1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-19 12:11:28 +00:00
Commit graph

19251 commits

Author SHA1 Message Date
Jörg Thalheim 9750813b89
nixos/telegraf: add support for native ping 2020-11-14 16:33:39 +01:00
Mike Sperber aaad9fd0da nixos/doc: Rudimentary documentation for Subversion-inside-Apache HTTP.
Content thanks to: Aaron Andersen
2020-11-14 15:05:46 +01:00
Frederik Rietdijk 463f738cc6 Merge master into staging-next 2020-11-13 20:58:35 +01:00
WilliButz 74d354a397
nixos/codimd: add package option, refactor prettyJSON
This adds a `package` option to allow for easier overriding of the used
CodiMD version and `runCommandLocal` with `nativeBuildInputs` is now
used to pretty print the configuration.
2020-11-13 16:14:41 +01:00
Doron Behar 8769c817f4
Merge pull request #75615 from FSMaxB/patch-1
Add note about installing NixOS from distributions with /usr/sbin and…
2020-11-13 10:50:32 +02:00
Max Bruckner be0555b8a8 nixos/doc: Add note about /usr/sbin and /sbin
An installation from Debian buster may fail without adding /usr/sbin to
$PATH because chroot is not in the PATH of a non-root user.
2020-11-13 10:30:20 +02:00
Maximilian Bosch fca0aad258
Merge pull request #103500 from chkno/nixos-YY.MM-not-in-nixpkgs-channels
doc: 20.09 release notes: nixos-YY.MM branches no longer in nixos-channels repo
2020-11-12 23:27:27 +01:00
Martin Weinelt 9309563332
postfix: add passthru tests 2020-11-12 20:00:50 +01:00
Martin Weinelt 1b5a1c697d nixos/tests/postfix: migrate test to use tlsTrustedAuthorities
Fixes: 632104e ("postfix: deprecated `sslCACert` in favour of
`tlsTrustedAuthorities`")
2020-11-12 19:38:27 +01:00
Elis Hirwing 2789f47b97
Merge pull request #103531 from gnidorah/acpilight
nixos/acpilight: add to packages
2020-11-12 07:02:39 +01:00
zowoq 31051812bc nixos/doc/*: fix indentation 2020-11-12 14:24:00 +10:00
gnidorah ec26da1fc6 nixos/acpilight: add to packages 2020-11-12 05:22:18 +03:00
Kevin Cox 66c98ec550
Merge pull request #95751 from srhb/forceImportAll
nixos/zfs: Fix boot.zfs.forceImportAll
2020-11-11 20:32:42 -05:00
Maximilian Bosch c9e96d90de
Merge pull request #103499 from chkno/fix-doc-build
doc: Fix doc-building instructions
2020-11-11 23:42:35 +01:00
Scott Worley f72a3142f0 doc: 20.09 release notes: nixos-YY.MM branches no longer in nixos-channels repo
Since 7c442a2f67
for https://github.com/NixOS/nixpkgs/issues/99257
2020-11-11 11:29:39 -08:00
Scott Worley 88b7340a79 doc: Fix doc-building instructions 2020-11-11 11:22:29 -08:00
Gabriel Ebner 753656bbbc
Merge pull request #103225 from gebner/hsphfpd
pulseaudio: add hsphfpd support
2020-11-11 19:56:35 +01:00
Sarah Brofeldt e0d51db401 nixos: boot.zfsImportAll = false; by default
