Commit graph

28859 commits

Author SHA1 Message Date
Jason Woofenden
7e5617aa7a nixos/doc: fix acme dns-01 example
Summary: fix errors with example code in the manual that shows how to set up DNS-01 verification via the acme protocol, e.g. for those who want to get wildcard certificates from Let's Encrypt.

Fix syntax error in nix arrays (there should not be commas.)

Fix permissions on /var/lib/secrets so it can be read by bind daemon. Without this fix bind won't start.

Add the missing feature: put the generated secret into certs.secret
2022-09-06 16:03:22 -04:00
Bernardo Meurer
0627237785
Merge pull request #181334 from zhaofengli/nat-iptables-pkg
nixos/nat: Use the package specified in networking.firewall.package
2022-09-06 14:05:20 -03:00
Jacek Galowicz
8ae3e986a7
Merge pull request #189999 from sbruder/test-driver-formatting-closed-port
nixos/test-driver: fix formatting of closed port
2022-09-06 14:48:13 +02:00
Simon Bruder
9caf5f6ba9
nixos/test-driver: fix formatting of closed port
Co-authored-by: a-kenji <aks.kenji@protonmail.com>
2022-09-06 14:32:56 +02:00
Luke Granger-Brown
8157e3d89f
Merge pull request #189934 from delroth/grafana-sandboxing
nixos/grafana: loosen systemd syscall sandboxing
2022-09-06 09:36:23 +01:00
Pierre Bourdon
bfe73f9543
nixos/grafana: loosen systemd syscall sandboxing
Allow @resources syscalls in the grafana.service unit. While Grafana
itself does not need them, some plugins (incl. first party) crash if
they fail to setrlimit. This was first seen with the official grafana
Clickhouse datasource plugin.

The @resources syscalls set is fairly harmess anyway.
2022-09-06 02:10:47 +02:00
Martin Weinelt
9ac9449a0a nixos/tests/kanidm: Update recover_account commandline
The username is now passed directly as an argument.
2022-09-05 17:13:10 +02:00
Sandro
a8737efd40
Merge pull request #187913 from ncfavier/ibus 2022-09-05 16:13:21 +02:00
Sandro
2902676b30
Merge pull request #189056 from jtojnar/fwupd 2022-09-05 16:13:00 +02:00
Martin Weinelt
268569b6d8
Merge pull request #189852 from erikarvstedt/paperless-pythonpath 2022-09-05 15:26:20 +02:00
Erik Arvstedt
783f8f16c1
paperless: move PYTHONPATH definition to module
`paperless-ngx.pythonPath` was incomplete due to the missing paperless-ngx
source, so it had to be amended in the service.
Instead of amending it, define it entirely in the service.

This allows an override of `paperless-ngx.propagatedBuildInputs` to be reflected
in the service's PYTHONPATH.
2022-09-05 14:50:45 +02:00
Maciej Krüger
ff7a59b802
Merge pull request #189824 from bobby285271/cinnamon-nixos-test 2022-09-05 13:05:04 +02:00
Bobby Rong
271b5dc25e
nixos/tests/cinnamon: init 2022-09-05 18:48:58 +08:00
Théo Zimmermann
0daa4b200c
Merge pull request #189721 from Zimmi48/changelog-for-coqide-split
coq: document CoqIDE split
2022-09-05 10:37:23 +02:00
Erik Arvstedt
310b9fe58d
nixos/paperless: extract variable pkg 2022-09-05 10:03:59 +02:00
Michele Guerini Rocco
e8e48a7a53
Merge pull request #189749 from ncfavier/console-colors-check
nixos/console: add format check to `console.colors`
2022-09-04 21:56:06 +02:00
Martin Weinelt
0973090c9b
Merge pull request #189730 from mweinelt/paperless-release-notes 2022-09-04 21:45:04 +02:00
Naïm Favier
cb40619996
nixos/console: add format check to console.colors 2022-09-04 21:09:08 +02:00
Jan Tojnar
89c025b366 nixos/fwupd: add polkit dependency
We are building fwupd daemon with polkit support which means
polkit daemon is required.

