dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
553,136 Commits 3 Branches 0 Tags 4.3 GiB
960527707b
Commit Graph

28042 Commits

Author SHA1 Message Date
Christoph Heiss
fc6addb147
sourcehut: reword api-origin option description 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-11-11 13:01:47 +01:00
Christoph Heiss
78cc2783c8
sourcehut: drop obsolete services array in favor of indivdual enable flags 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-11-11 13:01:47 +01:00
Christoph Heiss
6b25e09d2d
sourcehut: fix up some more bin paths 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-11-11 13:01:47 +01:00
Christoph Heiss
5841d27497
sourcehut: explicitly disallow openssh to socket-active 
This breaks the (already fragile) gitsrht-dispatch -> gitsrht-keys
command chain.

Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-11-11 13:01:47 +01:00
Christoph Heiss
c39ba7f5b1
sourcehut: remove set -x from ssh commands 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-11-11 13:01:46 +01:00
Christoph Heiss
6648488333
sourcehut: fix logging of git/hg ssh commands 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-11-11 13:01:45 +01:00
Christoph Heiss
6e51802196
sourcehut: fix repos path by using actual settings value 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-11-11 13:01:32 +01:00
Christoph Heiss
c123a37be6
sourcehut.gitsrht: 0.78.20 -> 0.84.2 
Newer version of the gitsrht-api service call setrlimit() on startup,
thus allow it in the `SystemCallFilter` definition for the service.

Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-11-11 13:01:30 +01:00
github-actions[bot]
652204165d
Merge master into staging-next 2023-11-11 12:00:58 +00:00
Christoph Heiss
d703173520
sourcehut: make /query endpoint config common to all services 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-11-11 12:39:28 +01:00
Anthony Roussel
e30f48be94
treewide: fix redirected and broken URLs 
Using the script in maintainers/scripts/update-redirected-urls.sh
 2023-11-11 10:49:01 +01:00
Félix Baylac Jacqué
dfa45288af maintainers: ninjatrappeur -> picnoir 
I changed my nickname from Ninjatrappeur to Picnoir. My github id is
stable, it shouldn't break too much stuff.

I took advantage of this handle change to remove myself from the
hostapd maintainers: I don't use NixOS as a router anymore.
 2023-11-11 08:31:16 +01:00
github-actions[bot]
912311b7fd
Merge master into staging-next 2023-11-11 00:02:21 +00:00
tu-maurice
40c06a143f prayer: remove 2023-11-10 20:44:28 -03:00
Martin Weinelt
3536221702
Merge pull request #160346 from mweinelt/hass-custom-everything 
home-assistant: custom components and lovelace modules
 2023-11-11 00:08:25 +01:00
Kira Bruneau
0cc094c041
Merge pull request #265886 from kira-bruneau/at-spi2-core 
nixos/gnome/at-spi2-core: fix disabling a11y in all contexts
 2023-11-10 16:31:53 -05:00
Martin Weinelt
f30192ae6f
nixos/home-assistant: add customComponents support 
Allows passing custom component packages, that get installed into
home-assistant's state directory.
Python depedencies, that are propagated from the custom component
get passed into `extraPackages`, so they are available to
home-assistant at runtime.

This is implemented in a way, that allows coexistence with custom
components not managed through the NixOS module.
 2023-11-10 22:00:36 +01:00
Martin Weinelt
9a941c58e5
nixos/home-assistant: add customLovelaceModules support 
Allows the installation of custom lovelace modules, that can inject
css/js into the frontend and offer a wide variety of widgets.
 2023-11-10 22:00:30 +01:00
Alyssa Ross
afabc4a15d
Merge remote-tracking branch 'origin/master' into HEAD 
Conflicts:
	pkgs/development/libraries/SDL2/default.nix
 2023-11-10 15:18:19 +01:00
Anthony Roussel
b0d279d219
nixos/sonic-server: init 2023-11-10 15:10:14 +01:00
Ryan Lahfa
b8218af2e6
Merge pull request #256226 from ElvishJerricco/systemd-stage-1-testing-backdoor 2023-11-10 14:08:07 +01:00
Lin Jian
36f4c90526
Merge pull request #266150 from robryk/resticnotimer 
nixos/restic: allow timer to be disabled
 2023-11-10 17:51:14 +08:00
K900
b0dd91c32a
Merge pull request #266509 from K900/remove-nixos-option-shim 
nixos/installer: remove nixos-option compat shim
 2023-11-10 10:47:18 +03:00
github-actions[bot]
b55905ceb6
Merge master into staging-next 2023-11-10 06:01:22 +00:00
Silvan Mosberger
4587db7279 nixos/fwupd: Don't ignore stderr 2023-11-10 06:54:45 +01:00
Silvan Mosberger
6bf31e521e nixos/fwupd: Don't use DynamicUser 
Was introduced in dde6a4f397532bbd01b346466ea751e7c3cd9d06
but it doesn't work on my machine:

