Klemens Nanni
8833983f26
nixos/users-groups: createHome: Ensure HOME permissions, fix description
...
configuration.nix(1) states
users.extraUsers.<name>.createHome
[...] If [...] the home directory already exists but is not
owned by the user, directory owner and group will be changed to
match the user.
i.e. ownership would change only if the user mismatched; the code
however ignores the owner, it is sufficient to enable `createHome`:
if ($u->{createHome}) {
make_path($u->{home}, { mode => 0700 }) if ! -e $u->{home};
chown $u->{uid}, $u->{gid}, $u->{home};
}
Furthermore, permissions are ignored on already existing directories and
therefore may allow others to read private data eventually.
Given that createHome already acts as switch to not only create but
effectively own the home directory, manage permissions in the same
manner to ensure the intended default and cover all primary attributes.
Avoid yet another configuration option to have administrators make a
clear and simple choice between securely managing home directories
and optionally defering management to own code (taking care of custom
location, ownership, mode, extended attributes, etc.).
While here, simplify and thereby fix misleading documentation.
2020-12-16 03:40:29 +01:00
Guillaume Girol
824d2c92bd
Merge pull request #82584 from Atemu/dnscrypt-default-config
...
dnscrypt-proxy2: base settings on example config
2020-12-15 19:47:43 +00:00
Linus Heckemann
cc786acdce
Merge pull request #105397 from kisik21/mailman-other-mta-support
...
nixos/mailman: make Postfix support optional (provided you configure the MTA yourself)
2020-12-14 09:46:05 +01:00
Vika
ad023b0c88
nixos/mailman: make Postfix support optional (provided you configure the MTA yourself)
...
Mailman can now work with MTAs other than Postfix. You'll have to configure
it yourself using the options in `services.mailman.settings.mta`.
This addition is reflected in the release notes for 21.03.
2020-12-14 02:41:30 +03:00
Atemu
5242cec1b8
rl-2103: document nixos/dnscrypt-proxy2's default config change
2020-12-12 09:15:56 +01:00
Jan Tojnar
4f20afbc19
Merge branch 'master' into staging-next
2020-12-10 04:39:30 +01:00
Damien Diederen
f77d01ffc5
zookeeper: 3.4.12 -> 3.6.2
...
A big jump, but the structure hasn't changed much.
This recipe is still based on a binary release provided by upstream.
(It might be interesting to start doing our own builds at some point,
to split client from server, and/or to create packages for removed
"contribs" such as 'zooInspector'. Upstream intends to further slim
down its release tarballs as most deployments only need specific assets.)
2020-12-09 15:46:38 +01:00
Gabriel Ebner
a474f0d1e6
Merge pull request #105275 from lukegb/nixpkgs-pa14
...
pulseaudio: 13.0 -> 14.0
2020-12-07 22:45:47 +01:00
zowoq
fad293d452
nixos/doc/rl-2103: fix build
2020-12-06 12:15:26 +10:00
Doron Behar
44d041786b
rl-2103: Mention gnuradio expressions changes.
...
Mention 3.8 and that it's now possible to override it and 3.7 to compile
only certain features.
2020-12-05 13:24:05 +02:00
Symphorien Gibol
9816bbbaa5
nixos/rspamd: add release notes
2020-12-01 14:45:56 +01:00
Silvan Mosberger
c03a809dc4
Merge pull request #105515 from alyssais/manual-declarative
...
nixos/manual: don't recommend nix-env -iA
2020-12-01 04:28:43 +01:00
Alyssa Ross
55a6b5565b
nixos/manual: don't recommend nix-env -iA
...
We're really setting users up on the wrong path if we tell them to
nix-env -iA immediately after installing. Instead, let's just
reassure them that installing software will be covered in due course
in the manual, to encourage them to keep reading.
2020-12-01 01:23:16 +00:00
Silvan Mosberger
c9cc8969b4
lib/modules: Rename _module.assertions to _module.checks
2020-11-30 23:51:41 +01:00
Silvan Mosberger
c4fb54e92a
nixos/docs: Update assertion docs for new module-builtin ones
2020-11-30 23:51:23 +01:00
Frederik Rietdijk
9a63b3d3d6
Merge pull request #104781 from NixOS/staging-next
...