Previously polkit was enabled by default via udisks2 but that
stopped with f763710065
breaking the fwupd installed tests as a result.

Let’s add the polkit dependency to the fwupd module to ensure polkit is available.
2022-09-04 20:23:12 +02:00
Jonas Heinrich
bdd227c300
Merge pull request #184827 from onny/dokuwiki
dokuwiki: 2020-07-29 -> 2022-07-31
2022-09-04 19:08:45 +02:00
Naïm Favier
3a2f99340c
ibus: fix installed tests 2022-09-04 18:52:45 +02:00
Martin Weinelt
b36cd65ad1
rl-2211: Mention new paperless timezone default 2022-09-04 16:38:07 +02:00
Martin Weinelt
f98011803e
nixos/paperless: Restrict CAP_NET_BIND_SERVICE
Handing CAP_NET_BIND_SERVICE to the `paperless-web.service` only makes
sense when it actually wants to bind to a port < 1024. Don't hand it out
if that is not the case.
2022-09-04 16:24:24 +02:00
Martin Weinelt
2d257f8101
nixos/paperless: Add pgsql via unix socket example
Finding out how to connect paperless to a PostgreSQL database via unix
sockets and peer authentication took me a few minutes, so leaving a hint
in the extraConfig example seems like a good idea to me.

Also remove unnecessary use of literalExpression for attribute set, it
is only required for complex values like functions or values that depend
on other values or packages.
2022-09-04 16:16:46 +02:00
Martin Weinelt
81a17f7352
nixos/paperless: Use system timezone by default, if set 2022-09-04 16:16:46 +02:00
Martin Weinelt
94f00041f0
nixos/paperless: Allow mbind syscall in paperless-web.services
After uploading a document through the webinterface I started seeing
it killed through the SYSBUS signal. Inspecting the call trace led me to
liblapack's memory allocator, that uses the mbind syscall on Linux.
2022-09-04 16:16:45 +02:00
Michele Guerini Rocco
68065dc561
Merge pull request #189711 from SuperSandro2000/gnupg-remote-quiet
nixos/gnupg: void error messages when using nix remote builders
2022-09-04 14:53:34 +02:00
Sandro Jäckel
0d44562788
nixos/gnupg: void error messages when using nix remote builders 2022-09-04 14:38:15 +02:00
Sandro
2f54aad5e6
Merge pull request #156813 from JQ-Networks/master 2022-09-04 14:32:13 +02:00
Théo Zimmermann
eb7d9127e0
coq: document CoqIDE split
Changelog for #180385.
2022-09-04 14:27:29 +02:00
Aaron Andersen
5b62b0d2ce
Merge pull request #189635 from RaitoBezarius/nixos/dolibarr
dolibarr: init at 15.0.3, nixos/dolibarr: init
2022-09-04 07:55:34 -04:00
bb2020
ccd367ae4f nixos/minidlna: fix tests 2022-09-04 09:07:40 +00:00
bb2020
ce609256fb nixos/minidlna: update documentation 2022-09-04 09:07:40 +00:00
Alyssa Ross
16591184b4 nixos/no-x-libs: remove X libs from ffmpeg
Prior to this change, ffmpeg couldn't be built for an
environment.noXlibs system, because it would fail in:

	ffmpeg → SDL2 → libdecor

ffmpeg certainly does not need support for SDL2 windowing on a noXlibs
system.

This fix is important because the minidlna NixOS test, which uses the
minimal profile (and therefore environment.noXlibs) and ffmpeg, can't
currently build.
2022-09-04 08:44:19 +00:00
Alyssa Ross
46b6619cb3 nixos/no-x-libs: use libva-minimal
The primary difference between the standard and minimal variants of
this package is that all the X libraries are removed from the minimal
variant.