    fwupdmgr[439074]: Failed to connect to daemon: The connection is closed

Creating a persistent user does work however
 2023-11-10 06:51:56 +01:00
Yureka
b0206f9bf9 nixos/sudo: enable by default 
The default was accidentally changed to false in #262790
 2023-11-10 03:30:39 +01:00
Will Fancher
9a0f523372 systemd-stage-1: Enable backdoor in nixos tests 2023-11-09 17:53:48 -05:00
Will Fancher
f8ba8be54b testing-instrumentation: Factor backdoor service out to variable 2023-11-09 17:02:01 -05:00
github-actions[bot]
e112f9b8bb
Merge master into staging-next 2023-11-09 18:00:56 +00:00
K900
1d6b03af9a nixos/installer: remove nixos-option compat shim 
It's been two years.
 2023-11-09 20:57:57 +03:00
Pierre Bourdon
b75b355b50
Merge pull request #262790 from nbraud/nixos/sudo 
nixos/sudo: bring in line with release notes
 2023-11-09 16:53:02 +01:00
Bernardo Meurer
22e859ae44
Merge pull request #266264 from hercules-ci/nix-stable-2.18 
nix: 2.17.1 -> 2.18.1
 2023-11-09 12:39:44 -03:00
Rvfg
92ee71866f
nixos/nat: fix nat-nftables 2023-11-09 23:06:01 +08:00
github-actions[bot]
2d73797da4
Merge master into staging-next 2023-11-09 12:01:04 +00:00
Anthony Roussel
3dd50eaa8f
nixos/amazon-ssm-agent: fix missing seelog.xml file 2023-11-09 12:02:48 +01:00
Thiago Kenji Okada
da8c62363e
Merge pull request #266310 from Atry/patch-4 
azure-agent: add dependencies for its extensions
 2023-11-09 09:52:10 +00:00
Will Fancher
2f73652c34
Merge pull request #240651 from accelbread/postresumecommands 
nixos/boot: add postResumeCommands option
 2023-11-09 04:22:05 -05:00
github-actions[bot]
00a0662a3c
Merge master into staging-next 2023-11-09 00:02:14 +00:00
Robert Hensing
6381cc0525 nix: 2.17.1 -> 2.18.1 2023-11-08 23:19:33 +01:00
Yang, Bo
1ce985242c google-compute-image: support NVMe and UEFI 2023-11-08 21:05:21 +01:00
nicoo
b942382216 nixos/sudo: refactor processing of cfg.extraRules 2023-11-08 19:41:39 +00:00
nicoo
1852b67bc6 nixos/sudo: Make the default rules' options configurable 2023-11-08 19:41:39 +00:00
nicoo
93011e31bd nixos/sudo: Handle root's default rule through extraRules 
This makes things more uniform; moreover, users can now inject rules before this.
 2023-11-08 19:41:39 +00:00
nicoo
097115485a nixos/terminfo: Simplify sudo-related option 2023-11-08 19:41:38 +00:00
nicoo
77ed368b20 nixos/sudo: Refactor option definitions 2023-11-08 19:41:38 +00:00
nicoo
19e1420e13 nixos/sudo: Move support for pam_ssh_agent_auth(8) to PAM's NixOS module 2023-11-08 19:41:37 +00:00
Felix Bühler
7aaa664cc2
Merge pull request #263054 from uninsane/pr-trust-dns-0.24.0 
trust-dns: 0.23.0 -> 0.24.0
 2023-11-08 19:35:23 +01:00
github-actions[bot]
536833ef29
Merge master into staging-next 2023-11-08 18:01:00 +00:00
Yang, Bo
c4086e5ce9 azure-agent: add dependencies for its extensions 
waagent's extension `Microsoft.OSTCExtensions.VMAccessForLinux` requires Python, otherwise it would be failed to install with the following error message in `/var/log/waagent.log`:

```
No Python interpreter found on the box
```

waagent's extension `Microsoft.CPlat.Core.RunCommandLinux` needs lsof, otherwise it would produce the following error message in `/var/log/waagent.log`:

```
/var/lib/waagent/Microsoft.Azure.Extensions.CustomScript-2.1.10/bin/custom-script-shim: line 60: lsof: command not found
```
 2023-11-08 17:54:08 +00:00
Caleb
c4d3afef06
wyoming-faster-whisper fix CUDA devices not being detected. (#266167) 
This change enables CUDA support by allowing access to /dev/nvidia0.
 2023-11-08 13:34:26 +01:00
Ryan Lahfa
bc2b72df73
Merge pull request #264234 from guiguid/guiguid-patch-netdata-systemd-journal 
netdata: 1.43.0 -> 1.43.2 and add systemd-journal plugin
 2023-11-08 13:30:43 +01:00
Adam Joseph
ba2ed469c2
Merge branch 'master' into staging-next 2023-11-08 06:15:46 +00:00
Will Fancher
eaad9ece24
Merge pull request #266116 from ElvishJerricco/sd-s1-user-shells-fix-warning 
nixos/initrd-ssh: Only warn about shell when using systemd initrd
 2023-11-07 21:25:21 -05:00
Rodrigo Gryzinski
23a5f1f80d nixos/wireguard: add wireguard to default kernel modules 
Previously the module was only dynamically loaded on service startup,
this is needed in case security.lockKernelModules is enabled.
 2023-11-07 22:02:51 -03:00
Artturi
d24da52844
Merge pull request #265764 from amjoseph-nixpkgs/pr/pythonForBuild 2023-11-08 00:13:25 +02:00
Julien Malka
e626f8468b
nixos/stage1: make append_initrd_secrets script reproducible 2023-11-07 22:56:48 +01:00
Robert Obryk
20b202b3c8 nixos/restic: allow timer to be disabled 2023-11-07 22:37:37 +01:00
Felix Buehler
4d1680ccc7 nixos/exportarr: init 2023-11-07 20:56:32 +01:00
Will Fancher
03f089e11d nixos/initrd-ssh: Only warn about shell when using systemd initrd 2023-11-07 13:28:31 -05:00
github-actions[bot]
1505981287
Merge master into staging-next 2023-11-07 18:00:55 +00:00
Ryan Lahfa
0cd6f66fb7
Merge pull request #247376 from RageKnify/fix/smartd-mail 2023-11-07 18:00:56 +01:00
Atemu
8a8a2a1071
Merge pull request #262565 from Atemu/nixos/firmware-mkEnableOption 
nixos/hardware: use mkEnableOption
 2023-11-07 15:59:03 +01:00
Maximilian Bosch
0597d1d179 nixos/journald: add storage option 
While this can be added via `services.journald.extraConfig`, this option
provides proper type-checking and other modules can determine
where journal data is stored. This is relevant when using e.g. promtail
to send logs to Loki and it should read from `/run/log/journal` if
volatile storage is used.
 2023-11-07 14:06:27 +01:00
Florian Brandes
2ed7a5ab59 nixos/virtualization: fix shellcheck login 
fixes https://www.shellcheck.net/wiki/SC2002

