dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
668,493 Commits 3 Branches 0 Tags 4.3 GiB
3f08237ceb
Commit Graph

43038 Commits

Author SHA1 Message Date
DCsunset
a191e88a1a nixos/gotify-server: update test 2024-07-30 17:40:17 -04:00
DCsunset
0c2918fc91 nixos/gotify-server: add environment and environmentFiles options 2024-07-30 17:38:00 -04:00
DCsunset
e1ced8b12c nixos/gotify-server: add package option 2024-07-30 17:32:01 -04:00
DCsunset
b5a051f694 nixos/gotify-server: add maintainer 2024-07-30 17:29:55 -04:00
DCsunset
2079eeb882 nixos/gotify-server: clean up and reformat module 2024-07-30 17:28:54 -04:00
Robert Rose
3ac993566c nixos/k3s: add test for airgap images import 
Add a nixos test that imports the airgap images
archive and checks whether all expected images are
successfully loaded by k3s.
 2024-07-30 21:14:25 +02:00
Robert Rose
eeacf85fb9 k3s: add airgap images to passthru attributes 
The k3s update script filters the assets of a
corresponding release for airgap images archives
and provides these as passthru attributes of the
k3s derivation. We use zstd archives, as these
offer the best compression ratios and decompression
speed. Furthermore, the `airgapImages` passthru
provides the images archive that matches the host
platform architecture, however, this only works
for aarch64 and x86_64. In addition, a txt file
listing all container images of a release is made
available via a passthru attribute. The airgap
images archives can be combined nicely with the
`services.k3s.images` option, e.g. to pre-provision
k3s nodes for environments without Internet
connectivity.
 2024-07-30 21:14:17 +02:00
Masum Reza
cb27644348
Merge pull request #310661 from somasis/boot.plymouth.font 
nixos/boot.plymouth.font: escape font path
 2024-07-31 00:39:11 +05:30
Emily
d21a082a4d
Merge pull request #296691 from helsinki-systems/feat/restic-systemd-inhibit 
nixos/restic: add option to inhibit going to sleep
 2024-07-30 20:45:56 +02:00
Morgan Jones
da4c9eb47b
tests/armagetronad: increase memory allocation 2024-07-30 11:32:13 -07:00
Colin
7306423158
nixos/pam: fully-qualify modulePath 
this ensures PAM users always get the intended version of a module when
multiple versions of the same module exist on a system.

most packages which consume `pam` and link against `libpam.so` do so only
to access its API, and not because they care about the specific
`pam_<xyz>.so` modules provided by that `pam`. but when specifying
modules by name only, PAM-capable applications may well load the
`pam_<xyz>.so` from the `pam` they were compiled against instead of the
pam declared in `security.pam.package`. by fully qualifying `modulePath`
we ensure that users can actually swap out pam modules without rebuilding
the world.
 2024-07-30 23:53:58 +05:30
Colin
7511ed266c
nixos/pam: add security.pam.package option 
this can be used to swap out which pam package is actually used by the
system for things like `pam_limits`, `pam_tty_audit`, etc, without forcing
a mass rebuild the way an overlay would.
 2024-07-30 23:53:57 +05:30
Víctor Martínez
bbb542ea66
nixos/ollama: add missing nvidia device group name (#331125) 
Fixes: #331069
 2024-07-30 19:03:08 +02:00
Sandro Jäckel
280e9a5ca4
nixos/nix: move trusted-user to config 
This avoids having to define root when trying to add another user as
trusted user, similar to the other options.
 2024-07-30 18:18:57 +02:00
Jonathan Zielinski
42e7fd46e7 nixos/nvidia-container-toolkit: add device-name-strategy option 
Containerd will fail to inject CDI devices if you've been using the
uuid naming strategy rather than the default one.
 2024-07-30 15:25:48 +00:00
Sigmanificient
aab1113d4a treewide: normalize maintainers list formatting 
grep -rP 'maintainers = \[\];'
 2024-07-30 16:26:22 +02:00
OPNA2608
6e42f74cf9 tests/lomiri: Drop OCR for starter content 
It has started to take 10 minutes to get a match, and we open the starter more than once.

Let's just drop this check, ydotool helps alot with getting it open more reliably.
 2024-07-30 13:26:09 +02:00
OPNA2608
826486cd2f nixos/lomiri: Add camera app 2024-07-30 13:26:09 +02:00
OPNA2608
b45fe2e63c tests/lomiri-camera-app: init 2024-07-30 13:26:09 +02:00
Masum Reza
15aa26cee0
Merge pull request #318815 from OPNA2608/init/miracle-wm 
miracle-wm: init at 0.3.0
 2024-07-30 14:56:47 +05:30
K900
7f2ec487cc nixos/i2pd: actually fix, clean up a little bit 2024-07-30 11:07:37 +03:00
Masum Reza
d2f7731666
Merge pull request #322312 from 71rd/wayfire-fix 
nixos/wayfire: fix import file with settings required to start service
 2024-07-30 12:58:15 +05:30
Yt
12b71d62f9
Merge pull request #330922 from jpds/vector-0.40.0 
vector: 0.39.0 → 0.40.0
 2024-07-30 00:28:08 +00:00
Jonathan Davies
382f37aa40
nixos/vector: Delete superfluous host field from demo_logs source in Quickwit test 2024-07-29 21:51:02 +01:00
K900
268299ad04 nixos/i2pd: fix warning 2024-07-29 23:36:08 +03:00
Philip Taron
4c7b49613a nixcfg-azure-devenv: avoid top-level with in shell.nix 2024-07-29 19:46:18 +02:00
Philip Taron
2b67819d55 nixos-test-driver: avoid top-level with in shell.nix 2024-07-29 19:46:18 +02:00
git@71rd.net
2483ea35cd modules/wayfire: nixfmt 
Signed-off-by: git@71rd.net <git@71rd.net>
 2024-07-29 16:13:55 +00:00
git@71rd.net
3f55cc361c nixos/wayfire: fix import file with settings required to start service 
Wayfire does not start without further configuration, when
programs.wayfire.enable is the only wayland wm enabled. When sway or a
similar program is also enabled that program imports wayland-session.nix
hiding the problem.

This imports wayland-session.nix and adds the option xwayland.enable to
pass to the file
 2024-07-29 14:24:26 +00:00
OPNA2608
5659ea3d6b tests/miracle-wm: init 2024-07-29 15:19:47 +02:00
OPNA2608
ed443c58a8 nixos/miracle-wm: init 2024-07-29 15:09:17 +02:00
Sandro
f22c61e419
Merge pull request #330109 from teutat3s/default-docker-27 
docker: move default from 24.x to 27.x, docker_24 mark as vulnerable, docker_{25,26}: bump
 2024-07-29 13:48:20 +02:00
Kerstin Humm
ceb54bc2a7
nixos/gollum: format with nixfmt 2024-07-29 12:49:44 +02:00
Kerstin Humm
d6b9fb9ba3
gollum: 5.3.3 -> 6.0.1 
Changelog: https://github.com/gollum/gollum/releases
 2024-07-29 12:49:43 +02:00
Robert Hensing
c38f9ee113
Merge pull request #324789 from NixOS/devShellTools-env 
`devShellTools`: add environment functions
 2024-07-29 10:00:40 +02:00
Franz Pletz
1e00e90307
Merge pull request #329450 from Kiskae/nvidia/560.28.03 2024-07-29 09:19:52 +02:00
Aleksana
a07da9722d
Merge pull request #330664 from Mic92/empty-with 
treewide: remove unused `with` statements from maintainer lists
 2024-07-29 15:01:57 +08:00
github-actions[bot]
d0b2f51f0f
Merge staging-next into staging 2024-07-29 06:01:55 +00:00
Jörg Thalheim
5356420466 treewide: remove unused with statements from maintainer lists 
$ find -type f -name '*.nix' -print0 | xargs -P "$(nproc)" -0 sed -i \
  -e 's!with lib.maintainers; \[ *\];![ ];!' \
  -e 's!with maintainers; \[ *\];![ ];!'
 2024-07-29 10:06:20 +08:00
github-actions[bot]
2b898b30ea
Merge staging-next into staging 2024-07-29 00:03:08 +00:00
oddlama
c15eea348d
nixos/nvidia: fix potential null value in versionOlder check 2024-07-29 01:58:55 +02:00
Sandro
bf5f4549e1
Merge pull request #300201 from schuetzm/mysqlbackup-rsyncable 2024-07-29 01:29:33 +02:00
Robert Hensing
1a70c803cb Format 2024-07-29 00:23:05 +02:00
Robert Hensing
b5389e2ae9 nixosTests.docker-tools-nix-shell: Enable on aarch64-linux 
The docker-tools test, where this originates, was not run on aarch64-linux, but this is an artifact of its age more so than anything else.

