alioth/nixpkgs
3
0
Fork 0
forked from mirrors/nixpkgs
Code Releases Activity
307605 commits 217 branches 116 tags 4 GiB
Commit graph

22697 commits

Author SHA1 Message Date
Doron Behar 3d72b0b6b0
Merge pull request #114241 from sorki/tests/cntr 2021-08-09 05:40:37 +00:00
Martin Weinelt b00dd3ac1f
nixos/tests/prometheus-exporters/kea: drop enable option 
There is no generic services.kea.enable option. Instead kea consists of
four daemons (dhcp4, dhcp6, ddns, ctrlagent) that can be enabled
individually. In this test we're just looking at dhcp6.
 2021-08-09 01:49:54 +02:00
Sandro c9e66e9d45
Merge pull request #111442 from helsinki-systems/wakeonlan 
nixos/wakeonlan: add types
 2021-08-08 20:51:27 +02:00
David Terry c1186b572f
maintainers: xwvvvvwx -> d-xo 2021-08-08 19:11:45 +02:00
Guillaume Girol f626a23cd3
Merge pull request #130522 from Mic92/polkit 
nixos/polkit: put polkituser into polkituser group
 2021-08-08 15:09:15 +00:00
Guillaume Girol 71154a8a8a
Merge pull request #130519 from Mic92/journald 
nixos/journald: don't set nogroup
 2021-08-08 15:02:31 +00:00
Martin Weinelt 23e60ba325
Merge pull request #127606 from vincentbernat/fix/nginx-override-ssl-certs 
nginx: allow overriding SSL trusted certificates when using ACME
 2021-08-08 16:43:27 +02:00
Guillaume Girol 27cf2a42f2
Merge pull request #132872 from wentasah/nullmailer-failed-queue 
nixos/nullmailer: Create "failed" directory
 2021-08-08 14:40:29 +00:00
Guillaume Girol 25b4e3c741
Merge pull request #133098 from erdnaxe/nitter-hardening 
nixos/nitter: systemd unit hardening
 2021-08-08 14:33:23 +00:00
Artturi c10ded1bb2
Merge pull request #131966 from ArctarusLimited/fix/containerd-restart 
nixos/virtualisation/containerd: do not wipe runtime directory on restart or stop
 2021-08-08 17:21:30 +03:00
Vincent Bernat 85209382c1 nginx: allow overriding SSL trusted certificates when using ACME 
Some ACME providers (like Buypass) are using a different certificate
to sign OCSP responses than for server certificates. Therefore,
sslTrustedCertificate should be provided by the user and we need to
allow that.
 2021-08-08 16:07:11 +02:00
Martin Weinelt f49b03c40b
Merge pull request #123258 from mweinelt/acme-hardening 2021-08-08 15:50:24 +02:00
Martin Weinelt a5c6a0006a
Merge pull request #130521 from Mic92/tinc 
nixos/tinc: don't run as nogroup
 2021-08-08 15:39:42 +02:00
Alexandre Iooss 2e8e8f2c92
nixos/nitter: test with CAP_NET_BIND_SERVICE 2021-08-08 15:29:33 +02:00
Alexandre Iooss 9898f7e072
nixos/nitter: systemd unit hardening 2021-08-08 15:28:27 +02:00
Sandro b739a14b37
Merge pull request #121906 from ymarkus/nixos-mullvad 
nixos/mullvad-vpn: fix firewall issues & remove xfix as maintainer
 2021-08-08 15:03:26 +02:00
Martin Weinelt 611bc7c23b
Merge pull request #111692 from lopsided98/chrony-initstepslew-types 
nixos/chrony: split the initstepslew attrset into options
 2021-08-08 15:03:06 +02:00
erdnaxe 7a0c6cdd39
nixos/miniflux: systemd unit hardening (#133123) 2021-08-08 13:58:30 +02:00
lewo 7aa78642c5
Merge pull request #125979 from blaggacao/nixos-test-ref/03-normalse-the-python-entrypoint 
nixos/test-driver: normalize the python entrypoint
 2021-08-08 10:24:47 +02:00
Sandro 7f9530c7c2
Merge pull request #133083 from polykernel/yambar-patch-1 2021-08-08 06:51:26 +02:00
polykernel bc520477f4 yambar: document breaking changes 
* Previously, both the xorg and wayland backend were built into the yambar
  package. The refactor breaks up each backends to its separate, with xorg
  being the default. Thus yambar users on wayland should switch to the
  yambar-wayland package.
 2021-08-08 00:05:40 -04:00
Zane van Iperen 99d8d553da nixos/gitea: init/migrate db in startup script 2021-08-08 12:48:15 +09:00
Rouven Czerwinski 06667df72b
nixos/etc: use runCommandLocal (#133037) 
Instead of setting preferLocalBuild & allowSubstitutes explicitly, use
runCommandLocal which sets the same options.
 2021-08-07 14:56:21 -04:00
Martin Weinelt 4704dc2f1b
Merge pull request #130625 from rski/openrazer 2021-08-07 15:32:04 +02:00
Pascal Bach 463be7303e
Merge pull request #118855 from bachp/unifi-harden 
nixos/unifi: harden service
 2021-08-07 14:48:25 +02:00
Domen Kožar 2904cd7521
Merge pull request #132883 from Kranzes/bump-pipewire 
pipewire: 0.3.32 -> 0.3.33
 2021-08-07 12:47:25 +02:00
Sandro 53947a60c1
Merge pull request #132735 from ivan/victoriametrics-panic 
nixos/victoriametrics: set LimitNOFILE=1048576 to fix panic and restart loop
 2021-08-07 12:34:31 +02:00
Sandro 3384abd78a
Merge pull request #127711 from eadwu/nvidia_x11/127693 2021-08-07 12:24:35 +02:00
Romanos Skiadas 465c9269dd nixos/openrazer: Add a users option 2021-08-07 12:10:43 +03:00
Romanos Skiadas 42c6771744 nixos/openrazer: Change plugdev group to openrazer 
For security reasons, and generally, it is best to create a more fine
grained group than plugdev. This way users that wish to tweak razer
devices don't have access to the entire plugdev group's permissions.

