1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-28 08:31:59 +00:00
Commit graph

9750 commits

Author SHA1 Message Date
WilliButz a4960d450e
Merge pull request #107980 from lukegb/grafana-plugins
Add Nix packages for Grafana plugins and allow declarative installation
2021-01-01 16:00:17 +01:00
0x4A6F 06414886f1
nixos/prometheus: fix remote_{read,write} options
Fix and reorder options and use mkOpt for optional parameters,
according to official documentation.
2021-01-01 14:43:51 +00:00
Thomas Tuegel e65962eafd
nixos/plasma5: synchronize Qt version with all-packages.nix 2021-01-01 08:26:33 -06:00
Luke Granger-Brown 699e402705 prometheus-bird-exporter: init at 1.3.5-git 2021-01-01 04:43:59 +00:00
Silvan Mosberger ff97a25fc6
Merge pull request #104419 from otavio/topic/shellhub
shellhub-agent: Add service and package expressions
2020-12-31 00:07:42 +01:00
Otavio Salvador 06edbabe06 nixos/shellhub-agent: initial service expression
This provides the service to configure the ShellHub Agent.

Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
2020-12-30 19:24:13 -03:00
Luke Granger-Brown d0a9e1ec83 nixos/grafana: add support for declarative plugin installation 2020-12-30 17:59:52 +00:00
Anderson Torres dff06f0c25
Merge pull request #102973 from pacien/matrix-appservice-discord-v1.0.0
matrix-appservice-discord: 0.5.2 -> 1.0.0
2020-12-30 01:09:24 -03:00
Ben Sima dbf9750782 hoogle: set the host to bind on
Message-Id: <20201230032048.32626-1-ben@bsima.me>
2020-12-30 04:36:00 +01:00
Matt Layher 071c02a4b2
nixos/corerad: use pkgs.formats.toml to generate TOML configuration
Signed-off-by: Matt Layher <mdlayher@gmail.com>
2020-12-29 17:47:01 -05:00
Luke Granger-Brown 3297ac72f1 nixos/prometheus: add smokeping and corresponding NixOS test 2020-12-29 18:59:51 +00:00
WilliButz 6739d17f34
Merge pull request #99180 from 0x4A6F/master-prometheus-service
nixos/prometheus: remote_{read,write} support
2020-12-29 16:08:29 +01:00
0x4A6F c53a0c16e4
nixos/prometheus: remote_{read,write}
- add [remote_write](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#remote_write) and [remote_read](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#remote_read) support

Co-authored-by: Yorick van Pelt <yorickvanpelt@gmail.com>
2020-12-29 14:48:57 +00:00
Florian Klink 316862f72b
Merge pull request #102106 from tadfisher/throttled-msr-warning
nixos/throttled: disable kernel msr warning
2020-12-29 01:28:09 +01:00
Peter Hoeg 7d07645cba nixos/sddm: use attrs instead of plain text
Instead of treating the sddm config a wall of text that doesn't allow us
to override anything, turn it into an attribute set.

We dump `extraConfig` and instead introduce `settings` that is merged
with the module defaults to provide the final configuration.

There is some additional noise in here due to nixpkgs-fmt.
2020-12-29 05:06:38 +08:00
Ivan b90c5cb703
XMonad: configured recompile (#107696)
* nixos/xmonad: xmonad config w/ghc+xmessage

When the "config" option isn't set, we use xmonad-with-packages to
provide xmonad with runtime access to an isolated ghc, ensuring it can
recompile and exec a user's local config (e.g. $HOME/.xmonad/xmonad.hs)
regardless of which ghc (if any) is on PATH.

When the "config" option is set, however, we compile a configured xmonad
executable upfront (during nixos-rebuild), and prior to this commit, it
was not provided with runtime access to an isolated ghc.

As a result, with the "config" option set, it was not possible
to recompile and exec a user's local config unless there was a
compatible version of ghc on PATH with the necessary packages (xmonad,
xmonad-contrib, etc.) in its package database. Adding such a ghc to
environment.systemPackages, e.g.

  (haskellPackages.ghcWithPackages (ps: with ps; [xmonad xmonad-contrib]))

is problematic because it adds both ghc and an unconfigured xmonad to
PATH, e.g.

  $ ls -l $(which xmonad ghc)
  lrwxrwxrwx ... /run/current-system/sw/bin/ghc -> /nix/store/...-ghc-8.10.2-with-packages/bin/ghc
  lrwxrwxrwx ... /run/current-system/sw/bin/xmonad -> /nix/store/...-ghc-8.10.2-with-packages/bin/xmonad

Having the unconfigured xmonad on PATH is particularly bad because
restarting xmonad will dump the user into the unconfigured version, and
if no local config exists (e.g. in $HOME/.xmonad/xmonad.hs), they'll be
left in this unconfigured state.

In this commmit, we give the configured xmonad runtime access to ghc
like xmonad-with-packages does for the unconfigured version. The aim
is to allow the user to switch between the nixos module's config and a
local config (e.g. $HOME/.xmonad/xmonad.hs) at will, so they can try out
config changes without performing a nixos-rebuild.

Since the xmonad on PATH is the configured executable, there's no
danger a user could unwittingly restart into the unconfigured version,
and because xmonad will refuse to recompile when no local config
exists, there's no danger a user could unwittingly recompile into an
unconfigured version.

