Bob van der Linden
f085d82ce0
make all daemon settings default
2021-12-19 14:17:04 +01:00
Bob van der Linden
6bbf3b6e0a
remove quotes for kebab-case settings
2021-12-19 14:17:04 +01:00
Bob van der Linden
92a23655c8
move cli options to json daemon settings
2021-12-19 14:17:04 +01:00
Bob van der Linden
e8dae9246b
use pkgs.formats.json
2021-12-19 14:17:04 +01:00
Bob van der Linden
c1b0d4acf5
rename daemonConfig -> daemon.settings
2021-12-19 14:16:58 +01:00
Bob van der Linden
142a1540d6
nixos/docker: add daemonConfig option
...
Adds the virtualisation.docker.daemonConfig option that allows
changing Docker daemon settings as done in daemon.conf.
2021-12-19 14:15:18 +01:00
Aaron Andersen
76457da532
nixos/mysql: remove services.mysql.extraOptions in favor of services.mysql.settings
2021-12-18 21:01:48 -05:00
Aaron Andersen
f1d1d319ae
nixos/mysql: update user and group descriptions
2021-12-18 21:01:48 -05:00
Aaron Andersen
c7cac1bdc0
nixos/mysql: use systemd StateDirectory to provision the data directory
2021-12-18 21:01:42 -05:00
github-actions[bot]
916b5fb667
Merge staging-next into staging
2021-12-19 00:02:22 +00:00
Andrew Marshall
f10aea2434
nixos/ssh: Add enableAskPassword
...
Previously, this was only implicitly enabled if xserver.enable = true.
However, Wayland-based desktops do not require this, and so configuring
SSH_ASKPASS on a Wayland desktop becomes cumbersome. This simplifies
that by adding a new option that defaults to the old conditional.
2021-12-18 12:13:02 -05:00
github-actions[bot]
dd2f8bc91d
Merge staging-next into staging
2021-12-18 12:01:49 +00:00
0x4A6F
0b738b87db
Merge pull request #151145 from zhaofengli/unifi5-log4j-new-mitigation
...
unifi5: Follow new mitigation guidelines
2021-12-18 13:00:28 +01:00
Robert Hensing
058677c417
Merge pull request #151150 from agbrooks/oci-layer-order
...
dockerTools.buildImage: Fix incorrect layer unpack order before executing runAsRoot script
2021-12-18 11:03:03 +01:00
Zhaofeng Li
8bbae8e558
unifi: Add NixOS tests
2021-12-18 00:19:04 -08:00
github-actions[bot]
8d45187fd8
Merge staging-next into staging
2021-12-18 06:01:57 +00:00
Bobby Rong
c9ec5a228d
Merge pull request #151153 from bobby285271/pantheon
...
Pantheon updates 2021-12-17
2021-12-18 14:01:54 +08:00
Artturin
c44f95a855
nixos/stage1: run fsck on battery too
...
We are in 2021 almost 2022 not in 2004 when this may have been an issue!
https://alioth-lists.debian.net/pipermail/pkg-sysvinit-devel/2009-May/003196.html
https://www.nico.schottelius.org/blog/debian-ubuntu-fsck-skip-on-battery-bug/
d29daf3952
https://bugs.launchpad.net/ubuntu/+source/laptop-mode/+bug/11194
2021-12-18 06:06:10 +02:00
Bobby Rong
62103c4e41
pantheon.xdg-desktop-portal-pantheon: move to pkgs/desktop/pantheon
...
Only used by Pantheon AFAIK.
2021-12-18 11:35:55 +08:00
Aaron Andersen
eeef6e1341
Merge pull request #151144 from Sohalt/spacenavd-syslog
...
nixos/spacenavd: remove syslog.target
2021-12-17 21:47:23 -05:00
Andrew Brooks
57718902e3
nixos/tests/docker-tools: add test for pre-runAsRoot layer unpack order
2021-12-17 19:26:53 -06:00
github-actions[bot]
d1e6365b21
Merge staging-next into staging
2021-12-18 00:02:05 +00:00
sohalt
9718fc1211
nixos/spacenavd: remove syslog.target
2021-12-18 00:59:48 +01:00
Zhaofeng Li
a4bcad541e
unifi5: Follow new mitigation guidelines
...
Simply disabling lookups isn't enough, and the JndiLookup class must be
removed:
https://web.archive.org/web/20211217085954/https://logging.apache.org/log4j/2.x/security.html
2021-12-17 15:55:13 -08:00
pennae
64bbe28843
nixos/unifi: rename openPorts to openFirewall
...
openFirewall is the much more common name for an option with this
effect. since the default was `true` all along, renaming it doesn't hurt
much and only improves consistency with other modules.
2021-12-17 21:30:52 +01:00
pennae
2000a1edcd
nixos/unifi: add deprecation warning for openPorts
...
modules are discouraged from opening ports in the firewall unless
explicitly told to do so. add a deprecation notice for this in unifi.
2021-12-17 21:30:52 +01:00
ajs124
e6188c00f0
Merge pull request #149387 from sumnerevans/matrix-synapse-1.49
...
matrix-synapse: 1.48.0 -> 1.49.0
2021-12-17 19:51:34 +00:00
Franz Pletz
0cb8669638
dhcpcd: use dhcpcd as privsep user
2021-12-17 19:23:00 +01:00
github-actions[bot]
3fa6ddfa60
Merge staging-next into staging
2021-12-17 18:01:42 +00:00
Graham Christensen
06edb74413
Merge pull request #148785 from pennae/more-option-doc-staticizing
...
treewide: more defaultText for options
2021-12-17 11:14:08 -05:00
github-actions[bot]
a6adcc1edf
Merge staging-next into staging
2021-12-17 12:02:12 +00:00
Flakebi
368b22d09b
powerdns-admin: fix and add module
...
- Add the migrations directory to the package
- Add postgres support to the package
- Add a service for powerdns-admin
Co-authored-by: Zhaofeng Li <hello@zhaofeng.li>
2021-12-17 10:33:40 +01:00
Bobby Rong
94144484c2
Merge pull request #148164 from veehaitch/nixos-github-runner-148024-v2
...
nixos/github-runner: refactor tokens handling
2021-12-17 16:28:21 +08:00
Alyssa Ross
e07182012b
Merge remote-tracking branch 'nixpkgs/staging-next' into staging
...