Staging next
2020-11-30 18:27:29 +01:00
Raghav Sood
1fd8d571ed
cpp_ethereum: remove
2020-11-30 03:23:21 +00:00
Luke Granger-Brown
d29428523e
rl-21.03: add PulseAudio 13.0 -> 14.0 upgrade to release notes
2020-11-29 13:27:46 +00:00
Frederik Rietdijk
b2a3891e12
Merge master into staging-next
2020-11-27 15:09:19 +01:00
Jan Tojnar
6d99109b12
Merge branch 'staging-next' into staging
2020-11-24 05:44:44 +01:00
adisbladis
ba1fa0c604
pam_ssh_agent_auth: Honour services.openssh.authorizedKeysFiles
...
If a system administrator has explicitly configured key locations this
should be taken into account by `sudo`.
2020-11-24 02:47:07 +01:00
Florian Klink
bbf3c9483b
Merge pull request #104520 from Izorkin/wsdd
...
wsdd: init at 0.6.2
2020-11-23 23:18:23 +01:00
Frederik Rietdijk
587538d087
Merge staging-next into staging
2020-11-23 18:10:33 +01:00
Izorkin
03760ab82e
nixos/samba-wsdd: init service samba-wsdd
2020-11-23 13:26:00 +03:00
Florian Klink
c76891314d
Merge pull request #104094 from flokli/systemd-unified-cgroup-hierarchy
...
systemd: switch to unified cgroup hierarchy by default
2020-11-22 22:35:42 +01:00
Tristan Helmich
3049064aa5
nixos/release-notes: Warn on wpa_supplicant changes
2020-11-22 11:43:43 +00:00
Jack Kelly
6fd871dec4
rl-21.03: describe EC2 instance user/meta data reloading
2020-11-22 12:22:46 +10:00
Jörg Thalheim
258903e725
Merge pull request #94610 from kwohlfahrt/openldap
2020-11-21 23:09:40 +01:00
Aaron Andersen
30c2069a9c
Merge pull request #78168 from active-group/subversion-apache-config-docs
...
nixos/doc: Rudimentary documentation for Subversion-inside-Apache HTTP.
2020-11-21 15:17:45 -05:00
Kai Wohlfahrt
3f892c2174
nixos/openldap: Remove extraConfig options
...
Instead of deprecating, as per PR feedback
2020-11-21 16:13:03 +00:00
Kai Wohlfahrt
5fafbee87a
nixos/openldap: Add release-notes for OLC config
2020-11-21 15:45:15 +00:00
Guillaume Girol
01083f116d
Merge pull request #102235 from symphorien/paperwork2
...
Paperwork 2.0
2020-11-20 21:30:08 +00:00
Florian Klink
d22b3ed4bc
systemd: switch to unified cgroup hierarchy by default
...
See https://www.redhat.com/sysadmin/fedora-31-control-group-v2 for
details on why this is desirable, and how it impacts containers.
Users that need to keep using the old cgroup hierarchy can re-enable it
by setting `systemd.unifiedCgroupHierarchy` to `false`.
Well-known candidates not supporting that hierarchy, like docker and
hidepid=… will disable it automatically.
Fixes #73800
2020-11-19 16:56:46 +01:00
Michael Raitza
1f323ec2b4
openafs: remove 1.6; point to openafs_1_8
2020-11-17 21:31:59 +01:00
Symphorien Gibol
3c9707d4a3
nixos: add release notes for the paperwork update.
2020-11-15 15:46:53 +01:00
Mike Sperber
aaad9fd0da
nixos/doc: Rudimentary documentation for Subversion-inside-Apache HTTP.
...
Content thanks to: Aaron Andersen
2020-11-14 15:05:46 +01:00
Frederik Rietdijk
463f738cc6
Merge master into staging-next
2020-11-13 20:58:35 +01:00
Doron Behar
8769c817f4
Merge pull request #75615 from FSMaxB/patch-1
...
