Commit graph

2952 commits

Author SHA1 Message Date
Eelco Dolstra 69eeb83039 Use "or" 2013-07-15 13:54:15 +02:00
aszlig ab08c8a1bb
postgresql: Allow to specify recoveryConfig.
This is needed for streaming replication in PostgreSQL 9.0 and higher.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-07-14 05:23:46 +02:00
aszlig d5f0183153
postgresql: Add initialScript for initial SQL.
Just like in the MySQL service module it really makes sense to provide a
way to inject SQL on the first start of the database cluster.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-07-14 05:23:46 +02:00
aszlig ec1f3e7832
postgresql: Log to stderr by default.
Now systemctl status will properly pick up the right logs.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-07-14 05:23:46 +02:00
aszlig 916d39f5ce
mysql/mysql55: Log to stderr instead of logfile.
This should integrate the logging more tightly into systemd, so for
example "systemctl status mysql" actually gives an overview about what's
actually going on.

This removes the logError option attribute, so in case you still want to
write into a logfile, I've introduced an option called extraOptions, so
you can use something like:

services.mysql*.extraOptions = ''
  log-error = /var/log/mysql_err.log
'';

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-07-14 05:23:46 +02:00
Eelco Dolstra 6d6fb43498 Bump the amount of memory for VirtualBox image generation
http://hydra.nixos.org/build/5509519
2013-07-11 13:18:51 +02:00
Rok Garbas fb5a616b02 openconnect and vpnc NetworkManager plugins added 2013-07-10 16:43:26 +02:00
Eelco Dolstra cc54211069 systemd-vconsole-setup: Add missing wantedBy
Reported by Kirill Elagin.
2013-07-09 17:23:27 +02:00
Eelco Dolstra fd14641ef5 Fix the sshd check in the rebuildCD test
Also reduce the amount of memory.
2013-07-09 16:12:34 +02:00
Eelco Dolstra 5000d99149 Remove outdated comment
Password-based remote root logins are not allowed anyway.
2013-07-09 15:59:57 +02:00
Eelco Dolstra b26f3141db Start httpd synchronously
This ensures that when "start httpd" returns, Apache is actually
listening.

