17.09-master
...
glusterfs service: a few fixes and improvements
2017-09-30 12:19:19 +00:00
Eric Litak
f46616db5a
ipfs: disable autoMigrate option for now
2017-09-29 18:07:55 -07:00
Rok Garbas
748ef34f09
assertion should check for encrypted.label of the defined fileSystem
2017-09-29 19:55:28 +02:00
Joerg Thalheim
44b6a1509d
nixos/bcc: init module
...
Looks trival, but it is easy to make the mistake
to add linuxPackages.bcc to systemPackages,
which breaks if the not the default kernel is used.
2017-09-29 15:18:25 +01:00
Joerg Thalheim
5572062674
nixos/sysdig: init module
2017-09-29 15:01:21 +01:00
Peter Hoeg
963435a462
Merge pull request #29748 from fadenb/security.pam.usb_link_fix
...
security.pam.usb: fix url
2017-09-29 07:49:10 +08:00
Robin Gloster
57ed9e7e1d
gitlab: 9.5.5 -> 10.0.2
2017-09-28 23:14:31 +02:00
Jörg Thalheim
12ac88af1d
Merge pull request #29890 from mbrgm/nullmailer-fix
...
nixos/nullmailer: fixes and `remotesFile` option
2017-09-28 21:29:37 +01:00
Cray Elliott
d4bdf302a3
nvidia-x11: fix eval error from 4ef82339c9
2017-09-28 13:11:16 -07:00
Tristan Helmich
c6761f8578
security.pam.usb: link to wiki on github.com
...
pamusb.org no longer serves the intended content.
2017-09-28 16:00:28 +02:00
Robin Gloster
4aeb38e5b9
Revert "kubernetes: fix hashes after dockerTools change"
...
This reverts commit 9ba024f6d8
.
2017-09-28 14:09:49 +02:00
Joerg Thalheim
91eb6cf82c
nullmailer: simplify config generation
2017-09-28 11:04:39 +01:00
Marius Bergmann
e741cc4881
nullmailer: add remotesFile
option
...
The current `remotes` option is a string option containing nullmailer remote
definitions. However, those definitions may contain secret credentials and
should therefore not be put world-readable in the nix store.
I added a `remotesFile` option, which allows to specify a path to the remotes
definition file instead. This way, the definitions can be kept outside of the
nix store with more secure file permissions.
2017-09-28 08:52:21 +02:00
Marius Bergmann
02e89de71c
nullmailer: use proper description for remotes
option
2017-09-28 08:52:21 +02:00