1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-24 19:08:30 +00:00
Commit graph

2234 commits

Author SHA1 Message Date
Ryan Mulligan 2b8cdd5f3b
Merge pull request #89472 from asymmetric/relnotes-grub
rl-2003: mention grub 2.04 update
2021-01-18 11:50:52 -08:00
Thiago Kenji Okada 0f762e5582 nixos/doc: document services.xserver.libinput changes 2021-01-13 10:20:38 -03:00
Thiago Kenji Okada 887386fbbe nixos/doc: fix manual reference to libinput 2021-01-13 10:20:34 -03:00
Izorkin 91e580397e
mariadb: 10.4.15 -> 10.5.8 2021-01-12 17:22:54 +03:00
Izorkin d688f790dd
mariadb: drop build server with tokudb storage 2021-01-12 17:22:47 +03:00
rnhmjoj 88f71722ea
nixos/doc: add searx changes to the relase notes 2021-01-11 08:41:16 +01:00
Florian Klink 581232454f
Merge pull request #108726 from omasanori/nixos/netgroup
nixos/networking: make /etc/netgroup by default
2021-01-10 23:01:12 +01:00
Guillaume Girol 0fbc0976db
Merge pull request #106082 from rnhmjoj/uwsgi
nixos/uwsgi: run with capabilities instead of root
2021-01-10 21:51:37 +00:00
rnhmjoj 3a17a9b05e
nixos/docs: add uWSGI changes to the relase notes 2021-01-10 19:33:41 +01:00
Jörg Thalheim 51894963cb
Merge pull request #89775 from numinit/update-androidenv 2021-01-10 15:09:36 +00:00
Jörg Thalheim b815fb2fd9
Merge pull request #105775 from xaverdh/iwd-link-unit 2021-01-10 12:35:25 +00:00
Michele Guerini Rocco db0adc9a44
Merge pull request #108897 from pacien/fish-foreign-env-remove-alias
fish-foreign-env: remove alias to incompatible package
2021-01-10 10:04:43 +01:00
Masanori Ogino d1d6403cb5 nixos/networking: make /etc/netgroup by default
This will prevent nscd from complaining /etc/netgroup being absent.

Signed-off-by: Masanori Ogino <167209+omasanori@users.noreply.github.com>
2021-01-10 11:01:48 +09:00
pacien 052f58ffae fish-foreign-env: remove alias to incompatible package
The fish-foreign-env and the fishPlugins.foreign-env packages aren't
compatible due to changes in directory layout.

It's better to remove the alias so that the evaluation explicitly fails
instead of allowing silent runtime breakage.

GitHub: see https://github.com/NixOS/nixpkgs/pull/107834#issuecomment-756995696
GitHub: see https://github.com/LnL7/nix-darwin/issues/269
GitHub: see https://github.com/nix-community/home-manager/issues/1701
GitHub: see https://github.com/nix-community/home-manager/issues/1702
2021-01-10 01:03:23 +01:00
WORLDofPEACE 7c34e83cb2
Merge pull request #108107 from talyz/reintroduce-epiphany
Revert "nixos/gnome3: don't install epiphany default"
2021-01-09 16:45:31 -05:00
Dominik Xaver Hörl 86b3251c80 nixos/iwd: add release notes for changes to wireless interface renaming 2021-01-09 10:55:41 +01:00
Jörg Thalheim a14ea3aecc
Merge pull request #97740 from ju1m/tor
nixos/tor: improve type-checking and hardening
2021-01-05 16:00:40 +00:00
talyz 8ed9987894
nixos/gnome3: Note the reintroduction of epiphany in release notes 2021-01-05 16:27:20 +01:00
pacien d94921db12 fish-foreign-env: move to fishPlugins.foreign-env
And relocate the installed fish functions to the `vendor_functions.d` so
that they're automatically loaded.
2021-01-04 18:53:59 +01:00
talyz 0f0d5c0c49
profiles/hardened: Add note about potential instability
Enabling the profile can lead to hard-to-debug issues, which should be
warned about in addition to the cost in features and performance.

See https://github.com/NixOS/nixpkgs/issues/108262 for an example.
2021-01-04 16:03:29 +01:00
numinit 5b91d4ab65 Rework androidenv package generation
androidenv did not previously write license files, which caused certain
gradle-based Android tools to fail. Restructure androidenv's list of
Android packages into a single repo.json file to prevent duplication
and enable us to extract the EULA texts, which we then hash with
builtins.hashString to produce the license files that Android gradle
tools look for.

Remove includeDocs and lldbVersions, as these have been removed
from the Android package repositories.

Improve documentation and examples.
2021-01-03 21:27:23 -07:00
Julien Moutinho 0ccdd6f2b0 nixos/tor: improve type-checking and hardening
Fixes #77395.
Fixes #82790.
2021-01-04 01:02:26 +01:00
Maximilian Bosch 3b57908018
Merge pull request #108179 from WilliButz/update/prometheus-json-exporter/0.2.0
prometheus-json-exporter: unstable-2017-10-06 -> 0.2.0
2021-01-03 19:28:12 +01:00
Maximilian Bosch 6e43cc7fb0
nixos/prometheus-exporters: minor doc improvements
* Content of `programlisting` shouldn't be indented, otherwise it's
  weirdly indented in the output.
* Use `<xref linkend=.../>` in the release notes: then users can
  directly go to the option documentation when reading release notes.
* Don't use docbook tags in `mkRemovedOptionModule`: it's only used
  during evaluation where docbook isn't rendered.
2021-01-03 19:04:33 +01:00
github-actions[bot] bc30d1eb34
Merge master into staging-next 2021-01-03 00:56:46 +00:00
ajs124 a2267f6341 xfsprogs: 4.19 -> 5.10 2021-01-02 18:45:22 +01:00
WilliButz 3f94c66ee1
nixos/prometheus-json-exporter: update modules & tests, add release notes 2021-01-02 13:10:27 +01:00
Jörg Thalheim c2fca99f97
Revert "Merge branch 'master' into staging-next"
This reverts commit f19b7b03a0, reversing
changes made to 572a864d02.

Sorry. I pushed the wrong staging-next (the one that had my master
merged in). This was not intended.
2020-12-31 08:50:36 +01:00
Jörg Thalheim f19b7b03a0
Merge branch 'master' into staging-next 2020-12-31 07:31:38 +01:00
Jörg Thalheim b8a19ca2bc
nixos-rebuild: add --impure flag
There are two use case for this flag:

1. NixOS developer usually use a nixpkgs checkout for development.
Copying nixpkgs everytime when rebuilding NixOS is way to slow, even
with NVME disks.

2. Folks migrating from impure configuration in a sufficient complex
infrastructure need this flag to gradually migrate to NixOS flakes.
2020-12-30 07:50:30 +01:00
Jörg Thalheim e1e412215d
nixos-rebuild: document all nix flags 2020-12-30 07:50:30 +01:00
Lucas Savva e5913db0c9 nixos/acme: update documentation and release notes
The instructions on recreating the cert were missing --what=state.
Also added a note on ensuring the group of manual certs is correct.
2020-12-28 00:35:45 +00:00
Frederik Rietdijk 736dd028ca Merge staging-next into staging 2020-12-22 19:43:32 +01:00
WilliButz 97e863ad7f
nixos/doc: add note about codimd -> hedgedoc to release notes 2020-12-22 01:39:03 +01:00
github-actions[bot] d87de5dd7d
Merge staging-next into staging 2020-12-21 12:23:08 +00:00
Sandro 652da3f472
Merge pull request #107134 from psibi/patch-2
nixos/manual: fix typo in virtualbox installation guide
2020-12-21 11:32:52 +01:00
Sibi Prabakaran 15dcf1344f
nixos/manual: fix typo in virtualbox installation guide 2020-12-21 11:01:54 +05:30
Frederik Rietdijk f081225a83
Merge pull request #106533 from helsinki-systems/refactor/waf-hook
[staging] wafHook: Don't wrap Python 2
2020-12-19 19:28:05 +01:00
Silvan Mosberger 9e6737710c Revert "Module-builtin assertions, disabling assertions and submodule assertions" 2020-12-18 16:44:37 +01:00
Michele Guerini Rocco d8cb103f79
Merge pull request #104589 from fadenb/release_notes_wpa_supplicant_breaking_change
nixos/release-notes: Warn on wpa_supplicant changes
2020-12-18 16:11:10 +01:00
Silvan Mosberger 7698aa9776
Merge pull request #97023 from Infinisil/module-assertions
Module-builtin assertions, disabling assertions and submodule assertions
2020-12-18 14:17:52 +01:00
rnhmjoj 8a76f5d811
nixos/doc: fix manual build
This is a fixup of 9728907c
2020-12-18 08:46:03 +01:00
Silvan Mosberger 767d80099c
lib/modules: Introduce _module.checks.*.check
Previously the .enable option was used to encode the condition as well,
which lead to some oddness:
- In order to encode an assertion, one had to invert it
- To disable a check, one had to mkForce it