http://hydra.nixos.org/build/5499393
2013-07-09 15:08:48 +02:00
aszlig ff84facca3
grub: Add mdadm to search path.
Grub uses mdadm to find out the device it is on, especially when mdadm itself
resides in a separate boot partition. When bootstrapping from a NixOS
installation CD, it's not a big issue because usually the paths from the Nix
store of the installation CD are matching with the ones in the chrooted
environment.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-07-08 14:29:37 +02:00
Mathijs Kwik 769b74c463 nixos-vm: switch to qemu for disk images too :) 2013-07-07 22:25:45 +02:00
Eelco Dolstra c8fca8c8fc NixOS VM tests: Use 9p instead of CIFS 2013-07-05 17:24:49 +02:00
Eelco Dolstra edab9e4976 Ensure that "nixos-rebuild" works in the VirtualBox VM 2013-07-03 14:19:43 +02:00
Eelco Dolstra 6fa447006f Move cloneConfig into a separate module 2013-07-03 14:19:43 +02:00
Eelco Dolstra 5c668542f5 Remove virtualbox-config.nix, it's actually not useful 2013-07-03 14:19:43 +02:00
Sander van der Burg d312695d78 Fixed minor issue with unary operator expected 2013-07-03 11:13:58 +02:00
Eelco Dolstra 84bb988256 Fix VM test booting with kernels <= 3.9 2013-07-02 17:10:22 +02:00
Eelco Dolstra bd99966902 Fix postBootCommands ordering
Should use explicit ordering...
2013-07-02 13:52:43 +02:00
Eelco Dolstra 2572879a62 Don't use substitutes when unpacking the channel sources 2013-07-02 13:43:47 +02:00
Eelco Dolstra 3a9f908c8b Oops 2013-07-02 13:27:25 +02:00
Eelco Dolstra 725da34c8e Add a demo account to the VirtualBox image 2013-07-02 11:04:31 +02:00
Eelco Dolstra 1a2e4f37d0 release.nix: Generate a VirtualBox image 2013-07-02 11:04:31 +02:00
Eelco Dolstra db17b68d81 Unpack the initial channel only once 2013-07-02 11:04:31 +02:00
Eelco Dolstra 59bab9048a Move initial channel generation into a separate module 2013-07-02 11:04:31 +02:00
Mathijs Kwik a099f7008b provide a warning on password options that do not follow the read-from-file convention. 2013-07-02 06:04:34 +02:00
Peter Simons ff8a01b145 Merge pull request #185 from ocharles/memcached
memcached: Add NixOS support
2013-07-01 03:00:45 -07:00
Domen Kozar 36f2ec84a9 dd-agent: cleanup, add dogstatsd systemd service 2013-06-29 19:33:44 +02:00
Domen Kozar a20630476f cleanup dd-agent 2013-06-29 18:45:57 +02:00
Rickard Nilsson 279248f6c5 time.timeZone: Set the TZ environment variable, which is used by Java. 2013-06-29 18:43:38 +02:00
Domen Kozar d28b42658c ssmtp: fix eval 2013-06-29 16:02:37 +02:00
Domen Kožar 1b7108952e Merge pull request #182 from zefhemel/redis
Added redis service module with bunch of documentation.
2013-06-29 04:11:33 -07:00
Domen Kožar 934b3b411c Merge pull request #144 from the-kenny/ssmtp-user-pass
ssmtp: Add AuthUser and AuthPass options.
2013-06-29 04:04:43 -07:00
aszlig aba54edf48
qemu-vm: Add option to create empty disk images.
This allows to add additional raw disk images to the VM, which therein are
available as /dev/vdb, /dev/vdc, /dev/vde and so on. Especially when testing
partitioning, this could be useful.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-06-28 04:24:23 +02:00
Sander van der Burg 5dd0ce8c15 Updated disnix to latest 0.3 release 2013-06-27 15:32:49 +02:00
Eelco Dolstra eb110fd3ce fontconfig: Set the default hinting style to "slight"
This works around a bug in infinality that causes broken rendering in
some cases.  Issue NixOS/nixpkgs#663.

Upstream suggests that "slight" is a better/safer default in any case.
It also looks better, IMHO, YMMV.
2013-06-27 13:28:22 +02:00
Eelco Dolstra 0cbf0605d2 Refactoring: Split fonts.nix into smaller modules 2013-06-27 13:12:45 +02:00
Domen Kozar 85d5366c10 synergy: port to systemd and add autoStart option 2013-06-26 22:14:08 +02:00
Shea Levy ed6137109d Fix filesystem initialization systemd units
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-06-25 10:46:23 -04:00
Evgeny Egorochkin 8622bd81c8 Merge pull request #189 from bjornfor/lighttpd-fix-module-handling
lighttpd: improve module handling
2013-06-24 16:31:21 -07:00
Oliver Charles df6312e2cb memcached: Add more options and extraOptions support 2013-06-23 19:19:51 +01:00
Oliver Charles c7f61ee921 memcached: Add NixOS support 2013-06-23 18:49:49 +01:00
Eelco Dolstra 7810f7f61a Build unit files locally 2013-06-20 19:39:09 +02:00
Peter Simons 8dad56384e Merge pull request #193 from offlinehacker/cgminer
Add cgminer crypto currency miner
2013-06-20 03:10:54 -07:00
Jaka Hudoklin aa548ef803 Add cgminer crypto currency miner 2013-06-20 09:01:11 +00:00
Eelco Dolstra 0f6e9ba946 Unconditionally add ~/bin to $PATH 2013-06-19 13:56:05 +02:00
Vladimír Čunát c4929aaf78 Merge branch 'master' into x-updates 2013-06-17 22:27:53 +02:00
Zef Hemel a1c159bc4c Removed options that are not vital, added an extraConfig for any
additional configuration options for flexibility.
2013-06-17 14:06:02 -04:00
Jaka Hudoklin 84b5363090 Tarball should get ip from dhcp even if booting from nfs 2013-06-16 16:22:45 +00:00
Bjørn Forsman 8c3264466a lighttpd: improve module handling
lighttpd doesn't support loading a module more than once. If you attempt
to load a module again, lighttpd prints an error message:

  (plugin.c.131) Cannot load plugin mod_cgi more than once, please fix your config (we may not accept such configs in future releases

And it's not just the error message. The module isn't loaded (or is
messed up somehow) so that neither sub-service will work properly after
this.