Co-authored-by: Ivan Trubach <mr.trubach@icloud.com>
 2024-07-29 00:23:05 +02:00
Robert Hensing
6881d9b181 nixosTests.docker-tools-nix-shell: Extract 
These tests should run as part of the `tests.devShellTools` suite,
and they're a significant portion of the general docker tools test
duration.
 2024-07-28 23:19:56 +02:00
Sandro
244f70eaa4
Merge pull request #330455 from SuperSandro2000/nvidia-vaapi-driver-32-bit 2024-07-28 21:37:20 +02:00
Robert Scott
48bde3a189 cc-wrapper: add support for pacret hardening flag on aarch64 2024-07-28 19:27:14 +01:00
Emily
8a837af302
Merge pull request #326819 from risicle/ris-shadowstack 
cc-wrapper: add support for `shadowstack` hardening flag
 2024-07-28 19:07:52 +01:00
github-actions[bot]
9f368dc2ef
Merge staging-next into staging 2024-07-28 18:01:25 +00:00
Florian Klink
bc83c7cf57
Merge pull request #330448 from flokli/wvdial 
wvdial, wvstreams: init
 2024-07-28 19:49:33 +03:00
Robert Hensing
70d94d8360
Merge pull request #330434 from ShamrockLee/test-overriding-attrs 
tests.overriding: structure tests as an attribut set
 2024-07-28 15:13:32 +02:00
github-actions[bot]
38b57cc2a9
Merge staging-next into staging 2024-07-28 12:01:38 +00:00
Vladimír Čunát
a5b2fe7374
Merge #328673: staging-next 2024-07-20 2024-07-28 13:45:55 +02:00
Robert Hensing
4ca52fdf5f
Merge pull request #323613 from CyberShadow/fix-nix-path-without-channels-v2 
nix-channel: do not set empty nix-path when disabling channels
 2024-07-28 13:31:10 +02:00
Someone
cabb09a289
Merge pull request #330617 from ereslibre/fix-nvidia-warnings 
virtualisation/{docker,podman}: update nvidia-ctk warning
 2024-07-28 14:24:50 +03:00
Rafael Fernández López
3d2a21eddf virtualisation/{docker,podman}: update nvidia-ctk warning 
Warnings and descriptions for `virtualisation.docker.enableNvidia` and
`virtualisation.podman.enableNvidia` point erroneously to set
`virtualisation.containers.cdi.dynamic.nvidia.enable`. This NixOS
option has been deprecated and the recommended NixOS option is
`hardware.nvidia-container-toolkit.enable`.
 2024-07-28 13:12:27 +02:00
Vladimír Čunát
ca0d8e592b
Merge #330440: nixos/speechd: avoid by default on headless systems 
...into staging-next
 2024-07-28 12:50:17 +02:00
Franz Pletz
ba4b2978e8
Merge pull request #330498 from Gerg-L/direnv 2024-07-28 12:17:16 +02:00
Vladimír Čunát
1e9b3c1af1
nixos/speechd: avoid by default on headless systems 
Incidentally this also fixes tests like nixosTests.installer.simple
/cc PR #329658
 2024-07-28 12:16:12 +02:00
Marc Schütz
9be35dff51 mysqlBackup: use rsyncable compression 2024-07-28 11:03:13 +02:00
Florian
2c5b304712
Merge pull request #219942 from vsharathchandra/druid_nix_module 
nixos/druid: init module and package
 2024-07-28 11:02:06 +02:00
sharath.v
99438044e7 druid: add passthru test 2024-07-28 07:20:16 +00:00
sharath.v
4bfc173d8f nixos/druid: init module 2024-07-28 06:54:13 +00:00
github-actions[bot]
e26c2ed42f
Merge staging-next into staging 2024-07-28 06:01:29 +00:00
github-actions[bot]
384d08d20d
Merge master into staging-next 2024-07-28 06:01:00 +00:00
Gerg-L
ee3da00d59
nixos/direnv: add enable{Bash,Fish,Zsh}Integrations 
use shorthand function for enabled by default options
 2024-07-28 01:09:11 -04:00
Franz Pletz
985acc7254
Merge pull request #326224 from NickCao/udev-kvm 2024-07-28 07:01:48 +02:00
github-actions[bot]
f8a6105aee
Merge staging-next into staging 2024-07-28 00:03:18 +00:00
Sergei Zimmerman
e3e6e94010
nixos/rathole: init module 
Adds a module for rathole package. The package itself
and this module is very similar to frp, so the options
and tests are not very far off from those for frp.
 2024-07-28 01:25:01 +03:00
K900
24076029d2 Merge remote-tracking branch 'origin/master' into staging-next 2024-07-28 01:04:35 +03:00
Gerg-L
008173588b
nixos/direnv: remove old option removal error 2024-07-27 15:37:11 -04:00
Gerg-L
c6f73686d6
nixos/direnv: stop uneccesary build 2024-07-27 15:36:24 -04:00
Gerg-L
9183b7d82b
nixos/direnv: add gerg-l to maintainers 2024-07-27 15:33:39 -04:00
Gerg-L
b99fff4723
nixos/direnv: format with nixfmt 2024-07-27 15:32:31 -04:00
Sandro
2ae7003371
Merge pull request #330187 from SuperSandro2000/archisteamfarm 2024-07-27 21:00:45 +02:00
Julien Malka
3d3c0f4d34
Merge pull request #330017 from Mic92/boot-counting 
nixos/systemd-boot: init boot counting
 2024-07-27 19:53:49 +02:00
Sandro Jäckel
83c0ed1fe8
nixos/nvidia: drop nvidia-vaapi-driver from 32bit drivers 
nvidia-vaapi-driver is designed to work with firefox which is 64bit
only. On my system this adds almost 600 MiB closure size.
 2024-07-27 18:31:03 +02:00
Florian Klink
21e3a4214f nixos/wvdial: init module 2024-07-27 19:11:02 +03:00
Yueh-Shun Li
fdd16729a2 tests.overriding: structure tests as an attribut set 
Make individual tests accessible via tests.override.tests.<name>
 2024-07-27 22:42:30 +08:00
Nick Cao
c8789dfa2b
Merge pull request #330198 from r-ryantm/auto-update/restic-rest-server 
restic-rest-server: 0.12.1 -> 0.13.0
 2024-07-27 10:38:03 -04:00
pancho horrillo
1f88956b95
nixos/kmscon: fix cfgfile missing trailing newline 
Currently, the `kmscon.conf` file that is generated is missing a
trailing newline.  This breaks `kmscon`, since its parser assumes
well-formedness.

I noticed this while trying to specify a font, whose spec ended up on
the last line, but without the trailing newline, `kmscon` would not honor it.
 2024-07-27 15:54:41 +02:00
github-actions[bot]
4007341b1f
Merge staging-next into staging 2024-07-27 12:01:37 +00:00
github-actions[bot]
614efe64e8
Merge master into staging-next 2024-07-27 12:01:12 +00:00
Robert Schütz
3e4e2db2d7 restic-rest-server: 0.12.1 -> 0.13.0 
Diff: https://github.com/restic/rest-server/compare/v0.12.1...v0.13.0

Changelog: https://github.com/restic/rest-server/blob/v0.13.0/CHANGELOG.md
 2024-07-27 02:34:16 -07:00
Luflosi
a61d4728e8
nixos/eg25-manager: init 2024-07-27 10:42:45 +02:00
Florian
bfe7a4a3ee
Merge pull request #330294 from ju1m/radicle 
nixos/radicle: fix support for encrypted privateKeyFile
 2024-07-27 09:35:28 +02:00
Vladimír Čunát
64c6a981fe
Merge branch 'master' into staging-next 2024-07-27 09:18:58 +02:00
Bobby Rong
eb084d18d3
Merge pull request #330174 from bobby285271/upd/pantheon 
Pantheon updates 2024-07-26
 2024-07-27 12:38:35 +08:00
Bobby Rong
759ee151e7
nixosTests.pantheon: Disable flaky test for closing multitasking view 
org.freedesktop.DBus.Error.NoReply sometimes.
 2024-07-27 11:32:27 +08:00
Silvan Mosberger
b6a3ee75cd
Merge pull request #324688 from philiptaron/__attrsFailEvaluation/linuxKernel 
linuxPackages: remove __attrsFailEvaluation since the attrset evaluates
 2024-07-27 02:28:35 +02:00
Julien Moutinho
db44a65a61 nixos/radicle: fix support for encrypted privateKeyFile 2024-07-27 01:48:51 +02:00
Nick Cao
84fa4de5d8
Merge pull request #328728 from NickCao/keycloak-metrics-spi 
keycloak.plugins.keycloak-metrics-spi: 5.0.0 -> 6.0.0
 2024-07-26 19:21:59 -04:00
Silvan Mosberger
d2a2dbc063
Merge pull request #311459 from philiptaron/doc-in-pkgs 
nixpkgs-manual: init
 2024-07-27 01:05:09 +02:00
DCsunset
05113f61f0 nixos/stirling-pdf: init module 2024-07-26 18:12:50 -04:00
Philip Taron
849cf13725
web-devmode: call as package 2024-07-26 13:43:59 -07:00
nicoo
9587ddd261
nixos/nix-channel: don't set nix-path (#327683) 
Otherwise, the empty path in `nix.conf` takes precedence over `NIX_PATH`,
and by extension the `nix.nixPath` configuration option.

