3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

85 commits

Author SHA1 Message Date
Maximilian Bosch e1e15974f8
nextcloud20: drop
The version 20 of Nextcloud will be EOLed by the end of this month[1].

Since the recommended default (that didn't raise an eval-warning) on
21.05 was Nextcloud 21, this shouldn't affect too many people.

In order to ensure that nobody does a (not working) upgrade across
several major-versions of Nextcloud, I replaced the derivation of
`nextcloud20` with a `throw` that provides instructions how to proceed.

The only case that I consider "risky" is a setup upgraded from 21.05 (or
older) with a `system.stateVersion` <21.11 and with
`services.nextcloud.package` not explicitly declared in its config. To
avoid that, I also left the `else-if` for `stateVersion < 21.03` which
now sets `services.nextcloud.package` to `pkgs.nextcloud20` and thus
leads to an eval-error. This condition can be removed
as soon as 21.05 is EOL because then it's safe to assume that only
21.11. is used as stable release where no Nextcloud <=20 exists that can
lead to such an issue.

It can't be removed earlier because then every `system.stateVersion <
21.11` would lead to `nextcloud21` which is a problem if `nextcloud19`
is still used.

[1] https://docs.nextcloud.com/server/20/admin_manual/release_schedule.html
2021-10-25 01:34:47 +02:00
Lara 49573709c5 nextcloud: 20.0.12 -> 20.0.13, 21.0.4 -> 21.0.5, 22.1.1 -> 22.2.0 2021-09-30 21:42:28 +00:00
Maximilian Bosch 6907126241
nextcloud22: 22.1.0 -> 22.1.1
Changes: https://github.com/nextcloud/server/compare/v22.1.0...v22.1.1
2021-08-27 17:50:41 +02:00
Maximilian Bosch 985d9f39ae
nextcloud22: 22.0.0 -> 22.1.0
ChangeLog: https://nextcloud.com/changelog/#22-1-0
2021-08-06 19:26:08 +02:00
Maximilian Bosch 20707acda8
nextcloud21: 21.0.3 -> 21.0.4
ChangeLog: https://nextcloud.com/changelog/#21-0-4
2021-08-06 19:25:39 +02:00
Maximilian Bosch be5d310839
nextcloud20: 20.0.11 -> 20.0.12
ChangeLog: https://nextcloud.com/changelog/#20-0-12
2021-08-06 19:24:50 +02:00
Maximilian Bosch e05f4101c1
nextcloud22: init at 22.0.0 2021-07-08 17:00:04 +02:00
Maximilian Bosch b922990a8e
nextcloud19: remove
I'm very sorry, this should've happened before the release, but we can
still mark it as insecure on 21.05 and remove it on `master`.
2021-07-08 16:29:45 +02:00
Maximilian Bosch d45672d059
nextcloud20: 20.0.7 -> 20.0.11
ChangeLog: https://nextcloud.com/changelog/#20-0-11
2021-07-08 12:13:38 +02:00
Benno Bielmeier 765c1b3144
nextcloud: 21.0.2 -> 21.0.3 2021-07-08 09:56:39 +02:00
Robbert Gurdeep Singh fa4aa72508 nextcloud: add preInstall and postInstall hook calls 2021-05-21 10:33:13 +02:00
Robbert Gurdeep Singh 63542dbf0a nextcloud: 21.0.1 -> 21.0.2 2021-05-21 08:33:10 +02:00
Robbert Gurdeep Singh c3367cc4f7 nextcloud: 21.0.0 -> 21.0.1 2021-04-09 09:02:34 +02:00
Maximilian Bosch b1ef946de6
nextcloud19: update todo note 2021-03-04 21:15:18 +01:00
Maximilian Bosch f7011c70f3
nextcloud21: init at 21.0.0, set as default version
ChangeLog: https://nextcloud.com/changelog/#latest21

* Packaged 21.0.0, test-deployed it to my personal instance and tested
  the most basic functionality (`davfs2`-mount, {card,cal}dav sync, file
  management).

* Bumped the default version for unstable/21.05 to `nextcloud21`. Since
  `nextcloud20` was added after the release of 20.09 (and thus the
  default on 20.09 is still `nextcloud19`), it's now needed to upgrade
  across two majors.

  This is not a problem though since it's possible to upgrade to v20 on
  20.09 already and if not, the module will guard the administrator
  through the upgrade with eval warnings as it's the case since 20.03.