Also add 21.03 release note
2020-11-11 18:46:05 +01:00
Sarah Brofeldt a4010e0580 nixos/zfs: Respect forceImportAll in import service 2020-11-11 18:45:14 +01:00
Sarah Brofeldt ffe4dbf32f nixos/tests/zfs: Test boot.zfs.forceImportAll 2020-11-11 18:45:14 +01:00
Frederik Rietdijk 4076ffe580 Merge staging-next into staging 2020-11-11 16:00:34 +01:00
Tim Steinbach b9c505b7bf
sbt-extras: Add test 2020-11-11 09:32:06 -05:00
Kevin Cox dce7cc111a
Merge pull request #96912 from atlaua/aranea/qemu-vm-kernel-config
nixos/qemu-vm: Fix and update system.requiredKernelConfig entries
2020-11-11 07:29:14 -05:00
Kevin Cox 5dee9b5699
Merge pull request #96679 from midchildan/add-mackerel
mackerel-agent: init at 0.69.3
2020-11-11 06:59:22 -05:00
Daniël de Kok 3497b757d3
Merge pull request #102472 from helsinki-systems/feat/vim-python3
vim: Get rid of Python 2 dependency
2020-11-11 11:52:02 +01:00
Maximilian Bosch a805b2ea32
Merge pull request #103182 from pacien/ssmtp-assert-usestarttls-usetls
nixos/ssmtp: add assertion for useSTARTTLS dependency on useTLS
2020-11-11 10:51:00 +01:00
Aaron Andersen e419de361d
Merge pull request #102376 from felschr/feat/cfdyndns-password-file
nixos/cfdyndns: add apikeyFile option
2020-11-10 18:08:25 -05:00
Edmund Wu 4d0ad2783d nixos/*: hsphfpd support 2020-11-10 20:53:13 +01:00
ajs124 fd950b9fc7
Merge pull request #103196 from helsinki-systems/fix/plasma5-noaliases
nixos/plasma5: Fix when running without aliases
2020-11-10 16:59:34 +01:00
Felix Tenley a33290b1a8
nixos/cfdyndns: add apikeyFile option
nixos/cfdyndns: remove apikey option
2020-11-10 14:00:16 +01:00
Jörg Thalheim 31a0b5dff6
nixos/promtail: fix access to journal 2020-11-10 10:49:27 +01:00
Jörg Thalheim 4c64fa224e
nixos/loki: mergeable configuration
type.attrs is not mergable
2020-11-10 10:49:25 +01:00
Jörg Thalheim 88d1da8e5d
nixos/promtail: use json type for configuration 2020-11-10 10:49:23 +01:00
Jörg Thalheim 689eb49d42
nixos/loki: add logcli to system path
Admins quite likely want to query loki for debugging purpose.
2020-11-10 10:49:21 +01:00
Frederik Rietdijk 0b2ca377b1 Merge staging-next into staging 2020-11-10 10:13:13 +01:00
Frederik Rietdijk 379aaa1e0c Merge master into staging-next 2020-11-10 10:11:08 +01:00
WORLDofPEACE fcef646736
Merge pull request #93431 from sorki/audio/pulseJack
nixos/jack,pulseaudio: fix pulse connection to jackd service
2020-11-09 19:40:12 -05:00
Michele Guerini Rocco e6b8587b25
Merge pull request #101755 from rnhmjoj/activation-type
nixos/activation-script: make scripts well-typed
2020-11-10 00:04:47 +01:00
Jan Tojnar 3a5ba30c13 fwupd: 1.4.6 → 1.5.1
* https://github.com/fwupd/fwupd/releases/tag/1.5.0
* https://github.com/fwupd/fwupd/releases/tag/1.5.1

