1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-24 22:50:49 +00:00
Commit graph

23483 commits

Author SHA1 Message Date
Kim Lindberger 460d7f63c6
Merge pull request #125404 from talyz/parsedmarc
parsedmarc: Add package and NixOS module
2021-09-13 15:44:18 +02:00
talyz 6496902fb2
nixos/parsedmarc: Add manual entry and release note 2021-09-13 13:57:17 +02:00
talyz d46e78fd76
nixos/parsedmarc: Add test 2021-09-13 13:57:11 +02:00
talyz 98d9617705
nixos/parsedmarc: Add NixOS module 2021-09-13 13:57:06 +02:00
talyz 3a1e1f0624
nixos/elasticsearch: Wait for elasticsearch to start up properly
Other services that depend on elasticsearch should be started after
it, but since the versions we're packaging have to run as
"Type=simple", they're started as soon as the elasticsearch binary has
been executed, likely winning the race against it.

This makes sure elasticsearch is up and running, responding to a
simple query, before dependents are started.
2021-09-13 13:57:01 +02:00
rnhmjoj 27b0c53d23
doc/release-notes: mention security.wrappers changes 2021-09-13 13:48:13 +02:00
rnhmjoj 65e83b0e23
nixos: fix nobody/nogroup in security.wrappers 2021-09-13 13:48:13 +02:00
rnhmjoj fedd7cd690
nixos: explicitely set security.wrappers ownership
This is slightly more verbose and inconvenient, but it forces you
to think about what the wrapper ownership and permissions will be.
2021-09-13 13:48:13 +02:00
rnhmjoj 8f76a6eefc
nixos: add implict security.wrappers options
This is to keep the same permissions/setuid/setgid as before the change
in security.wrappers defaults.
2021-09-13 13:48:13 +02:00
rnhmjoj 41a498578e
nixos/mail: reuse security.wrappers type 2021-09-13 13:48:13 +02:00
rnhmjoj 27dcb04cde
nixos/security/wrappers: remove WRAPPER_PATH
This appears to be a leftover from 628e6a83.
2021-09-13 13:48:13 +02:00
rnhmjoj 936e8eaf41
nixos/security/wrappers: fix shell quoting 2021-09-13 13:48:12 +02:00
Alyssa Ross 0f279e2e0c nixos/top-level: fix cross
When cross-compiling, we can't run the runtime shell to check syntax
if it's e.g. for a different architecture.  We have two options here.
We can disable syntax checking when cross compiling, but that risks
letting errors through.  Or, we can do what I've done here, and change
the syntax check to use stdenv's shell instead of the runtime shell.
This requires the stdenv shell and runtime shell to be broadly
compatible, but I think that's so ingrained in Nixpkgs anyway that
it's fine.  And this way we avoid conditionals that check for cross.
2021-09-13 11:13:38 +00:00
rnhmjoj 7d8b303e3f
nixos/security/wrappers: check that sources exist
Add a shell script that checks if the paths of all wrapped programs
actually exist to catch mistakes. This only checks for Nix store paths,
which are always expected to exist at build time.
2021-09-13 10:38:04 +02:00
Florian Klink 8019c95b55
Merge pull request #131618 from andir/systemdv249
systemd v249
2021-09-13 09:39:49 +02:00
figsoda ec2690c67f nixos/xdg/mime: add config for associations
between mimetypes and applications
2021-09-12 21:02:40 -04:00
github-actions[bot] dfd1161f35
Merge staging-next into staging 2021-09-13 00:02:22 +00:00
github-actions[bot] ac962ee61a
Merge master into staging-next 2021-09-13 00:01:41 +00:00
Sandro a79648dd7f
Merge pull request #136109 from john-consumable/master 2021-09-13 00:42:54 +02:00
Andreas Rammhold 92442b1f99
nixos/tests/prometheus: wait for influxdb exporter before quering
Previously the influxdb exporter test was flaky as even after the
service has started there is still a race before the service is actually
listening and accepting connection on port 9122.

With this commit the test will wait for the port to be open before
proceeding.
2021-09-12 23:45:55 +02:00
Andreas Rammhold 72197a5c79
nixos/tests/herbstluftwm: fix timeout that was given in seconds
Hydra accepts timeouts as value of seconds after which the test is
terminated / considered failed. Using the value 30 here has the effect
that the test was terminate after 30 seconds. That time might be
sufficient for the test execution itself but it has another downside:

Jobs on hydra inherit the timeout of their parent. In this case all the
builds that are a dependency of the herbstluftwm test *must* finish
(each) within 30s. And since not all of the dependencies are cached in
the binary cache this could lead to an issue with pacakges that take
longer than 30s to build at the time when the herbstluftwm test is built
by hydra.

It is best to not set the timeout here and let hydra deal with it.  Our
default timeout for builds is two hours which is more than sufficient
for most builds and tests. If the test fails we will spent ~2h doing
something or nothing at worst but at least we wont kill the build just
because a dependency wasn't fullfilled already.
2021-09-12 23:45:55 +02:00
Andreas Rammhold 64556974b6
systemd: 247.6 -> 249.4
This updates systemd to version v249.4 from version v247.6.

Besides the many new features that can be found in the upstream
repository they also introduced a bunch of cleanup which ended up
requiring a few more patches on our side.

a) 0022-core-Handle-lookup-paths-being-symlinks.patch:
  The way symlinked units were handled was changed in such that the last
  name of a unit file within one of the unit directories
  (/run/systemd/system, /etc/systemd/system, ...) is used as the name
  for the unit. Unfortunately that code didn't take into account that
  the unit directories themselves could already be symlinks and thus
  caused all our units to be recognized slightly different.

  There is an upstream PR for this new patch:
    https://github.com/systemd/systemd/pull/20479

b) The way the APIVFS is setup has been changed in such a way that we
   now always have /run. This required a few changes to the
   confinement tests which did assert that they didn't exist. Instead of
   adding another patch we can just adopt the upstream behavior. An
   empty /run doesn't seem harmful.

   As part of this work I refactored the confinement test just a little
   bit to allow better debugging of test failures. Previously it would
   just fail at some point and it wasn't obvious which of the many
   commands failed or what the unexpected string was. This should now be
   more obvious.

c) Again related to the confinement tests the way a file was tested for
   being accessible was optimized. Previously systemd would in some
   situations open a file twice during that check. This was reduced to
   one operation but required the procfs to be mounted in a units
   namespace.

   An upstream bug was filed and fixed. We are now carrying the
   essential patch to fix that issue until it is backported to a new
   release (likely only version 250). The good part about this story is
   that upstream systemd now has a test case that looks very similar to
   one of our confinement tests. Hopefully that will lead to less
   friction in the long run.

   https://github.com/systemd/systemd/issues/20514
   https://github.com/systemd/systemd/pull/20515

d) Previously we could grep for dlopen( somewhat reliably but now
   upstream started using a wrapper around dlopen that is most of the
   time used with linebreaks. This makes using grep not ergonomic
   anymore.

   With this bump we are grepping for anything that looks like a
   dynamic library name (in contrast to a dlopen(3) call) and replace
   those instead. That seems more robust. Time will tell if this holds.

   I tried using coccinelle to patch all those call sites using its
   tooling but unfornately it does stumble upon the _cleanup_
   annotations that are very common in the systemd code.

e) We now have some machinery for libbpf support in our systemd build.
   That being said it doesn't actually work as generating some skeletons
   doesn't work just yet. It fails with the below error message and is
   disabled by default (in both minimal and the regular build).

