jolheiser/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
260,527 Commits 266 Branches 122 Tags 5.3 GiB
056304189c
Commit Graph

19551 Commits

Author SHA1 Message Date
Thomas Tuegel
58fd813daf
nixos/plasma5: install kirigami2 for SDDM theme 2020-12-12 16:07:19 -06:00
WilliButz
8727a0178f
Merge pull request #106788 from urbas/py-air-control-exporter-cli 
nixos/prometheus-exporters/py-air-control: invoke exporter command
 2020-12-12 21:48:01 +01:00
Matej Urbas
4970fbedbc nixos/prometheus-exporters/py-air-control: invoke exporter command 
Package `py-air-control exporter` v0.1.5 comes with a new CLI. This change uses the new CLI (which simplifies the exporter's systemd service setup).
 2020-12-12 20:19:54 +00:00
Florian Klink
ce0fdd4dc0
Merge pull request #106697 from aanderse/mpd 
nixos/mpd: conditionally provision required directories with StateDirectory
 2020-12-12 20:48:54 +01:00
Jörg Thalheim
95042a58fb
Merge pull request #106751 from urbas/sd-image-first-boot-awk-missing 
nixos/sd-image: explicit reference to the gawk package
 2020-12-12 16:37:54 +00:00
Jörg Thalheim
5f0d38f05b
Merge pull request #106715 from Mic92/tinc 2020-12-12 16:35:59 +00:00
Matej Urbas
aa38540423 nixos/sd-image: explicit reference to the gawk package 
The `awk` command is not installed in the standard env. So this command fails if the `awk` command is not installed by some external module.
 2020-12-12 15:43:09 +00:00
Linus Heckemann
f448ec3365
Merge pull request #98731 from mayflower/ldap-nss-optional 
config.users.ldap: do not include nss module if turned off
 2020-12-12 10:53:39 +01:00
Linus Heckemann
54e9ee81a4
Merge pull request #106672 from alyssais/mailman 
mailman: run non-minutely jobs
 2020-12-12 10:12:39 +01:00
Atemu
5242cec1b8 rl-2103: document nixos/dnscrypt-proxy2's default config change 2020-12-12 09:15:56 +01:00
Atemu
e4c49db668 nixos/dnscrypt-proxy2: base settings on example config 
Dnscrypt-proxy needs some options to be set before it can do anything useful.

Currently, we only apply what the user configured which, by default, is nothing.

This leads to the dnscrypt-proxy2 service failing to start when you only set
`enable = true;` which is not a great user experience.

This patch makes the module take the example config from the upstream repo as a
base on top of which the user-specified settings are applied (it contains sane
defaults).

An option has been added to restore the old behaviour.
 2020-12-12 09:15:11 +01:00
Jörg Thalheim
2cdec00dd2
nixos/tinc: add reload command 2020-12-12 07:37:16 +01:00
Aaron Andersen
77a8496907 nixos/mpd: conditionally provision required directories with StateDirectory 2020-12-11 19:35:43 -05:00
Aaron Andersen
9826371e44
Merge pull request #101224 from aanderse/ldap 
nixos/ldap: restart nslcd when configuration changes
 2020-12-11 17:18:12 -05:00
Guillaume Girol
a7b60e6bdf
Merge pull request #104727 from chkno/fuse-dot-sshfs 
nixos/locate: Fix sshfs exclusion
 2020-12-11 20:32:28 +00:00
Alyssa Ross
a2460414cb
nixos/mailman: run non-minutely jobs 
Fixes: b478e0043c53964c99cc9a145c155a673af3c7d8
 ("nixos/mailman: refactor")
 2020-12-11 17:23:50 +00:00
github-actions[bot]
9fa8c7670d
Merge master into staging-next 2020-12-11 12:20:25 +00:00
Peter Hoeg
aa995fb0b7 nixos/sshguard: do not do IPv6 setup/teardown unconditionally 2020-12-11 16:19:45 +08:00
Peter Simons
21b8fe302f
Merge pull request #106580 from rissson/nixos-postfix-fix-mastercf-type 
nixos/postfix: fix masterCf type
 2020-12-11 09:14:47 +01:00
github-actions[bot]
43f4575008
Merge master into staging-next 2020-12-11 06:17:52 +00:00
Jörg Thalheim
d22d9227f1
Merge pull request #106601 from Mic92/frab 
frab: remove package
 2020-12-11 05:27:55 +00:00
github-actions[bot]
614876ef33
Merge master into staging-next 2020-12-11 00:40:21 +00:00
Jörg Thalheim
6fa3728805
frab: remove package 
broken since 2018
 2020-12-10 22:24:11 +01:00
Scott Worley
86f0dc221f nixos/locate: Exclude fuse.sshfs 
The "fuse" and "sshfs" entries already present are not keeping this find
invocation out of sshfs mounts, which present as fstype "fuse.sshfs"
 2020-12-10 12:59:13 -08:00
Scott Worley
e0e08a186d nixos/locate: Add a test 2020-12-10 12:59:13 -08:00
Maximilian Bosch
07aff199ad
Merge pull request #106080 from Ma27/nginx-config-doc 
nixos/nginx: improve documentation for `config`
 2020-12-10 21:54:01 +01:00
WilliButz
df8ee3669f
Merge pull request #106067 from urbas/prometheus-exporter-py-air-control 
nixos/prometheus-exporters/py-air-control: init
 2020-12-10 20:51:56 +01:00
Matej Urbas
4948743705 nixos/prometheus-exporters/py-air-control: init 2020-12-10 19:02:30 +00:00
github-actions[bot]
79e586aa98
Merge master into staging-next 2020-12-10 18:15:33 +00:00
Marc 'risson' Schmitt
27dacb8b4b
nixos/postfix: fix masterCf type 
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
 2020-12-10 18:49:05 +01:00
Maximilian Bosch
21be5b00da
Merge pull request #106473 from Ma27/improve-nextcloud-error 
nixos/nextcloud: improve error message for invalid `dbpassFile`
 2020-12-10 18:28:50 +01:00
Jan Tojnar
4f20afbc19
Merge branch 'master' into staging-next 2020-12-10 04:39:30 +01:00
Maximilian Bosch
81662d4798
nixos/nextcloud: improve error message for invalid dbpassFile 
`file_exists` also returns `FALSE` if the file is in a directory that
can't be read by the user. This e.g. happens if permissions for
`nixops(1)`-deployment keys aren't configured correctly.

