1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-25 03:17:13 +00:00
Commit graph

2197 commits

Author SHA1 Message Date
Martin Weinelt d942d4473d neovim, neovimUtils, neovim-qt: drop python2 support
In 2a00e53bd pynvim support for python2 was disabled, this broke the
neovim build. I really think it is time to let go of python2 support in
neovim.
2021-05-02 22:43:53 +02:00
José Romildo Malaquias a611906544 xfce: add release note about dropping lighter gvfs package 2021-05-02 14:26:52 -03:00
github-actions[bot] ef6416a6ba
Merge staging-next into staging 2021-05-01 00:54:32 +00:00
Martin Weinelt e0f1e1f7bf
nixos/zigbee2mqtt: convert to rfc42 style settings 2021-04-30 19:42:26 +02:00
Niklas Hambüchen a874a8a98b release notes: Mention wireguard generatePrivateKeyFile permission changes 2021-04-30 19:28:04 +02:00
Travis A. Everett 5fb284dda6 yadm: add release note for 3.x 2021-04-30 11:07:35 -05:00
github-actions[bot] 97889a52e1
Merge staging-next into staging 2021-04-27 18:14:28 +00:00
ajs124 39a51c9923
Merge pull request #118338 from Izorkin/update-nginx-zlib-ng
nginx: update to 1.20.0, replace zlib to zlib-ng
2021-04-27 16:36:25 +02:00
github-actions[bot] 8634c6f7d1
Merge staging-next into staging 2021-04-26 00:17:03 +00:00
Michele Guerini Rocco e035c1b417
Merge pull request #119952 from attila-lendvai/extraLayouts
nixos/doc/manual: refine extraLayouts, add warnings an test commands
2021-04-25 21:06:49 +02:00
Jan Tojnar c1f851b2ee
Merge branch 'staging-next' into staging 2021-04-25 08:22:13 +02:00
Martin Weinelt e8988f7a30 nixos/babeld: run as DynamicUser
The last bits to prevent babeld from running unprivileged was its
kernel_setup_interface routine, that wants to set per interface
rp_filter. This behaviour has been disabled in a patch that has been
submitted upstream at https://github.com/jech/babeld/pull/68 and reuses
the skip-kernel-setup config option.

→ Overall exposure level for babeld.service: 1.7 OK 🙂
2021-04-25 00:54:52 +02:00
Michael Raskin d04f1c4314
Merge pull request #101071 from ju1m/apparmor
apparmor: try again to fix and improve
2021-04-24 11:24:26 +00:00
Attila Lendvai 603707a137 nixos/doc/manual: refine extraLayouts, add warnings an test commands 2021-04-24 09:52:43 +02:00
github-actions[bot] 944e32775d
Merge staging-next into staging 2021-04-24 00:16:20 +00:00
Luke Granger-Brown 4de343cccf nixos/test-driver: use a variety of different Tesseract settings for OCR
When performing OCR, some of the Tesseract settings perform better than
others on a variety of different workloads, but they mostly take
~negligible incremental time to run compared to the overhead of running
the ImageMagick filters.

After this commit, we try using all three of the current Tesseract
models (classic, LSTM, and classic+LSTM) to generate output text. This
fixes chromium-90's tests at release-20.09, and should make cases where
you're looking for *specific* text better, with the tradeoff of running
Tesseract multiple times.

To make it sensible to cherrypick this into release-20.09, this doesn't
change the existing API surface for the test driver. In particular,
get_screen_text continues to have the existing behaviour.
2021-04-23 18:42:35 +00:00
davidak fabdd46503 kbdKeymaps: remove
dvp and neo are now included in kbd

includes documentation in release notes and alias
2021-04-23 16:41:06 +02:00
Julien Moutinho b42a0e205d nixos/apparmor: disable killUnconfinedConfinables by default 2021-04-23 07:20:20 +02:00
Julien Moutinho 03b2156d26 nixos/apparmor: move release note to 21.05 2021-04-23 07:19:32 +02:00
Julien Moutinho 05d334cfe2 Revert "Revert "apparmor: fix and improve the service""
This reverts commit 420f89ceb2.
2021-04-23 07:17:55 +02:00
Izorkin 65ce0419ad
nginx: add release notes 2021-04-21 11:18:14 +03:00
Daniël de Kok f75286e063 cudatoolkit-{9,9_0,9_1,9_2}: remove
Remove old CUDA toolkits (and corresponding CuDNN versions).

- Not supported by upstream anymore.
- We do not use them in nixpkgs.
- We do not test or actively maintain them.
- Anything but ancient GPUs is supported by newer toolkits.

Fixes #107131.
2021-04-18 11:55:10 +02:00
Jörg Thalheim 0854659567
Merge pull request #119389 from marsam/drop-postgresql_9_5
postgresql_9_5: drop
2021-04-16 19:29:21 +01:00
Guillaume Girol f1a2ab6818
Merge pull request #115332 from symphorien/usertype
nixos/users: require one of users.users.name.{isSystemUser,isNormalUser}
2021-04-14 19:38:26 +00:00
Symphorien Gibol 7a87973b4c nixos/users: require one of users.users.name.{isSystemUser,isNormalUser}
As the only consequence of isSystemUser is that if the uid is null then
it's allocated below 500, if a user has uid = something below 500 then
we don't require isSystemUser to be set.