Introduced in 61afc4d166.
 2024-07-26 19:19:38 +00:00
teutat3s
b381163c0b
docker: move default from 24.x to 27.x 
24.x is no longer maintained as of February 1, 2024[1].
It did not (yet?) receive a fix for CVE-2024-41110.

[1] https://github.com/moby/moby/pull/46772#discussion_r1686464084
 2024-07-26 20:57:43 +02:00
Jörg Thalheim
ed2202e9e6
Merge pull request #328130 from Enzime/add/regreet-themes 
regreet: add options for controlling theming
 2024-07-26 20:30:57 +02:00
Jörg Thalheim
11067484e9
Merge pull request #328722 from Cottand/update-nomad2 
nomad: update 1.6 and 1.8, build with go 1.22 for 1.8 and 1.6, deprecate 1.5
 2024-07-26 20:29:41 +02:00
Jörg Thalheim
cd8166ed1c
Merge pull request #329731 from ju1m/radicle 
nixos/radicle: fix support of absolute file paths for SSH keys
 2024-07-26 20:25:23 +02:00
Florian
6d0f55ef84
Merge pull request #328148 from NukaDuka/prometheus-pve-exporter 
prometheus-pve-exporter: 3.2.4 -> 3.4.3
 2024-07-26 20:21:21 +02:00
Julien Malka
64edc7f00f nixos/systemd-boot: init boot counting 
Update nixos/modules/system/boot/loader/systemd-boot/boot-counting.md

Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
 2024-07-26 20:04:37 +02:00
github-actions[bot]
8c2e73a4ed
Merge staging-next into staging 2024-07-26 18:01:39 +00:00
github-actions[bot]
c708f59661
Merge master into staging-next 2024-07-26 18:01:11 +00:00
Martin Weinelt
0196cfe7f3
Merge pull request #330152 from dotlambda/home-assistant 
nixos/home-assistant: customComponents must use buildHomeAssistantComponent
 2024-07-26 19:15:11 +02:00
K900
c32b73a2d6 nixos/plasma6: add libplasma to SDDM wrapper 
It's actually required.
 2024-07-26 19:20:02 +03:00
Martin Weinelt
93f4195fe0
Merge remote-tracking branch 'origin/master' into staging-next 
Conflicts:
- pkgs/applications/graphics/seamly2d/default.nix
 2024-07-26 18:05:04 +02:00
Aleksana
577a9c43f3
Merge pull request #330042 from Sigmanificient/remove-leading-space-description 
treewide: remove trailing space in description
 2024-07-26 23:48:02 +08:00
Robert Schütz
a5f8d3fe02 nixos/home-assistant: customComponents must use buildHomeAssistantComponent 2024-07-26 07:33:40 -07:00
Sandro Jäckel
316e779538
Revert "nixos/archisteamfarm: fix crash when web-ui is disabled" 
This reverts commit 02e9c36e59.
 2024-07-26 16:27:19 +02:00
Dennis Stengele
6f3ba8d714
nixos/zeronsd: init module and package (#253610) 
* zeronsd: init at 0.5.2

* nixos/zeronsd: init at 0.5.2

This is the module for the new zeronsd package.
 2024-07-26 15:20:56 +02:00
K900
fd662230c4 nixos/installer: ship only one mbrola voice per language 
This reduces the size of mbrola-voices by 387M (647M -> 260M) for all
installers that ship with speechd, to make sure that they fit the output
limits of hydra while not compromising too much on accessbility.

Co-authored-by: Martin Weinelt <hexa@darmstadt.ccc.de>
 2024-07-26 16:12:55 +03:00
Robert Hensing
433a0e68f6
Merge pull request #327801 from Sigmanificient/unused-args-lib 
treewide: remove unused lib (and other) arguments
 2024-07-26 15:11:08 +02:00
K900
04d010a9af nixos/speechd: init 2024-07-26 16:10:16 +03:00
github-actions[bot]
df41014acf
Merge staging-next into staging 2024-07-26 12:01:48 +00:00
K900
26801aa449 Merge remote-tracking branch 'origin/master' into staging-next 2024-07-26 14:31:21 +03:00
Sigmanificient
6dd44107ac treewide: remove unused lib (and other) arguments 2024-07-26 11:18:09 +02:00
Johannes Jöns
349c98e888
Merge pull request #330083 from doronbehar/nixos/neovim-pathsToLink 
nixos/neovim: add /share/nvim to pathsToLink
 2024-07-26 11:17:41 +02:00
Pol Dellaiera
ceda66b310
Merge pull request #251687 from martinetd/cryptpad 
nixos/cryptpad: init, cryptpad: init at 2024.6.0
 2024-07-26 09:21:51 +02:00
Doron Behar
91fb48da75 nixos/neovim: add /share/nvim to pathsToLink 2024-07-26 09:20:50 +03:00
github-actions[bot]
09de87d288
Merge staging-next into staging 2024-07-26 06:01:50 +00:00
K900
1410c766c8 Merge remote-tracking branch 'origin/master' into staging-next 2024-07-26 08:41:08 +03:00
Aleksana
19276533a7
Merge pull request #329968 from carbolymer/jackett-configurable-port 
nixos/jackett: add configurable port
 2024-07-26 11:23:05 +08:00
Aleksana
f6dda3bfc8
Merge pull request #330021 from ju1m/radicle-fix-node-listenAddress 
nixos/radicle: fix node.listenAddress to support both IPv4 and IPv6
 2024-07-26 11:18:10 +08:00
Sigmanificient
543cd40ecc treewide: remove trailing space in description 
Done using `grep -rP 'description\s+=\s+"[^"]+[ ]";' | cut -d ':' -f 1 |
xargs -i nvim {}` and sorting the opened files by hand, avoiding
generated packages list
 2024-07-26 03:38:50 +02:00
Philip Taron
38ffd739cf
linuxPackages: remove __attrsFailEvaluation since the attrset evaluates 2024-07-25 17:32:14 -07:00
Julien Moutinho
d8401bc577 nixos/radicle: add a settings example 2024-07-26 01:15:03 +02:00
Peder Bergebakken Sundt
99dec1f6b0 treewide: fix doc typos 
Done with `fd \\\.md$ . --type f -x typos --write-changes`
 2024-07-26 00:55:13 +02:00
Yt
60bee661ea
Merge pull request #329905 from scvalex/livebook-without-cookie 
livebook: fix service not starting when LIVEBOOK_COOKIE was not set
 2024-07-25 22:42:05 +00:00
Jörg Thalheim
0fbc43eaea
Merge pull request #323641 from XenGi/fix-freshrss 
nixos/freshrss: add ability to use socket path
 2024-07-26 00:20:49 +02:00
Julien Moutinho
5f335cfb8f nixos/radicle: fix node.listenAddress to support both IPv4 and IPv6 2024-07-25 23:46:16 +02:00
Mateusz Galazyn
a0906cbd16
nixos/jackett: add configurable port 2024-07-25 20:33:39 +02:00
github-actions[bot]
fea99da2bd
Merge staging-next into staging 2024-07-25 18:01:26 +00:00
github-actions[bot]
2567b049bd
Merge master into staging-next 2024-07-25 18:00:59 +00:00
éclairevoyant
9aeb620274
Merge pull request #329940 from antonmosich/grammar-fix 
nixos/system: fix grammatical error in docs
 2024-07-25 17:19:18 +00:00
Anton Mosich
bc1c51d6d0
nixos/system: fix grammatical error in docs 2024-07-25 18:19:35 +02:00
Alexandru Scvortov
742ee97845 livebook: fix service not starting when LIVEBOOK_COOKIE was not set 2024-07-25 17:17:41 +01:00
Alexandru Scvortov
f147a306d5 livebook: add munksgaard and scvalex as maintainers 2024-07-25 17:17:41 +01:00
❄️
5f2a6de6f9
Merge pull request #328385 from rorosen/k3s-kubelet-config 
nixos/k3s: add options for graceful node shutdown and kubelet config
 2024-07-25 10:19:16 -03:00
github-actions[bot]
087683291a
Merge staging-next into staging 2024-07-25 06:01:50 +00:00
github-actions[bot]
12ea252962
Merge master into staging-next 2024-07-25 06:01:22 +00:00
github-actions[bot]
b204bd7963
Merge staging-next into staging 2024-07-25 00:02:56 +00:00
github-actions[bot]
94c17d2caa
Merge master into staging-next 2024-07-25 00:02:30 +00:00
abysssol
084f6a3e26 nixos/ollama: make rocmOverrideGfx backward compatible 
The initial version of `rocmOverrideGfx` incorrectly used `lib.mkIf`
in an attempt to prevent interference with previous uses of
`environmentVariables.HSA_OVERRIDE_GFX_VERSION`.

