tobias/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-11-21 16:16:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
604140 commits 203 branches 75 tags 12 GiB
Commit graph

29955 commits

Author SHA1 Message Date
Leona Maroni 8817f080cc
nixos/vikunja: adapt for vikunja 0.23.0 
This version removes dedicated api and frontend packages.
 2024-02-20 22:43:53 +01:00
Rick van Schijndel e5e1de76b7
Merge pull request #281058 from wineee/fi 
deepin: don't install packages using freeimage by default
 2024-02-20 20:27:47 +01:00
github-actions[bot] 999dc2b653
Merge master into staging-next 2024-02-20 18:01:22 +00:00
Sandro d9bc710130
Merge pull request #289754 from chewblacka/nixos/atuin-add-package-option 2024-02-20 14:11:14 +01:00
github-actions[bot] 13988f8414
Merge master into staging-next 2024-02-20 12:01:07 +00:00
Florian Klink 8b025e80dc
Merge pull request #288690 from maralorn/drop-unused-fs-binding 
nixos: Drop unused variable in systemd/initrd.nix
 2024-02-20 14:12:58 +07:00
github-actions[bot] ba5eeff4f5
Merge master into staging-next 2024-02-20 06:01:15 +00:00
Bobby Rong 931e2b8adc
Merge pull request #289788 from FedericoSchonborn/budgie-control-center-1.4.0 
budgie.budgie-control-center: 1.3.0 -> 1.4.0
 2024-02-20 12:43:23 +08:00
nikstur 1e1efbcf8c
Merge pull request #286956 from xaverdh/overlay-etc-payload 
nixos/etc: fix wrong payload in build-composefs-dump
 2024-02-20 01:12:40 +01:00
Sandro Jäckel 191e258e6c
nixos/boot: move name overwrite to pkgs.aggregateModules to option 
Before there was a kernel modules path named kernel-modules which then got turned
into linux-X.X.XX-modules-shrunk. Now the unshrunk package is called linux-X.X.XX-modules
and gets turned into X.X.XX-modules-shrunk.
 2024-02-20 00:13:16 +01:00
Dominik Xaver Hörl 97d6166176 nixos/etc: fix payload in build-composefs-dump for the file case 2024-02-19 23:27:34 +01:00
Federico Damián Schonborn b9c8b27f89
nixos/budgie: Enable SSH socket support in BCC when needed 
Signed-off-by: Federico Damián Schonborn <federicoschonborn@disroot.org>
 2024-02-19 18:06:33 -03:00
github-actions[bot] 2d9ce4a9af
Merge master into staging-next 2024-02-19 18:01:11 +00:00
Adam C. Stephens f542eeb243
Merge pull request #289278 from mkg20001/incusui 
modules/incus: add ui flag
 2024-02-19 10:27:52 -05:00
Nick Cao 2da4adbd10
Merge pull request #289862 from maxbrunet/feat/automatic-timezoned/v2 
automatic-timezoned: 1.0.148 -> 2.0.0
 2024-02-19 09:42:42 -05:00
Sandro 30f71249a8
Merge pull request #285866 from 999eagle/feat/pgbouncer-systemd 2024-02-19 14:42:01 +01:00
Sandro Jäckel 69f51e028a
ArchiSteamFarm,nixos/ArchiSteamFarm: take maintainership 
this is effectively already the case and I most updates in the last
months
 2024-02-19 13:25:57 +01:00
pennae 258b935d70 nixos/filesystems: make supportedFilesystems an attrset 
this lets us *dis*able filesystem explicitly, as is required by e.g. the
zfs-less installer images. currently that specifically is only easily
possible by adding an overlay that stubs out `zfs`, with the obvious
side-effect of also removing tooling that could run without the kernel
module loaded.
 2024-02-19 11:46:52 +01:00
github-actions[bot] b8e3b4bee5
Merge master into staging-next 2024-02-19 06:01:15 +00:00
budimanjojo fd3fa9f2d3
nixos/oci-containers: check if image exists locally before failing 
Signed-off-by: budimanjojo <budimanjojo@gmail.com>
 2024-02-19 10:38:26 +07:00
Sandro a332040396
Merge pull request #247668 from jtbx/nixos-teeworlds 
nixos/teeworlds: add more configuration options
 2024-02-19 02:51:04 +01:00
Lin Jian 2396cf1476
Merge pull request #289745 from linsui/yazi 
nixos/yazi: update document url
 2024-02-19 09:38:14 +08:00
Maxime Brunet 5c1c4c75f7 automatic-timezoned: 1.0.148 -> 2.0.0 2024-02-18 15:01:25 -08:00
Matt Moriarity bbad81f937 nixos/prometheus-nut-exporter: use extraFlags, add nutVariables option 2024-02-18 15:55:09 -07:00
John Garcia 7427bec3a7 nixos/atuin: add services.atuin.package option 2024-02-18 22:19:41 +00:00
Majiir Paktu 58a373809a nixos/systemd/initrd: follow init param symlinks 2024-02-18 14:57:12 -05:00
github-actions[bot] d076cde70c
Merge master into staging-next 2024-02-18 18:00:59 +00:00
Artturi dab023d0cc
Merge pull request #287257 from 999eagle/fix/hydra-pg-application-name 
nixos/hydra: use set-default in hydra-env wrapper package
 2024-02-18 17:21:53 +02:00
Aaron Andersen 0276bd7269
Merge pull request #288166 from Princemachiavelli/jhoffer/remove_fixed_mysql_timeout 
nixos/mysql: remove fixed timeout and use notify service type
 2024-02-18 09:13:46 -05:00
rasmus-kirk 9f2d51a4e7 nixos/transmission: fix log level bounds to match the transmission wiki 2024-02-18 23:45:10 +11:00
linsui 7e9402c7b9 nixos/yazi: update document url 2024-02-18 19:51:28 +08:00
adisbladis 3209343527 nixos/zope2: Remove module 
`zope2` is unmaintained and the module is relying on Python2.
 2024-02-18 17:48:24 +13:00
github-actions[bot] 2ad339408a
Merge staging-next into staging 2024-02-18 00:02:44 +00:00
Morgan Jones 32f56d7266
nixos/nebula: fix port resolution for firewall rules 2024-02-17 15:07:27 -08:00
Sandro 8f13ee7049
Merge pull request #179034 from viraptor/go-camo-service 
nixos/go-camo: init
 2024-02-17 22:12:13 +01:00
Sandro cf59adeb8c
Merge pull request #271324 from nessdoor/sourcehut/tests 
nixosTests.sourcehut: implement proper integration testing
 2024-02-17 20:58:22 +01:00
Sandro d12bb5b983
Merge pull request #213783 from SuperSandro2000/nox-vte 
nixos/vte: use vte without any GUI dependencies; nixos/no-x-libs: add vte
 2024-02-17 20:55:54 +01:00
Stanisław Pitucha 2eed715fbf
nixos/go-camo: init 2024-02-17 20:45:49 +01:00
github-actions[bot] 8bc9edd60d
Merge staging-next into staging 2024-02-17 18:01:24 +00:00
Kerstin cec6291925
Merge pull request #289353 from Izorkin/update-mastodon-redis 
nixos/mastodon: add option redis.passwordFile
 2024-02-17 17:04:12 +01:00
Maciej Krüger a6e237a86a
modules/incus: add ui flag 2024-02-17 16:49:32 +01:00
Rafael Fernández López fd464f0543
virtualisation/containers: add support for providing static CDI definitions 2024-02-17 16:34:12 +01:00
Jan Tojnar f896ce73af
Merge pull request #268197 from jtojnar/xdp-variable-changes 
xdg-desktop-portal: Use custom variable for finding portals
 2024-02-17 14:18:55 +01:00
Izorkin c1a97e1f49
nixos/mastodon: add option redis.passwordFile 2024-02-17 15:52:58 +03:00
Someone 5dec53ad28
Merge pull request #289401 from philiptaron/bolt 
nixos/bolt: add a services.hardware.bolt.package option
 2024-02-17 12:17:18 +00:00
github-actions[bot] e662338182
Merge staging-next into staging 2024-02-17 12:01:31 +00:00
jacekpoz 86abdfdf87 nixos/asusctl: add package option 2024-02-17 21:34:35 +11:00
Adam Stephens 1012b2a368 nixos/boot/kernel: add kernelPatches example of using kernel mailing list mbox url 2024-02-17 21:21:52 +11:00
github-actions[bot] 9b2d2d5403
Merge staging-next into staging 2024-02-17 06:01:44 +00:00
K900 b7efb1e376
Merge pull request #289331 from K900/greetd-restart-on-success 
nixos/greetd: only restart on success
 2024-02-17 08:39:45 +03:00
github-actions[bot] daaa4e1653
Merge staging-next into staging 2024-02-17 00:02:47 +00:00
Philip Taron ad029745ce
nixos/bolt: add a services.hardware.bolt.package option 
It just seems like good manners.
 2024-02-16 14:56:20 -08:00
Peder Bergebakken Sundt 513f2c6cf3
Merge pull request #251015 from TomaSajt/quark-goldleaf 
quark-goldleaf: init at 1.0.0
 2024-02-16 23:15:06 +01:00
Linus Heckemann 5863c27340
Merge pull request #287506 from Ma27/warn-user-password-options 
nixos/users-groups: warn on ambiguous password settings
 2024-02-16 22:20:38 +01:00
Sarah Brofeldt c267e823b7
Merge pull request #289227 from JorisBolsens/patch-3 
nixos/kubernetes: set k8 home permissions correctly
 2024-02-16 19:34:14 +01:00
Guy Boldon 0824756d05
coolercontrol.*: init at 1.1.1 2024-02-16 19:16:24 +01:00
github-actions[bot] 6d90f72388
Merge staging-next into staging 2024-02-16 18:01:48 +00:00
K900 56eb2542da nixos/greetd: only restart on success 
Otherwise, if the greeter/session crashes on startup, greetd enters a restart loop
that requires very precise timing to kill.
 2024-02-16 19:42:31 +03:00
Izorkin cf62e3257f
nixos/mastodon: redis now uses unix socket by default 2024-02-16 16:39:31 +03:00
Sandro 3eaa0bfc02
Merge pull request #284738 from Izorkin/update-pipewire 2024-02-16 13:34:10 +01:00
github-actions[bot] 2c4c233475
Merge staging-next into staging 2024-02-16 12:01:48 +00:00
WilliButz fbaf7446ec
nixos/boot.uki: add tries option for automatic boot assessment 
See https://uapi-group.org/specifications/specs/boot_loader_specification/#boot-counting
and https://systemd.io/AUTOMATIC_BOOT_ASSESSMENT/ .

Related to #284135.
 2024-02-16 11:31:40 +01:00
Maximilian Bosch f406c1d3f8
Merge pull request #289107 from lf-/jade/mkdefault-oomd 
nixos/systemd.oomd: set the memory pressure thresholds as mkDefault
 2024-02-16 10:46:47 +01:00
Izorkin 1293f046b5
nixos/dhcpcd: optimize exitHook 2024-02-16 10:12:52 +03:00
Joris Bolsens 81391bd22f nixos/kubernetes: set k8 home permissions correctly 2024-02-15 23:11:59 -08:00
Izorkin fdf77d10cb
nixos/no-x-libs: build pipewire without vulkan support 2024-02-16 09:21:00 +03:00
github-actions[bot] b84d283f08
Merge staging-next into staging 2024-02-16 00:02:45 +00:00
Sophie Tauchert f6278d4f6a
nixos/pgbouncer: fix openFirewall option 2024-02-15 21:42:27 +01:00
Sophie Tauchert b89cd583ae
nixos/pgbouncer: only depend on postgresql.service when enabled and use notify 
See also the upstream service file: e6ce619785/etc/pgbouncer.service
 2024-02-15 21:42:27 +01:00
Felix Bühler 60abd7c1f9
Merge pull request #288138 from ambroisie/tandoor-recipes-manage-script 
nixos/tandoor-recipes: improve manage script
 2024-02-15 20:26:03 +01:00
Felix Bühler 27f19c1efd
Merge pull request #288622 from Stunkymonkey/photoprism-manage-script 
nixos/photoprism: improve manage script
 2024-02-15 20:18:42 +01:00
github-actions[bot] 2035b66b68
Merge staging-next into staging 2024-02-15 18:01:39 +00:00
Jade Lovelace 5d1feba540 nixos/systemd.oomd: set the memory pressure thresholds as mkDefault 
These should be defaults as they're pretty reasonable to want to
override as a user. Unsure how to change the slice defaults to be
overridable, that should probably be a later conversation.
 2024-02-15 09:41:26 -08:00
Sarah Brofeldt ed0bc642b7
Merge pull request #288466 from JorisBolsens/patch-2 
nixos/kubernetes: don't delete the apitoken after its created
 2024-02-15 18:20:24 +01:00
Shea Levy 9188bb5186
OVMF: Add test with secure boot enabled 
Co-authored-by: Arthur Gautier <arthur.gautier@arista.com>
 2024-02-15 12:13:05 -05:00
Thomas 149fb601dd
nixos/tinyproxy: add quotes around the filter path 
Using already existing function
 2024-02-15 16:25:04 +01:00
github-actions[bot] 14262b89f6
Merge staging-next into staging 2024-02-15 12:01:37 +00:00
Jonas Chevalier c3ef726ee1
nixos/ldso: avoid instance of nixpkgs (#288509) 
Follow-up to #269551

Avoid creating a new instance of nixpkgs to access two variables.
`pkgs.pkgsi686Linux` was being accessed whenever the feature is being
used or not.

A second instance of nixpkgs is being created in
`nixos/modules/config/stub-ld.nix` and can be disabled by setting
`environment.ldso32 = null` or `environment.stub-ld.enable = false`.

