Commit graph

2384 commits

Author SHA1 Message Date
Eelco Dolstra b1da38f564 Merge remote-tracking branch 'origin/master' into systemd 2012-11-30 16:12:04 +01:00
Eelco Dolstra 7435db4f89 Get rid of the last uses of mkAlways
mkAlways is an insane function, mkMerge is much saner.
2012-11-30 15:07:39 +01:00
Eelco Dolstra 3c6e0fd594 Generate the binary hardware database required by systemd 196 2012-11-29 18:51:44 +01:00
Eelco Dolstra 9eb81d2578 Renamed tcpWrapper -> tcp_wrappers 2012-11-29 15:16:30 +01:00
Lluís Batlle i Rossell 04963cf802 system-tarball-pc: fixing the readme inclusion 2012-11-29 11:29:15 +01:00
Lluís Batlle i Rossell a9e5d1ab50 Changing the kernel parameters for crashump
I think that these enable more checks, and make more NMIs happen.
2012-11-29 11:27:33 +01:00
Peter Simons 6b6b245693 sane: update name of the snapshot version of the backends 2012-11-26 16:21:11 +01:00
Peter Simons 403dc16c51 sane: update name of the snapshot version of the backends 2012-11-26 16:20:29 +01:00
Shea Levy a5ef0ffe12 rngd: Require /dev/random, only start when a hardware randomness source becomes available 2012-11-26 08:45:23 -05:00
Eelco Dolstra f3c9c83e04 Make it easier to append to the default sudo configuration 2012-11-23 15:14:16 +01:00
Shea Levy e76eb7f1a7 Disable rngd by default while I work on some patches to make it more systemd-friendly 2012-11-22 10:14:41 -05:00
Eelco Dolstra 994a15bc25 nixos-rebuild: Handle options with spaces in them
Like ‘--option binary-caches "http://foo http://bar"’
2012-11-22 12:04:00 +01:00
Eelco Dolstra a4bcb26b1a Add options for specifying binary caches 2012-11-22 11:49:47 +01:00
Eelco Dolstra 77891f8d59 Typo 2012-11-22 10:41:54 +01:00
Shea Levy cd513482d4 Add rngd service.
Inspired by http://pkgs.fedoraproject.org/cgit/rng-tools.git/tree/rngd.service?id=27b1912b2d9659b6934fd4c887e46c13958e7e3c
2012-11-22 02:07:25 -05:00
Rob Vermaas f0a6911929 Add ec2.metadata (default false) option whether to allow access to EC2 metadata API. 2012-11-21 12:19:38 -05:00
Peter Simons 0f15d75017 Merge pull request #29 from rickynils/shellaliases
Generate shell aliases programatically
2012-11-20 12:35:03 -08:00
Rickard Nilsson 6099451662 Add support for nslcd (nss-pam-ldapd) as users.ldap.daemon option 2012-11-20 16:39:45 +01:00
Rickard Nilsson 611ebeb1d0 Add nslcd (nss-pam-ldapd) uid and gid 2012-11-20 16:39:45 +01:00
Rickard Nilsson a22c362155 Add option for specifying shell aliases, environment.shellAliases. 2012-11-20 16:33:29 +01:00
James Cook 3afa5f86c1 Fixed the documentation for programs.ssh.forwardX11 to account for the X11 SECURITY extension. 2012-11-18 11:05:18 -08:00
James Cook 63dc873b85 Merge master. 2012-11-18 10:49:55 -08:00
Eelco Dolstra 60bf4c3cd7 Add a GRUB 1 dependency
http://hydra.nixos.org/build/3331139
2012-11-16 16:42:45 +01:00
Eelco Dolstra 722a3a7147 Remove unnecessary (AFAICT) call to toPath 2012-11-15 23:07:05 +01:00
Eelco Dolstra 35922e61d9 Systemd requires the latest Nix 2012-11-15 22:55:36 +01:00
Eelco Dolstra 1f401a0e35 Make install-grub.pl work when $PATH is empty 2012-11-15 22:54:43 +01:00
Eelco Dolstra f44d27a96c Make the installer work on systemd
Systemd mounts the root filesystem as a shared subtree, which breaks
recursive bind mounts.
2012-11-15 22:53:57 +01:00
Rickard Nilsson 02e0d7dbc3 dnsmasq: Add extraConfig option 2012-11-12 18:16:04 +01:00
Eelco Dolstra 08e6c0cb7c Update channel URLs 2012-11-12 09:19:25 +01:00
Eelco Dolstra 1350816199 test-instrumentation.nix: Don't start agetty on hvc0 2012-11-12 09:19:25 +01:00
Peter Simons 622a652411 Add option "environment.binsh" to configure the shell executable used to create the global /bin/sh symlink. 2012-11-11 21:46:25 +01:00
Peter Simons 04ba5de70a modules/programs/bash/bash.nix: cosmetic indention fix 2012-11-11 21:29:33 +01:00
Shea Levy 2f833bc88d Remove unnecessary toPath that breaks with recent nixUnstable 2012-11-08 13:04:20 -05:00
Eelco Dolstra e078117c72 firewall.nix: Don't fail if IPv6 is disabled 2012-11-06 22:55:25 +01:00
aszlig a333f7212e systemd: Fail if kernel features are missing.
This has rendered my system unbootable, because I forgot to enable AUTOFS4 in my
custom kernel. In addition to AUTOFS4, this includes (hopefully) all other
kernel features needed by systemd, as listed in the README:

REQUIREMENTS:
  Linux kernel >= 2.6.39
    with devtmpfs
    with cgroups (but it's OK to disable all controllers)
    optional but strongly recommended: autofs4, ipv6

Autofs4 is not a requirement here, but in our case it turns out that the system
is not able to boot properly with a LUKS-enabled system (or at least not on _my_
system).

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-11-06 11:25:43 +01:00
Peter Simons 70e6e19f54 xsession: source /etc/profile at the beginning of the script
The xsession script runs services that depend on a sane environment. Gpg-agent, for
example, runs the program "pinentry-gtk-2" to obtain the password to unlock GnuPG
and SSH keys. That program will display only gibberish unless $FONTCONFIG_FILE is
configured properly. Instead of configuring these variables explicitly one by one,
we just source /etc/profile, which contains the appropriate @shellInit@ code.
2012-11-05 23:07:53 +01:00
aszlig 1c28b86749
pam: Douchebag commit, fix alphabetical order.
Yes, I'm going to get back to school and learn the alphabet. I promise!

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-11-05 09:41:24 +01:00
aszlig 6e6ee3278c
pam: Add default configuration for GNU screen.
This is needed in order to properly lock your screen using the C-a C-x
(lockscreen) command _and_ being back to re-login, because the "other" PAM
service/fallback is to deny authentication.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-11-05 09:40:15 +01:00
Lluís Batlle i Rossell 64540fb453 Adding quick instructions in system-tarball-pc to use it as chroot.
I also split the readme into a file apart.
2012-11-04 22:13:19 +01:00
Eelco Dolstra 458f36f5f1 Turn fileSystems into an attribute set
So now you can write

  fileSystems =
    [ { mountPoint = "/";
        device = "/dev/sda1";
      }
    ];

as

  fileSystems."/".device = "/dev/sda1";
2012-11-02 18:02:12 +01:00
Eelco Dolstra 97f087cd44 Turn networking.interfaces into an attribute set
Thus

  networking.interfaces = [ { name = "eth0"; ipAddress = "192.168.15.1"; } ];

can now be written as

  networking.interfaces.eth0.ipAddress = "192.168.15.1";

The old notation still works though.
2012-11-02 17:08:11 +01:00
Eelco Dolstra 93f82dfeef Remove outdated comment about EC2 booting into stage-2 directly 2012-11-02 17:07:53 +01:00
Eelco Dolstra 67de234e1c wpa_supplicant.nix: Slightly improve descriptions 2012-11-02 17:05:30 +01:00
Eelco Dolstra 6ae0b3beed dhcpcd: Don't use --background so that fetch-ec2-data can be ordered after it 2012-11-02 14:20:05 +01:00
Eelco Dolstra af4e176c12 Fix description 2012-11-02 14:10:06 +01:00
Eelco Dolstra 48a0ea0513 Make Apache wait for ‘charon send-keys’
(This is a no-op on non-Charon deployments since the ‘keys.target’
unit won't have any dependencies.)
2012-11-01 23:32:12 +01:00
Eelco Dolstra dd7edefb2c Order mkfs services before the corresponding fsck services 2012-10-31 14:49:09 +01:00
Eelco Dolstra 1860badbeb dhcpcd: Go into the background immediately 2012-10-31 14:24:51 +01:00
Eelco Dolstra f293455474 dhcpcd: Don't duplicate log messages
Dhcpcd writes log messages to both syslog and stderr.  So ignore
stderr.
2012-10-31 14:24:22 +01:00
Eelco Dolstra 1da362b34b Fix coverage data collection
http://hydra.nixos.org/build/3253046
2012-10-30 17:27:14 +01:00