Commit graph

2257 commits

Author SHA1 Message Date
Eelco Dolstra 56ce5614f9 switch-to-configuration: Print all failed services 2012-08-03 10:40:01 -04:00
Peter Simons 0ef085d58a Add services.httpd.fixUidAndGid option to assign reliable numeric UID and GID for the Apache user.
The option is disabled by default so that previously existing installations
aren't affected.

If you'd like to migrate to the fixed numeric id for Apache, set "fixUidAndGid
= true", edit the file "/etc/groups" and replace the old GID value with 54.
(NixOS can't do that for you because it refuses to change a GID that identifies
the primary group of a user.) Then run

  find / -xdev -uid $oldUID -exec chown 54 {} +
  find / -xdev -gid $oldGID -exec chgrp 54 {} +

to update ownership of all files that are supposed to be owned by Apache.
2012-08-03 16:39:55 +02:00
Eelco Dolstra 29f721ba54 Only create the Apache user/group if it's "wwwrun" 2012-08-03 09:35:06 -04:00
Peter Simons 1b249eaf05 Initial version of a SpamAssassin service.
The configuration is expected to be managed by the user in /etc/spamassassin.
2012-08-03 15:11:28 +02:00
Eelco Dolstra 4d2deff7af Stop obsolete units, restart changed units, start new units 2012-08-02 17:26:23 -04:00
Eelco Dolstra 0fc68a3d1d Rewrite switch-to-configuration in Perl
This will make it more efficient to do systemd dependency graph
processing (if necessary).
2012-08-02 15:11:29 -04:00
Eelco Dolstra d4fec178fd Merge remote-tracking branch 'origin/master' into systemd 2012-08-02 13:44:16 -04:00
Eelco Dolstra 1fcef0a0e0 Don't use nixUnstable 2012-08-02 13:31:57 -04:00
Rickard Nilsson a6039e1be2 LUKS root: Fix key file check
Check for null instead of empty string
2012-08-02 11:39:31 +02:00
Rickard Nilsson 0958b224ac LUKS root: Add option for using a key file instead of a passphrase. 2012-08-02 11:30:33 +02:00
Rickard Nilsson ecdbc94e05 LUKS root: Add option allowDiscards (for SSD disks) 2012-08-02 11:27:28 +02:00
Shea Levy feb010a366 NixOS kernels should support ELF executables 2012-08-02 00:47:36 -04:00
Shea Levy 3d20a308af tests/minimal-kernel: Add CIFS timeout patch 2012-08-01 23:36:48 -04:00
Shea Levy 9e300052bd Add test to check that a machine with a minimal kernel but all of the requiredKernelConfig options set boots and shuts down 2012-08-01 22:32:16 -04:00
Shea Levy 2a983acaff Enable specifying which kernel config options are needed for a given module 2012-08-01 21:50:43 -04:00
Eelco Dolstra 5f57110e1f install-grub.pl: Fix Xen support 2012-08-01 21:48:29 +02:00
Mathijs Kwik 52fd5ea6ca gogoclient: setup config and dirs on service start, not on system activation 2012-07-31 20:07:05 +02:00
Eelco Dolstra 6576d81ff1 Fix "please: command not found" in switch-to-configuration 2012-07-30 15:19:30 -04:00
Eelco Dolstra 2678ff3726 Use /sys/fs/cgroup instead of /dev/cgroup 2012-07-30 13:49:18 -04:00
Eelco Dolstra 174d6a07e0 Fix whitespace 2012-07-30 13:49:10 -04:00
Eelco Dolstra a559a2a606 mediawiki.nix: Use the right PHP build 2012-07-30 17:19:23 +02:00
Florian Friesdorf 14a8532ee0 add NIX_CONF_DIR to sudo env_keep variables (suggested by Eelco Dolstra)
this enables nix-collect-garbage under sudo to respect nix.conf, e.g.:

    gc-keep-outputs = true
    gc-keep-derivations = true
2012-07-27 12:25:11 +02:00
Peter Simons e988324534 Use a dedicated user ('named') for BIND instead of running the daemon as super user. 2012-07-27 00:08:41 +02:00
Shea Levy 51765e6333 Merge pull request #20 from chaoflow/setuid-wrapper-newgrp
add setuid wrapper for newgrp
2012-07-26 11:11:10 -07:00
Florian Friesdorf 7c1c4c757c add setuid wrapper for newgrp 2012-07-26 16:52:38 +02:00
Eelco Dolstra 16da4a14f1 amazon-image.nix: Don't put any old configurations in the GRUB menu 2012-07-25 16:38:05 -04:00
Eelco Dolstra 557f39aa0f install-grub.pl: Apply the configuration limit only to old generations 2012-07-25 16:37:29 -04:00
Eelco Dolstra 8cae5e5782 Remove jfsrec from the minimal CD because it pulls in Boost 2012-07-25 11:39:41 -04:00
Eelco Dolstra b52117c34d Treat init-script as a boot loader 2012-07-25 11:30:16 -04:00
Eelco Dolstra 8b91a5f2ff Move boot loader modules to modules/system/boot/loader 2012-07-25 10:59:03 -04:00
Eelco Dolstra b15e1fbb08 Boot loader refactoring
- Renamed system.build.menuBuilder to system.build.installBootLoader.

- ‘install-grub.pl’ (formerly grub-menu-builder.pl) now generates the
  GRUB menu *and* installs GRUB (if necessary).

- ‘switch-to-configuration.sh’ has no boot loader specific knowledge
  anymore.  It just calls installBootLoader.
2012-07-25 10:47:32 -04:00
Eelco Dolstra 1b743526bd grub.nix: Handle null values
http://hydra.nixos.org/build/2894714
2012-07-25 09:27:51 -04:00
Eelco Dolstra be4c4d79cf grub-menu-builder: GRUB now installs unicode.pf2 automatically 2012-07-24 22:37:16 -04:00
Eelco Dolstra a0721ad2b3 stage-1-init: Use mount --move to move /sys etc. to the target root
This fixes warnings about /sys/kernel/security during shutdown and
cleans up /proc/mounts.
2012-07-24 22:04:28 -04:00
Eelco Dolstra fb15b1894e Add missing progress message 2012-07-24 19:27:16 -04:00
Eelco Dolstra f0c82f4543 Pass the ‘--recheck’ flag to grub-install 2012-07-24 19:22:19 -04:00
Eelco Dolstra f07f221f0e Replace grub-menu-builder with a much faster version
The old GRUB menu builder script is quite slow, typically taking
several seconds.  This is a real annoyance since it's run every time
you switch to a new configuration.  Therefore this patch replaces the
Bash script with a much faster Perl script.  In a VirtualBox test, the
execution time went from 2.7s to 0.1s.  The Perl version is also more
correct because it uses XML to get the GRUB configuration (through
builtins.toXML), so there are no shell escaping issues.

