Janne Heß
4cba5de303
nixos/hoogle: Type the last option
2021-12-07 18:36:01 +01:00
Silvan Mosberger
490d46f044
Merge pull request #148315 from hercules-ci/nixos-evalModules-legacy-cleanup
...
NixOS/evalModules legacy cleanup
2021-12-07 18:30:52 +01:00
Finn Behrens
673ad7eb36
nixos/pleroma: create cookie if not existing ( #149368 )
2021-12-07 17:32:55 +01:00
Janne Heß
1f41365cda
nixos/switch-to-configuration: Restart systemd when system.conf is changed
2021-12-07 14:32:19 +01:00
Janne Heß
e37aab2130
nixos/acme: Allow disabling bash tracing
...
This is horrible if you want to debug failures that happened during
system switches but your 30-ish acme clients spam the log with the same
messages over and over again.
2021-12-07 14:17:56 +01:00
Bernardo Meurer
ebb7f07eec
Merge pull request #148751 from NixOS/feat/slight-stc-improvements
...
nixos/switch-to-configuration: Add small improvements
2021-12-07 02:38:26 -08:00
Yuka
ce54a4f658
nixos/networkd: add RoutingPolicyRule Type option ( #146168 )
2021-12-07 10:13:22 +01:00
Netix (Espinet François)
9d7ce57da5
freeradius: fix radius user
...
We now must choose either system or normal user when creating a user
2021-12-07 08:51:57 +01:00
Martin Weinelt
1d1b09c7c1
Merge pull request #148752 from sweber83/sw/zigbee2mqtt-1.22.1
2021-12-06 22:54:42 +01:00
Maximilian Bosch
c959de5b30
Merge pull request #148360 from helsinki-systems/drop/pg96
...
postgresql_9_6: drop
2021-12-06 21:57:05 +01:00
Johannes Schleifenbaum
9f45c18515
sabnzbd: add simple test
2021-12-06 21:08:19 +01:00
Martin Weinelt
96d69e40f2
nixos/zigbee2mqtt: run as zigbee2mqtt group
...
Not setting a group is a security defect, since that will run the unit
under the root group.
Fixes: 1af87596
("nixos/zigbee2mqtt: init")
2021-12-06 18:30:01 +01:00
Simon Weber
200c36255f
nixos/zigbee2mqtt: no longer pass dataDir to package
2021-12-06 18:28:59 +01:00
Jan Tojnar
75eaab3757
Merge pull request #126832 from ncfavier/gio-extra-modules
...
nixos: make GIO_EXTRA_MODULES a session variable
2021-12-06 16:23:48 +01:00
pennae
027f7e1b7f
nixos/lib/make-options-doc: generate options.xml from options.json
...
to do this we must replace derivations with attrsets in make-options-doc, since
xml can represent derivations differently from attrset but json cannot. this
also given asciidoc and mddoc the ability to handle derivation differently,
which they previously didn't have.
2021-12-06 16:12:32 +01:00
pennae
9b97a2ea88
nix/lib/make-options-doc: remove nix-level sorting
...
there are no remaining users of sorted option lists except the docbook build,
which sorts its input separately.
2021-12-06 16:12:32 +01:00
pennae
c533b01863
nixos/doc/manual: remove non-matching optionsXML inherit
2021-12-06 16:12:32 +01:00
pennae
4670400309
nixos/lib/make-options-doc: generate asciidoc/md in derivations
...
use the json file derivation we already have to also generate the asciidoc and
md options docs instead of formatting the options in nix. docbook docs are
already produced in derivations.
the new script produce the exact same output as the old in-nix generation.
2021-12-06 16:12:30 +01:00
Artturi
779a657e37
Merge pull request #148649 from Artturin/sgxgid
...
nixos: add sgx group with gid 304
2021-12-06 17:05:00 +02:00
talyz
125bb7dac1
discourse: Don't patch the public path
...
Instead of patching the path to /public in Discourse's sources, make
the nginx configuration refer to the symlink in the discourse
package which points to the real path.
When there is a mismatch between the path nginx serves and the path
Discourse thinks it serves, we can run into issues like files not
being served - at least when sendfile requests from the ruby app are
processed by nginx. The issue I ran into most recently is that backup
downloads don't work.
Since Discourse refers to the public directory relative to the Rails
root in many places, it's much easier to just sync this path to the
nginx configuration than trying to patch all occurrences in the
sources. This should hopefully mean less potential for breakage in
future Discourse releases, too.
