philipp/nixpkgs
1
0
Fork 0
Code Issues Pull requests Projects Releases Activity
%!d() commits 3 branches 0 tags 1.4 GiB
Commit graph

187 commits

Author SHA1 Message Date
Eelco Dolstra
f5844f98ac mediawiki: Update to 1.20.8 
CVE-2013-4567, CVE-2013-4568
 2013-12-20 14:46:57 +01:00
Vladimír Čunát
4c5a71f777 Merge master into x-updates 
Conflicts:
	pkgs/desktops/gnome-2/desktop/gvfs/default.nix
	pkgs/development/libraries/cogl/default.nix
	pkgs/development/libraries/libsoup/2.44.nix
 2013-12-18 23:21:29 +01:00
Michael Raskin
bdd1fea87b Merge pull request #1373 from offlinehacker/nixos/memcached/user_fix 
memcached: set uid to make it work with #1076
 2013-12-14 22:55:00 -08:00
Michael Raskin
654627fe4c Merge pull request #1362 from tomberek/ddclient_correction 
Correct web-skip value to match behavior of checkip.dyndns.com
 2013-12-14 22:51:44 -08:00
Michael Raskin
152f7666af Merge pull request #1340 from bjornfor/ntopng 
Add ntopng package and nixos service module
 2013-12-14 22:46:49 -08:00
David Virgilio
2f69aaf721 add herbstluftwm enable option 2013-12-14 14:45:33 +01:00
Jaka Hudoklin
24e2ef5126 memcached: set uid to make it work with #1076 2013-12-13 10:09:08 +01:00
Thomas Bereknyei
6129be5a7a Correct web-skip value to match behavior of checkip.dyndns.com 2013-12-11 23:22:43 -05:00
Eelco Dolstra
14018c2de1 fail2ban: Fix preStart action 
Creating /run/fail2ban didn't work since it didn't have write
permission to /run.  Now it does.

Reported by Thomas Bereknyei.
 2013-12-11 21:16:58 +01:00
Bjørn Forsman
9474fbae65 nixos: add ntopng service 
ntopng is a high-speed web-based traffic analysis and flow collection
tool. Enable it by adding this to configuration.nix:

  services.ntopng.enable = true;

Open a browser at http://localhost:3000 and login with the default
username/password: admin/admin.
 2013-12-09 21:35:01 +01:00
Vladimír Čunát
6690c97569 Merge branch 'master' into x-updates 
Conflicts (just different styles, same semantics):
	pkgs/development/libraries/libusb1/default.nix
 2013-12-07 14:17:16 +01:00
Bjørn Forsman
ca26e75a73 nixos/avahi-service: small documentation update 2013-12-07 12:03:50 +01:00
Eelco Dolstra
7809134e29 postgresql: Fix shutdown 
Postgres was taking a long time to shutdown.  This is because we were
sending SIGINT to all processes, apparently confusing the autovacuum
launcher.  Instead it should only be sent to the main process (which
takes care of shutting down the others).

The downside is that systemd will also send the final SIGKILL only to
the main process, so other processes in the cgroup may be left behind.
There should be an option for this...
 2013-12-03 12:04:20 -05:00
Vladimír Čunát
d09b722f77 Merge master into x-updates 2013-12-02 21:41:16 +01:00
Eelco Dolstra
2cb492a847 cups: Allow users in the wheel group to do admin actions 2013-12-01 17:30:12 -05:00
Domen Kožar
4da388351a Merge pull request #1292 from jozko/openldap-fixes 
Added openldap user, group and configure service so its not running as root
 2013-11-28 13:40:11 -08:00
Jozko Skrablin
cb691265b6 Added openldap user, group and configure service so its not running as root. 2013-11-28 22:21:50 +01:00
Eelco Dolstra
9ee30cd9b5 Add support for lightweight NixOS containers 
You can now say:

  systemd.containers.foo.config =
    { services.openssh.enable = true;
      services.openssh.ports = [ 2022 ];
      users.extraUsers.root.openssh.authorizedKeys.keys = [ "ssh-dss ..." ];
    };

which defines a NixOS instance with the given configuration running
inside a lightweight container.

