MirrorHub/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-16 14:54:29 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
150988 commits 258 branches 124 tags 6 GiB
Commit graph

10771 commits

Author SHA1 Message Date
Franz Pletz
1cc916b5b2
Merge pull request #45810 from vincentbernat/fix/nginx-stapling 
nixos/nginx: ensure TLS OCSP stapling works out of the box with LE
 2018-08-31 07:18:40 +00:00
Jan Tojnar
f0136e4bc8
Merge pull request #45638 from aanderse/incron 
incron: init at 0.5.12
 2018-08-31 06:54:58 +01:00
Aaron Andersen
9b12db6928 changed from forking to simple as recommended by @aszlig 2018-08-31 03:03:04 +00:00
Aaron Andersen
d7d7533c18 changes as per requested by @aszlig 2018-08-31 02:52:49 +00:00
Aaron Andersen
7bc2a0dd64 removed quotes when not needed as suggested by @aszlig 2018-08-31 02:17:38 +00:00
Vincent Bernat
1251b34b5b nixos/nginx: ensure TLS OCSP stapling works out of the box with LE 
The recommended TLS configuration comes with `ssl_stapling on` and
`ssl_stapling_verify on`. However, this last directive also requires
the use of `ssl_trusted_certificate` to verify the received answer.
When using `enableACME` or similar, we can help the user by providing
the correct value for the directive.

The result can be tested with:

    openssl s_client -connect web.example.com:443 -status 2> /dev/null

Without OCSP stapling, we get:

    OCSP response: no response sent

After this change, we get:

    OCSP Response Data:
        OCSP Response Status: successful (0x0)
        Response Type: Basic OCSP Response
        Version: 1 (0x0)
        Responder Id: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
        Produced At: Aug 30 20:46:00 2018 GMT
 2018-08-30 22:47:41 +02:00
Samuel Dionne-Riel
aa0556415b
Merge pull request #45779 from grahamc/bump-nix-version 
Nix minimal version: 1.11 -> 2.0
 2018-08-30 11:39:18 -04:00
Jan Tojnar
8a8056c302
Merge pull request #45058 from michaelpj/imp/freedesktop-modules 
freedesktop modules: init
 2018-08-30 16:14:35 +01:00
Graham Christensen
18f9539655
nixos docs: add release notes for nix 2.0 requiremnt bump 2018-08-30 08:52:43 -04:00
Bjørn Forsman
ee56a2cc19 treewide: fix typo: asumed -> assumed 2018-08-30 10:19:20 +02:00
Johannes Lötzsch
bb08d1c13f nixos/zabbix: fix initial database creation (#45750) 
without this fix the database setup fails with „could not connect to database postgres: FATAL:  role "root" does not exist“
 2018-08-30 08:25:13 +01:00
Graham Christensen
a141b3aad8
Merge pull request #33686 from samueldr/artwork/iso 
(Installation media) Bootloader artwork refresh
 2018-08-29 15:31:13 -04:00
Nikolay Amiantov
69407cb013 firewall service: respect marks in rpfilter (#39054) 
This allows one to add rules which change a packet's routing table:

iptables -t raw -I PREROUTING 1 -m set --match-set myset src -j MARK --set-mark 2
ip rule add fwmark 2 table 1 priority 1000
ip route add default dev wg0 table 1

to the beginning of raw table PREROUTING chain, and still have rpfilter.
 2018-08-29 20:50:53 +02:00
xeji
70b3ac8378
nixos/tests/i3wm: prevent non-deterministic failure (#45759) 
Test failed sporadically on Hydra, probably due to timing issues.
These changes should make that less likely to occur.
 2018-08-29 19:38:35 +02:00
xeji
ff6a61ad1b
nixos/tests/mesos: fix test (#45758) 
fallout from 39e678e24e :
dockerTools.buildImage no longer applies default tag "latest"
 2018-08-29 19:38:00 +02:00
Brian Olsen
9540b1c535 nixos/tests: Set DefaultTimeoutStartSec very high (#44916) 
DefaultTimeoutStartSec is normally set to 90 seconds and works fine. But
when running NixOS tests on a very slow machine (like a VM without
nested virtualisation support) this default is to low and causes
systemd units to fail spuriously. One symptom of this issue are tests
at times failing with "timed out waiting for the VM to connect".

Since the VM connect timeout is 300 seconds I also set
DefaultTimeoutStartSec to this which is ridiculously high.
 2018-08-29 12:12:12 +02:00
Aaron Andersen
d9943e6bba added option to specify which packages are available to the system incrontab 
recommendation by @jtojnar and @maurer
 2018-08-29 00:43:28 +00:00
Aaron Andersen
3d1091eb5b added a check to make sure a situation where a defined configuration wouldn't be unused as per recommended by @maurer 2018-08-28 23:50:55 +00:00
Ben Wolsieffer
442681cc2a nixos/networkd: fix range assertions on 32 bit Nix 2018-08-28 19:31:10 -04:00
Dennis Gosnell
7d23ffb736 virtualbox: Change the virtualbox tests to not build the unfree tests by default. (#45415) 2018-08-28 22:28:47 +02:00
Matt McHenry
94a906b59a systemd: ensure fsck Requires/After links are created in mount units 
systemd-fsck-generator only produces these lines if it can find the
necessary fsck executable in its PATH.

fixes #29139.
 2018-08-28 17:12:49 +02:00
Tuomas Tynkkynen
69b4f427b6 nixos/zabbix-agent: Make the Zabbix package user-configurable 2018-08-28 17:43:12 +03:00
Eelco Dolstra
c251ec691a
virtualization.growPartition -> virtualisation.growPartition 
There never was a 'virtualization.growPartition'. This got messed up
in eddf30cc93.