* The changelog mentions removed dependency on efivar but we still need the package because it also contains efiboot required dependency. https://github.com/fwupd/fwupd/pull/2485
* Blacklist options were renamed.
* Test firmware was moved to a separate repo. We need to install it or some tests will be skipped. https://github.com/fwupd/fwupd/pull/2330
* Initially, there was an option to configure dbx but in the end, it was removed in favour of bespoke dbxtool. https://github.com/fwupd/fwupd/pull/2061, https://github.com/fwupd/fwupd/pull/2318, https://github.com/fwupd/fwupd/pull/2329
* Fwupd now checks hashes of plug-ins and will complain loudly that it is tainted when “invalid” plug-in is loaded (during testing).
* Installed tests complain about not being able to access cdn, even though we are not setting CI_NETWORK env var. We need a patch to fix that.
2020-11-09 22:50:17 +01:00
Edmund Wu 0e4d0d95d0 treewide: generate pulseaudio pulseDir 2020-11-09 19:24:42 +01:00
Timo Kaufmann b839d4a855
Merge pull request #98938 from raboof/nixos-manual-wayland
nixos.manual: introduce Wayland section
2020-11-09 16:59:12 +01:00
Doron Behar 9db44f61a7 rubyMinimal: remove
Due to being unused, and seemingly unusable, added appropriate release
notes.
2020-11-09 16:17:41 +02:00
Frederik Rietdijk 20f001c01e Merge master into staging-next 2020-11-09 14:33:52 +01:00
Jan Tojnar 8e7fca3a5c
nixos/plymouth: fix eval with aliases disabled
Fallout from https://github.com/NixOS/nixpkgs/pull/101369
2020-11-09 14:00:18 +01:00
Janne Heß 576a928794
vim: Get rid of Python 2 dependency 2020-11-09 13:02:04 +01:00
Maximilian Bosch e74d6735f0
Merge pull request #103170 from nh2/roundcube-restart-on-config-changes
roundcube service: Restart on config changes
2020-11-09 12:47:22 +01:00
Samuel Gräfenstein 88bf1b3e92 nixos/boot: add final newline to pbkdf2-sha512.c 2020-11-09 11:39:28 +00:00
Janne Heß 59239feacb
nixos/plasma5: Fix when running without aliases 2020-11-09 11:09:06 +01:00
pacien f7c50a8aa0 nixos/ssmtp: add assertion for useSTARTTLS dependency on useTLS
services.ssmtp.useSTARTTLS has no effect when services.ssmtp.useTLS is disabled.
2020-11-09 04:35:12 +01:00
Marek Mahut e02f6bfa26
Merge pull request #100418 from pltanton/master
fido2luks: 0.2.3 -> 0.2.15
2020-11-09 00:22:09 +01:00
Niklas Hambüchen 91b20fb1aa roundcube service: Restart on config changes.
Until now, e.g. `extraConfig` changes did not reflect in
the system on `nixos-rebuild switch`.
2020-11-08 22:20:18 +01:00
Daniël de Kok d43f378b4a
Merge pull request #103101 from matthiasbeyer/update-mutt
mutt: 1.14.7 -> 2.0.0
2020-11-08 18:26:51 +01:00
Niklas Hambüchen 1c460c0a5c
Merge pull request #103147 from nh2/nginx-sandbox-protecthome-release-notes
manual: nginx: Mention ProtectHome in release notes. See #85567
2020-11-08 18:01:03 +01:00
Niklas Hambüchen 2e7b320931 manual: nginx: Remove reference to stateDir from release notes. Fixes #102211.
Fixed wording taken from:
https://github.com/NixOS/nixpkgs/issues/102211#issuecomment-719976230
2020-11-08 17:55:11 +01:00
Daniël de Kok c65164ec75 nixos/release-notes: Mutt 2.x has some backward incompatible changes 2020-11-08 17:26:54 +01:00
Niklas Hambüchen 2f845dccbf manual: nginx: Mention ProtectHome in release notes. See #85567.
See https://github.com/NixOS/nixpkgs/pull/85567#pullrequestreview-525820684
2020-11-08 17:03:07 +01:00
Ninjatrappeur 5f5d38e88f
Merge pull request #101218 from andir/unbound-systemd 2020-11-08 16:55:29 +01:00
Gabriel Ebner df88279649
Merge pull request #103004 from lovesegfault/octoprint-marlingcodedocumentation
octoprint: add marlingcodedocumentation
2020-11-08 11:42:08 +01:00
Niklas Hambüchen 169ab0b89f redis service: Listen on localhost by default. Fixes #100192.
All other database servers in NixOS also use this safe-by-default setting.
2020-11-08 01:15:33 +01:00
Julien Moutinho c48faf07f4 transmission: fix #98904 2020-11-07 16:27:24 +01:00
midchildan 921a66edc4
nixos/mackerel-agent: init 2020-11-07 13:37:33 +09:00
Andika Demas Riyandi 038497d3b3
nar-serve: init at 0.3.0 (#95420)
* nar-serve: init at 0.3.0

