Commit graph

1419 commits

Author SHA1 Message Date
William A. Kennington III 43c2bc0f8c Merge pull request #4108 from wkennington/master.firewall
Firewall: Don't allow traffic during nixos-switch / reload
2014-09-15 20:42:40 -07:00
William A. Kennington III fd7b9b4291 nixos/firewall: Don't allow traffic during reload 2014-09-15 20:40:16 -07:00
William A. Kennington III 4d193b7262 systemd: Support reload scripts 2014-09-15 20:04:49 -07:00
Thomas Strobel 1613d6cca6 Add package: Enlightenment E19!
Wayland desktop shell is not enabled, yet.
2014-09-15 23:34:28 +02:00
Bjørn Forsman 0bfd27535f nixos/libvirtd: refresh LXC emulator path on startup
This fixes the issue when the LXC emulator binary is garbage collected
and breaks libvirtd containers, because libvirtd XML file still refers
to GC'ed store path.

We already have a fix for QEMU, this commit extends the fix to cover LXC
too.
2014-09-15 23:03:20 +02:00
Michael Raskin d05684be21 Merge pull request #3694 from matejc/cmst
new package: cmst - qt gui for connman
2014-09-15 23:12:01 +04:00
Aristid Breitkreuz 69c95e3fdf Merge pull request #4041 from nbp/disable-fuppes
Disable fuppes module
2014-09-14 22:29:30 +02:00
Jaka Hudoklin d6f9878fbf nixos/elasticsearch: wait for start 2014-09-13 02:21:31 +02:00
Jaka Hudoklin f7ba3d833f nixos/znc: fix module, createUser option does not exist anymore 2014-09-13 02:20:32 +02:00
Jaka Hudoklin 74122464da nixos/influxdb: wait for start 2014-09-13 02:19:39 +02:00
Jaka Hudoklin 26fd945151 nixos/rabbitmq: wait for start 2014-09-13 02:16:53 +02:00
Jaka Hudoklin a23e4997d3 Merge pull request #4034 from offlinehacker/graphiteApi
nixos: add graphite api to graphite functionality
2014-09-13 00:05:36 +00:00
Bjørn Forsman ec59929c9f nixos/jekins: add services.jenkins.extraGroups option
This makes it easy to give jenkins extra privileges by adding group
memberships. Use with care :-)
2014-09-12 15:25:15 +02:00
Matej Cotman 99a46a0eca set network manager as default true 2014-09-12 13:52:26 +02:00
William A. Kennington III bab5efd237 nixos/ssh: Allow user to configure the package that provides ssh/sshd 2014-09-11 22:07:39 -07:00
Nicolas B. Pierron ca02c60cb8 Disable fuppes module
fuppes has not been compiling for a long moment, and the ffmpeg version on
which it depends is no longer listed in nixpkgs.
2014-09-11 23:46:20 +02:00
Bjørn Forsman a44de69d06 nixos/tomcat: make package version configurable 2014-09-11 22:32:16 +02:00
aszlig d394d095ab
containers: Don't descend into mounts on destroy.
This tells the sad tale of @the-kenny who had bind-mounted his home
directory into a container. After doing `nixos-container destroy` he
discovered that his home directory went from "full of precious data" to
"no more data".

We want to avoid having similar sad tales in the future, so this now also
check this in the containers VM test.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-09-11 18:12:35 +02:00
aszlig 859f049d1b
containers: Remove check for var/lib/startup-done.
Fixes a leftover from 330fadb706.

We're using systemd dbus notifications now and this leftover caused the
startup notification to fail.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-09-11 18:12:35 +02:00
Jaka Hudoklin bc6b180d90 nixos/statsd: add support for external backends, fix a few options 2014-09-11 18:11:16 +02:00
Jaka Hudoklin 19ea435cf8 nixos: add graphite api to graphite functionality 2014-09-11 18:09:40 +02:00
Eelco Dolstra 05163e99db nixos-rebuild: Don't pass -K by default 2014-09-10 14:57:26 +02:00
Eelco Dolstra 624efa4224 Support users-groups.json referring to store paths
Fixes #4016.
2014-09-10 11:50:45 +02:00
Luca Bruno ac724e7bbc Added TORQUE package and nixos module
Resource management system for submitting and controlling
jobs on supercomputers, clusters, and grids