I had to switch the order of the definitions in all-packages.nix to
avoid an infinite recursion after the overlay was applied.
2022-09-04 08:44:19 +00:00
Alyssa Ross
97a8e05ae5 nixos/no-x-libs: realphabetize
This list was very nearly alphabetized, so let's restore the order
before it gets out of hand.
2022-09-04 08:44:19 +00:00
Aaron Andersen
c2563fe476 nixos/dolibarr: init
Co-authored: Ryan Lahfa <masterancpp@gmail.com>
2022-09-04 05:28:22 +02:00
Jörg Thalheim
8259e82318
Merge pull request #189594 from amesgen/teamspeak-restart
nixos/teamspeak3: restart on failure
2022-09-03 16:53:59 +01:00
Federico Beffa
8be4e9e2ec nixos/service/languagetool: init 2022-09-03 16:48:43 +02:00
Michael Weiss
53fcdfe186
Merge pull request #189589 from primeos/nixos-tests-cagebreak
nixos/tests/cagebreak: Enable just polkit instead of udisks2
2022-09-03 15:29:57 +02:00
Anderson Torres
1ed2ad6290
Merge pull request #189543 from adisbladis/emacs-lucid-default
emacs: Switch to lucid as the default toolkit
2022-09-03 10:02:49 -03:00
amesgen
592d13693e
nixos/teamspeak3: restart on failure
Prevents transient failures such as

> failed to register local accounting service
2022-09-03 14:55:36 +02:00
Jacek Galowicz
9e00fd3047
Merge pull request #189493 from alyssais/moodle
nixosTests.moodle: increase timeout
2022-09-03 14:55:21 +02:00
Michael Weiss
3add316759
nixos/tests/cagebreak: Enable just polkit instead of udisks2
The udisks2 service was enabled to fix the test in (c5ebec7ee4).
However, cagebreak doesn't require udisks2, just polkit (which the
udisks2 module enables and which is why the cagebreak test broke after
the udisks2 module was disabled by default).

I've documented why polkit is required in this PR:
https://github.com/NixOS/nixpkgs/pull/156858

In this case the "dependency" chain is basically cagebreak -> wlroots ->
libseat -> logind (with polkit support) -> polkit.
2022-09-03 14:11:58 +02:00
Nick Cao
81b615ea51
nixos/nvidia: replace IFD based assertion on power management support with version constraint 2022-09-03 19:38:23 +08:00
Bobby Rong
dd83d66920
Merge pull request #189544 from chasecaleb/fix-portunus-maintainers
portunus: fix maintainers bug
2022-09-03 16:34:24 +08:00
Jonas Heinrich
14b4c7c8ae
Merge pull request #189254 from mweinelt/zigbee2mqtt
zigbee2mqtt: 1.27.0 -> 1.27.2
2022-09-03 08:56:38 +02:00
adisbladis
c1861b6658 emacs: Switch to lucid as the default toolkit
Because of long standing bugs and stability issues & an
uncollaborative upstream there has been talk on the emacs-devel
mailing list to switch the default toolkit to
Lucid (https://lists.gnu.org/archive/html/emacs-devel/2022-08/msg00752.html).
The GTK build also has issues with Xinput2, something that both we and
upstream want to enable by default in Emacs 29.

This situation has prompted me to use both Lucid an no-toolkit (pure X11) Emacs
as a daily driver in recent weeks to evaluate what the
advantages/drawbacks are and I have concluded that, at least for me,
switching the toolkit to Lucid is strictly an upgrade.
It has resulted in better stability (there are far fewer tiny UX
issues that are hard to understand/identify) & a snappier UI.
On top of that the closure size is reduced by ~10%.

In the pure X11 build I noticed some unsharpness around fonts so this
is not a good default choice.

As with everything there is a cost, and that is uglier (I think most
would agree but of course this is subjective) menu bars for
those that use them and no GTK scroll bars.

For anyone who still wants to use GTK they could of course still
choose to do so via the new `emacs-gtk` attribute but I think this
is a bad default.

A note to Wayland users:
This does not affect Wayland compatibility in any way since that will
already need a PGTK build variant in the future.
2022-09-03 15:31:45 +12:00
Caleb Chase
f8c0d9e66d portunus: fix maintainers bug 2022-09-02 22:25:56 -05:00
Alyssa Ross
1e8f59b2ee
nixosTests.moodle: increase timeout
With the default timeout, this test would time out too early for me
and others[1].

[1]: https://github.com/NixOS/nixpkgs/pull/177052#issue-1266336706
2022-09-02 18:09:00 +00:00