Both combined fixes this error:

    error: attribute 'i686-linux' missing
 2024-02-15 13:01:03 +01:00
Vladimír Čunát aaca7a186f
Merge #286596: nixos/knot: add support for XDP setups 2024-02-15 09:19:59 +01:00
github-actions[bot] 604991674d
Merge staging-next into staging 2024-02-15 00:02:51 +00:00
Yt f13f90978a
Merge pull request #288638 from ThyMYthOS/update-stalwart 
stalwart-mail: fix default configuration and test
 2024-02-14 21:42:46 +00:00
github-actions[bot] fc96101774
Merge staging-next into staging 2024-02-14 18:01:42 +00:00
Michele Guerini Rocco f74d88a6f1
Merge pull request #281162 from kennycallado/master 
nixos/icewm: Update icewm start command
 2024-02-14 18:17:27 +01:00
maxine 8c8cc53769
Merge pull request #288531 from chewblacka/update-undervolt 
undervolt: 0.3.0 -> 0.4.0
 2024-02-14 17:30:53 +01:00
Michele Guerini Rocco cd02351ae0
Merge pull request #233017 from koenw/libreswan-StateDirectory 
nixos/libreswan: Use StateDirectory to setup ipsec/nss
 2024-02-14 14:36:43 +01:00
Michele Guerini Rocco c1f27ae1d3
Merge pull request #199515 from MangoIV/mangoiv/add-note-to-boot-initrd-secrets 
Add documentation for moved secrets in stage 1
 2024-02-14 14:35:04 +01:00
Michele Guerini Rocco bac2597d26
Merge pull request #270737 from bramd/brltty-6.6 
Update BRLTTY to 6.6
 2024-02-14 14:10:32 +01:00
Michele Guerini Rocco dc91f91987
Merge pull request #286393 from oddlama/fix-hostapd-utf8-ssid 
nixos/hostapd: fix utf8Ssid setting not properly honored
 2024-02-14 14:08:46 +01:00
Sandro eb76e99000
Merge pull request #288527 from K900/chromium-plasma-typo 2024-02-14 13:13:50 +01:00
github-actions[bot] b272934b4b
Merge staging-next into staging 2024-02-14 06:01:47 +00:00
maralorn 6634b86601 nixos: Drop unused variable in systemd/initrd.nix 2024-02-14 01:22:58 +01:00
Matt Leon c0846f900a
matter-server: add nixos service module 
New module to run the python-matter-server executable as a sandboxed
system service.
 2024-02-13 19:17:53 -05:00
github-actions[bot] 8bbfcea60e
Merge staging-next into staging 2024-02-14 00:02:43 +00:00
Jeremy e01eda6edd nixos/teeworlds: add more configuration options, revise 
- add 'package' option
- add 'game' and 'server' attrset
- reduce repetition by using functions bool and optionalSetting
- add default value for cfg.name
- revise some option descriptions
 2024-02-14 10:57:08 +13:00
Manuel Stahl cd8aad903c stalwart-mail: fix default configuration and test 2024-02-13 20:34:22 +01:00
emilylange 993083f0ab
nixos/garage: allow all available log levels in cfg.logLevel 
`error` and `warn` have always been valid log levels.
But because the upstream docs never mentioned those, we simply didn't
add them to the enum of our module option.

The upstream docs have been updated and now mention `error` and `warn`
as well.

Upstream PR: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/716
 2024-02-13 20:26:29 +01:00
Peder Bergebakken Sundt bf7c95ce73
Merge pull request #285314 from pbsds/ttyd-1706718068 
nixos/ttyd: add `entrypoint` and `writable` option
 2024-02-13 19:41:11 +01:00
Felix Buehler 9db5906a6f nixos/photoprism: improve manage script 2024-02-13 18:51:30 +01:00
John Garcia eaa1034a80 nixos/undervolt: add turbo option 2024-02-13 13:38:22 +00:00
Martin Weinelt ec89463a61
nixos/knot: refactor 
- Stop using `with lib`
- Drop `lib.mdDoc`
- Use `escaepSystemdExecArgs` for escaping
 2024-02-13 13:44:32 +01:00
Martin Weinelt d1d8dd3e55
nixos/knot: add support for XDP setups 
The Express Data Path (XDP) is a way to circumvent the traditional Linux
networking stack and instead run an eBPF program on your NIC, that makes
the decision to provide Knot with certain packets. This is way faster
and more scalable but comes at the cost of reduced introspection.

Unfortunately the `knotc conf-check` command fails hard with missing
interfaces or IP addresses configured in `xdp.listen`, so we disable it
for now, once the `xdp` config section is set. We also promote the config
check condition to a proper option, so our conditions become public
documentation, and we allow users to deal with corner cases, that we have
not thought of yet.

We follow the pre-requisites documented in the Knot 3.3 manual, and set
up the required capabilities and allow the AF_XDP address family.

But on top of that, due to our strict hardening, we found two more
requirements, that were communicated upstream while debugging this.

- There is a requirement on AF_NETLINK, likely to query for and configure
  the relevant network interface
- Running eBPF programs requires access to the `bpf` syscall, which we
  deny through the `~@privileged` configuration.

In summary We now conditionally loosen the hardening of the unit once we
detect that an XDP configuration is wanted. And since we cannot
introspect arbitrary files from the `settingsFiles` option, we expose XDP
support through the `enableXDP` toggle option on the module.
 2024-02-13 13:44:31 +01:00
K900 526bcf58da nixos/chromium: fix incorrect option definition 
Fixes #232528
 2024-02-13 15:17:45 +03:00
github-actions[bot] 6d11c074e2
Merge staging-next into staging 2024-02-13 12:01:40 +00:00
Yt 971fbfd00a
Merge pull request #276468 from onny/opensnitch-update4 
opensnitch: 1.6.4 -> 1.6.5, opensnitch-ui: 1.6.4 -> 1.6.5
 2024-02-13 10:46:01 +00:00
Joris Bolsens 6a11b7a777
nixos/kubernetes: don't delete the apitoken after its created 
This was breaking the nixos-kubernetes-node-join script
the token gets copied, and then immediately overridden with /dev/null when certmgr restarts.
 2024-02-12 22:50:27 -08:00
github-actions[bot] c0e8987b85
Merge staging-next into staging 2024-02-13 00:02:40 +00:00
Paul Meyer ce0a47cd2c maintainers: remove attila-lendvai 2024-02-12 23:10:03 +01:00
Paul Meyer 11eef97f3c bee-clef: remove 2024-02-12 23:10:03 +01:00
Sandro Jäckel 80e79ded15
nixos/unbound: check validity of config file 2024-02-12 22:49:03 +01:00
Maximilian Bosch d363f52625
nixos/postgresql: drop ensurePermissions option 
...effectively what was planned already in #266270, but it was too late
because the branches were restricted and didn't allow any breaking
changes anymore.

It also suffers from the same issue that we already had when discussing
this the last time[1] when `ensureDBOwnership` was ultimately introduced
as band-aid fix: newly created users don't get CREATE permission on
the `public` schema anymore (since psql 15), even with `ALL PRIVILEGES`.

If one's use-case is more sophisticated than having a single owner, it's
questionable anyways if this module is the correct tool since
permissions aren't dropped on a change to this option or a removal which
is pretty surprising in the context of NixOS.

[1] https://github.com/NixOS/nixpkgs/pull/266270
 2024-02-12 21:10:33 +01:00
Sandro 886449aef2
Merge pull request #268979 from con-f-use/warn_docker_storage_driver 
nixos/docker: warn about changing storageDriver and remove `devicemapper` value
 2024-02-12 19:46:05 +01:00
github-actions[bot] 917c8637e8
Merge staging-next into staging 2024-02-12 18:01:31 +00:00
Janik 29f575d7e6
Merge pull request #288284 from NetaliDev/rustdesk-extra-args 
nixos/rustdesk-server: add extra args options for hbbr and hbbs
 2024-02-12 16:52:01 +01:00
github-actions[bot] f9874c4b8c
Merge staging-next into staging 2024-02-12 14:49:17 +00:00
Pol Dellaiera 2d627a2a70
Merge pull request #277220 from nu-nu-ko/nixos-jellyfin-dirs 
nixos/jellyfin: add directory options
 2024-02-12 14:06:46 +01:00
Jennifer Graul c412263319
nixos/rustdesk-server: add extra args options for hbbr and hbbs 2024-02-12 13:41:08 +01:00
Jonas Heinrich 31b9a9d18c opensnitch: 1.6.4 -> 1.6.5, opensnitch-ui: 1.6.4 -> 1.6.5.1 2024-02-12 11:58:44 +01:00
Sophie Tauchert b670443f42
nixos/hydra: use set-default in hydra-env wrapper package 2024-02-12 11:16:32 +01:00
github-actions[bot] 1153f50c55
Merge staging-next into staging 2024-02-12 00:02:35 +00:00
Josh Hoffer b445085c22 nixos/mysql: Use notify service type for MySQL >= 8.0 2024-02-11 15:41:25 -08:00
Josh Hoffer e553e37abf nixos/mysql: remove MySQL fixed 30 second timeout 
Removed hard coded timeout in postScript, allow using
more general systemd TimeoutStartSec instead.
 2024-02-11 15:41:25 -08:00
Bruno BELANYI 5e43c70867 nixos/tandoor-recipes: improve manage script 
This is mirroring the way the manage script is created in the paperless
module, which is more robust to special characters.
 2024-02-11 21:21:02 +00:00
maxine 9b52568c86
Merge pull request #288122 from amaxine/fwupd-internal-tests 2024-02-11 21:15:52 +01:00
Maxine Aubrey 4a4904c2b2
nixos/fwupd: make test option internal, be explicit about removal 2024-02-11 20:27:02 +01:00
kirillrdy 76d14d166c
Merge pull request #287708 from JorisBolsens/patch-1 
nixos/kubernetes: use correct -o option with bash install when copying certs in cfssl prestart script
 2024-02-12 06:14:44 +11:00
Ryan Lahfa d9e7a2a88a
Merge pull request #286857 from RaitoBezarius/cacerts 
nixos/security/ca: enable support for compatibility bundles
 2024-02-11 19:44:02 +01:00
Maximilian Bosch 417fdb06d7
Merge pull request #287856 from emilylange/nixos-gitea-package-forgejo-warning 
nixos/gitea: warn when using `services.gitea` with forgejo
 2024-02-11 18:06:05 +01:00
Raito Bezarius 19159a2349 nixos/security/ca: enable support for compatibility bundles 
Certain software stacks have no support for OpenSSL non-standard PEM format and will fail to use
our NixOS CA bundle.

For this, it is necessary to fallback on a 'compatibility' bundle which will contain no additional
trust rules.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-02-11 17:51:00 +01:00
Sam Weston c49e6bf8b8 nixos/sabnzbd: use stateDirectory and mkIf-ify user/group creation 2024-02-11 16:49:08 +00:00
Sam Weston d3d5b72c65 nixos/sabnzbd: add openFirewall 2024-02-11 16:48:05 +00:00
Aaron Andersen e163373592
Merge pull request #284814 from yaxitech/github-runner-module-update 
nixos/github-runners: remove single runner module, rework default name, add `noDefaultLabels`
 2024-02-11 06:10:56 -08:00
Martin Weinelt 18899b0c58
Merge pull request #287926 from mweinelt/home-assistant-2024.2.0-fixes 
home-assistant: fixes for 2024.2.0
 2024-02-11 04:35:53 +01:00
Will Fancher d4ee957afa
Merge pull request #287445 from fricklerhandwerk/qemu-env-vars 
doc: expand on parameters passed to QEMU VMs
 2024-02-10 22:12:06 -05:00
Martin Weinelt 055a8f709a
nixos/home-assistant: always add dependencies for default integrations 
These are loaded unconditionally during bootstrap, and home-assistant
will now fail to start, if these aren't provided.
 2024-02-11 04:09:52 +01:00
Lin Jian f3a93440fb
Merge pull request #285813 from jerrita/nft-precheck-flatten 
nixos/nftables: add option for flattening rulesetFile
 2024-02-11 10:41:17 +08:00
Jan Tojnar fe40e99020 nixos/xdg/portal: Use systemPackage instead of buildEnv 
Portals are global so we can just link them globally.

There might, in theory, be some unexpected system-path contamination
(e.g. when a portal package installs its executables to `/bin`)
but I think the risk is relatively minor compared to the added complexity.

While at it, let’s point the environment variable to system-path.
That will allow changes to installed portals to apply without having to re-log in.
 2024-02-11 03:32:47 +01:00
Jan Tojnar 3b2f55e89f xdg-desktop-portal: Use custom variable for finding portals 
x-d-p only looks for portal definitions in one of two places:
- datadir (which we cannot install anything to, since Nix packages are immutable)
- when `XDG_DESKTOP_PORTAL_DIR` environment variable is set, the path specified therein
  (meant for tests, disables looking for portal configuration anywhere else)

Let’s introduce our own `NIX_XDG_DESKTOP_PORTAL_DIR` environment variable
that will only control the portal definitions lookup.
We will not use it for searching for configuration
because it would require looking in the parent directory
and `XDG_CONFIG_DIRS` variable is sufficient for us.
 2024-02-11 03:21:55 +01:00
Martin Weinelt aeea37e779
Merge pull request #287480 from NixOS/home-assistant 
home-assistant: 2024.1.6 -> 2024.2.1
 2024-02-11 01:18:04 +01:00
emilylange ca3cfc841a
nixos/gitea: warn when using services.gitea with forgejo 
since this is no longer supported and we have a dedicated module for
forgejo for quite some time now.

Such warning is, however, becoming more and more important, since
forgejo is no longer a soft-fork of gitea, but rather a hard-fork.

And as such, it will slowly but surely no longer be a drop-in
replacement.

Additionally, I hope that this warning will prevent users from
reporting issues with forgejo to nixos/gitea maintainers.