However, the effect was actually to simply erase existing definitions of
`HSA_OVERRIDE_GFX_VERSION` until `rocmOverrideGfx` was set,
which was the situation I was trying to avoid in the first place.

This fixes the bug by switching from `lib.mkIf` to `lib.optionalAttrs`.
 2024-07-24 16:11:09 -04:00
abysssol
246d1ee533 nixos/ollama: reformat with nixfmt-rfc-style 2024-07-24 16:09:56 -04:00
Julien Moutinho
43c36273b2 nixos/radicle: fix support of absolute file paths for SSH keys 2024-07-24 22:07:53 +02:00
Guillaume Girol
bbd80e97f9
Merge pull request #328459 from onny/sane-backends-fix 
sane-backends: 1.2.1 -> 1.3.1
 2024-07-24 20:40:47 +02:00
github-actions[bot]
a4b184a41e
Merge staging-next into staging 2024-07-24 18:01:51 +00:00
github-actions[bot]
7208220b63
Merge master into staging-next 2024-07-24 18:01:18 +00:00
Emily
477c3c6d5e
Merge pull request #307962 from jpds/restic-snapshot-list-only-latest 
nixos/restic: Use cat config in pre-start repo initialization check
 2024-07-24 17:13:38 +02:00
Masum Reza
81cb83b07f
Merge pull request #290008 from eum3l/add-opengfw 
opengfw: init at 0.4.0 (+NixOS module)
 2024-07-24 20:39:41 +05:30
Bobby Rong
3a422267eb
Merge pull request #329199 from bobby285271/upd/cinnamon-by-name 
Move all packages out of cinnamon scope
 2024-07-24 22:04:34 +08:00
Robert Hensing
c5e5aa7266
Merge pull request #308822 from yorickvP/yorickvp/streamLayeredImage-overridable 
dockerTools.streamLayeredImage: add includeNixDB argument, expose conf and streamScript
 2024-07-24 16:02:35 +02:00
Peder Bergebakken Sundt
24899eea99
Merge pull request #327184 from bhankas/goatcounter 
nixos/goatcounter: init
 2024-07-24 15:38:27 +02:00
eum3l
86ae0fca93 nixos/opengfw: init 2024-07-24 15:11:23 +02:00
github-actions[bot]
df499e467c
Merge staging-next into staging 2024-07-24 12:01:42 +00:00
github-actions[bot]
8402add1f4
Merge master into staging-next 2024-07-24 12:01:12 +00:00
Silvan Mosberger
473e469d5a
Merge pull request #328381 from tie/map-attrs-flatten 2024-07-24 13:32:34 +02:00
Ivan Trubach
b9c51260d0 lib/deprecated: print deprecation warning for mapAttrsFlatten 2024-07-24 13:23:16 +03:00
Yaya
9ea48560ad nixos/doc/rl-2411: Mention a change in nixos/gitlab 
`gitaly` is now using the bundled git package instead of `pkgs.git`
internally to maintain compatibility with GitLab.
 2024-07-24 10:51:55 +02:00
Yaya
66f9d60dd7 nixosTests.gitlab: add git package 2024-07-24 10:51:55 +02:00
Yaya
feeb53a430 nixos/gitlab: Replace git package with bundled git 
This commit switches gitaly's git package from `pkgs.git` to the bundled
`git` package in order to maintain compatibility with the supported git
release by gitaly.
 2024-07-24 10:51:55 +02:00
Maximilian Bosch
bf2d040432
postgresql: 15 -> 16 for 24.11+ 
Upgrade default postgresql for stateVersion >=24.11.
This also rebuilds all packages linking against `libpq.so` to use
postgresql 16.

After re-reading https://www.postgresql.org/docs/16/release-16.html
I don't see any major risks about doing that.
 2024-07-24 10:43:02 +02:00
TheRealGramdalf
d66d94b37b
nixos/caddy: fix group option description (#328034) 2024-07-24 16:40:07 +08:00
Sven Slootweg
51a72a8271
nixos/caddy: fix module docs for new root syntax (#328444) 
Old syntax no longer works; `root` now takes two arguments. Updated example in module documentation to reflect this.
 2024-07-24 16:38:48 +08:00
Dominique Martinet
7c448e8d44 nixos/cryptpad: harden service 
cryptpad is not directly exposed to the network, but has plenty that can
be hardened more properly, so fix that.
 2024-07-24 16:17:32 +09:00
Dominique Martinet
b846e8762f nixos/cryptpad: init 
This is a full rewrite independent of the previously removed cryptpad
module, managing cryptpad's config in RFC0042 along with a shiny test.

Upstream cryptpad provides two nginx configs, with many optimizations
and complex settings; this uses the easier variant for now but
improvements (e.g. serving blocks and js files directly through nginx)
should be possible with a bit of work and care about http headers.

the /checkup page of cryptpad passes all tests except HSTS, we don't
seem to have any nginx config with HSTS enabled in nixpkgs so leave this
as is for now.

