alioth/nixpkgs
3
0
Fork 0
forked from mirrors/nixpkgs
Code Releases Activity
377915 commits 217 branches 116 tags 4 GiB
Commit graph

21153 commits

Author SHA1 Message Date
Jörg Thalheim eefafb54ef
nixos/upterm: additional hardening 
Before:
$ ps aux | grep upterm
root     2575046  0.0  0.0 1085080 6968 ?        Ssl  07:03   0:00 /nix/store/ci97r1lqx4128w75k7dcsw82j5bl0n3g-upterm-0.8.2/bin/uptermd --ssh-addr [::]:2323 --private-key ssh_host_ed25519_key

After
$ ps aux | grep upterm
uptermd  2832993  0.4  0.0 1158812 6856 ?        Ssl  07:08   0:00 /nix/store/ci97r1lqx4128w75k7dcsw82j5bl0n3g-upterm-0.8.2/bin/uptermd --ssh-addr [::]:2323 --private-key ssh_host_ed25519_key
 2022-05-15 09:57:52 +02:00
Aaron Andersen 82716bddb5
Merge pull request #170079 from bb2020/mbpfan 
nixos/mbpfan: minor changes
 2022-05-14 22:13:05 -04:00
adisbladis fb222e0086
Merge pull request #172820 from alyssais/compressed-firmware 
Compressed firmware
 2022-05-14 02:38:48 +08:00
Martin Weinelt 3607d087ec
Merge pull request #112682 from hax404/upterm 2022-05-13 18:24:54 +02:00
Georg Haas 18ffb9690c
nixos/uptermd: init 2022-05-13 17:44:44 +02:00
Alyssa Ross 8aa8e0ce7f
nixos/udev: compress all firmware if supported 
This should be a significant disk space saving for most NixOS
installations.  This method is a bit more complicated than doing it in
the postInstall for the firmware derivations, but this way it's
automatic, so each firmware package doesn't have to separately
implement its compression.

Currently, only xz compression is supported, but it's likely that
future versions of Linux will additionally support zstd, so I've
written the code in such a way that it would be very easy to implement
zstd compression for those kernels when they arrive, falling back to
xz for older (current) kernels.

I chose the highest possible level of compression (xz -9) because even
at this level, decompression time is negligible.  Here's how long it took
to decompress every firmware file my laptop uses:

	i915/kbl_dmc_ver1_04.bin                  	2ms
	regulatory.db                             	4ms
	regulatory.db.p7s                         	3ms
	iwlwifi-7265D-29.ucode                    	62ms
	9d71-GOOGLE-EVEMAX-0-tplg.bin             	22ms
	intel/dsp_fw_kbl.bin                      	65ms
	dsp_lib_dsm_core_spt_release.bin          	6ms
	intel/ibt-hw-37.8.10-fw-22.50.19.14.f.bseq	7ms

And since booting NixOS is a parallel process, it's unlikely (but
difficult to measure) that the time to user interaction was held up at
all by most of these.

Fixes (partially?) #148197
 2022-05-13 14:36:34 +00:00
Jelle Besseling 0f69a517a4 nixos/mastodon: use redis.servers 2022-05-13 15:39:44 +02:00
Maximilian Bosch 4d0e1bfb3a
Merge pull request #172381 from mayflower/atlassian-service-restart 
nixos/{jira,crowd,confluence}: restart service on failure
 2022-05-13 14:10:30 +02:00
Artturi a0ed85ef29
Merge pull request #165876 from tpwrules/slim-eltorito 
iso-image: slim down UEFI El Torito image
 2022-05-13 14:30:38 +03:00
Linus Heckemann a7ee915179
Merge pull request #172378 from Mindavi/hydra-updates-3 
Hydra updates 3
 2022-05-13 12:55:53 +02:00
Max Hausch 2802e8f05c
nixos/hedgedoc: Set StateDirectory to workDir and uploadsPath 
This is needed to make uploading files possible in the hedgedoc ui.
 2022-05-13 10:27:51 +02:00
Silvan Mosberger 486992aca7
Merge pull request #160752 from svrana/desktop-manager-script-start 
desktop manager script: start properly
 2022-05-12 20:49:13 +02:00
Silvan Mosberger fd50826952
Merge pull request #104457 from ju1m/public-inbox 
Update public-inbox to 1.8.0 and add systemd services
 2022-05-12 20:46:39 +02:00
Alyssa Ross 85d792a928
nixos: don't put non-firmware in hardware.firmware 
These two packages don't have a lib/firmware directory, so putting
them in hardware.firmware has no effect.  This will become a hard
error once firmware compression is implemented.