2021-12-06 14:21:39 +01:00
ajs124
47da70cdda
Merge pull request #148783 from oxzi/claws-mail-ciao-cacao-v3
...
claws-mail: remove claws-mail-gtk2 version
2021-12-06 11:00:00 +00:00
Jörg Thalheim
c7fa870f5a
Merge pull request #148535 from martinetd/bpf
...
bpf update: bcc remove linux kernel dep + devendor libbpf again, bpftrace 0.13.0 -> 0.14.0 + remove kernel dep, pahole 1.20 -> 1.22 + remove submodule, libbpf revert 0.6.0 -> 0.5.0 (unusable)
2021-12-06 08:33:14 +00:00
Robert Hensing
862d167f17
Merge pull request #147441 from pennae/option-doc-staticizing
...
nixos/*: add trivial defaultText to options where applicable
2021-12-06 01:35:38 +01:00
pennae
c694c35f9d
nixos/*: escape pkgs reference in examples and descriptions
2021-12-06 00:38:05 +01:00
Alvar Penning
521f30f80c
claws-mail: remove claws-mail-gtk2 version
...
The GTK+ 2 version of Claws Mail, major version number three, relies on
Python 2, which is end-of-life and might be dropped in the nixpkgs.
In favour of #148779 , this older branch of Claws Mail was removed.
2021-12-05 23:08:18 +01:00
Janne Heß
b30d619368
nixos/top-level: Check syntax of switch-to-configuration
2021-12-05 18:54:36 +01:00
Janne Heß
6f1e0dc34f
nixos/switch-to-configuration: Move excludes up
2021-12-05 18:54:19 +01:00
Janne Heß
5d34545954
nixos/switch-to-configuration: Ignore scopes
2021-12-05 18:47:35 +01:00
Janne Heß
1e422e7d58
nixos/switch-to-configuration: Fix dry order
...
This makes the order of the dry activation messages the same as the real
actions which makes more sense than another random order.
2021-12-05 18:46:50 +01:00
Janne Heß
3693e8b093
nixos/switch-to-configuration: Clean perl code
...
oct() is recommended by perlcritic and the rest was unused.
2021-12-05 18:45:44 +01:00
Janne Heß
50a0f33c2a
nixos/switch-to-configuration: Remove unnecessary TODOs
...
The first one doesn't make any sense because the directory where the
init binary resides does not contain other tools we need like
systemd-escape.
The second one doesn't make sense either because the errors are already
ignored.
2021-12-05 18:43:42 +01:00
Jörg Thalheim
8ae2771224
Merge pull request #148729 from bjornfor/add-missing-collectd-group-v2
...
nixos/collectd: add missing group
2021-12-05 17:18:55 +00:00
Ryan Mulligan
542e917e99
Merge pull request #148061 from astro/drbd_upstream
...
drbd: update, fix, add test
2021-12-05 09:10:22 -08:00
Bjørn Forsman
05bc708a7f
nixos/collectd: add missing group
...
While upgrading my NixOS system I was greeted by this error:
error:
Failed assertions:
- users.users.collectd.group is unset. This used to default to
nogroup, but this is unsafe. For example you can create a group
for this user with:
users.users.collectd.group = "collectd";
users.groups.collectd = {};
Let's fix it.
2021-12-05 17:17:12 +01:00
Bobby Rong
af6071db60
Merge pull request #148415 from erictapen/borgbackup
...
Revert "nixos/borgbackup: specify systemd WorkingDirectory"
2021-12-05 18:02:49 +08:00
Martin Weinelt
68dc5484e9
nixos/doc/manual/release-notes/rl-2111: add prometheus-smartctl-exporter
2021-12-05 03:18:17 +01:00
Martin Weinelt
0c008f9c0d
Merge pull request #147056 from mweinelt/smartctl-exporter
2021-12-05 03:00:48 +01:00
Bobby Rong
894fb34b23
Merge pull request #148159 from bobby285271/pantheon
...
pantheon.extra-elementary-contracts: split package
2021-12-05 09:56:34 +08:00
Martin Weinelt
d94cec6ead
Merge pull request #148543 from mweinelt/knot-hardening
2021-12-05 02:44:28 +01:00
Sean Heath
6af3d13bec
nixos/ddclient: fix permission for ddclient.conf ( #148179 )
2021-12-05 02:07:42 +01:00
Artturin
fc4df13e26
nixos: add sgx group with gid 304
...
fix Unknown group 'sgx', ignoring message from udev
2021-12-05 01:37:43 +02:00
Artturi
493d66a225
Merge pull request #145732 from gardspirito/mx-puppet-discord
2021-12-04 23:12:09 +02:00
Samuel Dionne-Riel
b976947ede
Merge pull request #121345 from samueldr/feature/plasma-mobile
...
Add support for Plasma Mobile
2021-12-04 15:37:26 -05:00
Thomas Gerbet
1a119b223c
vault{,bin}: 1.8.4 -> 1.9.0
...
https://github.com/hashicorp/vault/blob/v1.9.0/CHANGELOG.md
2021-12-05 06:10:43 +10:00
Martin Weinelt
146ddee13b
nixos/tests/knot: add extra cpu core to master
...
This verifies that we allow setting affinity in multicore systems.
