Commit graph

18087 commits

Author SHA1 Message Date
Florian Klink
7293489288 nixos/systemd: provision a systemd-coredump user
systemd-coredump tries to drop privileges to a systemd-coredump user if
present (and falls back to the root user if it's not available).

Create that user, and recycle uid 151 for it. We don't really care about
the gid.

Fixes https://github.com/NixOS/nixpkgs/issues/120803.
2021-07-29 15:00:24 +02:00
Niklas Hambüchen
82272021e2
Merge pull request #128886 from scvalex/coredns-configurable-corefile
kubernetes.addons.dns: make corefile configurable
2021-07-29 14:31:19 +02:00
Linus Heckemann
a175be0e7e nixos/meshcentral: init module 2021-07-29 11:42:42 +02:00
Milo Gertjejansen
f3b660014d
Merge branch 'master' into tt-rss-2021-06-21 2021-07-28 21:06:44 -04:00
Milo Gertjejansen
7aa2bf302a Added more detail to changelog, updated permissions in directory, and changed restartTriggers 2021-07-28 20:53:38 -04:00
github-actions[bot]
4fc7a31edb
Merge master into staging-next 2021-07-29 00:01:33 +00:00
Johannes Arnold
39f65ee33d nixos/mlvwm: init at 0.9.3 2021-07-29 01:19:05 +02:00
Sandro
fb525f4486
Merge pull request #129749 from GovanifY/discord-service
nixos/mx-puppet-discord: add module
2021-07-28 21:59:30 +00:00
Gauvain 'GovanifY' Roussel-Tarbouriech
040129fa31
nixos/mx-puppet-discord: add module 2021-07-28 23:30:24 +02:00
Eelco Dolstra
512ee6db39
nix-fallback-paths.nix: Update to 2.3.15 2021-07-28 22:45:33 +02:00
Robert Hensing
60e0f94d3a
Merge pull request #131760 from blaggacao/fix-installer-root-fs-type-override
nixos/installer: force root fs type
2021-07-28 22:24:04 +02:00
David Arnold
c219fdffad
nixos/installer: force root fs type
installer media can be used on top of existing host configs. In such
scenarions, root fs types will already be defined.

Before this change, this will inevitably lead to the following error:
```console
error: The option `fileSystems./.fsType' has conflicting definition values:
       - In `/nix/store/2nl5cl4mf6vnldpbxhrbzfh0n8rsv9fm-source/DevOS/os/hardware/common.nix': "ext4"
       - In `/nix/store/jbch90yqx6gg1h3fq30jjj2b6h6jfjgs-source/nixos/modules/installer/cd-dvd/iso-image.nix': "tmpfs"
```

With this patch, the installers will override those values according to
their own local requirement.

Use `mkOverride 60` so that conscientious overriding specially targeted
at the installer, e.g. with `mkForce` is still straight forward.
2021-07-28 15:05:25 -05:00
Alexandru Scvortov
ed62c1c663 kubernetes: make corefile configurable 2021-07-28 20:15:57 +01:00
github-actions[bot]
6fcda9f1ec
Merge master into staging-next 2021-07-28 18:01:16 +00:00
Franz Pletz
8f40f574f8
Merge pull request #131578 from mweinelt/influxdb-exporter
prometheus-influxdb-exporter: init at 0.8.0
2021-07-28 19:47:06 +02:00
SrTobi
eff8d3bdb1 nixos/grub: implements GRUB_SAVEDEFAULT feature
Grub will remember the configuration that was booted and
select it as default menu entry the next time (#108206).
2021-07-28 18:57:08 +02:00
matthewcroughan
badbbb7e05 nixos/node-red: add module
Adds a basic nixos module/service for node-red based on nodePackages.node-red

Co-authored-by: Aaron Andersen <aaron@fosslib.net>
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
Co-authored by: Adrian Parvin Ouano <adrianparvino@gmail.com>
Co-authored-by: Norbert Melzer <nmelzer@nobbz.dev>
2021-07-28 17:30:57 +01:00
github-actions[bot]
a1d3be1d42
Merge master into staging-next 2021-07-28 12:01:16 +00:00
Sandro
ebb592a04c
Merge pull request #131694 from scvalex/enable-kubernetes-passthru-tests
kubernetes: enable passthru tests
2021-07-28 11:14:35 +00:00
Alexandru Scvortov
b9acd426df kubernetes: add passthru tests
Also defensively quote a path and reformat a comment to trigger the
right review.
2021-07-28 11:27:22 +01:00
Naïm Favier
e9b01c5c8e
nixos/syncthing: move declarative options to the top level 2021-07-28 11:30:30 +02:00
Lassulus
a66d9f9b00
Merge pull request #131737 from ncfavier/syncthing-extraOptions
nixos/syncthing: add declarative.extraOptions
2021-07-28 11:12:29 +02:00
Naïm Favier
6416b3a941
nixos/syncthing: add declarative.extraOptions
Allows setting arbitrary config options through the REST API.