This patch improves the error message for invalid files to avoid
confusion[1].

[1] https://discourse.nixos.org/t/nixops-deploy-secrets-to-nextcloud/10414/4
 2020-12-09 19:54:43 +01:00
Damien Diederen
a429badcc8 perlPackages.NetZooKeeper: adapt to zookeeper_mt 3.6.2 2020-12-09 15:49:05 +01:00
Damien Diederen
98236860dc nixos/zookeeper: adapt to zookeeper 3.6.2 
This patch:

  * Removes an invalid/useless classpath element;
  * Removes an unnecessary environment variable;
  * Creates the required '/version-2' data subdirectory;
  * Redirects audit logging to the "console" (systemd) by default.
 2020-12-09 15:46:38 +01:00
Damien Diederen
f77d01ffc5 zookeeper: 3.4.12 -> 3.6.2 
A big jump, but the structure hasn't changed much.

This recipe is still based on a binary release provided by upstream.

(It might be interesting to start doing our own builds at some point,
to split client from server, and/or to create packages for removed
"contribs" such as 'zooInspector'.  Upstream intends to further slim
down its release tarballs as most deployments only need specific assets.)
 2020-12-09 15:46:38 +01:00
Robert Hensing
a298710dd1 cassandra: Add passthru.tests 2020-12-09 13:24:48 +01:00
Robert Hensing
72a5301610 nixos/lib/testing-python.nix: Wire up passthru 2020-12-09 13:24:03 +01:00
github-actions[bot]
ee1a7ec4be
Merge master into staging-next 2020-12-09 06:17:56 +00:00
zowoq
cfbc1af189 podman: 2.2.0 -> 2.2.1 
https://github.com/containers/podman/releases/tag/v2.2.1
 2020-12-09 05:37:31 +10:00
github-actions[bot]
e729ab0408
Merge master into staging-next 2020-12-08 18:15:38 +00:00
Peng Mei Yu
3cd1a6706c unbound: Add AF_NETLINK to allowed address families. 
Unbound throws the following error:

--8<---------------cut here---------------start------------->8---
error: failed to list interfaces: getifaddrs: Address family not supported by protocol
fatal error: could not open ports
--8<---------------cut here---------------end--------------->8---

The solution is pulled from upstream:
https://github.com/NLnetLabs/unbound/pull/351
 2020-12-08 14:31:15 +08:00
github-actions[bot]
db90e75ade
Merge staging-next into staging 2020-12-08 00:39:07 +00:00
Blaž Hrastnik
920c439915 thermald: Fix systemd service definition. 2020-12-08 08:26:36 +09:00
Gabriel Ebner
a474f0d1e6
Merge pull request #105275 from lukegb/nixpkgs-pa14 
pulseaudio: 13.0 -> 14.0
 2020-12-07 22:45:47 +01:00
Sandro
04cb54ae08
Merge pull request #105519 from 3699n/master 2020-12-07 19:54:20 +01:00
Nicholas von Klitzing
231ca64ed9 etesync-dav: 0.20.0 -> 0.30.6 2020-12-07 14:09:50 +01:00
Maximilian Bosch
55ef9612a2
nixos/nginx: improve documentation for config 
Unfortunately, I had a use-case where `services.nginx.config` was
necessary quite recently. While working on that config I had to look up
the module's code to understand which options can be used and which
don't.

To slightly improve the situation, I changed the documentation like
this:

* Added `types.str` as type since `config` is not mergeable on purpose.
  It must be a string as it's rendered verbatim into `nginx.conf` and if
  the type is `unspecified`, it can be confused with RFC42-like options.

