Commit graph

21915 commits

Author SHA1 Message Date
talyz
2d8a870813
keycloak.tests: Test HTTPS support 2021-05-21 13:09:43 +02:00
talyz
ba00b0946e
nixos/keycloak: Split certificatePrivateKeyBundle into two options
Instead of requiring the user to bundle the certificate and private
key into a single file, provide separate options for them. This is
more in line with most other modules.
2021-05-21 13:09:38 +02:00
talyz
dbf91bc2f1
nixos/keycloak: keycloak.database* -> keycloak.database.*
Move all database options to their own group / attribute. This makes
the configuration clearer and brings it in line with most other modern
modules.
2021-05-21 13:09:32 +02:00
talyz
83e406e97a
nixos/keycloak: frontendUrl always needs to be suffixed with /
In some places, Keycloak expects the frontendUrl to end with `/`, so
let's make sure it always does.
2021-05-21 13:09:25 +02:00
talyz
58614f8416
nixos/keycloak: Add myself to maintainers 2021-05-21 13:09:19 +02:00
talyz
d748c86389
nixos/keycloak: Improve readablility by putting executables in PATH 2021-05-21 13:09:14 +02:00
talyz
8309368e4c
nixos/keycloak: Set umask before copying sensitive files
`install` copies the files before setting their mode, so there could
be a breif window where the secrets are readable by other users
without a strict umask.
2021-05-21 13:09:09 +02:00
talyz
c2bebf4ee2
nixos/keycloak: Improve bash error handling 2021-05-21 13:09:03 +02:00
talyz
d6727d28e1
nixos/keycloak: Set the postgresql database password securely
Feeding `psql` the password on the command line leaks it through the
`psql` process' `/proc/<pid>/cmdline` file. Using `echo` to put the
command in a file and then feeding `psql` the file should work around
this, since `echo` is a bash builtin and thus shouldn't spawn a new
process.
2021-05-21 13:08:53 +02:00
Jonathan Ringer
6b15fdce86
Merge remote-tracking branch 'origin/master' into staging-next
Conflicts:
 pkgs/shells/ion/default.nix
 pkgs/tools/misc/cicero-tui/default.nix
2021-05-20 22:11:42 -07:00
Thiago Kenji Okada
c96586d63f nixos/noisetorch: init
NoiseTorch needs setcap set to 'cap_sys_resource=+ep' to work correctly
accordingly to the README.md:

https://github.com/lawl/NoiseTorch#download--install

So this PR adds it.
2021-05-20 14:15:20 -07:00
misuzu
b2319b086c nixos/test-driver: use usb-ehci controller instead of piix3-usb-uhci
On my system this change offers ~5X speed up of
nixosTests.boot.biosUsb and nixosTests.boot.uefiUsb tests.
2021-05-20 22:33:08 +03:00
legendofmiracles
af0a54285e nixos/terraria: open ports in the firewall 2021-05-20 12:11:08 -07:00
Guillaume Girol
0d5fa1cff3
Merge pull request #120622 from symphorien/duplicity-master
nixos/duplicity: enable to prevent backup from growing infinitely
2021-05-20 19:00:59 +00:00
Jonas Chevalier
30c021fa15
Merge pull request #123744 from hercules-ci/init-ghostunnel
ghostunnel: init
2021-05-20 20:58:41 +02:00
Jonathan Ringer
14f3686af1
Merge remote-tracking branch 'origin/master' into staging-next
Conflicts:
  pkgs/applications/terminal-emulators/alacritty/default.nix
  pkgs/servers/clickhouse/default.nix
2021-05-20 09:12:42 -07:00
Emery Hemingway
520b4a8496 nixos: convert netatalk to settings-style configuration
Also, set StateDirectory in systemd.….serviceConfig.
2021-05-20 17:39:28 +02:00
Robert Hensing
a37d157601
Merge pull request #123052 from xoe-labs/da-test-vm-innteractive-log-switch
nixos/testing: add interactive serial stdout logs switch and dim them
2021-05-20 15:32:54 +02:00
Robert Hensing
dc9cb63de4 nixos/ghostunnel: init 2021-05-20 10:41:52 +02:00
Christoph Hrdinka
57acb6f9f7
Merge pull request #123598 from pschyska/master
nixos/nsd: make nsd-checkconf work when configuration contains keys (#118140)
2021-05-20 10:41:30 +02:00
Robert Hensing
76a7840f5f
Merge pull request #117275 from hercules-ci/nixosTest-remove-nixpkgs-commit-hash
nixosTest: Make system.nixos.revision constant
2021-05-20 10:40:59 +02:00
Maximilian Bosch
3f3cec6d9e clickhouse: 20.11.4.13-stable -> 21.3.11.5-lts
Failing Hydra build: https://hydra.nixos.org/build/143269865
ZHF #122042
2021-05-19 14:08:46 -07:00
Gabriel Gonzalez
8e9d803bac
Fix description for services.kubernetes.addonManager.enable (#71448)
`mkEnableOption` already prefixes the description with
"Whether to enable"
2021-05-19 13:49:27 -07:00
Sebastian Neubauer
68c618cba3
opensmtpd-filter-rspamd: init at 0.1.7 (#122823) 2021-05-19 22:37:49 +02:00
github-actions[bot]
8a5e4be6b6
Merge master into staging-next 2021-05-19 18:34:10 +00:00
Tim Van Baak
420b0fa378 nixos/nebula: Add release notes 2021-05-19 10:55:41 -07:00
Jonathan Ringer
c1f8a15dac
Merge remote-tracking branch 'origin/master' into staging-next
Conflicts:
  nixos/doc/manual/release-notes/rl-2105.xml
  pkgs/tools/security/sequoia/default.nix
2021-05-19 10:39:54 -07:00
Paul Schyska
69202853ea
nixos/nsd: make nsd-checkconf work when configuration contains keys 2021-05-19 18:21:10 +02:00
Martin Weinelt
446c97f96f
Merge pull request #123355 from Ma27/bump-matrix-synapse 2021-05-19 18:12:14 +02:00
Robert Hensing
74bf82a202
Merge pull request #122784 from hercules-ci/nixpkgs-init-nixos-install-tools
nixos-install-tools: init
2021-05-19 17:45:43 +02:00
Jan Tojnar
a858f1a90d
Merge pull request #123507 from jtojnar/no-flatpak-guipkgs
nixos/flatpak: Remove `guiPackages` internal option
2021-05-19 16:33:56 +02:00
Michael Weiss
c21dd33953
Merge pull request #123609 from berbiche/cagebreak-use-waylands-utils-in-test
nixos/tests/cagebreak: use wayland-info instead of wallutils
2021-05-19 14:50:55 +02:00
Guillaume Girol
41c7fa448f nixos/duplicity: add options to exercise all possible verbs
except restore ;)
2021-05-19 12:00:00 +00:00
Michele Guerini Rocco
376eabdac3
Merge pull request #123254 from rnhmjoj/ipsec
libreswan: 3.2 -> 4.4
2021-05-19 13:36:04 +02:00
talyz
380b52c737
nixos/keycloak: Use replace-secret to avoid leaking secrets
Using `replace-literal` to insert secrets leaks the secrets through
the `replace-literal` process' `/proc/<pid>/cmdline`
file. `replace-secret` solves this by reading the secret straight from
the file instead, which also simplifies the code a bit.
2021-05-19 09:32:28 +02:00
talyz
88b76d5ef9
nixos/mpd: Use replace-secret to avoid leaking secrets
Using `replace-literal` to insert secrets leaks the secrets through
the `replace-literal` process' `/proc/<pid>/cmdline`
file. `replace-secret` solves this by reading the secret straight from
the file instead.
2021-05-19 09:32:22 +02:00
talyz
3a29b7bf5b
nixos/mpdscribble: Use replace-secret to avoid leaking secrets
Using `replace-literal` to insert secrets leaks the secrets through
the `replace-literal` process' `/proc/<pid>/cmdline`
file. `replace-secret` solves this by reading the secret straight from
the file instead, which also simplifies the code a bit.
2021-05-19 09:32:17 +02:00
talyz
7842e89bfc
nixos/gitlab: Use replace-secret to avoid leaking secrets
Using `replace-literal` to insert secrets leaks the secrets through
the `replace-literal` process' `/proc/<pid>/cmdline`
file. `replace-secret` solves this by reading the secret straight from
the file instead, which also simplifies the code a bit.
2021-05-19 09:32:12 +02:00
talyz
38398fade1
nixos/discourse: Use replace-secret to avoid leaking secrets
Using `replace-literal` to insert secrets leaks the secrets through
the `replace-literal` process' `/proc/<pid>/cmdline`
file. `replace-secret` solves this by reading the secret straight from
the file instead, which also simplifies the code a bit.
2021-05-19 09:32:06 +02:00
Jörg Thalheim
5b4915fb7a
Merge pull request #110927 from Izorkin/fix-qemu-ga
nixos/qemu-guest-agent: fix start service
2021-05-19 05:42:06 +01:00
Aaron Andersen
58ddbfa71d
Merge pull request #118395 from jwygoda/grafana-google-oauth2
grafana: add google oauth2 config
2021-05-18 23:11:24 -04:00
Nicolas Berbiche
5e2cedfae3
nixos/tests/cagebreak: use wayland-info instead of wallutils
wayland-info from wayland-utils is already used in other Wayland
tests whereas wallutils' wayinfo is not.
2021-05-18 22:02:24 -04:00
github-actions[bot]
7000ae2b9a
Merge master into staging-next 2021-05-19 00:55:36 +00:00
Martin Weinelt
a8f71f069f
Merge pull request #123006 from mweinelt/postgresqlbackup-startat
nixos/postgresqlBackup: allow defining multiple times to start at
2021-05-19 01:54:38 +02:00
Martin Weinelt
4c798857e2
Merge pull request #100274 from hax404/prometheus-xmpp-alerts 2021-05-19 01:36:28 +02:00
Georg Haas
03c092579a
prometheus-xmpp-alerts: apply RFC 42 2021-05-19 01:08:38 +02:00
superherointj
4e3060d488 libvirtd: fix ovmf for aarch64 2021-05-18 17:27:37 -03:00
Jonathan Ringer
ca46ad3762
Merge remote-tracking branch 'origin/master' into staging-next
Conflicts:
  pkgs/tools/package-management/cargo-release/default.nix
2021-05-18 11:03:38 -07:00
Pamplemousse
037e51702e
nixos/services/foldingathome: Add an option to set the "nice level" (#122864)
Signed-off-by: Pamplemousse <xav.maso@gmail.com>
2021-05-18 18:44:52 +02:00
Maciej Krüger
7458dcd956
Merge pull request #75242 from mkg20001/cjdns-fix
services.cjdns: add missing, optional login & peerName attribute
2021-05-18 18:22:29 +02:00
Jonathan Ringer
f7a112f6c4
Merge remote-tracking branch 'origin/master' into staging-next
Conflicts:
  pkgs/applications/graphics/emulsion/default.nix
  pkgs/development/tools/misc/texlab/default.nix
  pkgs/development/tools/rust/bindgen/default.nix
  pkgs/development/tools/rust/cargo-udeps/default.nix
  pkgs/misc/emulators/ruffle/default.nix
  pkgs/tools/misc/code-minimap/default.nix
2021-05-18 08:57:16 -07:00
Robert Schütz
d189df235a
Merge pull request #122241 from dotlambda/znc-harden
nixos/znc: harden systemd unit
2021-05-18 17:44:14 +02:00
Maciej Krüger
7409f9bab3
services.cjdns: add missing, optional login & peerName attribute 2021-05-18 17:39:04 +02:00
Ashlynn Anderson
903665f31c
nixos/self-deploy: init (#120940)
Add `self-deploy` service to facilitate continuous deployment of NixOS
configuration from a git repository.
2021-05-18 08:29:37 -07:00
Maciej Krüger
362ca08510
Merge pull request #123448 from mweinelt/phosh-pam
nixos/phosh: Fix PAM configuration
2021-05-18 17:26:21 +02:00
Martin Weinelt
ec9cfba2d3
nixos/phosh: Fix unrestricted login because of insecure PAM config
The PAM config deployed would not check anything meaningful. Remove it
and rely on the defaults in the security.pam module to fix login with
arbitrary credentials.

Resolves: #123435
2021-05-18 16:39:03 +02:00
Michael Weiss
1b114586e8
Merge pull request #123381 from primeos/nixos-tests-cagebreak
nixos/tests/cagebreak: Fix the test
2021-05-18 16:01:37 +02:00
Jan Tojnar
1b1faeb2db
Merge pull request #86288 from worldofpeace/gnome-doc
nixos/gnome3: add docs
2021-05-18 14:19:33 +02:00
Jan Tojnar
ed47351533
nixos/flatpak: Remove guiPackages internal option
It was basically just a `environment.systemPackages` synonym,
only GNOME used it, and it was stretching the responsibilities
of the flatpak module too far.

It also makes it cleaner to avoid installing the program
using GNOME module’s `excludePackages` option.

