1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-22 05:31:22 +00:00
Commit graph

13410 commits

Author SHA1 Message Date
Aaron Andersen 6f0c1cdbd9 nixos/duosec: rename ikey option to integrationKey 2020-03-22 20:25:11 -04:00
Aaron Andersen b9dca769f1 nixos/duosec: replace insecure skey option with secure secretKeyFile option 2020-03-22 20:23:55 -04:00
Aaron Andersen 4f9cea70bd nixos/duosec: fix indentation 2020-03-21 10:34:12 -04:00
volth 4d57e56b71
$toplevel/system: use kernel's architecture
`$toplevel/system` of a system closure with `x86_64` kernel and `i686` userland should contain "x86_64-linux".

If `$toplevel/system` contains "i686-linux", the closure will be run using `qemu-system-i386`, which is able to run `x86_64` kernel on most Intel CPU, but fails on AMD.

So this fix is for a rare case of `x86_64` kernel + `i686` userland + AMD CPU
2020-03-20 16:55:44 +00:00
Eelco Dolstra a0a61c3e34 nixos-option: Disable on Nix >= 2.4 because it doesn't compile
This is needed when using the overlay from the Nix flake.
2020-03-20 14:52:22 +01:00
Jesper Geertsen Jonsson 02c2c864d1 resilio: fix a list being assigned to the option config.users.groups 2020-03-19 11:25:56 -05:00
Florian Klink 4e53f84c79 nixos/zerotierone: switch from manually generating the .link file to use the module
Previously, systemd.network.links was only respected with networkd
enabled, but it's really udev taking care of links, no matter if
networkd is enabled or not.

With our module fixed, there's no need to manually manage the text file
anymore.

This was originally applied in 3d1079a20d,
but was reverted due to 1115959a8d causing
evaluation errors on hydra.
2020-03-19 14:16:26 +01:00
Florian Klink 355c58e485 nixos/networkd: respect systemd.network.links also with disabled systemd-networkd
This mirrors the behaviour of systemd - It's udev that parses `.link`
files, not `systemd-networkd`.

This was originally applied in 36ef112a47,
but was reverted due to 1115959a8d causing
evaluation errors on hydra.
2020-03-19 14:15:32 +01:00
Martin Baillie 6e055c9f4a tailscale: init at 0.96-33
Signed-off-by: Martin Baillie <martin@baillie.email>
2020-03-18 05:07:47 +00:00
Niklas Hambüchen 9d45737ae7
Merge pull request #82767 from thefloweringash/rpfilter-assertion-types
nixos/firewall: fix types in reverse path assertion
2020-03-18 04:11:01 +01:00
Andrew Childs e110f5ecc1 nixos/firewall: fix types in reverse path assertion
Broken by 0f973e273c in #73533

The type of the checkReversePath option allows "strict" and "loose" as
well as boolean values.
2020-03-18 10:54:55 +09:00
goibhniu 5241e5a193
Merge pull request #79851 from mmilata/supybot-enhancements
nixos/supybot: switch to python3, enable systemd sandboxing, add option for installing plugins
2020-03-17 19:07:41 +00:00
Léo Gaspard a0307bad46
Merge pull request #79120 from symphorien/iodine
Iodine: ipv6 support, updates, hardening, nixos test....
2020-03-16 23:42:12 +01:00
Danylo Hlynskyi fab05f17d1
Merge pull request #80114 from rnhmjoj/initrd
nixos/boot: add option to disable initrd
2020-03-16 20:04:24 +02:00
Maximilian Bosch a2e06fc342
Merge pull request #80447 from Ma27/bump-matrix-synapse
matrix-synapse: 1.9.1 -> 1.11.1
2020-03-16 10:55:38 +01:00
Maximilian Bosch 849e16888f
nixos/doc/matrix-synapse: refactor
* Linkify all service options used in the code-examples.
* Demonstrated the use of `riot-web.override {}`.
* Moved the example how to configure a postgresql-database for
  `matrix-synapse` to this document from the 20.03 release-notes.
2020-03-16 10:39:42 +01:00
Pierre Bourdon b8ef2285b5 nixos/stubby: set Type=notify on the systemd service
Fixes some dependency ordering problems at boot time with services that
require DNS. Without Type=notify these services might be started before
stubby was ready to accept DNS requests.
2020-03-16 10:10:45 +05:30
Maximilian Bosch 8be61f7a36
matrix-synapse: 1.9.1 -> 1.11.1
https://github.com/matrix-org/synapse/releases/tag/v1.10.0
https://github.com/matrix-org/synapse/releases/tag/v1.10.1
https://github.com/matrix-org/synapse/releases/tag/v1.11.0
https://github.com/matrix-org/synapse/releases/tag/v1.11.1
2020-03-15 17:09:51 +01:00
Silvan Mosberger 7c3f3e9c51
Merge pull request #72029 from lschuermann/tpm2-module
nixos/tpm2: init
2020-03-15 15:47:06 +01:00
Silvan Mosberger 779b7ff3d8
Merge pull request #80931 from LEXUGE/master
smartdns: init at 30
2020-03-15 15:36:05 +01:00
Leon Schuermann 156b879c2e nixos/tpm2: init
This commit adds udev rules, the userspace resource manager and
PKCS#11 module support.
2020-03-15 12:16:32 +01:00
adisbladis c00777042f
Merge pull request #82620 from aanderse/ssh-silent
nixos/ssh: silence ssh-keygen during configuration validation
2020-03-15 01:21:38 +00:00
Harry Ying 629d3bab18
nixos/smartdns: init first generation config 2020-03-15 08:53:20 +08:00
Aaron Andersen f383fa344e nixos/sshd: only include AuthorizedKeysCommand and AuthorizedKeysCommandUser options if explicitly set 2020-03-14 19:50:11 -04:00
Aaron Andersen f5951f520c nixos/ssh: silence ssh-keygen during configuration validation 2020-03-14 19:37:30 -04:00
Florian Klink 74f451b851
Merge pull request #82413 from aanderse/authorized-keys-command
nixos/sshd: add authorizedKeysCommand and authorizedKeysCommandUser options
2020-03-14 23:58:47 +01:00
zimbatm 001be890f7 folding@home: 6.02 -> 7.5.1
The v7 series is very different.