* Dropped `nextcloud17` attribute and marked `nextcloud18` as EOL.
2021-02-22 13:04:42 +01:00
Antoine Eiche 99a482aca4 nextcloud: 20.0.6 -> 20.0.7 2021-02-06 22:14:10 +01:00
Robbert Gurdeep Singh f179c0f047 nextcloud: 20.0.5 -> 20.0.6
sha from https://download.nextcloud.com/server/releases/nextcloud-20.0.6.tar.bz2.sha256

Signed-off-by: Robbert Gurdeep Singh <git@beardhatcode.be>
2021-01-31 16:43:05 +01:00
Robbert Gurdeep Singh 6fb0c40bbf nextcloud: 20.0.4 -> 20.0.5
Signed-off-by: Robbert Gurdeep Singh <git@beardhatcode.be>
2021-01-18 09:19:22 +01:00
Profpatsch 4a7f99d55d treewide: with stdenv.lib; in meta -> with lib;
Part of: https://github.com/NixOS/nixpkgs/issues/108938

meta = with stdenv.lib;

is a widely used pattern. We want to slowly remove
the `stdenv.lib` indirection and encourage people
to use `lib` directly. Thus let’s start with the meta
field.

This used a rewriting script to mostly automatically
replace all occurances of this pattern, and add the
`lib` argument to the package header if it doesn’t
exist yet.

The script in its current form is available at
https://cs.tvl.fyi/depot@2f807d7f141068d2d60676a89213eaa5353ca6e0/-/blob/users/Profpatsch/nixpkgs-rewriter/default.nix
2021-01-11 10:38:22 +01:00
Maximilian Bosch 78f022e791
nextcloud: improve documentation on defaults
* It should be made explicit in the eval-error that the CVE only affects
  a component which is turned off by default.
* For more clarity, the default version used by the module is noted in
  the manual.

Closes #108419
2021-01-05 22:32:05 +01:00
Maximilian Bosch 6d0745a454
nextcloud20: 20.0.3 -> 20.0.4
ChangeLog: https://nextcloud.com/changelog/#20-0-4
2020-12-16 11:59:59 +01:00
Maximilian Bosch 520b10453f
nextcloud: 19.0.4 -> 19.0.6, 20.0.1 -> 20.0.3, mark v19 as insecure
ChangeLogs:

* https://nextcloud.com/changelog/#20-0-3
* https://nextcloud.com/changelog/#19-0-6

For Nextcloud 20, security advisories for CVE-2020-8259[1] &
CVE-2020-8152[2] were published. The only way to fix those is to upgrade
to v20, although v19 and v18 are supported, the issue won't be fixed
there[3].

Even though both CVEs are only related to the encryption module[4] which
is turned off by default, I decided to add a vulnerability note to
`nextcloud19` since CVE-2020-8259's is rated as "High" by NIST (in
contrast to Nextcloud which rates it as "Low").

If one is not affected by the issue, `nextcloud19` can still be used by
declaring `permittedInsecurePackages`[5].

[1] https://nvd.nist.gov/vuln/detail/CVE-2020-8259,
    https://nextcloud.com/security/advisory/?id=NC-SA-2020-041
[2] https://nvd.nist.gov/vuln/detail/CVE-2020-8152,
    https://nextcloud.com/security/advisory/?id=NC-SA-2020-040
[3] https://help.nextcloud.com/t/fixes-for-cve-2020-8259-cve-2020-8152-in-nextcloud-18-19/98289
[4] https://docs.nextcloud.com/server/20/admin_manual/configuration_files/encryption_configuration.html
[5] https://nixos.org/manual/nixpkgs/stable/#sec-allow-insecure

Closes #106212
2020-12-11 12:39:57 +01:00
Konrad Borowski 7a36e41375 nextcloud18: 18.0.9 -> 18.0.10 2020-11-03 11:26:46 +01:00
Konrad Borowski 055a9adabf nextcloud19: 19.0.3 -> 19.0.4 2020-11-03 11:26:46 +01:00
Jörg Thalheim 753f5ee01d
nextcloud: 20.0.0 -> 20.0.1 2020-10-26 05:06:34 +01:00
Maximilian Bosch 71098fba81
nextcloud20: init 2020-10-04 21:55:58 +02:00
Maximilian Bosch 6b48deee54
nixos/nextcloud: drop nextcloud17, deprecate nextcloud18
Both packages will get EOLed within the lifetime of 20.09. `nextcloud17`
can be removed entirely (the attribute-path is kept however to provide
meaningful errors), however `nextcloud18` must be kept as `insecure` to
make sure that users from `nextcloud17` can properly upgrade to
`nextcloud19` on NixOS 20.09.
2020-09-27 19:21:21 +02:00
Martin Puppe 731d55baad
nextcloud18: 18.0.7 -> 18.0.9 2020-09-20 18:50:20 +02:00
Martin Puppe 85ece7792b
nextcloud19: 19.0.1 -> 19.0.3 2020-09-20 18:50:17 +02:00
Maximilian Bosch 2d543718fb
nextcloud: 19.0.0 -> 19.0.1
https://nextcloud.com/changelog/#19-0-1
2020-07-20 21:47:11 +02:00
Daniel Frank 34ec5c7b67
nextcloud: 18.0.6 -> 18.0.7 2020-07-16 17:14:21 +02:00
Maximilian Bosch a2a5aa2634
nextcloud19: init at 19.0.0
https://nextcloud.com/blog/nextcloud-hub-brings-productivity-to-home-office/
2020-06-19 22:16:52 +02:00
Daniel Frank 660973d823
nextcloud: 18.0.4 -> 18.0.6 2020-06-14 01:54:03 +02:00
Martin Milata ed301e7158 nextcloud18: 18.0.3 -> 18.0.4
Changes: https://nextcloud.com/changelog/#latest18
2020-05-18 20:06:01 +02:00
Martin Milata cd2a208bdb nextcloud17: 17.0.4 -> 17.0.6
Changes: https://nextcloud.com/changelog/#latest17