Also switches to the [new](https://docs.syncthing.net/rest/config.html)
config endpoints.
2021-07-28 10:56:06 +02:00
github-actions[bot]
db6a26db02
Merge master into staging-next 2021-07-27 18:01:01 +00:00
Guillaume Girol
407ef1dc6f
Merge pull request #121530 from symphorien/wifireg
nixos: add option to load wireless regulatory database as firmware
2021-07-27 16:43:57 +00:00
ajs124
ce080720fb
Merge pull request #131587 from hyperfekt/systemd-pstore
nixos/filesystems: succeed mount-pstore.service without backend
2021-07-27 14:27:15 +02:00
github-actions[bot]
2692c2e427
Merge master into staging-next 2021-07-27 12:01:20 +00:00
Ben Siraphob
b63a54f81c
Merge pull request #110742 from siraben/deprecate-fold 2021-07-27 15:13:31 +07:00
hyperfekt
b3200bc922 nixos/filesystems: succeed mount-pstore.service without backend 2021-07-26 21:02:58 +00:00
Martin Weinelt
46ea00da23 nixos/prometheus-influxdb-exporter: init 2021-07-26 16:00:01 +02:00
Frederik Rietdijk
18347a1caf Merge master into staging-next 2021-07-26 12:40:04 +02:00
Elis Hirwing
699ea65439
Merge pull request #131118 from etu/sanoid-syncoid-improvements
nixos/{syncoid,sanoid}: Improve ZFS permission delegation
2021-07-26 11:40:51 +02:00
Elis Hirwing
a9d29a1d0d
nixos/syncoid: Drop ~[at]sync from the systemcallfilter to avoid coredumps 2021-07-26 11:05:45 +02:00
Elis Hirwing
ea9d5876a0
nixos/sanoid: Reformat file with nixpkgs-fmt 2021-07-26 11:05:37 +02:00
Elis Hirwing
fa58d89b24
nixos/syncoid: Reformat file with nixpkgs-fmt 2021-07-26 11:04:28 +02:00
Elis Hirwing
b9f98165ab
nixos/sanoid: Use a function to build allow/unallow commands 2021-07-26 11:03:35 +02:00
Elis Hirwing
ecd32b8104
nixos/syncoid: Build unallow commands as a post job to drop permissions 2021-07-26 11:02:13 +02:00
Frederik Rietdijk
62370fb59a Merge remote-tracking branch 'upstream/master' into staging-next 2021-07-26 09:19:44 +02:00
Milo Gertjejansen
b0b71138c8 Merge branch 'master' of https://github.com/NixOS/nixpkgs into tt-rss-2021-06-21 2021-07-25 16:02:48 -04:00
Milo Gertjejansen
70338c53c9 Added release notes and broke date apart 2021-07-25 15:40:33 -04:00
Luke Granger-Brown
a0b7bd69ac
Merge pull request #124431 from hyperfekt/systemd-pstore
nixos/filesystems: mount-pstore.service improvements
2021-07-25 10:33:39 +01:00
Elis Hirwing
bb35e7c404
nixos/sanoid: Extract datasets rather than pools
When making new snapshots we only need to delegate permissions to the
specific dataset rather than the entire pool.
2021-07-25 10:13:17 +02:00
Elis Hirwing
70862830f0
nixos/syncoid: Extract datasets rather than pools
When sending or receiving datasets with the old implementation it
wouldn't matter which dataset we were sending or receiving, we would
always delegate permissions to the entire pool.
2021-07-25 10:12:32 +02:00
github-actions[bot]
6a5e4f2c3d
Merge master into staging-next 2021-07-25 06:01:27 +00:00
Aaron Andersen
8813af6821
Merge pull request #128724 from fortuneteller2k/nixos/iwd
nixos/iwd: add settings option
2021-07-24 23:06:42 -04:00
github-actions[bot]
a37fbac53b
Merge master into staging-next 2021-07-25 00:01:35 +00:00
Elis Hirwing
6984e68c51
Merge pull request #98455 from ju1m/syncoid-split
nixos/syncoid: split in multiple systemd services and harden them
2021-07-24 22:08:42 +02:00
github-actions[bot]
859acbc1bc
Merge master into staging-next 2021-07-24 18:01:04 +00:00
Yuka
7d24d06c71
nixos/postgresql: use postgres 13 for 21.11 (#131018)
Co-authored-by: Kim Lindberger <kim.lindberger@gmail.com>
2021-07-24 19:12:08 +02:00
Julien Moutinho
d05a1ab1e4 nixos/syncoid: split in multiple systemd services 2021-07-24 11:26:28 +02:00
lassulus
a6700d75f3 vbox-image: add new option to set free space in image 2021-07-24 09:33:10 +02:00
davidak
aa8373ab1b nixos-icons: fix icons not installed when documentation disabled 2021-07-24 06:50:01 +02:00
github-actions[bot]
cb1426e30a
Merge staging-next into staging 2021-07-23 18:01:46 +00:00
Bernardo Meurer
f7e77f65ee
Merge pull request #131173 from zhaofengli/klipper-cfg-list
nixos/klipper: Allow lists as values for gcode_macro
2021-07-23 08:57:12 -07:00
fortuneteller2k
6ea6734f71 nixos/iwd: add settings option 2021-07-23 23:06:15 +08:00
github-actions[bot]
3bc17773a5
Merge staging-next into staging 2021-07-23 12:02:01 +00:00
Maximilian Bosch
ccd348f846
Merge pull request #129732 from nivadis/patch-2
nextcloud: remove expires header
2021-07-23 12:29:52 +02:00
Jörg Thalheim
e2561ba61f
Merge pull request #129408 from kurnevsky/swap-luks-discards
nixos/swap: allow luks discards if swap discards are enabled
2021-07-23 11:11:04 +01:00
Robert Hensing
98352288bd
Merge pull request #128032 from Artturin/add-swap-options
nixos/swap: add options option
2021-07-23 10:45:53 +02:00
github-actions[bot]
efbc139f5d
Merge staging-next into staging 2021-07-23 06:01:46 +00:00
Zhaofeng Li
34d2b83291 nixos/klipper: Allow lists as values for gcode_macro 2021-07-22 22:01:44 -07:00
Samuel Dionne-Riel
3af210329f
Merge pull request #131151 from tomfitzhenry/patch-1
nixos/iio: mention iio-sensor-proxy in option description
2021-07-23 00:27:37 -04:00
Tom
5409235160 nixos/iio: mention iio-sensor-proxy in option description
In https://github.com/NixOS/nixpkgs/pull/131094 I mistakenly created a new NixOS module for iio-sensor-proxy because I did not know about `hardware.sensor.iio`.

To help people find `hardware.sensor.iio`, include the string "iio-sensor-proxy" in the description.

To search for an iio-sensor-proxy module, I tried in vain:
* `find -iname '*iio-sensor-proxy*'`
* https://search.nixos.org/options?channel=unstable&from=0&size=50&sort=relevance&query=iio-sensor-proxy
    * This PR will ensure this search query finds `hardware.sensor.iio`
2021-07-23 11:10:30 +10:00
Florian Klink
013e089000
Merge pull request #130503 from flokli/nss-fix-ordering
nixos/systemd: fix NSS database ordering
2021-07-23 02:28:32 +02:00
github-actions[bot]
dda98f3673
Merge staging-next into staging 2021-07-23 00:01:58 +00:00
Martin Weinelt
b09661d41f
Merge pull request #129644 from NixOS/home-assistant 2021-07-23 01:16:55 +02:00
Martin Weinelt
a284c01d2a nixos/home-assistant: allow serial access for the zwave component 2021-07-23 00:27:16 +02:00
github-actions[bot]
0b0a8c7c9a
Merge staging-next into staging 2021-07-22 18:01:39 +00:00
Martin Weinelt
70774da509
Merge pull request #130853 from mweinelt/pppd 2021-07-22 20:00:00 +02:00
Sandro
ead8cf4fc9
Merge pull request #128841 from Artturin/udevil 2021-07-22 15:55:21 +02:00
Maximilian Bosch
15dab3835f
Merge pull request #128649 from nrdxp/fix-unstable-nix-zsh-completions
zsh: fix nixUnstable completions
2021-07-22 14:58:20 +02:00
github-actions[bot]
9f3ace4591
Merge staging-next into staging 2021-07-22 00:02:07 +00:00
Maximilian Bosch
65d60ae78b
Merge pull request #130062 from nh2/plausible-fix-shell-scripting-errors
nixos/plausible: Fix shell scripting errors, runtime fixes
2021-07-22 00:27:56 +02:00
Timothy DeHerrera
6dbf8c0409
zsh: include completions for nix-* commands 2021-07-21 15:55:25 -06:00
Timothy DeHerrera
9ad645dce8
zsh: format module with nixpkgs-fmt 2021-07-21 15:55:25 -06:00
Timothy DeHerrera
d687fe88fd
zsh: remove conflicting nixUnstable completions 2021-07-21 15:55:22 -06:00
Pavol Rusnak
f4860dc785
Merge pull request #130945 from mdlayher/mdl-corerad-docs
nixos/corerad: update link to reference configuration file
2021-07-21 23:12:47 +02:00
Andreas Rammhold
ef9be9288b
Merge pull request #124799 from rissson/nixos-unbound-fix-124780
nixos/unbound: fix define-tag option
2021-07-21 22:08:44 +02:00
Martin Weinelt
78b21f405c
Merge pull request #127461 from maxeaubrey/NetworkManager-1.32.0 2021-07-21 20:03:32 +02:00
Maxine Aubrey
ea125a5fd9
nixos/nftables: set nm's firewallBackend when on
when enabled, switch networkmanager's firewallBackend option to nftables
2021-07-21 19:27:30 +02:00
Martin Weinelt
ee26807e35
nixos/pppd: allow AF_NETLINK
The pppd daemon starting with version 2.4.9 uses rtnetlink to configure
the ipv6 peer address on the ppp interface. It therefore requires
allowing AF_NETLINK sockets.
2021-07-21 16:38:51 +02:00
Matt Layher
5c17e35a31
nixos/corerad: update link to reference configuration file
Signed-off-by: Matt Layher <mdlayher@gmail.com>
2021-07-21 10:35:48 -04:00
Martin Weinelt
8abcc6ba09
nixos/pppd: replace CAP_SYS_ADMIN with CAP_BPF
The kernel before version 5.7 required CAP_SYS_ADMIN to conduct BPF
operations. After that a separate capability CAP_BPF was created, which
should be sufficient in this scenario and will further tighten the
sandbox around our pppd service.