Motivation: https://github.com/NixOS/nixpkgs/issues/112647
2021-04-14 20:40:00 +02:00
Florian Klink 5429cc1af4 rl-2105: Document /etc/systemd-mutable/system is gone from the defaults, point to boot.extraSystemdUnitPaths 2021-04-14 12:52:58 +02:00
taku0 4c87cb87a2
Merge pull request #67684 from indiscipline/minio
nixos/minio: allow multiple data directories for erasure coding
2021-04-13 18:29:28 +09:00
Sandro 1781eeade9
Merge pull request #118773 from peterhoeg/doc/packagekit
document packagekit changes
2021-04-12 17:19:47 +02:00
Indiscipline 9ffc4ad790 nixos/minio: allow multiple data directories for erasure coding 2021-04-10 14:44:45 +03:00
Maximilian Bosch 842f900e73
Merge pull request #114128 from jorsn/docs.fix-hostName
nixos/docs: fix example for code-generated modules
2021-04-09 18:05:51 +02:00
Kim Lindberger 5a1bd5ff66
Merge pull request #116074 from talyz/discourse
discourse: Add package and NixOS module
2021-04-08 14:19:49 +02:00
Peter Hoeg b7f5bc61f3 document packagekit 2021-04-08 09:23:54 +08:00
talyz bc26a46943
rl-2105: Add Discourse module note 2021-04-05 13:56:02 +02:00
Guillaume Girol fe0e0afbc0
Merge pull request #92929 from symphorien/postgresql-check-config-file
nixos/postgresql: check config file syntax at build time
2021-04-02 16:27:03 +00:00
ajs124 2f42097c88
Merge pull request #118090 from helsinki-systems/upd/xfsprogs
xfsprogs: 5.10.0 -> 5.11.0
2021-04-01 13:51:01 +02:00
Mario Rodas 72ab382fb6 postgresql_9_5: drop
PostgreSQL 9.5 has reached EOL on February 11, 2021.
See https://www.postgresql.org/support/versioning/
2021-04-01 04:20:00 +00:00
Martin Weinelt 285301cd1f linuxPackages: 5.4 -> 5.10
The 5.10 series is the next longterm version of the linux kernel and
I've been using it on multiple x86_64 machines ever since it came out.

I think it is time to switch over the default now, so we get some
additional testing in time for NixOS 21.05.
2021-03-31 11:29:33 -04:00
Frederik Rietdijk 9b9e9cff00
Merge pull request #117015 from NixOS/staging-next
Staging next
2021-03-31 12:42:19 +02:00
davidak fe3eb35133
Merge pull request #97565 from samuelgrf/defaultPackages-nano
nixos/config: move nano to defaultPackages
2021-03-31 09:17:56 +02:00
github-actions[bot] 4ba71fb819
Merge master into staging-next 2021-03-31 00:12:29 +00:00
ajs124 db8b545233 xfsprogs: 5.10.0 -> 5.11.0
also try to correct meta.license
2021-03-30 20:14:53 +02:00
talyz abba76a3b9
nixos/gitlab: Document automatic backups 2021-03-30 19:15:33 +02:00
Samuel Gräfenstein e6cd793a74
nixos/config: move nano to defaultPackages
Some people already have another editor installed and may want to
get rid of applications they don't use.
2021-03-30 11:50:03 +02:00
github-actions[bot] 8cebf1dc19
Merge master into staging-next 2021-03-25 06:05:58 +00:00
Léo Gaspard 219ee8d091
release notes: typo fixes (#117539) 2021-03-25 01:28:41 +01:00
github-actions[bot] 380cb1e995
Merge master into staging-next 2021-03-24 12:11:57 +00:00
Robert Hensing 2f7be87a8a nixos/doc: Update Writing Documentation to use nix-shell 2021-03-22 21:21:08 +01:00
Robert Hensing 12e7698a65 nixos/doc/manual/Makefile: Do not format
Formatting has been neglected. Running `make` would format dozens
of files, which is a great way of scaring away newcomers and those
with less git experience. It would also annoy the heck out of
regular contributors.

The purpose of formatting is to avoid a small annoyance, so it
should not become a big annoyance that makes people give up on
their work.
2021-03-22 21:15:11 +01:00
github-actions[bot] feda7be375
Merge master into staging-next 2021-03-22 12:26:55 +00:00
Michele Guerini Rocco a88356cbbe
Merge pull request #97048 from bluecmd/patch-1
nixos/manual: luks entries are auto-detected
2021-03-22 08:15:42 +01:00
github-actions[bot] 1398d44bac
Merge staging-next into staging 2021-03-16 00:39:16 +00:00
Jade c6189e2f28 manual/installation: s/boot.loader.systemd/boot.loader.systemd-boot
The link had the wrong title.
2021-03-15 01:26:32 -07:00
Jan Tojnar a16ce80193
Merge branch 'staging-next' into staging 2021-03-14 02:09:44 +01:00
Jan Tojnar b19f08ec61
nixos/doc: Fix release notes syntax 2021-03-14 02:01:46 +01:00
Doron Behar 5e367ecef9
Merge pull request #106599 from doronbehar/pkg/gnuradio/pkgs 2021-03-13 17:27:40 +00:00
Aaron Andersen 0bf8f56105
Merge pull request #115871 from aanderse/kodi-packages
kodi: plugins cleanup
2021-03-13 10:10:20 -05:00
Frederik Rietdijk 9d03ff5222 python: reproducible builds
Achieve reproducible builds of the interpreter. Note this meant
disabling optimizations again.
2021-03-13 13:11:50 +01:00
Doron Behar 2d08e55e9b gnuradio.pkgs: init
- Write a `mkDerivation` and `mkDerivationWith` function for gnuradio,
  like qt5.
- qradiolink, gqrx: Use gnuradio's callPackage and mkDerivation.
- Use gnuradio.callPackage to define all gnuradio.pkgs.
- Move all gnuradio packages expressions to pkgs/development/gnuradio-modules/ -
  modeled after Python's.
- Add more paths to gnuradio's wrapper - add the extra packages as
  python modules, and add their executables with proper env vars
  wrapping.