* Mention which config options that don't generate config in
  `nginx.conf` are NOT mutually exclusive.
 2020-12-06 17:26:13 +01:00
zowoq
fad293d452 nixos/doc/rl-2103: fix build 2020-12-06 12:15:26 +10:00
Martin Weinelt
f5f4a5d100
Merge pull request #105973 from zaninime/zigbee2mqtt 
zigbee2mqtt: 1.16.1 -> 1.16.2
 2020-12-05 21:42:45 +01:00
Francesco Zanini
93d74f6536 zigbee2mqtt: 1.16.1 -> 1.16.2 2020-12-05 17:42:07 +01:00
Doron Behar
a5e44038df
Merge pull request #99685 from doronbehar/pkg/gnuradio 
gnuradio: rewrite
 2020-12-05 17:14:37 +02:00
Doron Behar
44d041786b rl-2103: Mention gnuradio expressions changes. 
Mention 3.8 and that it's now possible to override it and 3.7 to compile
only certain features.
 2020-12-05 13:24:05 +02:00
freezeboy
903b2aa9a6 nixos/n8n: init module and test 2020-12-05 11:02:40 +01:00
Linus Heckemann
c14f14eeaf
Merge pull request #97505 from mayflower/grub-efi-mirroredboot 
nixos/grub: allow multiple "nodev" devices for mirroredBoots
 2020-12-04 18:37:50 +01:00
stigo
80e0a20892
Merge pull request #103813 from symphorien/firejail 
nixos/firejail: allow to pass options to firejail
 2020-12-04 09:00:15 +01:00
pacien
93335aa252 nixos/msmtp: add msmtp module 
This adds a module for msmtp, a simple SMTP client which provides a
sendmail-compatible interface.

GitHub: see also nixpkgs issue #105710
 2020-12-03 22:23:20 +01:00
rnhmjoj
296c415030
nixos/fish: make generateCaches easier to override 2020-12-03 22:00:33 +01:00
rnhmjoj
87d614441d
nixos/documentation: silence man-db cache warnings 
The output of the man-db command used to generate the caches is
irrelevant and can confuse users, let's hide it.
 2020-12-03 21:57:09 +01:00
Gabriel Ebner
6e8007341e
Merge pull request #105362 from gebner/pipewire0137 
pipewire: 0.3.16 -> 0.3.17
 2020-12-03 17:15:05 +01:00
Florian Klink
84f417d29b
Merge pull request #105469 from kisik21/fix-cloud-init-test 
nixos/tests/cloud-init: fix the erroring out
 2020-12-03 12:13:07 +01:00
Vika
bcc196cae8
nixos/tests/cloud-init: fix the erroring out 
The test was broken for a 1.5 months apparently? Well, now it passes.
Also apparently it's not flaky anymore.
 2020-12-03 13:28:09 +03:00
Sandro
c1695ade0b
Merge pull request #105745 from archseer/thermald-2-4 2020-12-03 11:26:16 +01:00
Blaž Hrastnik
05bd810d5f thermald: Always enable adaptive mode. 
There was some issues with the fallback to passive mode on 2.3, but on
2.4 adaptive mode is always enabled upstream and thermald will fallback
to passive if necessary.

a6e68a65b5/data/thermald.service.in (L9)
 2020-12-03 12:45:58 +09:00
Gabriel Ebner
906d68cf13 nixos/pipewire: enable volume control via alsa 2020-12-02 22:11:09 +01:00
Gabriel Ebner
b28f2f7386 nixos/pipewire: generate configuration file 2020-12-02 22:11:09 +01:00
Jörg Thalheim
11ee543052
sd-image: fix resizing if root is not the second partition. 2020-12-02 21:52:38 +01:00
pacien
a2c4419636 nixos/ssmtp: fix configuration generator to accomodate ssmtp 
This replaces `concatStringsSep "\n"` with the proper generator to make sure
that the generated configuration file ends with a trailing `\n`, which is
required by ssmtp's picky configuration parser to take the last configuration
key into account.

GitHub: closes #105704
 2020-12-02 16:41:06 +01:00
Maximilian Bosch
affb72eccd
nixos/tests/gitea: increase memory for VM 
Otherwise, the relevant processes are stopped by the kernel's OOM
killer[1].

[1] https://github.com/NixOS/nixpkgs/pull/105698#issuecomment-737257293
 2020-12-02 15:18:47 +01:00
Silvan Mosberger
2526f22723
Merge pull request #102076 from Taneb/hoogle-dynamic-user 
Set DynamicUser=true for hoogle
 2020-12-02 12:58:10 +01:00
Austin Seipp
652ac69373
Merge pull request #103393 from happysalada/add_vector 
nixos/vector: add module
 2020-12-02 03:30:11 -06:00
Robert Hensing
54ec506be5
Merge pull request #105662 from srhb/docker-tools-fix-format 
nixos/tests/docker-tools.nix: Fix format
 2020-12-02 09:02:46 +01:00
Sarah Brofeldt
67650f71cd nixos/tests/docker-tools.nix: Fix format 2020-12-02 08:03:38 +01:00
Andreas Rammhold
26cc536edf
Merge pull request #104203 from andir/saned-max-connections 
nixos/sane: bump the MaxConnections to a reasonable amount
 2020-12-01 19:45:13 +01:00
Luke Granger-Brown
b5a328e58f nixos/tests/misc: account for cgroupv2 
Since #104094 (d22b3ed4bcd24dcc96fd9f99c75bb568bffe2a8c), NixOS is
using the unified cgroup hierarchy by default (aka cgroupv2).

