philipp/nixpkgs
1
0
Fork 0
Code Issues Pull requests Projects Releases Activity
%!d() commits 3 branches 0 tags 1.4 GiB
Commit graph

1728 commits

Author SHA1 Message Date
Corey O'Connor
b2f3e10a35 Add primus and extend bumblebee to support 32bit/64bit multilib architectures. 
Using primusrun will work as expected in a multilib environment. Even if the initial program
executes a antoehr program of the another architecture. Assuming the program does not modify
LD_LIBRARY_PATH inappropriately.

This does not update virtualgl for seemless multilib. I was unable to get a mixed 64/32 bit
environment to work with VirtualGL. The mechanism VirtualGL uses to inject the fake GL library would
fail if both 32bit and 64 bit libraries were in the environment. Instead the bumblebee package
creates a optirun32 executable that can be used to run a 32bit executable with optimus on a 64 bit
host. This is not created if the host is 32bit.

For my usage, gaming under wine, the primusrun executable works as expected regardless of
32bit/64bit.
 2014-11-29 16:42:00 -08:00
aszlig
3e49487c1a
virtualbox: Enable hardening by default. 
VirtualBox with hardening support requires the main binaries to be
setuid root. Using VBOX_WITH_RUNPATH, we ensure that the RPATHs are
pointing to the libexec directory and we also need to unset
VBOX_WITH_ORIGIN to make sure that the build system is actually setting
those RPATHs.

The hardened.patch implements two things:

 * Set the binary directory to the setuid-wrappers dir so that
   VboxSVC calls them instead of the binaries from the store path. The
   reason behind this is because nothing in the Nix store can have the
   setuid flag.
 * Excempt /nix/store from the group permission check, because while it
   is group-writeable indeed it also has the sticky bit set (and also
   the whole store is mounted read-only on most NixOS systems), so we're
   checking on that as well.

Right now, the hardened.patch uses /nix/store and /var/setuid-wrappers
directly, so someone would ever want to change those on a NixOS system,
please provide a patch to set those paths on build time. However, for
simplicity, it's best to do it when we _really_ need it.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
 2014-11-29 19:21:46 +01:00
Jaka Hudoklin
8c766dcc90 nixos/kubernetes: fix user id 2014-11-29 16:46:39 +01:00
Jaka Hudoklin
bd32da69bc Merge pull request #5088 from offlinehacker/nixos/kubernetes 
nixos: add kubernetes module
 2014-11-29 16:44:42 +01:00
Jaka Hudoklin
2b261c1edf nixos: add kubernetes module 2014-11-29 02:27:17 +01:00
aszlig
c37611f3e5
nixos: Use vendor zones instead of N.pool.ntp.org. 
Closes #4824, thanks to @abh for processing my stupidity.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
 2014-11-28 19:37:03 +01:00
William A. Kennington III
299b59d1c4 nixos/network-interfaces: More fixes 2014-11-27 22:54:01 -08:00
Domen Kožar
28a1af6e06 fix printing test 2014-11-27 20:01:18 +01:00
aszlig
2249474632
nixos/sshd: Fix build if knownHosts is empty. 
Introduced by 77ff279f27.

Build failure: https://headcounter.org/hydra/build/583158/nixlog/5/raw

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
 2014-11-27 19:03:41 +01:00
aszlig
14f09e01c1
nixos: Add enable option for programs/virtualbox. 
We will simply rename the previous module and add a warning whenever the
module is included directly, pointing the user to the right option and
also enable it as well (in case somebody has missed the option and is
wondering why VirtualBox doesn't work anymore).