Partially reverts: https://github.com/NixOS/nixpkgs/pull/101516
Fixes: https://github.com/NixOS/nixpkgs/issues/110310
2021-05-18 14:06:23 +02:00
Michael Raskin
02ba3238d2
Merge pull request #123053 from pschyska/master
atop, netatop, nixos/atop: improve packaging and options
2021-05-18 10:54:13 +00:00
rnhmjoj
0de7e41520
docs/release-notes: mention libreswan update 2021-05-18 08:13:37 +02:00
rnhmjoj
3a46314455
nixos/tests/libreswan: add test 2021-05-18 08:13:36 +02:00
rnhmjoj
1a4db01c84
nixos/libreswan: update for version 4.x
- Use upstream unit files
- Remove deprecated config options
- Add option to disable redirects
- Add option to configure policies
2021-05-18 08:13:36 +02:00
Sandro
9dba669e8a
Merge pull request #123385 from veehaitch/systemd-dhcpserver-options
nixos/networkd: add missing [DHCPServer] options
2021-05-18 01:53:39 +02:00
Vladimír Čunát
b09fc82382
nixos/release-combined: fix a test name
Broken by 513143fe4 and breaking evaluation of trunk-combined jobset.
2021-05-17 22:52:28 +02:00
Sandro
4fc08dd955
Merge pull request #121500 from servalcatty/v2ray
v2ray: 4.37.3 -> 4.38.3
2021-05-17 19:18:56 +02:00
Michael Weiss
f691e6c074
nixos/tests/cagebreak: Simplify the startup 2021-05-17 18:41:27 +02:00
Michael Weiss
81b2ce96c6
nixos/tests/cagebreak: Fix the test
Starting Cagebreak as X11 client doesn't work anymore as wlroots 0.13
started to require the DRI3 extension which isn't supported by LLVMpipe:
machine # [   13.508284] xsession[938]: 00:00:00.003 [ERROR] [backend/x11/backend.c:433] X11 does not support DRI3 extension
machine # [   13.666989] show_signal_msg: 62 callbacks suppressed
machine # [   13.666993] .cagebreak-wrap[938]: segfault at 8 ip 0000000000408574 sp 00007ffef76f2440 error 4 in .cagebreak-wrapped[407000+d000]
machine # [   13.670483] Code: f4 ff ff 4c 8b 84 24 70 01 00 00 8d 45 01 48 89 c5 49 8b 3c c0 48 85 ff 75 e4 4c 89 c7 e8 84 f4 ff ff 48 8b bc 24 18 01 00 00 <48> 8b 47 08 4c 8d 6f d8 48 8d 68 d8 48 39 df 75 0e eb 36 66 0f 1f
machine # [   13.518274] xsession[938]: 00:00:00.006 [ERROR] [../cagebreak.c:313] Unable to create the wlroots backend

The test broke after updating Cagebreak in #121652 (bf8679ba94).

XWayland still fails for unknown reasons:
Modifiers specified, but DRI is too old
libEGL warning: DRI2: failed to create dri screen
libEGL warning: NEEDS EXTENSION: falling back to kms_swrast
glamor: No eglstream capable devices found
glamor: 'wl_drm' not supported
Missing Wayland requirements for glamor GBM backend
Missing Wayland requirements for glamor EGLStream backend
Failed to initialize glamor, falling back to sw
00:00:03.534 [ERROR] [xwayland/server.c:252] waitpid for Xwayland fork
failed: No child processes
(EE) failed to write to XWayland fd: Broken pipe
/nix/store/kcm3x8695fgycf31grzl9fy5gggwpram-xterm-367/bin/xterm: Xt
error: Can't open display: :0

The fallback to software rendering is to be expected but it looks like
XWayland is crashing with "failed to write to XWayland fd: Broken pipe".
2021-05-17 18:41:12 +02:00
Vincent Haupert
faeb9e3233
nixos/networkd: add missing [DHCPServer] options
`systemd.network.networks.*.dhcpServerConfig` did not accept all of
the options which are valid for networkd's [DHCPServer] section. See
systemd.network(5) of systemd 247 for details.
2021-05-17 18:30:37 +02:00
Martin Weinelt
213e488192
Merge pull request #123375 from helsinki-systems/apparmor_utillinux
nixos/security/apparmor: utillinux -> util-linux
2021-05-17 17:30:38 +02:00
ajs124
e2cf342ba9 nixos/security/apparmor: utillinux -> util-linux 2021-05-17 17:14:08 +02:00
Michael Weiss
aa2537b554
Merge pull request #122926 from primeos/signal-desktop-fix-db-encryption
signal-desktop: Fix the database encryption by preloading SQLCipher
2021-05-17 16:06:52 +02:00
Jonathan Ringer
c227fb4b17
Merge remote-tracking branch 'origin/master' into staging-next
Conflicts:
	pkgs/development/tools/rust/cargo-cache/default.nix
	pkgs/development/tools/rust/cargo-embed/default.nix
	pkgs/development/tools/rust/cargo-flash/default.nix
	pkgs/servers/nosql/influxdb2/default.nix
2021-05-17 07:01:38 -07:00
Robert Schütz
a22ebb6d6d
Merge pull request #123017 from DavHau/davhau-scikitlearn
python3Packages.scikitlearn: rename to scikit-learn
2021-05-17 15:13:33 +02:00
Michael Francis
80830373f0
Update openvswitch.nix 2021-05-17 21:11:07 +08:00
Michael Francis
adc368d2fc
Only include ipsecTools if using ipsec 2021-05-17 21:00:57 +08:00
ajs124
8e78793029 nixos/tasks/filesystems: utillinux -> util-linux 2021-05-17 14:47:57 +02:00
Maximilian Bosch
2addab5fd6
nixos/matrix-synapse: room_invite_state_types was deprecated and room_prejoin_state is used now
See https://github.com/matrix-org/synapse/blob/release-v1.34.0/UPGRADE.rst#upgrading-to-v1340
2021-05-17 13:45:28 +02:00
Jörg Thalheim
b900661f6e
Merge pull request #122825 from Izorkin/update-duplicates-systemcallfilters
treewide: remove duplicates SystemCallFilters
2021-05-17 12:06:06 +01:00
DavHau
cd8f3e6c44 python3Packages.scikitlearn: rename to scikit-learn 2021-05-17 17:41:36 +07:00
Eelco Dolstra
c3b27282d7
Merge pull request #123272 from kini/nixos/security.pki/pems-without-final-newline
nixos/security.pki: handle PEMs w/o a final newline
2021-05-17 11:14:03 +02:00
Richard Marko
16b0f07890 nixos/nginx: fix comment about acme postRun not running as root
As of 67a5d66 this is no longer true, since acme postRun runs as root.
The idea of the service is good so reword a comment a bit.
2021-05-17 18:03:04 +09:00
Richard Marko
7423afb5e4 nixos/molly-brown: fix description of certPath
`allowKeysForGroup` is no longer available so this drops

```
security.acme.certs."example.com".allowKeysForGroup = true;
```

line. `SupplementaryGroups` should be enough for
allowing access to certificates.
2021-05-17 18:03:04 +09:00
Richard Marko
29158fc0ac nixos/postgresql: fix description of ensureUsers.ensurePermissions
`attrName` and `attrValue` are now in correct order.
2021-05-17 18:03:04 +09:00
Jan Tojnar
354e005d6c nixos/dconf: fix d-bus activation
dconf now supports autostarting the d-bus service using systemd's d-bus activation.

2781a86848

On NixOS, that requires making systemd aware of the package.

