Commit graph

230 commits

Author SHA1 Message Date
Eelco Dolstra d67e6e6285 * Remove some `stopOn = "ip-down"' declarations since they probably
don't do the right thing (e.g. they don't distinguish between
  network interfaces).

svn path=/nixos/trunk/; revision=22102
2010-06-02 16:19:48 +00:00
Lluís Batlle i Rossell 8b69834669 Fixing a syntax error in the vsftpd module I added in a recent commit.
svn path=/nixos/trunk/; revision=21687
2010-05-09 15:38:48 +00:00
Lluís Batlle i Rossell 4ee2a8a29a Fixing the UTF-8 in openssh sshd (passing to it the LOCALE_ARCHIVE - that
requieres a patch in openssh that I just commited to nixpkgs)

Before this, in the shell spawned, backspace could not work over UTF-8 strings in the readline.


svn path=/nixos/trunk/; revision=21679
2010-05-09 12:45:57 +00:00
Ludovic Courtès 4c1af311e1 avahi-daemon: Ensure that /var/run/avahi-daemon exists.
svn path=/nixos/trunk/; revision=21673
2010-05-08 22:28:26 +00:00
Lluís Batlle i Rossell 0d92459fb5 Fixing vsftpd regarding the anonymous user (some script lines had to be run
only in the case the anonymous user service were enabled)


svn path=/nixos/trunk/; revision=21669
2010-05-08 19:12:36 +00:00
Lluís Batlle i Rossell e4e3789dad Make privoxy run with uid=privoxy.
Patch by Russell O'Connor, sent to nix-dev.


svn path=/nixos/trunk/; revision=21551
2010-05-02 04:38:45 +00:00
Eelco Dolstra 8874226fa3 * Add rfkill to the system path.
svn path=/nixos/trunk/; revision=21201
2010-04-21 11:37:52 +00:00
Eelco Dolstra 176f6c52dd * Change the name of the SSH privilege separation user account back to
"sshd" because changing it to "opensshd" causes breakage (like the
  activation script saying "useradd: UID 2 is not unique.").  Also,
  OpenSSH requires it to be named "sshd", I think.

svn path=/nixos/trunk/; revision=20577
2010-03-11 18:07:20 +00:00
Ludovic Courtès 8e16742b79 Update users of `services.sshd'.
svn path=/nixos/trunk/; revision=20575
2010-03-11 17:02:53 +00:00
Ludovic Courtès d1b4b7fd28 Rename services.sshd' to services.openssh'.
svn path=/nixos/trunk/; revision=20574
2010-03-11 17:02:49 +00:00
Eelco Dolstra 051e9342b3 * Use the moduli file. This shuts up the "WARNING: /etc/ssh/moduli
does not exist, using fixed modulus" message in /var/log/messages.

svn path=/nixos/trunk/; revision=19754
2010-02-01 17:05:02 +00:00
Ludovic Courtès 06aeb7d87f GNUnet: Add options; add as a system package; provide /etc/gnunetd.conf.
svn path=/nixos/trunk/; revision=19630
2010-01-23 15:47:33 +00:00
Eelco Dolstra 50430f19e1 * Only run dhclient on interfaces of type 1, otherwise it fails to
start if the machine has weird network devices (e.g. "eql").

svn path=/nixos/trunk/; revision=19623
2010-01-22 20:34:32 +00:00
Lluís Batlle i Rossell fa2a6f835f Adding wicd, taking in the patch sent by roconnor to nix-dev on 2010-01-07.
svn path=/nixos/trunk/; revision=19298
2010-01-07 17:53:03 +00:00
Eelco Dolstra 9c465fedfa * Reinstate the -s flag.
svn path=/nixos/trunk/; revision=19055
2009-12-20 22:03:32 +00:00
Eelco Dolstra 57f70db611 * Revert r19003 for now, because wpa_supplicant 0.6.9 (in the Nixpkgs
trunk) doesn't have a -s flag.  0.7.0 in the stdenv branch
  presumably does, but it's marked as unstable upstream.

svn path=/nixos/trunk/; revision=19047
2009-12-20 16:51:22 +00:00
Lluís Batlle i Rossell ee434cc3d6 Using wpa_supplicant feature to log to syslog, instead of stdout (which,
in the actual upstart job, meant /dev/console)

svn path=/nixos/trunk/; revision=19003
2009-12-16 19:45:19 +00:00
Ludovic Courtès 3f2348ef91 Start networking services on `ip-up' when it makes sense.
svn path=/nixos/trunk/; revision=18962
2009-12-15 13:02:23 +00:00
Marc Weber 4d7e344f69 Adding initial version of the nixos cd insallation test script using
qemu_kvm. Installation doesn't take place yet. VM is started
printing a remote controlled "Hello".