Conflicts:
pkgs/development/python-modules/pint/default.nix
2021-12-17 05:50:06 +00:00
Alyssa Ross
de27156be0
nixos/cage: log to journal
...
Previously, cage would log to the TTY it was running on top of, so log
messages were basically lost.
2021-12-16 23:55:15 +00:00
Nikolay Amiantov
fe97584f15
Merge pull request #147679 from danderson/danderson/influx-update
...
influxdb2: 2.0.8 -> 2.1.1
2021-12-17 02:41:41 +03:00
Martin Weinelt
8086f8658e
Merge pull request #151029 from andir/snapcast-bind
2021-12-16 23:52:05 +01:00
Andreas Rammhold
c9c93b0add
nixos/snapserver: use the correct bind address arguments
...
Snapserver expects the arguments `--tcp.bind_to_address` and
`--http.bind_to_address` instead of the `--tcp.address` (and http
equivalent) versions.
This caused the process to listen on `0.0.0.0` (for TCP and HTTP
sockets) regardless of the configuration value. It also never listend on
the IPv6 address `::` as our module system made the user believe.
This commit fixes the above issue and ensures that (at least for the TCP
socket) that our default `::` does indeed allow connections via IPv6
(to localhost aka ::1).
2021-12-16 23:27:56 +01:00
David Anderson
7708b9db26
infuxdb2: add package split to 22.05 release notes.
2021-12-16 12:17:20 -08:00
David Anderson
492f791f9d
influxdb2: use the new server derivation in the nixos module.
2021-12-16 12:10:09 -08:00
Kim Lindberger
ebaa226853
elk7: 7.11.1 -> 7.16.1, 6.8.3 -> 6.8.21 + add filebeat module and tests ( #150879 )
...
* elk7: 7.11.1 -> 7.16.1
* nixosTests.elk: Improve reliability and compatibility with ELK 7.x
- Use comparisons in jq instead of grepping
- Match for `.hits.total.value` if version >= 7, otherwise it always
passes
- Make curl fail if requests fails
* nixos/filebeat: Add initial module and test
Filebeat is an open source file harvester, mostly used to fetch logs
files and feed them into logstash.
This module can be used instead of journalbeat if used with
`filebeat7` and configured with the `journald` input.
* python3Packages.parsedmarc.tests: Fix breakage
- Don't use the deprecated elasticsearch7-oss package
- Improve jq query robustness and add tracing
* rl-2205: Note the addition of the filebeat service
* elk6: 6.8.3 -> 6.8.21
The latest version includes a fix for CVE-2021-44228.
* nixos/journalbeat: Add a loose dependency on elasticsearch
Avoid unnecssary back-off when elasticsearch is running on the same
host.
2021-12-17 00:20:52 +09:00
Nikolay Amiantov
759f4afc65
tarsnap service: fix escaping ( #150802 )
2021-12-16 16:53:59 +03:00
zowoq
014236e9c9
nixos/kubernetes: don't import <nixpkgs>
2021-12-16 21:47:12 +10:00
Naïm Favier
901d4f13a3
nixos/systemd: set TZDIR for PID 1
...
Fixes #105049
2021-12-16 04:09:07 +01:00
github-actions[bot]
3e2d1c1e65
Merge staging-next into staging
2021-12-15 18:01:52 +00:00
Nikolay Amiantov
aef12c8678
Merge pull request #150779 from abbradar/youtrack
...
youtrack: 2021.1.13597 -> 2021.4.35970, restart on failure
2021-12-15 16:04:58 +03:00
github-actions[bot]
5c3e01fe1c
Merge staging-next into staging
2021-12-15 12:02:07 +00:00
Markus S. Wamser
b93e478777
writers.PyPy{2,3}: init
2021-12-15 10:01:08 +01:00
Markus S. Wamser
4e42f6bcb3
writers.writePython2: remove
2021-12-15 09:56:14 +01:00
Nikolay Amiantov
497d334c14
youtrack service: restart on failure
2021-12-15 01:40:00 +03:00
Sumner Evans
c0a6554847
matrix-synapse: 1.48.0 -> 1.49.0
2021-12-14 10:34:41 -07:00
github-actions[bot]
a292b5fe68
Merge staging-next into staging
2021-12-14 12:02:00 +00:00
Silvan Mosberger
d995f2abb9
Merge pull request #150631 from pennae/fix-option-docs-nix23
...
nixos/lib/make-options-doc: fix with nix 2.3
2021-12-14 11:58:41 +01:00
ajs124
84ce6a6286
Merge pull request #149868 from lostnet/couchopts
...
couchdb3: add vm.args option and fix pkgs.couchdb reference
2021-12-14 10:48:56 +00:00
Bobby Rong
bbfbcefb02
Merge pull request #149628 from Izorkin/fix-wsdd
...
nixos/tests/wsdd: fix test
2021-12-14 14:58:40 +08:00
github-actions[bot]
b073a17f68
Merge staging-next into staging
2021-12-14 06:02:02 +00:00
pennae
a70b1eb630
nixos/lib/make-options-doc: fix with nix 2.3
2021-12-14 03:41:09 +01:00
zowoq
d90103d112
Revert "kubernetes: disable rbac tests"
...
This reverts commit 91c6a97243
.
2021-12-14 11:02:36 +10:00
Johan Thomsen
282b303e83
nixos/kubernetes: drop tty and stdin for execs in test pods
2021-12-14 11:02:07 +10:00
github-actions[bot]
75e029e297
Merge staging-next into staging
2021-12-14 00:02:27 +00:00
Julien Moutinho
5cf90a60e5
nixos/redis: cleanup tests
2021-12-13 14:42:19 -05:00
Julien Moutinho
7475554372
nixos/redis: enable multiple instances of redis-server
2021-12-13 14:42:19 -05:00
Bernardo Meurer
f40283cf62
Merge pull request #149837 from helsinki-systems/feat/redo-activation-script-restarting
...
nixos/switch-to-configuration: Add a massive test and do a slight refactor
2021-12-13 11:37:20 -08:00
github-actions[bot]
1a2b61419f
Merge staging-next into staging
2021-12-13 18:01:54 +00:00
Maximilian Bosch
bedca751c5
Merge pull request #150527 from malte-christian/master
...
nixos/nextcloud: update warning for MariaDB >= 10.6
2021-12-13 15:21:16 +01:00
Jörg Thalheim
afa3c99cd5
Merge pull request #148593 from veehaitch/sgx-psw
...
