From 57721a2888506d49a6fd5ac4bf1200f5a75dd138 Mon Sep 17 00:00:00 2001 From: Rickard Nilsson Date: Wed, 1 Oct 2014 17:22:21 +0200 Subject: nixos: Add option services.cron.cronFiles This allows you to configure extra files that should be appended to your crontab. Implemented by writing to /etc/crontab when the cron service starts. Would be nicer to use a cron that supports /etc/cron.d but that would require us to patch vixie-cron. --- nixos/modules/services/scheduling/cron.nix | 26 ++++++++++++++++++-------- 1 file changed, 18 insertions(+), 8 deletions(-) (limited to 'nixos/modules') diff --git a/nixos/modules/services/scheduling/cron.nix b/nixos/modules/services/scheduling/cron.nix index 9ce0bcbec7eb..ded3010ec5ae 100644 --- a/nixos/modules/services/scheduling/cron.nix +++ b/nixos/modules/services/scheduling/cron.nix @@ -25,6 +25,10 @@ let sendmailPath = "/var/setuid-wrappers/sendmail"; }; + allFiles = map (f: "\"${f}\"") ( + [ "${systemCronJobsFile}" ] ++ config.services.cron.cronFiles + ); + in { @@ -71,6 +75,15 @@ in ''; }; + cronFiles = mkOption { + type = types.listOf types.path; + default = []; + description = '' + A list of extra crontab files that will be read and appended to the main + crontab file when the cron service starts. + ''; + }; + }; }; @@ -78,14 +91,7 @@ in ###### implementation - config = mkIf config.services.cron.enable { - - environment.etc = singleton - # The system-wide crontab. - { source = systemCronJobsFile; - target = "crontab"; - mode = "0600"; # Cron requires this. - }; + config = mkIf (config.services.cron.enable && allFiles != []) { security.setuidPrograms = [ "crontab" ]; @@ -100,6 +106,10 @@ in preStart = '' + rm -f /etc/crontab + cat ${toString allFiles} > /etc/crontab + chmod 0600 /etc/crontab + mkdir -m 710 -p /var/cron # By default, allow all users to create a crontab. This -- cgit 1.4.1 From 7536d4128750e9482a61df4d6460eaebed9a1faf Mon Sep 17 00:00:00 2001 From: _1126 Date: Sun, 5 Oct 2014 14:50:08 +0200 Subject: stumpwm: update and refactoring This commit updates the stumpwm to version 0.9.8. Futhermore, it refactors the expression quite a lot: * stumpwm has been moved from lisp modules to window-managers. * stumpwm has been added to the window managers NixOS knows about, this enables the user to add stumpwm as a default window manager in his NixOS configuration like with Xmonad or i3. * the package has been split into stumpwm and stumpwmContrib. This is due to the fact that development of stumpwm and its extension modules has been split into two repositories. As of today, the release is the last one before this split. This split into two packages only reflect those upcoming upstream changes already. It is planned to make the addition of the extension modules voluntarily, like with Xmonads option "enableContribAndExtras". Furthermore it might be possible to add an option to compile stumpwm with clisp instead of sbcl. --- .../services/x11/window-managers/default.nix | 3 +- .../services/x11/window-managers/stumpwm.nix | 30 ++++++++++++++++ .../window-managers/stumpwm/contrib.nix | 31 ++++++++++++++++ .../window-managers/stumpwm/default.nix | 41 ++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 3 +- 5 files changed, 106 insertions(+), 2 deletions(-) create mode 100644 nixos/modules/services/x11/window-managers/stumpwm.nix create mode 100644 pkgs/applications/window-managers/stumpwm/contrib.nix create mode 100644 pkgs/applications/window-managers/stumpwm/default.nix (limited to 'nixos/modules') diff --git a/nixos/modules/services/x11/window-managers/default.nix b/nixos/modules/services/x11/window-managers/default.nix index 45a4e947e0aa..4f2a2309b60c 100644 --- a/nixos/modules/services/x11/window-managers/default.nix +++ b/nixos/modules/services/x11/window-managers/default.nix @@ -18,6 +18,7 @@ in ./i3.nix ./herbstluftwm.nix ./bspwm.nix + ./stumpwm.nix ]; options = { @@ -60,4 +61,4 @@ in config = { services.xserver.displayManager.session = cfg.session; }; -} +} \ No newline at end of file diff --git a/nixos/modules/services/x11/window-managers/stumpwm.nix b/nixos/modules/services/x11/window-managers/stumpwm.nix new file mode 100644 index 000000000000..a876f13fd214 --- /dev/null +++ b/nixos/modules/services/x11/window-managers/stumpwm.nix @@ -0,0 +1,30 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.xserver.windowManager.stumpwm; +in + +{ + options = { + services.xserver.windowManager.stumpwm = { + enable = mkOption { + type = types.bool; + default = false; + example = true; + description = "Enable the stumpwm tiling window manager."; + }; + }; + }; + + config = mkIf cfg.enable { + services.xserver.windowManager.session = singleton { + name = "stumpwm"; + start = " + ${pkgs.stumpwm}/bin/stumpwm + "; + }; + environment.systemPackages = [ pkgs.stumpwm ]; + }; +} diff --git a/pkgs/applications/window-managers/stumpwm/contrib.nix b/pkgs/applications/window-managers/stumpwm/contrib.nix new file mode 100644 index 000000000000..dc707983811a --- /dev/null +++ b/pkgs/applications/window-managers/stumpwm/contrib.nix @@ -0,0 +1,31 @@ +{ stdenv, fetchgit }: + +let + tag = "0.9.8"; +in + +stdenv.mkDerivation rec { + name = "stumpwmContrib-${tag}"; + + src = fetchgit { + url = "https://github.com/stumpwm/stumpwm"; + rev = "refs/tags/${tag}"; + sha256 = "0a0lwwlly4hlmb30bk6dmi6bsdsy37g4crvv1z24gixippyv1qzm"; + }; + + phases = [ "unpackPhase" "installPhase" ]; + + installPhase = '' + mkdir -p $out/bin + cp -a $src/contrib $out/ + cp -a $src/contrib/stumpish $out/bin + ''; + + meta = with stdenv.lib; { + description = "Extension modules for the StumpWM"; + homepage = https://github.com/stumpwm/; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ _1126 ]; + platforms = platforms.linux; + }; +} \ No newline at end of file diff --git a/pkgs/applications/window-managers/stumpwm/default.nix b/pkgs/applications/window-managers/stumpwm/default.nix new file mode 100644 index 000000000000..7fe28b1678a3 --- /dev/null +++ b/pkgs/applications/window-managers/stumpwm/default.nix @@ -0,0 +1,41 @@ +{ stdenv, pkgs, fetchgit, autoconf, sbcl, lispPackages, xdpyinfo, texinfo4, makeWrapper, stumpwmContrib }: + +let + tag = "0.9.8"; +in + +stdenv.mkDerivation rec { + name = "stumpwm-${tag}"; + + src = fetchgit { + url = "https://github.com/stumpwm/stumpwm"; + rev = "refs/tags/${tag}"; + sha256 = "0a0lwwlly4hlmb30bk6dmi6bsdsy37g4crvv1z24gixippyv1qzm"; + }; + + buildInputs = [ texinfo4 autoconf lispPackages.clx lispPackages.cl-ppcre sbcl makeWrapper stumpwmContrib ]; + + phases = [ "unpackPhase" "preConfigurePhase" "configurePhase" "installPhase" ]; + + preConfigurePhase = '' + $src/autogen.sh + mkdir -pv $out/bin + ''; + + configurePhase = '' + ./configure --prefix=$out --with-contrib-dir=${pkgs.stumpwmContrib}/contrib + ''; + + installPhase = '' + make + make install + ''; + + meta = with stdenv.lib; { + description = "A tiling window manager for X11"; + homepage = https://github.com/stumpwm/; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ _1126 ]; + platforms = platforms.linux; + }; +} \ No newline at end of file diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index f8382928e0b9..07d3b3a54323 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -10183,7 +10183,8 @@ let stp = callPackage ../applications/science/logic/stp {}; - stumpwm = lispPackages.stumpwm; + stumpwm = callPackage ../applications/window-managers/stumpwm {}; + stumpwmContrib = callPackage ../applications/window-managers/stumpwm/contrib.nix {}; sublime = callPackage ../applications/editors/sublime { }; -- cgit 1.4.1 From fc7098abf772ad5b4e737f4e6df1fd8b7e9e7f2b Mon Sep 17 00:00:00 2001 From: Charles Strahan Date: Sun, 5 Oct 2014 13:57:15 -0400 Subject: logstash service improvements * add logstash-contrib plugins package * add additional options to the logstash service --- nixos/modules/services/logging/logstash.nix | 69 ++++++++++++++++++++++++----- pkgs/tools/misc/logstash/contrib.nix | 31 +++++++++++++ pkgs/top-level/all-packages.nix | 2 + 3 files changed, 91 insertions(+), 11 deletions(-) create mode 100644 pkgs/tools/misc/logstash/contrib.nix (limited to 'nixos/modules') diff --git a/nixos/modules/services/logging/logstash.nix b/nixos/modules/services/logging/logstash.nix index df81ac142dc3..41f71be2365c 100644 --- a/nixos/modules/services/logging/logstash.nix +++ b/nixos/modules/services/logging/logstash.nix @@ -4,6 +4,9 @@ with lib; let cfg = config.services.logstash; + pluginPath = lib.concatStringsSep ":" cfg.plugins; + havePluginPath = lib.length cfg.plugins > 0; + ops = lib.optionalString; in @@ -20,12 +23,50 @@ in description = "Enable logstash."; }; + package = mkOption { + type = types.package; + default = pkgs.logstash; + example = literalExample "pkgs.logstash"; + description = "Logstash package to use."; + }; + + plugins = mkOption { + type = types.listOf types.path; + default = [ ]; + example = literalExample "[ pkgs.logstash-contrib ]"; + description = "The paths to find other logstash plugins in."; + }; + + watchdogTimeout = mkOption { + type = types.int; + default = 10; + description = "Set watchdog timeout value in seconds."; + }; + + filterWorkers = mkOption { + type = types.int; + default = 1; + description = "The quantity of filter workers to run."; + }; + enableWeb = mkOption { type = types.bool; default = false; description = "Enable the logstash web interface."; }; + address = mkOption { + type = types.str; + default = "0.0.0.0"; + description = "Address on which to start webserver."; + }; + + port = mkOption { + type = types.str; + default = "9292"; + description = "Port on which to start webserver."; + }; + inputConfig = mkOption { type = types.lines; default = ''stdin { type => "example" }''; @@ -79,19 +120,25 @@ in wantedBy = [ "multi-user.target" ]; environment = { JAVA_HOME = jre; }; serviceConfig = { - ExecStart = "${logstash}/bin/logstash agent -f ${writeText "logstash.conf" '' - input { - ${cfg.inputConfig} - } + ExecStart = + "${cfg.package}/bin/logstash agent " + + "-w ${toString cfg.filterWorkers} " + + ops havePluginPath "--pluginpath ${pluginPath} " + + "--watchdog-timeout ${toString cfg.watchdogTimeout} " + + "-f ${writeText "logstash.conf" '' + input { + ${cfg.inputConfig} + } - filter { - ${cfg.filterConfig} - } + filter { + ${cfg.filterConfig} + } - output { - ${cfg.outputConfig} - } - ''} ${optionalString cfg.enableWeb "-- web"}"; + output { + ${cfg.outputConfig} + } + ''} " + + ops cfg.enableWeb "-- web -a ${cfg.address} -p ${cfg.port}"; }; }; }; diff --git a/pkgs/tools/misc/logstash/contrib.nix b/pkgs/tools/misc/logstash/contrib.nix new file mode 100644 index 000000000000..c019803f9035 --- /dev/null +++ b/pkgs/tools/misc/logstash/contrib.nix @@ -0,0 +1,31 @@ +{ stdenv, lib, fetchzip }: + +# Note that plugins are supposed to be installed as: +# $path/logstash/{inputs,codecs,filters,outputs}/*.rb +stdenv.mkDerivation rec { + version = "1.4.2"; + name = "logstash-contrib-${version}"; + + src = fetchzip { + url = "http://download.elasticsearch.org/logstash/logstash/logstash-contrib-${version}.tar.gz"; + sha256 = "1yj8sf3b526gixh3c6zhgkfpg4f0c72p1lzhfhdx8b3lw7zjkj0k"; + }; + + dontBuild = true; + dontPatchELF = true; + dontStrip = true; + dontPatchShebangs = true; + + installPhase = '' + mkdir -p $out/logstash + cp -r lib/* $out + ''; + + meta = with lib; { + description = "Community-maintained logstash plugins"; + homepage = https://github.com/elasticsearch/logstash-contrib; + license = stdenv.lib.licenses.asl20; + platforms = stdenv.lib.platforms.unix; + maintainers = with maintainers; [ cstrahan ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index f4286623be8d..ba26fca87f2b 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -1494,6 +1494,8 @@ let logstash = callPackage ../tools/misc/logstash { }; + logstash-contrib = callPackage ../tools/misc/logstash/contrib.nix { }; + logstash-forwarder = callPackage ../tools/misc/logstash-forwarder { }; kippo = callPackage ../servers/kippo { }; -- cgit 1.4.1 From b4a335cd59145a001d4bd6aa6a1e8b39a000a373 Mon Sep 17 00:00:00 2001 From: Domen Kožar Date: Tue, 7 Oct 2014 10:53:01 +0200 Subject: nixos: add redmine service --- nixos/modules/misc/ids.nix | 2 + nixos/modules/module-list.nix | 1 + nixos/modules/services/misc/redmine.nix | 222 ++++++++++++++++++++++++++++++++ 3 files changed, 225 insertions(+) create mode 100644 nixos/modules/services/misc/redmine.nix (limited to 'nixos/modules') diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix index fa51f831481a..89ee3c675efb 100644 --- a/nixos/modules/misc/ids.nix +++ b/nixos/modules/misc/ids.nix @@ -154,6 +154,7 @@ collectd = 144; consul = 145; mailpile = 146; + redmine = 147; # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399! @@ -275,6 +276,7 @@ riemanndash = 138; uhub = 142; mailpile = 146; + redmine = 147; # When adding a gid, make sure it doesn't match an existing uid. And don't use gids above 399! diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 3db44a4d8de5..46a343460715 100755 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -174,6 +174,7 @@ ./services/misc/nixos-manual.nix ./services/misc/nix-ssh-serve.nix ./services/misc/phd.nix + ./services/misc/redmine.nix ./services/misc/rippled.nix ./services/misc/rogue.nix ./services/misc/siproxd.nix diff --git a/nixos/modules/services/misc/redmine.nix b/nixos/modules/services/misc/redmine.nix new file mode 100644 index 000000000000..d7e64590f503 --- /dev/null +++ b/nixos/modules/services/misc/redmine.nix @@ -0,0 +1,222 @@ +{ config, lib, pkgs, ... }: + +# TODO: support non-postgresql + +with lib; + +let + cfg = config.services.redmine; + + ruby = pkgs.ruby; + rubyLibs = pkgs.rubyLibs; + + databaseYml = '' + production: + adapter: postgresql + database: ${cfg.databaseName} + host: ${cfg.databaseHost} + password: ${cfg.databasePassword} + username: ${cfg.databaseUsername} + encoding: utf8 + ''; + + configurationYml = '' + default: + # Absolute path to the directory where attachments are stored. + # The default is the 'files' directory in your Redmine instance. + # Your Redmine instance needs to have write permission on this + # directory. + # Examples: + # attachments_storage_path: /var/redmine/files + # attachments_storage_path: D:/redmine/files + attachments_storage_path: ${cfg.stateDir}/files + + # Absolute path to the SCM commands errors (stderr) log file. + # The default is to log in the 'log' directory of your Redmine instance. + # Example: + # scm_stderr_log_file: /var/log/redmine_scm_stderr.log + scm_stderr_log_file: ${cfg.stateDir}/redmine_scm_stderr.log + + ${cfg.extraConfig} + ''; + + unpackTheme = unpack "theme"; + unpackPlugin = unpack "plugin"; + unpack = id: (name: source: + pkgs.stdenv.mkDerivation { + name = "redmine-${id}-${name}"; + buildInputs = [ pkgs.unzip ]; + buildCommand = '' + mkdir -p $out + cd $out + unpackFile ${source} + ''; + }); + +in { + + options = { + services.redmine = { + enable = mkOption { + type = types.bool; + default = false; + description = '' + Enable the redmine service. + ''; + }; + + stateDir = mkOption { + type = types.str; + default = "/var/redmine"; + description = "The state directory, logs and plugins are stored here"; + }; + + extraConfig = mkOption { + type = types.str; + default = ""; + description = "Extra configuration in configuration.yml"; + }; + + themes = mkOption { + type = types.attrsOf types.path; + default = {}; + description = "Set of themes"; + }; + + plugins = mkOption { + type = types.attrsOf types.path; + default = {}; + description = "Set of plugins"; + }; + + #databaseType = mkOption { + # type = types.str; + # default = "postgresql"; + # description = "Type of database"; + #}; + + databaseHost = mkOption { + type = types.str; + default = "127.0.0.1"; + description = "Database hostname"; + }; + + databasePassword = mkOption { + type = types.str; + default = ""; + description = "Database user password"; + }; + + databaseName = mkOption { + type = types.str; + default = "redmine"; + description = "Database name"; + }; + + databaseUsername = mkOption { + type = types.str; + default = "redmine"; + description = "Database user"; + }; + }; + }; + + config = mkIf cfg.enable { + + assertions = [ + { assertion = cfg.databasePassword != ""; + message = "databasePassword must be set"; + } + ]; + + users.extraUsers = [ + { name = "redmine"; + group = "redmine"; + uid = config.ids.uids.redmine; + } ]; + + users.extraGroups = [ + { name = "redmine"; + gid = config.ids.gids.redmine; + } ]; + + systemd.services.redmine = { + after = [ "network.target" "postgresql.service" ]; + wantedBy = [ "multi-user.target" ]; + environment.RAILS_ENV = "production"; + environment.RAILS_ETC = "${cfg.stateDir}/config"; + environment.RAILS_LOG = "${cfg.stateDir}/log"; + environment.RAILS_VAR = "${cfg.stateDir}/var"; + environment.RAILS_CACHE = "${cfg.stateDir}/cache"; + environment.RAILS_PLUGINS = "${cfg.stateDir}/plugins"; + environment.RAILS_PUBLIC = "${cfg.stateDir}/public"; + environment.RAILS_TMP = "${cfg.stateDir}/tmp"; + environment.SCHEMA = "${cfg.stateDir}/cache/schema.db"; + environment.HOME = "${pkgs.redmine}/share/redmine"; + environment.REDMINE_LANG = "en"; + environment.GEM_HOME = "${pkgs.redmine}/share/redmine/vendor/bundle/ruby/1.9.1"; + environment.GEM_PATH = "${rubyLibs.bundler}/lib/ruby/gems/1.9"; + path = with pkgs; [ + imagemagickBig + subversion + mercurial + cvs + config.services.postgresql.package + bazaar + gitAndTools.git + # once we build binaries for darc enable it + #darcs + ]; + preStart = '' + # TODO: use env vars + for i in plugins public/plugin_assets db files log config cache var/files tmp; do + mkdir -p ${cfg.stateDir}/$i + done + + chown -R redmine:redmine ${cfg.stateDir} + chmod -R 755 ${cfg.stateDir} + + rm -rf ${cfg.stateDir}/public/* + cp -R ${pkgs.redmine}/share/redmine/public/* ${cfg.stateDir}/public/ + for theme in ${concatStringsSep " " (mapAttrsToList unpackTheme cfg.themes)}; do + ln -fs $theme/* ${cfg.stateDir}/public/themes/ + done + + rm -rf ${cfg.stateDir}/plugins/* + for plugin in ${concatStringsSep " " (mapAttrsToList unpackPlugin cfg.plugins)}; do + ln -fs $plugin/* ${cfg.stateDir}/plugins/''${plugin##*-redmine-plugin-} + done + + ln -fs ${pkgs.writeText "database.yml" databaseYml} ${cfg.stateDir}/config/database.yml + ln -fs ${pkgs.writeText "configuration.yml" configurationYml} ${cfg.stateDir}/config/configuration.yml + + if [ "${cfg.databaseHost}" = "127.0.0.1" ]; then + if ! test -e "${cfg.stateDir}/db-created"; then + psql postgres -c "CREATE ROLE redmine WITH LOGIN NOCREATEDB NOCREATEROLE NOCREATEUSER ENCRYPTED PASSWORD '${cfg.databasePassword}'" + ${config.services.postgresql.package}/bin/createdb --owner redmine redmine || true + touch "${cfg.stateDir}/db-created" + fi + fi + + cd ${pkgs.redmine}/share/redmine/ + ${ruby}/bin/rake db:migrate + ${ruby}/bin/rake redmine:plugins:migrate + ${ruby}/bin/rake redmine:load_default_data + ${ruby}/bin/rake generate_secret_token + ''; + + serviceConfig = { + PermissionsStartOnly = true; # preStart must be run as root + Type = "simple"; + User = "redmine"; + Group = "redmine"; + TimeoutSec = "300"; + WorkingDirectory = "${pkgs.redmine}/share/redmine"; + ExecStart="${ruby}/bin/ruby ${pkgs.redmine}/share/redmine/script/rails server webrick -e production -P ${cfg.stateDir}/redmine.pid"; + }; + + }; + + }; + +} -- cgit 1.4.1 From 4941b96f0ce45bcc9c922e9a219aa2792753a09a Mon Sep 17 00:00:00 2001 From: Domen Kožar Date: Tue, 7 Oct 2014 21:02:18 +0200 Subject: eval fix --- nixos/modules/config/pulseaudio.nix | 5 ++--- nixos/tests/installer.nix | 2 +- 2 files changed, 3 insertions(+), 4 deletions(-) (limited to 'nixos/modules') diff --git a/nixos/modules/config/pulseaudio.nix b/nixos/modules/config/pulseaudio.nix index 737f0abc52f0..8b38489a8c19 100644 --- a/nixos/modules/config/pulseaudio.nix +++ b/nixos/modules/config/pulseaudio.nix @@ -12,7 +12,7 @@ let # Forces 32bit pulseaudio and alsaPlugins to be built/supported for apps # using 32bit alsa on 64bit linux. - enable32BitAlsaPlugins = stdenv.isx86_64 && (pkgs_i686.alsaLib != null); + enable32BitAlsaPlugins = stdenv.isx86_64 && (pkgs_i686.alsaLib != null && pkgs_i686.pulseaudio != null); ids = config.ids; @@ -126,8 +126,7 @@ in { (mkIf cfg.enable { environment.systemPackages = [ cfg.package - (lib.optional enable32BitAlsaPlugins pkgs_i686.pulseaudio) - ]; + ] ++ lib.optionals enable32BitAlsaPlugins [ pkgs_i686.pulseaudio ]; environment.etc = singleton { target = "asound.conf"; diff --git a/nixos/tests/installer.nix b/nixos/tests/installer.nix index 165146a34792..4ee0e064c100 100644 --- a/nixos/tests/installer.nix +++ b/nixos/tests/installer.nix @@ -101,7 +101,7 @@ let iface = if grubVersion == 1 then "scsi" else "virtio"; qemuFlags = (if iso.system == "x86_64-linux" then "-m 768 " else "-m 512 ") + - (optionalString (iso.system == "x86_64-linux") "-cpu kvm64 ") + + (optionalString (iso.system == "x86_64-linux") "-cpu kvm64 "); hdFlags =''hda => "harddisk", hdaInterface => "${iface}", ''; in '' -- cgit 1.4.1 From 362699376a7b9ca77919b89574b1d8acfbe57e48 Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Tue, 7 Oct 2014 23:06:35 -0700 Subject: nixos/network-interfaces: Bond interface configuration must wait for the bond device service Also fixes some formatting and removal of slave devices. --- nixos/modules/tasks/network-interfaces.nix | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) (limited to 'nixos/modules') diff --git a/nixos/modules/tasks/network-interfaces.nix b/nixos/modules/tasks/network-interfaces.nix index 6f6000cf3397..22b52f77b145 100644 --- a/nixos/modules/tasks/network-interfaces.nix +++ b/nixos/modules/tasks/network-interfaces.nix @@ -773,29 +773,28 @@ in wantedBy = [ "network.target" (subsystemDevice n) ]; bindsTo = deps; after = deps; + before = [ "${n}-cfg.service" ]; serviceConfig.Type = "oneshot"; serviceConfig.RemainAfterExit = true; path = [ pkgs.ifenslave pkgs.iproute ]; script = '' - # Remove Dead Interfaces - ip link set "${n}" down >/dev/null 2>&1 || true - ifenslave -d "${n}" >/dev/null 2>&1 || true - ip link del "${n}" >/dev/null 2>&1 || true - ip link add name "${n}" type bond # !!! There must be a better way to wait for the interface while [ ! -d /sys/class/net/${n} ]; do sleep 0.1; done; + # Ensure the link is down so that we can set options + ip link set "${n}" down + # Set the miimon and mode options ${optionalString (v.miimon != null) - "echo ${toString v.miimon} > /sys/class/net/${n}/bonding/miimon"} + "echo \"${toString v.miimon}\" >/sys/class/net/${n}/bonding/miimon"} ${optionalString (v.mode != null) - "echo \"${v.mode}\" > /sys/class/net/${n}/bonding/mode"} + "echo \"${v.mode}\" >/sys/class/net/${n}/bonding/mode"} ${optionalString (v.lacp_rate != null) - "echo \"${v.lacp_rate}\" > /sys/class/net/${n}/bonding/lacp_rate"} + "echo \"${v.lacp_rate}\" >/sys/class/net/${n}/bonding/lacp_rate"} ${optionalString (v.xmit_hash_policy != null) - "echo \"${v.xmit_hash_policy}\" > /sys/class/net/${n}/bonding/xmit_hash_policy"} + "echo \"${v.xmit_hash_policy}\" >/sys/class/net/${n}/bonding/xmit_hash_policy"} # Bring up the bond and enslave the specified interfaces ip link set "${n}" up @@ -804,8 +803,10 @@ in '')} ''; postStop = '' - ip link set "${n}" down >dev/null 2>&1 || true - ifenslave -d "${n}" >/dev/null 2>&1 || true + ${flip concatMapStrings v.interfaces (i: '' + ifenslave -d "${n}" "${i}" >/dev/null 2>&1 || true + '')} + ip link set "${n}" down >/dev/null 2>&1 || true ip link del "${n}" >/dev/null 2>&1 || true ''; }); -- cgit 1.4.1 From 058bf4ccc407e80c943715bec7f73d71fba28c3c Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 10 Oct 2014 17:16:10 +0200 Subject: Create a udev rule for /dev/root In the installation CD, this ensures that systemd will see a proper udev node for /dev/root. Fixes #4399. Borrowed from http://lists.freedesktop.org/archives/systemd-devel/2014-July/020988.html --- nixos/modules/system/boot/stage-1-init.sh | 8 ++++++++ nixos/modules/system/boot/stage-1.nix | 3 --- 2 files changed, 8 insertions(+), 3 deletions(-) (limited to 'nixos/modules') diff --git a/nixos/modules/system/boot/stage-1-init.sh b/nixos/modules/system/boot/stage-1-init.sh index f14f105ef239..5a9beeeafa1d 100644 --- a/nixos/modules/system/boot/stage-1-init.sh +++ b/nixos/modules/system/boot/stage-1-init.sh @@ -368,6 +368,14 @@ exec 3>&- @postMountCommands@ +# Emit a udev rule for /dev/root to prevent systemd from complaining. +eval $(udevadm info --export --export-prefix=ROOT_ --device-id-of-file=$targetRoot || true) +if [ "$ROOT_MAJOR" -a "$ROOT_MINOR" -a "$ROOT_MAJOR" != 0 ]; then + mkdir -p /run/udev/rules.d + echo 'ACTION=="add|change", SUBSYSTEM=="block", ENV{MAJOR}=="'$ROOT_MAJOR'", ENV{MINOR}=="'$ROOT_MINOR'", SYMLINK+="root"' > /run/udev/rules.d/61-dev-root-link.rules +fi + + # Stop udevd. udevadm control --exit || true diff --git a/nixos/modules/system/boot/stage-1.nix b/nixos/modules/system/boot/stage-1.nix index 1ec11e70e845..6b09559876ca 100644 --- a/nixos/modules/system/boot/stage-1.nix +++ b/nixos/modules/system/boot/stage-1.nix @@ -346,9 +346,6 @@ in (isYes "BLK_DEV_INITRD") ]; - # Prevent systemd from waiting for the /dev/root symlink. - systemd.units."dev-root.device".text = ""; - boot.initrd.supportedFilesystems = map (fs: fs.fsType) fileSystems; }; -- cgit 1.4.1 From a5bed86fa450fe22f8855c7c0bc6b1ccf4be6653 Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Sat, 11 Oct 2014 01:53:24 -0700 Subject: zfs: zpool-import service must be wanted to start --- nixos/modules/tasks/filesystems/zfs.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'nixos/modules') diff --git a/nixos/modules/tasks/filesystems/zfs.nix b/nixos/modules/tasks/filesystems/zfs.nix index 1c4bbc16b499..eb72bfba33c0 100644 --- a/nixos/modules/tasks/filesystems/zfs.nix +++ b/nixos/modules/tasks/filesystems/zfs.nix @@ -155,6 +155,7 @@ in systemd.services."zpool-import" = { description = "Import zpools"; after = [ "systemd-udev-settle.service" ]; + wantedBy = [ "local-fs.target" ]; serviceConfig = { Type = "oneshot"; RemainAfterExit = true; -- cgit 1.4.1 From d86c2c30c52fd3bcf971b9d3e370823135a2c8b7 Mon Sep 17 00:00:00 2001 From: Markus Kohlhase Date: Tue, 2 Sep 2014 17:08:56 +0200 Subject: prosody: packaged as a service Conflicts: nixos/modules/misc/ids.nix --- nixos/modules/misc/ids.nix | 4 + nixos/modules/module-list.nix | 1 + nixos/modules/services/networking/prosody.nix | 275 ++++++++++++++++++++++++++ pkgs/servers/xmpp/prosody/default.nix | 45 +++++ pkgs/top-level/all-packages.nix | 7 +- pkgs/top-level/lua-packages.nix | 55 +++++- 6 files changed, 384 insertions(+), 3 deletions(-) create mode 100644 nixos/modules/services/networking/prosody.nix create mode 100644 pkgs/servers/xmpp/prosody/default.nix (limited to 'nixos/modules') diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix index fa51f831481a..8472821f7867 100644 --- a/nixos/modules/misc/ids.nix +++ b/nixos/modules/misc/ids.nix @@ -155,6 +155,8 @@ consul = 145; mailpile = 146; + prosody = 148; + # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399! nixbld = 30000; # start of range of uids @@ -276,6 +278,8 @@ uhub = 142; mailpile = 146; + prosody = 148; + # When adding a gid, make sure it doesn't match an existing uid. And don't use gids above 399! users = 100; diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 3db44a4d8de5..ba30c61bb8dc 100755 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -250,6 +250,7 @@ ./services/networking/polipo.nix ./services/networking/prayer.nix ./services/networking/privoxy.nix + ./services/networking/prosody.nix ./services/networking/quassel.nix ./services/networking/radicale.nix ./services/networking/radvd.nix diff --git a/nixos/modules/services/networking/prosody.nix b/nixos/modules/services/networking/prosody.nix new file mode 100644 index 000000000000..51089d00244c --- /dev/null +++ b/nixos/modules/services/networking/prosody.nix @@ -0,0 +1,275 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + + cfg = config.services.prosody; + + sslOpts = { ... }: { + + options = { + + # TODO: require attribute + key = mkOption { + type = types.str; + description = "Path to the key file"; + }; + + # TODO: require attribute + cert = mkOption { + type = types.str; + description = "Path to the certificate file"; + }; + }; + }; + + moduleOpts = { + + roster = mkOption { + default = true; + description = "Allow users to have a roster"; + }; + + saslauth = mkOption { + default = true; + description = "Authentication for clients and servers. Recommended if you want to log in."; + }; + + tls = mkOption { + default = true; + description = "Add support for secure TLS on c2s/s2s connections"; + }; + + dialback = mkOption { + default = true; + description = "s2s dialback support"; + }; + + disco = mkOption { + default = true; + description = "Service discovery"; + }; + + legacyauth = mkOption { + default = true; + description = "Legacy authentication. Only used by some old clients and bots"; + }; + + version = mkOption { + default = true; + description = "Replies to server version requests"; + }; + + uptime = mkOption { + default = true; + description = "Report how long server has been running"; + }; + + time = mkOption { + default = true; + description = "Let others know the time here on this server"; + }; + + ping = mkOption { + default = true; + description = "Replies to XMPP pings with pongs"; + }; + + console = mkOption { + default = false; + description = "telnet to port 5582"; + }; + + bosh = mkOption { + default = false; + description = "Enable BOSH clients, aka 'Jabber over HTTP'"; + }; + + httpserver = mkOption { + default = false; + description = "Serve static files from a directory over HTTP"; + }; + + }; + + createSSLOptsStr = o: + if o ? key && o ? cert then + ''ssl = { key = "${o.key}"; certificate = "${o.cert}"; };'' + else ""; + + vHostOpts = { ... }: { + + options = { + + # TODO: require attribute + domain = mkOption { + type = types.str; + description = "Domain name"; + }; + + enabled = mkOption { + default = false; + description = "Whether to enable the virtual host"; + }; + + ssl = mkOption { + description = "Paths to SSL files"; + default = null; + options = [ sslOpts ]; + }; + + extraConfig = mkOption { + default = ''''; + description = "Additional virtual host specific configuration"; + }; + + }; + + }; + +in + +{ + + ###### interface + + options = { + + services.prosody = { + + enable = mkOption { + default = false; + description = "Whether to enable the prosody server"; + }; + + allowRegistration = mkOption { + default = false; + description = "Allow account creation"; + }; + + modules = moduleOpts; + + extraModules = mkOption { + description = "Enable custom modules"; + default = []; + }; + + virtualHosts = mkOption { + + description = "Define the virtual hosts"; + + type = types.loaOf types.optionSet; + + example = { + myhost = { + domain = "my-xmpp-example-host.org"; + enabled = true; + }; + }; + + default = { + localhost = { + domain = "localhost"; + enabled = true; + }; + }; + + options = [ vHostOpts ]; + }; + + ssl = mkOption { + description = "Paths to SSL files"; + default = null; + options = [ sslOpts ]; + }; + + admins = mkOption { + description = "List of administrators of the current host"; + example = [ "admin1@example.com" "admin2@example.com" ]; + default = []; + }; + + extraConfig = mkOption { + default = ''''; + description = "Additional prosody configuration"; + }; + + }; + }; + + + ###### implementation + + config = mkIf cfg.enable { + + environment.systemPackages = [ pkgs.prosody ]; + + environment.etc."prosody/prosody.cfg.lua".text = '' + + pidfile = "/var/lib/prosody/prosody.pid" + + + log = "*syslog" + + data_path = "/var/lib/prosody" + + allow_registration = ${ if cfg.allowRegistration then "true" else "false" }; + + ${ optionalString cfg.modules.console "console_enabled = true;" } + + ${ optionalString (cfg.ssl != null) (createSSLOptsStr cfg.ssl) } + + admins = { ${lib.concatStringsSep ", " (map (n: "\"${n}\"") cfg.admins) } }; + + modules_enabled = { + + ${ lib.concatStringsSep "\n\ \ " (lib.mapAttrsToList + (name: val: optionalString val ''"${name}";'') + cfg.modules) } + + ${ optionalString cfg.allowRegistration "\"register\"\;" } + + ${ lib.concatStringsSep "\n" (map (x: "\"${x}\";") cfg.extraModules)} + + "posix"; + }; + + ${ cfg.extraConfig } + + ${ lib.concatStringsSep "\n" (lib.mapAttrsToList (n: v: '' + VirtualHost "${v.domain}" + enabled = ${if v.enabled then "true" else "false"}; + ${ optionalString (v.ssl != null) (createSSLOptsStr v.ssl) } + ${ v.extraConfig } + '') cfg.virtualHosts) } + ''; + + users.extraUsers.prosody = { + uid = config.ids.uids.prosody; + description = "Prosody user"; + createHome = true; + group = "prosody"; + home = "/var/lib/prosody"; + }; + + users.extraGroups.prosody = { + gid = config.ids.gids.prosody; + }; + + systemd.services.prosody = { + + description = "Prosody XMPP server"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + User = "prosody"; + PIDFile = "/var/lib/prosody/prosody.pid"; + ExecStart = "${pkgs.prosody}/bin/prosodyctl start"; + }; + + }; + + }; + +} diff --git a/pkgs/servers/xmpp/prosody/default.nix b/pkgs/servers/xmpp/prosody/default.nix new file mode 100644 index 000000000000..4bd1b594c268 --- /dev/null +++ b/pkgs/servers/xmpp/prosody/default.nix @@ -0,0 +1,45 @@ +{ stdenv, fetchurl, lua5, luasocket, luasec, luaexpat, luafilesystem, libidn, openssl, makeWrapper }: + +let + libs = [ luasocket luasec luaexpat luafilesystem ]; + getPath = lib : type : "${lib}/lib/lua/${lua5.luaversion}/?.