Fixes: https://github.com/NixOS/nixpkgs/issues/123265
2021-05-17 09:46:07 +02:00
Evils
7641769055 nixos/fancontrol: back to running as root
regular users don't have write access to /sys/devices
  which is where the kernel endpoints are to control fan speed
2021-05-17 00:00:01 -07:00
github-actions[bot]
3ff6965554
Merge master into staging-next 2021-05-17 06:22:23 +00:00
Jonathan Ringer
d8e62d8e41
Merge remote-tracking branch 'origin/master' into staging-next
Fix cargo-flash build
2021-05-16 18:27:14 -07:00
Sandro
ec1dd62608
Merge pull request #118521 from SuperSandro2000/nginx-proxy-timeout
nixos/nginx: add option to change proxy timeouts
2021-05-17 03:15:54 +02:00
Sandro
700942d2a5
Merge pull request #121119 from SuperSandro2000/remove-gnidorah
treewide: remove gnidorah
2021-05-17 02:42:24 +02:00
Sandro Jäckel
51166f90c6
nixos/nginx: add option to change proxy timeouts 2021-05-17 02:37:44 +02:00
Keshav Kini
348858f297 nixos/security.pki: handle PEMs w/o a final newline
According to the ABNF grammar for PEM files described in [RFC
7468][1], an eol character (i.e. a newline) is not mandatory after the
posteb line (i.e. "-----END CERTIFICATE-----" in the case of
certificates).

This commit makes our CA certificate bundler expression account for
the possibility that files in config.security.pki.certificateFiles
might not have final newlines, by using `awk` instead of `cat` to
concatenate them. (`awk` prints a final newline from each input file
even if the file doesn't end with a newline.)

[1]: https://datatracker.ietf.org/doc/html/rfc7468#section-3
2021-05-16 17:23:11 -07:00
Martin Weinelt
7bd65d54f7 treewide: remove nand0p as maintainer
While looking at the sphinx package I noticed it was heavily
undermaintained, which is when we noticed nand0p has been inactive for
roughly 18 months. It is therefore prudent to assume they will not be
maintaining their packages, modules and tests.

- Their last contribution to nixpkgs was in 2019/12
- On 2021/05/08 I wrote them an email to the address listed in the
  maintainer-list, which they didn't reply to.
2021-05-17 01:50:49 +02:00
Florian Klink
6c0058f47f
Merge pull request #85073 from hyperfekt/systemd-pstore
nixos/systemd|filesystems: mount and evacuate /sys/fs/pstore using systemd-pstore
2021-05-17 00:00:52 +02:00
Aaron Andersen
21f5dd5c6e
Merge pull request #122647 from onny/caddy
nixos/caddy: support user and group options
2021-05-16 17:23:57 -04:00
Robert Hensing
338baef861
Merge pull request #122458 from serokell/team-serokell
maintainers: add serokell team, move various packages to it
2021-05-16 22:37:50 +02:00
Johan Thomsen
7e310dd8e8 nixos/containerd: StartLimit* options must be in the unit-section
also, raise limits to ensure reasonable startup time, now that StartLimits are actually enforced
2021-05-17 06:17:18 +10:00
Johan Thomsen
2142f88526 nixos/containerd: sanitize StateDirectory and RuntimeDirectory 2021-05-17 06:17:18 +10:00
Paul Schyska
563ba07543
nixos/atop: Split up restart triggers between atop and netatop 2021-05-16 22:00:24 +02:00
Paul Schyska
526bc6a4d5
nixos/atop: Add a note about netatop tainting the kernel 2021-05-16 21:43:20 +02:00
github-actions[bot]
6cdac75d25
Merge staging-next into staging 2021-05-16 18:32:44 +00:00
Niklas Hambüchen
0da74875c0 release notes: Mention WireGuard dynamicEndpointRefreshSeconds 2021-05-16 20:11:51 +02:00
Niklas Hambüchen
357cf46c8d wireguard module: Add dynamicEndpointRefreshSeconds option.
See for an intro:
https://wiki.archlinux.org/index.php/WireGuard#Endpoint_with_changing_IP
2021-05-16 20:11:51 +02:00
Paul Schyska
fb90a9c552
nixos/atop: Rework the test
- use "with subtest" everywhere
- do more in nix and less in python
- use makeTest directly to define multiple tests instead of one with
  multiple nodes -> this enables them to run in parallel
2021-05-16 18:22:03 +02:00
Paul Schyska
b87c366046
nixos/atop: Never enable setuidWrapper by default, rename service/timer enabling options 2021-05-16 18:22:03 +02:00
Paul Schyska
8f3d2e5c3b
nixos/atop: Add configuration for atop services, allow to enable netatop, gpuatop, allow setuid wrapper 2021-05-16 18:22:03 +02:00
Jan Tojnar
684991c696
Merge branch 'master' into staging-next
- Thunderbird 68 has been dropped on master.
- gccCrossLibcStdenv has been factored out on staging-next in all-packages.nix, while the file has been re-formatted on master.
2021-05-16 15:34:51 +02:00
Vladimír Čunát
843fcf68e1
Merge #123049: nixos/tests/minecraft-server: fix on i686 2021-05-16 11:00:02 +02:00
Matthias Devlamynck
2a217314f2 nixos/plasma5: also add plasma-pa when using pipewire with pulseaudio support 2021-05-16 10:51:11 +02:00
github-actions[bot]
9911b1c75b
Merge staging-next into staging 2021-05-16 01:01:01 +00:00
github-actions[bot]
b484cef365
Merge master into staging-next 2021-05-16 01:00:58 +00:00
Michael Weiss
a542827c9b
nixos/sway: Update the module documentation
Most programs already run natively under Wayland so extraSessionCommands
isn't as important anymore. XWayland is already covered by
"programs.xwayland.enable = mkDefault true;" in the module.
2021-05-15 20:30:53 +02:00
github-actions[bot]
c10600230e
Merge staging-next into staging 2021-05-15 18:30:31 +00:00
github-actions[bot]
f1b78f8618
Merge master into staging-next 2021-05-15 18:30:28 +00:00
Michael Weiss
73e0dd4b29
Merge pull request #123034 from primeos/sway-simplify-screen-sharing
sway: Simplify screen sharing
2021-05-15 18:38:52 +02:00
Jonathan Ringer
5a6540c49c nixos/factorio: update admin setting 2021-05-15 09:04:35 -07:00
Jonas Heinrich
fff9cf00fd caddy: support user and group options 2021-05-15 10:32:49 +02:00
github-actions[bot]
78ae7ac75e
Merge staging-next into staging 2021-05-15 06:22:25 +00:00
github-actions[bot]
c48794dcef
Merge master into staging-next 2021-05-15 06:22:22 +00:00
Aaron Andersen
fc63be7ac8
Merge pull request #122658 from aanderse/httpd-reload
nixos/httpd: provide a stable path stable path to the configuration f…
2021-05-14 23:50:43 -04:00
Aaron Andersen
460f8def67
Merge pull request #122255 from aanderse/kodi
kodi: 19.0 -> 19.1
2021-05-14 23:21:08 -04:00
David Arnold
8ee31be5dd
nixos/testing: add interactive serial stdout logs switch and dim them 2021-05-14 20:36:00 -04:00
Milan Pässler
827f69cf0d
nixos/tests/minecraft-server: fix build on i686
"at most 2047 MB RAM can be simulated"
2021-05-15 01:17:51 +02:00
Yarny0
c2af1ff281 nixos/hylafax: enable ProtectKernelLogs for most services
Also document that `ProtectClock` blocks access to serial line.
I couldn't found out why this is the case,
but faxgetty complains about the device file
not being accessible with `ProtectClock=true`.
2021-05-14 22:55:50 +02:00
Michael Weiss
3f31c0edef
sway: Simplify screen sharing
This should make it easier to get started.
The xdg-desktop-portal backend for wlroots is required and one needs to
"make sure WAYLAND_DISPLAY and XDG_CURRENT_DESKTOP are imported into
D-Bus." [0]

[0]: efcbcb60aa/README.md (running)
2021-05-14 22:42:19 +02:00
Vladimír Čunát
c48eaa70e3
Merge branch 'master' into staging-next 2021-05-14 22:27:34 +02:00
Martin Weinelt
21746a7c80
nixos/postgresqlBackup: allow defining multiple times to start at
Or … none! Because forcing a string always results in an OnCalender=
setting, but an empty string leads to an empty value.

