Dominique Martinet
9917af7fe0
logrotate: move wtmp/btmp rules to systemd
...
wtmp and btmp are created by systemd, so the rules are more appropriate there.
They can be disabled explicitly with something like
services.ogrotate.paths = {
"/var/log/btmp".enable = false;
"/var/log/wtmp".enable = false;
};
if required.
2022-02-11 20:52:40 +09:00
pacien
4a198fea2c
nixos/rmfakecloud: init module
...
Co-authored-by: Roosemberth Palacios
2022-02-11 11:36:23 +01:00
ajs124
0742020639
nixos/gogoclient: drop
2022-02-11 01:31:09 +01:00
linj
c9013da695
nixos/undervolt: respect services.undervolt.package
...
This patch also removes useless systemd.services.undervolt.path.
Fixes #156668
2022-02-11 03:57:02 +08:00
linj
0bac44db62
nixos/nix-daemon: readd mandatoryFeatures to final supportedFeatures
...
In #139075 , mandatoryFeatures was removed from the generated
supportedFeatures, which breaks backward compatibility and is
different from what the description of supportedFeatures says.
2022-02-11 02:55:17 +08:00
Jonathan Ringer
12fd8a77e1
Merge remote-tracking branch 'origin/master' into staging-next
...
Conflicts:
pkgs/top-level/aliases.nix
2022-02-10 09:21:09 -08:00
Luna Nova
93d8783ad6
nixos/input-remapper: init
2022-02-10 08:55:03 -08:00
Artturi
e35d057ea5
Merge pull request #151123 from Artturin/havegedupdate
2022-02-10 17:10:20 +02:00
Yureka
51285d4c11
nixos/gitlab: fix redis deprecation warning
2022-02-10 12:19:48 +01:00
Johannes Schleifenbaum
ff9aa77c1f
matrix-synapse-plugins.matrix-synapse-mjolnir-antispam: 1.2.1 -> 1.3.1
2022-02-10 10:50:41 +01:00
Bobby Rong
4118c7ad03
Merge pull request #158787 : Pantheon: enable packagekit and drop appcenter patch
2022-02-10 12:56:27 +08:00
Jonathan Ringer
39669ea2b6
Merge remote-tracking branch 'origin/master' into staging-next
...
Conflicts:
pkgs/top-level/aliases.nix
2022-02-09 19:58:40 -08:00
Sandro
6a4dea5ffc
Merge pull request #158178 from j0hax/retroarch-wm
2022-02-10 01:23:37 +01:00
Bobby Rong
ea611d2e17
nixos/pantheon: mention latest appcenter and packagekit changes in manual
2022-02-09 22:11:10 +08:00
Bobby Rong
bb357d8203
nixos/pantheon: install appcenter if flatpak is enabled
...
This is how nixos/gnome handle gnome-software.
2022-02-09 21:22:05 +08:00
Bobby Rong
e717c594ab
nixos/pantheon: enable packagekit by default
...
Needed for pantheon.appcenter.
2022-02-09 21:08:19 +08:00
Jörg Thalheim
30d7dbc2be
nixos/rsyncd: fix module eval
2022-02-09 08:21:00 +01:00
Jonathan Ringer
5df08e00cd
Merge remote-tracking branch 'origin/master' into staging-next
...
Conflicts:
pkgs/development/python-modules/opensimplex/default.nix
pkgs/development/python-modules/pygame-gui/default.nix
pkgs/top-level/aliases.nix
pkgs/top-level/python-aliases.nix
2022-02-08 21:19:24 -08:00
Matthew Bauer
7ca33e5fcf
Merge pull request #94055 from matthewbauer/flakes-packagekit
...
packagekit: update to flakes branch
2022-02-08 20:13:22 -06:00
Matthew Bauer
92a6ad8626
packagekit: use Nix backend
...