The new script currently lacks support for subconfigurations defined
through "nesting.children".
2012-07-24 19:16:27 -04:00
Eelco Dolstra b3b6b8ad60 virtualbox-image.nix: VirtualBox disks are /dev/sda, not /dev/vda 2012-07-24 19:07:03 -04:00
Eelco Dolstra e4ed2120fd Create /etc/locale.conf and /etc/vconsole.conf
Systemd's systemd-vconsole-setup.service reads locale and console
font/keymap settings from these files.  In particular, it sets the
virtual console to UTF-8 mode depending on the LANG setting.

This removed the need for the kbd job.
2012-07-24 13:53:17 -04:00
Phreedom cb063afcbf F-Prot virus signaure database updater: package 2012-07-24 10:52:04 +03:00
Shea Levy 0f65521df2 Merge pull request #17 from MarcWeber/fix-init-script-builder
fix init-script-builder
2012-07-23 17:44:37 -07:00
Peter Simons e8e19bbb1f modules/services/web-servers/apache-httpd: rename 'apacheHttpd' option to 'package' 2012-07-24 01:01:48 +02:00
Peter Simons b3627f6c69 modules/services/web-servers/apache-httpd: add apache user to the apache group 2012-07-23 22:00:35 +02:00
Peter Simons 52c97adaba modules/services/web-servers/apache-httpd: make this module more configurable
- The new option 'apacheHttpd' determines the version of the Apache
   HTTP Server that's being used by this module. The default version
   is Apache 2.2.x, as before.

 - The new option 'configFile' allows users specify their own custom
   config file for the web server instead of being limited to the one
   that this module generates.
2012-07-23 21:48:21 +02:00
Eelco Dolstra 5a0cf5e7b6 Use ext4 for VirtualBox images 2012-07-23 14:01:10 -04:00
Phreedom 4f109c8a3d ClamAV: package virus fingerprint database updater. 2012-07-23 17:19:59 +03:00
Marc Weber 7ddea025e4 dont hardcode apache group name when setting permissions for state dir 2012-07-23 03:28:21 +02:00
Your Name 4549bad2f4 AppArmor: packaged 2012-07-22 16:31:49 +03:00
Your Name 8bde72d99c Mount securityfs needed for AppArmor and some TPM drivers.
Should be harmless.
2012-07-22 16:31:49 +03:00
Marc Weber 3221159f5f fix init-script-builder 2012-07-21 19:26:36 +02:00
Mathijs Kwik 26bf696350 Revert "allow out-of-tree nixos modules"
This reverts commit b609ff4fcf.

It turns out this can just be done using "require".
2012-07-21 18:30:58 +02:00
Mathijs Kwik b609ff4fcf allow out-of-tree nixos modules
The environment variable "NIXOS_EXTRA_MODULES" is now checked to
contain a path to a file similar to modules/module-list.nix.

This gives the ability to include nixos modules that are not in the
nixos source tree.

This can be useful for modules that are still experimental, or which
aren't useful for other nixos users. Of course, this was already
possible to do this using a forked nixos tree, but with this
functionality, you can just rely on the nixos channel, easing things a
lot.
2012-07-21 17:35:50 +02:00
Eelco Dolstra 71ca633431 Start agetty on tty1
‘logind’ automatically starts agetty on all virtual consoles except
tty1.  We have to do that ourselves.
2012-07-20 18:32:24 -04:00
Eelco Dolstra 0edf138fc7 switch-to-configuration: Initial systemd support
It reloads the configuration, but doesn't (re)start jobs yet.
2012-07-20 18:25:36 -04:00
Eelco Dolstra fd2cef50cd Don't pull in Upstart 2012-07-20 18:25:23 -04:00
Eelco Dolstra 7a98c884f8 dhcpcd.nix: Go into the background and restart ntpd 2012-07-20 18:24:55 -04:00
Eelco Dolstra ee075bdf6b agetty.nix: Add remark 2012-07-20 17:39:05 -04:00
Eelco Dolstra 77510eaa99 dbus.nix: Fix path to dbus-send 2012-07-20 17:38:36 -04:00
Eelco Dolstra 0b865edb16 switch-to-configuration: require a reboot going from Upstart to systemd 2012-07-20 16:23:52 -04:00
Eelco Dolstra 5fabcf63a3 Get delayed shutdowns to work 2012-07-20 15:40:50 -04:00
Eelco Dolstra 1602f8e162 Typo 2012-07-20 14:58:15 -04:00
Eelco Dolstra 1375e7951d Enable systemd-journal-flush.service (added by systemd 187) 2012-07-20 12:02:42 -04:00
Eelco Dolstra 41cb04f793 Implement serial-getty@.service 2012-07-20 11:36:09 -04:00
Eelco Dolstra 02e37ba6b0 Shorten filenames of start scripts to make log messages more readable 2012-07-19 17:41:42 -04:00
Eelco Dolstra ae62436697 Random changes 2012-07-19 17:33:22 -04:00
Eelco Dolstra 6419172bc2 journald: enable logging to the console 2012-07-19 17:32:50 -04:00
Eelco Dolstra 425ec4cb00 syslogd: Make it work with systemd
Also made syslogd optional (and disabled by default).
2012-07-19 12:48:30 -04:00
Eelco Dolstra 63742a942e Don't create /var/log/upstart/<jobname> unless necessary 2012-07-18 17:09:00 -04:00
Lluís Batlle i Rossell f43033a3f7 crashdump: it required some kernel options for the nmi_watchdog to work.
Now it says at boot, for every core:
NMI watchdog: enabled, takes one hw-pmu counter.
2012-07-18 21:50:18 +02:00
Peter Simons 4553a27a92 modules/security/pam.nix: add xscreensaver to the list of services 2012-07-17 13:01:09 +02:00
Eelco Dolstra 917e53a2d2 Update units names for systemd-186 2012-07-16 17:47:11 -04:00
Eelco Dolstra 94daecd90b save-hwclock.service: support time.hardwareClockInLocalTime 2012-07-16 17:32:26 -04:00
Eelco Dolstra 44d091674b Merge branch 'master' of github.com:NixOS/nixos into systemd
Conflicts:
	modules/config/networking.nix
	modules/services/networking/ssh/sshd.nix
	modules/services/ttys/agetty.nix
	modules/system/boot/stage-2-init.sh
	modules/system/upstart-events/shutdown.nix
2012-07-16 17:27:11 -04:00
Eelco Dolstra 1d57489427 Global replace /var/run/opengl-driver -> /run/opengl-driver 2012-07-16 11:34:21 -04:00
Eelco Dolstra 98459eb675 Global replace /var/run/booted-system -> /run/booted-system 2012-07-16 11:34:21 -04:00
Eelco Dolstra 73532c3855 Global replace /var/run/current-system -> /run/current-system 2012-07-16 11:34:21 -04:00
Shea Levy 8c24de13e4 D'oh 2012-07-16 08:11:44 -04:00
Shea Levy cdd8ecf9c7 multitouch: Invert left-right scrolling when invertScroll is enabled 2012-07-16 08:03:47 -04:00
Shea Levy 3d2b83c110 multitouch: Add an option to ignore palm touches 2012-07-14 21:40:49 -04:00
Shea Levy c909ea9208 multitouch: Add option to invert scroll 2012-07-14 18:02:46 -04:00
Shea Levy e3337c7f05 Add module for b43 firmware 2012-07-13 23:54:41 -04:00
Eelco Dolstra 57d74e6f4f openssh.authorizedKeys.keyFiles: allow multiple keys
Ugly hack to get around the error "a string that refers to a store
path cannot be appended to a path".  The underlying problem is that
you cannot do

