Commit graph

7400 commits

Author SHA1 Message Date
rnhmjoj 182830f542
nixos/magnetico: init service 2019-08-28 14:19:24 +02:00
volth 08f68313a4 treewide: remove redundant rec 2019-08-28 11:07:32 +00:00
Linus Heckemann 5e2f89bbce
Merge pull request #67394 from Ma27/drop-keys.target-dependency
nixos/treewide: drop dependencies to `keys.target`
2019-08-28 12:01:22 +02:00
Frederik Rietdijk 5061fe0c2c Merge staging-next into staging 2019-08-28 08:26:42 +02:00
worldofpeace 27a4afefbe
Merge pull request #66859 from worldofpeace/xfce4-14-module
nixos/xfce4-14: init
2019-08-27 22:37:03 -04:00
Peter Hoeg 33bf2acc5e nixos/darkhttpd: fix package reference 2019-08-28 09:04:58 +08:00
Eelco Dolstra 35c1c170d7 nix.conf: Set sandbox-fallback = false
For security, we don't want the sandbox to be disabled silently.
2019-08-27 21:17:20 +02:00
worldofpeace 156f335161
Merge pull request #67549 from worldofpeace/gnome-control-center/fix-sharing
Fix sharing in gnome-control-center
2019-08-27 14:28:15 -04:00
Maximilian Bosch 56a7bc05e1
nixos/treewide: drop dependencies to keys.target
The `keys.target` is used to indicate whether all NixOps keys were
successfully uploaded on an unattended reboot. However this can cause
startup issues e.g. with NixOS containers (see #67265) and can block
boots even though this might not be needed (e.g. with a dovecot2
instance running that doesn't need any of the NixOps keys).

As described in the NixOps manual[1], dependencies to keys should be
defined like this now:

``` nix
{
  systemd.services.myservice = {
    after = [ "secret-key.service" ];
    wants = [ "secret-key.service" ];
  };
}
```

However I'd leave the issue open until it's discussed whether or not to
keep `keys.target` in `nixpkgs`.

[1] https://nixos.org/nixops/manual/#idm140737322342384
2019-08-27 18:55:55 +02:00
Marek Mahut b40ee82685
Merge pull request #67556 from mmahut/matomo
nixos/matomo: fixing the configuration path
2019-08-27 16:13:34 +02:00
rnhmjoj 05ddde928d
nixos/dnschain: disable DNSSEC for namecoin TLDs 2019-08-27 14:42:06 +02:00
Silvan Mosberger 210756a450
nixos/pdns-recursor: implement a settings option (#67251)
nixos/pdns-recursor: implement a `settings` option
2019-08-27 14:34:32 +02:00
Marek Mahut 3a9d17ef04 nixos/matomo: fixing the configuration path 2019-08-27 11:44:34 +02:00
worldofpeace 8a24bc2e08 nixos/gnome-user-share: cleanup
* No sessionPath!

* add to systemd.packages
  This is for the gnome-user-share-webdav.service.

* Update option description
2019-08-27 03:07:57 -04:00
Aaron Andersen 87fdc06a97
Merge pull request #63634 from aanderse/moodle
moodle: init at 3.7.1
2019-08-26 21:12:44 -04:00
volth 35d68ef143 treewide: remove redundant quotes 2019-08-26 21:40:19 +00:00
rnhmjoj 0e0a533d9a
nixos/pdns-recursor: add luaConfig option 2019-08-26 17:46:04 +02:00
rnhmjoj 92d956267a
nixos/pdns-recursor: implement a settings option 2019-08-26 17:46:03 +02:00
Peter Hoeg c876affce0 nixos darkhttpd: module to enable darkhttpd 2019-08-26 19:57:49 +08:00
worldofpeace 450a180542
Merge pull request #67466 from worldofpeace/gnome3-defaults-cleanup
nixos/gnome3: split up
2019-08-26 05:56:38 -04:00
worldofpeace 70e506cf7c nixos/gnome3: split out gnome-flashback 2019-08-26 05:36:11 -04:00
worldofpeace fca8d35531 nixos/gnome3: split up
This introduces the following options under the services.gnome3 namespace:

* core-os-services.enable
* core-shell.enable
* core-utilities.enable
* games.enable

The first three are all default enabled by gnome3.enable
and their purpose is to make gnome3 more flexable for users
usecases. In the case of core-utilities and games, it allows
users to easily switch on the default gnome3 applications
and games packages. Previously we had lists in gnome-3/default.nix
but they weren't visible to the user. By having options we have
generated documentation and an interface.
2019-08-26 05:19:05 -04:00
Peter Hoeg f729a79eae
Merge pull request #62974 from peterhoeg/f/zmtrigger
zoneminder: add perlPackages.DeviceSerialPort for zmtrigger.pl
2019-08-26 14:47:32 +08:00
Peter Hoeg 574ec28ef1 nixos/zoneminder: open telnet port for remote admin 2019-08-26 14:47:00 +08:00
worldofpeace ae3fc3a688 nixos/pantheon: fix launching nm-applet components
For some reason nm-applet has to be running for an authentication
dialog to be spawned by wingpanel-indicator-network.

This also fixes storing NetworkManager secrets in the keyring, but this
is still broken because we lack the proper PAM configuration.
2019-08-25 22:23:54 -04:00
Marek Mahut 81fe072a8f nixos/unifi: restarting on failure (#67456) 2019-08-25 18:22:03 -06:00
Marek Mahut 18dfe1a3f5
Merge pull request #67449 from mmahut/jormungandr
nixos/jormungandr: adding genesis tests
2019-08-25 19:54:03 +02:00
Marek Mahut 4ca0df1539
Merge pull request #67444 from dasJ/fix-memcached-privateusers
nixos/memcached: Remove PrivateUsers
2019-08-25 19:18:26 +02:00
Marek Mahut f6ced211e6 nixos/jormungandr: changing the port to match upstream 2019-08-25 18:33:13 +02:00
Aaron Andersen 5b8c2295b0
Merge pull request #67393 from c0deaddict/feature/transmission-user-configurable
nixos/transmission: make user configurable
2019-08-25 10:47:40 -04:00
Janne Heß cabab90ad2 nixos/memcached: Remove PrivateUsers
Seems to break systems using the hardened profile.
Ref #62936
cc @Izorkin
2019-08-25 16:34:06 +02:00
Marek Mahut 9ffc980ef7
Merge pull request #67391 from avnik/drop-rmilter
rmilter: remove deprecated package (and module)
2019-08-25 14:24:06 +02:00
Aaron Andersen 3bd03d2c0a nixos/moodle: init service 2019-08-25 08:12:28 -04:00
Jos van Bakel c3e93d5ad4
nixos/transmission: make user configurable 2019-08-25 13:19:48 +02:00
Daniel Schaefer b4044a3f2a networkmanager: Allow NetworkManager and wireless together
When NetworkManager is configured to not manage all interfaces, it's
perfectly fine to have the rest be managed by the standard nixos
wireless scripts.

