1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-17 10:24:15 +00:00
Commit graph

15088 commits

Author SHA1 Message Date
Martin Weinelt c821e0d4be nixos/babeld: lock down service
→ Overall exposure level for babeld.service: 2.2 OK 🙂
2020-10-21 12:26:02 +02:00
Kevin Cox e25cd7827e
Merge pull request #98176 from minijackson/jellyfin-systemd-security
nixos/jellyfin: add some systemd security options
2020-10-20 16:44:32 -04:00
Minijackson 4e51247318
nixos/jellyfin: add some systemd security options 2020-10-20 21:09:28 +02:00
Joseph D. Long a2ee5cbb05
nixos/vagrant-virtualbox-image: init (#101120)
Co-authored-by: zimbatm <zimbatm@zimbatm.com>
Co-authored-by: Jörg Thalheim <Mic92@users.noreply.github.com>
2020-10-20 11:09:46 +02:00
Jörg Thalheim 1a9e02dec6
Merge pull request #100554 from dnr/feature/pamMount
nixos/pam_mount: add pamMount attribute to users
2020-10-20 10:40:12 +02:00
Marc 'risson' Schmitt 9e6bede5ab nixos/initrd-network: fix /etc/resolv.conf when multiple dns servers from DHCP
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2020-10-19 21:32:58 -07:00
Jörg Thalheim 46bd18fff6
Merge pull request #99541 from acelpb/jenkins
nixos/jenkins: switch to openjdk11 as openjdk14 is not supported
2020-10-19 19:50:20 +02:00
Aaron Andersen 5265d49a36
Merge pull request #100892 from aanderse/pdns-recursor
nixos/pdns-recursor: use upstream systemd unit
2020-10-18 20:13:06 -04:00
Jonathan Ringer 5e67d80a8b nixos/nvidia: fix optionals usage 2020-10-18 11:47:34 -07:00
Edmund Wu 2e67196d79 nixos/nvidia: decouple nvidia_x11.persistenced 2020-10-18 11:24:20 -07:00
Martin Weinelt 4baba17252
Merge pull request #100708 from fooker/nginx-encoding
nixos/nginx: Do not remove headers while proxying
2020-10-18 15:52:50 +02:00
Aaron Andersen 6c39180b37 nixos/pdns-recursor: declare module user as system user 2020-10-18 08:15:29 -04:00
Aaron Andersen 1627bef9c1 nixos/pdns-recursor: use upstream systemd unit 2020-10-18 08:15:29 -04:00
Mario Rodas 2a58362f8f
Merge pull request #100213 from yanganto/hotfix-hime
hime: fix enable hime, remove hime-all package
2020-10-16 23:51:24 -05:00
Antonio Yang 52b903b3c4 hime: fix enable hime, remove hime-all package
- fix inputMethod.enable hime by adding module list
- rm hime-all package, because chewing, anthy modules does not work well
2020-10-17 10:48:31 +08:00
tnias 0da7593dce
nixos/chromium: update link in docs (#93794) 2020-10-16 23:04:06 +02:00
Dustin Frisch 762ca640c4
nixos/nginx: Do not remove headers while proxying
Removing the `Accept-Encoding` header breaks applications which may
produce already compressed content.

Removing this header is staded in the nginx docs but is ment as an
example, not as an recomendation.
2020-10-16 12:50:52 +02:00
Florian Klink 9d0d99f05b
Merge pull request #95746 from Mic92/cloud-init
cloud-init: 0.7.9 -> 20.2 (python3!)
2020-10-15 22:57:46 +02:00
ajs124 7ce8117238
Merge pull request #100604 from helsinki-systems/fix/icingaweb2
nixos/icingaweb2: Fix php packages
2020-10-15 19:18:53 +02:00
Janne Heß e2da1219d4
nixos/icingaweb2: Fix php packages 2020-10-15 16:16:33 +02:00
Alvar 17bcc043f0
nixos/vim: configurable vim package (#100132) 2020-10-15 10:55:16 +02:00
David Reiss 49a749c729 nixos/pam_mount: add pamMount attribute to users
This attribute is a generalized version of cryptHomeLuks for creating an
entry in /etc/security/pam_mount.conf.xml. It lets the configuration
control all the attributes of the <volume> entry, instead of just the
path. The default path remains the value of cryptHomeLuks, for
compatibility.
2020-10-14 22:55:55 -07:00
Jan Tojnar 2a4607f442
Revert "nixos/display-managers: install sessionData.desktops"
This reverts commit 3cd2b59b8c.

It created infinite recursion when using LXQt, since lxqt module
uses `config.system.path` in `services.xserver.desktopManager.session`.
`config.system.path` is a `buildEnv` that depends on `environment.systemPackages`.
2020-10-15 07:32:08 +02:00
Frederik Rietdijk b3aed163d5
Merge pull request #99709 from NixOS/staging-next
Staging next
2020-10-14 21:10:31 +02:00
Dominique Martinet f8d78b9f67
confinement: fix assert for serviceConfig.ProtectSystem
serviceConfig.ProtectSystem is usually a string so if set, the assert
itself would error out leaving no useable trace:

  # nixos-rebuild switch --show-trace
  building Nix...
  building the system configuration...
  error: while evaluating the attribute 'config.system.build.toplevel' at /nix/var/nix/profiles/per-user/root/channels/nixos/nixos/modules/system/activation/top-level.nix:293:5:
  while evaluating 'foldr' at /nix/var/nix/profiles/per-user/root/channels/nixos/lib/lists.nix:52:20, called from /nix/var/nix/profiles/per-user/root/channels/nixos/nixos/modules/system/activation/top-level.nix:128:12:
  while evaluating 'fold'' at /nix/var/nix/profiles/per-user/root/channels/nixos/lib/lists.nix:55:15, called from /nix/var/nix/profiles/per-user/root/channels/nixos/lib/lists.nix:59:8:
  while evaluating anonymous function at /nix/var/nix/profiles/per-user/root/channels/nixos/nixos/modules/system/activation/top-level.nix:121:50, called from undefined position:
  while evaluating the attribute 'assertion' at /nix/var/nix/profiles/per-user/root/channels/nixos/nixos/modules/security/systemd-confinement.nix:163:7:
  value is a string while a Boolean was expected

Fix the check to give a sensible assert message instead; the attribute
should either be not set or false bool to pass.