   > FAILED: src/core/bpf/socket_bind/socket-bind.skel.h
   > /build/source/tools/build-bpf-skel.py --clang_exec /nix/store/x1bi2mkapk1m0zq2g02nr018qyjkdn7a-clang-wrapper-12.0.1/bin/clang --llvm_strip_exec /nix/store/zm0kqan9qc77x219yihmmisi9g3sg8ns-llvm-12.0.1/bin/llvm-strip --bpftool_exec /nix/store/l6dg8jlbh8qnqa58mshh3d8r6999dk0p-bpftools-5.13.11/bin/bpftool --arch x86_64 ../src/core/bpf/socket_bind/socket-bind.bpf.c src/core/bpf/socket_bind/socket-bind.skel.h
   > libbpf: elf: socket_bind_bpf is not a valid eBPF object file
   > Error: failed to open BPF object file: BPF object format invalid
   > Traceback (most recent call last):
   >   File "/build/source/tools/build-bpf-skel.py", line 128, in <module>
   >     bpf_build(args)
   >   File "/build/source/tools/build-bpf-skel.py", line 92, in bpf_build
   >     gen_bpf_skeleton(bpftool_exec=args.bpftool_exec,
   >   File "/build/source/tools/build-bpf-skel.py", line 63, in gen_bpf_skeleton
   >     skel = subprocess.check_output(bpftool_args, universal_newlines=True)
   >   File "/nix/store/81lwy2hfqj4c1943b1x8a0qsivjhdhw9-python3-3.9.6/lib/python3.9/subprocess.py", line 424, in check_output
   >     return run(*popenargs, stdout=PIPE, timeout=timeout, check=True,
   >   File "/nix/store/81lwy2hfqj4c1943b1x8a0qsivjhdhw9-python3-3.9.6/lib/python3.9/subprocess.py", line 528, in run
   >     raise CalledProcessError(retcode, process.args,
   > subprocess.CalledProcessError: Command '['/nix/store/l6dg8jlbh8qnqa58mshh3d8r6999dk0p-bpftools-5.13.11/bin/bpftool', 'g', 's', '../src/core/bpf/socket_bind/socket-bind.bpf.o']' returned non-zero exit status 255.
   > [102/1457] Compiling C object src/journal/libjournal-core.a.p/journald-server.c.oapture output)put)ut)
   > ninja: build stopped: subcommand failed.

  f) We do now have support for TPM2 based disk encryption in our
     systemd build. The actual bits and pieces to make use of that are
     missing but there are various ongoing efforts in that direction.
     There is also the story about systemd in our initrd to enable this
     being used for root volumes. None of this will yet work out of the
     box but we can start improving on that front.

  g) FIDO2 support was added systemd and consequently we can now use
     that. Just with TPM2 there hasn't been any integration work with
     NixOS and instead this just adds that capability to work on that.

Co-Authored-By: Jörg Thalheim <joerg@thalheim.io>
2021-09-12 23:45:49 +02:00
Maximilian Bosch 2444c11431
nixos/kernel: add 5.14 to kernel test-suite
I guess that this was just forgotten in #136150 and I realized while
running these tests for the latest kernel updates.
2021-09-12 22:43:46 +02:00
Sandro e4b50b4821
Merge pull request #66415 from ToxicFrog/crossfire 2021-09-12 22:13:02 +02:00
rnhmjoj 22004f7e8f
nixos/security/wrappers: use fixed defaults
To keep backward compatibility and have a typing would require making
all options null by default, adding a defaultText containing the actual
value, write the default value logic based on `!= null` and replacing
the nulls laters. This pretty much defeats the point of having used
a submodule type.
2021-09-12 21:43:25 +02:00
rnhmjoj 904f68fb0f
nixos/security/wrappers: make well-typed
The security.wrappers option is morally a set of submodules but it's
actually (un)typed as a generic attribute set. This is bad for several
reasons:

1. Some of the "submodule" option are not document;
2. the default values are not documented and are chosen based on
   somewhat bizarre rules (issue #23217);
3. It's not possible to override an existing wrapper due to the
   dumb types.attrs.merge strategy;
4. It's easy to make mistakes that will go unnoticed, which is
   really bad given the sensitivity of this module (issue #47839).