I use
  networking.networkmanager.unmanaged = [
    "*" "except:type:wwan" "except:type:gsm"
  ];
to control everything using networking.wireless except for the mobile
LTE modem which only works with NetworkManager.
2019-08-25 12:00:31 +02:00
worldofpeace e075227b00
Merge pull request #67407 from jtojnar/gnome-bg
nixos/gnome3: fix default background setting
2019-08-24 18:33:41 -04:00
Jan Tojnar 305cb5c6f3
nixos/gnome3: fix default background setting
Fix the following error when opening Background panel in GNOME Settings:

    URI '/nix/store/…-simple-dark-gray-2016-02-19/share/artwork/gnome/nix-wallpaper-simple-dark-gray.png' is invalid
2019-08-24 22:10:01 +02:00
Jan Tojnar edcecfee00
Merge pull request #67358 from jtojnar/ofono-progress
nixos/ofono: various improvements
2019-08-24 21:37:42 +02:00
worldofpeace 53a7d67344 nixos/doc: document share/dbus-1/*.d 2019-08-24 15:07:44 -04:00
Alexander V. Nikolaev 885511cb5c rmilter: remove deprecated package (and module) 2019-08-24 17:33:48 +03:00
Aaron Andersen 825d023c8a
Merge pull request #65706 from aanderse/phpfpm
nixos/phpfpm: module cleanup
2019-08-24 08:25:24 -04:00
Jan Tojnar 5db762126c
nixos/ofono: allow adding 3rd party plug-ins 2019-08-23 19:50:53 +02:00
Jan Tojnar f66613b3b6
nixos/ofono: add module 2019-08-23 19:50:53 +02:00
Jan Tojnar a8d3aebdce
Merge pull request #67318 from jtojnar/gnome-photos
gnome-photos: 3.32.0 → 3.32.1
2019-08-23 19:49:43 +02:00
Sarah Brofeldt 3a64303a20
Merge pull request #63539 from ivan/usbguard-nox
usbguard-nox: init at 0.7.4
2019-08-23 16:25:13 +02:00
Aaron Andersen 400c6aac71 nixos/phpfpm: deprecate extraConfig options in favor of settings options 2019-08-23 07:56:27 -04:00
Aaron Andersen d2db3a338c nixos/phpfpm: Use systemd's RuntimeDirectory 2019-08-23 07:56:27 -04:00
Aaron Andersen a30a1e2795 nixos/phpfpm: add user and group option to each pool 2019-08-23 07:56:27 -04:00
Aaron Andersen 62b774a700 nixos/phpfpm: add socket option to replace the listen option 2019-08-23 07:56:21 -04:00
Aaron Andersen 2b5f663015 nixos/phpfpm: merge pool-options.nix into default.nix 2019-08-23 07:54:51 -04:00
Aaron Andersen 0ce8317c46 nixos/phpfpm: deprecate poolConfigs option 2019-08-23 07:54:51 -04:00
Marek Mahut 882e5b0e05
Merge pull request #67213 from mmahut/jormungandr
nixos: adding jormungandr service
2019-08-23 11:07:49 +02:00
Jan Tojnar b8ba71d633
tracker-miners: move from gnome3 2019-08-23 02:55:42 +02:00
Jan Tojnar 4919db9cbb
tracker: move from gnome3 2019-08-23 02:53:43 +02:00
Jan Tojnar fac090c8dd
gnome-online-accounts: move from gnome3 2019-08-23 02:47:21 +02:00
Marek Mahut f4ca6e3dd1
Merge pull request #66722 from mmahut/trezord-emulator
trezord: adding emulator support (plus test)
2019-08-22 23:25:18 +02:00
Marek Mahut ddc0521ebf nixos: adding jormungandr service 2019-08-22 07:10:16 +02:00
worldofpeace ae1cb0bdf9 nixos/xfce4-14: init 2019-08-21 21:51:00 -04:00
worldofpeace 1156146e74 nixos/mate: enable vte integration
Default terminal is mate-terminal which uses vte.
2019-08-21 17:20:49 -04:00
worldofpeace 034eb3b3cd nixos/pantheon: enable vte integration
Default terminal is elementary-terminal which uses vte.
2019-08-21 17:20:49 -04:00
worldofpeace 4ba10fbbfd
Merge pull request #66990 from worldofpeace/gnome-vte-config
nixos/gnome-terminal: init
2019-08-21 16:17:05 -04:00
worldofpeace 4a46140d29 nixos/gnome-terminal: init
This module obsoletes services.gnome3.gnome-terminal-server
as that's a confusing option for users, and sounds internal.
It's much simpler to have a gnome-terminal module.
2019-08-21 16:16:04 -04:00
Danylo Hlynskyi 855be67358
nginx: expose generated config and allow nginx reloads (#57429)
* nginx: expose generated config and allow nginx reloads

Fixes: https://github.com/NixOS/nixpkgs/issues/15906
Another try was done, but not yet merged in https://github.com/NixOS/nixpkgs/pull/24476

This add 2 new features: ability to review generated Nginx config
(and NixOS has sophisticated generation!) and reloading
of nginx on config changes. This preserves nginx restart on package
updates.