Co-authored-by: Frederik Rietdijk <fridh@fridh.nl>
2021-03-13 12:46:59 +02:00
Jan Tojnar 9a64ee2b45
Merge branch 'staging-next' into staging 2021-03-13 01:58:15 +01:00
Philipp Riegger ac59cb8276 nixos/release-notes/rl-2105.xml: fix typo 2021-03-12 15:44:13 +01:00
Aaron Andersen 696ac06a93 kodi: add release notes for version 19.0 update 2021-03-11 20:35:54 -05:00
Aaron Andersen 4769eb4f58 kodi: add release notes for kodi.withPackages 2021-03-11 20:35:54 -05:00
Bryan Gardiner d3ea5a7290
nixos/manual/writing-nixos-tests: document how to disable Black silently 2021-03-10 18:56:52 -08:00
Chris Martin 5ae6e17795 kindlegen: remove the package (closes #96439) 2021-03-10 07:33:53 +00:00
Sarah Brofeldt fd02940262 nixos/apache-kafka: Use version-matched jre 2021-03-10 08:10:30 +01:00
rnhmjoj f3c77e5e61
nixos/release-notes: highlight privoxy updates 2021-03-09 11:03:00 +01:00
Michele Guerini Rocco af6037b338
Merge pull request #111551 from xaverdh/xserver-modern-drivers
nixos/xserver: use modern video drivers
2021-03-09 08:14:24 +01:00
Johan Thomsen 7b5c38e973 nixos/kubernetes: docker -> containerd
also, nixos/containerd: module init
2021-03-07 12:51:14 +10:00
Daniël de Kok 158578de40
Merge pull request #114731 from danieldk/release-notes-cargo-hooks
nixos/rl-2105: add hookification of buildRustPackage
2021-03-06 11:49:21 +01:00
TredwellGit e3d705e601 nixos/xserver: use modern video drivers
cirrus is obsolete: https://www.vintage3d.org/cirrus.php
nv is obsolete: https://www.phoronix.com/scan.php?page=article&item=nvidia_kills_nv&num=1
vesa is obsolete: https://www.phoronix.com/scan.php?page=news_item&px=Nzc3Nw
ati and ati_unfree are superseded by amdgpu and amdgpu-pro: https://wiki.gentoo.org/wiki/ATI_FAQ#Is_my_AMD.2FATI_board_supported.3F
nouveau and fbdev added for better fallback support.
2021-03-06 08:47:18 +01:00
Maximilian Bosch 594eff1d59
Merge pull request #113958 from Ma27/nextcloud21
nextcloud21: init at 21.0.0, set as default version
2021-03-04 21:47:26 +01:00
Daniël de Kok 3faea849b9 nixos/rl-2105: add hookification of buildRustPackage 2021-03-04 11:19:11 +01:00
laikq 5c99d24d1e doc: explain where pkgs comes from in writing-modules
The manual mentions how "[config and pkgs] are explained later". Added a link
to where they are explained, and a hint pointing to the NIX_PATH variable.
2021-03-03 11:09:21 -05:00
Kim Lindberger e72375464b
Merge pull request #113635 from talyz/gitlab-improvements
nixos/gitlab: Clean config dir, switch to puma, split PreStart script and more
2021-03-01 13:37:53 +01:00
Milan Svoboda df3d560999 nixos/nix-gc: add persistent and randomizeDelaySec options 2021-02-28 04:21:21 -05:00
Robert Schütz 5cc881d0d8 imagemagick: make 7.0 default 2021-02-27 18:34:36 +01:00
talyz 2b3800b9c7
nixos/gitlab: Change default SMTP port, enable postfix only if used
Change the default SMTP port to `25`, to better match the default
address `localhost`. This gets rid of some error outputs in the test,
where it fails to connect to localhost:465.

Also, don't enable postfix by default unless it's actually useful to
us.
2021-02-24 18:32:24 +01:00
Johannes Rosenberger aa5124d229 nixos/docs: fix example for code-generated modules 2021-02-23 15:38:23 +01:00
Florian Klink f3af2df658
Merge pull request #111635 from xaverdh/hide-pid-broken
nixos/hidepid: remove module, it's broken
2021-02-23 00:20:29 +01:00
Maximilian Bosch f7011c70f3
nextcloud21: init at 21.0.0, set as default version
ChangeLog: https://nextcloud.com/changelog/#latest21

* Packaged 21.0.0, test-deployed it to my personal instance and tested
  the most basic functionality (`davfs2`-mount, {card,cal}dav sync, file
  management).

* Bumped the default version for unstable/21.05 to `nextcloud21`. Since
  `nextcloud20` was added after the release of 20.09 (and thus the
  default on 20.09 is still `nextcloud19`), it's now needed to upgrade
  across two majors.

  This is not a problem though since it's possible to upgrade to v20 on
  20.09 already and if not, the module will guard the administrator
  through the upgrade with eval warnings as it's the case since 20.03.