This makes the option a proper set of submodule and add strict types and
descriptions to every sub-option. Considering it's not yet clear if the
way the default values are picked is intended, this reproduces the current
behavior, but it's now documented explicitly.
2021-09-12 21:43:03 +02:00
Maximilian Bosch 364b5555ee
Merge pull request #137132 from Ma27/pi-sudo
nixos/privacyidea: use `sudo(8)` that's configured via the module
2021-09-12 20:09:49 +02:00
github-actions[bot] fef6f602e6
Merge staging-next into staging 2021-09-12 18:01:50 +00:00
github-actions[bot] a13bf1828b
Merge master into staging-next 2021-09-12 18:01:21 +00:00
Maximilian Bosch 8b13843f4e
Merge pull request #135751 from zhaofengli/promtail-allow-positions-file
nixos/promtail: Allow write access to positions file if not in CacheDirectory
2021-09-12 18:17:25 +02:00
Matthieu Coudron ab9c7819fe
Merge pull request #136615 from teto/lua-flat
Various lua changes/cleanup
2021-09-12 18:08:53 +02:00
Daniël de Kok 6f2ce2a65e treewide: remove danieldk as maintainer from a set of packages
I currently do not have much time to work on nixpkgs. Remove
myself as a maintainer from a bunch of packages to avoid that
people are waiting on me for a review.
2021-09-12 14:42:12 +00:00
ajs124 119c9e1f70 nixos/rabbitmq: clean-up after f091420c1d 2021-09-12 16:32:36 +02:00
Jan Solanti f4fbb21176 pipewire: 0.3.34 -> 0.3.35 2021-09-12 16:33:50 +03:00
Guillaume Girol 27f0f8965b nixos/tests/caddy.nix: fix eval 2021-09-12 14:59:30 +02:00
Guillaume Girol 476fcfd2aa nixos: add release notes about users.users.name.group 2021-09-12 14:59:30 +02:00
Guillaume Girol bc3bca822a nixos: define the primary group of users where needed 2021-09-12 14:59:30 +02:00
github-actions[bot] 7267016c66
Merge staging-next into staging 2021-09-12 12:01:42 +00:00
github-actions[bot] acd45cb351
Merge master into staging-next 2021-09-12 12:01:10 +00:00
Sandro e26b155274
Merge pull request #137444 from SuperSandro2000/wicd
treewide: yank wicd as it is abandoned
2021-09-12 12:56:10 +02:00
Janne Heß 4db13430fb
nixos/activation-script: Fix dependencies for dry activation 2021-09-12 11:34:13 +02:00
github-actions[bot] 3d192af340
Merge staging-next into staging 2021-09-12 06:01:33 +00:00
github-actions[bot] 45de5d0c9a
Merge master into staging-next 2021-09-12 06:01:00 +00:00
Jörg Thalheim fc4247e827
Merge pull request #137082 from bobby285271/markdown
nixos/doc: Convert more articles to CommonMark
2021-09-12 04:51:20 +01:00
zowoq 07109dd495 nixos/kubernetes: add cni-plugin-flannel to kubelet.cni.packages
the flannel plugin was removed from `cni-plugins` in ee8ed2cd8d
2021-09-12 12:47:45 +10:00
Bobby Rong 7fb52b1325
nixos: nixos/doc/manual/installation/installing.xml to CommonMark 2021-09-12 09:26:37 +08:00
Matthieu Coudron b97977681e lua: add LUA_PATH changes to release notes
lua interpreters have been patched not to look into FHS folders anymore.
2021-09-12 03:03:56 +02:00
happysalada 30a04a1ad9 rl-2111: add bash default upgrade to version 5 2021-09-12 09:48:54 +09:00
github-actions[bot] 3f2255106a
Merge master into staging-next 2021-09-12 00:01:45 +00:00
John Soo b1c57920f5 nixos/datadog-agent: Note breaking changes in release notes. 2021-09-11 15:32:14 -07:00
John Soo a51ee771be nixos/datadog-agent: Update process collection binary. 2021-09-11 15:32:14 -07:00
John Soo e131d6bf51 datadog-agent: Add release note entry. 2021-09-11 15:32:14 -07:00
Sandro Jäckel 781766e30c
treewide: yank wicd as it is abandoned 2021-09-11 23:46:52 +02:00
Timothy DeHerrera 8e2f255cb6
Merge pull request #137325 from figsoda/git-module
nixos/git: init
2021-09-11 15:42:22 -06:00
Davíð Steinn Geirsson 4598ff3bb8 nixos/libinput: Add transformation matrix option 2021-09-11 20:53:29 +00:00
github-actions[bot] c435b0e35f
Merge master into staging-next 2021-09-11 18:01:16 +00:00
Sandro 667711513d
Merge pull request #137039 from figsoda/sx-extra-layouts 2021-09-11 14:51:05 +02:00
github-actions[bot] 4170ee273c
Merge master into staging-next 2021-09-11 12:01:12 +00:00
Alyssa Ross 2f9ec5838e
nixos/doc: fix merged items in 20.09 rel notes
These items (notmuch and device tree) are completely different topics,
so were obviously merged into a single bullet by mistake.
2021-09-11 08:16:31 +00:00
figsoda 44853e8cf3 nixos/git: init 2021-09-10 18:50:04 -04:00
figsoda 9c82ab55b1 nixos/xserver: fix extraLayouts with displayManager.sx.enable 2021-09-10 18:48:14 -04:00
Martin Weinelt d9341eafa2
Merge branch 'master' into staging-next 2021-09-10 15:04:01 +02:00
Kevin Cox a49a3d97ac
Merge pull request #137113 from kevincox/ipfs-profile-fix
nixos.ipfs: Fix startup after unclean shutdown.
2021-09-10 08:26:04 -04:00
Jörg Thalheim c2b276369d
Merge pull request #137224 from helsinki-systems/dry-activation-scripts-to-changelog
nixos/release-notes: Document dry activation scripts
2021-09-10 11:19:12 +01:00
github-actions[bot] 3f7ad651c7
Merge master into staging-next 2021-09-10 06:01:06 +00:00
Elis Hirwing eac6215607
Merge pull request #136460 from misuzu/sanoid-recursive-zfs
nixos/sanoid: allow zfs value for recursive
2021-09-10 07:13:12 +02:00
happysalada 75c7c16df2 release-docs: add ipfs localdiscovery false change 2021-09-10 09:39:55 +09:00
happysalada 6a51087bba ipfs: default to not listen on the local network 2021-09-10 09:39:55 +09:00
github-actions[bot] 912b8082df
Merge master into staging-next 2021-09-10 00:01:31 +00:00
Janne Heß 23b21c77f6
nixos/release-notes: Document dry activation scripts 2021-09-09 22:32:55 +02:00
Timothy DeHerrera 6dbeb3190d
Merge pull request #126544 from jonringer/nixos-rebuild-use-substitutes
nixos-rebuild: add --use-substitutes option
2021-09-09 13:53:37 -06:00
Pavol Rusnak 60c852813a
Merge pull request #137214 from alyssais/exists
treewide: "does not exists" -> "does not exist"
2021-09-09 21:40:54 +02:00
Alyssa Ross c9ce275aa4
treewide: "does not exists" -> "does not exist"
I noticed this minor grammar mistake when running update.nix, and then
while grepping to find the source I noticed we had it a few times in
Nixpkgs.  Just as easy to fix treewide as it was to fix the one
occurrence I noticed.
2021-09-09 18:45:33 +00:00
Lassulus 2e04b29a17
Merge pull request #126247 from kmein/feature/spotifyd
spotifyd: generate TOML config via formats
2021-09-09 20:08:03 +02:00
github-actions[bot] fc5d1c0828
Merge master into staging-next 2021-09-09 12:01:24 +00:00
Janne Heß e8388f8574
nixos/switch-to-configuration: Allow activation scripts to restart units
The primary use case is tools like sops-nix and agenix to restart units
when secrets change. There's probably other reasons to restart units as
well and a nice thing to have in general.
2021-09-09 13:11:52 +02:00
Jörg Thalheim 146ae89c63
Merge pull request #137120 from helsinki-systems/feat/activate-syntax
nixos/top-level: Check activation script syntax
2021-09-09 07:21:11 +01:00
github-actions[bot] 8cd1da2362
Merge master into staging-next 2021-09-09 00:01:35 +00:00
Maximilian Bosch 69e75754d5
nixos/privacyidea: use sudo(8) that's configured via the module 2021-09-08 22:45:50 +02:00
Pavol Rusnak 9ceefd7e37
Merge pull request #137088 from bricewge/master
maintainers: remove bricewge
2021-09-08 20:15:52 +02:00
Janne Heß 2bcd3dad86
nixos/top-level: Check activation script syntax 2021-09-08 20:08:44 +02:00
github-actions[bot] 31efc58eb0
Merge master into staging-next 2021-09-08 18:01:03 +00:00
Artturin f45e8d560e nixos/tmp: add tmpOnTmpfsSize 2021-09-08 19:30:52 +03:00
Lassulus 7cd6b6dfc8
Merge pull request #132786 from helsinki-systems/feat/initrd-dm-cache
tasks/lvm: add all tools from thin-provisioning-tools
2021-09-08 18:19:41 +02:00
Kevin Cox af354d2049
nixos.ipfs: Fix startup after unclean shutdown.
Fixes https://github.com/NixOS/nixpkgs/issues/135684
2021-09-08 12:17:22 -04:00
Lassulus 5f4004ea94
Merge pull request #136605 from helsinki-systems/feat/dry-activation-scripts
nixos: Add dry activation for users/groups
2021-09-08 18:10:09 +02:00
github-actions[bot] 5ed67a849a
Merge master into staging-next 2021-09-08 12:01:27 +00:00
Matthew Kenigsberg b00d2a8f3e
nixos/testing: remove unused function runInMachine
runInMachine and runInMachineWithX are not used for any tests and can be
removed
2021-09-08 06:25:20 -05:00
Bobby Rong b8efe91ce2
nixos: nixos/doc/manual/development/writing-modules.xml to CommonMark 2021-09-08 17:57:11 +08:00
Brice Waegeneire a49177e0ce maintainers: remove bricewge
So long, and thanks for all the fish!
2021-09-08 11:56:00 +02:00
Alexandre Iooss bbc51efb46 nixos/grafana: systemd unit hardening 2021-09-08 10:43:46 +02:00
Bobby Rong 785d40d4d8
nixos: nixos/doc/manual/configuration/profiles.xml to CommonMark 2021-09-08 16:35:17 +08:00
Bobby Rong 2e808c8144
nixos: nixos/doc/manual/configuration/networking.xml to CommonMark 2021-09-08 16:35:16 +08:00
Bobby Rong 4c10e0ff9d
nixos: nixos/doc/manual/configuration/file-systems.xml to CommonMark 2021-09-08 16:35:16 +08:00
Bobby Rong 7d7d2a4455
nixos: nixos/doc/manual/configuration/package-mgmt.xml to CommonMark 2021-09-08 16:35:16 +08:00
Bobby Rong 12a9632ab0
nixos: nixos/doc/manual/devlopment/nixos-tests.xml to CommonMark 2021-09-08 15:47:16 +08:00
Bobby Rong 45c1d8f4aa
nixos: nixos/doc/manual/configuration/config-syntax.xml to CommonMark 2021-09-08 15:47:16 +08:00
Bobby Rong 8ce611b9fb
nixos: nixos/doc/manual/configuration/declarative-packages.xml to CommonMark 2021-09-08 15:47:05 +08:00
Bobby Rong 3d711cfc5e
nixos: nixos/doc/manual/administration/troubleshooting.xml to CommonMark 2021-09-08 14:42:23 +08:00
Bobby Rong 5aaeddee5f
nixos: nixos/doc/manual/administration/containers.xml to CommonMark 2021-09-08 14:40:26 +08:00
github-actions[bot] 58f8f1f058
Merge master into staging-next 2021-09-08 00:01:42 +00:00
Jan Tojnar 1e75936926
Merge pull request #130047 from NixOS/doc-manpage-role
doc: Add support for manpage references
2021-09-07 21:29:26 +02:00
github-actions[bot] 80cab1d056
Merge master into staging-next 2021-09-07 18:01:08 +00:00
Ryan Mulligan c863de29a7 nixos/doc/md-to-db.sh: handle Docbook inclues in CommonMark
You can do includes like this:

```{=docbook}
<xi:include href="rl-2111.section.xml" />
```
2021-09-07 06:29:21 -07:00
github-actions[bot] fbefda3466
Merge master into staging-next 2021-09-07 12:01:13 +00:00
Michele Guerini Rocco 4755c30647
Merge pull request #136915 from ncfavier/manualPages
nixos/documentation: expose manualPages as a hidden option
2021-09-07 13:40:50 +02:00
Robert Hensing e16c267e48
Merge pull request #128916 from heisenberg33/patch-4
Fix default pager environment
2021-09-07 12:45:36 +02:00
Naïm Favier 459957f9d4
nixos/documentation: expose manualPages
Allows advanced users to select what packages they want to generate the
man cache for, and even more advanced users to make manualPages
content-addressed to avoid needless rebuilds.
2021-09-07 11:13:32 +02:00
matthewcroughan 11aedaec1f nixos: nix.sshServe: add write option
Adds the ability to provide the --write flag in addition to the --serve flag via
a new option, services.sshServe.write.