Fixes https://github.com/NixOS/nixpkgs/issues/21230
Use Nix backend for packagekit. Updates to version with my Nix backend
for PackageKit.
2022-02-08 19:24:04 -06:00
ajs124
3ecddf791d
nixos/shellinabox: drop
2022-02-08 18:59:47 -05:00
Johannes Arnold
d282f448ff
nixos/retroarch: add RetroArch as a desktop session
2022-02-08 20:52:02 +01:00
pennae
c4a6784457
Merge pull request #158611 from Xe/patch-4
...
nixos/cloud-init: fix trivial error that prevents deploy
2022-02-08 13:41:36 +00:00
Xe Iaso
1a417bc1dd
nixos/cloud-init: fix trivial error that prevents deploy
2022-02-08 08:15:27 -05:00
Luke Granger-Brown
1d36731a2a
Merge pull request #158578 from delroth/iptables-docs
...
nixos/firewall: make 'networking.firewall.package' example less confusing
2022-02-08 12:11:59 +00:00
Jörg Thalheim
82f2d81b22
Merge pull request #157839 from abbradar/stage-1-modprobe
...
Modprobe options in stage-1
2022-02-08 11:43:31 +00:00
Sandro Jäckel
ae66e2d5ec
treewide: use configured nginx package
2022-02-08 12:13:30 +01:00
Pierre Bourdon
833bcbc844
nixos/firewall: make 'networking.firewall.package' example less confusing
...
pkgs.iptables-nftables-compat == pkgs.iptables (default) since cf9ac2b5
.
2022-02-08 10:31:09 +01:00
David Lewis
26ca9776aa
nixos/autorandr: added new KillMode
...
Prevents Udev Rule from killing processes started by autorandr
2022-02-07 18:53:22 -08:00
github-actions[bot]
335510eb84
Merge master into staging-next
2022-02-08 00:01:49 +00:00
Luke Granger-Brown
a17a7f73cb
Merge pull request #158384 from afreakk/plex-remove-unused-option
...
plex: remove unused option `managePlugins`
2022-02-07 19:52:39 +00:00
github-actions[bot]
9cdb39f965
Merge master into staging-next
2022-02-07 18:01:27 +00:00
06kellyjac
0a6d22c6c3
nixos/agate: init
2022-02-07 16:03:44 +00:00
gin66
cb648f080d
wg-netmanager: init at 0.3.6 ( #155149 )
...
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
2022-02-07 16:46:51 +01:00
Aaron Andersen
e85182268d
Merge pull request #158167 from aanderse/nixos/cfssl
...
nixos/cfssl: use systemd StateDirectory to provision the data directory
2022-02-07 08:02:52 -05:00
github-actions[bot]
4e2cf99754
Merge master into staging-next
2022-02-07 12:01:12 +00:00
afreakk
ff85de6ce8
plex: remove unused option managePlugins
2022-02-07 10:57:40 +01:00
markuskowa
768dd74738
Merge pull request #140891 from markuskowa/os-moosefs
...
nixos: init moosefs module and test
2022-02-07 10:48:33 +01:00
Jonathan Ringer
46fd0afcb3
Merge remote-tracking branch 'origin/master' into staging-next
...
Conflicts:
pkgs/development/python-modules/pysdl2/default.nix
pkgs/top-level/aliases.nix
2022-02-06 18:36:59 -08:00
Sandro
7090608b3f
Merge pull request #136521 from pacien/nixos-upower-config-time-unit
2022-02-07 01:29:46 +01:00
Sandro
255417b8f4
Merge pull request #157146 from illustris/cloudinit
2022-02-07 01:27:21 +01:00
Kevin Cox
c2038731e4
Merge pull request #158348 from schnusch/ipfs
...
nixos/ipfs: use ipfs config replace
2022-02-06 18:11:36 -05:00
schnusch
97f809dc87
nixos/ipfs: use ipfs config replace
2022-02-06 21:42:56 +01:00
Jonathan Ringer
e680c83323
Merge remote-tracking branch 'origin/master' into staging-next
...