I've modified nginx test to use this new feature and check reload/restart
behavior.

* rename to enableReload

* add sleep(1) in ETag test (race condition) and rewrite rebuild-switch using `nesting.clone`
2019-08-21 16:52:46 +03:00
Aaron Andersen 249b4ad942
Merge pull request #66492 from aanderse/extra-subservice-cleanup
nixos/httpd: extraSubservices cleanup
2019-08-20 18:55:08 -04:00
Marek Mahut 5dcc65a25b
Merge pull request #67109 from 1000101/master
trezord: add docs
2019-08-20 22:12:16 +02:00
Jan Hrnko 8033c66389 trezord: add docs 2019-08-20 21:09:32 +02:00
worldofpeace f9d58edf07 nixos/pantheon: use qt5 module for adwaita-qt 2019-08-20 12:53:00 -04:00
Silvan Mosberger dc0d945bdf
Merge pull request #66291 from reanimus/roon-no-dynamic
roon-server: disable DynamicUser
2019-08-20 18:12:36 +02:00
worldofpeace 4b90f549ee
Merge pull request #66956 from worldofpeace/cleanup-gvfs-envars
nixos/gvfs: set GIO_EXTRA_MODULES
2019-08-19 19:36:29 -04:00
worldofpeace ffe7999f3d nixos/lxqt: use gvfs module 2019-08-19 19:03:38 -04:00
worldofpeace 5c5791c134 nixos/xfce: use gvfs module 2019-08-19 19:03:37 -04:00
worldofpeace 45eac0537d nixos/mate: don't set GiO_EXTRA_MODULES 2019-08-19 19:03:37 -04:00
worldofpeace a686dc071c nixos/pantheon: don't set GIO_EXTRA_MODULES 2019-08-19 19:03:37 -04:00
worldofpeace 5b09814b57 nixos/gnome3: don't set GIO_EXTRA_MODULES 2019-08-19 19:03:37 -04:00
worldofpeace 4bb6625767 nixos/gvfs: set GIO_EXTRA_MODULES 2019-08-19 19:03:37 -04:00
worldofpeace eb127d2005 nixos/gvfs: add package option 2019-08-19 18:56:41 -04:00
worldofpeace 67ad8a788f nixos/gvfs: move out of GNOME 2019-08-19 18:53:43 -04:00
Marek Mahut 3b6258946f
Merge pull request #64407 from dasJ/icingaweb-test
nixos/icingaweb: Fix module path; Add test
2019-08-19 21:27:16 +02:00
Marek Mahut c4592aa161
Merge pull request #63973 from apvodney/master
u9fs service: start after network.target
2019-08-19 21:11:19 +02:00
Marek Mahut d7b3d2d0fd
Merge pull request #65995 from danderson/master
nixos/sshguard: create ipsets before starting, and clean up after stopping.
2019-08-19 21:05:42 +02:00
Marek Mahut 7c15694c29
Merge pull request #66271 from vdot0x23/patch-1
nixos/stubby: clearer wording for upstreamServers
2019-08-19 20:58:45 +02:00
worldofpeace 9125f51b70
Merge pull request #66860 from worldofpeace/dconf-update
nixos/dconf: cleanup
2019-08-19 11:59:06 -04:00
davidak 6d4c69e640 netdata: enable cgroup accounting 2019-08-19 14:57:41 +02:00
Marek Mahut f0d1db99db
Merge pull request #66857 from nrdxp/fix/caddy
caddy: remove 'bin' attribute
2019-08-19 13:50:14 +02:00
worldofpeace 38c7d55d5d nixos/pantheon: use programs.dconf 2019-08-18 21:56:52 -04:00
worldofpeace a7b5d6142f nixos/gnome3: use programs.dconf 2019-08-18 21:55:52 -04:00
Timothy DeHerrera 98e6c1432e
caddy: remove 'bin' attribute 2019-08-18 18:46:21 -06:00
Silvan Mosberger 918e1e0925
nixos/cadvisor: allow passing custom arguments (#66855)
nixos/cadvisor: allow passing custom arguments
2019-08-19 02:28:38 +02:00
Aaron Andersen 8227b2f29e
Merge pull request #66399 from mmahut/metabase
metabase: service module and test
2019-08-18 19:49:05 -04:00
tilpner 944a3a0dfc
nixos/cadvisor: allow passing custom arguments 2019-08-19 01:32:01 +02:00
Nikolay Amiantov 79ebe562fb shadowsocks service: support dual-stack server
Enable IPv6 by default.
2019-08-18 23:07:51 +03:00
WilliButz 4835f65e95
Merge pull request #66814 from mguentner/synapse_1_3_1
matrix-synapse: 1.2.1 -> 1.3.1
2019-08-18 19:30:14 +02:00
Eric Litak ccf3557015 nixos/cjdns: add extraConfig option (#53502) 2019-08-18 18:47:56 +02:00
Marek Mahut e6fb350cf6
Merge pull request #66606 from DerTim1/riemann-config
nixos/riemann-tools: Add ExtraArgs Config Option
2019-08-18 18:47:19 +02:00
danbst d80cd26ff9 Merge branch 'master' into flip-map-foreach 2019-08-18 18:00:25 +03:00
Danylo Hlynskyi 2b393c8913
elasticsearch: add example on how to use plugins (#55115)
See https://discourse.nixos.org/t/elastic-search-plugins/1997
2019-08-18 17:11:20 +03:00
Florian Klink 36ece762e5
Merge pull request #66621 from flokli/gitlab-12.1.6
gitlab-ce: 12.0.3 -> 12.1.6
2019-08-18 14:08:14 +02:00
Marek Mahut 69089e990e modules: adding metabase service 2019-08-18 13:44:26 +02:00
worldofpeace ce0511e302 nixos/flatpak: add comment about selinux 2019-08-18 04:23:17 -04:00
worldofpeace 1728bc8d22 flatpak: 1.2.4 -> 1.4.2
* Regenerated all patches for 1.4.2 and resolved
  any conflicts.

* fix-test-paths.patch doesn't copy the whole locale archive
  because we have C.UTF8 now.

