dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
598,505 Commits 3 Branches 0 Tags 4.3 GiB
60fbf92c10
Commit Graph

3721 Commits

Author SHA1 Message Date
github-actions[bot]
60fbf92c10
Merge master into staging-next 2024-03-16 18:01:00 +00:00
Janik H.
847a53742c
nixos/networkmanager: ensure-profiles, make sure networkmanager is running 2024-03-16 18:11:58 +01:00
github-actions[bot]
cecf050e96
Merge master into staging-next 2024-03-13 12:01:25 +00:00
Pol Dellaiera
55251f1ffc
Merge pull request #295547 from Janik-Haag/unbound 
nixos/unbound: drop networkmanager since it doesn't support unbound anymore
 2024-03-13 10:33:52 +01:00
Janik H.
4147e50f18
nixos/unbound: drop networkmanager since it doesn't support unbound anymore 2024-03-13 09:50:56 +01:00
Pol Dellaiera
c35c016e5d
Merge pull request #295529 from Janik-Haag/networkmanager-drop-unbound 
nixos/networkmanager: drop unbound form dns servers
 2024-03-13 09:04:58 +01:00
Janik H.
a97e56ae28
nixos/networkmanager: drop unbound form dns servers 
upstream dropped unbound in 5da17c689b
 2024-03-13 08:31:52 +01:00
annalee
8e038835fe
Merge remote-tracking branch 'upstream/master' into staging-next 2024-03-13 00:38:07 +00:00
Felix Buehler
1e22e7d75e nixos/murmur: fix writing registerPassword to config 2024-03-12 21:19:24 +01:00
github-actions[bot]
06e5eb63d3
Merge staging-next into staging 2024-03-11 18:01:53 +00:00
Sandro
869ec01e56
Merge pull request #294286 from SuperSandro2000/unbound-remote-config-check 2024-03-11 16:06:31 +01:00
Pierre Allix
cf625fe5f0 nixos/networkmanager: add doc about nm profiles interaction with resolvconf 2024-03-11 12:55:27 +01:00
github-actions[bot]
973ef4b818
Merge staging-next into staging 2024-03-10 06:01:30 +00:00
Peder Bergebakken Sundt
4a4a70ca31
Merge pull request #280836 from numinit/nebula-port-zero 
nixos/nebula: default to port 0 for hosts other than lighthouse/relay
 2024-03-10 05:01:04 +01:00
Sandro Jäckel
67c1193fab
nixos/unbound: disable checkconf when remote-control is used 
Closes #293001
 2024-03-08 15:34:00 +01:00
maxine
d231374084
Merge pull request #288873 from amaxine/networkmanager_1.46 
networkmanager: 1.44.2 → 1.46.0
 2024-03-08 09:52:14 +00:00
Guillaume Girol
dc9a74e61e
Merge pull request #291934 from e1mo/bird-lg-1-3-5 
bird-lg: 1.3.1 -> 1.3.5
 2024-03-03 15:50:42 +01:00
Sandro
5ad27da222
Merge pull request #291907 from SuperSandro2000/tailscaled-flags 2024-03-01 13:54:54 +01:00
Sandro
daa33a4bf7
Merge pull request #287299 from SuperSandro2000/unbound-checkconf 
nixos/unbound: check validity of config file
 2024-03-01 00:33:36 +01:00
Robert Schütz
3330e3c9c3 nixos/searx: use lib.getExe 2024-02-28 17:51:24 -08:00
pennae
b71ca1c90a
Merge pull request #291922 from NixOS/mosquitto-2 
nixos/mosquitto: remove stutter in acl file name
 2024-02-28 02:06:01 +01:00
e1mo
43fee5401d
nixos/bird-lg: Update option description to indicate new features 
In release v1.3.3[0] support for CIDRs was added, thus updated the
option description to indicate the new support for that.

