tobias/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-11-15 04:04:18 +01:00
Code Issues Packages Projects Releases Wiki Activity
793175 commits 213 branches 129 tags 14 GiB
Commit graph

37750 commits

Author SHA1 Message Date
phaer 9e704d7263 virtualisation/linode-config: use mkImageMediaOverride... 
...for filesystem options. Before this change, users would typically encounter conflicting option definitions when trying to build an image for a generic nixos closure, i.e. `nixos-rebuild build-image --image-variant linode --flake .#my-host`
 2025-04-11 12:54:11 +02:00
Markus Sütter c6476ca119 repart: Enable discard option 
systemd-repart can be configured to not automatically issue BLKDISCARD commands
to the underlying hardware.

This PR exposes this option in the repart module.
 2025-04-11 12:46:50 +02:00
phaer a80eca86d5 virtualisation/linode-config: drop "with; lib" 2025-04-11 12:35:41 +02:00
nixpkgs-ci[bot] 5858ce00b1
Merge master into staging-next 2025-04-11 09:43:11 +00:00
Michael van Straten a890891acc nixos/godns: init module 
Initial implementation of the GoDNS service module. This module allows users to enable and configure the GoDNS service on their NixOS system. It includes options for specifying the GoDNS package and the path to the configuration file.
 2025-04-11 11:25:47 +02:00
Wolfgang Walther c76d239f14
nixos/postgres-websockets: init (#397408) 2025-04-11 07:47:10 +00:00
nixpkgs-ci[bot] c55a1a7779
Merge master into staging-next 2025-04-11 00:15:47 +00:00
Austin Horstman d852aa1cbb
hardware.bluetooth: fix configuration directory mode (#396044) 2025-04-10 16:34:27 -07:00
Sandro 28a43ce6ba
baikal: init at 0.10.1 (#370473) 2025-04-11 00:54:14 +02:00
Alexander Sieg 4bc3f43923
nixos/dependency-track: fix nginx config for frontend 
Apparend I fell for some browser cache when implementing this in the
first place. This patch is based on the upstream nginx config.

5f318aca10/docker/etc/nginx/templates/default.conf.template
 2025-04-10 12:24:29 +02:00
Wolfgang Walther d62c14f5d1
nixos/postgres-websockets: init 2025-04-10 10:12:27 +02:00
nixpkgs-ci[bot] 51a06fbd76
Merge master into staging-next 2025-04-10 00:15:39 +00:00
Nick Cao e6c6c067ae
nixos/bluetooth: fix restartIfChanged (#397210) 2025-04-09 18:57:36 -04:00
Adam C. Stephens 1331f7a9b0
kanidm-provision: 1.1.2 -> 1.2.0, modernize (#397130) 2025-04-09 18:52:50 -04:00
nixpkgs-ci[bot] 8f2115b302
Merge master into staging-next 2025-04-09 18:05:15 +00:00
Sandro 3e0b5e80af
nixos/restic: escape variables in wrapper script (#395005) 2025-04-09 18:07:09 +02:00
nixpkgs-ci[bot] b66e31c26a
Merge master into staging-next 2025-04-09 16:04:15 +00:00
Defelo 3ae07e6d12
nixos/whoami: init module 2025-04-09 16:51:04 +02:00
Adam C. Stephens f2200ca6ee
nixos/anubis: init module (#392018) 2025-04-09 09:23:35 -04:00
K900 c41ad742f6 Merge remote-tracking branch 'origin/master' into staging-next 2025-04-09 15:31:47 +03:00
Franz Pletz 70f67d28f7
nixos/virtualisation: add contents setting to googleComputeImage (#393749) 2025-04-09 13:55:55 +02:00
Franz Pletz a59452010b
nixos/nginx: fix mkDefaultListenVhost mapping for unix sockets (#371561) 2025-04-09 13:45:02 +02:00
wrvsrx 30fe7315db
nixos/baikal: add it 2025-04-09 18:16:20 +08:00
Arne Keller fb8cc8c444
lavalink: init at 4.0.8; nixos/lavalink: init (#344687) 2025-04-09 10:26:09 +02:00
nixpkgs-ci[bot] c245ddff1e
Merge master into staging-next 2025-04-09 06:05:14 +00:00
Jörg Thalheim 8db5666df2 nixVersions: update nix-fallback-paths (2.24.14 -> 2.28.1) 2025-04-09 06:39:56 +02:00
Adam C. Stephens 79448d6a6e
nixos/zfs: add option to load pool credentials into kernel keyring (#324918) 2025-04-08 23:34:13 -04:00
nixpkgs-ci[bot] 6c98e107c7
Merge master into staging-next 2025-04-09 00:15:45 +00:00
Ivan Trubach bcd6066a34
centrifugo: 5.4.9 -> 6.1.0 (#396824) 2025-04-09 00:03:46 +03:00
Leona Maroni f2ebbabda0
discourse: 3.3.2 -> 3.4.2 
https://meta.discourse.org/t/3-3-3-security-and-maintenance-release/343239
https://meta.discourse.org/t/3-3-4-security-and-maintenance-release/349301
https://blog.discourse.org/2025/02/unpacking-discourse-3-4/
https://meta.discourse.org/t/3-4-1-bug-fix-and-ux-release/353247
https://meta.discourse.org/t/3-4-2-security-and-bug-fix-release/358152
 2025-04-08 22:56:45 +02:00
Sandro 96fb883ec4
nixos/bluetooth: fix restartIfChanged 
X-RestartIfChanged must be in the Service section, not in Unit and we also have a shortcut for that.