The accompanying forgejo.md, from which the manual section is created,
will be updated over the next few weeks when forgejo officially
publishes their blog post about all this and the way forward, so we can
link to it.
 2024-02-10 20:47:04 +01:00
tomberek 6e60c8526b
Merge pull request #286993 from christoph-heiss/srht-updates-next-round 
sourcehut: update all components
 2024-02-10 11:52:53 -05:00
Sandro 756e574ebd
Merge pull request #282971 from wegank/restya-board-drop 
restya-board: drop
 2024-02-10 17:28:05 +01:00
Peder Bergebakken Sundt 40cb108adf
Merge pull request #232528 from SuperSandro2000/chromium-kde 
nixos/chromium: add enablePlasmaBrowserIntegration option
 2024-02-10 17:15:14 +01:00
Peder Bergebakken Sundt c43fd32e03
Merge pull request #248315 from apeschar/oci-containers-backend-stop 
nixos/oci-containers: stop container using backend
 2024-02-10 17:12:56 +01:00
Peder Bergebakken Sundt 6f55f021df
Merge pull request #287304 from ambroisie/pyload-user-group 
nixos/pyload: add user/group options
 2024-02-10 14:59:23 +01:00
Maximilian Bosch 66a0b77a78
Merge pull request #286394 from SuperSandro2000/nextcloud-timer 
nixos/nextcloud: don't execute cron when in maintenace/upgrade, don't kill cgroup
 2024-02-10 12:48:05 +01:00
Peder Bergebakken Sundt 5caded32fe
Merge pull request #277189 from anpin/fix/cloudflared-service 
cloudflared: fixed missing configuration options
 2024-02-10 12:45:08 +01:00
maxine 53f6fedd04
Merge pull request #287512 from r-vdp/fwupd_1_9_13 
fwupd: 1.9.12 -> 1.9.13
 2024-02-10 11:05:51 +01:00
Joris Bolsens 1856e7e4b1 nixos/kubernetes: use correct -o option with bash install when copying certs in cfssl prestart script 2024-02-10 01:46:00 -08:00
Martin Weinelt 3d67816966
home-assistant: 2024.1.6 -> 2024.2.1 
https://www.home-assistant.io/blog/2024/02/07/release-20242/
https://github.com/home-assistant/core/releases/tag/2024.2.1
 2024-02-10 04:15:41 +01:00
Silvan Mosberger 11cd405226
Merge pull request #280322 from h7x4/add-hocon-format-generator 
pkgs.formats: Add HOCON format generator
 2024-02-10 03:07:51 +01:00
Silvan Mosberger 5de4385620
Merge pull request #285833 from 360ied/murmur-hardened 
nixos/murmur: systemd service hardening
 2024-02-10 02:48:46 +01:00
github-actions[bot] b64b4f2d6a
Merge master into staging-next 2024-02-09 18:01:06 +00:00
Bernardo Meurer f459aeeb8d
Merge pull request #287528 from arianvp/amazon-image-maintainer 
nixos/amazon-image: Take over maintainership
 2024-02-09 12:33:11 -05:00
Will Fancher 0cf1e24f32
Merge pull request #284627 from Trundle/nftables-ordering 
nixos/nftables: remove default systemd dependencies
 2024-02-09 12:29:24 -05:00
Arian van Putten a1232992ac nixos/amazon-image: Take over maintainership 
I am actively working on bringing back Amazon Images for 24.05.
Please track progress in https://github.com/nixos/amis
 2024-02-09 18:02:40 +01:00
Maximilian Bosch bd8acd0141
Merge pull request #286172 from mweinelt/matrix-uds-listeners 
nixos/matrix-synapse: Add UNIX domain socket listener support
 2024-02-09 17:58:41 +01:00
Vincent Haupert 6d8391a3ce nixos/github-runners: add a group option to set the executing group 
Similar to the `user` option, the added `group` option sets the group of
the executing process. If not `null`, it also sets `DynamicUser=false`.
In case `user` is set to `null` (the default), systemd would run the
service as root implicitly. As this is dangerous and most certainly not
what users want, we force them to set `user = "root"` explicitly if
that's really their intention. That's achieved through an assertion.
 2024-02-09 16:58:09 +01:00
r-vdp 12de1b3a38
fwupd: 1.9.12 -> 1.9.13 
Changelog: https://github.com/fwupd/fwupd/releases/tag/1.9.13
 2024-02-09 16:45:09 +01:00
Maximilian Bosch f6954309e8
nixos/users-groups: warn on ambiguous password settings 
After 4b128008c5 it took me a while in a
test setup to find out why `root` didn't have the password anymore I
declared in my config.

Because of that I got reminded how the order of preference works for the
password options:

    hashedPassword > password > hashedPasswordFile

If the user is new, initialPassword & initialHashedPassword are also
relevant. Also, the override is silent in contrast to any other
conflicting definition in NixOS.

To make this less surprising I decided to warn in such a case -
assertions would probably break too much that technically works as
intended.

Also removed the `initialHashedPassword` for `root`. This would cause a
warning whenever you set something in your own config and a `!` is added
automatically by `users-groups.pl`.

`systemd-sysusers` also seems to implement these precedence rules, so
having the warning for that case also seems useful.
 2024-02-09 16:44:35 +01:00
h7x4 39a779e269
treewide: use formats.hocon 2024-02-09 16:40:22 +01:00
Vincent Haupert 35df23c07d nixos/github-runners: set DynamicUser=false if user not null 2024-02-09 16:19:23 +01:00
Vincent Haupert 3f13f8d85e nixos/github-runners: align nodeRuntimes option with package 
The `github-runner` package only supports `nodejs_20` since `nodejs_16`
was removed in a2976db919.

It still makes sense to keep the `nodeRuntimes` option as this is
probably not the last Node.js we'll deprecate with at least some grace
period.
 2024-02-09 16:19:23 +01:00
Vincent Haupert 782b164523 nixos/github-runners: rework name default 2024-02-09 16:19:19 +01:00
Martin Weinelt 91d9c159da
nixos/matrix-synapse: fix recursive filtering of null values 
Using `filterAttrsRecursive` is not sufficient to account for a nested
attribute set with list values, like used for listeners.
 2024-02-09 16:05:05 +01:00
Martin Weinelt 143d266f0d
nixos/matrix-synapse: add UNIX domain socket listener support 
Exposes two options, `path` and `mode`, to configure the location and
permissions on the socket file.

The `mode` needs to be specified as string in octal and will be converted
into a decimal integer, so it correctly passes through the YAML parser
and arrives at the `os.chmod` call in the Twisted codebase. What a fun
detour.

Adds an assertion, that either `path` or `bind_addresses` and `port` are
configured on every listener.

Migrates the default replication listener of the main instance to a UNIX
domain socket, because it is more efficient.

Introduces the `enableRegistrationScript` option, to gracefully disable
the user registration script, when the client listener listens on a UNIX
domain socket, which is something the script does not support.
 2024-02-09 16:05:05 +01:00
Valentin Gagarin e385b36a32
Merge pull request #287438 from fricklerhandwerk/qemu-docs-link 2024-02-09 15:37:35 +01:00
Vincent Haupert 9ad02c831a nixos/github-runner: deprecate module in favor of github-runners.* 2024-02-09 15:14:32 +01:00
Vincent Haupert ab57ba24cf nixos/github-runners: document new runner registrations 
Make the documentation of the options `workDir` and `ephemeral` reflect
that changing these options will trigger a new runner registration.
 2024-02-09 15:14:32 +01:00
Vincent Haupert a9c807496f nixos/github-runners: add noDefaultLabels option 
Add option `noDefaultLabels` which controls the `--no-default-labels`
switch passed to the configure script.
 2024-02-09 15:14:32 +01:00
Vincent Haupert ae140cd468 nixos/github-runners: remove superfluous usages of lib 2024-02-09 15:14:31 +01:00
github-actions[bot] a7f4ae0644
Merge master into staging-next 2024-02-09 12:01:11 +00:00
nikstur 8a3e1cf40a
Merge pull request #287013 from WilliButz/qemu-vm/tmpfiles-settings 
nixos/qemu-vm: convert tmpfiles rules to settings
 2024-02-09 11:42:17 +01:00
Valentin Gagarin 85f4b05e39 doc: add link to QEMU reference documentation in QEMU module 2024-02-09 11:21:07 +01:00
Valentin Gagarin 11c26d4cc5 use code for env var notation 2024-02-09 11:16:28 +01:00
Valentin Gagarin d9009e0028 doc: expand on parameters passed to QEMU VMs 2024-02-09 10:48:52 +01:00
Valentin Gagarin b1f6e08177 doc: add link to Nix manual 2024-02-09 10:47:08 +01:00
Linus Heckemann 4916e22812
Merge pull request #286176 from nikstur/writable-overlays 
nixos/filesystems: init overlayfs
 2024-02-09 08:22:09 +01:00
Martin Weinelt a43d9cd69a
nixos/prometheus-fastly-exporter: fix runtime environment 
- Make the token a required option
- Drop the proto from the listen parameter
- Use systemd credentials to pass the token file
- Drop debug flag, use extraArgs instead
- Actually hook up extraArgs
- Escape shell arguments
- Drop overly broad `with lib` statement
 2024-02-09 02:24:48 +01:00
github-actions[bot] 592e5dab71
Merge master into staging-next 2024-02-09 00:02:27 +00:00
Bruno BELANYI c14f029dae nixos/pyload: add user/group options 2024-02-08 20:27:14 +00:00
nikstur 4d2c5b722a
Merge pull request #285114 from WilliButz/improve-uki-settings-merging 
nixos/boot.uki: allow partial overrides of default UKI settings
 2024-02-08 21:15:08 +01:00
github-actions[bot] 13d222c591
Merge master into staging-next 2024-02-08 18:01:04 +00:00
Aaron Andersen 2d8bd81554
Merge pull request #286063 from yaxitech/github-runner-node-runtimes-286059 
nixos/github-runners: only override pkg if it has a `nodeRuntimes` arg
 2024-02-08 07:20:13 -08:00
github-actions[bot] 74098fff88
Merge master into staging-next 2024-02-08 06:01:13 +00:00
Ryan Lahfa f5c054af12
Merge pull request #264369 from RaitoBezarius/drop-pamusb 
pam_usb, nixos/pam-usb: drop
 2024-02-08 04:26:23 +01:00
Raito Bezarius 2d78f55438 pam_usb, nixos/pam-usb: drop 
`security.pam.usb` is broken anyway and upstream has abandoned the software.
 2024-02-08 02:59:45 +01:00
github-actions[bot] 8cb642cb14
Merge master into staging-next 2024-02-08 00:02:08 +00:00
Peter Hoeg 9a113b42b3 nixos/version: add ANSI_COLOR 2024-02-08 00:14:53 +01:00
Jörg Thalheim ded6a6cb80
Merge pull request #277137 from ajs124/fix/tt-rss-phpPackage 
nixos/tt-rss: add phpPackage option
 2024-02-07 23:19:57 +01:00
nikstur 1c1cfa073a nixos/filesystems: init overlayfs 2024-02-07 22:13:00 +01:00
Kim Lindberger debe2ca258
Merge pull request #286532 from flyingcircusio/PL-131811-gitlab-loose-coupling-upstream 
nixos.gitlab: loosen the coupling of gitlab services to postgresql and redis
 2024-02-07 19:29:01 +01:00
github-actions[bot] 296d2f6991
Merge master into staging-next 2024-02-07 18:00:58 +00:00
Sarah Brofeldt cd5c10f696
Merge pull request #275896 from hoppla20/master 
nixos/kubernetes: fix pki's mkSpec function
 2024-02-07 18:44:35 +01:00
Oliver Schmidt 13ba002dd0 nixos/services.gitlab: loosen the coupling between gitlab and postgres/ redis to avoid restarts and races 
Gitlab stays running at redis and postgresql restarts as if these
components were on a different host anyways. Handling reconnetctions is
part of the application logic.

Co-authored-by: Kim Lindberger <kim.lindberger@gmail.com>
for formatting fixes and test failure debugging.
 2024-02-07 18:19:18 +01:00
Sandro f7654894a3
Merge pull request #285298 from SuperSandro2000/govee2mqtt 
govee2mqtt: init at 2024.01.21-088d4ca8, nixos/govee2mqtt: init
 2024-02-07 18:14:05 +01:00
ajs124 106626b8d7 nixos/tt-rss: add phpPackage option 
right now, we have php81 and php (which points to php82), which means that:
- php-fpm uses php81
- the update preStart uses php81
- the actual updater uses php82
 2024-02-07 17:41:27 +01:00
ajs124 33ca948d6a
Merge pull request #259604 from sefidel/tt-rss-force-update-schema 
nixos/tt-rss: supply --force-yes to update-schema
 2024-02-07 17:39:03 +01:00
WilliButz 0139970416
nixos/qemu-vm: convert tmpfiles rules to settings 
This change replaces the previously hard-coded `/boot` path with a
reference to `efiSysMountPoint` and more importantly this change makes
it possible to override these rules in scenarios in which they are not
desired.

One such scenario would be when `systemd-gpt-auto-generator(8)` is used
to automount the ESP. Consider this section from the mentioned manpage:

> The ESP is mounted to /boot/ if that directory exists and is not used
> for XBOOTLDR, and otherwise to /efi/. Same as for /boot/, an automount
> unit is used. The mount point will be created if necessary.

Prior to this change, the ESP would be automounted under `/efi` on first
boot, then the previous tmpfiles rules caused `/boot` to be created.
Following the quote above, this meant that the ESP is mounted under
`/boot` for each subsequent boot.
 2024-02-07 16:25:30 +01:00
Robert Schütz 743b095b5e
Merge pull request #286454 from dotlambda/nginx-acme-auth_request-off 
nixos/nginx: turn auth_request off for ACME challenge
 2024-02-07 15:08:08 +00:00
Sandro Jäckel d449e88309
nixos/chromium: remove lots of extra whitespace from docs 2024-02-07 16:04:26 +01:00
Sandro Jäckel 42b58f2c73
nixos/plasma5: enable programs.chromium.enablePlasmaBrowserIntegration 2024-02-07 16:04:25 +01:00
Sandro Jäckel d4df5391d0
nixos/chromium: add enablePlasmaBrowserIntegration, plasmaBrowserIntegrationPackage options 2024-02-07 16:04:25 +01:00
Sandro Jäckel a73a43d737
nixos/chromium: don't generate empty files 2024-02-07 16:04:20 +01:00
Sandro Jäckel 5538de972d
nixos/chromium: cleanup formatting a bit to 
this also reduces the diff in the next commits
 2024-02-07 16:03:42 +01:00
Kerstin a3ed4692b7
Merge pull request #286943 from Tom-Hubrecht/kanidm 
kanidm: 1.1.0-rc.15 -> 1.1.0-rc.16
 2024-02-07 15:07:13 +01:00
Christoph Heiss 62854c0103
sourcehut: add myself as maintainer 
I worked already a lot on this stuff, esp. modules - so it just makes
sense.

Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-02-07 14:58:12 +01:00
Tom Hubrecht ad67485526 kanidm: 1.1.0-rc.15 -> 1.1.0-rc.16 
Release notes: https://github.com/kanidm/kanidm/releases/tag/v1.1.0-rc.16
 2024-02-07 14:14:39 +01:00
Martin Weinelt 02324756dd
nixos/zigbee2mqtt: revert systemd unit to simple type 
A recent release added systemd notify support, so I migrated our unit
towards that. The NixOS test did not reveal that the unit would not fully
activate.

Reverts: 165326d2c (partially)
Closes: #286977
 2024-02-07 13:51:11 +01:00
github-actions[bot] 03dd2b9470
Merge master into staging-next 2024-02-07 12:01:11 +00:00
Franz Pletz 5ef42fcd84
Merge pull request #286832 from trofi/crda-removal-and-wireless-regdb-update 
crda: remove package, wireless-regdb: 2023.09.01 -> 2024.01.23
 2024-02-07 11:52:55 +01:00
Sandro Jäckel 1b3f92087b
nixos/govee2mqtt: init 2024-02-07 10:39:23 +01:00
Rodney Lorrimar 8513f69b24 nixos/phosh: Ensure that desktop session is identified as Phosh 2024-02-07 20:10:15 +11:00
Will Fancher ee9becfdfb
Merge pull request #285315 from jmbaur/sysupdate-fixes 
nixos/sysupdate: allow lists in sysupdate config
 2024-02-07 03:01:49 -05:00
Weijia Wang 29b534a3d4 restya-board: drop 2024-02-07 01:33:05 +01:00
github-actions[bot] 9824e51195
Merge master into staging-next 2024-02-07 00:02:01 +00:00
Martin Weinelt 7317fb9f77
Merge pull request #286287 from fleaz/frigate-update 
frigate: 0.12.1 -> 0.13.1
 2024-02-07 00:09:42 +01:00
Sergei Trofimovich 275855d632 nixos: hostapd: drop unused crda package import 2024-02-06 22:45:01 +00:00
fleaz 250078ceba
frigate: 0.12.1 -> 0.13.1 
Changelog:
https://github.com/blakeblackshear/frigate/releases/tag/v0.13.0
https://github.com/blakeblackshear/frigate/releases/tag/v0.13.1

Co-Authored-By: Martin Weinelt <hexa@darmstadt.ccc.de>
 2024-02-06 22:54:22 +01:00
Sandro Jäckel e91a7b7a4e
hedgedoc: move files to share/hedeodc in the package 2024-02-06 19:26:21 +01:00
Felix Bühler 481c7ffc8e
Merge pull request #286069 from linsui/nau 
nixos/nautilus-open-any-terminal: add to module-list.nix
 2024-02-06 19:21:49 +01:00
Felix Bühler 9e23c379c7
Merge pull request #286032 from Stunkymonkey/k8s-pki-remove-chown 
kubernetes: prefer 'install' over 'mkdir/chmod/chown'
 2024-02-06 19:21:08 +01:00
Sandro Jäckel 26316368cb
hedgedoc: fix executing any of the management clis, remove heroku bin 
as we don't need that
 2024-02-06 19:13:51 +01:00
Felix Bühler 5dac2ab264
Merge pull request #286577 from Pablo1107/photoprism-module/fix-manage-script-typo 
nixos/photoprism: fix typo with duplicated exec call
 2024-02-06 19:09:53 +01:00
github-actions[bot] 33b366b63f
Merge master into staging-next 2024-02-06 18:01:02 +00:00
Sandro ed742ab4fc
Merge pull request #275621 from Yarny0/tsm-client-update 
tsm-client: 8.1.20.0 -> 8.1.21.0
 2024-02-06 17:17:40 +01:00
Florian Klink 7c0a129076
Merge pull request #256652 from giorgiga/rateLimitBurst-documentation 
Clarify journal size limit defaults in documentaiton of services.journald.rateLimitBurst
 2024-02-06 13:26:35 +01:00
github-actions[bot] 952bd69944
Merge master into staging-next 2024-02-06 06:00:54 +00:00
Sandro 4494fcaab7
nixos/acme: default to lets encrypt production URL instead of null, mention lets encrypt staging URI (#270221) 2024-02-06 01:51:09 +01:00
github-actions[bot] 8e7913be95
Merge master into staging-next 2024-02-06 00:02:21 +00:00
Pablo Andres Dealbera 14a1f86791 nixos/photoprism: fix typo 2024-02-05 19:34:43 -03:00
nu-nu-ko ccf92aad9b nixos/jellyfin: add directory options 2024-02-06 11:07:33 +13:00
Robert Hensing 274ae6a454
Merge pull request #284117 from Stunkymonkey/amqp-write-secret 
nixos/rabbitmq: prefer 'install' over 'mkdir/chmod/chown'
 2024-02-05 19:29:19 +01:00
github-actions[bot] 2579984b85
Merge master into staging-next 2024-02-05 18:01:13 +00:00
Peder Bergebakken Sundt a8880f1647 nixos/ttyd: add entrypoint option 2024-02-05 17:38:00 +01:00
Leona Maroni 2b7e1ddb4a
nixos/youtrack: fix warnings (#285775) 
* nixos/youtrack: fix extraParams warning

* nixos/youtrack: use new option for port in nginx config
 2024-02-05 17:17:45 +01:00
Sandro 1b06c0f273
Merge pull request #286341 from Izorkin/update-fastfetch 2024-02-05 17:08:45 +01:00
Franz Pletz fadde8db1f
Merge pull request #286324 from Izorkin/update-libvirt-oom 
nixos/libvirt: changing process priority for oom killer
 2024-02-05 15:47:25 +01:00
Robert Schütz 1dd5f2b1f9 nixos/nginx: turn auth_request off for ACME challenge 
This is e.g. necessary when using tailscale-nginx-auth.
 2024-02-05 00:33:33 -08:00
github-actions[bot] 0f22335f7d
Merge master into staging-next 2024-02-05 06:01:04 +00:00
jerrita e686847d20
nixos/nftables: add option for flattening rulesetFile 
Co-authored-by: Lin Jian <me@linj.tech>
 2024-02-05 11:27:16 +08:00
360ied 11cf6ab0dd nixos/murmur: systemd service hardening 
Murmur provides an official systemd service file in their repo,
which contains various service hardening settings:

c4b5858d14/auxiliary_files/config_files/mumble-server.service.in (L7)

The service configuration in nixpkgs does not include these hardening settings.

This commit adds the hardening settings to the murmur service in nixpkgs.
This drops the `systemd-analyze security` score of murmur.service from 9.2 (UNSAFE) to 2.1 (OK).
 2024-02-04 21:23:34 -05:00
Sandro Jäckel c64c45da9c
nixos/nextcloud: don't execute cron when in maintenace/upgrade, don't kill cgroup 
Those are upstream recommendations taken from
22d2472b8f/admin_manual/configuration_server/background_jobs_configuration.rst (systemd)
 2024-02-05 01:29:13 +01:00
Sandro Jäckel 42daa00928
nixos/nextcloud: little formatting 2024-02-05 01:29:13 +01:00
LRFLEW 8b0d333f54
nixos/archisteamfarm: allow bots.*.passwordFile to be null (#284978) 
* Make services.archisteamfarm.bots.*.passwordFile Nullable

This adds support for alternate password specification methods, such as through the web-ui.

* Update description for services.archisteamfarm.bots.*.passwordFile

Adds note about omitting or setting to null to provide the password through the web-ui.
 2024-02-05 01:18:23 +01:00
github-actions[bot] 42e44c0583
Merge master into staging-next 2024-02-05 00:02:17 +00:00
oddlama b7f29692c0
nixos/hostapd: fix utf8Ssid setting not properly honored 2024-02-05 00:52:08 +01:00
Weijia Wang 7ece427021
Merge pull request #279268 from superherointj/etcd-fix-firewall-startup 
nixos/etcd: fixes etcd failing to start at boot and add openFirewall option
 2024-02-05 00:37:09 +01:00
Weijia Wang e2fb30fabc
Merge pull request #239785 from milibopp/neo4j-5.9.0 
neo4j: 4.4.11 -> 5.9.0
 2024-02-05 00:21:21 +01:00
Izorkin 15dfbbd4c3
fastfetch: add vulkanSupport option 2024-02-05 01:32:05 +03:00
Izorkin 69206539d4
fastfetch: add waylandSupport option 2024-02-05 01:32:04 +03:00
Izorkin 556b8c7b6f
fastfetch: add x11Support option 2024-02-05 01:32:03 +03:00
Robert Hensing 6761394083 nixos/rabbitmq: Rename cookie -> unsafeCookie 
Not a mkRenamedOptionModule, because user intervention is required
to determine whether they have a problem. mkRenamed* does not let
us explain anything to the user.
 2024-02-04 21:41:29 +01:00
github-actions[bot] 145a9cb679
Merge master into staging-next 2024-02-04 18:01:14 +00:00
Izorkin 9ad115e5f3
nixos/libvirt: changing process priority for oom killer 2024-02-04 19:54:02 +03:00
Artturi 8f893ff1da
Merge pull request #221628 from rhysmdnz/intune 
Microsoft Intune
 2024-02-04 17:31:58 +02:00
Jade Lovelace e456032add nixos/flake: put nixpkgs in NIX_PATH and system registry for flake configs 
Currently there are a bunch of really wacky hacks required to get nixpkgs
path correctly set up under flake configs such that `nix run
nixpkgs#hello` and `nix run -f '<nixpkgs>' hello` hit the nixpkgs that
the system was built with. In particular you have to use specialArgs or
an anonymous module, and everyone has to include this hack in their
own configs.

We can do this for users automatically.

I have tested these manually with a basic config; I don't know if it is
even possible to write a nixos test for it since you can't really get a
string-with-context to yourself unless you are in a flake context.
 2024-02-03 20:44:38 -08:00
github-actions[bot] 5a036cc96a
Merge master into staging-next 2024-02-03 18:00:51 +00:00
Linus Heckemann 9f571cb4ef
Merge pull request #284508 from nikstur/etc-overlay-leading-slash 
nixos/etc: remove leading slash from paths
 2024-02-03 18:01:01 +01:00
linsui b88eaf5d62 nixos/nautilus-open-any-terminal: add to module-list.nix 2024-02-03 22:27:31 +08:00
Vincent Haupert e6854b295b nixos/github-runners: only override pkg if it has a nodeRuntimes arg 
Older versions of the github-runner package might not have the
`nodeRuntimes` argument yet causing an error as the NixOS module always
tries to override the argument.

The commit makes sure we only override `nodeRuntimes` if the configured
package has a `nodeRuntimes` argument.
 2024-02-03 14:33:39 +01:00
Felix Buehler ffadbb6788 kubernetes: prefer 'install' over 'mkdir/chmod/chown' 2024-02-03 11:16:23 +01:00
github-actions[bot] 95ffc37024
Merge staging-next into staging 2024-02-03 06:01:25 +00:00
Martin Weinelt e1ee205a99
Merge pull request #285931 from mweinelt/zigbee2mqtt-1.35.2 
zigbee2mqtt: 1.35.1 -> 1.35.2
 2024-02-03 03:44:36 +01:00
Martin Weinelt 165326d2ca
zigbee2mqtt: 1.35.1 -> 1.35.2 
https://github.com/Koenkk/zigbee2mqtt/releases/tag/1.35.2
 2024-02-03 02:21:15 +01:00
github-actions[bot] 58c80dd7b8
Merge staging-next into staging 2024-02-02 18:01:50 +00:00
Adam Stephens 7585f26855
nixos/incus: add zfs/lib/udev to path 
Incus needs to find zvol_id for some operations, but zfs does not put
this executable in the bin directory. Exposing lib/udev into the Incus
path solves discovery of the executable

e5690705e8/internal/server/storage/drivers/driver_zfs_volumes.go (L1820C1-L1820C41)
 2024-02-02 12:36:41 -05:00
MinerSebas de306fb3d6 nixos/prometheus-restic-exporter: Use LoadCredential for password file 2024-02-02 14:47:46 +01:00
MinerSebas e7a2d8aa18 prometheus-restic-exporter: 1.4.0 -> 1.5.0 2024-02-02 14:47:43 +01:00
github-actions[bot] 0675b4b947
Merge staging-next into staging 2024-02-02 12:01:43 +00:00
h7x4 7ac5d2ce0c
Merge pull request #284154 from PassiveLemon/ALVR 
alvr: init at 20.6.1
 2024-02-02 11:36:08 +01:00
github-actions[bot] 3a8e4cc2aa
Merge staging-next into staging 2024-02-02 06:01:42 +00:00
Will Fancher 8c1a6046a2
Merge pull request #285411 from NickCao/networkd-stage1 
nixos/networkd: drop upstreamed stage-1 unit dependencies
 2024-02-01 20:35:17 -05:00
github-actions[bot] 6b866c8f85
Merge staging-next into staging 2024-02-02 00:02:44 +00:00
Rhys Davies d102910f47
nixos/pam: Add pam_intune 2024-02-02 10:01:52 +13:00
Rhys Davies 295a32a6b1
nixos/intune: init 2024-02-02 10:00:33 +13:00
h7x4 932344b54a
Merge pull request #270475 from MinerSebas/prometheus-restic-exporter 
prometheus-restic-exporter: init at 1.4.0
 2024-02-01 20:05:11 +01:00
Pierre Bourdon 3484985991
Merge pull request #285587 from edef1c/wrapper-cve-2023-6246 
nixos/modules/security/wrappers: limit argv0 to 512 bytes
 2024-02-01 19:18:45 +01:00
edef b4c9840652 nixos/modules/security/wrappers: limit argv0 to 512 bytes 
This mitigates CVE-2023-6246, crucially without a mass-rebuild.

