aboutsummaryrefslogtreecommitdiff
path: root/nixos/modules/tasks (follow)
Commit message (Collapse)AuthorAgeFilesLines
* nixos auto-upgrade: remove flag when flakeFrederik Rietdijk2020-11-251-3/+2
| | | | | | | The `--no-build-output` flag that is added by default is only valid for the old cli, which is not used when flakes are used. Follow-up to c9daa81eff922d9f77d136cfcff0ea05d40024e0.
* utillinux: rename to util-linuxGraham Christensen2020-11-243-5/+5
|
* nixos/network-interfaces: fix typo in udev rule syntaxJulien Moutinho2020-11-241-1/+1
|
* Merge pull request #98980 from JustinLovinger/idmapdSilvan Mosberger2020-11-181-13/+35
|\ | | | | nixos/nfs: add idmapd.settings option
| * nixos/nfs: add idmapd.settings optionJustin Lovinger2020-10-201-13/+35
| | | | | | | | Co-authored-by: Aaron Andersen <aaron@fosslib.net>
* | Merge pull request #103876 from Mic92/lvm-generator-fixJörg Thalheim2020-11-161-0/+4
|\ \ | | | | | | nixos/lvm2-activation-generator: fix warnings on activation
| * | nixos/lvm2-activation-generator: fix warnings on activationJörg Thalheim2020-11-151-0/+4
| | |
* | | kernel config: explicitly enable CONFIG_IPV6Florian Klink2020-11-161-1/+0
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We currently build CONFIG_IPV6=m. This seems to be not really well-supported in mainline kernels - see https://lore.kernel.org/netdev/20201115224509.2020651-1-flokli@flokli.de/T/#u Compiling it as a module doesn't give too much benefit - even for people who did explicitly set `enableIPv6` to false, the `ipv6` module was still loaded, as soon as another module was loaded that requires it (bridge,br_netfilter,wireguard,ip6table_mangle,sctp,…). By compiling it in, we only loose the possibility to not add it to `boot.kernelModules` anymore (as it's part of the kernel directly). The space savings are negligible. People wanting to disable IPv6 still get the appropriate sysctls and options set (while having the kernel code loaded), nothing is really changing here.
* | nixos: boot.zfsImportAll = false; by defaultSarah Brofeldt2020-11-111-5/+1
| | | | | | | | Also add 21.03 release note
* | nixos/zfs: Respect forceImportAll in import serviceSarah Brofeldt2020-11-111-0/+1
|/
* doc: Document a workaround for using an FQDN as hostnameMichael Weiss2020-10-101-0/+4
| | | | | | | | | Since #76542 this workaround is required to use a FQDN as hostname. See #94011 and #94022 for the related discussion. Due to some potential/unresolved issues (legacy software, backward compatibility, etc.) we're documenting this workaround [0]. [0]: https://github.com/NixOS/nixpkgs/issues/94011#issuecomment-705952300
* nixos/networking: Switch to home.arpa as an example for the domainMichael Weiss2020-10-101-2/+2
| | | | | | | | | | The special-use domain "home.arpa." is designated for non-unique use in residential home networks [0] and registered as such [1]. Therefore it is more appropriate than "home." which could cause conflicts or result in queries that leak out and reach the root name servers. [0]: https://tools.ietf.org/html/rfc8375 [1]: https://www.iana.org/assignments/special-use-domain-names/special-use-domain-names.xhtml
* Revert "apparmor: fix and improve the service"Vladimír Čunát2020-10-071-15/+0
| | | | | | | | | | | | This reverts commit fb6d63f3fdd95a5468d43a0693c8ca7c1894363f. I really hope this finally fixes #99236: evaluation on Hydra. This time I really did check basically the same commit on Hydra: https://hydra.nixos.org/eval/1618011 Right now I don't have energy to find what exactly is wrong in the commit, and it doesn't seem important in comparison to nixos-unstable channel being stuck on a commit over one week old.
