Robert Hensing
843248d39f
Merge pull request #117379 from hercules-ci/nixos-metricbeat
...
nixos/metricbeat: init
2021-06-08 13:53:20 +02:00
rnhmjoj
be01320a6c
nixos/wireless: only warn for no interfaces
...
A hard failure breaks the NixOS installer, which can't possibly
know the interface names in advance.
2021-06-08 07:42:34 +02:00
github-actions[bot]
59ab4de3e0
Merge staging-next into staging
2021-06-08 00:19:01 +00:00
Robin Gloster
218d6c37c8
Merge pull request #126045 from NixOS/jtojnar-patch-1
...
nixos/gnome: fix option label
2021-06-07 15:49:14 -05:00
Ashlynn Anderson
47db174a3c
nixos/self-deploy: make nixAttribute nullable ( #125617 )
...
Allows using a nix file that directly provides the derivation
2021-06-07 12:44:13 -07:00
github-actions[bot]
5b7fbb07b8
Merge staging-next into staging
2021-06-07 18:48:37 +00:00
rnhmjoj
eba5f5c1e5
Revert "nixos/wireless: make wireless.interfaces mandatory"
...
This reverts commit 030a521adc
.
2021-06-07 15:55:58 +02:00
jakobrs
475c007da0
nixos/libvirtd: add assertion requiring polkit to be enabled
2021-06-07 15:12:21 +02:00
github-actions[bot]
d3f2c41b26
Merge staging-next into staging
2021-06-07 12:15:58 +00:00
talyz
41387135dd
nixos/grafana: Add error handling to service script
...
Without this, the services starts even if files are missing or
prerequisite commands fail, which can lead to incorrect initial
state.
2021-06-07 18:00:13 +09:00
talyz
98f07d6cc5
nixos/grafana: Filter out duplicate plugins
...
If the same plugin appears multiple times in `declarativePlugins`, for
example due to being added both by a module and in user config, the
build fails with an error message similar to
ln: failed to create symbolic link 'grafana-worldmap-panel/glmqcj88zk2bz3mvdr3r7920wxg02qnq-grafana-worldmap-panel-0.3.2': Permission denied
This is solved by removing all duplicates.
2021-06-07 18:00:13 +09:00
github-actions[bot]
e218376e4a
Merge staging-next into staging
2021-06-07 06:37:31 +00:00
Jan Tojnar
99fcca7b6b
nixos/gnome: fix option label
...
It is no longer GNOME 3.
2021-06-07 08:34:38 +02:00
Luke Granger-Brown
91fb672b21
Merge pull request #125573 from Flakebi/prometheus-script-exporter
...
prometheus-script-exporter: init at 1.2.0
2021-06-07 01:59:41 +01:00
github-actions[bot]
4db56e21dc
Merge staging-next into staging
2021-06-07 00:15:20 +00:00
AmineChikhaoui
7e89fb12e4
ec2-amis: add release 21.05
2021-06-06 17:09:14 -07:00
Flakebi
3bcf4e31ef
nixos/prometheus: add script exporter
2021-06-06 22:42:46 +02:00
github-actions[bot]
a1f68141f3
Merge staging-next into staging
2021-06-06 18:30:36 +00:00
Christine Dodrill
2b220cc57b
nixos/tailscale: add procps to $PATH
...
Currently tailscaled expects `sysctl` (from package procps) to be present
in the path when running on Linux. It can function without the `sysctl`
command present but it prints an error about it. This fixes that error.
Warning: couldn't check net.ipv4.ip_forward (exec: "sysctl":
executable file not found in $PATH).
Signed-off-by: Christine Dodrill <me@christine.website>
2021-06-06 14:17:03 +00:00
Niklas Hambüchen
fdca90d07f
docs: acme: Fix typo
2021-06-06 14:27:13 +02:00
github-actions[bot]
385224957b
Merge staging-next into staging
2021-06-06 12:14:34 +00:00
Michele Guerini Rocco
78d9a75d9e
Merge pull request #125288 from rnhmjoj/wpa-race-fix
...
nixos/wireless: make wireless.interfaces mandatory
2021-06-06 10:35:15 +02:00
github-actions[bot]
500db2661d
Merge staging-next into staging
2021-06-06 00:15:23 +00:00
Sandro
0c85b23e25
Merge pull request #123433 from kira-bruneau/gamemode
2021-06-06 02:13:02 +02:00
Sandro
6e2204ea32
Merge pull request #123364 from edude03/patch-7
2021-06-06 01:35:18 +02:00
Flakebi
5e5a3c39ed
nixos/prometheus: add process exporter
2021-06-06 08:17:25 +09:00
tomberek
157aee00a5
nixos/sourcehut: init ( #113244 )
...
* nixos/sourcehut: init
* sourcehut: default nginx setup
* sourcehut: documentation
* sourcehut: re-structure settings
* sourcehut: tests
* nixos/sourcehut: adopt StateDirectory
* Apply suggestions from code review
Co-authored-by: Aaron Andersen <aaron@fosslib.net>
Co-authored-by: Thibaut Marty <github@thibautmarty.fr>
Co-authored-by: malte-v <34393802+malte-v@users.noreply.github.com>
* nixos/sourcehut: PR suggestions
* nixos/sourcehut: malte-v patch
* nixos/sourcehut: add base virtualhost
* nixos/sourcehut: remove superfluous key
* nixos/sourcehut: use default from cfg
* nixos/sourcehut: use originBase for logs
* nixos/sourcehut: use toPythonApplication in systemPackages
* nixos/sourcehut: directly use ExecStart
* nixos/sourcehut: update docs
Co-authored-by: Aaron Andersen <aaron@fosslib.net>
Co-authored-by: Thibaut Marty <github@thibautmarty.fr>
Co-authored-by: malte-v <34393802+malte-v@users.noreply.github.com>
2021-06-05 14:42:51 -04:00
github-actions[bot]
0397e518b7
Merge staging-next into staging
2021-06-05 18:30:31 +00:00
Kim Lindberger
0dda2a708f
Merge pull request #125699 from talyz/fix-mysql-alias
...
