Commit graph

1266 commits

Author SHA1 Message Date
Eelco Dolstra a323d146b7 Add user attribute isNormalUser
This is shorthand for setting group, createHome, home, useDefaultShell
and isSystemUser.
2014-08-15 02:16:04 +02:00
Eelco Dolstra 1a75958be5 Unify mutableUsers = { true, false }
With mutableUsers = true, we now ensure that all users and groups that
were created declaratively, are updated or removed
appropriately. Thus, adding a user to users.extraUsers and then
removing it now causes the acoount to be removed from
/etc/passwd. Thus user/group management is fully congruent except that
users and groups that were created imperatively (via useradd/groupadd)
are not touched. We distinguish between declarative and imperative
users/groups by tracking the former in
/var/lib/nixos/declarative-{groups,users}.

With mutableUsers = false, you are now no longer required to specify
UIDs/GIDs for all users. The handling of mutableUsers = true/false is
the same code path; the only difference is that the "false" mode
ignores the existing contents of /etc/{passwd,group}.

The attribute ‘createUser’ is gone. It doesn't really make sense to
specify users that shouldn't be created.
2014-08-15 02:15:29 +02:00
Eelco Dolstra df7bc53606 Merge remote-tracking branch 'origin/master' into staging 2014-08-15 02:15:14 +02:00
Eelco Dolstra 785ed2b528 Don't silently ignore errors from the activation script 2014-08-15 02:14:34 +02:00
Eelco Dolstra 883fa4f920 nixos-container destroy: Remove gcroots 2014-08-15 02:14:27 +02:00
Vladimír Čunát 56d9b2cc8a merge #3428: nano: bump and add system-wide config 2014-08-14 23:51:29 +02:00
Luca Bruno b83aceaecb Merge branch 'master' into staging 2014-08-14 23:09:59 +02:00
Luca Bruno 3d0dc6a143 gnome3: add services.xserver.desktopManager.gnome3.sessionPath
Used to add GI_TYPELIB_PATH and LD_LIBRARY_PATH for gnome shell extensions
or other libraries and services.

Not a great solution but may be the start for further work. Let's make
some cool packages work for now.
2014-08-14 21:16:40 +02:00
William A. Kennington III d0c0c2f9ba nixos/dhcpd: Wait until network interfaces are configured to start 2014-08-13 15:08:43 -05:00
William A. Kennington III b3ddcfabd9 nixos/dhcpd: Convert to systemd from upstart 2014-08-13 15:08:43 -05:00
William A. Kennington III 24368beed8 nixos/dhcpd: Use dhcp user instead of nobody 2014-08-13 15:08:43 -05:00
William A. Kennington III 4fbf120e84 nixos/dhcpd: Add the ability to drop privileges 2014-08-13 15:08:08 -05:00
William A. Kennington III 56228e5614 nixos/dhcp: Modernize ddns-update-style 2014-08-13 15:08:08 -05:00
Eelco Dolstra 330fadb706 Containers: Use systemd-nspawn startup notification
This prevents the container unit startup from hanging until timeout if
systemd-nspawn fails.
2014-08-13 00:49:25 +02:00
Harald van Dijk 67a5ec4efb nixos/lighttpd: fix modules for gitweb
Setting "services.lighttpd.gitweb.enable" to true doesn't enable the
required lighttpd modules to actually make it work. The problem is that
"or" and "||" don't mean the same thing: "or" falls back to the second
operand if the first is not defined, whereas "||" is the normal logical
operator. When cfg.cgit.enable is defined, as false, the expressions
don't have the desired effect.