2021-12-04 16:53:31 +01:00
Martin Weinelt
893f7af236
nixos/tests/knot: log systemd unit hardening info
2021-12-04 16:53:31 +01:00
Martin Weinelt
67f102d8d8
nixos/knot: update systemd hardening
2021-12-04 16:53:31 +01:00
Felix Schröter
d6a4500f88
nixos/ddclient: support all special characters in password
2021-12-04 16:28:31 +01:00
Robert Hensing
430c9173e4
Merge pull request #148363 from hercules-ci/add-dockerTools-fakechroot
...
dockerTools: Add fakechroot to fakeRootCommands
2021-12-04 15:13:37 +01:00
Maximilian Bosch
5ffc828912
Merge pull request #148301 from Kranzes/nextcloud
...
nextcloud23: init at 23.0.0
2021-12-04 14:54:25 +01:00
Robert Hensing
ddda5f28e1
dockerTools: Keep fakechroot disabled by default
...
Avoid risk of breaking existing images by making it opt-in.
2021-12-04 13:49:10 +00:00
Robert Hensing
0e9bc9ffd1
dockerTools: Add fakechroot to fakeRootCommands
2021-12-04 13:49:10 +00:00
Dominique Martinet
559fe43665
nixos/tests: add bpf test
...
test bcc and bpftrace briefly
2021-12-04 21:12:07 +09:00
Dominique Martinet
efe6967e93
bcc: move from linux-kernels packages to normal packages
...
bcc doesn't really need kernel itself, it just cares about module path.
It's actually better to use /run/booted-system/kernel-modules/lib/modules
for two reasons:
- no need to rebuild bcc for each new kernel
- can use a newer bcc with a booted kernel that doesn't match the current
system
2021-12-04 21:07:09 +09:00
Maciej Krüger
ca82a582d9
nixos/rtsp-simple-server: init
2021-12-04 12:58:36 +01:00
Tristan
7f6a2d5663
oci-containers: fix imageFile example
2021-12-04 10:23:58 +01:00
Samuel Dionne-Riel
2f12f30f00
nixos/plasma5: Split common Plasma config for Mobile from Desktop
2021-12-03 20:17:04 -05:00
Samuel Dionne-Riel
7f4324c64e
nixos/plasma5: Add suggested plasma mobile apps
2021-12-03 20:17:04 -05:00
Samuel Dionne-Riel
7df34e1145
nixos/plasma5: configuration for plasma mobile
2021-12-03 20:17:04 -05:00
Samuel Dionne-Riel
13a03fb289
nixos/plasma5: Add maliit-keyboard to plasma mobile session
2021-12-03 20:17:04 -05:00
Samuel Dionne-Riel
b41923c1ca
nixos/plasma5: configuration for plasma mobile
2021-12-03 20:17:04 -05:00
Tyler Slabinski
da6a39436b
nixos/plasma5: Add mobile.enable option for plasma
2021-12-03 20:17:04 -05:00
Samuel Dionne-Riel
fde4f481d9
nixos/plasma5: Make kwinrc/kdeglobals internally configurable
...
This is used with the Plasma Mobile configuration to configure the
system as upstream recommends.
2021-12-03 20:17:04 -05:00
Artturi
610b719d91
Merge pull request #148491 from Artturin/sendkeydelay
...
nixos/test-driver: add 10ms delay to send_key
2021-12-04 02:13:49 +02:00
Niklas Hambüchen
6c9f46d063
Merge pull request #148389 from GTrunSec/consul
...
nixos/consul: update deprecated setting
2021-12-03 21:53:10 +01:00
Martin Weinelt
42ae887b23
Merge pull request #148471 from Ma27/postfix-exporter-hardening
2021-12-03 20:26:10 +01:00
Artturin
60422ba2ea
nixos/test-driver: add 10ms delay to send_key
...
attempt to fix https://github.com/NixOS/nixpkgs/issues/147294
2021-12-03 20:04:56 +02:00
Maximilian Bosch
8e6d403e65
nixos/prometheus-postfix-exporter: whitelist addr-family AF_UNIX
...
Otherwise, `postfix_up{path="/var/lib/postfix/queue/public/showq"}` will
always be `0` indicating an postfix outage because this is a unix domain
socket that cannot be connected to:
2021/12/03 14:50:46 Failed to scrape showq socket: dial unix /var/lib/postfix/queue/public/showq: socket: address family not supported by protocol
2021-12-03 19:01:19 +01:00
Jörg Thalheim
4f08634a18
Merge pull request #148458 from lunik1/snapraid-fix
...
nixos/snapraid: relax permissions of snapraid-sync
2021-12-03 17:59:37 +00:00
Jörg Thalheim
99c916dd8e
Merge pull request #148201 from Artturin/nixservesecret
...
nix-serve: fix NIX_SECRET_KEY_FILE
2021-12-03 17:50:27 +00:00
GTrunSec
8e92c6c510
nixos/consul: update deprecated webUi
2021-12-03 09:46:24 -08:00
Artturi
7ca9a14f7d
Merge pull request #148382 from Artturin/lightdmtmpfile
2021-12-03 19:31:06 +02:00
Dmitry Kalinkin
721e732e36
Merge pull request #147809 from veprbl/pr/wafHook_release_notes
...
doc: add release notes for a wafHook change
2021-12-03 11:57:26 -05:00
Artturin
d87d5731d5
nixos/tests: fix nix-serve path
...
nixos/tests: rename nix-ssh-serve to nix-serve-ssh
nixos/tests/nix-serve-ssh: add --experimental-features
nixos-serve: add nix-serve-ssh to passthru.tests
2021-12-03 18:40:03 +02:00
lunik1
6073b099d0
nixos/snapraid: relax permissions of snapraid-sync
...