* nixos/nar-serve: add new module

Co-authored-by: zimbatm <zimbatm@zimbatm.com>
2020-11-06 18:59:51 +01:00
Jonathan Ringer 0a6a075813
Merge pull request #102979 from AmineChikhaoui/ec2-amis-gpt
ec2-amis: update AMIs to use gpt partition table
2020-11-06 09:14:48 -08:00
Maximilian Bosch 68726901e1
Merge pull request #94673 from justinas/prom-sql-exporter
prometheus-sql-exporter: init at 0.3.0
2020-11-06 17:00:47 +01:00
Maximilian Bosch 428fc4e297
nixos/prometheus-exporters: fix sql test 2020-11-06 16:43:07 +01:00
Justinas Stankevicius d447c2413c
nixos/prometheus-sql-exporter: new module 2020-11-06 16:35:38 +01:00
Tim Steinbach caf8d001a9
Merge pull request #102977 from NeQuissimus/hardened_test
linux-hardened: Do not block channel
2020-11-06 08:50:18 -05:00
Frederik Rietdijk 99fb79ae84 Merge master into staging-next 2020-11-06 12:51:56 +01:00
Michele Guerini Rocco 25d15ebffb
Merge pull request #98661 from doronbehar/doc/nixos/systemd-nixos-specific
doc/nixos: Explain better NixOS specific Systemd stuff
2020-11-06 11:52:58 +01:00
Doron Behar 8716b71ea6 doc/nixos: Explain better NixOS specific Systemd stuff
Divide the "Service Management" chapter into two sections. The 1st (the
original) explaining General, not NixOS specific ways to interact with
Systemd. The 2nd section, explaining NixOS specific things worth
knowing.

