Commit Graph

593 Commits

Author SHA1 Message Date
aszlig
9d8a8126e9
systemd: Add support for path units.
This allows to define systemd.path(5) units, for example like this:

{
  systemd = let
    description = "Set Key Permissions for xyz.key";
  in {
    paths.set-key-perms = {
      inherit description;
      before = [ "network.target" ];
      wantedBy = [ "multi-user.target" ];
      pathConfig.PathChanged = "/run/keys/xyz.key";
    };

    services.set-key-perms = {
      inherit description;
      serviceConfig.Type = "oneshot";
      script = "chown myspecialkeyuser /run/keys/xyz.key";
    };
  };
}

The example here is actually useful in order to set permissions for the
NixOps keys target to ensure those permisisons aren't reset whenever the
key file is reuploaded.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-03-31 12:33:25 +02:00
Eelco Dolstra
5ba0d51f68 Fix VirtualBox image generation
http://hydra.nixos.org/build/9905410
2014-03-31 11:15:11 +02:00
Eelco Dolstra
c20383e756 Another fix to the installer tests 2014-03-31 11:10:56 +02:00
Eelco Dolstra
0469f92faf Bring back mkOrder 2014-03-30 20:35:25 +02:00
Eelco Dolstra
0fdd641b21 Ensure that slim's theme applies to slimlock 2014-03-30 19:33:28 +02:00
Eelco Dolstra
075168ca81 nixos-hardware-scan: Detect QEMU 2014-03-30 17:27:18 +02:00
Eelco Dolstra
aaf01268ff Revert "slim: remove duplicate code"
This reverts commit f7d5e83abb.  It
breaks the Firefox and Xfce tests:

  in job ‘tests.firefox.x86_64-linux’:
  cannot coerce a boolean to a string

  in job ‘tests.xfce.x86_64-linux’:
  infinite recursion encountered
2014-03-30 17:06:01 +02:00
Eelco Dolstra
1c192e1fea Another attempt to fix the installer test
http://hydra.nixos.org/build/9904133
2014-03-30 16:53:23 +02:00
Shea Levy
ac68dc6dc6 Merge branch 'minecraft-server' of git://github.com/thoughtpolice/nixpkgs
nixpkgs: add Minecraft Server & a service module
2014-03-29 12:51:49 -04:00
Austin Seipp
1acca1c396 nixos: add minecraft-server service
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-03-29 05:31:27 -05:00
Jaka Hudoklin
227997d8ca nixos/rabbitmq: rewrite
- rewrite from old jobs options to new services
- add simple test
- add dataDir option
2014-03-29 10:56:07 +01:00
Shea Levy
c23464672e sloppy sloppy Shea 2014-03-29 05:28:37 -04:00
Shea Levy
38cc80f4d8 D'oh 2014-03-29 05:25:16 -04:00
Shea Levy
1aa5589eef Merge branch 'virtualbox' of git://github.com/Calrama/nixpkgs
Update VirtualBox (and implicitly VirtualBox Guest Additions) to 4.3.6
and Oracle VM VirtualBox Extension Pack to 91406

Conflicts due to minor upgrade in the mean time

Conflicts:
	nixos/modules/virtualisation/virtualbox-guest.nix
	pkgs/applications/virtualization/virtualbox/default.nix
	pkgs/applications/virtualization/virtualbox/guest-additions/default.nix
2014-03-29 00:23:54 -04:00
Shea Levy
63f97fe9db Merge branch 'slim_fix' of git://github.com/jagajaga/nixpkgs
add normal theme support for slim and slimlock
2014-03-29 00:17:52 -04:00
Shea Levy
a82ca6a7f9 Merge branch 'disable-acpid' of git://github.com/ambrop72/nixpkgs
power-management: Don't enable acpid.
2014-03-28 23:52:56 -04:00
Shea Levy
7cebcb995d Merge branch 'cache.pcscd' of git://github.com/wkennington/nixpkgs
Update Smartcard Utils + Fix Daemon Expression
2014-03-28 23:45:00 -04:00
Shea Levy
701cb6b099 Merge branch 'nixos/containers/fix1' of git://github.com/offlinehacker/nixpkgs
nixos: fix linux containers (systemd-nspawn, lxc, lxc-libvirt)
2014-03-28 23:39:01 -04:00
Eelco Dolstra
c704f6bb4e VM tests: Run hwclock in the initrd
Needed for the installer tests, since otherwise mounting a filesystem
may fail as it has a last-mounted date in the future.