Remove PrivateDevices to silence warning about SnapRAID being
unable to access disk UUIDs.
Add CAP_FOWNER when touch is enabled so file time stamps can be
set.
2021-12-03 15:55:27 +00:00
Maciej Krüger
aac7065c8d
Merge pull request #148108 from mkg20001/lxdimageserver
2021-12-03 16:06:21 +01:00
Maciej Krüger
79f6a3147f
Merge pull request #147365 from FlorianFranzen/waydroid/psi-default
2021-12-03 14:58:31 +01:00
Florian Franzen
64a0cf0df2
nixos/waydroid: enable kernel psi interface if required
2021-12-03 13:04:17 +01:00
Kerstin Humm
ac8a9c3f03
Revert "nixos/borgbackup: specify systemd WorkingDirectory"
...
This reverts commit 62ab77a322
.
This broke nixosTests.borgbackup:
https://github.com/NixOS/nixpkgs/pull/143995#issuecomment-985136152
2021-12-03 12:21:13 +01:00
kyren
c23851c47e
Fix shairport-sync module to create and set an explicit group
2021-12-03 03:16:03 -05:00
Artturin
ebbfccf8a0
nixos/lightdm: fix tmpfile by changing 0 to -
...
Closes https://github.com/NixOS/nixpkgs/issues/116631
2021-12-03 06:22:21 +02:00
Philipp Dargel
a3401f6e33
OpenJDK: expose more versions
...
Provide a way to access all JDK versions.
2021-12-02 17:54:20 -08:00
ajs124
757dd008b2
postgresql_9_6: drop
2021-12-03 01:14:29 +01:00
github-actions[bot]
987163192b
Merge master into staging-next
2021-12-03 00:01:31 +00:00
ajs124
559552ea19
Merge pull request #145695 from mohe2015/step-ca-tests
...
nixos/tests: add step-ca test
2021-12-03 00:54:10 +01:00
Nicolas Benes
7065725f68
doc: add release notes for a wafHook change
2021-12-02 18:46:48 -05:00
Robert Hensing
66c19d856b
Merge pull request #148341 from hercules-ci/add-dockerTools-customization-layer-dependencies
...
dockerTools: Add store dependencies of the customization layer
2021-12-03 00:20:44 +01:00
Robert Hensing
d0bcc212de
nixosTests.docker-tools: Use unique binary in test case
2021-12-02 22:26:05 +00:00
pennae
3e9c5fc8ca
nixos/*: escape config reference in examples and descriptions
2021-12-02 22:35:05 +01:00
pennae
2512455639
nixos/*: add trivial defaultText for options with simple defaults
2021-12-02 22:35:04 +01:00
Martin Weinelt
42ffc37872
Merge pull request #148307 from mweinelt/release-notes-fixups
2021-12-02 22:06:07 +01:00
Aaron Andersen
ac573f3975
Merge pull request #148049 from hexagonal-sun/shairport-firewall-rules
...
nixos/shairport-sync: add firewall rules
2021-12-02 15:21:28 -05:00
Matthew Leach
ea90c516e7
nixos/shairport-sync: add firewall rules
...
Add an option to automatically open the firewall for shairport.
2021-12-02 19:24:50 +00:00
Ilan Joselevich
c0f4b20db7
nextcloud23: init at 23.0.0
2021-12-02 20:53:21 +02:00
Robert Hensing
78ada83361
nixos/eval-config: Deprecate extraArgs and check parameters
2021-12-02 18:23:43 +00:00
Robert Hensing
1a223857ab
nixos/documentation: Use new extendModules instead of legacy args
2021-12-02 18:23:43 +00:00
Robert Hensing
0b5aea2b27
nixos/eval-config: Remove a rec
2021-12-02 18:23:43 +00:00
Robert Hensing
59c4a35aab
nixos/eval-config: Avoid evalModules args and check parameters
2021-12-02 18:23:43 +00:00
Martin Weinelt
34d4676e9d
nixos/doc/manual/release-notes/rl-2111: fix multiple option links
2021-12-02 19:03:05 +01:00
github-actions[bot]
bcc4d12e17
Merge master into staging-next
2021-12-02 18:01:11 +00:00
Martin Weinelt
d1da5658a6
nixos/doc/manual/release-notes/rl-2111: move highlights introduction
2021-12-02 18:45:04 +01:00
AmineChikhaoui
fa06cf556e
ec2-amis: add release 21.11
2021-12-02 11:01:47 -05:00
Artturin
2fb77151e8
nix-serve: fix NIX_SECRET_KEY_FILE
2021-12-02 17:45:50 +02:00
github-actions[bot]
a68e0fdca5
Merge master into staging-next
2021-12-02 12:01:12 +00:00
adisbladis
fafe9a8d04
Merge pull request #148236 from Vonfry/emacs/remove-org-elpa
...
emacsPackages.orgPackages: deprecated
2021-12-02 01:43:22 -08:00
talyz
ab042d6452
discourse.plugins: Update all plugins to their latest versions
...
