Martin Weinelt
c821e0d4be
nixos/babeld: lock down service
...
→ Overall exposure level for babeld.service: 2.2 OK 🙂
2020-10-21 12:26:02 +02:00
Kevin Cox
e25cd7827e
Merge pull request #98176 from minijackson/jellyfin-systemd-security
...
nixos/jellyfin: add some systemd security options
2020-10-20 16:44:32 -04:00
Minijackson
4e51247318
nixos/jellyfin: add some systemd security options
2020-10-20 21:09:28 +02:00
Joseph D. Long
a2ee5cbb05
nixos/vagrant-virtualbox-image: init ( #101120 )
...
Co-authored-by: zimbatm <zimbatm@zimbatm.com>
Co-authored-by: Jörg Thalheim <Mic92@users.noreply.github.com>
2020-10-20 11:09:46 +02:00
Jörg Thalheim
1a9e02dec6
Merge pull request #100554 from dnr/feature/pamMount
...
nixos/pam_mount: add pamMount attribute to users
2020-10-20 10:40:12 +02:00
Marc 'risson' Schmitt
9e6bede5ab
nixos/initrd-network: fix /etc/resolv.conf when multiple dns servers from DHCP
...
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2020-10-19 21:32:58 -07:00
Jörg Thalheim
46bd18fff6
Merge pull request #99541 from acelpb/jenkins
...
nixos/jenkins: switch to openjdk11 as openjdk14 is not supported
2020-10-19 19:50:20 +02:00
Aaron Andersen
5265d49a36
Merge pull request #100892 from aanderse/pdns-recursor
...
nixos/pdns-recursor: use upstream systemd unit
2020-10-18 20:13:06 -04:00
Jonathan Ringer
5e67d80a8b
nixos/nvidia: fix optionals usage
2020-10-18 11:47:34 -07:00
Edmund Wu
2e67196d79
nixos/nvidia: decouple nvidia_x11.persistenced
2020-10-18 11:24:20 -07:00
Martin Weinelt
4baba17252
Merge pull request #100708 from fooker/nginx-encoding
...
nixos/nginx: Do not remove headers while proxying
2020-10-18 15:52:50 +02:00
Aaron Andersen
6c39180b37
nixos/pdns-recursor: declare module user as system user
2020-10-18 08:15:29 -04:00
Aaron Andersen
1627bef9c1
nixos/pdns-recursor: use upstream systemd unit
2020-10-18 08:15:29 -04:00
Mario Rodas
2a58362f8f
Merge pull request #100213 from yanganto/hotfix-hime
...
hime: fix enable hime, remove hime-all package
2020-10-16 23:51:24 -05:00
Antonio Yang
52b903b3c4
hime: fix enable hime, remove hime-all package
...
- fix inputMethod.enable hime by adding module list
- rm hime-all package, because chewing, anthy modules does not work well
2020-10-17 10:48:31 +08:00
tnias
0da7593dce
nixos/chromium: update link in docs ( #93794 )
2020-10-16 23:04:06 +02:00
Dustin Frisch
762ca640c4
nixos/nginx: Do not remove headers while proxying
...
Removing the `Accept-Encoding` header breaks applications which may
produce already compressed content.
Removing this header is staded in the nginx docs but is ment as an
example, not as an recomendation.
2020-10-16 12:50:52 +02:00
Florian Klink
9d0d99f05b
Merge pull request #95746 from Mic92/cloud-init
...
cloud-init: 0.7.9 -> 20.2 (python3!)
2020-10-15 22:57:46 +02:00
ajs124
7ce8117238
Merge pull request #100604 from helsinki-systems/fix/icingaweb2
...
nixos/icingaweb2: Fix php packages
2020-10-15 19:18:53 +02:00
Janne Heß
e2da1219d4
nixos/icingaweb2: Fix php packages
2020-10-15 16:16:33 +02:00
Alvar
17bcc043f0
nixos/vim: configurable vim package ( #100132 )
2020-10-15 10:55:16 +02:00
David Reiss
49a749c729
nixos/pam_mount: add pamMount attribute to users
...
This attribute is a generalized version of cryptHomeLuks for creating an
entry in /etc/security/pam_mount.conf.xml. It lets the configuration
control all the attributes of the <volume> entry, instead of just the
path. The default path remains the value of cryptHomeLuks, for
compatibility.
2020-10-14 22:55:55 -07:00
Jan Tojnar
2a4607f442
Revert "nixos/display-managers: install sessionData.desktops"
...
This reverts commit 3cd2b59b8c
.
It created infinite recursion when using LXQt, since lxqt module
uses `config.system.path` in `services.xserver.desktopManager.session`.
`config.system.path` is a `buildEnv` that depends on `environment.systemPackages`.
2020-10-15 07:32:08 +02:00
Frederik Rietdijk
b3aed163d5
Merge pull request #99709 from NixOS/staging-next
...
Staging next
2020-10-14 21:10:31 +02:00
Dominique Martinet
f8d78b9f67
confinement: fix assert for serviceConfig.ProtectSystem
...
serviceConfig.ProtectSystem is usually a string so if set, the assert
itself would error out leaving no useable trace:
# nixos-rebuild switch --show-trace
building Nix...
building the system configuration...
error: while evaluating the attribute 'config.system.build.toplevel' at /nix/var/nix/profiles/per-user/root/channels/nixos/nixos/modules/system/activation/top-level.nix:293:5:
while evaluating 'foldr' at /nix/var/nix/profiles/per-user/root/channels/nixos/lib/lists.nix:52:20, called from /nix/var/nix/profiles/per-user/root/channels/nixos/nixos/modules/system/activation/top-level.nix:128:12:
while evaluating 'fold'' at /nix/var/nix/profiles/per-user/root/channels/nixos/lib/lists.nix:55:15, called from /nix/var/nix/profiles/per-user/root/channels/nixos/lib/lists.nix:59:8:
while evaluating anonymous function at /nix/var/nix/profiles/per-user/root/channels/nixos/nixos/modules/system/activation/top-level.nix:121:50, called from undefined position:
while evaluating the attribute 'assertion' at /nix/var/nix/profiles/per-user/root/channels/nixos/nixos/modules/security/systemd-confinement.nix:163:7:
value is a string while a Boolean was expected
Fix the check to give a sensible assert message instead; the attribute
should either be not set or false bool to pass.