Given that a local config exists, the recompile/restart behavior depends
on two factors:
- which entry point is used
  * 'XMonad.xmonad' (default)
  * 'XMonad.launch' (recommended in "config" option description)
- what operation is triggered (i.e. via mod+q)
  * `spawn "xmonad --recompile && xmonad --restart"` (default)
  * `restart "xmonad" True`
  * custom function

If the default 'XMonad.xmonad' entrypoint and default mod+q operation
are used, hitting mod+q will compile and exec the local config, which
will remain in use until next time the display manager is restarted.

If the entrypoint is changed to 'XMonad.launch' but mod+q left with its
default operation, hitting mod+q will have no visible effect. The logs
(as seen by running `journalctl --identifier xmonad --follow`) will show
an error,
  X Error of failed request:  BadAccess (attempt to access private resource denied)
which indicates that the shell was unable to start xmonad because
another window manager is already running (namely, the nixos-configured
xmonad).
https://wiki.haskell.org/Xmonad/Frequently_asked_questions#X_Error_of_failed_request:_BadAccess_.28attempt_to_access_private_resource_denied.29

Changing the mod+q operation to `restart "xmonad" True` (as recommended
in the "config" option's description) will allow a restart of the
nixos-configured xmonad to be triggeredy by hitting mod+q.

Finally, if the entrypoint is 'XMonad.launch', mod+q has been
bound to `restart "xmonad" True` and another key bound to a custom
recompile/restart function (e.g. `compileRestart` as shown in the
"config" option example), the user can switch between the nixos module's
config and their local config, with the custom key switching to the
local config and mod+q switching back.

* nixos/xmonad: refactor let binding

* nixos/xmonad: refactor (eliminate duplicate code)

* nixos/xmonad: install man pages

Prior to this commit, man pages were not installed if the "config"
option was set.

* nixos/xmonad: comment grammar fixups

* nixos/xmonad: writeStateToFile in example config

Calling writeStateToFile prior to recompiling and restarting allows
state (workspaces, etc.) to be preserved across the restart.

* nixos/xmonad: add ivanbrennan to maintainers

* nixos/xmonad: adjust compileRestart example

* nixos/xmonad: add missing import to example config
2020-12-28 17:27:36 +01:00
Aaron Andersen a08ed097c9
Merge pull request #107064 from aanderse/nixos/zabbixWeb
nixos/zabbixWeb: include DOUBLE_IEEE754 directive
2020-12-28 00:22:35 -05:00
Pavol Rusnak b0121fcb03 trezord: TREZOR -> Trezor 2020-12-27 19:48:09 +01:00
pacien ea842627ce nixos/matrix-appservice-discord: update module for v1.0.0 2020-12-27 12:59:11 +01:00
Jeff Slight 4bc2573a15
nixos/gitlab: move custom_hooks_dir into gitaly config (#107174) 2020-12-26 22:44:36 +01:00
sohalt dcbfdf1a71 nixos/mpd: remove credentialsFile in favor of credentials option 2020-12-26 17:53:01 +01:00
Daniel Nagy f2ca4c8f1d
nixos/httpd: set lua paths
We conditionally set the lua paths for the Apache mod_lua module. This
allows executing Lua script handlers to require modules, that have been
packaged with the supplied Lua derivation of Apache.

For more information, see:

  https://httpd.apache.org/docs/2.4/mod/mod_lua.html#luapackagecpath
  https://httpd.apache.org/docs/2.4/mod/mod_lua.html#luapackagepath
2020-12-25 22:54:05 +01:00
Vladimír Čunát 2b131c97bb
nixos/kresd: set .stopIfChanged = false
Since version 5.2.0 there's non-empty stop phase:
    ExecStopPost=/usr/bin/env rm -f "/run/knot-resolver/control/%i"
but it's perfectly OK to run that from a different version
(and typically it's no-op anyway).  Real-life example where this helps:
https://github.com/NixOS/nixpkgs/issues/49528#issuecomment-747723198
2020-12-25 09:54:04 +01:00
Robbert Gurdeep Singh caa725a6fd nixos/nextcloud: fix missing quotes arround $* in occ wrapper and replace with $@
This will allow this to work:
    nextcloud-occ config:app:set theming slogan --value="A place for testing"
2020-12-24 21:02:05 +01:00
sohalt f7384470de nixos/mpd: support passwords in separate files
This allows to use files containing only the mpd password without the
permissions, making it easier for other programs connecting to mpd to read the
password from the same password file.
2020-12-24 01:17:52 +01:00
Florian Klink e7659b6288
Merge pull request #107086 from NixOS/staging-next
Staging next with systemd privacy fix
2020-12-23 15:32:32 +01:00
Maximilian Bosch ae48d62bb8
Merge pull request #107410 from Ma27/bump-grocy
grocy: 2.7.1 -> 3.0.0
2020-12-23 15:06:30 +01:00
github-actions[bot] 28fd8e0d59
Merge master into staging-next 2020-12-23 00:48:29 +00:00
José Romildo Malaquias a1c004725b
Merge pull request #107027 from romildo/upd.lxqt
lxqt: update to version 0.16.0
2020-12-22 20:50:10 -03:00
Maximilian Bosch 123f953c98
grocy: 2.7.1 -> 3.0.0
https://github.com/grocy/grocy/releases/tag/v3.0.0
2020-12-22 16:00:33 +01:00
github-actions[bot] 3aac2c14a8
Merge master into staging-next 2020-12-22 12:25:40 +00:00
Florian Klink 80b0997499 nixos/udev: harmonize extraRules example
Use the same sample as in https://wiki.debian.org/NetworkInterfaceNames,
which includes the `ACTION=="add"` condition.
2020-12-22 11:16:29 +01:00
rnhmjoj 9f52d1f234
Revert "nixos/wireless: fix failure with no interfaces"
This reverts commit 8f177612b1.