sgx-psw: init package and module
2021-12-13 14:16:26 +00:00
Malte
7c43256291
nixos/nextcloud: update warning for MariaDB >= 10.6
2021-12-13 13:25:21 +01:00
github-actions[bot]
f73f987c8a
Merge staging-next into staging
2021-12-12 18:01:48 +00:00
maralorn
b243326a02
Merge pull request #149013 from Ma27/postgres-docs
...
nixos/postgresql: improve docs on how to upgrade
2021-12-12 15:55:37 +01:00
Martin Weinelt
37527494b6
Merge pull request #150329 from zhaofengli/unifi-6.5.54
2021-12-12 14:10:10 +01:00
github-actions[bot]
a1f533ecf6
Merge staging-next into staging
2021-12-12 12:01:57 +00:00
markuskowa
5d99afe652
Merge pull request #150311 from bachp/glusterfs-syslog-target
...
nixos/glusterfs: remove syslog.target from services
2021-12-12 12:42:53 +01:00
zowoq
91c6a97243
kubernetes: disable rbac tests
...
timed out on hydra
2021-12-12 19:56:19 +10:00
Zhaofeng Li
e992604bf0
nixos/unifi: Apply log4j2 mitigation
2021-12-12 01:48:58 -08:00
github-actions[bot]
1120c2b1ac
Merge staging-next into staging
2021-12-12 06:01:43 +00:00
Bobby Rong
ebb5bd223c
Merge pull request #150372 from bobby285271/pantheon
...
pantheon.appcenter: re-add patch for disable packagekit backend
2021-12-12 13:30:53 +08:00
Bobby Rong
c65f6852e4
Revert "nixos/pantheon: mention latest appcenter changes in manual"
...
This reverts commit d49d9a24b7
.
2021-12-12 12:45:31 +08:00
Bobby Rong
1eef9ae2d1
Revert "nixos/pantheon: cleanup FAQ section"
...
This reverts commit cd58f44937
.
2021-12-12 12:45:10 +08:00
github-actions[bot]
caebe15ce1
Merge staging-next into staging
2021-12-12 00:02:28 +00:00
Pascal Bach
51e80b4ded
Merge pull request #149723 from pingiun/patch-5
...
eternal-terminal: remove syslog.target from service
2021-12-11 22:45:22 +01:00
Pascal Bach
98a81a3152
Merge pull request #149733 from lunik1/adguard-syslog
...
nixos/adguardhome: remove syslog.target from service
2021-12-11 22:45:08 +01:00
Pascal Bach
e6217908a3
nixos/glusterfs: remove syslog.target from services
2021-12-11 22:43:02 +01:00
Martin Weinelt
e675946ecd
Merge pull request #125256 from deviant/acme-standalone
2021-12-11 22:06:48 +01:00
Guillaume Girol
57f7f3a87b
Merge pull request #148696 from MasseR/master
...
Fix the syntax error on tt-rss config file
2021-12-11 20:57:15 +00:00
spacefrogg
fe44db8271
openafsServer: remove dependency on syslog.target ( #150294 )
...
syslog.target has been deprecated and removed
2021-12-11 14:46:23 -05:00
erdnaxe
cf504b2330
nixos/nitter: remove syslog.target from service ( #150224 )
2021-12-11 14:45:54 -05:00
Dmitry Kalinkin
462d8e1bec
Merge pull request #150200 from sbruder/invidious-remove-syslog
...
nixos/invidious: remove syslog.target from service
2021-12-11 14:45:38 -05:00
Dmitry Kalinkin
07a8ae0c5a
Merge branch 'staging-next' into staging
...
Conflicts:
pkgs/development/libraries/log4cplus/default.nix
2021-12-11 14:01:19 -05:00
Ryan Mulligan
c84ba61d73
Merge pull request #149860 from 1000teslas/xrdp-conf
...
nixos/xrdp: add confDir option
2021-12-11 10:45:53 -08:00
Maximilian Bosch
2deb8c0fc5
nixos/postgresql: improve docs on how to upgrade
...
* It's IMHO a slight overkill to deploy an additional container even if
it's never supposed to be running. Also, the currently suggested
approach wouldn't use the default state-directory for the new version.
* Explain the structure of the state-directories and where the
version-numbers are actually coming from.
* Mention `./analyze_new_cluster.sh` & `./delete_old_cluster.sh`.
2021-12-11 18:22:31 +01:00
Mats Rauhala
0eaecd60cb
tt-rss-module handle situations without any password
2021-12-11 15:02:27 +02:00
Mats Rauhala
de16da59f2
Fix the syntax error on tt-rss config file
2021-12-11 15:02:27 +02:00
Simon Bruder
35ed694793
nixos/invidious: remove syslog.target from service
...
It has been removed from systemd, see #149721 .
2021-12-11 08:28:20 +01:00
Jacek Galowicz
b6bf1ca717
Merge pull request #149329 from marijanp/test-driver-restructuring
...
nixos/test-driver: make the test-driver a python package
2021-12-10 18:41:49 +00:00
Stig
8f21565901
Merge pull request #121085 from colemickens/gpg-ccid-udev
...
nixos/hardware/gnupg-ccid: init udev rules
2021-12-10 14:22:06 +01:00
Marijan Petričević
ab693de868
nixos/test-driver: make the test-driver a python package
2021-12-10 12:27:45 +00:00
Silvan Mosberger
2f2b60dd87
lib/nixos/eval-config.nix: Fix extraArgs
...
Fixes a mistake in https://github.com/NixOS/nixpkgs/pull/148315 that
caused https://github.com/NixOS/nixpkgs/issues/148343#issuecomment-990881216
2021-12-10 12:55:30 +01:00
Jörg Thalheim
096156aa50
Merge pull request #150003 from evils/rasdaemon
...
nixos/rasdaemon: remove syslog.target dependency
2021-12-10 11:31:21 +00:00
Mikael
4c39a29128
modules/nix-daemon: Amend daemon(CPU|IO)Sched(Policy|Class) description ( #147497 )
...
Suggest appropriate values for various types of systems and add some
formatting.
2021-12-10 11:30:51 +01:00
Lara
c2b79874a7
nixos/jitsi-videobridge: Mitigate CVE-2021-44228 ( #150021 )
...
This commit mitigates a remote code execution vulnerability in the log4j
library.