This means the blkio controller isn't there, so we should test for
something else (e.g. the presence of the io controller).

Fixes #105581.
 2020-12-01 17:36:04 +01:00
Symphorien Gibol
9816bbbaa5 nixos/rspamd: add release notes 2020-12-01 14:45:56 +01:00
Jörg Thalheim
b1ed5ffeab
Merge pull request #93293 from tnias/nixos_rspamd_20200716 2020-12-01 13:10:43 +00:00
Sascha Grunert
bd6067cd5d podman: 2.1.0 -> 2.2.0 
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
 2020-12-01 22:20:11 +10:00
Christine Dodrill
3d55480bf8
nixos/tailscale: add package as an option 
This simplifies testing changes to the tailscale service on a local
machine. You can use this as such:

```nix
let
  tailscale_patched = magic {};
in {
  services.tailscale = {
    enable = true;
    package = tailscale_patched;
  };
};
```

Signed-off-by: Christine Dodrill <me@christine.website>
 2020-12-01 12:30:31 +01:00
Silvan Mosberger
a87ab948d2
Merge pull request #104836 from ncfavier/master 
nixos/nat: support IPv6 NAT
 2020-12-01 04:40:09 +01:00
Silvan Mosberger
c03a809dc4
Merge pull request #105515 from alyssais/manual-declarative 
nixos/manual: don't recommend nix-env -iA
 2020-12-01 04:28:43 +01:00
Alyssa Ross
55a6b5565b
nixos/manual: don't recommend nix-env -iA 
We're really setting users up on the wrong path if we tell them to
nix-env -iA immediately after installing.  Instead, let's just
reassure them that installing software will be covered in due course
in the manual, to encourage them to keep reading.
 2020-12-01 01:23:16 +00:00
Valérian Galliat
b93a5a1746
nixos/nat: support IPv6 NAT 2020-12-01 00:51:58 +01:00
Silvan Mosberger
8dea4df903
lib/modules: Remove _module.checks.*.triggerPath as it's not necessary 
Previously this option was thought to be necessary to avoid infinite
recursion, but it actually isn't, since the check evaluation isn't fed
back into the module fixed-point.
 2020-11-30 23:51:42 +01:00
Silvan Mosberger
c9cc8969b4
lib/modules: Rename _module.assertions to _module.checks 2020-11-30 23:51:41 +01:00
Silvan Mosberger
c4fb54e92a
nixos/docs: Update assertion docs for new module-builtin ones 2020-11-30 23:51:23 +01:00
Silvan Mosberger
9523df7eb6
nixos/assertions: Use module-builtin assertion implementation 2020-11-30 23:51:22 +01:00
Anderson Torres
881dee5284
Merge pull request #105411 from AndersonTorres/wip-ucg 
ucg: init at 20190225
 2020-11-30 16:55:03 -03:00
AndersonTorres
4bcdf302e1 ucg: init at 20190225 2020-11-30 16:21:41 -03:00
Silvan Mosberger
6df56e1cb8
Merge pull request #103866 from cole-h/doas 
doas: 6.6.1 -> 6.8
 2020-11-30 19:02:55 +01:00
Frederik Rietdijk
9a63b3d3d6
Merge pull request #104781 from NixOS/staging-next 
Staging next
 2020-11-30 18:27:29 +01:00
Nathan van Doorn
12c3e0a465 nixos/services/hoogle use DynamicUser instead of nobody 
I've also removed PrivateTmp = true because this is implied by dynamic user.