* nixos/flatpak creates a Flatpak system helper user
  Change introduced in 1.3.2.

Changes:
See https://github.com/flatpak/flatpak/releases/tag/1.3.1 through
1.4.2.
2019-08-18 04:23:17 -04:00
Maximilian Güntner dac8fe9cee
nixos/matrix-synapse: use notify instead of simple
Starting with 1.3.0, matrix-synapse supports notifying
systemd. Relevant PR: matrix-org/synapse#5732
2019-08-18 09:41:33 +02:00
worldofpeace 5892773eb6 nixos/pantheon: adjust to renamed gnome3 options 2019-08-17 16:34:55 -04:00
Marek Mahut caf9b8cc35
Merge pull request #66591 from aanderse/zabbix-proxy
nixos/zabbixProxy: fix database initialization logic
2019-08-17 20:55:13 +02:00
Symphorien Gibol c3e1e64e4c remove all instances of nix-env -i without -A in the NixOS manual
motivation: https://nixos.wiki/wiki/FAQ/Why_not_use_nix-env_-i_foo%3F
2019-08-17 18:04:43 +02:00
WilliButz ecd4d03dfe
grafana-loki: fix typo in service config 2019-08-17 12:08:51 +02:00
Marek Mahut 5712bea91b trezord: adding emultor support 2019-08-16 16:58:48 +02:00
Aaron Andersen efbdce2e96 nixos/mantisbt: drop unmaintained module 2019-08-15 21:01:23 -04:00
Aaron Andersen 265163da07 nixos/systemhealth: drop unmaintained module 2019-08-15 21:01:23 -04:00
Aaron Andersen ac4327c025 nixos/awstats: replace usage of deprecated services.httpd.extraSubservices 2019-08-15 21:00:27 -04:00
aszlig dc525e8b12
Merge pull request #66648 (improve xkbvalidate)
This allows xkbvalidate to be compiled via Clang and also has a few
other portability improvements, eg. it now can even be compiled on OS X,
even though it's probably not needed there.

In addition, I changed the binary name so that it matches the package
name.

I'm merging this in right now, because there is only the xserver NixOS
module where this is used, so the risk of a catastrophic breakage is
very low.

Checks and build done by ofborg also ran successfully and I also did a
few local tests (eg. running via valgrind to avoid leaks) to make sure
it's still working properly.
2019-08-15 01:32:09 +02:00
aszlig 16ecd0d5ca
xkbvalidate: Rename output binary to xkbvalidate
So far, the output binary has been just "validate", which is quite a
very generic name and doesn't match the package name.

Even though I highly doubt that this program will ever be used outside
of NixOS modules, it's nevertheless less confusing to have a consistent
naming.

Signed-off-by: aszlig <aszlig@nix.build>
2019-08-15 01:11:32 +02:00
worldofpeace bc0072305b
Merge pull request #66638 from worldofpeace/favorite-apps-gnome3
nixos/gnome3: set favorite-apps
2019-08-14 17:12:48 -04:00
worldofpeace 83c0b5f06f nixos/gnome3: set favorite-apps
The upstream defaults [0] for this key include shotwell and
rhythmbox which aren't installed by the gnome3 module.
We swap these out for gnome-photos and gnome-music
which are.

[0]: https://gitlab.gnome.org/GNOME/gnome-shell/blob/3.32.2/data/org.gnome.shell.gschema.xml.in#L42
2019-08-14 16:55:45 -04:00
Matthew Bauer e9b7085ff8 cups: add myself as maintainer 2019-08-14 11:47:48 -04:00
Matthew Bauer c068488817 nixos/cupsd: use socket-based activation by default
Make socket-based activation the
default (services.printing.startWhenNeeded)
2019-08-14 11:47:12 -04:00
Matthew Bauer 28040465be nixos/cupsd: include /run/cups/cups.sock in ListenStreams
This socket should always be created by systemd.
2019-08-14 11:47:12 -04:00
Matthew Bauer 35e633bde5 nixos/cupsd: only enable cups when startWhenNeeded = false
cups-browsed was pulling in cups.service even when we were using the
socket-based initialization.
2019-08-14 11:47:12 -04:00
Matthew Bauer 04ea093eb6 nixos/cupsd: Set CUPS_DATADIR globally
This is used by some programs that need CUPS data files. For instance,
print-manager looks here for printing test pages.
2019-08-14 11:47:12 -04:00
Matthew Bauer 3411c1566a
Merge pull request #66480 from primeos/nixos-fuse
nixos/fuse: init
2019-08-14 10:16:02 -04:00
Ben Gamari d7d873b8cb nixos/gitlab: Delete stale hooks directories with -R
These can be directories.
2019-08-14 15:29:50 +02:00
WilliButz ddf15d321f
Merge pull request #66612 from fadenb/oxidized_permission_issue
nixos/oxidized: Use symlinks for config files
2019-08-14 11:56:34 +02:00
Tristan Helmich (omniIT) 02dfc07a04 nixos/oxidized: Use symlinks for config files
The old `cp` suffers from a permission issue on the 2nd start of the
service. The files were copied from the read-only nix store. On the 2nd
start of the service the `cp` failed.
The new version force creates a symlink which does not suffer from this.
2019-08-14 09:30:51 +00:00
Tim Digel 5bbde1e1ca nixos/riemann-tools: Add ExtraArgs Config Option
Added option "extraArgs" to forward any switches to riemann-tools.
2019-08-14 08:26:13 +02:00
Aaron Andersen 9af06755f3 nixos/zabbixProxy: fix database initialization logic 2019-08-13 18:50:28 -04:00
Marek Mahut cb8f4b0552
Merge pull request #65439 from aanderse/httpd-extra-modules
nixos/httpd: remove duplicate module entries from httpd.conf
2019-08-13 18:51:15 +02:00
Aaron Andersen 6f6468bef3
Merge pull request #65728 from Infinisil/types-eithers
lib/types: Add oneOf, extension of either to a list of types
2019-08-13 11:48:42 -04:00
Marek Mahut 4754ca7d2e
Merge pull request #62936 from dasJ/sandbox-memcached
nixos/memcached: Isolate the service
2019-08-13 08:56:34 +02:00
Jeff Slight 2ee14c34ed
nixos/gitlab: properly clear out initializers 2019-08-12 12:50:02 -07:00
Franz Pletz f3160a2db6
Merge pull request #66476 from WilliButz/fix-prometheus-alertmanager-option
nixos/prometheus2: replace alertmanagerURL with new alertmanagers option
2019-08-12 17:59:27 +00:00
Maximilian Bosch f0d6955052
Merge pull request #66470 from WilliButz/update-blackbox-exporter
prometheus-blackbox-exporter: 0.12.0 -> 0.14.0, run tests and check config
2019-08-12 19:38:43 +02:00
Silvan Mosberger a7c7bb156f
clight: init (#64309)
clight: init
2019-08-12 18:18:05 +02:00
Graham Christensen 5d807f80c7
Merge pull request #63864 from cransom/datadog-agent-integrations-fix
datadog-agent: fix extraIntegrations
2019-08-12 12:15:48 -04:00
Edmund Wu 7c8ea897be
clight: include module 2019-08-12 11:56:47 -04:00
Edmund Wu c4de0bf492
timezone.nix -> locale.nix
Also includes geolocation information abstracted from redshift.nix
2019-08-12 11:56:40 -04:00
WilliButz c28ded36ef
nixos/prometheus-blackbox-exporter: add config check 2019-08-12 10:53:00 +02:00
WilliButz 543f219b30
nixos/prometheus: replace 'alertmanagerURL' options for prometheus2
Prometheus2 does no longer support the command-line flag to specify
an alertmanager. Instead it now supports both service discovery and
configuration of alertmanagers in the alerting config section.