>  postgresqlBackup-hass.timer: Timer unit lacks value setting. Refusing.

or

> postgresqlBackup-miniflux.timer: Cannot add dependency job, ignoring: Unit postgresqlBackup-miniflux.timer has a bad unit file setting.

I require the postgresqlBackup in my borgbackup unit, so I don't
strictly need the timer and could previously set it to an empty list.
2021-05-14 20:41:08 +02:00
V
f4c5ebea50 nixos/mailman: fix documentation option links 2021-05-14 18:33:24 +02:00
Robert Schütz
e611d663f4
Merge pull request #120440 from dotlambda/radicale-settings
nixos/radicale: add settings option
2021-05-14 15:37:26 +02:00
Michael Weiss
89cc391728
Merge pull request #122877 from primeos/nixos-tests-sway-gpg-agent-pinentry
nixos/tests/sway: test GPG's pinentry pop-up
2021-05-14 14:45:56 +02:00
WilliButz
94b2848559
Merge pull request #91663 from mweinelt/kea-exporter
prometheus-kea-exporter: init at 0.4.1
2021-05-14 14:38:08 +02:00
Eelco Dolstra
b08e223a04 nix: 2.3.10 -> 2.3.11
The patch is included in the new release, so can be dropped.

Co-authored-by: Alyssa Ross <hi@alyssa.is>
2021-05-14 12:24:54 +00:00
Martin Weinelt
dd7e1834ca
nixos/tests/prometheus-exporters.kea: init 2021-05-14 14:09:19 +02:00
Alyssa Ross
195d532a63
Revert "Revert "Revert "nix: 2.3.10 -> 2.3.11"""
This reverts commit 66fc303070.

There is still a patch that doesn't apply.
2021-05-14 11:35:18 +00:00
Eelco Dolstra
66fc303070
Revert "Revert "nix: 2.3.10 -> 2.3.11""
This reverts commit 1872bbdae5.
2021-05-14 13:33:05 +02:00
Alyssa Ross
1872bbdae5
Revert "nix: 2.3.10 -> 2.3.11"
This reverts commit 6f6b2cdc98.

Version wasn't updated, and apparently a patch didn't apply.  Let's do
this upgrade properly, in a PR, but for now I'm reverting so we don't
have a broken nix package in master.
2021-05-14 11:30:55 +00:00
Eelco Dolstra
6f6b2cdc98
nix: 2.3.10 -> 2.3.11 2021-05-14 13:11:26 +02:00
Michael Lingelbach
46284492f4
nixos/tests/dendrite: init (#121777) 2021-05-14 13:11:22 +02:00
zowoq
004f8cd986 Merge staging-next into staging 2021-05-14 16:32:43 +10:00
Yarny0
4415846d5c nixos/hylafax: use runtimeShell where possible
According to
https://github.com/NixOS/nixpkgs/pull/84556
this effort helps with cross-compilation.

This commit also renames a substituted variable `hylafax`
to `hylafaxplus` to permit substitution with `inherit`.
2021-05-14 05:42:18 +02:00
Yarny0
89df33f882 nixos/hylafax: replace a nested expression with lib.pipe
This avoids a tripple-nested function call,
and it looks slightly simpler (at least to me).
2021-05-14 05:42:18 +02:00
Yarny0
449647daf5 nixos/hylafax: use lib.types.ints.positive
I haven't realized earlier that there is
already an option type for postive integers.
2021-05-14 05:42:17 +02:00
github-actions[bot]
bf5d8bb531
Merge master into staging-next 2021-05-14 00:58:11 +00:00
Michael Weiss
940dfa9940
signal-desktop: Fix the database encryption by preloading SQLCipher
AFAIK this is the only reliable way for us to ensure SQLCipher will be
loaded instead of SQLite. It feels like a hack/workaround but according
to the SQLCipher developers [0] "this issue can and should be handled
downstream at the application level: 1. While it may feel like a
workaround, using LD_PRELOAD is a legitimate approach here because it
will substitute the system SQLite with SQLCipher which is the intended
usage model;".

This fixes #108772 for NixOS 20.09 users who upgrade to NixOS 21.05 and
replaces #117555.

For nixos-unstable users this will unfortunately break everything again
so we should add a script to ease the transition (in a separate commit
so that we can revert it for NixOS 21.05).

[0]: https://github.com/sqlcipher/sqlcipher/issues/385#issuecomment-802874340
2021-05-14 02:33:42 +02:00
Jan Tojnar
ac6a4f7cf5
Merge branch 'staging-next' into staging 2021-05-14 01:40:09 +02:00
Samuel Dionne-Riel
12ede41735
Merge pull request #110435 from superloach/patch-2
nixos/modules: add "sdhci_pci" to availableKernelModules
2021-05-13 17:45:22 -04:00
Jens Nolte
22e797947b
nixos/zfs: Add defaultText for 'boot.zfs.package'-option (#122002) 2021-05-13 17:40:10 -04:00
Maximilian Bosch
bfd4c121ff
Merge pull request #122637 from mayflower/prometheus-2.26.0
Prometheus 2.26.0 + exporter updates
2021-05-13 23:05:29 +02:00
Michael Weiss
28a1e9516d
Merge pull request #122627 from primeos/nixos-tests-signal-desktop-db-encryption
nixos/tests/signal-desktop: test if the SQLite DB is (un)encrypted
2021-05-13 21:40:07 +02:00
Michael Weiss
217f268534
nixos/tests/signal-desktop: test if the SQLite DB is (un)encrypted
Well, this should test if the database is encrypted but currently it is
still unencrypted and we need to notice if this behaviour changes in the
future (as it will cause data loss, see e.g. #108772).
Anyway, this doesn't really matter for security reasons but we need this
test to prevent data loss (unfortunately Signal-Desktop and SQLCipher
handle this badly... :o).
2021-05-13 21:18:28 +02:00
Michael Weiss
03808546e5
nixos/tests/sway: test GPG's pinentry pop-up
This test is important to confirm that $WAYLAND_DISPLAY is correctly
imported via "dbus-update-activation-environment --systemd" which is
done by default since #122605 (00e8e5b123).
It ensures that the gnome3-pinentry pop-ups work as expected to avoid
regressions like #119445 (which also broke screen sharing).
2021-05-13 20:51:31 +02:00
Michael Weiss
60f2af5938
Merge pull request #122605 from primeos/nixos-sway-extend-default-configuration
nixos/sway: Extend the default configuration for NixOS
2021-05-13 20:48:55 +02:00
github-actions[bot]
39e3f7c2cc
Merge master into staging-next 2021-05-13 18:32:50 +00:00
Jonas Chevalier
c6b62f2381
mkShell: introduce packages argument (#122180)
The distinction between the inputs doesn't really make sense in the
mkShell context.  Technically speaking, we should be using the
nativeBuildInputs most of the time.