http://www.adaptivecomputing.com/products/open-source/torque
2014-09-09 18:24:46 +02:00
Bjørn Forsman e84b0c94f0 nixos/jekins: rename option services.jenkins.{extraOpts => extraOptions}
I noticed "extraOptions" is infinitely more used than "extraOpts" in
NixOS.
2014-09-09 17:40:53 +02:00
Bjørn Forsman cb614ef4ad nixos/jenkins: remove use of types.string (it's deprecated) 2014-09-09 17:36:25 +02:00
Bjørn Forsman cf7b782ea9 nixos/jenkins: add services.jenkins.extraOpts option
Allows passing extra command line arguments to Jenkins.
2014-09-09 17:36:25 +02:00
Eelco Dolstra 1a9c27c092 Typo 2014-09-08 13:58:44 +02:00
Luca Bruno dfa6f03ea3 Do not assert absolute path for nodev grub device. Closes #3996 2014-09-08 12:00:34 +02:00
Eelco Dolstra 585983bc95 Merge remote-tracking branch 'origin/staging'
Conflicts:
	pkgs/applications/version-management/subversion/default.nix
2014-09-08 11:42:09 +02:00
Nicolas Pierron becde6132b Replace environment.profileVariables by environment.profileRelativeEnvVars 2014-09-07 19:41:00 +02:00
Nicolas B. Pierron a4e60ebacf Merge pull request #3811 from nbp/options-json
Export the list of options to XML & JSON, such that external tools can use it.
2014-09-07 10:39:03 -07:00
Igor Pashev 5c6e4e7433 Updated Mediawiki to 1.23.3
Removed mediawiki-postgresql-fixes.patch (fixed upstream)
2014-09-07 17:50:51 +02:00
Nathaniel Baxter fb9a6221b6 ati_unfree: Update nixos-manual for AMD driver support 2014-09-07 12:42:32 +10:00
Nathaniel Baxter 45f4b8b3ad ati_unfree: Towards using ati unfree 32bit binary libs 2014-09-07 12:40:40 +10:00
Nathaniel Baxter c16874c4c0 ati_unfree: Create a nixos module for the ati_unfree x11 driver and
blacklist the radeon driver when ati_unfree is installed.
2014-09-07 12:40:32 +10:00
Rob Vermaas f14d1d76bb Azure: Fix authorized_keys 2014-09-06 22:54:15 +02:00
Rob Vermaas e9c1fb0c89 Azure: Mount metadata 'CD' on /metadata 2014-09-06 21:53:10 +02:00
Rob Vermaas 81046b9e5d Initial configuration + image generation script for Micro$oft Azure. Work in progress for #3986. 2014-09-06 21:37:46 +02:00
Domen Kožar 18d9904433 nixos-option: fixes as suggested by @nbp 2014-09-06 20:59:14 +02:00
Vladimír Čunát 06fea81c6e Merge recent master into staging
Hydra: ?compare=1150594
2014-09-06 16:52:45 +02:00
Aristid Breitkreuz c3fe942a57 start dhcpcd after network-interfaces 2014-09-06 13:52:09 +02:00
Aristid Breitkreuz 958c1c68c2 Merge pull request #3977 from manveru/diod
diod: fix service
2014-09-06 12:31:00 +02:00
Thomas Tuegel 53fa517176 Merge pull request #3961 from wkennington/master.grub
nixos/install-grub: Read correct mountpoints
2014-09-05 20:01:08 -05:00
Bjørn Forsman db86b03b1c nixos/apcupsd: add systemd documentation hint
systemctl has the ability to display a list of documentation URLs in the
output of "systemctl status <service-name>".
2014-09-06 00:14:42 +02:00
Bjørn Forsman b7a889759d nixos/fail2ban: don't use types.string (it's deprecated)
I'm not really sure which one of types.lines or types.str that fit
better, but I'm going for types.lines because it behaves more like the
current type (i.e. have the ability to merge).
2014-09-05 22:56:30 +02:00
Luca Bruno 718106e958 Fix initrd after recent busybox upgrades 2014-09-05 18:42:53 +02:00
Eelco Dolstra 20be024d1b Fix subuid/subgid generation
I don't think we need to filter users with an unset uid, because
mkSubuidEntry/mkSubgidEntry don't references the uid.
2014-09-05 17:40:09 +02:00
Eelco Dolstra 59edfd61ad Increase systemd timeout on Jenkins and Munin tests
These were timing out a lot.