Attempting to start any service from udev when systemd-udev-settle is
used at all hangs the boot for 2min. See issue #107341.
2020-12-22 10:17:32 +01:00
github-actions[bot] f1ccef3fd4
Merge master into staging-next 2020-12-22 00:46:39 +00:00
WilliButz 1c55621706
nixos/codimd: rename to hedgedoc
CodiMD was renamed to HedgeDoc. The user, group and state directory,
will be named hedgedoc instead of codimd, starting with stateVersion
"21.03".
2020-12-22 01:39:03 +01:00
WilliButz 8fc05f7a19
Merge pull request #107292 from mguentner/nginxlog_exporter
nginxlog_exporter:  1.3.0 -> 1.8.1 + module w/ tests
2020-12-21 21:40:16 +01:00
John Ericson 9a6d2ba1c5
Merge pull request #107338 from Ericson2314/thermald-allow-custom-package
nixos/thermald: Allow switching package
2020-12-21 15:23:53 -05:00
Maximilian Güntner 65fd031277
nixos: add prometheus_nginxlog_exporter module + test 2020-12-21 21:23:39 +01:00
Timo Kaufmann 8aaf788e34
Merge pull request #99037 from mohe2015/fix-mongodb
nixos/mongodb: fix running initialScript without a set root password
2020-12-21 19:41:51 +01:00
Jamie Magee feb63511c6
nixos/nzbhydra2: init 2020-12-21 19:41:24 +01:00
John Ericson 4bded92554 nixos/thermald: Allow switching package
Sometimes newer versions than what nixpkgs provides is needed for
certain hardware, especially for stable releases where I will backport
this commit.
2020-12-21 18:14:53 +00:00
github-actions[bot] 92db8d3c26
Merge master into staging-next 2020-12-20 12:22:10 +00:00
Florian Klink e45d9000b5
Merge pull request #107112 from Izorkin/samba-wsdd-fix
nixos/samba-wsdd: fix starting
2020-12-20 13:16:17 +01:00
github-actions[bot] 9f677fc6b8
Merge master into staging-next 2020-12-19 18:19:27 +00:00
mohe2015 ecb0291e1a
nixos/mongodb: fix running initialScript without a set root password
Co-authored-by: Timo Kaufmann <timokau@zoho.com>
2020-12-19 18:14:29 +01:00
Silvan Mosberger e52f705248
Merge pull request #84324 from Emantor/init/icecc_icemon
Icecream support
2020-12-19 17:54:28 +01:00
Aaron Andersen 0a20166ca1 nixos/zabbixWeb: include DOUBLE_IEEE754 directive 2020-12-18 13:15:55 -05:00
github-actions[bot] a4876421e8
Merge master into staging-next 2020-12-18 12:22:44 +00:00
Michele Guerini Rocco d7b52849f8
Merge pull request #97362 from martinetd/wakeonlan
wakeonlan service: use powerUpCommands
2020-12-18 08:39:02 +01:00
Izorkin 299f93dfdc
nixos/samba-wsdd: fix starting 2020-12-17 20:52:30 +03:00
github-actions[bot] c40424f79b
Merge staging-next into staging 2020-12-17 00:42:56 +00:00
Doron Behar 749c9f1f19
Merge pull request #92582 from truh/plantuml-server-squash 2020-12-16 22:02:57 +02:00
Markus Kowalewski 5df0cf7461
nixos/slurm: fix dbdserver config file handling
Since slurm-20.11.0.1 the dbd server requires slurmdbd.conf to be
in mode 600 to protect the database password. This change creates
slurmdbd.conf on-the-fly at service startup and thus avoids that
the database password ends up in the nix store.
2020-12-16 20:34:14 +01:00
José Romildo Malaquias c5f07370f7 nixos/sddm: lxqt moved to libsForQt515 2020-12-16 10:43:21 -03:00
github-actions[bot] c9bbcb2fc1
Merge staging-next into staging 2020-12-16 12:21:20 +00:00
Alyssa Ross e17d4b05a1 nixos/tor: don't do privoxy stuff by default
It's very surprising that services.tor.client.enable would set
services.privoxy.enable.  This violates the principle of least
astonishment, because it's Privoxy that can integrate with Tor, rather
than the other way around.

So this patch moves the Privoxy Tor integration to the Privoxy module,
and it also disables it by default.  This change is documented in the
release notes.

Reported-by: V <v@anomalous.eu>
2020-12-16 12:20:03 +00:00
github-actions[bot] bc3c95481e
Merge staging-next into staging 2020-12-16 00:41:26 +00:00
Guillaume Girol 824d2c92bd
Merge pull request #82584 from Atemu/dnscrypt-default-config
dnscrypt-proxy2: base settings on example config
2020-12-15 19:47:43 +00:00
github-actions[bot] 77b786a5d9
Merge staging-next into staging 2020-12-15 12:20:58 +00:00
Michele Guerini Rocco 12f367b51c
Merge pull request #104722 from rnhmjoj/wpa-fix
nixos/wireless: fix failure with no interfaces
2020-12-15 08:37:33 +01:00
github-actions[bot] f8d9426a1b
Merge staging-next into staging 2020-12-15 00:39:51 +00:00
Linus Heckemann c40f06022a
Merge pull request #106073 from minijackson/tinc-rfc42-and-tests
nixos/tinc: rfc42 and tests
2020-12-14 21:52:57 +01:00
github-actions[bot] ec2fa1cee8
Merge staging-next into staging 2020-12-14 12:21:13 +00:00
Linus Heckemann cc786acdce
Merge pull request #105397 from kisik21/mailman-other-mta-support
nixos/mailman: make Postfix support optional (provided you configure the MTA yourself)
2020-12-14 09:46:05 +01:00
Vika ad023b0c88
nixos/mailman: make Postfix support optional (provided you configure the MTA yourself)
Mailman can now work with MTAs other than Postfix. You'll have to configure
it yourself using the options in `services.mailman.settings.mta`.

