alioth/nixpkgs
3
0
Fork 0
forked from mirrors/nixpkgs
Code Releases Activity
383592 commits 217 branches 121 tags 4.5 GiB
Commit graph

1679 commits

Author SHA1 Message Date
Nguyễn Gia Phong 22f3d4e4db
nixos: move matrix services into their category 2022-06-06 13:50:58 +09:00
Emery Hemingway 2d012163f2 nixos/uhub: fix plugins, set CAP_NET_BIND_SERVICE 
Fix generation of the plugins configuration and allow binding to
"privileged" ports.
 2022-06-05 13:58:26 -05:00
Martin Weinelt 5a188dfbca
Merge pull request #175729 from DeterminateSystems/jellyfin-fix 2022-06-01 17:19:49 +02:00
Linus Heckemann 7eab23d517 jellyfin: fix permissions on state directory 
Previously, all configuration and state data was accessible to all
users on the system running jellyfin. This included user passwords in
the Jellyfin database, as well as credentials for LDAP if configured.
The exact set of accessible data depends on system configuration.

Thanks to Sofie Finnes Øvrelid for reporting this issue.

Fixes: CVE-2022-32198

Co-Authored-By: Martin Weinelt <hexa@darmstadt.ccc.de>
 2022-06-01 12:31:23 +02:00
Sandro 8d8e031d25
Merge pull request #133771 from erdnaxe/libreddit_fix 
nixos/libreddit: service hardening and test
 2022-05-31 21:53:51 +02:00
linj 37792e5766 nixos/dendrite: add an option loadCredential 
systemd-247 provides a mechanism called LoadCredential for secrets and
it is better than environment file. See the section of Environment=
in the manual of systemd.exec for more information.

Some options in config.yaml need values to be strings, which currently
can be used with environmentFile but not loadCredential. But it's
possible to use loadCredential for those options, e.g. we can
substitute their values in ExecStart, but not in ExecStartPre due to
[1].

[1]: https://github.com/systemd/systemd/issues/19604
 2022-05-29 13:34:14 -07:00
Benno Bielmeier d156db7d17 nixos/gollum: add option 'no-edit' 2022-05-22 15:06:00 +02:00
Benno Bielmeier 8e7b82be49 nixos/gollum: add option 'user-icons' 2022-05-22 15:06:00 +02:00
Benno Bielmeier 8a770f06a2 gollum: refactor package 
use `bundlerApp` in preference to `stdenv.mkDerivation`
 2022-05-22 15:06:00 +02:00
Yureka 821724b184 nixos/gitlab: support 15.x 2022-05-22 13:09:36 +02:00
Ian Kerins 560ca02280 nixos/nitter: update example configuration file URL 
It was moved.
 2022-05-16 10:16:06 -05:00
Aaron Andersen 82716bddb5
Merge pull request #170079 from bb2020/mbpfan 
nixos/mbpfan: minor changes
 2022-05-14 22:13:05 -04:00
Nick Cao 82f0b53588
dendrite: 0.8.1 -> 0.8.4 2022-05-11 18:40:05 +08:00
bb2020 8bdcffc4fe nixos/mbpfan: minor changes 2022-05-10 15:40:17 +03:00
Martin Weinelt e237f3e459
Merge pull request #171716 from piegamesde/heisenbridge-module 2022-05-05 23:30:09 +02:00
piegames 6b1dcbb1db nixos/heisenbridge: Fix stupid typo 2022-05-05 23:26:01 +02:00
Robert Hensing e4054fe0a9
Merge pull request #169310 from Xiami2012/zookeeper-jre 
nixos/zookeeper: Take the same JRE we build zookeeper with by default
 2022-05-02 10:51:42 +02:00
Xiami b43999bea0
nixos/zookeeper: Remove .passthru as suggested 2022-04-26 18:44:37 +08:00
Anders Kaseorg 6920d8ca42 treewide: Simplify negated uses of versionAtLeast, versionOlder 
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
 2022-04-25 13:35:24 -07:00
Sandro 786f0c486b
Merge pull request #159103 from pacien/nixos-taskserver-firewall-no-port-open 
nixos/taskserver: do not open firewall port implicitly, port helper to Python 3
 2022-04-21 01:56:36 +02:00
Xiami 1637e039d2
nixos/zookeeper: Take the same JRE we build zookeeper with 2022-04-19 18:56:00 +08:00
github-actions[bot] f6bedc13d1
Merge master into staging-next 2022-04-17 18:01:03 +00:00
Martin Weinelt 5bd659fb4d
Merge pull request #167866 from NickCao/dendrite-limit 2022-04-17 16:01:34 +02:00
Nick Cao b79e0a0e06
nixos/dendrite: set LimitNOFILE to 65535 2022-04-16 10:49:01 +08:00
Martin Weinelt a7fc5aaa76 Merge remote-tracking branch 'origin/master' into staging-next 2022-04-15 13:30:48 +02:00
Michele Guerini Rocco 09f816e976
Merge pull request #156401 from TLATER/tlater/gitea-hide-secrets 
nixos/gitea: Prevent secrets from being exposed at ExecStart time
 2022-04-15 10:26:12 +02:00
Vladimír Čunát d5d94127fd
Merge branch 'staging-next' into staging 
Minor conflicts; I hope I didn't mess up:
	pkgs/development/tools/misc/binutils/default.nix
	pkgs/games/openjk/default.nix
 2022-04-14 09:53:21 +02:00
Erik Arvstedt 0977227b86
nixos/paperless-ng: rename to paperless, use paperless-ngx package 
Use this opportunity to rename `paperless-(ng)-server` to `paperless-scheduler`.
This follows the naming scheme in the paperless repo and docs.
 2022-04-12 18:15:44 +02:00
Erik Arvstedt 46c3331384
nixos/paperless-ng: simplify redis logic 
- Rename `hasCustomRedis` -> `enableRedis`
- Extract var `redisServer`
 2022-04-12 18:06:34 +02:00
Erik Arvstedt 69319ee4a6
nixos/paperless-ng: fix /proc access for service 
This allows django-q to set the number of workers according to the CPU
core count and to show memory stats via `manage.py qmonitor`.
This also fixes a non-critical psutil error in paperless-ng-server.
 2022-04-11 22:46:44 +02:00
Erik Arvstedt 308c4bf0f7
nixos/paperless-ng: minor improvments 
Service:
- Fix misleading comment:
  We could in fact implement password copying as a preStart script by
  amending BindReadOnlyPaths, but adding an extra service is simpler.