Add note about installing NixOS from distributions with /usr/sbin and…
2020-11-13 10:50:32 +02:00
Max Bruckner
be0555b8a8
nixos/doc: Add note about /usr/sbin and /sbin
...
An installation from Debian buster may fail without adding /usr/sbin to
$PATH because chroot is not in the PATH of a non-root user.
2020-11-13 10:30:20 +02:00
Maximilian Bosch
fca0aad258
Merge pull request #103500 from chkno/nixos-YY.MM-not-in-nixpkgs-channels
...
doc: 20.09 release notes: nixos-YY.MM branches no longer in nixos-channels repo
2020-11-12 23:27:27 +01:00
zowoq
31051812bc
nixos/doc/*: fix indentation
2020-11-12 14:24:00 +10:00
Kevin Cox
66c98ec550
Merge pull request #95751 from srhb/forceImportAll
...
nixos/zfs: Fix boot.zfs.forceImportAll
2020-11-11 20:32:42 -05:00
Scott Worley
f72a3142f0
doc: 20.09 release notes: nixos-YY.MM branches no longer in nixos-channels repo
...
Since 7c442a2f67
for https://github.com/NixOS/nixpkgs/issues/99257
2020-11-11 11:29:39 -08:00
Scott Worley
88b7340a79
doc: Fix doc-building instructions
2020-11-11 11:22:29 -08:00
Sarah Brofeldt
e0d51db401
nixos: boot.zfsImportAll = false; by default
...
Also add 21.03 release note
2020-11-11 18:46:05 +01:00
Frederik Rietdijk
4076ffe580
Merge staging-next into staging
2020-11-11 16:00:34 +01:00
Daniël de Kok
3497b757d3
Merge pull request #102472 from helsinki-systems/feat/vim-python3
...
vim: Get rid of Python 2 dependency
2020-11-11 11:52:02 +01:00
Frederik Rietdijk
0b2ca377b1
Merge staging-next into staging
2020-11-10 10:13:13 +01:00
Frederik Rietdijk
379aaa1e0c
Merge master into staging-next
2020-11-10 10:11:08 +01:00
Timo Kaufmann
b839d4a855
Merge pull request #98938 from raboof/nixos-manual-wayland
...
nixos.manual: introduce Wayland section
2020-11-09 16:59:12 +01:00
Doron Behar
9db44f61a7
rubyMinimal: remove
...
Due to being unused, and seemingly unusable, added appropriate release
notes.
2020-11-09 16:17:41 +02:00
Frederik Rietdijk
20f001c01e
Merge master into staging-next
2020-11-09 14:33:52 +01:00
Janne Heß
576a928794
vim: Get rid of Python 2 dependency
2020-11-09 13:02:04 +01:00
Daniël de Kok
d43f378b4a
Merge pull request #103101 from matthiasbeyer/update-mutt
...
mutt: 1.14.7 -> 2.0.0
2020-11-08 18:26:51 +01:00
Niklas Hambüchen
1c460c0a5c
Merge pull request #103147 from nh2/nginx-sandbox-protecthome-release-notes
...
manual: nginx: Mention ProtectHome in release notes. See #85567
2020-11-08 18:01:03 +01:00
Niklas Hambüchen
2e7b320931
manual: nginx: Remove reference to stateDir
from release notes. Fixes #102211 .
...
Fixed wording taken from:
https://github.com/NixOS/nixpkgs/issues/102211#issuecomment-719976230
2020-11-08 17:55:11 +01:00
Daniël de Kok
c65164ec75
nixos/release-notes: Mutt 2.x has some backward incompatible changes
2020-11-08 17:26:54 +01:00
Niklas Hambüchen
2f845dccbf
manual: nginx: Mention ProtectHome in release notes. See #85567 .
...