* nixos: Conform with RFC 1123 in networking.hostName0x4A6F2020-10-011-4/+5
| | | | | | | | | Conform to RFC 1123 [0], specifically to "2.1 Host Names and Numbers", which allow starting host name with alphanumerical instead of alphabetical characters. RFC 1123 updates RFC 952 [1], which is referenced in "man 5 hosts". [0]: https://tools.ietf.org/html/rfc1123 [1]: https://tools.ietf.org/html/rfc952
* apparmor: fix and improve the serviceJulien Moutinho2020-09-061-0/+15
|
* Merge pull request #96042 from rnhmjoj/loaOfWORLDofPEACE2020-09-023-5/+5
|\ | | | | treewide: completely remove types.loaOf
| * treewide: completely remove types.loaOfrnhmjoj2020-09-023-5/+5
| |
* | rfkill: removeV2020-08-241-1/+0
|/ | | | | | | | | | rfkill was subsumed by util-linux in 2017 [1], and the upstream has not been updated in over 5 years [2]. This package shadows the rfkill from util-linux, so it can be completely removed with no breaking changes, because util-linux is in the base package set in nixos/system-path. [1] https://github.com/karelzak/util-linux/commit/d17fb726b562a69e8f174d46fa6cf794abc129cd [2] https://git.sipsolutions.net/rfkill.git/log/
* Merge pull request #93395 from hmenke/zfsJörg Thalheim2020-08-151-10/+22
|\ | | | | ZFS: Request credentials only for selected pools
| * ZFS: Request credentials only for selected poolsHenri Menke2020-07-211-10/+22
| | | | | | | | | | | | | | | | | | | | | | | | This change introduces more fine-grained requestEncryptionCredentials. While previously when requestEncryptionCredentials = true, the credentials for all imported pools and all datasets in these imported pools were requested, it is now possible to select exactly the pools and datasets for which credentials should be requested. It is still possible to set requestEncryptionCredentials = true, which continues to act as a wildcard for all pools and datasets, so the change is backwards compatible.
* | nixos/networking: Enhance hostId description (#94800)asdf8dfafjk2020-08-081-0/+3
| | | | | | Co-authored-by: Jörg Thalheim <Mic92@users.noreply.github.com>
* | nixos/modules: remove trailing whitespaceJörg Thalheim2020-08-071-1/+1
| | | | | | | | | | This leads to ci failure otherwise if the file gets changed. git-blame can ignore whitespace changes.
* | Merge pull request #89416 from Kloenk/autoUpgrade-flakesJörg Thalheim2020-08-061-29/+69
|\ \ | | | | | | nixos/autoUpgrade: add flake support
| * | nixos/autoUpgrade: add flake supportFinn Behrens2020-07-091-29/+69
| | |
* | | nixos/systemd: fix TUN networking in LXC containers (#81481)volth2020-08-051-2/+2
| | | | | | | | | in LXC container /dev/net/tun is pre-available, "dev-net-tun.device" always fails
* | | nixos/boot: some documentation improvementsKeshav Kini2020-07-291-4/+15
| | | | | | | | | | | | | | | | | | | | | | | | - Give a more accurate description of how fileSystems.<name/>.neededForBoot works - Give a more detailed description of how fileSystems.<name/>.encrypted.keyFile works
* | | nixos/tasks/lvm: fix systemd tmpfilesajs1242020-07-251-1/+1
| | |
* | | nixos/tasks/lvm: add dmeventd and lvmthin supportajs1242020-07-141-7/+60
| |/ |/| | | | | | | Introduce a pkgs.lvm2_dmeventd that contains dmeventd support, and enable if services.lvm.dmeventd.enable is true.
* | Merge pull request #92092 from ↵Graham Christensen2020-07-021-3/+1
|\ \ | | | | | | | | | | | | ElvishJerricco/zfs-encryption-systemd-ask-password ZFS: Update description for requestEncryptionCredentials
| * | ZFS: Update description for requestEncryptionCredentialsWill Fancher2020-07-021-3/+1
| | |
* | | Merge pull request #91344 from ↵Graham Christensen2020-07-021-2/+19
|\| | | | | | | | | | | | | | ElvishJerricco/zfs-encryption-systemd-ask-password ZFS: Ask for stage 2 encryption passwords using systemd-ask-password
| * | ZFS: Set IFS=$'\t' for the read command in stage 2 load-keyWill Fancher2020-07-021-1/+1
| | | | | | | | | Co-authored-by: Graham Christensen <graham@grahamc.com>
| * | ZFS: Pipe /dev/null into the stage 2 load-key scriptWill Fancher2020-07-021-2/+2
| | | | | | | | | | | | | | | Just in case something reads stdin, so that `while read ds kl` doesn't miss anything
| * | ZFS: Ask for stage 2 encryption passwords using systemd-ask-passwordWill Fancher2020-06-231-2/+19
| | |
* | | Merge pull request #84135 from symphorien/btrfs-scrub-successTimo Kaufmann2020-06-191-1/+4
|\ \ \ | |/ / |/| | nixos/btrfs autoScrub: don't fail when scrub finishes successfully
| * | nixos/btrfs autoScrub: don't fail when scrub finishes successfullySymphorien Gibol2020-04-021-1/+4
| | |
* | | Merge pull request #89159 from datafoo/fix-issue-89158Michele Guerini Rocco2020-06-121-10/+14