treewide: Fix mysql alias deprecation breakage
2021-06-05 19:07:35 +02:00
Sandro
9751baf8da
Merge pull request #125303 from Vonfry/fcitx5/autostart
...
nixos/fcitx5: autostart with xserver
2021-06-05 18:06:12 +02:00
Sandro
ef45f53bc9
Merge pull request #106465 from jerith666/globalprotect-vpn
2021-06-05 16:40:21 +02:00
ElXreno
7b9df38982
bees: 0.6.3 -> 0.6.5
...
Change-Id: I1866eab9c348d9c10219290ecba698121a32d128
2021-06-05 17:39:12 +03:00
ElXreno
a3fa2cf7c2
bees: nixpkgs-fmt
...
Change-Id: If4e9431dad00ffade3316cf22235d8d44d12d149
2021-06-05 17:39:12 +03:00
Malte Voos
f41f456422
nixos/roundcube: Use php74
2021-06-05 15:28:29 +02:00
github-actions[bot]
d776739d99
Merge staging-next into staging
2021-06-05 06:28:02 +00:00
Jörg Thalheim
6fdb73a3b4
Merge pull request #118801 from Mic92/k3s
...
nixos/k3s: improve zfs/docker support
2021-06-05 07:54:54 +02:00
Jörg Thalheim
03582eb6e3
nixos/k3s: add zfs to path
2021-06-05 07:52:53 +02:00
Jörg Thalheim
7c310e8d28
nixos/k3s: add to environment.systemPackages for adminstration
2021-06-05 07:52:48 +02:00
Vonfry
195b26b95e
nixos/fcitx5: autostart with xserver
2021-06-05 09:22:58 +08:00
github-actions[bot]
8d96bfd409
Merge staging-next into staging
2021-06-05 00:20:36 +00:00
Edward Tjörnhammar
afdb5675a1
nixos/containers: add storage.conf
2021-06-05 10:08:24 +10:00
Maciej Krüger
26b3751de7
Merge pull request #97692 from ryneeverett/lockkernelmodules-lxd
2021-06-05 01:27:27 +02:00
Pascal Bach
b1b9e003dc
nixos/minio: credentialfile
2021-06-04 23:27:12 +02:00
talyz
59e0120aa5
treewide: Fix mysql alias deprecation breakage
...
62733b37b4
broke evaluation in all
places `pkgs.mysql` was used. Fix this by changing all occurrences to
`pkgs.mariadb`.
2021-06-04 21:42:08 +02:00
github-actions[bot]
c06baac6ff
Merge staging-next into staging
2021-06-04 19:41:02 +00:00
Robin Gloster
5433abfd6d
Merge pull request #125483 from Ma27/prometheus-exporter-fixes
...
nixos/prometheus-exporters: improve docs & fix rspamd exporter
2021-06-04 09:10:34 -05:00
github-actions[bot]
0b0d0c21ec
Merge staging-next into staging
2021-06-04 13:00:29 +00:00
Luke Granger-Brown
39e225b0f4
nixos/engelsystem: don't rely on mysql
alias
...
Since 3edde6562e
, we can no longer use
aliases inside the test framework. This has the implication that we can
no longer use aliases in any NixOS modules used by the test framework as
well (which is good), but does mean we need to clean up any instances
where this is the case.
2021-06-04 08:43:48 +00:00
Maximilian Bosch
951e6988ac
Merge pull request #104543 from chkno/sftpServerExecutable
...
nixos/sshd: Option to set the sftp server executable
2021-06-04 10:16:20 +02:00
github-actions[bot]
b511c637c8
Merge staging-next into staging
2021-06-03 19:52:05 +00:00
talyz
f5f8341c76
nixos/geoipupdate: Replace the old geoip-updater
module
...
Our old bespoke GeoIP updater doesn't seem to be working
anymore. Instead of trying to fix it, replace it with the official
updater from MaxMind.
2021-06-03 20:57:25 +02:00
Bjørn Forsman
4bcb22e17a
nixos/jenkins-job-builder: add support for folder jobs
...
Add support for folder jobs
(https://plugins.jenkins.io/cloudbees-folder/ ) by reworking the service
to support nested jobs.
This also fixes this deprecation warning (as a happy side effect):
WARNING:jenkins_jobs.cli.subcommand.test:(Deprecated) The default output behavior of `jenkins-jobs test` when given the --output flag will change in JJB 3.0. Instead of writing jobs to OUTPUT/jobname; they will be written to OUTPUT/jobname/config.xml. The new behavior can be enabled by the passing `--config-xml` parameter
2021-06-03 19:29:57 +02:00
github-actions[bot]
25b7ba022b
Merge staging-next into staging
2021-06-03 12:49:14 +00:00
Maximilian Bosch
ba9768f314
nixos/mail-exporter: add note about rspamd marking probe mails as spam
2021-06-03 13:10:23 +02:00
Maximilian Bosch
6fb847c556
nixos/dovecot-exporter: fix documentation for old stats
2021-06-03 13:01:11 +02:00
Maximilian Bosch
976d668e5c
nixos/rspamd-exporter: fix metrics
...
In 0.3.0 of the json-exporter[1] it was switched to a different jsonpath
library which made some changes - especially for spaces in keys -
necessary. Also I decided to remove the pretty-printed JSON as this
would interfere with the bash quoting too much. If one needs
pretty-printed output, they can still pipe the output to `jq`.