Signed-off-by: Florian Brandes <florian.brandes@posteo.de>
 2023-11-07 13:40:42 +01:00
github-actions[bot]
bed56440cb
Merge master into staging-next 2023-11-07 12:00:57 +00:00
Anthony Roussel
0908cc1a9e
nixos/tomcat: remove with lib; and use mkEnableOption 2023-11-07 11:35:38 +01:00
Jonas Heinrich
31f01ff179 nixos/printing: Fix openFirewall option 2023-11-07 10:21:48 +01:00
Janik
22aa256c6c
Merge pull request #264882 from robryk/resticfix 
nixos/restic: fix #264696 and add a regression test
 2023-11-07 09:46:55 +01:00
Gary Guo
bc422e2f61 nixos/unbound: tighten sandboxing for unbound 2023-11-07 02:30:21 +00:00
github-actions[bot]
38bc2a577e
Merge master into staging-next 2023-11-07 00:02:31 +00:00
Jörg Thalheim
a7c984b7a2 nixos/mediawiki: pin php to 8.1 2023-11-06 22:52:42 +01:00
Jörg Thalheim
915ad8a77b nixos/mediawiki: fix rewrites for static ressources and rest API 2023-11-06 22:52:42 +01:00
Gary Guo
de6c5343b6 nixos/unbound: remove setuid/gid capability 
If username is set, then unbound will try to become that user using
`setusercontext`. But this is pointless since we are already instructing
systemd to launch unbound with that user.

So force username to be empty, which disables this behaviour in unbound.
This allows us to remove the capability granted, and also tighten the
syscall filter.
 2023-11-06 20:22:27 +00:00
Martin Weinelt
a3708ce91c
Merge pull request #230380 from graham33/feature/zwave-js-server_module 
zwave-js: module init, zwave-js-server: init at 1.33.0
 2023-11-06 20:24:56 +01:00
Jonathan Davies
79e7841ff7 nixos/caddy: Set systemd unit to restart on-failure whilst ignoring 
error code 1.

This is what's recommended by systemd for long-running services and
helps with recovering from crashes.
 2023-11-06 18:27:47 +00:00
Archit Gupta
2a4b82c461 nixos/boot: add postResumeCommands option 
Adds a postResumeCommands option to the initramfs to allow inserting
code to execute after the device has attempted to resume, and before
filesystems are mounted. This allows to inject code for operations like
wiping the rootfs on boot; if those were instead put in
postDeviceCommands, on a hibernated device, they would execute before
the device resumes from hibernation.
 2023-11-06 09:50:11 -08:00
Kira Bruneau
9dec7a00ad nixos/gnome/at-spi2-core: fix disabling a11y in all contexts 
`environment.variables` gets sourced by shells & the x11 wrapper
through bash's `/etc/profile`, but not by systemd services, dbus
services, wayland sessions...

`environment.sessionVariables` sets these variables with PAM early in
the login process so it gets applied in all contexts.

I ran into a similar issue before in #109060.
 2023-11-06 12:40:38 -05:00
Colin
83bf3ed892 trust-dns: 0.23.0 -> 0.24.0 
upstream is in the process of renaming to `hickory-dns`.
a consequence of this is that the main binary has been renamed from
`trust-dns` to `hickory-dns` and the repository has been moved (though
for the time being the old repo is still usable on account that it
redirects to the new one).
see: <https://bluejekyll.github.io/blog/posts/announcing-hickory-dns/>
 2023-11-06 15:38:23 +00:00
Alyssa Ross
d9105c28c8 nixos/stage-1: create initramfs /lib at build time 
Modules built in to the kernel can attempt to load firmware before
init is started.  To guarantee the firmware is accessible to them
where they expect, /lib has to exist in the initramfs — it can't be
created later by init, because by that point the module may already
have tried and given up.
 2023-11-06 14:35:34 +01:00
Weijia Wang
32da89a1a1 Merge branch 'master' into staging-next 2023-11-06 14:33:18 +01:00
Alyssa Ross
8ab2f09522 nixos/qemu-vm: fix infinite recursion 
The virtualisation.directBoot.initrd option was added for netboot
images, but the assertion to check directBoot enabled if it was used
caused an infinite recursion if it was.  Minimal reproduction:

	import nixos/tests/make-test-python.nix ({ pkgs, ... }: {
	  name = "";

	  nodes = {
	    machine = { config, ...}: {
	      imports = [ nixos/modules/installer/netboot/netboot-minimal.nix ];

	      virtualisation.directBoot = {
	        enable = true;
	        initrd = "${config.system.build.netbootRamdisk}/${config.system.boot.loader.initrdFile}";
	      };
	    };
	  };
	  testScript = "";
	}) {}

The fix is to swap the two conditions, so that cfg.directBoot.enable
is checked first, and the initrd comparision will be short circuited.

This wasn't noticed during review because in earlier versions of the
virtualisation.directBoot patch, the assertion was accidentally in the
conditional above, so wasn't evaluated unless port forwarding was in
use.
 2023-11-06 13:49:31 +01:00
nicoo
89fd59c12a nixos/vagrant-guest: Set security.sudo-rs.wheelNeedsPassword too 2023-11-06 12:39:04 +01:00
Michele Guerini Rocco
8beca974f9
Merge pull request #263138 from tomfitzhenry/hostapd-optional-managementframeprotection 
nixos/hostapd: remove managementFrameProtection in favour of clearer default
 2023-11-06 11:17:07 +01:00
Ivan Petkov
49f444897b syncoid: disable PrivateUsers in systemd unit 
* leaving PrivateUsers=true appears to break when using zfs-2.2.0
 2023-11-06 10:16:15 +01:00
Adam Joseph
bc2d598878 treewide: change pythonForBuild to pythonOnBuildForHost 2023-11-05 17:42:12 -08:00
github-actions[bot]
b23f12e076
Merge master into staging-next 2023-11-06 00:02:12 +00:00
Maximilian Bosch
19bbcbade3
Merge pull request #265071 from 999eagle/feat/matrix-sliding-sync-update 
nixos/matrix-sliding-sync: add dependency on matrix-synapse if running locally
 2023-11-05 23:24:01 +01:00
Thomas Watson
be8065759e nixos/kernel: correct kernelPatches.extraConfig documentation 
It hasn't expected the prefix for a long time (possibly ever). Other
documentation and patches within nixpkgs itself (such as the crashdump
module) do not have the prefix.
 2023-11-05 16:00:15 -06:00
adisbladis
a1592fb410
Merge pull request #258299 from Arcayr/virtualisation-hostname 
nixos/virtualisation: add hostname option to oci-containers.
 2023-11-06 10:44:26 +13:00
Sophie Tauchert
8627e0ef58
nixos/matrix/*: change dependencies on matrix-synapse.service to serviceUnit 2023-11-05 21:43:08 +01:00
nicoo
9259a8d279 nixos/google_oslogin: Handle sudo-rs too 2023-11-05 20:40:12 +00:00
Sophie Tauchert
70dc536ae0
nixos/matrix-synapse: add readOnly serviceUnit option 
This is useful to configure services dependent on matrix-synapse regardless
of whether workers are enabled or not.
 2023-11-05 21:38:39 +01:00
nicoo
326904b128 nixos/google-compute-config: Add sudo-rs rules 2023-11-05 20:33:19 +00:00
Gary Guo
c70614c0a4 nixos/unbound: fix wrong syscall filter 
This changes the syscall filter to match that of upstream. Note that

