Age | Commit message (Collapse) | Author | Files | Lines |
|
Use specific default version for the current MariaDB application.
|
|
Example configuration:
{ config, ... }:
let
inherit (config.nixsap) apps;
in {
imports = [ <modules> ];
nixsap.apps.docker.foo = {
};
users.users.pashev.extraGroups = [apps.docker.foo.daemon.group];
}
Usage:
(Sat, 05 May 2018 10:09:01 +0000)
[pashev@vbox-devops:~]
# docker-foo images
REPOSITORY TAG IMAGE ID CREATED SIZE
debian latest 8626492fecd3 7 days ago 101MB
ubuntu latest 452a96d81c30 7 days ago 79.6MB
|
|
|
|
|
|
Add support for PostgreSQL.
Breaking because new deployments will not have DB initialized.
|
|
|
|
|
|
Gone in Icinga2 2.8.2
Icinga is started as non-root user anyway.
|
|
|
|
|
|
|
|
BREAKING: user is now read-only
|
|
Just like in Cassandra.
First of all `hudson.model.DirectoryBrowserSupport.CSP` is needed.
BREAKING: `jre` -> `jre.package`
|
|
|
|
Make sure files are captured into Nix store
so that Nix daemon can access them and run xinclude2nix
(which is still silently ignoring unreachable files).
|
|
`runCommand` does not include C compiler, `runCommandCC`
does, but we want GCC, so make sure we use it.
|
|
Require nixpkgs >= 17.03
|
|
|
|
Add the `nixsap.apps.cassandra` application and Apache
Cassandra 3.11 package along with Hyperic Sigar.
The application runs in single node mode just fine.
Clustering is not tested yet.
This is PoC on Java applications.
A Java application should comprise:
1. JRE
2. Class path
3. Library path
A Java "package" should include all jar/classes/libraries
needed to run the application. Using symbolic links to
pull in dependencies is fine. This is much similar to nix
"environments". Apache Cassandra is the first example of
this approach.
Using $out/share/java/ and $out/lib/jni is to help building
such environments (also with nix-env).
|
|
|
|
|
|
|
|
|
|
For the Jenkins user it's usually `nologin`, so we have
to override it.
|
|
`datafile` is usually a derivation (a set at the very basic
nix level), so it wasn't processed as a string, but rather
as a fallback case "toString v".
Other option is to use `lib.isDerivation`.
|
|
|
|
|
|
"either foo (listOf foo)" was not very useful
and interfered proper merging.
|
|
|
|
|
|
From the gpg-agent man page:
Set the maximum time a cache entry is valid to n seconds.
After this time a cache entry will be expired even if
it has been accessed recently or has been set using
gpg-preset-passphrase. The default is 2 hours (7200 seconds).
|
|
|
|
|
|
The list of SQL statements is constructed and then executed.
Thus if you delete role `foo` which was granted another role `bar`,
role `bar` has to be revoked before `foo` is removed.
|
|
See https://jira.mariadb.org/browse/MDEV-9820
Since MariaDB Server 10.2.3
|
|
|
|
Instead of folding, since we produce single member attribute set.
|
|
|
|
Potentially breaking, these options are removed:
pool.user, pool.listen.owner, pool.listen.mode.
Since socket owner cannot be set now,
nginx needs to belong to the appropriate PHP-FPM group.
|
|
Moved some options under the `global` group (reflecting
PHP FPM config file structure). Removed some submodules.
|
|
|
|
|
|
This gets us closer to declarative granting.
See https://github.com/zalora/nixsap/issues/4
|
|
|
|
With `either`, submodule attrs aren't checked,
but the idea is good anyway, so let it be here for a while.
See https://github.com/zalora/nixsap/issues/10
|
|
shellcheck started complaining.
Similar to b99beab2b48d3bc8130602d6e8907d8acb3deab3
|
|
|
|
|
|
"ber" can leak passwords.
|
|
Shellcheck began to complain:
SC2185: Some finds don't have a default path. Specify '.' explicitly
|