I've left ProtectHome = true because I believe this is stronger than
ProtectHome = "read-only" which DynamicUser implies.
 2020-11-30 13:36:19 +00:00
happysalada
85767db6b8 add happysalada as maintainer 2020-11-30 16:34:53 +09:00
happysalada
627dfecadd nixos/vector: add module 2020-11-30 16:22:08 +09:00
Jörg Thalheim
3b6ef967f3
nixos/rspamd: fix postfix integration 2020-11-30 07:29:32 +01:00
Raghav Sood
1fd8d571ed
cpp_ethereum: remove 2020-11-30 03:23:21 +00:00
Florian Klink
a623bc0ba4
Merge pull request #104689 from petabyteboy/feature/gitlab-13-6-1 
gitlab: 13.6.0 -> 13.6.1
 2020-11-29 22:37:42 +01:00
Maximilian Bosch
752b6a95db
nixos/mautrix-telegram: update defaults 
These three defaults must exist in the config now, otherwise
`mautrix-telegram` will refuse to start.
 2020-11-29 21:28:07 +01:00
Gabriel Ebner
0155830275 nixos/pipewire: allow overriding the pipewire derivation 2020-11-29 17:43:07 +01:00
Gabriel Ebner
ce28fd3d22 nixos/pipewire: add media-session.d files 2020-11-29 17:43:07 +01:00
Gabriel Ebner
53029a15cc nixos/pipewire: enable sound on alsa support 
Otherwise sound.extraConfig has no effect.
 2020-11-29 15:08:38 +01:00
Luke Granger-Brown
d29428523e rl-21.03: add PulseAudio 13.0 -> 14.0 upgrade to release notes 2020-11-29 13:27:46 +00:00
Frederik Rietdijk
0d8491cb2b Merge master into staging-next 2020-11-29 13:51:10 +01:00
Sarah Brofeldt
a7a5f7904c
Merge pull request #99173 from johanot/fix-initrd-ssh-commands-test 
nixos/initrd-ssh: set more defensive pemissions on sshd test key
 2020-11-29 11:27:03 +01:00
StigP
e2968a0442
Merge pull request #102061 from braunse/gogs-0-12-3 
gogs: 0.11.91 -> 0.12.3
 2020-11-29 10:01:47 +01:00
Ryan Mulligan
cb42d08df2
Merge pull request #62104 from Vizaxo/master 
nixos/exwm: allow custom Emacs load script
 2020-11-28 18:47:21 -08:00
Martin Weinelt
62ef710b54
Merge pull request #104268 from mvnetbiz/ha-allowpaths 
home-assistant: add allowlist_external_dirs to systemd unit ReadWritePaths
 2020-11-29 00:25:35 +01:00
Sander van der Burg
336628268f nixos/disnix: reorder startup to take MongoDB and InfluxDB into account, add option to add Disnix profile to the system PATH 2020-11-28 20:15:21 +01:00
Sander van der Burg
5e392940cf nixos/dysnomia: add InfluxDB configuration options, add option to use legacy modules, eliminate import from derivation hack 2020-11-28 20:15:21 +01:00
Silvan Mosberger
cb59ff4aab
Merge pull request #86225 from sorki/proxychains 
nixos/proxychains: init
 2020-11-28 19:45:32 +01:00
Tim Steinbach
8529788e73
jq: Add test 2020-11-28 13:42:36 -05:00
Tim Steinbach
fe8fa45573
bat: Add test 2020-11-28 13:42:36 -05:00
Tim Steinbach
2d85247086
lsd: Add test 2020-11-28 13:42:36 -05:00
Tim Steinbach
13ebb30910
minecraft-server: Add test 2020-11-28 12:43:17 -05:00
Tim Steinbach
0dc74a15ad
minecraft: Add test 2020-11-28 12:43:17 -05:00
Frederik Rietdijk
9e062723b2 Merge master into staging-next 2020-11-28 08:53:47 +01:00
Sebastien Braun
5c87a6b8ea gogs: 0.11.91 -> 0.12.3 2020-11-28 06:50:52 +01:00
Sandro
a390213f85
Merge pull request #85133 from snicket2100/mosquitto-service-sandboxing 
mosquitto: systemd service sandboxing
 2020-11-27 18:53:36 +01:00
Frederik Rietdijk
b2a3891e12 Merge master into staging-next 2020-11-27 15:09:19 +01:00
Milan Pässler
81aff9f411 nixos/gitlab: use bindsTo instead of requires for gitaly 2020-11-26 14:12:14 +01:00
Jan Tojnar
e95cc8519b
Merge pull request #104553 from jansol/pipewire 
pipewire: 0.3.15 -> 0.3.16
 2020-11-26 10:59:17 +01:00
Sarah Brofeldt
2e4d714334 nixos/tests/networking: Alleviate race in scripted test 2020-11-25 20:08:03 +01:00
Tim Steinbach
4196aa9660
awscli: Add test 2020-11-25 13:00:41 -05:00
Luke Granger-Brown
ad62155cb6 nixos/zram: add zramSwap.memoryMax option 
This allows capping the total amount of memory that will be used for
zram-swap, in addition to the percentage-based calculation, which is
useful when blanket-applying a configuration to many machines.

This is based off the strategy used by Fedora for their rollout of
zram-swap-by-default in Fedora 33
(https://fedoraproject.org/wiki/Changes/SwapOnZRAM), which caps the
maximum amount of memory used for zram at 4GiB.

In future it might be good to port this to the systemd zram-generator,
instead of using this separate infrastructure.
 2020-11-25 13:43:38 +00:00
Frederik Rietdijk
5790bb073f nixos auto-upgrade: remove flag when flake 
The `--no-build-output` flag that is added by default is only valid
for the old cli, which is not used when flakes are used.

