movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-13 13:40:28 +03:00
Code Activity

Merge master into staging

Browse source
This commit is contained in:
Frederik Rietdijk 2018-09-02 12:10:33 +02:00
commit b910b697f6
122 changed files with 614 additions and 399 deletions
Download patch file Download diff file Expand all files Collapse all files

18
nixos/modules/services/databases/foundationdb.xml
View file

@ -17,7 +17,7 @@
<para>FoundationDB (or "FDB") is an open source, distributed, transactional
key-value store.</para>
<section><title>Configuring and basic setup</title>
<section xml:id="module-services-foundationdb-configuring"><title>Configuring and basic setup</title>
<para>To enable FoundationDB, add the following to your
<filename>configuration.nix</filename>:
@ -133,7 +133,7 @@ corresponding <option>services.foundationdb.logDir</option> as well.</para>
</section>
<section><title>Scaling processes and backup agents</title>
<section xml:id="module-services-foundationdb-scaling"><title>Scaling processes and backup agents</title>
<para>Scaling the number of server processes is quite easy; simply specify
<option>services.foundationdb.serverProcesses</option> to be the number of
@ -151,7 +151,7 @@ available backup processes.</para>
</section>
<section><title>Clustering</title>
<section xml:id="module-services-foundationdb-clustering"><title>Clustering</title>
<para>FoundationDB on NixOS works similarly to other Linux systems, so this
section will be brief. Please refer to the full FoundationDB documentation for
@ -221,7 +221,7 @@ informing all client processes to do the same.</para>
</section>
<section><title>Client connectivity</title>
<section xml:id="module-services-foundationdb-connectivity"><title>Client connectivity</title>
<para>By default, all clients must use the current
<command>fdb.cluster</command> file to access a given FoundationDB cluster.
@ -232,7 +232,7 @@ to a new node in order to connect, if it is not part of the cluster.</para>
</section>
<section><title>Client authorization and TLS</title>
<section xml:id="module-services-foundationdb-authorization"><title>Client authorization and TLS</title>
<para>By default, any user who can connect to a FoundationDB process with the
correct cluster configuration can access anything. FoundationDB uses a
@ -270,7 +270,7 @@ on.</para>
</section>
<section><title>Backups and Disaster Recovery</title>
<section xml:id="module-services-foundationdb-disaster-recovery"><title>Backups and Disaster Recovery</title>
<para>The usual rules for doing FoundationDB backups apply on NixOS as written
in the FoundationDB manual. However, one important difference is the security
@ -316,7 +316,7 @@ $ sudo -u foundationdb fdbbackup status -t default
</section>
<section><title>Known limitations</title>
<section xml:id="module-services-foundationdb-limitations"><title>Known limitations</title>
<para>The FoundationDB setup for NixOS should currently be considered beta.
FoundationDB is not new software, but the NixOS compilation and integration has
@ -333,7 +333,7 @@ only undergone fairly basic testing of all the available functionality.</para>
</section>
<section><title>Options</title>
<section xml:id="module-services-foundationdb-options"><title>Options</title>
<para>NixOS's FoundationDB module allows you to configure all of the most
relevant configuration options for <command>fdbmonitor</command>, matching it
@ -343,7 +343,7 @@ also read the FoundationDB documentation as well.</para>
</section>
<section><title>Full documentation</title>
<section xml:id="module-services-foundationdb-full-docs"><title>Full documentation</title>
<para>FoundationDB is a complex piece of software, and requires careful
administration to properly use. Full documentation for administration can be

6
nixos/modules/services/databases/postgresql.xml
View file

@ -17,7 +17,7 @@
<para>PostgreSQL is an advanced, free relational database.<!-- MORE --></para>
<section><title>Configuring</title>
<section xml:id="module-services-postgres-configuring"><title>Configuring</title>
<para>To enable PostgreSQL, add the following to your
<filename>configuration.nix</filename>:
@ -60,14 +60,14 @@ alice=>
</section>
<section><title>Upgrading</title>
<section xml:id="module-services-postgres-upgrading"><title>Upgrading</title>
<para>FIXME: document dump/upgrade/load cycle.</para>
</section>
<section><title>Options</title>
<section xml:id="module-services-postgres-options"><title>Options</title>
<para>A complete list of options for the PostgreSQL module may be found <link linkend="opt-services.postgresql.enable">here</link>.</para>

