tobias/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-11-11 10:16:01 +01:00
Code Issues Packages Projects Releases Wiki Activity
875953 commits 197 branches 129 tags 14 GiB
Commit graph

54543 commits

Author SHA1 Message Date
h7x4 21e4aadc8f
nixos/lxd-image-server: split script into ExecStart and ExecStartPre 2025-10-11 15:37:18 +09:00
h7x4 075555ec70
nixos/lxd-image-server: set reload trigger in systemd unit 2025-10-11 15:35:26 +09:00
Tristan Ross 36a5b09fdf nixos/docs/rl2511: add tenstorrent module entry 2025-10-10 20:13:03 -07:00
Tristan Ross 47348f554e nixos/tenstorrent: init 2025-10-10 19:23:45 -07:00
Philip Taron 9a4901a7b3
listmonk: 3.0.0 -> 5.1.0 (#428070) 2025-10-10 22:11:42 +00:00
Thomas Gerbet 9b92f52709
nixos/tests/litestream: fix test by changing grafana host (#450623) 2025-10-10 19:17:47 +00:00
Hugo Renard 999fa7eb67
listmonk: 3.0.0 -> 5.1.0 2025-10-10 19:48:13 +02:00
Masum Reza d4e0dea404
cosmic-greeter: add cosmic-randr to PATH; nixos/cosmic-greeter: install cosmic-comp by default (#448844) 2025-10-10 16:09:57 +00:00
Heitor Augusto 08e84f6512
nixos/cosmic-greeter: add video group to user 
This change aligns the NixOS module with the permissions configured by the upstream project.
 2025-10-10 21:34:58 +05:30
Heitor Augusto ffca8e56c5
nixos/cosmic-greeter: create /run/cosmic-greeter directory 
Also uses the right home mode for `cosmic-greeter` user
 2025-10-10 21:34:57 +05:30
Heitor Augusto 8e0bb5c719
nixos/cosmic-greeter: install cosmic-comp, cosmic-greeter by default 2025-10-10 21:34:57 +05:30
Johannes Kirschbauer 1d841c88ca
nixos/lasuite-meet: make settings lazy! (#450327) 2025-10-10 13:42:55 +00:00
Leona Maroni 7a9291fdb6
nixos/tests/litestream: fix test by changing grafana host 
Grafana failed previously with
```
Failed, expected: Running, failure: invalid IP address: localhost
```
 2025-10-10 11:20:27 +02:00
nikstur 3d359bbda4
nixos/timesyncd: cleanup & make it bashless (#449937) 2025-10-10 08:01:29 +00:00
h7x4 3794080d96
yggdrasil-jumper: 0.3.1 -> 0.4.1, update module (#441480) 2025-10-10 00:19:45 +00:00
Ratakor 5054f454a0
nixos/pmount: init module 2025-10-10 01:56:08 +02:00
Pol Dellaiera 7a025c2dc7
treewide: remove aidalgol (#448386) 2025-10-09 21:03:00 +00:00
Maximilian Bosch 285ea04d23
nextcloud32: init at 32.0.0 (#446632) 2025-10-09 18:00:09 +00:00
Maximilian Bosch cc1a69468d
nixos/nextcloud: avoid duplicate X-Robots-Tag header, remove option nginx.recommendedHttpHeaders (#449186) 2025-10-09 17:47:13 +00:00
Michael Hoang aeb2db1591 nixos/lasuite-meet: make settings lazy! 2025-10-09 16:43:03 +02:00
Martin Weinelt 531f6038cf
nixos/pretalx: run pretalx-manage migrate on plugin changes and upgrades (#450102) 2025-10-09 14:31:12 +00:00
Sandro Jäckel ad9e817cc2
nixos/pretalx: run pretalx-manage migrate on plugin changes and upgrades 
Some plugins like https://github.com/pretalx/pretalx-media-ccc-de
require database migrations to properly work.
 2025-10-09 16:11:46 +02:00
teutat3s ed6fed3410
nixos/nextcloud: recommended nginx headers should 
not be optional, because upstream recommends them
https://docs.nextcloud.com/server/stable/admin_manual/installation/harden_server.html#serve-security-related-headers-by-the-web-server
 2025-10-09 10:09:42 +02:00
teutat3s c794451fee
nixos/nextcloud: avoid duplicate X-Robots-Tag header 
We already set this header in nginx, and a duplicate header can lead to
issues, like: https://github.com/nextcloud/notes-android/issues/2848
 2025-10-09 09:42:29 +02:00
Remy D. Farley 893bc2af5d nixos/yggdrasil-jumper: support wireguard 
https://github.com/one-d-wide/yggdrasil-jumper/releases/tag/v0.4.1
 2025-10-09 07:24:05 +00:00
h7x4 595dc97360
nixos/serviio: add option to open firewall ports (#448271) 2025-10-09 05:12:25 +00:00
h7x4 1b427d432a
nixos/asterisk: fix reloading command (#434522) 2025-10-09 00:22:39 +00:00
h7x4 3ae8d45a09
nixos/sing-box: set home and cwd to state directory (#446379) 2025-10-09 00:06:05 +00:00
Bruno BELANYI 5ca9078d7f
nixos/homebox: update module (#436651) 2025-10-08 21:13:53 +00:00
nikstur ccf0b1426f nixos/timesyncd: remove migration path dating back to 19.09 
Also remove the test that only tested this migration and nothing else
about systemd-timesyncd.
 2025-10-08 16:05:41 +02:00
nikstur 7ccd3bd8f4 nixos/timesyncd: remove unnecessary workaround 
This workardoung is now unnecessary because systemd and
systemd-timesyncd will never actually revert to a time lower than the
current system time. It will only *advance* the system time to the EPOCH
if the system time is lower.