This commit introduces the 3 packages: fahclient, fahcontrol and
fahviewer. It also rebuilds the NixOS module to map better with the new
client.
2020-03-14 13:01:26 -07:00
Jörg Thalheim 4a8a014be4
Merge pull request #82468 from Mic92/kvmgt
nixos/kvmgt: udev rules + fix module initialisation
2020-03-14 07:17:28 +00:00
Andrew Childs 01f03f30db nixos/prometheus: add checkConfig
Workaround for https://github.com/prometheus/prometheus/issues/5222
2020-03-14 04:40:55 +00:00
Andrew Childs 2c121f4215 nixos/firewall: fix inverted assertion for reverse path filtering
Previously the assertion passed if the kernel had support OR the
filter was *enabled*. In the case of a kernel without support, the
`checkReversePath` option defaulted to false, and then failed the
assertion.
2020-03-14 04:32:07 +00:00
Joachim Fasting 1b575dbd79 nixos/firejail: use local runCommand
Also:

- use `runtimeShell`; and
- remove unused `makeWrapper` input; and
- `exec()` to shed wrapping shell
2020-03-14 03:09:48 +00:00
Mario Rodas ee599f376c
Merge pull request #71329 from tilpner/cadvisor-no-docker
nixos/cadvisor: don't enable docker
2020-03-13 20:35:46 -05:00
Vladimír Čunát 0729b8c55e
Revert Merge #82310: nixos/systemd: apply .link
...even when networkd is disabled

This reverts commit ce78f3ac70, reversing
changes made to dc34da0755.

I'm sorry; Hydra has been unable to evaluate, always returning
> error: unexpected EOF reading a line
and I've been unable to reproduce the problem locally.  Bisecting
pointed to this merge, but I still can't see what exactly was wrong.
2020-03-13 22:05:33 +01:00
Michele Guerini Rocco 7b15d6cee4
Merge pull request #81241 from thefloweringash/nesting-system
nixos/activation: propagate system to nested configurations
2020-03-13 09:58:10 +01:00
Jörg Thalheim 505d241ee3
nixos/kvmgt: add udev rules for unprivileged access 2020-03-13 07:04:26 +00:00
Jörg Thalheim 85aae79ca1
nixos/kvmgt: fix driver option
extraModprobeConfig could be applied too late i.e. if the driver has been
loaded in initrd, while the harddrive is still encrypted.
Using a kernelParams works in all cases however.
2020-03-13 07:03:45 +00:00
snicket2100 65abd808d5 firejail: system package on programs.firejail.enable
this way the man page etc. becomes available if we enable firejail with
`programs.firejail.enable = true`
2020-03-13 03:28:08 +00:00
Aaron Andersen dbe59eca84 nixos/sshd: add authorizedKeysCommand and authorizedKeysCommandUser options 2020-03-12 21:00:12 -04:00
Florian Klink ce78f3ac70
Merge pull request #82310 from flokli/systemd-network-link-no-networkd
nixos/systemd: apply .link even when networkd is disabled
2020-03-12 15:47:59 -07:00
Léo Gaspard 693d834c37
Merge pull request #76739 from symphorien/mail_plugins
nixos/dovecot: add an option to enable mail_plugins
2020-03-12 22:44:23 +01:00
Léo Gaspard 26b1ef1506
Merge pull request #80141 from symphorien/scrub
nixos/btrfs: make autoScrub not prevent shutdown or suspend
2020-03-12 22:39:34 +01:00
adisbladis f3adcbd150
Merge pull request #82411 from adisbladis/ntpd-extraconfig
services.ntpd: Add extraConfig parameter
2020-03-12 16:37:25 +00:00
Silvan Mosberger 8f2109cda4
Merge pull request #81945 from Infinisil/hostFiles
Introduce `networking.hostFiles` option
2020-03-12 15:56:30 +01:00
adisbladis 63c35a9c28
services.ntpd: Add extraConfig parameter 2020-03-12 14:44:59 +00:00
Léo Gaspard 06bdfc5e32
Merge pull request #82185 from matt-snider/master
ankisyncd, nixos/ankisyncd: init at 2.1.0
2020-03-12 11:47:42 +01:00
lewo cbb21b2a8a
Merge pull request #81214 from buckley310/updateDelay
NixOS/auto-upgrade: Add optional randomized delay
2020-03-12 09:06:32 +01:00
Graham Christensen 10f625b3d2
Merge pull request #81402 from mmilata/firejail-example
nixos/firejail: add example for wrappedBinaries
2020-03-11 20:28:35 -04:00
Jörg Thalheim 154f9e1bd9
Merge pull request #82340 from nyanloutre/vsftpd_pam_fix
nixos/vsftpd: fix missing default pam_service_name
2020-03-11 22:29:43 +00:00
Jörg Thalheim 9aa23e31b3
Merge pull request #80904 from talyz/haproxy-fixes
nixos/haproxy: Revive the haproxy user and group
2020-03-11 22:23:13 +00:00
Maximilian Bosch b7cdb64ac2
treewide: remove myself from a few packages I don't use anymore 2020-03-11 22:29:30 +01:00