24
nixos/modules/services/editors/emacs.xml
View file

@ -39,7 +39,7 @@
starting the Emacs daemon.
</para>
<section>
<section xml:id="module-services-emacs-installing">
<title>Installing <application>Emacs</application></title>
<para>
@ -49,7 +49,7 @@
can be enabled.
</para>
<section>
<section xml:id="module-services-emacs-releases">
<title>The Different Releases of Emacs</title>
<para>
@ -100,7 +100,7 @@
</para>
</section>
<section>
<section xml:id="module-services-emacs-adding-packages">
<title>Adding Packages to Emacs</title>
<para>
Emacs includes an entire ecosystem of functionality beyond
@ -339,7 +339,7 @@ https://nixos.org/nixpkgs/manual/#sec-modify-via-packageOverrides
</para>
</section>
<section>
<section xml:id="module-services-emacs-advanced">
<title>Advanced Emacs Configuration</title>
<para>
@ -380,7 +380,7 @@ in [...]
</section>
</section>
<section>
<section xml:id="module-services-emacs-running">
<title>Running Emacs as a Service</title>
<para>
<productname>NixOS</productname> provides an optional
@ -396,7 +396,7 @@ in [...]
<filename>modules/services/editors/emacs.nix</filename>
</para>
<section>
<section xml:id="module-services-emacs-enabling">
<title>Enabling the Service</title>
<para>
@ -438,7 +438,7 @@ $ systemctl --user start emacs.service # to start the Emacs daemon
</section>
<section>
<section xml:id="module-services-emacs-starting-client">
<title>Starting the client</title>
<para>
Ensure that the emacs server is enabled, either by customizing
@ -457,7 +457,7 @@ emacsclient --create-frame --tty # opens a new frame on the current terminal
</para>
</section>
<section>
<section xml:id="module-services-emacs-editor-variable">
<title>Configuring the <varname>EDITOR</varname> variable</title>
<!--<title><command>emacsclient</command> as the Default Editor</title>-->
@ -487,7 +487,7 @@ emacsclient --create-frame --tty # opens a new frame on the current terminal
</para>
</section>
<section>
<section xml:id="module-services-emacs-per-user">
<title>Per-User Enabling of the Service</title>
<para>
@ -515,7 +515,7 @@ emacsclient --create-frame --tty # opens a new frame on the current terminal
</section>
</section>
<section>
<section xml:id="module-services-emacs-configuring">
<title>Configuring Emacs</title>
<para>
@ -548,7 +548,7 @@ emacsclient --create-frame --tty # opens a new frame on the current terminal
server-switch-hook, server-done-hook?
-->
<section>
<section xml:id="module-services-emacs-major-mode">
<title>A Major Mode for Nix Expressions</title>
<para>
@ -558,7 +558,7 @@ emacsclient --create-frame --tty # opens a new frame on the current terminal
</para>
</section>
<section>
<section xml:id="module-services-emacs-man-pages">
<title>Accessing man pages</title>
<para>
You can use <function>woman</function> to get completion of all

6
nixos/modules/services/misc/gitlab.xml
View file

@ -8,7 +8,7 @@
<para>Gitlab is a feature-rich git hosting service.</para>
<section><title>Prerequisites</title>
<section xml:id="module-services-gitlab-prerequisites"><title>Prerequisites</title>
<para>The gitlab service exposes only an Unix socket at
<literal>/run/gitlab/gitlab-workhorse.socket</literal>. You need to configure a
@ -35,7 +35,7 @@ webserver to proxy HTTP requests to the socket.</para>
</section>
<section><title>Configuring</title>
<section xml:id="module-services-gitlab-configuring"><title>Configuring</title>
<para>Gitlab depends on both PostgreSQL and Redis and will automatically enable
both services. In the case of PostgreSQL, a database and a role will be created.
@ -119,7 +119,7 @@ options for the <link linkend="opt-services.gitlab.enable">services.gitlab</link
</section>
<section><title>Maintenance</title>
<section xml:id="module-services-gitlab-maintenance"><title>Maintenance</title>
<para>You can run Gitlab's rake tasks with <literal>gitlab-rake</literal>
which will be available on the system when gitlab is enabled. You will