This serves as example how to run a vm within a bulid job.

svn path=/nixos/trunk/; revision=18887
2009-12-11 00:51:13 +00:00
Rob Vermaas 038180bab8 * sshd.nix: ports attribute, to allow listening to multiple ports
svn path=/nixos/trunk/; revision=18877
2009-12-10 14:45:41 +00:00
Lluís Batlle i Rossell b005e22952 Adding a not-very-nice option to allow setting the wpa_supplicant interface.
(eth1 in my PC, instead of the previously hardcoded wlan0)

svn path=/nixos/trunk/; revision=18862
2009-12-09 20:30:40 +00:00
Eelco Dolstra a21f18e81f * Synced with the trunk.
svn path=/nixos/branches/upstart-0.6/; revision=18602
2009-11-24 16:11:01 +00:00
Sander van der Burg ff177a01a7 Fixed ejabberd service so that it will be started on startup
svn path=/nixos/branches/upstart-0.6/; revision=18557
2009-11-23 13:29:47 +00:00
Sander van der Burg ebbde6f8d3 Added directory option for ejabberd dumps so that we can use derivations on a convenient way, e.g. loadDumps = [ myDumpDrvFun ];
svn path=/nixos/branches/upstart-0.6/; revision=18487
2009-11-20 15:35:01 +00:00
Sander van der Burg dd0f8b36d5 Moved ejabberd initialization check loop inside the if statement, since we only have to check for it in the first startup
svn path=/nixos/branches/upstart-0.6/; revision=18464
2009-11-19 15:17:04 +00:00
Sander van der Burg 9b000b3dcf Added loadDumps option, which makes it possible to load a specific ejabberd configuration on the first startup
svn path=/nixos/branches/upstart-0.6/; revision=18461
2009-11-19 15:12:05 +00:00
Sander van der Burg a5cdfcbdb2 Removed the dirty sleep hack from the ejabberd service
svn path=/nixos/branches/upstart-0.6/; revision=18456
2009-11-19 13:15:15 +00:00
Michael Raskin ea2417ac87 Apply Eelco Dolstra's formatting suggestions
svn path=/nixos/trunk/; revision=18436
2009-11-18 15:11:54 +00:00
Michael Raskin 26f83d65e4 Adding GVPE service
svn path=/nixos/trunk/; revision=18431
2009-11-18 14:54:37 +00:00
Eelco Dolstra e9b2ef9fb7 * Restart wpa_supplicant and dhclient on resume.
svn path=/nixos/branches/upstart-0.6/; revision=18360
2009-11-15 20:40:41 +00:00
Eelco Dolstra 0755e228bf * Since "initctl stop" is now synchronous, the sleep is no longer
needed.

svn path=/nixos/branches/upstart-0.6/; revision=18359
2009-11-15 20:40:07 +00:00
Eelco Dolstra 83a9bf9a6a * Change all the startOn / stopOn attributes to the Upstart 0.6 syntax
(e.g., startOn = "started foo" instead of startOn = "foo").

svn path=/nixos/branches/upstart-0.6/; revision=18230
2009-11-06 22:19:17 +00:00
Eelco Dolstra a60d83d3b4 svn path=/nixos/branches/upstart-0.6/; revision=18228 2009-11-06 21:39:18 +00:00
Eelco Dolstra d545d08461 * In the network-interfaces task, emit an ip-up event if there is a
statically configured interface (i.e. we're not running dhclient).
  Otherwise the ntpd job won't be triggered.
* Use the "-n" flag of "initctl emit" to send the event
  asynchronously.