Simply mapping the previous option to an entry in the new alertmanagers
section is not enough to allow for complete configurations of an
alertmanager.

Therefore the option alertmanagerURL is no longer used and instead
a full alertmanager configuration is expected.
2019-08-12 10:42:28 +02:00
Danylo Hlynskyi 329fa4b01e
Merge pull request #66401 from eadwu/postgresql/fix-quoted-query
nixos/postgresql: fix quoted queries
2019-08-11 22:46:50 +03:00
Notkea 4ff9a48398 nixos/postgresql-wal-receiver: add module (#63799) 2019-08-11 20:09:42 +03:00
Michael Weiss 2473d902e6
nixos/fuse: init
Add a module for /etc/fuse.conf.
Fixes #30923.
2019-08-11 16:13:23 +02:00
Jean Potier 9847967594
Fix typo in assert in grafana module
Current assert prevents using secretKeyFile entirely
2019-08-11 13:21:26 +03:00
worldofpeace 1ce7ece4b2
Merge pull request #66398 from worldofpeace/gnome3-option-renames
Move certain GNOME3 options to programs
2019-08-10 11:17:47 -04:00
worldofpeace be3fe4a869 nixos/gpaste: move to programs 2019-08-10 11:17:18 -04:00
Alex Guzman 9fec6dfa39 roon-server: add back state directory 2019-08-09 22:21:46 -07:00
Silvan Mosberger ce82d0b61a
Couchdb: Don't chown /var/log to couchdb (#65347)
Couchdb: Don't chown /var/log to couchdb
2019-08-10 01:36:15 +02:00
Alex Guzman d830ae9af3 [roon-server] Use non-deprecated string type 2019-08-09 13:02:46 -07:00
Edmund Wu 18d176dc20
nixos/postgresql: fix quoted queries 2019-08-09 15:11:24 -04:00
worldofpeace f12f2bb828 nixos/gnome-documents: move to programs 2019-08-09 12:56:11 -04:00
worldofpeace 6c525b1076 nixos/gnome-disks: move to programs 2019-08-09 12:56:11 -04:00
worldofpeace ff0e3aae35 nixos/file-roller: move to programs 2019-08-09 12:56:11 -04:00
worldofpeace db69d2dfe7 nixos/evince: move to programs 2019-08-09 12:56:11 -04:00
Silvan Mosberger 013d403f30
nixos/dwm-status: add module (#51319)
nixos/dwm-status: add module
2019-08-09 15:39:50 +02:00
Marek Mahut f14628e576
Merge pull request #66341 from Ma27/bump-prometheus-wireguard-exporter
prometheus-wireguard-exporter: 3.0.0 -> 3.0.1
2019-08-09 13:12:06 +02:00
Periklis Tsirakidis 95dec03601 [throttled] Enable custom config 2019-08-09 09:22:38 +02:00
Silvan Mosberger 88bb9fa403
nixos/modules: Replace all nested types.either's with types.oneOf's 2019-08-08 23:35:52 +02:00
Maximilian Bosch 41b9c5f1da
nixos/prometheus-wireguard-exporter: add support for -r switch
With this switch activated, the exporter also exposes the remote IP of
each active WireGuard peer.
2019-08-08 21:54:49 +02:00
Alex Guzman 9f9b458ce3 [roon-server] don't create user if user changes defaults
If the user changes the user for roon, we can assume they handled the setup for it
2019-08-07 13:23:36 -07:00
Alex Guzman 6572b5e4a1 [roon-server] make roon user a system user 2019-08-07 13:12:57 -07:00
Alex Guzman f160233793 roon-server: let nix assign ids 2019-08-07 12:34:52 -07:00
Alex Guzman 62d242d1cd roon-server: Add actual user piping
Adds defined IDs
2019-08-07 12:27:52 -07:00
Alex Guzman 8becc897ea roon-server: disable DynamicUser
DynamicUser currently breaks the backup functionality provided by roon,
as the roon server cannot write to non-canonical directories and the
recycled UIDs/GIDs would make managing permissions for the directory
impossible. On top of that, it would break the ability to manage the
local music library files (as it would not be able to delete them).
2019-08-07 11:57:42 -07:00
Thomas Tuegel 38f3c6afa1
Merge pull request #66226 from xvello/xvello/bluez-qt
Add bluez-qt as an explicit dependency of plasma5
2019-08-07 08:46:02 -05:00
vdot0x23 386f9739b5
nixos/stubby: Clearer wording for upstreamServers
Indicate that upstreamServers actually replaces defaults instead of adding to default.
2019-08-07 12:23:20 +00:00
Danylo Hlynskyi 0730e81785
postgresql: running initdb from command line now works (#65309)
The issue was only with NixOS service, `postgresql` installed through
`nix-env` was not affected.