You can also manage the configuration of the container independently
from the host:

  systemd.containers.foo.path = "/nix/var/nix/profiles/containers/foo";

where "path" is a NixOS system profile.  It can be created/updated by
doing:

  $ nix-env --set -p /nix/var/nix/profiles/containers/foo \
      -f '<nixos>' -A system -I nixos-config=foo.nix

The container configuration (foo.nix) should define

  boot.isContainer = true;

to optimise away the building of a kernel and initrd.  This is done
automatically when using the "config" route.

On the host, a lightweight container appears as the service
"container-<name>.service".  The container is like a regular NixOS
(virtual) machine, except that it doesn't have its own kernel.  It has
its own root file system (by default /var/lib/containers/<name>), but
shares the Nix store of the host (as a read-only bind mount).  It also
has access to the network devices of the host.

Currently, if the configuration of the container changes, running
"nixos-rebuild switch" on the host will cause the container to be
rebooted.  In the future we may want to send some message to the
container so that it can activate the new container configuration
without rebooting.

Containers are not perfectly isolated yet.  In particular, the host's
/sys/fs/cgroup is mounted (writable!) in the guest.
 2013-11-27 17:14:10 +01:00
Eelco Dolstra
57f145a7f8 When setting $NIX_REMOTE, check whether /nix/var/nix/db is writable 
In NixOS containers, root doesn't have write permission to
/nix/var/nix/db, so it has to use the daemon.
 2013-11-27 17:09:17 +01:00
Eelco Dolstra
c6529ac9eb postgresql: Fix the port option 
Also clarify the description of the enableTCPIP option.
 2013-11-27 17:09:17 +01:00
Eelco Dolstra
2b1f212494 Disable various services when running inside a container 2013-11-26 18:19:45 +01:00
Vladimír Čunát
b5fba47147 Merge branch master into x-updates 
Conflicts (not used, deleted):
	pkgs/desktops/xfce/common.nix
 2013-11-23 10:22:26 +01:00
Rob Vermaas
a383fe887f Make dd-agent services restart when killed. 2013-11-22 15:23:45 +01:00
William A. Kennington III
f48af13c5a Add a nix module for AMD Hybrid Graphics 2013-11-20 11:27:28 -06:00
Vladimír Čunát
c33c2e68e4 xfce4notifyd: minor update, add to the default installation 2013-11-18 21:08:25 +01:00
Eelco Dolstra
886b9e27a6 httpd.nix: Support non-root operation 2013-11-18 18:04:17 +01:00
Eelco Dolstra
2b0aea1793 Allow running NixOS services outside of systemd 
The attribute ‘config.systemd.services.<service-name>.runner’
generates a script that runs the service outside of systemd.  This is
useful for testing, and also allows NixOS services to be used outside
of NixOS.  For instance, given a configuration file foo.nix:

  { config, pkgs, ... }:

  { services.postgresql.enable = true;
    services.postgresql.package = pkgs.postgresql92;
    services.postgresql.dataDir = "/tmp/postgres";
  }

you can build and run PostgreSQL as follows:

  $ nix-build -A config.systemd.services.postgresql.runner -I nixos-config=./foo.nix
  $ ./result