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
 2014-11-27 18:42:22 +01:00
aszlig
444987193e
nixos: Rename virtualbox to virtualboxGuest. 
Especially new users could be confused by this, so we're now marking
services.virtualbox.enable as obsolete and defaulting to
services.virtualboxGuest.enable instead. I believe this now makes it
clear, that this option is for guest additions only.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
 2014-11-27 18:42:22 +01:00
Rickard Nilsson
77ff279f27 nixos/services.openssh: Allow knownHost keys to have multiple lines. 
Useful for adding several public keys of different types for the same host.
 2014-11-27 18:40:21 +01:00
Eelco Dolstra
e7cd18e907 Don't set $MANPATH 
The default is derived automatically from $PATH, so it's in fact
better *not* to set it.
 2014-11-27 17:36:46 +01:00
wmertens
45c1b9147f Merge pull request #5130 from wmertens/git-ssl-env 
Let git use $SSL_CERT_FILE
 2014-11-27 13:24:08 +01:00
Domen Kožar
91bdca38a0 NetworkManager.service -> network-manager.service 2014-11-27 12:10:20 +01:00
William A. Kennington III
fbe9ac05d3 nixos/network-interfaces: Add maclvan support 2014-11-26 16:29:24 -08:00
William A. Kennington III
1860ee27b0 nixos/networking: Fixes 2014-11-26 16:29:24 -08:00
Matej Cotman
084fb3a0d3 e18: remove old desktop manager 2014-11-26 21:44:23 +01:00
Matej Cotman
959946a5af e17: remove old desktop manager 2014-11-26 21:44:23 +01:00
William A. Kennington III
4f2a041345 nixos/network-interfaces: Make it clear that networkd is experimental 2014-11-26 11:22:03 -08:00
William A. Kennington III
2c42738231 nixos/network-interfaces: Refactor scripts for reliability and dependency removal 2014-11-26 11:22:03 -08:00
William A. Kennington III
c417012c1b nixos/dhcpcd: Respect per interface dhcp options 2014-11-26 11:22:03 -08:00
William A. Kennington III
7005e289da nixos/network-interfaces: Promote secondary addresses when primary addresses expire 2014-11-26 11:22:03 -08:00
William A. Kennington III
c7d46687c5 nixos/network-interfaces: Support mac address and mtu universally 2014-11-26 11:22:03 -08:00
William A. Kennington III
2057d9087f nixos: Support network-online target in addition to ip-up 2014-11-26 11:22:03 -08:00
William A. Kennington III
0626c1ecf0 nixos/systemd: ip-up and network-online targets should come after networkd-wait-online 2014-11-26 11:22:02 -08:00
William A. Kennington III
c234e7b115 nixos/networking: Rebuild resolvconf during activation 
This is needed when /etc/resolv.conf is being overriden by networkd
and other configurations. If the file is destroyed by an environment
activation then it must be rebuilt so that applications which interface
with /etc/resolv.conf directly don't break.
 2014-11-26 11:22:02 -08:00
William A. Kennington III
8cffa37787 networkd: Support Host Resolvconf 2014-11-26 11:22:02 -08:00
William A. Kennington III
295a17f872 nixos/network-interfaces-scripted: Fix network-setup triggering 2014-11-26 11:22:02 -08:00
William A. Kennington III
59f512ef7d nixos/network-interfaces: Provide a networkd implementation 2014-11-26 11:22:02 -08:00
William A. Kennington III
045132a9b0 systemd-network: Add assertions for user clarity 2014-11-26 11:22:02 -08:00
William A. Kennington III
a332c4eac5 systemd: Enable more network services 2014-11-26 11:22:02 -08:00
William A. Kennington III
08e74f2791 systemd: Add ability to define networks 2014-11-26 11:22:02 -08:00
Igor Pashev
1dd53cc990 Mediawiki: updated for Apache 2.4 2014-11-26 16:51:30 +01:00
Wout Mertens
72b81cf8bb Remove unnecessary $GIT_SSL_CAINFO from sys env 2014-11-26 00:30:07 +01:00
Eelco Dolstra
dd2dedafa3 Style fixes 2014-11-25 16:01:27 +01:00
Igor Pashev
4c33004e1f Added strongSwan service 2014-11-25 15:29:34 +01:00
Vladimír Čunát
d39c6ceffc nvidia_x11: current long-lived becomes a new legacy 
CC: #5070.
 2014-11-24 22:39:00 +01:00
cillianderoiste
04d62f6643 Merge pull request #5006 from daogames/este/customgitoliteuser 
enable different useraccount name for gitolite user
 2014-11-24 22:03:20 +01:00
William A. Kennington III
f83aa6c0ea nixos/unifi: Properly depend on mountpoints 2014-11-24 12:40:07 -08:00
aszlig
cc28e819e4
nixos/cupsd: Ignore collisions in cups-progs. 
There currently are collisions between the main CUPS package and the
filters package, which are:

  * $storepath/share/cups/banners/classified
  * $storepath/share/cups/banners/confidential
  * $storepath/share/cups/banners/secret
  * $storepath/share/cups/banners/standard
  * $storepath/share/cups/banners/topsecret
  * $storepath/share/cups/banners/unclassified
  * $storepath/share/cups/data/testprint