* Dropped `nextcloud17` attribute and marked `nextcloud18` as EOL.
2021-02-22 13:04:42 +01:00
David Arnold 6bfaed9b2c
installer: fixup sd-card folder move from #110827 2021-02-21 16:12:54 -05:00
Dominik Xaver Hörl f7fce2c52f nixos/rl-2105: document removal of the hidepid module 2021-02-21 13:51:37 +01:00
Florian Klink e3d3643f1b nixos/release-notes/rl-2105.xml: fix typo 2021-02-21 13:14:55 +01:00
WORLDofPEACE 3c88820235 rl-2105: rngd 2021-02-21 07:09:13 -05:00
nicoo 16b6c4b2d7 nixos/manual/virtualbox-guest: Remove mentions of rngd 2021-02-21 01:37:18 +01:00
Michele Guerini Rocco 19d715c573
Merge pull request #107382 from rnhmjoj/no-udev-settle
nixos/{networkd,dhcpcd}: remove udev-settle hack
2021-02-20 20:49:19 +01:00
rnhmjoj d683d26d89
nixos/release-notes: warn on interface renaming 2021-02-19 09:26:14 +01:00
rnhmjoj aafaf3ba97
nixos/docs: add section on renaming interfaces 2021-02-19 09:26:14 +01:00
Dominik Xaver Hörl 3629c74c10 nixos/rl-2105: document removal of systemConfig parameter 2021-02-18 12:48:08 +01:00
Luke Granger-Brown cfed3b8b22 treewide: update 21.03 to 21.05
The NixOS 21.03 release has been delayed to 21.05. See NixOS/rfcs#80.

There are two instances of 21.03 which have been left as is, since they
are in stateVersion comparisons. This will ensure that existing user
configurations which refer to 21.03 will continue to work.
2021-02-12 14:12:48 -08:00
Bernardo Meurer 77a76e2ff8
release-notes/rl-2103: mention removal of flashplayer support from tree 2021-02-08 09:40:20 -08:00
Michele Guerini Rocco c9f6a7f349
Merge pull request #111624 from rnhmjoj/thinkfan
nixos/thinkfan: rewrite for 1.2 update
2021-02-08 12:20:07 +01:00
rnhmjoj c753910d98
nixos/release-notes: mention thinkfan 1.2 update 2021-02-07 14:35:37 +01:00
Michael Weiss d0b891c828
isync: 1.3.4 -> 1.4.0
Important changes:
- The 'isync' compatibility wrapper was removed.
- The Master/Slave configuration keywords where deprecated and should be
  replaced with Far/Near. All users should update their configuration
  file accordingly. It's a trivial change and the old Master/Slave
  keywords will still work for now but result in the following message:
  Notice: Master/Slave are deprecated; use Far/Near instead.

Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
2021-02-04 19:54:54 +01:00
John Ericson 6717246373
Merge pull request #111284 from siraben/remove-new-stdenv-lib
stdenv: warn about use of inherited lib
2021-01-30 22:28:05 -05:00
Elias Probst 27da11972d nixos/restic: correct location of cache directory
By default, restic determines the location of the cache based on the XDG
base dir specification, which is `~/.cache/restic` when the environment
variable `$XDG_CACHE_HOME` isn't set.
As restic is executed as root by default, this resulted in the cache being
written to `/root/.cache/restic`, which is not quite right for a system
service and also meant, multiple backup services would use the same cache
directory - potentially causing issues with locking, data corruption,
etc.

The goal was to ensure, restic uses the correct cache location for a
system service - one cache per backup specification, using `/var/cache`
as the base directory for it.

systemd sets the environment variable `$CACHE_DIRECTORY` once
`CacheDirectory=` is defined, but restic doesn't change its behavior
based on the presence of this environment variable.
Instead, the specifier [1] `%C` can be used to point restic explicitly
towards the correct cache location using the `--cache-dir` argument.

Furthermore, the `CacheDirectoryMode=` was set to `0700`, as the default
of `0755` is far too open in this case, as the cache might contain
sensitive data.

[1] https://www.freedesktop.org/software/systemd/man/systemd.unit.html#Specifiers
2021-01-30 18:24:51 -08:00
Ben Siraphob 0fa4858791 release-notes/rl-2103: mention deprecation of stdenv.lib 2021-01-30 20:26:37 +07:00
Erik Arvstedt 0b5fd3b784 qemu-guest: remove security.rngd setting
Since release 20.09 `rngd.enable` defaults to false, so this setting is redundant.

Also fix the `qemu-quest` section of the manual that incorrectly claimed
that `rngd` was enabled.
2021-01-27 18:27:34 +01:00
Florian Klink 1030745555
Merge pull request #106857 from m1cr0man/master
nixos/acme: Fixes for account creation and remove tmpfiles usage
2021-01-27 17:52:16 +01:00
bb2020 603e14c793 nixos/alsa: disable OSSEmulation by default
OSS Emulation is considered incomplete so disabling it by default.
Using user level alsa-oss library (nix-env -iA nixos.alsaOss) over
this kernel module is recommended.
2021-01-26 15:06:33 +03:00
Attila Lendvai 21c56fc3cf nixos/doc/manual: In the preface, add link to #chap-contributing
Turned the freetext suggestion about opening the build output
into a copy-pastable xdg-open line.