See https://github.com/NixOS/nixpkgs/pull/85567#pullrequestreview-525820684
2020-11-08 17:03:07 +01:00
Ninjatrappeur
5f5d38e88f
Merge pull request #101218 from andir/unbound-systemd
2020-11-08 16:55:29 +01:00
Niklas Hambüchen
169ab0b89f
redis service: Listen on localhost by default. Fixes #100192 .
...
All other database servers in NixOS also use this safe-by-default setting.
2020-11-08 01:15:33 +01:00
Frederik Rietdijk
99fb79ae84
Merge master into staging-next
2020-11-06 12:51:56 +01:00
Michele Guerini Rocco
25d15ebffb
Merge pull request #98661 from doronbehar/doc/nixos/systemd-nixos-specific
...
doc/nixos: Explain better NixOS specific Systemd stuff
2020-11-06 11:52:58 +01:00
Doron Behar
8716b71ea6
doc/nixos: Explain better NixOS specific Systemd stuff
...
Divide the "Service Management" chapter into two sections. The 1st (the
original) explaining General, not NixOS specific ways to interact with
Systemd. The 2nd section, explaining NixOS specific things worth
knowing.
Explain in the 2nd section a bit NixOS modules and services of Nixpkgs,
and mention `systemd.user.services` option. Give an example
demonstrating how to enable imperatively an upstream provided unit file
for a user. Explain why `systemctl --user enable` doesn't work for the
long term on NixOS.
2020-11-06 11:35:59 +02:00
Jan Tojnar
a821be7531
Merge branch 'master' into staging-next
2020-11-05 09:42:47 +01:00
freezeboy
dc0f5ed6d2
btc1: remove
2020-11-04 12:26:42 +01:00
Frederik Rietdijk
10c57af49c
Merge staging-next into staging
2020-11-04 09:28:07 +01:00
Andreas Rammhold
5c16c31e06
nixos/unbound: add release notes for the changes that were introduced
...
As part of this patch series a few changes have been made to the unbound
serivce the deserve proper documentation.
2020-11-03 19:21:25 +01:00
Kim Lindberger
cf2d180a12
Merge pull request #99906 from talyz/keycloak
...
nixos/keycloak: Init
2020-11-03 18:31:19 +01:00
Kevin Cox
8230e62f57
Merge pull request #100495 from DianaOlympos/riak-cs-delete
...
riak-cs: delete
2020-11-03 11:17:42 -05:00
Arnout Engelen
c9b669a283
nixos.manual: introduce Wayland section
...
Co-Authored-By: Nicolas Berbiche <nicolas@normie.dev>
2020-11-01 15:47:10 +01:00
Frederik Rietdijk
83dde6c52c
Merge staging-next into staging
2020-11-01 10:11:12 +01:00
zimbatm
7d834eff6c
nixos/manual: make reproducible ( #102234 )
2020-10-31 21:18:16 +01:00
WORLDofPEACE
eaaf9254aa
Merge pull request #100520 from hyperfekt/patch-3
...
nixos-install: add passthrough --keep-going flag
2020-10-31 15:19:51 -04:00
Niklas Hambüchen
441abe9949
release notes: Document deprecation warning for StartLimitInterval in [Service]
2020-10-31 18:11:03 +01:00
hyperfekt
1338647a8c
nixos-install: pass through keep-going flag
2020-10-31 17:13:45 +01:00
WORLDofPEACE
7b3b82f7af
Merge pull request #100136 from xaverdh/nixos-install-support-impure
...
nixos-install: pass through impure flag
2020-10-31 01:17:07 -04:00
talyz
d1d3c86c70
rl-2103: Note the addition of the Keycloak service
2020-10-29 12:08:06 +01:00
Maximilian Bosch
ca45bb574d
nixos/rl-2009: minor typo fix
2020-10-28 19:38:28 +01:00
Thomas Depierre
63caecee7d
riak-cs: delete
2020-10-28 19:31:33 +01:00
Andreas Rammhold
db0fe5c3eb
Merge branch master into staging to fix eval error
...
This fixes the eval error of the small (and "big"?) NixOS test set that
was fixed in 1088f05
& eba8f542
.
