Eelco Dolstra
3ad370ae0a
Merge remote-tracking branch 'origin/master' into systemd
...
Conflicts:
modules/misc/ids.nix
modules/services/mail/postfix.nix
modules/services/system/nscd.nix
modules/services/x11/desktop-managers/xfce.nix
modules/system/boot/stage-1.nix
2012-09-28 11:35:27 -04:00
Eelco Dolstra
1084a8e0de
Add "adm" group from the systemd branch to prevent constant collisions
2012-09-28 11:14:33 -04:00
Eelco Dolstra
3e6bb7d1de
Move setting ownership of /nix/store to stage-2-init
...
This is necessary because the store might be bind-mounted read-only.
2012-09-28 10:59:58 -04:00
Peter Simons
6f052ee62e
spamassassin: use virtual user home directories under /var/lib/spamassassin to avoid permission problems
...
When spamd isn't running as 'root', it cannot access the usual ~/.spamassassin
path where user-specific files normally reside. Instead, we use the path
/var/lib/spamassassin-<user> to store those home directories.
2012-09-28 00:06:52 +02:00
Peter Simons
bcb8038726
spamassassin: add option for running the spamd daemon in debug mode
2012-09-27 17:12:25 +02:00
Peter Simons
9d83b8897b
spamassassin: drop obsolete command line options
2012-09-27 16:51:32 +02:00
Rickard Nilsson
65c1c6525b
network-manager: Big overhaul
...
* Add group 'networkmanager' and implement polkit configuration
that allows users in this group to make persistent, system-wide
changes to NetworkManager settings.
* Add support for ModemManager. 3G modems should work out of the
box now (it does for me...). This introduces a dependency on
pkgs.modemmanager.
* Write NetworkManger config file to Nix store, and let the
daemon use it from there.
2012-09-27 09:26:07 +02:00
Peter Simons
af7c192f2a
postfix: convert service to systemd
2012-09-25 16:38:09 -04:00
Peter Simons
5ef71c6d22
smartd: convert service to systemd
2012-09-25 16:38:05 -04:00
Eelco Dolstra
a139fa14b1
Optionally make the Nix store read-only to enforce immutability
...
This will be the default once Nix 1.2 is released.
2012-09-25 16:33:21 -04:00
Eelco Dolstra
fcebb3f3cd
Clean up the nscd job
2012-09-25 15:22:55 -04:00
Peter Simons
2d6d678bb9
dovecot.nix: correct bogus reference to dovecot in Nixpkgs
2012-09-25 11:24:35 +02:00
Peter Simons
a7700202f2
Rename dovecot2 module to dovecot.
...
We no longer support more than one version.
2012-09-25 11:23:53 +02:00
Shea Levy
bf116c7876
busyboxKeymap: Support unicode keymaps
2012-09-24 17:15:26 -04:00
Peter Simons
573b6b710f
Merge pull request #26 from aszlig/boottime-keymap
...
stage-1: Add option to load keymap during bootup.
2012-09-24 07:33:03 -07:00
Peter Simons
c1949c36e9
Merge pull request #31 from peti/master
...
Drop service for dovecot 1.x.
2012-09-24 07:31:04 -07:00
Lluis Batlle
5ee79c5722
Adding a parameter 'ttyEmergency'
...
It specifies what mingetty will be stopped, if a bad filesystem
triggers an emergency shell.
That should be ttyS0 on headless systems, and in that case,
nixos should stop the ttyS0 mingetty from getting in.
2012-09-24 00:16:52 +02:00
Peter Simons
97c74bf050
alsa.nix: initialize the sound card before restoring previously stored settings
...
The sound card in my ThinkPad won't work unless "init" is run explicitly.
2012-09-23 22:40:19 +02:00
Peter Simons
00e19c91e5
postfix: add option 'extraMasterConf' to extend the default master.cf file
2012-09-23 12:21:48 +02:00
Peter Simons
b8f09be5e0
Remove service for dovecot version 1.x.
2012-09-22 12:51:58 +02:00
Eelco Dolstra
1ad655bdcf
Don't join the cpuset controller with cpu/cpuacct
...
This works around the problem described here:
http://lists.freedesktop.org/archives/systemd-devel/2012-September/006648.html
2012-09-21 22:56:13 -04:00
Eelco Dolstra
4fa9b4b257
Restart systemd if necessary
2012-09-21 14:58:28 -04:00
Eelco Dolstra
0bd7bdfe0d
Merge branch 'master' of github.com:NixOS/nixos
2012-09-21 11:03:25 -04:00
Eelco Dolstra
600d43ba93
Drop xfce-4.6 compatibility
2012-09-21 11:03:07 -04:00
Peter Simons
4476b875fc
Add services.dovecot2.extraConfig option to configure arbitrary settings for which NixOS has no direct support.