8cc0451ead/nixos/lib/systemd-lib.nix (L796)
 2025-04-08 22:22:12 +02:00
Sandro Jäckel b760ece2bf
nixos/gancio: fix all defaultText 
Otherwise they don't make much context when seen in docs outside of the module
 2025-04-08 21:30:45 +02:00
Sandro Jäckel 79178cc661
nixos/gancio: exec into configured user with cli 2025-04-08 21:30:42 +02:00
Sandro Jäckel 57818dff0a
nixos/gancio: add missing quotes to cli command, remove erroneous dash 2025-04-08 21:29:14 +02:00
nanoyaki 8204df50e6 nixos/lavalink: init 2025-04-08 20:40:15 +02:00
nixpkgs-ci[bot] a72dfbca8f
Merge master into staging-next 2025-04-08 18:04:25 +00:00
Defelo 32dd44ab11
kanidm-provision: 1.1.2 -> 1.2.0 2025-04-08 17:39:43 +02:00
Seth Flynn 43f7128bbe
nixos/reposilite: init module (#381197) 2025-04-08 11:07:36 -04:00
Sandro 44aa0e9d64
nixos/cfssl: Add Disable Option (#393943) 2025-04-08 14:40:24 +02:00
Vincent Breitmoser ffcc12d192 centrifugo: add release note and assertion for compatibility 2025-04-08 14:21:46 +02:00
nixpkgs-ci[bot] 85c8cd8e7a
Merge master into staging-next 2025-04-08 12:06:25 +00:00
Sandro 483845fc2e
nixos/syncoid: allow interval to be list of strings (#344355) 2025-04-08 13:01:48 +02:00
Adam Chance 38f2ca6b80 nixos/virtualisation: add contents setting to googleComputeImage 
Allow placing files and directories in the image
 2025-04-08 11:33:50 +01:00
K900 d121800fdb Merge remote-tracking branch 'origin/master' into staging-next 2025-04-08 12:44:34 +03:00
Bruno BELANYI 15072f38a7
nixos/homebox: add 'database.createLocally' (#396915) 2025-04-08 10:33:18 +01:00
liberodark 4392f03db7 nixos/cfssl: Add Disable Option 2025-04-08 11:06:30 +02:00
Jairo Llopis e2b65c0239
nixos/tzupdate: make enabled module actually be enabled 
Without this fix, when setting `services.tzupdate.enable = true`, the service would never run automatically.

Now, it's actually enabled in systemd and it actually gets executed.

Still, it could be improved with a timer as explained in https://github.com/NixOS/nixpkgs/issues/127984#issuecomment-2512059143, but this makes it at least work out of the box when rebooting the system.
 2025-04-08 07:35:10 +01:00
K900 0842b11f2b Merge remote-tracking branch 'origin/master' into staging-next 2025-04-08 09:29:48 +03:00
Tristan Ross 3789fbc4fc
nixos/nebula: add CAP_NET_BIND_SERVICE when lighthouse node serves DNS (#353665) 2025-04-07 17:27:03 -07:00
Nick Cao 5051c4651e
nxios/cyrus-imap: fix cyrus-imap certs options (#392716) 2025-04-07 20:01:10 -04:00
Bruno BELANYI 9c09962137 nixos/homebox: add 'database.createLocally' 2025-04-07 22:19:57 +01:00
Bruno BELANYI 2830bf83f8 nixos/homebox: remove 'network.target' dependency 2025-04-07 21:31:52 +01:00
Bruno BELANYI 4ae49051cb nixos/homebox: allow using UNIX sockets 
This is necessary to use PostgreSQL with a local socket.
 2025-04-07 21:27:16 +01:00
Leon Schuermann 71967c47e5 nixos/syncoid: allow interval to be list of strings 
The syncoid module generates systemd services with a `startAt` config
based on its `interval` value. However, it is currently not possible
to completely disable this timer, or set multiple `startAt` values.

By accepting the same types that `systemd.services.<name>.startAt`
accepts, we can disable generating a timer unit or set multiple
`startAt` timers.
 2025-04-07 16:11:21 -04:00
6543 2ab1f218fb nixos/services.mysql: fix galeraCluster.clusterAddress is evaluated before assertions are checked 2025-04-07 21:04:44 +02:00
K900 b3146d4446 Merge remote-tracking branch 'origin/master' into staging-next 2025-04-07 21:21:10 +03:00
Tristan Ross 77f77a046a
mattermost: 9.11.11 -> 10.5.2; use formats.json; squash systemd-tmpfiles warning (#376838) 2025-04-07 10:27:15 -07:00
K900 a79bd4968a
amnezia-vpn: fix openvpn; refactor install and fixup (#394130) 2025-04-07 18:46:32 +03:00
Arne Keller 0bd982a343
agnos: init at 0.1.0, nixos/agnos: init (#351678) 2025-04-07 16:21:00 +02:00
Jörg Thalheim ae8f07e1dd nixVersions.nix_2_24: 2.24.13 -> 2.24.14 
Diff: https://github.com/NixOS/nix/compare/2.24.13...2.24.14
 2025-04-07 12:36:38 +02:00
hotburger f6885105e9
nixos/restic: escape settings in wrapper script 2025-04-07 03:21:40 -07:00
phaer 8bdc44ec9a gce-images: drop 
It's hopefully out-dated, "latest" release points to 20.09 and no
in-tree usage could be found. Feel free to update and re-introduce if
needed.
 2025-04-07 11:22:52 +02:00
K900 74d5b70eb2 Merge remote-tracking branch 'origin/master' into staging-next 2025-04-07 09:36:05 +03:00
Adam Chance 2e4a752669 cosmic-comp: remove useXWayland option 2025-04-07 09:38:07 +05:30
K900 0394516316 Merge remote-tracking branch 'origin/master' into staging-next 2025-04-06 22:38:41 +03:00
Sandro cf46302e9a
nixos/modules: fix part-db package (#388313) 2025-04-06 20:52:00 +02:00
nixpkgs-ci[bot] 4c9d1fab5f
Merge master into staging-next 2025-04-06 18:04:14 +00:00
Gabriella Gonzalez 1a01e367f6 nixos/bash: Reset title bar when logging out of remote NixOS system 
This fixes an issue where the title bar is permanently clobbered when
you SSH into a remote NixOS system and then log out.  The solution is
to reset the title bar upon logout.
 2025-04-06 09:57:48 -07:00
Gabriella Gonzalez b1bcd7acba nixos/bash: Add support for /etc/bash_logout 
This adds a new `programs.bash.logout` option which configures the Bash
logout script.