Follow-up to c9daa81eff922d9f77d136cfcff0ea05d40024e0.
 2020-11-25 08:34:04 +01:00
Florian Klink
5b3a952e04
Merge pull request #102938 from cruegge/dev-symlinks 
nixos/stage-1: create /dev/std{in,out,err} symlinks
 2020-11-25 01:57:21 +01:00
Stijn DW
3d3bcc5cc9 nixos/factorio: Don't open firewall ports by default 2020-11-24 23:14:57 +01:00
Stijn DW
d93434458b nixos/factorio: add openFirewall option 2020-11-24 23:14:57 +01:00
Graham Christensen
d9c3f13df3
Merge pull request #104776 from grahamc/utillinux 
utillinux: rename to util-linux
 2020-11-24 15:14:36 -05:00
Graham Christensen
bc49a0815a
utillinux: rename to util-linux 2020-11-24 12:42:06 -05:00
adisbladis
302df2a9a1
Merge pull request #81661 from adisbladis/ssh-pam-sudo-keys 
pam_ssh_agent_auth: Honour services.openssh.authorizedKeysFiles
 2020-11-24 16:06:47 +01:00
Artturin
4db239272c mullvad-vpn: add iproute2 2020-11-24 06:12:32 -08:00
Ryan Mulligan
91f1d7e405
Merge pull request #104734 from ju1m/fix-udev 
nixos/network-interfaces: fix typo in udev rule syntax
 2020-11-24 05:44:52 -08:00
Peter Simons
58f29d3ca8
Merge pull request #104721 from vkleen/postfix-smtp-fix 
nixos.postfix: make postfix.enableSmtp work again
 2020-11-24 08:58:35 +01:00
Jan Tojnar
6d99109b12
Merge branch 'staging-next' into staging 2020-11-24 05:44:44 +01:00
Julien Moutinho
2263fa5698 nixos/network-interfaces: fix typo in udev rule syntax 2020-11-24 04:21:44 +01:00
adisbladis
ba1fa0c604
pam_ssh_agent_auth: Honour services.openssh.authorizedKeysFiles 
If a system administrator has explicitly configured key locations this
should be taken into account by `sudo`.
 2020-11-24 02:47:07 +01:00
Viktor Kleen
6216c843ed
nixos/postfix: make postfix.enableSmtp work again 
This fixes issue #104715.
 2020-11-23 23:46:06 +00:00
rnhmjoj
8f177612b1
nixos/wireless: fix failure with no interfaces 
This resolves issue #101963.

When the service is started and no interface is ready yet, wpa_supplicant
is being exec'd with no `-i` flags, thus failing. Once the interfaces
are ready, the udev rule would fire but wouldn't restart the unit because
it wasn't currently running (see systemctl(1) try-restart).

The solution is to exit (with a clear error message) but always restart
wpa_supplicant when the interfaces are modified.
 2020-11-24 00:18:18 +01:00
Florian Klink
bbf3c9483b
Merge pull request #104520 from Izorkin/wsdd 
wsdd: init at 0.6.2
 2020-11-23 23:18:23 +01:00
Frederik Rietdijk
587538d087 Merge staging-next into staging 2020-11-23 18:10:33 +01:00
Izorkin
0aa34a03d0
nixos/tests/samba-wsdd: add check WSD Discovery 2020-11-23 17:13:22 +03:00
Izorkin
03760ab82e
nixos/samba-wsdd: init service samba-wsdd 2020-11-23 13:26:00 +03:00
Jan Solanti
aca97840da pipewire: 0.3.15 -> 0.3.16 
This release replaces the libpulseaudio shim with a pipewire module that acts as a fake pulseaudio server along with a systemd service that loads that module on demand.
 2020-11-23 10:40:35 +02:00
Scott Worley
e0d27cfb31 nixos/locate: Whitespace: One pruneFS default per line 
This makes merging less painful.

This is nixfmt's preferred format.
 2020-11-22 21:53:08 -08:00
zowoq
dbbd289982 nixos/*: fix indentation 2020-11-23 08:42:51 +10:00
zowoq
bbcbaeb54d nixos/tests/fctix: remove trailing whitespace 2020-11-23 08:42:51 +10:00
Florian Klink
c76891314d
Merge pull request #104094 from flokli/systemd-unified-cgroup-hierarchy 
systemd: switch to unified cgroup hierarchy by default
 2020-11-22 22:35:42 +01:00
Graham Christensen
1ee1134cb1
Merge pull request #104456 from endgame/refresh-instance-metadata-on-boot 
Refresh instance metadata on boot
 2020-11-22 08:23:14 -05:00
Tristan Helmich
3049064aa5 nixos/release-notes: Warn on wpa_supplicant changes 2020-11-22 11:43:43 +00:00
Florian Klink
904f124247
Merge pull request #99116 from jslight90/gitlab-13.4.0 
GitLab 13.0.14 -> 13.6.0
 2020-11-22 12:00:03 +01:00
Jack Kelly
6fd871dec4 rl-21.03: describe EC2 instance user/meta data reloading 2020-11-22 12:22:46 +10:00
Jack Kelly
43bfd7e5b1 {ec2,openstack}-metadata-fetcher: unconditionally fetch metadata 
The metadata fetcher scripts run each time an instance starts, and it
is not safe to assume that responses from the instance metadata
service (IMDS) will be as they were on first boot.

