Commit graph

365832 commits

Author SHA1 Message Date
Ryan Mulligan
b9b4df9407
Merge pull request #166731 from r-ryantm/auto-update/p2pool
p2pool: 1.8 -> 1.9
2022-03-31 19:35:18 -07:00
Ryan Mulligan
8403a362b0
Merge pull request #166497 from r-ryantm/auto-update/podman-tui
podman-tui: 0.2.0 -> 0.3.0
2022-03-31 19:34:20 -07:00
Ryan Mulligan
e1398fe7a0
Merge pull request #166743 from r-ryantm/auto-update/python310Packages.apycula
python310Packages.apycula: 0.2 -> 0.3
2022-03-31 19:33:41 -07:00
Martin Weinelt
b58813a324
Merge pull request #166720 from mweinelt/mediawiki 2022-04-01 04:15:06 +02:00
R. Ryantm
4cb2ef1c92 python310Packages.apycula: 0.2 -> 0.3 2022-04-01 01:33:36 +00:00
R. Ryantm
c2080cdc04 python310Packages.ansible-later: 2.0.8 -> 2.0.9 2022-04-01 01:18:54 +00:00
Craig Younkins
f1dbf7d0ad fclones: 0.18.1 -> 0.19.0 2022-03-31 21:09:57 -04:00
R. Ryantm
ff1c57bcfd spectre-meltdown-checker: 0.44 -> 0.45 2022-04-01 00:52:22 +00:00
R. Ryantm
510b655a08 python310Packages.mypy-boto3-builder: 7.5.4 -> 7.5.5 2022-04-01 00:50:56 +00:00
TredwellGit
601e1d9d4b Merge pull request #166712 from TredwellGit/brave
brave: 1.36.122 -> 1.37.109
2022-04-01 00:43:24 +00:00
Anderson Torres
ffa7483c97
Merge pull request #166375 from r-ryantm/auto-update/poke
poke: 2.1 -> 2.2
2022-03-31 21:25:36 -03:00
Ryan Mulligan
5e2ced2025
Merge pull request #166588 from r-ryantm/auto-update/dsq
dsq: 0.9.0 -> 0.11.0
2022-03-31 16:19:10 -07:00
Adam Joseph
aeb47faee2 dante: skip configure-time getaddrinfo-too-low check on mips64
This patch allows dante to be compiled (and cross-compiled) for mips64el.

Co-authored-by: John Ericson <git@JohnEricson.me>
2022-03-31 16:04:49 -07:00
R. Ryantm
b1d0be8bc7 p2pool: 1.8 -> 1.9 2022-03-31 23:02:53 +00:00
Pavel Borzenkov
6a751ecd39 terraform-providers.namecheap: init at 2.1.0
The provider allows to manage Namecheap DNS via terraform.
2022-04-01 08:23:33 +10:00
Dominique Martinet
829c611b48 logrotate: add logrotate-checkconf.service
the build-time check is not safe (e.g. doesn't protect from bad users or nomissingok
paths missing), so add a new unit for configuration switch time check
2022-04-01 07:09:27 +09:00
Dominique Martinet
b0a04e4105 nginx/logrotate: run logrotate as nginx user 2022-04-01 07:09:27 +09:00
Dominique Martinet
45ef5c1741 logrotate: add configuration check at build time
Now the service no longer starts immediately,
check if the config we generated makes sense as soon as possible.

The check isn't perfect because logrotate --debug wants to check
users required, there are two problems:
 - /etc/passwd and /etc/group are sandboxed and we don't have
visibility of system users
 - the check phase runs as nixbld which cannot su to other users
and logrotate fails on this

Until these two problems can be addressed, users-related checks
are filtered out, it's still much better than no check.
The check can be disabled with services.logrotate.checkConfig
if required
(bird also has a preCheck param, to prepare the environment
before check, but we can add it if it becomes necessary)

Since this makes for very verbose builds, we only show errors:
There is no way to control log level, but logrotate hardcodes
'error:' at common log level, so we can use grep, taking care
to keep error codes