This addition is reflected in the release notes for 21.03.
2020-12-14 02:41:30 +03:00
Minijackson 499e366d7b
nixos/tinc: add settings and hostSettings for RFC42-style options 2020-12-13 21:33:38 +01:00
Thomas Tuegel 39b76030be
Merge pull request #104810 from Thra11/plasma-5-20
Plasma 5.20.4
2020-12-13 13:50:53 -06:00
Timo Kaufmann d6dba0d7c1
Merge pull request #100774 from Atemu/startx-improvements
Startx improvements
2020-12-13 18:28:21 +01:00
Atemu d3113a62b8 nixos/startx: send Xorg log to the default location
This partially reverts bf3d3dd19b.

I don't know why we weren't getting a default logfile back then but Xorg
definitely provides one now ($XDG_DATA_HOME for regular users and /var/log for
root, see `man Xorg`)
2020-12-13 06:15:33 +01:00
Atemu 693a31ab7b nixos/xserver: make logFile configurable
It makes sense for it to be /dev/null for all the displayManagers but startx,
it needs a different logFile configuration.
2020-12-13 06:15:33 +01:00
Atemu c72c02ab26 nixos/startx: provide xserverArgs via xserverrc
Fixes #80198
2020-12-13 06:15:32 +01:00
Thomas Tuegel 58fd813daf
nixos/plasma5: install kirigami2 for SDDM theme 2020-12-12 16:07:19 -06:00
WilliButz 8727a0178f
Merge pull request #106788 from urbas/py-air-control-exporter-cli
nixos/prometheus-exporters/py-air-control: invoke exporter command
2020-12-12 21:48:01 +01:00
Matej Urbas 4970fbedbc nixos/prometheus-exporters/py-air-control: invoke exporter command
Package `py-air-control exporter` v0.1.5 comes with a new CLI. This change uses the new CLI (which simplifies the exporter's systemd service setup).
2020-12-12 20:19:54 +00:00
Florian Klink ce0fdd4dc0
Merge pull request #106697 from aanderse/mpd
nixos/mpd: conditionally provision required directories with StateDirectory
2020-12-12 20:48:54 +01:00
Jörg Thalheim 5f0d38f05b
Merge pull request #106715 from Mic92/tinc 2020-12-12 16:35:59 +00:00
Atemu e4c49db668 nixos/dnscrypt-proxy2: base settings on example config
Dnscrypt-proxy needs some options to be set before it can do anything useful.

Currently, we only apply what the user configured which, by default, is nothing.

This leads to the dnscrypt-proxy2 service failing to start when you only set
`enable = true;` which is not a great user experience.

This patch makes the module take the example config from the upstream repo as a
base on top of which the user-specified settings are applied (it contains sane
defaults).

An option has been added to restore the old behaviour.
2020-12-12 09:15:11 +01:00
Jörg Thalheim 2cdec00dd2
nixos/tinc: add reload command 2020-12-12 07:37:16 +01:00
Aaron Andersen 77a8496907 nixos/mpd: conditionally provision required directories with StateDirectory 2020-12-11 19:35:43 -05:00
Alyssa Ross a2460414cb
nixos/mailman: run non-minutely jobs
Fixes: b478e0043c
 ("nixos/mailman: refactor")
2020-12-11 17:23:50 +00:00
Peter Hoeg aa995fb0b7 nixos/sshguard: do not do IPv6 setup/teardown unconditionally 2020-12-11 16:19:45 +08:00
Peter Simons 21b8fe302f
Merge pull request #106580 from rissson/nixos-postfix-fix-mastercf-type
nixos/postfix: fix masterCf type
2020-12-11 09:14:47 +01:00
Jörg Thalheim d22d9227f1
Merge pull request #106601 from Mic92/frab
frab: remove package
2020-12-11 05:27:55 +00:00
Jörg Thalheim 6fa3728805
frab: remove package
broken since 2018
2020-12-10 22:24:11 +01:00
Maximilian Bosch 07aff199ad
Merge pull request #106080 from Ma27/nginx-config-doc
nixos/nginx: improve documentation for `config`
2020-12-10 21:54:01 +01:00
WilliButz df8ee3669f
Merge pull request #106067 from urbas/prometheus-exporter-py-air-control
nixos/prometheus-exporters/py-air-control: init
2020-12-10 20:51:56 +01:00
Matej Urbas 4948743705 nixos/prometheus-exporters/py-air-control: init 2020-12-10 19:02:30 +00:00
Marc 'risson' Schmitt 27dacb8b4b
nixos/postfix: fix masterCf type
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2020-12-10 18:49:05 +01:00
Maximilian Bosch 21be5b00da
Merge pull request #106473 from Ma27/improve-nextcloud-error
nixos/nextcloud: improve error message for invalid `dbpassFile`
2020-12-10 18:28:50 +01:00
Maximilian Bosch 81662d4798
nixos/nextcloud: improve error message for invalid dbpassFile
`file_exists` also returns `FALSE` if the file is in a directory that
can't be read by the user. This e.g. happens if permissions for
`nixops(1)`-deployment keys aren't configured correctly.