Tested on my personal DSL line.
2021-07-21 15:20:47 +02:00
Maxine Aubrey
aa7608d7de
nixos/networkmanager: add firewallBackend option 2021-07-21 00:16:34 +02:00
Gürkan Gür
d3c568e16a nixos/clipcat: add user service module 2021-07-20 21:40:58 +02:00
Artturin
c971de97c4 nixos/swap: add options option 2021-07-20 20:51:27 +03:00
Graham Christensen
da9f3c0598
Merge pull request #130291 from DeterminateSystems/buildkite-agent-metrics
buildkite-agent-metrics: init at 5.2.1, nixos/prometheus-buildkite-agent-exporter: init
2021-07-20 12:22:45 -04:00
Domen Kožar
314f595ab1
Merge pull request #130538 from Ma27/bump-nixstable
nixStable: 2.3.12 -> 2.3.14
2021-07-20 17:09:20 +02:00
Maximilian Bosch
e66237af15
nixStable: 2.3.12 -> 2.3.14
Changes: https://github.com/NixOS/nix/compare/2.3.12...2.3.14

Since this is a bugfix release that wasn't pushed to `nixpkgs`, I
decided to take care of it.

As it's usually done in `upload-release.pl`[1], I updated the
fallback-paths accordingly and used eval `1687468`[2] for this with Nix
2.3.14.

Also added a fallback-path for `aarch64-darwin` as Nix 2.3.14 seems to
support this now[3].

[1] https://github.com/NixOS/nix/blob/2.3-maintenance/maintainers/upload-release.pl
[2] https://hydra.nixos.org/eval/1687468
[3] 14262b86cc
2021-07-20 17:06:51 +02:00
Sandro
bf93d660cc
Merge pull request #130288 from ju1m/sanoid
nixos/sanoid: fix submodule aliases
2021-07-20 10:21:51 +02:00
embr
8e6c4f9a2e nixos/cri-o: Remove unnecessary lib. qualifiers
We're already using `with lib` here, so we can just say `mkOption`, etc.
2021-07-20 15:35:45 +10:00
embr
1cf78b53af nixos/cri-o: Add RFC42 'settings' option 2021-07-20 15:35:45 +10:00
Pierre Bourdon
cbe99c7fac nixos/agetty: allow overriding the login program 2021-07-19 16:02:46 -07:00
Bernardo Meurer
eb5076a68e
Merge pull request #130616 from zhaofengli/klipper-tweaks
nixos/klipper: Tweaks
2021-07-19 14:46:30 -07:00
Cole Helbling
88fb6d25d8 nixos/prometheus-buildkite-agent-exporter: init 2021-07-19 08:35:58 -07:00
zimbatm
efbd199ffb
nixos/k3s: add configPath option
This is useful when the whole k3s config is generated on boot. The
server address or token might be dynamically injected using user-data.
2021-07-19 13:40:58 +02:00
Zhaofeng Li
0c83078825 nixos/klipper: Allow configuring --input-tty and --api-server
This also makes it easy for other modules to get the correct
path to the virtual printer.
2021-07-19 02:30:25 -07:00
Zhaofeng Li
11313bc65d nixos/klipper: Allow overriding the Klipper package 2021-07-19 02:30:25 -07:00
Zhaofeng Li
94536fd6e3 nixos/klipper: Allow specifying arbitrary user/group
This paves the way for alternative integrations such as
Moonraker.
2021-07-19 02:30:25 -07:00
Elis Hirwing
bfef28861d
Merge pull request #130528 from etu/init-hockeypuck
hockeypuck: init at 2.1.0
2021-07-19 07:54:11 +02:00
Elis Hirwing
09a49354b6
nixos/hockeypuck: Add service for hockeypuck 2021-07-19 07:33:01 +02:00
Sandro
d5bd34ebf2
treewide: convert phases that contain ":" to dont* = true (#130500) 2021-07-18 23:42:48 +02:00
Jörg Thalheim
c24fa221ab nixos/telegraf: improve documentation 2021-07-18 09:40:42 +02:00
Jörg Thalheim
b5f5a5e341 nixos/polkit: put polkituser into polkitgroup 2021-07-18 08:58:30 +02:00
Jörg Thalheim
f3dfc11468 nixos/tinc: don't run as nogroup 2021-07-18 08:57:14 +02:00
Jörg Thalheim
cc56dc078d nixos/telegraf: don't run as nogroup 2021-07-18 08:54:45 +02:00
Jörg Thalheim
0839cf1d45
Merge pull request #106721 from Mic92/nix-serve
nixos/nix-serve: don't run as nogroup
2021-07-18 07:53:32 +01:00
Jörg Thalheim
ac7b8724b5 nixos/nix-serve: don't run as nogroup
nogroup is insecure if shared
2021-07-18 08:51:17 +02:00
Jörg Thalheim
ad59e62780 nixos/journald: don't set nogroup 2021-07-18 08:46:54 +02:00
Martin Weinelt
d9a3a54b73
Merge pull request #129980 from mweinelt/nixos/kea 2021-07-18 00:26:35 +02:00
Florian Klink
c1536f5c78 nixos/systemd: fix NSS database ordering
- The order of NSS (host) modules has been brought in line with upstream
  recommendations:

  - The `myhostname` module is placed before the `resolve` (optional) and `dns`
    entries, but after `file` (to allow overriding via `/etc/hosts` /
    `networking.extraHosts`, and prevent ISPs with catchall-DNS resolvers from
    hijacking `.localhost` domains)
  - The `mymachines` module, which provides hostname resolution for local
    containers (registered with `systemd-machined`) is placed to the front, to
    make sure its mappings are preferred over other resolvers.
  - If systemd-networkd is enabled, the `resolve` module is placed before
    `files` and `myhostname`, as it provides the same logic internally, with
    caching.
  - The `mdns(_minimal)` module has been updated to the new priorities.