Renamed title to 'Contributing to this manual'.
2021-01-23 18:58:54 -08:00
markuskowa 2f34b4b883
Merge pull request #108983 from markuskowa/dev-mpi
Use mpi attribute consistently to provide a default MPI implementation
2021-01-23 22:51:09 +01:00
John Ericson 9c213398b3 lib: Clean up how linux and gcc config is specified
Second attempt of 8929989614589ee3acd070a6409b2b9700c92d65; see that
commit for details.

This reverts commit 0bc275e634.
2021-01-23 10:01:28 -05:00
Markus Kowalewski 68fa960f6a
nixos/release-notes: add comment about generic mpi attribute 2021-01-23 12:15:18 +01:00
Jonathan Ringer 0bc275e634
Revert "lib: Clean up how linux and gcc config is specified"
This is a stdenv-rebuild, and should not be merged
into master

This reverts commit 8929989614.
2021-01-22 14:07:06 -08:00
John Ericson d95aebbe0e
Merge pull request #107214 from Ericson2314/linux-config-cleanup
lib: Clean up how linux and gcc config is specified
2021-01-22 15:15:58 -05:00
John Ericson 8929989614 lib: Clean up how linux and gcc config is specified
The `platform` field is pointless nesting: it's just stuff that happens
to be defined together, and that should be an implementation detail.

This instead makes `linux-kernel` and `gcc` top level fields in platform
configs. They join `rustc` there [all are optional], which was put there
and not in `platform` in anticipation of a change like this.

`linux-kernel.arch` in particular also becomes `linuxArch`, to match the
other `*Arch`es.

The next step after is this to combine the *specific* machines from
`lib.systems.platforms` with `lib.systems.examples`, keeping just the
"multiplatform" ones for defaulting.
2021-01-21 22:44:09 -05:00
Linus Heckemann 5153deedd8
Merge pull request #108909 from thiagokokada/libinput-by-device-type
nixos/libinput: separate settings by mouse/touchpad
2021-01-21 10:43:44 +01:00
Jonathan Ringer 4edbbe523c nixos/manual: pkgconfig -> pkg-config 2021-01-19 01:16:25 -08:00
Ryan Mulligan 2b8cdd5f3b
Merge pull request #89472 from asymmetric/relnotes-grub
rl-2003: mention grub 2.04 update
2021-01-18 11:50:52 -08:00
Thiago Kenji Okada 0f762e5582 nixos/doc: document services.xserver.libinput changes 2021-01-13 10:20:38 -03:00
Thiago Kenji Okada 887386fbbe nixos/doc: fix manual reference to libinput 2021-01-13 10:20:34 -03:00
Izorkin 91e580397e
mariadb: 10.4.15 -> 10.5.8 2021-01-12 17:22:54 +03:00
Izorkin d688f790dd
mariadb: drop build server with tokudb storage 2021-01-12 17:22:47 +03:00
rnhmjoj 88f71722ea
nixos/doc: add searx changes to the relase notes 2021-01-11 08:41:16 +01:00
Florian Klink 581232454f
Merge pull request #108726 from omasanori/nixos/netgroup
nixos/networking: make /etc/netgroup by default
2021-01-10 23:01:12 +01:00
Guillaume Girol 0fbc0976db
Merge pull request #106082 from rnhmjoj/uwsgi
nixos/uwsgi: run with capabilities instead of root
2021-01-10 21:51:37 +00:00
rnhmjoj 3a17a9b05e
nixos/docs: add uWSGI changes to the relase notes 2021-01-10 19:33:41 +01:00
Jörg Thalheim 51894963cb
Merge pull request #89775 from numinit/update-androidenv 2021-01-10 15:09:36 +00:00
Jörg Thalheim b815fb2fd9
Merge pull request #105775 from xaverdh/iwd-link-unit 2021-01-10 12:35:25 +00:00
Michele Guerini Rocco db0adc9a44
Merge pull request #108897 from pacien/fish-foreign-env-remove-alias
fish-foreign-env: remove alias to incompatible package
2021-01-10 10:04:43 +01:00
Masanori Ogino d1d6403cb5 nixos/networking: make /etc/netgroup by default
This will prevent nscd from complaining /etc/netgroup being absent.

Signed-off-by: Masanori Ogino <167209+omasanori@users.noreply.github.com>
2021-01-10 11:01:48 +09:00
pacien 052f58ffae fish-foreign-env: remove alias to incompatible package
The fish-foreign-env and the fishPlugins.foreign-env packages aren't
compatible due to changes in directory layout.

It's better to remove the alias so that the evaluation explicitly fails
instead of allowing silent runtime breakage.

GitHub: see https://github.com/NixOS/nixpkgs/pull/107834#issuecomment-756995696
GitHub: see https://github.com/LnL7/nix-darwin/issues/269
GitHub: see https://github.com/nix-community/home-manager/issues/1701
GitHub: see https://github.com/nix-community/home-manager/issues/1702
2021-01-10 01:03:23 +01:00
WORLDofPEACE 7c34e83cb2
Merge pull request #108107 from talyz/reintroduce-epiphany
Revert "nixos/gnome3: don't install epiphany default"
2021-01-09 16:45:31 -05:00
Dominik Xaver Hörl 86b3251c80 nixos/iwd: add release notes for changes to wireless interface renaming 2021-01-09 10:55:41 +01:00
Jörg Thalheim a14ea3aecc
Merge pull request #97740 from ju1m/tor
nixos/tor: improve type-checking and hardening
2021-01-05 16:00:40 +00:00
talyz 8ed9987894
nixos/gnome3: Note the reintroduction of epiphany in release notes 2021-01-05 16:27:20 +01:00
pacien d94921db12 fish-foreign-env: move to fishPlugins.foreign-env
And relocate the installed fish functions to the `vendor_functions.d` so
that they're automatically loaded.
2021-01-04 18:53:59 +01:00
talyz 0f0d5c0c49
profiles/hardened: Add note about potential instability
Enabling the profile can lead to hard-to-debug issues, which should be
warned about in addition to the cost in features and performance.

