diff options
| author | José Romildo Malaquias <malaquias@gmail.com> | 2017-11-02 00:29:12 -0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-11-02 00:29:12 -0200 |
| commit | c07835a11bedd070aef2d2e86e7d03d579b560f3 (patch) | |
| tree | 8b7f11859dd719c4d6dd7cfd83da5c541d5a6454 /nixos | |
| parent | d3763a7164e7c8b1b269add0d0ed1e8f316bbdc9 (diff) | |
| parent | bb6257bd3a22f79b00350966e9de0786cae26f5b (diff) | |
| download | nixlib-c07835a11bedd070aef2d2e86e7d03d579b560f3.tar nixlib-c07835a11bedd070aef2d2e86e7d03d579b560f3.tar.gz nixlib-c07835a11bedd070aef2d2e86e7d03d579b560f3.tar.bz2 nixlib-c07835a11bedd070aef2d2e86e7d03d579b560f3.tar.lz nixlib-c07835a11bedd070aef2d2e86e7d03d579b560f3.tar.xz nixlib-c07835a11bedd070aef2d2e86e7d03d579b560f3.tar.zst nixlib-c07835a11bedd070aef2d2e86e7d03d579b560f3.zip | |
Merge branch 'master' into upd.lxqt
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/doc/manual/installation/installing.xml | 8 | ||||
| -rw-r--r-- | nixos/modules/installer/tools/nixos-generate-config.pl | 1 | ||||
| -rw-r--r-- | nixos/modules/module-list.nix | 1 | ||||
| -rw-r--r-- | nixos/modules/programs/ssh.nix | 4 | ||||
| -rw-r--r-- | nixos/modules/security/acme.xml | 3 | ||||
| -rw-r--r-- | nixos/modules/services/mail/postfix.nix | 19 | ||||
| -rw-r--r-- | nixos/modules/services/misc/gitlab.nix | 6 | ||||
| -rw-r--r-- | nixos/modules/services/misc/nixos-manual.nix | 5 | ||||
| -rw-r--r-- | nixos/modules/services/misc/plexpy.nix | 81 | ||||
| -rw-r--r-- | nixos/modules/services/monitoring/graphite.nix | 4 | ||||
| -rw-r--r-- | nixos/modules/services/networking/dnschain.nix | 2 | ||||
| -rw-r--r-- | nixos/modules/services/web-servers/apache-httpd/default.nix | 1 | ||||
| -rw-r--r-- | nixos/modules/services/web-servers/apache-httpd/wordpress.nix | 1 | ||||
| -rw-r--r-- | nixos/modules/services/x11/display-managers/gdm.nix | 1 | ||||
| -rw-r--r-- | nixos/modules/tasks/network-interfaces-scripted.nix | 3 | ||||
| -rw-r--r-- | nixos/modules/virtualisation/containers.nix | 2 | ||||
| -rw-r--r-- | nixos/tests/graphite.nix | 16 |
17 files changed, 125 insertions, 33 deletions
diff --git a/nixos/doc/manual/installation/installing.xml b/nixos/doc/manual/installation/installing.xml index 8c37643c08f5..b0674307a563 100644 --- a/nixos/doc/manual/installation/installing.xml +++ b/nixos/doc/manual/installation/installing.xml @@ -16,7 +16,8 @@ hardware.</para></listitem> <listitem><para>The NixOS manual is available on virtual console 8 - (press Alt+F8 to access).</para></listitem> + (press Alt+F8 to access) or by running <command>nixos-help</command>. + </para></listitem> <listitem><para>You get logged in as <literal>root</literal> (with empty password).</para></listitem> @@ -139,6 +140,11 @@ the GRUB boot loader is to be installed. Without it, NixOS cannot boot.</para> + <para>If there are other operating systems running on the machine before + installing NixOS, the + <option>boot.loader.grub.useOSProber</option> option can be set to + <literal>true</literal> to automatically add them to the grub menu.</para> + <para>Another critical option is <option>fileSystems</option>, specifying the file systems that need to be mounted by NixOS. However, you typically don’t need to set it yourself, because diff --git a/nixos/modules/installer/tools/nixos-generate-config.pl b/nixos/modules/installer/tools/nixos-generate-config.pl index c0df2977856e..7c737e84de0a 100644 --- a/nixos/modules/installer/tools/nixos-generate-config.pl +++ b/nixos/modules/installer/tools/nixos-generate-config.pl @@ -8,6 +8,7 @@ use File::Basename; use File::Slurp; use File::stat; +umask(0022); sub uniq { my %seen; diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 6f00a97dd3ff..44bcec5aec26 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -328,6 +328,7 @@ ./services/misc/parsoid.nix ./services/misc/phd.nix ./services/misc/plex.nix + ./services/misc/plexpy.nix ./services/misc/pykms.nix ./services/misc/radarr.nix ./services/misc/redmine.nix diff --git a/nixos/modules/programs/ssh.nix b/nixos/modules/programs/ssh.nix index e0fbba897fa4..0935bf0cae71 100644 --- a/nixos/modules/programs/ssh.nix +++ b/nixos/modules/programs/ssh.nix @@ -148,11 +148,11 @@ in [ { hostNames = [ "myhost" "myhost.mydomain.com" "10.10.1.4" ]; - publicKeyFile = "./pubkeys/myhost_ssh_host_dsa_key.pub"; + publicKeyFile = ./pubkeys/myhost_ssh_host_dsa_key.pub; } { hostNames = [ "myhost2" ]; - publicKeyFile = "./pubkeys/myhost2_ssh_host_dsa_key.pub"; + publicKeyFile = ./pubkeys/myhost2_ssh_host_dsa_key.pub; } ] ''; diff --git a/nixos/modules/security/acme.xml b/nixos/modules/security/acme.xml index 823806f4641b..6130ed82ed38 100644 --- a/nixos/modules/security/acme.xml +++ b/nixos/modules/security/acme.xml @@ -89,8 +89,5 @@ services.nginx = { }; } </programlisting> - -<para>At the moment you still have to restart Nginx after the ACME -certs arrive.</para> </section> </chapter> diff --git a/nixos/modules/services/mail/postfix.nix b/nixos/modules/services/mail/postfix.nix index 1fef9ac6ec90..867c0ea6761c 100644 --- a/nixos/modules/services/mail/postfix.nix +++ b/nixos/modules/services/mail/postfix.nix @@ -60,11 +60,11 @@ let manpage_directory = "${pkgs.postfix}/share/man"; html_directory = "${pkgs.postfix}/share/postfix/doc/html"; shlib_directory = false; - relayhost = if cfg.lookupMX || cfg.relayHost == "" - then cfg.relayHost - else - "[${cfg.relayHost}]" - + optionalString (cfg.relayPort != null) ":${toString cfg.relayPort}"; + relayhost = if cfg.relayHost == "" then "" else + if cfg.lookupMX + then "${cfg.relayHost}:${toString cfg.relayPort}" + else "[${cfg.relayHost}]:${toString cfg.relayPort}"; + mail_spool_directory = "/var/spool/mail/"; setgid_group = setgidGroup; } @@ -461,13 +461,10 @@ in }; relayPort = mkOption { - type = types.nullOr types.int; - default = null; - example = 587; + type = types.int; + default = 25; description = " - Specify an optional port for outbound mail relay. (Note: - only used if an explicit <option>relayHost</option> is - defined.) + SMTP port for relay mail relay. "; }; diff --git a/nixos/modules/services/misc/gitlab.nix b/nixos/modules/services/misc/gitlab.nix index 740cbc141b53..7b2b40e59232 100644 --- a/nixos/modules/services/misc/gitlab.nix +++ b/nixos/modules/services/misc/gitlab.nix @@ -572,7 +572,7 @@ in { rm -rf ${cfg.statePath}/config ${cfg.statePath}/shell/hooks mkdir -p ${cfg.statePath}/config - tr -dc A-Za-z0-9 < /dev/urandom | head -c 32 > ${cfg.statePath}/config/gitlab_shell_secret + ${pkgs.openssl}/bin/openssl rand -hex 32 > ${cfg.statePath}/config/gitlab_shell_secret # The uploads directory is hardcoded somewhere deep in rails. It is # symlinked in the gitlab package to /run/gitlab/uploads to make it @@ -619,7 +619,7 @@ in { fi # enable required pg_trgm extension for gitlab - ${pkgs.sudo}/bin/sudo -u ${pgSuperUser} psql gitlab -c "CREATE EXTENSION IF NOT EXISTS pg_trgm" + ${pkgs.sudo}/bin/sudo -u ${pgSuperUser} psql ${cfg.databaseName} -c "CREATE EXTENSION IF NOT EXISTS pg_trgm" # Always do the db migrations just to be sure the database is up-to-date ${gitlab-rake}/bin/gitlab-rake db:migrate RAILS_ENV=production @@ -634,7 +634,7 @@ in { # The gitlab:shell:create_hooks task seems broken for fixing links # so we instead delete all the hooks and create them anew - rm ${cfg.statePath}/repositories/**/*.git/hooks + rm -f ${cfg.statePath}/repositories/**/*.git/hooks ${gitlab-rake}/bin/gitlab-rake gitlab:shell:create_hooks RAILS_ENV=production # Change permissions in the last step because some of the diff --git a/nixos/modules/services/misc/nixos-manual.nix b/nixos/modules/services/misc/nixos-manual.nix index 515864ec2e2d..41cadb4a6de0 100644 --- a/nixos/modules/services/misc/nixos-manual.nix +++ b/nixos/modules/services/misc/nixos-manual.nix @@ -135,8 +135,9 @@ in }; }; - services.mingetty.helpLine = mkIf cfg.showManual - "\nPress <Alt-F${toString cfg.ttyNumber}> for the NixOS manual."; + services.mingetty.helpLine = "\nRun `nixos-help` " + + lib.optionalString cfg.showManual "or press <Alt-F${toString cfg.ttyNumber}> " + + "for the NixOS manual."; }; diff --git a/nixos/modules/services/misc/plexpy.nix b/nixos/modules/services/misc/plexpy.nix new file mode 100644 index 000000000000..df9f12581247 --- /dev/null +++ b/nixos/modules/services/misc/plexpy.nix @@ -0,0 +1,81 @@ +{ config, pkgs, lib, ... }: + +with lib; + +let + cfg = config.services.plexpy; +in +{ + options = { + services.plexpy = { + enable = mkEnableOption "PlexPy Plex Monitor"; + + dataDir = mkOption { + type = types.str; + default = "/var/lib/plexpy"; + description = "The directory where PlexPy stores its data files."; + }; + + configFile = mkOption { + type = types.str; + default = "/var/lib/plexpy/config.ini"; + description = "The location of PlexPy's config file."; + }; + + port = mkOption { + type = types.int; + default = 8181; + description = "TCP port where PlexPy listens."; + }; + + user = mkOption { + type = types.str; + default = "plexpy"; + description = "User account under which PlexPy runs."; + }; + + group = mkOption { + type = types.str; + default = "nogroup"; + description = "Group under which PlexPy runs."; + }; + + package = mkOption { + type = types.package; + default = pkgs.plexpy; + defaultText = "pkgs.plexpy"; + description = '' + The PlexPy package to use. + ''; + }; + }; + }; + + config = mkIf cfg.enable { + systemd.services.plexpy = { + description = "PlexPy Plex Monitor"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + preStart = '' + test -d "${cfg.dataDir}" || { + echo "Creating initial PlexPy data directory in \"${cfg.dataDir}\"." + mkdir -p "${cfg.dataDir}" + chown ${cfg.user}:${cfg.group} "${cfg.dataDir}" + } + ''; + serviceConfig = { + Type = "simple"; + User = cfg.user; + Group = cfg.group; + PermissionsStartOnly = "true"; + GuessMainPID = "false"; + ExecStart = "${cfg.package}/bin/plexpy --datadir ${cfg.dataDir} --config ${cfg.configFile} --port ${toString cfg.port} --pidfile ${cfg.dataDir}/plexpy.pid --nolaunch"; + Restart = "on-failure"; + }; + }; + + users.extraUsers = mkIf (cfg.user == "plexpy") { + plexpy = { group = cfg.group; uid = config.ids.uids.plexpy; }; + }; + }; +} diff --git a/nixos/modules/services/monitoring/graphite.nix b/nixos/modules/services/monitoring/graphite.nix index 01b4aca91731..645dfeab0193 100644 --- a/nixos/modules/services/monitoring/graphite.nix +++ b/nixos/modules/services/monitoring/graphite.nix @@ -22,8 +22,8 @@ let ); graphiteApiConfig = pkgs.writeText "graphite-api.yaml" '' - time_zone: ${config.time.timeZone} search_index: ${dataDir}/index + ${optionalString (!isNull config.time.timeZone) ''time_zone: ${config.time.timeZone}''} ${optionalString (cfg.api.finders != []) ''finders:''} ${concatMapStringsSep "\n" (f: " - " + f.moduleName) cfg.api.finders} ${optionalString (cfg.api.functions != []) ''functions:''} @@ -536,7 +536,7 @@ in { environment = { PYTHONPATH = let aenv = pkgs.python.buildEnv.override { - extraLibs = [ cfg.api.package pkgs.cairo ] ++ cfg.api.finders; + extraLibs = [ cfg.api.package pkgs.cairo pkgs.pythonPackages.cffi ] ++ cfg.api.finders; }; in "${aenv}/${pkgs.python.sitePackages}"; GRAPHITE_API_CONFIG = graphiteApiConfig; diff --git a/nixos/modules/services/networking/dnschain.nix b/nixos/modules/services/networking/dnschain.nix index ab7bbb15ad4f..ee1cd3600039 100644 --- a/nixos/modules/services/networking/dnschain.nix +++ b/nixos/modules/services/networking/dnschain.nix @@ -158,7 +158,7 @@ in serviceConfig = { User = "dnschain"; Restart = "on-failure"; - ExecStart = "${pkgs.dnschain}/bin/dnschain"; + ExecStart = "${pkgs.nodePackages.dnschain}/bin/dnschain"; }; preStart = '' diff --git a/nixos/modules/services/web-servers/apache-httpd/default.nix b/nixos/modules/services/web-servers/apache-httpd/default.nix index 1c3c7835d961..f9f2511f45dc 