3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

17906 commits

Author SHA1 Message Date
xeji 89e0d97d7e
Merge pull request #93538 from erictapen/tinc-rsa-key-file
nixos/tinc: allow configuration of RSA private key file
2020-08-01 23:32:26 +02:00
Maximilian Bosch 029e93391e
Merge pull request #94369 from Ma27/vrf-tcp-test
nixos/systemd-networkd-vrf: implement working TCP test on a 5.x kernel
2020-08-01 22:54:31 +02:00
Jörg Thalheim 633958732d
Merge pull request #94064 from Mic92/tlp
tlp: use structured config to fix cpu governor
2020-08-01 10:23:44 +01:00
Maximilian Bosch 37e3cadb8b
nixos/systemd-networkd-vrf: implement working TCP test on a 5.x kernel
By design, VRFs allow route-leaking for forwarded packages, but not for
local processes using a socket. While it was possible to leak such TCP
traffic through a VRF on a 4.x kernel, this behavior was considered
wrong and got fixed in Linux 5.x[1].

From now on, local unix sockets must run in the VRF itself using
`ip vrf exec`[2] which basically injects a BPF program into the VRF and
drops elevated networking capabilities by default for the specified
command.

[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3c82a21f4320c8d54cf6456b27c8d49e5ffb722e
[2] https://man7.org/linux/man-pages/man8/ip-vrf.8.html
2020-07-31 21:06:00 +02:00
Emery Hemingway 3f922834b8 nixos/lib/make-disk-image.nix: abritary format input
Pass unrecognized format types as the output file extension to
qemu-img. The motivation is support for "vdi" output.
2020-07-31 15:33:08 +02:00
Sarah Brofeldt c5a1eafc1b
Merge pull request #94243 from johanot/dockertools-fix-nixstore-perms
dockertools: fix buildLayeredImage nix-store permissions
2020-07-31 10:38:37 +02:00
Johan Thomsen f5db415e2f nixos/tests/dockerTools: add test for running non-root containers with buildLayeredImage
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2020-07-31 10:14:07 +02:00
zowoq b6ce3db981 nixos/doc/*: editorconfig fixes 2020-07-31 15:08:54 +10:00
Matthew Bauer 67b6e56391 nixos/nix-daemon.nix: fix nix.distributedBuilds assertion 2020-07-30 21:38:24 -05:00
Matthew Bauer ed1423b03c
Merge pull request #92415 from matthewbauer/nix-daemon-distributed-builds
Add assertion on distributedBuilds & buildMachines != []
2020-07-30 19:56:23 -05:00
Matthew Bauer 250885d0ca nixos/nix-daemon.nix: assert distributedBuilds and buildMachines!=[]
Without distributedBuilds, you can’t use buildMachines flag.

Fixes #56593
2020-07-30 19:55:12 -05:00
Maximilian Bosch ee06b3047e
Merge pull request #94253 from fadenb/graylog_3.3.3
graylog: 3.3.2 -> 3.3.3
2020-07-30 22:00:47 +02:00
Tristan Helmich (omniIT) 70be15c91b doc/rl-2009: Add warning on Graylog changes in version 3.3.3 2020-07-30 19:16:12 +00:00
worldofpeace b21c16fc5e
Merge pull request #83911 from mkg20001/boot-persistence
stage-1-init: add boot.persistence option
2020-07-30 14:56:06 -04:00
worldofpeace 08bc533dc6
Merge pull request #86480 from mkg20001/steam-module
nixos/steam: init
2020-07-30 14:51:58 -04:00
Maciej Krüger 2d63269e0d
doc/rl-2009: document new steam module in release notes 2020-07-30 20:26:34 +02:00
Maciej Krüger 1e98e895fa
nixos/steam: init 2020-07-30 20:23:57 +02:00
Jörg Thalheim a7888ee7f6
Merge pull request #94183 from fgaz/pt2-clone/1.22
pt2-clone: 1.20 -> 1.22, add nixos test
2020-07-30 12:54:49 +01:00
Marek Mahut 008deafb4b
Merge pull request #94167 from 1000101/blockbook-frontend
nixos/blockbook-frontend: adjust tests to bitcoind
2020-07-30 10:43:32 +02:00
Milan e49fb87b05
nixos/gitlab-runner: add clone-url option (#93894) 2020-07-30 10:24:33 +02:00
Keshav Kini 5e86bba082 nixos/boot: some documentation improvements
- Give a more accurate description of how fileSystems.<name/>.neededForBoot
  works