Example: an EC2 instance can have its user data changed while
the instance is stopped. When the instance is restarted, we want to
see the new user data applied.
 2020-11-22 11:04:46 +10:00
Jack Kelly
8c39655de3 {ec2,openstack}-metadata-fetcher: introduce wget_imds function 2020-11-22 11:04:46 +10:00
Jack Kelly
f8c3027812 openstack-metadata-fetcher: stop lying in log message 2020-11-22 11:04:46 +10:00
Jörg Thalheim
258903e725
Merge pull request #94610 from kwohlfahrt/openldap 2020-11-21 23:09:40 +01:00
Aaron Andersen
30c2069a9c
Merge pull request #78168 from active-group/subversion-apache-config-docs 
nixos/doc: Rudimentary documentation for Subversion-inside-Apache HTTP.
 2020-11-21 15:17:45 -05:00
Kai Wohlfahrt
c96f18feee nixos/openldap: migrate sssd-ldap to new settings 2020-11-21 16:13:03 +00:00
Kai Wohlfahrt
db5bb4e26b nixos/openldap: Fix sssd-ldap test 
Use this as a test of the migration warnings/functionality.
 2020-11-21 16:13:03 +00:00
Kai Wohlfahrt
fefc26f844 nixos/openldap: use mkRenamedOptionModule 
This offers less helpful warnings, but makes the implementation
considerably more straightforward.
 2020-11-21 16:13:03 +00:00
Kai Wohlfahrt
ce1acd97a7 nixos/openldap: fix path + base64 value types 2020-11-21 16:13:03 +00:00
Kai Wohlfahrt
b2ebffe186 nixos/openldap: Fix indentation 2020-11-21 16:13:03 +00:00
Kai Wohlfahrt
3f892c2174 nixos/openldap: Remove extraConfig options 
Instead of deprecating, as per PR feedback
 2020-11-21 16:13:03 +00:00
Kai Wohlfahrt
2050376cae nixos/openldap: Mention schemas in migration hint 2020-11-21 15:45:16 +00:00
Kai Wohlfahrt
5fafbee87a nixos/openldap: Add release-notes for OLC config 2020-11-21 15:45:15 +00:00
Kai Wohlfahrt
adda7e62d0 nixos/openldap: Add support for base64 values 2020-11-21 15:39:20 +00:00
Kai Wohlfahrt
d05061c5cd nixos/openldap: Pick some PR nits 2020-11-21 15:39:20 +00:00
Kai Wohlfahrt
9528faf182 nixos/openldap: Allow declarativeContents for multiple databases 2020-11-21 15:39:19 +00:00
Kai Wohlfahrt
057cb570be nixos/openldap: Add delcarativeConfig by suffix 
Adding by index could be an issue if the user wanted the data to be
added to a DB other than the first.
 2020-11-21 15:39:19 +00:00
Kai Wohlfahrt
1fde3c3561 nixos/openldap: switch to slapd.d configuration 
The old slapd.conf is deprecated. Replace with slapd.d, and use this
opportunity to write some structured settings.

Incidentally, this fixes the fact that openldap is reported up before
any checks have completed, by using forking mode.
 2020-11-21 15:39:19 +00:00
Joachim F
547d660f64
Merge pull request #104052 from TredwellGit/nixos/malloc 
nixos/malloc: fix Scudo
 2020-11-21 14:31:58 +00:00
Frederik Rietdijk
f36b838e2a nixos test-driver: fix single line docstrings, fixes #104467 
Single line docstrings should have the """ on a single line according to PEP 8.
It seems support for this landed in the latest version of Black.
 2020-11-21 09:51:31 +01:00
Frederik Rietdijk
1ffd7cf0d6 Merge master into staging-next 2020-11-21 08:43:10 +01:00
Milan Pässler
d6e0d38b84 nixos/tests/gitlab: add 32 byte secrets 2020-11-21 01:39:08 +01:00
Milan Pässler
0f82bd767b nixos/gitlab: start gitaly after gitlab 2020-11-21 01:38:11 +01:00
Guillaume Girol
01083f116d
Merge pull request #102235 from symphorien/paperwork2 
Paperwork 2.0
 2020-11-20 21:30:08 +00:00
Jeff Slight
f98a6322e6 nixos/gitlab: add changes for gitlab 13.4.x 2020-11-20 19:26:30 +01:00
Graham Christensen
75d7828724
Merge pull request #98544 from Mic92/unfuck-update-user-group 
nixos/update-user-groups: Fix encoding issues + atomic writes
 2020-11-20 10:28:52 -05:00
Florian Klink
90d5bdb12f nixosTests.podman: run default backends, don't run runc rootless 
The runc backend doesn't work with unified cgroup hierarchy, and it
failing is a known issue.