Conflicts:
pkgs/tools/graphics/scrot/default.nix
2022-02-06 10:36:30 -08:00
afreakk
f4cadcfcae
plex: extraPlugins example
2022-02-06 18:35:58 +01:00
Vladimír Čunát
f0f251d90a
Merge #157109 : github-runner: 2.286.0 -> 2.287.1
2022-02-06 17:19:59 +01:00
Vladimír Čunát
3dfddd89c6
Merge branch 'master' into staging-next
...
Trivial conflict in pkgs/top-level/aliases.nix
2022-02-06 10:29:49 +01:00
Aaron Andersen
2d055bb37a
nixos/cfssl: minor updates/cleanup
2022-02-05 18:53:35 -05:00
Aaron Andersen
67abfde611
nixos/cfssl: use systemd StateDirectory to provision the data directory
2022-02-05 18:53:28 -05:00
Emery Hemingway
e0fa89109b
nixos/yggdrasil: fix radvd example in manual
...
The Radvd "AdvDefaultLifetime" option should never be set to 0.
2022-02-05 23:20:08 +01:00
github-actions[bot]
c86cbc2a8a
Merge master into staging-next
2022-02-05 18:01:08 +00:00
rnhmjoj
6afcc5afc6
nixos/connman: fix evaluation
...
This was caused by 2a37dd8
that introduced strict checking of
the units names.
2022-02-05 13:51:52 +01:00
Yarny0
21d6960e99
nixos/hylafax: use new type nonEmptyStr
...
The module option type `nonEmptyStr` was introduced in commit
a3c5f0cba8
The hylafax module previously simply used
`addCheck str (s: s!="")` to prevent empty option strings,
but the new type is more thorough as
it also catches space-only strings.
2022-02-05 11:32:22 +01:00
github-actions[bot]
63e54d6343
Merge master into staging-next
2022-02-05 06:01:20 +00:00
Ellie Hermaszewska
58e445a1b5
Merge pull request #158078 from ashkitten/patch-2
...
nixos/syncplay: fix systemd service
2022-02-05 08:42:19 +08:00
github-actions[bot]
c69fbb8dc5
Merge master into staging-next
2022-02-05 00:01:49 +00:00
piegames
5f88ffb05f
Merge pull request #158151 : matrix-conduit: 0.2.0 -> 0.3.0
2022-02-04 21:07:36 +01:00
Julius de Bruijn
57db7bcdd6
nixos/matrix-conduit: add database_backend option
2022-02-04 21:04:46 +01:00
Jan Tojnar
bfd44c17cd
Merge branch 'master' into staging-next
...
; Conflicts:
; pkgs/top-level/aliases.nix
2022-02-04 19:54:59 +01:00
Nikolay Amiantov
2b3f77b716
nixos/udev: set firmware path in a separate modprobe.d file
...
This way we don't bloat ramdisk with the whole Linux firmware packages.
2022-02-04 17:47:32 +03:00
Michele Guerini Rocco
819ee16945
Merge pull request #158085 from rnhmjoj/pr-fix-wpa3-only
...
nixos/wireless: don't attempt fallback on WPA3 only networks
2022-02-04 14:15:20 +01:00
William Carroll
e8ff81edb7
nixos/self-deploy: make systemd dependency conditional
...
As recommended in the discussion at #157883
2022-02-04 10:59:24 +01:00
rnhmjoj
3b8fa47f58
nixos/wireless: don't attempt fallback on WPA3 only networks
2022-02-04 08:46:32 +01:00
Jonathan Ringer
c6c7162876
Merge remote-tracking branch 'origin/staging-next' into staging
2022-02-03 21:34:17 -08:00
Jonathan Ringer
9a16965c75
Merge remote-tracking branch 'origin/staging-next' into staging
...