2021-12-10 11:16:20 +01:00
Vincent Haupert
d6cc0ad96e
nixosTests.aesmd: init
2021-12-10 10:18:31 +01:00
Vincent Haupert
0b5c9f81e2
nixos/aesmd: add module
...
Co-authored-by: Alex Zero <joseph@marsden.space>
2021-12-10 10:18:31 +01:00
Vincent Haupert
ac60e78b48
nixos/intel-sgx: add option for SGX provisioning
2021-12-10 10:09:41 +01:00
0x4A6F
c28b4458d7
Merge pull request #147797 from romildo/upd.xfce
...
maintainers: add xfce team
2021-12-10 09:23:20 +01:00
Evils
b22f50135c
nixos/rasdaemon: remove syslog.target dependency
...
this was copied from upstream's unit file
but only used when the daemon runs in background mode
--foreground is used unconditionally in this module
2021-12-10 08:18:05 +01:00
Graham Christensen
6617c39075
Merge pull request #149936 from Artturin/virtiokb
...
nixos/qemu-vm: add -device virtio-keyboard to opts
2021-12-09 21:01:51 -05:00
Artturin
39c5525cb1
nixos/qemu-vm: add -device virtio-keyboard to opts
...
by default a ps/2 keyboard input is used which seems to cause issues
on aarch64-linux when the machine is used high load, causing the keymap
qwertz test to always fail and azerty to sometimes fail
See https://github.com/NixOS/nixpkgs/issues/147294
2021-12-10 01:04:33 +02:00
Kevin Tran
1906561f8d
Update nixos/modules/services/networking/xrdp.nix
...
Co-authored-by: Ryan Mulligan <ryan@ryantm.com>
2021-12-10 09:08:45 +11:00
0x4A6F
c92ba86931
Merge pull request #146605 from FlorianFranzen/zsa-udev
...
zsa-udev-rules: unstable-2020-12-16 -> 2.1.3
2021-12-09 21:03:35 +01:00
Janne Heß
595ceaf3a7
Merge pull request #149412 from helsinki-systems/feat/type-pam-options
...
nixos/pam: Type all limit options
2021-12-09 17:42:16 +01:00
Will
a6196bc8b2
couchdb3: add vm.args and fix pkgs.couchdb reference
2021-12-09 14:55:01 +00:00
1000teslas
9c478c1995
nixos/xrdp: add confDir option
2021-12-10 00:56:21 +11:00
Guillaume Girol
b2ed7c36c1
Merge pull request #149642 from r-ryantm/auto-update/os-prober
...
os-prober: 1.78 -> 1.79
2021-12-09 13:48:46 +00:00
Janne Heß
6807628791
nixos/switch-to-configuraton: Add details about sockets
2021-12-09 13:51:18 +01:00
Guillaume Girol
6f2ed3cd1e
nixosTests.os-prober: fix infinite recursion
2021-12-09 12:00:00 +00:00
Andreas Rammhold
6e69e537ff
Merge pull request #145183 from veehaitch/networkd-DHCPServerStaticLease
...
nixos/networkd: add `dhcpServerStaticLeaseConfig` option
2021-12-09 12:57:46 +01:00
Janne Heß
7b5fb05a0d
nixos/pam: Type all limit options
2021-12-09 12:48:02 +01:00
Janne Heß
2024306048
nixos/switch-to-configuration: Restart non-services
2021-12-09 12:31:48 +01:00
Janne Heß
efcdc01d62
nixos/switchTest: Massively extend the test
2021-12-09 12:30:48 +01:00
Janne Heß
393c721849
nixos/switch-to-configuration: Move handleModifiedUnit into a sub
2021-12-09 11:31:59 +01:00
adisbladis
273018e39a
Merge pull request #149769 from qowoz/podman-sort
...
nixos/podman: sort files into directories
2021-12-09 18:41:50 +12:00
Aaron Andersen
ffa3ebb1f7
Merge pull request #149624 from dali99/fix_dokuwiki_php
...
nixos/dokuwiki: Use php74 for the phpfpm pool
2021-12-08 22:21:25 -05:00
zowoq
79e66fce1c
nixos/podman: sort files into directories
...
Makes codeowners, git history, etc. a bit simpler now that podman has expanded beyond the original single file module and test.
2021-12-09 13:03:16 +10:00
adisbladis
ce82da442b
Merge pull request #149732 from qowoz/podman
...
podman: 3.4.3 -> 3.4.4
2021-12-09 13:50:58 +12:00
pennae
e67a646a92
treewide: add defaultText to remaining options
...
these are mostly options that use alias bindings, bindings to constants,
or bindings to calculated values.
2021-12-09 01:42:24 +01:00
pennae
1f960e7571
nixos/captive-browser: add defaultText for browser
...
easiest way to do this is to move the default expression out and
abstract over what is substituted into it, using a dependent value for
the default and a descriptive value for defaultText
2021-12-09 01:42:24 +01:00
pennae
0eaf46a1dc
nixos/system-path: add defaultText for defaultPackages
2021-12-09 01:42:24 +01:00
pennae
1060fefae3
nixos/tarsnap, nixos/neo4j: defaultText for submodule options
...
unfortunately we don't have a good way to represent defaults that
reference other values of the current submodule, so we just use the
relative path of the referenced value and assume that the submodule was
declared as `rec`.
2021-12-09 01:42:24 +01:00
pennae
9407761763
treewide: add defaultText for options using other shortcut bindings
2021-12-09 01:42:24 +01:00
pennae
3226c5aded
nixos/hbase: refactor settings option
...
instead of keeping a defaultConfig value around, set that value as the
default of the option and explicitly use the option default instead.
this also allows us to write a defaultText that makes sense and is in
proximity to the definition of the default.
2021-12-09 01:38:24 +01:00
pennae
2d564521c0
treewide: add literalDocBook text to options with complex defaults
...
some options have default that are best described in prose, such as
defaults that depend on the system stateVersion, defaults that are
derivations specific to the surrounding context, or those where the
expression is much longer and harder to understand than a simple text
snippet.
2021-12-09 01:38:24 +01:00
pennae
6eaf4f90c2
nixos/mpdscribble: add defaultText for some options using mpdCfg
2021-12-09 01:38:24 +01:00
pennae
b9950385e5
treewide: make option examples constant
...
escape interpolations in examples, or replace them where they are not
useful.