Carefully note that the stock Bash does not support a global logout
script and only supports user-local logout scripts in `~/.bash_logout`.
However, Nixpkgs patches Bash to support a global `/etc/bash_logout`
script here:

ee0fecd318/pkgs/shells/bash/5.nix (L48)

… and the `programs.bash.logout` option configures that logout script.
 2025-04-06 09:57:48 -07:00
Justinas Stankevicius 7757648f82 nixos/agnos: init 2025-04-06 19:53:26 +03:00
Pol Dellaiera 81e3810967
treewide: remove azahi from maintainers (#396543) 2025-04-06 16:06:24 +02:00
Bruno BELANYI ce4166636b
homebox: 0.17.0 -> 0.18.0; nixos/homebox: update defaults (#388655) 2025-04-06 14:38:36 +01:00
azahi 5f25aceff5
treewide: remove azahi from maintainers 2025-04-06 15:09:19 +03:00
Nguyễn Gia Phong baf2d3e27f
nixos/maddy: add package option 2025-04-06 20:20:18 +09:00
nixpkgs-ci[bot] 9760071a02
Merge master into staging-next 2025-04-06 10:40:20 +00:00
Gaétan Lepage d433b18c1f
navidrome: create music folder with systemd.tmpfiles (#385295) 2025-04-06 10:56:20 +02:00
K900 05bc93a58a Merge remote-tracking branch 'origin/master' into staging-next 2025-04-06 11:20:16 +03:00
Leona Maroni cfc266b7e3
nixos/bird-lg: Remove deprecation warnings (#394010) 2025-04-06 09:59:29 +02:00
Doron Behar 342589fe02
nixos/taskchampion-sync-server: fix start failure (#396478) 2025-04-06 08:47:52 +03:00
municorn badd9d1a70
nixos/taskchampion-sync-server: add host option, fix ExecStart 
fixes the command line arguments for taskchampion-sync-server, also adding a new `host` option. fixes the corresponding test as well.
 2025-04-05 22:09:44 -06:00
6543 cac3bdab21
nixos/services.mysql: add galera cluster options (#388978) 
And add release notes for new option.

Co-authored-by: Arne Keller <arne.keller@posteo.de>
 2025-04-06 00:26:06 +02:00
Cassie Cheung cadf4cfc83
nixos/anubis: init module 2025-04-05 21:48:39 +08:00
Louis Opter 9d3a171dbf nixos/containers: fix shell error when privateUsers=no 
Details in #387773.
 2025-04-05 00:36:42 +00:00
nixpkgs-ci[bot] 1cb902e7f0
Merge master into staging-next 2025-04-05 00:15:16 +00:00
Adam C. Stephens 017583d659
incus: build and expose documentation (#395767) 2025-04-04 17:41:33 -04:00
Hugo Lageneste 1599c37a6b nixos/luksroot: remove useless $new_k_luks 
Remove the variable new_k_luks used only once in the code.
 2025-04-04 23:39:29 +02:00
Gaétan Lepage e39c279136
nixos/cosmic-greeter: add autologin support (#395741) 2025-04-04 22:11:54 +02:00
K900 79542ad7f3 Merge remote-tracking branch 'origin/master' into staging-next 2025-04-04 21:11:09 +03:00
Marcus Ramberg f3cfb1c5ff
nixos/pocket-id: init, pocket-id: init at 0.45.0 (#381867) 2025-04-04 20:04:47 +02:00
Sandro 1e01c30c27
nixos/paperless: mirror upstream admin user creation more closely (#367545) 2025-04-04 17:40:03 +02:00
Sandro Jäckel 7afa349ea8
nixos/paperless: mirror upstream admin user creation more closely 
Closes #249767