Test:
- Add more detailed subtest names
- Simplify date check
 2022-04-11 22:46:43 +02:00
github-actions[bot] f303d4de3b
Merge staging-next into staging 2022-04-09 12:02:07 +00:00
Frederik Rietdijk 1d63f89caa cudaPackages: overhaul of how we package cuda packages 
There are many different versions of the `cudatoolkit` and related
cuda packages, and it can be tricky to ensure they remain compatible.

- `cudaPackages` is now a package set with `cudatoolkit`, `cudnn`, `cutensor`, `nccl`, as well as `cudatoolkit` split into smaller packages ("redist");
- expressions should now use `cudaPackages` as parameter instead of the individual cuda packages;
- `makeScope` is now used, so it is possible to use `.overrideScope'` to set e.g. a different `cudnn` version;
- `release-cuda.nix` is introduced to easily evaluate cuda packages using hydra.
 2022-04-09 08:50:22 +02:00
Martin Weinelt cc774b5792 Merge remote-tracking branch 'origin/staging-next' into staging 2022-04-07 12:12:57 +02:00
sternenseemann fb2fc3b4a4 Merge remote-tracking branch 'origin/master' into haskell-updates 2022-04-05 21:21:42 +02:00
Martin Weinelt bf1914e12a Merge remote-tracking branch 'origin/staging-next' into staging 2022-04-05 04:05:02 +02:00
github-actions[bot] 789aea7658
Merge master into haskell-updates 2022-04-05 00:11:09 +00:00
github-actions[bot] 5844b1c2fa
Merge master into staging-next 2022-04-04 18:01:27 +00:00
Bjørn Forsman c1af79c69d nixos/ethminer: only pull in nvidia_x11 when needed 
Only people using CUDA need it.
 2022-04-04 19:27:20 +02:00
github-actions[bot] 17eb9da14b
Merge staging-next into staging 2022-04-04 12:06:26 +00:00
github-actions[bot] ee8677862d
Merge master into staging-next 2022-04-04 12:01:25 +00:00
Bjørn Forsman 966953354c nixos/ethminer: fix option types for maxPower, recheckInterval 
Neither power nor time intervals can be negative, let's use unsigned
int.
 2022-04-04 11:50:24 +02:00
Bjørn Forsman 5e38d36a6b nixos/ethminer: only pull in cudatoolkit when needed 2022-04-04 11:50:24 +02:00
Tristan Daniël Maat 3a86b88ef1
nixos/gitea: Prevent secrets from being exposed at ExecStart time 
This addresses #156400 for Gitea.
 2022-04-04 01:12:27 +01:00
sternenseemann 103d171526
Merge pull request #166548 from sternenseemann/fix-ghclibdir-computation 
[haskell-updates] ghcWithPackages: fix ghclibdir computation with variantSuffix
 2022-04-03 14:22:34 +02:00
Alyssa Ross 8ba23e138d
Merge remote-tracking branch 'nixpkgs/staging-next' into staging 
Conflicts:
	pkgs/development/libraries/zlib/default.nix
	pkgs/development/lua-modules/overrides.nix
 2022-04-02 16:45:48 +00:00
github-actions[bot] 5e1c018e60
Merge master into staging-next 2022-04-01 06:01:23 +00:00
Dominique Martinet e92c05349c nixos/logrotate: convert to freeform 
using freeform is the new standard way of using modules and should replace
extraConfig.
In particular, this will allow us to place a condition on mails
 2022-04-01 07:09:26 +09:00
github-actions[bot] be4f006d3c
Merge master into staging-next 2022-03-31 18:01:13 +00:00
Martin Weinelt e80642bdcb
Merge pull request #165772 from alarsyo/paperless-ng-mail-fix 2022-03-31 16:52:06 +02:00