Change-Id: I762a0d489ade88dafd3775d54a09f555dc8c2527
 2024-02-01 18:16:55 +00:00
github-actions[bot] 381e01e471
Merge staging-next into staging 2024-02-01 18:01:21 +00:00
Atemu f38bca1ca5
Merge pull request #279677 from leona-ya/paperless-nltk 
nixos/paperless: use nltk_data package as NLTK data source
 2024-02-01 16:59:28 +01:00
Leona Maroni 6300f478e9
nixos/paperless: use nltk_data package as NLTK data source 
nixos
 2024-02-01 16:53:34 +01:00
MinerSebas d1f031cbbd nixos/prometheus-restic-exporter: init module 2024-02-01 14:48:56 +01:00
Leona Maroni 0f2df9ff19 nixos/youtrack: rebuild module for 2023.x support 2024-02-01 13:36:13 +01:00
Martin Weinelt 27fa02d0f1
Merge remote-tracking branch 'origin/staging-next' into staging 
Conflicts:
-	pkgs/development/compilers/llvm/10/clang/default.nix
- pkgs/development/compilers/llvm/8/clang/default.nix
 2024-02-01 12:25:11 +01:00
Nick Cao 0850ee016b
nixos/networkd: drop upstreamed stage-1 unit dependencies 
Reference: https://github.com/systemd/systemd/pull/27791
 2024-01-31 22:52:52 -05:00
Andreas Stührk fc6c92faf3 nixos/nftables: remove default systemd dependencies 
With DefaultDependencies enabled, systemd adds "After=basic.target" to
service units. `basic.target` has a dependency on `sockets.target`, so
the `nftables` has (amongst others) the following order constraints:

* Before=network-pre.target
* After=sockets.target

Those constraints are often unsatisfiable. For example, `systemd-networkd`
has a dependency `After=network-pre.target`. When a socket unit now uses
`BindToDevice=` on a device managed by `networkd`, a timeout occurs
because `networkd` waits for `network-pre.target`, but
`network-pre.target` depends (through nftables) on `sockets.target`, but
the device to bind the socket to is never brought up, as this would
happen through `networkd`.

This is fixed by removing the implicit dependency on `basic.target`.
 2024-01-31 23:26:05 +01:00
Adam Stephens 75ec325cb9
nixos/pam: remove pam_cgfs 
pam_cgfs is a cgroups-v1 pam module. Verified with upstream that
this module no longer necessary on cgroups-v2 systems.
 2024-01-31 17:19:23 -05:00
Felix Bühler 6c22593ad4
Merge pull request #284799 from Pablo1107/photoprism-module/fix-manage-script 
nixos/photoprism: use nsenter to call photoprism bin with correct UID and PID
 2024-01-31 20:52:11 +01:00
Franz Pletz 9e485b2169
Merge pull request #284326 from WilliButz/snmp-exporter-module/fix-logPrefix 
nixos/prometheus-snmp-exporter: fix undefined logPrefix
 2024-01-31 19:55:40 +01:00
Jared Baur 50866dc20f
nixos/sysupdate: allow lists in sysupdate config 
Lists are convenient to have in sysupdate configuration when using
multiple `MatchPattern` under `Target` when the target can have multiple
filenames. This use-case is helpful for BootLoaderSpec bootcounting where the target file on
disk can have multiple filenames, and in order for sysupdate to properly
ensure only N number of instances of this target exist at one time, we
need to have multiple match patterns.
 2024-01-31 09:12:28 -08:00
Peder Bergebakken Sundt 0d13d2a90f nixos/ttyd: remove with lib; 2024-01-31 17:58:59 +01:00
Peder Bergebakken Sundt 4c70703931 nixos/ttyd: add writable option 
Co-authored-by: Carsten Rodin <19612711+carstoid@users.noreply.github.com>
 2024-01-31 17:57:42 +01:00
Peder Bergebakken Sundt 19159ced3e
Merge pull request #249523 from greizgh/seafile-10 
Seafile 10
 2024-01-31 17:13:54 +01:00
Peder Bergebakken Sundt d5d752af43
Merge pull request #280821 from SuperSandro2000/pretalx 
pretalx: init 2023.1.3
 2024-01-31 17:11:38 +01:00
Peder Bergebakken Sundt 9118823ed3
Merge pull request #226532 from SuperSandro2000/dhcpcd 
dhcpcd: change files after patching; nixos/dhcpcd: link dhcpcd.conf to /etc/ to fix dhcpcd -k
 2024-01-31 16:43:54 +01:00
Jörg Thalheim 7d5c09b02e
Merge pull request #285167 from Mic92/systemd-boot 
nixos/systemd-boot: fix editor option
 2024-01-31 22:38:09 +07:00
Nick Cao 2c4eca2c07
Merge pull request #285100 from Tungsten842/revert-281529-acpid 
Revert "acpid: Disable network access"
 2024-01-31 08:25:37 -05:00
Jörg Thalheim 202e697233 nixos/systemd-boot: fix editor option 2024-01-31 10:46:30 +07:00
Mario Rodas 4006079f95
Merge pull request #276177 from aaronjheng/prometheus-openvpn-exporter 
prometheus-openvpn-exporter: remove
 2024-01-30 19:32:50 -05:00
WilliButz ccff749532
nixos/boot.uki: allow partial overrides of default UKI settings 
Previously any user-provided config for boot.uki.settings would need to
either specify a full set of config for ukify or a combination of
mkOptionDefault to merge the "settings" attribute set with the module's
defaults and then mkOverride or mkForce to override a contained
attribute.

Now it is possible to trivially override parts of the module's default
config, such as the initrd or kernel command line, but overriding the
full set of settings now requires mkOverride / mkForce.
 2024-01-30 23:54:40 +01:00
Thomas Gerbet 898c3061fe
Merge pull request #279253 from risicle/ris-packagekit-1.2.8 
packagekit: 1.2.5.1pre -> 1.2.8
 2024-01-30 23:37:46 +01:00
Tungsten842 c1afcd1c8c
Revert "acpid: Disable network access" 2024-01-30 22:49:43 +01:00
Robert Scott 19b3ab3fe4 packagekit: use test_nop backend by default 
nix backend is broken and this is causing the nixos test to
fail
 2024-01-30 20:41:15 +00:00
Martin Weinelt 8f03632997
nixos/pretalx: init 2024-01-30 17:41:34 +01:00
Ryan Lahfa 386c037cb7
Merge pull request #284174 from jmbaur/repart-sector-size 
Fix appliance-repart-image NixOS VM test
 2024-01-30 16:36:09 +01:00
K900 3176d495ff nixos/plasma5: enable qt stuff 
Otherwise things like themes only work due to lucky wrapper leakage.
 2024-01-30 17:36:06 +03:00
Weijia Wang 5116ea824d
Merge pull request #280549 from wineee/deepin-icon 
deepin: move distribution.info back to deepin-desktop-base
 2024-01-30 14:50:13 +01:00
Luke Granger-Brown 23310f467a
Merge pull request #284980 from patka-123/update-paperless-service-example-doc 
nixos/paperless: update extraConfig to settings in service docs.
 2024-01-30 12:53:31 +00:00
Yureka a6c64fbd39
nixos/strongswan-swanctl: add includes option for secrets (#284742) 2024-01-30 12:47:33 +01:00
h7x4 ba5f81a6b6
Merge pull request #276547 from ambroisie/pyload-module 
nixos/pyload: init module
 2024-01-30 12:29:46 +01:00
Patka 3d028d17c9
nixos/paperless: update extraConfig to settings in service docs 
Signed-off-by: Patka <patka@patka.dev>
 2024-01-30 11:26:04 +01:00
Sandro 4891afd8df
Merge pull request #284735 from Izorkin/update-gpg-tui 2024-01-30 11:09:05 +01:00
K900 0f34032f5a nixos/plasma5: install missing style plugins 2024-01-30 11:38:10 +03:00
github-actions[bot] 2f68b418f1
Merge staging-next into staging 2024-01-30 06:01:22 +00:00
Luke Granger-Brown a12b828a26
Merge pull request #277661 from appsforartists/handheld-daemon 
handheld-daemon: init at 1.1.0
 2024-01-30 04:01:11 +00:00
Brenton Simpson b960a217bd handheld-daemon: touchup code style to better match nixpkgs 
Co-authored-by: h7x4 <h7x4@nani.wtf>
Co-authored-by: Luke Granger-Brown <git@lukegb.com>
Co-authored-by: Bruno BELANYI <bruno@belanyi.fr>
 2024-01-29 17:20:30 -08:00
github-actions[bot] 93a73aa6cf
Merge staging-next into staging 2024-01-30 00:02:29 +00:00
Franz Pletz 3432be07e4
Merge pull request #278555 from leona-ya/kresd-port-only-regex 2024-01-30 00:41:53 +01:00
Bernardo Meurer 429a3accd9
Merge pull request #284800 from lovesegfault/fix-moonraker-warn 
nixos/moonraker: fix update_manager.enable_system_updates being [bool] and not bool
 2024-01-29 18:23:33 -05:00
Franz Pletz da226d14bf
Merge pull request #284749 from 2xsaiko/outgoing/dovecot-fix-1 2024-01-30 00:17:12 +01:00
Felix Bühler b6e25194a4
Merge pull request #283778 from linsui/noat 
nixos/nautilus-open-any-terminal: init
 2024-01-29 22:07:23 +01:00
Marco Rebhan 522d660f25
nixos/dovecot: fix sieve script config generation 2024-01-29 19:42:55 +01:00
github-actions[bot] 6a27b0be74
Merge staging-next into staging 2024-01-29 18:01:37 +00:00
Bernardo Meurer 392b32b2af
nixos/moonraker: fix update_manager.enable_system_updates being [bool] and not bool 2024-01-29 11:31:12 -05:00
Pablo Andres Dealbera bb40443e77 nixos/photoprism: use nsenter to call photoprism bin with correct UID and PID 2024-01-29 13:26:35 -03:00
Bobby Rong 850bac2305
Merge pull request #284633 from FedericoSchonborn/budgie-desktop-10.9 
Budgie Desktop 10.9
 2024-01-29 21:58:15 +08:00
Marco Rebhan 26e71b5a5b
nixos/dovecot: remove unused imports 2024-01-29 12:21:58 +01:00
Izorkin fd21b17628
nixos/no-x-libs: add gpg-tui 2024-01-29 12:35:22 +03:00
Nick Cao 519ebe37e2
Merge pull request #283452 from SuperSandro2000/pcsclite-outputs 
pcsclite: move binaries, polkit, systemd files to out, move libraries to lib
 2024-01-28 21:19:51 -05:00
Felix Bühler da47763cb8
Merge pull request #279384 from Stunkymonkey/recursive-pth-loader-normalize 
python311Packages.recursive-pth-loader: rename from recursivePthLoader
 2024-01-29 00:40:42 +01:00
Federico Damián Schonborn 0d209c6641
nixos/budgie: Replace gnome-session with budgie-session 
Signed-off-by: Federico Damián Schonborn <fdschonborn@gmail.com>
 2024-01-28 20:08:59 -03:00
Morgan Jones 1dc5eb13b0
nixos/armagetronad: add module with tests 2024-01-28 13:58:05 -08:00
Joachim F 6dd56e1483
Merge pull request #275579 from tamara-schmitz/master 
update hardened profile to new recommendations
 2024-01-28 20:25:27 +01:00
Sandro Jäckel 3da096a5c3
pcsclite: move binaries, polkit, systemd files to out, move libraries to lib 
This should make the things related to the udev rules and binaries a lot
simpler and more expected.
 2024-01-28 19:31:54 +01:00
Sandro 263af58884
Merge pull request #284488 from Silver-Golden/master 
Bitwarden directory connector: fix bad preStart
 2024-01-28 19:18:10 +01:00
K900 499b9a5de0
Merge pull request #284562 from K900/lemmy-nginx-fix 
lemmy: fix nginx config generation
 2024-01-28 20:48:51 +03:00
Kerstin 45b1d68c35
Merge pull request #283981 from f2k1de/mastodon-too-many-open-files-fix 
mastodon: set LimitNOFILE
 2024-01-28 18:47:53 +01:00
ocfox 01e674ba90
nixos/transfer-sh: init 
Co-authored-by: Pablo Ovelleiro Corral <mail@pablo.tools>
 2024-01-29 00:44:35 +08:00
Nick Cao 2389ab15b4
Merge pull request #284496 from ElvishJerricco/systemd-255-hibernate-resume 
systemd-stage-1: Fix hibernate-resume with systemd v255
 2024-01-28 11:20:04 -05:00
K900 c34a1d5135 lemmy: fix nginx config generation 2024-01-28 19:15:02 +03:00
Aaron Andersen 0ed21f3b09
Merge pull request #284122 from Stunkymonkey/zabbix-write-secret 
nixos/{zabbixServer,zabbixProxy}: prefer 'install' over 'mkdir/chmod/chown'
 2024-01-28 06:24:11 -08:00
nikstur dff64f549e nixos/x11: remove leading slash from environment.etc path 
Even if the tools that assemble /etc can handle leading slashes, this
still is not correct. For example, you could have both /X11 and X11 in
environment.etc which makes overriding hard.
 2024-01-28 13:38:09 +01:00
nikstur a9161ceb5a nixos/etc: remove leading slash from target paths in build-composefs-dump.py 
This is necessary so that duplicates in the composefs dump are avoided.
 2024-01-28 13:37:23 +01:00
Will Fancher 6f1b17d4b8 systemd-stage-1: Fix hibernate-resume with systemd v255 2024-01-28 06:52:21 -05:00
Brendan Golden fe59b6d24b
Bitwarden directory connector: fix bad preStart 2024-01-28 10:52:43 +00:00
Jared Baur 4e139026b5
nixos/repart: add option for configuring sector size 
This option is helpful for situations when the target host disk's sector
size differs from that of the build host.
 2024-01-27 17:19:32 -08:00
nikstur 92b98478a8 nixos/etc: fix type checking of build-composefs-dump.py 2024-01-28 01:58:56 +01:00
PassiveLemon 1d3e2a92bc nixos/alvr: init module 2024-01-27 19:45:27 -05:00
Martin Weinelt 0deb00012d
Merge pull request #255707 from micahsoftdotexe/update-navidrome 
nixos/navidrome: accept DataFolder option
 2024-01-28 00:08:18 +01:00
Micah Tanner 7d9e3e510b nixos/navidrome: accept DataFolder option 2024-01-27 17:54:50 -05:00
Tamara Schmitz b80c3284d5
nixos/hardened: update hardened profile to new recommendations 
Borrowing from here to match hardened profile with more recent kernels:
* https://madaidans-insecurities.github.io/guides/linux-hardening.html?#boot-parameters
* https://github.com/a13xp0p0v/kernel-hardening-checker/

Removed "slub_debug" as that option disables kernel memory address
hashing. You also see a big warning about this in the dmesg:
"This system shows unhashed kernel memory addresses via the console, logs, and other interfaces."