2012-09-21 16:04:46 +02:00
Peter Simons
0573c7fcae
modules/services/mail/dovecot2.nix: update syntax for SSL config options
2012-09-21 12:29:36 +02:00
Peter Simons
155495deb2
modules/services/mail/dovecot2.nix: accept plain text authentication only over secure channels when TLS is available
...
Connects from 'localhost' are always considered secure.
2012-09-21 12:29:36 +02:00
Peter Simons
1da16a5ea1
modules/services/mail/dovecot2.nix: log via syslog instead of writing a separate file
2012-09-21 12:29:36 +02:00
Eelco Dolstra
d4af6edd5e
firewall.nix: Allow specifying trusted network interfaces
...
Trusted network interfaces (such as "lo") will accept any incoming
traffic.
2012-09-20 17:51:44 -04:00
Eelco Dolstra
1e666c10fa
Get rid of the last use of mkThenElse
2012-09-20 16:55:32 -04:00
Rickard Nilsson
0de3a0cff3
nscd-invalidate: Invalidate passwd and group databases also
...
I had some problems with LDAP user lookups not working properly
at boot. I found that invalidating passwd and group on the
ip-up event (when nscd-invalidate starts) helped a bit.
2012-09-19 14:30:55 +02:00
Eelco Dolstra
83c6b1cf3a
Set $LOCALE_ARCHIVE in systemd services
...
Systemd sets locale variables like $LANG when running services, so
$LOCALE_ARCHIVE should also be set to prevent warnings like "perl:
warning: Setting locale failed.".
2012-09-18 18:12:39 -04:00
Eelco Dolstra
d12dd340b6
firewall.nix: Respect networking.enableIPv6 = false
...
Reported-by: Pablo Costa <modulistic@gmail.com>
2012-09-18 17:20:46 -04:00
Eelco Dolstra
b96835f8dd
Merge remote-tracking branch 'origin/master' into systemd
2012-09-14 13:24:03 -04:00
Eelco Dolstra
75583c7984
nixos-rebuild: Support --option
2012-09-14 13:23:19 -04:00
Peter Simons
ad65e807bd
Add new 'hardware.cpu.amd.updateMicrocode' option.
2012-09-11 18:44:37 +02:00
Eelco Dolstra
aac6fe44b6
Merge branch 'master' of github.com:NixOS/nixos into systemd
2012-09-11 10:58:57 -04:00
Eelco Dolstra
b53842df3e
Don't set the passno field for tmpfs and other FSs that have no device
...
If passno is set, then systemd will instantiate a systemd-fsck unit,
which in turn will instantiate a <device>.device unit
(e.g. "none.device"). Since no such device exists, mounting will
fail. So don't set passno.
2012-09-11 10:55:56 -04:00
Ludovic Courtès
f7530dc5ee
avahi: Never set host-name' to the empty string in
avahi-daemon.conf'.
2012-09-07 10:58:53 +02:00
Rob Vermaas
27880ed729
Change logstash job startOn attribute to include networking
2012-09-06 12:31:15 +02:00
Shea Levy
f701e8d420
d'oh
2012-09-03 12:11:07 -04:00
Shea Levy
4be367ec47
Damn NixOS lack of laziness...
2012-09-03 10:35:45 -04:00
Eelco Dolstra
e0e0e57c26
Fix the OpenVPN jobs
2012-08-30 21:11:36 -04:00
Mathijs Kwik
bce1cdd59c
fix kernel 3.4+ early cifs mounting (qemu-vm target)
...
kernel 3.4+ needs cifs-utils to mount CIFS filesystems.
the kernel itself (and busybox's cifs mount code) are no longer able
to do this in some/most cases and will error out saying:
"CIFS VFS: connecting to DFS root not implemented yet"
Nixos' qemu-vm target is hurt by this, as it wants to mount /nix/store
via cifs very early in the boot process.
This commit makes sure the initrd for affected kernels is built with
cifs-utils if needed.
2012-08-30 18:31:45 +02:00
Mathijs Kwik
a502ce1128
networking: add proxy_arp / proxy_ndp options.
...
proxy_arp (and proxy_ndp for ipv6) can be turned on on a few
interfaces (at least 2).
This is mainly useful for creating pseudo-bridges between a real
interface and a virtual network such as VPN or a virtual machine for
interfaces that don't support real bridging (most wlan interfaces).
As ARP proxying acts slightly above the link-layer, below-ip traffic
isn't bridged, so things like DHCP won't work. The advantage above
using NAT lies in the fact that no IP addresses are shared, so all
hosts are reachable/routeable.