Also, add support for updating plugins which keep gem versions in
files at the root of the repo (discourse-prometheus) and replace the
`up-plugin.sh` script with a README file pointing to the plugin
packaging documentation.
2021-12-02 10:43:14 +01:00
talyz
e2415dbb8f
discourse: 2.7.9 -> 2.8.0.beta9
...
Update to the latest beta, since upstream advocates for it. See
https://github.com/NixOS/nixpkgs/issues/146308 for more info.
2021-12-02 10:31:00 +01:00
Jacek Galowicz
58371472fe
Merge pull request #146512 from DeterminateSystems/better-visibility
...
nixos/test-driver: more context when step finishes, give more functions nested labels
2021-12-02 09:26:21 +00:00
Vonfry
932ab304f0
emacsPackages.orgPackages: deprecated
...
org elpa is deprecated and moved into gnu elpa and nongnu elpa.
link: nix-community/emacs-overlay#191
2021-12-02 16:16:59 +08:00
github-actions[bot]
4746376a5f
Merge master into staging-next
2021-12-02 00:01:31 +00:00
Michele Guerini Rocco
9342984bde
Merge pull request #148160 from bb2020/transmission
...
nixos/transmission: adjust message-level enum
2021-12-01 21:28:16 +01:00
Jacek Galowicz
57dc1085dc
Merge pull request #146271 from DeterminateSystems/better-timeouts
...
nixos/test-driver: add execute_with_timeout, add (functional) timeouts to more functions
2021-12-01 19:01:05 +00:00
Martin Weinelt
0804405afb
Merge pull request #148086 from mweinelt/hass-consider-extracomponents
2021-12-01 19:43:33 +01:00
Cole Helbling
af765f3abd
nixos/test-driver: give more functions nested labels
...
This will make it easier to trace through the test execution without
having to scroll through the entire kernel output.
2021-12-01 10:29:56 -08:00
Cole Helbling
c6ee63259a
nixos/test-driver: more context when step finishes
...
When displaying the amount of time some step took, with no other
context, it becomes nigh impossible (especially in longer tests) to see
when specific steps finished.
2021-12-01 10:29:56 -08:00
github-actions[bot]
523293d53d
Merge master into staging-next
2021-12-01 18:01:12 +00:00
Vincent Haupert
3cf9508c72
nixos/github-runner: refactor tokens handling
...
This commit changes how we deal with the current token, i.e., the token
which may exist from a previous runner registration, and the configured
token, i.e., the path set for the respective NixOS configuration option.
Until now, we copied the configured and the current token (if any) to
the runtime directory to compare them. The path of the current token may
reference a file which is only accessible to specific users (even only
root). Therefore, we ran the copying of credentials with elevated
privileges by prefixing the `ExecStartPre=` script with a `+` (see
systemd.service(5)). In this script, we also changed the owner of the
files to the service user. Apparently, however, the user/group pair
sometimes did not exist because we use `DynamicUser=`.
To address this issue, we no longer change the owner of the file.
Instead, we change the file permissions to 0666 to allow the runner
configuration script (runs with full sandboxing) to read-write the file.
Due to the current permissions of the runtime directory (0755), this
would expose the token. Therefore, we process the tokens in the state
directory, which is only accessible to the service user.
If a new token file exists in the state directory, the configuration
script should trigger a new runner registration. Afterward, it deletes
the new token file. The token is still available using the path of the
current token which is inaccessible within the service's sandbox.
2021-12-01 16:15:43 +01:00
Bobby Rong
28a115edc4
pantheon.extra-elementary-contracts: drop
2021-12-01 23:00:10 +08:00
bb2020
21a54a4e4c
nixos/transmission: adjust message-level enum
2021-12-01 17:55:06 +03:00
Bobby Rong
b5038e5127
pantheon.gnome-bluetooth-contract: init at unstable-2021-02-23
2021-12-01 22:42:21 +08:00
Bobby Rong
0a9d1ce156
pantheon.file-roller-contract: init at unstable-2021-02-23
2021-12-01 22:42:21 +08:00
Robert Hensing
0f33d439a7
Merge pull request #140992 from hercules-ci/aarch64-amis
...