  "${./file1} ${./file2}"

but you can do

  " ${./file1} ${./file2}"

Obviously we should allow the first case as well.
2012-07-13 17:59:03 -04:00
Eelco Dolstra 7e77dae458 sshd.nix: Create ~/.ssh/authorized_keys with the right ownership 2012-07-13 11:48:47 -04:00
Eelco Dolstra 7fca8ceaf8 /etc/login.defs: set the mode of new home directories to 700 2012-07-13 10:41:48 -04:00
Shea Levy 8544ba285d logstash: Fix sloppy description fields 2012-07-12 14:35:06 -04:00
Shea Levy a2b59f595f logstash: Export config.lib.logstash.mk{Float,Hash,NameValuePairs}.
This allows hiding the implementation details for how to represent logstash
config types that don't directly map to nix expressions, particularly floats,
hashes, and name-value pair sets with repeated names. Instead of setting
__type and value directly, the user now uses these convenience functions to
generate their logstash config.
2012-07-12 14:15:43 -04:00
Shea Levy 8712e1dafc Add lib module for modules to provide helper functions 2012-07-12 13:46:04 -04:00
Peter Simons 0c12e29368 Don't add the i3 window manager to the system if it isn't enabled in configuration.nix. 2012-07-12 11:33:10 +02:00
Eelco Dolstra 7de6a7e8b0 Rename time.clockLocal -> time.hardwareClockInLocalTime. 2012-07-11 15:33:34 -04:00
Carles Pagès 008493f94c Add option to keep hardware clock in local time. 2012-07-11 15:31:46 -04:00
Shea Levy 5412b1089f logstash: Start process in /tmp
See https://logstash.jira.com/browse/LOGSTASH-107
2012-07-11 13:45:36 -04:00
Shea Levy 315087def1 logstash: use {name=; value='} attrsets for repeated name-value pairs instead of parallel lists 2012-07-11 11:59:00 -04:00
Shea Levy 3039caf5ad Add logstash module.
Since the logstash config file seemed very similar to a nixexpr, I decided
to map directly from nixexprs to logstash configs. I didn't realize until
too far in that this solution was probably way over-engineered, but it
works.
2012-07-11 11:22:16 -04:00
Rok Garbas b7398794ed i3 window manager was not installed when enabled 2012-07-10 16:07:53 +02:00
Eelco Dolstra fbf9ecf78a Apache: make /var/run/httpd readable to wwwrun, as required by mod_cgid 2012-07-09 16:27:39 +02:00
Eelco Dolstra d0c9a3ce32 Apache: build PHP against the right httpd
If httpd is built with a threaded MPM, then PHP needs to be built with
thread support as well.
2012-07-06 23:28:46 +02:00
Eelco Dolstra 18031e41bb Apache: Add an option to set the MPM
Supported values are "prefork" (default), "worker" and "event"
(experimental in Apache 2.2 but not 2.4).
2012-07-06 14:23:55 -04:00
Eelco Dolstra a07eb262a0 Apache: don't fork into the background due to Upstart weirdness
If Apache crashes during startup, Upstart for some reason shows the
job in the "start/running" state.  As a workaround, don't fork.
2012-07-06 13:47:42 -04:00
Eelco Dolstra 46dce21bff MediaWiki: Generalise the skins support
The new option ‘skins’ allows specifying a list of directories
providing skins to be added to the MediaWiki installation.  The
‘defaultSkin’ option just sets the default.
2012-07-05 21:04:23 +02:00
Mathijs Kwik a630b1f6f6 EFI shell got updated upstream, reflecting new hash 2012-07-05 08:31:44 +02:00
Eelco Dolstra 348691645d Remove broken "nopipefail" option
http://hydra.nixos.org/build/2751337
2012-07-02 10:57:36 -04:00
Peter Simons 56373744b4 modules/config/networking.nix: recognize whether a local DNS resolver is available
resolvconf prefers a locally running BIND resolver over the forwarders; we just
have to tell it whether we have one or not. We use 'config.services.bind.enable'
to make that decision, assuming that people are not going to configure a local
BIND that won't respond to queries on 127.0.0.1. If we run into such a (weird)
case, then we'll need to introduce another variable for that purpose which can
be set independently from 'config.services.bind.enable'.
2012-07-02 15:01:02 +02:00
Peter Simons f22dbd5e05 modules/services/networking/wpa_supplicant.nix: strip trailing whitespace 2012-06-29 11:53:16 +02:00
Peter Simons 61b8ee9029 modules/services/networking/wpa_supplicant.nix: document that interface auto-detection doesn't work on Linux 3.4.x 2012-06-29 11:53:16 +02:00
Eelco Dolstra bf15293b1e Merge branch 'master' of github.com:NixOS/nixos into systemd
Conflicts:
	modules/services/hardware/udev.nix
2012-06-28 14:19:38 -04:00
Eelco Dolstra 76c74cd7c7 initrd: Detect filesystem type before doing fsck/mount
BusyBox doesn't handle the "auto" filesystem type very well: fsck will
just ignore such filesystems, and mount will only work properly if the
required kernel module is already loaded.  Therefore, use blkid to
determine the filesystem type.