"init_on_alloc=1" and "init_on_free=1" zeroes all SLAB and SLUB allocations. Introduced in 6471384af2a6530696fc0203bafe4de41a23c9ef. Also the default for the Android Google kernel btw. It is on by default through the KConfig.

"slab_nomerge" prevents the merging of slab/slub caches. These are
effectively slab/slub pools.

"LEGACY_VSYSCALL_NONE" disables the older vsyscall mechanic that relies on
static address. It got superseeded by vdsos a decade ago. Read some
LWN.net to learn more ;)

"debugfs=off" I'm sure there are some few userspace programs that rely on
debugfs, but they shouldn't.

Most other things mentioned on the blog where already the default on a
running machine or may not be applicable.

Most other Kconfigs changes come from the kernel hardening checker and
were added, when they were not applied to the kernel already.

Unsure about CONFIG_STATIC_USERMODEHELPER. Would need testing.
 2024-01-27 20:43:58 +00:00
WilliButz 3a00809390
nixos/prometheus-snmp-exporter: fix undefined logPrefix 
When I added `coerceConfigFile` based on the blackbox exporter module, I
did not notice the missing attribute definition.
 2024-01-27 20:59:41 +01:00
Sandro Jäckel 1af95a24c1
nixos/dhcpcd: link dhcpcd.conf to /etc/ to fix dhcpcd -k 2024-01-27 18:12:55 +01:00
Nick Cao 8138e47046
Merge pull request #284115 from jacekpoz/ratbagd-module 
nixos/ratbagd: add package option
 2024-01-27 11:12:55 -05:00
Sandro 8219e2c1bc
Merge pull request #279050 from SuperSandro2000/portunus-seedsettings 
nixos/portunus: add seedSettings option
 2024-01-27 16:08:41 +01:00
Will Fancher 2af1ee5bba
Merge pull request #259196 from liff/mod/systemd-lock-handler 
nixos/systemd-lock-handler: init with corresponding package at 2.4.2
 2024-01-27 06:13:38 -05:00
Maximilian Bosch abd098fce8
Merge pull request #283972 from onny/nextcloud-settings 
nixos/nextcloud: Rename extraOptions to settings
 2024-01-27 11:01:23 +01:00
Olli Helenius e103c5cfcf
nixos/systemd-lock-handler: init 2024-01-27 11:55:46 +02:00
Pierre Bourdon b0051767f1
Merge pull request #284153 from JulienMalka/systemd-boot-builder-folder 
nixos/systemd-boot: move builder script in bin folder
 2024-01-27 06:58:18 +01:00
K900 b5dc67dd94
Merge pull request #284130 from xNaxdy/fix-plasma5-mobilegear 
nixos/plasma5: fix plasmaMobileGear path
 2024-01-27 07:07:52 +03:00
Weijia Wang 7d021ca26b
Merge pull request #265056 from rgri/init-mouse-actions 
mouse-actions: init at 0.4.4
 2024-01-27 03:47:42 +01:00
Julien Malka ceeddc5b15 nixos/systemd-boot: move builder script in bin folder 2024-01-27 01:29:40 +00:00
Lorenz Brun b8b53fdf37 nixos/kernel: add hid_corsair to initrd modules 
Same as all the other HID drivers, otherwise Corsair keyboards do not
work before the switch to stage2 without custom configuration.
 2024-01-27 02:11:57 +01:00
Thomas Gerbet 117fd19a77
Merge pull request #276306 from ambroisie/aria2-rpc-secret-file 
nixos/aria2: implement 'rpcSecretFile'
 2024-01-27 00:46:56 +01:00
Naxdy edc49b2e83
nixos/plasma5: fix plasmaMobileGear path 2024-01-26 23:52:49 +01:00
Yt a759a579fb
Merge pull request #283447 from Munksgaard/livebook-fixes 
livebook: Use `mix release` to build instead of escript
 2024-01-26 22:14:08 +00:00
Felix Buehler bdce5312c9 nixos/{zabbixServer,zabbixProxy}: prefer 'install' over 'mkdir/chmod/chown' 2024-01-26 23:10:57 +01:00
jacekpoz 49130d8bf7
nixos/ratbagd: add package option 2024-01-26 22:58:44 +01:00
Felix Buehler 4c9b5cb310 nixos/rabbitmq: prefer 'install' over 'mkdir/chmod/chown' 2024-01-26 22:56:28 +01:00
maxine 642317d03f
Merge pull request #283618 from SuperSandro2000/tailscale-resoleconf 
nixos/tailscale: make resolvconf package depending on enablement of module
 2024-01-26 22:41:14 +01:00
Felix Bühler d9de6dd272
Merge pull request #284075 from rhoriguchi/nixos/esphome 
nixos/esphome: add option to use ping to check online status of devices
 2024-01-26 22:13:11 +01:00
Kira Bruneau 473b20c3d7
Merge pull request #281909 from kira-bruneau/gamemode 
nixos/gamemode: add gamemode group
 2024-01-26 15:25:56 -05:00
superherointj cbe8e0c980 nixos/etcd: fix etcd category from misc to databases 2024-01-26 16:40:11 -03:00
superherointj 29d18e8f6f nixos/etcd: fixes etcd failing to start at boot and add openFirewall option 
Fixes etcd failing to start at boot for network and firewall not being ready and etcd peers being unavailable because of network/firewall

* configure etcd systemd unit to:

  - delay etcd start-up until network and firewall are ready
  - restart on failure and be always on

* add openFirewall option

  The official etcd ports are 2379 for client requests and 2380 for peer communication:
  https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.txt
  https://etcd.io/docs/v3.4/op-guide/configuration/
 2024-01-26 16:40:11 -03:00
Philip Munksgaard 1ee8e72834
livebook: Set KillMode=mixed 
This will gracefully shut down the service instead of resulting in errors like
this:

```
Jan 24 10:11:11 foo livebook[981676]: 10:11:11.922 [error] GenServer :disksup terminating
Jan 24 10:11:11 foo livebook[981676]: ** (stop) {:port_died, :normal}
Jan 24 10:11:11 foo livebook[981676]: Last message: {:EXIT, #Port<0.8>, :normal}
Jan 24 10:11:11 foo livebook[981676]: 10:11:11.922 [error] GenServer :memsup terminating
Jan 24 10:11:11 foo livebook[981676]: ** (stop) {:port_died, :normal}
```
 2024-01-26 20:19:49 +01:00
Philip Munksgaard 897d5670a3
livebook: Use mix release to build instead of escript 
The current build of livebook does not work with the new [Livebook
Teams](https://livebook.dev/teams/) features. The problem can be observed by
running the current version of livebook, adding a new team and going to the team
page. The process will crash and the team page will show a 500 error.

The base of the problem is that the escript build method is not officially
supported. This commit changes the livebook package to use the `mix release`
workflow, which is also the one used to build the official Docker container.

Unfortunately, the binary built with `mix release` does not support command line
arguments like the `escript` binary does. Instead, users need to pass in most of
the configuration as environment variables, as documented
[here](https://hexdocs.pm/livebook/readme.html#environment-variables). As a
result, this commit also changes the Livebook service to reflect this new way of
configuring Livebook.

Finally, the Livebook release configuration specifically excludes the
ERTS (Erlang Runtime System), which means that the resulting release cannot run
without Erlang installed.

I have tested the results (both of the package and the service) locally.
 2024-01-26 20:19:46 +01:00
Ryan Horiguchi 17243e6a84 nixos/esphome: add option to use ping to check online status of devices 2024-01-26 19:39:49 +01:00
Ryan Lahfa 37832d237e
Merge pull request #283244 from bjornfor/nixos-add-polkit-to-installation-device 
nixos/installation-device: enable polkit
 2024-01-26 14:46:48 +01:00
Jonas Heinrich e1c0d281b2 nixos/nextcloud: Rename extraOptions to settings 2024-01-26 14:22:49 +01:00
Isa 24930dadca mastodon: set LimitNOFILE 2024-01-26 12:30:57 +01:00
Lassulus da25b2382d
Merge pull request #280373 from h7x4/treewide-use-new-tmpfiles-api 
treewide: use new tmpfiles API
 2024-01-26 10:47:18 +01:00
tomberek 7aea9330a6
Merge pull request #60804 from jluttine/add-brightness-keys-to-light 
light: support brightness control keys
 2024-01-26 02:43:19 -05:00
Aaron Jheng 096f6d6c00
prometheus-openvpn-exporter: remove 2024-01-26 14:37:05 +08:00
rgri 28614f6861 mouse-actions: init at 0.4.4 
Co-authored-by: Donovan Glover <donovan@dglover.co>
Co-authored-by: Arne Keller <2012gdwu+github@posteo.de>
 2024-01-25 22:25:29 -06:00
Will Fancher f6d787c27f
Merge pull request #283818 from ElvishJerricco/revert-258680-network-online-x-multi-user 
nixos/systemd: Temporarily bring back multi-user -> network-online
 2024-01-25 18:18:18 -05:00
Robert Schütz 8433938f9b
Merge pull request #283617 from SuperSandro2000/headscale 
nixos/headscale: install package system wide
 2024-01-25 13:40:29 -08:00
Bruno BELANYI d3a1465196 nixos/aria2: implement 'rpcSecretFile' 
Since this is supposed to be a secret, use a file path as an input
instead of making it part of the expression, which would expose it in
the nix store.
 2024-01-25 21:36:21 +00:00
Felix Buehler d35003e302 python311Packages.recursive-pth-loader: rename from recursivePthLoader 2024-01-25 22:13:17 +01:00
Will Fancher 0d85bf0efe nixos/systemd: Temporarily bring back multi-user -> network-online 
There were several modules, critically including NetworkManager, which
were not prepared for this change. Most of the change was good,
however. Let's bring back the dependency and change the assertion to a
warning for now.
 2024-01-25 15:53:52 -05:00
maxine 066ccb996b
Merge pull request #282963 from NukaDuka/prometheus-pve-exporter-update 
prometheus-pve-exporter: 2.3.0 -> 3.2.1
 2024-01-25 21:17:19 +01:00
Ryan Lahfa 8cc42008aa
Merge pull request #274281 from RaitoBezarius/hebbot-module 
nixos/hebbot: init
 2024-01-25 20:33:02 +01:00
Ryan Lahfa ae910a15e6
Merge pull request #281001 from RaitoBezarius/new-sieve-dovecot-api 
nixos/mail/dovecot2: re-introduce extra settings and rename `sieveScripts`
 2024-01-25 20:32:35 +01:00
Ryan Lahfa 6fe2736c6f
Merge pull request #246055 from Tom-Hubrecht/netbird 
nixos/netbird: Allow running multiple netbird networks in parallel
 2024-01-25 20:08:58 +01:00
Raito Bezarius 78bc60b8a4 nixos/hebbot: init 
This is a NixOS module to support TWIM-style Matrix bots.
 2024-01-25 18:27:33 +01:00
rnhmjoj 1a1b91b3b9
nixos/dnsdist: add options for dnscrypt 2024-01-25 18:25:40 +01:00
Tom Hubrecht c2d822e6b0 nixos/netbird: Allow running multiple netbird networks in parallel 2024-01-25 17:25:59 +01:00
Raito Bezarius 3cb7823738 nixos/mail/dovecot2: warn about potential collision due to structured configuration 
Plugin configuration is pesky in dovecot2, let's warn about potential conflicts
in the module system by using a fancy regex.

This is only band-aid, this should be removed ASAP.

We clean up also a 21.05-era warning.
 2024-01-25 17:18:58 +01:00
Sandro Jäckel 922351ec86
nixos/tailscale: make resolvconf package depending on enablement of module 
If resolvconf is not enabled, trying to use it always fails because
/etc/resolvconf.conf contains an `exit 1`.
 2024-01-25 15:50:36 +01:00
linsui 6d1e022e7c nixos/nautilus-open-any-terminal: init 2024-01-25 22:00:23 +08:00
github-actions[bot] 8c2ba7797a
Merge master into staging-next 2024-01-25 12:01:19 +00:00
Julien Malka 39a2e0bb03
Merge pull request #283396 from newAM/clevis-clarify 2024-01-25 08:52:44 +01:00
github-actions[bot] 5af80acc9a
Merge master into staging-next 2024-01-25 06:01:04 +00:00
Elijah M. Immer c847e364ea nixos/hyprland: move to programs/wayland 
Just moved to hyprland module to programs/wayland.
This has no effect on the module side (still accessed the same way in
the module `programs.hyprland`) just moved to be inline with other
wayland compositors.