Add aarch64 AMIs
2021-12-01 14:48:00 +01:00
Thiago Kenji Okada
d5f93fc0d5
Merge pull request #148080 from LibreCybernetics/update-gnome-docs
...
gnome: update docs regarding nvidiaWayland
2021-12-01 10:35:16 -03:00
Martin Weinelt
3070c350e6
Merge pull request #148082 from mweinelt/charybdis-reload
2021-12-01 13:02:11 +01:00
github-actions[bot]
f6f101cca5
Merge master into staging-next
2021-12-01 12:01:26 +00:00
Robert Hensing
8a129f8cf0
Merge pull request #144094 from hercules-ci/nixos-specialisations-use-extendModules
...
nixos/specialisation: Rephrase in terms of extendModules, noUserModules
2021-12-01 11:03:36 +01:00
Michele Guerini Rocco
d616fde3ae
Merge pull request #146967 from AndrewKvalheim/PermanentMACAddress
...
nixos/doc: improve example of renaming network interfaces
2021-12-01 09:03:14 +01:00
Maciej Krüger
7a89ee6171
nixos/lxd-image-server: fix logrotate
2021-12-01 08:39:36 +01:00
Martin Weinelt
9e234eba80
nixos/tests/home-assistant: test hardening with extraComponents
2021-12-01 01:19:01 +01:00
Martin Weinelt
254dd2a102
nixos/home-assistant: consider extraComponents in hardening
...
Previously the extraComponents added to an overriden package would not
have been considered in hardening measures enforced by the module.
Home Assistant is warning the user about component definitions having
moved away from YAML, so using an override to include support for a
component might become the better way moving forward.
2021-12-01 01:09:52 +01:00
github-actions[bot]
80fce0f4a7
Merge master into staging-next
2021-12-01 00:01:49 +00:00
Martin Weinelt
1f726635ee
nixos/charybdis: implement reload functionality
...
IRC daemons are highly stateful daemons, so allow config changes without
kicking all server and client connections.
Basically a port of 60c62214f5
.
2021-11-30 23:33:34 +01:00
Fabián Heredia Montiel
5bb9d9176d
gnome: update docs regarding nvidiaWayland
2021-11-30 15:59:30 -06:00
Ryan Mulligan
7f4e071274
nixos/tests/drbd: init
2021-11-30 21:44:11 +01:00
Ryan Mulligan
aa37441c3e
nixos/drbd: fix
...
- fix environment.etc."drbd.conf"
- don't generate an ExecStart script for just one command
2021-11-30 21:43:51 +01:00
Sandro
39b1caa278
Merge pull request #146345 from SuperSandro2000/locate-pruneBindMounts
2021-11-30 21:16:25 +01:00
Sandro
06811e74f3
Merge pull request #146533 from SuperSandro2000/nginx
2021-11-30 21:16:09 +01:00
pennae
8072ee22f2
dhcpcd, nixos/dhcpcd: enable privsep
...
dhdpcd 9 support privilege separation with a dedicated user and seccomp
filtering. this has been enabled for a while in other distributions as
well.
if the dhcpcd module is not used and the _dhcpcd user/group isn't
definied otherwise dhcpcd will fall back to not using privsep.
2021-11-30 19:51:45 +01:00
pennae
5269674a6d
dhcpcd: 8.1.4 -> 9.4.1
...
by @erictapen:
- Removed note about testing and moved it to passthru.tests
- Removed patch, as it is probably the same as
56b2bb17d2ec67e1f93950944211f6cf8c40e0fb, wich landed in upstream.
other changes:
- changed PIDFile in the module, since dhcpcd 9 changed the location
2021-11-30 19:51:45 +01:00
github-actions[bot]
3c6eb8fe49
Merge master into staging-next
2021-11-30 18:01:33 +00:00
Sandro
1841f5f81c
Merge pull request #146336 from SuperSandro2000/locate-fs
2021-11-30 18:06:10 +01:00
Aaron Andersen
1800a86072
Merge pull request #146965 from pmeiyu/webdav
...
Add webdav-server-rs
2021-11-30 12:03:27 -05:00
Jan Tojnar
dad4fddd52
nixos/nvidia: check modesetting for gdm-wayland only when gdm is enabled
...
Reported in https://github.com/NixOS/nixpkgs/pull/147153#issuecomment-982695772
2021-11-30 16:06:21 +01:00
Roman Frołow
de6181dc51
nixos/acme: fix typo in docs
2021-11-30 21:31:50 +08:00
Martin Schwaighofer
af180d554b
qemu, runInLinuxVM: change default cpu to qemu64
...
The flag -cpu max leaves QEMU 6.1.0 stuck on some systems,
for example when /dev/kvm is not read-writable.
This does not happen with -cpu qemu64.
Getting stuck like that is a regression in 6.1.0 not yet present in 6.0.0
and should be fixed with 6.2.0 according to early testing with rc1.
We should consider reverting this change when we merge QEMU 6.2.0.
See #146526 .
fixes #141596
2021-11-30 13:06:22 +00:00
Vincent Haupert
ce81231420
nixos/networkd: add dhcpServerStaticLeaseConfig
option
...