Co-authored-by: Pol Dellaiera <pol.dellaiera@protonmail.com>
Co-authored-by: Michael Smith <shmitty@protonmail.com>
 2024-07-24 16:17:26 +09:00
Thomas Gerbet
e54753495c
linux/common-config: restrict access to dmesg 
`SECURITY_DMESG_RESTRICT` is enabled by default by a lot of
other distributions for a quite a while now, NixOS is a bit of an outlier.
The main justification to enable it is that kernel log might leak kernel
pointers which can then be used by exploits to defeat KASLR (NixOS also
enables `kernel.kptr_restrict` by default since 2013).
 2024-07-24 12:06:04 +05:30
Vladimír Čunát
cd346565bb
Merge branch 'master' into staging-next 2024-07-24 07:19:19 +02:00
Payas Relekar
aebb3d3474 nixos/goatcounter: init 2024-07-24 10:17:44 +05:30
Masum Reza
13da3c09fb
Merge pull request #327499 from max-privatevoid/pam-kanidm-package-option 
nixos/pam: use Kanidm's package option
 2024-07-24 09:24:09 +05:30
Franz Pletz
b865ea167d
Merge pull request #321644 from pedorich-n/netdata-146 2024-07-23 23:23:30 +02:00
Franz Pletz
e6ae50bb83
Merge pull request #327986 from 7596ff/7596ff/airsonic-context-path 2024-07-23 23:15:27 +02:00
Franz Pletz
f1f5d9433b
Merge pull request #329014 from n8henrie/n8henrie-espanso-maintainer 2024-07-23 23:14:53 +02:00
Kiskae
bfeb6e74cf nixos/nvidia: default open for version 560+ 2024-07-23 22:41:30 +02:00
Jan Tojnar
3178439a4e
Merge pull request #282317 from dawidd6/gdm-autologin-unlocks-keyring 
nixos/gdm: autologin unlocks keyring when possible
 2024-07-23 21:04:35 +02:00
Bobby Rong
be722f046d
cinnamon: Document scope deprecation 2024-07-23 22:12:43 +08:00
Bobby Rong
d2ec434026
nixos/cinnamon: Fix excludePackages example 
We don't ship blueberry and blueberry is in top-level.
 2024-07-23 22:12:42 +08:00
Bobby Rong
22b54a6e7f
cinnamon-gsettings-overrides: Move from cinnamon scope to top-level 2024-07-23 22:12:42 +08:00
Bobby Rong
ab6606dfb8
cinnamon-screensaver: Move from cinnamon scope to top-level 2024-07-23 22:12:42 +08:00
Bobby Rong
d1a7acfc47
cinnamon-common: Move from cinnamon scope to top-level 2024-07-23 22:12:41 +08:00
Bobby Rong
6fd4a53e3e
cinnamon-control-center: Move from cinnamon scope to top-level 2024-07-23 22:12:41 +08:00
Bobby Rong
bf4ffb38d0
cinnamon-session: Move from cinnamon scope to top-level 2024-07-23 22:12:41 +08:00
Bobby Rong
f3d0454e4a
nemo-with-extensions: Move from cinnamon scope to top-level 2024-07-23 22:12:40 +08:00
Bobby Rong
925db507a8
nemo: Move from cinnamon scope to top-level 2024-07-23 22:00:19 +08:00
Bobby Rong
e5373c3e6c
cinnamon-settings-daemon: Move from cinnamon scope to top-level 2024-07-23 22:00:18 +08:00
Bobby Rong
e8fd435f36
cinnamon-translations: Move from cinnamon scope to top-level 2024-07-23 22:00:18 +08:00
Bobby Rong
6f102799e7
cinnamon-menus: Move from cinnamon scope to top-level 2024-07-23 22:00:18 +08:00
Bobby Rong
3fba5befb1
cinnamon-desktop: Move from cinnamon scope to top-level 2024-07-23 22:00:18 +08:00
Franz Pletz
38953c157e
Merge pull request #326369 from getchoo/nixos/nvidia/modesetting 2024-07-23 14:16:56 +02:00
github-actions[bot]
d284ef371e
Merge master into staging-next 2024-07-23 12:01:18 +00:00
Gavin John
467f7b25f6 nixos/doc/rl-2411: Document programs.immersed-vr 2024-07-23 10:07:57 +01:00
Gavin John
f73ef07680 nixos/immersed-vr: init module 2024-07-23 10:07:35 +01:00
Florian
a161b380a9
Merge pull request #328205 from litchipi/ifm 
ifm: init at 4.0.2
 2024-07-23 09:35:56 +02:00
Dawid Dziurla
097b63d424
nixos/gdm: autologin unlocks keyring when possible 2024-07-23 09:34:19 +02:00
Litchi Pi
0fb7268b9b Init IFM service at version 4.0.2 
Signed-off-by: Litchi Pi <litchi.pi@proton.me>
 2024-07-23 08:44:50 +02:00
github-actions[bot]
09a27d5bc1
Merge master into staging-next 2024-07-23 00:02:18 +00:00
Franz Pletz
b12aaa9f9b
Merge pull request #316139 from Luflosi/bind-service-wait-for-ready-status 2024-07-23 00:19:53 +02:00
Pol Dellaiera
771c4624ed
Merge pull request #328713 from mweinelt/ollama-sandbox-issue 
nixos/ollama: replace flawed sandboxing option
 2024-07-22 22:21:16 +02:00
Artturin
60e9cffe2c Merge branch 'master' into staging-next 2024-07-22 22:53:31 +03:00
nikstur
be0df72dfa
Merge pull request #328926 from nikstur/sysusers-only-for-sysusers 
Sysusers only for sysusers
 2024-07-22 20:55:58 +02:00
Bruno BELANYI
87a80cdaf9
Merge pull request #329112 from ambroisie/tandoor-module 
nixos/tandoor-recipes: revert 'GUNICORN_MEDIA=1'
 2024-07-22 15:48:52 +01:00
Jonas Heinrich
4edef1362f sane-backends: configure and use lock dir 2024-07-22 16:46:30 +02:00
Bobby Rong
3e9b9159cb
Merge pull request #327144 from bobby285271/upd/cinnamon-xapps-by-name 
Move various packages out of cinnamon scope
 2024-07-22 21:33:16 +08:00
Martin Weinelt
fe58e8856f
nixos/ollama: make host example dualstack wildcard 
Binding to IPv6 wildcard generally binds dual-stack, which is also a
better example because the way to specify it is not always very clear.
 2024-07-22 14:51:40 +02:00
Martin Weinelt
bd473ceae3
nixos/doc/rl-2411: add ollama changes 2024-07-22 14:51:40 +02:00
Martin Weinelt
12897b37a8
nixos/ollama: harden systemd unit 
Tested with CPU and CUDA acceleration. Researched for ROCm, but I have no
compatible card to test it with.
 2024-07-22 14:51:40 +02:00
Martin Weinelt
be7bce879f
nixos/ollama: remove writablePaths option 
Making the models directory always writable is much simpler, than having
to watch out for an option to facilitate that.
 2024-07-22 14:51:39 +02:00
Martin Weinelt
809ea5c6bd
nixos/ollama: replace flawed sandboxing option 
The ollama module in its default configuration relies on systemd's
`DynamicUser=` feature for user allocation. In #305076 that allocation
was made conditional and tied to the `sandboxing` option, that was
intended to fix access to model directories outside the allocated state
directory.

However, by disabling sandboxing ollama would inadvertently run as root,
given that `User=` and `Group=` are not required to be set.

The correct way to grant access to other paths is to allocate static
user and group, and grant permissions to the destination path to that
allocation.

We therefore replace the sandboxing option user and group options, that
default to `null`, which means they default to `DynamicUser=`, but can
be replaced with a statically allocated user/group, and thereby a stable
uid/gid.

Fixes: 552eb759 ("nixos/ollama: add options to bypass sandboxing")
 2024-07-22 14:51:39 +02:00
Bruno BELANYI
c8f2bb1b65 nixos/tandoor-recipes: revert 'GUNICORN_MEDIA=1' 
Quoting from upstream's documentation [1]:

> Basically everyone recommends not doing this. Please use [a webserver]
> to handle media file serving.

Given that this commit broke the module for unrelated reasons, I've
decided to just revert it and let downstream users make the choice of
easy vs. secure.

[1]: https://docs.tandoor.dev/system/configuration/#gunicorn-media

This reverts commit e8c56de827.
 2024-07-22 09:17:41 +00:00
PopeRigby
a5eaa1df10
nixos/scrutiny: enable collector by default if scrutiny is enabled (#329069) 2024-07-22 07:38:45 +01:00
Aleksana
b841e48094
Merge pull request #329018 from Aleksanaa/nixos/appimage 
nixos/appimage: minor fix eval
 2024-07-22 07:57:16 +08:00
aleksana
71b3f89bee nixos/appimage: minor fix eval 2024-07-22 07:47:00 +08:00
Sohalt
c11439943d
nixos/containers: add wants and after dependency for network interfaces (#153234) 
Co-authored-by: Franz Pletz <fpletz@fnordicwalking.de>
 2024-07-22 01:22:19 +02:00
Nathan Henrie
de322fa088 nixos/espanso: add n8henrie to maintainers 
I help maintain espanso and would like to help maintain both the package
and the module.
 2024-07-21 17:08:24 -06:00
Marcus Ramberg
585a077fd2
Merge pull request #327665 from bolives-hax/add-qemu-s390x-binfmt 
added s390x option type via magic attributes
 2024-07-21 23:12:55 +02:00
Sandro
4b97ce3bc4
Merge pull request #322095 from illustris/hadoop_3_4 
hadoop: init 3.4, drop 3.2
 2024-07-21 21:24:10 +02:00
Sandro
af3e8fe556
Merge pull request #322173 from illustris/hbase 
hbase: version upgrades
 2024-07-21 21:23:28 +02:00
Sandro
49831e2e65
Merge pull request #328604 from illustris/pve-kvm 
nixos/proxmoxImage: fix build
 2024-07-21 21:23:06 +02:00
bl0v3
e83fc89111 nixos/binfmt: added s390x option type via magic attributes 2024-07-21 20:17:16 +02:00
Bobby Rong
d114d56aad
nixos/cinnamon: Do not use "with pkgs.cinnamon" 
Otherwise with allowAliases enabled, the aliases are preferred and used,
spamming deprecation warnings.
 2024-07-22 01:02:17 +08:00
Bobby Rong
508637b0e3
xapp: Move from cinnamon scope to top-level 
* The timeshift changes are used to make by-name check happy.
* More by-name changes in the next commit.
 2024-07-22 01:02:16 +08:00
Atemu
f6d4f4f055
Merge pull request #328662 from Aleksanaa/nixos/appimage 
nixos/appimage: support both type-1 and type-2 appimages in binfmt
 2024-07-21 17:44:39 +02:00
Sandro
4cc8b29327
Merge pull request #299599 from SuperSandro2000/kde-pim 
programs/kde-pim: init
 2024-07-21 16:26:01 +02:00
nikstur
2ca04530c9 nixos/systemd-sysusers: assert against password and hashedPassword 
Regardless of mutable or immutable users, systemd-sysupdate never
updates existing user records and thus will for example never change
passwords for you.