This patch improves the error message for invalid files to avoid
confusion[1].

[1] https://discourse.nixos.org/t/nixops-deploy-secrets-to-nextcloud/10414/4
2020-12-09 19:54:43 +01:00
Damien Diederen 98236860dc nixos/zookeeper: adapt to zookeeper 3.6.2
This patch:

  * Removes an invalid/useless classpath element;
  * Removes an unnecessary environment variable;
  * Creates the required '/version-2' data subdirectory;
  * Redirects audit logging to the "console" (systemd) by default.
2020-12-09 15:46:38 +01:00
Peng Mei Yu 3cd1a6706c unbound: Add AF_NETLINK to allowed address families.
Unbound throws the following error:

--8<---------------cut here---------------start------------->8---
error: failed to list interfaces: getifaddrs: Address family not supported by protocol
fatal error: could not open ports
--8<---------------cut here---------------end--------------->8---

The solution is pulled from upstream:
https://github.com/NLnetLabs/unbound/pull/351
2020-12-08 14:31:15 +08:00
Blaž Hrastnik 920c439915 thermald: Fix systemd service definition. 2020-12-08 08:26:36 +09:00
Maximilian Bosch 55ef9612a2
nixos/nginx: improve documentation for config
Unfortunately, I had a use-case where `services.nginx.config` was
necessary quite recently. While working on that config I had to look up
the module's code to understand which options can be used and which
don't.

To slightly improve the situation, I changed the documentation like
this:

* Added `types.str` as type since `config` is not mergeable on purpose.
  It must be a string as it's rendered verbatim into `nginx.conf` and if
  the type is `unspecified`, it can be confused with RFC42-like options.

* Mention which config options that don't generate config in
  `nginx.conf` are NOT mutually exclusive.
2020-12-06 17:26:13 +01:00
Francesco Zanini 93d74f6536 zigbee2mqtt: 1.16.1 -> 1.16.2 2020-12-05 17:42:07 +01:00
freezeboy 903b2aa9a6 nixos/n8n: init module and test 2020-12-05 11:02:40 +01:00
Gabriel Ebner 6e8007341e
Merge pull request #105362 from gebner/pipewire0137
pipewire: 0.3.16 -> 0.3.17
2020-12-03 17:15:05 +01:00
Blaž Hrastnik 05bd810d5f thermald: Always enable adaptive mode.
There was some issues with the fallback to passive mode on 2.3, but on
2.4 adaptive mode is always enabled upstream and thermald will fallback
to passive if necessary.

a6e68a65b5/data/thermald.service.in (L9)
2020-12-03 12:45:58 +09:00
Gabriel Ebner 906d68cf13 nixos/pipewire: enable volume control via alsa 2020-12-02 22:11:09 +01:00
Gabriel Ebner b28f2f7386 nixos/pipewire: generate configuration file 2020-12-02 22:11:09 +01:00
Silvan Mosberger 2526f22723
Merge pull request #102076 from Taneb/hoogle-dynamic-user
Set DynamicUser=true for hoogle
2020-12-02 12:58:10 +01:00
Austin Seipp 652ac69373
Merge pull request #103393 from happysalada/add_vector
nixos/vector: add module
2020-12-02 03:30:11 -06:00
Andreas Rammhold 26cc536edf
Merge pull request #104203 from andir/saned-max-connections
nixos/sane: bump the MaxConnections to a reasonable amount
2020-12-01 19:45:13 +01:00
Jörg Thalheim b1ed5ffeab
Merge pull request #93293 from tnias/nixos_rspamd_20200716 2020-12-01 13:10:43 +00:00
Christine Dodrill 3d55480bf8
nixos/tailscale: add package as an option
This simplifies testing changes to the tailscale service on a local
machine. You can use this as such:

```nix
let
  tailscale_patched = magic {};
in {
  services.tailscale = {
    enable = true;
    package = tailscale_patched;
  };
};
```

Signed-off-by: Christine Dodrill <me@christine.website>
2020-12-01 12:30:31 +01:00
Silvan Mosberger a87ab948d2
Merge pull request #104836 from ncfavier/master
nixos/nat: support IPv6 NAT
2020-12-01 04:40:09 +01:00
Valérian Galliat b93a5a1746
nixos/nat: support IPv6 NAT 2020-12-01 00:51:58 +01:00
Frederik Rietdijk 9a63b3d3d6
Merge pull request #104781 from NixOS/staging-next
Staging next
2020-11-30 18:27:29 +01:00
Nathan van Doorn 12c3e0a465 nixos/services/hoogle use DynamicUser instead of nobody
I've also removed PrivateTmp = true because this is implied by dynamic user.