Explain in the 2nd section a bit NixOS modules and services of Nixpkgs,
and mention `systemd.user.services` option. Give an example
demonstrating how to enable imperatively an upstream provided unit file
for a user. Explain why `systemctl --user enable` doesn't work for the
long term on NixOS.
2020-11-06 11:35:59 +02:00
Bernardo Meurer 7fede29d83
nixos/octoprint: remove references to deprecated/removed m33-fio plugin 2020-11-06 00:39:50 -08:00
Tim Steinbach 0f0af1dbd4
linux-hardened: Do not block channel 2020-11-05 22:11:17 -05:00
AmineChikhaoui 43907de6a7
ec2-amis: update AMIs to use gpt partition table
Use changes made as part of #102182.
2020-11-05 20:58:08 -05:00
Aaron Andersen 33d8766feb
Merge pull request #102202 from danderson/danderson/post-stop
nixos/tailscale: use upstream systemd service config.
2020-11-05 20:22:53 -05:00
Timo Kaufmann 1fd1c2ad88
Merge pull request #96639 from xfix/support-microsoft-usb-keyboards
nixos/availableKernelModules: add microsoft hid
2020-11-05 20:33:49 +01:00
Tim Steinbach 55dbb2f30c
Merge pull request #102928 from NeQuissimus/scala_test
scala: Add tests, update script
2020-11-05 10:26:08 -05:00
Peter Hoeg 13ed0cce2f nixos/systemd-resolved: fix incorrect user 2020-11-05 22:41:39 +08:00
Christoph Ruegge bcc808c68f Create /dev/std{in,out,err} symlinks in stage-1
This used to be done by udev, but that was removed in
systemd/systemd@6b2229c. The links are created by systemd at the end of
stage-2, but activation scripts might need them earlier.
2020-11-05 15:32:19 +01:00
Tim Steinbach 6834d33b00
scala: Refactor, add tests
Abstract over Scala derivation, add tests for individual versions
2020-11-05 08:32:28 -05:00
Wout Mertens 91d70c1edb
Merge pull request #102273 from rnhmjoj/bluetooth
nixos/bluetooth: disable restart on unit changes
2020-11-05 14:21:13 +01:00
Tim Steinbach 3a6feb7ec7
Merge pull request #102850 from NeQuissimus/oh-my-zsh_update
oh-my-zsh: Update script, test
2020-11-05 07:28:24 -05:00
Andreas Rammhold 9a01e97824
nixos-help: bundle the desktop item with the script
This is to ensure that whenever we install the desktop item we also have
the script installed. Prior to b02719a we always had the reference to
the script in the desktop item. Since desktop items are being copied to
home directories and thus "bit rod" over time that absolute path was
removed.
2020-11-05 11:56:31 +01:00
Andreas Rammhold 3560f0d913
nixos-help: use writeShellScriptBin and drop custom shebang line 2020-11-05 11:47:14 +01:00
Klemens Nanni b02719a29c nixos-help: Do $PATH lookup in nixos-manual.desktop instead of hardcoding derivation
See db236e588d "steam: Do $PATH lookup in steam.desktop [...]".
tl;dr: Otherwise widget/panel/desktop icons in DEs like KDE break.
2020-11-05 11:45:56 +01:00
Jan Tojnar a821be7531
Merge branch 'master' into staging-next 2020-11-05 09:42:47 +01:00
Tim Steinbach 9813539969
oh-my-zsh: Add test 2020-11-04 20:37:50 -05:00
Tim Steinbach 18d375cae7
Merge pull request #102817 from NeQuissimus/ammonite_update
ammonite: Add test reference, update script
2020-11-04 18:10:07 -05:00
Tim Steinbach 7e062659e9
ammonite: Add test reference, update script 2020-11-04 12:57:58 -05:00
Tim Steinbach ac9ba67ec5
Merge pull request #102642 from NeQuissimus/sbt_1_4_2
SBT: Add test, update script, 1.4.0 -> 1.4.2
2020-11-04 12:49:34 -05:00
Tim Steinbach 23be792bad
sbt: Add test 2020-11-04 11:30:36 -05:00
Marek Mahut 6336ac33c9
Merge pull request #102652 from freezeboy/remove-btc1
btc1: remove
2020-11-04 16:11:50 +01:00
freezeboy dc0f5ed6d2 btc1: remove 2020-11-04 12:26:42 +01:00
Daniel Schaefer d4905b1370
Merge pull request #99003 from martinetd/stunnel-doc 2020-11-04 17:40:48 +08:00
Victor Nawothnig 27e9328895 Support virtio_scsi devices on nixos-generate-config 2020-11-04 10:00:28 +01:00
Frederik Rietdijk 10c57af49c Merge staging-next into staging 2020-11-04 09:28:07 +01:00
Jörg Thalheim f2ec450424
Merge pull request #101249 from Izorkin/dhcpd-ipv6
nixos/dhcpcd: if disabled IPv6 don't solicit or accept IPv6
2020-11-04 08:09:08 +01:00
David Anderson 503caab776 nixos/tailscale: use upstream systemd service config.
Signed-off-by: David Anderson <dave@natulte.net>
2020-11-03 19:37:48 -08:00
Fabián Heredia Montiel acd3d3dd20 nixos/modules/services/network-filesystems/ipfs: refactor
Add `package` option to change the package used for the service.
2020-11-03 17:35:06 -06:00
Maximilian Bosch d6b804db2f
Merge pull request #102530 from Ma27/fix-initrd-network-ssh-test
nixos/initrd-network-ssh: fix test
2020-11-04 00:01:10 +01:00
Andreas Rammhold 5903ea5395
nixos/unbond: unbound should be required for nss-lookup.target
Other units depend on nss-lookup.target and expect the DNS resolution to
work once that target is reached. The previous version
`wants=nss-lookup.target` made this unit require the nss-lookup.target
to be reached before this was started.