This will run the service's ExecStartPre, ExecStart, ExecStartPost and
ExecStopPost commands in an appropriate environment.  It doesn't work
well yet for "forking" services, since it can't track the main
process.  It also doesn't work for services that assume they're always
executed by root.
 2013-11-18 18:04:17 +01:00
Sergey Mironov
d8b0c942a1 xfce: enable tumbler the thumbnail manager (close #1206) 2013-11-16 16:58:08 +01:00
Eelco Dolstra
e815e4026a mediawiki: Update to 1.20.7 2013-11-13 17:33:58 +01:00
Rickard Nilsson
26d7598d46 networkmanager NixOS service: Make it possible to append or insert name servers in /etc/resolv.conf 2013-11-13 01:52:57 +01:00
Eelco Dolstra
785eaf2cea Add some primops to lib 2013-11-12 13:48:30 +01:00
Alex Berg
da654ed9a0 Check empty stringfor globalRedirect. It breaks RedirectPermanent. 2013-11-11 15:18:46 +08:00
Alex Berg
df5f491893 Add HTTPD SSH assertion to check null cert/key. 2013-11-11 12:08:36 +08:00
Bjørn Forsman
dc352536a8 nixos: capitalize a bunch of service descriptions 
(systemd service descriptions that is, not service descriptions in "man
configuration.nix".)

Capitalizing each word in the description seems to be the accepted
standard.

Also shorten these descriptions:
 * "Munin node, the agent process" => "Munin Node"
 * "Planet Venus, an awesome ‘river of news’ feed reader" => "Planet Venus Feed Reader"
 2013-11-09 20:45:50 +01:00
Vladimír Čunát
619a1f5614 changes proposed for 13-10 update 
One feature change: polkit update 8d14c7ba
 2013-11-09 18:41:42 +01:00
Jaka Hudoklin
673fc81337 nixos/graphite: fix storage dir for carbon 2013-11-09 17:36:05 +01:00
Vladimír Čunát
8d14c7baa6 polkit: major update 0.105 -> 0.112 
- It now uses JavaScript for configuration (only),
  so I had to "convert" config for NetworkManager.
- I tested suspend/restart/(un)mount on KDE/Xfce,
  Phreedom tested NetworkManager config conversion.
 2013-11-09 16:29:18 +01:00
Domen Kožar
b3ea42462c Merge pull request #1182 from offlinehacker/nixos/mongodb/userfix 
nixos/mongodb: set static uid to work with #1076
 2013-11-08 12:56:00 -08:00
Domen Kožar
a623cc96e3 Merge pull request #1066 from offlinehacker/nixos/logstash/update 
nixos/logstash: update and simplify to be fully compatible with new version
 2013-11-08 11:44:17 -08:00
Eelco Dolstra
065493284f Update the X11 terminal server module for systemd 
Yay, we no longer need inetd!
 2013-11-08 16:39:22 +01:00
Eelco Dolstra
e62e15b2f9 Only run systemd-inhibit for local X11 sessions 2013-11-08 16:39:22 +01:00
Eelco Dolstra
cc65b1015d vsftpd: Disable seccomp filtering on 64-bit 
It worked on Linux 3.4 but fails with "500 OOPS: priv_sock_get_cmd"
since we updated the default kernel to 3.10.