    SystemCallFilter=~foo bar

is completely different from

    SystemCallFilter=~foo
    SystemCallFilter=bar

The former one means that foo and bar are forbidden, and the latter
one means foo is forbidden and bar is granted!
 2023-11-05 20:32:51 +00:00
Sophie Tauchert
c8b5539626
nixos/matrix-sliding-sync: add dependency on matrix-synapse if running locally and restart 2023-11-05 21:31:20 +01:00
nicoo
9aee9b163e nixos/akkoma: Do not warn under sudo-rs 2023-11-05 18:40:33 +00:00
github-actions[bot]
bb38778356
Merge master into staging-next 2023-11-05 18:00:55 +00:00
nicoo
ad92951579 nixos/sudo: Don't include empty sections 
This makes the generated sudoers a touch easier to read.
 2023-11-05 17:23:41 +00:00
Jonas Heinrich
35128eb6f8
nixos/printing: Add openFirewall option (#176539) 2023-11-05 16:01:20 +01:00
Aaron Andersen
a707831d98
Merge pull request #256738 from toastal/prosody-libevent-deprecated 
prosody: remove deprecated libevent
 2023-11-05 08:36:25 -05:00
Ryan Lahfa
0020a3f649
Merge pull request #265281 from JulienMalka/systemd-boot-maintainer 2023-11-05 13:03:59 +01:00
github-actions[bot]
2ecaf22639
Merge master into staging-next 2023-11-05 12:01:15 +00:00
Leah Amelia Chen
30f2f955fe nixos/greetd: autostart GNOME Keyring when enabled 
The PAM service `greetd` creates now autostarts GNOME Keyring when it is
enabled via `services.gnome.gnome-keyring.enable`.

Should cause a lot fewer headaches for people like me who didn't know
why GNOME Keyring was complaining that it was never supplied with login details.

Fixes #246197
 2023-11-05 12:22:52 +01:00
github-actions[bot]
6e287cb9de
Merge master into staging-next 2023-11-05 00:02:23 +00:00
Thiago Kenji Okada
3fcd5f430b
Merge pull request #263206 from kanashimia/revert-259066-add-renice-sway 
Revert "nixos/sway: add enableRealtime option"
 2023-11-04 21:59:06 +00:00
Weijia Wang
9627659c22 Merge branch 'master' into staging-next 2023-11-04 17:27:09 +01:00
K900
ea9372de82
Merge pull request #265482 from alois31/plasma-setuid 
nixos/plasma5: fix mismatch between nix and module system
 2023-11-04 19:08:55 +03:00
Alois Wohlschlager
dee9519abe
nixos/plasma5: fix mismatch between nix and module system 
In https://github.com/NixOS/nixpkgs/pull/254071, a mismatch between usage of
the Nix language and the NixOS module system was introduced. By merging the
kwin_wayland wrapper attrset into the mkIf representation, the former was
effectively ignored.
As a result, the capability wrapper for kwin_wayland stopped being installed,
leading to realtime scheduling being disabled. The issue was not detected
because the behavioral change is very subtle.