2021-12-09 01:38:24 +01:00
pennae
e72435e612
treewide: make option descriptions constants
...
escape interpolations in descriptions where possible, replace them with
sufficiently descriptive text elsewhere. also expand cfg.* paths in
descriptions.
2021-12-09 01:21:04 +01:00
pennae
ed673a69db
treewide: add defaultText for options with simple cfg.* expression defaults
...
adds defaultText for options with defaults that use only literals, full config.*
paths, and the cfg shortcut binding.
2021-12-09 01:14:16 +01:00
pennae
fb0e5be843
treewide: add defaultText for options with simple interpolation defaults
...
adds defaultText for all options that use `cfg.*` values in their
defaults, but only for interpolations with no extra processing (other
than toString where necessary)
2021-12-09 01:13:48 +01:00
pennae
f6d0b014fe
nixos/kubernetes: add defaultText for addons options using top.*
...
the kubernetes modules cross-reference their config using an additional shortcut
binding `top = config.services.kubernetes`, expand those to defaultText like
`cfg` previously.
2021-12-09 01:13:12 +01:00
pennae
e24a8775a8
treewide: set defaultText for options using simple path defaults
...
adds defaultText for all options that set their default to a path expression
using the ubiquitous `cfg` shortcut bindings.
2021-12-09 01:12:13 +01:00
zowoq
4df7ad53c7
Revert "nixos/podman/tests: add workaround for broken import"
...
This reverts commit 9edf2e0ffd
.
This seems to have been fixed.
2021-12-09 08:32:24 +10:00
Florian Klink
fec4daf38d
Merge pull request #149342 from helsinki-systems/feat/restart-systemd-on-systemconf-change
...
nixos/switch-to-configuration: Restart systemd when system.conf is changed
2021-12-08 23:23:04 +01:00
lunik1
1f0bbdb6fc
nixos/adguardhome: remove syslog.target from service
2021-12-08 22:18:25 +00:00
Jelle Besseling
f226901f7f
eternal-terminal: remove syslog.target from service
2021-12-08 22:48:20 +01:00
pennae
70b105d1d0
nixos/journalbeat: remove support for versions < 6
...
nixos no longer ships journalbeat 5 and hasn't since at least 20.09. remove
checks for older versions from the module.
2021-12-08 21:41:18 +01:00
Silvan Mosberger
15c41e1d54
Merge pull request #147265 from pennae/option-docs-build
...
put all option docs build flavors on equal footing
2021-12-08 21:27:02 +01:00
squalus
c3ab9e6d40
nixos/prometheus-nginx-exporter: fix argument syntax
...
Arguments were being ignored because the program expects an equals sign
to separate the argument name from the value.
Documented in https://github.com/nginxinc/nginx-prometheus-exporter/issues/153
Fixes #107541
2021-12-08 11:32:13 -08:00
Daniel Olsen
1681c0b49e
nixos/dokuwiki: Use php74 for the phpfpm pool
...
php8 does not work and is not supported
2021-12-08 20:22:12 +01:00
Jan Tojnar
bcb4b714bd
Revert "nixos: make GIO_EXTRA_MODULES a session variable"
...
This reverts commit abfcb79abf
.
Fixes: https://github.com/NixOS/nixpkgs/issues/149539
2021-12-08 19:54:18 +01:00
Artturi
3fe92b45cb
Merge pull request #149665 from Artturin/squashfscores
2021-12-08 20:20:32 +02:00
Artturin
eea6baad50
make-squashfs: use $NIX_BUILD_CORES or 48 cores if above 48
...
by default all cores are used
hoping this will fix the hydra i686 squashfs build issues as all the
failures were using 64 cores
Parallel mksquashfs: Using 64 processors
Creating 4.0 filesystem on ..., block size 1048576.
FATAL ERROR: mangle2:: xz compress failed with error code 5
2021-12-08 19:23:31 +02:00
Kim Lindberger
9bf94de535
Merge pull request #147506 from talyz/discourse-2.8.0.beta8
...
discourse: 2.7.9 -> 2.8.0.beta9
2021-12-08 18:15:48 +01:00
Jörg Thalheim
2320324826
Merge pull request #149415 from helsinki-systems/feat/more-types
...
nixos: Type some more options
2021-12-08 15:37:36 +00:00
Jörg Thalheim
01ed14a53c
Merge pull request #149416 from helsinki-systems/feat/type-dysnomia-options
...
nixos/dysnomia: Type all options
2021-12-08 15:36:17 +00:00
ajs124
eee45bb295
Merge pull request #146815 from ElvishJerricco/systemd-utils-expressions
...
Move systemd-lib.nix and systemd-unit-options.nix into utils
2021-12-08 15:07:28 +00:00
Jörg Thalheim
8010ff0d54
Merge pull request #149504 from mattchrist/fix-brscan5-nixos-test
...
brscan5: fix nixos test
2021-12-08 15:06:17 +00:00
Jörg Thalheim
0b698e4af5
Merge pull request #149587 from davidkna/patch-1
...
nixos/snapraid: fix evaluation
2021-12-08 14:58:53 +00:00
Janne Heß
e36ceb65e6
Merge pull request #129449 from ddz/copy-initrd-secrets-after-early-mount-script
...
nixos/stage1: copy initrd secrets into place after special mounts
2021-12-08 15:38:02 +01:00
José Romildo
24a4815693
xfce: add maintainers team
2021-12-08 11:34:00 -03:00
Izorkin
23d62decbb
nixos/tests/wsdd: fix test
2021-12-08 16:44:16 +03:00
David Knaack
28db2a481d
nixos/snapraid: fix evaluation
...
Use string concatenation operator (`+`) instead of incorrect list concatenation operator (`++`)
2021-12-08 11:10:02 +01:00
Janne Heß
9cdda88bb5
nixos/pcmcia: Type the last option
2021-12-08 11:02:34 +01:00
Matt Christ
7b1d8bd182
brscan5: fix nixos test
...
import 're' so we can do regex stuff in this test
2021-12-07 20:35:50 -06:00
github-actions[bot]
df0c1b8745
Merge staging-next into staging
2021-12-08 00:02:16 +00:00
Patrick Hilhorst
29671bc365
Merge pull request #137260 from onny/maddy
2021-12-08 00:00:13 +01:00
Jonas Heinrich
ecd88f91a0
nixos/maddy: Add module for maddy
...