[0]: https://github.com/xddxdd/bird-lg-go/releases/tag/v1.3.3
 2024-02-27 23:54:21 +01:00
Sandro
f9477e3a75
Merge pull request #209506 from Izorkin/update-dhcpcd-exit-hook 
nixos/dhcpcd: optimize exitHook
 2024-02-27 23:01:22 +01:00
Sandro
4c88c797b8
nixos/mosquitto: remove stutter in acl file name 2024-02-27 22:15:43 +01:00
Sandro Jäckel
6753857664
nixos/tailscale: add option to pass flags to tailscaled 2024-02-27 20:08:08 +01:00
pennae
13aff9b34c
Merge pull request #259937 from charmoniumQ/patch-1 
nixos/mosquitto: fix ACL permissions
 2024-02-26 22:58:40 +01:00
Pol Dellaiera
f9ef0053c5
Merge pull request #288401 from katexochen/bees/refactor 
bee: refactor & update; bee{-unstable,-clef}: remove; maintainers: remove attila-lendvai
 2024-02-23 20:12:41 +01:00
Maxine Aubrey
e1863b4f79
nixos/networkmanager: support stable-ssid for cloned MAC addresses 2024-02-22 18:37:13 +01:00
Adam C. Stephens
d1e2847664
Merge pull request #281000 from cablespaghetti/master 
sabnzbd: Add configurability of state directory owner and firewall
 2024-02-21 08:37:46 -05:00
Morgan Jones
32f56d7266
nixos/nebula: fix port resolution for firewall rules 2024-02-17 15:07:27 -08:00
Stanisław Pitucha
2eed715fbf
nixos/go-camo: init 2024-02-17 20:45:49 +01:00
Izorkin
1293f046b5
nixos/dhcpcd: optimize exitHook 2024-02-16 10:12:52 +03:00
Vladimír Čunát
aaca7a186f
Merge #286596: nixos/knot: add support for XDP setups 2024-02-15 09:19:59 +01:00
Michele Guerini Rocco
cd02351ae0
Merge pull request #233017 from koenw/libreswan-StateDirectory 
nixos/libreswan: Use StateDirectory to setup ipsec/nss
 2024-02-14 14:36:43 +01:00
Michele Guerini Rocco
dc91f91987
Merge pull request #286393 from oddlama/fix-hostapd-utf8-ssid 
nixos/hostapd: fix utf8Ssid setting not properly honored
 2024-02-14 14:08:46 +01:00
Martin Weinelt
ec89463a61
nixos/knot: refactor 
- Stop using `with lib`
- Drop `lib.mdDoc`
- Use `escaepSystemdExecArgs` for escaping
 2024-02-13 13:44:32 +01:00
Martin Weinelt
d1d8dd3e55
nixos/knot: add support for XDP setups 
The Express Data Path (XDP) is a way to circumvent the traditional Linux
networking stack and instead run an eBPF program on your NIC, that makes
the decision to provide Knot with certain packets. This is way faster
and more scalable but comes at the cost of reduced introspection.

Unfortunately the `knotc conf-check` command fails hard with missing
interfaces or IP addresses configured in `xdp.listen`, so we disable it
for now, once the `xdp` config section is set. We also promote the config
check condition to a proper option, so our conditions become public
documentation, and we allow users to deal with corner cases, that we have
not thought of yet.

We follow the pre-requisites documented in the Knot 3.3 manual, and set
up the required capabilities and allow the AF_XDP address family.

But on top of that, due to our strict hardening, we found two more
requirements, that were communicated upstream while debugging this.

- There is a requirement on AF_NETLINK, likely to query for and configure
  the relevant network interface
- Running eBPF programs requires access to the `bpf` syscall, which we
  deny through the `~@privileged` configuration.

In summary We now conditionally loosen the hardening of the unit once we
detect that an XDP configuration is wanted. And since we cannot
introspect arbitrary files from the `settingsFiles` option, we expose XDP
support through the `enableXDP` toggle option on the module.
 2024-02-13 13:44:31 +01:00
Paul Meyer
ce0a47cd2c maintainers: remove attila-lendvai 2024-02-12 23:10:03 +01:00
Paul Meyer
11eef97f3c bee-clef: remove 2024-02-12 23:10:03 +01:00
Sandro Jäckel
80e79ded15
nixos/unbound: check validity of config file 2024-02-12 22:49:03 +01:00
Sam Weston
c49e6bf8b8 nixos/sabnzbd: use stateDirectory and mkIf-ify user/group creation 2024-02-11 16:49:08 +00:00
Sam Weston
d3d5b72c65 nixos/sabnzbd: add openFirewall 2024-02-11 16:48:05 +00:00
Lin Jian
f3a93440fb
Merge pull request #285813 from jerrita/nft-precheck-flatten 
nixos/nftables: add option for flattening rulesetFile
 2024-02-11 10:41:17 +08:00
Peder Bergebakken Sundt
6f55f021df
Merge pull request #287304 from ambroisie/pyload-user-group 
nixos/pyload: add user/group options
 2024-02-10 14:59:23 +01:00
Peder Bergebakken Sundt
5caded32fe
Merge pull request #277189 from anpin/fix/cloudflared-service 
cloudflared: fixed missing configuration options
 2024-02-10 12:45:08 +01:00
Silvan Mosberger
11cd405226
Merge pull request #280322 from h7x4/add-hocon-format-generator 
pkgs.formats: Add HOCON format generator
 2024-02-10 03:07:51 +01:00
Silvan Mosberger
5de4385620
Merge pull request #285833 from 360ied/murmur-hardened 
nixos/murmur: systemd service hardening
 2024-02-10 02:48:46 +01:00
github-actions[bot]
b64b4f2d6a
Merge master into staging-next 2024-02-09 18:01:06 +00:00
Will Fancher
0cf1e24f32
Merge pull request #284627 from Trundle/nftables-ordering 
nixos/nftables: remove default systemd dependencies
 2024-02-09 12:29:24 -05:00
h7x4
39a779e269
treewide: use formats.hocon 2024-02-09 16:40:22 +01:00