By introducing a separate .check option this is solved because:
- It can be used to encode assertions
- Disabling is done separately with .enable option, whose default can be
  overridden without a mkForce
2020-12-17 21:52:24 +01:00
Janne Heß cfc4f6347f
wafHook: Don't wrap python2 2020-12-17 19:01:28 +01:00
Andreas Rammhold fa0d499dbf
Merge pull request #106995 from andir/ml2pr/PATCH-nixos-users-groups-createHome-Ensure-HOME-permissions-fix-description
nixos/users-groups: createHome: Ensure HOME permissions, fix description
2020-12-17 17:23:46 +01:00
Markus Kowalewski 5df0cf7461
nixos/slurm: fix dbdserver config file handling
Since slurm-20.11.0.1 the dbd server requires slurmdbd.conf to be
in mode 600 to protect the database password. This change creates
slurmdbd.conf on-the-fly at service startup and thus avoids that
the database password ends up in the nix store.
2020-12-16 20:34:14 +01:00
Alyssa Ross e17d4b05a1 nixos/tor: don't do privoxy stuff by default
It's very surprising that services.tor.client.enable would set
services.privoxy.enable.  This violates the principle of least
astonishment, because it's Privoxy that can integrate with Tor, rather
than the other way around.

So this patch moves the Privoxy Tor integration to the Privoxy module,
and it also disables it by default.  This change is documented in the
release notes.

Reported-by: V <v@anomalous.eu>
2020-12-16 12:20:03 +00:00
Klemens Nanni 8833983f26 nixos/users-groups: createHome: Ensure HOME permissions, fix description
configuration.nix(1) states

    users.extraUsers.<name>.createHome
        [...] If [...] the home directory already exists but is not
        owned by the user, directory owner and group will be changed to
        match the user.

i.e. ownership would change only if the user mismatched;  the code
however ignores the owner, it is sufficient to enable `createHome`:

    if ($u->{createHome}) {
        make_path($u->{home}, { mode => 0700 }) if ! -e $u->{home};
        chown $u->{uid}, $u->{gid}, $u->{home};
    }

Furthermore, permissions are ignored on already existing directories and
therefore may allow others to read private data eventually.

Given that createHome already acts as switch to not only create but
effectively own the home directory, manage permissions in the same
manner to ensure the intended default and cover all primary attributes.

Avoid yet another configuration option to have administrators make a
clear and simple choice between securely managing home directories
and optionally defering management to own code (taking care of custom
location, ownership, mode, extended attributes, etc.).

While here, simplify and thereby fix misleading documentation.
2020-12-16 03:40:29 +01:00
Guillaume Girol 824d2c92bd
Merge pull request #82584 from Atemu/dnscrypt-default-config
dnscrypt-proxy2: base settings on example config
2020-12-15 19:47:43 +00:00
Linus Heckemann cc786acdce
Merge pull request #105397 from kisik21/mailman-other-mta-support
nixos/mailman: make Postfix support optional (provided you configure the MTA yourself)
2020-12-14 09:46:05 +01:00
Vika ad023b0c88
nixos/mailman: make Postfix support optional (provided you configure the MTA yourself)
Mailman can now work with MTAs other than Postfix. You'll have to configure
it yourself using the options in `services.mailman.settings.mta`.

This addition is reflected in the release notes for 21.03.
2020-12-14 02:41:30 +03:00
Atemu 5242cec1b8 rl-2103: document nixos/dnscrypt-proxy2's default config change 2020-12-12 09:15:56 +01:00
Jan Tojnar 4f20afbc19
Merge branch 'master' into staging-next 2020-12-10 04:39:30 +01:00
Damien Diederen f77d01ffc5 zookeeper: 3.4.12 -> 3.6.2
A big jump, but the structure hasn't changed much.

This recipe is still based on a binary release provided by upstream.

(It might be interesting to start doing our own builds at some point,
to split client from server, and/or to create packages for removed
"contribs" such as 'zooInspector'.  Upstream intends to further slim
down its release tarballs as most deployments only need specific assets.)
2020-12-09 15:46:38 +01:00
Gabriel Ebner a474f0d1e6
Merge pull request #105275 from lukegb/nixpkgs-pa14
pulseaudio: 13.0 -> 14.0
2020-12-07 22:45:47 +01:00
zowoq fad293d452 nixos/doc/rl-2103: fix build 2020-12-06 12:15:26 +10:00
Doron Behar 44d041786b rl-2103: Mention gnuradio expressions changes.
Mention 3.8 and that it's now possible to override it and 3.7 to compile
only certain features.
2020-12-05 13:24:05 +02:00
Symphorien Gibol 9816bbbaa5 nixos/rspamd: add release notes 2020-12-01 14:45:56 +01:00
Silvan Mosberger c03a809dc4
Merge pull request #105515 from alyssais/manual-declarative
nixos/manual: don't recommend nix-env -iA
2020-12-01 04:28:43 +01:00
Alyssa Ross 55a6b5565b
nixos/manual: don't recommend nix-env -iA
We're really setting users up on the wrong path if we tell them to
nix-env -iA immediately after installing.  Instead, let's just
reassure them that installing software will be covered in due course
in the manual, to encourage them to keep reading.
2020-12-01 01:23:16 +00:00
Silvan Mosberger c9cc8969b4
lib/modules: Rename _module.assertions to _module.checks 2020-11-30 23:51:41 +01:00
Silvan Mosberger c4fb54e92a
nixos/docs: Update assertion docs for new module-builtin ones 2020-11-30 23:51:23 +01:00
Frederik Rietdijk 9a63b3d3d6
Merge pull request #104781 from NixOS/staging-next
Staging next
2020-11-30 18:27:29 +01:00
Raghav Sood 1fd8d571ed
cpp_ethereum: remove 2020-11-30 03:23:21 +00:00
Luke Granger-Brown d29428523e rl-21.03: add PulseAudio 13.0 -> 14.0 upgrade to release notes 2020-11-29 13:27:46 +00:00
Frederik Rietdijk b2a3891e12 Merge master into staging-next 2020-11-27 15:09:19 +01:00
Jan Tojnar 6d99109b12
Merge branch 'staging-next' into staging 2020-11-24 05:44:44 +01:00
adisbladis ba1fa0c604
pam_ssh_agent_auth: Honour services.openssh.authorizedKeysFiles
If a system administrator has explicitly configured key locations this
should be taken into account by `sudo`.
2020-11-24 02:47:07 +01:00
Florian Klink bbf3c9483b
Merge pull request #104520 from Izorkin/wsdd
wsdd: init at 0.6.2
2020-11-23 23:18:23 +01:00
Frederik Rietdijk 587538d087 Merge staging-next into staging 2020-11-23 18:10:33 +01:00
Izorkin 03760ab82e
nixos/samba-wsdd: init service samba-wsdd 2020-11-23 13:26:00 +03:00
Florian Klink c76891314d
Merge pull request #104094 from flokli/systemd-unified-cgroup-hierarchy
systemd: switch to unified cgroup hierarchy by default
2020-11-22 22:35:42 +01:00
Tristan Helmich 3049064aa5 nixos/release-notes: Warn on wpa_supplicant changes 2020-11-22 11:43:43 +00:00
Jack Kelly 6fd871dec4 rl-21.03: describe EC2 instance user/meta data reloading 2020-11-22 12:22:46 +10:00
Jörg Thalheim 258903e725
Merge pull request #94610 from kwohlfahrt/openldap 2020-11-21 23:09:40 +01:00
Aaron Andersen 30c2069a9c
Merge pull request #78168 from active-group/subversion-apache-config-docs
nixos/doc: Rudimentary documentation for Subversion-inside-Apache HTTP.
2020-11-21 15:17:45 -05:00
Kai Wohlfahrt 3f892c2174 nixos/openldap: Remove extraConfig options
Instead of deprecating, as per PR feedback
2020-11-21 16:13:03 +00:00
Kai Wohlfahrt 5fafbee87a nixos/openldap: Add release-notes for OLC config 2020-11-21 15:45:15 +00:00
Guillaume Girol 01083f116d
Merge pull request #102235 from symphorien/paperwork2
Paperwork 2.0
2020-11-20 21:30:08 +00:00
Florian Klink d22b3ed4bc systemd: switch to unified cgroup hierarchy by default
See https://www.redhat.com/sysadmin/fedora-31-control-group-v2 for
details on why this is desirable, and how it impacts containers.

Users that need to keep using the old cgroup hierarchy can re-enable it
by setting `systemd.unifiedCgroupHierarchy` to `false`.

Well-known candidates not supporting that hierarchy, like docker and
hidepid=… will disable it automatically.