Also generate an /etc/fstab in the initrd rootfs on the fly.  This is
useful if you're dropped into an emergency shell since it allows you
to say "fsck /dev/sda1" or "mount /dev/sda" and have the right thing
happen.
2012-06-28 10:55:44 -04:00
viric 7acfd8ec20 Merge pull request #9 from viric/pull-pipefail
nixos-rebuild: make 'pull' fail in case it did not pull anything.
2012-06-28 01:20:22 -07:00
Lluís Batlle i Rossell 34e8f68056 system-tarball-pc: not use boot.initrd.extraTools anymore
Eelco removed the option recently, making the default initrd have the full
busybox.

I saw this evaluation error in the hydra nixos trunk page.
2012-06-27 22:26:27 +02:00
Lluís Batlle i Rossell de87b07bb3 nixos-rebuild: fail if any case of pull fails. 2012-06-27 21:57:15 +02:00
Lluís Batlle i Rossell 5b7c019e2a nixos-rebuild: make 'pull' fail in case it did not pull anything. 2012-06-27 21:36:46 +02:00
David Guibert dbe2325603 fix the grep pattern finding programs called by absolute paths in udev rules. 2012-06-27 20:41:07 +02:00
Shea Levy bb5d2d53fe try isn't used, so use the more compatct seq 10 2012-06-27 09:43:54 -04:00
Mathijs Kwik 061a998840 luks root: c-style for-loop -> seq
The ash shell no longer supports this bash-specific syntax.
This left systems that use luksroot unable to boot.
2012-06-27 09:42:55 -04:00
Eelco Dolstra e64bdda52b Don't use weird 777 permissions on unmounted /dev/shm 2012-06-27 09:35:53 -04:00
Eelco Dolstra cc357c7e64 nixos-rebuild: Add a convenience option ‘--upgrade’
This is equivalent to running ‘nix-channel --update nixos’ before
running ‘nixos-rebuild’.
2012-06-25 16:17:34 -04:00
Eelco Dolstra 7613ae950a Fix booting on EC2
The kill command in ash doesn't know the "--" syntax, but doesn't need
it either.
2012-06-24 19:02:34 -04:00
Eelco Dolstra bd0f065c05 Merge branch 'master' of github.com:NixOS/nixos into systemd 2012-06-22 18:20:26 -04:00
Eelco Dolstra 6bd32f0a27 Drop the socat wrapper 2012-06-22 15:37:22 -04:00
Eelco Dolstra 1da7cea223 Add Busybox to the installation CD
This is mostly to get the automated tests to succeed.
2012-06-22 14:16:55 -04:00
Eelco Dolstra 980ba4d5a5 stage-1: mount /proc, /sys, /dev in the target root
The switch_root in BusyBox doesn't do this (while the one in
util-linux does).  So we have to do this ourselves.
2012-06-22 13:51:42 -04:00
Eelco Dolstra 598adfee3e Fix booting from the CD-ROM
So it turns out that BusyBox doesn't auto-load modules for filesystems
that have type "auto", e.g. it doesn't figure out that it should load
the "iso9660" module should be loaded when mounting the CD-ROM.  We
don't want to give the root FS on the CD type "iso9660", because that
breaks booting from a USB stick created by unetbootin.  So make sure
the "iso9660" module is loaded.
2012-06-22 11:55:23 -04:00
Eelco Dolstra 7b54922227 Don't include klibc in the installation CD 2012-06-22 11:39:27 -04:00
Eelco Dolstra 872a76b177 Merge branch 'master' of github.com:NixOS/nixos into systemd 2012-06-22 11:11:21 -04:00
Eelco Dolstra 9692495df0 Use BusyBox in the initrd
Using BusyBox instead of Bash plus a bunch of other tools gives us a
much more feature-full, yet smaller initrd.  In particular, BusyBox
contains networking commands such as ip and a DHCP client, useful for
NFS boots.  It's also much more convenient for rescue situations
because the shell has builtin readline support and there are many more
tools (including vi).
2012-06-22 10:43:06 -04:00
Eelco Dolstra 70089950d2 nixos-version: "pre-svn" -> "pre-git" 2012-06-22 10:28:06 -04:00
Rob Vermaas df124ebc89 * Make sure time.timeZone can only be defined once. 2012-06-21 12:47:44 +02:00
Eelco Dolstra 055eae2a58 Merge pull request #1 from aszlig/i3_integration
Add xserver integration of i3 WM.
2012-06-20 20:49:45 -07:00
Eelco Dolstra 337423af8e Backdoor: depend on /dev/hvc0
Systemd is the shit: units can declare a dependency on the appearance
of device nodes.  Yay!
2012-06-19 17:36:02 -04:00
Eelco Dolstra 2fa1ba85c6 Enable the systemd password agents 2012-06-19 17:02:54 -04:00
Eelco Dolstra 2526afb1c7 Don't use ConsoleKit 2012-06-19 16:22:26 -04:00
Eelco Dolstra d692a0807a Don't mount /dev/pts since systemd does that for us 2012-06-19 15:25:56 -04:00
Eelco Dolstra cacd608c37 Mount devtmpfs in the initrd
It seems that udev now requires devtmpfs, so enable it.
2012-06-19 15:15:40 -04:00
Eelco Dolstra cd7872b758 Drop dependency on the old udev 2012-06-19 15:14:54 -04:00
Eelco Dolstra dab6bbe3a6 Set the default unit to "graphical.target" if X11 is enabled 2012-06-19 14:51:04 -04:00
Eelco Dolstra 2b305d7f29 Remove accidentally committed line 2012-06-19 14:50:23 -04:00
Eelco Dolstra f213c4ca29 Don't run syslogd and klogd
The systemd journal removes the need for running syslogd and klogd, so
don't start them.
2012-06-19 09:28:04 -04:00
Eelco Dolstra 88f94d76bc Use socket-based activation of the Nix daemon 2012-06-18 23:31:07 -04:00
Eelco Dolstra c73d642db2 Don't put quotes around environment values 2012-06-18 23:30:26 -04:00
Eelco Dolstra c3fb248bcb Get rid of the Upstart shutdown job
The only thing that Upstart's shutdown job did that systemd doesn't do
natively is update the hardware clock.  So added a service for that.
2012-06-18 18:15:34 -04:00
Eelco Dolstra ca2bd17f54 Whitespace 2012-06-18 17:58:31 -04:00
Eelco Dolstra 9f5051b76c Rename mingetty module to agetty 2012-06-18 17:55:27 -04:00
Eelco Dolstra 4c21857ee1 Upstart ‘boot.systemd.services’ for the Upstart compatibility layer 2012-06-18 17:42:26 -04:00
Eelco Dolstra 352510c208 Add an option ‘boot.systemd.services’
This option makes it more convenient to define services because it
automates stuff like setting $PATH, having a pre-start script, and so on.
2012-06-18 15:28:31 -04:00
Eelco Dolstra 673bf12b1d Improve the dependencies of units generated by the Upstart emulation 2012-06-18 00:22:18 -04:00
Eelco Dolstra 42ee3b4209 Add a ‘wantedBy’ attribute to unit definitions
This attribute allows a unit to make itself a dependency of another unit.