Before we only created the admin user when passwordFile was set.
Now it is possible to set PAPERLESS_ADMIN_USER and
PAPERLESS_ADMIN_PASSWORD directly to create the admin user, like in the
upstream Docker image.
 2025-04-04 17:22:31 +02:00
Austin Horstman 410e151ba4
hardware.bluetooth: fix configuration directory mode 
bluetooth.service: ConfigurationDirectory 'bluetooth' already exists but
the mode is different. (File system: 755 ConfigurationDirectoryMode:
555)
 2025-04-04 08:59:53 -05:00
Weijia Wang 999d6cd51c
nixos/archtika: fix module and package (#392678) 2025-04-04 14:52:59 +02:00
Domen Kožar 62f8086f7b
paretosecurity: 0.0.96 -> 0.1.3 (#395837) 2025-04-04 13:49:37 +01:00
Sandro 0c696e3759
nixos/vaultwarden: relax hardening when using sendmail (#384580) 2025-04-04 14:48:02 +02:00
Neyts Zupan 3c6b1cf6f6 paretosecurity: 0.0.96 -> 0.1.3 
Also:
 * Fix PATH for systemd services
 * Make UI tests faster and more robust by setting low resolution
 2025-04-04 13:25:30 +01:00
nixpkgs-ci[bot] 0fe8d07ae9
Merge master into staging-next 2025-04-04 12:06:06 +00:00
Sandro Jäckel ed26b7b0c3
nixos/onlyoffice: misc cleanup 2025-04-04 11:37:33 +02:00
Pol Dellaiera 068a5dea67
prometheus-ecoflow-exporter: init ecoflow nixos module integration (#395428) 2025-04-04 11:24:56 +02:00
Pol Dellaiera 6585c0a522
prometheus-tibber-exporter: init tibber nixos module integration (#395393) 2025-04-04 11:24:30 +02:00
Pol Dellaiera a9899b4c8f
nixos/glance: fix broken server stats (#395859) 2025-04-04 11:23:17 +02:00
MunsMan 2728be7c31 nixos/glance: fix broken server stats 2025-04-04 10:43:13 +02:00
uku dfaad22261
nixos/reposilite: init module 2025-04-04 09:46:24 +02:00
PAEPCKE, Michael 72857eab9f
prometheus-tibber-exporter: init tibber nixos module integration 2025-04-04 07:19:56 +00:00
PAEPCKE, Michael 979caf8f05
prometheus-ecoflow-exporter: init ecoflow nixos module integration 2025-04-04 07:18:40 +00:00
nixpkgs-ci[bot] 7697340a31
Merge master into staging-next 2025-04-04 06:05:04 +00:00
7c6f434c 8d47959e22
x2t: init at 8.3.2 (#338794) 2025-04-04 04:46:52 +00:00
John Titor 30736fc47b nixos/amdvlk: enable 32 bit drivers properly 
Closes https://github.com/NixOS/nixpkgs/issues/395087

Signed-off-by: John Titor <50095635+JohnRTitor@users.noreply.github.com>
 2025-04-04 08:52:46 +05:30
nixpkgs-ci[bot] 276f9ec976
Merge master into staging-next 2025-04-04 00:15:35 +00:00
Florian Klink e9e9e07548
nixos/movim: remove useless xargs script call (#395727) 2025-04-04 00:21:00 +01:00
Shawn8901 9a1d8f09cf zfs: add option to use kernel keyring for encryption credentials 2025-04-03 22:57:06 +02:00
Bert Proesmans 4c02c43a42 nixos/nginx: fix mkDefaultListenVhost mapping for unix sockets 2025-04-03 19:57:26 +00:00
Pol Dellaiera 03bf44b9ea
nixos/freenet: refactor, migrate to runTest (#391886) 2025-04-03 21:03:40 +02:00
Florian Klink e9a9de1735
nixos/movim: H2O support, H2O + Ejabberd + runTest (#385040) 2025-04-03 19:51:51 +01:00
Arnout Engelen ea0b776f71
x2t: init at 8.3.2 2025-04-03 20:08:48 +02:00
nixpkgs-ci[bot] e739bdf527
Merge staging-next into staging 2025-04-03 18:05:52 +00:00
Adam C. Stephens 21197daa39
incus: build and expose documentation 2025-04-03 16:00:08 +00:00
Piotr Kwiecinski d96daf7fdd
nixos/agorakit: add phpPackage option and pass it to fpm pool 2025-04-03 16:36:28 +02:00
Pol Dellaiera 2bfc080955
nixos/monica: add phpPackage option and pass it to phpfpm pool (#395761) 2025-04-03 16:08:01 +02:00
Sandro 0a124d5554
nixos/gancio: add sendmail to path, make cli easier to use (#395737) 2025-04-03 15:56:51 +02:00
Piotr Kwiecinski 1db72d9afc
nixos/monica: add phpPackage option and pass it to phpfpm pool 
fixes nixosTests.monica failure
 2025-04-03 15:52:08 +02:00
Pol Dellaiera 8ecbe4aa37
nixos/docling-serve: update environment variables (#395732) 2025-04-03 14:30:15 +02:00
Sandro Jäckel 052423a7e9
nixos/gancio: add sendmail to path 2025-04-03 14:16:02 +02:00
Sandro Jäckel c5eb4441b9
nixos/gancio: make cli easier to use 2025-04-03 14:16:02 +02:00
Pol Dellaiera d62fd5fa6c nixos/docling-serve: update environment variables 2025-04-03 14:14:39 +02:00
nixpkgs-ci[bot] 51d40a0f08
Merge staging-next into staging 2025-04-03 12:06:39 +00:00
Pratham Patel e51150d79d
nixos/cosmic-greeter: add autologin support 2025-04-03 17:28:23 +05:30
โทสฺตัล b556798f65 nixos/movim: remove useless xargs script call 
xargs templating already covers this
 2025-04-03 18:16:00 +07:00
Jörg Thalheim 8733895ca1
nixos/k3s: replace deprecated --no-deploy flag in option description (#395708) 2025-04-03 11:45:41 +02:00
Sandro 73f9f027b6
nixos/dhcpcd: fix typo in documentation (#395697) 2025-04-03 11:06:44 +02:00
Robert Rose e77d893ef4 nixos/k3s: replace deprecated --no-deploy flag in option description 2025-04-03 11:01:47 +02:00
jopejoe1 daf56b64ff
nixos/kanidm: don't set RUST_LOG in systemd service (#394964) 2025-04-03 10:57:36 +02:00
jopejoe1 c45ef5ee28
znapzend: use system's zfs package (#395479) 2025-04-03 10:25:35 +02:00
Daniel Nagy 0604d0aedd
nixos/freenet: refactor 2025-04-03 10:15:00 +02:00
Vojtěch Káně b25b9e656a nixos/dhcpcd: fix typo in documentation 
The manpage of dhcpcd says:

>If any interface reports a working carrier then dhcpcd will try to
>obtain a lease before forking to the background, otherwise it will fork
>right away.
 2025-04-03 10:10:37 +02:00
Gutyina Gergő 01be6580d3
nixos/pocket-id: init 
Co-authored-by: ymstnt <21342713+YMSTNT@users.noreply.github.com>
 2025-04-03 09:26:57 +02:00
Maximilian Staab bef6e42242 nixos/evcc: allow avahi discovery of eebus devices 
required for some wallboxes
 2025-04-03 09:17:47 +02:00
Arne Keller 9da6c7332e
nixos/bees: sync service configuration with upstream (#348054) 2025-04-03 08:24:44 +02:00
K900 30830c6791 Merge remote-tracking branch 'origin/staging-next' into staging 2025-04-03 09:16:43 +03:00
Alois Wohlschlager 71204983bd
nixos/bees: use the upstream service file 
Instead of duplicating the options from the upstream service file and letting
them get out of sync, use the file directly and only configure the needed
overrides. In particular, the upstream improvements include the mounts not
being globally visible any more, so they can't be used for bypassing nosuid and
the like, and the custom cleanup script that performed the unmount becomes
unnecessary.
 2025-04-03 06:52:49 +02:00
Emily 8159a40eef
nixos/grafana-agent: remove (#395514) 2025-04-03 00:28:13 +02:00
Gaétan Lepage eb11ce28e3
nixos/cosmic[-greeter]: minor corrections (#395521) 2025-04-02 23:28:34 +02:00
Nick Cao a084e920e0
ocis_5-bin: rename from ocis-bin (#394598) 2025-04-02 16:56:09 -04:00
Florian Klink 28b1639d57 nixos/grafana-agent: remove 
As described in https://github.com/NixOS/nixpkgs/pull/394017,
grafana-agent does not build with Go 1.23 anymore, and Go 1.22 has been
removed.

grafana-agent has been deprecated by Grafana (in favour of Grafana
Alloy), and will be EOL on 2025-11-01, which would be part of the
upcoming 25.05 release.

Instead of leaving us with a broken package, drop it alltogether, and
add release notes.
 2025-04-02 21:45:31 +01:00
sund3RRR b4fc0f82bc amnezia-vpn: fix openvpn; refactor install and fixup 2025-04-02 23:22:46 +03:00
Gaetan Lepage c657d02c4f nixos/cosmic-greeter: minor corrections 2025-04-02 22:00:56 +02:00
โทสฺตัล 8a8b892cc1 nixos/movim: add H2O support + testing with ejabberd 2025-04-03 00:18:28 +07:00
โทสฺตัล 0d9a758f73 nixos/movim: cleanup Nginx option 2025-04-03 00:16:19 +07:00
โทสฺตัล b0f9f1c9f5 nixos/movim: refactor types (shouldn’t meaningfully change anything) 2025-04-03 00:16:18 +07:00
nixpkgs-ci[bot] d05ee1c1cb
Merge staging-next into staging 2025-04-02 16:38:11 +00:00
Silvan Mosberger e52d633a63 Merge remote-tracking branch 'upstream/staging-next' into staging 2025-04-02 18:30:54 +02:00
Felix Zieger 1bf74aee3c nixos/haven: init 2025-04-02 17:30:18 +02:00
Florian Klink d0b0e168c9
nixos/tmpfiles: properly escape argument option (#391318) 2025-04-02 15:52:08 +01:00
Domen Kožar 5897ff97e2
paretosecurity: 0.0.91 -> 0.0.96 (#393366) 2025-04-02 15:13:35 +01:00
Leonie Marcy Vack 2e0d0d6333 znapzend: use system's zfs package 2025-04-02 15:12:59 +02:00
Mikael Voss 045fbc389f
nixos/tmpfiles: properly escape argument option 
The systemd.tmpfiles.settings.<name>.<path>.<type>.argument option may
contain arbitrary strings. This could allow intentional or unintentional
introduction of new configuration lines.

The argument field cannot be quoted, C‐style \xNN escape sequences are
however permitted. By escaping whitespace and newline characters, the
issue can be mitigated.
 2025-04-02 13:23:42 +02:00
Maximilian Bosch c8274e56b8
Merge: nixos/nextcloud: check if ownership of datadir and config is correct (#379581) 2025-04-02 10:51:55 +02:00
โทสฺตัล 7554581474 nixos/h2o: enable HTTP/3 via QUIC 2025-04-02 15:11:53 +07:00
โทสฺตัล 301581e073 nixos/h2o: typo 2025-04-02 15:11:53 +07:00
Florian Klink 2b0e0a9fd4
nixos/h2o: disable OCSP stapling w/ Let’s Encrypt (support sunset) (#393765) 2025-04-02 09:10:42 +01:00
Maximilian Bosch 39dcdc5c9b
nixos/nextcloud: check if ownership of config is correct 
Follow-up on #169733

For `data`, Nextcloud checks on its own if everything is readable.
However, for `config` it's crucial that the ownership is actually
correct: otherwise, systemd-tmpfiles will refuse any operations inside
because of unsafe path transitions.

This can result in a subtly broken setup by the `override.config.php`
not being updated, but also not part of the system closure anymore
(another override.config.php is referenced now) which means it'll be
GCed eventually even though Nextcloud relies on it.