  If you use your own NSS host modules, make sure to update your priorities
  according to these rules:

  - NSS modules which should be queried before `resolved` DNS resolution should
    use mkBefore.
  - NSS modules which should be queried after `resolved`, `files` and
    `myhostname`, but before `dns` should use the default priority
  - NSS modules which should come after `dns` should use mkAfter.
2021-07-17 23:55:35 +02:00
mlatus
43ca464e37 nixos/pam: allow users to set the path to store challenge and expected responsed used by yubico_pam 2021-07-17 15:05:31 +08:00
Leo
bb568917b2
nixos/bind: add directory config option (#129188) 2021-07-17 08:03:20 +02:00
Jean-Philippe Braun
d4eca42de4 nixos/wordpress: nginx support 2021-07-16 08:51:08 +02:00
Julien Moutinho
6c72f80b41 nixos/sanoid: fix submodule aliases
Use `mkDefault` into `mkAliasDefitinions`.
This avoids conflicting definitions when using `process_children_only`.
2021-07-15 18:28:27 +02:00
Robert Hensing
90cbe95037
Merge pull request #130257 from primeos/nixos-xwayland
nixos/xwayland: Correctly set the default package
2021-07-15 15:28:53 +02:00
Kim Lindberger
4dcf295417
Merge pull request #129464 from talyz/discourse-plugins
discourse: Updates and fixes
2021-07-15 14:50:28 +02:00
ajs124
ad1437bb6d
Merge pull request #130113 from helsinki-systems/upd/icingaweb2
icingaweb2: 2.8.3 -> 2.9.0
2021-07-15 14:48:54 +02:00
Jörg Thalheim
f2b81f91be
Merge pull request #125205 from Mic92/token-file
k3s: token file
2021-07-15 13:37:04 +01:00
Michael Weiss
e22bd59820
nixos/xwayland: Correctly set the default package
This will fix #129922 and also improve the descriptions and default
texts.
2021-07-15 11:32:06 +02:00
Antoine Martin
2463620fc2
nixos/vaultwarden: make package configurable (#113216)
This allows the user to override the version of Vaultwarden used by the
service, if using an overlay to keep up to date with releases for
example.
2021-07-14 17:20:10 -04:00
lunik1
145a3d084a
nixos/snapraid: init 2021-07-14 19:02:19 +01:00
talyz
20548f050e
nixos/discourse: Update plugin documentation
Update the documentation regarding plugins to reflect recent changes.
2021-07-14 13:18:06 +02:00
Rok Garbas
ae7c092d88
Merge pull request #120297 from rsynnest/master
nixos/unifi-video module and supporting packages
2021-07-14 11:45:25 +02:00
Niklas Hambüchen
ea182cdb99 nixos/plausible: docs: Mention caveate of baseUrl 2021-07-14 03:28:57 +00:00
Jeremy Kolb
f96ee10c88
open-vm-tools: 11.2.5 -> 11.3.0 (#129978)
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
2021-07-14 03:26:58 +02:00
Martin Weinelt
cf139f7203
nixos/tests/prometheus-exporters/kea: migrate to kea nixos module 2021-07-14 01:36:04 +02:00
Martin Weinelt
508408559a
nixos/prometheus: allow overriding default export user 2021-07-14 01:36:04 +02:00
Martin Weinelt
caf70ceed4
nixos/kea: init 2021-07-14 01:36:04 +02:00
Sandro
70e2fceb6a
Merge pull request #119713 from uonr/master 2021-07-13 22:03:12 +02:00
Tachibana Kiyomi
21f41d8b33
nixos/ddclient: add support for IPv6 2021-07-14 02:09:29 +09:00
Roland Synnestvedt
fa8f004781 Merge branch 'master' of https://github.com/nixos/nixpkgs 2021-07-13 10:09:12 -07:00
Janne Heß
6d203a68c6
nixos/icingaweb2: Add ipl and thirdparty libraries
These are required since 2.9.0
2021-07-13 18:31:15 +02:00
embr
91646d62b9 google-compute-image: Make GZIP compression level configurable
Change-Id: I1bde130f0a951fa40b1a16bad09497c796bca473
2021-07-13 16:53:09 +02:00
Yannick Markus
19b1eac1b0
nixos/mullvad-vpn: fix firewall issues & remove xfix as maintainer 2021-07-13 11:14:13 +02:00
Niklas Hambüchen
8613698df0 nixos/plausible: Fix shell scripting errors.
See https://github.com/NixOS/nixpkgs/pull/124055/files#r668271575
2021-07-13 04:05:05 +02:00
Florian Klink
66f419c4b1
Merge pull request #129734 from yu-re-ka/feature/gitlab-14-0-5
gitlab: 14.0.2 -> 14.0.5
2021-07-13 01:04:54 +02:00
Linus Heckemann
f7dff9c649
Merge pull request #129620 from bbenno/update-nextcloud
nextcloud: init at 22.0.0; 21.0.2 -> 21.0.3; 20.0.7 -> 20.0.11
2021-07-12 20:53:35 +02:00
Yureka
c5a0551dc4 nixos/gitlab: improve psql assertion message 2021-07-12 14:20:20 +02:00
Matt Christ
0ce72580be nixos/bind: allow specifying BIND package
This allows users of the bind module to specify an alternate BIND
package. For example, by overriding the source attribute to use a
different version of BIND.