100644 --- a/nixos/modules/services/web-servers/apache-httpd/default.nix +++ b/nixos/modules/services/web-servers/apache-httpd/default.nix @@ -676,6 +676,7 @@ in '' ; Needed for PHP's mail() function. sendmail_path = sendmail -t -i + '' + optionalString (!isNull config.time.timeZone) '' ; Apparently PHP doesn't use $TZ. date.timezone = "${config.time.timeZone}" diff --git a/nixos/modules/services/web-servers/apache-httpd/wordpress.nix b/nixos/modules/services/web-servers/apache-httpd/wordpress.nix index c6f4bcd0f666..1c654667dfc7 100644 --- a/nixos/modules/services/web-servers/apache-httpd/wordpress.nix +++ b/nixos/modules/services/web-servers/apache-httpd/wordpress.nix @@ -13,6 +13,7 @@ let define('DB_HOST', '${config.dbHost}'); define('DB_CHARSET', 'utf8'); $table_prefix = '${config.tablePrefix}'; + define('AUTOMATIC_UPDATER_DISABLED', true); ${config.extraConfig} if ( !defined('ABSPATH') ) define('ABSPATH', dirname(__FILE__) . '/'); diff --git a/nixos/modules/services/x11/display-managers/gdm.nix b/nixos/modules/services/x11/display-managers/gdm.nix index 83c5c95dae7e..e83f26516f5f 100644 --- a/nixos/modules/services/x11/display-managers/gdm.nix +++ b/nixos/modules/services/x11/display-managers/gdm.nix @@ -125,6 +125,7 @@ in "getty@tty1.service" ]; + systemd.services."getty@tty1".enable = false; systemd.services.display-manager.conflicts = [ "getty@tty1.service" ]; systemd.services.display-manager.serviceConfig = { # Restart = "always"; - already defined in xserver.nix diff --git a/nixos/modules/tasks/network-interfaces-scripted.nix b/nixos/modules/tasks/network-interfaces-scripted.nix index e92c9bc27def..1f424f84c6e0 100644 --- a/nixos/modules/tasks/network-interfaces-scripted.nix +++ b/nixos/modules/tasks/network-interfaces-scripted.nix @@ -93,6 +93,7 @@ let after = [ "network-pre.target" "systemd-udevd.service" "systemd-sysctl.service" ]; before = [ "network.target" "shutdown.target" ]; wants = [ "network.target" ]; + partOf = map (i: "network-addresses-${i.name}.service") interfaces; conflicts = [ "shutdown.target" ]; wantedBy = [ "multi-user.target" ] ++ optional hasDefaultGatewaySet "network-online.target"; @@ -171,8 +172,6 @@ let "network-link-${i.name}.service" "network.target" ]; - # propagate stop and reload from network-setup - partOf = [ "network-setup.service" ]; # order before network-setup because the routes that are configured # there may need ip addresses configured before = [ "network-setup.service" ]; diff --git a/nixos/modules/virtualisation/containers.nix b/nixos/modules/virtualisation/containers.nix index 82dfc1c9f1ce..8618a9c93dd8 100644 --- a/nixos/modules/virtualisation/containers.nix +++ b/nixos/modules/virtualisation/containers.nix @@ -537,7 +537,7 @@ in type = types.bool; default = false; description = '' - Wether the container is automatically started at boot-time. + Whether the container is automatically started at boot-time. ''; }; diff --git a/nixos/tests/graphite.nix b/nixos/tests/graphite.nix index 4fd7de192d55..a22ef224580a 100644 --- a/nixos/tests/graphite.nix +++ b/nixos/tests/graphite.nix @@ -4,22 +4,28 @@ import ./make-test.nix ({ pkgs, ...} : nodes = { one = { config, pkgs, ... }: { + time.timeZone = "UTC"; services.graphite = { - web = { + web.enable = true; + api = { enable = true; + port = 8082; }; - carbon = { - enableCache = true; - }; + carbon.enableCache = true; + seyren.enable = true; + pager.enable = true; }; }; - }; + }; testScript = '' startAll; $one->waitForUnit("default.target"); $one->requireActiveUnit("graphiteWeb.service"); + $one->requireActiveUnit("graphiteApi.service"); + $one->requireActiveUnit("graphitePager.service"); $one->requireActiveUnit("carbonCache.service"); + $one->requireActiveUnit("seyren.service"); $one->succeed("echo \"foo 1 `date +%s`\" | nc -q0 localhost 2003"); $one->waitUntilSucceeds("curl 'http://localhost:8080/metrics/find/?query=foo&format=treejson' --silent | grep foo") ''; |