aboutsummaryrefslogtreecommitdiff
path: root/modules/apps
AgeCommit message (Collapse)AuthorFilesLines
2017-11-26(*BREAKING*) Jenkins: set user home directoryIgor Pashev2-1/+7
BREAKING: user is now read-only
2017-11-26(*BREAKING*) Jenkins: introduce java propertiesIgor Pashev2-12/+24
Just like in Cassandra. First of all `hudson.model.DirectoryBrowserSupport.CSP` is needed. BREAKING: `jre` -> `jre.package`
2017-11-25Remove spaceIgor Pashev1-1/+1
2017-11-25Jenkins app: fix key extractionIgor Pashev1-1/+3
Make sure files are captured into Nix store so that Nix daemon can access them and run xinclude2nix (which is still silently ignoring unreachable files).
2017-09-19cli: use GCC explicitlyIgor Pashev1-4/+3
`runCommand` does not include C compiler, `runCommandCC` does, but we want GCC, so make sure we use it.
2017-07-24cli: security.setuidOwners -> security.wrappersIgor Pashev1-6/+4
Require nixpkgs >= 17.03
2017-07-09memcached: use simple mapAttrs'Igor Pashev1-4/+5
2017-06-12Apache Cassandra: initIgor Pashev2-0/+353
Add the `nixsap.apps.cassandra` application and Apache Cassandra 3.11 package along with Hyperic Sigar. The application runs in single node mode just fine. Clustering is not tested yet. This is PoC on Java applications. A Java application should comprise: 1. JRE 2. Class path 3. Library path A Java "package" should include all jar/classes/libraries needed to run the application. Using symbolic links to pull in dependencies is fine. This is much similar to nix "environments". Apache Cassandra is the first example of this approach. Using $out/share/java/ and $out/lib/jni is to help building such environments (also with nix-env).
2017-05-24Jenkins: allow spaces in job nameIgor Pashev1-2/+5
2017-05-17jenkins: get better looking pathIgor Pashev1-2/+2
2017-05-17memcached: remove superfluous `-start`Igor Pashev1-2/+2
2017-05-17gnupg: remove superfluous `-start`Igor Pashev1-2/+2
2017-05-08Jenkins: define SHELLIgor Pashev1-0/+1
For the Jenkins user it's usually `nologin`, so we have to override it.
2017-05-07sproxy2: fix `datafile` option processingIgor Pashev1-3/+3
`datafile` is usually a derivation (a set at the very basic nix level), so it wasn't processed as a string, but rather as a fallback case "toString v". Other option is to use `lib.isDerivation`.
2017-05-07sproxy2: enable by default if there are backendsIgor Pashev1-2/+8
2017-04-30mysqlbackup: fail if any server is unavailableIgor Pashev1-6/+12
2017-04-30(* BREAKING *) Avoid ambiguous optionsIgor Pashev8-42/+42
"either foo (listOf foo)" was not very useful and interfered proper merging.
2017-04-29Added nix-serve app and packageIgor Pashev1-0/+126
2017-03-28mariadb: add some more mysqld optionsIgor Pashev1-0/+4
2017-02-19gnupg app: set --max-cache-ttl to something bigIgor Pashev1-1/+3
From the gpg-agent man page: Set the maximum time a cache entry is valid to n seconds. After this time a cache entry will be expired even if it has been accessed recently or has been set using gpg-preset-passphrase. The default is 2 hours (7200 seconds).
2017-02-19gnupg app: typoIgor Pashev1-1/+1
2017-02-18Added gnupg appIgor Pashev2-0/+182
2017-02-17mariadb: fixed order roles are removed inIgor Pashev1-9/+9
The list of SQL statements is constructed and then executed. Thus if you delete role `foo` which was granted another role `bar`, role `bar` has to be revoked before `foo` is removed.
2017-02-07mariadb: support innodb_compression_defaultIgor Pashev1-0/+1
See https://jira.mariadb.org/browse/MDEV-9820 Since MariaDB Server 10.2.3
2017-02-01nginx: --kill-who=main in post log rotateIgor Pashev1-1/+2
2017-02-01php-fpm: use simple mapAttrs'Igor Pashev1-3/+4
Instead of folding, since we produce single member attribute set.
2017-02-01php-fpm: enable logrotateIgor Pashev1-5/+29
2017-02-01php-fpm: make use of home directoryIgor Pashev3-22/+52
Potentially breaking, these options are removed: pool.user, pool.listen.owner, pool.listen.mode. Since socket owner cannot be set now, nginx needs to belong to the appropriate PHP-FPM group.
2017-01-30php-fpm: refactored (can cause breakage)Igor Pashev1-52/+52
Moved some options under the `global` group (reflecting PHP FPM config file structure). Removed some submodules.
2017-01-30Added memcached appIgor Pashev2-0/+138
2017-01-22Ditch original sproxyIgor Pashev1-143/+0
2017-01-21mariadb: manage roles fasterIgor Pashev1-25/+57
This gets us closer to declarative granting. See https://github.com/zalora/nixsap/issues/4
2017-01-20mariadb: use explicit packageIgor Pashev3-42/+41
2017-01-20mariadb: typoIgor Pashev1-2/+2
With `either`, submodule attrs aren't checked, but the idea is good anyway, so let it be here for a while. See https://github.com/zalora/nixsap/issues/10
2017-01-16jenkins: explicit path for findIgor Pashev1-1/+1
shellcheck started complaining. Similar to b99beab2b48d3bc8130602d6e8907d8acb3deab3
2017-01-15postgresql app: no system packageIgor Pashev1-1/+0
2017-01-13icinga2: shorten pathIgor Pashev1-2/+2
2017-01-12openldap: safer defaultsIgor Pashev1-1/+1
"ber" can leak passwords.
2017-01-11mysqlbackup: explicit path for findIgor Pashev1-1/+1
Shellcheck began to complain: SC2185: Some finds don't have a default path. Specify '.' explicitly
2017-01-08Added openldap appIgor Pashev2-0/+330
2017-01-06php-fpm: toString is implicitIgor Pashev1-1/+1
2016-12-24nginx: added sproxy log formatIgor Pashev1-0/+6
2016-12-22sproxy2: 1.92.0 -> 1.93.0Igor Pashev1-9/+34
Changed semantics of some options. If previous versions `key` and `client_secret` were files, now they are strings. If you need files, use `key.file` and `client_secret.file`.
2016-12-22nginx: configure logrotateIgor Pashev1-2/+16
2016-12-22Added logrotate appIgor Pashev1-0/+163
2016-12-21nginx: added read-only logDirIgor Pashev1-0/+9
2016-12-20nginx: allow arbitrary http contextIgor Pashev1-22/+40
2016-12-20nginx: refactored configIgor Pashev3-18/+18
events -> conf.events http -> conf.http main -> conf
2016-12-20nginx: toString is implicitIgor Pashev1-1/+1
2016-11-22sproxy2: added the key parameterIgor Pashev1-0/+5