So in order to make this function more beginner-friendly, add "packages"
as an attribute, that maps to nativeBuildInputs.

This commit also updates all the uses in nixpkgs.
2021-05-13 19:17:29 +02:00
Janne Heß
672e64701c
nixos/prometheus: Add support for metric relabeling 2021-05-13 15:59:46 +02:00
Izorkin
feebe402f5
treewide: remove duplicates SystemCallFilters 2021-05-13 15:44:56 +03:00
Luke Granger-Brown
ca6255bf0b nixos/docker: fix evaluation when NAT is enabled too
Both networking.nat.enable and virtualisation.docker.enable now want to
make sure that the IP forwarding sysctl is enabled, but the module
system dislikes that both modules contain this option.

Realistically this should be refactored a bit, so that the Docker module
automatically enables the NAT module instead, but this is a more obvious
fix.
2021-05-13 10:26:45 +00:00
Robert Hensing
7b0e0ca35e nixos-install-tools: init
The essential commands from the NixOS installer as a package

With this package, you get the commands like nixos-generate-config and
nixos-install that you would otherwise only find on a NixOS system, such
as an installer image.

This way, you can install NixOS using a machine that only has Nix.

It also includes the manpages, which are important because the commands
rely on those for providing --help.
2021-05-13 01:29:02 +02:00
Martin Weinelt
bc4a80979b
nixos/prometheus-kea-exporter: init 2021-05-12 21:51:44 +02:00
github-actions[bot]
b057978bb2
Merge staging-next into staging 2021-05-12 18:32:29 +00:00
github-actions[bot]
f214722172
Merge master into staging-next 2021-05-12 18:32:26 +00:00
midchildan
6567031111
nixos/mirakurun: add polkit rule for smart card access (#122066)
Fixes #122039
2021-05-12 13:57:49 -04:00
Thomas Tuegel
f99ac85c52
Merge pull request #120514 from ttuegel/kde-gear-21.04.0
KDE Gear 21.04.0
2021-05-12 05:58:30 -05:00
github-actions[bot]
d8fb37f470
Merge master into staging-next 2021-05-12 06:21:33 +00:00
Aaron Andersen
f20aa073e1 nixos/httpd: provide a stable path stable path to the configuration file for reloads 2021-05-11 22:36:55 -04:00
davidak
afc1b5220e
Merge pull request #122438 from xaverdh/linux-5.12
linux_5_12: init at 5.12.2
2021-05-12 02:58:55 +02:00
Robin Gloster
b3d30fac67
prometheus-exporter tests: fix eval/deprecation
lnd exporter test still fails but evaluates now
2021-05-11 17:57:47 -05:00
Robin Gloster
9438b12f99
prometheus-collectd-exporter: fix options for new version 2021-05-11 17:57:46 -05:00
Robin Gloster
b2956ce654
prometheus-bind-exporter: fix options for new version 2021-05-11 17:57:46 -05:00
Robin Gloster
da85657a6c
prometheus-rspamd-exporter: fix for new json exporter syntax 2021-05-11 17:57:46 -05:00
Thomas Tuegel
af8532eee9
Add KDE Gear 21.04 to the release notes 2021-05-11 12:15:51 -05:00
Thomas Tuegel
799f351997
KDE Applications 20.12.3 -> KDE Gear 21.04.0 2021-05-11 12:14:58 -05:00
Michael Weiss
00e8e5b123
nixos/sway: Extend the default configuration for NixOS
The default config.in template contains
"include @sysconfdir@/sway/config.d/*" but we've dropped it to better
support non-NixOS (which seems like a mistake in retrospect).
This restores that behaviour and extends the default configuration via
nixos.conf to fix #119445.

Note: The security configurations (security.d) where dropped entirely
(but maybe they'll return).
2021-05-11 18:53:49 +02:00
Jan Tojnar
8380ceb766
nixos/gnome: Allow disabling sysprof 2021-05-11 18:11:01 +02:00
worldofpeace
8ad5d65d09
nixos/gnome: add user docs
Co-Authored-By: Jan Tojnar <jtojnar@gmail.com>
2021-05-11 18:10:53 +02:00
github-actions[bot]
1e7a48b474
Merge master into staging-next 2021-05-11 12:24:28 +00:00
Tom
33a4c43126
nixos/tor: fix HidServAuth (#122439)
* add an example for services.tor.settings.HidServAuth

* fix HidServAuth validation to require ".onion"
  Per https://manpages.debian.org/testing/tor/torrc.5.en.html :
  > Valid onion addresses contain 16 characters in a-z2-7 plus ".onion"
2021-05-11 10:10:32 +02:00
github-actions[bot]
10e16ec9ab
Merge master into staging-next 2021-05-11 06:20:33 +00:00
Jörg Thalheim
8af4bf61fd
Merge pull request #122423 from Izorkin/update-netdata
nixos/netdata: update configuration
2021-05-11 06:07:48 +01:00
Robin Gloster
b3c592bf08
prometheus-json-exporter: 0.2.0 -> 0.3.0 2021-05-10 23:36:39 -05:00
github-actions[bot]
49b8e6f7d4
Merge master into staging-next 2021-05-11 00:48:15 +00:00
Robert Schütz
7217b2d85e
Merge pull request #121785 from dotlambda/dendrite-rename
matrix-dendrite: rename to dendrite
2021-05-10 23:30:12 +02:00
Joe DeVivo
bf92d0ec37 nixos/ssm-agent: conf files written to /etc
ssm-agent expects files in /etc/amazon/ssm. The pkg substitutes a location in
the nix store for those default files, but if we ever want to adjust this
configuration on NixOS, we'd need the ability to modify that file.