- Give a more detailed description of how fileSystems.<name/>.encrypted.keyFile
  works
2020-07-29 14:39:21 -07:00
Francesco Gazzetta 4436c0151e pt2-clone: add nixos test 2020-07-29 19:45:03 +02:00
Milan Pässler 2d819e968e nixos/mautrix-telegram: fix base-config path 2020-07-29 16:34:30 +02:00
1000101 046a80f7a4 nixos/blockbook-frontend: adjust tests to bitcoind 2020-07-29 12:58:25 +02:00
Peter Hoeg e3d45be66f
Merge pull request #93699 from NixOS/f/do
nixos/do-agent: use .service from upstream
2020-07-29 09:13:56 +08:00
Lassulus 77cf1a6581
Merge pull request #89331 from Lassulus/make-disk-image
make-disk-image: add hybrid and dynamic sized images
2020-07-28 20:34:20 +02:00
Jörg Thalheim 4d0077addd
tlp: use structured config to fix cpu governor
Previously this module just disabled them.
Now tlp merges system defaults in
2020-07-28 09:41:18 +01:00
worldofpeace 654b66e0e4
Merge pull request #93963 from seqizz/g_typo_environment
treewide: fix typo on word environment
2020-07-28 02:18:28 -04:00
Gürkan Gür eb627de968 treewide: fix typo on word environment 2020-07-28 08:00:38 +02:00
lassulus 883a6079fd make-disk-image: add hybrid and dynamic sized images 2020-07-27 19:45:55 +02:00
Marek Mahut b415ebae97
Merge pull request #93700 from 1000101/bitcoind
nixos/bitcoind: change to multi-instance + add tests
2020-07-27 12:55:29 +02:00
1000101 a5ba1315c2 release-notes/rl-2009: document bitcoind incompatibility 2020-07-27 11:27:50 +02:00
1000101 95440f040e nixos/bitcoind: minor refactoring 2020-07-27 10:40:06 +02:00
worldofpeace f84ee806e3 nixos/release: add pantheon closure 2020-07-26 15:30:08 -04:00
Silvan Mosberger ff5bdca1ed
Merge pull request #93813 from bobismijnnaam/update-wpa-supplicant-config
Ensure wpa_supplicant.conf is written when userControlled and extraConfig are used
2020-07-26 16:43:56 +02:00
Jan Tojnar a86f4110a7
Merge pull request #93771 from jtojnar/flatpak-1.8 2020-07-26 13:56:16 +02:00
Jan Tojnar 5d3f240ebd
Merge pull request #93712 from jtojnar/malcontent-0.8
malcontent: 0.7.0 → 0.8.0
2020-07-26 13:55:02 +02:00
Charlotte Van Petegem 8eca34dd16 nixos/tests/networking: fix macvlan tests
The range option still needs to be defined in dhcpd4 to be able to give out static IP addresses
2020-07-26 12:44:05 +02:00
Florian Klink ebfae82674 nixos/yubikey-agent: add missing mkIf
This accidentially added pkgs.yubikey-agent to
environment.systemPackages unconditionally.
2020-07-26 09:34:24 +02:00
Vladimír Čunát 5475b84859
nixos/tests/installer lvm: increase partition size
We apparently didn't fit anymore.  I don't think this test is meant
to (also) check closure size.
2020-07-25 22:57:27 +02:00
ajs124 2a2b31ba4a nixos/tasks/lvm: fix systemd tmpfiles 2020-07-25 20:43:12 +02:00
Emery Hemingway d800d1e884 fixup! nixos/yggdrasil: add manual section 2020-07-25 16:34:20 +02:00
Emery Hemingway 764a9252a3 nixos/yggdrasil: add manual section 2020-07-25 16:34:20 +02:00
Emery Hemingway 39deb82e4b nixos/yggdrasil.nix: test 300::/7 addresses 2020-07-25 16:34:20 +02:00
Emery Hemingway a8780387ba nixos/dhcpd: make authoritative mode optional
There are circumstances where running secondary DHCP servers in
non-authoritative mode is advantageous. Retain the previous
authoritative behavior as a default.
2020-07-25 16:33:04 +02:00
Vladimír Čunát 2b7c0dcdaa
Merge branch 'staging-next'
Rebuild on Hydra seems OK-ish.
mongodb.nix needed some conflict resolution (scons versions);
all four versions seem to build fine.
2020-07-25 16:18:40 +02:00
Bob Rubbens 71ea6a9a41 nixos/wpa_supplicant: update config generation
Ensure wpa_supplicant.conf is also generated when userControlled and
extraConfig are used. (As discussed in issue #59959)
2020-07-25 14:24:57 +02:00
Jan Tojnar 352749e577
ostree: enable ed25519 support
This was omitted in the latest update.

Only adds ~400 KB.

It required adding openssl to tests so I tacked on some cleanups.
In particular, the GI_TYPELIB_PATH was already being set in the wrapper
so we can remove it from the module (not sure why Gtk was even there).

Also switched away from using pkgconfig and docbook_xsl aliases
and reordered the expression a bit.
2020-07-25 12:54:18 +02:00
Lassulus 032775d0ac
Merge pull request #93788 from chkno/syncthing-test
nixos/tests: Add test for syncthing
2020-07-25 11:40:06 +02:00
Sebastien Bourdeauducq ecafef0dd8 pam_p11: add 2020-07-25 09:37:48 +02:00