[1] https://github.com/prometheus-community/json_exporter/releases/tag/v0.3.0
2021-06-03 12:37:48 +02:00
Linus Heckemann
19cd7343fd
Merge pull request #125331 from wentasah/fix-mailman-serivce
...
nixos/mailman: Fix mailman-settings.service configuration
2021-06-03 10:34:45 +02:00
github-actions[bot]
7b3fe5e16a
Merge staging-next into staging
2021-06-03 07:26:17 +00:00
zowoq
3cf17240f0
Revert "nixos/containers: add storage.conf"
...
This file requires some defaults to be set otherwise podman, etc errors.
It also broke the podman nixos tests.
This reverts commit 7a4de9a983
.
2021-06-03 13:56:17 +10:00
Martin Weinelt
01f8f4f074
nixos/matrix-synapse: allow preloading jemalloc
...
This is the default in the upstreams docker image and claims to reduce
memory fragmentation and usage.
2021-06-03 05:16:45 +02:00
Matt McHenry
e2b7cfedd6
globalprotect-openconnect: init at 1.2.6
...
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
Co-authored-by: sterni <sternenseemann@systemli.org>
2021-06-02 19:22:13 -04:00
github-actions[bot]
a261aaf9c2
Merge staging-next into staging
2021-06-02 13:08:16 +00:00
Maciej Krüger
5faa7056f9
nixos/virtualbox-image: add exportParams
...
This allows the user to specify custom export
parameters like adding a vendor to the exported VM
2021-06-02 13:28:43 +02:00
Maximilian Bosch
cc88797ce0
plausible: minor polishing
2021-06-02 19:21:31 +09:00
Maximilian Bosch
6bc72cdd4a
plausiblew: cleanup build & update script
2021-06-02 19:21:31 +09:00
Maximilian Bosch
02b15d0f5b
plausible: first review fix iteration
...
* Most significant is probably the patching necessary to run plausible
with postgres without superuser privilege. This change includes:
* updating ecto_sql to 3.6 where `CREATE DATABASE` is only executed if
it doesn't exist[1].
* patching a migration to only modify the `users.email` column (to use
`citext` rather than creating the extension. `plausible-postgres`
takes care of that).
* Correctly declare dependencies in systemd.
* A few minor fixes.
[1] 051baf669e
2021-06-02 19:21:31 +09:00
Maximilian Bosch
b06ea1146c
plausible: init at 1.3.0
2021-06-02 19:21:31 +09:00
Edward Tjörnhammar
7a4de9a983
nixos/containers: add storage.conf
2021-06-02 19:03:53 +10:00
github-actions[bot]
632c65fbd4
Merge staging-next into staging
2021-06-02 07:51:55 +00:00
Michal Sojka
2a4755e1d4
nixos/mailman: Fix mailman-settings.service configuration
...
Without this change, mailman-settings.service is not guaranteed to
complete before dependent services. This can lead to various errors
like:
mailman-web-setup.service: Changing to the requested working directory failed: No such file or directory
2021-06-02 08:20:08 +02:00
Robert Hensing
d9e4512443
Merge pull request #124589 from hercules-ci/containers-dnsname
...
nixos/podman-dnsname: init
2021-06-02 08:18:48 +02:00
Kira Bruneau
caac437b9b
nixos/gamemode: add module
2021-06-01 21:03:34 -04:00
rnhmjoj
030a521adc
nixos/wireless: make wireless.interfaces mandatory
...
This is the only way to solve issue #101963 , for now.
2021-06-01 23:19:40 +02:00
github-actions[bot]
ffe6577d05
Merge staging-next into staging
2021-06-01 20:30:47 +00:00
Jörg Thalheim
79ef19e02b
Merge pull request #125169 from Mic92/containerd-zfs
...
nixos/containerd: improve zfs support
2021-06-01 20:43:11 +02:00
Jörg Thalheim
f2e4cb7f20
nixos/containerd: improve zfs support
2021-06-01 20:41:42 +02:00
Jan Tojnar
ab0d28758e
Merge pull request #125180 from chpatrick/gnome-flashback-panel-modules
...
gnome-flashback: add module support to gnome-panel for installing applets
2021-06-01 19:34:36 +02:00
Sandro
44327ab7dc
Merge pull request #124991 from ju1m/apparmor
2021-06-01 15:26:30 +02:00
Sandro
eb5c8e51b7
Merge pull request #124404 from nagy/option-types
2021-06-01 15:12:16 +02:00
Patrick Chilton
6bcd4fe4ef
gnome-flashback: add module support to gnome-panel for installing applets
...
Co-authored-by: Jan Tojnar <jtojnar@gmail.com>
2021-06-01 14:04:30 +02:00
Jörg Thalheim
846f44e880
Merge pull request #121667 from Mic92/buildkite
...
nixos/buildkite-agents: fix race-condition when installing secrets
2021-06-01 09:31:23 +02:00
Martin Weinelt
e09bfc5d1c
Merge pull request #124950 from vincentbernat/fix/acme-no-reuse-key
...
nixos/acme: don't use --reuse-key
2021-06-01 00:59:09 +02:00
Vincent Bernat
632c8e1d54
nixos/acme: don't use --reuse-key
...
Reusing the same private/public key on renewal has two issues:
- some providers don't accept to sign the same public key
again (Buypass Go SSL)
- keeping the same private key forever partly defeats the purpose of
renewing the certificate often
Therefore, let's remove this option. People wanting to keep the same
key can set extraLegoRenewFlags to `[ --reuse-key ]` to keep the
previous behavior. Alternatively, we could put this as an option whose
default value is true.