Closes: #99000
2020-10-14 11:56:18 +02:00
Frederik Rietdijk 9e1943edc0 Merge master into staging-next 2020-10-13 19:34:34 +02:00
Lassulus 53f810cb4b
Merge pull request #100141 from xaverdh/xmonad-correct-path
xmonad: put the correct xmonad binary in PATH
2020-10-13 19:01:56 +02:00
Florian Klink 399a2ab954
Merge pull request #98917 from lovesegfault/klipper-init
klipper: init at 0.8.0
2020-10-13 00:20:24 +02:00
Michele Guerini Rocco 9b6fc07d15
Merge pull request #100060 from aanderse/dnsdist
nixos/dnsdist: use upstream systemd unit
2020-10-12 21:20:33 +02:00
Dominik Xaver Hörl 7389407490 nixos/xmonad: add lassulus and xaverdh as maintainers 2020-10-12 21:00:43 +02:00
Aaron Andersen f4ff303c3b nixos/dnsdist: use upstream systemd unit 2020-10-12 12:17:11 -04:00
Dominik Xaver Hörl 206c668d7f nixos/xmonad: improve module docs 2020-10-12 14:48:07 +02:00
Bernardo Meurer 97eadef0c3
nixos/klipper: init 2020-10-11 15:55:50 -07:00
Florian Klink a6fec75d04
Merge pull request #93426 from helsinki-systems/feat/gitlab-pages
nixos/gitlab: Support pages
2020-10-11 23:50:19 +02:00
Florian Klink a1cb02148b
Merge pull request #99912 from m1cr0man/ocspfix
nixos/acme: Fix ocspMustStaple option and add test
2020-10-11 23:44:33 +02:00
Ben Wolsieffer 8294af0284 nixos/avahi: fix nss module
mdns_minimal must be placed before resolve in nsswitch.conf
2020-10-11 20:15:13 +02:00
Simon Pettersson b2efedd5e5 nixos/xserver: fix xkbvalidate for cross compiling.
xserver uses the wrong version of xkbvalidate, the one from
buildPackages should be used or else the resulting xkbvalidate binary is
compiled for the target architecture.
2020-10-11 20:08:57 +02:00
Ryan Mulligan 8ebf265923
Merge pull request #86404 from nuxeh/nuxeh/domoticz-init-2020.2
domoticz: init at 2020.2
2020-10-11 05:59:28 -07:00
Ryan Mulligan 4a3fe8d306 nixos/domoticz: use DynamicUser and StateDirectory 2020-10-11 11:15:56 +01:00
WORLDofPEACE 13b192749c nixos/gnome3: don't install epiphany default
See https://github.com/NixOS/nixpkgs/issues/98819
2020-10-10 22:12:59 -04:00
Jan Tojnar aabcf2d8f5
Merge branch 'master' into staging-next 2020-10-11 00:27:21 +02:00
Michael Weiss 4a600af1b1 doc: Document a workaround for using an FQDN as hostname
Since #76542 this workaround is required to use a FQDN as hostname. See
#94011 and #94022 for the related discussion. Due to some
potential/unresolved issues (legacy software, backward compatibility,
etc.) we're documenting this workaround [0].

[0]: https://github.com/NixOS/nixpkgs/issues/94011#issuecomment-705952300
2020-10-10 10:48:54 -07:00
Michael Weiss 826ed96c10
nixos/networking: Switch to home.arpa as an example for the domain
The special-use domain "home.arpa." is designated for non-unique use in
residential home networks [0] and registered as such [1]. Therefore it
is more appropriate than "home." which could cause conflicts or result
in queries that leak out and reach the root name servers.

[0]: https://tools.ietf.org/html/rfc8375
[1]: https://www.iana.org/assignments/special-use-domain-names/special-use-domain-names.xhtml
2020-10-10 17:41:42 +02:00
Dominik Xaver Hörl 67eb45ddce xmonad: put the correct xmonad binary in PATH 2020-10-10 13:20:04 +02:00
Vladimír Čunát 338b25697c
Merge branch 'master' into staging-next
Quite many rebuilds from master:
> Estimating rebuild amount by counting changed Hydra jobs.
>    3926 x86_64-darwin
>    4645 x86_64-linux
2020-10-10 11:32:10 +02:00
WORLDofPEACE 7a2eccfab0
Merge pull request #100112 from worldofpeace/fix-gnome-logout-multisession
nixos/display-managers: install sessionData.desktops
2020-10-09 19:31:05 -04:00
WORLDofPEACE 3cd2b59b8c nixos/display-managers: install sessionData.desktops
Fixes https://github.com/NixOS/nixpkgs/issues/100108
2020-10-09 18:38:16 -04:00
zowoq f9bb39e294 nixos/pam: remove trailing whitespace 2020-10-09 18:31:20 +10:00
Frederik Rietdijk ec28e32c9e Merge master into staging-next 2020-10-08 21:47:26 +02:00
Miles Breslin 8e628f8eea
nixos/pam: Add option to set pam-u2f appid (#73591) 2020-10-08 14:37:40 -04:00