summary refs log tree commit diff
path: root/nixos
Commit message (Collapse)AuthorAge
* nixos/amazon-init.nix: add git/tar/gz, fix AMI configuration (#78363)Silvan Mosberger2020-01-23
|\ | | | | nixos/amazon-init.nix: add git/tar/gz, fix AMI configuration
| * Pass on nixos configuration to amazonImageChristian Höppner2020-01-23
| |
| * nixos/amazon-init.nix: Add gzip to amazon-init pathChristian Höppner2020-01-23
| |
| * nixos/amazon-init.nix: Add gnutar to amazon-init PATHChristian Höppner2020-01-23
| |
| * nixos/amazon-init.nix: add git to amazon-init script PATHChristian Höppner2020-01-23
| |
* | Merge pull request #78378 from Izorkin/unit-fixAaron Andersen2020-01-23
|\ \ | | | | | | nixos/unit: fix attrs
| * | nixos/unit: fix attrsIzorkin2020-01-23
| | |
* | | modules/at-spi2-core: add debugging help to descriptionProfpatsch2020-01-23
|/ / | | | | | | This makes the error message greppable.
* | Merge pull request #76787 from primeos/swayMichael Weiss2020-01-23
|\ \ | |/ |/| sway: 1.2 -> 1.4, wlroots: 0.8.1 -> 0.10.0
| * nixos/sway: Install the new default terminal emulatorMichael Weiss2020-01-22
| | | | | | | | | | The default changed in Sway 1.3 from rxvt_unicode to alacritty. For backward compatibility we'll install both terminal emulators by default.
* | nixos/docs: Fix nixos-install --system command (#77719)Silvan Mosberger2020-01-23
|\ \ | | | | | | nixos/docs: Fix nixos-install --system command
| * | nixos/docs: Fix nixos-install --system commandSilvan Mosberger2020-01-15
| | |
* | | Merge pull request #76585 from serokell/mkaito/amazon-userdata-multiple-channelsGraham Christensen2020-01-22
|\ \ \ | | | | | | | | virtualization/amazon-init: log multiple nix channels, fix nix path.
| * | | virtualization/amazon-init: fix logging, nix pathChristian Höppner2019-12-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The missing `\n` in the printf format string prevented multiple channels from being logged. The missing `nixpkgs=` in the `NIX_PATH` prevented `nixos-rebuild` from working if the system configuration has any reference to `nixpkgs`. Additionally: * Use process substitution instead of piping printf to avoid creating a subshell. * Set an empty `IFS` to avoid word splitting. * Add the `-r` flag to `read` to avoid mangling backslashes.
* | | | Merge pull request #77532 from symphorien/roundcubeMaximilian Bosch2020-01-22
|\ \ \ \ | | | | | | | | | | nixos/roundcube: security improvements
| * | | | nixos/roundcube: provide path to mime.types fileSymphorien Gibol2020-01-18
| | | | | | | | | | | | | | | | | | | | | | | | | fixes this warning: WARNING: Mimetype to file extension mapping doesn't work properly!
| * | | | nixos/roundcube: don't use the default and insecure des_keySymphorien Gibol2020-01-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The php installer creates a random one, but we bypass it, so we have to create one ourselves. This should be backward compatible as encryption is used for session cookies only: users at the time of the upgrade will be logged out but nothing more. https://github.com/roundcube/roundcubemail/blob/259b7fa0650fea9320b38cb17c4e80497acae7a3/config/config.inc.php.sample#L73
| * | | | nixos/roundcube: do not write passwords to the store nor run php as rootSymphorien Gibol2020-01-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the database is local, use postgres peer authentication. Otherwise, use a password file. Leave database initialisation to postgresql.ensure*. Leave /var/lib/roundcube creation to systemd. Run php upgrade script as unpriviledged user.
* | | | | nixos/corerad: update test for new configurationMatt Layher2020-01-22
| | | | |
* | | | | Merge pull request #78134 from NinjaTrappeur/nin-harden-syncthingFlorian Klink2020-01-21
|\ \ \ \ \ | | | | | | | | | | | | nixos/syncthing.nix: Sandbox the systemd service.
| * | | | | nixos/syncthing.nix: Sandbox the systemd service.Félix Baylac-Jacqué2020-01-20
| | | | | | | | | | | | | | | | | | | | | | | | Using systemd sandboxing features to harden the syncthing service.