Conflicts:
pkgs/development/python-modules/awesomeversion/default.nix
pkgs/development/python-modules/md2gemini/default.nix
pkgs/development/python-modules/mill-local/default.nix
pkgs/development/python-modules/pyatv/default.nix
pkgs/development/python-modules/pyezviz/default.nix
pkgs/development/python-modules/pyinsteon/default.nix
pkgs/development/python-modules/pylitterbot/default.nix
pkgs/development/python-modules/pynuki/default.nix
pkgs/development/python-modules/pypck/default.nix
pkgs/development/python-modules/types-requests/default.nix
pkgs/top-level/aliases.nix
2022-02-03 21:29:24 -08:00
ash lea
959317df95
nixos/syncplay: fix systemd service
2022-02-03 22:59:34 -05:00
Kim Lindberger
415b9c3b5a
Merge pull request #157519 from talyz/gitlab-error-handling
...
nixos/gitlab: Implement better script error handling
2022-02-03 22:19:03 +01:00
Bobby Rong
95dab32edc
Merge pull request #157716 from bobby285271/pantheon
...
Pantheon updates 2022-02-01
2022-02-03 20:37:27 +08:00
Martin Weinelt
4a6f352305
Merge pull request #157900 from mweinelt/home-assistant
2022-02-03 13:16:36 +01:00
Markus Kowalewski
d86fef1a57
nixos/doc: add moosefs module to release notes
2022-02-03 12:33:44 +01:00
Markus Kowalewski
b302bda010
nixos: init moosefs module
2022-02-03 12:31:31 +01:00
William Carroll
b830507425
nixos/self-deploy: consume self-deploy's startAt attribute
...
As #157879 points-out, this attribute appears unused.
Fixes #157879
2022-02-03 12:19:47 +01:00
Jan Tojnar
7240c085d0
Merge pull request #148095 from rvl/update-ddccontrol
...
ddccontrol: 0.5.2 -> 0.6.0
2022-02-03 11:07:56 +01:00
Martin Weinelt
6267a995ec
nixos/home-assistant: drop --runner flag
...
Home Assistant now always emits exit code 100 when a restart is
requested, making this option redundant.
2022-02-03 02:17:17 +01:00
ajs124
c7c159af4d
Merge pull request #153451 from Mic92/spidermonkey
...
spidermonkey_68: drop
2022-02-02 21:20:23 +01:00
Jan Tojnar
16658b7fe9
Merge pull request #151105 from ncfavier/gio-extra-modules
...
nixos: make GIO_EXTRA_MODULES a session variable, take two
2022-02-02 19:35:58 +01:00
Jörg Thalheim
b41beef827
mediatomb: remove package
2022-02-02 18:57:09 +01:00
Kim Lindberger
b43e0ae859
Merge pull request #157719 from talyz/bookstack-secret-paths
...
nixos/bookstack: Make secret replacement strings more unique
2022-02-02 16:27:22 +01:00
talyz
be97b3b44d
nixos/bookstack: Make secret replacement strings more unique
...
If a secret path is a subset of a second secret path, there's a risk
that its secret is substituted for the matching part of the second
path. To prevent this, use the sha256 of the paths as placeholder
string instead.
2022-02-02 12:27:18 +01:00
github-actions[bot]
900bded560
Merge staging-next into staging
2022-02-02 06:01:57 +00:00
github-actions[bot]
930984c1de
Merge master into staging-next
2022-02-02 06:01:23 +00:00
Bobby Rong
4fcca9b41f
nixos/pantheon/files: remove
...
This shouldn't appear in search.nixos.org.
2022-02-02 13:48:22 +08:00
Bobby Rong
ede5fff929
nixos/pantheon: stop setting GTK_CSD=1
...