By consistently using language-level constructs, this mismatch is resolved.
The capability wrapper is thus installed again and realtime scheduling is
restored.
 2023-11-04 16:33:38 +01:00
Felix Bühler
85f1ba3e51
Merge pull request #263173 from r-ryantm/auto-update/freshrss 
freshrss: 1.21.0 -> 1.22.1
 2023-11-04 13:09:36 +01:00
github-actions[bot]
2c3155e94d
Merge master into staging-next 2023-11-04 12:00:55 +00:00
Maximilian Bosch
845cf9943c
Merge pull request #264582 from FliegendeWurst/throttled-modprobe 
nixos/throttled: load required kernel module
 2023-11-04 12:27:38 +01:00
Julien Malka
33df4d3447
nixos/systemd-boot: add julienmalka as maintainer 2023-11-04 02:38:11 +01:00
Weijia Wang
44f16f33cc Merge branch 'master' into staging-next 2023-11-04 01:43:45 +01:00
K900
3ce4c66151 nixos/module-list: add virt-manager 
Was missed in #261474
 2023-11-04 01:02:27 +03:00
github-actions[bot]
3c43b804d4
Merge master into staging-next 2023-11-03 18:01:23 +00:00
Lily Foster
5c5d730067
Merge pull request #262347 from adamcstephens/incus/module 
nixos/incus: init module and tests
 2023-11-03 09:42:24 -04:00
Michele Guerini Rocco
5654dea8a5
Merge pull request #264787 from katexochen/feat/xkb-extralayouts 
nixos/x11: move extraLayouts into xkb attrset
 2023-11-03 13:49:14 +01:00
github-actions[bot]
db0a71076b
Merge master into staging-next 2023-11-03 12:01:07 +00:00
Maximilian Bosch
225d785e7d
Merge pull request #263475 from nbraud/nixos/sudo-bugfix 
nixos/sudo: fix `security.sudo.package`
 2023-11-03 11:26:03 +01:00
Peter Hoeg
f4856b55dd nixos/fwupd: make auto-refresh run (and work) 2023-11-03 10:54:41 +01:00
linsui
92c106c097 nixos/firefox: update document link 2023-11-03 17:05:37 +08:00
github-actions[bot]
75a11d85b8
Merge master into staging-next 2023-11-03 00:02:23 +00:00
Adam Stephens
3132ba6cda
nixos/incus: shutdown instances on service stop 2023-11-02 19:54:11 -04:00
Adam Stephens
3087595a6b
nixos/incus: preseed should not trigger socket-activation 2023-11-02 19:54:04 -04:00
Adam Stephens
1fff6a9031
nixos/incus: init module and tests 2023-11-02 19:54:02 -04:00
Alexandru Scvortov
cbbe57bc52 elixir: make 1.15 default and pin existing pkgs to 1.14 2023-11-02 20:16:00 +00:00
github-actions[bot]
29efc257c0
Merge master into staging-next 2023-11-02 18:01:07 +00:00
Janik H.
15babfbc12
nixos/woodpecker-server: fix environmentFile example 2023-11-02 18:14:46 +01:00
Janik
8a897821fe
Merge pull request #262781 from Janik-Haag/woodpecker 
nixos/woodpecker-server: change type of environmentFile to list of paths
 2023-11-02 17:40:07 +01:00
Maximilian Bosch
dbb68f0b49
Merge pull request #263558 from Ma27/fix-image-renderer-callback 
nixos/grafana-image-renderer: use Grafana's http_addr rather than localhost
 2023-11-02 15:49:23 +01:00
Anthony Roussel
efdbdab8b5
nixos/ocsinventory-agent: init 2023-11-02 14:20:45 +01:00
github-actions[bot]
677e25fcd2
Merge master into staging-next 2023-11-02 12:01:08 +00:00
Jörg Thalheim
94b810348a installer/cd-dvd/channel: allow to disable bundled channel 
When building kexec-based installer every mb saved will reduce the RAM usage and allow to install NixOS on smaller machines.
It also means that less data has to be downloaded from the network.
When using flakes or niv we no longer rely on nix channels beeing present
and when using something like nixos-anywhere, we no longer need to evaluate anything in the installer at all.
 2023-11-02 12:39:05 +01:00
Jörg Thalheim
af459e624e installer/cd-dvd/channel: stop using lib 
the lack of with allows lsp's to spot errors better
 2023-11-02 12:39:05 +01:00
Graham Bennett
b2fccae809 zwave-js: module init, zwave-js-server: init at 1.33.0 
Co-authored-by: Martin Weinelt <mweinelt@users.noreply.github.com>
Co-authored-by: h7x4 <h7x4@nani.wtf>
 2023-11-02 08:21:09 +00:00
github-actions[bot]
e67e95c1d1
Merge master into staging-next 2023-11-02 06:01:16 +00:00
Martin Weinelt
0b2ab262bc
home-assistant: 2023.10.5 -> 2023.11.0 
https://www.home-assistant.io/blog/2023/11/01/release-202311/
 2023-11-01 22:28:12 +01:00
Stephen Huan
09cc3285cc
nixos/mullvad-vpn: use resolvconf if enabled 2023-11-01 16:47:11 -04:00
Robert Obryk
536401e90a nixos/restic: fix #264696 and add a regression test 
Make sure that preStart and postStop are included in all cases when they are nonempty.
 2023-11-01 21:18:56 +01:00
github-actions[bot]
cd7af6170b
Merge master into staging-next 2023-11-01 18:01:01 +00:00
nikstur
7d0b5b3a94 nixos/nix-channnel: fix setting up the default channel again 2023-11-01 16:23:28 +01:00
github-actions[bot]
4a533d29ce
Merge master into staging-next 2023-11-01 12:01:10 +00:00
Martin Weinelt
05e8361387
Merge pull request #261867 from matrss/set-paperless-secret-key 
nixos/paperless: set PAPERLESS_SECRET_KEY
 2023-11-01 12:33:23 +01:00
Felix Buehler
29d41b7fd2 nixos/freshrss: migrate to DATA_PATH 2023-11-01 12:31:42 +01:00
Paul Meyer
143680787e nixos/x11: move extraLayouts into xkb attrset 
[Motivation](NixOS#257817 (comment))

`extraLayouts` was missed in #259891, so moving it to the other xkb
options with this PR.

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
 2023-11-01 11:55:25 +01:00
github-actions[bot]
0d2063b693
Merge master into staging-next 2023-11-01 00:02:16 +00:00
Guillaume DELVIT
043522789b nixos/services/netdata: add systemd-journald plugin as a privileged wrapper 
https://learn.netdata.cloud/docs/logs/systemd-journal/
need acces to

    Kernel Logs (dmesg):
        Capability: CAP_SYSLOG
        Description: This capability allows the program to read kernel logs using the dmesg command or by reading the /dev/kmsg file.

    System Logs (e.g., /var/log/syslog):
        Capability: CAP_DAC_READ_SEARCH
        Description: This capability allows the program to read system logs located in directories such as /var/log/.

    User Logs (e.g., /var/log/auth.log):
        Capability: CAP_DAC_READ_SEARCH
        Description: This capability allows the program to read user logs located in directories such as /var/log/.
 2023-11-01 00:16:30 +01:00
Robert Hensing
29697af6ae
Merge pull request #258068 from Izorkin/update-peertube 
peertube: 5.1.0 -> 5.2.1
 2023-10-31 23:44:14 +01:00
FliegendeWurst
1391725fb5 nixos/throttled: load required kernel module 2023-10-31 22:14:02 +01:00
github-actions[bot]
81270bbdcf
Merge master into staging-next 2023-10-31 18:01:02 +00:00
nikstur
37209a6799
Merge pull request #264608 from nikstur/nix-channel-fix-default 
nixos/nix-channel: fix subscribing to default channel
 2023-10-31 18:42:06 +01:00
nikstur
8c1739cafe nixos/nix-channel: fix subscribing to default channel 
Fixes https://github.com/NixOS/nixpkgs/issues/264602
 2023-10-31 16:51:23 +01:00
Robin Gloster
7e2992c01b
Merge pull request #264584 from Ma27/drop-privacyidea 
privacyidea: remove
 2023-10-31 16:46:37 +01:00
Franz Pletz
265ca81834
Merge pull request #241908 from picnoir/nin/oci-container-pre-start-list 2023-10-31 15:53:35 +01:00
Janik H.
8e5729517e
nixos/woodpecker-server: change type of environmentFile to list of paths 2023-10-31 15:46:53 +01:00
K900
46bc9e79a9
Merge pull request #259765 from 70m6/bugfix/bitcoind-enable 
bugfix/bitcoind-enable
 2023-10-31 17:35:10 +03:00
Tom Barrett
a4b31637b5 bitcoind: only use enabled services 2023-10-31 15:29:17 +01:00
Weijia Wang
a38f4bdef6
Merge pull request #264562 from acid-bong/patch-1 
nixos/direnv: fix typo
 2023-10-31 14:21:25 +01:00
Maximilian Bosch
5927d55685
privacyidea: remove 
Related to #262907 (Django3 removal from nixpkgs).