2012-08-29 22:59:36 +02:00
Mathijs Kwik
0dd46d1335
networking: add options for configuring virtual devices (tun/tap)
...
These are mainly useful for network tunnels (vpn/ipv6) and creating
bridges for virtual machines
2012-08-29 22:59:36 +02:00
Mathijs Kwik
d106a8a296
logcheck: make sure directories are writable during merge phase
2012-08-29 22:59:28 +02:00
Peter Simons
51e58dafca
spamassassin: use a dedicated user for running spamd
2012-08-28 16:27:28 +02:00
Mathijs Kwik
2769f594f3
add logcheck module
2012-08-26 16:04:49 +02:00
Mathijs Kwik
aba9f76105
change permission of /run/lock to allow non-root access to subdirectories
2012-08-26 10:17:22 +02:00
Mathijs Kwik
05262ad35d
postfix: allow specifying 'virtual' mappings
...
mainly useful for having a few local addresses (me@host.domain.com ) while the majority of
addresses are on the domain (you@domain.com )
2012-08-24 00:27:07 +02:00
Eelco Dolstra
8adc1ee92e
switch-to-configuration: Stop sockets corresponding to services
...
If a service has a corresponding socket unit, then stop the socket
before stopping the service. This prevents it from being restarted
behind our backs. Also, don't restart the service; it will be
restarted on demand via the socket.
2012-08-23 12:12:58 -04:00
Eelco Dolstra
e194d41b9c
cpufreq: Don't complain if a CPU doesn't support the desired governor
2012-08-23 12:12:25 -04:00
Eelco Dolstra
4c65a5d95c
Don't restart agetty
2012-08-23 11:13:33 -04:00
Eelco Dolstra
dfb6e891b9
switch-to-configuration: Don't restart systemd-user-sessions.service
...
Restarting it causes all user sessions to be killed.
2012-08-23 11:11:14 -04:00
Eelco Dolstra
af550048e8
switch-to-configuration: Don't restart the suspend/hibernate targets
...
Restarting them has the side effect of suspending/hibernating the
system again.
2012-08-23 11:11:04 -04:00
Eelco Dolstra
9e5bbee2b1
Make cpufreq a service instead of a task
...
Otherwise it will be restarted by switch-to-configuration even when it
hasn't changed.
2012-08-23 11:08:42 -04:00
Eelco Dolstra
b02c488fde
Automatically append ".service" to the name of service units
2012-08-23 10:25:27 -04:00
Eelco Dolstra
cce6e48edf
Don't use consolekit anywhere
2012-08-23 10:25:15 -04:00
Eelco Dolstra
0280aa2dc4
Remove the lvm job
...
There is a generator in lvm2 that takes care of this.
2012-08-23 10:23:41 -04:00
Eelco Dolstra
c2da812bd0
Enable upower's systemd unit
2012-08-21 11:29:59 -04:00
Eelco Dolstra
223f04b3ca
Add option ‘boot.systemd.packages’ to use units from the specified packages
2012-08-21 11:28:47 -04:00
Eelco Dolstra
e02b57df9b
Fix the dependencies of the vboxnet0 service
2012-08-20 16:19:57 -04:00
Eelco Dolstra
f3def8194e
switch-to-configuration: Restart all active targets
2012-08-20 16:19:03 -04:00
Eelco Dolstra
3f4ffffed7
Fix a Perl warning
2012-08-20 11:32:50 -04:00
Eelco Dolstra
08f14b33c1
Merge branch 'master' of github.com:NixOS/nixos into systemd
2012-08-20 11:27:38 -04:00
Eelco Dolstra
36e05e8dd2
Add some more backward compatibility hacks
2012-08-20 11:21:11 -04:00
Eelco Dolstra
39ec043aea
Typo
2012-08-20 11:21:03 -04:00
Eelco Dolstra
5408f1ebcd
Build slim without consolekit
2012-08-20 11:11:25 -04:00
Eelco Dolstra
cdc3604a7d
kdm: Do a poweroff, not a halt
2012-08-20 11:11:10 -04:00
Eelco Dolstra
ebb1781dfc
Fix KDE/kdm
2012-08-20 11:10:19 -04:00
Peter Simons
16713db4e2
modules/programs/bash/bashrc.sh: adapt bash completion for version 2.0 of the package
2012-08-20 16:37:14 +02:00
Petr Rockai
5dc8bc5f2a
Do not assume that /dev/console can always be written.
2012-08-18 14:29:09 +02:00
Eelco Dolstra
6547ecb72f
Remove policykit.nix (old PolicyKit module)
...