A user can now share their system as a remote builder with friends easily as
follows:

{
  nix = {
    sshServe = {
      enable = true;
      write = true;
      keys = ["ssh-dss AAAAB3NzaC1k... alice@example.org"];
    };
  };
}

Co-authored-by: Raphael Megzari <raphael@megzari.com>
2021-09-07 18:10:55 +09:00
Janne Heß a851b4d20e
nixos/users-groups: Add dry mode 2021-09-07 10:30:42 +02:00
Bobby Rong 745cf36f95
Merge branch 'staging-next-fix' into staging-next 2021-09-07 16:17:21 +08:00
Bobby Rong 90354922c2
nixos/doc: adjust to the new structure of kernel packages 2021-09-07 16:13:15 +08:00
Michele Guerini Rocco a350fcd078
Merge pull request #134070 from malte-v/gnunet-public-tmpdir
nixos/gnunet: use public $TMPDIR
2021-09-07 09:30:15 +02:00
Vladimír Čunát 09f5763784
Merge branch 'master' into staging-next
Conflicts:
 - pkgs/development/python-modules/pathspec/default.nix
   The hashes are equivalent, so it's not a real conflict.
 - pkgs/top-level/static.nix
   I can't see a solution, deffered redoing this to the later PR:
   https://github.com/NixOS/nixpkgs/pull/136849
2021-09-07 08:43:26 +02:00
Jörg Thalheim 00f361a846
Merge pull request #129074 from bobby285271/pr11
nixos/doc: convert Chapter 57, 59, 60, 63 to CommonMark
2021-09-07 07:15:42 +01:00
Jörg Thalheim 4015c275ca
Merge pull request #129121 from bobby285271/pr13
nixos/doc: convert Chapter 7, 9, 10, 11, 12, 14, 15, 48 to CommonMark
2021-09-07 06:29:45 +01:00
Jörg Thalheim e622dd1c84
Merge pull request #129154 from bobby285271/pr15
nixos/doc: convert Chapter 1, 3, 4 to CommonMark
2021-09-07 06:29:19 +01:00
Jörg Thalheim c7d32059b1
Merge pull request #129136 from bobby285271/pr14
nixos/doc: convert "Chapter 58. Writing NixOS Modules" to CommonMark
2021-09-07 06:28:57 +01:00
Jörg Thalheim 929f0156cc
Merge pull request #128933 from bobby285271/pr5
nixos/doc: convert "8.1. LUKS-Encrypted File Systems" to CommonMark
2021-09-07 06:28:37 +01:00
Jörg Thalheim 48dc5e4ba6
Merge pull request #129003 from bobby285271/pr10
nixos/doc: convert "2.5. Additional installation notes" to CommonMark
2021-09-07 06:24:42 +01:00
Jörg Thalheim 0d789e992f
Merge pull request #128937 from bobby285271/pr8
nixos/doc: convert "Chapter 55. Container Management" to CommonMark
2021-09-07 06:24:21 +01:00
Jörg Thalheim 5de68de484
Merge pull request #128935 from bobby285271/pr7
nixos/doc: convert "Chapter 56. Troubleshooting" to CommonMark
2021-09-07 06:20:47 +01:00
Jörg Thalheim 2a55504a99
Merge pull request #128934 from bobby285271/pr6
nixos/doc: convert "6.2. Ad-Hoc Package Management" to CommonMark
2021-09-07 06:20:26 +01:00
Jörg Thalheim 96c98af211
Merge pull request #128892 from bobby285271/pr4
nixos/doc: convert "Chapter 13. Networking" to CommonMark
2021-09-07 06:20:04 +01:00
Jörg Thalheim c0735214e1
Merge pull request #129083 from bobby285271/pr12
nixos/doc: convert Chapter 49, 50, 51, 52, 53, 54 to CommonMark
2021-09-07 06:19:33 +01:00
midchildan 21a7695b8a mirakurun: build with yarn2nix 2021-09-07 12:22:59 +09:00
happysalada 9cbdd2655c elasticsearch: auto_import_dangling_indices in single-node mode 2021-09-07 12:18:16 +09:00
happysalada f4b40d572c elasticsearch: update configuration
- transport.tcp.port -> transport.port https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-7.1.html
- default to start a single-node cluster https://stackoverflow.com/questions/59350069/elasticsearch-start-up-error-the-default-discovery-settings-are-unsuitable-for
2021-09-07 12:18:16 +09:00
Jörg Thalheim 6e17c53b98
Merge pull request #128885 from bobby285271/pr3
nixos/doc: convert "Chapter 5. Configuration Syntax" to CommonMark
2021-09-07 03:56:34 +01:00
Jörg Thalheim b9ed8cbaff
Merge pull request #128878 from bobby285271/pr2
nixos/doc: convert "6.1. Declarative Package Management" to CommonMark
2021-09-07 03:55:22 +01:00
Jörg Thalheim c0e53b6857
Merge pull request #128760 from bobby285271/master
nixos/doc: convert "Chapter 45. Profiles" to CommonMark
2021-09-07 03:54:22 +01:00
github-actions[bot] 79667a59e7
Merge master into staging-next 2021-09-06 00:01:28 +00:00
Anders Kaseorg d8ef13fc13 modules/programs/command-not-found: Fix ShellCheck warnings
https://github.com/koalaman/shellcheck/wiki/SC2086
Double quote to prevent globbing and word splitting.

https://github.com/koalaman/shellcheck/wiki/SC2166
Prefer `[ p ] && [ q ]` as `[ p -a q ]` is not well defined.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2021-09-06 08:49:34 +09:00
Anders Kaseorg d44b6ae6cb modules/programs/bash: Fix ShellCheck warnings
https://github.com/koalaman/shellcheck/wiki/SC2086
Double quote to prevent globbing and word splitting.

https://github.com/koalaman/shellcheck/wiki/SC2166
Prefer `[ p ] && [ q ]` as `[ p -a q ]` is not well defined.

https://github.com/koalaman/shellcheck/wiki/SC2219
Instead of `let expr`, prefer `(( expr ))` .