Add `systemd.network.networks.*.dhcpServerStaticLeaseConfig` to allow
for configuring static DHCP leases through the `[DHCPServerStaticLease]`
section. See systemd.network(5) of systemd 249 for details.
Also adds the NixOS test `systemd-networkd-dhcpserver-static-lease` to
test the assignment of static leases.
2021-11-30 09:58:33 +01:00
github-actions[bot]
18ca52de87
Merge master into staging-next
2021-11-30 06:01:26 +00:00
Artturi
6c39b6eda2
Merge pull request #147967 from Artturin/increasebootsizes
2021-11-30 06:30:05 +02:00
Peng Mei Yu
4abccb5466
nixos/webdav: set uid and gid
2021-11-30 10:19:14 +08:00
Peng Mei Yu
ce4ad53e6a
nixos/webdav-server-rs: init
2021-11-30 10:19:14 +08:00
Timothy DeHerrera
2f0f91fe69
Merge pull request #147898 from tomberek/release_bump
...
nixos/rl-21.11: bump
2021-11-29 19:12:44 -07:00
Artturin
c19234d0df
nixos/tests/installer: increase /boot sizes to 100MB
2021-11-30 03:53:14 +02:00
Timothy DeHerrera
b1faa37cdf
21.11 Release Notes: fix typos
2021-11-29 20:15:37 -05:00
Tom Bereknyei
af92f1c0cc
[21.11] update README.md
...
[21.11] update upgrading
[21.11] update release date
run generation
2021-11-29 20:15:35 -05:00
Artturi
14d0efe51a
Merge pull request #147939 from NixOS/revert-116290-mar2021-hidpi
2021-11-30 02:50:14 +02:00
github-actions[bot]
941a6593c8
Merge master into staging-next
2021-11-30 00:01:51 +00:00
Kevin Cox
b7caba7f59
Merge pull request #146902 from fgaz/vengi/init
...
vengi-tools: init at 0.0.14
2021-11-29 17:16:44 -05:00
Kevin Cox
2b35c41b81
Merge pull request #147153 from LibreCybernetics/enable-nvidia-wayland-on-gdm-by-default
...
nixos/gdm: enable nvidiaWayland by default
2021-11-29 17:15:06 -05:00
Artturi
04a499cdde
Revert "nixos/hidpi: add xserver dpi"
2021-11-29 23:26:46 +02:00
talyz
e8cc900eae
make-disk-image: Make additionalPaths work with Nix 2.4
...
The `nix` command is marked as experimental since 2.4, so an extra
flag is required to unlock it.
2021-11-29 21:11:15 +01:00
Sandro
61c3243dc7
Merge pull request #113887 from xaverdh/install-grub-editorconfig-fixup
2021-11-29 21:03:41 +01:00
github-actions[bot]
909b92e198
Merge master into staging-next
2021-11-29 18:01:23 +00:00
Aaron Andersen
a4977db2e8
caddy: include and utilize systemd service from upstream ( #147305 )
2021-11-29 23:16:25 +09:00
Aaron Andersen
f366af7a1b
Merge pull request #136630 from mweinelt/logrotate-hourly
...
nixos/logrotate: allow hourly frequency
2021-11-29 07:42:14 -05:00
github-actions[bot]
096c9145eb
Merge master into staging-next
2021-11-29 12:01:28 +00:00
Peng Mei Yu
640e54cda9
maintainers: Rename pengmeiyu to pmy
2021-11-29 18:39:31 +08:00
Lucas Savva
be952aba1c
nixos/acme: Fix rate limiting of selfsigned services
...
Closes NixOS/nixpkgs#147348
I was able to reproduce this intermittently in the
test suite during the tests for HTTPd. Adding
StartLimitIntervalSec=0 to disable rate limiting
for these services works fine. I added it anywhere
there was a ConditionPathExists.
2021-11-29 11:15:31 +01:00
Maciej Krüger
e14fadd95c
Merge pull request #147080 from mkg20001/cinstuff
2021-11-29 07:26:02 +01:00
github-actions[bot]
a0e9d6e2c6
Merge master into staging-next
2021-11-29 00:01:22 +00:00
sternenseemann
31ff641504
Merge remote-tracking branch 'origin/master' into haskell-updates
2021-11-28 19:31:56 +01:00
github-actions[bot]
017d32f216
Merge master into staging-next
2021-11-28 18:00:57 +00:00
Michele Guerini Rocco
af63e81ad9
Merge pull request #147683 from rnhmjoj/pr-monero-cli
...
monero: rename to monero-cli
2021-11-28 16:54:21 +01:00
Graham Christensen
5ce7574ce8
Merge pull request #147399 from dali99/update_hydrus2
...
hydrus: 462 -> 463
2021-11-28 10:54:10 -05:00
rnhmjoj
97a3b2af1d
monero: rename to monero-cli
...
To make repology.org happy, use the -cli suffix.