${type};${lib}/share/lua/${lua5.luaversion}/?.${type}"; + getLuaPath = lib : getPath lib "lua"; + getLuaCPath = lib : getPath lib "so"; + luaPath = stdenv.lib.concatStringsSep ";" (map getLuaPath libs); + luaCPath = stdenv.lib.concatStringsSep ";" (map getLuaCPath libs); +in + +stdenv.mkDerivation rec { + version = "0.9.4"; + name = "prosody-${version}"; + src = fetchurl { + url = "http://prosody.im/downloads/source/${name}.tar.gz"; + sha256 = "be87cf31901a25477869b4ebd52e298f63a5effacae526911a0be876cc82e1c6"; + }; + + buildInputs = [ lua5 luasocket luasec luaexpat libidn openssl makeWrapper ]; + + configureFlags = [ + "--ostype=linux" + "--with-lua-include=${lua5}/include" + "--with-lua=${lua5}" + ]; + + postInstall = '' + wrapProgram $out/bin/prosody \ + --set LUA_PATH '"${luaPath};"' \ + --set LUA_CPATH '"${luaCPath};"' + wrapProgram $out/bin/prosodyctl \ + --add-flags '--config "/etc/prosody/prosody.cfg.lua"' \ + --set LUA_PATH '"${luaPath};"' \ + --set LUA_CPATH '"${luaCPath};"' + ''; + + meta = { + description = "Open-source XMPP application server written in Lua"; + license = stdenv.lib.licenses.mit; + homepage = http://www.prosody.im; + platforms = stdenv.lib.platforms.linux; + maintainers = [ stdenv.lib.maintainers.flosse ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index f8382928e0b9..593156215d29 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -3771,7 +3771,6 @@ let lua = lua5; lua51Packages = recurseIntoAttrs (callPackage ./lua-packages.nix { lua = lua5_1; }); - lua52Packages = recurseIntoAttrs (callPackage ./lua-packages.nix { lua = lua5_2; }); luaPackages = lua52Packages; @@ -7137,6 +7136,12 @@ let erlang = erlangR16; }; + prosody = recurseIntoAttrs ( + callPackage ../servers/xmpp/prosody { + lua5 = lua5_1; + inherit (lua51Packages) luasocket luasec luaexpat luafilesystem; + }); + elasticmq = callPackage ../servers/elasticmq { }; etcdctl = callPackage ../development/tools/etcdctl { }; diff --git a/pkgs/top-level/lua-packages.nix b/pkgs/top-level/lua-packages.nix index 8a44a997c071..a69009a34fe6 100644 --- a/pkgs/top-level/lua-packages.nix +++ b/pkgs/top-level/lua-packages.nix @@ -7,7 +7,7 @@ { fetchurl, stdenv, lua, callPackage, unzip, zziplib, pcre, oniguruma, gnulib, tre, glibc, -sqlite }: +sqlite, openssl, expat }: let isLua51 = lua.luaversion == "5.1"; @@ -23,7 +23,32 @@ let inherit lua; }; - luafilesystem = buildLuaPackage { + luaexpat = buildLuaPackage rec { + version = "1.3.0"; + name = "expat-${version}"; + isLibrary = true; + src = fetchurl { + url = "https://matthewwild.co.uk/projects/luaexpat/luaexpat-${version}.tar.gz"; + sha256 = "1hvxqngn0wf5642i5p3vcyhg3pmp102k63s9ry4jqyyqc1wkjq6h"; + }; + + buildInputs = [ expat ]; + + preBuild = '' + makeFlagsArray=( + LUA_LDIR="$out/share/lua/${lua.luaversion}" + LUA_INC="-I${lua}/include" LUA_CDIR="$out/lib/lua/${lua.luaversion}" + EXPAT_INC="-I${expat}/include"); + ''; + + meta = { + homepage = "http://matthewwild.co.uk/projects/luaexpat"; + hydraPlatforms = stdenv.lib.platforms.linux; + maintainers = [ stdenv.lib.maintainers.flosse ]; + }; + }; + + luafilesystem = buildLuaPackage rec { name = "filesystem-1.6.2"; src = fetchurl { url = "https://github.com/keplerproject/luafilesystem/archive/v1_6_2.tar.gz"; @@ -36,6 +61,32 @@ let }; }; + luasec = buildLuaPackage rec { + version = "0.5"; + name = "sec-${version}"; + src = fetchurl { + url = "https://github.com/brunoos/luasec/archive/luasec-${version}.tar.gz"; + sha256 = "08rm12cr1gjdnbv2jpk7xykby9l292qmz2v0dfdlgb4jfj7mk034"; + }; + + buildInputs = [ openssl ]; + + preBuild = '' + makeFlagsArray=( + linux + LUAPATH="$out/lib/lua/${lua.luaversion}" + LUACPATH="$out/lib/lua/${lua.luaversion}" + INC_PATH="-I${lua}/include" + LIB_PATH="-L$out/lib"); + ''; + + meta = { + homepage = "https://github.com/brunoos/luasec"; + hydraPlatforms = stdenv.lib.platforms.linux; + maintainers = [ stdenv.lib.maintainers.flosse ]; + }; + }; + luasocket = buildLuaPackage rec { name = "socket-${version}"; version = "2.0.2"; -- cgit 1.4.1 From 561d3b38601dfe12b859ed6de402bd01d4196d3b Mon Sep 17 00:00:00 2001 From: Matej Cotman Date: Mon, 6 Oct 2014 21:25:10 +0200 Subject: seeks: nixos module --- nixos/modules/misc/ids.nix | 2 + nixos/modules/module-list.nix | 1 + nixos/modules/services/networking/seeks.nix | 75 +++++++++++++++++++++++++++++ 3 files changed, 78 insertions(+) create mode 100644 nixos/modules/services/networking/seeks.nix (limited to 'nixos/modules') diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix index dc5d1b7a6d23..d28624c4326f 100644 --- a/nixos/modules/misc/ids.nix +++ b/nixos/modules/misc/ids.nix @@ -155,6 +155,7 @@ consul = 145; mailpile = 146; redmine = 147; + seeks = 148; prosody = 148; @@ -279,6 +280,7 @@ uhub = 142; mailpile = 146; redmine = 147; + seeks = 148; prosody = 148; diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 35706f874ce0..17d3140b087f 100755 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -259,6 +259,7 @@ ./services/networking/rpcbind.nix ./services/networking/sabnzbd.nix ./services/networking/searx.nix + ./services/networking/seeks.nix ./services/networking/spiped.nix ./services/networking/ssh/lshd.nix ./services/networking/ssh/sshd.nix diff --git a/nixos/modules/services/networking/seeks.nix b/nixos/modules/services/networking/seeks.nix new file mode 100644 index 000000000000..155ecbb98ef3 --- /dev/null +++ b/nixos/modules/services/networking/seeks.nix @@ -0,0 +1,75 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + + cfg = config.services.seeks; + + confDir = cfg.confDir; + + seeks = pkgs.seeks.override { seeks_confDir = confDir; }; + +in + +{ + + ###### interface + + options = { + + services.seeks = { + + enable = mkOption { + default = false; + type = types.bool; + description = " + Whether to enable the Seeks server. + "; + }; + + confDir = mkOption { + default = ""; + type = types.str; + description = " + The Seeks server configuration. If it is not specified, + a default configuration is used (${seeks}/etc/seeks). + "; + }; + + }; + + }; + + + ###### implementation + + config = mkIf config.services.seeks.enable { + + users.extraUsers.seeks = + { uid = config.ids.uids.seeks; + description = "Seeks user"; + createHome = true; + home = "/var/lib/seeks"; + }; + + users.extraGroups.seeks = + { gid = config.ids.gids.seeks; + }; + + systemd.services.seeks = + { + description = "Seeks server, the p2p search engine."; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + User = "seeks"; + ExecStart = "${seeks}/bin/seeks"; + }; + }; + + environment.systemPackages = [ seeks ]; + + }; + +} -- cgit 1.4.1 From 028807c3a09be032ebdbed13aa26b45a02a33301 Mon Sep 17 00:00:00 2001 From: Rob Vermaas Date: Tue, 14 Oct 2014 11:38:59 +0200 Subject: amazon-image.nix: Pass --option build-users-group '' to nix tools to make Amazon generation work with nix-1.8+ (cherry picked from commit 654eaeb2ca709908b0e6fdcc8eabd3af6b3c0a5d) --- nixos/modules/virtualisation/amazon-image.