Co-authored-by: Patrick Hilhorst <git@hilhorst.be>
2021-12-07 22:58:22 +01:00
Aaron Andersen
7f6f59e43c
Merge pull request #147324 from ju1m/transmission
...
nixos/transmission: disable downloadDirPermissions by default
2021-12-07 16:46:50 -05:00
Sandro
e1f9dbf673
Merge pull request #139815 from ncfavier/fastcgiParams-path
2021-12-07 20:38:55 +01:00
Bjørn Forsman
8eb814e964
Revert "nixos/ddclient: fix permission for ddclient.conf ( #148179 )"
...
This reverts commit 6af3d13bec
.
Reported by @arcnmx
(https://github.com/NixOS/nixpkgs/pull/148179#issuecomment-987197656 ):
Does this not completely break the service? It doesn't change the
owner to the same as the ddclient server (which is somewhat difficult
due to it being a DynamicUser), so this now makes the service
completely unusable because the config is only readable by its owner,
root:
ddclient[871397]: WARNING: file /run/ddclient/ddclient.conf: Cannot open file '/run/ddclient/ddclient.conf'. (Permission denied)
Given that the RuntimeDirectory was only readable by the ddclient
service, the warning this PR fixes was spurious and not indicative of
an actual information leak. I'm not sure of what a quick fix would be
due to DynamicUser, but would at least request a revert of this so the
service can work again?
2021-12-07 19:44:20 +01:00
Janne Heß
fd6a2f3279
Merge pull request #149280 from netixx/fix-freeradius
...
freeradius: fix radius user
2021-12-07 19:35:38 +01:00
Janne Heß
e14d34f80f
nixos/dysnomia: Type all options
2021-12-07 18:53:18 +01:00
Janne Heß
5015aeab6f
nixos/xmonad: Type the last option
2021-12-07 18:36:11 +01:00
Janne Heß
4cba5de303
nixos/hoogle: Type the last option
2021-12-07 18:36:01 +01:00
Silvan Mosberger
490d46f044
Merge pull request #148315 from hercules-ci/nixos-evalModules-legacy-cleanup
...
NixOS/evalModules legacy cleanup
2021-12-07 18:30:52 +01:00
Finn Behrens
673ad7eb36
nixos/pleroma: create cookie if not existing ( #149368 )
2021-12-07 17:32:55 +01:00
Matthew Leach
5ce7061945
nixos/networking: add options for configuring a GRE tunnel
...
Add `networking.greTunnels` option that allows a GRE tunnel to be
configured in NixOS.
2021-12-07 15:44:00 +00:00
Janne Heß
1f41365cda
nixos/switch-to-configuration: Restart systemd when system.conf is changed
2021-12-07 14:32:19 +01:00
Janne Heß
e37aab2130
nixos/acme: Allow disabling bash tracing
...
This is horrible if you want to debug failures that happened during
system switches but your 30-ish acme clients spam the log with the same
messages over and over again.
2021-12-07 14:17:56 +01:00
ajs124
a43c2c1e70
Revert "nixos/tests/installer: lvm: test lvm2-pvscan@ units"
...
This reverts commit 53a34361af
.
2021-12-07 13:17:42 +01:00
Florian Klink
c6f07eae0b
Merge pull request #149153 from helsinki-systems/systemd-upd-and-misc
...
systemd: 249.5 -> 249.7 & various fixes
2021-12-07 13:06:52 +01:00
Bernardo Meurer
ebb7f07eec
Merge pull request #148751 from NixOS/feat/slight-stc-improvements
...
nixos/switch-to-configuration: Add small improvements
2021-12-07 02:38:26 -08:00
Yuka
ce54a4f658
nixos/networkd: add RoutingPolicyRule Type option ( #146168 )
2021-12-07 10:13:22 +01:00
Netix (Espinet François)
9d7ce57da5
freeradius: fix radius user
...
We now must choose either system or normal user when creating a user
2021-12-07 08:51:57 +01:00
Martin Weinelt
1d1b09c7c1
Merge pull request #148752 from sweber83/sw/zigbee2mqtt-1.22.1
2021-12-06 22:54:42 +01:00
Maximilian Bosch
c959de5b30
Merge pull request #148360 from helsinki-systems/drop/pg96
...
postgresql_9_6: drop
2021-12-06 21:57:05 +01:00
Johannes Schleifenbaum
9f45c18515
sabnzbd: add simple test
2021-12-06 21:08:19 +01:00
Martin Weinelt
96d69e40f2
nixos/zigbee2mqtt: run as zigbee2mqtt group
...
Not setting a group is a security defect, since that will run the unit
under the root group.
Fixes: 1af87596
("nixos/zigbee2mqtt: init")
2021-12-06 18:30:01 +01:00
Simon Weber
200c36255f
nixos/zigbee2mqtt: no longer pass dataDir to package
2021-12-06 18:28:59 +01:00
Patrick Hilhorst
5e29d3ce2e
nixosTests.pulseAudio: init
2021-12-06 17:27:20 +01:00
Jan Tojnar
75eaab3757
Merge pull request #126832 from ncfavier/gio-extra-modules
...
nixos: make GIO_EXTRA_MODULES a session variable
2021-12-06 16:23:48 +01:00
pennae
027f7e1b7f
nixos/lib/make-options-doc: generate options.xml from options.json
...
to do this we must replace derivations with attrsets in make-options-doc, since
xml can represent derivations differently from attrset but json cannot. this
also given asciidoc and mddoc the ability to handle derivation differently,
which they previously didn't have.
2021-12-06 16:12:32 +01:00
pennae
9b97a2ea88
nix/lib/make-options-doc: remove nix-level sorting
...
there are no remaining users of sorted option lists except the docbook build,
which sorts its input separately.
2021-12-06 16:12:32 +01:00
pennae
c533b01863
nixos/doc/manual: remove non-matching optionsXML inherit
2021-12-06 16:12:32 +01:00
pennae
4670400309
nixos/lib/make-options-doc: generate asciidoc/md in derivations
...
use the json file derivation we already have to also generate the asciidoc and
md options docs instead of formatting the options in nix. docbook docs are
already produced in derivations.
the new script produce the exact same output as the old in-nix generation.
2021-12-06 16:12:30 +01:00
Artturi
779a657e37
Merge pull request #148649 from Artturin/sgxgid
...
nixos: add sgx group with gid 304
2021-12-06 17:05:00 +02:00
Arian van Putten
3efbd53c1b
nixos/systemd: remove nss-{user,}-lookup.target from multi-user.target
...