Also, add an option to set the default target unit.
2012-06-17 23:31:21 -04:00
Mathijs Kwik bd5b06bf86 synaptics driver: accelleration factor config option
svn path=/nixos/trunk/; revision=34523
2012-06-16 11:13:48 +00:00
Eelco Dolstra 4a95f8996b To ease migration to systemd, generate units from the ‘jobs’ option
Also get rid of the ‘buildHook’ job option because it wasn't very useful.
2012-06-16 00:19:43 -04:00
Eelco Dolstra 66f4d10843 Use pam_systemd.so to set up device ownership
This removes the need for ConsoleKit, so it's gone.
2012-06-15 14:51:48 -04:00
Eelco Dolstra ab86759eb3 Use kmod instead of module-init-tools 2012-06-15 14:18:26 -04:00
Eelco Dolstra 164d6e6ab2 Use udev from systemd 2012-06-15 13:09:22 -04:00
Eelco Dolstra a46894b960 Get lots more systemd stuff working
Enabled a bunch of units that ship with systemd.  Also added an option
‘boot.systemd.units’ that can be used to define additional units
(e.g. ‘sshd.service’).
2012-06-14 18:44:56 -04:00
Eelco Dolstra c9be63b83e * Use ‘nologin’ as the default shell for user accounts that are not
allowed to log in.

svn path=/nixos/trunk/; revision=34514
2012-06-14 21:33:59 +00:00
Eelco Dolstra fae777c264 Merge branch 'master' of github.com:NixOS/nixos into systemd 2012-06-14 12:02:17 -04:00
Eelco Dolstra fd9604b319 * Oops, fix an incomplete commit.
svn path=/nixos/trunk/; revision=34488
2012-06-13 03:28:03 +00:00
Eelco Dolstra 63517eca1b * Actually use the security.pam.enableSSHAgentAuth option.
http://hydra.nixos.org/build/2698800

svn path=/nixos/trunk/; revision=34483
2012-06-12 20:21:15 +00:00
Eelco Dolstra 15d44498f9 * Add a ‘size’ option to ‘swapDevices’ to create swapfiles on the fly.
svn path=/nixos/trunk/; revision=34478
2012-06-12 13:41:51 +00:00
Eelco Dolstra 03653d43eb * Add support for sudo authentication using the SSH agent. This
allows password-less servers.

svn path=/nixos/trunk/; revision=34474
2012-06-11 22:41:07 +00:00
Eelco Dolstra a3118792a5 * Make the ACPI Shutdown command in VirtualBox to do the right thing.
svn path=/nixos/trunk/; revision=34473
2012-06-11 22:37:55 +00:00
Lluís Batlle i Rossell a257bf78cb Making the virtualbox-guest module be evaluated only in i686 and x86_64.
On mips, an assertion in the nixpkgs virtualbox was failing.


svn path=/nixos/trunk/; revision=34464
2012-06-11 17:31:03 +00:00
Peter Simons 51b5da4023 modules/security/pam.nix: sort security.pam.services alphabetically
svn path=/nixos/trunk/; revision=34437
2012-06-11 07:12:41 +00:00
Peter Simons 5c3593be46 Add PAM configuration for vlock.
svn path=/nixos/trunk/; revision=34436
2012-06-11 07:12:39 +00:00
Peter Simons 4c54fcaf45 pam security for i3lock
svn path=/nixos/trunk/; revision=34435
2012-06-11 07:10:25 +00:00
Peter Simons 25155a02e6 Add findutils dependency for /tmp cleaning.
This dependency is only added if the setting is activated.

svn path=/nixos/trunk/; revision=34434
2012-06-11 07:05:15 +00:00
Peter Simons 4931188684 Integrate cleanTmpDir in stage-2-init.sh.
We're using find in order to remove dotfiles, too.

svn path=/nixos/trunk/; revision=34433
2012-06-11 07:05:13 +00:00
Peter Simons fbf53168f3 Add new option config.boot.cleanTmpDir.
This option is to control if the user wants to have its /tmp directory cleaned
up during system boot.

svn path=/nixos/trunk/; revision=34432
2012-06-11 07:05:11 +00:00
Lluís Batlle i Rossell 9125d3af50 Adding creation of /dev/ptmx in stage-2, in case stage-1 did not run.
Upstart requires /dev/ptmx since its 1.4, and will lock up in case of it missing.