Fixes: https://nvd.nist.gov/vuln/detail/CVE-2020-8154
2020-05-18 20:00:43 +02:00
Maximilian Bosch 1b95c71989
nextcloud*: add passthru.tests to reference VM-tests 2020-04-16 02:31:54 +02:00
Michael Reilly 84cf00f980
treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
Daniel Frank 2496942c7a
nextcloud: 18.0.2 -> 18.0.3 2020-03-29 23:54:53 +02:00
Maximilian Bosch 702f645aa8
nixos/nextcloud: implement a safe upgrade-path between 19.09 and 20.03
It's impossible to move two major-versions forward when upgrading
Nextcloud. This is an issue when comming from 19.09 (using Nextcloud 16)
and trying to upgrade to 20.03 (using Nextcloud 18 by default).

This patch implements the measurements discussed in #82056 and #82353 to
improve the update process and to circumvent similar issues in the
future:

* `pkgs.nextcloud` has been removed in favor of versioned attributes
  (currently `pkgs.nextcloud17` and `pkgs.nextcloud18`). With that
  approach we can safely backport major-releases in the future to
  simplify those upgrade-paths and we can select one of the
  major-releases as default depending on the configuration (helpful to
  decide whether e.g. `pkgs.nextcloud17` or `pkgs.nextcloud18` should be
  used on 20.03 and `master` atm).

* If `system.stateVersion` is older than `20.03`, `nextcloud17` will be
  used (which is one major-release behind v16 from 19.09). When using a
  package older than the latest major-release available (currently v18),
  the evaluation will cause a warning which describes the issue and
  suggests next steps.

  To make those package-selections easier, a new option to define the
  package to be used for the service (namely
  `services.nextcloud.package`) was introduced.

* If `pkgs.nextcloud` exists (e.g. due to an overlay which was used to
  provide more recent Nextcloud versions on older NixOS-releases), an
  evaluation error will be thrown by default: this is to make sure that
  `services.nextcloud.package` doesn't use an older version by accident
  after checking the state-version. If `pkgs.nextcloud` is added
  manually, it needs to be declared explicitly in
  `services.nextcloud.package`.

* The `nixos/nextcloud`-documentation contains a
  "Maintainer information"-chapter  which describes how to roll out new
  Nextcloud releases and how to deal with old (and probably unsafe)
  versions.

Closes #82056
2020-03-25 22:07:29 +01:00
Daniel Frank 09dea9e30d Nextcloud: 18.0.1 -> 18.0.2 2020-03-13 19:44:50 +00:00
R. RyanTM 91250fe625 nextcloud: 18.0.0 -> 18.0.1 2020-02-20 11:27:23 +00:00
R. RyanTM e95752f272 nextcloud: 17.0.2 -> 18.0.0 2020-01-22 02:34:54 +00:00
Jan Hrnko b167c29620 nextcloud: 17.0.1 -> 17.0.2 2019-12-20 19:32:21 +01:00
ajs124 03fef7cff3 nextcloud: 17.0.0 -> 17.0.1 2019-11-25 08:54:52 -08:00
cw ad3f51f737 nextcloud: 16.0.5 -> 17.0.0 2019-10-04 06:18:42 +02:00
Victor SENE 70d08871da nexcloud: 16.0.4 -> 16.0.5 2019-09-30 22:09:25 +02:00
Vladimír Čunát 2e6bf42a22
Merge branch 'master' into staging-next
There ver very many conflicts, basically all due to
name -> pname+version.  Fortunately, almost everything was auto-resolved
by kdiff3, and for now I just fixed up a couple evaluation problems,
as verified by the tarball job.  There might be some fallback to these
conflicts, but I believe it should be minimal.

Hydra nixpkgs: ?compare=1538299
2019-08-24 08:55:37 +02:00
R. RyanTM 649a61ddf9 nextcloud: 16.0.3 -> 16.0.4
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/nextcloud/versions
2019-08-19 13:29:13 -07:00
volth 46420bbaa3 treewide: name -> pname (easy cases) (#66585)
treewide replacement of

stdenv.mkDerivation rec {
  name = "*-${version}";
  version = "*";

to pname
2019-08-15 13:41:18 +01:00
Andreas Wiese 9dc6e984b5 nextcloud: 16.0.2 -> 16.0.3 2019-07-15 22:45:09 +02:00