This is of course a breaking change.
 2021-08-07 12:09:44 +03:00
Ninjatrappeur d00f146ca5
Merge pull request #132932 from NinjaTrappeur/nin-fix-prosody-test 
nixos/nixosTests.prosody: extend self-signed cert expiration date
 2021-08-07 10:29:11 +02:00
Edmund Wu 573aae39e2
nixos/modules: assertion for required PM files 2021-08-07 01:41:58 -04:00
Artturi 8072e71d8e
Merge pull request #132853 from peterhoeg/f/devmon 
Revert "nixos/devmon: add systemd service"
 2021-08-07 02:34:09 +03:00
Artturi 7d45138e68
Merge pull request #127402 from sigprof/nixos-ssh-askpass-args 
nixos/ssh: fix passing arguments to ssh-askpass
 2021-08-07 02:30:28 +03:00
Félix Baylac-Jacqué 6325d15e90
nixosTests.prosody: extend- self-signed cert expiration date 
The test certificate expiration date was set to the default 30 days.
This certificate is generated through its own derivation. As with
every derivation, it gets cached by cache.nixos.org once we build it.

In practice, we rebuild this derivation only if one of its input
changes. The only inputs here being openssl and stdenv.

While it's not an issue on the unstable branches, it can be
problematic on a stable release: the test will fail after 30 days.

Extending the certificate lifespan from 1 month to 100 years to prevent
it from getting expired while being cached.

See
https://github.com/NixOS/nixpkgs/pull/132898#issuecomment-894495057
for more context.
 2021-08-06 23:46:17 +02:00
Timothy DeHerrera cc455c004a
Merge pull request #132895 from poscat0x04/chrony-dns 
nixos/chrony: wait for DNS services to start up before starting
 2021-08-06 13:02:08 -06:00
Maximilian Bosch 67a5d63b33
Merge pull request #131867 from maxeaubrey/traefik_2.4.12 
traefik: 2.4.8 -> 2.4.13
 2021-08-06 18:55:07 +02:00
Ilan Joselevich a876500f5d pipewire: updated JSON configs 2021-08-06 16:50:56 +03:00
Poscat 6e3cecf1f7
nixos/chrony: wait for dns services to start up before starting 2021-08-06 21:03:55 +08:00
Michal Sojka a2943e74e3 nixos/nullmailer: Create "failed" directory 
Nullmailer expects that this directory exists (see
073f4e9c5d/doc/nullmailer-send.8 (L185)).
When it doesn't and an email cannot be sent due to a permanent failure
or has been in the queue longer than queuelifetime (7 days), message
"Can't rename file: No such file or directory" starts appearing in the
log and nullmailer never sends "Could not send message" notification.
This means that the user may never learn that his email was not
delivered.
 2021-08-06 10:48:19 +02:00
Peter Hoeg 8b167a0c11 Revert "nixos/devmon: add systemd service" 
This reverts commit 1db44c4ff1.
 2021-08-06 13:43:24 +08:00
Jörg Thalheim de5a599492
Merge pull request #130429 from Ninlives/yubico_chlrep 
nixos/pam: allow users to set the path to store yubikey challenge file
 2021-08-06 05:23:10 +01:00
David Arnold 926fb93968
nixos/tests/test-driver: normalise test driver entrypoint(s) 
Previously the driver was configured exclusively through convoluted
environment variables.

Now the driver's defaults are configured through env variables.

Some additional concerns are in the github comments of this PR.
 2021-08-05 19:07:11 -05:00
Jörg Thalheim 8c5c0d6748 nixos: fix zinputrc on flake-enabled systems 2021-08-05 22:19:37 +02:00
Michael Weiss c4c087da21
nixos/tests/signal-desktop: Improve the DB test 
The command "file ~/.config/Signal/sql/db.sqlite | grep 'db.sqlite: data'"
can randomly fail because "file" sometimes recognizes the "random"
(encrypted) data as something. This occasionally causes test failures,
e.g. [0] were it was recognized as "PGP Secret Sub-key -" or in another
instance as an ext4 filesystem [1].

[0]: https://github.com/NixOS/nixpkgs/pull/132644#issuecomment-892601504
[1]: https://social.primeos.dev/notice/A7H8VWV0KtQHUZZIsC
 2021-08-05 18:26:59 +02:00
Robert Hensing c5373ce006
Merge pull request #132593 from rycee/postgresql-backup-compression 
nixos postgresql-backup: add `compression` option
 2021-08-05 13:20:40 +02:00
Benjamin Smith 45c4b6b9e4
Apache Kafka: add 2.7.1 and 2.8.0 (#128043) 2021-08-05 13:01:59 +02:00
Yaroslav Bolyukin b7e79637ba plasma5: install plasma-systemmonitor by default 
As ksysguard was replaced, and it was installed by default

Signed-off-by: Yaroslav Bolyukin <iam@lach.pw>
 2021-08-05 17:01:19 +09:00
Yaroslav Bolyukin b0f1caf522 ksystemstats: init at 5.22.0 
Signed-off-by: Yaroslav Bolyukin <iam@lach.pw>
 2021-08-05 17:01:19 +09:00
Yaroslav Bolyukin 85dcd8d3ed ksysguard: replace with throw alias 
It was deprecated in favour of system-monitor

Signed-off-by: Yaroslav Bolyukin <iam@lach.pw>
 2021-08-05 17:01:19 +09:00