(In the case of Linux, the firmware was all moved to linux-firmware.)
 2022-05-12 15:17:51 +00:00
Daniel Poelzleithner 64878e3a67 automysqlbackp: fix missing permissions for mysqldump 
automysqldump passes the --events flag, but without the EVENTS permission a error occures:
> mysqldump: Couldn't execute 'show events': Access denied for user 'automysqlbackup'@'localhost' to database 'mysql' (1044)
 2022-05-12 13:17:14 +02:00
Julien Moutinho c646d375d3 nixos/public-inbox: support enabling confinement 
Add support for enabling confinement
but does not enable it by default yet
because so far no module within NixOS uses confinement
hence that would set a precedent.
 2022-05-12 01:56:46 +02:00
Julien Moutinho 0e290442ba nixos/public-inbox: add tests 2022-05-12 01:56:16 +02:00
Julien Moutinho 8514800c42 nixos/public-inbox: init 2022-05-12 01:56:15 +02:00
Artturi c7b10b6df9
Merge pull request #172131 from euank/ena-2.7.1 
ena: 2.5.0 -> 2.7.1 & nixos/amazon-image: default to 5.15 kernel
 2022-05-12 01:38:24 +03:00
Thiago Kenji Okada eb6c3e1591
Merge pull request #171101 from NickCao/dendrite-bump 
dendrite: 0.8.1 -> 0.8.4
 2022-05-11 14:27:50 +01:00
Nick Cao 82f0b53588
dendrite: 0.8.1 -> 0.8.4 2022-05-11 18:40:05 +08:00
Rick van Schijndel 3a7f7c1153 hydra-unstable -> hydra_unstable 2022-05-10 23:32:02 +02:00
Maximilian Bosch 6f9099fa62
nixos/{jira,crowd,confluence}: restart service on failure 
In case of unexpected failures of the services - such as an OOM - it
shouldn't be necessary for an administrator to restart the service by
hand (which is usually sufficient). Instead, this should happen
automatically.

Also, I decided to increase the interval between restart attempts from
100ms[1] to 10s for a small grace period as suggested by several online
resources[2][3].

[1] See `systemd.service(5)`
[2] https://it.megocollector.com/linux/create-systemd-services-for-atlassian-apps/
[3] https://anteru.net/blog/2017/jira-confluence-with-systemd-on-centos/
 2022-05-10 22:31:22 +02:00
Rick van Schijndel f433d91bb3 anbox: drop kernel modules package 
All builds are broken:
- 4.14
- 4.19
- 5.4

https://hydra.nixos.org/eval/1761072?filter=anbox&compare=1760998&full=#tabs-still-fail

Let's just drop it.

This leaves the anbox module possibly in a broken-ish state,
but I'm not sure what to do about it.
 2022-05-10 21:15:48 +02:00
Lara 9cb388739f nixos/snipe-it: init 
Snipe-IT is a free open source IT asset/license management system

https://snipeitapp.com/
 2022-05-10 16:57:21 +02:00
bb2020 8bdcffc4fe nixos/mbpfan: minor changes 2022-05-10 15:40:17 +03:00
Klemens Nanni 199933efdf nixos/mandoc: Leave shell argument quoting to nix 
Manually crafting a quoted string that otherwise lacks any safe-guards
looks odd.