Since the default value for `services.bind.package` is `pkgs.bind`,
this change is completely backwards compatible with the current
module.
2021-07-11 08:11:33 -05:00
Zane van Iperen
c854b85702
nixos/gitea: use gitea to refresh hooks and keys
Gitea now provides this functionality as an admin command.
Is significantly faster, especially on slow disks.
2021-07-11 12:48:10 +10:00
Robert Helgesson
231a31be87 nixos-option: add backwards compatibility layer
This adds a basic `nixos-option/default.nix` file to provide some
measure of backwards compatibility with Nixpkgs prior to
ce6f17f953.
2021-07-10 22:32:26 +02:00
n0emis
336494e19f
nixos/prometheus: add password_file option to scrapeConfig's basic_auth (#123252) 2021-07-10 21:18:38 +02:00
Jan Tojnar
a85e99d1e1
Merge pull request #129684 from jtojnar/ddccontrol-module
nixos/ddccontrol: init
2021-07-10 16:37:25 +02:00
Jörg Thalheim
9258edb5a1
Merge pull request #129651 from Kreyren/patch-4
systemd.tmpfiles.rules: Fix false info
2021-07-10 14:17:37 +01:00
Aaron Andersen
faec8bbbf7
Merge pull request #129718 from pmeiyu/master
nixos/smartdns: Restart service when config changes
2021-07-09 23:31:14 -04:00
Valentin Conrad
ceef268c4b
nextcloud: remove expires header
nextcloud default nginx config did not include the expires config
see: https://docs.nextcloud.com/server/latest/admin_manual/installation/nginx.html
2021-07-09 10:50:25 +02:00
Robert Helgesson
ce6f17f953
nixos-option: init at <unversioned> 2021-07-09 08:59:12 +02:00
Peng Mei Yu
b68547486e nixos/smartdns: Restart service when config changes 2021-07-09 13:36:26 +08:00
Leo Maroni
c0bd900632 nixos/vikunja: init
nixos/vikunka: Use RFC 0042 settings proposal (thanks to @aanderse)
2021-07-08 22:17:57 +02:00
Jan Tojnar
fc1e0e863c nixos/ddccontrol: init 2021-07-08 22:04:40 +02:00
Artturin
1db44c4ff1 nixos/devmon: add systemd service 2021-07-08 19:04:49 +03:00
Maximilian Bosch
e05f4101c1
nextcloud22: init at 22.0.0 2021-07-08 17:00:04 +02:00
Kreyren
ca3b4ce3d2
systemd.tmpfiles.rules: Fix false info
As per https://www.freedesktop.org/software/systemd/man/tmpfiles.d.html the current description is missleading as it fails to mention volatile files and creation with deletion
2021-07-08 15:36:30 +02:00
Tobias Happ
bbd5cdac29 nixos/oci-containers: enable login for registry 2021-07-08 16:30:17 +10:00
Jörg Thalheim
f674130fc0
Merge pull request #127476 from slotThe/freenode->libera
Link to Libera instead of Freenode
2021-07-08 07:23:43 +01:00
Mario Rodas
bb1ff7da54
Merge pull request #125696 from hercules-ci/postgresql-backup-only-replace-if-successful
nixos/postgresqlBackup: only replace if successful
2021-07-07 18:41:57 -05:00
Jan Tojnar
8978759e65
Merge pull request #128540 from arcnmx/pipewire-0.3.31
Pipewire 0.3.31
2021-07-07 20:02:32 +02:00
Milo Gertjejansen
b1dd02d212 Api didn't seem to work with the systemd envs
I am not sure why it was working for me, but after restarting
phpfpm-tt-rss it quit working.
2021-07-06 18:46:22 -04:00
Milo Gertjejansen
97cb387fb9 tt-rss: 2021-01-29 -> 2021-06-23 and modules/tt-rss: updated config.php creation
The version of tt-rss in nixpkgs was pre-php 8. This updates tt-rss to the most recent version, which uses php 8.

The updates to the module are required changes, per https://community.tt-rss.org/t/rip-config-php-hello-classes-config-php/4337.
2021-07-06 18:46:21 -04:00
Maciej Krüger
ae54500506
Merge pull request #126253 from mkg20001/fc-gitlab 2021-07-06 20:58:12 +02:00
Franz Pletz
f73efb9fb3
Merge pull request #121841 from Pamplemousse/jenkins-cli
jenkins: Create the `jenkins-cli` command
2021-07-06 14:45:29 +00:00
slotThe
2c529c3cb8 Link to Libera, Matrix instead of Freenode
The project has moved away from Freenode as an IRC network[1], and there
is now a quite large channel on Libera.  As such, we should point users
towards that instead.

This also changes all examples to refer to libera instead of freenode
as, with the recent deletion of all freenode channels, it is perhaps
where most communities are to be found nowadays.

Finally, also link to the official Matrix room[2] as an alternative to
IRC.

Related: https://github.com/NixOS/nixpkgs/pull/129384

[1]: https://discourse.nixos.org/t/join-us-on-matrix-at-nix-nixos-org-migrating-from-freenode
[2]: https://github.com/NixOS/rfcs/pull/94
2021-07-06 16:35:37 +02:00
Atemu
f879395bd9
nixos/btrfs: handle new checksum types in initrd (#126158)
Can't mount a root formatted with those otherwise
2021-07-06 09:57:10 -04:00
Martin Weinelt
7a10478ea7
nixos/acme: harden systemd units 2021-07-06 15:16:01 +02:00
Martin Weinelt
dc940ecdb3
Merge pull request #121750 from m1cr0man/master
nixos/acme: Ensure certs are always protected
2021-07-06 15:10:54 +02:00
Kazutoshi Noguchi
bf22778585 nixos/binfmt: run binfmt activation script after mounting /run
binfmt activation script creates /run/binfmt before mounting /run
when system activation.

To fix it I added dependency to specialfs to binfmt activation
script.
2021-07-06 17:18:33 +09:00
Evgeny Kurnevsky
11c0384bf0
nixos/swap: allow luks discards if swap discards are enabled 2021-07-06 10:18:58 +03:00
Sandro
d0cec56cef
Merge pull request #128855 from sjau/ssmtp_nixos_options 2021-07-05 23:50:37 +02:00
Ramses
14d2192623 nixos/oci-containers: restore ability to easily view the container output in the logs
Fixes #102768.
Allows the usage of `journalctl -u` to easily view the logs for a container managed by this module.
2021-07-06 07:36:33 +10:00
github-actions[bot]
94a5660d8f
Merge master into staging-next 2021-07-05 12:01:03 +00:00
arcnmx
ef532a0443 nixos/pipewire: add bluez hardware database 2021-07-04 16:20:57 -07:00
Bjørn Forsman
5d3dca497b nixos/hamster: fix programs.hamster.enable text
mkEnableOption already adds "Whether to enable" and ends with a ".", so
remove that duplication from the help text.