There is no real harm having them there; but it means these units really
only become active if there is a service providing the underlying
functionality.
nss-lookup.target should not be pulled in unconditionally. It should be
pulled in by providers of DNS lookups. E.g. systemd-resolved.service has
a Wants=nss-lookup.target, Before=nss-lookup.target. So once
systemd-resolved.service has finished starting up; other units that rely
on DNS can be started; but if systemd-resolved is not enabled; those
units can start up immediately.
Same story goes for nss-user-lookup.target and daemons like sssd.
From https://systemd.io/UIDS-GIDS/ :
Note that nss-user-lookup.target is a passive unit: in order to
minimize synchronization points on systems that don’t need it the unit
is pulled into the initial transaction only if there’s at least one
service that really needs it, and that means only if there’s a service
providing the local user database somehow through IPC or suchlike.
2021-12-06 14:40:18 +00:00
Arian van Putten
b4d7911263
nixos/systemd: remove local-fs.target, swap.target from multi-user.target
...
Since https://github.com/NixOS/nixpkgs/pull/56184/files local-fs.target
is already pulled in by sysinit.target
swap.target has always already been pulled in by sysinit.target
2021-12-06 14:40:14 +00:00
talyz
125bb7dac1
discourse: Don't patch the public path
...
Instead of patching the path to /public in Discourse's sources, make
the nginx configuration refer to the symlink in the discourse
package which points to the real path.
When there is a mismatch between the path nginx serves and the path
Discourse thinks it serves, we can run into issues like files not
being served - at least when sendfile requests from the ruby app are
processed by nginx. The issue I ran into most recently is that backup
downloads don't work.
Since Discourse refers to the public directory relative to the Rails
root in many places, it's much easier to just sync this path to the
nginx configuration than trying to patch all occurrences in the
sources. This should hopefully mean less potential for breakage in
future Discourse releases, too.
2021-12-06 14:21:39 +01:00
ajs124
47da70cdda
Merge pull request #148783 from oxzi/claws-mail-ciao-cacao-v3
...
claws-mail: remove claws-mail-gtk2 version
2021-12-06 11:00:00 +00:00
Jörg Thalheim
c7fa870f5a
Merge pull request #148535 from martinetd/bpf
...
bpf update: bcc remove linux kernel dep + devendor libbpf again, bpftrace 0.13.0 -> 0.14.0 + remove kernel dep, pahole 1.20 -> 1.22 + remove submodule, libbpf revert 0.6.0 -> 0.5.0 (unusable)
2021-12-06 08:33:14 +00:00
Robert Hensing
862d167f17
Merge pull request #147441 from pennae/option-doc-staticizing
...
nixos/*: add trivial defaultText to options where applicable
2021-12-06 01:35:38 +01:00
pennae
c694c35f9d
nixos/*: escape pkgs reference in examples and descriptions
2021-12-06 00:38:05 +01:00
Alvar Penning
521f30f80c
claws-mail: remove claws-mail-gtk2 version
...
The GTK+ 2 version of Claws Mail, major version number three, relies on
Python 2, which is end-of-life and might be dropped in the nixpkgs.
In favour of #148779 , this older branch of Claws Mail was removed.
2021-12-05 23:08:18 +01:00
Janne Heß
b30d619368
nixos/top-level: Check syntax of switch-to-configuration
2021-12-05 18:54:36 +01:00
Janne Heß
6f1e0dc34f
nixos/switch-to-configuration: Move excludes up
2021-12-05 18:54:19 +01:00
Janne Heß
5d34545954
nixos/switch-to-configuration: Ignore scopes
2021-12-05 18:47:35 +01:00
Janne Heß
1e422e7d58
nixos/switch-to-configuration: Fix dry order
...
This makes the order of the dry activation messages the same as the real
actions which makes more sense than another random order.
2021-12-05 18:46:50 +01:00
Janne Heß
3693e8b093
nixos/switch-to-configuration: Clean perl code
...
oct() is recommended by perlcritic and the rest was unused.
2021-12-05 18:45:44 +01:00
Janne Heß
50a0f33c2a
nixos/switch-to-configuration: Remove unnecessary TODOs
...
The first one doesn't make any sense because the directory where the
init binary resides does not contain other tools we need like
systemd-escape.
The second one doesn't make sense either because the errors are already
ignored.
2021-12-05 18:43:42 +01:00
Jörg Thalheim
8ae2771224
Merge pull request #148729 from bjornfor/add-missing-collectd-group-v2
...
nixos/collectd: add missing group
2021-12-05 17:18:55 +00:00
Ryan Mulligan
542e917e99
Merge pull request #148061 from astro/drbd_upstream
...
drbd: update, fix, add test
2021-12-05 09:10:22 -08:00
Bjørn Forsman
05bc708a7f
nixos/collectd: add missing group
...
While upgrading my NixOS system I was greeted by this error:
error:
Failed assertions:
- users.users.collectd.group is unset. This used to default to
nogroup, but this is unsafe. For example you can create a group
for this user with:
users.users.collectd.group = "collectd";
users.groups.collectd = {};
Let's fix it.
2021-12-05 17:17:12 +01:00
Bobby Rong
af6071db60
Merge pull request #148415 from erictapen/borgbackup
...
Revert "nixos/borgbackup: specify systemd WorkingDirectory"
2021-12-05 18:02:49 +08:00
Martin Weinelt
68dc5484e9
nixos/doc/manual/release-notes/rl-2111: add prometheus-smartctl-exporter
2021-12-05 03:18:17 +01:00
Martin Weinelt
0c008f9c0d
Merge pull request #147056 from mweinelt/smartctl-exporter
2021-12-05 03:00:48 +01:00
Bobby Rong
894fb34b23
Merge pull request #148159 from bobby285271/pantheon
...
pantheon.extra-elementary-contracts: split package
2021-12-05 09:56:34 +08:00
Martin Weinelt
d94cec6ead
Merge pull request #148543 from mweinelt/knot-hardening
2021-12-05 02:44:28 +01:00
Sean Heath
6af3d13bec
nixos/ddclient: fix permission for ddclient.conf ( #148179 )
2021-12-05 02:07:42 +01:00
Artturin
fc4df13e26
nixos: add sgx group with gid 304
...
fix Unknown group 'sgx', ignoring message from udev
2021-12-05 01:37:43 +02:00
Artturi
493d66a225
Merge pull request #145732 from gardspirito/mx-puppet-discord
2021-12-04 23:12:09 +02:00
Samuel Dionne-Riel
b976947ede
Merge pull request #121345 from samueldr/feature/plasma-mobile
...