Some manual tests:
───────┬──────────────────────────────────────────
       │ File: valid-config.conf
───────┼──────────────────────────────────────────
   1   │ missingok
───────┴──────────────────────────────────────────
logrotate --debug ok
grep ok

───────┬──────────────────────────────────────────
       │ File: postrotate-no-end.conf
───────┼──────────────────────────────────────────
   1   │ missingok
   2   │ /file {
   3   │    postrotate
   4   │      test
   5   │ }
───────┴──────────────────────────────────────────
error: postrotate-no-end.conf:prerotate, postrotate or preremove without endscript

───────┬──────────────────────────────────────────
       │ File: missing-file.conf
───────┼──────────────────────────────────────────
   1   │ "test" { daily }
───────┴──────────────────────────────────────────
error: stat of test failed: No such file or directory

───────┬──────────────────────────────────────────
       │ File: unknown-option.conf
───────┼──────────────────────────────────────────
   1   │ some syntax error
───────┴──────────────────────────────────────────
logrotate --debug ok
error: unknown-option.conf:1 unknown option 'some' -- ignoring line

───────┬──────────────────────────────────────────
       │ File: unknown-user.conf
───────┼──────────────────────────────────────────
   1   │ su notauser notagroup
───────┴──────────────────────────────────────────
error: unknown-user.conf:1 unknown user 'notauser'

In particular note that logrotate would not error on unknown option
(it just ignores the line) but this change makes the check fail.
2022-04-01 07:09:27 +09:00
Dominique Martinet
e92c05349c nixos/logrotate: convert to freeform
using freeform is the new standard way of using modules and should replace
extraConfig.
In particular, this will allow us to place a condition on mails
2022-04-01 07:09:26 +09:00
Dominique Martinet
3cc8ea28d1 logrotate: add services.logrotate.configFile escape hatch 2022-04-01 07:09:26 +09:00
Dominique Martinet
3a2fa0d049 logrotate: run through nixpkgs-fmt
Running once now will make further patches formatting easier
2022-04-01 07:09:26 +09:00
Dominique Martinet
b457d917dc logrotate: move mail dependency from package to service
having pkgs.logrotate depend on mailutils brings in quite a bit of dependencies
through mailutil itself and recursive dependency to guile when most people
do not need it.

Remove mailutils dependency from the package, and conditionally add it to the
service if the user specify the mail option either at top level or in a path

Fixes #162001
2022-04-01 07:09:24 +09:00
Ryan Mulligan
29ac6896e4
Merge pull request #163083 from r-ryantm/auto-update/calibre-web
calibre-web: 0.6.16 -> 0.6.17
2022-03-31 15:04:05 -07:00
Martin Weinelt
1e2c1b8372
mediawiki: 1.37.1 -> 1.37.2
https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/message/YJNXKPV5Z56NSUQ4G3SXPDUIZG5EQ7UR/