This change to the nixos module writes copies of the default files from the nix
store to /etc/amazon/ssm. Future versions can add config, but right now this
would allow users to at least write out a text value to
environment.etc."amazon/ssm/amazon-ssm-agent.json".text to provide
their own config.
2021-05-10 13:16:41 -07:00
Samuel Dionne-Riel
37f14fa4d9
Merge pull request #121450 from samueldr/feature/cross-uefi-iso
iso-image: Fixes for cross-compilation
2021-05-10 14:42:59 -04:00
github-actions[bot]
61fa3fdde8
Merge master into staging-next 2021-05-10 18:28:17 +00:00
Samuel Dionne-Riel
79752e2310
Merge pull request #121834 from samueldr/feature/raspberrypi4-image-cleanup
sd_image_raspberrypi4: Remove, as planned initially
2021-05-10 14:05:02 -04:00
Sandro
f0bb4f066a
Merge pull request #95050 from paumr/bind-fmt 2021-05-10 19:06:00 +02:00
github-actions[bot]
115881e756
Merge master into staging-next 2021-05-10 12:24:32 +00:00
Dominik Xaver Hörl
db0294aa60 linux_5_12: init at 5.12.2 2021-05-10 11:43:23 +02:00
Izorkin
85914bc01d
nixos/netdata: change wrappers permissions 2021-05-10 10:35:51 +03:00
Izorkin
859633ee43
nixos/netdata: use cgroup v2 2021-05-10 10:24:31 +03:00
Izorkin
58497175be
nixos/netdata: cgroup-network: don't use AmbientCapabilities 2021-05-10 10:19:57 +03:00
Michele Guerini Rocco
4cbe186a8a
Merge pull request #121394 from bjornfor/atd-file-creation
nixos/atd: prefer 'install' over 'mkdir/chmod/chown'
2021-05-10 08:43:57 +02:00
github-actions[bot]
f4d69ad1f2
Merge master into staging-next 2021-05-10 06:20:28 +00:00
Michele Guerini Rocco
d0cbcce8d4
Merge pull request #121395 from bjornfor/nixos-wpa-supplicant
nixos/wpa_supplicant: prefer 'install' over 'touch/chmod/mkdir/chgrp'
2021-05-10 08:16:39 +02:00
github-actions[bot]
1e3d91bd19
Merge master into staging-next 2021-05-10 00:48:32 +00:00
hyperfekt
3e3e763a07 nixos/systemd: enable systemd-pstore.service
As described in issue #81138, the Install section of upstream units is
currently ignored, so we make it part of the sysinit.target manually.
2021-05-09 23:21:51 +02:00
hyperfekt
870fa77ff6 nixos/filesystems: mount persistent storage to /sys/fs/pstore 2021-05-09 23:21:32 +02:00
Guillaume Girol
fe50cb0ee1
Merge pull request #122301 from Izorkin/update-test-unit-php
nixos/tests/unit-php: require one of users.users.name.{isSystemUser,isNormalUser}
2021-05-09 20:09:29 +00:00
github-actions[bot]
450e66080b
Merge master into staging-next 2021-05-09 18:23:01 +00:00
Félix Baylac-Jacqué
524ff40291
nixosTests.systemd-networkd: remove wireguard kernel module
config.boot.kernelPackages.wireguard evaluates to null on machine
closure having a > 5.6 Linux kernels, hence making the evaluation of
this test fail.

Wireguard is now part of the mainline Linux kernel, we do not need to
to add it via a additional kernel module anymore for this test.
2021-05-09 15:40:19 +02:00
github-actions[bot]
bc1f4b790e
Merge master into staging-next 2021-05-09 12:23:16 +00:00
Luke Granger-Brown
491216df02
Merge pull request #122099 from alekna/fix/docker
nixos/docker: ensure ipv4 forwarding is enabled
2021-05-09 12:15:16 +01:00
Michele Guerini Rocco
e5452226af
Merge pull request #121791 from dotlambda/sudo-execWheelOnly
nixos/sudo: add option execWheelOnly
2021-05-09 10:04:15 +02:00
Vladimír Čunát
5663b2b2d3
Merge branch 'master' into staging-next
(a trivial conflict in transmission)
2021-05-09 09:31:55 +02:00
Izorkin
506646e48b
nixos/tests/unit-php: require one of users.users.name.{isSystemUser,isNormalUser} 2021-05-09 07:42:02 +03:00
Robert Hensing
e312fc23c4
Merge pull request #122282 from roberth/docker-tools-reenable-lint
nixos/tests/docker-tools*: enable linting
2021-05-09 03:33:42 +02:00
Robert Hensing
75c4fc1c8b nixos/testing-python.nix: Move makeWrapper to nativeBuildInputs 2021-05-09 03:04:03 +02:00
Robert Hensing
8c868f47a8 Revert "nixos/tests/docker-tools*: remove useless formatter"
Annoyed with the interference of the python formatting of
generated code (see #72964), I took matters into my own hands
as maintainer of dockerTools.

Afterwards, I've created a PR, hoping to unstuck the discussion.

@aszlig took notice and thanks to his python ecosystem knowledge,
the testing efforts of @blaggacao and @Ma27, and a sense of
shared suffering and comraderie we were able to change the
situation for the better in #122201.

Now, we have a proper linter that actually helps contributors,
so it's time to turn it back on again.

I'm glad we could make it happen this quickly!

Thanks!

This reverts commit 4035049af3.
2021-05-09 02:57:17 +02:00
aszlig
54bc69637b
nixos/test/virtualbox: Fix linting errors
There were a bunch of unnecessary f-strings in there and I also removed
the "# fmt: on/off" comments, because we no longer use Black and thus
won't need those comments anymore.

Signed-off-by: aszlig <aszlig@nix.build>
2021-05-09 02:28:32 +02:00
aszlig
74bff4e667
nixos/tests/unbound: Remove unused 'json' import
Signed-off-by: aszlig <aszlig@nix.build>
2021-05-09 02:28:30 +02:00
David Arnold
6ad2e41269
nixos/testing: lint jellyfin test 2021-05-09 02:28:28 +02:00
aszlig
6c0ec527b9
nixos/tests/shadow: Fix linting errors
Linter errors reported:

  6:32 f-string is missing placeholders
  7:26 f-string is missing placeholders
  8:32 f-string is missing placeholders
  30:32 f-string is missing placeholders
  31:26 f-string is missing placeholders
  32:32 f-string is missing placeholders
  48:32 f-string is missing placeholders
  49:26 f-string is missing placeholders
  50:32 f-string is missing placeholders
  76:32 f-string is missing placeholders
  77:26 f-string is missing placeholders
  78:32 f-string is missing placeholders

Signed-off-by: aszlig <aszlig@nix.build>
2021-05-09 02:28:26 +02:00
aszlig
e157ad41cb
nixos/tests/printing: Remove unused 'sys' import
Signed-off-by: aszlig <aszlig@nix.build>
2021-05-09 02:28:23 +02:00
aszlig
c066cc3c0b
nixos/tests/networking: Fix str literal comparison
Linter error:

  use ==/!= to compare constant literals (str, bytes, int, float, tuple)

Signed-off-by: aszlig <aszlig@nix.build>
2021-05-09 02:28:20 +02:00
aszlig
62a518b904
nixos/tests/yggdrasil: Fix linting error
Linter error was: f-string is missing placeholders

Signed-off-by: aszlig <aszlig@nix.build>
2021-05-09 02:28:18 +02:00
Maximilian Bosch
b782440a62
nixosTests.custom-ca: lint 2021-05-09 02:28:16 +02:00
Maximilian Bosch
b4b5dcb669
nixosTests.containers-imperative: lint 2021-05-09 02:28:14 +02:00
Maximilian Bosch
fc76a44d0f
nixosTests.containers-custom-pkgs: lint
The new linter basically does

   def testScript
      # ...

before calling `pyflakes`. As this test-script is empty, it would lead
to a syntax-error unless `pass` is added.
2021-05-09 02:28:11 +02:00
Maximilian Bosch
774aba102a
nixosTests.chromium: lint
Note: I didn't execute it entirely because I'd have to build chromium
for this, but the diff appears fine.
2021-05-09 02:28:09 +02:00
Robert Hensing
b9e7fb14e2
nixos/tests/nfs: lint 2021-05-09 02:28:07 +02:00
Robert Hensing
06b070ffe7
nixosTests.acme: lint 2021-05-09 02:28:04 +02:00
Robert Hensing
56d9637119
nixos/testing: Set up scope for testScript linter
Our test driver exposes a bunch of variables and functions, which
pyflakes doesn't recognise by default because it assumes that the test
script is executed standalone. In reality however the test driver script
is using exec() on the testScript.

