summary refs log tree commit diff
path: root/nixos/modules/profiles
Commit message (Collapse)AuthorAge
* Merge pull request #49326 from c0bw3b/nixos/installation-deviceEelco Dolstra2018-10-30
|\ | | | | nixos/installation-device: set GC initial heap size to 1MB
| * installation-device: set GC initial heap size to 1MBRenaud2018-10-28
| | | | | | | | 100000 (100kB) is too aggressive (too low) and gets ignored by the GC See issue #43339
* | Merge pull request #48801 from matthewbauer/cloneConfigExtraMatthew Bauer2018-10-28
|\ \ | |/ |/| ova: add cloneConfigExtra option
| * ova: add cloneConfigExtra optionMatthew Bauer2018-10-21
| | | | | | | | | | | | | | Customize virtualbox ovas to contain a clone config option giving some useful hints. Fixes #38429
* | nixos/installation-device: Move systemPackages additions to profiles/baseTuomas Tynkkynen2018-10-27
| | | | | | | | Other package additions are there as well.
* | nixos/installer: Drop extra copy of w3mTuomas Tynkkynen2018-10-27
|/ | | | | | | The nixos-manual service already uses w3m-nographics for a variant that drops unnecessary junk like various image libraries. iso_minimal closure (i.e. uncompressed) goes from 1884M -> 1837M.
* Merge pull request #48439 from joachifm/hardened-miscJoachim F2018-10-15
|\ | | | | nixos/security/misc: init
| * nixos/security/misc: initJoachim Fasting2018-10-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | A module for security options that are too small to warrant their own module. The impetus for adding this module is to make it more convenient to override the behavior of the hardened profile wrt user namespaces. Without a dedicated option for user namespaces, the user needs to 1) know which sysctl knob controls userns 2) know how large a value the sysctl knob needs to allow e.g., Nix sandbox builds to work In the future, other mitigations currently enabled by the hardened profile may be promoted to options in this module.
* | nixos/hardened: add myself to maintainersJoachim Fasting2018-10-15
|/
* nixos: Fix eval error for documentation.nixosaszlig2018-09-25
| | | | | | | | | | | | | | | | | | | | Introduced by 0f3b89bbedc1a33cc1fc3c142e235da2c64614c3. If services.nixosManual.showManual is enabled and documentation.nixos.enable is not, there is no config.system.build.manual available, so evaluation fails. For example this is the case for the installer tests. There is however an assertion which should catch exactly this, but it isn't thrown because the usage of config.system.build.manual is evaluated earlier than the assertions. So I split the assertion off into a separate mkIf to make sure it is shown appropriately and also fixed the installation-device profile to enable documentation.nixos. Signed-off-by: aszlig <aszlig@nix.build> Cc: @oxij
* Merge pull request #47298 from oxij/nixos/doc-in-installerMichael Raskin2018-09-25
|\ | | | | nixos: fix fallout from #46193
| * nixos: doc: fix minimal profile and installer configsJan Malakhovski2018-09-24
| |
* | Merge pull request #47296 from matthewbauer/closure-size-reductionsxeji2018-09-24
|\ \ | | | | | | ISO/OVA closure size reductions
| * | nixos: don’t enableQt4Support for installer profileMatthew Bauer2018-09-24
| | | | | | | | | | | | | | | | | | This is already done in installer/cd-dvd/installation-cd-graphical-kde.nix but not in profiles/graphical.nix. Related to #47256.
* | | Merge pull request #46193 from oxij/nixos/manual-to-docSamuel Dionne-Riel2018-09-24
|\ \ \ | | |/ | |/| nixos: doc: implement #12542
| * | nixos: doc: move non-service parts of `service.nixosManual` to ↵Jan Malakhovski2018-09-23
| |/ | | | | | | `documentation.nixos`
* / nixos: make firefox default browserMatthew Bauer2018-09-22
|/ | | | | | | | | Without this the graphical installer has no way to open the manual. You can fix it yourself by installing any HTML browser but this might be unfamiliar to users new to NixOS and without any other way to open the manual. The downside is it will also increase download sizes. Fixes #46537
* usb-storage -> uasvolth2018-08-23
| | | | | | | Following up https://github.com/NixOS/nixpkgs/pull/23665 Bootable USB-drives are not limited to ISO-images, there can be "normal" MBR/GPT-partitioned disk connected via USB-rack. Also, "uas" implies "usb-storage", so there is no need to mention both.
* nixos: Fix iso_graphical evaluationTuomas Tynkkynen2018-08-17
| | | | | | I broke it: in job ‘nixos.iso_graphical.x86_64-linux’: The option `services.udisks2.enable' has conflicting definitions, in `/nix/store/bwcjw1ddj94q83vbbnq1nnrs5aisaw59-source/nixos/modules/profiles/installation-device.nix' and `/nix/store/bwcjw1ddj94q83vbbnq1nnrs5aisaw59-source/nixos/modules/services/x11/desktop-managers/plasma5.nix'.
* installer: Disable udisksTuomas Tynkkynen2018-08-17
| | | | | Due to whoever-knows-what, udisks nowadays pulls in GTK+ et al. But it shouldn't be needed anyway in the installer, so disable it.