This package already required an unreasonable amount of maintenance
regularly for a such small leaf-package. It has a few highly outdated
dependencies (e.g. flask 1, jinja2 2.11, sqlalchemy 1.3).

After at least each Python package-set update one had to fix up a lot of
dependencies to fix the package itself, so it was only useful on stable
branches. And having so much outdated software in a security-sensitive
piece of software seems questionable.

Finally, globin and I won't be available for maintaining this now that
Mayflower is migrating to another solution (and we'll do that as well)
and I'd expect this to bitrot extremely quick if we both bail out.
 2023-10-31 14:17:48 +01:00
github-actions[bot]
2fd5f8dd7a
Merge master into staging-next 2023-10-31 12:01:11 +00:00
nikstur
14152f80bb nixos/image: fix layout of option examples in repart builder 2023-10-31 11:27:57 +01:00
nikstur
151fa7c39c nixos/image: include module options in manual 2023-10-31 11:27:56 +01:00
nikstur
84722633b7 nixos/image: move docs into manual 2023-10-31 11:27:56 +01:00
Acid Bong
e7d95c440b
nixos/direnv: fix typo 2023-10-31 12:09:06 +02:00
nikstur
b984b2691a
Merge pull request #264475 from blitz/repart-docs 
nixos/image: fix documentation build
 2023-10-31 10:13:01 +01:00
Alexandru Scvortov
fa54eeea5c livebook: add systemd user service, test, and docs 
Co-authored-by: Yt <happysalada@tuta.io>
 2023-10-31 07:31:18 +00:00
github-actions[bot]
97868dae8e
Merge master into staging-next 2023-10-31 06:00:58 +00:00
Mario Rodas
1122fb5123
Merge pull request #264250 from Ma27/rm-postgres-11 
postgresql_11: remove
 2023-10-30 21:36:56 -05:00
github-actions[bot]
135430eb60
Merge master into staging-next 2023-10-31 00:02:27 +00:00
Martin Weinelt
e3647a1769
nixos/wyoming/openwakeword: fix typo in attribute name 2023-10-31 00:42:04 +01:00
Julian Stecklina
ea3ca0b1e3 nixos/image: fix documentation build 
literalExpression triggers the following error when building the
manual:

Cacheable portion of option doc build failed.
Usually this means that an option attribute that ends up in documentation (eg `default` or `description`) depends on the restricted module arguments `config` or `pkgs`.
 2023-10-31 00:36:17 +01:00
Martin Weinelt
5da8c00f11
Merge pull request #264404 from mweinelt/wyoming-openwakeword-1.8.1 
wyoming-openwakeword: 1.5.1 -> 1.8.1
 2023-10-30 22:53:25 +01:00
Martin Weinelt
3f224f0607
Merge pull request #264214 from mweinelt/wyoming-faster-whisper-device-param 
nixos/wyoming/faster-whisper: pass device config to executable
 2023-10-30 22:27:24 +01:00
Luka Blaskovic
d3db35f684 stage-2: don't write to /dev/kmsg if missing 2023-10-30 21:53:52 +01:00
github-actions[bot]
931938d1df
Merge master into staging-next 2023-10-30 18:01:02 +00:00
Lin Jian
bb3474f826
Merge pull request #264008 from arcnmx/xmrig-mainProgram 
xmrig: add meta.mainProgram
 2023-10-31 01:21:25 +08:00
K900
998720bf94
Merge pull request #263849 from ElvishJerricco/sd-initrd-not-experimental 
systemd-stage-1: No longer experimental
 2023-10-30 20:04:20 +03:00
K900
7bc18b63da
Merge pull request #227633 from ElvishJerricco/systemd-stage-1-fix-initrd-commands 
Systemd stage 1 assert initrd commands are empty
 2023-10-30 20:03:44 +03:00
Martin Weinelt
e458280606
nixos/wyoming/openwakeword: update for 1.8.1 
Remove the deprecated --models option, as models are now discovered
and loaded dynamically from all configured model dirs at runtime.

Allow setting up custom model directories, so wake words other than the
built-in ones can be used, e.g. from
https://github.com/fwartner/home-assistant-wakewords-collection.
 2023-10-30 18:00:28 +01:00
Martin Weinelt
0d34502fe3
nixos/wyoming/openwakeword: relax model selection 
The wyoming-openwakeword supports a custom model directory, which cannot
be used when the the model list is constrained to the builtin ones.
 2023-10-30 16:21:58 +01:00
github-actions[bot]
7f11b9b46b
Merge master into staging-next 2023-10-30 12:01:05 +00:00
Will Fancher
cca22054c0 systemd-stage-1: Add assertions for unsupported options. 2023-10-30 12:15:58 +01:00
Janne Heß
d80d7d6697
Merge pull request #258071 from helsinki-systems/feat/stc-lock 
nixos/switch-to-configuration: Lock the switch
 2023-10-30 10:49:50 +01:00
Maximilian Bosch
1220a4d4dd
postgresql_11: remove 
As described in the release lifecycle docs from postgresql[1], v11 will
stop receiving fixes as of Nov 9 2023. This means it's EOL throughout
the entire lifetime of 23.11, so let's drop it now.

A lot of examples are also referencing postgresql_11. Where it's
sensible, use postgresql_15 as example now to avoid confusion.