However, the default backends should work in both rootless and as-root
scenarios, so make sure we test these.
 2020-11-20 16:23:35 +01:00
adisbladis
da3516f694
Merge pull request #104374 from adisbladis/dockertools-cross-aarch64 
dockerTools: Always cross compile for another arch in the cross example
 2020-11-20 14:57:26 +01:00
Eelco Dolstra
80097e57c9
nix: 2.3.8 -> 2.3.9 2020-11-20 13:03:04 +01:00
adisbladis
b7b22c5814
dockerTools: Always cross compile for another arch in the cross example 
The example fails to build on aarch64, so lets cross build for gnu64.
 2020-11-20 12:57:58 +01:00
Frederik Rietdijk
553b7a8bf0 Merge master into staging-next 2020-11-20 08:12:06 +01:00
Jan Tojnar
f6105d21e3
Merge branch 'master' into staging-next 2020-11-20 01:38:32 +01:00
Graham Christensen
b339462460
nixos: release-combined: only build the amazon image for x86_64,aarch64-linux -- exclude i686 2020-11-19 19:34:23 -05:00
Graham Christensen
1115df837e
Merge pull request #104322 from grahamc/amazon-image 
nixos/release-small: add amazonImage
 2020-11-19 18:45:07 -05:00
Graham Christensen
1ef139f3b0
nixos/release-small: add amazonImage 
fixup breakage from #104193
 2020-11-19 17:45:40 -05:00
Graham Christensen
7fa7bf2fda
Merge pull request #104193 from grahamc/ec2-metadata-imdsv2 
NixOS EC2 AMI: Support IMDSv2
 2020-11-19 16:11:32 -05:00
Robert Hensing
c68e739300
Merge pull request #104271 from adisbladis/dockertools-cross 
dockerTools.buildLayeredImage: Fix cross compilation
 2020-11-19 20:41:53 +01:00
Frederik Rietdijk
ea7b8978ef Merge master into staging-next 2020-11-19 20:08:15 +01:00
Graham Christensen
0d87ce610e
nixos: release: add amazonImage as a channel blocker 2020-11-19 13:56:55 -05:00
Graham Christensen
f2cfecdec3
nixos ami: preflight the imds token 
According to Freenode's ##AWS, the metadata server can sometimes
take a few moments to get its shoes on, and the very first boot
of a machine can see failed requests for a few moments.
 2020-11-19 13:56:44 -05:00
Graham Christensen
83ea88e03f
nixos: ec2 ami: support IMDSv2 
AWS's metadata service has two versions. Version 1 allowed plain HTTP
requests to get metadata. However, this was frequently abused when a
user could trick an AWS-hosted server in to proxying requests to the
metadata service. Since the metadata service is frequently used to
generate AWS access keys, this is pretty gnarly. Version two is
identical except it requires the caller to request a token and provide
it on each request.

Today, starting a NixOS AMI in EC2 where the metadata service is
configured to only allow v2 requests fails: the user's SSH key is not
placed, and configuration provided by the user-data is not applied.
The server is useless. This patch addresses that.

Note the dependency on curl is not a joyful one, and it expand the
initrd by 30M. However, see the added comment for more information
about why this is needed. Note the idea of using `echo` and `nc` are
laughable. Don't do that.
 2020-11-19 13:00:56 -05:00
adisbladis
11367b2db1
dockerTools: Add cross compilation test 2020-11-19 18:13:22 +01:00
Florian Klink
f6832971f5 nixosTests.systemd: increase accounting coverage 
For now, testing IO Accounting is skipped, as it seems to be either
broken, or hard to reproduce in a VM.
 2020-11-19 16:56:46 +01:00
Florian Klink
5d45f269aa nixos/k3s: disable unifiedCgroupHierarchy 
This gets automatically disabled by docker if the docker backend is
used, but the bundled containerd also doesn't seem to support cgroupsv2,
so disable it explicitly here, too.
 2020-11-19 16:56:46 +01:00
Florian Klink
d22b3ed4bc systemd: switch to unified cgroup hierarchy by default 
See https://www.redhat.com/sysadmin/fedora-31-control-group-v2 for
details on why this is desirable, and how it impacts containers.

Users that need to keep using the old cgroup hierarchy can re-enable it
by setting `systemd.unifiedCgroupHierarchy` to `false`.

Well-known candidates not supporting that hierarchy, like docker and
hidepid=… will disable it automatically.

Fixes #73800
 2020-11-19 16:56:46 +01:00
Jörg Thalheim
2bf5899d6a
Merge pull request #104105 from spacefrogg/openafs-1.9 2020-11-19 14:42:17 +01:00
Matt Votava
746efadcce home-assistant: add allowlist_external_dirs to systemd unit ReadWritePaths 2020-11-19 04:29:03 -08:00
Robert Hensing
c790ed8c4e
Merge pull request #96371 from asdf8dfafjk/fcitx_commit 
fcitx: Add test (Unicode input, table input, m17n)
 2020-11-19 11:05:36 +01:00