svn path=/nixos/branches/upstart-0.6/; revision=18227
2009-11-06 21:38:40 +00:00
Eelco Dolstra 9fa2f12cc2 * Do some more jobs.
svn path=/nixos/branches/upstart-0.6/; revision=18212
2009-11-06 15:46:56 +00:00
Eelco Dolstra b581a56d79 * Define the Upstart package to use in one place.
svn path=/nixos/branches/upstart-0.6/; revision=18187
2009-11-06 09:36:35 +00:00
Sander van der Burg 46558b31a0 Added ejabberd to the systemPackages and fixed some command line arguments. This will make the ejabberd service working again
svn path=/nixos/trunk/; revision=18070
2009-11-02 12:13:09 +00:00
Marc Weber 4f006e49bf openvpn was broken by jobAttrs. fixed
svn path=/nixos/trunk/; revision=17940
2009-10-23 11:30:54 +00:00
Eelco Dolstra eba8f94069 * jobAttrs -> jobs.
svn path=/nixos/trunk/; revision=17769
2009-10-12 18:09:34 +00:00
Eelco Dolstra d982f23f20 * Convert the remaining jobs to jobAttrs style.
svn path=/nixos/trunk/; revision=17764
2009-10-12 17:27:57 +00:00
Eelco Dolstra 9943e0762e * Update some more modules.
svn path=/nixos/trunk/; revision=17763
2009-10-12 17:09:38 +00:00
Eelco Dolstra e91d882a94 * Converted modules that were still using the old (concrete syntax)
style of declaring Upstart jobs.  While at it, converted them to the
  current NixOS module style and improved some option descriptions.
  Hopefully I didn't break too much :-)

svn path=/nixos/trunk/; revision=17761
2009-10-12 16:36:19 +00:00
Nicolas Pierron 2e34baba3b Rename environment.extraPackages to environment.systemPackages.
svn path=/nixos/trunk/; revision=17705
2009-10-07 17:14:25 +00:00
Marc Weber 7e72788a39 rewrite sshd using jobAtts serving as example
svn path=/nixos/trunk/; revision=17651
2009-10-05 18:31:30 +00:00
Rob Vermaas 0e2c160e2e added privoxy nixos module
svn path=/nixos/trunk/; revision=17646
2009-10-05 15:11:32 +00:00
Eelco Dolstra a5ad5a035e * Firewall: by default, only log rejected TCP connections. Otherwise
you get a lot of garbage in the log.  Also, an option to reject
  instead of drop packets.

svn path=/nixos/trunk/; revision=17505
2009-09-29 14:21:56 +00:00
Lluís Batlle i Rossell 4163ff95b4 Reverting r17459 - I had wpa_supplicant addapted to my system (nic device), and
I didn't want to commit that for all nixos users. We may write some day a better
wpa_supplicant solution.

svn path=/nixos/trunk/; revision=17462
2009-09-27 21:54:38 +00:00
Lluís Batlle i Rossell 852478ff79 Making supplicant work on eth1
svn path=/nixos/trunk/; revision=17459
2009-09-27 21:51:22 +00:00
Nicolas Pierron a701637f94 Use servicePath instead of relative paths.
svn path=/nixos/trunk/; revision=17454
2009-09-26 23:04:43 +00:00
Rob Vermaas bd6fbce0f3 * vsftpd typo
svn path=/nixos/trunk/; revision=17215
2009-09-17 07:39:21 +00:00
Rob Vermaas bb8c6b038d * use new job style for ddclient upstart
svn path=/nixos/trunk/; revision=17184
2009-09-16 11:57:41 +00:00
Rob Vermaas 44f99c64d4 * added ddclient module to allow synchronization of machine's ip address with dynamic dns provider
svn path=/nixos/trunk/; revision=17180
2009-09-16 11:22:45 +00:00
Nicolas Pierron ff7e67f2d3 Use the system hostname as default for the avahi daemon.
svn path=/nixos/trunk/; revision=17104
2009-09-13 22:13:07 +00:00
Ludovic Courtès 66ebc25eb9 Bitlbee: Change ownership of `/var/lib/bitlbee'.
svn path=/nixos/trunk/; revision=17099
2009-09-13 18:26:05 +00:00
Eelco Dolstra 8e6ad840f2 * Modularised the xinetd service. tftp has been factored out into a
separate module, which just declares a configuration value that
  causes the xinetd module to add it to xinetd.conf.  Also Nixified
  the service declarations to abstract over the inetd implementation.
  