This is bad news for the current approach to sub-services, where each
sub-service lists the needed modules in a server.modules += (...) block.
When two sub-services need the same module we get the above issue. (And,
AFAIK, there is no way to check if a module is already loaded either.)

First I thought about an approach where each sub-service specifies the
list of plugins it needs, and that a common server.modules = (...) list
is built from the union of those lists. That would loosly couple the
sub-services with the main lighttpd nixos module expression. But I think
this is a bad idea because lighttpd module loading order matters[1], and
the module order in the global server.modules = (...) list would be
somewhat cumbersome to control.

Here is an example:

Sub-service A needs mod_fastcgi. Sub-service B needs mod_auth and
mod_fastcgi. Note that mod_auth must be loaded *before* mod_fastcgi to
take effect. The union of those modules may either be ["mod_auth"
"mod_fastcgi"] or ["mod_fastcgi" "mod_auth"] depending on the evaluation
order. The first order will work, the latter will not.

So instead of the above, this commit moves the modules from
service.modules += (...) snippets in each sub-service to a global
server.modules = (...) list in the main lighttpd module expression. The
module loading order is fixed and each module is included only if any of
the sub-services that needs it is enabled.

The downside to this approach is that sub-services need a (tiny) bit of
change to the main lighttpd nixos module expression. But I think it is
the only sane way to do it (as long as lighttpd is written the way it
is).

References:
  [1] http://redmine.lighttpd.net/projects/1/wiki/Server_modulesDetails
  [2] http://redmine.lighttpd.net/issues/2337
2013-06-16 13:15:29 +02:00
Vladimír Čunát d85ec960d1 Merge branch 'master' of git://github.com/NixOS/nixos into x-updates 2013-06-15 08:43:45 +02:00
aszlig 2fa7f63bd0
agetty: Add 57600 to the baud rate list.
This is because it's quite commonly used in the wild. Especially at some "weird"
server hosters (no names here) which doesn't allow to change the baudrate for
their serial consoles.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-06-14 17:55:37 +02:00
aszlig 3bf1210635
zabbix-server: Swap order of database population.
Starting with Zabbix 2.0 the order of data imports is important[*] and will lead
to errors if not done in the right order. Zabbix 1.8 works fine with the swapped
order as well, so this change shouldn't affect any pre-2.0 users.

[*] https://www.zabbix.com/documentation/2.0/manual/appendix/install/db_scripts

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-06-13 03:34:29 +02:00
aszlig 62d5282602
zabbix-server: Make it easier to use peer auth.
Quoting from the manual about DBHost:

```
In case of MySQL localhost or empty string results in using a socket. In case of
PostgreSQL only empty string results in attempt to use socket.
```
https://www.zabbix.com/documentation/2.0/manual/appendix/config/zabbix_server

With this commit we should avoid some race conditions in systemd, because if the
host is set to "", there is no condition that postgresql has to be started prior
to the Zabbix server.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-06-13 03:34:28 +02:00
aszlig a5c6a36466
apache-httpd/zabbix: Set max_input_time.
At least the Zabbix 2.x web installer requires max_input_time to be set to 300
seconds. As it doesn't hurt to set it for the 1.x versions, I'm including it
here.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-06-13 02:31:35 +02:00
aszlig 8990470951
apache-httpd/zabbix: Allow custom configFile.
If option is left by its default value, behaviour is the same as before, using
the configuration file created by the web interface.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-06-13 02:28:23 +02:00
aszlig bf28d5c109
zabbix-server: Add PID file to systemd config.
This is to avoid (in some cases) constant restarting of the Zabbix server, which
causes odds bugs and crashes in the exit handler (if it's too early during
startup).