Fixes #73800
2020-11-19 16:56:46 +01:00
Michael Raitza 1f323ec2b4 openafs: remove 1.6; point to openafs_1_8 2020-11-17 21:31:59 +01:00
Symphorien Gibol 3c9707d4a3 nixos: add release notes for the paperwork update. 2020-11-15 15:46:53 +01:00
Mike Sperber aaad9fd0da nixos/doc: Rudimentary documentation for Subversion-inside-Apache HTTP.
Content thanks to: Aaron Andersen
2020-11-14 15:05:46 +01:00
Frederik Rietdijk 463f738cc6 Merge master into staging-next 2020-11-13 20:58:35 +01:00
Doron Behar 8769c817f4
Merge pull request #75615 from FSMaxB/patch-1
Add note about installing NixOS from distributions with /usr/sbin and…
2020-11-13 10:50:32 +02:00
Max Bruckner be0555b8a8 nixos/doc: Add note about /usr/sbin and /sbin
An installation from Debian buster may fail without adding /usr/sbin to
$PATH because chroot is not in the PATH of a non-root user.
2020-11-13 10:30:20 +02:00
Maximilian Bosch fca0aad258
Merge pull request #103500 from chkno/nixos-YY.MM-not-in-nixpkgs-channels
doc: 20.09 release notes: nixos-YY.MM branches no longer in nixos-channels repo
2020-11-12 23:27:27 +01:00
zowoq 31051812bc nixos/doc/*: fix indentation 2020-11-12 14:24:00 +10:00
Kevin Cox 66c98ec550
Merge pull request #95751 from srhb/forceImportAll
nixos/zfs: Fix boot.zfs.forceImportAll
2020-11-11 20:32:42 -05:00
Scott Worley f72a3142f0 doc: 20.09 release notes: nixos-YY.MM branches no longer in nixos-channels repo
Since 7c442a2f67
for https://github.com/NixOS/nixpkgs/issues/99257
2020-11-11 11:29:39 -08:00
Scott Worley 88b7340a79 doc: Fix doc-building instructions 2020-11-11 11:22:29 -08:00
Sarah Brofeldt e0d51db401 nixos: boot.zfsImportAll = false; by default
Also add 21.03 release note
2020-11-11 18:46:05 +01:00
Frederik Rietdijk 4076ffe580 Merge staging-next into staging 2020-11-11 16:00:34 +01:00
Daniël de Kok 3497b757d3
Merge pull request #102472 from helsinki-systems/feat/vim-python3
vim: Get rid of Python 2 dependency
2020-11-11 11:52:02 +01:00
Frederik Rietdijk 0b2ca377b1 Merge staging-next into staging 2020-11-10 10:13:13 +01:00
Frederik Rietdijk 379aaa1e0c Merge master into staging-next 2020-11-10 10:11:08 +01:00
Timo Kaufmann b839d4a855
Merge pull request #98938 from raboof/nixos-manual-wayland
nixos.manual: introduce Wayland section
2020-11-09 16:59:12 +01:00
Doron Behar 9db44f61a7 rubyMinimal: remove
Due to being unused, and seemingly unusable, added appropriate release
notes.
2020-11-09 16:17:41 +02:00
Frederik Rietdijk 20f001c01e Merge master into staging-next 2020-11-09 14:33:52 +01:00
Janne Heß 576a928794
vim: Get rid of Python 2 dependency 2020-11-09 13:02:04 +01:00
Daniël de Kok d43f378b4a
Merge pull request #103101 from matthiasbeyer/update-mutt
mutt: 1.14.7 -> 2.0.0
2020-11-08 18:26:51 +01:00
Niklas Hambüchen 1c460c0a5c
Merge pull request #103147 from nh2/nginx-sandbox-protecthome-release-notes
manual: nginx: Mention ProtectHome in release notes. See #85567
2020-11-08 18:01:03 +01:00
Niklas Hambüchen 2e7b320931 manual: nginx: Remove reference to stateDir from release notes. Fixes #102211.
Fixed wording taken from:
https://github.com/NixOS/nixpkgs/issues/102211#issuecomment-719976230
2020-11-08 17:55:11 +01:00
Daniël de Kok c65164ec75 nixos/release-notes: Mutt 2.x has some backward incompatible changes 2020-11-08 17:26:54 +01:00
Niklas Hambüchen 2f845dccbf manual: nginx: Mention ProtectHome in release notes. See #85567.
See https://github.com/NixOS/nixpkgs/pull/85567#pullrequestreview-525820684
2020-11-08 17:03:07 +01:00
Ninjatrappeur 5f5d38e88f
Merge pull request #101218 from andir/unbound-systemd 2020-11-08 16:55:29 +01:00
Niklas Hambüchen 169ab0b89f redis service: Listen on localhost by default. Fixes #100192.
All other database servers in NixOS also use this safe-by-default setting.
2020-11-08 01:15:33 +01:00
Frederik Rietdijk 99fb79ae84 Merge master into staging-next 2020-11-06 12:51:56 +01:00
Michele Guerini Rocco 25d15ebffb
Merge pull request #98661 from doronbehar/doc/nixos/systemd-nixos-specific
doc/nixos: Explain better NixOS specific Systemd stuff
2020-11-06 11:52:58 +01:00
Doron Behar 8716b71ea6 doc/nixos: Explain better NixOS specific Systemd stuff
Divide the "Service Management" chapter into two sections. The 1st (the
original) explaining General, not NixOS specific ways to interact with
Systemd. The 2nd section, explaining NixOS specific things worth
knowing.