This also makes systemd-timesyncd bashless as we remove the preStart
script for any NixOS version newer than 19.09.
 2025-10-08 15:53:17 +02:00
Adam C. Stephens 1fae0a2bea
erlang: simplify generic builder and overriding (#448033) 2025-10-08 12:34:41 +00:00
Sandro 3170d4faf9
nixos/gtklock: use lines type for programs.gtklock.style option (#445580) 2025-10-08 12:26:30 +00:00
Luj 01e34769af
nixos/uptime-kuma: Apply more hardening settings (#449295) 2025-10-08 11:13:49 +02:00
Thomas Gerbet 59f9c6722b
nixos/murmur: Set ProtectControlGroups to strict (#448637) 2025-10-08 06:00:22 +00:00
dish 48b32fb7fb
lib: remove lib.options.mkPackageOptionMD (#448409) 2025-10-07 23:27:57 +00:00
dish a0e8f351a6
nixos/pixelfed: remove X-XSS-Protection header (#449589) 2025-10-07 23:27:35 +00:00
Felix Bühler 71ad9a34cf
nixos/redmine: Apply more hardening options (#449140) 2025-10-07 23:30:22 +02:00
Martin Weinelt 41686edb04
music-assistant: build librespot fork (#447147) 2025-10-07 20:53:46 +00:00
sweenu 4e23b4365f
music-assistant: use librespot-ma as spotify provider 2025-10-07 22:11:10 +02:00
dish 92aa5dc190
lib: remove lib.options.mkPackageOptionMD 
Removed this, as it was deprecated in 24.11 and was intended to be
removed in 25.05. Better late than never.
 2025-10-07 15:53:30 -04:00
Sandro d3afe2db00
hadoop: 3.4.1 -> 3.4.2, use jdk21 (#442660) 2025-10-07 18:30:46 +00:00
dish 47a0293617
nixos/pixelfed: remove X-XSS-Protection header 
not recommended to set it, per OWASP, as it can actually introduce
security issues

https://owasp.org/www-project-secure-headers/#x-xss-protection
 2025-10-07 14:06:30 -04:00
Alexandre Esteves cf818acac3
nixos/virtualbox-host: fix for kernels >= 6.12 (#444438) 2025-10-07 16:08:45 +00:00
h7x4 35ef0e22e8
nixos/linkwarden: init module, linkwarden: init at 2.13.0 (#347353) 2025-10-07 15:50:50 +00:00
Felix Singer 79ab4bb47b nixos/redmine: Enable MountAPIVFS hardening in service config 
This setting is already implied by others, but add it for completeness
as well. For documentation see
https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#MountAPIVFS=

Signed-off-by: Felix Singer <felixsinger@posteo.net>
 2025-10-07 16:16:27 +02:00
Felix Singer 21f827065b nixos/redmine: Enable PrivateUsers hardening in service config 
For documentation see
https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#PrivateUsers=

Signed-off-by: Felix Singer <felixsinger@posteo.net>
 2025-10-07 16:16:27 +02:00
Felix Singer a799bd0e3d nixos/redmine: Set ProtectProc to invisible 
For documentation see
https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#ProtectProc=

Signed-off-by: Felix Singer <felixsinger@posteo.net>
 2025-10-07 16:16:26 +02:00
Felix Singer d06389e317 nixos/uptime-kuma: Ensure proper permissions for state directory 
Signed-off-by: Felix Singer <felixsinger@posteo.net>
 2025-10-07 15:54:51 +02:00
Felix Singer 7b791e1de7 nixos/uptime-kuma: Enable MountAPIVFS hardening in service config 
This setting is already implied by others, but add it for completeness
as well. For documentation see
https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#MountAPIVFS=

Signed-off-by: Felix Singer <felixsinger@posteo.net>
 2025-10-07 15:54:51 +02:00