|\ \ \ | |_|/ |/| | nixos/networking: check interface state files exist before acting on them
| * | nixos/networking: check interface state files exist before acting on themdatafoo2020-05-291-10/+14
| | | | | | | | | | | | Fix #89158
* | | nixos: Allow empty hostnames againMichael Weiss2020-06-031-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes a regression from 993baa587c4 which requires networking.hostName to be a valid DNS label [0]. Unfortunately we missed the fact that the hostnames may also be empty, if the user wants to obtain it from a DHCP server. This is even required by a few modules/images (e.g. Amazon EC2, Azure, and Google Compute). [0]: https://github.com/NixOS/nixpkgs/pull/76542#issuecomment-638138666
* | | Merge pull request #62671 from kfiz/networking-proxy_arp-fixFlorian Klink2020-05-311-3/+3
|\ \ \ | |/ / |/| | tasks/network-interfaces.nix: Enable ip_forwarding for ipv4 and p…
| * | networking-interfaces.nix: remove broken NDP bits from proxyARPDoro Rose2020-05-261-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The `networking.interfaces.<name?>.proxyARP` option previously mentioned it would also enable IPv6 forwarding and `proxy_ndp`. However, the `proxy_ndp` option was never actually set (the non-existing `net.ipv6.conf.proxy_arp` sysctl was set instead). In addition `proxy_ndp` also needs individual entries for each ip to proxy for. Proxy ARP and Proxy NDP are two different concepts, and enabling the latter should be a conscious decision. This commit removes the broken NDP support, and disables explicitly enabling IPv6 forwarding (which is the default in most cases anyways) Fixes #62339.
* | | nixos: Require networking.hostName to be a valid DNS labelMichael Weiss2020-05-251-3/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This also means that the hostname must not contain the domain name part anymore (i.e. must not be a FQDN). See RFC 1035 [0], "man 5 hostname", or the kernel documentation [1]. Note: For legacy reasons we also allow underscores inside of the label but this is not recommended and intentionally left undocumented. [0]: https://tools.ietf.org/html/rfc1035 [1]: https://www.kernel.org/doc/html/latest/admin-guide/sysctl/kernel.html#domainname-hostname Co-authored-by: zimbatm <zimbatm@zimbatm.com>
* | | nixos/scripted-networking: use udev to configure link MACAddress and MTUBytesFlorian Klink2020-05-221-38/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The `network-link-${i.name}` units raced with other things trying to configure the interface, or ran before the interface was available. Instead of running our own set of shell scripts on boot, and hoping they're executed at the right time, we can make use of udev to configure the interface *while they appear*, by providing `.link` files in /etc/systemd/network/*.link to set MACAddress and MTUBytes. This doesn't require networkd to be enabled, and is populated properly on non-networkd systems since https://github.com/NixOS/nixpkgs/pull/82941. This continues clean-up work done in https://github.com/NixOS/nixpkgs/pull/85170 for the scripted networking stack. The only leftover part of the `network-link-${i.name}` unit (bringing the interface up) is moved to the beginning of the `network-addresses-${i.name}` unit. Fixes: https://github.com/NixOS/nixpkgs/issues/74471 Closes: https://github.com/NixOS/nixpkgs/pull/87116
* | | nixos/network-interfaces-scripted: always run systemctl of the currently ↵Florian Klink2020-05-211-1/+1
| | | | | | | | | | | | running systemd
* | | nixos/zfs: add missing dependendy nettoolsdatafoo2020-05-181-1/+10
|/ / | | | | | | Fix #87823
* | nixos/networking: move network-link-${i.name} to scripted networkingFlorian Klink2020-04-132-32/+34
| | | | | | | | | | The unit sets MTU and MAC Address even with networkd enabled, which isn't necessary anymore, as networkd handles this by itself.
* | nixos/networking: add assertion catching setting mac addresses on tun devicesFlorian Klink2020-04-131-0/+5
| | | | | | | | | | Setting a MAC Address on a tun interface isn't supported, and invoking the corresponding command fails.
* | nixos/networking: fix setting .macAddress and .mtu with networkdFlorian Klink2020-04-131-1/+6
| | | | | | | | This needs to be set in the .linkConfig of a .network
* | treewide: Per RFC45, remove all unquoted URLsMichael Reilly2020-04-101-1/+1
| |
* | Merge pull request #79828 from Mic92/zedJörg Thalheim2020-04-021-0/+1
|\ \ | | | | | | nixos/zfs: populate PATH with needed programs for zed
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-01 05:54:49 +0000