8
nixos/modules/services/misc/taskserver/doc.xml
View file

@ -16,7 +16,7 @@
<link xlink:href="https://taskwarrior.org/docs/#taskd"/>
</para>
<section>
<section xml:id="module-services-taskserver-configuration">
<title>Configuration</title>
<para>
@ -48,7 +48,7 @@
</para>
</section>
<section>
<section xml:id="module-services-taskserver-nixos-taskserver-tool">
<title>The nixos-taskserver tool</title>
<para>
@ -78,7 +78,7 @@
<option>--help</option> switch.
</para>
</section>
<section>
<section xml:id="module-services-taskserver-declarative-ca-management">
<title>Declarative/automatic CA management</title>
<para>
@ -131,7 +131,7 @@ $ ssh server nixos-taskserver user export my-company alice | sh
<command>task sync</command> after that stage.
</para>
</section>
<section>
<section xml:id="module-services-taskserver-manual-ca-management">
<title>Manual CA management</title>
<para>

4
nixos/modules/services/monitoring/prometheus/exporters.xml
View file

@ -8,7 +8,7 @@
<para>Prometheus exporters provide metrics for the <link xlink:href="https://prometheus.io">prometheus monitoring system</link>.</para>
<section><title>Configuration</title>
<section xml:id="module-services-prometheus-exporters-configuration"><title>Configuration</title>
<para>One of the most common exporters is the <link xlink:href="https://github.com/prometheus/node_exporter">node exporter</link>, it provides hardware and OS metrics from the host it's running on. The exporter could be configured as follows:
<programlisting>
services.promtheus.exporters.node = {
@ -33,7 +33,7 @@ For more information about configuration see <literal>man configuration.nix</lit
search through the <link xlink:href="https://nixos.org/nixos/options.html#prometheus.exporters">available options</link>.
</para>
</section>
<section><title>Adding a new exporter</title>
<section xml:id="module-services-prometheus-exporters-new-exporter"><title>Adding a new exporter</title>
<para>To add a new exporter, it has to be packaged first (see <literal>nixpkgs/pkgs/servers/monitoring/prometheus/</literal> for examples), then a module can be added. The postfix exporter is used in this example:</para>
<itemizedlist>
<listitem>

1
nixos/modules/services/networking/bird.nix
View file

@ -44,6 +44,7 @@ let
systemd.services.${variant} = {
description = "BIRD Internet Routing Daemon (${descr})";
wantedBy = [ "multi-user.target" ];
reloadIfChanged = true;
serviceConfig = {
Type = "forking";
Restart = "on-failure";

8
nixos/modules/services/networking/dnscrypt-proxy.xml
View file

@ -14,7 +14,7 @@
upstream is trustworthy).
</para>
<sect1><title>Basic configuration</title>
<sect1 xml:id="sec-dnscrypt-proxy-configuration"><title>Basic configuration</title>
<para>
To enable the client proxy, set
@ -31,7 +31,7 @@
</sect1>
<sect1><title>As a forwarder for another DNS client</title>
<sect1 xml:id="sec-dnscrypt-proxy-forwarder"><title>As a forwarder for another DNS client</title>
<para>
To run the DNSCrypt proxy client as a forwarder for another
@ -42,7 +42,7 @@
</programlisting>
</para>
<sect2><title>dnsmasq</title>
<sect2 xml:id="sec-dnscrypt-proxy-forwarder-dsnmasq"><title>dnsmasq</title>
<para>
<programlisting>
{
@ -53,7 +53,7 @@
</para>
</sect2>
<sect2><title>unbound</title>
<sect2 xml:id="sec-dnscrypt-proxy-forwarder-unbound"><title>unbound</title>
<para>
<programlisting>
{