http://hydra.nixos.org/build/6715359

https://bugzilla.redhat.com/show_bug.cgi?id=845980
https://bugzilla.novell.com/show_bug.cgi?id=786024
 2013-11-07 16:38:57 +01:00
Eelco Dolstra
000962c3fb vsftpd: Run in the background and log to syslog (i.e. journal) 2013-11-07 16:38:57 +01:00
Eelco Dolstra
10e31f6de7 Clean up the vsftpd module a bit 2013-11-07 16:38:57 +01:00
Domen Kožar
a46c71857d Merge pull request #1172 from zefhemel/patch-1 
Removed unnecessary mkIf in elasticserach
 2013-11-07 03:11:11 -08:00
Michael Raskin
e8b347e6ae Merge pull request #1167 from grwlf/serverflags 
Add serverFlagsSection option to the xserver config
 2013-11-07 03:00:37 -08:00
Michael Raskin
f8ddc0cbd4 Merge pull request #1099 from offlinehacker/nixos/nginx/package_change_support 
nixos/nginx: allow to specify which package to use
 2013-11-07 02:59:09 -08:00
Michael Raskin
0cfc45c3b9 Merge pull request #1164 from kirelagin/master 
Make touchpad button mapping configurable
 2013-11-07 02:49:44 -08:00
Jaka Hudoklin
50a2f3fdce nixos/mongodb: set static uid to work with #1076 2013-11-07 11:25:14 +01:00
Sander van der Burg
d31b328d0a Updated Disnix service definition to support new development version and mongo databases 2013-11-07 10:54:53 +01:00
Alex Berg
0427e7fbf2 Check for SSL Cert value before building with SSL support. 2013-11-06 11:20:14 +08:00
Zef Hemel
8063382867 Removed unnecessary mkIf 
The whole block is already wrapped in cfg.enable and this breaks some things.
 2013-11-05 08:52:23 +01:00
Eelco Dolstra
d9c13a73c2 gurobi: Remove 
It's proprietary, non-redistributable software.
 2013-11-05 00:07:24 +01:00
Domen Kožar
a734f32fa1 Remove desktopManager.gnome 
Gnome doesn't work at least since I started using NixOS half a year
ago, let's not give wrong impressions to newcomers. Packaging gnome3
is still something on horizon.
 2013-11-04 18:12:38 +01:00
Sergey Mironov
99914f8581 Add serverFlagsSection parameter to the xserver config 2013-11-04 18:54:13 +04:00
Moritz Ulrich
882c2b7278
fcron: Fix error when cron.mailto is null. 
Signed-off-by: Moritz Ulrich <moritz@tarn-vedra.de>
 2013-11-04 11:07:11 +00:00
Kirill Elagin
fce38e454b Make touchpad button mapping configurable 2013-11-03 13:00:49 +04:00
Jaka Hudoklin
1453be4740 nixos/logstash: add option examples 2013-11-01 17:15:54 +01:00
Jaka Hudoklin
10e61f53d8 nixos/logstash: update and simplify to be fully compatible with new version 2013-11-01 17:15:53 +01:00
Eelco Dolstra
9ef07d859b Include the NixOS version in the manual 
In particular, this will make it clear what version of the manual is
shown at http://nixos.org/nixos/manual/.
 2013-11-01 16:47:29 +01:00
Eelco Dolstra
444a4fb793 Loosen the type of SSH key files 2013-11-01 00:34:31 +01:00
Eelco Dolstra
c1159edc65 Remove remaining references to Upstart 2013-10-31 13:26:06 +01:00
Eelco Dolstra
456d8ec52b Clean up Synergy option descriptions a bit 2013-10-31 13:18:00 +01:00
Eelco Dolstra
244cf195c8 Use the "assertions" option instead of mkAssert 2013-10-30 18:47:44 +01:00
Eelco Dolstra
7d5152964c Drop environment.x11Packages 
It doesn't do anything useful compared to environment.systemPackages.
 2013-10-30 18:47:43 +01:00
Eelco Dolstra
408b8b5725 Add lots of missing option types 2013-10-30 18:47:43 +01:00
Eelco Dolstra
be5d3a59dd Clean up some option examples 2013-10-30 18:47:43 +01:00
Eelco Dolstra
70a2c54527 Strictly check the arguments to mkOption 