Also reword it slightly while at it.
2021-07-04 23:18:23 +02:00
Dmitry Kalinkin
f0fbfdefe7
Merge branch 'master' into staging-next 2021-07-03 17:51:15 -04:00
Léo Gaspard
5bcb49475f
Merge pull request #127479 from symphorien/btrbk-module
nixos/btrbk: add module and test
2021-07-03 21:55:01 +02:00
github-actions[bot]
d39be47e17
Merge master into staging-next 2021-07-03 18:01:07 +00:00
Jörg Thalheim
b118976151
Merge pull request #107626 from jakobrs/passwd
installation-cd-base.nix: Add 'live.nixos.passwd' boot option
2021-07-03 18:47:50 +01:00
Guillaume Girol
72894352b8 nixos/btrbk: add module and test 2021-07-03 17:18:20 +02:00
github-actions[bot]
6cead635ad
Merge master into staging-next 2021-07-03 12:01:23 +00:00
Naïm Favier
c0b2241e53
nixos/top-level: pass lib to specialisations 2021-07-03 13:05:55 +02:00
Jörg Thalheim
a47ace80e5
Merge pull request #126187 from K900/vaultwarden
vaultwarden: update to 1.21.0, rename from bitwarden_rs
2021-07-03 11:15:22 +01:00
jakobrs
2e4849b841 installation-cd-base.nix: Add 'live.nixos.passwd' boot option
For interactive SSH access to a system without a (working)
keyboard and monitor, without rebuilding the image itself.
2021-07-03 09:53:16 +02:00
Christian Kampka
3aa9692beb coturn: Support secrets file for configuring the static-auth-secret 2021-07-03 08:29:59 +01:00
github-actions[bot]
77a94d88ad
Merge master into staging-next 2021-07-03 06:01:13 +00:00
Luke Granger-Brown
4670c25e3d
Merge pull request #128920 from wamserma/luks-trim-ae-note
nixos/luksroot: add note about AE to allowDiscards
2021-07-03 01:47:38 +01:00
github-actions[bot]
4147e7d4a9
Merge master into staging-next 2021-07-02 18:01:01 +00:00
Ben Siraphob
28acaac96f
Merge pull request #128271 from Kreyren/localBinInPath 2021-07-02 22:17:44 +07:00
Kim Lindberger
90ed906797
Merge pull request #126058 from talyz/geoip-fixes
nixos/geoipupdater: Fix initial setup, add stricter security, fix a filename
2021-07-02 14:30:49 +02:00
github-actions[bot]
03ea42ab93
Merge master into staging-next 2021-07-02 12:01:08 +00:00
Markus S. Wamser
8e48b24d76 modules/luksroot: add note about AE to allowDiscards 2021-07-01 23:37:07 +02:00
github-actions[bot]
26416f52eb
Merge master into staging-next 2021-07-01 12:01:05 +00:00
Philipp Hausmann
8bfd84cf3c slimserver: Fix user creation 2021-07-01 11:33:38 +02:00
K900
dc1b56c714 vaultwarden: update to 1.22.1, rename from bitwarden_rs
I tried to make this as non-breaking as possible, but it will still
break things slightly for people expecting certain file names in the
packages themselves.
2021-07-01 12:31:20 +03:00
sjau
1f207718de ssmtp: give example to create authPassFile 2021-07-01 09:40:50 +02:00
Jörg Thalheim
f75e2a648c
Merge pull request #128023 from max-privatevoid/patch-1
nixos/systemd-boot: Use os.path.realpath to fully resolve symlinks
2021-07-01 07:17:50 +01:00
Jörg Thalheim
e12188c0f2
nixos/systemd-confinment: use /var/empty as chroot mountpoint
bind mounting directories into the nix-store breaks nix commands.
In particular it introduces character devices that are not supported
by nix-store as valid files in the nix store. Use `/var/empty` instead
which is designated for these kind of use cases. We won't create any
files beause of the tmpfs mounted.
2021-07-01 08:01:18 +02:00
github-actions[bot]
9ae4f4c991
Merge master into staging-next 2021-07-01 06:01:03 +00:00
Sandro
993a678217
Merge pull request #123334 from Luflosi/ipfs-replace-deprecated-option 2021-07-01 03:03:55 +02:00
github-actions[bot]
7350c52b9b
Merge master into staging-next 2021-07-01 00:01:35 +00:00
gwitmond
bbe66636f4
nixos/sshd: add -D flag to prevent forking into a separate process (#122844)
It makes it easier for init-processes to monitor correct startup and liveness.
2021-07-01 00:43:54 +02:00
Luke Granger-Brown
ef4e133b1c
Merge branch 'master' into Xe/tailscale-sysctl-not-found 2021-06-30 23:10:54 +01:00
Luke Granger-Brown
272773e1cb
Merge pull request #127931 from talyz/discourse-plugins
discourse: Fix plugin support
2021-06-30 23:03:57 +01:00
Sandro
30e2735f5d
Merge pull request #83904 from ju1m/sanoid
sanoid: fix sanoid.conf generation
2021-06-30 23:55:26 +02:00
Jacob Hrbek
55a211ae31 Removed wrong comment 2021-06-30 21:32:08 +02:00
Jacob Hrbek
67af267cf7 Update nixos/modules/config/shells-environment.nix
lgtm

Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
2021-06-30 21:27:56 +02:00
Luflosi
2b02b34029
nixos/ipfs: replace deprecated command line option
According to https://docs.ipfs.io/reference/cli/#ipfs the --local command line option is deprecated and should be replaced with --offline.
2021-06-30 17:32:38 +02:00
github-actions[bot]
629cea2cd0
Merge master into staging-next 2021-06-30 12:04:22 +00:00
Pascal Bach
69f2fd9721
Merge pull request #123834 from bachp/minio-module-update
nixos/minio: replace deprecated variables
2021-06-30 08:10:27 +02:00
github-actions[bot]
7f05df0a91
Merge master into staging-next 2021-06-30 06:04:18 +00:00
Ryan Mulligan
073f462987 nixos/gdm: expand gdm.autoSuspend description
closes #100390
2021-06-29 19:35:26 -07:00
Martin Weinelt
c865d03690
Merge pull request #128205 from felixsinger/flashrom/add-udev
flashrom: Install udev-rules file
2021-06-30 04:03:56 +02:00
Felix Singer
b7a2309786 flashrom: Install udev-rules file
Add the udev-rules file from flashrom source to the out directory. The
file contains rules for programmers used by flashrom. Members of the
`flashrom` system group are allowed to access these devices.

Also, add a module for installing flashrom and adding flashrom to udev
packages. The module can be used by setting `programs.flashrom.enable`
to `true`.