2021-06-01 00:43:45 +02:00
Maciej Krüger
ef555f6a0b
Merge pull request #123426 from mattchrist/brscan5
2021-05-31 17:52:16 +02:00
zowoq
72f54c32a6
nixos/podman-network-socket-ghostunnel: move condition to include socket
2021-05-31 23:38:31 +10:00
Robert Hensing
54f2f1e5f1
nixos/podman-dnsname: init
2021-05-31 14:31:09 +02:00
Robert Hensing
d81631fb98
nixos/podman: Add defaultNetwork.extraPlugins
2021-05-31 14:31:09 +02:00
Robert Hensing
efba949352
nixos/containers: Add virtualisation.containers.containersConf.cniPlugins
2021-05-31 14:29:57 +02:00
Robert Hensing
3600a82711
Merge pull request #124921 from zowoq/podman-cni-conf
...
podman: install cni config
2021-05-31 14:27:10 +02:00
Dominik Xaver Hörl
436f61c878
nixos/boot: properly override the kernel in boot.kernelPatches
...
Previously the code took the kernelPatches of the final derivation, which
might or might not be what was passed to the derivation in the original call.
The previous behaviour caused various hacks to become neccessary to avoid duplicates in kernelPatches.
2021-05-31 12:10:19 +02:00
Robert Hensing
5699d027ec
nixos/metricbeat: init
2021-05-31 10:42:08 +02:00
Julien Moutinho
61654ca131
nixos/pam: use new plasma5Packages, fixes #124973
2021-05-30 21:44:25 +02:00
Johannes Schleifenbaum
878103ce55
nixos/trilium: use boolToString for noBackup
2021-05-30 18:16:13 +02:00
Martin Weinelt
219d8381bd
Merge pull request #124947 from helsinki-systems/fix/libvirtd-ethertypes
2021-05-30 16:52:46 +02:00
Janne Heß
964fc7cfef
Update nixos/modules/virtualisation/libvirtd.nix
...
Co-authored-by: Martin Weinelt <mweinelt@users.noreply.github.com>
2021-05-30 16:00:50 +02:00
Daniel Nagy
e57465a617
nixos/monero: set port type to types.port
2021-05-30 14:38:20 +02:00
Daniel Nagy
cc5517da4c
nixos/gitlab: set port type to types.port
2021-05-30 14:38:20 +02:00
Daniel Nagy
8e760f4858
nixos/matrix-synapse: set port type to types.port
2021-05-30 14:38:19 +02:00
Daniel Nagy
65b32a0afe
nixos/syncserver: set port type to types.port
2021-05-30 14:38:19 +02:00
Daniel Nagy
048c45679f
nixos/gitDaemon: set port type to types.port
2021-05-30 14:38:19 +02:00
Daniel Nagy
0cde374a76
nixos/redis: set port type to types.port
2021-05-30 14:38:19 +02:00
Daniel Nagy
73f9c29a2c
nixos/discourse: set port type to types.port
2021-05-30 14:38:18 +02:00
Daniel Nagy
137924cc96
nixos/terraria: adapt option types
2021-05-30 14:38:18 +02:00
Daniel Nagy
941fd008ed
nixos/lighttpd: set port type to types.port
2021-05-30 14:38:18 +02:00
Daniel Nagy
a5321aecfb
nixos/darkhttpd: set port type to types.port
2021-05-30 14:38:18 +02:00
Janne Heß
2eeecef3fc
nixos/libvirtd: Take ethertypes from iptables-nftables-compat
...
iptables is currently defined in `all-packages.nix` to be
iptables-compat. That package does however not contain `ethertypes`.
Only `iptables-nftables-compat` contains this file so the symlink
dangles.
2021-05-30 11:55:19 +02:00
Robert Hensing
b6570e7238
nixos/podman-network-socket-ghostunnel: init
2021-05-30 11:23:24 +02:00
Robert Hensing
52844efcd6
nixos/podman: Add generic networkSocket interface
2021-05-30 11:21:05 +02:00
Robert Hensing
ff4d83a667
nixos/podman: Add dockerSocket.enable
2021-05-30 11:21:05 +02:00
Robert Hensing
fb8b0a3843
nixos/podman: Change podman socket to new podman group
2021-05-30 11:21:05 +02:00
zowoq
30ae7e4ba9
nixos/podman: install cni config from package
2021-05-30 11:40:36 +10:00
markuskowa
f188138af3
Merge pull request #124181 from pmenke-de/sdrplay
...
sdrplay: init at 3.07.1
2021-05-29 22:21:10 +02:00
Martin Weinelt
ee8cf6a664
Merge pull request #124839 from mweinelt/wordpress/secret-key-regen
...
nixos/wordpress: regenerate secret keys if misspelled key name is found
2021-05-29 22:13:03 +02:00
Martin Weinelt
724ed08df0
nixos/wordpress: regenerate secret keys if misspelled key name is found
...
A secret key generated by the nixos module was misspelled, which could
possibly impact the security of session cookies.
To recover from this situation we will wipe all security keys that were
previously generated by the NixOS module, when the misspelled one is
found. This will result in all session cookies being invalidated. This
is confirmed by the wordpress documentation:
> You can change these at any point in time to invalidate all existing
> cookies. This does mean that all users will have to login again.
https://wordpress.org/support/article/editing-wp-config-php/#security-keys
Meanwhile this issue shouldn't be too grave, since the salting function
of wordpress will rely on the concatenation of both the user-provided
and automatically generated values, that are stored in the database.