Also edit the module list to reflect where the file is located.
 2024-01-24 20:20:07 -08:00
Jörg Thalheim 559ddda570
Merge pull request #279852 from Madouura/pr/bcachefs 
bcachefs: update comments, release-notes, only use IFS for bcachefs, update bcachefs-tools and module
 2024-01-25 01:11:04 +01:00
github-actions[bot] a4b5a14b07
Merge master into staging-next 2024-01-25 00:02:13 +00:00
Sandro Jäckel 9f395dae71
nixos/headscale: install package system wide 
this is required to confirm nodes and generally manage everything
 2024-01-24 23:00:54 +01:00
Lassulus 65f1d64303
Merge pull request #279923 from jopejoe1/sshfs 
nixos/filesystems: set `system.fsPackages` for sshfs
 2024-01-24 22:04:41 +01:00
Alyssa Ross 0a95fd24f0
Merge remote-tracking branch 'origin/master' into staging-next 
Conflicts:
	pkgs/development/libraries/libunwind/default.nix
 2024-01-24 22:00:49 +01:00
r-vdp 28ea07d4e3
fwupd: 1.9.11 -> 1.9.12 
The fwupd daemon refuses to start when there is an uefi_capsule key without any
values in the config file, so I modified the module to only include this
key when there are actually values that go inside.
 2024-01-24 20:29:01 +01:00
github-actions[bot] d45e853c88
Merge master into staging-next 2024-01-24 12:01:06 +00:00
Vladimír Čunát 7f979aeb86
nixos/knot: allow specifying the clear section 
It was added in 3.3.4.  I'm not sure if it will be useful with NixOS
services, but I added it in the usual way anyway.
 2024-01-24 10:33:55 +01:00
a-n-n-a-l-e-e 18cc181b9b
Merge pull request #279511 from DanielSidhion/tigerbeetle-service 
nixos/tigerbeetle: init module
 2024-01-23 23:13:54 -08:00
github-actions[bot] bd24648ae1
Merge master into staging-next 2024-01-24 06:00:59 +00:00
Alex Martens c37de24b78 nixos/clevis: clairify secret creation 2024-01-23 20:46:52 -08:00
h7x4 f5d513c573
treewide: use new tmpfiles api 2024-01-24 05:13:17 +01:00
h7x4 e5f115b0d4
Merge pull request #283059 from Nanotwerp/patch-1 
nixos/corectrl: add package option
 2024-01-24 05:10:36 +01:00
github-actions[bot] 6a4e9dff73
Merge master into staging-next 2024-01-24 00:02:25 +00:00
Nanotwerp 6638cf69fe nixos/corectrl: add package option 
Co-authored-by: Emily <git@emilylange.de>
 2024-01-23 15:35:44 -05:00
github-actions[bot] 01a65d81f3
Merge master into staging-next 2024-01-23 18:00:56 +00:00
ppom 65544c693b
rustdesk-server: init module 2024-01-23 18:01:54 +01:00
Niklas Hambüchen aa6c8ae3a6
Merge pull request #253488 from nh2/install-grub-dont-stat-network-fs 
install-grub.pl: Do stat() last to not hang on hanging network FS
 2024-01-23 16:36:49 +01:00
Niklas Hambüchen b9ba9df3e8 install-grub.pl: Do stat() last to not hang on hanging network FS 2024-01-23 15:34:40 +00:00
Bjørn Forsman dadc54aabe nixos/installation-device: enable polkit 
Polkit enables running 'reboot' and 'poweroff' in the installer without
being root, and non-root is the default login for a few NixOS releases
now.

There's no size increase in the minimal ISO:

  $ git checkout nixpkgs-unstable
  $ nix-build -A config.system.build.isoImage -I nixos-config=nixos/modules/installer/cd-dvd/installation-cd-minimal.nix nixos/default.nix && du -sc ./result/iso/*.iso
  /nix/store/bfvbvrrqjmnqqhyqyxc0w32gagdz2rya-nixos-24.05.git.1149dab64e7-x86_64-linux.iso
  998404  ./result/iso/nixos-24.05.git.1149dab64e7-x86_64-linux.iso
  998404  total

  $ git checkout THIS_COMMIT
  $ nix-build -A config.system.build.isoImage -I nixos-config=nixos/modules/installer/cd-dvd/installation-cd-minimal.nix nixos/default.nix && du -sc ./result/iso/*.iso
  /nix/store/l9x9rwlvfddnri70h1ifx865q0cvka5l-nixos-24.05.git.1149dab64e7-x86_64-linux.iso
  998404  ./result/iso/nixos-24.05.git.1149dab64e7-x86_64-linux.iso
  998404  total
 2024-01-23 16:10:31 +01:00
Bruno BELANYI 70d0a6e547 nixos/pyload: init 2024-01-23 15:04:44 +00:00
Raito Bezarius 72e23635e6 nixos/mail/dovecot2: imapsieve.mailbox.*.causes is a list 
Otherwise, it's not possible to pass `COPY,APPEND` properly.
 2024-01-23 14:04:08 +01:00
Raito Bezarius caf9e51e0f nixos/mail/dovecot2: re-introduce extra settings and rename sieveScripts 
https://github.com/NixOS/nixpkgs/pull/275031 introduced structured configuration
for the dovecot2 sieve plugin, by doing so, it broke SNM configuration doing Sieve configurations.

This attempts to fix up the public API to make it possible for SNM to pick up the pieces.
 2024-01-23 14:04:08 +01:00
Kartik Gokte dde72e969e nixos/prometheus-pve-exporter: updated schema and options to v3.2.1 2024-01-23 11:19:37 +05:30
Brenton Simpson f571033ce0 handheld-daemon: use kebab-case instead of camelCase for service name 2024-01-22 19:26:43 -08:00
Brenton Simpson bcf9a24332 handheld-daemon: init at 0.2.7 2024-01-22 19:26:42 -08:00
github-actions[bot] 8303a96c2d
Merge master into staging-next 2024-01-23 00:02:30 +00:00
Peder Bergebakken Sundt 76e9a3eafc
Merge pull request #272147 from SuperSandro2000/archisteamfarm 
nixos/archisteamfarm: don't use asf abbreviation for more clarity
 2024-01-22 22:57:04 +01:00
Ryan Lahfa 5b14fea3d6
Merge pull request #280405 from RaitoBezarius/keepalived-unicast 
nixos/networking/keepalived: do not emit `unicastPeers` when there are none
 2024-01-22 22:43:29 +01:00
Raito Bezarius 08c9562995 keepalived: add myself as a maintainer 
I will use this for a while, so… let's keep it tidy.
 2024-01-22 21:56:04 +01:00
Ryan Lahfa 32a6e224ae
Merge pull request #282929 from minijackson/netbox-3.7.1 
Netbox 3.7.1
 2024-01-22 20:52:54 +01:00
Robert Schütz 6de0d9293e
Revert "Dovecot: Do not include empty sieve_extensions and sieve_global_extensions" 2024-01-22 10:02:51 -08:00
github-actions[bot] 3c7375b75c
Merge master into staging-next 2024-01-22 18:00:55 +00:00
nikstur 3ea482163b
Merge pull request #282320 from helsinki-systems/fix/nix-gc-unit-type 
nixos/nix-gc: Minor module fixups
 2024-01-22 17:49:18 +01:00
nikstur 733c8ee469
Merge pull request #282086 from nikstur/uki 
nixos/uki: init
 2024-01-22 17:43:09 +01:00
Minijackson 5d2370f800
netbox_3_5: remove 2024-01-22 16:31:45 +01:00
Minijackson 163fed297e
netbox: 3.6.9 -> 3.7.1 
Or another way to see it:

netbox_3_7: init at 3.7.1

Make NetBox 3.7 the default version if stateVersion >= 24.05,
switch upgrade test to test upgrade from 3.6 to 3.7,
remove clearcache command for >=3.7.0,
make reindex command mandatory
 2024-01-22 16:31:45 +01:00
Jörg Thalheim b0a5444e43
Merge pull request #282878 from Mic92/buildbot 
nixos/buildbot: don't require network-online.target
 2024-01-22 15:53:13 +01:00
Luke Granger-Brown f5344c8b87
Merge pull request #280658 from simonhollingshead/add-fixedrandomdelay 
nixos/auto-upgrade: add system.autoUpgrade.fixedRandomDelay
 2024-01-22 14:48:23 +00:00
github-actions[bot] 3a8094730e
Merge master into staging-next 2024-01-22 12:01:10 +00:00
Jörg Thalheim 372513f630 nixos/buildbot: don't require network-online.target 
The daemon setup itself only requires the firewall to be up.
Workers will connect itself as they can reach the master instance.
That's why we don't need an online target for buildbot to function.
 2024-01-22 12:54:42 +01:00
Linus Heckemann 18e5176621
Merge pull request #270727 from nikstur/nixos-perlless-activation 
Perlless Activation
 2024-01-22 10:11:44 +01:00
github-actions[bot] f363b57fc7
Merge master into staging-next 2024-01-22 06:01:17 +00:00
rht cee68718db
hddfancontrol: Disable network access 2024-01-21 21:09:13 -05:00
rht 25181b596f
thinkfan: Disable network access 2024-01-21 21:09:01 -05:00
h7x4 5f5210aa20
Merge pull request #281606 from MarcelCoding/bird-no-auto-restart 
nixos/bird2: add option to disable auto reload
 2024-01-22 01:24:37 +01:00
github-actions[bot] dceddd03df
Merge master into staging-next 2024-01-22 00:02:14 +00:00
nikstur 8710a27bc6 nixos/profiles/perlless: init 2024-01-22 00:54:13 +01:00
nikstur 60f529fc82 nixos/etc: optionally mount etc as an overlay 2024-01-22 00:54:13 +01:00
Peder Bergebakken Sundt 0fbb6483cf
Merge pull request #273537 from sigprof/nixos-ssh-askpass-xauthority 
nixos/ssh: pass XAUTHORITY to ssh-askpass
 2024-01-22 00:43:59 +01:00
Nick Cao 9969fb7ff4
Merge pull request #281904 from Stunkymonkey/ttyd-fix-leakage 
ttyd: add test & use systemd LoadCredential
 2024-01-21 14:48:40 -05:00
Peder Bergebakken Sundt 3747401ffe
Merge pull request #236744 from l0b0/shells-environment-remove-redundant-p-flag 
nixos/modules: Split recursive mkdir with permissions
 2024-01-21 20:16:14 +01:00
Bernardo Meurer 28ad748d40
Merge pull request #281845 from lovesegfault/fix-moonraker-warn 2024-01-21 14:09:00 -05:00
happysalada f3b08ca5a6 nixos/clamav: fix network-online requires assert 2024-01-21 11:37:54 -05:00
github-actions[bot] cabf4612ca
Merge master into staging-next 2024-01-21 12:01:00 +00:00
Jonas Heinrich 58fcc2db9d
Merge pull request #282339 from marcusramberg/marcus/ollama_listen 
nixos/ollama: Add listenAddress
 2024-01-21 12:57:53 +01:00
Doron Behar 49e5ffd3a9
Merge pull request #235847 from doronbehar/nixos/taskserver-permissions 
nixos/taskserver: Enable cfg.group to read clients' certificates
 2024-01-21 09:32:07 +02:00
Morgan Jones cdd95bd39c
nixos/nebula: default to port 0 for hosts other than lighthouse/relay 2024-01-20 19:29:32 -08:00
Sandro Jäckel 6d1d912716
nixos/archisteamfarm: drop with lib 2024-01-21 02:14:02 +01:00
Sandro Jäckel 2d324fc242
nixos/archisteamfarm: don't use asf abbreviation for more clarity 2024-01-21 02:14:00 +01:00
github-actions[bot] 84335ac8cb
Merge master into staging-next 2024-01-21 00:02:21 +00:00
maxine f0dd758da7
Merge pull request #273707 from illustris/cloud-init 
cloud-init: 23.3.3 -> 23.4.1, fix race condition on AWS
 2024-01-21 00:39:06 +01:00
Marcus Ramberg 8d956b1725 nixos/ollama: Add listenAddress 2024-01-21 00:27:07 +01:00
Felix Buehler c34493d7c0 ttyd: add test & use systemd LoadCredential 2024-01-20 21:01:51 +01:00
github-actions[bot] 4dea63e421
Merge master into staging-next 2024-01-20 18:01:02 +00:00
Maximilian Bosch 93d692f43b
Merge pull request #280600 from Ma27/nextcloud-state-tmpfiles 
nixos/nextcloud: set up base directories & override.config.php with tmpfiles
 2024-01-20 17:49:46 +01:00
h7x4 d7995e41b6
Merge pull request #277514 from gepbird/github-runner-update-docs 
github-runner: mention manpage for serviceOverrides option
 2024-01-20 16:57:03 +01:00
h7x4 e7069e4aa2
Merge pull request #281055 from majiru/resolved-dns-over-tls 
nixos/resolved: add dnsovertls option
 2024-01-20 15:21:45 +01:00
Kevin Cox 9cd3bd7a5c
Merge pull request #281915 from exi/patch-1 
Dovecot: Do not include empty sieve_extensions and sieve_global_extensions
 2024-01-20 09:10:41 -05:00
Janne Heß e04524a931
nixos/nix-gc: Use singleLineStr where possible 2024-01-20 13:16:39 +01:00
Janne Heß 2315174384
nixos/nix-gc: Add Type so systemctl waits properly 2024-01-20 13:15:20 +01:00
Janne Heß fd8727163d
nixos/nix-gc: Drop with lib; 2024-01-20 13:14:57 +01:00
github-actions[bot] 2aa3d6edac
Merge master into staging-next 2024-01-20 12:00:58 +00:00
Gutyina Gergő 79e8fb92b8
github-runner: mention manpage for serviceOverrides option 2024-01-20 10:22:53 +01:00
Lin Jian 436929e972
Merge pull request #282174 from linj-fork/pr/remove-emacsclient-desktop 
nixos/emacs: drop custom emacsclient desktop file
 2024-01-20 15:39:37 +08:00
github-actions[bot] 0cd628f6d5
Merge master into staging-next 2024-01-20 06:01:03 +00:00
h7x4 66cb51263e
Merge pull request #264552 from vifino/watchdogd 
watchdogd: init at 4.0; add module
 2024-01-20 06:21:24 +01:00
Jacob Moody dfc87b9048 nixos/resolved: add dnsovertls option 2024-01-19 21:29:22 -06:00
h7x4 62dbf40586
Merge pull request #282147 from eclairevoyant/acme 
nixos/acme: fix assertion for renamed option
 2024-01-20 03:27:15 +01:00
Lin Jian 9e98fce0c5
Merge pull request #281654 from SuperSandro2000/portunus-restart 
nixos/portunus: restart on failure
 2024-01-20 09:17:18 +08:00
Lin Jian 20f07b4aa9
nixos/emacs: drop custom emacsclient desktop file 
This custom emacsclient desktop file was added[1] to Nixpkgs when
the upstream did not provide one.

Since an emacsclient desktop file is provided[2] by the upstream now,
we should remove our custom one from Nixpkgs to reduce maintenance
burden[3].