Explain in the 2nd section a bit NixOS modules and services of Nixpkgs,
and mention `systemd.user.services` option. Give an example
demonstrating how to enable imperatively an upstream provided unit file
for a user. Explain why `systemctl --user enable` doesn't work for the
long term on NixOS.
2020-11-06 11:35:59 +02:00
Jan Tojnar a821be7531
Merge branch 'master' into staging-next 2020-11-05 09:42:47 +01:00
freezeboy dc0f5ed6d2 btc1: remove 2020-11-04 12:26:42 +01:00
Frederik Rietdijk 10c57af49c Merge staging-next into staging 2020-11-04 09:28:07 +01:00
Andreas Rammhold 5c16c31e06
nixos/unbound: add release notes for the changes that were introduced
As part of this patch series a few changes have been made to the unbound
serivce the deserve proper documentation.
2020-11-03 19:21:25 +01:00
Kim Lindberger cf2d180a12
Merge pull request #99906 from talyz/keycloak
nixos/keycloak: Init
2020-11-03 18:31:19 +01:00
Kevin Cox 8230e62f57
Merge pull request #100495 from DianaOlympos/riak-cs-delete
riak-cs: delete
2020-11-03 11:17:42 -05:00
Arnout Engelen c9b669a283
nixos.manual: introduce Wayland section
Co-Authored-By: Nicolas Berbiche <nicolas@normie.dev>
2020-11-01 15:47:10 +01:00
Frederik Rietdijk 83dde6c52c Merge staging-next into staging 2020-11-01 10:11:12 +01:00
zimbatm 7d834eff6c
nixos/manual: make reproducible (#102234) 2020-10-31 21:18:16 +01:00
WORLDofPEACE eaaf9254aa
Merge pull request #100520 from hyperfekt/patch-3
nixos-install: add passthrough --keep-going flag
2020-10-31 15:19:51 -04:00
Niklas Hambüchen 441abe9949 release notes: Document deprecation warning for StartLimitInterval in [Service] 2020-10-31 18:11:03 +01:00
hyperfekt 1338647a8c nixos-install: pass through keep-going flag 2020-10-31 17:13:45 +01:00
WORLDofPEACE 7b3b82f7af
Merge pull request #100136 from xaverdh/nixos-install-support-impure
nixos-install: pass through impure flag
2020-10-31 01:17:07 -04:00
talyz d1d3c86c70
rl-2103: Note the addition of the Keycloak service 2020-10-29 12:08:06 +01:00
Maximilian Bosch ca45bb574d
nixos/rl-2009: minor typo fix 2020-10-28 19:38:28 +01:00
Thomas Depierre 63caecee7d riak-cs: delete 2020-10-28 19:31:33 +01:00
Andreas Rammhold db0fe5c3eb
Merge branch master into staging to fix eval error
This fixes the eval error of the small (and "big"?) NixOS test set that
was fixed in 1088f05 & eba8f542.
2020-10-28 03:03:27 +01:00
Andreas Rammhold c127653b72
Merge pull request #101887 from jonringer/minor-release-notes-adjustment
nixos/docs/rl-2009.xml: grafana: description, example agreement
2020-10-28 02:38:55 +01:00
Jonathan Ringer 3963954fc8
nixos/docs/rl-2009.xml: grafana: description, example agreement 2020-10-27 17:50:39 -07:00
Markus S. Wamser a0cc1243cc doc: 20.09 release notes: remove duplicate service list entry
opt-services.foldingathome.enable was listed twice
2020-10-27 13:43:44 -07:00
davidak 4166a767de doc: improve 20.09 release notes 2020-10-27 21:11:22 +01:00
WORLDofPEACE 5a08ab936b rl-2009: release on a Tuesday
Because hydra took it's good old time
2020-10-27 03:03:43 -04:00
Jonathan Ringer 51ca426eb5
release-notes-2009: add contributions section 2020-10-26 18:36:12 -07:00
Jonathan Ringer 366bebd53a README.md: update stable release links 2020-10-26 20:10:29 -04:00
Klemens Nanni 3216b85713 nixos/system-path: Add mkpasswd(1)
Generating password hashes, e.g. when adding new users to the system
configuration, should work out-of-the-box and offline.
2020-10-26 03:40:11 +01:00
Jonathan Ringer 37236c2a23 nixos/doc/rl-20.09: normalize highlights, reorder entries 2020-10-25 17:40:47 -07:00
Vladimír Čunát 2f6b00b15e
Merge branch 'staging-next' into staging 2020-10-25 09:47:04 +01:00
Aaron Andersen 6393835b8d nixos/powerdns: update release notes 2020-10-24 16:41:32 -04:00
Jan Tojnar 346e1f020e
release-notes: Mention GNOME 3.38 2020-10-24 01:18:46 +02:00
Doron Behar 7fb1e3af77 nixos/doc: Mention how to contribute to it
Instead of putting a README in the directory where the manual is
written, put the information from it straight in the docs themselves.
It's a bit untrivial to guess the manual is located exactly there for
contributers.
2020-10-22 17:40:48 +03:00
symphorien 9e8eaea484
nixos/sslh: fix usage of the now removed ssl probe (#101087)
and document
2020-10-21 21:34:35 +02:00
Andreas Rammhold f6cd17269e
Merge pull request #49403 from andir/qemu_test_reduce_closure
qemu_test: disable features that are not needed for tests (closure 641 -> 335.3M)
2020-10-21 00:41:01 +02:00
Andreas Rammhold 20893b3a70
nixos/tests: expose both the interactive and non-interactive driver
For a lot of the work the non-interactive drivers are enough and it is
probably a good idea to keep it accessible for debugging without
touching the Nix expression.
2020-10-19 17:39:48 +02:00
Aluísio Augusto Silva Gonçalves cba9843aa0
nixos/doc: fix itemization in the 20.09 release notes 2020-10-19 07:11:48 -03:00
Aaron Andersen dc790c104c nixos/pdns-recursor: add release notes 2020-10-18 08:26:35 -04:00
Frederik Rietdijk b3aed163d5
Merge pull request #99709 from NixOS/staging-next
Staging next
2020-10-14 21:10:31 +02:00
Michael Weiss 03ce325365
nixos/doc: Fix one command to build the NixOS manual
This one occurrence wasn't updated:
$ git grep "nix-build nixos/release.nix -A manual"
nixos/doc/manual/README:    nix-build nixos/release.nix -A manual.x86_64-linux
nixos/doc/manual/development/meta-attributes.xml:<screen><prompt>$ </prompt>nix-build nixos/release.nix -A manual</screen>
nixos/doc/manual/development/writing-documentation.xml:<screen>nix-build nixos/release.nix -A manual.x86_64-linux</screen>
2020-10-14 18:10:53 +02:00
Frederik Rietdijk 9e1943edc0 Merge master into staging-next 2020-10-13 19:34:34 +02:00
Jonathan Ringer 82e2fdea1e nixos/doc: add nvidia prime changes 2020-10-12 22:59:54 -07:00
Doron Behar 58b8ae4127
Merge pull request #100066 from matthuszagh/kicad-srcs 2020-10-12 22:55:16 +03:00
Matt Huszagh b90776cbbf add 21.03 release notes for renamed kicad options 2020-10-12 11:32:44 -07:00
WORLDofPEACE 8cae8e54a1 Revert "mediatomb/gerbera: Add release note information for 20.09"
This was added to a release note when it's a feature not landing in that release.

This reverts commit a007e07abb.
2020-10-10 23:26:42 -04:00
WORLDofPEACE 13b192749c nixos/gnome3: don't install epiphany default
See https://github.com/NixOS/nixpkgs/issues/98819
2020-10-10 22:12:59 -04:00
Jan Tojnar aabcf2d8f5
Merge branch 'master' into staging-next 2020-10-11 00:27:21 +02:00
WORLDofPEACE 38237e95e6
Merge pull request #100103 from jtojnar/fontconfig-rn
nixos/doc: Mention fontconfig changes in 20.09 RN
2020-10-10 16:47:39 -04:00
WORLDofPEACE 2e087fe0d9
Merge pull request #100097 from Jiehong/doc/release_note_python
doc: add the removal of Python 3.5 to the 20.09 release notes (#95765)
2020-10-10 16:44:25 -04:00
Michael Weiss 4a600af1b1 doc: Document a workaround for using an FQDN as hostname
Since #76542 this workaround is required to use a FQDN as hostname. See
#94011 and #94022 for the related discussion. Due to some
potential/unresolved issues (legacy software, backward compatibility,
etc.) we're documenting this workaround [0].

[0]: https://github.com/NixOS/nixpkgs/issues/94011#issuecomment-705952300
2020-10-10 10:48:54 -07:00
Vladimír Čunát 338b25697c
Merge branch 'master' into staging-next
Quite many rebuilds from master:
> Estimating rebuild amount by counting changed Hydra jobs.
>    3926 x86_64-darwin
>    4645 x86_64-linux
2020-10-10 11:32:10 +02:00
Dominik Xaver Hörl bb61cce82a nixos-install: pass through impure flag 2020-10-10 10:05:15 +02:00
Jan Tojnar be2f1cb15c
nixos/doc: Mention fontconfig changes in 20.09 RN
This is a major change but it should not cause any issues.
2020-10-09 22:09:37 +02:00
Jiehong Ma 63c7735733 doc: add the removal of Python 3.5 to the 20.09 release notes (#95765) 2020-10-09 20:03:15 +02:00
Jiehong Ma c3e4594eaf doc: add AMD rocm and vulkan to 20.09 release notes (#95765) 2020-10-09 18:24:27 +02:00
Frederik Rietdijk ec28e32c9e Merge master into staging-next 2020-10-08 21:47:26 +02:00
Timo Kaufmann a4cde0f969 nixos/mediatomb: fix doc errors
Follow-up to #93450 to fix the manual build.
2020-10-08 16:04:11 +02:00
Antoine R. Dumont (@ardumont) a007e07abb
mediatomb/gerbera: Add release note information for 20.09
Note that it made into 2 entries, one about new options in the first section.
Another in the breaking compatibility section due to the openFirewall option
which changes the behavior.
2020-10-08 08:59:49 +02:00
Vladimír Čunát 420f89ceb2
Revert "apparmor: fix and improve the service"
This reverts commit fb6d63f3fd.

I really hope this finally fixes #99236: evaluation on Hydra.
This time I really did check basically the same commit on Hydra:
https://hydra.nixos.org/eval/1618011

Right now I don't have energy to find what exactly is wrong in the
commit, and it doesn't seem important in comparison to nixos-unstable
channel being stuck on a commit over one week old.
2020-10-07 12:22:18 +02:00
Linus Heckemann 41c0f49681
Merge pull request #99596 from Ma27/nextcloud20
nextcloud20: init
2020-10-07 08:10:38 +02:00
Maximilian Bosch 5f67a62d59
nixos/nextcloud: update upgrade-path for nextcloud20
Please note that this is only for 21.03 since `nextcloud19` is intended
to be the default for the already feature-frozen 20.09 (the bump itself
is supposed to get backported however).
2020-10-06 20:22:47 +02:00
Frederik Rietdijk 692d219a93 Merge staging-next into staging 2020-10-06 10:25:58 +02:00
Léo Gaspard e0c48efc17
matrix-synapse module: fix documentation and add release notes (#99564) 2020-10-05 23:35:28 +02:00
rnhmjoj 9f8aad2ca6 nixos/doc: document fonts.enableFontDir changes 2020-10-04 15:22:36 +01:00
Florian Klink 93178d471e
Merge pull request #99329 from 0x4A6F/master-networking-hostname
nixos: Conform with RFC 1123 in networking.hostName
2020-10-02 22:01:51 +02:00
0x4A6F c232d4b587
nixos: Conform with RFC 1123 in networking.hostName
Conform to RFC 1123 [0], specifically to "2.1 Host Names and Numbers",
which allow starting host name with alphanumerical instead of alphabetical characters.
RFC 1123 updates RFC 952 [1], which is referenced in "man 5 hosts".