I was hitting this in the fuloong, where I don't use the nixos initrd.


svn path=/nixos/trunk/; revision=34429
2012-06-10 22:37:20 +00:00
Lluís Batlle i Rossell 3d2ed19067 Making fcron use the daemonType=fork, instead of foreground. This way logrotate
does not have to handle it appart.


svn path=/nixos/trunk/; revision=34422
2012-06-10 15:14:16 +00:00
Lluís Batlle i Rossell 6824f1e082 Making the dovecot2 mail location a nixos option.
svn path=/nixos/trunk/; revision=34421
2012-06-10 15:07:25 +00:00
Lluís Batlle i Rossell 9b833aafb9 Fix prayer so it does not start a server at port 80.
svn path=/nixos/trunk/; revision=34420
2012-06-10 14:51:43 +00:00
Lluís Batlle i Rossell 78333e5d84 Add a 'named' option to run only for ipv4.
I remember the 'named' log was giving annoying messages on systems not ipv6
capable (I can't recall if lacking the kernel ipv6 code or unconfigured ipv6
addresses).


svn path=/nixos/trunk/; revision=34419
2012-06-10 14:50:44 +00:00
Lluís Batlle i Rossell 31f30722d6 Small comment fix on the system-tarball-sheevaplug.
svn path=/nixos/trunk/; revision=34418
2012-06-10 14:45:30 +00:00
Lluís Batlle i Rossell c539224a84 Postfix was started before all filesystems were mounted. I add 'filesystem' to startOn.
svn path=/nixos/trunk/; revision=34416
2012-06-10 14:36:16 +00:00
Eelco Dolstra 87e06b97a3 * Don't include the hostname in option default values. Default values
are included in the manual, so this causes a different manual to be
  built for each machine.
* Clean up indentation of cntlm module.

svn path=/nixos/trunk/; revision=34387
2012-06-08 14:29:31 +00:00
Eelco Dolstra 6aa4120f3a * Shorten the greeting line to make it fit on a 80-character terminal
again by removing the kernel version.

svn path=/nixos/trunk/; revision=34376
2012-06-06 23:14:57 +00:00
Eelco Dolstra 593eb83343 * Typo.
svn path=/nixos/trunk/; revision=34369
2012-06-06 15:23:20 +00:00
aszlig b78ce79f89 Add xserver integration of i3 WM.
This allows to set i3 as the default window manager in the system configuration.
2012-06-04 21:19:12 +02:00
Eelco Dolstra f21aa7d22c First attempt at using systemd
Basic booting works.  Systemd starts agetty instances on tty1 and
tty2.  Shutdown and journald also work.
2012-06-04 12:51:48 -04:00
Eelco Dolstra f2a33809c1 * Check for .git instead of .svn.
svn path=/nixos/trunk/; revision=34350
2012-06-04 15:57:32 +00:00
Eelco Dolstra a0cc181117 * nixos-checkout: get the NixOS/Nixpkgs sources from GitHub.
svn path=/nixos/trunk/; revision=34347
2012-06-04 15:39:07 +00:00
Eelco Dolstra c4c68f97d1 * The volume ID is too long again. Shorten it to make it fit (just
barely) inside the 32 character limit.

  http://hydra.nixos.org/build/2660387

svn path=/nixos/trunk/; revision=34346
2012-06-04 15:02:37 +00:00
Eelco Dolstra ca57a8e638 * Add type.
svn path=/nixos/trunk/; revision=34345
2012-06-04 14:35:48 +00:00
Eelco Dolstra 9b014c471a * CUPS: fix printing on a Ricoh Aficio MP C4500 PXL printer (and
probably lots of others).  The $PATH used to invoke the filter
  didn't contain Ghostscript and Perl, so it silently fails.  (A nice
  property of CUPS is that it will just silently discard the job when
  that happens, so you need to set LogLevel to "debug" to see this.)
  Fortunately, CUPS now has a "SetEnv" option to set $PATH explicitly.

  Also, remove config.system.path from the PATH of CUPS' Upstart job.
  It seems to serve no purpose.

svn path=/nixos/trunk/; revision=34244
2012-05-25 15:51:33 +00:00
Eelco Dolstra f81eb12d41 * Now hopefully a proper fix for the problem in
http://hydra.nixos.org/build/2645533 (which I can't reproduce btw -
  so much for reproducibility...).

svn path=/nixos/trunk/; revision=34243
2012-05-25 14:06:46 +00:00
Eelco Dolstra d0786fd3e7 * Cache nix-pull calls in nixos-install.
svn path=/nixos/trunk/; revision=34241
2012-05-25 13:32:30 +00:00
Lluís Batlle i Rossell 22fc2bdb24 Fixing the evaluation of the system-tarball-pc.
It complained that grub device wasn't defined, and I guess it wanted some
fileSystems too. I copied those details from the sheevaplug expression, that I
made evaluate some minutes ago.


svn path=/nixos/trunk/; revision=34238
2012-05-25 08:09:25 +00:00
Lluís Batlle i Rossell 4157166f8a Making the sheevaplug system tarball evaluate fine again. It had some pieces not up to date:
fileSystems definition, kernel version, ...


svn path=/nixos/trunk/; revision=34237
2012-05-25 07:52:12 +00:00
Eelco Dolstra a3e04ba0aa * Fix problems with repeated installations due to the immutable bit
(http://hydra.nixos.org/build/2645533).

svn path=/nixos/trunk/; revision=34235
2012-05-25 02:30:52 +00:00
Eelco Dolstra b11770373a * Work properly if /root/.nix-defexpr/channels already exists.
svn path=/nixos/trunk/; revision=34233
2012-05-24 23:37:06 +00:00
Eelco Dolstra a6892051ef * Allow building with boot.loader.grub.enable set to "false".
svn path=/nixos/trunk/; revision=34218
2012-05-23 15:52:29 +00:00
Eelco Dolstra 9dadfc3541 * Mark QEMU VMs as NixOS machines.
svn path=/nixos/trunk/; revision=34217
2012-05-23 15:40:31 +00:00
Rob Vermaas 53af6f5668 Execute mount-all task on config-changed event to make sure it is performed before other upstart jobs are started on activating the new configuration.
svn path=/nixos/trunk/; revision=34201
2012-05-21 21:26:45 +00:00
Mathijs Kwik be69799f35 better workaround for building nested child configurations
svn path=/nixos/trunk/; revision=34164
2012-05-18 06:17:08 +00:00
Mathijs Kwik 7fca5408f3 Revert "Provided a workaround for grub's missing-devices check, so nested child configurations can still build."
This reverts commit a89e8831e3d95bcf3ddc19ee34b938db7e8aa572.

svn path=/nixos/trunk/; revision=34163
2012-05-18 06:17:05 +00:00
Eelco Dolstra 2577a17468 * Add /etc/os-release to be Lennart Poettering compliant.
See http://0pointer.de/blog/projects/os-release.html

svn path=/nixos/trunk/; revision=34162
2012-05-17 21:10:42 +00:00
Eelco Dolstra 801cd7402c * Don't use ‘chown user.group’ since that syntax is not officially
supported (you're supposed to say ‘chown user:group’).