Fixes https://github.com/NixOS/nixpkgs/issues/23655
2019-08-07 14:17:36 +03:00
worldofpeace a4c6a7b336
Merge pull request #63790 from chpatrick/gdm-autosuspend-option
nixos/gdm: add autoSuspend option
2019-08-06 18:09:20 -04:00
Patrick Chilton 7c854aa974 nixos/gdm: add autoSuspend option 2019-08-06 18:08:21 -04:00
Xavier Vello e383d99244 Add bluez-qt as an explicit dependency of plasma5
When bluetooth is enabled, we install bluedevil, but
its applet cannot work without the qml components in
bluez-qt.

Superseedes #65440 that failed to address the issue.
2019-08-06 21:53:30 +02:00
Franz Pletz 666b291d19
Merge pull request #66073 from WilliButz/fix-unifi
nixos/unifi: create data directory with correct permissions
2019-08-06 16:34:30 +00:00
worldofpeace 7a53b1cbe7
Merge pull request #65860 from etu/surf-display-kiosk-session
Surf display kiosk session
2019-08-05 14:41:56 -04:00
Elis Hirwing 792da0c4d4
nixos/surf-display: Add kiosk display manager session 2019-08-05 17:50:06 +02:00
WilliButz d6a4902662
nixos/unifi: create data directory with correct permissions 2019-08-05 15:09:16 +02:00
Danylo Hlynskyi 7585496eff
Merge branch 'master' into flip-map-foreach 2019-08-05 14:09:28 +03:00
danbst 0f8596ab3f mass replace "flip map -> forEach"
See `forEach`-introduction commit.
```
rg 'flip map ' --files-with-matches | xargs sed -i 's/flip map /forEach /g'
```
2019-08-05 14:03:38 +03:00
danbst 91bb646e98 Revert "mass replace "flip map -> foreach""
This reverts commit 3b0534310c.
2019-08-05 14:01:45 +03:00
worldofpeace d745487c1e nixos/pantheon: use filechooser module
Setting GTK_CSD=1 works around the issue
we were having with this [0]

[0]: https://github.com/elementary/files/issues/971
2019-08-05 05:43:48 -04:00
worldofpeace 399ff42d73 nixos/pantheon: set GTK_CSD
Causes various issues when not set
* https://github.com/elementary/files/issues/971
* https://github.com/elementary/default-settings/pull/103
* https://github.com/cassidyjames/ideogram/issues/26

However this can cause certain problems in gala
* https://github.com/elementary/gala/issues/244
2019-08-05 05:42:35 -04:00
David Anderson 089da1c14d nixos/sshguard: create ipsets before starting, and clean up after stopping.
The fix for #62874 introduced a race condition on startup: the postStart
commands that configure the firewall run concurrently with sshguard's
creation of the ipsets that the rules depend on. Unfortunately iptables
fails hard when referencing an ipset that doesn't exist, so this causes
non-deterministic crashlooping until sshguard wins the race.

This change fixes that race condition by always creating the ipset and
reconfiguring the firewall before starting sshguard, so that the order
of operations is always deterministic.

This change also cleans up the ipsets on sshguard shutdown, so that
removing sshguard from a running system doesn't leave state behind.

Fixes #65985.
2019-08-04 16:23:22 -07:00
bake 9e2a710117 nixos/gitolite: dataDir group-readable 2019-08-04 18:47:02 +09:00
Frederik Rietdijk 27e030a1cc
Merge pull request #62812 from Tomahna/bloop
bloop: 1.2.5 -> 1.3.2
2019-08-04 10:07:16 +02:00
Jörg Thalheim d02ead41f8
Merge pull request #65407 from alunduil/add-zfs-replication
Add zfs replication
2019-08-03 09:14:08 +01:00
Frederik Rietdijk d20a59d2e5 Merge master into staging-next 2019-08-02 23:27:18 +02:00
WilliButz 1ce989cce6
nixos/prometheus-exporters: update documentation 2019-08-02 18:50:01 +02:00
WilliButz 29d765e250
nixos/prometheus-wireguard-exporter: use ExecStart instead of script 2019-08-02 18:50:01 +02:00
WilliButz afd0dc17d6
nixos/prometheus-exporters: use DynamicUser by default
Only define seperate users and groups when necessary.
2019-08-02 18:50:01 +02:00
WilliButz 495222a840
nixos/prometheus-exporter: use separate user for each exporter
Stop using nobody/nogroup by default and use seperate users for each
exporter instead.
2019-08-02 18:49:56 +02:00
WilliButz c221f9fdf2
Merge pull request #65751 from mayflower/pkgs/prometheus-postgres-exporter
prometheus-postgres-exporter: init at 0.5.1
2019-08-02 18:45:32 +02:00
Alex Brandt bdd7b5a3ab nixos/zfs: add autoReplication functionality
This adds a simple configuration for sending snapshots to a remote
system using zfs-replicate that ties into the autoSnapshot settings
already present in services.zfs.autoSnapshot.
2019-08-02 08:04:21 -07:00
Franz Pletz e4c60a1e42
prometheus-postgres-exporter: init at 0.5.1 2019-08-02 15:59:29 +02:00
Frederik Rietdijk 6f723b9bad Merge master into staging-next 2019-08-02 09:18:37 +02:00
Peter Hoeg f2639566b5
Merge pull request #30712 from peterhoeg/f/service
systemd user services shouldn't run as root and other "non-interactive" users
2019-08-02 11:58:27 +08:00
Robin Gloster 443b0f6332
Merge pull request #65566 from rasendubi/syncthing-group-fix
syncthing: create default group if not overridden
2019-08-01 23:17:37 +00:00
Robin Gloster 41dac4bf9f
Merge pull request #65582 from WilliButz/add-mailexporter
prometheus-mail-exporter: init at 2019-07-14, add module and test
2019-08-01 23:14:21 +00:00
Robin Gloster 19c737fd79
Merge pull request #65699 from jslight90/patch-5
nixos/gitlab: fix config initializer permissions
2019-08-01 23:08:39 +00:00
Frederik Rietdijk 55e4555b77 Merge master into staging-next 2019-08-01 09:42:54 +02:00
Colin L Rice d7aa6df31f nix-daemon: Fix builduser count to work when maxJobs is auto 2019-08-01 01:54:28 -04:00
Aaron Andersen a1f738ba87
Merge pull request #62748 from aanderse/mediawiki
nixos/mediawiki: init service to replace httpd subservice
2019-07-31 22:12:23 -04:00
Jeff Slight 7efcbead2c
nixos/gitlab: fix config initializer permissions 2019-07-31 14:55:08 -07:00
worldofpeace ea8fc75160
Merge pull request #64948 from ambrop72/videodrivers-radeon-alias
nixos/xserver: Make radeon in videoDrivers an alias for ati.
2019-07-31 02:13:24 -04:00
WilliButz 5818c73d95
nixos/prometheus-exporters: add mail exporter module 2019-07-30 19:24:26 +02:00
worldofpeace 7f2f31a812
Merge pull request #65449 from worldofpeace/disable-portals
nixos/xdg: disable portals (again, again)
2019-07-29 21:47:51 -04:00
Alexey Shmalko e50539f7b5
syncthing: create default group if not overridden
The following configuration generates a systemd unit that doesn't
start.
```nix
{
  services.syncthing = {
    enable = true;
    user = "my-user";
  };
}
```