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2021-09-06 08:49:34 +09:00
github-actions[bot] 6c9e0f15dc
Merge master into staging-next 2021-09-04 18:01:10 +00:00
Maximilian Bosch da537dbfb8
Merge pull request #136505 from bew/update-rofi-1.7.0
rofi: 1.6.1 -> 1.7.0
2021-09-04 18:24:45 +02:00
github-actions[bot] e3f1f8bba2
Merge master into staging-next 2021-09-04 00:01:34 +00:00
Robert Scott 8ae687b26b
Merge pull request #136334 from c0deaddict/master
release-notes: add nats service
2021-09-04 00:58:49 +01:00
Guillaume Girol 0f15a8f489 nixos/users-groups: don't default users.users.<name>.group to nogroup
this is unsafe, as many distinct services may be running as the same
nogroup group.
2021-09-03 21:22:07 +02:00
Timothy DeHerrera bb1058f1f0
Merge pull request #136534 from kevincox/synapse-server-name
nixos.matrix-synapse: Clarify documentation of server_name.
2021-09-03 13:07:27 -06:00
Alyssa Ross 071a7a4583
Merge remote-tracking branch 'nixpkgs/master' into staging-next 2021-09-03 18:23:45 +00:00
Janne Heß 3156730402
nixos/switch-to-configuration: Add dry activation scripts 2021-09-03 18:40:11 +02:00
Graham Christensen 3677d4bc22 kexec-tools: rename from kexectools to match the project name 2021-09-03 10:17:21 -04:00
Artturi 45b7c5b223
Merge pull request #136475 from Artturin/pipewirejackldpath
nixos/pipewire: use absolute path for jack libs
2021-09-03 16:36:39 +03:00
Jos van Bakel d68d6477c2
release-notes: add nats service 2021-09-03 13:57:04 +02:00
Kevin Cox 6f7fc1c693
nixos.matrix-synapse: Clarify documentation of server_name.
Matrix homeservers have two important domains. The user-visible server_name and the homeserver domain which serves most of the traffic but is really seen by users. The docs around this variable said "This is used by remote servers to connect to this server" which is very confusing because most of the remote server traffic actually goes the server domain, not the server_name domain. (The server_name domain is only used to fetch the .well-known file that points at the server domain).

I largely copied the wording from https://matrix-org.github.io/synapse/latest/usage/configuration/homeserver_sample_config.html as I found it much more clear.
2021-09-02 21:27:00 -04:00
github-actions[bot] 704a7a86ca
Merge master into staging-next 2021-09-03 00:01:42 +00:00
Benoit de Chezelles 2d9bf01310 rofi: 1.6.1 -> 1.7.0
And add myself as a maintainer
2021-09-02 23:15:45 +02:00
Bernardo Meurer 62f6985869
Merge pull request #135182 from lovesegfault/nixos-distcc
nixos/distccd: init
2021-09-02 20:41:28 +00:00
github-actions[bot] 0630061ef3
Merge master into staging-next 2021-09-02 18:01:20 +00:00
Artturin 756e60344f nixos/pipewire: use absolute path for jack libs 2021-09-02 17:17:15 +03:00
Matthias Treydte 9ce8df127d nixos/etc: make sure local "source" files are imported to the store
The treatment of the "source" parameter changed
with eb7120dc79, breaking stuff.

Before that commit, the source parameter was converted to a
string by implicit coercion, which would copy the file to the
store and yield an string containing the store path. Now, by
the virtue of escapeShellArg, toString is called explicitly on
that path, which will yield an string containing the absolute
path of the file.

This commit restores the old behavior.
2021-09-02 15:50:44 +02:00
legendofmiracles 5258463721
nixos/weylus: init 2021-09-02 06:33:23 -06:00
github-actions[bot] 3cc5df2052
Merge master into staging-next 2021-09-02 12:01:09 +00:00
misuzu df972a3dde nixos/sanoid: allow zfs value for recursive 2021-09-02 14:56:23 +03:00
Michele Guerini Rocco 052009bf2b
Merge pull request #135315 from johnjameswhitman/johnjameswhitman/fix-wlan-sub-interfaces
nixos/tasks/network-interfaces: Assign mac to new wlan interface instead of underlying one
2021-09-02 09:37:04 +02:00
github-actions[bot] ba543de038
Merge master into staging-next 2021-09-02 06:01:01 +00:00
Aaron Andersen abfdb24af0
Merge pull request #125687 from malte-v/soju-module-new
nixos/soju: add module
2021-09-01 22:09:44 -04:00
happysalada 4ddc5c6b2a elasticsearch: remove logic for version less than 6 2021-09-02 10:57:02 +09:00
happysalada d58fa9e445 elasticsearch: fix jvm gc log path 2021-09-02 10:57:02 +09:00
happysalada e13906fff0 elasticsearch: nixpkgs-fmt 2021-09-02 10:57:02 +09:00
John Whitman 8d3527aa88 nixos/network-interfaces: Fix wlan interface mac 2021-09-01 21:46:26 -04:00
Raphael Megzari acf0098bb0
Merge branch 'master' into staging-next 2021-09-02 10:20:23 +09:00
Jan Tojnar 07978cddab
Merge pull request #136071 from jtojnar/gnome-qpa
nixos/gnome: enable platform integration for Qt
2021-09-02 03:06:55 +02:00
github-actions[bot] ce1d6621cd
Merge master into staging-next 2021-09-02 00:01:38 +00:00
Aaron Andersen 186df90343
Merge pull request #135108 from p3psi-boo/master
clfswm: support custom package
2021-09-01 15:45:18 -04:00
github-actions[bot] 6db5c6fc7b
Merge master into staging-next 2021-09-01 18:01:09 +00:00
Bernardo Meurer ed4771d6e2
Merge pull request #136379 from cpcloud/fix-broken-nvidia
nixos/nvidia: fix missing variable reference
2021-09-01 16:43:09 +00:00
Jan Tojnar 1c49627ba7
Merge pull request #135819 from Kranzes/pipewire-update
pipewire: 0.3.33 -> 0.3.34
2021-09-01 16:52:08 +02:00
p3psi 9e507a9314 clfswm: support custom package
Fix example

Remove example
2021-09-01 21:27:37 +08:00
Phillip Cloud 6aaccdcbc8
nixos/nvidia: remove extra space 2021-09-01 08:57:33 -04:00
Phillip Cloud db0560c0f2
nixos/nvidia: fix missing variable reference 2021-09-01 08:54:32 -04:00
github-actions[bot] b2f58ca11e
Merge master into staging-next 2021-09-01 12:01:15 +00:00
Alyssa Ross c13cf1e76f
Merge remote-tracking branch 'nixpkgs/master' into staging-next 2021-09-01 07:47:01 +00:00
Nick Cao 83b48cc589
caddy: build with default go and fix tests 2021-09-01 15:15:50 +08:00
Maximilian Bosch 9a52aeacc1
Merge pull request #135958 from Ma27/nextcloud-upgrade-not-found
nixos/nextcloud: add some notes for `Error: Command "upgrade" is not defined.`
2021-08-31 20:49:49 +02:00
Bernardo Meurer 5abb70031c
Merge pull request #136247 from lovesegfault/nvidia-fixes 2021-08-31 17:57:18 +00:00
Maximilian Bosch 767bb4e4bb
nixos/nextcloud: apply doc fixes suggested by fabaff
Co-authored-by: Fabian Affolter <mail@fabian-affolter.ch>
2021-08-31 17:57:40 +02:00
Kevin Cox 3106d032f7
Merge pull request #136261 from happysalada/ipfs_auto_migrations
Ipfs auto migrations
2021-08-31 09:33:20 -04:00
happysalada 8bce3034fd ipfs: add autoMigrate option 2021-08-31 22:22:36 +09:00
Eric Bailey c87483cb55
kops: 1.21.0 -> 1.21.1 (#136057) 2021-08-31 11:55:30 +02:00
Robin Stumm 1dd3bd8728 nixos/syncthing: fix declarative init crash on HTTPS
A previous config may be present that has HTTPS for the REST API enabled.
2021-08-31 11:27:51 +02:00
Bernardo Meurer 9e7af8a13c
nixos/roon-bridge: fix openFirewall 2021-08-31 01:21:07 -07:00
Bernardo Meurer edddb705e8
nixos/roon-server: fix openFirewall 2021-08-31 01:20:07 -07:00
happysalada 4502d6386e ipfs: nixpkgs-fmt 2021-08-31 12:55:31 +09:00
happysalada 977ac07fed ipfs: increase UDP buffer size 2021-08-31 09:50:59 +09:00
happysalada 54dbdcbcbb ipfs: nixpkgs-fmt 2021-08-31 09:50:59 +09:00
Bernardo Meurer 7b2709f6a4
nixos/nvidia: let user choose whether to install nvidia-settings 2021-08-30 17:06:07 -07:00
github-actions[bot] fb70b9330c
Merge master into staging-next 2021-08-30 18:01:01 +00:00
Robin Stumm ead3028db0 nixos/syncthing: fix escapes interpreted in config
Dash `echo` interprets backslash escapes. This causes two consecutive backslashes in JSON to turn into a single one before the string is passed to jq, resulting in a parsing error.
2021-08-30 17:34:34 +02:00
Malte Voos 9d822d2047 nixos/soju: add 21.11 release notes entry 2021-08-30 16:28:07 +02:00
Malte Voos f4f2057a76 nixos/soju: add module 2021-08-30 16:28:06 +02:00
Martin Weinelt e2575c7de1
Merge branch 'master' into staging-next 2021-08-30 16:08:03 +02:00
happysalada d874a52015 epmd: provide default 2021-08-30 22:26:57 +09:00
Kevin Cox 8c52265df5
Merge pull request #136128 from max-privatevoid/patch-3
nixos/ipfs: run profile applications offline
2021-08-30 07:25:28 -04:00
happysalada 8a56ac5db3 epmd: add ipv6 assertion 2021-08-30 19:51:00 +09:00
happysalada f091420c1d rabbitmq: add option to enable management plugin 2021-08-30 18:43:09 +09:00
happysalada 36cf478468 rabbitmq: nixpkgs-fmt 2021-08-30 18:43:09 +09:00
Max 8f36abb528
nixos/ipfs: run profile applications offline 2021-08-30 01:00:44 +02:00
Aaron Andersen 515ad99467
Merge pull request #132722 from aanderse/nixos/nzbget
nixos/nzbget: add settings option
2021-08-29 12:25:37 -04:00
Guillaume Girol c988c752bb
Merge pull request #133133 from symphorien/tt-rss-read-only
nixos/tt-rss: make all php files read only
2021-08-29 11:33:25 +00:00
Jakub Sokołowski 972a365488
syncthing: add extraFlags option that adjust service
This is useful for situations in which you might want to reset certain
things using `--reset-database` or `--reset-deltas` or debug certain
things using any of the debug options like `--debug-perf-stats`.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-29 12:26:06 +02:00
Jakub Sokołowski b991f1e448
syncthing: add autoAcceptFolders to devices config
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-29 12:22:44 +02:00
Bernardo Meurer 58a40e05b2
nixos/distccd: init
Closes: #42604
2021-08-29 02:58:03 -07:00
rnhmjoj 9e8fcb0184
nixos/fonts: fixup dd38ae1f 2021-08-29 11:03:13 +02:00
Jan Tojnar 47afdc4627 nixos/gnome: enable platform integration for Qt
Qt links against GTK to be able to use native GTK file chooser
in GTK-oriented DEs. However, GTK expects a specific environment,
which means the application needs to be wrapped to prevent crashes
when file chooser is opened in some environments.