I've left ProtectHome = true because I believe this is stronger than
ProtectHome = "read-only" which DynamicUser implies.
2020-11-30 13:36:19 +00:00
happysalada 627dfecadd nixos/vector: add module 2020-11-30 16:22:08 +09:00
Jörg Thalheim 3b6ef967f3
nixos/rspamd: fix postfix integration 2020-11-30 07:29:32 +01:00
Florian Klink a623bc0ba4
Merge pull request #104689 from petabyteboy/feature/gitlab-13-6-1
gitlab: 13.6.0 -> 13.6.1
2020-11-29 22:37:42 +01:00
Maximilian Bosch 752b6a95db
nixos/mautrix-telegram: update defaults
These three defaults must exist in the config now, otherwise
`mautrix-telegram` will refuse to start.
2020-11-29 21:28:07 +01:00
Gabriel Ebner 0155830275 nixos/pipewire: allow overriding the pipewire derivation 2020-11-29 17:43:07 +01:00
Gabriel Ebner ce28fd3d22 nixos/pipewire: add media-session.d files 2020-11-29 17:43:07 +01:00
Gabriel Ebner 53029a15cc nixos/pipewire: enable sound on alsa support
Otherwise sound.extraConfig has no effect.
2020-11-29 15:08:38 +01:00
Frederik Rietdijk 0d8491cb2b Merge master into staging-next 2020-11-29 13:51:10 +01:00
Jörg Thalheim 6f330ccedf
nixos/nginx: add streamConfig option 2020-11-29 10:55:01 +01:00
StigP e2968a0442
Merge pull request #102061 from braunse/gogs-0-12-3
gogs: 0.11.91 -> 0.12.3
2020-11-29 10:01:47 +01:00
Ryan Mulligan cb42d08df2
Merge pull request #62104 from Vizaxo/master
nixos/exwm: allow custom Emacs load script
2020-11-28 18:47:21 -08:00
Martin Weinelt 62ef710b54
Merge pull request #104268 from mvnetbiz/ha-allowpaths
home-assistant: add allowlist_external_dirs to systemd unit ReadWritePaths
2020-11-29 00:25:35 +01:00
Sander van der Burg 336628268f nixos/disnix: reorder startup to take MongoDB and InfluxDB into account, add option to add Disnix profile to the system PATH 2020-11-28 20:15:21 +01:00
Sander van der Burg 5e392940cf nixos/dysnomia: add InfluxDB configuration options, add option to use legacy modules, eliminate import from derivation hack 2020-11-28 20:15:21 +01:00
Frederik Rietdijk 9e062723b2 Merge master into staging-next 2020-11-28 08:53:47 +01:00
Sebastien Braun 5c87a6b8ea gogs: 0.11.91 -> 0.12.3 2020-11-28 06:50:52 +01:00
Sandro a390213f85
Merge pull request #85133 from snicket2100/mosquitto-service-sandboxing
mosquitto: systemd service sandboxing
2020-11-27 18:53:36 +01:00
Frederik Rietdijk b2a3891e12 Merge master into staging-next 2020-11-27 15:09:19 +01:00
Milan Pässler 81aff9f411 nixos/gitlab: use bindsTo instead of requires for gitaly 2020-11-26 14:12:14 +01:00
Jan Tojnar e95cc8519b
Merge pull request #104553 from jansol/pipewire
pipewire: 0.3.15 -> 0.3.16
2020-11-26 10:59:17 +01:00
Stijn DW 3d3bcc5cc9 nixos/factorio: Don't open firewall ports by default 2020-11-24 23:14:57 +01:00
Stijn DW d93434458b nixos/factorio: add openFirewall option 2020-11-24 23:14:57 +01:00
Graham Christensen d9c3f13df3
Merge pull request #104776 from grahamc/utillinux
utillinux: rename to util-linux
2020-11-24 15:14:36 -05:00
Graham Christensen bc49a0815a
utillinux: rename to util-linux 2020-11-24 12:42:06 -05:00
adisbladis 302df2a9a1
Merge pull request #81661 from adisbladis/ssh-pam-sudo-keys
pam_ssh_agent_auth: Honour services.openssh.authorizedKeysFiles
2020-11-24 16:06:47 +01:00
Artturin 4db239272c mullvad-vpn: add iproute2 2020-11-24 06:12:32 -08:00
Peter Simons 58f29d3ca8
Merge pull request #104721 from vkleen/postfix-smtp-fix
nixos.postfix: make postfix.enableSmtp work again
2020-11-24 08:58:35 +01:00
Jan Tojnar 6d99109b12
Merge branch 'staging-next' into staging 2020-11-24 05:44:44 +01:00
adisbladis ba1fa0c604
pam_ssh_agent_auth: Honour services.openssh.authorizedKeysFiles
If a system administrator has explicitly configured key locations this
should be taken into account by `sudo`.
2020-11-24 02:47:07 +01:00
Viktor Kleen 6216c843ed
nixos/postfix: make postfix.enableSmtp work again
This fixes issue #104715.
2020-11-23 23:46:06 +00:00
rnhmjoj 8f177612b1
nixos/wireless: fix failure with no interfaces
This resolves issue #101963.

When the service is started and no interface is ready yet, wpa_supplicant
is being exec'd with no `-i` flags, thus failing. Once the interfaces
are ready, the udev rule would fire but wouldn't restart the unit because
it wasn't currently running (see systemctl(1) try-restart).