Another change that we can probalby do is drop the before relationship
with the nss-lookup.target. That might just be implied with the current
version.
2020-11-03 19:21:39 +01:00
Andreas Rammhold 5c16c31e06
nixos/unbound: add release notes for the changes that were introduced
As part of this patch series a few changes have been made to the unbound
serivce the deserve proper documentation.
2020-11-03 19:21:25 +01:00
Andreas Rammhold 2aa64e5df5
nixos/unbound: add option to configure the local control socket path
This option allows users to specify a local UNIX control socket to
"remote control" the daemon. System users, that should be permitted to
access the daemon, must be in the `unbound` group in order to access the
socket. When a socket path is configured we are also creating the
required group.

Currently this only supports the UNIX socket mode while unbound actually
supports more advanced types. Users are still able to configure more
complex scenarios via the `extraConfig` attribute.

When this option is set to `null` (the default) it doesn't affect the
system configuration at all. The unbound defaults for control sockets
apply and no additional groups are created.
2020-11-03 19:21:25 +01:00
Andreas Rammhold b67cc6298e
nixos/tests/unbound: add test to verify control sockets work 2020-11-03 19:21:24 +01:00
Andreas Rammhold a040a8a2e3
nixos/tests/unbound: init 2020-11-03 19:21:24 +01:00
Andreas Rammhold aadc07618a
nixos/unbound: drop ReadWritePaths from systemd unit configuration
Both of the configured paths should be implicit due to RuntimeDirectory
& StateDirectory.
2020-11-03 19:21:24 +01:00
Andreas Rammhold 72fbf05c17
nixos/unbound: note about the AmbientCapabilities 2020-11-03 19:21:24 +01:00
Andreas Rammhold 5e602f88d1
nixos/modules/services/networking/unbound: update systemd unit
Previously we just applied a very minimal set of restrictions and
trusted unbound to properly drop root privs and capabilities.

With this change I am (for the most part) just using the upstream
example unit file for unbound. The main difference is that we start
unbound was `unbound` user with the required capabilities instead of
letting unbound do the chroot & uid/gid changes.

The upstream unit configuration this is based on is a lot stricter with
all kinds of permissions then our previous variant. It also came with
the default of having the `Type` set to `notify`, therefore we are also
using the `unbound-with-systemd` package here. Unbound will start up,
read the configuration files and start listening on the configured ports
before systemd will declare the unit "running". This will likely help
with startup order and the occasional race condition during system
activation where the DNS service is started but not yet ready to answer
queries.

Aditionally to the much stricter runtime environmet I removed the
`/dev/urandom` mount lines we previously had in the code (that would
randomly fail during `stop`-phase).

The `preStart` script is now only required if we enabled the trust
anchor updates (which are still enabled by default).

Another beneefit of the refactoring is that we can now issue reloads via
either `pkill -HUP unbound` or `systemctl reload unbound` to reload the
running configuration without taking the daemon offline. A prerequisite
of this was that unbound configuration is available on a well known path
on the file system. I went for /etc/unbound/unbound.conf as that is the
default in the CLI tooling which in turn enables us to use
`unbound-control` without passing a custom configuration location.
2020-11-03 19:21:24 +01:00
Kevin Cox f1153d8a0a
Merge pull request #102528 from wizeman/u/fix-chrony-perm2
nixos/chrony: fix owner of chrony drift file
2020-11-03 12:44:13 -05:00
Kim Lindberger cf2d180a12
Merge pull request #99906 from talyz/keycloak
nixos/keycloak: Init
2020-11-03 18:31:19 +01:00
ajs124 2b03d12ace
Merge pull request #102551 from freezeboy/remove-freepops
freepops: remove
2020-11-03 17:51:51 +01:00
WilliButz 0916fea195
Merge pull request #102541 from helsinki-systems/init/promtail
nixos/promtail: Add a promtail module
2020-11-03 17:34:01 +01:00
Kevin Cox 8230e62f57
Merge pull request #100495 from DianaOlympos/riak-cs-delete
riak-cs: delete
2020-11-03 11:17:42 -05:00
Janne Heß 54217cac69
nixos/promtail: Add a promtail module 2020-11-03 14:36:56 +01:00
Timo Kaufmann 6c13df3fc0
Merge pull request #99632 from midchildan/update/epgstation
epgstation: 1.7.4 -> 1.7.5
2020-11-03 14:03:31 +01:00
Frederik Rietdijk 470f05cb5d Merge staging-next into staging 2020-11-03 12:06:41 +01:00
freezeboy ee0e1e0bcb nixos(freepops): remove module 2020-11-03 10:45:29 +01:00
Silvan Mosberger 8a7ea52173
Merge pull request #99019 from sumnerevans/master
Add ability to configure executable for redshift service
2020-11-03 01:00:40 +01:00
Silvan Mosberger aeaf78adb8
Merge pull request #102204 from danderson/danderson/transmission-dir
nixos/transmission: point at the settings dir in cfg.home.
2020-11-03 00:45:04 +01:00
Ricardo M. Correia 48f8b85e1c nixos/chrony: fix owner of chrony drift file
It had become owned by root due to #97546.
2020-11-02 21:41:49 +01:00
Maximilian Bosch 819b0f4bb8
nixos/initrd-network-ssh: fix test
The test relied on moving `initrd` secrets from the store into the
`initrd` which was fine here as it's only an integration test and not a
production environment.

