Shea Levy
3eb0faf317
qemu-vm: Use unionfs-fuse instead of aufs for writableStore
2012-12-16 11:56:49 -05:00
Shea Levy
be4f69519b
iso-image: Use unionfs-fuse instead of aufs
2012-12-16 11:31:52 -05:00
Eelco Dolstra
bd7ea9be58
sysinit.target: Drop the dependency on local-fs.target and swap.target
...
Having all services with DefaultDependencies=yes depend on
local-fs.target is annoying, because some of those services might be
necessary to mount local filesystems. For instance, Charon's
send-keys feature requires sshd to be running in order to receive LUKS
encryption keys, which in turn requires dhcpcd, and so on. So we drop
this dependency (and swap.target as well for consistency). If
services require a specific mount, they should use RequiresMountsFor
in any case.
2012-12-14 17:42:54 +01:00
Eelco Dolstra
5437424297
Hackery to build against both the nixpkgs master and systemd branch
2012-12-13 15:04:09 +01:00
Rob Vermaas
859badc966
Zabbix agent: RemainAfterExit=true seems to give more reliable restarts, cannot completely figure out why, as Type=forking should be enough.
2012-12-11 20:54:19 +01:00
Eelco Dolstra
97ae408e83
Merge remote-tracking branch 'origin/master' into systemd
2012-12-11 17:40:39 +01:00
Eelco Dolstra
78bd54ca80
Allow setting additional AuthorizedKeysFiles
...
Charon needs this to include the dynamically generated
/root/.vbox-charon-client-key. (We used
users.extraUsers.root.openssh.authorizedKeys.keyFiles for this, but
that no longer works.)
2012-12-11 17:29:34 +01:00
Eelco Dolstra
eda051cff5
Remove abuse of "with"
2012-12-11 17:14:52 +01:00
Rickard Nilsson
68872f81cf
openssh: Change the way authorized keys are added to the system.
...
Instead of the somewhat hacky script that inserted public keys
into the users' .ssh/authorized_keys files, use the AuthorizedKeysFile
configuration directive in sshd_config and generate extra key
files for each user (placed in /etc/authorized_keys.d/).
2012-12-11 17:02:39 +01:00
Eelco Dolstra
3224ea8a1e
Don't require nixUnstable
2012-12-11 13:14:33 +01:00
Eelco Dolstra
745a201814
Check whether /proc/sys/net/ipv6/conf/all/disable_ipv6 exists
2012-12-11 13:14:17 +01:00
Eelco Dolstra
13617b803b
Use the binary cache in the installer
...
Also remove "nixos-rebuild pull".
2012-12-08 19:00:06 +01:00
Eelco Dolstra
ef3199f782
Add options for specifying binary caches
...
Cherry-picked a4bcb26b1a
.
2012-12-08 18:37:40 +01:00
Evgeny Egorochkin
860cbf7890
scanner support: create scanner group. Users need to be in this group to access scanners.
2012-12-06 02:59:34 +02:00
Evgeny Egorochkin
15a15be2f6
dhcpcd: disable "require dhcp_server_identifier" because of so many non-compliant DHCP servers
2012-12-05 23:55:42 +02:00
Eelco Dolstra
b1da38f564
Merge remote-tracking branch 'origin/master' into systemd
2012-11-30 16:12:04 +01:00
Eelco Dolstra
7435db4f89
Get rid of the last uses of mkAlways
...
mkAlways is an insane function, mkMerge is much saner.
2012-11-30 15:07:39 +01:00
Eelco Dolstra
3c6e0fd594
Generate the binary hardware database required by systemd 196
2012-11-29 18:51:44 +01:00
Eelco Dolstra
9eb81d2578
Renamed tcpWrapper -> tcp_wrappers
2012-11-29 15:16:30 +01:00
Lluís Batlle i Rossell
04963cf802
system-tarball-pc: fixing the readme inclusion
2012-11-29 11:29:15 +01:00
Lluís Batlle i Rossell
a9e5d1ab50
Changing the kernel parameters for crashump
...
I think that these enable more checks, and make more NMIs happen.
2012-11-29 11:27:33 +01:00
Peter Simons
6b6b245693
sane: update name of the snapshot version of the backends
2012-11-26 16:21:11 +01:00
Peter Simons
403dc16c51
sane: update name of the snapshot version of the backends
2012-11-26 16:20:29 +01:00
Shea Levy
a5ef0ffe12
rngd: Require /dev/random, only start when a hardware randomness source becomes available
2012-11-26 08:45:23 -05:00
Eelco Dolstra
f3c9c83e04
Make it easier to append to the default sudo configuration
2012-11-23 15:14:16 +01:00
Shea Levy
e76eb7f1a7
Disable rngd by default while I work on some patches to make it more systemd-friendly
2012-11-22 10:14:41 -05:00
Eelco Dolstra
994a15bc25
nixos-rebuild: Handle options with spaces in them
...