This is also handy because the LLVM 16 fix for postgresql is not
available for postgresql 11 ;-)

[1] https://www.postgresql.org/support/versioning/
 2023-10-30 10:41:16 +01:00
Vladimír Čunát
5c89ba8ab4
Merge branch 'master' into staging-next 2023-10-30 06:12:04 +01:00
Martin Weinelt
4f971ebf3c
nixos/wyoming/faster-whisper: pass device config to executable 
The device could previously be configured but wasn't wired up to do
anything meaningful and as such always defaulted to CPU.
 2023-10-30 00:45:17 +01:00
Michele Guerini Rocco
800965ce8c
Merge pull request #245855 from rnhmjoj/pr-sslh 
nixos/sslh: update and refactor for RFC42
 2023-10-29 23:19:38 +01:00
Ryan Lahfa
a905c3a544
Merge pull request #262854 from ElvishJerricco/systemd-stage-1-bcachefs-decryption 
systemd-stage-1: bcachefs decryption
 2023-10-29 22:24:38 +01:00
Jakub Sokołowski
c7b3a19df6 erigon: add package option to override default version 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2023-10-29 18:27:13 +00:00
github-actions[bot]
64070c2fda
Merge master into staging-next 2023-10-29 18:01:23 +00:00
Rémy Grünblatt
c9e3cc43c7
nixos: fix iproute2 invocations (#263976) 
When using iproute2's ip binary, you can omit the dev parameter, e.g. ip link set up eth0 instead of ip link set up dev eth0.

This breaks if for some reason your device is named e.g. he, hel, … because it is interpreted as ip link set up help.

I just encountered this bug using networking.bridges trying to create an interface named he.

I used a grep on nixpkgs to try to find iproute2 invocations using variables without the dev keyword, and found a few, and fixed them by providing the dev keyword.

I merely fixed what I found, but the use of abbreviated commands makes it a bit hard to be sure everything has been found (e.g. ip l set … up instead of ip link set … up).
 2023-10-29 18:27:16 +01:00
Will Fancher
5cea7ee452
Merge pull request #262583 from ElvishJerricco/systemd-stage-1-shells 
systemd-stage-1: Support for user shells
 2023-10-29 13:22:47 -04:00
rnhmjoj
7ecac99da7
sslh: 1.22c -> 2.0.0 2023-10-29 18:13:37 +01:00
rnhmjoj
3728338d40
nixos/sslh: refactor for RFC42 2023-10-29 18:13:37 +01:00
K900
7ea67d7cb6 Revert "nixos/activation: remove specialfs activationScript" 
This reverts commit a8f50f9919.

Broke installer tests, need to figure out how to fix nixos-enter before attempting this again.
 2023-10-29 20:08:48 +03:00
K900
220241421f
Merge pull request #263744 from K900/stateversion-docs 
treewide: rewrite stateVersion docs (again), clean up some stateVersion usages (again)
 2023-10-29 16:25:48 +03:00
Aaron Andersen
3b848391b6
Merge pull request #227442 from christoph-heiss/openssh/allowusers 
openssh: add {Allow,Deny}{Users,Groups} settings
 2023-10-29 08:20:22 -04:00
K900
424b0cefa4 nixos/version: rewrite stateVersion documentation 
Match the comment in nixos-generate-config and add some more details for the curious.
 2023-10-29 15:02:50 +03:00
K900
fb1ccc91f7 nixos-generate-config: rewrite stateVersion comment again 
Hopefully this version is clearer. Also tried to make it less technical.
 2023-10-29 15:02:50 +03:00
github-actions[bot]
571f1df5e4
Merge master into staging-next 2023-10-29 12:00:57 +00:00
nikstur
7cb1ab909a
Merge pull request #264082 from josephst/systemd-domainname 
systemd domainname unit - use nix store path of `net tools` for `domainname`
 2023-10-29 10:35:04 +01:00
Guillaume Girol
98b63514f0
Merge pull request #261862 from vifino/syslog-ng-4.4.0 
syslogng: Late cleanup
 2023-10-29 09:51:02 +01:00
Robert Hensing
8b385c91c3
Merge pull request #263462 from nikstur/rebuildable-system 
Rebuildable system & appliance
 2023-10-29 08:02:35 +01:00
github-actions[bot]
3f274c7328
Merge master into staging-next 2023-10-29 06:01:18 +00:00
Peder Bergebakken Sundt
37c7104f53
Merge pull request #262915 from chayleaf/certspotter 
certspotter: init at 0.17.0; nixos/certspotter: init
 2023-10-29 05:10:04 +01:00
Joseph Stahl
137a3c1303
systemd domainname service - fix missing domainname binary 
needs nettools in path
 2023-10-28 22:30:14 -04:00
github-actions[bot]
954eb09381
Merge master into staging-next 2023-10-29 00:02:24 +00:00
Weijia Wang
eaf8053ad5
Merge pull request #264036 from wegank/unifi-hotfix 
nixos/unifi: fix use of optionalString
 2023-10-29 00:33:19 +02:00
Weijia Wang
88e82879f4 nixos/unifi: fix use of optionalString 2023-10-28 23:01:44 +02:00
Ryan Lahfa
de47b2e8a5
Merge pull request #263033 from ElvishJerricco/systemd-stage-1-filesystems-encrypted 
systemd-stage-1: Enable more encrypted installer tests
 2023-10-28 20:38:14 +02:00
arcnmx
0711d3d69b xmrig: add meta.mainProgram 
See #246386
 2023-10-28 11:21:57 -07:00
Christoph Heiss
cc8ba21629
nixos/sshd: add comment explaining different list option types 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-10-28 20:13:26 +02:00
github-actions[bot]
52b6b90243
Merge master into staging-next 2023-10-28 18:00:57 +00:00
Weijia Wang
66ab26fce8
Merge pull request #262084 from imlonghao/borgmatic/fix-262020 
borgmatic: fix deprecation warning check failed
 2023-10-28 15:33:39 +02:00
github-actions[bot]
519b7ea0c3
Merge master into staging-next 2023-10-28 12:01:19 +00:00
Julian Stecklina
e8bed1eec9 nixos/profiles: add image-based-appliance profile 2023-10-28 13:26:39 +02:00
nikstur
8dfe8e447e nixos/profiles/minimal: remove some perl 2023-10-28 13:26:39 +02:00
Linus Heckemann
8670794565
Merge pull request #263203 from nikstur/replace-activation 
Replace simple activationScripts
 2023-10-28 10:17:15 +02:00
chayleaf
f4aeeb9e81
nixos/certspotter: init 2023-10-28 14:19:36 +07:00
tomf
e426508098
Merge pull request #254412 from helsinki-systems/nvme-kmod-by-default 
nixos/boot/kernel: include nvme kmod by default
 2023-10-28 18:01:18 +11:00
github-actions[bot]
81ed2302dc
Merge master into staging-next 2023-10-28 06:00:57 +00:00
Peder Bergebakken Sundt
dc42e2603b
Merge pull request #263335 from anthonyroussel/nixos-goss 
nixos/goss: init
 2023-10-28 06:36:43 +02:00
imlonghao
88bc98a073
borgmatic: fix deprecation warning check failed 2023-10-28 11:32:38 +08:00
github-actions[bot]
4791949f6a
Merge master into staging-next 2023-10-28 00:02:23 +00:00
Peder Bergebakken Sundt
a9d001fd4a
Merge pull request #260877 from moritzrickert/plausible-registration-invite-only 
nixos/plausible: add invite only registrations
 2023-10-27 23:49:49 +02:00
Will Fancher
a906632245 systemd-stage-1: No longer experimental 2023-10-27 16:46:47 -04:00
Artturi
61f2bd3178
Merge pull request #254386 from erikarvstedt/nginx-js-mime-type 2023-10-27 23:32:20 +03:00
Matthias Riße
63ef033992 nixos/paperless: set PAPERLESS_SECRET_KEY 
If the PAPERLESS_SECRET_KEY environment variable is left unset
paperless-ngx defaults to a well-known value, which is insecure.