This patch bypasses the need for wrapping Qt applications with GTK-related
environment since the file chooser dialogue will now come from a separate
process (instantiated by the XDG desktop portal via D-Bus).

In the future, we could remove the GTK dependency from Qt to fix the crashes
on non-{GNOME,Pantheon} environments. Then, users would be able to choose
between non-native Qt dialogue or native one facilitated by XDG portals
(e.g. through setting `QT_QPA_PLATFORMTHEME` to either `qgnomeplatform`,
or `xdgdesktopportal`).

One disadvantage is adding a Qt dependency to GNOME, even for people
who might not use any Qt apps. But they can easily just add `qt5.enable = false;`
to their NixOS configuration.

The configuration is also presumably less battle tested than plain Qt
with its first-party GTK integration. But it is backed by Fedora
and used by Manjaro GNOME so it cannot be that bad.

Lastly, I worry about ABI compatibility of the platform modules
with apps installed from different Nixpkgs revision.
2021-08-29 04:23:34 +02:00
Maximilian Bosch 8678ac57d7
Merge pull request #135891 from Ma27/mautrix-telegram-perm-startup
nixos/mautrix-telegram: loosen umask to keep `config.json` writable
2021-08-29 00:06:06 +02:00
Maximilian Bosch 6f8cfa08fe
Merge pull request #135946 from Ma27/nextcloud-tableprefix
nixos/nextcloud: remove invalid `--database-table-prefix` option
2021-08-29 00:00:25 +02:00
B. Kelly 7221585f89 nixos/deliantra-server: add settings module for Deliantra MMORPG server 2021-08-28 16:25:11 -04:00
B. Kelly 978e73e5f4 nixos/crossfire-server: add settings module for Crossfire MMORPG server 2021-08-28 16:23:30 -04:00
Philippe Hürlimann 4fecb8b2d0
nixos/airsonic: make path to war file and jre configurable (#135709)
* nixos/airsonic: make path to war file and jre configurable

* Apply suggestions from code review

Co-authored-by: Sumner Evans <me@sumnerevans.com>

Co-authored-by: Sumner Evans <me@sumnerevans.com>
2021-08-28 14:26:03 -04:00
github-actions[bot] dbad333a72
Merge master into staging-next 2021-08-28 12:01:06 +00:00
Andreas Rammhold 137147c826
Merge pull request #135442 from em0lar/paperless-ng-fix-web-file-upload
nixos/paperless-ng: fix web file upload
2021-08-28 12:50:34 +02:00
Leo Maroni 2148272432
nixos/paperless-ng: fix web file upload 2021-08-28 12:22:52 +02:00
github-actions[bot] b7f2a7d1ba
Merge master into staging-next 2021-08-28 00:01:34 +00:00
Sandro a5237b5614
Merge pull request #135956 from Ma27/ma27-unmaintain
treewide: remove ma27 from the maintainer-list of a few packages
2021-08-28 01:46:03 +02:00
Florian Klink f499d864bf
Merge pull request #135811 from talyz/gitlab-14.2.1
gitlab: 14.1.2 -> 14.2.1
2021-08-28 00:20:28 +02:00
Maximilian Bosch 561418f996
nixos/nextcloud: add some notes for Error: Command "upgrade" is not defined.
This error occurs if `nextcloud-occ maintenance:install` fails and the
`upgrade` command is attempted to be executed afterwards.

Due to the nature of the installer we can't do much about it, so I guess
it makes sense to add some notes about it. The other notes in the
`Pitfalls`-section are semantically a list of different topics, so I
changed that accordingly now.

Closes #111175
2021-08-27 22:36:45 +02:00
Maximilian Bosch 3da886bf41
treewide: remove ma27 from the maintainer-list of a few packages
These are all packages that I stopped using and hence just create noise
in my inbox for each change affecting them and let's face it, while I
still enjoy contributing to nixpkgs, it doesn't really make sense to be
listed there if I can't do much anyways.

Each of these packages can be taken over by someone or removed if
people think that's reasonable.

Of course, if other maintainers face issues, I can answer some questions
if needed & possible.
2021-08-27 22:28:49 +02:00
Maximilian Bosch eaeb4fe04e
nixos/nextcloud: remove invalid --database-table-prefix option
This doesn't work anymore and thus breaks the installation leaving a
broken `/var/lib/nextcloud`.

It isn't a big deal since we set this value in the override config
before, so the correct table-prefix is still used. In order to confirm
that, I decided to add a custom prefix to the basic test.
2021-08-27 20:21:25 +02:00
talyz 3dd17ae22f
gitlab: Enable puma's systemd notify support 2021-08-27 17:38:40 +02:00
Maximilian Bosch bae65a3c06
nixos/mautrix-telegram: loosen umask to keep config.json writable
This is needed because `mautrix-telegram --generate-registration`
appears to need write-access to `config.json` as well.