See https://github.com/NixOS/nixpkgs/issues/108262 for an example.
2021-01-04 16:03:29 +01:00
numinit 5b91d4ab65 Rework androidenv package generation
androidenv did not previously write license files, which caused certain
gradle-based Android tools to fail. Restructure androidenv's list of
Android packages into a single repo.json file to prevent duplication
and enable us to extract the EULA texts, which we then hash with
builtins.hashString to produce the license files that Android gradle
tools look for.

Remove includeDocs and lldbVersions, as these have been removed
from the Android package repositories.

Improve documentation and examples.
2021-01-03 21:27:23 -07:00
Julien Moutinho 0ccdd6f2b0 nixos/tor: improve type-checking and hardening
Fixes #77395.
Fixes #82790.
2021-01-04 01:02:26 +01:00
Maximilian Bosch 3b57908018
Merge pull request #108179 from WilliButz/update/prometheus-json-exporter/0.2.0
prometheus-json-exporter: unstable-2017-10-06 -> 0.2.0
2021-01-03 19:28:12 +01:00
Maximilian Bosch 6e43cc7fb0
nixos/prometheus-exporters: minor doc improvements
* Content of `programlisting` shouldn't be indented, otherwise it's
  weirdly indented in the output.
* Use `<xref linkend=.../>` in the release notes: then users can
  directly go to the option documentation when reading release notes.
* Don't use docbook tags in `mkRemovedOptionModule`: it's only used
  during evaluation where docbook isn't rendered.
2021-01-03 19:04:33 +01:00
github-actions[bot] bc30d1eb34
Merge master into staging-next 2021-01-03 00:56:46 +00:00
ajs124 a2267f6341 xfsprogs: 4.19 -> 5.10 2021-01-02 18:45:22 +01:00
WilliButz 3f94c66ee1
nixos/prometheus-json-exporter: update modules & tests, add release notes 2021-01-02 13:10:27 +01:00
Jörg Thalheim c2fca99f97
Revert "Merge branch 'master' into staging-next"
This reverts commit f19b7b03a0, reversing
changes made to 572a864d02.

Sorry. I pushed the wrong staging-next (the one that had my master
merged in). This was not intended.
2020-12-31 08:50:36 +01:00
Jörg Thalheim f19b7b03a0
Merge branch 'master' into staging-next 2020-12-31 07:31:38 +01:00
Jörg Thalheim b8a19ca2bc
nixos-rebuild: add --impure flag
There are two use case for this flag:

1. NixOS developer usually use a nixpkgs checkout for development.
Copying nixpkgs everytime when rebuilding NixOS is way to slow, even
with NVME disks.

2. Folks migrating from impure configuration in a sufficient complex
infrastructure need this flag to gradually migrate to NixOS flakes.
2020-12-30 07:50:30 +01:00
Jörg Thalheim e1e412215d
nixos-rebuild: document all nix flags 2020-12-30 07:50:30 +01:00
Lucas Savva e5913db0c9 nixos/acme: update documentation and release notes
The instructions on recreating the cert were missing --what=state.
Also added a note on ensuring the group of manual certs is correct.
2020-12-28 00:35:45 +00:00
Frederik Rietdijk 736dd028ca Merge staging-next into staging 2020-12-22 19:43:32 +01:00
WilliButz 97e863ad7f
nixos/doc: add note about codimd -> hedgedoc to release notes 2020-12-22 01:39:03 +01:00
github-actions[bot] d87de5dd7d
Merge staging-next into staging 2020-12-21 12:23:08 +00:00
Sandro 652da3f472
Merge pull request #107134 from psibi/patch-2
nixos/manual: fix typo in virtualbox installation guide
2020-12-21 11:32:52 +01:00
Sibi Prabakaran 15dcf1344f
nixos/manual: fix typo in virtualbox installation guide 2020-12-21 11:01:54 +05:30
Frederik Rietdijk f081225a83
Merge pull request #106533 from helsinki-systems/refactor/waf-hook
[staging] wafHook: Don't wrap Python 2
2020-12-19 19:28:05 +01:00
Silvan Mosberger 9e6737710c Revert "Module-builtin assertions, disabling assertions and submodule assertions" 2020-12-18 16:44:37 +01:00
Michele Guerini Rocco d8cb103f79
Merge pull request #104589 from fadenb/release_notes_wpa_supplicant_breaking_change
nixos/release-notes: Warn on wpa_supplicant changes
2020-12-18 16:11:10 +01:00
Silvan Mosberger 7698aa9776
Merge pull request #97023 from Infinisil/module-assertions
Module-builtin assertions, disabling assertions and submodule assertions
2020-12-18 14:17:52 +01:00
rnhmjoj 8a76f5d811
nixos/doc: fix manual build
This is a fixup of 9728907c
2020-12-18 08:46:03 +01:00
Silvan Mosberger 767d80099c
lib/modules: Introduce _module.checks.*.check
Previously the .enable option was used to encode the condition as well,
which lead to some oddness:
- In order to encode an assertion, one had to invert it
- To disable a check, one had to mkForce it