It only support initial passwords and now actively asserts agains other
paswords.
 2024-07-21 16:23:11 +02:00
nikstur
2710a49adb nixos/systemd-sysusers: stop creating users statically 
On Linux we cannot feasbibly generate users statically because we need
to take care to not change or re-use UIDs over the lifetime of a machine
(i.e. over multiple generations). This means we need the context of the
running machine.

Thus, stop creating users statically and instead generate them at
runtime irrespective of mutableUsers.

When /etc is immutable, the password files (e.g. /etc/passwd etc.) are
created in a separate directory (/var/lib/nixos/etc). /etc will be
pre-populated with symlinks to this separate directory.

Immutable users are now implemented by bind-mounting the password files
read-only onto themselves and only briefly re-mounting them writable to
re-execute sysusers. The biggest limitation of this design is that you
now need to manually unmount this bind mount to change passwords because
sysusers cannot change passwords for you. This shouldn't be too much of
an issue because system users should only rarely need to change their
passwords.
 2024-07-21 16:23:11 +02:00
nikstur
d43e323b4a nixos/systemd-sysusers: only create systemusers 
systemd-sysusers cannot create normal users (i.e. with a UID > 1000).
Thus we stop trying an explitily only use systemd-sysusers when there
are no normal users on the system (e.g. appliances).
 2024-07-21 16:22:01 +02:00
Bobby Rong
350a70036a
mint-themes: Move from cinnamon scope to top-level 2024-07-21 21:17:11 +08:00
Bobby Rong
2359076f1f
mint-y-icons: Move from cinnamon scope to top-level 2024-07-21 21:17:10 +08:00
Bobby Rong
c09bdb5d5e
mint-cursor-themes: Move from cinnamon scope to top-level 2024-07-21 21:17:09 +08:00
github-actions[bot]
968bf02dc2
Merge master into staging-next 2024-07-21 12:01:16 +00:00
Will Fancher
6f959a9e96 nixos/make-initrd-ng: dlopen ELF notes 2024-07-21 06:31:42 -04:00
Will Fancher
e6c544270c nixos/make-initrd-ng: Pass contents as JSON 2024-07-21 06:31:42 -04:00
Will Fancher
519680f662 nixos/systemd: Check that systemd-boot is copied to both places. 2024-07-21 06:31:42 -04:00
nikstur
d4a80b6d0c systemd: 255.6 -> 256.2 2024-07-21 06:31:37 -04:00
Franz Pletz
1a3c164570
Merge pull request #328682 from fpletz/nixos/fix-proxmox-lxc 2024-07-21 09:09:40 +02:00
github-actions[bot]
be3262bae8
Merge master into staging-next 2024-07-21 00:02:58 +00:00
Nick Cao
b7080d0dd7
Revert "nixos/keycloak: disable keycloak-metrics-spi in tests" 
This reverts commit 0360d42e20.
 2024-07-20 15:39:58 -04:00
Cottand
6e52b03583 nomad_1_5: deprecate 2024-07-20 20:19:33 +01:00
Adam C. Stephens
65ef67740b
Merge pull request #328665 from adamcstephens/incus/fix-lts-unstable 
incus: fix OVMF path backward compatibility
 2024-07-20 14:09:46 -04:00
github-actions[bot]
e533bfc8da
Merge master into staging-next 2024-07-20 18:01:23 +00:00
lassulus
e209fc2f2f
Merge pull request #241373 from nikstur/qemu-vm-simplify-nix-store-image 
nixos/qemu-vm: simplify building nix store image
 2024-07-20 19:27:40 +02:00
Franz Pletz
ceafec213f
nixos/proxmox-lxc: fix nixos-rebuild 
Same is being done in lxc-container module.
 2024-07-20 16:54:29 +02:00
Franz Pletz
c501d3fa97
nixos/proxmox-lxc: fix getty start 
Otherwise there is no getty on tty1 in Proxmox.
 2024-07-20 16:54:28 +02:00
Franz Pletz
4aa419c046
nixos/proxmox-lxc: reformat 2024-07-20 16:54:28 +02:00
Franz Pletz
7c67f72893
Merge pull request #320075 from illustris/pve-lxc-ping-fix 2024-07-20 16:52:05 +02:00
illustris
aa794162ba
hbase: version upgrades 
- 2.4.17 -> 2.4.18
- 2.5.4 -> 2.5.9
- init 2.6.0
- 3.0.0-alpha-3 -> 3.0.0-beta-1
 2024-07-20 20:21:00 +05:30
Jörg Thalheim
f09ab69a7e nixos/zerotierone: clean up local.conf symlinks unconditionally 2024-07-20 16:39:56 +02:00
Vladimír Čunát
577f40b8a9
Merge branch 'staging' into staging-next 2024-07-20 16:12:24 +02:00
Arian van Putten
8afba669e2 nixos/wrappers: use normal mount for /run/wrappers 
We want to get rid of specialFileSystems / earlyMountScript eventually and
there is no need to run this before systemd anymore now that
the wrappers themselves are set up in a systemd unit since https://github.com/NixOS/nixpkgs/pull/263203

Also this is needed to make soft-reboot work. We want to make sure
that we remount /run/wrappers with the nosuid bit removed on soft-reboot
but because @earlyMountScript@ happens in initrd, this wouldn't happen
 2024-07-20 16:07:43 +02:00
Adam Stephens
28922c4421
incus: fix OVMF path backward compatibility 
incus 6.3.0 changed the OVMF path, but our module needs to support LTS
as well. Also move the newer OCI deps to be conditional on version.
 2024-07-20 09:54:07 -04:00
aleksana
1d1676b2ee nixos/appimage: support both type-1 and type-2 appimages in binfmt 2024-07-20 21:23:59 +08:00
K900
5e13e3e566
Merge pull request #324894 from paveloom/flaresolverr 
flaresolverr: init at 3.3.21 + nixos/flaresolverr: initial commit
 2024-07-20 11:06:18 +03:00
illustris
0dca765a25
nixos/proxmoxImage: fix build 2024-07-20 12:12:16 +05:30
Thomas Gerbet
66c0275843 openstack-config: remove hardcoded default password for the root account 2024-07-19 21:24:37 +02:00
Robert Rose
c58c1e8f55 nixos/k3s: add options for graceful node shutdown and kubelet config 
Allow to set kubelet configuration parameters
via an option. Additionally, expose the
respective options for graceful node
shutdown directly, as it is anticipated to
be used frequently.
 2024-07-19 20:28:00 +02:00
github-actions[bot]
637b531dcf
Merge staging-next into staging 2024-07-19 18:01:40 +00:00
Pavel Sobolev
c9c14f86db
nixos/flaresolverr: initial commit 2024-07-19 20:55:21 +03:00
OPNA2608
029b06454e tests/teleports: ubuntu_font_family -> ubuntu-classic 2024-07-19 19:23:19 +02:00
OPNA2608
2d49594644 tests/lomiri-clock-app: ubuntu_font_family -> ubuntu-classic 2024-07-19 19:23:00 +02:00
OPNA2608
005ef5ab39 tests/lomiri-calculator-app: ubuntu_font_family -> ubuntu-classic 2024-07-19 19:22:45 +02:00
OPNA2608
dc004592e8 tests/lomiri-filemanager-app: ubuntu_font_family -> ubuntu-classic 2024-07-19 19:22:25 +02:00
OPNA2608
47e508ba36 tests/morph-browser: ubuntu_font_family -> ubuntu-classic 2024-07-19 19:21:56 +02:00
OPNA2608
6613de20f2 tests/lomiri-system-settings: ubuntu_font_family -> ubuntu-classic 2024-07-19 19:21:32 +02:00
OPNA2608
c768ee4aa3 nixos/lomiri: ubuntu_font_family -> ubuntu-classic 2024-07-19 19:20:59 +02:00
Peder Bergebakken Sundt
b2a54feb35
Merge pull request #279408 from alyssais/mailman-nginx-timeout 
nixos/mailman: increase nginx proxy timeout
 2024-07-19 17:56:07 +02:00
Aleksana
532db1f9d1
Merge pull request #310621 from Istvan91/dont_write_defaults_in_ssh_config 
nixos/ssh: don't write addressfamily with default value in config
 2024-07-19 21:23:08 +08:00
github-actions[bot]
a6c20a7387
Merge staging-next into staging 2024-07-19 12:01:49 +00:00
Sandro
89d95fb2bc
Merge pull request #327939 from Guanran928/libreddit 2024-07-19 13:47:14 +02:00
Sarah Brofeldt
54fbcf1be8
Merge pull request #321632 from PedroRegisPOAR/kubernetes-mkCert-drops-nogroup-as-default 
nixos/kubernetes: adds argument to mkCert defaulting to kubernetes group
 2024-07-19 12:49:49 +02:00
Jonas Chevalier
676e42a45e
Merge pull request #327729 from zimbatm/odoo-fixes 
odoo fixes
 2024-07-19 12:35:03 +02:00
Sirio Balmelli
c2b4c0e51d tests/odoo: replace db init workaround with services.odoo.autoInit 
Signed-off-by: Sirio Balmelli <sirio@b-ad.ch>
 2024-07-19 11:52:01 +02:00
Sirio Balmelli
85761ade56 modules/odoo: add autoInitExtraFlags 
Allow module user to specify additional flags to be passed on autoInit