* Renamed the services.xinetd.tftpd options to services.tftpd.  The
  fact that the tftpd module uses xinetd is an implementation detail.

* xinetd: use -dontfork to let Upstart monitor it, and use -syslog to
  get error messages at startup.

svn path=/nixos/trunk/; revision=16803
2009-08-21 13:05:45 +00:00
Lluís Batlle i Rossell f250f69ee8 Adding xinetd with a possible tftpd server.
svn path=/nixos/trunk/; revision=16784
2009-08-19 20:20:51 +00:00
Nicolas Pierron 5980d130c9 Check sshd.permitRootLogin values.
svn path=/nixos/trunk/; revision=16769
2009-08-19 15:04:05 +00:00
Eelco Dolstra 89ef5c979b * New nixos-rebuild action: "nixos-rebuild build-vm" builds a virtual
machine containing a replica (minus the state) of the system
  configuration.  This is mostly useful for testing configuration
  changes prior to doing an actual "nixos-rebuild switch" (or even
  "nixos-rebuild test").  The VM can be started as follows:

  $ nixos-rebuild build-vm
  $ ./result/bin/run-*-vm

  which starts a KVM/QEMU instance.  Additional QEMU options can be
  passed through the QEMU_OPTS environment variable
  (e.g. QEMU_OPTS="-redir tcp:8080::80" to forward a host port to the
  guest).  The fileSystem attribute of the regular system
  configuration is ignored (using mkOverride), because obviously we
  can't allow the VM to access the host's block devices.  Instead, at
  startup the VM creates an empty disk image in ./<hostname>.qcow2 to
  store the VM's root filesystem.

  Building a VM in this way is efficient because the VM shares its Nix
  store with the host (through a CIFS mount).  However, because the
  Nix store of the host is mounted read-only in the guest, you cannot
  run Nix build actions inside the VM.  Therefore the VM can only be
  reconfigured by re-running "nixos-rebuild build-vm" on the host and
  restarting the VM.

svn path=/nixos/trunk/; revision=16662
2009-08-11 01:35:56 +00:00
Eelco Dolstra 2331a5140d * Added a module for the bluetooth daemon.
* Refactored some other modules (dbus, hal).

svn path=/nixos/trunk/; revision=16652
2009-08-10 18:25:09 +00:00
Eelco Dolstra f0f5434eaa * Add an option to enable the firewall. It should eventually be
enabled by default.

svn path=/nixos/branches/modular-nixos/; revision=16464
2009-07-26 21:27:35 +00:00
Eelco Dolstra 264b49fce7 * A very basic firewall that rejects all incoming connections except
for the ports defined in networking.firewall.allowedTCPPorts.

svn path=/nixos/branches/modular-nixos/; revision=16460
2009-07-24 23:12:52 +00:00
Eelco Dolstra 38d594deec * wpa_supplicant: start/stop automatically.
svn path=/nixos/branches/modular-nixos/; revision=16451
2009-07-24 00:31:42 +00:00
Eelco Dolstra c4780a8953 * dhcp 4.1 requires IPv6 support.
svn path=/nixos/branches/modular-nixos/; revision=16450
2009-07-24 00:31:22 +00:00
Eelco Dolstra d591559609 * A simple module for running wpa_supplicant.
svn path=/nixos/branches/modular-nixos/; revision=16409
2009-07-16 21:08:32 +00:00
Eelco Dolstra 3abf509637 * Don't try to start dhclient on the wmaster0 interface. This just
gets rid of endless dhclient log messages such as

    Jul 16 19:09:30 dutibo dhclient: DHCPDISCOVER on wmaster0 to 255.255.255.255 port 67 interval 19
    Jul 16 19:09:30 dutibo dhclient: send_packet: Network is down

svn path=/nixos/branches/modular-nixos/; revision=16407
2009-07-16 17:25:50 +00:00
Eelco Dolstra b58682401e * Give a type to networking.interfaces.
* Simplified the pre-start script of the network-interfaces module.
* Removed wireless support from the network-interfaces module.  It
  only worked for static WEP configurations anyway, and AFAIK nobody
  used it.