29
nixos/modules/services/networking/networkmanager.nix
View file

@ -289,7 +289,7 @@ in {
source = mkOption {
type = types.path;
description = ''
A script.
Path to the hook script.
'';
};
@ -297,12 +297,28 @@ in {
type = types.enum (attrNames dispatcherTypesSubdirMap);
default = "basic";
description = ''
Dispatcher hook type. Only basic hooks are currently available.
Dispatcher hook type. Look up the hooks described at
<link xlink:href="https://developer.gnome.org/NetworkManager/stable/NetworkManager.html">https://developer.gnome.org/NetworkManager/stable/NetworkManager.html</link>
and choose the type depending on the output folder.
You should then filter the event type (e.g., "up"/"down") from within your script.
'';
};
};
});
default = [];
example = literalExample ''
[ {
source = pkgs.writeText "upHook" '''
if [ "$2" != "up" ]; then
logger "exit: event $2 != up"
fi
# coreutils and iproute are in PATH too
logger "Device $DEVICE_IFACE coming up"
''';
type = "basic";
} ]'';
description = ''
A list of scripts which will be executed in response to network events.
'';
@ -418,6 +434,7 @@ in {
++ lib.imap1 (i: s: {
inherit (s) source;
target = "NetworkManager/dispatcher.d/${dispatcherTypesSubdirMap.${s.type}}03userscript${lib.fixedWidthNumber 4 i}";
mode = "0544";
}) cfg.dispatcherScripts
++ optional (dynamicHostsEnabled)
{ target = "NetworkManager/dnsmasq.d/dyndns.conf";
@ -475,6 +492,14 @@ in {
};
};
systemd.services."NetworkManager-dispatcher" = {
wantedBy = [ "network.target" ];
restartTriggers = [ configFile ];
# useful binaries for user-specified hooks
path = [ pkgs.iproute pkgs.utillinux pkgs.coreutils ];
};
# Turn off NixOS' network management
networking = {
useDHCP = false;

8
nixos/modules/services/web-apps/matomo-doc.xml
View file

@ -15,7 +15,7 @@
</para>
<section>
<section xml:id="module-services-matomo-database-setup">
<title>Database Setup</title>
<para>
@ -51,7 +51,7 @@
</section>
<section>
<section xml:id="module-services-matomo-backups">
<title>Backup</title>
<para>
You only need to take backups of your MySQL database and the
@ -62,7 +62,7 @@
</section>
<section>
<section xml:id="module-services-matomo-issues">
<title>Issues</title>
<itemizedlist>
<listitem>
@ -83,7 +83,7 @@
</section>
<section>
<section xml:id="module-services-matomo-other-web-servers">
<title>Using other Web Servers than nginx</title>
<para>

2
nixos/modules/services/web-servers/nginx/vhost-options.nix
View file

@ -130,7 +130,7 @@ with lib;
};
sslTrustedCertificate = mkOption {
type = types.path;
type = types.nullOr types.path;
default = null;
example = "/var/root.cert";
description = "Path to root SSL certificate for stapling and client certificates.";

14
nixos/modules/services/x11/display-managers/auto.nix
View file

@ -49,6 +49,20 @@ in
};
};
# lightdm by default doesn't allow auto login for root, which is
# required by some nixos tests. Override it here.
security.pam.services.lightdm-autologin.text = lib.mkForce ''
auth requisite pam_nologin.so
auth required pam_succeed_if.so quiet
auth required pam_permit.so
account include lightdm
password include lightdm
session include lightdm
'';
};
}

21
nixos/modules/services/x11/display-managers/default.nix
View file

@ -27,6 +27,15 @@ let
Xft.hintstyle: hintslight
'';
mkCases = session:
concatStrings (
mapAttrsToList (name: starts: ''
(${name})
${concatMapStringsSep "\n " (n: n.start) starts}
;;
'') (lib.groupBy (n: n.name) session)
);
# file provided by services.xserver.displayManager.session.wrapper
xsessionWrapper = pkgs.writeScript "xsession-wrapper"
''
@ -139,21 +148,13 @@ let
# Start the window manager.
case "$windowManager" in
${concatMapStrings (s: ''
(${s.name})
${s.start}
;;
'') wm}
${mkCases wm}
(*) echo "$0: Window manager '$windowManager' not found.";;
esac
# Start the desktop manager.
case "$desktopManager" in
${concatMapStrings (s: ''
(${s.name})
${s.start}
;;
'') dm}
${mkCases dm}
(*) echo "$0: Desktop manager '$desktopManager' not found.";;
esac