The solution is to exit (with a clear error message) but always restart
wpa_supplicant when the interfaces are modified.
2020-11-24 00:18:18 +01:00
Florian Klink bbf3c9483b
Merge pull request #104520 from Izorkin/wsdd
wsdd: init at 0.6.2
2020-11-23 23:18:23 +01:00
Frederik Rietdijk 587538d087 Merge staging-next into staging 2020-11-23 18:10:33 +01:00
Izorkin 03760ab82e
nixos/samba-wsdd: init service samba-wsdd 2020-11-23 13:26:00 +03:00
Jan Solanti aca97840da pipewire: 0.3.15 -> 0.3.16
This release replaces the libpulseaudio shim with a pipewire module that acts as a fake pulseaudio server along with a systemd service that loads that module on demand.
2020-11-23 10:40:35 +02:00
zowoq dbbd289982 nixos/*: fix indentation 2020-11-23 08:42:51 +10:00
Florian Klink c76891314d
Merge pull request #104094 from flokli/systemd-unified-cgroup-hierarchy
systemd: switch to unified cgroup hierarchy by default
2020-11-22 22:35:42 +01:00
Florian Klink 904f124247
Merge pull request #99116 from jslight90/gitlab-13.4.0
GitLab 13.0.14 -> 13.6.0
2020-11-22 12:00:03 +01:00
Kai Wohlfahrt db5bb4e26b nixos/openldap: Fix sssd-ldap test
Use this as a test of the migration warnings/functionality.
2020-11-21 16:13:03 +00:00
Kai Wohlfahrt fefc26f844 nixos/openldap: use mkRenamedOptionModule
This offers less helpful warnings, but makes the implementation
considerably more straightforward.
2020-11-21 16:13:03 +00:00
Kai Wohlfahrt ce1acd97a7 nixos/openldap: fix path + base64 value types 2020-11-21 16:13:03 +00:00
Kai Wohlfahrt b2ebffe186 nixos/openldap: Fix indentation 2020-11-21 16:13:03 +00:00
Kai Wohlfahrt 3f892c2174 nixos/openldap: Remove extraConfig options
Instead of deprecating, as per PR feedback
2020-11-21 16:13:03 +00:00
Kai Wohlfahrt 2050376cae nixos/openldap: Mention schemas in migration hint 2020-11-21 15:45:16 +00:00
Kai Wohlfahrt 5fafbee87a nixos/openldap: Add release-notes for OLC config 2020-11-21 15:45:15 +00:00
Kai Wohlfahrt adda7e62d0 nixos/openldap: Add support for base64 values 2020-11-21 15:39:20 +00:00
Kai Wohlfahrt d05061c5cd nixos/openldap: Pick some PR nits 2020-11-21 15:39:20 +00:00
Kai Wohlfahrt 9528faf182 nixos/openldap: Allow declarativeContents for multiple databases 2020-11-21 15:39:19 +00:00
Kai Wohlfahrt 057cb570be nixos/openldap: Add delcarativeConfig by suffix
Adding by index could be an issue if the user wanted the data to be
added to a DB other than the first.
2020-11-21 15:39:19 +00:00
Kai Wohlfahrt 1fde3c3561 nixos/openldap: switch to slapd.d configuration
The old slapd.conf is deprecated. Replace with slapd.d, and use this
opportunity to write some structured settings.

Incidentally, this fixes the fact that openldap is reported up before
any checks have completed, by using forking mode.
2020-11-21 15:39:19 +00:00
Milan Pässler 0f82bd767b nixos/gitlab: start gitaly after gitlab 2020-11-21 01:38:11 +01:00
Jeff Slight f98a6322e6 nixos/gitlab: add changes for gitlab 13.4.x 2020-11-20 19:26:30 +01:00
Frederik Rietdijk ea7b8978ef Merge master into staging-next 2020-11-19 20:08:15 +01:00
Florian Klink 5d45f269aa nixos/k3s: disable unifiedCgroupHierarchy
This gets automatically disabled by docker if the docker backend is
used, but the bundled containerd also doesn't seem to support cgroupsv2,
so disable it explicitly here, too.
2020-11-19 16:56:46 +01:00
Jörg Thalheim 2bf5899d6a
Merge pull request #104105 from spacefrogg/openafs-1.9 2020-11-19 14:42:17 +01:00
Matt Votava 746efadcce home-assistant: add allowlist_external_dirs to systemd unit ReadWritePaths 2020-11-19 04:29:03 -08:00
Jörg Thalheim 0f84e08fcd
nixos/telegraf: make example a bit more compact 2020-11-18 21:41:58 +01:00
Jörg Thalheim 69caedcc42
nixos/telegraf: null value for environmentFiles is invalid
it's also not needed given that empty list covers all use cases.
2020-11-18 21:41:55 +01:00
Andreas Rammhold 6f7d8e5528
nixos/sane: bump the MaxConnections to a reasonable amount
Whenever I try to scan from another computer it has to establish >2
connections in order to succeed. With the connections being limited to 1
I can not scan any document.

This is also what other distributions ([Debian], [ArchLinux], …) have
done in one way or another.