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-06-13 01:56:09 +02:00
Eelco Dolstra 7cf23a740d Update the default binary cache URL to cache.nixos.org 2013-06-12 14:23:33 +02:00
Eelco Dolstra 4b0d6a0759 nscd: Restart if /etc/hosts changes 2013-06-11 16:15:24 +02:00
Eelco Dolstra b3f04718cf Use stable Nix by default 2013-06-11 12:10:58 +02:00
Zef Hemel bcf3a7bbf6 Fixed: now using the configured redis package. 2013-06-07 11:37:58 +02:00
Zef Hemel 6b4d76c2c2 Added redis service with bunch of documentation. 2013-06-07 11:34:05 +02:00
Vladimír Čunát 2451d1794b Merge branch 'master' into x-updates 2013-06-05 17:22:35 +02:00
Eelco Dolstra 365307ada1 nixos-rebuild: Handle .version-suffix not being writable
Reported by @vcunat.
2013-06-05 17:10:46 +02:00
Eelco Dolstra d210f30fa7 Omit GRUB if boot.loader.grub.device is set to "nodev"
If we only need to generate a GRUB boot menu, we don't need GRUB
itself.  This cuts 38 MiB from EC2 system closures (in particular
because it gets rid of the need for the 32-bit Glibc).
2013-06-04 14:07:25 +02:00
Evgeny Egorochkin 2b63b67aa4 Merge pull request #174 from wizeman/apparmor-transmission
transmission: Add apparmor profile
2013-06-04 03:20:49 -07:00
Evgeny Egorochkin 6e6061e6b3 TOR: add obfsproxy support by default for TOR bridges 2013-06-04 13:03:37 +03:00
Mathijs Kwik 824b5b645a openvpn: fix type error
either use
- optional cond "target"
or
- optionals cond ["target1" "target2"]
2013-06-04 07:45:58 +02:00
Sander van der Burg e776c0623d Fixed disnix service to use systemd's dependency facilities 2013-06-03 01:34:22 +02:00
Evgeny Egorochkin e3bbf38ec9 Merge pull request #178 from bjornfor/lighttpd-cgit-subservice
lighttpd: add cgit sub-service
2013-06-02 14:18:21 -07:00
Evgeny Egorochkin 6ab6eeceb7 Merge pull request #179 from bjornfor/lighttpd-gitweb-improvements
lighttpd: gitweb: add extraConfig option
2013-06-02 14:09:23 -07:00
Bjørn Forsman 3d48da72a9 lighttpd: gitweb: add extraConfig option
So that we can append custom configuration text to the end of the
generated gitweb.conf file.
2013-06-02 19:26:55 +02:00
Bjørn Forsman b1f82e428a lighttpd: add cgit sub-service
(cgit is "a hyperfast web frontend for git repositories written in C")

cgit is enabled like this (assuming lighttpd is already enabled):

  services.lighttpd.cgit.enable = true;

and configured verbatim like this (contents of the cgitrc file):

  services.lighttpd.cgit.configText = ''
    cache-size=1000
    scan-path=/srv/git
  '';

cgit will be available from this URL: http://yourserver/cgit

In lighttpd, I've ensured that the cache dir for cgit is created if cgit
is enabled.
2013-06-02 18:41:18 +02:00
Lluís Batlle i Rossell 70fd5422a7 Adding iw to systemPackages. 2013-06-02 14:27:39 +02:00
Peter Simons 08eba4c114 atd: don't enable at daemon by default
The at daemon doesn't work on NixOS [1], so enabling it by default
doesn't seem useful. I'd argue that it shouldn't be enabled by default
even if it worked, actually.