Co-authored-by: Erik Arvstedt <erik.arvstedt@gmail.com>
 2023-10-27 21:11:01 +02:00
tomf
d18f272a39
Merge pull request #262408 from evandeaubl/master 
nixos/tailscale: add openFirewall option
 2023-10-28 05:19:41 +11:00
github-actions[bot]
4c838ddf14
Merge master into staging-next 2023-10-27 18:01:08 +00:00
tomf
b42ca6b992
Merge pull request #260346 from l0b0/feat/shiori-webroot 
nixos/shiori: add web root option
 2023-10-28 04:25:40 +11:00
Emily
f4e67057e8
Merge pull request #263234 from CobaltCause/garage-statedirectory 
nixos/garage: set `StateDirectory` if used at all
 2023-10-27 17:26:39 +02:00
Herwig Hochleitner
a5e03844dc
Merge pull request #260091 from bendlas/fix-cdemu-service 
cdemu: fix service setup
 2023-10-27 14:46:57 +02:00
Alyssa Ross
44ff5dfca2 nixos/restic: remove s3CredentialsFile option 
This has been deprecated since 2021, so all users should have seen the
warning and migrated by now.
 2023-10-27 12:31:54 +00:00
K900
6f06066e94 nixos/containers: use latest stateVersion as example 
Hopefully this way we don't confuse people into thinking you have to set it to 21.05.
 2023-10-27 12:56:12 +03:00
K900
118694944d nixos/virtualbox-demo: use latest stateVersion 
Just like we do for the other live images
 2023-10-27 12:56:12 +03:00
Anthony Roussel
3a2d3bc3d8
nixos/goss: init 2023-10-27 08:00:48 +02:00
github-actions[bot]
f0ebfe8b52
Merge master into staging-next 2023-10-27 00:02:24 +00:00
Pol Dellaiera
aaccf42b1b
Merge pull request #261432 from yayayayaka/snipe-it-convert-to-buildComposerProject 
snipe-it: convert to buildComposerProject
 2023-10-27 01:36:34 +02:00
nicoo
6e15779fda nixos/sudo: fix security.sudo.package 2023-10-26 19:00:25 +00:00
Peder Bergebakken Sundt
e8ff5952f6
Merge pull request #258558 from hmenke/c2FmZQ 
c2FmZQ: init at 0.4.8
 2023-10-26 20:33:51 +02:00
Martin Weinelt
33ddec070e
Merge pull request #262767 from andresilva/iproute-6.5.0-fix 
iproute2: stateless configuration
 2023-10-26 20:08:12 +02:00
github-actions[bot]
96132a216a
Merge master into staging-next 2023-10-26 18:01:02 +00:00
Peder Bergebakken Sundt
adcaf3962d
Merge pull request #212087 from robryk/resticpaths 
nixos/backups/restic: handle cases when both dynamicFileFrom and paths are set
 2023-10-26 19:35:22 +02:00
Nick Cao
020adc777c
Merge pull request #263492 from aschleck/patch-1 
nixos/networkd: fix typoed hairpin option name
 2023-10-26 13:28:52 -04:00
April Schleck
13956f7f1f nixos/networkd: fix typoed hairpin option name 
You can see in https://www.freedesktop.org/software/systemd/man/latest/systemd.network.html that
this should be "HairPin" not "Hairpin". Using "Hairpin" results in

```
Oct 25 18:55:03 my-host systemd-networkd[843736]: /etc/systemd/network/10-bridge.network:11:
    Unknown key name 'Hairpin' in section 'Bridge', ignoring.
```
 2023-10-26 10:26:04 -07:00
Will Fancher
63429f43ca
Merge pull request #263627 from colemickens/systemd-stage1-fix-dosfstools 
nixos/fs/vfat: fix inclusion in systemd stage1
 2023-10-26 12:56:33 -04:00
Yaya
d91c530a55
snipe-it: Convert to php.buildComposerPackage 2023-10-26 18:51:05 +02:00
Peder Bergebakken Sundt
4d6d43f444
Merge pull request #263460 from arcuru/rename-arcuru 
treewide: rename handle/GH account patricksjackson to arcuru
 2023-10-26 18:46:42 +02:00