Use `escapeShellArg` instead before prepending the path.
 2022-05-09 10:48:54 +02:00
Janne Heß e6fb1e63d1
Merge pull request #171650 from helsinki-systems/feat/config-systemd-package 
treewide: pkgs.systemd -> config.systemd.package
 2022-05-09 10:23:04 +02:00
Euan Kemp 35cfe2c29c nixos/amazon-image: default to 5.15 kernel 
Previously, it was held back due to the ENA driver not building on the
current default (5.15). The previous commit bumps the ENA driver, which
allows 5.15 to work.
 2022-05-08 21:13:50 -07:00
github-actions[bot] f39e774f11
Merge master into staging-next 2022-05-09 00:02:27 +00:00
Sandro 8803756fd3
Merge pull request #172072 from ivan/tinc-unbreak 
nixos/tinc: unbreak the service
 2022-05-09 01:27:12 +02:00
Sandro b196dea22d
Merge pull request #172080 from wentasah/usbrelay-1.0 
usbrelay: 0.9 -> 1.0
 2022-05-09 01:02:08 +02:00
Niklaus Giger 1d82f62aef
UHK-agent: Support for Ultimate Hacking Keyboard udev-rules and configuration application (#132420) 
* maintainers: add ngiger

* uhk-agent: init at 1.5.17

* Apply suggestions from code review

* Update pkgs/os-specific/linux/uhk-agent/default.nix

* Apply suggestions from code review

* Update pkgs/os-specific/linux/uhk-agent/default.nix

Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
 2022-05-08 22:40:52 +02:00
Michal Sojka 26ec7081d6 nixos/usbrelayd: set myself as module maintainer 
I forgot setting that when creating the module.
 2022-05-08 21:44:50 +02:00
Michal Sojka 3effbca0bc usbrelay: 0.9 -> 1.0 2022-05-08 21:16:32 +02:00
ajs124 e4a1b1aacd
Merge pull request #171588 from mweinelt/tools-userpkgs 
nixos/tools: move firefox into user packages
 2022-05-08 19:02:47 +01:00
github-actions[bot] e92815729d
Merge master into staging-next 2022-05-08 18:01:10 +00:00
Ivan Kozik 9db1d1782b nixos/tinc: unbreak the service 
The user is actually tinc.${network}, as Mic92 points out in
https://github.com/NixOS/nixpkgs/pull/171703#discussion_r867506032

Sorry, I broke this in https://github.com/NixOS/nixpkgs/pull/171703 earlier.

coreutils 9.1 chown does not complain in this case with a valid dotted user.
 2022-05-08 16:04:20 +00:00
Sandro befb337461
Merge pull request #169216 from Shawn8901/fix_prometheus_config_generation 
nixos/prometheus: use pkgs.formats.json.generate to write config file
 2022-05-08 15:09:09 +02:00
github-actions[bot] eaaed3f1d2
Merge master into staging-next 2022-05-08 12:01:07 +00:00
Artturi 3c8e6248cb
Merge pull request #172040 from K900/fix-installer-eval 
installation-cd-base: fix eval
 2022-05-08 13:50:10 +03:00
Robert Schütz 2ddfd7e81b nixos/borgmatic: use pkgs.formats.yaml 2022-05-08 01:08:28 -07:00
K900 e994576b0d installation-cd-base: fix eval 2022-05-08 11:08:10 +03:00
github-actions[bot] 84277e82a5
Merge master into staging-next 2022-05-07 18:01:03 +00:00
Rick van Schijndel 17c252aab1
Merge pull request #153940 from tomfitzhenry/phosh-service 
nixos/phosh: add Phosh, the Phone Shell
 2022-05-07 17:56:44 +02:00
Artturi 1d09b16b0c
Merge pull request #171709 from avdv/fix-illum-segfault-and-restart 
illum: Prevent segfault when unplugging keyboards
 2022-05-07 17:40:52 +03:00
github-actions[bot] fa99b3742a
Merge master into staging-next 2022-05-07 00:02:09 +00:00
Sandro 72565373a4
Merge pull request #170912 from Baughn/master 2022-05-07 01:14:08 +02:00
Maximilian Bosch f0bb39d4b7
Merge pull request #167327 from lheckemann/networkd-usedhcp 
nixos/networkd: reimplement useDHCP in a sensible way
 2022-05-07 00:05:44 +02:00
Sandro 398cf5bf2d
Merge pull request #164698 from illustris/proxmox-lxc 2022-05-06 23:35:13 +02:00