Commit message (Collapse) | Author | Age | ||
---|---|---|---|---|
... | ||||
| * | | nixos/network-interfaces: More fixes | William A. Kennington III | 2014-11-27 | |
| | | | ||||
| * | | nixos/network-interfaces: Add maclvan support | William A. Kennington III | 2014-11-26 | |
| | | | ||||
| * | | nixos/networking: Fixes | William A. Kennington III | 2014-11-26 | |
| | | | ||||
| * | | nixos/network-interfaces: Make it clear that networkd is experimental | William A. Kennington III | 2014-11-26 | |
| | | | ||||
| * | | nixos/network-interfaces: Refactor scripts for reliability and dependency ↵ | William A. Kennington III | 2014-11-26 | |
| | | | | | | | | | | | | removal | |||
| * | | nixos/dhcpcd: Respect per interface dhcp options | William A. Kennington III | 2014-11-26 | |
| | | | ||||
| * | | nixos/network-interfaces: Promote secondary addresses when primary addresses ↵ | William A. Kennington III | 2014-11-26 | |
| | | | | | | | | | | | | expire | |||
| * | | nixos/network-interfaces: Support mac address and mtu universally | William A. Kennington III | 2014-11-26 | |
| | | | ||||
| * | | nixos: Support network-online target in addition to ip-up | William A. Kennington III | 2014-11-26 | |
| | | | ||||
| * | | nixos/systemd: ip-up and network-online targets should come after ↵ | William A. Kennington III | 2014-11-26 | |
| | | | | | | | | | | | | networkd-wait-online | |||
| * | | nixos/networking: Rebuild resolvconf during activation | William A. Kennington III | 2014-11-26 | |
| | | | | | | | | | | | | | | | | | | | | | This is needed when /etc/resolv.conf is being overriden by networkd and other configurations. If the file is destroyed by an environment activation then it must be rebuilt so that applications which interface with /etc/resolv.conf directly don't break. | |||
| * | | networkd: Support Host Resolvconf | William A. Kennington III | 2014-11-26 | |
| | | | ||||
| * | | nixos/network-interfaces-scripted: Fix network-setup triggering | William A. Kennington III | 2014-11-26 | |
| | | | ||||
| * | | nixos/network-interfaces: Provide a networkd implementation | William A. Kennington III | 2014-11-26 | |
| | | | ||||
| * | | systemd-network: Add assertions for user clarity | William A. Kennington III | 2014-11-26 | |
| | | | ||||
| * | | systemd: Enable more network services | William A. Kennington III | 2014-11-26 | |
| | | | ||||
| * | | systemd: Add ability to define networks | William A. Kennington III | 2014-11-26 | |
| | | | ||||
* | | | nixos/kubernetes: try to fix test by incrising memory size | Jaka Hudoklin | 2014-11-30 | |
| | | | ||||
* | | | nixos: run etcd, docker-registry and kubernetes tests only on supported ↵ | Jaka Hudoklin | 2014-11-30 | |
| | | | | | | | | | | | | platforms | |||
* | | | virtualbox: Enable hardening by default. | aszlig | 2014-11-29 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | VirtualBox with hardening support requires the main binaries to be setuid root. Using VBOX_WITH_RUNPATH, we ensure that the RPATHs are pointing to the libexec directory and we also need to unset VBOX_WITH_ORIGIN to make sure that the build system is actually setting those RPATHs. The hardened.patch implements two things: * Set the binary directory to the setuid-wrappers dir so that VboxSVC calls them instead of the binaries from the store path. The reason behind this is because nothing in the Nix store can have the setuid flag. * Excempt /nix/store from the group permission check, because while it is group-writeable indeed it also has the sticky bit set (and also the whole store is mounted read-only on most NixOS systems), so we're checking on that as well. Right now, the hardened.patch uses /nix/store and /var/setuid-wrappers directly, so someone would ever want to change those on a NixOS system, please provide a patch to set those paths on build time. However, for simplicity, it's best to do it when we _really_ need it. Signed-off-by: aszlig <aszlig@redmoonstudios.org> | |||
* | | | nixos/kubernetes: fix user id | Jaka Hudoklin | 2014-11-29 | |
| | | | ||||
* | | | Merge pull request #5088 from offlinehacker/nixos/kubernetes | Jaka Hudoklin | 2014-11-29 | |
|\ \ \ | | | | | | | | | nixos: add kubernetes module | |||
| * | | | nixos: add kubernetes module | Jaka Hudoklin | 2014-11-29 | |
| | | | | ||||
* | | | | nixos: Use vendor zones instead of N.pool.ntp.org. | aszlig | 2014-11-28 | |