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'nixos/modules') diff --git a/nixos/modules/virtualisation/amazon-image.nix b/nixos/modules/virtualisation/amazon-image.nix index e129e496fe36..aab4f305aabb 100644 --- a/nixos/modules/virtualisation/amazon-image.nix +++ b/nixos/modules/virtualisation/amazon-image.nix @@ -70,10 +70,10 @@ in # Register the paths in the Nix database. printRegistration=1 perl ${pkgs.pathsFromGraph} /tmp/xchg/closure | \ - chroot /mnt ${config.nix.package}/bin/nix-store --load-db + chroot /mnt ${config.nix.package}/bin/nix-store --load-db --option build-users-group '' # Create the system profile to allow nixos-rebuild to work. - chroot /mnt ${config.nix.package}/bin/nix-env \ + chroot /mnt ${config.nix.package}/bin/nix-env --option build-users-group '' \ -p /nix/var/nix/profiles/system --set ${config.system.build.toplevel} # `nixos-rebuild' requires an /etc/NIXOS. -- cgit 1.4.1 From 8523d0e44c8d6abcc0da83b1597c584b51b9e3f4 Mon Sep 17 00:00:00 2001 From: Rob Vermaas Date: Tue, 14 Oct 2014 11:43:42 +0200 Subject: Dohh (cherry picked from commit b7451d91e8ecb70651fd2de81b2ec0faa8173aec) --- nixos/modules/virtualisation/amazon-image.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'nixos/modules') diff --git a/nixos/modules/virtualisation/amazon-image.nix b/nixos/modules/virtualisation/amazon-image.nix index aab4f305aabb..552d787b4478 100644 --- a/nixos/modules/virtualisation/amazon-image.nix +++ b/nixos/modules/virtualisation/amazon-image.nix @@ -70,10 +70,10 @@ in # Register the paths in the Nix database. printRegistration=1 perl ${pkgs.pathsFromGraph} /tmp/xchg/closure | \ - chroot /mnt ${config.nix.package}/bin/nix-store --load-db --option build-users-group '' + chroot /mnt ${config.nix.package}/bin/nix-store --load-db --option build-users-group "" # Create the system profile to allow nixos-rebuild to work. - chroot /mnt ${config.nix.package}/bin/nix-env --option build-users-group '' \ + chroot /mnt ${config.nix.package}/bin/nix-env --option build-users-group "" \ -p /nix/var/nix/profiles/system --set ${config.system.build.toplevel} # `nixos-rebuild' requires an /etc/NIXOS. -- cgit 1.4.1 From 54a0ac090c9c7cda53a110e4790d22d59e66eef3 Mon Sep 17 00:00:00 2001 From: Rickard Nilsson Date: Tue, 14 Oct 2014 15:20:27 +0200 Subject: nixos/syslog-ng: Replace option serviceName with listenToJournal. Fix socket activation --- nixos/modules/rename.nix | 1 + nixos/modules/services/logging/syslog-ng.nix | 24 +++++++++++++++--------- 2 files changed, 16 insertions(+), 9 deletions(-) (limited to 'nixos/modules') diff --git a/nixos/modules/rename.nix b/nixos/modules/rename.nix index 019fbc721b17..073a22207652 100644 --- a/nixos/modules/rename.nix +++ b/nixos/modules/rename.nix @@ -130,5 +130,6 @@ in zipModules ([] ++ obsolete' [ "boot" "initrd" "luks" "enable" ] ++ obsolete' [ "programs" "bash" "enable" ] ++ obsolete' [ "services" "samba" "defaultShare" ] +++ obsolete' [ "services" "syslog-ng" "serviceName" ] ) diff --git a/nixos/modules/services/logging/syslog-ng.nix b/nixos/modules/services/logging/syslog-ng.nix index 4a16b19134a0..64b288a11cd3 100644 --- a/nixos/modules/services/logging/syslog-ng.nix +++ b/nixos/modules/services/logging/syslog-ng.nix @@ -44,13 +44,13 @@ in { The package providing syslog-ng binaries. ''; }; - serviceName = mkOption { - type = types.str; - default = "syslog-ng"; + listenToJournal = mkOption { + type = types.bool; + default = true; description = '' - The name of the systemd service that runs syslog-ng. Set this to - syslog if you want journald to automatically - forward all logs to syslog-ng. + Whether syslog-ng should listen to the syslog socket used + by journald, and therefore receive all logs that journald + produces. ''; }; extraModulePaths = mkOption { @@ -76,12 +76,18 @@ in { }; config = mkIf cfg.enable { - systemd.services."${cfg.serviceName}" = { - wantedBy = [ "multi-user.target" ]; + systemd.sockets.syslog = mkIf cfg.listenToJournal { + wantedBy = [ "sockets.target" ]; + socketConfig.Service = "syslog-ng.service"; + }; + systemd.services.syslog-ng = { + description = "syslog-ng daemon"; preStart = "mkdir -p /{var,run}/syslog-ng"; + wantedBy = optional (!cfg.listenToJournal) "multi-user.target"; + after = [ "multi-user.target" ]; # makes sure hostname etc is set serviceConfig = { Type = "notify"; - Sockets = "syslog.socket"; + Sockets = if cfg.listenToJournal then "syslog.socket" else null; StandardOutput = "null"; Restart = "on-failure"; ExecStart = "${cfg.package}/sbin/syslog-ng ${concatStringsSep " " syslogngOptions}"; -- cgit 1.4.1 From 5308d3284bf2bb7f363cbf65d0b95b448e879784 Mon Sep 17 00:00:00 2001 From: Markus Kohlhase Date: Wed, 15 Oct 2014 03:57:00 +0200 Subject: prosody: added websocket support --- nixos/modules/services/networking/prosody.nix | 5 +++++ pkgs/servers/xmpp/prosody/default.nix | 13 ++++++++++--- pkgs/top-level/all-packages.nix | 2 +- 3 files changed, 16 insertions(+), 4 deletions(-) (limited to 'nixos/modules') diff --git a/nixos/modules/services/networking/prosody.nix b/nixos/modules/services/networking/prosody.nix index 51089d00244c..f82f8bfddbb7 100644 --- a/nixos/modules/services/networking/prosody.nix +++ b/nixos/modules/services/networking/prosody.nix @@ -91,6 +91,11 @@ let description = "Serve static files from a directory over HTTP"; }; + websocket = mkOption { + default = false; + description = "Enable WebSocket support"; + }; + }; createSSLOptsStr = o: diff --git a/pkgs/servers/xmpp/prosody/default.nix b/pkgs/servers/xmpp/prosody/default.nix index 4bd1b594c268..586f11085a21 100644 --- a/pkgs/servers/xmpp/prosody/default.nix +++ b/pkgs/servers/xmpp/prosody/default.nix @@ -1,7 +1,7 @@ -{ stdenv, fetchurl, lua5, luasocket, luasec, luaexpat, luafilesystem, libidn, openssl, makeWrapper }: +{ stdenv, fetchurl, lua5, luasocket, luasec, luaexpat, luafilesystem, luabitop, libidn, openssl, makeWrapper, fetchhg }: let - libs = [ luasocket luasec luaexpat luafilesystem ]; + libs = [ luasocket luasec luaexpat luafilesystem luabitop ]; getPath = lib : type : "${lib}/lib/lua/${lua5.luaversion}/?.${type};${lib}/share/lua/${lua5.luaversion}/?.