> Secret keys are located in two places: in the database and in the
> wp-config.php file. The secret key in the database is randomly
> generated and will be appended to the secret keys in wp-config.php.
https://developer.wordpress.org/reference/functions/wp_salt/
Fixes: 2adb03fdae
("nixos/wordpress:
generate secrets locally")
Reported-by: Moritz Hedtke <Moritz.Hedtke@t-online.de>
2021-05-29 04:24:42 +02:00
Matt Christ
dd54ac5648
brscan5: simplify mkEnableOption
2021-05-28 20:55:55 -05:00
Niklas Hambüchen
d344dccf3d
nixos/wireguard: Remove .path systemd unit for privkey. Fixes #123203
...
As per `man systemd.path`:
> When a service unit triggered by a path unit terminates
> (regardless whether it exited successfully or failed),
> monitored paths are checked immediately again,
> **and the service accordingly restarted instantly**.
Thus the existence of the path unit made it impossible to stop the
wireguard service using e.g.
systemctl stop wireguard-wg0.service
Systemd path units are not intended for program inputs such
as private key files.
This commit simply removes this usage; the private key is still
generated by the `generateKeyServiceUnit`.
2021-05-28 17:44:19 -07:00
talyz
cb80b67993
nixos/discourse: Assert deployed PostgreSQL version
...
Assert that the PostgreSQL version being deployed is the one used
upstream. Allow the user to override this assertion, since it's not
always possible or preferable to use the recommended one.
2021-05-28 17:43:02 -07:00
talyz
1f6b48be74
discourse: 2.6.5 -> 2.7.0
2021-05-28 17:43:02 -07:00
pmenke
9e0ed182aa
sdrplay: init at 3.07.1
...
this adds support for software defined radio (SDR) devices by SDRplay.
SDRplay provides an unfree binary library and api-service as well
as a MIT licensed adapter library for SoapySDR for integration
with many popular SDR applications.
2021-05-28 15:40:04 +02:00
Jan Tojnar
b2f86e6662
nixos/gnome: Do not enable metacity by default
...
Did not realize this is not conditional on gnome-flashback being enabled.
Partially reverts https://github.com/NixOS/nixpkgs/pull/113957
2021-05-28 14:57:36 +02:00
Jan Tojnar
e923fc2d2b
Merge pull request #113957 from chpatrick/gnome-flashback-panel-fix
...
gnome-flashback: add option to remove gnome-panel, auto-generate wmName
2021-05-28 13:32:22 +02:00
Patrick Chilton
424cd7d999
gnome-flashback: add option to remove gnome-panel, auto-generate wmName
2021-05-28 13:10:17 +02:00
Domen Kožar
b72c2d3806
duplicati: 2.0.5.1 -> 2.0.6.1, fix nixos module
2021-05-28 10:33:53 +02:00
David Arnold
13750b25a5
kubernetes: fix generated kubeconfig
...
The absence of current-context in the right place resulted in obscure
bugs. The reason this has not been detected before can only be that
it was unused.
2021-05-26 23:39:48 -07:00
Sandro
5619e3eb35
Merge pull request #124147 from superherointj/package-firebird-v4.0.0
2021-05-27 05:13:50 +02:00
Sandro
5584b49a46
Merge pull request #123363 from FliegendeWurst/trilium-update-0.47.3
2021-05-27 04:52:55 +02:00
Naïm Favier
a6788be01a
nixos/luksroot: add bypassWorkqueues ( #118114 )
...
https://wiki.archlinux.org/index.php/Dm-crypt/Specialties#Disable_workqueue_for_increased_solid_state_drive_(SSD)_performance
2021-05-26 09:43:38 -04:00
Matt Christ
c92404dc69
brscan5: update example to be supported model
2021-05-25 19:14:18 -05:00
Martin Weinelt
fcd6d0bc14
Merge pull request #124263 from Lassulus/solanum3
...
solanum: remove obsolete BANDB settings/patches
2021-05-25 20:51:32 +02:00
Sandro Jäckel
140828ce38
nixos/kresd: tell resolveconf to use local resolver
2021-05-25 16:37:00 +02:00
Niklas Hambüchen
83a8acc392
Merge pull request #121331 from nh2/wireguard-dynamicEndpointRefreshSeconds
...
nixos/wireguard: Add `dynamicEndpointRefreshSeconds` option
2021-05-24 21:49:05 +02:00
lassulus
8eb5701aaf
solanum: remove obsolete BANDB settings/patches
2021-05-24 15:49:57 +02:00
Naïm Favier
821ca7d4cc
nixos/nginx: add option rejectSSL exposing ssl_reject_handshake
2021-05-24 15:10:09 +02:00
regnat
113823669b
Revert "nixos/nix-daemon: fix sandbox-paths option"
...
This reverts commit aeeee447bc
.
2021-05-24 10:51:02 +02:00
FliegendeWurst
b9e2b878c5
nixos/trilium-server: noBackup option
2021-05-24 09:55:49 +02:00
FliegendeWurst
7cb492fb13
nixos/trilium-server: add myself as maintainer
2021-05-24 09:55:49 +02:00
Ivan Kozik
d95960e275
nixos/bitwarden_rs: fix startup on 32 thread machines
...
LimitNPROC=64 is too low for bitwarden_rs to start on a 32 thread machine.
Remove the limit.