Closes: #99000
2020-10-14 11:56:18 +02:00
Frederik Rietdijk
9e1943edc0
Merge master into staging-next
2020-10-13 19:34:34 +02:00
Lassulus
53f810cb4b
Merge pull request #100141 from xaverdh/xmonad-correct-path
...
xmonad: put the correct xmonad binary in PATH
2020-10-13 19:01:56 +02:00
Florian Klink
399a2ab954
Merge pull request #98917 from lovesegfault/klipper-init
...
klipper: init at 0.8.0
2020-10-13 00:20:24 +02:00
Michele Guerini Rocco
9b6fc07d15
Merge pull request #100060 from aanderse/dnsdist
...
nixos/dnsdist: use upstream systemd unit
2020-10-12 21:20:33 +02:00
Dominik Xaver Hörl
7389407490
nixos/xmonad: add lassulus and xaverdh as maintainers
2020-10-12 21:00:43 +02:00
Aaron Andersen
f4ff303c3b
nixos/dnsdist: use upstream systemd unit
2020-10-12 12:17:11 -04:00
Dominik Xaver Hörl
206c668d7f
nixos/xmonad: improve module docs
2020-10-12 14:48:07 +02:00
Bernardo Meurer
97eadef0c3
nixos/klipper: init
2020-10-11 15:55:50 -07:00
Florian Klink
a6fec75d04
Merge pull request #93426 from helsinki-systems/feat/gitlab-pages
...
nixos/gitlab: Support pages
2020-10-11 23:50:19 +02:00
Florian Klink
a1cb02148b
Merge pull request #99912 from m1cr0man/ocspfix
...
nixos/acme: Fix ocspMustStaple option and add test
2020-10-11 23:44:33 +02:00
Ben Wolsieffer
8294af0284
nixos/avahi: fix nss module
...
mdns_minimal must be placed before resolve in nsswitch.conf
2020-10-11 20:15:13 +02:00
Simon Pettersson
b2efedd5e5
nixos/xserver: fix xkbvalidate for cross compiling.
...
xserver uses the wrong version of xkbvalidate, the one from
buildPackages should be used or else the resulting xkbvalidate binary is
compiled for the target architecture.
2020-10-11 20:08:57 +02:00
Ryan Mulligan
8ebf265923
Merge pull request #86404 from nuxeh/nuxeh/domoticz-init-2020.2
...
domoticz: init at 2020.2
2020-10-11 05:59:28 -07:00
Ryan Mulligan
4a3fe8d306
nixos/domoticz: use DynamicUser and StateDirectory
2020-10-11 11:15:56 +01:00
WORLDofPEACE
13b192749c
nixos/gnome3: don't install epiphany default
...
See https://github.com/NixOS/nixpkgs/issues/98819
2020-10-10 22:12:59 -04:00
Jan Tojnar
aabcf2d8f5
Merge branch 'master' into staging-next
2020-10-11 00:27:21 +02:00
Michael Weiss
4a600af1b1
doc: Document a workaround for using an FQDN as hostname
...
Since #76542 this workaround is required to use a FQDN as hostname. See
#94011 and #94022 for the related discussion. Due to some
potential/unresolved issues (legacy software, backward compatibility,
etc.) we're documenting this workaround [0].
[0]: https://github.com/NixOS/nixpkgs/issues/94011#issuecomment-705952300
2020-10-10 10:48:54 -07:00
Michael Weiss
826ed96c10
nixos/networking: Switch to home.arpa as an example for the domain
...
The special-use domain "home.arpa." is designated for non-unique use in
residential home networks [0] and registered as such [1]. Therefore it
is more appropriate than "home." which could cause conflicts or result
in queries that leak out and reach the root name servers.
[0]: https://tools.ietf.org/html/rfc8375
[1]: https://www.iana.org/assignments/special-use-domain-names/special-use-domain-names.xhtml
2020-10-10 17:41:42 +02:00
Dominik Xaver Hörl
67eb45ddce
xmonad: put the correct xmonad binary in PATH
2020-10-10 13:20:04 +02:00
Vladimír Čunát
338b25697c
Merge branch 'master' into staging-next
...
Quite many rebuilds from master:
> Estimating rebuild amount by counting changed Hydra jobs.
> 3926 x86_64-darwin
> 4645 x86_64-linux
2020-10-10 11:32:10 +02:00
WORLDofPEACE
7a2eccfab0
Merge pull request #100112 from worldofpeace/fix-gnome-logout-multisession
...
nixos/display-managers: install sessionData.desktops
2020-10-09 19:31:05 -04:00
WORLDofPEACE
3cd2b59b8c
nixos/display-managers: install sessionData.desktops
...
Fixes https://github.com/NixOS/nixpkgs/issues/100108
2020-10-09 18:38:16 -04:00
zowoq
f9bb39e294
nixos/pam: remove trailing whitespace
2020-10-09 18:31:20 +10:00
Frederik Rietdijk
ec28e32c9e
Merge master into staging-next
2020-10-08 21:47:26 +02:00
Miles Breslin
8e628f8eea
nixos/pam: Add option to set pam-u2f appid ( #73591 )
2020-10-08 14:37:40 -04:00