If this precondition is not met, the following error will be printed:

    nextcloud-setup-start[972]: /var/lib/nextcloud/config is not owned by user 'nextcloud'!
    nextcloud-setup-start[972]: Please check the logs via 'journalctl -u systemd-tmpfiles-setup'
    nextcloud-setup-start[972]: and make sure there are no unsafe path transitions.
    nextcloud-setup-start[972]: (https://nixos.org/manual/nixos/stable/#module-services-nextcloud-pitfalls-during-upgrade)
 2025-04-02 09:30:17 +02:00
misuzu 0f4487251d
strfry: init at 1.0.4, nixos/strfry: init (#385587) 2025-04-02 10:13:41 +03:00
Morgan Jones 9f23ed6644
nixos/mattermost: increase db connect timeouts 2025-04-01 22:17:57 -07:00
Morgan Jones ea485e1207
mattermost: squash systemd-tmpfiles warning (+ other minor fixes) 
There was a systemd-tmpfiles warning about not being able to remove the
'plugins' directory. Squash this warning through removal of unnecessary
systemd-tmpfiles options, and write a test for it.

Add the {option}`services.mattermost.pluginsBundle` option to allow
overriding the plugin directory and also using it for tests. Update
wording in option documentation so it is more clear.

Use formats.json instead of builtins.toJSON so module merging works.

Make the tests go faster by pipelining shutdowns of nodes.
 2025-04-01 19:20:48 -07:00
Felix Zieger dfd82bf3e5 nixos/strfry: init 2025-04-01 23:20:15 +02:00
Pol Dellaiera 25264d105d nixos/docling-serve: init 2025-04-01 21:42:53 +02:00
K900 30edc74585 Merge remote-tracking branch 'origin/staging-next' into staging 2025-04-01 21:12:38 +03:00
Silvan Mosberger 374e6bcc40 treewide: Format all Nix files 
Format all Nix files using the officially approved formatter,
making the CI check introduced in the previous commit succeed:

  nix-build ci -A fmt.check

This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153)
of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166).

This commit will lead to merge conflicts for a number of PRs,
up to an estimated ~1100 (~33%) among the PRs with activity in the past 2
months, but that should be lower than what it would be without the previous
[partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537).

Merge conflicts caused by this commit can now automatically be resolved while rebasing using the
[auto-rebase script](8616af08d9/maintainers/scripts/auto-rebase).

If you run into any problems regarding any of this, please reach out to the
[formatting team](https://nixos.org/community/teams/formatting/) by
pinging @NixOS/nix-formatting.
 2025-04-01 20:10:43 +02:00
Adam C. Stephens 62d611a22b
nixos/incus: add AppArmor rules (#386060) 2025-04-01 12:51:34 -04:00
Franz Pletz 82f0c74912
nixos/zoxide: init module (#393493) 2025-04-01 18:01:32 +02:00
Tanya Arora 8125d74e21
nixos/dnsmasq: Fix failure on read-only /etc when resolveLocalQueries=false (#391738) 2025-04-01 17:59:21 +02:00
K900 6408946263 Merge remote-tracking branch 'origin/staging-next' into staging 2025-04-01 16:56:46 +03:00
Pol Dellaiera a18002797a
nixos/navidrome: Add environmentFile config option (#389471) 2025-04-01 15:55:58 +02:00
Maximilian Bosch f20b220e17
Merge: nixos/nextcloud: add maintainer team, update docs about maintainership of apps (#393069) 2025-04-01 11:25:28 +02:00
John Titor 51dc163364 nixos/ananicy: re enable BPF on hardened kernels 
This was a workaround to begin with, as hardened kernel didn't support tracing.
Back then kernel level tracing was only available through debugfs, and now that
tracefs has been available on NixOS for a while now, enabled in
Link: https://github.com/NixOS/nixpkgs/pull/388751

This workaround can be removed and bpf can be used with tracefs.
Link: https://github.com/NixOS/nixpkgs/issues/360957

Signed-off-by: John Titor <50095635+JohnRTitor@users.noreply.github.com>
 2025-04-01 14:42:59 +05:30
Casey Link 2db95477f9 nixos/ocis: default to the newly renamed ocis-bin5 package 
And we are getting ready for ocis-bin7 to land, where we will need to
compare it to the system.stateVersion.
 2025-04-01 08:49:20 +02:00
K900 a6d5666400 Merge remote-tracking branch 'origin/staging-next' into staging 2025-04-01 08:39:50 +03:00
Jappie3 b40d9c82c1
nixos/kanidm: don't set RUST_LOG in systemd service 
setting RUST_LOG in the systemd service means that the
serverSettings.log_level option is pretty much useless, as RUST_LOG
takes precedence
 2025-03-31 19:34:06 +02:00
André Silva 64ee43c568
nixos/hyprland: fix call to wayland-session.nix (#394858) 2025-03-31 17:47:05 +01:00
Florian Klink e9b7593367
nixos/movim: Fix accidental append to module system property (#394861) 2025-03-31 16:38:51 +01:00
Arne Keller ee6d7cb213
nitter: 0-unstable-2024-02-26 -> 0-unstable-2025-02-25; nixos/nitter: rename guestAccounts to sessionsFile (#393028) 2025-03-31 17:16:30 +02:00
nixpkgs-ci[bot] 86e22e1e80
Merge staging-next into staging 2025-03-31 12:06:34 +00:00
Herwig Hochleitner 2107f032ab nixos/startx: remove graphical-session assertions 
this assertion broke gnome sessions in very hard to debug way:

- gdm starts, but on successful login just returns to login screen
- journalctl isn't exactly helpful in this condition:
  - a typical gnome login will involve many warnings and errors, that
    aren't actually preventing login, but will lead affected users
    on a merry chase for many hours
  - the actual indicators in the log arent't even an errors, only info and warning
    - graphical-session.target: Starting requested but asserts failed.
    - Assertion failed for Current graphical user session.

startx is a power tool for power users, needing a certain level of
expertise for the user to even want it, let alone use correctly.
However, the expectation is, that the necessary expertise will be
contained within the domain of startx and that it not break tools for
regular users.