This fixes:
```
bitwarden_rs[38701]: /--------------------------------------------------------------------\
bitwarden_rs[38701]: | Starting Bitwarden_RS |
bitwarden_rs[38701]: |--------------------------------------------------------------------|
bitwarden_rs[38701]: | This is an *unofficial* Bitwarden implementation, DO NOT use the |
bitwarden_rs[38701]: | official channels to report bugs/features, regardless of client. |
bitwarden_rs[38701]: | Send usage/configuration questions or feature requests to: |
bitwarden_rs[38701]: | https://bitwardenrs.discourse.group/ |
bitwarden_rs[38701]: | Report suspected bugs/issues in the software itself at: |
bitwarden_rs[38701]: | https://github.com/dani-garcia/bitwarden_rs/issues/new |
bitwarden_rs[38701]: \--------------------------------------------------------------------/
bitwarden_rs[38701]: [INFO] No .env file found.
bitwarden_rs[38701]: [2021-05-24 03:34:41.121][bitwarden_rs::api::core::sends][INFO] Initiating send deletion
bitwarden_rs[38701]: [2021-05-24 03:34:41.122][start][INFO] Rocket has launched from http://127.0.0.1:8222
bitwarden_rs[38701]: [2021-05-24 03:34:41.126][panic][ERROR] thread 'unnamed' panicked at 'failed to spawn thread: Os { code: 11, kind: WouldBlock, message: "Resource temporarily unavailable" }': /build/rustc-1.52.1-src/library/std/src/thread/mod.rs:620
bitwarden_rs[38701]: 0: bitwarden_rs::init_logging::{{closure}}
bitwarden_rs[38701]: 1: std::panicking::rust_panic_with_hook
bitwarden_rs[38701]: 2: std::panicking::begin_panic_handler::{{closure}}
bitwarden_rs[38701]: 3: std::sys_common::backtrace::__rust_end_short_backtrace
bitwarden_rs[38701]: 4: rust_begin_unwind
bitwarden_rs[38701]: 5: core::panicking::panic_fmt
bitwarden_rs[38701]: 6: core::result::unwrap_failed
bitwarden_rs[38701]: 7: hyper::server::listener::spawn_with
bitwarden_rs[38701]: 8: hyper::server::listener::ListenerPool<A>::accept
bitwarden_rs[38701]: 9: std::sys_common::backtrace::__rust_begin_short_backtrace
bitwarden_rs[38701]: 10: core::ops::function::FnOnce::call_once{{vtable.shim}}
bitwarden_rs[38701]: 11: std::sys::unix:🧵 :Thread:🆕 :thread_start
bitwarden_rs[38701]: 12: start_thread
bitwarden_rs[38701]: 13: __GI___clone
bitwarden_rs[38701]: [2021-05-24 03:34:41.126][panic][ERROR] thread 'main' panicked at 'internal error: entered unreachable code: the call to `handle_threads` should block on success': /build/bitwarden_rs-1.20.0-vendor.tar.gz/rocket/src/rocket.rs:751
bitwarden_rs[38701]: 0: bitwarden_rs::init_logging::{{closure}}
bitwarden_rs[38701]: 1: std::panicking::rust_panic_with_hook
bitwarden_rs[38701]: 2: std::panicking::begin_panic_handler::{{closure}}
bitwarden_rs[38701]: 3: std::sys_common::backtrace::__rust_end_short_backtrace
bitwarden_rs[38701]: 4: rust_begin_unwind
bitwarden_rs[38701]: 5: core::panicking::panic_fmt
bitwarden_rs[38701]: 6: rocket:🚀 :Rocket::launch
bitwarden_rs[38701]: 7: bitwarden_rs::main
bitwarden_rs[38701]: 8: std::sys_common::backtrace::__rust_begin_short_backtrace
bitwarden_rs[38701]: 9: std::rt::lang_start::{{closure}}
bitwarden_rs[38701]: 10: std::rt::lang_start_internal
bitwarden_rs[38701]: 11: main
```
2021-05-24 04:36:17 +00:00
Sandro
fd26001ead
Merge pull request #123304 from SuperSandro2000/pihole-exporter
2021-05-24 04:27:16 +02:00
Sandro Jäckel
0724518919
nixos/prometheus: init pihole-exporter
2021-05-24 04:05:59 +02:00
Anderson Torres
e445fc8661
Merge pull request #123583 from superherointj/module-libvirtd-ovmf-aarch64-fix
...
libvirtd: fix ovmf for aarch64
2021-05-23 19:56:27 -03:00
Michael Raskin
ab51a2dbd6
Merge pull request #123926 from pschyska/master
...
nixos/atop: Add defaultText to types.package options, Fix timing-related test failures.
2021-05-23 18:08:46 +00:00
José Romildo Malaquias
de84bd18d7
Merge pull request #121031 from romildo/fix.lxqt
...
lxqt: does not explicitly require gvfs package
2021-05-23 15:06:55 -03:00
superherointj
97d9e7849b
nixos/firebird: updated firebird package
2021-05-23 10:53:00 -03:00
Matt Christ
14bf8f109b
fix brscan5 config generation
...
before this, the config utility was unable to locate the models folder
update tests to use a compatible model
2021-05-23 08:08:31 -05:00
Guillaume Girol
d7555732bc
Merge pull request #123902 from hyperfekt/mount-pstore-quiet
...
nixos/filesystems: condition mount-pstore.service on unmounted /sys/fs/pstore
2021-05-23 12:18:14 +00:00
Samuel Dionne-Riel
20b023b5ea
iso-image: Improve disk detection
...
This should help in rare hardware-specific situations where the root is
not automatically detected properly.
We search using a marker file. This should help some weird UEFI setups
where the root is set to `(hd0,msdos2)` by default.
Defaulting to `(hd0)` by looking for the ESP **will break themeing**. It
is unclear why, but files in `(hd0,msdos2)` are not all present as they
should be.
This also fixes an issue introduced with cb5c4fcd3c
where rEFInd stopped booting in many cases. This is because it ended up
using (hd0) rather than using the `search` which was happening
beforehand, which in turn uses (hd0,msdos2), which is the ESP.
Putting back the `search` here fixes that.
2021-05-22 20:04:05 -07:00
Samuel Dionne-Riel
c9bb054dd6
iso-image: unqualified root → ($root)
...