[Bjørn: modify commit message]
2014-08-12 21:16:01 +02:00
Vladimír Čunát 87c3c0e885 Merge master into #2129
Conflicts (easy, just UID shifted):
	nixos/modules/misc/ids.nix
	nixos/modules/module-list.nix
2014-08-12 19:24:08 +02:00
Matt Miemiec 8695c58648 Add the bspwm window manager to Nix. 2014-08-12 18:22:15 +02:00
Luca Bruno 14895d6c95 Merge branch 'gdm' 2014-08-12 14:57:38 +02:00
Domen Kožar cc8e4f6814 provide pulseaudioFull and set it as default to hardware.pulseaudio.package 2014-08-12 12:51:25 +02:00
Luca Bruno 1a29fcae69 gdm: Add very experimental display manager 2014-08-12 11:23:42 +02:00
Eelco Dolstra 878b738333 Containers: Clean up veth interfaces 2014-08-12 03:13:32 +02:00
Eelco Dolstra b99af5579e Containers: Don't remount / 2014-08-12 03:13:32 +02:00
Eelco Dolstra 04ec038e89 Containers: Fix reboot and poweroff
Previously "machinectl reboot/poweroff" brutally killed the container,
as did "systemctl stop/restart". And reboot didn't actually work. Now
everything is fine.
2014-08-12 03:13:31 +02:00
Rickard Nilsson 66858833e3 mopidy: Add mopidy-scan service for scanning local media 2014-08-12 01:40:44 +02:00
Rickard Nilsson 7b5829c314 Add NixOS module for syslog-ng 2014-08-11 15:06:11 +02:00
Eelco Dolstra c7ca46904f tests/ipv6.nix: Fix race
http://hydra.nixos.org/build/13119647
2014-08-10 14:51:23 +02:00
Jaka Hudoklin 675d76b00c nixos/znc: add option to add module packages to znc
Besides that add option for extra znc config and fix a lot of stuff
2014-08-09 19:35:59 +02:00
Eelco Dolstra 4668f37444 Fix NixOS evaluation on i686-linux 2014-08-09 17:19:09 +02:00
Eelco Dolstra 7a09c6018d Manual: Generate PDF
Issue NixOS/nixos#237.
2014-08-09 16:33:12 +02:00
Eelco Dolstra aeb5c14eb9 Manual: Remove outdated author stuff 2014-08-09 16:33:01 +02:00
Eelco Dolstra 80a3c883a9 Manual: Render function defaults 2014-08-09 16:33:01 +02:00
Vladimír Čunát 52d9c93abe Merge 'staging' into master 2014-08-08 20:13:23 +02:00
Rickard Nilsson a01862a4b6 nslcd nixos service: Should be wantedBy multi-user, otherwise not started if activated on running server (only starts on bootup) 2014-08-08 17:40:14 +02:00
Peter Simons 9226fbf56a Merge remote-tracking branch 'origin/master' into staging. 2014-08-08 09:51:01 +02:00
Joel Taylor d8cca3d624 fail2ban: systemd support
- upgrade fail2ban to 0.9
- override systemd to enable python support and include sqlite3 module
- make fail2ban enablable
2014-08-08 00:10:19 +02:00
System administrator 5355d3d30b logrotate: use systemd instead of cron 2014-08-07 08:58:50 +02:00
Eelco Dolstra d5b5d763cd Fix evaluation 2014-08-06 19:44:13 +02:00
Rob Vermaas 34e6cb5083 Merge pull request #3476 from wkennington/master.unifi
Add support for the unifi access point controller
2014-08-06 17:00:54 +02:00
Rob Vermaas 46205faf69 Fix evaluation in virtualbox-image.nix 2014-08-06 16:25:42 +02:00
Eelco Dolstra 2b9ea7fd90 test-instrumentation.nix: Set an empty root password
This makes it easier to log in during interactive sessions.
2014-08-06 14:15:23 +02:00
Eelco Dolstra eab25b104a test-instrumentation.nix: Improve logging
In particular, don't clobber the serial console with duplicate output
from systemd and the journal, and increase the log level.
2014-08-06 14:15:18 +02:00
Eelco Dolstra 0d3b3bd01b systemd: Use the default log target ("journal-or-kmsg")
This ensures that early systemd messages end up in the journal (via
the kmsg buffer).
2014-08-06 14:15:12 +02:00
William A. Kennington III 377454ff0e nixos/unifi: Explain and simplify the bind mount configuration 2014-08-05 23:15:49 -05:00
William A. Kennington III 12ad29226c nixos/unifi: Fix ordering of mount rules 2014-08-05 22:09:15 -05:00
William A. Kennington III dfb596b49b nixos/unifi: Add service module 2014-08-05 21:40:47 -05:00
William A. Kennington III beddd36c95 nixos/stage-1: Don't check resilient filesystems 2014-08-05 21:06:51 +02:00
Rickard Nilsson 534a01c2b0 amazon ec2: Make fetch-ec2-data more robust
curl does not retry if it is unable to connect to the metadata server.
For some reason, when creating a new AMI with a recent nixpkgs, the
metadata server would not be available when fetch-ec2-data ran. Switching
to wget that can retry even on TCP connection errors solved this problem.

I also made the fetch-ec2-data depend on ip-up.target, to get it to start
a bit later.
2014-08-05 15:12:26 +02:00
Eelco Dolstra d9e6c07c5b Remove the containers test from the release-critical builds
Too many random failures...
2014-08-05 10:25:42 +02:00
Shea Levy 8a35a474fe Merge branch 'vbox-configurable-imgsize' of git://github.com/rickynils/nixpkgs 2014-08-04 13:20:13 -04:00
Peter Simons 2d326e5032 Merge remote-tracking branch 'origin/master' into staging.
Conflicts:
	pkgs/desktops/e18/enlightenment.nix
2014-08-04 16:51:47 +02:00