2021-11-28 11:35:14 +01:00
github-actions[bot]
2534e1384b
Merge master into staging-next
2021-11-28 06:01:05 +00:00
Artturi
f62e110ae4
Merge pull request #147323 from Artturin/vmwareguest
2021-11-28 06:56:56 +02:00
Daniel Olsen
0fff6b89ea
hydrus: 462 -> 463
2021-11-28 04:11:31 +01:00
Daniel Olsen
40fb87f5ca
nixos/doc: Add note about big updates regarding hydrus to release notes
2021-11-28 04:11:30 +01:00
github-actions[bot]
7012b918c3
Merge master into haskell-updates
2021-11-28 00:08:47 +00:00
github-actions[bot]
9c838c8b51
Merge master into staging-next
2021-11-28 00:02:51 +00:00
Artturi
16eb003524
Merge pull request #146467 from l0b0/test-pam-d-generation
2021-11-27 22:32:46 +02:00
Victor Engmark
dcb941f3ed
security/pam: Document test location
2021-11-27 20:36:50 +02:00
Victor Engmark
3b2e6e72fa
tests: Move all PAM tests into a separate directory
...
As per
<https://github.com/NixOS/nixpkgs/pull/146467#issuecomment-972743535 >.
2021-11-27 20:36:50 +02:00
Michael Weiss
1cfecb636b
Revert "Merge pull request #141192 from helsinki-systems/feat/improved-socket-handling2"
...
This reverts commit 57961d2b83
, reversing
changes made to b04f913afc
.
(I.e. this reverts PR #141192.)
While well-intended, this change does unfortunately introduce very
serious regressions that are especially disruptive/noticeable on desktop
systems (e.g. users of Sway will loose their graphical session when
running "nixos-rebuild switch").
Therefore, this change has to be reverted ASAP instead of trying to fix
it in "production".
Note: An updated version should be extensively discussed, reviewed, and
tested before re-landing this change as an earlier version also had to
be reverted for the exact same issues [0].
Fix: #146727
[0]: https://github.com/NixOS/nixpkgs/pull/73871#issuecomment-559783752
2021-11-27 17:22:22 +01:00
Dominik Xaver Hörl
0360e03520
nixos/install-grub: fix whitespace
...
This time hopefully without changing the generated boot script.
2021-11-27 10:18:21 +01:00
Dominik Xaver Hörl
19447850a2
Revert "nixos/install-grub: normalize whitespace"
...
This morally reverts commit 0e8d7f9b3d
.
It made the generated boot script hard to read.
2021-11-27 10:18:04 +01:00
Maciej Krüger
7aff811292
nixos/cinnamon: add xapps to extra app list
2021-11-27 09:10:58 +01:00
Victor Engmark
595543a314
tests: Verify /etc/pam.d/chfn file contents
2021-11-27 15:55:46 +13:00
github-actions[bot]
c83509f73d
Merge master into haskell-updates
2021-11-27 00:07:28 +00:00
github-actions[bot]
e3eba8f994
Merge master into staging-next
2021-11-27 00:01:39 +00:00
Thiago Kenji Okada
25cdc0a9c9
Merge pull request #147490 from illdefined/nix-daemon
...
modules/nix-daemon: Add missing mk(Rename|Removed)OptionModule
2021-11-26 19:31:02 -03:00
github-actions[bot]
b529eccbb3
Merge master into staging-next
2021-11-26 18:01:19 +00:00
Thiago Kenji Okada
6f4eab2bd1
Merge pull request #147459 from samueldr/fix/nix-bash-completion-2.4
...
Fix bash completion for stable nix-* commands with Nix 2.4
2021-11-26 10:32:51 -03:00
Mikael Voss
257e92258e
modules/nix-daemon: Add missing mk(Rename|Removed)OptionModule
...
Commit 3a92a1a
replaced the nix.daemonNiceLevel and nix.daemonIONiceLevel
options. This commit adds appropriate mk(Rename|Removed)OptionModule.
2021-11-26 13:25:20 +01:00
github-actions[bot]
956b399ffa
Merge master into staging-next
2021-11-26 12:01:30 +00:00
Samuel Dionne-Riel
8e92630aae
nixos: Provide nix-bash-completions again for stable commands
2021-11-26 02:16:56 -05:00
Victor Engmark
e0f1682910
nixos/installer: Quote variable references
...
See <https://github.com/koalaman/shellcheck/wiki/SC2086 >.
2021-11-26 18:58:08 +13:00
Victor Engmark
c9a7385997
nixos/installer: Use -n
instead of ! -z
...
See <https://github.com/koalaman/shellcheck/wiki/SC2236 >.
2021-11-26 18:55:53 +13:00
Victor Engmark
adb8f5c858
nixos/installer: Mark scripts as Bash for ShellCheck
...
See <https://github.com/koalaman/shellcheck/wiki/SC2239 >.
2021-11-26 18:54:23 +13:00
sternenseemann
d4c2ca42d9
Merge remote-tracking branch 'origin/master' into haskell-updates
2021-11-25 21:20:21 +01:00