2020-10-28 03:03:27 +01:00
Andreas Rammhold
c127653b72
Merge pull request #101887 from jonringer/minor-release-notes-adjustment
...
nixos/docs/rl-2009.xml: grafana: description, example agreement
2020-10-28 02:38:55 +01:00
Jonathan Ringer
3963954fc8
nixos/docs/rl-2009.xml: grafana: description, example agreement
2020-10-27 17:50:39 -07:00
Markus S. Wamser
a0cc1243cc
doc: 20.09 release notes: remove duplicate service list entry
...
opt-services.foldingathome.enable was listed twice
2020-10-27 13:43:44 -07:00
davidak
4166a767de
doc: improve 20.09 release notes
2020-10-27 21:11:22 +01:00
WORLDofPEACE
5a08ab936b
rl-2009: release on a Tuesday
...
Because hydra took it's good old time
2020-10-27 03:03:43 -04:00
Jonathan Ringer
51ca426eb5
release-notes-2009: add contributions section
2020-10-26 18:36:12 -07:00
Jonathan Ringer
366bebd53a
README.md: update stable release links
2020-10-26 20:10:29 -04:00
Klemens Nanni
3216b85713
nixos/system-path: Add mkpasswd(1)
...
Generating password hashes, e.g. when adding new users to the system
configuration, should work out-of-the-box and offline.
2020-10-26 03:40:11 +01:00
Jonathan Ringer
37236c2a23
nixos/doc/rl-20.09: normalize highlights, reorder entries
2020-10-25 17:40:47 -07:00
Vladimír Čunát
2f6b00b15e
Merge branch 'staging-next' into staging
2020-10-25 09:47:04 +01:00
Aaron Andersen
6393835b8d
nixos/powerdns: update release notes
2020-10-24 16:41:32 -04:00
Jan Tojnar
346e1f020e
release-notes: Mention GNOME 3.38
2020-10-24 01:18:46 +02:00
Doron Behar
7fb1e3af77
nixos/doc: Mention how to contribute to it
...
Instead of putting a README in the directory where the manual is
written, put the information from it straight in the docs themselves.
It's a bit untrivial to guess the manual is located exactly there for
contributers.
2020-10-22 17:40:48 +03:00
symphorien
9e8eaea484
nixos/sslh: fix usage of the now removed ssl probe ( #101087 )
...
and document
2020-10-21 21:34:35 +02:00
Andreas Rammhold
f6cd17269e
Merge pull request #49403 from andir/qemu_test_reduce_closure
...
qemu_test: disable features that are not needed for tests (closure 641 -> 335.3M)
2020-10-21 00:41:01 +02:00
Andreas Rammhold
20893b3a70
nixos/tests: expose both the interactive and non-interactive driver
...
For a lot of the work the non-interactive drivers are enough and it is
probably a good idea to keep it accessible for debugging without
touching the Nix expression.
2020-10-19 17:39:48 +02:00
Aluísio Augusto Silva Gonçalves
cba9843aa0
nixos/doc: fix itemization in the 20.09 release notes
2020-10-19 07:11:48 -03:00
Aaron Andersen
dc790c104c
nixos/pdns-recursor: add release notes
2020-10-18 08:26:35 -04:00
Frederik Rietdijk
b3aed163d5
Merge pull request #99709 from NixOS/staging-next
...
Staging next
2020-10-14 21:10:31 +02:00
Michael Weiss
03ce325365
nixos/doc: Fix one command to build the NixOS manual
...
This one occurrence wasn't updated:
$ git grep "nix-build nixos/release.nix -A manual"
nixos/doc/manual/README: nix-build nixos/release.nix -A manual.x86_64-linux
nixos/doc/manual/development/meta-attributes.xml:<screen><prompt>$ </prompt>nix-build nixos/release.nix -A manual</screen>
nixos/doc/manual/development/writing-documentation.xml:<screen>nix-build nixos/release.nix -A manual.x86_64-linux</screen>
2020-10-14 18:10:53 +02:00