Like ‘--option binary-caches "http://foo http://bar "’
2012-11-22 12:04:00 +01:00
Eelco Dolstra
a4bcb26b1a
Add options for specifying binary caches
2012-11-22 11:49:47 +01:00
Eelco Dolstra
77891f8d59
Typo
2012-11-22 10:41:54 +01:00
Shea Levy
cd513482d4
Add rngd service.
...
Inspired by http://pkgs.fedoraproject.org/cgit/rng-tools.git/tree/rngd.service?id=27b1912b2d9659b6934fd4c887e46c13958e7e3c
2012-11-22 02:07:25 -05:00
Rob Vermaas
f0a6911929
Add ec2.metadata (default false) option whether to allow access to EC2 metadata API.
2012-11-21 12:19:38 -05:00
Peter Simons
0f15d75017
Merge pull request #29 from rickynils/shellaliases
...
Generate shell aliases programatically
2012-11-20 12:35:03 -08:00
Rickard Nilsson
6099451662
Add support for nslcd (nss-pam-ldapd) as users.ldap.daemon option
2012-11-20 16:39:45 +01:00
Rickard Nilsson
611ebeb1d0
Add nslcd (nss-pam-ldapd) uid and gid
2012-11-20 16:39:45 +01:00
Rickard Nilsson
a22c362155
Add option for specifying shell aliases, environment.shellAliases.
2012-11-20 16:33:29 +01:00
James Cook
3afa5f86c1
Fixed the documentation for programs.ssh.forwardX11 to account for the X11 SECURITY extension.
2012-11-18 11:05:18 -08:00
James Cook
63dc873b85
Merge master.
2012-11-18 10:49:55 -08:00
Eelco Dolstra
60bf4c3cd7
Add a GRUB 1 dependency
...
http://hydra.nixos.org/build/3331139
2012-11-16 16:42:45 +01:00
Eelco Dolstra
722a3a7147
Remove unnecessary (AFAICT) call to toPath
2012-11-15 23:07:05 +01:00
Eelco Dolstra
35922e61d9
Systemd requires the latest Nix
2012-11-15 22:55:36 +01:00
Eelco Dolstra
1f401a0e35
Make install-grub.pl work when $PATH is empty
2012-11-15 22:54:43 +01:00
Eelco Dolstra
f44d27a96c
Make the installer work on systemd
...
Systemd mounts the root filesystem as a shared subtree, which breaks
recursive bind mounts.
2012-11-15 22:53:57 +01:00
Rickard Nilsson
02e0d7dbc3
dnsmasq: Add extraConfig option
2012-11-12 18:16:04 +01:00
Eelco Dolstra
08e6c0cb7c
Update channel URLs
2012-11-12 09:19:25 +01:00
Eelco Dolstra
1350816199
test-instrumentation.nix: Don't start agetty on hvc0
2012-11-12 09:19:25 +01:00
Peter Simons
622a652411
Add option "environment.binsh" to configure the shell executable used to create the global /bin/sh symlink.
2012-11-11 21:46:25 +01:00
Peter Simons
04ba5de70a
modules/programs/bash/bash.nix: cosmetic indention fix
2012-11-11 21:29:33 +01:00
Shea Levy
2f833bc88d
Remove unnecessary toPath that breaks with recent nixUnstable
2012-11-08 13:04:20 -05:00
Eelco Dolstra
e078117c72
firewall.nix: Don't fail if IPv6 is disabled
2012-11-06 22:55:25 +01:00
aszlig
a333f7212e
systemd: Fail if kernel features are missing.
...
This has rendered my system unbootable, because I forgot to enable AUTOFS4 in my
custom kernel. In addition to AUTOFS4, this includes (hopefully) all other
kernel features needed by systemd, as listed in the README:
REQUIREMENTS:
Linux kernel >= 2.6.39
with devtmpfs
with cgroups (but it's OK to disable all controllers)
optional but strongly recommended: autofs4, ipv6
Autofs4 is not a requirement here, but in our case it turns out that the system
is not able to boot properly with a LUKS-enabled system (or at least not on _my_
system).
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-11-06 11:25:43 +01:00