Signed-off-by: Felix Singer <felixsinger@posteo.net>
2021-06-30 03:43:35 +02:00
Sandro
2e3727eae0
Merge pull request #128183 from rummik/patch-1 2021-06-30 02:21:18 +02:00
github-actions[bot]
0fa08dae1b
Merge master into staging-next 2021-06-30 00:08:50 +00:00
Sandro
defb64fd5b
Merge pull request #128461 from kittywitch/fvwm-gestures-fix
nixos/fvwm: gestures -> enableGestures as of #118256
2021-06-30 02:07:12 +02:00
Sandro
3a0d1ab3e2
Merge pull request #128546 from scvalex/fix-kubernetes-tests
kubernetes: make tests pass by fixing a conntrack-tools dep and a missing dir
2021-06-30 01:49:58 +02:00
Timothy DeHerrera
7e59c19715 nixos-option: remove if nix.package is unstable
This was done in a0a61c3e34, but users
typically install `nixUnstable` via `nix.package`, not by overlaying
`pkgs.nix` directly.
2021-06-29 16:13:52 -07:00
github-actions[bot]
943ac1310d
Merge master into staging-next 2021-06-29 18:04:10 +00:00
Linus Heckemann
34d960aecb
Merge pull request #124486 from xaverdh/linux-patch-once
nixos/boot: properly override the kernel in boot.kernelPatches
2021-06-29 19:01:46 +02:00
arcnmx
eb7e40f9c9 pipewire: 0.3.30 -> 0.3.31 2021-06-28 12:37:46 -07:00
Alexandru Scvortov
ab1567e812 kubernetes: fix conntrack-tools package name, missing dir, and tests 2021-06-28 20:33:17 +01:00
github-actions[bot]
3a3d290719
Merge master into staging-next 2021-06-28 18:12:01 +00:00
Maciej Krüger
3029af3051
Merge pull request #128522 from j0hax/patch-1 2021-06-28 18:18:31 +02:00
Johannes Arnold
3a30f52676
nixos/nginx: fix typo 2021-06-28 18:08:31 +02:00
github-actions[bot]
e6001bb168
Merge master into staging-next 2021-06-28 12:05:19 +00:00
Elis Hirwing
536cb54f81
Merge pull request #127989 from ymatsiuk/appgate
appgate-sdp: minimize and improve derivation
2021-06-28 10:28:10 +02:00
github-actions[bot]
ac92955702
Merge master into staging-next 2021-06-28 06:04:15 +00:00
Maciej Krüger
b877b70d32
Merge pull request #125366 from mkg20001/vbox-export-params 2021-06-28 06:58:01 +02:00
Maciej Krüger
bb62664a1a
Merge pull request #128473 from jerith666/globalprotect-vpn 2021-06-28 05:51:26 +02:00
Maciej Krüger
8ae5ade468
Merge pull request #112654 from 1000101/matomo
nixos/matomo: add periodicArchiveProcessingUrl option
2021-06-28 05:39:14 +02:00
Matt McHenry
74281b9faa globalprotect-vpn: add missing 'mkIf cfg.enable'
spotted by @lopsided98
2021-06-27 21:55:14 -04:00
kat witch
89d2723820
nixos/fvwm: gestures -> enableGestures as of #118256 2021-06-27 22:17:15 +01:00
github-actions[bot]
c04f4806d3
Merge staging-next into staging 2021-06-27 18:05:17 +00:00
Dima
0a977cf125 nixos/duplicity: fix typo in subcommand
In https://github.com/NixOS/nixpkgs/pull/120622 cleanup options were
added, but `remove-all-inc-of-but-n-full` was misspelled and as such
was not functioning.
2021-06-27 09:40:35 +02:00
Jacob Hrbek
9e166662e0 localBinInPath: Initial commit 2021-06-27 07:31:45 +00:00
github-actions[bot]
1016b5a6ba
Merge staging-next into staging 2021-06-27 00:10:43 +00:00
Doron Behar
aedc67d64f
Merge pull request #63899 from pasqui23/kconnect 2021-06-26 21:00:34 +00:00
Sandro
5faf13ddad
Merge pull request #119657 from syncom/syncom/deterministic-efiimg 2021-06-26 21:50:20 +02:00
github-actions[bot]
8f71a7f335
Merge staging-next into staging 2021-06-26 18:04:40 +00:00
Jörg Thalheim
1e125a8002
Merge pull request #122674 from wakira/pam-order
nixos/pam: prioritize safer auth methods over fingerprints
2021-06-26 16:52:25 +02:00
Jörg Thalheim
07cd950ab1
nixos/system76: fix evaluation 2021-06-26 15:16:59 +02:00
github-actions[bot]
de0cfc5563
Merge staging-next into staging 2021-06-26 12:06:28 +00:00
github-actions[bot]
45003ba5f9
Merge master into staging-next 2021-06-26 12:06:25 +00:00
*Kim Zick
fbbaa4d40f
nixos/zsh: change default prompt theme to 'suse'
This resolves a long-standing issue caused by the 'walters' theme setting `RPS1`.  See #38535 for discussion details.
2021-06-26 06:36:51 -04:00
Martin Weinelt
ef2ce48d8b
Merge pull request #127767 from Mic92/go-neb 2021-06-26 12:23:16 +02:00
Jörg Thalheim
34d1c55580
nixos/go-neb: secret support 2021-06-26 11:59:50 +02:00
github-actions[bot]
947012b992
Merge staging-next into staging 2021-06-26 00:09:11 +00:00
github-actions[bot]
f15360e6a4
Merge master into staging-next 2021-06-26 00:09:07 +00:00
Niklas Hambüchen
f254bdb473
Merge pull request #128150 from scvalex/etcd-passthru-test
etcd: refactor the service to add etcd to systemPackages instead of the etcdctl alias
2021-06-26 01:50:42 +02:00
Alexandru Scvortov
e08b3f0c85 etcd: fix old aliased package name to make tests pass 2021-06-25 23:45:12 +01:00
Robert Schütz
d6234c2165 Merge branch 'master' into staging-next 2021-06-26 00:33:58 +02:00
Florian Klink
6845a74d4c
Merge pull request #128082 from flokli/sdcard-firmware-partition-offset
nixos/sdcard: make firmware partition offset configurable
2021-06-25 22:52:07 +02:00
Florian Klink
1db54a5522 nixos/sdcard: make firmware partition offset configurable
Different boards using u-boot SPL require to write to different
locations. Sometimes, the 8MiB gap isn't sufficient - rk3399 boards
write to 0x16384 for example, which is at 8MiB, thus overriding the
fat32 partition with the SPL.
2021-06-25 22:33:42 +02:00
Florian Klink
9de5cbca45
Merge pull request #128079 from flokli/serial-getty-keep-baud
nixos/getty: add missing --keep-baud
2021-06-25 22:31:02 +02:00
github-actions[bot]
be086cc67b
Merge staging-next into staging 2021-06-25 12:06:08 +00:00
github-actions[bot]
bae6b2055f
Merge master into staging-next 2021-06-25 12:06:04 +00:00
Florian Klink
7e0623fb25
Merge pull request #127824 from yu-re-ka/feature/gitlab-14-0-0
gitlab: 13.12.4 -> 14.0.1
2021-06-25 10:30:09 +02:00
Robert Schütz
c1dca92daf Merge branch 'master' into staging-next 2021-06-25 10:02:10 +02:00
Florian Klink
ba42d639f1 nixos/getty: add missing --keep-baud
systemd ships `units/serial-getty@.service.m4` with the `--keep-baud`
option.

We override that unit, and didn't add the `--keep-baud` option. (We have
it in our other getty options there).