svn path=/nixos/trunk/; revision=34161
2012-05-17 19:43:32 +00:00
Eelco Dolstra f889ebc488 * Allow runtime changes to boot.devShmSize and friends.
svn path=/nixos/trunk/; revision=34160
2012-05-17 19:33:55 +00:00
Eelco Dolstra e9e6885d3b * Lower the limits on /run and /dev.
svn path=/nixos/trunk/; revision=34159
2012-05-17 19:33:12 +00:00
Eelco Dolstra 91acb81b11 * Support globbing in the source attribute of environment.etc entries.
svn path=/nixos/trunk/; revision=34158
2012-05-17 18:43:45 +00:00
Eelco Dolstra c10b41ad99 * Make the fail2ban module configurable.
svn path=/nixos/trunk/; revision=34157
2012-05-17 18:19:48 +00:00
Mathijs Kwik 88b3c4b82e Provided a workaround for grub's missing-devices check, so nested child configurations can still build.
svn path=/nixos/trunk/; revision=34153
2012-05-17 10:17:32 +00:00
Eelco Dolstra 3ce8859551 * Basic module for fail2ban. Not configurable yet. It currently
blocks IP addresses if they make too many failed login attempts.

svn path=/nixos/trunk/; revision=34149
2012-05-17 02:51:24 +00:00
Eelco Dolstra a9a507eede * On headless systems, disable the emergency shell and redirect
mountall output to the standard Upstart job log file
  (/var/log/upstart/mountall).

svn path=/nixos/trunk/; revision=34138
2012-05-16 15:08:44 +00:00
Eelco Dolstra 6a6eec0f53 * Add a filesystem option ‘autoFormat’ to automatically do a format if
the device has no filesystem yet.  Useful in Charon deployments.
  The check for an uninitialised filesystem is kind of shaky now.

svn path=/nixos/trunk/; revision=34133
2012-05-16 00:03:44 +00:00
Eelco Dolstra 07fcf5baee * Make the boot.initrd.luks.enable option obsolete. It's enough to
see that boot.initrd.luks.devices is non-empty.

svn path=/nixos/trunk/; revision=34120
2012-05-15 20:45:01 +00:00
Eelco Dolstra dbf5e3229e * Remove Nix's dependencies from the chroot. Nix 1.0 doesn't need
this anymore.

svn path=/nixos/trunk/; revision=34113
2012-05-15 16:12:22 +00:00
Eelco Dolstra 560262dae0 * Fix "error: the group nixbld' specified in build-users-group' does
not exist" during nixos-install.

svn path=/nixos/trunk/; revision=34103
2012-05-15 13:50:36 +00:00
Eelco Dolstra ea3cfc9287 * Add xdg-open to the default X11 configuration so that programs like
Chrome can open downloaded files.

svn path=/nixos/trunk/; revision=34097
2012-05-15 02:49:47 +00:00
Eelco Dolstra 3b314fa40b * Include cryptsetup in EC2 AMIs.
svn path=/nixos/trunk/; revision=34096
2012-05-14 23:43:38 +00:00
Eelco Dolstra 29b05fb62a * nixos-checkout: add an argument to specify the directory where the
sources should be stored.  E.g. "nixos-checkout /home/eelco/srcs"
  will check out to /home/eelco/srcs/{nixos,nixpkgs}.  Probably the
  /etc/nixos default should be removed eventually because /etc is a
  pretty weird place to keep large source trees.

svn path=/nixos/trunk/; revision=34086
2012-05-14 04:12:43 +00:00
Eelco Dolstra 8d568e5a71 * nixos-option: clean up the English and the generated file.
svn path=/nixos/trunk/; revision=34082
2012-05-14 01:56:42 +00:00
Eelco Dolstra 3dd0718939 * Give an error at evaluation time if boot.loader.grub.device or
boot.loader.grub.devices are not set, rather than complaining about
  it when it's too late.

svn path=/nixos/trunk/; revision=34081
2012-05-14 01:53:47 +00:00
Eelco Dolstra 67d5f2b444 * Require fileSystems to be set.
svn path=/nixos/trunk/; revision=34080
2012-05-14 01:33:11 +00:00
Eelco Dolstra ce3941d6e6 * Move logFormat to the per-vhost options.
svn path=/nixos/trunk/; revision=34066
2012-05-11 23:14:05 +00:00
Eelco Dolstra 5167f5abef * Remove a bad definition of environment.etc.
svn path=/nixos/trunk/; revision=34065
2012-05-11 23:08:37 +00:00
Eelco Dolstra c4aa833e56 * Use optionSet to check environment.etc.
svn path=/nixos/trunk/; revision=34064
2012-05-11 23:06:35 +00:00
Rickard Nilsson 35f9502a27 Added option for specifying the path to the private key file sshd should use.
svn path=/nixos/trunk/; revision=34039
2012-05-09 22:13:53 +00:00
Rickard Nilsson 658ea20e7f Added option for specifying system-wide known hosts file for OpenSSH.
svn path=/nixos/trunk/; revision=34038
2012-05-09 22:11:07 +00:00
Rickard Nilsson 2df81f42a5 Moved idmapd configuration file to Nix store.
svn path=/nixos/trunk/; revision=34037
2012-05-09 22:06:17 +00:00
Eelco Dolstra e4200d7e61 * Some more trivial builders with lots of dependencies that should be
built locally.

svn path=/nixos/trunk/; revision=34034
2012-05-09 21:35:47 +00:00
Peter Simons 7a69733704 Added 'networking.dhcpcd.denyInterfaces' to extend the list of network
interfaces black-listed for dhcpcd via configuration.nix. I use this option to
disable DHCP for "veth*" interfaces, which are created by LXC for use inside of
virtual machines.

svn path=/nixos/trunk/; revision=34018
2012-05-08 11:46:01 +00:00
Shea Levy 1a0c9ce201 The efibootmgr bricking problem was fixed in 2.6.39
svn path=/nixos/trunk/; revision=33990
2012-05-05 15:43:28 +00:00
Shea Levy c716747cce Need a slighty bigger boot image to contain the efi shell
svn path=/nixos/trunk/; revision=33986
2012-05-05 14:23:51 +00:00
Shea Levy 3aae8bfa61 Switch to using efi shell + startup.nsh as the
removable media efi boot option.