And fix various instances of bad arguments.
 2013-10-30 15:35:09 +01:00
Eelco Dolstra
db2a9afb75 Remove obsolete xfceutils attribute 2013-10-30 15:35:09 +01:00
Eelco Dolstra
e3e3666e24 smartd.nix: Fix broken option type 2013-10-30 14:57:43 +01:00
Eelco Dolstra
862e3dd977 Substitute "types.uniq types.string" -> "types.str" 2013-10-30 14:57:42 +01:00
Eelco Dolstra
1d104c792b Remove the dhclient module 
It's no longer used by NixOS (replaced by dhcpcd).
 2013-10-29 17:39:32 +01:00
Eelco Dolstra
0695b68c8c Manual: Render multi-line strings properly 2013-10-29 17:39:31 +01:00
Rok Garbas
562b453b93 nixos: haproxy module 2013-10-29 15:55:25 +01:00
Eelco Dolstra
985f1f2d8a Give types to the Apache httpd options 2013-10-29 14:03:39 +01:00
Eelco Dolstra
f0b7b0af12 wpa_supplicant.nix: Add option types 2013-10-29 13:14:30 +01:00
Rok Garbas
38df1d24c4 nixos: zope2 service: adding clientHome option 2013-10-29 12:53:08 +01:00
Eelco Dolstra
98ae32286f Fix evaluation error in the tomcat test 2013-10-29 01:26:51 +01:00
Eelco Dolstra
738a6c173a Don't copy Nix expressions to the store while processing Apache subservices 2013-10-29 01:20:33 +01:00
Eelco Dolstra
c9dad37f01 Remove obsolete function addDefaultOptionValues 2013-10-28 22:45:58 +01:00
Eelco Dolstra
f8a9eb9f00 Implement services.httpd.virtualHosts using the module system 2013-10-28 22:45:58 +01:00
Eelco Dolstra
30a36f9a80 Remove remaining uses of mkOverrideTemplate 2013-10-28 22:45:58 +01:00
Eelco Dolstra
259f7a93b1 Rename environment.nix -> nix.package 2013-10-28 22:45:57 +01:00
Eelco Dolstra
d5047faede Remove uses of the "merge" option attribute 
It's redundant because you can (and should) specify an option type, or
an apply function.
 2013-10-28 22:45:56 +01:00
Eelco Dolstra
f4a418761b Check for undeclared options 2013-10-28 22:45:56 +01:00
Eelco Dolstra
a40583e7e4 Fix bogus mkOption types 
Among others, systemd unit options were not being type-checked because
of this.  mkOption should really check its arguments better...
 2013-10-28 22:45:56 +01:00
Eelco Dolstra
89bd18b3af Fix manual generation 2013-10-28 22:45:56 +01:00
Eelco Dolstra
7cf0e0bda8 Manual: Fix bad \" characters 2013-10-28 22:45:56 +01:00
Eelco Dolstra
4b1a9dd00b Remove uses of mkFixStrictness 
mkFixStrictness is no longer needed, woohoo!
 2013-10-28 22:45:55 +01:00
Eelco Dolstra
2cc37c17d9 openvpn.nix: Improve types 2013-10-28 22:45:55 +01:00
Eelco Dolstra
41c8f9598e Remove dead code 2013-10-28 22:45:54 +01:00
Jaka Hudoklin
d28a9619a1 nixos/redis: log to syslog by default 2013-10-28 18:18:24 +01:00
Jaka Hudoklin
b20c08d2cb nixos/redis: user set uid, make it compatible #1076 2013-10-28 18:18:13 +01:00
Jaka Hudoklin
c1ad189295 nixos/graphite: limit amount of log message defaults 2013-10-28 17:09:53 +01:00
Jaka Hudoklin
0229f45cf3 nixos/graphite: graphite requires pidfile set for startup 2013-10-28 17:08:33 +01:00
Michael Raskin
3022fff7db Adding Quantum Minigolf game 2013-10-28 00:09:46 +04:00
Eelco Dolstra
f79a7359b0 firebird.nix: Fix a misplaced } that causes "users" to be outside "config" 2013-10-25 15:52:52 +02:00
Eelco Dolstra
20150b1cee Ensure that the manual job gets build with the right revision info 2013-10-24 19:58:34 +02:00
Eelco Dolstra
d49f141a79 Manual: When building from the channel, link to the exact Git revision 2013-10-24 02:03:10 +02:00
Eelco Dolstra
a3777ba4f9 Remove dependencies on the Nixpkgs location 2013-10-23 20:08:23 +02:00