This technically changes nothing. In practice `$root` is always the
"CWD", whether searched for automatically or not.
But this serves to announce we are relying on `$root`... I guess...
2021-05-22 20:04:05 -07:00
Samuel Dionne-Riel
15eaed0718
iso-image: change date on all files
...
It may be that in some conditions dates earlier than 1980 on FAT on GRUB
2.06~ish will cause failures
https://github.com/NixOS/nixpkgs/issues/123376#issuecomment-845515035
2021-05-22 20:04:05 -07:00
Samuel Dionne-Riel
f93f0e72e9
iso-image: Force gfxmode
...
https://www.gnu.org/software/grub/manual/grub/html_node/gfxmode.html
2021-05-22 20:04:05 -07:00
Jonathan Ringer
11a9ac00fc
Merge remote-tracking branch 'origin/master' into staging-next
...
Conflicts:
pkgs/tools/networking/xh/default.nix
2021-05-22 18:19:10 -07:00
Martin Weinelt
84f649f693
Merge pull request #121626 from mweinelt/botamusique
2021-05-23 02:02:09 +02:00
Martin Weinelt
59e5ff4b29
nixos/botamusique: init
2021-05-23 01:01:51 +02:00
Jan Tojnar
aea7b5f08e
Merge pull request #124073 from mkg20001/cinnamonpolkit
...
nixos/cinnamon: add polkit_gnome to fix #124062
2021-05-23 00:21:28 +02:00
Jan Tojnar
141e85cc69
Merge pull request #124056 from mkg20001/cinnamonlocale
...
nixos/cinnamon: add cinnamon-translations to systemPackages
2021-05-23 00:21:11 +02:00
Maciej Krüger
eca2b05354
nixos/cinnamon: add cinnamon-translations to systemPackages
...
This allows other cinnamon applications to use the locales
Without this the cinnamon UI is not properly translated
2021-05-22 23:59:33 +02:00
Maciej Krüger
8664c2c743
nixos/cinnamon: add polkit_gnome to fix #124062
2021-05-22 23:58:06 +02:00
Maximilian Bosch
9cab80ce4d
Merge pull request #122203 from mohe2015/imperative-nixos-container-timeout
...
nixos-containers: Increase startup timeout for imperative containers
2021-05-22 23:04:12 +02:00
Maximilian Bosch
278bcdce1f
Merge pull request #123941 from mweinelt/matrix-synapse
...
nixos/matrix-synapse: protect created files
2021-05-22 22:20:16 +02:00
Martin Weinelt
79e675444c
nixos/matrix-synapse: protect created files
...
Enforce UMask on the systemd unit to restrict the permissions of files
created. Especially the homeserver signing key should not be world
readable, and media is served through synapse itself, so no other user
needs access to these files.
Use a prestart chmod to fixup the permissions on the signing key.
2021-05-22 20:30:49 +02:00
Sandro
7be85b5090
Merge pull request #104420 from danielfullmer/syncoid-perm-fix
2021-05-22 17:57:56 +02:00
Kira Bruneau
cd4780fab4
maintainers: rename metadark -> kira-bruneau ( #124035 )
2021-05-22 16:47:40 +02:00
Domen Kožar
fdd42cb68c
Merge pull request #123211 from mdevlamynck/pipewire-plasma-pa
...
nixos/plasma5: also add plasma-pa when using pipewire with pulseaudio support
2021-05-22 15:20:50 +02:00
github-actions[bot]
563389a7fd
Merge master into staging-next
2021-05-22 12:27:09 +00:00
Paul Schyska
9cb76c21ee
nixos/atop: Add defaultText for types.package options
...
see: https://github.com/NixOS/nixpkgs/pull/123053#discussion_r637205826
2021-05-22 14:11:45 +02:00
sohalt
be01cb8b97
nixos/spacenavd: run as user service
2021-05-22 12:48:12 +02:00
Domen Kožar
3a28f72e7b
Merge pull request #123970 from kisik21/nix-fix-sandbox-paths
...
nixos/nix-daemon: fix sandbox-paths option
2021-05-22 12:05:11 +02:00
Vika
aeeee447bc
nixos/nix-daemon: fix sandbox-paths option
...
In newer versions of Nix (at least on 2.4pre20201102_550e11f) the
`extra-` prefix for config options received a special meaning and the
option `extra-sandbox-paths` isn't recognized anymore. This commit fixes
it.
It doesn't cause a behavior change when using older versions of Nix but
does cause an extra newline to appear in the config, thus changing the
hash.
2021-05-22 05:14:56 +00:00
github-actions[bot]
901fb5e64e
Merge master into staging-next
2021-05-22 00:56:03 +00:00
Jonathan Ringer
ced04640c7
nixos/video: remove obsolete ati modules
2021-05-21 16:16:48 -07:00
Martin Weinelt
71fb79ee6b
Merge pull request #123828 from Lassulus/solanum2
...
nixos/solanum: init
2021-05-21 23:23:01 +02:00
Maximilian Bosch
a2379c69a4
Merge pull request #122833 from helsinki-systems/feat/prometheus-metric-relabel
...
nixos/prometheus: Add support for metric relabeling
2021-05-21 23:13:41 +02:00
lassulus
48c16e48aa
nixos/solanum: init
2021-05-21 23:06:38 +02:00
Maximilian Bosch
5dbd28d754
Merge pull request #123009 from deviant/fix-mailman-doc-links
...
nixos/mailman: fix documentation option links
2021-05-21 22:00:47 +02:00
Matt Christ
a9b7300f6f
brscan5: init at 1.2.6-0
2021-05-21 12:59:30 -05:00
Jonathan Ringer
5cd5b9b97f
Merge remote-tracking branch 'origin/master' into staging-next
...