Having `--keep-baud` in `serial-getty@` makes a lot of sense - the
console keeps working if it's initialized with a less standard baud
rate, such as the [Helios64](https://wiki.kobol.io/helios64/intro/).
2021-06-25 09:56:54 +02:00
Jan Tojnar
27bbb94761
Merge pull request #127085 from minijackson/xdg-desktop-portal-wlr-0.4.0-and-module
xdg-desktop-portal-wlr: 0.3.0 -> 0.4.0 and module
2021-06-25 03:50:44 +02:00
Yureka
2297eb35e5 nixos/gitlab: require at least postgresql 12 2021-06-25 01:21:19 +02:00
talyz
9af3672f4f
discourse: Fix plugin support
For plugins to work properly, their assets need to be precompiled
along with the rest of Discourse's assets. This means we need to build
new packages when the list of plugins change.
2021-06-24 19:38:19 +02:00
Max
2cf6f9e5bd
nixos/systemd-boot: Use os.path.realpath to fully resolve symlinks
os.readlink only resolves one layer of symlinks. This script explicitly relies on the real path of a file for deduplication, hence symlink resolution should recurse.
2021-06-24 17:52:03 +02:00
Yurii Matsiuk
21dd07a0ca
appgate-sdp: minimize and improve derivation 2021-06-24 11:22:54 +02:00
github-actions[bot]
1f528e6ac6
Merge staging-next into staging 2021-06-24 00:06:31 +00:00
github-actions[bot]
d437a6cac2
Merge master into staging-next 2021-06-24 00:06:27 +00:00
Martin Weinelt
9cc60287dc
Merge pull request #127554 from mweinelt/babel
nixos/babeld: update hardening
2021-06-23 21:53:20 +02:00
github-actions[bot]
bcc720d9c5
Merge staging-next into staging 2021-06-23 18:04:33 +00:00
github-actions[bot]
b68a0d2f5e
Merge master into staging-next 2021-06-23 18:04:30 +00:00
Michael Weiss
eb8a694d92
nixos/sway: Drop rxvt-unicode from the extraPackages default
Upstream switched to Alacritty for the default configuration.
2021-06-23 17:35:20 +02:00
github-actions[bot]
14f789f9e5
Merge staging-next into staging 2021-06-23 12:04:29 +00:00
github-actions[bot]
b59d049598
Merge master into staging-next 2021-06-23 12:04:25 +00:00
Sandro
1956a52857
Merge pull request #126656 from jwoudenberg/add-system76-power 2021-06-23 12:54:22 +02:00
github-actions[bot]
64eb8c173d
Merge staging-next into staging 2021-06-23 00:09:37 +00:00
github-actions[bot]
e8122c3628
Merge master into staging-next 2021-06-23 00:09:33 +00:00
Niklas Hambüchen
959c4e82bc
Merge pull request #100255 from nh2/sshd-default-log-level-info
sshd service: Default to INFO logLevel (upstream default)
2021-06-23 02:06:54 +02:00
Niklas Hambüchen
4bd5f1115f
Merge pull request #127166 from nh2/xserver-config-mkAfter-docs
services.xorg.config: Extend docs
2021-06-23 01:55:58 +02:00
Niklas Hambüchen
a48fea4c5e sshd service: Default to INFO logLevel (upstream default).
The previous justification for using "VERBOSE" is incorrect,
because OpenSSH does use level INFO to log "which key was used
to log in" for sccessful logins, see:
6247812c76/auth.c (L323-L328)

Also update description to the wording of the sshd_config man page.

`fail2ban` needs, sshd to be "VERBOSE" to work well, thus
the `fail2ban` module sets it to "VERBOSE" if enabled.

The docs are updated accordingly.
2021-06-23 01:49:11 +02:00
Niklas Hambüchen
e85693afde
Merge pull request #127157 from nh2/xserver-readable-config-indentation
xserver: Generate readable config indentation
2021-06-23 01:16:50 +02:00
Martin Weinelt
b607aadaac
Merge branch 'master' into staging-next 2021-06-22 23:55:21 +02:00
Maximilian Bosch
5aad4e73b6
privacyIDEA: 3.5.2 -> 3.6
ChangeLog: https://github.com/privacyidea/privacyidea/releases/tag/v3.6

Unfortunately we have to use `sqlalchemy` at 1.3 for `sqlsoup`. As
`sqlalchemy` is required by a lot of packages, I decided to move this
package out of `pythonPackages` itself and instantiate a new
`pythonPackages` inside the expression where `sqlalchemy` points to
`sqlalchemy_1_3`.
2021-06-22 15:36:36 +02:00
github-actions[bot]
b766664645
Merge staging-next into staging 2021-06-22 12:05:04 +00:00
github-actions[bot]
c7bb5a79c8
Merge master into staging-next 2021-06-22 12:05:00 +00:00
Sandro
5f44b42bf4
Merge pull request #127641 from xfix/promethus-state-permissions 2021-06-22 10:23:56 +02:00
Linus Heckemann
203e81e4ee
Merge pull request #125281 from zhaofengli/phosh-systemd
phosh: 0.10.2 -> 0.11.0
2021-06-22 08:23:29 +02:00
github-actions[bot]
1df79d27a7
Merge staging-next into staging 2021-06-22 00:07:12 +00:00
Martin Weinelt
eef9694ebc
Merge branch 'master' into staging-next 2021-06-22 00:58:31 +02:00
Konrad Borowski
447b1cf03d nixos/prometheus: allow state access for service only
There is no reason for Prometheus state files to be
world-readable.
2021-06-21 10:16:47 +02:00
Sandro
84a79c2f0f
Merge pull request #126284 from aanderse/zabbix-user-params
zabbixAgent: add bash to $PATH
2021-06-20 17:58:43 +02:00
Sandro
e6a012fb00
Merge pull request #127063 from talyz/fail2ban-restart
nixos/fail2ban: Remove `reloadIfChanged = true`
2021-06-20 17:57:57 +02:00
github-actions[bot]
cca41fbbb9
Merge staging-next into staging 2021-06-20 12:04:41 +00:00
github-actions[bot]
9c8cef37d2
Merge master into staging-next 2021-06-20 12:04:37 +00:00
Martin Weinelt
8739f8cd7b
nixos/babeld: update hardening 2021-06-20 13:52:49 +02:00
illustris
e0089c38ca nixos/jitsi-meet: include jitsi prosody plugins in prosody extraPluginPaths 2021-06-20 12:36:51 +02:00
illustris
34b9ba2e61 nixos/jitsi-meet: Update jitsi prosody configs
Changes made as per b6f7f8fba7
2021-06-20 12:36:51 +02:00
Minijackson
f4dd218c7c
nixos/xdg/portal/wlr: init 2021-06-20 11:53:45 +02:00
github-actions[bot]
222489e4be
Merge staging-next into staging 2021-06-19 00:08:40 +00:00
github-actions[bot]
d0cc21f4bd
Merge master into staging-next 2021-06-19 00:08:37 +00:00
Sergey Vlasov
20b1d07a4f nixos/ssh: fix passing arguments to ssh-askpass
The wrapper for ssh-askpass did not pass arguments to the real
ssh-askpass, therefore the generic "Please enter your authentication
passphrase" prompt was displayed for all requests (including the key
usage confirmation requests, which don't need the passphrase), and some
important information such as the key name was not displayed.
2021-06-18 22:19:03 +03:00
Martin Weinelt
af664bf942
Merge pull request #127127 from mweinelt/home-assistant
nixos/home-assistant: update hardening
2021-06-18 20:15:05 +02:00