* | | | | | Merge pull request #77665 from zaninime/ifxfrmFlorian Klink2020-01-21
|\ \ \ \ \ \ | | | | | | | | | | | | | | systemd-networkd: add configuration for XFRM interfaces
| * | | | | | systemd-networkd: add configuration for XFRM interfacesFrancesco Zanini2020-01-14
| | | | | | |
* | | | | | | nixos/buildkite: drop user option (#78160)Florian Klink2020-01-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * nixos/buildkite: drop user option This reverts 8c6b1c3eaaa8b555bddaced3ab6f02695bef1541. Turns out, buildkite-agent has logic to write .ssh/known_hosts files and only really works when $HOME and the user homedir are in sync. On top of that, we provision ssh keys in /var/lib/buildkite-agent, which doesn't work if that other users' homedir points elsewhere (we can cheat by setting $HOME, but then getent and $HOME provide conflicting results). So after all, it's better to only run the system-wide buildkite agent as the "buildkite-agent" user only - if one wants to run buildkite as different users, systemd user services might be a better fit. * nixosTests.buildkite-agent: add node with separate user and no ssh key
* | | | | | | nixos-rebuild: fix the maybeSudo usagezimbatm2020-01-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * properly expand the command using arrays instead of strings * also handle sudo on the localhost
* | | | | | | nixos/matterbridge: fix package accesszimbatm2020-01-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | was broken by 4371ecb8a61f672b3bbf82fca32efbb418a3730f due to the switch to buildGoModule
* | | | | | | nixos/zerotierone: simplify the unitzimbatm2020-01-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There is no need to stop/start the unit when the machine is online or offline. This should fix the shutdown locking issues. nixos zerotier: sometimes it doesn't shutdown
* | | | | | | Merge pull request #76537 from Izorkin/unitJörg Thalheim2020-01-21
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | unit: 1.13.0 -> 1.14.0
| * | | | | | | nixos/unit: fix typoIzorkin2019-12-28
| | | | | | | |
* | | | | | | | Merge pull request #78004 from worldofpeace/mtrack-removeworldofpeace2020-01-20
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | nixos/multitouch: remove (properly known as mtrack)
| * | | | | | | | nixos/multitouch: removeworldofpeace2020-01-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | On numerous occasions I have seen users mistake this module as libinput because it being called "multitouch" and them being unaware that the actually module they want is libinput. They then run into several decrepit bugs due to the completely out-of-date nature of the underlying package. The underlying package hasn't been changed to an up-to-date fork in a period of 8 years. I don't consider this to be production quality. However, I'm not opposed for the module being readded to NixOS with new packaging, and a better name.
* | | | | | | | | nixos/traceroute: init (#77953)Silvan Mosberger2020-01-20
|\ \ \ \ \ \ \ \ \ | |_|_|_|/ / / / / |/| | | | | | | | nixos/traceroute: init
| * | | | | | | | nixos/traceroute: initvolth2020-01-17
| | | | | | | | |
* | | | | | | | | Merge pull request #78045 from flokli/buildkite-agent-user-runtime-testzimbatm2020-01-20
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | nixos/buildkite: add option to configure user, add nix-required packages to runtime, add test
| * | | | | | | | | nixos/buildkite: make privateSshKeyPath optionalFlorian Klink2020-01-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When only cloning public repos, or when the ssh key is provided by different means, we don't need to manage it here.
| * | | | | | | | | nixosTests.buildkite: add testFlorian Klink2020-01-20
| | | | | | | | | |
| * | | | | | | | | nixos/buildkite-agent: add gnutar, gzip and git to runtimePackagesFlorian Klink2020-01-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | These are required for nix to do builtins.fetchTarball and builtins.fetchGit, so most likely we want them to be around.
| * | | | | | | | | nixos/buildkite: stop using deprecated optionFlorian Klink2020-01-20
| | | | | | | | | |
| * | | | | | | | | nixos/buildkite-agent: add "user" optionFlorian Klink2020-01-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This allows buildkite-agent to run as another user. It'll still run builds from /var/lib/buildkite-agent and setup things in there.
* | | | | | | | | | rabbitmq: make all dependencies explicitAlexey Lebedeff2020-01-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some things were provided by default, some by systemd unit and some were just miraculously working. This turns them into explicit dependencies of the package itself, making everything properly overrideable. + providing glibcLocales fixes elixir compile warnings + providing systemd dependency allows rabbit to use systemctl for unit activation check instead of falling back to sleep. This was seen as a warning during startup.
* | | | | | | | | | Merge pull request #77587 from singron/fix-sharedFlorian Klink2020-01-19
|\ \ \ \ \ \ \ \ \ \ | |/ / / / / / / / / |/| | | | | | | | | test-driver.py: Share the shared dir between VMs
| * | | | | | | | | test-driver.py: Use /tmp/shared for copy_from_vmEric Culp2020-01-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The docstring says it uses a directory shared among all vms, although that doesn't seem necessary for the functionality. However, it does need to be consistent between the guest and host.
| * | | | | | | | | test-driver.py: Share the shared dir between VMsEric Culp2020-01-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This changes the python test driver to match the behavior of the perl test driver. I.e. the directory mounted into /tmp/shared should be the same for all machines. This probably fixes many tests, but I found this while investigating failures in nixos/tests/ceph-multi-node.nix.
* | | | | | | | | | Merge pull request #77540 from singron/fix-certmgr-testFlorian Klink2020-01-19
|\ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | nixos/tests/certmgr: Fix file permissions
| * | | | | | | | | | nixos/tests/certmgr: Fix file permissionsEric Culp2020-01-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This test has been broken since 2a413da57efc4, which stopped running the nginx master process as root.
* | | | | | | | | | | Merge pull request #77950 from flokli/buildkite-3Florian Klink2020-01-19
|\ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | nixos/buildkite-agent: move to v3
| * | | | | | | | | | | nixos/buildkite: add release notesFlorian Klink2020-01-17
| | | | | | | | | | | |
| * | | | | | | | | | | nixos/buildkite-agent: change option meta-data into tags attrsetFlorian Klink2020-01-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is called tags in the buildkite 3.
| * | | | | | | | | | | nixos/buildkite-agent: add a shell attribute to specify the shell being usedYorick van Pelt2020-01-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This gets passed to BUILDKITE_SHELL, which will specify the shell being used to executes script in. Defaults to `${pkgs.bash}/bin/bash -e -c`, matching how buildkite behaves on other distros.
| * | | | | | | | | | | nixos/buildkite-agent: tweak TimeoutStopSec and KillModeFlorian Klink2020-01-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This improves behaviour when the service is being stopped.