Fixes https://github.com/NixOS/nixpkgs/issues/245533

[1]: https://github.com/NixOS/nixpkgs/pull/35896
[2]: https://git.savannah.gnu.org/cgit/emacs.git/commit/etc/emacsclient.desktop?id=1a845a672dc73c8e98e6cb9bb734616e168e60ba
[3]: https://git.savannah.gnu.org/cgit/emacs.git/commit/etc/emacsclient.desktop?id=1500e4b4329d4d3d0141263230d74e1b314373b1
 2024-01-20 08:21:08 +08:00
github-actions[bot] 650e10b010
Merge master into staging-next 2024-01-20 00:02:16 +00:00
Adrian Pistol 58cbe00eb6 nixos/watchdog: add module 2024-01-20 00:15:31 +01:00
éclairevoyant b43dcaf48f
nixos/acme: fix assertion for renamed option 2024-01-19 16:28:56 -05:00
Peder Bergebakken Sundt 31ff0dfe49
Merge pull request #273024 from melvyn2/patch-1 
nixos/sshServe: use bash as default shell for nix-ssh user
 2024-01-19 22:26:44 +01:00
DS fdf411fb36 nixos/tigerbeetle: init module 2024-01-19 13:19:27 -08:00
Peder Bergebakken Sundt c3f2d4a319
Merge pull request #267327 from bbenno/fix/nixos-firebird 
nixos/firebird: fix coerce error
 2024-01-19 22:12:47 +01:00
h7x4 99e3c0032a
Merge pull request #281871 from RatCornu/tachidesk-server 
nixos/suwayomi-server: init at 0.7.0
 2024-01-19 20:19:06 +01:00
Julien Malka 42ad0d80ce
Merge pull request #281639 from Mic92/systemd-refactoring 2024-01-19 19:42:32 +01:00
github-actions[bot] 331c789712
Merge master into staging-next 2024-01-19 18:01:00 +00:00
nikstur 985bafa5fc nixos/uki: init 2024-01-19 17:04:59 +01:00
Franz Pletz e7279b9102
Merge pull request #281186 from Sohalt/podman-dns-firewall 2024-01-19 17:01:23 +01:00
nikstur 066151e0de
Merge pull request #277633 from nikstur/image-repart-improvements 
Image repart improvements
 2024-01-19 15:25:08 +01:00
nikstur a34af9a955 image/repart: add version and compression options 
The version option is needed if you want to implement partition &
systemd-boot based A/B booting where the version information is encoded
in the files on the ESP. See systemd-sysupate docs for more details on
this:
https://www.freedesktop.org/software/systemd/man/latest/sysupdate.d.html

Note, however, that this is not *only* useful for systemd-sysupdate but
also for other similar updating tools/mechanisms.
 2024-01-19 14:43:29 +01:00
Zolo c9e7344950
Update systemd-boot.nix 
Extending the systemd-boot information and where to find more information.
 2024-01-19 14:01:26 +01:00
github-actions[bot] 4679030218
Merge master into staging-next 2024-01-19 12:01:13 +00:00
Martin Weinelt c2853e2588
Merge pull request #258680 from lf-/jade/remove-multiuser-netonline-dep 
nixos/systemd: don't require network-online.target for multi-user.target
 2024-01-19 12:49:23 +01:00
Sandro eb09653fde
Merge pull request #266428 from lf-/jade/samba-fix-security-type 2024-01-19 12:29:19 +01:00
Sandro 5897d4eb0d
nixos/portunus: remove superfluous explicit out 
Co-authored-by: Lin Jian <me@linj.tech>
 2024-01-19 11:58:07 +01:00
Sandro Jäckel fd199bdc5b
nixos/portunus: add seedSettings option 2024-01-19 11:57:01 +01:00
Jade Lovelace fe474ed61a nixos: fix remaining services for network-online dep fix 2024-01-19 00:11:34 -08:00
Jade Lovelace 1b514b3e10 fix: rxe under network-online.target change [UNSURE IF CORRECT] 2024-01-19 00:11:34 -08:00
Jade Lovelace c80398e5d2 nixos/ircd-hybrid: fix evaluation error 2024-01-19 00:11:34 -08:00
Jade Lovelace 6c5ab28fce nixos: fix a bunch of services missing dep on network-online.target 
This was done by generating a truly hilarious configuration:

rg 'services\.[^.]+\.enable\t' opts-tags | cut -f1 > allonconfig.nix

The following were not tested due to other evaluation errors. They
should probably be manually audited.
services.amule
services.castopod
services.ceph
services.chatgpt-retrieval-plugin
services.clamsmtp
services.clight
services.dante
services.dex
services.discourse
services.dwm-status
services.engelsystem
services.foundationdb
services.frigate
services.frp
services.grocy
services.guacamole-client
services.hedgedoc
services.home-assistant
services.honk
services.imaginary
services.jitsi-meet
services.kerberos_server
services.limesurvey
services.mastodon
services.mediawiki
services.mobilizon
services.moodle
services.mosquitto
services.nextcloud
services.nullmailer
services.patroni
services.pfix-srsd
services.pgpkeyserver-lite
services.postfixadmin
services.roundcube
services.schleuder
services.self-deploy
services.slskd
services.spacecookie
services.statsd
services.step-ca
services.sympa
services.tsmBackup
services.vdirsyncer
services.vikunja
services.yandex-disk
services.zabbixWeb
 2024-01-19 00:11:34 -08:00
Reno Reckling 33ede4cc7c
use concatMapStringsSep in dovecot config 
Co-authored-by: h7x4 <h7x4@nani.wtf>
 2024-01-19 07:14:59 +01:00
github-actions[bot] 631f14c407
Merge master into staging-next 2024-01-19 06:00:59 +00:00
h7x4 5350f74b81
Merge pull request #277739 from KiaraGrouwstra/fix-sample-value-services-wordpress-sites-name-languages 
fix sample value for option services.wordpress.sites.<name>.languages
 2024-01-19 03:51:40 +01:00
RatCornu 4133bb1bb0
nixos/suwayomi-server: init at 0.7.0 2024-01-19 02:31:23 +01:00
Reno Reckling 9c5b8fe008
Merge branch 'NixOS:master' into patch-1 2024-01-19 01:31:50 +01:00
Jade Lovelace 81a3fa04ca nixos/buildbot: master also wants network-online.target 2024-01-18 16:28:42 -08:00
Jade Lovelace ce602cc0aa nixos/kea: also want network-online.target 2024-01-18 16:28:42 -08:00
Will Fancher 367d101073 nixos/systemd: assert After=network-online.target -> Wants= 
This will catch broken services at the evaluation stage.
 2024-01-18 16:28:41 -08:00
Jade Lovelace 80edf319fe nixos/paperless: fix network-online.target dependencies 2024-01-18 16:28:41 -08:00
Jade Lovelace 62f30634db nixos/systemd: don't require network-online.target for multi-user.target 
Previously we required network-online.target for multi-user.target. This
has made a lot of people very angry and has been widely regarded as a
bad move (or at least, very nonstandard):
15d761a525 (commitcomment-128564097)

This was done because of fragile tests and services declaring
dependencies on multi-user.target when they meant network-online.target.

Let's rip off the bandaid and fix our tests.
 2024-01-18 16:28:39 -08:00
Reno Reckling 1e4065d90a
Do not include sieve_extensions and sieve_global_extensions if they are the default value 
Setting them to empty string will disable the default behaviour, leading to missing extensions.
 2024-01-19 01:21:07 +01:00
nikstur 1e70382b81 nixos/version: add options to identify images 
This is useful when building appliance images that use among other
things partition based A/B updates.
 2024-01-19 01:16:49 +01:00
github-actions[bot] b459003bdd
Merge master into staging-next 2024-01-19 00:02:22 +00:00
Kira Bruneau b250e162d6 nixos/gamemode: add gamemode group 
Gamemode 1.8 requires users to be in the gamemode group to set the CPU
governor, so we should automatically create it when it's enabled.
 2024-01-18 18:06:36 -05:00
nikstur eec1845744 nixos/systemd-sysusers: init 2024-01-18 23:08:14 +01:00
Julian Stecklina be2a4f37af nixos/dbus: explicitly set homeMode for dbus 
Otherwise /run/dbus is created with the wrong permissions.

For some reason our recent changes made /run/dbus be 0700 instead of
0755. This is actually the default of homeMode. So something worked by
accident before?
 2024-01-18 23:08:14 +01:00
nikstur 4b128008c5 nixos/test-instrumentation: use file to set root password 2024-01-18 23:08:13 +01:00
Niklas Hambüchen 305821576a
Merge pull request #273239 from nh2/issue-31138-fix-xkbvalidate-xkb-dir 
xserver service: xkbvalidate: Respect `xkb.dir`
 2024-01-18 21:56:39 +01:00
Bernardo Meurer a09b1c12fb
nixos/moonraker: don't warn about harmless update_manager settings 
The only setting we care to warn about is `enable_system_updates`,
there's no reason to issue warnings when folks set, for example,
`enable_auto_refresh`.
 2024-01-18 13:52:50 -05:00
github-actions[bot] dc4a7c97b0
Merge master into staging-next 2024-01-18 18:00:55 +00:00
K900 967d49b8a8 Merge remote-tracking branch 'origin/staging-next' into staging 2024-01-18 19:15:32 +03:00
Adithya Nair 8b5644684e
nixos/frp: use toml configFile 
According to upstream, the INI configuration file is deprecated and
TOML/YAML/JSON is recommended.
Link: https://github.com/fatedier/frp/tree/dev#configuration-files
 2024-01-18 21:37:40 +05:30
Janne Heß 15c31afd8a
Merge pull request #271067 from nikstur/sysinit-reactivation 
nixos/switch-to-configuration: add sysinit-reactivation.target
 2024-01-18 16:13:32 +01:00
nikstur 1472cd16bb
Merge pull request #265951 from nikstur/systemd-255 
systemd: 254.6 -> 255.2
 2024-01-18 15:51:10 +01:00
Adam C. Stephens 887d3f54c6
Merge pull request #278753 from adamcstephens/incus/migrate-test 
incus, lxd: ensure lxd->incus migration is supported and tested
 2024-01-18 08:01:23 -05:00
mian | mian fbe9d95ed9
fix semi-colon missing 2024-01-18 16:31:54 +08:00
Franz Pletz c00a2d02bd
Merge pull request #251882 from r-ryantm/auto-update/prometheus-snmp-exporter 
prometheus-snmp-exporter: 0.22.0 -> 0.25.0
 2024-01-18 08:16:39 +01:00
Sandro Jäckel f154807e93
nixos/portunus: restart on failure 2024-01-18 01:01:30 +01:00
nikstur e6b66f08a5 nixos/switch-to-configuration: add sysinit-reactivation.target 2024-01-18 00:46:30 +01:00
Franz Pletz ed2ea66bbf
Merge pull request #278539 from Ma27/sshd-socket-activation-ports 
nixos/sshd: fix socket activated ports when using ListenAddress
 2024-01-17 23:27:52 +01:00
Jörg Thalheim 4a20af3932 nixos/systemd-boot: move all template variables in one place 
This makes it easier to reason about what variables are inserted during packaging.
We also make sure that template file is also valid python syntax, which makes editor errors go away during development.
 2024-01-17 22:53:17 +01:00
WilliButz bb9c7762bc
nixos/prometheus-snmp-exporter: add config check 
This is introduced and enabled by default because the config syntax for
the exporter changed with release 0.23.0.

This should make the breaking config change obvious before services are
deployed with an incompatible old config.

The check is based on the check present in the blackbox-exporter module.
 2024-01-17 20:34:30 +01:00
WilliButz a8ea9fe492
nixos/prometheus-snmp-exporter: switch to new config syntax 
Introduced with version 0.23.0, see
b75fc6b839/auth-split-migration.md
 2024-01-17 20:32:45 +01:00
Marcel a63a884c00
nixos/bird2: add option to disable auto reload 
In a critical setup of bird with many BGP sessions,
you want to control the exact time when configuration
changes are applied. Therefore, an option was added,
to disable automatic reloading the systemd unit,
when configuration changes are made. The administrator
how has the ability to control how changes are applied.
 2024-01-17 20:09:34 +01:00
Robin Gloster e59524560c
Merge pull request #281555 from fpletz/nixos/ntpd-rs-fix-metrics 
nixos/ntpd-rs: fix metrics service
 2024-01-17 15:49:24 +01:00
Sandro 35ef7edaea
Merge pull request #281421 from SuperSandro2000/pcsc-polkit 2024-01-17 15:21:26 +01:00
Franz Pletz 35c015ff91
nixos/ntpd-rs: fix metrics service 2024-01-17 15:06:20 +01:00
nikstur 748378a3ec systemd: 254.6 -> 255.2 
Removed patches:

- 0007-Fix-hwdb-paths.patch

  The directory we want seems to already be included in the list. Is there
  a reason why we want to restrict it further?

- 0010-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch

  This patch has little to do with how the meson.build file looks now. The
  new patch 0017 is the successor to this one.

- 0015-pkg-config-derive-prefix-from-prefix.patch

  This is fixed upstream. We don't need this anymore.
 2024-01-17 14:13:46 +01:00
rht fb8b20d90e
acpid: Disable network access 2024-01-17 06:46:34 -05:00
Maciej Krüger f666630f4a
Merge pull request #280556 from gador/pgadmin-8.2 
pgadmin: 8.1 -> 8.2, python3Packages.webauthn 1.11.1 -> 2.0.0, python3Packages.flask-security-too: fix pydantic issue
 2024-01-17 08:30:24 +01:00
Benjamin Bädorf 7c3ecbdce9 nixos/invoiceplane: add nginx as a webserver option for invoiceplane 
Getting the vhost to play nice with phpfpm was done by following this
community post: https://community.invoiceplane.com/t/topic/2654
 2024-01-17 05:09:34 +01:00
Ryan Lahfa bbd92ae047
Merge pull request #280561 from RaitoBezarius/fix-listmonk-module 
nixos/mail/listmonk: fix hardening directives
 2024-01-17 03:42:31 +01:00
Sandro Jäckel 6b1e46597f
nixos/pcscd: fix linking of org.debian.pcsc-lite.policy file for polkit 2024-01-17 00:28:22 +01:00