Signed-off-by: Sirio Balmelli <sirio@b-ad.ch>
 2024-07-19 11:51:57 +02:00
Sirio Balmelli
67bcb287ec modules/odoo: execute autoInit only once 
Signed-off-by: Sirio Balmelli <sirio@b-ad.ch>
 2024-07-19 11:51:52 +02:00
Philip Taron
c67ed48869
nixos/ldap: avoid top-level with expression (#327992) 2024-07-19 11:19:51 +02:00
Philip Taron
f56ba38335
make-disk-image.nix: avoid top-level with statement (#327020) 2024-07-19 11:19:19 +02:00
Ivan Trubach
7919709a23 nixos/modules: use mapAttrsToList instead of mapAttrsFlatten 2024-07-19 11:39:39 +03:00
Frédéric Christ
0539bbe086 nixos/tests: Fix tests failing with new default IPv6 configuration 2024-07-19 09:58:25 +02:00
Guanran Wang
782e8513d3
nixos/cloudflare-dyndns: introduce package option 2024-07-19 14:45:09 +08:00
github-actions[bot]
f6ed4c2f35
Merge staging-next into staging 2024-07-19 06:01:45 +00:00
Matthew Croughan
be9599e3d4
nixos/scion: introduce package option (#327765) 2024-07-19 02:30:10 +02:00
github-actions[bot]
f316203fda
Merge staging-next into staging 2024-07-19 00:03:05 +00:00
lassulus
3575fad9da
Merge pull request #323466 from andersk/grep-stray 
nixos/udev: Fix `grep: warning: stray \ before /`
 2024-07-18 23:02:07 +02:00
Jörg Thalheim
054c2d71f7
Merge pull request #328221 from nikstur/fix-overlay-etc 
nixos/etc: handle mountpoints on top of /etc when switching
 2024-07-18 21:59:30 +02:00
nikstur
6abbe725ca nixos/etc: handle mountpoints on top of /etc when switching 
The activation script that remounts the /etc overlay now handles other
mount points on top of /etc by bind mounting them to the new temporary
/etc overlay and then atomically revealing it.
 2024-07-18 21:28:53 +02:00
nikstur
289dd22132 nixos/qemu-vm: simplify building nix store image 
Summary of this change:

- Simplify code.
- Stop a disk image from being cached in the binary cache.
- Make erofs Nix Store image build in an acceptable time outside of
  testing environments (like `darwin.builder`).
- Do not regress on performance for tests that use many store paths in
  their Nix store image.
- Slightly longer startup time for tests where not many store paths are
  included in the image (these probably shouldn't use `useNixStoreImage`
  anyways).
- Slightly longer startup time when inputs of VM do not change because
  the Nix store image is not cached anymore.

Remove the `storeImage` built with make-disk-image.nix. This produced a
separate derivation which is then cached in the binary cache. These
types of images should be avoided because they gunk up the cache as they
change frequently. Now all Nix store images, whether read-only or
writable are based on the erofs image previously only used for read-only
images.

Additionally, simplify the way the erofs image is built by copying the
paths to include to a separate directory and build the erofs image from
there.

Before this change, the list of Nix store paths to include in the Nix
store image was converted to a complex regex that *excludes* all other
paths from a potentially large Nix store.

This previous approach suffers from two issues:

1. The regex is complex and, as admitted in the source code of the
   includes-to-excludes.py script, most likely contains at least one
   error. This means that it's unlikely that anyone will touch this
   piece of software again.

2. When the Nix store image is built from a large Nix store (like when
   you build the VM script to run outside of any testing context) this
   regex becomes painfully slow. There is at least one prominent
   use-case where this matters: `darwin.builder`.

Benchmarking impressions:

- Building Nix store via make-disk-image.nix takes ~25s
- Building Nix store as an erofs image takes ~4s
- Running nixosTests.qemu-vm-writable-store-image takes ~10s when
  building the erofs image with the regex vs ~14s when building by
  copying to a temporary directory.
- nixosTests.gitlab which had the biggest gains from the initial erofs
  change takes the same time as before.
- On a host with ~140k paths in /nix/store, building the erofs image
  with the regex takes 410s as opposed to 6s when copying to a temporary
  directory.
 2024-07-18 20:24:58 +02:00
github-actions[bot]
401d4660b3
Merge staging-next into staging 2024-07-18 18:01:57 +00:00
lassulus
a62c421981
Merge pull request #290730 from nikstur/qemu-vm-refactoring 
qemu-vm.nix refactoring
 2024-07-18 19:34:51 +02:00
nikstur
b6e354f052 nixos/qemu-vm: remove creation of /etc/nixos 
/etc/nixos is already created by stage-2-init.sh
 2024-07-18 19:11:28 +02:00
nikstur
cb5a876e82 nixos/qemu-vm: consistently use efiSysMountPoint 
Remove the explicit creation of efiSysMountPoint. This is not needed in
the scripted or the systemd initrd.
 2024-07-18 19:11:27 +02:00
nikstur
b7b90d0455 nixos/qemu-vm: fsck ESP 
The ESP is a writable vfat filesystem that can be fscked like any other
fs thus we should stick to the default.
 2024-07-18 19:11:27 +02:00
nikstur
0e5f929851 nixos/tests/qemu-vm-store: init 2024-07-18 19:11:27 +02:00
nikstur
ded6d983d6 nixos/qemu-vm: use new overlayfs API 2024-07-18 19:11:24 +02:00
nikstur
54674e9063 nixos/qemu-vm: remove duplication between scripted and systemd initrd 2024-07-18 19:09:28 +02:00
Michael Hoang
ab65220a1a regreet: add options for controlling theming 2024-07-19 01:28:45 +10:00
Krzysztof Nazarewski
676a51c41f nixos/hardware.display: init 2024-07-18 16:57:40 +03:00
Jakob Klepp
c5c92feff7
nixos/oci-containers: document firewall bypass 
Add explanation about the security impact of the
ports option.
Provide a safer example.