Issue #36590.
 2018-08-28 14:24:39 +02:00
Jörg Thalheim
6a0a12a921
Merge pull request #45659 from vincentbernat/fix/nginx-gzip 
Small nginx tweaks
 2018-08-28 09:35:58 +01:00
Aaron Andersen
b77f38c3cd added a comment about the PATH variable under which incrontab commands will run 2018-08-27 21:31:55 +00:00
Aaron Andersen
7840d00532 clarified the descriptions of the allow and deny options 2018-08-27 21:15:03 +00:00
Aaron Andersen
fc1f33bc2c fixed issue with system jobs 2018-08-27 15:23:19 +00:00
Jörg Thalheim
a6ced42c60
Merge pull request #44990 from Ma27/reload-user-units-during-activation 
nixos/switch-to-configuration: reload user units
 2018-08-27 11:12:42 +01:00
Jörg Thalheim
831ecca60f
Merge pull request #45281 from Gerschtli/zsh-completion 
nixos/zsh: Adds enableGlobalCompInit option
 2018-08-27 10:45:29 +01:00
Jörg Thalheim
4e365aa453 nixos/zsh: make enableGlobalCompInit description less ambiguous 2018-08-27 10:43:31 +01:00
Vincent Bernat
bd075eb914 nginx: add more gzipped MIME types 
The additions are:

 - image/svg+xml for SVG images
 - application/atom+xml for Atom feeds

These types are also present in mime.types. For better readability,
the list is sorted and formatted with one type per line.
 2018-08-26 21:48:55 +02:00
Vincent Bernat
06a5fb2ada nginx: use a compression level of 5 in recommended configuration 
While there is little gain of space to use a compression level of 9,
the CPU usage is significant. Many experiments point to use something
between 4 and 6. For example:

 - https://mjanja.ch/2015/03/finding-the-nginx-gzip_comp_level-sweet-spot/
 - 3bda5b93ed/nginx.conf (L93)
 2018-08-26 21:43:34 +02:00
Jörg Thalheim
a78b364ed4
Merge pull request #44890 from dywedir/iwd 
iwd: 0.4 -> 0.7
 2018-08-26 17:25:42 +01:00
Jörg Thalheim
b7d7e20b3d
Merge pull request #45647 from xeji/p/netdata-test 
nixos/tests/netdata: fix non-deterministic failure
 2018-08-26 13:50:10 +01:00
Jörg Thalheim
b1aa9cbdbf
Merge pull request #45649 from xeji/p/networking-tests 
nixos/tests/networking: fix routes and virtual tests
 2018-08-26 13:45:55 +01:00
Uli Baum
3f8756ce10 nixos/tests/networking: fix "virtual" tests 
`ip route` now displays extended tun attributes, so the expected
output of this test changed.

Upstream change: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=118eda77d6602616bc523a17ee45171e879d1818
 2018-08-26 14:24:07 +02:00
Uli Baum
f021702d21 nixos/tests/networking: fix routes tests 
The output format of `ip route` changed, it now explicitly
shows "proto static" for static routes.
 2018-08-26 14:15:15 +02:00
Uli Baum
a44469d7b6 nixos/tests/netdata: fix non-deterministic failure 
The test sporadically failed on hydra when a request was made
before the service was actually listening on its port.
Explicitly wait for the port to open.
 2018-08-26 13:38:58 +02:00
Augustin Borsu
4d3ce5ca36 nixos/jupyter: init service 2018-08-26 12:00:54 +02:00
xeji
3050406388
nixos/tests/matrix-synapse: fix test (#45596) 
Since matrix-synapse 0.33.0 underscores in server names are rejected
by server name validation, causing the test to fail:
  valueError: Server name 'server_sqlite' contains invalid characters
Relevant upstream change:
546bc9e28b
 2018-08-26 10:38:52 +02:00
Bas van Dijk
a144c798e5
Merge pull request #44340 from shmish111/es-curator 
nixos/curator: init elasticsearch curator
 2018-08-26 01:33:34 +02:00
xeji
b2dc75cd03
Merge pull request #43736 from volth/patch-208 
qemu: 2.12.1 -> 3.0.0
 2018-08-26 01:28:12 +02:00
Aaron Andersen
fc03a9f5b7 initial work on incron service 2018-08-25 18:08:24 -04:00
Bas van Dijk
228705fc33 elasticsearch-curator: add note to the NixOS release notes 2018-08-25 18:59:32 +02:00
Bas van Dijk
241377ee76 nixos/tests/elk.nix: make sure the test doesn't wait for too long on elasticsearch-curator 2018-08-25 18:53:10 +02:00
Bas van Dijk
32200033a6 elasticsearch-curator: include the module in the module-list & fix bug 2018-08-25 18:53:10 +02:00
David Smith
842000566b elasticsearch-curator: add test 2018-08-25 18:53:10 +02:00
David Smith
2ec33f527b elasticsearch-curator: don't need to add enable to elasticsearch-curator service 2018-08-25 18:53:10 +02:00
David Smith
3744467589 nixos/curator: init elasticsearch curator 
https://www.elastic.co/guide/en/elasticsearch/client/curator/5.5/index.html
 2018-08-25 18:53:10 +02:00
Bas van Dijk
7d04961c95
Merge pull request #44389 from Mic92/es6 
elasticsearch: use 6.x as default version, remove unsupported releases
 2018-08-25 17:04:07 +02:00