[0]: https://tools.ietf.org/html/rfc1123
[1]: https://tools.ietf.org/html/rfc952
2020-10-01 22:06:00 +00:00
Tristan Helmich (omniIT) d637770ce2 release-notes: Warn about systemd-journal2gelf changes 2020-10-01 14:35:25 +00:00
WORLDofPEACE 4065a45638
Merge pull request #99038 from worldofpeace/nixos-rebuild-impure
nixos-rebuild: add impure
2020-09-28 22:23:30 -04:00
WORLDofPEACE 3ad3041918 doc/nixos-rebuild(8): add Nix --impure option to summary 2020-09-28 19:41:05 -04:00
Jan Tojnar 32b4375f10
Merge branch 'staging-next' into staging 2020-09-29 00:12:29 +02:00
Arnout Engelen 31dff5cab8
nixos/doc/manual: add link to nixos-generators (#98925)
From the 'Building your Own NixOS CD' section
2020-09-27 19:59:54 +00:00
Maximilian Bosch 71426f2cfa
Merge pull request #98333 from Ma27/bump-nextcloud
nextcloud: 19.0.1 -> 19.0.3, deprecate/remove older versions
2020-09-27 20:02:38 +02:00
Maximilian Bosch 6b48deee54
nixos/nextcloud: drop nextcloud17, deprecate nextcloud18
Both packages will get EOLed within the lifetime of 20.09. `nextcloud17`
can be removed entirely (the attribute-path is kept however to provide
meaningful errors), however `nextcloud18` must be kept as `insecure` to
make sure that users from `nextcloud17` can properly upgrade to
`nextcloud19` on NixOS 20.09.
2020-09-27 19:21:21 +02:00
Michael Raskin 31a4e2e28b
Merge pull request #93457 from ju1m/apparmor
apparmor: fix and improve the service
2020-09-27 13:07:38 +00:00
Doron Behar f85b2a1c89
Merge pull request #97797 from lf-/fix-redirecting-installer-urls
docs: add -L to remaining curl install commands
2020-09-26 19:15:08 +03:00
Graham Christensen d9a93852d4
nixos-rebuild: support --upgrade-all and document --upgrade (#83327) 2020-09-25 17:22:11 +02:00
Jan Tojnar d471c5d1f3
Merge branch 'staging-next' into staging 2020-09-24 23:09:00 +02:00
Jan Tojnar e6ce041cae
nixos/doc: Improve code listings
By adding prompts and replaceables and removing unnecessary indentation.
2020-09-23 01:25:25 +02:00
Frederik Rietdijk 7bff759fac Merge staging-next into staging 2020-09-22 18:31:56 +02:00
Robert Hensing f3893d8b53
Merge pull request #97119 from Infinisil/types.anything
Introduce `types.anything`
2020-09-21 08:49:24 +02:00
WORLDofPEACE 34aaac6d7c Merge branch 'staging-next' into staging 2020-09-20 18:41:15 -04:00
Symphorien Gibol 1b7ca69ecc nixos/postgresql: check config file syntax at build time 2020-09-20 13:43:20 +02:00
Philipp Bartsch eae103c835 nixos/doc: fix dead link 2020-09-19 12:52:14 +02:00
WORLDofPEACE 115383f969
Merge pull request #97606 from NixOS/mkg/cinrelnotes
release-notes: mention cinnamon
2020-09-17 00:35:39 -04:00
Maciej Krüger bc3d459ceb
release-notes: mention cinnamon 2020-09-17 06:22:34 +02:00
Silvan Mosberger 310699319b
nixos/doc: Add docs for types.anything 2020-09-15 21:08:19 +02:00
Silvan Mosberger b3810166c7
nixos/doc: Soft deprecate types.attrs 2020-09-15 21:01:04 +02:00
Sebastian Neubauer 0dca8d5b1e nixos/manual: add 32-bit amdvlk usage 2020-09-14 17:41:23 +02:00
WORLDofPEACE 4085eee678
Merge pull request #97801 from rycee/user-session-dbus2
Make socket activated user dbus session mandatory
2020-09-14 00:37:09 -04:00
Robert Helgesson f292a27f44
nixos/dbus: always use socket activates user session
This removes the `services.dbus.socketActivated` and
`services.xserver.startDbusSession` options. Instead the user D-Bus
session is always socket activated.
2020-09-13 11:17:16 +02:00
Sarah Brofeldt 701064bb10
Merge pull request #96446 from saschagrunert/k8s
kubernetes: 1.18.8 -> 1.19.1
2020-09-13 00:45:56 +02:00
Ryan Mulligan cba76f9ee6
Merge pull request #97632 from ryantm/jitsi-meet-doc
nixos/jitsi-meet: add docs
2020-09-12 14:21:45 -07:00
lf- 6ed65d9b5f docs: add -L to remaining curl install commands 2020-09-11 12:14:07 -07:00
Sascha Grunert f3db33e522
Add NixOS 20.03 release note for Kubernetes v1.19.x
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
2020-09-11 10:38:38 +02:00
Florian Klink 484632983f
Merge pull request #97631 from Izorkin/nginx-sandboxing
nixos/nginx: remove option enableSandbox
2020-09-10 20:33:25 +02:00
Vladimír Čunát ec49caa0b0
nixos release notes: fixup build after #96991 2020-09-10 19:57:21 +02:00
Izorkin 535896671b
nixos/nginx: remove option enableSandbox 2020-09-10 08:19:20 +03:00
Ryan Mulligan 531c08a1d9 nixos/jitsi-meet: add docs 2020-09-09 22:18:20 -07:00
Jörg Thalheim 940195c0e7
Merge pull request #96991 from Mic92/sshd 2020-09-10 06:13:07 +02:00
worldofpeace ca674c1769 rl-2009: document rngd 2020-09-09 21:52:48 -04:00
WORLDofPEACE f0f88be1ea
Merge pull request #79370 from sorki/dtoverlays
Improve device-tree overlay support
2020-09-09 11:01:48 -04:00
Richard Marko 6c9df40a4b nixos/device-tree: improve overlays support
Now allows applying external overlays either in form of
.dts file, literal dts context added to store or precompiled .dtbo.

If overlays are defined, kernel device-trees are compiled with '-@'
so the .dtb files contain symbols which we can reference in our
overlays.

Since `fdtoverlay` doesn't respect `/ compatible` by itself
we query compatible strings of both `dtb` and `dtbo(verlay)`
and apply only if latter is substring of the former.

Also adds support for filtering .dtb files (as there are now nearly 1k
dtbs).

Co-authored-by: georgewhewell <georgerw@gmail.com>
Co-authored-by: Kai Wohlfahrt <kai.wohlfahrt@gmail.com>
2020-09-09 16:34:58 +02:00
Minijackson ad48050cad
nixos/jellyfin: document stateVersion 20.09 in release notes 2020-09-09 09:47:38 +02:00
WORLDofPEACE 2ab42dcc9e
Merge pull request #97171 from davidak/defaultPackages
nixos/config: add defaultPackages option
2020-09-08 19:40:45 -04:00
WORLDofPEACE 0e7f6a884b
Update nixos/doc/manual/installation/installing.xml
Co-authored-by: Jon <jonringer@users.noreply.github.com>
2020-09-08 19:24:51 -04:00
Oleksii Filonenko 45d7f59da8
Merge pull request #97217 from sephii/nixos-caddy-v2-migration 2020-09-08 11:17:55 +03:00
Jonathan Ringer 1f3587cdd5 21.03 is Okapi
* Okapi is an artiodactyl mammal native to Central Africa
* https://en.wikipedia.org/wiki/Okapi
2020-09-07 14:20:35 -07:00
Oleksii Filonenko c3a7c89a20
release-notes/rl-2009: add item about Caddy v2 2020-09-07 09:39:23 +02:00
Jörg Thalheim 60d30e13f7
Update nixos/doc/manual/installation/installing.xml
Co-authored-by: Samuel Dionne-Riel <samuel@dionne-riel.com>
2020-09-06 19:44:30 +01:00
Jörg Thalheim a5872edf2f
nixos/installer: enable sshd by default
Right now the UX for installing NixOS on a headless system is very bad.
To enable sshd without physical steps users have to have either physical
access or need to be very knowledge-able to figure out how to modify the
installation image by hand to put an `sshd.service` symlink in the
right directory in /nix/store. This is in particular a problem on ARM
SBCs (single board computer) but also other hardware where network is
the only meaningful way to access the hardware.

This commit enables sshd by default. This does not give anyone access to
the NixOS installer since by default. There is no user with a non-empty
password or key. It makes it easy however to add ssh keys to the
installation image (usb stick, sd-card on arm boards) by simply mounting
it and adding a keys to `/root/.ssh/authorized_keys`.
Importantly this should not require nix/nixos on the machine that
prepare the installation device and even feasiable on non-linux systems
by using ext4 third party drivers.

Potential new threats: Since this enables sshd by default a
potential bug in openssh could lead to remote code execution. Openssh
has a very good track-record over the last 20 years, which makes it
far more likely that Linux itself would have a remote code execution
vulnerability. It is trusted by millions of servers on many operating
systems to be exposed to the internet by default.