Fortunately pyflakes has $PYFLAKES_BUILTINS, which are the attributes
that are globally available on all modules to be checked. Since we only
have one module, using this environment variable is fine as opposed to
my first approach to this, which tried to use the unstable internal API
of pyflakes.

The attributes are gathered by the main derivation of the test driver,
because we don't want to end up defining a new attribute in the test
driver module just to being confused why using it in a test will result
in an error.

Another way we could have gathered these attributes would be in
mkDriver, which is where the linting takes place. However, we do have a
different set of Python dependencies in scope and duplicating these will
again just cause confusion over having it at one location only.

Signed-off-by: aszlig <aszlig@nix.build>
Co-Authored-By: aszlig <aszlig@nix.build>
2021-05-09 02:26:51 +02:00
Robert Hensing
71087b2bc4
nixos/testing-python.nix: Expose driver
(cherry picked from commit a2c9220568648b4528154ebd8e657add243ed0b4)
2021-05-09 02:26:40 +02:00
aszlig
c362a28fcf
nixos/testing: Switch from black to pyflakes
So far, we have used "black" for formatting the test code, which is
rather strict and opinionated and when used inline in Nix expressions it
creates all sorts of trouble.

One of the main annoyances is that when using strings coming from Nix
expressions (eg. store paths or option definitions from NixOS modules),
completely unrelated changes could cause tests to fail, since eg. black
wants lines to be broken.

Another downside of enforcing a certain kind of formatting is that it
makes the Nix expression code inconsistent because we're mixing two
spaces of indentation (common in nixpkgs) with four spaces of
indentation as defined in PEP-8. While this is perfectly fine for
standalone Python files, it really looks ugly and inconsistent IMO when
used within Nix strings.

What we actually want though is a linter that catches problems early on
before actually running the test, because this is *actually* helping in
development because running the actual VM test takes much longer.

This is the reason why I switched from black to pyflakes, because the
latter actually has useful checks, eg. usage of undefined variables,
invalid format arguments, duplicate arguments, shadowed loop vars and
more.

Signed-off-by: aszlig <aszlig@nix.build>
Closes: https://github.com/NixOS/nixpkgs/issues/72964
2021-05-09 02:26:37 +02:00
Aaron Andersen
3f499a9c64 kodi: 19.0 -> 19.1 2021-05-08 18:26:19 -04:00
Robert Schütz
5624aa9f81 nixos/sudo: add option execWheelOnly
By setting the executable's group to wheel and permissions to 4510, we
make sure that only members of the wheel group can execute sudo.
2021-05-08 23:48:00 +02:00
paumr
5390d4b946 nixos/bind: formatted with nixpkgs-fmt 2021-05-08 23:13:58 +02:00
Robert Schütz
314a64a026 nixos/znc: fix example 2021-05-08 22:54:19 +02:00
Robert Schütz
5986f233a6 nixos/znc: remove trailing slash from dataDir 2021-05-08 22:54:19 +02:00
Robert Schütz
4400ee83ec nixos/znc: harden systemd unit 2021-05-08 22:54:15 +02:00
Robert Hensing
4433ba90aa
Merge pull request #121927 from rissson/nixos-unbound-fix-top-level-include
nixos/unbound: allow list of strings in top-level settings option type
2021-05-08 22:00:57 +02:00
github-actions[bot]
6d46d8a9b9
Merge master into staging-next 2021-05-08 18:22:46 +00:00
Hedtke, Moritz
7a80d281ed
nixos/containers: Increase startup timeout for imperative containers
Changed the startup timeout from 15 seconds to one minute as 15 seconds is really low.
Also it's currently not possible to change it without editing your system configuration.
2021-05-08 19:59:20 +02:00
Laurynas Alekna
9317570735 nixos/docker: ensure ipv4 forwarding is enabled
Fixes #118656
2021-05-08 18:58:24 +01:00
Marc 'risson' Schmitt
0340cd2abe
nixos/unbound: allow list of strings in top-level settings option type
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2021-05-08 19:55:17 +02:00
divanorama
b7dea9e494 nixosTests.systemd-confinement: fix script format
https://hydra.nixos.org/build/142591177/nixlog/30

ZHF: #122042
2021-05-08 10:05:15 -07:00
Aaron Andersen
9254b82706
Merge pull request #121746 from j0hax/monero-options
nixos/monero: add dataDir option
2021-05-08 11:43:49 -04:00
Robert Hensing
3cfb002b07
Merge pull request #122192 from roberth/docker-tools-stimulate-testing
dockerTools testing update
2021-05-08 15:53:17 +02:00
Robert Hensing
4035049af3 nixos/tests/docker-tools*: remove useless formatter 2021-05-08 15:03:20 +02:00
Robert Hensing
a67c97a5eb nixos/tests/docker-tools*: Add myself as maintainer where missing
I should have done this when I became maintainer for dockerTools,
but it's the PR reviews that matter.
2021-05-08 15:00:19 +02:00
Martin Weinelt
9651084620 Merge remote-tracking branch 'origin/master' into staging-next 2021-05-08 14:43:43 +02:00
Yorick van Pelt
87f11f84b2
maintainers: add serokell team, move various packages to it 2021-05-08 12:11:48 +02:00
Vladimír Čunát
080cd658ca
Merge #121780: treewide meta.maintainers tweaks 2021-05-08 10:47:08 +02:00
Gemini Lasswell
28f51d7757 nixos/yggdrasil: set directory permissions before writing keys
Remove the opportunity for someone to read the keys in between when
they are written and when the chmod is done.  Addresses #121293.
2021-05-08 09:49:19 +02:00
Jan Tojnar
468cb5980b gnome: rename from gnome3
Since GNOME version is now 40, it no longer makes sense to use the old attribute name.
2021-05-08 09:47:42 +02:00
github-actions[bot]
e21fb16f9a
Merge master into staging-next 2021-05-08 06:20:05 +00:00
Silvan Mosberger
08d94fd2b0
Merge pull request #114374 from oxalica/lib/platform-support-check
lib.meta: introduce `availableOn` to check package availability on given platform
2021-05-08 03:54:36 +02:00
github-actions[bot]
b4416b52c5
Merge master into staging-next 2021-05-08 00:46:50 +00:00
Johannes Arnold
c0853b6e2c nixos/monero: use isSystemUser = true 2021-05-08 02:13:25 +02:00