This partially reverts commit e1c3082085.
 2025-03-31 11:58:09 +01:00
Robert Hensing e12690d530 nixos/movim: Fix accidental append to module system property 2025-03-31 12:24:22 +02:00
André Silva 09879a452b
nixos/hyprland: fix call to wayland-session.nix 2025-03-31 11:15:31 +01:00
Pratham Patel cd795fd3f0 nixos/modules: cosmic: init 2025-03-31 15:28:55 +05:30
Pratham Patel cd85a8a827 nixos/modules: cosmic-greeter: init 2025-03-31 15:28:55 +05:30
Wolfgang Walther 899c3986e7
nixos/postgrest: init module (#394041) 2025-03-31 07:20:43 +00:00
nixpkgs-ci[bot] cea056bb01
Merge staging-next into staging 2025-03-31 06:06:14 +00:00
Austin Horstman f62c664b16
qt: add "kde6" to qt.platformTheme (#384669) 2025-03-31 00:00:31 -05:00
Adam C. Stephens 11e4741be7
incus: 6.10.1 -> 6.11.0 (#394108) 2025-03-30 21:20:03 -04:00
nixpkgs-ci[bot] 34600d0052
Merge staging-next into staging 2025-03-31 00:17:08 +00:00
Maximilian Bosch 97d215cf17
Merge: php: 8.3 -> 8.4 (#394112) 2025-03-30 22:54:31 +02:00
Pol Dellaiera 35bb79372d
prometheus-chrony-exporter: init chrony nixos module (#394575) 2025-03-30 22:30:21 +02:00
Arne Keller fd9f17ef49
nixos/filesystems: init bindfs (#337697) 2025-03-30 22:10:57 +02:00
Seth Flynn 53b589567a
nixos/wayland-session: fix conflicts between users (#390168) 2025-03-30 16:09:54 -04:00
Seth Flynn 4df2726a5c
nixos/wayland-session: fix conflicts between users 2025-03-30 15:37:15 -04:00
Sokhibjon Orzikulov 20396156cb
e-imzo: initialize module 
e-imzo: (fix, to be squashed) formatted accordingly using `nixfmt`
e-imzo: (fix, to be squashed) removed lib from options by @ FliegendeWurst
e-imzo: (fix, to be squashed) use lib.getExe as mainProgram is defined by @FliegendeWurst
e-imzo: (fix, to be squashed) formatted with `nixfmt-rfc-style` suggestion by @FliegendeWurst
Co-Authored-By: Arne Keller <arne.keller@posteo.de>
 2025-03-30 22:46:33 +05:00
Nico Felbinger 7dc56449ad
nixos/modules: fix part-db package 2025-03-30 15:20:13 +02:00
Wolfgang Walther 064432a519
nixos/postgrest: init module 2025-03-30 14:24:16 +02:00
nixpkgs-ci[bot] ed9f389a51
Merge staging-next into staging 2025-03-30 12:06:19 +00:00
PAEPCKE, Michael cdb80c1f44
prometheus-exporter: init chrony module 2025-03-30 11:14:30 +00:00
Jonas Heinrich 8d69e1faae
nixos/wordpress: Use https by default for caddy (#375375) 2025-03-30 10:31:52 +02:00
nixpkgs-ci[bot] 03db8f9dcb
Merge staging-next into staging 2025-03-30 00:17:21 +00:00
Maximilian Bosch 65121c9333
Merge: nextcloud-occ: work with sudo disabled (#380211) 2025-03-29 23:25:45 +01:00
Daniel Xu f1c4d339a5 nixos/wordpress: Use https by default for caddy 
Previously, `http://` scheme was hard coded into the caddy config if
`webserver = "caddy"` was chosen. This is fine for local testing, but is
problematic if you want your nixos host to be public facing.

In the public facing case, you generally want to be using TLS. But since
the wordpress module generates the caddyfile rule, the user's nixos
config cannot easily change it to also allow https.

An alternative would be to reverse proxy an https rule to the generated
http rule, but that's somewhat questionable as there's not an internal
http endpoint to proxy to. It might be possible but I couldn't figure
it out.

So simplify by omitting the scheme. This causes caddy to use https by
default and 301 redirect any http requests to the https endpoint. Caddy
will just do the right thing if it's being hosted on a local/internal
hostname (self sign certificates).

This should be backwards compatible with previous default if users are
using reasonable browsers/tools.

Signed-off-by: Daniel Xu <dxu@dxuuu.xyz>
 2025-03-29 15:10:35 -06:00
Bruno BELANYI 8fb60c58dd
calibre-web: fix ebook conversion missing config_binariesdir setting (#366642) 2025-03-29 20:08:35 +00:00
Pol Dellaiera 0ef31de6ea
monica: pin php version to 8.3 (#394415) 2025-03-29 20:12:16 +01:00
Pol Dellaiera f79c218ea5
icingaweb2: pin php version to 8.3 (#394399) 2025-03-29 20:11:29 +01:00
Maximilian Bosch b88fdf622c
Merge: nixos/dolibarr: pin php version (to 8.3) (#394153) 2025-03-29 20:11:04 +01:00
Pol Dellaiera 6945312759
agorakit: pin php version to 8.2 (#394410) 2025-03-29 20:10:33 +01:00
Piotr Kwiecinski 69c26f338b
monica: pin php version to 8.3 2025-03-29 20:07:31 +01:00
Piotr Kwiecinski ab3b601d88
rutorrent: pin php version to 8.2 2025-03-29 20:00:27 +01:00
Piotr Kwiecinski bafb6848e7
agorakit: pin php version to 8.2 2025-03-29 19:44:20 +01:00
Piotr Kwiecinski 15d0312a8a
icingaweb2: pin php version to 8.3 2025-03-29 19:25:44 +01:00
Gaetan Lepage 605ed28375 nixos/dolibarr: pin php version (to 8.3) 2025-03-29 13:32:10 +01:00
nixpkgs-ci[bot] 02e075f1a7
Merge staging-next into staging 2025-03-29 12:06:10 +00:00
K900 4b2bc4c4d7
nixos/k3b: remove, refer users to k3b 24.08 (Qt 6) (#351093) 2025-03-29 14:12:02 +03:00
K900 b5be581efe Merge remote-tracking branch 'origin/staging-next' into staging 2025-03-29 09:07:13 +03:00
โทสฺตัล 7c8b3c88bb nixos/h2o: rename certNames → acmeCertNames 
We are in agreement ðis improves the naming clarity
 2025-03-29 12:31:46 +07:00
โทสฺตัล 0c67557015 nixos/h2o: disable OCSP stapling w/ Let’s Encrypt (support sunset) 
It was noted in the TLS recommendations comment, but it actually should
be disabled everywhere if ACME is used as H2O has in enabled by default.