And they actually have different content, so let's ignore those for now
until we have a better fix.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
 2014-11-24 17:40:03 +01:00
Oliver Charles
ac616e17b3 opentsdb: Enable chunked API requests by default 2014-11-24 14:40:48 +00:00
Oliver Charles
abd24523f3 scollector: Allow users to specify external collectors 2014-11-24 14:40:48 +00:00
Oliver Charles
ced9e83732 OpenTSDB should create its schema on start up 2014-11-24 14:40:48 +00:00
Oliver Charles
5c670c81d5 hbase should use dataDir to specify where to store data 2014-11-24 14:40:48 +00:00
Oliver Charles
1280c6aa64 Add an extraConfig option to bosun 2014-11-24 14:40:48 +00:00
Oliver Charles
fb67616588 scollector should talk to Bosun, not OpenTSDB 2014-11-24 14:40:48 +00:00
Oliver Charles
891c262e9a Add a NixOS module to run bosun 2014-11-24 14:40:47 +00:00
Oliver Charles
2ed07c6cc1 scollector: New NixOS module 2014-11-24 14:40:47 +00:00
Oliver Charles
751a2943f4 opentsdb: Upgrade to 2.1.0-RC1 2014-11-24 14:40:47 +00:00
Oliver Charles
764cca613d opentsdb: New package and NixOS module 2014-11-24 14:40:47 +00:00
Oliver Charles
8964667bcd hbase: New package and NixOS module 2014-11-24 14:40:47 +00:00
Arseniy Seroka
fd5566da41 Merge pull request #5080 from joachifm/dnscrypt-refactor 
dnscrypt-proxy: minor superficial improvements
 2014-11-24 15:48:47 +03:00
William A. Kennington III
8309aa04b2 unifi: Actually remove webapps at shutdown 2014-11-24 02:30:04 -08:00
William A. Kennington III
8f0d65e2df unifi: Clean all of webapps at start and stop 2014-11-24 00:22:24 -08:00
William A. Kennington III
3f7b2bc70d unifi: Fix typo 2014-11-24 00:06:42 -08:00
Domen Kožar
23567ac200 cups-pdf-filter -> cups-filters, enable by default for cups 2014-11-23 17:51:55 +01:00
Michael Raskin
48a1b59f6a Remove cups_pdf_filter from the default set - adding to default set is easier than removing... 2014-11-23 16:27:28 +03:00
Aristid Breitkreuz
5ff169f4d7 containers: remove obsolete comment 2014-11-23 12:30:03 +01:00
Jaka Hudoklin
4f592d4f29 nixos/etcd: fix postStart check and make tests deterministic 2014-11-23 12:16:50 +01:00
Jaka Hudoklin
7202121e0e nixos/etcd: only use one cient url by default 2014-11-23 01:25:53 +01:00
Joachim Fasting
119d93e223 dnscrypt-proxy: minor superficial improvements 
- Use upstream description and explicitly set platforms = all
- Coding conventions fix
 2014-11-22 16:19:06 +01:00
Jaka Hudoklin
73dc767aa0 nixos: add docker-registry module 2014-11-22 12:16:41 +01:00
Jaka Hudoklin
444bda1936 Merge pull request #4991 from offlinehacker/nixos/etcd 
nixos: add etcd module
 2014-11-22 12:05:35 +01:00
Domen Kožar
85daeeb222 Merge pull request #4639 from lethalman/installer-nm 
kde installer: enable networkmanager. Closes #3433
 2014-11-21 22:29:10 +01:00
Jaka Hudoklin
b02d90969f make zookeeper.nix non-executable 2014-11-21 15:06:51 +01:00
Jaka Hudoklin
b3bc157f7f nixos: add etcd module 2014-11-21 13:54:45 +01:00
Emery Hemingway
21e4ff5624 initial liquidsoap service expression 2014-11-20 17:41:15 -05:00
William A. Kennington III
e33cccd686 nixos/ids: Fix systemd ids 2014-11-19 15:01:44 -08:00
William A. Kennington III
487e47a8e1 nixos/ids: Add systemd networking ids 2014-11-19 14:59:42 -08:00
Rickard Nilsson
63d9366212 nixos/haveged: Fix incorrect unit configuration (documentation -> Documentation) 2014-11-19 12:56:42 +01:00
Rickard Nilsson
76f065a8de nixos/riemann: Add option configFiles 2014-11-19 12:56:42 +01:00
Eelco Dolstra
8daa0767fa Merge pull request #5016 from bjornfor/nixos-generate-config-with-lib 
nixos-generate-config: add 'lib' to module template
 2014-11-18 08:48:30 +01:00
Igor Pashev
2b91426920 Use lib instead of pkgs.lib 
Usage of pkgs.lib may cause infinite recursion
 2014-11-17 20:30:37 +03:00
Bjørn Forsman
8835d932b1 nixos-generate-config: add 'lib' to module template 
The NixOS manual says modules have the following signature:
 { config, lib, pkgs, ... }:

But our generated configuration.nix file lacks the 'lib' part. Add it.
 2014-11-17 17:13:36 +01:00
Ricardo M. Correia
389143d808 grsecurity: Update assertion msg to correct major kernel versions 2014-11-16 18:52:39 +01:00
Evgeny Egorochkin
599394162c update obsolete startOn values 2014-11-16 17:04:54 +02:00
Nikolay Amiantov
a2eb7ca23c stage-1: fix hibernation for device node symlinks 
closes #4995
 2014-11-15 21:44:37 +02:00
Evgeny Egorochkin
f151f4c816 KDE4: fix sound using the old gstreamer approach; the correct way would be to wrap each and every phonon client, or patch phonon's search path 2014-11-15 21:40:13 +02:00
Michael Raskin
ba77c90161 Revert "cups: update package" 
This reverts commit aa548af5a5.
 2014-11-15 17:00:15 +03:00
Michael Raskin
d86c047f9c Revert "cups-filters: add package" 
This reverts commit f7ba33de56.
 2014-11-15 16:59:58 +03:00
Michael Raskin
a7c8d00b27 Merge pull request #4857 from abbradar/cups2 
[WIP] Improve printing experience and update related packages
 2014-11-15 15:18:35 +03:00
Aristid Breitkreuz
2fd7e5f39d ssh-agent: use types.nullOr 2014-11-15 12:33:01 +01:00
Aristid Breitkreuz
d57110fabc ssh-agent: make key timeout optional 2014-11-15 12:13:25 +01:00
Aristid Breitkreuz
d70336f37c limit the amount of time ssh-agent keeps a key (default: 1h) 2014-11-15 12:13:25 +01:00
wmertens
0b34eb1493 Allow starting a shell on stage 1 failure 
When people copy the ISO to USB it can happen that the root device isn't known. Having a shell greatly improves that situation.
 2014-11-15 00:14:26 +01:00
Luca Bruno
e8adc8b5ec Drop GNOME 3.10 2014-11-14 22:46:37 +01:00
William A. Kennington III
826f5468ab nixos/unifi: Remove old ROOT.war links before relinking 2014-11-14 11:45:38 -08:00
Ronny Esterluss
2b243bfbad enable different useraccount name for gitolite user 2014-11-14 17:39:41 +01:00
Eelco Dolstra
ca441636f1 Merge branch 'staging' 2014-11-14 16:00:23 +01:00
Vladimír Čunát
b4af993c3f Merge branch 'master' into staging 
Conflicts (simple):
	pkgs/development/lisp-modules/clwrapper/setup-hook.sh
 2014-11-14 14:28:23 +01:00
Rene Donner
8bd2f6bfc1 some typos 2014-11-14 13:05:55 +01:00
Nikolay Amiantov
f7ba33de56 cups-filters: add package 2014-11-14 13:51:26 +03:00
Nikolay Amiantov
aa548af5a5 cups: update package 2014-11-14 13:51:26 +03:00
William A. Kennington III
d0e15cc575 Merge pull request #4983 from bosu/fw-stop-fix 
firewall: clear rpfilter on stop
 2014-11-14 00:14:27 -08:00
Boris Sukholitko
53b24d0c95 firewall: clear rpfilter on stop 2014-11-14 09:07:18 +02:00
wmertens
dda62c451c Re-enable ZFS in installer image 
Hopefully #4807 fixes http://hydra.nixos.org/build/16883184
 2014-11-13 10:31:15 +01:00
wmertens
5c19521c6e Merge pull request #4807 from wizeman/u/zfs-improvements 
ZFS improvements
 2014-11-13 10:26:30 +01:00
Shea Levy
ba7c80eefb Fix init= stage 1 test 2014-11-12 18:25:03 -05:00
Moritz Ulrich
e884dc32c5 Add local-fs.target to minidlna. 
Minidlna fails to start if it wants to access a filesystem which isn't
mounted (yet).
 2014-11-12 23:20:47 +01:00