http://hydra.nixos.org/build/13991108
http://hydra.nixos.org/build/13991107
2014-09-05 15:50:55 +02:00
Eelco Dolstra b0855d59a1 Improve option descriptions a bit 2014-09-05 15:28:24 +02:00
Eelco Dolstra bb9ee6a13f Remove some setuid wrappers for non-standard programs 2014-09-05 14:46:36 +02:00
Eelco Dolstra cd7129a037 Revert "nixos: add setuid wrappers for some networked filesystems' helpers"
This reverts commit 26a4001a98. It
breaks the NFS test:

  http://hydra.nixos.org/build/13943148

Also, having more setuid programs is a bad thing security-wise.
2014-09-05 14:43:11 +02:00
Michael Fellinger 00887dc3f8 diod: fix service 2014-09-05 14:39:55 +02:00
Eelco Dolstra 1f7c775910 Remove unrar from the installation CD since it's unfree 2014-09-05 14:25:17 +02:00
aszlig e8c4fde22d
nixos/nsd: Improve support for journald/systemd.
Don't fork into the background and just log to stderr.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-09-05 02:54:39 +02:00
aszlig 141cb70d5c
nixos/networking: Fix typo in ipv6prefixLength.
Within the module it's referenced with an uppercase "P" and ipv6Address
also begins with an uppercase "A" after the "6", so let's make it
consistent.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-09-05 02:54:39 +02:00
aszlig 6386df1645
nixos/nsd: Fix indentation/coding style.
For Nix, we indent using two spaces, but in this module somehow 4 spaces
were snuck in. Other than that, remoteControl and ratelimit are just
nested attribute sets, so we don't need to make another submodule type
for no particular reason.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-09-05 02:54:39 +02:00
Michael Fellinger d62e848cc9 virtualbox: vboxusers may use /dev/vboxnetctl 2014-09-04 22:44:38 +02:00
William A. Kennington III c6bd6d6d89 nixos/grub: Assert devices should be absolute paths 2014-09-04 10:31:39 -07:00
William A. Kennington III f73f7ccc6e nixos/install-grub: Read correct mountpoints 2014-09-04 10:31:39 -07:00
Michael Raskin a3b9bf6c87 Merge pull request #3653 from iyzsong/nixos/xfce4-mixer
nixos: don't set variables for gstreamer-0.10 (fix #3652)
2014-09-04 20:54:57 +04:00
Michael Raskin 1a0d437bf3 Merge pull request #3944 from joshcartwright/gummiboot-timeout-fix
gummiboot/builder: fix timeout setting when unset
2014-09-04 20:17:44 +04:00
Luca Bruno 2ba523df24 nixos nat: add description to forwardPorts 2014-09-04 11:33:08 +02:00
Luca Bruno e6ab680cbf nixos nat: add type for sourcePort and destination of forwardPorts 2014-09-04 10:26:33 +02:00
Luca Bruno a1ded5c20e nixos-install: use absolute path when running passwd in chroot 2014-09-03 23:12:40 +02:00
Luca Bruno 59ad713288 nixos-install: set umask 0022 2014-09-03 23:12:40 +02:00
Domen Kožar 2e97c06999 nixos-option: enable all flags by default and make output a bit readable cc @nbp 2014-09-03 22:08:25 +02:00
Jaka Hudoklin 43d9f92c82 nixos: docker, create docker group 2014-09-03 21:23:30 +02:00
Michael Raskin 4155121069 Merge pull request #3926 from lethalman/fwdports
nixos/nat: add forwardPorts for external->internal DNAT
2014-09-03 21:54:37 +04:00
Nathan Bijnens 00ad134284 Mesos: services 2014-09-03 19:21:49 +02:00
Michael Raskin ab023cc559 Merge pull request #3843 from wkennington/master.iffix
nixos/network-interfaces: Sanitize sys-subsystem device names
2014-09-03 21:15:46 +04:00
Eelco Dolstra 65ef435d7b Merge pull request #3949 from wkennington/master.grub
grub2: Add localizations
2014-09-03 19:06:26 +02:00
William A. Kennington III eee8fd89b3 nixos/install-grub: Correct store path for search 2014-09-03 10:01:00 -07:00
William A. Kennington III 1b63a1b75e nixos/iso-image: Fix grub-mkimage requiring a prefix 2014-09-03 09:26:44 -07:00
Michael Raskin 3e841ef642 Fixing comment case 2014-09-03 20:03:15 +04:00
Eelco Dolstra 46623bfc15 Remove copy-com.nix from the module list
This is proprietary software, and NixOS is intended as a free software
distribution. We currently don't have a mechanism like allowUnfree for
NixOS modules, so it's better to leave out modules for such
packages. Of couse, they can still be activated by doing:

  imports = [ <nixpkgs/nixos/services/networking/copy-com.nix ];
2014-09-03 17:09:00 +02:00
Michael Raskin c4d85240e5 Merge pull request #3267 from Mathnerd314/cpufreq_noise
Remove non-cpufreq_* modules since they are loaded by udev
2014-09-03 18:46:01 +04:00
Michael Raskin 94a131b95a Fix forgotten unit entry 2014-09-03 15:47:53 +04:00
Strahinja Popovic fe3f7716f0 Enabled access to binaries of needed tools, and worker daemons can be enabled for phabricator #3306 2014-09-03 15:46:59 +04:00
Rickard Nilsson 66ee6e03e7 pulseaudio: Use group audio instead of pulse-access 2014-09-03 13:24:47 +02:00
Sergey Mironov 2b72edad9b yandex-disk: fix the url; introduce systemd.service #2228 2014-09-03 12:36:29 +04:00
Rickard Nilsson 56102642fa pulseaudio: Add pulse-access group, controlling access to the system-wide PA daemon 2014-09-03 10:25:36 +02:00
Cray Elliott 4efc03f46f Delete nixos/modules/module-list.nix.orig, extraneous file 2014-09-03 01:20:56 -07:00
Michael Raskin d1ae15b680 Merge pull request #3804 from ehmry/unbound
unbound: run in chroot
2014-09-03 11:45:20 +04:00
Michael Raskin 7a47d21aec Merge pull request #3943 from wkennington/master.grub
Fix grub zfs build and typo
2014-09-03 11:39:35 +04:00
William A. Kennington III d48a7a17df nixos/network-interfaces: Sanitize sys-subsystem device names
Currently, nixos will allow for interface names with special characters
such as the hyphen to be used. This presents a problem when using
systemd device names as the namespace paths are separated using hyphens.
Within systemd, if a device name has a hyphen it should be replaced with
the escape sequence \x2d.

This patch sanitizes all interface names before they are used in a
systemd device string.
2014-09-03 00:31:38 -07:00
Michael Raskin c3e7588367 Merge pull request #3747 from wkennington/master.explicit
nixos/network-interfaces: Allow explicit virtual interface type setting
2014-09-03 11:25:28 +04:00
Nathan Bijnens 33a3f76ee4 Copy.com: client #3617 2014-09-03 11:31:51 +04:00
Michael Raskin 8e968b18e4 Merge pull request #2952 from edwtjo/cups-syswide-clientconf
CUPS system wide client side remote printing.
2014-09-03 10:51:49 +04:00
Michael Raskin a82c623c26 Merge pull request #3940 from wkennington/master.dnsmasq
nixos/dnsmasq: Fix regressions during the systemd update
2014-09-03 10:06:26 +04:00
Josh Cartwright 626a666da5 gummiboot/builder: fix timeout setting when unset
The gummiboot-builder.py script is expecting the @timeout@ metavar to be
substituted for either an empty string (in the case where a user has
left the timeout unset) or the actual value set in the system
configuration.

However, the config.boot.loader.gummiboot.timeout option defaults to
'null', and due to the way pkgs.substituteAll works, the substitution
for '@timeout@' is _never_ set to the empty string.  This causes the
builder script to put a bogus line into /boot/loader/loader.conf:

   timeout @timeout@

Fix this by explicitly setting 'timeout' to the empty string when it's
unset in the system configuration.

Signed-off-by: Josh Cartwright <joshc@eso.teric.us>
2014-09-03 05:36:45 +02:00
William A. Kennington III ccc758f414 nixos/install-grub: Fix typo 2014-09-02 18:56:53 -07:00
Michael Fellinger e805c78ed3 diod: remove redundant default doc 2014-09-03 02:55:00 +02:00
Michael Fellinger 0bf05a02f4 diod: add systemd service and config 2014-09-03 02:30:04 +02:00
William A. Kennington III 9659d0f4fb nixos/dnsmasq: Fix regressions during the systemd update 2014-09-02 17:23:55 -07:00
William A. Kennington III 961e9867b3 nixos/generate-config: Only add store search path when kernels are not copied 2014-09-02 09:16:13 -07:00
William A. Kennington III 9467937639 nixos/install-grub: Only check for /nix to be the mountPoint for the store 2014-09-02 09:16:13 -07:00
William A. Kennington III 61908bdd80 nixos/install-grub: Always copy kernels for different devices 2014-09-02 09:16:13 -07:00
William A. Kennington III 87b6232f3a nixos/generate-config: Don't interpret btrfs subvols as bind mounts 2014-09-02 09:16:13 -07:00
William A. Kennington III 01ab1d57a3 nixos/install-grub: Detect nested btrfs subvolumes 2014-09-02 09:16:13 -07:00