More info: <https://letsencrypt.org/2024/12/05/ending-ocsp/>
 2025-03-29 12:31:46 +07:00
Ryan Hendrickson 800863744b
nixos/geoclue2: add options for static source (#392257) 2025-03-28 21:10:22 -04:00
nixpkgs-ci[bot] 8c63a3f00d
Merge staging-next into staging 2025-03-29 00:15:41 +00:00
Maximilian Bosch 90a0f3874f
nixos/selfoss: pin to php83 
https://github.com/NixOS/nixpkgs/pull/394112#pullrequestreview-2726857849
 2025-03-28 22:46:39 +01:00
Adam C. Stephens 9ff6900615
incus: 6.10.1 -> 6.11.0 
https://discuss.linuxcontainers.org/t/incus-6-11-has-been-released/23322
https://github.com/lxc/incus/releases/tag/v6.11.0
 2025-03-28 16:58:33 -04:00
Izel Nakri d69fa4d3fb nixos/bitbox-bridge: init 
Signed-off-by: John Titor <50095635+JohnRTitor@users.noreply.github.com>
 2025-03-29 00:49:47 +05:30
nixpkgs-ci[bot] 66681a870f
Merge staging-next into staging 2025-03-28 18:06:07 +00:00
Maximilian Bosch 43fd8c10aa
Merge: nixos/nextcloud-notify_push: add nextcloud-setup (#392226) 2025-03-28 17:29:13 +01:00
e1mo 6764561f3e
nixos/bird-lg: Remove deprecation warnings 
The deprecation warning has been in place for quite some time now, so it
should be safe to get rid of it and clean the module up a bit.
 2025-03-28 14:49:05 +01:00
nixpkgs-ci[bot] d9eb3e5d48
Merge staging-next into staging 2025-03-28 12:06:30 +00:00
Maximilian Bosch 360cd99eed
Merge: nixos/doc: include extensions in postgresql upgrade script (#392831) 2025-03-28 10:33:00 +01:00
nixpkgs-ci[bot] 46157d4433
Merge staging-next into staging 2025-03-28 06:05:33 +00:00
Philip Taron ed221a5330
nixVersions.nix_2_24: 2.24.12 -> 2.24.13 (#393707) 2025-03-27 18:20:16 -07:00
nixpkgs-ci[bot] 3ed34914ea
Merge staging-next into staging 2025-03-28 00:15:57 +00:00
lassulus 3e7ce75dc1
jitsi-meet and prosody Added ownerallowkick patch and all_owners module (#155755) 2025-03-27 16:18:08 -07:00
Aaron Andersen caf5710825
redmine: 5.1.7 -> 6.0.4 (#355760) 2025-03-27 18:50:32 -04:00
Felix Bühler e34feb47b7
Revert "nixos/caddy: validate at build-time" (#393806) 2025-03-27 23:09:05 +01:00
Pol Dellaiera 952001e9bb
blocky: bugfix, add systemd hardening, log, adjust: startup targets (#388962) 2025-03-27 21:46:59 +01:00
Felix Buehler 3546e59acc Revert "nixos/caddy: validate at build-time" 
This reverts commit 63b6df42de.
 2025-03-27 20:25:54 +01:00
Jörg Thalheim 49a708c3f7 nix: update nix-fallback-paths to 2.24.13 2025-03-27 13:24:50 +01:00
nixpkgs-ci[bot] 9f7eb43375
Merge staging-next into staging 2025-03-27 12:07:01 +00:00
Aleksana f42205ed7f
xdg/portals/lxqt: Fix documentation string indent (#391909) 2025-03-27 18:52:23 +08:00
nixpkgs-ci[bot] 11a016be8f
Merge staging-next into staging 2025-03-27 06:05:43 +00:00
Aleksana b4ded625bd
nixos/environment: make {sessionV,v}ariables items nullable (#354186) 2025-03-27 10:10:31 +08:00
Peder Bergebakken Sundt a41310e269
nixos/code-server: recommend libargon2 over npx argon2-cli (#388640) 2025-03-27 01:19:37 +01:00
nixpkgs-ci[bot] 8ad49a1dc2
Merge staging-next into staging 2025-03-27 00:15:47 +00:00
Nick Cao c58cb4c034
Update Nvidia busid check (#388892) 2025-03-26 18:33:41 -04:00
Peder Bergebakken Sundt facba1f63a nixos/code-server: recommend libargon2 over npx argon2-cli 2025-03-26 23:09:55 +01:00
heisfer 825381d5ed nixos/zoxide: init module 2025-03-26 22:08:23 +02:00
Pol Dellaiera dd659174e0
nixos/bluetooth: add systemd hardening (#377927) 2025-03-26 20:32:54 +01:00