It fails with
```
systemd[1]: Started Syncthing service.
systemd[6745]: syncthing.service: Failed to determine group credentials: No such process
systemd[6745]: syncthing.service: Failed at step GROUP spawning /nix/store/n1ydz3i08nqp1ajc50ycy1zribmphqc9-syncthing-1.1.4-bin/bin/syncthing: No such process
systemd[1]: syncthing.service: Main process exited, code=exited, status=216/GROUP
systemd[1]: syncthing.service: Failed with result 'exit-code'.
```

This is due to the fact that `syncthing` group (default) is not
created if the user is overridden.

Add a separate check for setting up the default group, so that
user/group are created independently.
2019-07-29 21:56:12 +03:00
Jörg Thalheim 3b0f0741ea
Merge pull request #65335 from Baughn/wifi-crda
wifi: Include CRDA regulatory database
2019-07-29 07:02:22 +01:00
Svein Ove Aas d28a8cc4af nixos/pantheon: Include CRDA regulatory database 2019-07-28 22:17:19 +01:00
Svein Ove Aas 186dd1ce58 nixos/gnome3: Include CRDA regulatory database 2019-07-28 22:17:10 +01:00
Svein Ove Aas 7ee6226bdd nixos/networkmanager: Include CRDA regulatory database 2019-07-28 22:10:28 +01:00
Svein Ove Aas ac50d8e709 nixos/wpa_supplicant: Include CRDA regulatory database 2019-07-28 22:10:28 +01:00
Bas van Dijk 9ff408a2a4
Merge pull request #60500 from basvandijk/thanos-init
thanos: init at 0.6.0 & NixOS module
2019-07-28 19:14:55 +02:00
edef 9897956d36
Merge pull request #65485 from arcnmx/pr-taskserver-nixos
nixos/taskserver: crl file is optional
2019-07-28 13:02:05 +00:00
Bas van Dijk 0a59be7136 thanos: 0.5.0 -> 0.6.0 2019-07-28 13:28:27 +02:00
Bas van Dijk dc69b3e6ad nixos/thanos: code style: don't use a space before a colon 2019-07-28 13:28:27 +02:00
Bas van Dijk e32e0e6e02 nixos/thanos: assert that prometheus2 is running and has labels set 2019-07-28 13:28:27 +02:00
Bas van Dijk 13da811853 nixos/thanos: allow overriding arguments to the thanos subcommands 2019-07-28 13:28:27 +02:00
Bas van Dijk 2d0243c187 thanos: 0.4.0 -> 0.5.0-rc.0 2019-07-28 13:28:27 +02:00
Bas van Dijk ebc65a5f21 nixos/thanos: add module for the thanos service 2019-07-28 13:28:27 +02:00
Frederik Rietdijk cb3ce5d26d Merge master into staging-next 2019-07-28 12:11:37 +02:00
Frederik Rietdijk cca5ee9c07 Merge staging-next into staging 2019-07-28 09:10:03 +02:00
arcnmx c604b38791 nixos/taskserver: crl file is optional 2019-07-27 15:49:46 -07:00
Ashish SHUKLA d3c2b992d4
sshguard: do not create ipset in post-start
Upstream switched to a different type of ipset table, whereas we
create ipset in post-start which overrides upstream, and renders
sshguard ineffective.