Only the HAL module needed it.
2012-08-17 14:47:37 -04:00
Eelco Dolstra
1e5a2bca28
Remove HAL
...
It's obsolete and we no longer use it.
2012-08-17 14:45:43 -04:00
Eelco Dolstra
c60d6caee8
Rename xserver.service to display-manager.service
...
The latter is what graphical.target expects.
2012-08-17 14:43:41 -04:00
Eelco Dolstra
490ce3a230
PAM: Rename ownDevices to startSession
...
Logind sessions are more generally useful than for device ownership.
For instances, ssh logins can be put in their own session (and thus
their own cgroup).
2012-08-17 13:48:22 -04:00
Eelco Dolstra
676157f1e7
slim.nix: Remove the hideCursor option because it doesn't work
2012-08-17 13:42:52 -04:00
Eelco Dolstra
b91aa1599c
sshd.nix: Disable password logins for root by default
2012-08-17 13:32:23 -04:00
Eelco Dolstra
a44e575196
switch-to-configuration: Respect the ‘restartIfChanged’ attribute
2012-08-17 13:14:42 -04:00
Eelco Dolstra
7d958dcdd1
Drop Upstart references
2012-08-17 11:02:12 -04:00
Eelco Dolstra
f903a3dcc8
dhcpcd.nix: Add a reload action for rebinding interfaces
2012-08-17 11:01:07 -04:00
Eelco Dolstra
2ce5abaedf
acpid.nix: Fix dependencies
2012-08-17 11:00:33 -04:00
Eelco Dolstra
8e8bad96d4
alsa.nix: Add job description
2012-08-17 11:00:14 -04:00
Eelco Dolstra
36f5c97b49
Use systemd-udevd instead of udevd
2012-08-16 16:34:49 -04:00
Eelco Dolstra
7e99541afe
Fix initrd for the latest lvm2
2012-08-16 15:37:13 -04:00
Eelco Dolstra
a025e7e7e2
Provide a common share between VMs to allow easy communication
...
Every VM now mounts a common SMB share on /tmp/shared.
2012-08-16 10:47:33 -04:00
Eelco Dolstra
0e3f03106f
postgresql.nix: Add an option for overriding the PostgreSQL package
2012-08-15 17:02:03 -04:00
Eelco Dolstra
d18c2afc6f
Add an ip-up target for services that require IP connectivity
2012-08-15 15:38:52 -04:00
Eelco Dolstra
981347429a
Add support for PartOf dependencies
2012-08-15 15:36:54 -04:00
Eelco Dolstra
c2b2a3369a
Fix dependencies of Apache and PostgreSQL
2012-08-14 18:15:37 -04:00
Eelco Dolstra
a133eb5991
Add some missing targets
...
Also make multi-user.target pull in remote-fs.target to mount remote
filesystems.
2012-08-14 18:14:48 -04:00
Eelco Dolstra
55b2736566
Add a target ‘fs.target’ that waits for all filesystems
2012-08-14 18:14:16 -04:00
Eelco Dolstra
11c3219c1c
Remove the ‘networking’ job
...
Systemd has ‘network.target’ for this purpose.
2012-08-14 18:12:16 -04:00
Eelco Dolstra
a44a7271a8
Warn about Upstart modules with an unknown startOn condition
2012-08-14 17:30:11 -04:00
Eelco Dolstra
9dce4bd9c5
Provide start/stop/status aliases as a convenience for Upstart users
2012-08-14 17:22:04 -04:00
Eelco Dolstra
7a7d04af8a
systemd: Use the kernel modules from /run/booted-system
...
This prevents failures in systemd-modules-load.service like "Failed to
lookup alias 'ipv6': Function not implemented".
2012-08-14 17:09:44 -04:00
Eelco Dolstra
4475294f57
Fix a hang during shutdown
...
Subtle: dhcpcd.service would call resolvconf during shutdown, which in
turn would start invalidate-nscd.service, causing the shutdown to be
cancelled. Instead, give nscd.service a proper reload action, and do
"systemctl reload --no-block nscd.service". The --no-block is
necessary to prevent that command from waiting until a timeout occurs
(bug in systemd?).
2012-08-14 16:45:50 -04:00
Eelco Dolstra
88bfdca8e0
stage-1: Use systemd-udevd instead of the old udevd
2012-08-14 15:31:15 -04:00
Peter Simons
a025e848e0
modules/security/sudo.nix: added 'wheelNeedsPassword' option (default: true)
...
Change this setting to 'false' to allow users in the 'wheel' group to execute
commands as super user without entering a password.
2012-08-13 14:37:32 +02:00