Co-authored-by: Samuel Dionne-Riel <samuel@dionne-riel.com>
2020-09-06 20:26:08 +02:00
davidak 74b3d66baf nixos/config: add defaultPackages option
readd perl (used in shell scripts), rsync (needed for NixOps) and strace (common debugging tool)

they where previously removed in https://github.com/NixOS/nixpkgs/pull/91213

Co-authored-by: Timo Kaufmann <timokau@zoho.com>
Co-authored-by: 8573 <8573@users.noreply.github.com>
2020-09-06 18:58:20 +02:00
Florian Klink d7046947e5
Merge pull request #91121 from m1cr0man/master
Restructure acme module
2020-09-06 18:26:22 +02:00
Julien Moutinho fb6d63f3fd apparmor: fix and improve the service 2020-09-06 07:43:03 +02:00
WORLDofPEACE d0972c9637
Merge pull request #95194 from ju1m/nixos-install
nixos-install: add support for flakes
2020-09-05 15:31:14 -04:00
lewo d65002aff5
Merge pull request #93314 from tnias/nixos_opendkim_20200717
nixos/opendkim: systemd sandbox
2020-09-05 08:46:19 +02:00
Lucas Savva f57824c915
nixos/acme: Update docs, use assert more effectively 2020-09-05 01:06:29 +01:00
Jan Tojnar 951efe41e1 fixup! nixos/doc/releases: update the docs as promised 2020-09-04 10:59:06 -07:00
worldofpeace f2e98e8b36 fixup! nixos/doc/releases: update the docs as promised 2020-09-04 10:59:06 -07:00
worldofpeace d9c33b2ea4 nixos/doc/releases: update the docs as promised
This goes through a recent example of 19.09 (because the workflow
should be everchanging, so our example needs to be recent).
Lots of changes, just read idk.
2020-09-04 10:59:06 -07:00
Julien Moutinho b03c506178 nixos-install: add support for flakes 2020-09-04 06:56:09 +02:00
Julien Moutinho c6a3a0f4f5 nixos-rebuild: do not depend on nix.conf to activate flakes 2020-09-04 06:56:09 +02:00
Christian Svensson 44e472a605 nixos/manual: luks entries are auto-detected
Mention that the the LUKS entries do not need to be added when using
nixos-generate-config. Keep the instructions for people that want to
do it manually.
2020-09-04 00:00:15 +02:00
Janne Heß 8cf4ec8b97
nixos/systemd: Don't use apply for $PATH
When not using apply, other modules can use $PATH as a list instead of
getting a colon-separated list to each /bin directory.
2020-09-03 20:27:55 +02:00
Philipp Bartsch c46dd4e221 nixos/doc: add opendkim changes to release notes 2020-09-03 18:03:28 +02:00
WORLDofPEACE 18348c7829
Merge pull request #96042 from rnhmjoj/loaOf
treewide: completely remove types.loaOf
2020-09-02 08:45:37 -04:00
José Romildo Malaquias 3b92996c0b nixos/doc: document removal of deepin in the release notes 2020-09-01 19:46:34 -03:00
rnhmjoj bc62423a87
nixos/doc: convert loaOf options refs to attrsOf 2020-09-02 00:42:51 +02:00
rnhmjoj 20d491a317
treewide: completely remove types.loaOf 2020-09-02 00:42:50 +02:00
Robert Hensing c914fffeba
Merge pull request #95894 from alexarice/agda-release-notes
Agda: add release notes
2020-09-01 12:26:14 +02:00
Robert Hensing 4841b30784
Merge pull request #94804 from hercules-ci/init-nixos-hercules-ci-agent
nixos/hercules-ci-agent: init
2020-08-29 10:20:14 +02:00
Florian Klink 0620184f3f nixos/lib/test*: remove perl test driver
This has been deprecated in 20.03, and all tests have been migrated to
the python framework, effectively making this dead code.
2020-08-27 19:45:38 +02:00
Jörg Thalheim 4c9ad3ca79
Merge branch 'master' into nginx-update 2020-08-24 13:42:11 +01:00
Robert Hensing 346a1b0ec6 nixos/hercules-ci-agent: init 2020-08-23 20:13:15 +02:00
Alex Rice e4e0c4b8cd
Agda: add release notes 2020-08-23 10:45:38 +01:00
Michele Guerini Rocco 737f4ec73a
Merge pull request #95988 from rnhmjoj/release-notes
nixos/release-notes: mention GRUB password support
2020-08-23 11:39:58 +02:00
Bruno Bigras c62fe0bea5 nixos/manual: fix typo in man-nixos-enter.xml 2020-08-22 15:08:37 -04:00
rnhmjoj 1067236150
nixos/release-notes: mention GRUB password support 2020-08-22 15:29:23 +02:00
rnhmjoj b14e1581c8
nixos/release-notes: fix typo 2020-08-22 15:10:04 +02:00
Daniël de Kok 280147c510
Merge pull request #95489 from danieldk/rocm-3.7.0
Update ROCm to 3.7.0
2020-08-22 13:30:01 +02:00
Lassulus 82b424453b
Merge pull request #86632 from Atemu/undervolt-timer-optional
Undervolt: Make timer optional
2020-08-22 11:48:30 +02:00
Atemu f5856db1b8 rl-2009: add note on undervolt timer changes 2020-08-22 11:02:23 +02:00
Jonathan Ringer 19d2c0cb55
nixos/release-notes: minor fixes 2020-08-21 14:41:03 -07:00
Silvan Mosberger b6d657adbe release-notes: Mention stricter option evaluation
As caused by https://github.com/NixOS/nixpkgs/pull/82743
2020-08-21 14:37:32 -07:00
Silvan Mosberger d400dcaa48 release-notes: Mention freeform modules
As introduced by https://github.com/NixOS/nixpkgs/pull/82743
2020-08-21 14:37:32 -07:00
Aaron Andersen 91db1c8aec
Merge pull request #87712 from aanderse/zabbix
zabbix: 4.4.8 -> 5.0.2
2020-08-21 17:11:55 -04:00
Daniël de Kok 95e5089607 nixos/manual: remove references to rocm-runtime-ext
rocm-runtime-ext is not needed anymore for OpenCL image support.
2020-08-21 08:50:51 +02:00
Aaron Andersen b87b6abd17
Merge pull request #95294 from aanderse/postgresql-rootless
nixos/postgresql: run ExecStartPost as an unprivileged user
2020-08-20 19:16:23 -04:00
davidak 5a3738d22b
nixos/systemPackages: clean up (#91213)
* nixos/systemPackages: clean up

* Update nixos/doc/manual/release-notes/rl-2009.xml

Co-authored-by: Jan Tojnar <jtojnar@gmail.com>

* Update nixos/doc/manual/release-notes/rl-2009.xml

Co-authored-by: 8573 <8573@users.noreply.github.com>

Co-authored-by: Jan Tojnar <jtojnar@gmail.com>
Co-authored-by: 8573 <8573@users.noreply.github.com>
2020-08-20 13:45:54 +00:00
zowoq 259dcd17ff rl-2009: remove modSha256 warning note 2020-08-20 08:02:36 +10:00
Aaron Andersen 5e630bf5d3 zabbix: 4.4.8 -> 5.0.2 2020-08-18 10:30:23 -04:00
Izorkin 5c70c5eeaa nginxModules: renamed module ngx_aws_auth to aws-auth 2020-08-17 10:42:54 +03:00
Izorkin 36c95f331d nginxModules.cache-purge: 2.5 -> 2.5.1 2020-08-17 10:42:01 +03:00
Aaron Andersen ec82ae3c39 nixos/postgresql: run ExecStartPost as an unprivileged user 2020-08-15 16:59:49 -04:00
Robert Hensing 6d0a85fe52
Merge pull request #82743 from Infinisil/partially-typed-v2
Freeform modules
2020-08-15 12:13:58 +02:00
Silvan Mosberger 25d75155f3
nixos/doc: Add freeform modules documentation
Co-Authored-By: Robert Hensing <robert@roberthensing.nl>
2020-08-14 22:49:35 +02:00
Marek Mahut f43fa60f02
Merge pull request #95010 from StijnDW/dokuwiki
dokuwiki: 2018-04-22b -> 2020-07-29
2020-08-14 16:27:38 +02:00
Martin Weinelt 9c8c31b241
Merge pull request #95086 from danieldk/manual-intel-opencl
nixos/manual: add a section about enabling OpenCL for Intel GPUs
2020-08-14 12:09:49 +02:00
Daniël de Kok 0c135e5f85
Merge pull request #95336 from danieldk/gpu-accel-common-issues
nixos/manual: add a section about common GPU acceleration issues
2020-08-14 08:30:24 +02:00
Aaron Andersen f1f4cc6e1b
Merge pull request #95231 from aanderse/mysql-cleanup
nixos/mysql: run postStart as an unprivileged user
2020-08-13 21:38:44 -04:00
Aaron Andersen 806253800b nixos/mysql: update release notes 2020-08-13 17:03:23 -04:00
Daniël de Kok 9c14f5d56e nixos/manual: add a section about common GPU acceleration issues 2020-08-13 19:35:47 +02:00
Daniël de Kok 2c0034d5fb
Merge pull request #91938 from spacefrogg/openafs-1.6-deprecation
openafs: 1.6.23 -> 1.6.24, mark broken due to EOL
2020-08-12 17:11:28 +02:00
Michael Raitza b3c794d610 openafs: 1.6.23 -> 1.6.24, mark broken due to EOL
Last old stable release. Enforce switch to openafs_1_8 by marking broken while
leaving a reasonable short-term alternative.