However, this broke in 20.09 when support for this was dropped[1]. To make
sure that the snakeoil key used as hostkey for `sshd` here actually gets
copied into the VM, I added a small script for this that takes care of
this process while building the initial ramdisk.

[1] d930466b77
2020-11-02 21:18:57 +01:00
Graham Christensen 75a2bc94fa
Merge pull request #101192 from grahamc/nixpkgs-location-basic-auth
nginx: support basic auth in location blocks
2020-11-02 09:44:54 -05:00
Graham Christensen 3361a037b9
nginx: add a warning that nginx's basic auth isn't very good. 2020-11-02 08:16:01 -05:00
Graham Christensen a4b86b2bf5
nginx: test basic auth 2020-11-02 08:16:01 -05:00
Graham Christensen c7bf3828f0
nginx: add basic auth support for locations 2020-11-02 08:16:00 -05:00
Graham Christensen 33cf4f0e8e
nginx: factor out the generation of basic auth generation 2020-11-02 08:16:00 -05:00
Dominique Martinet 1fb299064b stunnel: make servers accept more lenient
stunnel config's accept syntax is [host:]port -- this is required to e.g. listen on ipv6
where one would set :::port
2020-11-02 10:51:00 +01:00
Antoine Eiche 81063ee414 nixos.tests.systemd-journal: add basic systemd-journal-gatewayd test
This test allows to ensure the systemd-journal-gatewayd service is
responding correcly when the NixOS option `enableHttpGateway` is set.