|/ / / | | | | | | | | | | | | | | | | Closes #4824, thanks to @abh for processing my stupidity. Signed-off-by: aszlig <aszlig@redmoonstudios.org> | |||
* | | | fix printing test | Domen Kožar | 2014-11-27 | |
| | | | ||||
* | | | nixos: reverse logic in nixos interactive tests documentation | Domen Kožar | 2014-11-27 | |
| | | | ||||
* | | | nixos/sshd: Fix build if knownHosts is empty. | aszlig | 2014-11-27 | |
| | | | | | | | | | | | | | | | | | | | | | | | | Introduced by 77ff279f2767cf1f28eed03a1f93e5df54c99bf5. Build failure: https://headcounter.org/hydra/build/583158/nixlog/5/raw Signed-off-by: aszlig <aszlig@redmoonstudios.org> | |||
* | | | nixos: Add enable option for programs/virtualbox. | aszlig | 2014-11-27 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | We will simply rename the previous module and add a warning whenever the module is included directly, pointing the user to the right option and also enable it as well (in case somebody has missed the option and is wondering why VirtualBox doesn't work anymore). Signed-off-by: aszlig <aszlig@redmoonstudios.org> | |||
* | | | nixos: Rename virtualbox to virtualboxGuest. | aszlig | 2014-11-27 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Especially new users could be confused by this, so we're now marking services.virtualbox.enable as obsolete and defaulting to services.virtualboxGuest.enable instead. I believe this now makes it clear, that this option is for guest additions only. Signed-off-by: aszlig <aszlig@redmoonstudios.org> | |||
* | | | nixos/services.openssh: Allow knownHost keys to have multiple lines. | Rickard Nilsson | 2014-11-27 | |
| | | | | | | | | | | | | Useful for adding several public keys of different types for the same host. | |||
* | | | Don't set $MANPATH | Eelco Dolstra | 2014-11-27 | |
| |/ |/| | | | | | | | The default is derived automatically from $PATH, so it's in fact better *not* to set it. | |||
* | | Merge pull request #5130 from wmertens/git-ssl-env | wmertens | 2014-11-27 | |
|\ \ | | | | | | | Let git use $SSL_CERT_FILE | |||
| * | | Remove unnecessary $GIT_SSL_CAINFO from sys env | Wout Mertens | 2014-11-26 | |
| | | | ||||
* | | | NetworkManager.service -> network-manager.service | Domen Kožar | 2014-11-27 | |
| | | | ||||
* | | | e18: remove old desktop manager | Matej Cotman | 2014-11-26 | |
| | | | ||||
* | | | e17: remove old desktop manager | Matej Cotman | 2014-11-26 | |
| |/ |/| | ||||
* | | Mediawiki: updated for Apache 2.4 | Igor Pashev | 2014-11-26 | |
| | | ||||
* | | Style fixes | Eelco Dolstra | 2014-11-25 | |
| | | ||||
* | | Added strongSwan service | Igor Pashev | 2014-11-25 | |
| | | ||||
* | | containers: add test that stopping and starting a container works (#4989) | Aristid Breitkreuz | 2014-11-24 | |
| | | ||||
* | | nvidia_x11: current long-lived becomes a new legacy | Vladimír Čunát | 2014-11-24 | |
| | | | | | | | | CC: #5070. | |||
* | | Merge pull request #5006 from daogames/este/customgitoliteuser | cillianderoiste | 2014-11-24 | |
|\ \ | | | | | | | enable different useraccount name for gitolite user | |||
| * | | enable different useraccount name for gitolite user | Ronny Esterluss | 2014-11-14 | |
| | | | ||||
* | | | nixos/unifi: Properly depend on mountpoints | William A. Kennington III | 2014-11-24 | |
| | | | ||||
* | | | nixos/cupsd: Ignore collisions in cups-progs. | aszlig | 2014-11-24 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There currently are collisions between the main CUPS package and the filters package, which are: * $storepath/share/cups/banners/classified * $storepath/share/cups/banners/confidential * $storepath/share/cups/banners/secret * $storepath/share/cups/banners/standard * $storepath/share/cups/banners/topsecret * $storepath/share/cups/banners/unclassified * $storepath/share/cups/data/testprint And they actually have different content, so let's ignore those for now until we have a better fix. Signed-off-by: aszlig <aszlig@redmoonstudios.org> | |||
* | | | opentsdb: Enable chunked API requests by default | Oliver Charles | 2014-11-24 | |
| | | | ||||
* | | | scollector: Allow users to specify external collectors | Oliver Charles | 2014-11-24 | |
| | | | ||||
* | | | OpenTSDB should create its schema on start up | Oliver Charles | 2014-11-24 | |
| | | | ||||
* | | | hbase should use dataDir to specify where to store data | Oliver Charles | 2014-11-24 | |
| | | | ||||
* | | | Add an `extraConfig` option to `bosun` | Oliver Charles | 2014-11-24 | |
| | | |