Ref #90927
2020-08-12 15:31:11 +02:00
Florian Klink bab13cc0df nixos/doc/manual/release-notes: document fontconfig 2.10.x config and cache removal 2020-08-12 13:40:46 +02:00
Florian Klink 921da91c8a
Merge pull request #93702 from tnias/usbguard20200723
nixos/usbguard: rework
2020-08-11 12:14:32 +02:00
Elis Hirwing 6be7d1c176
php: Drop PHP 7.2 support 2020-08-10 22:28:12 +02:00
Daniël de Kok 1c26e70bbc nixos/manual: add a section about enabling OpenCL for Intel GPUs 2020-08-10 16:26:42 +02:00
zowoq cc06d7a26f buildGoModule: change doCheck default to true 2020-08-10 16:01:03 +10:00
Stijn DW 552fb94877 dokuwiki: 2018-04-22b -> 2020-07-29 2020-08-09 17:42:57 +02:00
Philipp Bartsch ffd18cc1b1 nixos/usbguard: rework
Use StateDirectory to create necessary directories and hardcode some
paths. Also drop file based audit logs, they can be found in the
journal. And add module option deprecation messages.
2020-08-08 23:26:07 +02:00
Jörg Thalheim e879d83e38
Merge pull request #92106 from ju1m/transmission 2020-08-07 14:40:17 +01:00
Julien Moutinho 2a49db6a89 transmission: apply RFC0042 and harden the service 2020-08-07 04:28:11 +02:00
Aaron Andersen 4f5fc729c7 nixos/postgresql: use a standard default value for dataDir 2020-08-05 17:31:12 -04:00
Marek Mahut 0bc37f7cb4
Merge pull request #94609 from 1000101/dokuwiki
nixos/dokuwiki: drop SSL forcing and document incompatibility
2020-08-05 11:54:42 +02:00
Peter Hoeg 4d8cc104a9
Merge pull request #78166 from peterhoeg/m/logitech_lcd
nixos/lcd: add support for Logitech LCD
2020-08-05 08:32:05 +08:00
zowoq bf9d9cef58 doc/2009: remove trailing whitespace 2020-08-05 09:21:34 +10:00
Peter Hoeg 0c7eb9426e doc: release-note details of Logitech LCDs 2020-08-04 20:52:45 +08:00
Maximilian Bosch 76f2e271a2
Merge pull request #94600 from liff/patch-1
nixos/manual: Fix reference to send_key
2020-08-03 16:51:30 +02:00
1000101 15b6edc4d1 release-notes/rl-2009: fix trailing whitespace 2020-08-03 16:31:54 +02:00
1000101 7d938b5e47 release-notes/rl-2009: document dokuwiki incompatibility 2020-08-03 16:26:17 +02:00
Marek Mahut 4181ae25bf
Merge pull request #94166 from 1000101/bitcoind
release-notes/rl-2009: amend bitcoind incompatibility
2020-08-03 15:56:56 +02:00
Olli Helenius 446669cb5e
nixos/manual: Fix reference to send_key 2020-08-03 13:16:24 +03:00
Robert Hensing 150bf4fa3b
Merge pull request #75584 from Infinisil/settings-formats
Configuration file formats for JSON, INI, YAML and TOML
2020-08-02 16:58:49 +02:00
zowoq b6ce3db981 nixos/doc/*: editorconfig fixes 2020-07-31 15:08:54 +10:00
Maximilian Bosch ee06b3047e
Merge pull request #94253 from fadenb/graylog_3.3.3
graylog: 3.3.2 -> 3.3.3
2020-07-30 22:00:47 +02:00
Tristan Helmich (omniIT) 70be15c91b doc/rl-2009: Add warning on Graylog changes in version 3.3.3 2020-07-30 19:16:12 +00:00
Maciej Krüger 2d63269e0d
doc/rl-2009: document new steam module in release notes 2020-07-30 20:26:34 +02:00
Silvan Mosberger 83b16885f5
nixos/docs: Add documentation for settings options 2020-07-29 18:08:25 +02:00
1000101 89b9c3ab92 release-notes/rl-2009: amend bitcoind incompatibility 2020-07-29 12:40:51 +02:00
Marek Mahut b415ebae97
Merge pull request #93700 from 1000101/bitcoind
nixos/bitcoind: change to multi-instance + add tests
2020-07-27 12:55:29 +02:00
1000101 a5ba1315c2 release-notes/rl-2009: document bitcoind incompatibility 2020-07-27 11:27:50 +02:00
Florian Klink d5aa8ff17c
Merge pull request #93586 from makefu/pkgs/udpt/bump
udpt: 2017-09-27 -> 3.1.1
2020-07-23 17:54:39 +02:00
makefu ecdc10db97
release-notes/rl-2009: add remark about udpt complete rewrite 2020-07-23 17:30:05 +02:00
Linus Heckemann a5d20d25eb
Merge pull request #88669 from Mic92/hidpi
nixos/hidpi: Reasonable defaults for high-density displays
2020-07-22 17:43:03 +02:00
Daniël de Kok 5226e6b513
Merge pull request #93591 from Flakebi/vulkan-manual
nixos/manual: add a section about Vulkan drivers
2020-07-22 16:59:51 +02:00
Sebastian Neubauer 350f1d64af nixos/manual: add a section about Vulkan drivers
- Add a general block about how to configure and test Vulkan
- Add a section about switching between mesa/radv and amdvlk on AMD
  GPUs.
2020-07-22 14:41:33 +02:00
Nathan Fish 8ffa852aed
netboot: docs: building netboot should specify an arch (#75116)
Building without specifying an arch attempts to build all,
and fails.
2020-07-21 19:26:02 +02:00
Olli Helenius 2d8311dac9
nixos/manual: Fix reference to copy_from_host 2020-07-18 14:26:44 +03:00
Daniël de Kok 45edd3b418 nixos/manual: add a section about enabling OpenCL for AMD GPUs
- Begin a new chapter "GPU Acceleration", this should also cover
  VA-API, OpenGL, Vulkan, etc.
- Add a general blurb about OpenCL and how to check whether OpenCL
  devices are found.
- Add a section about enabling OpenCL for AMD GPUs specifically.
2020-07-17 13:35:49 +02:00
adisbladis ce49f8cbd0
nixos/doc/manual/release-notes: Add release notes for subuid/subgid mappings 2020-07-13 13:22:53 +02:00
worldofpeace 747fb48c72
Merge pull request #85065 from worldofpeace/autologin-unified
nixos/displayManager: make autoLogin options independent of DM type
2020-07-10 00:04:41 -04:00
worldofpeace 490cd7889e nixos/displayManager: make autoLogin options independent of DM type
Co-authored-by: volth <volth@volth.com>
2020-07-09 21:15:35 -04:00
lewo 9534da25bf
Merge pull request #90115 from asbachb/postfix-tls
postfix: Replaced config key by recommendation and introduced usage of system trust store
2020-07-09 20:29:49 +02:00
Niklas Hambüchen d4d9d9c552
Merge pull request #92122 from nh2/qemu-vm-fix-useBootLoader
qemu-vm: Fix useBootLoader, remove `/boot` read-only restriction
2020-07-06 22:06:20 +02:00
Fabian Möller de00fa1041
nixos/manual: Fix invalid link reference in release notes 2020-07-05 18:01:00 +02:00
Vincent Breitmoser 6d52e2e897 nixos/nix-daemon: mention potential breakage in release notes 2020-07-05 16:53:38 +02:00
Benjamin Asbach 632104e5a4 postfix: deprecated sslCACert in favour of tlsTrustedAuthorities
`sslCACert` was used for trust store of client and server certificates. Since `smtpd_tls_ask_ccert` defaults to no the setup of `smtpd_tls_CApath` was removed.