The test has not been added into the main systemd test because a
graphical stack is not required (and rebuilding the graphical stack on
systemd change is huge).
2020-11-02 09:07:52 +01:00
Andreas Rammhold 2ba1c007f6
Merge pull request #102350 from andir/nixos-test-prometheus
nixos/tests/prometheus: remove invalid thanos config flag
2020-11-01 19:45:00 +01:00
Dominique Martinet 05eef8051b stunnel service: fix servers example
examples incorrectly had 'enable' set, the option is not defined
and reproducing would error out
2020-11-01 18:17:57 +01:00
Maximilian Bosch 4f3f06d070
Merge pull request #101553 from Mic92/nextcloud
Nextcloud: fix ldap integration
2020-11-01 16:10:18 +01:00
Arnout Engelen c9b669a283
nixos.manual: introduce Wayland section
Co-Authored-By: Nicolas Berbiche <nicolas@normie.dev>
2020-11-01 15:47:10 +01:00
Andreas Rammhold e4865130cf
nixos/tests/prometheus: remove invalid thanos config flag
Upstream has apparently changed the configuration format and is now
throwing an error when the `encrypt_sse` option is set. According to the
current version of the documentation encryption moved to the
`sse_config` option that (is optional and) offers all the features we do
not use or care about for this test.
2020-11-01 14:33:11 +01:00
Jörg Thalheim 7b5cebfa71
Merge pull request #102237 from oxzi/tlp-deprecation-note
nixos/tlp: Fix deprecation hint
2020-11-01 11:46:11 +01:00
Frederik Rietdijk 409ca6f1f9 Merge staging-next into staging 2020-11-01 11:06:35 +01:00
Frederik Rietdijk 54f7498601
Merge pull request #101369 from doronbehar/pkg/kdeApplications/qt515
kdeApplications: Use latest qt515 by default
2020-11-01 11:05:05 +01:00
Frederik Rietdijk 83dde6c52c Merge staging-next into staging 2020-11-01 10:11:12 +01:00
rnhmjoj 497b7018e4
nixos/bluetooth: disable restart on unit changes 2020-10-31 21:46:42 +01:00
Andreas Rammhold fd0b3839b2
Merge pull request #102249 from rnhmjoj/firefox-audio
nixos/tests/firefox: add audio subtest
2020-10-31 21:23:10 +01:00
zimbatm 7d834eff6c
nixos/manual: make reproducible (#102234) 2020-10-31 21:18:16 +01:00
rnhmjoj f7904ca45b
nixos/tests/firefox: add audio subtest 2020-10-31 20:53:15 +01:00
Philipp Kern ec6b0950ef
nixos/prometheus: Support environmentFile (#97933)
For the same reason Alertmanager supports environmentFile to pass
secrets along, it is useful to support the same for Prometheus'
configuration to store bearer tokens outside the Nix store.
2020-10-31 20:52:13 +01:00
WORLDofPEACE eaaf9254aa
Merge pull request #100520 from hyperfekt/patch-3
nixos-install: add passthrough --keep-going flag
2020-10-31 15:19:51 -04:00
Niklas Hambüchen 441abe9949 release notes: Document deprecation warning for StartLimitInterval in [Service] 2020-10-31 18:11:03 +01:00
hyperfekt 1338647a8c nixos-install: pass through keep-going flag 2020-10-31 17:13:45 +01:00
lf- 644079e707 nixos/modules: deprecation warning for StartLimitInterval in [Service]
This implements
https://github.com/NixOS/nixpkgs/issues/45786#issuecomment-440091879
2020-10-31 16:50:35 +01:00
Niklas Hambüchen c178fe4bbb nixos/modules: Reformat warnings section 2020-10-31 16:50:25 +01:00
Alvar Penning 0ad1519ad9 nixos/tlp: Fix deprecation hint
The deprecated extraConfig option refers to the config option, which
does not exists. The settings option should be used.
2020-10-31 16:33:45 +01:00
lf- b37bbca521 nixos/modules: fix systemd start rate-limits
These were broken since 2016:
f0367da7d1
since StartLimitIntervalSec got moved into [Unit] from [Service].
StartLimitBurst has also been moved accordingly, so let's fix that one
too.

NixOS systems have been producing logs such as:
/nix/store/wf98r55aszi1bkmln1lvdbp7znsfr70i-unit-caddy.service/caddy.service:31:
Unknown key name 'StartLimitIntervalSec' in section 'Service', ignoring.

I have also removed some unnecessary duplication in units disabling
rate limiting since setting either interval or burst to zero disables it
(ad16158c10/src/basic/ratelimit.c (L16))
2020-10-31 01:35:56 -07:00
Jade 2df221ec8a
nixos/postgresql: fix inaccurate docs for authentication (#97622)
* nixos/postgresql: fix inaccurate docs for authentication

We actually use peer authentication, then md5 based authentication.
trust is not used.

* Use a link for mkForce docs

Co-authored-by: aszlig <aszlig@redmoonstudios.org>

Co-authored-by: lf- <lf-@users.noreply.github.com>
Co-authored-by: aszlig <aszlig@redmoonstudios.org>
2020-10-31 03:35:19 -04:00
WORLDofPEACE 7b3b82f7af
Merge pull request #100136 from xaverdh/nixos-install-support-impure
nixos-install: pass through impure flag
2020-10-31 01:17:07 -04:00