The problem is discussed in greater depth here:
https://github.com/NixOS/nixpkgs/issues/111852
 2024-07-18 14:32:08 +02:00
github-actions[bot]
844ec2d5a1
Merge staging-next into staging 2024-07-18 12:01:55 +00:00
Martin Weinelt
983077457f
Merge remote-tracking branch 'origin/staging-next' into staging 
Conflicts:
-	pkgs/development/python-modules/uvcclient/default.nix
-	pkgs/development/tools/rust/rust-analyzer/default.nix
 2024-07-18 12:35:33 +02:00
Jacek Galowicz
dfc9d68303
Merge pull request #319308 from frederictobiasc/nixosTest-ipv6 
nixosTest: Introduce IPv6
 2024-07-18 11:52:10 +02:00
Sandro
fa5abfe559
Merge pull request #317623 from jmbaur/stc-ng-followup 2024-07-18 11:33:59 +02:00
Frédéric Christ
c6f6c28218 nixos/testing: Add ipv6 configuration 
This contribution enables a working IPv6 setup by default. This works
analog to the current automatic IPv4 setup.
 2024-07-18 10:22:32 +02:00
Aaron Andersen
2e930eafb9
Merge pull request #318285 from gador/nixos-zabbixWeb-nginx 
nixos/zabbixWeb: Add nginx as webserver, add zabbix 6.4
 2024-07-17 21:22:13 -04:00
Martin Weinelt
bf8439efae
Merge pull request #311927 from mweinelt/music-assistant 
music-assistant: init at 2.0.7
 2024-07-18 02:31:18 +02:00
Darragh Elliott
61820de2d4 ddns-updater: Add module, test, update script 2024-07-17 21:56:05 +00:00
Wulfsta
f2f8f302fd nixos/swap: add progress to swapfile creation 2024-07-17 17:33:03 -04:00
Sandro
669a3a6fe0
Merge pull request #327748 from lluchs/fix-tsm-client-lists 
nixos/tsm-client: Fix multi-value dsm.sys options
 2024-07-17 23:05:09 +02:00
Florian Brandes
7d3b77d66f
nixos/zabbixWeb: format 
Signed-off-by: Florian Brandes <florian.brandes@posteo.de>
 2024-07-17 22:33:47 +02:00
Florian Brandes
9ca5b84e27
nixos/zabbixWeb: add nginx config 
Co-authored-by: Aaron Andersen <aaron@fosslib.net>
Signed-off-by: Florian Brandes <florian.brandes@posteo.de>
 2024-07-17 22:31:50 +02:00
Martin Weinelt
974165d1cc
nixos/doc/rl-2411: add music-assistant 2024-07-17 22:29:39 +02:00
Martin Weinelt
0abdf47358
nixos/tests/music-assistant: init 2024-07-17 22:29:38 +02:00
Martin Weinelt
76442766ea
nixos/music-assistant: init 2024-07-17 22:29:38 +02:00
Johannes Jöns
3f7fcbb2f9
Merge pull request #290014 from jopejoe1/ubuntu-font 
ubuntu-sans{,-mono}: rename from ubuntu_font_family, 0.83 -> 1.004
 2024-07-17 18:46:36 +00:00
Kira Bruneau
b37088de74
Merge pull request #326894 from kira-bruneau/replay-sorcery 
replay-sorcery: remove as it is unmaintained upstream
 2024-07-17 14:37:51 -04:00
Artturin
20cf80e167 Merge branch 'staging-next' into staging 2024-07-17 21:29:37 +03:00
Philip Taron
33a4732e46
nixos/swap: avoid top-level with expressions (#327991) 2024-07-17 20:23:14 +02:00
Pol Dellaiera
74d05311fd
Merge pull request #327886 from drupol/nixos-tika-module-add-options 
nixos/tika: add `enableOcr` option
 2024-07-17 20:10:06 +02:00
Philip Taron
1438803fb5
nixos/users-groups: avoid top level with lib; use lib before builtins (#327757) 2024-07-17 20:00:54 +02:00
Cassandra McCarthy
c6ba378b7b
airsonic: update context-path directive 
This line has been broken since the service file was created. According
to the [spring docs] that Airsonic uses, server.context-path is what
should be here. I've tested this by manually setting it as an extra JVM
option on my machine, and it works.

[spring docs]: https://docs.spring.io/spring-boot/docs/1.4.5.RELEASE/reference/htmlsingle/#common-application-properties
 2024-07-17 13:23:19 -04:00
Sandro
1607a42b49
Merge pull request #290452 from flandweber/borgmatic-exporter 
borgmatic-exporter: init at 0.2.5
 2024-07-17 19:08:28 +02:00
Nicolas Mémeint
1ceb55d4b9 nixos/authelia: Remove options incompatible with new settings 
- Remove settings.server.{host,port} options
  - Replaced by settings.server.address
  - If any of settings.server.{host,port,path} are specified in the
    configuration, a warning is displayed and these values will be used
    instead of settings.server.address

- Change what secrets.oidcIssuerPrivateKeyFile maps to
  - Previously: AUTHELIA_IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY_FILE
  - Now: identity_providers.oidc.jwks[0].key
    - Not done directly in the NixOS settings config but as a separate
      YAML config file
    - Done that way because Go templates are not correctly handled by
      the YAML generator (#319716)

- Change secrets.jwtSecretFile env variable mapping
  - Previously: AUTHELIA_JWT_SECRET_FILE
  - Now: AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET_FILE
 2024-07-17 17:26:46 +02:00
Nicolas Mémeint
12f1589056 authelia: 4.37.5 -> 4.38.9 2024-07-17 17:26:46 +02:00
Guanran Wang
f7a0c71b61
libreddit: remove as unmaintained upstream 2024-07-17 23:03:14 +08:00
Aleksana
a9a4e171c7
Merge pull request #327032 from danc86/push-krkxkxtnruqp 
nixos/sssd: fix KCM to use new krb5 settings
 2024-07-17 22:29:09 +08:00
Pol Dellaiera
6b3c00c65a
nixos/tika: add enableOcr option 2024-07-17 13:14:35 +02:00
Weijia Wang
078fdedf26 Merge branch 'staging-next' into staging 2024-07-17 13:10:23 +02:00
Sandro
51fcc2c92e
Merge pull request #314440 from ju1m/radicle 2024-07-17 13:04:06 +02:00
Kartik Gokte
dbba11e241 nixos/prometheus-pve-exporter: added new options introduced in v3.4.3 2024-07-17 16:09:11 +05:30
zimbatm
d11a54cb2f nixos/odoo: set data_dir explicitly 
Don't hide the data is a private sub-folder.

Before:
* /var/lib/private/odoo/.local/share/Odoo/
After:
* /var/lib/private/odoo/data
 2024-07-17 10:59:01 +02:00
Pyrox
a24fa6098d
nixos/gotenberg: init 2024-07-17 10:37:35 +02:00
OTABI Tomoya
43d306e7db
Merge pull request #326398 from phaer/etebase-python 
etebase-server: use buildPythonApplication, default to withLdap = false
 2024-07-17 10:00:42 +09:00
github-actions[bot]
4c086d8ee0
Merge staging-next into staging 2024-07-17 00:03:16 +00:00
Lukas Werling
f52ee2af39 nixos/tsm-client: Fix multi-value dsm.sys options 
A configuration such as:

    programs.tsmClient.servers.backup.domain = [ "/dir1" "dir2" ];

...would previously result in an error ("cannot coerce a list to a
string"), since `makeDsmSysLines` would return a nested list.
 2024-07-16 23:38:14 +02:00
Robert Hensing
2d9a686483 nixos/nix-channel.nix: shellcheck and fix the activation check 2024-07-16 22:09:33 +02:00
zimbatm
c570314635 nixos/odoo: add autoInit option 
When enabled, Odoo will automatically initialize the database on
startup.
 2024-07-16 21:55:13 +02:00
zimbatm
750f1478fc nixos/odoo: use env vars to configure Odoo 
This allows running multiple commands with the same settings.
 2024-07-16 21:55:13 +02:00
Robert Hensing
3f76dcea93 nixosTests.installer.switchToFlake: It is probably really stupid 
We may want to clear NIX_PATH when channels are disabled, or maybe
it has to be a separate option.
This is just very frustrating to me.
 2024-07-16 21:45:00 +02:00
Julien Malka
af6c7624fa
Merge pull request #327708 from SuperSandro2000/systemdBootBuilder 2024-07-16 21:38:10 +02:00
Robert Hensing
46df92b270 nixosTests.installer.switchToFlake: Adjust for workaround in #323613 2024-07-16 21:34:40 +02:00
Robert Hensing
34fee8c804 nixos/nix-channel: Highlight and tidy the warnings 2024-07-16 21:34:40 +02:00
Pol Dellaiera
dfef8af6e9
Merge pull request #326939 from abysssol/ollama-split-test 
nixos/ollama: split cuda and rocm from service test
 2024-07-16 21:02:07 +02:00
Robert Hensing
1022da85ab nixos/activation-script: Add lib.sh with warn() 2024-07-16 20:42:06 +02:00
phaer
c437fb23e1 etebase-server: use buildPythonApplication... 
...not pythonPackage. This is an app, living in pkgs/servers, so
we just use callPackage in all-packages and drop the python module.

python3.pkgs.toPythonModule could be used if a python module was needed.
Before that change legacyPackages.x86_64-linux.python311.pkgs.etebase-server.python
would give a python 3.12 release, and was therefore broken.

etebase-server = toPythonModule (pkgs.etebase-server.override {
  python3 = python;
});

would now be correct
 2024-07-16 20:20:29 +02:00
github-actions[bot]
df8055b727
Merge staging-next into staging 2024-07-16 18:01:37 +00:00
Sandro Jäckel
0e5342f48a
nixos/systemd-boot: give systemdBootBuilder a better name 
Before it had twice a store hash which made nix store diff-closures
kinda ugly.
 2024-07-16 19:53:57 +02:00
Artturin
a516ea8c99 Merge branch 'staging-next' into staging 2024-07-16 19:07:48 +03:00
Sandro
c0e4367e8f
Merge pull request #267764 from Silver-Golden/nixos/proxmox-lxc-import-not-activate 2024-07-16 17:02:47 +02:00
❄️
930b0dca59
Merge pull request #327476 from rorosen/k3s-extra-flags-list 
nixos/k3s: accept a list of extraFlags
 2024-07-16 09:27:19 -03:00
Sandro
0397741f8a
Merge pull request #324698 from bbenno/graylog-6_0 2024-07-16 14:24:21 +02:00
Sandro
11964fa63e
Merge pull request #327361 from arthsmn/flatpak-builder-update 2024-07-16 13:55:12 +02:00