http://hydra.nixos.org/build/9846712
2014-03-28 16:52:08 +01:00
Moritz Ulrich
02a30bea44 Fix services.udisks.enable.
Latest update to udisks in 344f2e65 broke it for me. Fix it by doing the
following:

- Add udisks.service to /etc/systemd/system (via systemd.packages)
- Fix path to udisks-daemon in udisks.service (libexec/ instead of lib/)
2014-03-25 16:52:45 +01:00
Jaka Hudoklin
70a4c7b1df nixos: fix linux containers (systemd-nspawn, lxc, lxc-libvirt)
- Make dhcp work, use dhcpcd without udev in container
- Make login shell work, patch getty to not wait for /dev/tty0
- Make ssh work, sshd/pam do not start session
2014-03-24 23:59:50 +01:00
William A. Kennington III
155dc472d8 pcscd: Convert to systemd + Fix config file 2014-03-21 17:52:24 -05:00
Domen Kožar
917498001f almir: correctly set PYTHONPATH 2014-03-21 18:02:15 +01:00
Rob Vermaas
020d3b299c Make the GCE image use 100G as disk size (maximum). 2014-03-21 15:18:03 +01:00
Rob Vermaas
af6c571a7e Increase size of GCE image. Use disk.raw as name inside tar.gz, as this is compulsory. 2014-03-21 14:56:00 +01:00
Rickard Nilsson
6a60fc3bdd solr module: Activate JSP support in Winstone
Required by older versions of solr. The JSP support
in Winstone seems spotty, but at one point we'll switch
over to Jetty instead.
2014-03-21 12:04:52 +01:00
Austin Seipp
6e415d2b58 nixos: add BitTorrent Sync service module
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-03-20 12:24:28 -05:00
Shea Levy
78e6d0143d Add ngircd module 2014-03-19 22:04:35 -04:00
Shea Levy
78029b7b0f Merge branch 'nixos/elasticsearch/elasticsearch_fix' of git://github.com/offlinehacker/nixpkgs
nixos/elasticsearch: Make port an integer, add dataDir option, make pure
2014-03-19 18:02:13 -04:00
Shea Levy
ca81e38178 Merge branch 'nixos/statsd/statsd_port_fix' of git://github.com/offlinehacker/nixpkgs
nixos/statsd: change default host and port on graphite host and port
2014-03-19 18:00:49 -04:00
Shea Levy
d944c01db6 Merge branch 'pkgs/pythonPackages/fix_graphite2' of git://github.com/offlinehacker/nixpkgs
nixos/graphite: Make pure, fix several bugs, add dataDir option
2014-03-19 17:57:34 -04:00
José Romildo Malaquias
47c7e29ffa make environment.variables.GIO_EXTRA_MODULES a list
Close #1929.
2014-03-19 22:15:44 +01:00
Shea Levy
4216e42ca8 Merge branch 'openafs' of git://github.com/errge/nixpkgs
Openafs fixes
2014-03-19 05:21:28 -04:00
Shea Levy
77181be713 Set /run/keys ownership based on numerical ids
See comments on 4ab5646417
2014-03-19 05:18:24 -04:00
Rickard Nilsson
043bf5a941 mysql service: Shutdown with normal systemd SIGTERM instead of mysqladmin
According to the MySQL manual, this is a perfectly legal way of
shutting down the server. The shutdown logs also looks fine:

systemd[1]: Stopping MySQL Server...
mysqld[5114]: 140319  8:36:12 [Note] /nix/store/sc26mz82k97mbpx3d1abzn3rrbd155ws-mariadb-10.0.8/bin/mysqld: Normal shutdown
mysqld[5114]: 140319  8:36:12 [Note] Event Scheduler: Purging the queue. 0 events
mysqld[5114]: 140319  8:36:12 [Note] InnoDB: FTS optimize thread exiting.
mysqld[5114]: 140319  8:36:12 [Note] InnoDB: Starting shutdown...
mysqld[5114]: 140319  8:36:14 [Note] InnoDB: Shutdown completed; log sequence number 1619078
mysqld[5114]: 140319  8:36:14 [Note] /nix/store/sc26mz82k97mbpx3d1abzn3rrbd155ws-mariadb-10.0.8/bin/mysqld: Shutdown complete
systemd[1]: Stopped MySQL Server.
2014-03-19 08:41:07 +01:00
Eelco Dolstra
7d8fea797a Run hwclock --hctosys to initialize the system time 2014-03-18 23:14:34 +01:00
Eelco Dolstra
08095f97ce Typo 2014-03-18 22:40:39 +01:00
Eelco Dolstra
de57c0eb66 Shut up Perl warning 2014-03-18 14:10:31 +01:00
Eelco Dolstra
01fc3e5153 Revert "test-driver: Set the date to the current time on boot"
This reverts commit 4e6eae45ee. It
breaks running the test driver interactively (in that it causes all
VMs to be started immediately, which is not always what you wnat).
2014-03-18 14:05:51 +01:00
Shea Levy
a1a167bc8b nginx module: Enable modularly specifying servers 2014-03-17 23:31:56 -04:00
Shea Levy
4e6eae45ee test-driver: Set the date to the current time on boot
Should allow merging #1816
2014-03-17 22:05:19 -04:00
ambrop7@gmail.com
e5cc6d3552 Enable acpid if nvidia driver is being used.
The NVidia driver wants to connect to acpid to receive ACPI events.
2014-03-17 19:27:06 +01:00
Eelco Dolstra
1b6c01721d Revert "nixos-manual: show manual on tty8 by default"
This reverts commit b792394119.
Starting the manual on tty8 was intended as a convenience during
installation, not as a general purpose thing.  In fact, given that w3m
runs as root, this is highly insecure!
2014-03-17 12:45:57 +01:00
mornfall
fe995cdedc Merge pull request #1775 from thoughtpolice/duo_unix
Duo Security module and uid/gid support for /etc files
2014-03-16 23:06:01 +01:00
Austin Seipp
29d46452dd nixos: add Duo Security module
This module adds the security.duosec attributes, which you can use to
enable simple two-factor authentication for NixOS logins.

The module currently provides PAM and SSH support, although the PAM unix
system configuration isn't automatically dealt with (although the
configuration is automatically built).

Enabling it is as easy as saying:

  security.duosec.ssh.enable = true;
  security.duosec.ikey       = "XXXXXXXX...";
  security.duosec.skey       = "XXXXXXXX...";
  security.duosec.host       = "api-XXXXXXX.duosecurity.com";
  security.duosec.group      = "duosec";

which will enforce two-factor authentication for SSH logins for users in
the 'duosec' group.

This requires uid/gid support in the environment.etc module.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-03-16 07:11:50 -05:00
Shea Levy
6cc0cc7ff6 Merge branch 'postgresql-user' of git://github.com/ocharles/nixpkgs
postgresql module: Use the default superuser username
2014-03-15 13:29:52 -04:00
Shea Levy
3f6a654d9c Merge branch 'zsh' of git://github.com/ttuegel/nixpkgs
zsh: don't clobber the environment of non-login shells
2014-03-15 13:11:38 -04:00
Bjørn Forsman
f7006116b3 nixos/gpsd-service: add type declarations to options 2014-03-15 17:35:55 +01:00
Bjørn Forsman
28e5f72f05 nixos/gpsd-service: change from deprecated 'jobs' type to 'systemd'
This has the nice side-effect of making gpsd actually run!

Old behaviour (debugLevel=2):

  systemd[1]: gpsd.service holdoff time over, scheduling restart.
  systemd[1]: Stopping GPSD daemon...
  systemd[1]: Starting GPSD daemon...
  systemd[1]: gpsd.service start request repeated too quickly, refusing to start.
  systemd[1]: Failed to start GPSD daemon.
  systemd[1]: Unit gpsd.service entered failed state.

New behaviour (debugLevel=2):

  gpsd[945]: gpsd: launching (Version 2.95)
  systemd[1]: Started GPSD daemon.
  gpsd[945]: gpsd: listening on port 2947
  gpsd[945]: gpsd: running with effective group ID 27
  gpsd[945]: gpsd: running with effective user ID 23
  gpsd[945]: gpsd: stashing device /dev/ttyUSB0 at slot 0
2014-03-15 17:35:55 +01:00
ambrop7@gmail.com
49768ca8ff power-management: Don't enable acpid.
Running acpid along with systemd will cause double handling of acpi events.
2014-03-15 12:17:00 +01:00