svn path=/nixos/branches/modular-nixos/; revision=16406
2009-07-16 17:18:54 +00:00
Eelco Dolstra 7cb4503ad6 * More Upstart refactoring.
svn path=/nixos/branches/modular-nixos/; revision=16394
2009-07-16 13:55:11 +00:00
Eelco Dolstra 889311f4ca * Refactored the sshd module.
svn path=/nixos/branches/modular-nixos/; revision=16377
2009-07-15 15:53:39 +00:00
Eelco Dolstra 9d1e31117f * Get rid of the "users" and "groups" fields in jobs.
svn path=/nixos/branches/modular-nixos/; revision=16371
2009-07-15 11:34:55 +00:00
Eelco Dolstra ca8e00cafa * Got rid of the extraPath field in jobs (use
environment.systemPackages instead).  Also renamed
  services.extraJobs to jobs.

svn path=/nixos/branches/modular-nixos/; revision=16370
2009-07-15 11:19:11 +00:00
Michael Raskin 1118c4b6d1 Fix service tree paths
svn path=/nixos/branches/modular-nixos/; revision=16235
2009-07-08 09:09:57 +00:00
Ludovic Courtès 1f9d8f45ea lshd: Fix typo; comment on the seed generation.
svn path=/nixos/branches/modular-nixos/; revision=16142
2009-07-02 14:05:01 +00:00
Ludovic Courtès 74738de1f8 Make NSS modules visible to `avahi-daemon'.
It allows it to know whether `libnss-mdns' is available, which clients
can ask via the `IsNSSSupportAvailable' D-Bus method.

svn path=/nixos/branches/modular-nixos/; revision=16125
2009-07-01 12:27:35 +00:00
Ludovic Courtès e2e373b89c bitlbee: Fix `systemPackages' attribute.
svn path=/nixos/branches/modular-nixos/; revision=16090
2009-06-30 08:01:14 +00:00
Eelco Dolstra 116306c8dc * Restart ntpd when we get a new DHCP lease. Without this, if ntpd
previously failed to resolve the NTP server hostnames in its config
  file, it will happily sit in a loop forever doing nothing.

svn path=/nixos/branches/modular-nixos/; revision=15830
2009-06-02 19:42:31 +00:00
Eelco Dolstra 674d63e212 * Don't do a separate "ntp -q -g" to reset the system time in the ntp
start script.  It's probably not necessary, but more importantly, it
  can hang forever if the network is down.  (Actually it will sit in a
  loop waiting for UDP packets that will never arrive.)  This causes
  the NixOS reboot to hang, since Upstart can't kill jobs stuck in
  their start script.

svn path=/nixos/branches/modular-nixos/; revision=15829
2009-06-02 19:40:14 +00:00
Eelco Dolstra dba1d48b78 * Move the uid/gid mappings into a module. This allows other modules
to use it through config.ids.{uids,gids} rather than `import
  relative-path/ids.nix'.

svn path=/nixos/branches/modular-nixos/; revision=15796
2009-05-29 14:25:56 +00:00
Eelco Dolstra 05a08adf91 * Move the dhclient exit hooks file to the dhclient module, where it
belongs.

svn path=/nixos/branches/modular-nixos/; revision=15755
2009-05-27 23:30:29 +00:00
Eelco Dolstra 3c6ae39a0d * Refactoring: moved some options out of system/options.nix (almost
empty now), do more of bashrc.sh declaratively, and moved nsswitch
  generation to modules/config/nsswitch.nix.

svn path=/nixos/branches/modular-nixos/; revision=15754
2009-05-27 23:14:38 +00:00
Eelco Dolstra 5ebdee3577 * Continued refactoring the tree: moved most Upstart jobs (namely
those that run daemons) to modules/services.  This probably broke
  some things since there are a few relative paths in modules
  (e.g. imports of system/ids.nix).
* Moved some PAM modules out of etc/pam.d to the directories of NixOS
  modules that use them.

svn path=/nixos/branches/modular-nixos/; revision=15717
2009-05-24 23:13:23 +00:00