Closes #135884
2021-08-27 11:41:30 +02:00
github-actions[bot] 8fb1ff7c31
Merge master into staging-next 2021-08-26 18:01:02 +00:00
Martin Weinelt 7e1cdd2548
Merge pull request #133504 from Luis-Hebendanz/fix_firefox2
firefox: Added checks for new addon behaviour since v91
2021-08-26 19:51:08 +02:00
Ilan Joselevich 70de7b5b45 pipewire: 0.3.33 -> 0.3.34 2021-08-26 20:33:18 +03:00
davidak 55f48acce6
Merge pull request #125901 from anubhavkini/update-todoman
todoman: 3.9.0 -> 4.0.0
2021-08-26 19:25:52 +02:00
talyz 99387372d5
gitlab: 14.1.2 -> 14.2.1 2021-08-26 19:01:22 +02:00
Sandro 1fc2520df1
Merge pull request #135524 from d-xo/erigon-2021-08-04
Erigon 2021-08-04
2021-08-26 15:44:29 +02:00
github-actions[bot] b13b005f0e
Merge master into staging-next 2021-08-26 12:01:09 +00:00
Lassulus 612a8fa189
Merge pull request #135608 from hyperfekt/loopback_copytoram
stage-1: fix copytoram option for loopback.cfg boot
2021-08-26 09:53:05 +02:00
Anubhav Kini ebe32d542f todoman: 3.9.0 -> 4.0.0 2021-08-26 12:32:50 +05:30
Zhaofeng Li b6ad701a2c nixos/promtail: Allow write access to positions file if not in CacheDirectory
Because of `ProtectSystem=strict`, Promtail cannot write to the positions
file if it's not in its `CacheDirectory` (the default value).
2021-08-25 22:54:39 -07:00
Dmitry Kalinkin 262fd63a72
Merge branch 'master' into staging-next
Conflicts:
	pkgs/tools/networking/inetutils/default.nix
2021-08-26 00:57:08 -04:00
davidak a023b22d6b
Merge pull request #105786 from teto/fstab
filesystems: add syntax to /etc/fstab header
2021-08-26 05:53:25 +02:00
davidak 10d21c60e7
Merge pull request #131695 from tomfitzhenry/calls
programs/calls: init
2021-08-26 04:44:01 +02:00
github-actions[bot] 1bf55a993f
Merge master into staging-next 2021-08-26 00:01:37 +00:00
Leo Maroni 2163af5167 nixos/grafana: start systemd service after database 2021-08-26 07:06:59 +09:00
Michele Guerini Rocco 296da7b2f8
Merge pull request #133303 from rnhmjoj/cursor
nixos/hidpi: scale X11 core cursor
2021-08-25 21:07:47 +02:00
Silvan Mosberger 1ad73dadd2
Merge pull request #132836 from Infinisil/populate-members
nixos/users: Populate group members option
2021-08-25 20:17:09 +02:00
Vladimír Čunát 70e05c1003
Merge branch 'master' into staging-next 2021-08-25 19:42:15 +02:00
Graham Christensen 9ea7f443ec
Merge pull request #106574 from grahamc/amazon-image-zfs
nixos/amazonImageZfs: init
2021-08-25 12:08:33 -04:00
Martin Weinelt a90373118d
Merge pull request #135492 from mweinelt/octoprint
nixos/octoprint: allow access to serial devices
2021-08-25 18:07:12 +02:00
Graham Christensen 71b3d18181 amazon images: extend the image-info.json to have a disks object
Having a disks object with a dictionary of all the disks and their
properties makes it easier to process multi-disk images.

Note the rename of `label` to `system_label` is because `$label`i
is something of a special token to jq.
2021-08-25 10:42:35 -04:00
Graham Christensen bd38b059ea NixOS/amazonImageZfs: init
Introduce an AWS EC2 AMI which supports aarch64 and x86_64 with a ZFS
root.

This uses `make-zfs-image` which implies two EBS volumes are needed
inside EC2, one for boot, one for root. It should not matter which
is identified `xvda` and which is `xvdb`, though I have always
uploaded `boot` as `xvda`.
2021-08-25 10:42:35 -04:00
Graham Christensen 076f6e2d94 nixos/make-zfs-image: init
This is a private interface for internal NixOS  use. It is similar
to `make-disk-image` except it is much more opinionated about what
kind of disk image it'll make.

Specifically, it will always create *two* disks:

1. a `boot` disk formatted with FAT in a hybrid GPT mode.
2. a `root` disk which is completely owned by a single zpool.

The partitioning and FAT decisions should make the resulting images
bootable under EFI or BIOS, with systemd-boot or grub.

The root disk's zpools options are highly customizable, including
fully customizable datasets and their options.

Because the boot disk and partition are highly opinionated, it is
expected that the `boot` disk will be mounted at `/boot`. It is
always labeled ESP even on BIOS boot systems.

In order for the datasets to be mounted properly, the `datasets`
passed in to `make-zfs-image` are turned in to NixOS configuration
stored at /etc/nixos/configuration.nix inside the VM.
NOTE: The function accepts a system configuration in the `config`
argument. The *caller* must manually configure the system
in `config` to have each specified `dataset` be represented
by a corresponding `fileSystems` entry.

One way to test the resulting images is with qemu:

```sh
boot=$(find ./result/ -name '*.boot.*');
root=$(find ./result/ -name '*.root.*');

echo '`Ctrl-a h` to get help on the monitor';
echo '`Ctrl-a x` to exit';

qemu-kvm \
    -nographic \
    -cpu max \
    -m 16G \
    -drive file=$boot,snapshot=on,index=0,media=disk \
    -drive file=$root,snapshot=on,index=1,media=disk \
    -boot c \
    -net user \
    -net nic \
    -msg timestamp=on
```
2021-08-25 10:42:35 -04:00
lucasew 83514ae7a9 lib.formats.yaml: use well known YAML format
The way `(lib.formats.yaml {}).generate` generates YAML is compliant
because on YAML 1.2 spec JSON is a subset of YAML but it bugs people's
minds and can lead to problems with software that is not compatible with
YAML 1.2.

This commit also changes the test of the generation function. Data
validation/typing remains the same.

See #133802.

Signed-off-by: lucasew <lucas59356@gmail.com>
2021-08-25 14:02:59 +02:00
Sandro 49b5beea43
Merge pull request #128624 from vs49688/exfat 2021-08-25 12:24:39 +02:00
Pierre Bourdon 6b70d3e911
nixos/tor: allow AF_NETLINK address family
Tor attempts to detect what external IP address a machine is using by
listing addresses on all network interfaces on the system. This listing
is done using getifaddrs(3), which relies on netlink in order to get
IPv6 address information.

This change fixes Tor not finding the relay's IPv6 address unless
explicitly configured via either an ORPort directive or via DNS
resolution of the machine hostname.
2021-08-25 06:03:41 +02:00
hyperfekt d5b9aefa43 stage-1: fix copytoram option for loopback.cfg boot
Uses an alternative method to find the size of the ISO when it is a file and
not a block device for creating the tmpfs its contents are copied to.
2021-08-25 01:35:31 +00:00
Martin Weinelt dd46a5e731
Merge pull request #135540 from mweinelt/hass-deconz
home-assistant: allow serial access when using deconz
2021-08-25 02:05:20 +02:00
Maximilian Bosch 749caaef5b
nixos/postfixadmin: fix eval & pin to PHP 7.4
Even though some PHP8 compat fixes seem to be in the release that's
packaged here, it seems as if there are still some minor issues[1].