${type}"; getLuaPath = lib : getPath lib "lua"; getLuaCPath = lib : getPath lib "so"; @@ -17,7 +17,13 @@ stdenv.mkDerivation rec { sha256 = "be87cf31901a25477869b4ebd52e298f63a5effacae526911a0be876cc82e1c6"; }; - buildInputs = [ lua5 luasocket luasec luaexpat libidn openssl makeWrapper ]; + communityModules = fetchhg { + url = "http://prosody-modules.googlecode.com/hg/"; + rev = "4b55110b0aa8"; + sha256 = "0010x2rl9f9ihy2nwqan2jdlz25433srj2zna1xh10490mc28hij"; + }; + + buildInputs = [ lua5 luasocket luasec luaexpat luabitop libidn openssl makeWrapper ]; configureFlags = [ "--ostype=linux" @@ -26,6 +32,7 @@ stdenv.mkDerivation rec { ]; postInstall = '' + cp $communityModules/mod_websocket/mod_websocket.lua $out/lib/prosody/modules/ wrapProgram $out/bin/prosody \ --set LUA_PATH '"${luaPath};"' \ --set LUA_CPATH '"${luaCPath};"' diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 593156215d29..38b968043b25 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -7139,7 +7139,7 @@ let prosody = recurseIntoAttrs ( callPackage ../servers/xmpp/prosody { lua5 = lua5_1; - inherit (lua51Packages) luasocket luasec luaexpat luafilesystem; + inherit (lua51Packages) luasocket luasec luaexpat luafilesystem luabitop; }); elasticmq = callPackage ../servers/elasticmq { }; -- cgit 1.4.1 From f59403382291c2ad8a7f77d6a6c520700ef74c7d Mon Sep 17 00:00:00 2001 From: Lluís Batlle i Rossell Date: Wed, 15 Oct 2014 10:56:41 +0200 Subject: nixos nfs: allow setting the lockd ports. This helps in setting a fixed firewall open port for NFS lockd. Based on: http://rlworkman.net/howtos/NFS_Firewall_HOWTO (cherry picked from commit b32ca0616ff70795f71995fa79ea508b82f30b3a) Conflicts: nixos/modules/services/network-filesystems/nfsd.nix --- nixos/modules/services/network-filesystems/nfsd.nix | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'nixos/modules') diff --git a/nixos/modules/services/network-filesystems/nfsd.nix b/nixos/modules/services/network-filesystems/nfsd.nix index 57d56cd72877..cb703977bfc7 100644 --- a/nixos/modules/services/network-filesystems/nfsd.nix +++ b/nixos/modules/services/network-filesystems/nfsd.nix @@ -63,6 +63,12 @@ in description = '' Use fixed port for rpc.mountd, usefull if server is behind firewall. ''; + + lockdPort = mkOption { + default = 0; + description = '' + Fix the lockd port number. This can help setting firewall rules for NFS. + ''; }; }; @@ -104,6 +110,9 @@ in # Create a state directory required by NFSv4. mkdir -p /var/lib/nfs/v4recovery + ${pkgs.procps}/sbin/sysctl -w fs.nfs.nlm_tcpport=${builtins.toString cfg.lockdPort} + ${pkgs.procps}/sbin/sysctl -w fs.nfs.nlm_udpport=${builtins.toString cfg.lockdPort} + rpc.nfsd \ ${if cfg.hostName != null then "-H ${cfg.hostName}" else ""} \ ${builtins.toString cfg.nproc} -- cgit 1.4.1 From bc015be0f3b08c52fca4fdfa1c350585d366554c Mon Sep 17 00:00:00 2001 From: Domen Kožar Date: Wed, 15 Oct 2014 12:00:20 +0200 Subject: fix eval --- nixos/modules/services/network-filesystems/nfsd.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'nixos/modules') diff --git a/nixos/modules/services/network-filesystems/nfsd.nix b/nixos/modules/services/network-filesystems/nfsd.nix index cb703977bfc7..893df51fc1f6 100644 --- a/nixos/modules/services/network-filesystems/nfsd.nix +++ b/nixos/modules/services/network-filesystems/nfsd.nix @@ -63,6 +63,7 @@ in description = '' Use fixed port for rpc.mountd, usefull if server is behind firewall. ''; + }; lockdPort = mkOption { default = 0; -- cgit 1.4.1 From 938f92e8b26cdc74a829852222af3623b90a521d Mon Sep 17 00:00:00 2001 From: Mathnerd314 Date: Mon, 14 Jul 2014 14:18:16 +0200 Subject: Fix the driver for qemu ("vesa" -> "modesetting") MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Domen Kožar --- nixos/modules/virtualisation/qemu-vm.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'nixos/modules') diff --git a/nixos/modules/virtualisation/qemu-vm.nix b/nixos/modules/virtualisation/qemu-vm.nix index 33f48d65d43e..a7610b3e11a0 100644 --- a/nixos/modules/virtualisation/qemu-vm.nix +++ b/nixos/modules/virtualisation/qemu-vm.nix @@ -383,7 +383,7 @@ in # When building a regular system configuration, override whatever # video driver the host uses. - services.xserver.videoDrivers = mkVMOverride [ "vesa" ]; + services.xserver.videoDrivers = mkVMOverride [ "modesetting" ]; services.xserver.defaultDepth = mkVMOverride 0; services.xserver.resolutions = mkVMOverride [ { x = 1024; y = 768; } ]; services.xserver.monitorSection = -- cgit 1.4.1 From 2ffe274486679965f3a608a65453396fd2e0b393 Mon Sep 17 00:00:00 2001 From: Rickard Nilsson Date: Wed, 15 Oct 2014 16:52:13 +0200 Subject: nixos/logrotate: Specify type for config option --- nixos/modules/services/logging/logrotate.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'nixos/modules') diff --git a/nixos/modules/services/logging/logrotate.nix b/nixos/modules/services/logging/logrotate.nix index 6887ab1e8052..ec5f2e9add0c 100644 --- a/nixos/modules/services/logging/logrotate.nix +++ b/nixos/modules/services/logging/logrotate.nix @@ -21,6 +21,7 @@ in config = mkOption { default = ""; + type = type.lines; description = '' The contents of the logrotate config file ''; -- cgit 1.4.1 From cdba59d0f223b06c09ca994d9806335bfb8d262e Mon Sep 17 00:00:00 2001 From: Rickard Nilsson Date: Thu, 16 Oct 2014 07:58:54 +0200 Subject: nixos/syslog-ng: Add option configHeader --- nixos/modules/services/logging/syslog-ng.nix | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) (limited to 'nixos/modules') diff --git a/nixos/modules/services/logging/syslog-ng.nix b/nixos/modules/services/logging/syslog-ng.nix index 64b288a11cd3..f3991a411ec4 100644 --- a/nixos/modules/services/logging/syslog-ng.nix +++ b/nixos/modules/services/logging/syslog-ng.nix @@ -7,8 +7,7 @@ let cfg = config.services.syslog-ng; syslogngConfig = pkgs.writeText "syslog-ng.conf" '' - @version: 3.5 - @include "scl.conf" + ${cfg.configHeader} ${cfg.extraConfig} ''; @@ -72,6 +71,17 @@ in { Configuration added to the end of syslog-ng.conf. ''; }; + configHeader = mkOption { + type = types.lines; + default = '' + @version: 3.5 + @include "scl.conf" + ''; + description = '' + The very first lines of the configuration file. Should usually contain + the syslog-ng version header. + ''; + }; }; }; -- cgit 1.4.1 From 135d6776905bd92433a5c2d74d6f550beb59bfbb Mon Sep 17 00:00:00 2001 From: Rickard Nilsson Date: Thu, 16 Oct 2014 08:20:43 +0200 Subject: nixos/logrotate: Fix spelling mistake --- nixos/modules/services/logging/logrotate.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'nixos/modules') diff --git a/nixos/modules/services/logging/logrotate.nix b/nixos/modules/services/logging/logrotate.nix index ec5f2e9add0c..0186452de95e 100644 --- a/nixos/modules/services/logging/logrotate.nix +++ b/nixos/modules/services/logging/logrotate.nix @@ -21,7 +21,7 @@ in config = mkOption { default = ""; - type = type.lines; + type = types.lines; description = '' The contents of the logrotate config file ''; -- cgit 1.4.1