By introducing a separate .check option this is solved because:
- It can be used to encode assertions
- Disabling is done separately with .enable option, whose default can be
  overridden without a mkForce
2020-12-17 21:52:24 +01:00
Janne Heß cfc4f6347f
wafHook: Don't wrap python2 2020-12-17 19:01:28 +01:00
Andreas Rammhold fa0d499dbf
Merge pull request #106995 from andir/ml2pr/PATCH-nixos-users-groups-createHome-Ensure-HOME-permissions-fix-description
nixos/users-groups: createHome: Ensure HOME permissions, fix description
2020-12-17 17:23:46 +01:00
Markus Kowalewski 5df0cf7461
nixos/slurm: fix dbdserver config file handling
Since slurm-20.11.0.1 the dbd server requires slurmdbd.conf to be
in mode 600 to protect the database password. This change creates
slurmdbd.conf on-the-fly at service startup and thus avoids that
the database password ends up in the nix store.
2020-12-16 20:34:14 +01:00
Alyssa Ross e17d4b05a1 nixos/tor: don't do privoxy stuff by default
It's very surprising that services.tor.client.enable would set
services.privoxy.enable.  This violates the principle of least
astonishment, because it's Privoxy that can integrate with Tor, rather
than the other way around.

So this patch moves the Privoxy Tor integration to the Privoxy module,
and it also disables it by default.  This change is documented in the
release notes.

Reported-by: V <v@anomalous.eu>
2020-12-16 12:20:03 +00:00
Klemens Nanni 8833983f26 nixos/users-groups: createHome: Ensure HOME permissions, fix description
configuration.nix(1) states

    users.extraUsers.<name>.createHome
        [...] If [...] the home directory already exists but is not
        owned by the user, directory owner and group will be changed to
        match the user.

i.e. ownership would change only if the user mismatched;  the code
however ignores the owner, it is sufficient to enable `createHome`:

    if ($u->{createHome}) {
        make_path($u->{home}, { mode => 0700 }) if ! -e $u->{home};
        chown $u->{uid}, $u->{gid}, $u->{home};
    }

Furthermore, permissions are ignored on already existing directories and
therefore may allow others to read private data eventually.

Given that createHome already acts as switch to not only create but
effectively own the home directory, manage permissions in the same
manner to ensure the intended default and cover all primary attributes.

Avoid yet another configuration option to have administrators make a
clear and simple choice between securely managing home directories
and optionally defering management to own code (taking care of custom
location, ownership, mode, extended attributes, etc.).

While here, simplify and thereby fix misleading documentation.
2020-12-16 03:40:29 +01:00
Guillaume Girol 824d2c92bd
Merge pull request #82584 from Atemu/dnscrypt-default-config
dnscrypt-proxy2: base settings on example config
2020-12-15 19:47:43 +00:00
Linus Heckemann cc786acdce
Merge pull request #105397 from kisik21/mailman-other-mta-support
nixos/mailman: make Postfix support optional (provided you configure the MTA yourself)
2020-12-14 09:46:05 +01:00
Vika ad023b0c88
nixos/mailman: make Postfix support optional (provided you configure the MTA yourself)
Mailman can now work with MTAs other than Postfix. You'll have to configure
it yourself using the options in `services.mailman.settings.mta`.

This addition is reflected in the release notes for 21.03.
2020-12-14 02:41:30 +03:00
Atemu 5242cec1b8 rl-2103: document nixos/dnscrypt-proxy2's default config change 2020-12-12 09:15:56 +01:00
Jan Tojnar 4f20afbc19
Merge branch 'master' into staging-next 2020-12-10 04:39:30 +01:00
Damien Diederen f77d01ffc5 zookeeper: 3.4.12 -> 3.6.2
A big jump, but the structure hasn't changed much.

This recipe is still based on a binary release provided by upstream.