[1] https://github.com/postfixadmin/postfixadmin/issues/395
2021-08-24 23:50:31 +02:00
Robin Gloster 13a5d7dc23
release-notes: add postfixadmin module addition 2021-08-24 23:50:27 +02:00
Robin Gloster 8a0b6a42ee
postfixadmin: fix db owner 2021-08-24 23:46:07 +02:00
Robin Gloster 862dd4ef58
postfixadmin: review additions
Co-authored-by: Linus Heckemann <git@sphalerite.org>
2021-08-24 23:46:06 +02:00
Robin Gloster 0eafc74d50
postfixadmin: init at 3.3.9 2021-08-24 23:46:06 +02:00
Silvan Mosberger 249710d95c
Merge pull request #135568 from DeterminateSystems/zfs-expand-on-boot
ZFS: expand on boot
2021-08-24 21:58:48 +02:00
Your Name 4bb4bcc30c services.zfs.expandOnBoot: support expanding pools on boot
Either enumerating a list of pools to expand or expanding
all pools on boot.
2021-08-24 15:01:08 -04:00
Ryan Mulligan e02fbd0065
Merge pull request #133438 from figsoda/sx-module
nixos/sx: init
2021-08-24 09:33:07 -07:00
David Terry f1dea7ed30
erigon: 2021.08.03 -> 2021.08.04 2021-08-24 12:22:33 +02:00
Martin Weinelt 3c8a09364d
home-assistant: allow serial access when using deconz 2021-08-24 12:09:12 +02:00
Andreas Fuchs 15d14ad150
github-runner: Allow configuring the package to use (#134661)
This addresses #120263 in part, by allowing users to override the
github-runner derivation that is bound to turn non-functional via the
self-update mechanism. (And it'll allow using a buildFHSUserEnv-based
derivation, if someone ends up building that!)
2021-08-24 11:23:39 +02:00
Martin Weinelt f8df760668
nixos/octoprint: allow access to serial devices
Printers are usually connected over USB to serial interfaces that are
mounted as tty character devices owned by the dialout group. Add our
octoprint service to this group at runtime to allow access to these
printers.
2021-08-24 03:00:39 +02:00
Martin Weinelt 699b4f6fee
Merge pull request #135472 from em0lar/paperless-ng/postgresql
nixos/paperless-ng: allow using postgresql via a unix socket
2021-08-23 23:28:33 +02:00
Maximilian Bosch 23e1e165cd
Merge pull request #135094 from mguentner/matrix-synapse-modern-twisted
matrix-synapse: add e-mail delivery regression test
2021-08-23 23:19:10 +02:00
Leo Maroni fa80ed695b
nixos/paperless-ng: allow using postgresql via a unix socket 2021-08-23 22:44:36 +02:00
Kevin Cox c3df8057da
Merge pull request #121518 from Atemu/automatic-kernelTests
kernel/generic: add kernelTests automatically
2021-08-23 18:23:32 +00:00
Atemu a3f6ff6d48 nixosTests.kernel-generic: add myself as maintainer 2021-08-23 19:57:49 +02:00
Atemu 457653d99c nixosTests.kernel-generic: expose test-making functions
Changed the name to be clearer, 'makeKernelTest' could imply that it wants a
kernel pkg as its arg while it actually needs a set of linuxPackages.
2021-08-23 19:57:49 +02:00
Atemu 2b52f2b762 nixosTests.kernel-generic: simplify 2021-08-23 19:57:46 +02:00
Zane van Iperen 57b933a911
nixos/doc: add note about switching to exfatprogs 2021-08-24 03:33:45 +10:00
Zane van Iperen a049d84229
nixos/filesystems/exfat: use "exfatprogs" instead of "exfat" if kernel > 5.7
5.7+ comes with a native exfat implementation, exfatprogs should be used instead.

The exfat package puts a "mount.exfat" binary in the path, which causes
mount to prefer the FUSE version to the non-fuse one. There's no way to
disable the binary, so switch to exfatprogs.
2021-08-24 03:31:41 +10:00
Malte Voos 59d7d726f1 nixos/gnunet: improve service configuration
Co-authored-by: Michele Guerini Rocco <rnhmjoj@users.noreply.github.com>
Co-authored-by: Aaron Andersen <aaron@fosslib.net>
2021-08-23 14:22:56 +02:00
Jan Tojnar 4ff3577f25 Merge branch 'staging-next' into staging 2021-08-23 14:19:54 +02:00
Sandro 2981a49d31
Merge pull request #135117 from rski/awesomewm 2021-08-23 12:45:49 +02:00
Zhaofeng Li 59af7f0a2b apparmor: Fix cups-client typo 2021-08-23 00:50:15 -07:00
Luis-Hebendanz d031843a1e firefox: Added checks for new addon behaviour since v91 2021-08-22 22:17:44 +02:00
Jörg Thalheim b7802cf399
Merge pull request #132087 from scvalex/improve-kubernetes-tests
kubernetes: fix flaky test and run tests as group
2021-08-22 19:25:50 +01:00
figsoda 7239ddf173 nixos/sx: init 2021-08-22 13:44:29 -04:00
Florian Klink 002cf7d42d
Merge pull request #132347 from anpandey/captive-browser-fix
captive-browser: fix empty string in interface args
2021-08-22 19:40:23 +02:00
ajs124 0e19ea6cd1
Merge pull request #134940 from dminuoso/dovecot-switch-service-to-notify
nixos/dovecot: Switch systemd service type to notify
2021-08-22 19:15:10 +02:00
Victor Nawothnig 60c8c64595 nixos/dovecot: Switch systemd service type to notify 2021-08-22 18:44:58 +02:00
Jörg Thalheim a076ce1ed3
Merge pull request #135150 from dminuoso/rspamd-avoid-empty-postfix-service
nixos/rspamd: Avoid empty postfix service
2021-08-22 16:06:39 +01:00
Maximilian Güntner 076074a8b4
nixos/tests/matrix-synapse: add email regression test case
twisted is used in matrix-synapse for smtp handling.
Mostly this is used for password resets, but also notifications
are delivered that way.

older versions of twisted require the e-mail server to
have TLS1.0 enabled.

Obviously, quite a lot of servers have this disabled which means
synapse won't be able to deliver mails using such servers.

matrix-synapse issue:

https://github.com/matrix-org/synapse/issues/6211
2021-08-22 16:47:25 +02:00
lewo 79e5ee0c76
Merge pull request #135089 from nlewo/kdb-update
nixos/tests/kbd-update-search-paths: explicitly import re
2021-08-22 16:04:35 +02:00
github-actions[bot] 42f8c46335
Merge staging-next into staging 2021-08-22 12:01:56 +00:00
Daniel Șerbănescu 792e517070 nixos/httpd: add none option to logFormat 2021-08-22 10:17:28 +02:00
Victor Nawothnig 942d78d9cd nixos/rspamd: Avoid empty postfix service 2021-08-22 03:18:55 +02:00
github-actions[bot] f6ad0961da
Merge staging-next into staging 2021-08-22 00:02:05 +00:00
Graham Christensen 1c145df9ae
Merge pull request #134981 from DeterminateSystems/aws-ami
AWS AMI: Make the serial console access useful.
2021-08-21 19:21:30 -04:00
Jan Tojnar 7a04c2ad68 Merge branch 'staging-next' into staging
- boost 171 removed on staging-next
- re-generated node-packages.nix

; Conflicts:
;	pkgs/development/java-modules/m2install.nix
;	pkgs/development/node-packages/node-packages.nix
;	pkgs/top-level/all-packages.nix
2021-08-22 01:13:41 +02:00
Van Tuan Vo c8e3441961
nixos/fluidd: init fluidd service at 1.16.2 2021-08-21 23:32:52 +02:00
Romanos Skiadas a41302fea6 nixos: Improve awesome wm example
use a useful example instead of a package that doesn't seem to exist
2021-08-22 00:17:50 +03:00
Sandro 2ad547e9c8
Merge pull request #133635 from fgaz/staticjinja/4.1.0 2021-08-21 21:19:10 +02:00
Antoine Eiche 07f85e36e9 nixos/tests/kbd-update-search-paths: explicitly import re 2021-08-21 18:56:03 +02:00
Jonathan Ringer 25dcd0b3c0 nixos/manual: mention qtile bump 2021-08-21 08:10:30 -07:00
Jonathan Ringer 4867ebd8c5 nixos/qtile: update start command 2021-08-21 08:10:30 -07:00
Francesco Gazzetta ea4697e414 staticjinja: 3.0.1 -> 4.1.0 2021-08-21 13:35:12 +02:00
Robert Hensing a1cdf552dc
Merge pull request #134008 from aanderse/httpd
nixos/httpd: add virtualHosts.<name>.listenAddresses option
2021-08-21 09:30:35 +02:00
Vladimír Čunát 96193ea998
nixos/hardware.firmware: fix evaluation after PR #122463
NixOS jobsets on Hydra were failing evaluation because of this.
The alias has no other occurrence in NixPkgs.
2021-08-21 09:20:16 +02:00
Luke Granger-Brown eab1226578
Merge pull request #134782 from dminuoso/dovecot-allow-any-protocol
nixos/dovecot: Allow any or no protocol
2021-08-21 03:39:15 +01:00