>By default (see smtpd_tls_ask_ccert), client certificates are not requested, and smtpd_tls_CApath should remain empty.
see http://www.postfix.org/postconf.5.html#smtpd_tls_CAfile
2020-07-05 14:53:34 +02:00
Jan Tojnar 07cebeffb8
Merge pull request #86473 from bachp/virtualbox-vmsvga 2020-07-05 04:11:44 +02:00
Niklas Hambüchen 2fa351b6a5 qemu-vm.nix: Do not mount /boot read-only.
There does not seem to be a good reason to do this, and it breaks running
`nixos-rebuild boot --install-bootloader` inside the VM.
2020-07-04 14:44:33 +02:00
Konrad Förstner 7ec38adfdc nixos/doc/manual: Fix parted's set subcommand for esp partition
With 'set 3 boot on' the error 'file system "/boot" is not a FAT EFI
system partition (ESP) file system' occurs when running
"nixos-install" during the basic installation (tested in in a
VirtualBox VM).
2020-07-02 08:40:01 +02:00
Michele Guerini Rocco dab676b2d7
Merge pull request #65231 from buckley310/grub-password
grub: add support for passwords
2020-07-01 09:04:30 +02:00
Florian Klink 9e248c9ec9
Merge pull request #91046 from NinjaTrappeur/nin-delete-vm-state
test-driver.py: delete VM state directory after test run
2020-06-28 18:41:38 +02:00
Robert Schütz 595a3d14b7
Merge pull request #91168 from dotlambda/radicale-3.0.3
radicale: 2.1.11 -> 3.0.3
2020-06-28 12:48:56 +02:00
Frederik Rietdijk 16287a8cb8 Merge master into staging-next 2020-06-24 19:04:03 +02:00
rnhmjoj b520055df6
nixos/lib/test-driver: add wait_for_console_text
This method is similar to wait_for_text but is based on matching
serial console lines instead of the VGA output.
2020-06-24 10:22:53 +02:00
Robert Schütz d77fb3729d nixos/radicale: use radicale3 2020-06-23 12:02:27 +02:00
Michele Guerini Rocco 1b5e0d480e
Merge pull request #91261 from rnhmjoj/intel
nixos/doc: add section on Intel DDX drivers
2020-06-23 11:29:38 +02:00
rnhmjoj 1b17b3b915
nixos/doc: add section on Intel DDX drivers 2020-06-22 17:50:18 +02:00
Frederik Rietdijk 7481da9cbd Merge master into staging-next 2020-06-22 08:46:16 +02:00
Félix Baylac-Jacqué 7e7aa529d9
test-driver.py: delete VM state directory after test run
Keeping the VM state test across several run sometimes lead to subtle
and hard to spot errors in practice. We delete the VM state which
contains (among other things) the qcow volume.

We also introduce a -K (--keep-vm-state) flag making VM state to
persist after the test run. This flag makes test-driver.py to match
its previous behaviour.
2020-06-21 10:27:51 +02:00
Michele Guerini Rocco 1eef920a8d
Merge pull request #91128 from bbigras/rslsync-localhost
nixos/resilio: listen on [::1] by default
2020-06-20 20:43:04 +02:00
Bruno Bigras dbb5bdfa09 nixos/resilio: listen on [::1] by default 2020-06-20 14:28:23 -04:00
Maximilian Bosch f326e5a35e
nixos/nextcloud: update upgrade-path for nextcloud19
Enhance the heuristics to make sure that a user doesn't accidentally
upgrade across two major versions of Nextcloud (e.g. from v17 to v19).

The original idea/discussion has been documented in the nixpkgs manual[1].

This includes the following changes:

* `nextcloud19` will be selected automatically when having a stateVersion
  greater or equal than 20.09. For existing setups, the package has to
  be selected manually to avoid accidental upgrades.

* When using `nextcloud18` or older, a warning will be thrown which recommends
  upgrading to `nextcloud19`.

* Added a brief paragraph about `nextcloud19` in the NixOS 19.09 release
  notes.

* Restart `phpfpm` if the Nextcloud-package (`cfg.package`) changes[2].

[1] https://nixos.org/nixos/manual/index.html#module-services-nextcloud-maintainer-info
[2] https://github.com/NixOS/nixpkgs/pull/89427#issuecomment-638885727
2020-06-20 11:30:11 +02:00
rnhmjoj 4dd95c0cfc
nixos/release-notes: mention new man.generateCaches option 2020-06-18 10:36:24 +02:00
Benjamin Asbach 275a913971 netbeans: updated jdk to latest lts release 2020-06-17 23:11:53 +02:00
lewo b20f9112d2
Merge pull request #89486 from Ma27/dovecot-mailboxes
nixos/dovecot2: turn `mailboxes`-option into an attr-set
2020-06-17 22:19:09 +02:00
Maximilian Bosch e826a6ce03
nixos/dovecot2: refactor mailboxes option
Specifying mailboxes as a list isn't a good approach since this makes it
impossible to override values. For backwards-compatibility, it's still
possible to declare a list of mailboxes, but a deprecation warning will
be shown.
2020-06-17 22:05:58 +02:00
Pascal Bach 6c2d12f1fa nixos/manual: recommend VMSVGA as graphics adapter
Virtualbox recommends VMSVGA for Linux guests.

It is also currently the only one supporting 3D acceleration
and it works out of the box with NixOS and auto screen resizing.
2020-06-17 18:43:27 +02:00
jakobrs 2ee84ca8e2
nixos/manual: Document boot.debug1mounts and clarify what exit does with shell_on_fail (#89365)
* nixos/manual: document boot.debug1mounts

* nixos/manual: clarify what `exit` does with shell_on_fail
2020-06-17 15:36:06 +02:00
Jörg Thalheim a9a5016644
Merge pull request #87833 from Izorkin/sandbox-mysql 2020-06-16 18:13:43 +01:00
Andreas Rammhold 55c09a884a nixos/modules/system/boot/networkd: enable socket activation
Since cd1dedac67 systemd-networkd has it's
netlink socket created via a systemd.socket unit. One might think that
this doesn't make much sense since networkd is just going to create it's
own socket on startup anyway. The difference here is that we have
configuration-time control over things like socket buffer sizes vs
compile-time constants.

For larger setups where networkd has to create a lot of (virtual)
devices the default buffer size of currently 128MB is not enough.

A good example is a machine with >100 virtual interfaces (e.g.,
wireguard tunnels, VLANs, …) that all have to be brought up during
startup. The receive buffer size will spike due to all the generated
message from the new interfaces. Eventually some of the message will be
dropped since there is not enough (permitted) buffer space available.

By having networkd start through / with a netlink socket created by
systemd we can configure the `ReceiveBufferSize` parameter in the socket
options without recompiling networkd.

Since the actual memory requirements depend on hardware, timing, exact
configurations etc. it isn't currently possible to infer a good default
from within the NixOS module system. Administrators are advised to
monitor the logs of systemd-networkd for `rtnl: kernel receive buffer
overrun` spam and increase the memory as required.

Note: Increasing the ReceiveBufferSize doesn't allocate any memory.  It
just increases the upper bound on the kernel side. The memory allocation
depends on the amount of messages that are queued on the kernel side of
the netlink socket.
2020-06-16 00:41:41 +02:00
Samuel Dionne-Riel 04161c4c72
Merge pull request #90391 from samueldr/fix/manual-zstd-note
nixos/release-notes: Amend note about image compression
2020-06-15 14:58:39 -04:00
Samuel Dionne-Riel 0f7fb7d62f nixos/release-notes: Amend note about image compression 2020-06-15 14:46:22 -04:00
Florian Klink af3c1000a4
Merge pull request #90343 from flokli/hardware-u2f-remove
hardware/u2f: remove module
2020-06-15 17:53:47 +02:00
Frederik Rietdijk 59dda0a42a Merge master into staging-next 2020-06-15 08:07:00 +02:00
Maximilian Bosch e8245546f8
Merge pull request #90297 from lheckemann/other-distro-tool-install-command
manual: use less weird way of installing nixos tools
2020-06-15 00:37:57 +02:00
Florian Klink 89c3e73dad hardware/u2f: remove module
udev gained native support to handle FIDO security tokens, so we don't
need a module which only added the now obsolete udev rules.

Fixes: https://github.com/NixOS/nixpkgs/issues/76482
2020-06-14 15:13:31 +02:00
Linus Heckemann 01ee5c9271 manual: use less weird way of installing nixos tools 2020-06-14 10:39:43 +02:00
Michele Guerini Rocco 1d924f0354
Merge pull request #89772 from rnhmjoj/dnschain
dnschain: remove
2020-06-13 13:37:02 +02:00
rnhmjoj 8fa6c0d12d
nixos/release-notes: document dnschain removal 2020-06-13 12:33:31 +02:00
Frederik Rietdijk febc27b59a Merge master into staging-next 2020-06-12 08:57:26 +02:00
adisbladis 1a5dafcd5b
services.x11.videoDrivers: Don't include vmware driver by default
A better option for vmware guests is to set `virtualisation.vmware.guest.enable`.
2020-06-11 18:49:29 +02:00
Izorkin df7e52814d nixos/mysql: enable sandbox mode 2020-06-10 12:38:40 +03:00