See https://github.com/elementary/gala/issues/244
2022-02-02 13:47:43 +08:00
Aaron Andersen
7da6bb8266
Merge pull request #157598 from markuskowa/fix-slurmd
...
nixos/slurm: fix startup of slurmd
2022-02-01 22:49:46 -05:00
Rodney Lorrimar
d9b8919e34
nixos/ddccontrol: Ensure that i2c_dev module is loaded
2022-02-02 11:52:57 +10:00
github-actions[bot]
f636a27dac
Merge staging-next into staging
2022-02-01 12:01:45 +00:00
github-actions[bot]
809093c51c
Merge master into staging-next
2022-02-01 12:01:09 +00:00
Timo Kaufmann
c395fe1e8f
Merge pull request #156706 from Luflosi/i2pd-remove-script
...
nixos/i2pd: get rid of unnecessary shell script
2022-02-01 11:52:02 +01:00
K900
e21fc555d6
nixos/vaultwarden: fix alias after #152372
2022-02-01 07:08:44 +00:00
K900
e68a2fffa1
nixos/murmur: remove extra space, fix build after #152372
2022-02-01 07:07:51 +00:00
github-actions[bot]
aee8ca6639
Merge staging-next into staging
2022-02-01 00:02:21 +00:00
github-actions[bot]
c073294043
Merge master into staging-next
2022-02-01 00:01:43 +00:00
pennae
7325eb455b
Merge pull request #157046 from kradalby/add-headscale-module
...
Add headscale module
2022-01-31 23:53:18 +00:00
Luflosi
fd6d59f2ed
nixos/i2pd: get rid of unnecessary shell script
...
I think calling i2pd directly in `ExecStart` is much nicer than having an extra shell script for no reason. It's also easier to see what's going on when looking at the generated systemd unit file.
2022-01-31 23:21:40 +01:00
Markus Kowalewski
270da0a115
nixos/slurm: fix startup of slurmd
...
* make slurmd depend on network target to ensure basic networking
is available on startup. This fixes behaviour
where slurmd fails with "error: get_addr_info: getaddrinfo() failed".
* Use tmpfiles.d to ensure spool directory exists on start up.
2022-01-31 23:08:55 +01:00
Kristoffer Dalby
00db4205fb
nixos/headscale: Add headscale service module
2022-01-31 22:02:56 +00:00
Guillaume Girol
1df9e95ed7
nixos/miniflux: no cleartext password in the store
2022-01-31 21:31:28 +01:00
Guillaume Girol
d5ddafd0fa
Merge pull request #153219 from symphorien/doc-miniflux
...
nixos/miniflux: improve docs
2022-01-31 20:05:30 +00:00
github-actions[bot]
ed5ed282df
Merge staging-next into staging
2022-01-31 18:06:44 +00:00
github-actions[bot]
0c98545395
Merge master into staging-next
2022-01-31 18:01:24 +00:00
Janne Heß
be41b14875
Merge pull request #148695 from Mic92/nginx
...
nixos/nginx: fix mincore filtering
2022-01-31 14:33:45 +01:00
talyz
b65b9bf73c
nixos/gitlab: Implement better script error handling
...
Fail scripts on pipeline errors and propagate subshell errors.
If an error occurs in a subshell, including while trying to read a
secret file, we want that error to propagate to the main shell
context. That means we have to set the `inherit_errexit` option, which
allows errors from subshells to propagate to the outer shell. Also,
the subshell cannot run as part of another command, such as `export`,
since that will simply ignore the subshell exit status and only
respect `export`s exit status; first assigning the value to a variable
and then exporting it solves issue.
2022-01-31 13:09:20 +01:00
github-actions[bot]
87efa4e516
Merge staging-next into staging
2022-01-31 12:01:50 +00:00
github-actions[bot]
991e2a4022
Merge master into staging-next
2022-01-31 12:01:14 +00:00
Jan Tojnar
54b828006e
Merge branch 'staging-next' into staging
2022-01-31 12:57:47 +01:00
Jan Tojnar
95ba61a82a
Merge pull request #157350 from NixOS/gnome
...