(It might be interesting to start doing our own builds at some point,
to split client from server, and/or to create packages for removed
"contribs" such as 'zooInspector'.  Upstream intends to further slim
down its release tarballs as most deployments only need specific assets.)
2020-12-09 15:46:38 +01:00
Gabriel Ebner a474f0d1e6
Merge pull request #105275 from lukegb/nixpkgs-pa14
pulseaudio: 13.0 -> 14.0
2020-12-07 22:45:47 +01:00
zowoq fad293d452 nixos/doc/rl-2103: fix build 2020-12-06 12:15:26 +10:00
Doron Behar 44d041786b rl-2103: Mention gnuradio expressions changes.
Mention 3.8 and that it's now possible to override it and 3.7 to compile
only certain features.
2020-12-05 13:24:05 +02:00
Symphorien Gibol 9816bbbaa5 nixos/rspamd: add release notes 2020-12-01 14:45:56 +01:00
Silvan Mosberger c03a809dc4
Merge pull request #105515 from alyssais/manual-declarative
nixos/manual: don't recommend nix-env -iA
2020-12-01 04:28:43 +01:00
Alyssa Ross 55a6b5565b
nixos/manual: don't recommend nix-env -iA
We're really setting users up on the wrong path if we tell them to
nix-env -iA immediately after installing.  Instead, let's just
reassure them that installing software will be covered in due course
in the manual, to encourage them to keep reading.
2020-12-01 01:23:16 +00:00
Silvan Mosberger c9cc8969b4
lib/modules: Rename _module.assertions to _module.checks 2020-11-30 23:51:41 +01:00
Silvan Mosberger c4fb54e92a
nixos/docs: Update assertion docs for new module-builtin ones 2020-11-30 23:51:23 +01:00
Frederik Rietdijk 9a63b3d3d6
Merge pull request #104781 from NixOS/staging-next
Staging next
2020-11-30 18:27:29 +01:00
Raghav Sood 1fd8d571ed
cpp_ethereum: remove 2020-11-30 03:23:21 +00:00
Luke Granger-Brown d29428523e rl-21.03: add PulseAudio 13.0 -> 14.0 upgrade to release notes 2020-11-29 13:27:46 +00:00
Frederik Rietdijk b2a3891e12 Merge master into staging-next 2020-11-27 15:09:19 +01:00
Jan Tojnar 6d99109b12
Merge branch 'staging-next' into staging 2020-11-24 05:44:44 +01:00
adisbladis ba1fa0c604
pam_ssh_agent_auth: Honour services.openssh.authorizedKeysFiles
If a system administrator has explicitly configured key locations this
should be taken into account by `sudo`.
2020-11-24 02:47:07 +01:00
Florian Klink bbf3c9483b
Merge pull request #104520 from Izorkin/wsdd
wsdd: init at 0.6.2
2020-11-23 23:18:23 +01:00
Frederik Rietdijk 587538d087 Merge staging-next into staging 2020-11-23 18:10:33 +01:00
Izorkin 03760ab82e
nixos/samba-wsdd: init service samba-wsdd 2020-11-23 13:26:00 +03:00
Florian Klink c76891314d
Merge pull request #104094 from flokli/systemd-unified-cgroup-hierarchy
systemd: switch to unified cgroup hierarchy by default
2020-11-22 22:35:42 +01:00
Tristan Helmich 3049064aa5 nixos/release-notes: Warn on wpa_supplicant changes 2020-11-22 11:43:43 +00:00
Jack Kelly 6fd871dec4 rl-21.03: describe EC2 instance user/meta data reloading 2020-11-22 12:22:46 +10:00
Jörg Thalheim 258903e725
Merge pull request #94610 from kwohlfahrt/openldap 2020-11-21 23:09:40 +01:00
Aaron Andersen 30c2069a9c
Merge pull request #78168 from active-group/subversion-apache-config-docs
nixos/doc: Rudimentary documentation for Subversion-inside-Apache HTTP.
2020-11-21 15:17:45 -05:00
Kai Wohlfahrt 3f892c2174 nixos/openldap: Remove extraConfig options
Instead of deprecating, as per PR feedback
2020-11-21 16:13:03 +00:00
Kai Wohlfahrt 5fafbee87a nixos/openldap: Add release-notes for OLC config 2020-11-21 15:45:15 +00:00
Guillaume Girol 01083f116d
Merge pull request #102235 from symphorien/paperwork2
Paperwork 2.0
2020-11-20 21:30:08 +00:00
Florian Klink d22b3ed4bc systemd: switch to unified cgroup hierarchy by default
See https://www.redhat.com/sysadmin/fedora-31-control-group-v2 for
details on why this is desirable, and how it impacts containers.

Users that need to keep using the old cgroup hierarchy can re-enable it
by setting `systemd.unifiedCgroupHierarchy` to `false`.

Well-known candidates not supporting that hierarchy, like docker and
hidepid=… will disable it automatically.

Fixes #73800
2020-11-19 16:56:46 +01:00
Michael Raitza 1f323ec2b4 openafs: remove 1.6; point to openafs_1_8 2020-11-17 21:31:59 +01:00
Symphorien Gibol 3c9707d4a3 nixos: add release notes for the paperwork update. 2020-11-15 15:46:53 +01:00
Mike Sperber aaad9fd0da nixos/doc: Rudimentary documentation for Subversion-inside-Apache HTTP.
Content thanks to: Aaron Andersen
2020-11-14 15:05:46 +01:00
Frederik Rietdijk 463f738cc6 Merge master into staging-next 2020-11-13 20:58:35 +01:00
Doron Behar 8769c817f4
Merge pull request #75615 from FSMaxB/patch-1
Add note about installing NixOS from distributions with /usr/sbin and…
2020-11-13 10:50:32 +02:00
Max Bruckner be0555b8a8 nixos/doc: Add note about /usr/sbin and /sbin
An installation from Debian buster may fail without adding /usr/sbin to
$PATH because chroot is not in the PATH of a non-root user.
2020-11-13 10:30:20 +02:00
Maximilian Bosch fca0aad258
Merge pull request #103500 from chkno/nixos-YY.MM-not-in-nixpkgs-channels
doc: 20.09 release notes: nixos-YY.MM branches no longer in nixos-channels repo
2020-11-12 23:27:27 +01:00
zowoq 31051812bc nixos/doc/*: fix indentation 2020-11-12 14:24:00 +10:00
Kevin Cox 66c98ec550
Merge pull request #95751 from srhb/forceImportAll
nixos/zfs: Fix boot.zfs.forceImportAll
2020-11-11 20:32:42 -05:00
Scott Worley f72a3142f0 doc: 20.09 release notes: nixos-YY.MM branches no longer in nixos-channels repo
Since 7c442a2f67
for https://github.com/NixOS/nixpkgs/issues/99257
2020-11-11 11:29:39 -08:00
Scott Worley 88b7340a79 doc: Fix doc-building instructions 2020-11-11 11:22:29 -08:00