Fixes: CVE-2022-28202, CVE-2022-22801, CVE-2022-28203, CVE-2022-28204
2022-04-01 00:03:42 +02:00
Thiago Kenji Okada
ed6b037a99
Merge pull request #166496 from superherointj/package-fluxcd-0.28.5
fluxcd: 0.28.4 -> 0.28.5
2022-03-31 22:59:40 +01:00
Thiago Kenji Okada
5e7759bd9d HentaiAtHome: rename graalvm -> graalvmDrv 2022-03-31 22:37:58 +01:00
Thiago Kenji Okada
bdfff535f0 buildGraalvmNativeImage: allow usage of arbitrary graalvm derivation
This will allow for easier overrides for specific systems (e.g.
`aarch64-linux` that is only supported in `graalvm17-ce`).
2022-03-31 22:35:44 +01:00
Michael Weiss
ccc400a41f
Merge pull request #166613 from primeos/chromiumDev
chromiumDev: 101.0.4951.7 -> 101.0.4951.15
2022-03-31 23:16:13 +02:00
Michael Weiss
f179515296
Merge pull request #166614 from primeos/chromiumBeta
chromiumBeta: 100.0.4896.60 -> 101.0.4951.15
2022-03-31 23:16:02 +02:00
TredwellGit
82230fc6ea brave: 1.36.122 -> 1.37.109
https://github.com/brave/brave-browser/blob/master/CHANGELOG_DESKTOP.md#137109
2022-03-31 20:10:23 +00:00
Yaya
8465654f6a nixos/tests/gitlab: Add yayayayaka to maintainers 2022-03-31 21:56:18 +02:00
Yaya
35251c637b nixos/tests/gitlab: Check HTTP response codes
cURL always exits with `0` even when the HTTP response codes are above
400, leading to false-positive test results.
2022-03-31 21:56:18 +02:00
Yaya
86ec4e306e nixos/tests/gitlab: Fix project id
Gitlab automatically creates a repository, taking away the project
id=1.
2022-03-31 21:56:18 +02:00
Yaya
28068cebc9 nixos/tests/gitlab: Fix Authorization Bearer field
Due to an incorrect shell escape the Authorization Bearer Token was not
present in the cURL request headers.
2022-03-31 21:56:18 +02:00
R. Ryantm
ab4d1fb4b0 oh-my-zsh: 2022-03-29 -> 2022-03-31 2022-03-31 19:45:46 +00:00
Fabian Affolter
9a813114b9
Merge pull request #166529 from r-ryantm/auto-update/python310Packages.qiskit-optimization
python310Packages.qiskit-optimization: 0.3.1 -> 0.3.2
2022-03-31 21:30:39 +02:00
Fabian Affolter
ab57f590c2
Merge pull request #166528 from r-ryantm/auto-update/python3.10-youtube-transcript-api
python310Packages.youtube-transcript-api: 0.4.3 -> 0.4.4
2022-03-31 21:29:28 +02:00
Fabian Affolter
2b8c1d98fb
Merge pull request #166596 from 06kellyjac/kubescape
kubescape: 2.0.149 -> 2.0.150
2022-03-31 21:28:33 +02:00
Fabian Affolter
97cffe19d9
Merge pull request #166597 from applePrincess/exploitdb-2022-03-31
exploitdb: 2022-03-24 -> 2022-03-31
2022-03-31 21:27:32 +02:00
Fabian Affolter
0e79e5763e
Merge pull request #166567 from 06kellyjac/trivy
trivy: 0.24.4 -> 0.25.0
2022-03-31 21:26:03 +02:00
Fabian Affolter
74cff65a06
Merge pull request #166474 from fabaff/voluptuous-bump
python3Packages.voluptuous: 0.12.2 -> 0.13.0
2022-03-31 21:20:15 +02:00
Michael Weiss
773cfb0859
chromiumBeta: 100.0.4896.60 -> 101.0.4951.15 2022-03-31 21:19:20 +02:00
Michael Weiss
7cbe3d69a7
chromiumDev: 101.0.4951.7 -> 101.0.4951.15 2022-03-31 21:18:58 +02:00
R. Ryantm
845ca1e858 python310Packages.aioairzone: 0.2.1 -> 0.3.1 2022-03-31 19:05:21 +00:00
R. Ryantm
a7c49d7463 python310Packages.jsbeautifier: 1.14.1 -> 1.14.2 2022-03-31 18:50:24 +00:00
Maximilian Bosch
bab7f65636
grafana: 8.4.4 -> 8.4.5
ChangeLog: https://github.com/grafana/grafana/releases/tag/v8.4.5
2022-03-31 20:45:55 +02:00
Vincent Laporte
366a59cdc3 ocamlPackages.unionFind: init at 20220122 2022-03-31 19:51:42 +02:00
Ben Siraphob
6ad8b0bf32
Merge pull request #166501 from siraben/cmake-treewide 2022-03-31 12:42:59 -05:00
Ben Siraphob
4c38fcb192
treewide: move cmake into nativeBuildInputs 2022-03-31 12:35:21 -05:00
midchildan
32c0743a20
noto-fonts-cjk: switch back to variable font
Fixes #156131.

This reverts commit 88ef066644.
2022-04-01 02:20:21 +09:00