GNOME: 41.2 → 41.3
2022-01-31 11:22:41 +01:00
Michele Guerini Rocco
09e2956012
Merge pull request #155895 from rnhmjoj/pr-dhcpd-hard
...
nixos/dhcpd: switch to DynamicUser [v2]
2022-01-31 10:06:57 +01:00
Jörg Thalheim
fd382c011a
Merge branch 'master' into nginx
2022-01-31 05:44:42 +01:00
Jörg Thalheim
26ea046ed7
Update nixos/modules/services/web-servers/nginx/default.nix
2022-01-31 05:43:53 +01:00
illustris
43cfb7204b
nixos/cloud-init: add support for network configuration
2022-01-31 09:50:23 +05:30
Greizgh
4094fcb66f
seahub: init at 8.0.8
2022-01-30 20:45:56 +00:00
Michele Guerini Rocco
5af7724cbb
Merge pull request #154130 from rnhmjoj/fix-wpa
...
nixos/wireless: enable PMF by default
2022-01-30 19:35:25 +01:00
github-actions[bot]
5adebefe23
Merge staging-next into staging
2022-01-30 18:01:45 +00:00
ajs124
453a3baba2
Merge pull request #157347 from mweinelt/smartctl-exporter-capab-fix
...
nixos/smartctl-exporter: fix typo in rawio capab
2022-01-30 16:13:44 +01:00
Jess Schallenberg
0a16b05ea9
nixos/nftables: Allow use with iptables ( #121517 )
...
* nixos/nftables: Allow use with iptables
Since iptables and nftables do not actually conflict with each other, there's no real reason to artificially prevent people from combining them.
In fact, this practice is known to cause issues like #88643 , which is fixed by this commit.
2022-01-30 13:59:56 +01:00
github-actions[bot]
ce60c22080
Merge staging-next into staging
2022-01-30 06:01:52 +00:00
Jan Tojnar
1a11eb1eb3
gnome.gdm: 41.0 → 41.3
...
Remove nvidiaWayland NixOS option since it was severely out of date.
https://ftp.gnome.org/pub/GNOME/sources/gdm/41/gdm-41.3.news
2022-01-30 04:47:01 +01:00
Martin Weinelt
9d8a23f66e
nixos/smartctl-exporter: fix typo in rawio capab
2022-01-30 04:32:15 +01:00
Sandro
ff0dd3afe0
Merge pull request #153596 from illustris/elasticsearch
2022-01-30 01:23:58 +01:00
Janne Heß
5a17134ebd
Merge pull request #157320 from andersk/gnome-switch-fixed
...
nixos/gnome: Remove warning for fixed nixos-rebuild switch bug
2022-01-30 01:08:46 +01:00
github-actions[bot]
0b0b544416
Merge staging-next into staging
2022-01-30 00:02:26 +00:00
Janne Heß
016e9e5a7f
Merge pull request #157310 from sternenseemann/nix-conf-validation-2.3
...
nixos/nix-daemon: fix config validation with 2.3
2022-01-29 23:33:18 +01:00
Anders Kaseorg
0ac96d7c53
nixos/gnome: Remove warning for fixed nixos-rebuild switch bug
...
https://github.com/NixOS/nixpkgs/issues/44344 was fixed years ago.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2022-01-29 14:16:20 -08:00
Niklas Hambüchen
13f5c4c45b
Merge pull request #156731 from Ma27/bump-plausible
...
plausible: 1.4.0 -> 1.4.3
2022-01-29 22:32:15 +01:00
sternenseemann
e3d8cc81b3
nixos/nix-daemon: fix config validation with 2.3
...
--option experimental-features is no understood by Nix 2.3.