Remove ipset creation from post-start, and let it get automatically
by upstream script (sshg-fw-ipset) as part of startup
2019-07-27 10:59:50 +05:30
worldofpeace 1e4d9e08cd nixos/plasma5: enable xdg.portal 2019-07-26 22:36:32 -04:00
worldofpeace 16c6f169a2 nixos/gnome3: enable xdg.portal 2019-07-26 22:36:14 -04:00
worldofpeace 785158fd64 nixos/flatpak: require xdg.portal to be enabled 2019-07-26 22:35:50 -04:00
Aaron Andersen 1ab91bee65
Merge pull request #65418 from mmahut/proxy_server
nixos/zabbixProxy: server is a mandatory parameter
2019-07-26 18:46:21 -04:00
Aaron Andersen 5596b69771 nixos/httpd: remove duplicate module entries from httpd.conf 2019-07-26 17:51:06 -04:00
Silvan Mosberger d3dfe06c38
nixos/xserver: add option to install custom xkb layouts (#47764)
nixos/xserver: add option to install custom xkb layouts
2019-07-26 20:43:37 +02:00
rnhmjoj 171d5c9200
nixos/xserver: add option to install custom xkb layouts 2019-07-26 18:08:04 +02:00
Marek Mahut 6e762653de module zabbixProxy: server is a mandatory parameter 2019-07-26 16:22:47 +02:00
Orivej Desh 32fbbc6f9b Merge master into staging 2019-07-25 09:23:21 +00:00
Kevin Rauscher 17c2f79e39 bloop: allow specifying extra cli options 2019-07-25 09:28:13 +02:00
Kevin Rauscher d6b6015d34 bloop: get closer to standard bloop packaging 2019-07-24 21:42:40 +02:00
Robin Gloster 5806e71834
Merge pull request #65299 from Ma27/fix-nextcloud-test
nixos/nextcloud: fix inclusion of trusted_domains in override config
2019-07-24 19:28:06 +00:00
Silvan Mosberger 5e974362be
nixos/couchdb: Prevent it from chowning /var/log to couchdb:couchdb
The default for logFile is /var/log/couchdb.log, and the tmpfile rules chown
${dirOf cfg.logFile}, which is just /var/log, to couchdb:couchdb.

This was found by Edes' report on IRC, which looked like

    Detected unsafe path transition /var/log → /var/log/journal during canonicalization of /var/log/journal

While this bug has been present since the initial couchdb module in
62438c09f7 by @garbas, this wasn't a
problem, because the initial module only created and chowned /var/log
if it didn't exist yet, which can't occur because this gets created in
the initial phases of NixOS startup.

However with the recent move from manual preStart chown scripts to
systemd.tmpfiles.rules in 062efe018d (#59389),
this chown is suddenly running unconditionally at every system
activation, therefore triggering the above error.
2019-07-24 20:52:53 +02:00
Thomas Tuegel 3d76d810ed
Merge pull request #65090 from eadwu/compton/7
compton: 6.2 -> 7
2019-07-24 06:41:09 -05:00
Peter Hoeg bede9851a1
Merge pull request #65078 from peterhoeg/f/st
nixos/syncthing: do not use nogroup
2019-07-24 13:22:08 +08:00
Aaron Andersen 455d33f514 nixos/mediawiki: init service to replace httpd subservice 2019-07-23 22:02:33 -04:00
Aaron Andersen 72ef4786e1
Merge pull request #64151 from aanderse/httpd-extraSubservices
nixos/httpd: module cleanup
2019-07-23 21:58:40 -04:00
Florian Klink 101a4be5a7
Add spotifyd package and service (#65092)
Add spotifyd package and service
2019-07-24 00:54:24 +02:00
Silvan Mosberger 8403187566
thelounge: init at 3.0.1 (#51947)
thelounge: init at 3.0.1
2019-07-23 13:45:43 +02:00
Maximilian Bosch c5e515f5c7
nixos/nextcloud: fix inclusion of trusted_domains in override config
Regression I caused with 3944aa051c, sorry
for this! The Nextcloud installer broke back then because
`trusted_domains` was an empty value by default (a.k.a an empty array)
which seemed to break the config merger of Nextcloud as Nextcloud
doesn't do recursive merging and now no domain was trusted because of
that, hence Nextcloud was unreachable for the `curl` call.
2019-07-23 13:29:43 +02:00
Mrmaxmeier 37a2f058ed nixos/thelounge: init
The Lounge is the official and community-managed fork of Shout.
This intends to replace the `shout` service.
2019-07-23 13:18:01 +02:00
Danylo Hlynskyi d54e52276b
postgresql: update docs
https://github.com/NixOS/nixpkgs/issues/32156
2019-07-23 14:17:14 +03:00
WilliButz 5dc50eab68
Merge pull request #65102 from d-goldin/patch-1
docs prometheus.exporters: typo fix.
2019-07-23 10:06:20 +02:00
worldofpeace 356d9ad758 nixos/pantheon: don't add extraPortals
Pantheon's XDG Portal is still WIP and we
it's probably not proper to use gtk's one.
2019-07-23 03:43:41 -04:00
steve-chavez dfd3a0269c Shorten mkEnableOption description 2019-07-23 12:19:28 +09:00
steve-chavez 5ccfa0c816 nixos/modules: add greenclip user service 2019-07-23 12:19:28 +09:00
worldofpeace b1bc0645ea gdk-pixbuf: rename from gdk_pixbuf 2019-07-22 18:50:57 -04:00
Robin Gloster da2eda65e3
Merge pull request #65179 from delroth/bind-extraconfig
nixos/bind: allow manual additions to zone config fragments
2019-07-22 17:53:49 +00:00
Robin Gloster e891178dde
Merge pull request #63900 from Ma27/nextcloud-declarative-dbconfig
nixos/nextcloud: write config to additional config file
2019-07-22 16:50:02 +00:00
Johan Thomsen bbd4a0c100 nixos/gitlab: gitlab-workhorse requires exiftool on path to process uploaded images 2019-07-22 16:41:16 +00:00
Maximilian Bosch 3944aa051c
nixos/nextcloud: write config to additional config file
One of the main problems of the Nextcloud module is that it's currently
not possible to alter e.g. database configuration after the initial
setup as it's written by their imperative installer to a file.

After some research[1] it turned out that it's possible to override all values
with an additional config file. The documentation has been
slightly updated to remain up-to-date, but the warnings should
remain there as the imperative configuration is still used and may cause
unwanted side-effects.

Also simplified the postgresql test which uses `ensure{Databases,Users}` to
configure the database.

Fixes #49783

[1] https://github.com/NixOS/nixpkgs/issues/49783#issuecomment-483063922
2019-07-22 18:29:52 +02:00
WilliButz c64f621bfd
nixos/prometheus-nginx-exporter: update module
Update exporter submodule to match the new exporter version.
2019-07-22 16:41:10 +02:00
WilliButz fb6f0a48bb
nixos/prometheus-exporters: add option renaming for submodules
Adds the functionality to create option renamings and removals
for exporter submodules as in nixos/modules/rename.nix.
2019-07-22 16:41:10 +02:00