* set initialHashedPassword in installation-device.nixBob van der Linden2018-08-07
|
* [bot] nixos/*: remove unused arguments in lambdasvolth2018-07-20
|
* [bot]: remove unreferenced codevolth2018-07-20
|
* nixos/modules: users.(extraUsers|extraGroup->users|group)Florian Klink2018-06-30
|
* nixos/installer: Drop dmraidTuomas Tynkkynen2018-05-25
| | | | | This seems some obsolete software RAID configuration program that hasn't been updated since 2010.
* base profile: add mkpasswd to system packagesNikolay Amiantov2018-05-09
| | | | Allows the user to generate password hashes for the installed system easier.
* Merge pull request #38114 from oxij/nixos/doc-moduleMichael Raskin2018-04-05
|\ | | | | nixos: doc module
| * nixos: doc: introduce `documentation` config subtreeJan Malakhovski2018-03-30
| |
* | Merge pull request #37288 from cleverca22/improve-make-tarballGraham Christensen2018-04-04
|\ \ | |/ |/| make-system-tarball: allow alternate compression methods
| * make-system-tarball: allow alternate compression methodsMichael Bishop2018-04-03
| |
* | treewide: replace depecated alias s/mssys/ms-sys/gvolth2018-03-22
|/
* demo: autologin through xserverMatthew Bauer2018-03-05
| | | | | also disable upower on virtualbox Fixes #36348
* Add jq to the installation mediaEelco Dolstra2018-02-27
| | | | This is required by closureInfo.
* Add setFunctionArgs lib function.Shea Levy2018-01-31
| | | | | | Among other things, this will allow *2nix tools to output plain data while still being composable with the traditional callPackage/.override interfaces.
* nixos/profiles/all-hardware: remove unavailable modulesFranz Pletz2017-12-29
|
* nixos/qemu-guest: Ensure virtio_mmio is available in initrdTuomas Tynkkynen2017-11-26
| | | | ARM and AArch64 might use virtio_mmio in some cases.
* nixos: clean up kernel modulesFranz Pletz2017-10-07
| | | | | | | | * the keyboard modules in all-hardware.nix are already defaults of boot.initrd.availableKernelModules * ide modules, hid_lenovo_tpkbd and scsi_wait_scan have been removed because they're not available anymore * i8042 was a duplicate (see few lines abowe)
* nixos/install: disable kernel debug console loggingFranz Pletz2017-09-23
| | | | | | | Add another option for debugging instead. Lots of users have been complaining about this default behaviour. This patch also cleans up the EFI bootloader entries in the ISO.
* fuse3: init at 3.1.1Michael Weiss2017-09-21
| | | | | | | | | | | | | | | | | | | | | | | This includes fuse-common (fusePackages.fuse_3.common) as recommended by upstream. But while fuse(2) and fuse3 would normally depend on fuse-common we can't do that in nixpkgs while fuse-common is just another output from the fuse3 multiple-output derivation (i.e. this would result in a circular dependency). To avoid building fuse3 twice I decided it would be best to copy the shared files (i.e. the ones provided by fuse(2) and fuse3) from fuse-common to fuse (version 2) and avoid collision warnings by defining priorities. Now it should be possible to install an arbitrary combination of "fuse", "fuse3", and "fuse-common" without getting any collision warnings. The end result should be the same and all changes should be backwards compatible (assuming that mount.fuse from fuse3 is backwards compatible as stated by upstream [0] - if not this might break some /etc/fstab definitions but that should be very unlikely). My tests with sshfs (version 2 and 3) didn't show any problems. See #28409 for some additional information. [0]: https://github.com/libfuse/libfuse/releases/tag/fuse-3.0.0
* nixos/hardened: blacklist a few obscure net protocolsJoachim Fasting2017-09-09
|
* nixos/hardened: set mmap_min_addrJoachim Fasting2017-09-09
| | | | | This is set in the hardened linux config as well but sysctl is more flexible & works with any boot.kernelPackages
* profiles/graphical.nix: enable libinput over synapticsGraham Christensen2017-08-30
|
* rogue: omit from the installation mediaVladimír Čunát2017-08-29
| | | | | At least for now. It would increase the ISO size by ~10 MB, after the fixup in the parent commit.
* nixos/hardened profile: increase ASLR entropyJoachim Fasting2017-08-13
|
* all-hardware.nix: add VMware support. (#27430)volth2017-07-17
| | | NixOS does not boot in VMware guest without these modules
* nixos: replaced "userns" with "user namespaces" for clarityAndré-Patrick Bubel2017-06-22
| | | "userns" wasn't introduces as an abbreviation elsewhere as far as I can see, and I wasn't sure what was meant at first.
* hardware.enableRedistributableFirmware: fix spelling errorJörg Thalheim2017-05-09
|
* hardware: add enableRedistributalFirmwareJörg Thalheim2017-05-09
| | | | | | | | Due the recent inclusion of broadcom-bt-firmware in enableAllFirmware, it was required to set `nixpkgs.config.allowUnfree` to obtain the full list. To make this dependency more explicit an assertion is added and an alternative option `enableRedistributalFirmware` is provided to only obtain firmware with an license allowing redistribution.
* nixos/hardened profile: disable user namespaces at runtimeJoachim Fasting2017-04-30
|
* nixos/hardened profile: disable hibernationJoachim Fasting2017-04-30
| | | | Recommended by KSPP
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-31 21:30:44 +0000