2022-01-29 21:41:49 +01:00
Ingo Blechschmidt
92eb5bc48e
ethercalc: init at latest master (b19627)
2022-01-29 20:56:06 +01:00
github-actions[bot]
36d79e245e
Merge staging-next into staging
2022-01-29 18:01:43 +00:00
pennae
0be46d0515
Merge pull request #151795 from pennae/dhcpcd
...
dhcpcd: fix !enablePrivSep build, nixos/dhcpcd: assert if dhcpcd would crash
2022-01-29 17:06:02 +00:00
bb2020
b25719bf88
nixos/mbpfan: update documentation
2022-01-29 12:51:54 +03:00
github-actions[bot]
3656f37a2e
Merge staging-next into staging
2022-01-29 06:01:48 +00:00
Bernardo Meurer
d3a2238308
Merge pull request #157185 from mohe2015/patch-1
...
nixos/nix-daemon: Fix misspelled old option name
2022-01-28 16:19:39 -08:00
github-actions[bot]
189be4ddc1
Merge staging-next into staging
2022-01-29 00:02:04 +00:00
Maximilian Bosch
7b2f9d4732
Merge pull request #156315 from lheckemann/promtail-package
...
Promtail package
2022-01-28 23:41:48 +01:00
Moritz Hedtke
a26134ffd4
nixos/nix-daemon: Fix misspelled old option name
2022-01-28 20:32:19 +01:00
github-actions[bot]
1dc27d7e71
Merge staging-next into staging
2022-01-28 18:01:47 +00:00
Jan Tojnar
17969a9b55
Merge pull request #156978 from rhendric/submit/gnome-2048
...
gnome-2048: init at 3.38.2
2022-01-28 16:33:44 +01:00
Jan Tojnar
2da5ce4ab3
Merge branch 'staging-next' into staging
...
; Conflicts:
; pkgs/development/python-modules/fakeredis/default.nix
2022-01-28 14:05:11 +01:00
Vincent Haupert
7c2319905d
nixos/github-runner: use --disableupdate
flag
...
Use the new `--disableupdate` configure flag instead of our patch.
2022-01-28 09:46:12 +01:00
Martin Weinelt
268157dc83
nixos/nix-daemon: fix buildMachines eval
2022-01-28 02:00:25 +01:00
Linus Heckemann
81cd4faec2
Merge pull request #156845 from mayflower/nextcloud-group
...
nextcloud: make home group-readable
2022-01-27 22:09:17 +01:00
Ryan Hendrickson
617d557d3b
gnome-2048: init at 3.38.2
2022-01-27 15:40:02 -05:00
Jörg Thalheim
956dab36a3
nextcloud: use tmpfiles to create group-readable home
...
users.users.*.createHome makes home only owner-readable.
This breaks nginx reading static assets from nextcloud's home,
after a nixos-rebuild that did not restart nextcloud-setup.
Closes #112639
2022-01-27 19:13:50 +01:00
ajs124
47a2176ec8
Merge pull request #156998 from mweinelt/smartctl-exporter-fixups
...
prometheus.exporters.smartctl: fixes
2022-01-27 18:49:49 +01:00
Martin Weinelt
12c26aca1f
prometheus.exporters.smartctl: Fix autodiscovery
...
When no devices are given the exporter tries to autodiscover available
disks. The previous DevicePolicy was however preventing the exporter
from accessing any device at all, since only explicitly mentioned ones
were allowed.
This commit adds an allow rule for several device classes that I could
find on my machines, that gets set when no devices are explicitly
configured.
There is an existing problem with nvme devices, that expose a character
device at `/dev/nvme0`, and a (namespaced) block device at
`/dev/nvme0n1`. The character device does not come with permissions that
we could give to the exporter without further impacting the hardening.
crw------- 1 root root 247, 0 27. Jan 03:10 /dev/nvme0
brw-rw---- 1 root disk 259, 0 27. Jan 03:10 /dev/nvme0n1
The autodiscovery only finds the character device, which the exporter
unfortunately does not have access to.