[1] http://lists.science.uu.nl/pipermail/nix-dev/2013-April/011048.html
2013-06-01 11:39:09 +02:00
Evgeny Egorochkin 3bb97667b8 Merge pull request #167 from wizeman/domain
Set the domain name of the machine
2013-05-30 09:14:25 -07:00
Vladimír Čunát a5a7c8ad78 Merge branch 'master' into x-updates 2013-05-29 23:32:05 +02:00
Vladimír Čunát 40d61bfe36 Revert "networkmanager: clean some attrs missing in nixpkgs x-updates"
This reverts commit a649bbea4e.
2013-05-29 23:31:47 +02:00
Evgeny Egorochkin 421fb9d585 Merge pull request #173 from wizeman/apparmor-service
Apparmor service fixes
2013-05-28 16:46:30 -07:00
Evgeny Egorochkin a518e09ec3 Merge pull request #172 from wizeman/apparmor-ping
apparmor: Fix broken iputils/ping profile
2013-05-28 16:37:11 -07:00
Domen Kozar 53390a2da9 add networkmanager_openvpn to systemPackages 2013-05-29 00:38:50 +02:00
Ricardo M. Correia 0a0beadecd transmission: Add apparmor service dependency 2013-05-28 18:00:21 +00:00
Ricardo M. Correia 531b581636 apparmor: Fix service stop
When stopping the apparmor service, the profile removal failed with
parsing errors due to not including the
${pkgs.apparmor}/etc/apparmor.d directory.
2013-05-28 17:49:52 +00:00
Ricardo M. Correia 84c0af80d7 apparmor: Fix loading multiple profiles
apparmor's systemd service wasn't working when multiple profiles were
defined, due to the ExecStart commands in the service file being
broken into multiple lines, instead of being separated by ';'.
2013-05-28 17:21:22 +00:00
Ricardo M. Correia 2e61811284 transmission: Add apparmor profile 2013-05-28 17:19:15 +00:00
Ricardo M. Correia eb01d87b31 apparmor: Fix broken iputils/ping profile 2013-05-28 14:17:29 +00:00
Eelco Dolstra 2ec6759f5f openvpn.nix: Use systemd.*
Also add an option ‘autoStart’ to configure whether an OpenVPN
instance should be started automatically.  And don't log to
/var/log/openvpn-* anymore.
2013-05-28 14:39:48 +02:00
Ricardo M. Correia 7f9fc8d817 Set the domain name of the machine
The domain name was not being set before, even if the administrator
properly configured the networking.domain option in
/etc/nixos/configuration.nix.
2013-05-28 08:49:14 +00:00
Lluís Batlle i Rossell f60393975f gnunet: it was missing extraGroups 2013-05-28 10:19:59 +02:00
Peter Simons 717dc3b858 Merge pull request #169 from wizeman/chrony
Add chrony service
2013-05-25 02:25:57 -07:00
Ricardo M. Correia 76046850fe atop: Add basic config option for /etc/atoprc 2013-05-23 11:14:24 +00:00
Ricardo M. Correia 6336048c58 chrony: properly set rtconutc option, and add a few more options 2013-05-23 03:00:09 +00:00
Ricardo M. Correia 02d9a8066a Add chrony service
Also, do not build and add ntp to the system unless it is enabled.
2013-05-23 02:07:49 +00:00
Rickard Nilsson 70586f03fe systemd.sockets: Add listenStreams option for specifying several sockets 2013-05-20 16:26:24 +02:00
Domen Kozar a29c306958 bacula: add ExecReload 2013-05-18 13:29:54 +02:00
Domen Kozar 000d5a62aa bacula: file daemon needs to run as root 2013-05-18 12:29:14 +02:00
Eelco Dolstra 07406231e3 zabbix: Don't set the mbstring.func_overload option
This breaks MediaWiki running in the same web server.  Zabbix no
longer seems to need it anyway.
2013-05-17 15:34:26 +02:00
Eelco Dolstra 97689f9062 mediawiki: Update to 1.20.5 2013-05-17 13:38:20 +02:00
Mathijs Kwik 0e9a963b42 kde4: use udisks2 for kde versions that support it.
Currently, none do, although kde 4.10 is supposed to be able to use it.
2013-05-17 09:33:00 +02:00