Add support for Plasma Mobile
2021-12-04 15:37:26 -05:00
Thomas Gerbet
1a119b223c
vault{,bin}: 1.8.4 -> 1.9.0
...
https://github.com/hashicorp/vault/blob/v1.9.0/CHANGELOG.md
2021-12-05 06:10:43 +10:00
Martin Weinelt
146ddee13b
nixos/tests/knot: add extra cpu core to master
...
This verifies that we allow setting affinity in multicore systems.
2021-12-04 16:53:31 +01:00
Martin Weinelt
893f7af236
nixos/tests/knot: log systemd unit hardening info
2021-12-04 16:53:31 +01:00
Martin Weinelt
67f102d8d8
nixos/knot: update systemd hardening
2021-12-04 16:53:31 +01:00
Felix Schröter
d6a4500f88
nixos/ddclient: support all special characters in password
2021-12-04 16:28:31 +01:00
Robert Hensing
430c9173e4
Merge pull request #148363 from hercules-ci/add-dockerTools-fakechroot
...
dockerTools: Add fakechroot to fakeRootCommands
2021-12-04 15:13:37 +01:00
Maximilian Bosch
5ffc828912
Merge pull request #148301 from Kranzes/nextcloud
...
nextcloud23: init at 23.0.0
2021-12-04 14:54:25 +01:00
Robert Hensing
ddda5f28e1
dockerTools: Keep fakechroot disabled by default
...
Avoid risk of breaking existing images by making it opt-in.
2021-12-04 13:49:10 +00:00
Robert Hensing
0e9bc9ffd1
dockerTools: Add fakechroot to fakeRootCommands
2021-12-04 13:49:10 +00:00
Dominique Martinet
559fe43665
nixos/tests: add bpf test
...
test bcc and bpftrace briefly
2021-12-04 21:12:07 +09:00
Dominique Martinet
efe6967e93
bcc: move from linux-kernels packages to normal packages
...
bcc doesn't really need kernel itself, it just cares about module path.
It's actually better to use /run/booted-system/kernel-modules/lib/modules
for two reasons:
- no need to rebuild bcc for each new kernel
- can use a newer bcc with a booted kernel that doesn't match the current
system
2021-12-04 21:07:09 +09:00
Maciej Krüger
ca82a582d9
nixos/rtsp-simple-server: init
2021-12-04 12:58:36 +01:00
Tristan
7f6a2d5663
oci-containers: fix imageFile example
2021-12-04 10:23:58 +01:00
Samuel Dionne-Riel
2f12f30f00
nixos/plasma5: Split common Plasma config for Mobile from Desktop
2021-12-03 20:17:04 -05:00
Samuel Dionne-Riel
7f4324c64e
nixos/plasma5: Add suggested plasma mobile apps
2021-12-03 20:17:04 -05:00
Samuel Dionne-Riel
7df34e1145
nixos/plasma5: configuration for plasma mobile
2021-12-03 20:17:04 -05:00
Samuel Dionne-Riel
13a03fb289
nixos/plasma5: Add maliit-keyboard to plasma mobile session
2021-12-03 20:17:04 -05:00
Samuel Dionne-Riel
b41923c1ca
nixos/plasma5: configuration for plasma mobile
2021-12-03 20:17:04 -05:00
Tyler Slabinski
da6a39436b
nixos/plasma5: Add mobile.enable option for plasma
2021-12-03 20:17:04 -05:00
Samuel Dionne-Riel
fde4f481d9
nixos/plasma5: Make kwinrc/kdeglobals internally configurable
...
This is used with the Plasma Mobile configuration to configure the
system as upstream recommends.
2021-12-03 20:17:04 -05:00
Artturi
610b719d91
Merge pull request #148491 from Artturin/sendkeydelay
...
nixos/test-driver: add 10ms delay to send_key
2021-12-04 02:13:49 +02:00
Niklas Hambüchen
6c9f46d063
Merge pull request #148389 from GTrunSec/consul
...
nixos/consul: update deprecated setting
2021-12-03 21:53:10 +01:00
Martin Weinelt
42ae887b23
Merge pull request #148471 from Ma27/postfix-exporter-hardening
2021-12-03 20:26:10 +01:00
Artturin
60422ba2ea
nixos/test-driver: add 10ms delay to send_key
...
attempt to fix https://github.com/NixOS/nixpkgs/issues/147294
2021-12-03 20:04:56 +02:00
Maximilian Bosch
8e6d403e65
nixos/prometheus-postfix-exporter: whitelist addr-family AF_UNIX
...
Otherwise, `postfix_up{path="/var/lib/postfix/queue/public/showq"}` will
always be `0` indicating an postfix outage because this is a unix domain
socket that cannot be connected to:
2021/12/03 14:50:46 Failed to scrape showq socket: dial unix /var/lib/postfix/queue/public/showq: socket: address family not supported by protocol
2021-12-03 19:01:19 +01:00
Jörg Thalheim
4f08634a18
Merge pull request #148458 from lunik1/snapraid-fix
...
nixos/snapraid: relax permissions of snapraid-sync
2021-12-03 17:59:37 +00:00
Jörg Thalheim
99c916dd8e
Merge pull request #148201 from Artturin/nixservesecret
...
nix-serve: fix NIX_SECRET_KEY_FILE
2021-12-03 17:50:27 +00:00
GTrunSec
8e92c6c510
nixos/consul: update deprecated webUi
2021-12-03 09:46:24 -08:00
Artturi
7ca9a14f7d
Merge pull request #148382 from Artturin/lightdmtmpfile
2021-12-03 19:31:06 +02:00
Dmitry Kalinkin
721e732e36
Merge pull request #147809 from veprbl/pr/wafHook_release_notes
...
doc: add release notes for a wafHook change
2021-12-03 11:57:26 -05:00
Artturin
d87d5731d5
nixos/tests: fix nix-serve path
...
nixos/tests: rename nix-ssh-serve to nix-serve-ssh
nixos/tests/nix-serve-ssh: add --experimental-features
nixos-serve: add nix-serve-ssh to passthru.tests
2021-12-03 18:40:03 +02:00