However a simple udev rule can be used to resolve this:
services.udev.extraRules = ''
SUBSYSTEM=="nvme", KERNEL=="nvme[0-9]*", GROUP="disk"
'';
Unfortunately I'm not fully aware of the security implications this
change carries and we should question upstream (systemd) why they did
not include such a rule.
The disk group has no members on any of my machines.
❯ getent group disk
disk❌ 6:
2022-01-27 17:33:27 +01:00
Daniel Olsen
5288bcab0a
nixos/mx-puppet-discord: Change systemd unit description to avoid newline
2022-01-27 16:49:40 +01:00
Martin Weinelt
f860b289d4
prometheus.exporters.smartctl: Allow RAWIO
...
This allows the exporter to perform SCSI commands and interact with hpsa
and cciss devices.
2022-01-27 13:49:25 +01:00
Janne Heß
1f3b1a9067
Merge pull request #139075 from polykernel/nix-structural-settings-patch-1
...
nixos/nix-daemon: use structural settings
2022-01-27 13:38:41 +01:00
Dmitry Kalinkin
0693fd77f7
Merge branch 'staging-next' into staging
...
Conflicts:
nixos/doc/manual/from_md/release-notes/rl-2205.section.xml
nixos/doc/manual/release-notes/rl-2205.section.md
pkgs/development/python-modules/aioesphomeapi/default.nix
pkgs/development/python-modules/mat2/default.nix
pkgs/development/python-modules/pydevccu/default.nix
pkgs/development/python-modules/pywlroots/default.nix
pkgs/development/python-modules/rokuecp/default.nix
2022-01-27 00:54:10 -05:00
olegkapitonov
ae5361fa1b
fix MTP support on KDE Plasma and Dolphin ( #155405 )
...
* fix MTP support on KDE Plasma and Dolphin
* Update pkgs/applications/kde/kio-extras.nix
Co-authored-by: ElXreno <elxreno@gmail.com>
Co-authored-by: Peter Hoeg <peter@hoeg.com>
Co-authored-by: ElXreno <elxreno@gmail.com>
2022-01-27 11:29:32 +08:00
polykernel
4a9d9928dc
nixos/nix-daemon: use structural settings
...
The `nix.*` options, apart from options for setting up the
daemon itself, currently provide a lot of setting mappings
for the Nix daemon configuration. The scope of the mapping yields
convience, but the line where an option is considered essential
is blurry. For instance, the `extra-sandbox-paths` mapping is
provided without its primary consumer, and the corresponding
`sandbox-paths` option is also not mapped.
The current system increases the maintenance burden as maintainers have to
closely follow upstream changes. In this case, there are two state versions
of Nix which have to be maintained collectively, with different options
avaliable.
This commit aims to following the standard outlined in RFC 42[1] to
implement a structural setting pattern. The Nix configuration is encoded
at its core as key-value pairs which maps nicely to attribute sets, making
it feasible to express in the Nix language itself. Some existing options are
kept such as `buildMachines` and `registry` which present a simplified interface
to managing the respective settings. The interface is exposed as `nix.settings`.
Legacy configurations are mapped to their corresponding options under `nix.settings`
for backwards compatibility.
Various options settings in other nixos modules and relevant tests have been
updated to use structural setting for consistency.
The generation and validation of the configration file has been modified to
use `writeTextFile` instead of `runCommand` for clarity. Note that validation
is now mandatory as strict checking of options has been pushed down to the
derivation level due to freeformType consuming unmatched options. Furthermore,
validation can not occur when cross-compiling due to current limitations.
A new option `publicHostKey` was added to the `buildMachines`
submodule corresponding to the base64 encoded public host key settings
exposed in the builder syntax. The build machine generation was subsequently
rewritten to use `concatStringsSep` for better performance by grouping
concatenations.
[1] - https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md
2022-01-26 21:04:50 -05:00