svn path=/nixos/trunk/; revision=33984
2012-05-04 22:16:35 +00:00
Sander van der Burg 4b650026bf The <> syntax has to be applied properly, in order to find build-vms.nix
svn path=/nixos/trunk/; revision=33981
2012-05-03 12:31:01 +00:00
Eelco Dolstra b603babd0f * Use PostgreSQL's fast shutdown mode. In the default
smart shutdown mode, Postgres waits until all 
  active connections have closed, which can take an
  unbounded amount of time.

svn path=/nixos/trunk/; revision=33959
2012-04-30 18:15:32 +00:00
Eelco Dolstra be189991e0 * Revert r33928: veth* can also be a bridged interface requiring dhcp.
See e.g. https://nixos.org/repos/nix/configurations/trunk/tud/stan.nix

  So we need a better solution for this...

svn path=/nixos/trunk/; revision=33957
2012-04-30 17:46:11 +00:00
Eelco Dolstra 03f2847054 * Set preferLocalBuild on a few trivial top-level derivations. These
tend to cause a lot of unnecessary I/O to the build machines.

svn path=/nixos/trunk/; revision=33936
2012-04-26 15:19:23 +00:00
Eelco Dolstra 836fa3b6ae * Fix missing semicolon.
svn path=/nixos/trunk/; revision=33933
2012-04-26 14:53:58 +00:00
Eelco Dolstra 4d07f159a1 * Create /nix/var/nix/profiles/per-user with the right permissions.
Fixes NixOS/149.

svn path=/nixos/trunk/; revision=33929
2012-04-26 13:16:58 +00:00
Peter Simons 8b841505ff modules/services/networking/{dhclient,dhcpcd}.nix: ignore virtual veth* devices created by LXC/cgroups
svn path=/nixos/trunk/; revision=33928
2012-04-26 12:31:33 +00:00
Peter Simons 8c93993e1b modules/system/boot/luksroot.nix: fixed the descriptions of the options defined in this module
svn path=/nixos/trunk/; revision=33927
2012-04-26 12:21:45 +00:00
Peter Simons 86ba0c52b3 modules/services/networking/ssh/sshd.nix: stripped trailing whitespace
svn path=/nixos/trunk/; revision=33926
2012-04-26 08:13:24 +00:00
Peter Simons ee2fcb645b modules/services/networking/ssh/sshd.nix: don't write debug output to /tmp/log
svn path=/nixos/trunk/; revision=33925
2012-04-26 08:13:21 +00:00
Eelco Dolstra e6fd0fa893 * Cleanup.
svn path=/nixos/trunk/; revision=33921
2012-04-25 15:44:47 +00:00
Eelco Dolstra 43215ff80f * In the implementation of the ‘authorizedKeys’, don't delete all
lines below a certain marker.  This is undesirable because commands
  like "ssh-copy-id" add keys to the end of the file.  Instead mark
  all automatically added lines individually.

svn path=/nixos/trunk/; revision=33918
2012-04-25 14:14:20 +00:00
Ludovic Courtès a98ad26fea GNU: Comment `fdisk' out.
svn path=/nixos/trunk/; revision=33907
2012-04-24 12:54:42 +00:00
Eelco Dolstra ac4a059f8a * Put old NixOS configurations in a GRUB submenu. Contributed by
Andreas Källberg.

svn path=/nixos/trunk/; revision=33891
2012-04-23 15:47:03 +00:00
Eelco Dolstra 6c1bb54483 * In the installation CD, make the NixOS/Nixpkgs available as if they
were obtained from the NixOS channel.  "nixos-install" copies this
  to the installed system as well.
* In the installation CD, set GC_INITIAL_HEAP_SIZE to a low value for
  the benefit of memory-constrained environments.

svn path=/nixos/trunk/; revision=33887
2012-04-23 00:41:37 +00:00
Eelco Dolstra 72990dae37 * Add some missing GRUB modules.
svn path=/nixos/trunk/; revision=33886
2012-04-23 00:30:48 +00:00
Eelco Dolstra 9195b1125f * Include the version number in the mingetty greeting line.
svn path=/nixos/trunk/; revision=33884
2012-04-22 23:35:34 +00:00
Eelco Dolstra f1a99bd914 * Subscribe the root user to the NixOS channel by default.
svn path=/nixos/trunk/; revision=33883
2012-04-22 22:43:57 +00:00
Eelco Dolstra d96f330fcf * Slight simplification.
svn path=/nixos/trunk/; revision=33877
2012-04-22 16:28:08 +00:00
Eelco Dolstra d587329615 * Turn users.extraGroups into an attribute set (using types.loaOf).
Also the gid is looked up in ids.gids if not specified.

svn path=/nixos/trunk/; revision=33860
2012-04-20 12:55:09 +00:00
Eelco Dolstra 235ea24ec4 * Remove unused option "user". Not clear what it was supposed to do.
svn path=/nixos/trunk/; revision=33857
2012-04-20 12:22:08 +00:00
Eelco Dolstra fa50d105d7 * Pass -cpu kvm64 in NixOS VMs (and add a simple regression test for
GMP).

svn path=/nixos/trunk/; revision=33849
2012-04-19 18:56:35 +00:00
Eelco Dolstra 43f43fd185 * Only stop libvirt-guests automatically on system shutdown.
Saving/restoring VMs is disruptive.

svn path=/nixos/trunk/; revision=33844
2012-04-19 15:12:55 +00:00
Arie Middelkoop 0cb5673400 Some additional synaptics settings.
svn path=/nixos/trunk/; revision=33837
2012-04-19 08:29:22 +00:00
Arie Middelkoop 298e0e1829 Some additional xinetd settings.
svn path=/nixos/trunk/; revision=33836
2012-04-19 08:28:54 +00:00
Eelco Dolstra f8e36664a6 * Subtle: since nix-env processes flags in order, any ‘-I’ flag should
come before ‘-f <nixos>’.

svn path=/nixos/trunk/; revision=33831
2012-04-18 15:01:42 +00:00
Eelco Dolstra cb74284b75 * Handle the case where there is no GRUB 1 splash image.
svn path=/nixos/trunk/; revision=33830
2012-04-18 14:28:30 +00:00