[Debian]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850649#5
[ArchLinux]: no limit: 99cba454bb/trunk/saned.socket (L4)
2020-11-18 20:25:44 +01:00
Frederik Rietdijk da12fc6838 Merge staging-next into staging 2020-11-18 15:36:56 +01:00
Janne Heß e5e9887e38
nixos/dbus: Add AppArmor support 2020-11-18 10:10:36 +01:00
Michael Raitza 1f323ec2b4 openafs: remove 1.6; point to openafs_1_8 2020-11-17 21:31:59 +01:00
Vladimír Čunát bdcd2d82ee
Merge #103633: kresd service: switch .listenDoH
... to new implementation - and a couple other improvements.
2020-11-17 20:06:55 +01:00
Vladimír Čunát e61ef63e4e
kresd service: switch .listenDoH to new implementation
Beware: extraFeatures are not needed *for this* anymore,
but their removal may still cause a regression in some configs
(example: prefill module).
2020-11-17 20:04:56 +01:00
Maximilian Bosch 9fc484c373
Merge pull request #103717 from WilliButz/codimd/add-package-option
nixos/codimd: add package option, refactor prettyJSON
2020-11-16 13:46:17 +01:00
Jörg Thalheim 7534d92648
nixos/telegraf: allow multiple env files 2020-11-14 16:33:50 +01:00
Jörg Thalheim 8edc4619ab
nixos/telegraf: switch to setting types
This allows to split up configuration into multiple modules
2020-11-14 16:33:46 +01:00
Jörg Thalheim 157d7354d6
nixos/telegraf: add environmentFile option 2020-11-14 16:33:42 +01:00
Jörg Thalheim 9750813b89
nixos/telegraf: add support for native ping 2020-11-14 16:33:39 +01:00
WilliButz 74d354a397
nixos/codimd: add package option, refactor prettyJSON
This adds a `package` option to allow for easier overriding of the used
CodiMD version and `runCommandLocal` with `nativeBuildInputs` is now
used to pretty print the configuration.
2020-11-13 16:14:41 +01:00
Gabriel Ebner 753656bbbc
Merge pull request #103225 from gebner/hsphfpd
pulseaudio: add hsphfpd support
2020-11-11 19:56:35 +01:00
Kevin Cox 5dee9b5699
Merge pull request #96679 from midchildan/add-mackerel
mackerel-agent: init at 0.69.3
2020-11-11 06:59:22 -05:00
Aaron Andersen e419de361d
Merge pull request #102376 from felschr/feat/cfdyndns-password-file
nixos/cfdyndns: add apikeyFile option
2020-11-10 18:08:25 -05:00
Edmund Wu 4d0ad2783d nixos/*: hsphfpd support 2020-11-10 20:53:13 +01:00
ajs124 fd950b9fc7
Merge pull request #103196 from helsinki-systems/fix/plasma5-noaliases
nixos/plasma5: Fix when running without aliases
2020-11-10 16:59:34 +01:00
Felix Tenley a33290b1a8
nixos/cfdyndns: add apikeyFile option
nixos/cfdyndns: remove apikey option
2020-11-10 14:00:16 +01:00
Jörg Thalheim 31a0b5dff6
nixos/promtail: fix access to journal 2020-11-10 10:49:27 +01:00
Jörg Thalheim 4c64fa224e
nixos/loki: mergeable configuration
type.attrs is not mergable
2020-11-10 10:49:25 +01:00
Jörg Thalheim 88d1da8e5d
nixos/promtail: use json type for configuration 2020-11-10 10:49:23 +01:00
Jörg Thalheim 689eb49d42
nixos/loki: add logcli to system path
Admins quite likely want to query loki for debugging purpose.
2020-11-10 10:49:21 +01:00
Frederik Rietdijk 379aaa1e0c Merge master into staging-next 2020-11-10 10:11:08 +01:00
WORLDofPEACE fcef646736
Merge pull request #93431 from sorki/audio/pulseJack
nixos/jack,pulseaudio: fix pulse connection to jackd service
2020-11-09 19:40:12 -05:00
Jan Tojnar 3a5ba30c13 fwupd: 1.4.6 → 1.5.1
* https://github.com/fwupd/fwupd/releases/tag/1.5.0
* https://github.com/fwupd/fwupd/releases/tag/1.5.1

* The changelog mentions removed dependency on efivar but we still need the package because it also contains efiboot required dependency. https://github.com/fwupd/fwupd/pull/2485
* Blacklist options were renamed.
* Test firmware was moved to a separate repo. We need to install it or some tests will be skipped. https://github.com/fwupd/fwupd/pull/2330
* Initially, there was an option to configure dbx but in the end, it was removed in favour of bespoke dbxtool. https://github.com/fwupd/fwupd/pull/2061, https://github.com/fwupd/fwupd/pull/2318, https://github.com/fwupd/fwupd/pull/2329
* Fwupd now checks hashes of plug-ins and will complain loudly that it is tainted when “invalid” plug-in is loaded (during testing).
* Installed tests complain about not being able to access cdn, even though we are not setting CI_NETWORK env var. We need a patch to fix that.
2020-11-09 22:50:17 +01:00
Frederik Rietdijk 20f001c01e Merge master into staging-next 2020-11-09 14:33:52 +01:00
Janne Heß 59239feacb
nixos/plasma5: Fix when running without aliases 2020-11-09 11:09:06 +01:00
Niklas Hambüchen 91b20fb1aa roundcube service: Restart on config changes.
Until now, e.g. `extraConfig` changes did not reflect in
the system on `nixos-rebuild switch`.
2020-11-08 22:20:18 +01:00
Ninjatrappeur 5f5d38e88f
Merge pull request #101218 from andir/unbound-systemd 2020-11-08 16:55:29 +01:00
Gabriel Ebner df88279649
Merge pull request #103004 from lovesegfault/octoprint-marlingcodedocumentation
octoprint: add marlingcodedocumentation
2020-11-08 11:42:08 +01:00
Niklas Hambüchen 169ab0b89f redis service: Listen on localhost by default. Fixes #100192.
All other database servers in NixOS also use this safe-by-default setting.
2020-11-08 01:15:33 +01:00
Julien Moutinho c48faf07f4 transmission: fix #98904 2020-11-07 16:27:24 +01:00
midchildan 921a66edc4
nixos/mackerel-agent: init 2020-11-07 13:37:33 +09:00