Conflicts:
pkgs/development/tools/kubie/default.nix
2021-05-21 10:39:34 -07:00
eyJhb
6000f420e8
nixos/znc: fixed chown not working after hardening ( #123883 )
2021-05-21 19:07:53 +02:00
hyperfekt
ef991f9b8b
nixos/filesystems: condition mount-pstore.service on unmounted /sys/fs/pstore
...
For unknown reasons, switching to a system that first introduces this
service has it fail with /sys/fs/pstore already having been mounted.
2021-05-21 17:49:23 +02:00
Elis Hirwing
e9cca93bf9
Merge pull request #121778 from talyz/keycloak-security
...
nixos/keycloak: Security fixes + misc
2021-05-21 16:55:26 +02:00
Kerstin Humm
224df6940f
nixos/mastodon: use rails command instead of rake
...
Co-Authored-By: Izorkin <izorkin@elven.pw>
2021-05-21 15:04:12 +02:00
github-actions[bot]
929b12e7b5
Merge master into staging-next
2021-05-21 12:28:43 +00:00
ajs124
c455f3ccaf
Merge pull request #123084 from Yarny0/hylafax
...
hylafaxplus & nixos/hylafax: small improvements
2021-05-21 14:20:57 +02:00
talyz
ba00b0946e
nixos/keycloak: Split certificatePrivateKeyBundle into two options
...
Instead of requiring the user to bundle the certificate and private
key into a single file, provide separate options for them. This is
more in line with most other modules.
2021-05-21 13:09:38 +02:00
talyz
dbf91bc2f1
nixos/keycloak: keycloak.database* -> keycloak.database.*
...
Move all database options to their own group / attribute. This makes
the configuration clearer and brings it in line with most other modern
modules.
2021-05-21 13:09:32 +02:00
talyz
83e406e97a
nixos/keycloak: frontendUrl always needs to be suffixed with /
...
In some places, Keycloak expects the frontendUrl to end with `/`, so
let's make sure it always does.
2021-05-21 13:09:25 +02:00
talyz
58614f8416
nixos/keycloak: Add myself to maintainers
2021-05-21 13:09:19 +02:00
talyz
d748c86389
nixos/keycloak: Improve readablility by putting executables in PATH
2021-05-21 13:09:14 +02:00
talyz
8309368e4c
nixos/keycloak: Set umask before copying sensitive files
...
`install` copies the files before setting their mode, so there could
be a breif window where the secrets are readable by other users
without a strict umask.
2021-05-21 13:09:09 +02:00
talyz
c2bebf4ee2
nixos/keycloak: Improve bash error handling
2021-05-21 13:09:03 +02:00
talyz
d6727d28e1
nixos/keycloak: Set the postgresql database password securely
...
Feeding `psql` the password on the command line leaks it through the
`psql` process' `/proc/<pid>/cmdline` file. Using `echo` to put the
command in a file and then feeding `psql` the file should work around
this, since `echo` is a bash builtin and thus shouldn't spawn a new
process.
2021-05-21 13:08:53 +02:00
Jonathan Ringer
6b15fdce86
Merge remote-tracking branch 'origin/master' into staging-next
...
Conflicts:
pkgs/shells/ion/default.nix
pkgs/tools/misc/cicero-tui/default.nix
2021-05-20 22:11:42 -07:00
Thiago Kenji Okada
c96586d63f
nixos/noisetorch: init
...
NoiseTorch needs setcap set to 'cap_sys_resource=+ep' to work correctly
accordingly to the README.md:
https://github.com/lawl/NoiseTorch#download--install
So this PR adds it.
2021-05-20 14:15:20 -07:00
Ning Shang
657e924ad8
iso-image: More concise code for fixed order mmd and mcopy operations
...
Thanks @misuzu for the suggestions.
2021-05-20 12:17:04 -07:00
legendofmiracles
af0a54285e
nixos/terraria: open ports in the firewall
2021-05-20 12:11:08 -07:00
Guillaume Girol
0d5fa1cff3
Merge pull request #120622 from symphorien/duplicity-master
...
nixos/duplicity: enable to prevent backup from growing infinitely
2021-05-20 19:00:59 +00:00
Jonas Chevalier
30c021fa15
Merge pull request #123744 from hercules-ci/init-ghostunnel
...
ghostunnel: init
2021-05-20 20:58:41 +02:00
Ning Shang
4db7eb476f
iso-image: Workaround for better determinism in du output
...
The value of du output depends on the underlying file system, and thus is not fully deterministic. This workaround rounds up the disk usage size to the nearest multiple of 1MB, to increase the probability that two du output values on two different file systems fall within the same 1MB window. Note that this workaround won't make du output 100% reproducible, but will increase the probability of getting deterministic builds across different file systems.
2021-05-20 11:01:17 -07:00
Jonathan Ringer
14f3686af1
Merge remote-tracking branch 'origin/master' into staging-next
...
Conflicts:
pkgs/applications/terminal-emulators/alacritty/default.nix
pkgs/servers/clickhouse/default.nix
2021-05-20 09:12:42 -07:00
Emery Hemingway
520b4a8496
nixos: convert netatalk to settings-style configuration
...
Also, set StateDirectory in systemd.….serviceConfig.
2021-05-20 17:39:28 +02:00
Robert Hensing
dc9cb63de4
nixos/ghostunnel: init
2021-05-20 10:41:52 +02:00
Christoph Hrdinka
57acb6f9f7
Merge pull request #123598 from pschyska/master
...
nixos/nsd: make nsd-checkconf work when configuration contains keys (#118140 )
2021-05-20 10:41:30 +02:00