tobias/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-11-21 16:16:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
604140 commits 203 branches 75 tags 12 GiB
Commit graph

29955 commits

Author SHA1 Message Date
pennae b71ca1c90a
Merge pull request #291922 from NixOS/mosquitto-2 
nixos/mosquitto: remove stutter in acl file name
 2024-02-28 02:06:01 +01:00
Ryan Lahfa e53c07f4cc
Merge pull request #291822 from alyssais/zfs-2.1.15 
zfs_2_1: 2.1.14 -> 2.1.15
 2024-02-28 01:43:56 +01:00
Andrew Marshall 1f32eb724d nixos/zfs: Remove enableUnstable in favor of setting package 
This just adds complexity and confusion. Once-upon-a-time, there was no
`package` and only `enableUnstable`, but now it is just confusing to
have both, as it would be possible to do e.g. `package = pkgs.zfs` and
`enableUnstable = true`, but then `enableUnstable` does nothing.
 2024-02-27 19:30:19 -05:00
Hans Christian Schmitz 5f6dca8403
nixos/pipewire: add assertions for migration to extraConfig/configPackages 
The PR #282377 made files/directories specified in
`environment.etc."pipewire<...>"` and `environment.etc."wireplumber<...>"`
conflict with existing configuration of the PipeWire NixOS module due to how
the `configPackages` options were implemented. This sadly wasn't easily
avoidable. As this can cause breakage for users moving from 23.11 to 24.05
though, assertions can help guide them to use `services.pipewire.extraConfig`
or `services.pipewire.configPackages` / `services.wireplumber.configPackages`
instead, fixing the breakage.
 2024-02-28 01:22:28 +01:00
abysssol 5c143f0366 nixos/ollama: override kernelPackages with nvidia driver 
Instead of setting linuxPackages to a singleton set with nvidia_x11,
override the system's kernelPackages with the nvidia driver.
This is more semantically correct, though doesn't change any behavior.
 2024-02-27 18:51:54 -05:00
Andrew Marshall 2e36c49949 nixos/pam: Do not incorrectly use zfs.enableUnstable in assertion 
`zfs.enableUnstable` only has an effect if `zfs.enabled = true`, so only
require `zfs.enabled` to be true here.
 2024-02-27 18:46:00 -05:00
Andrew Marshall 929fcf9335 zfs_unstable: Rename from zfsUnstable 
This matches the naming of other zfs_* pkgs.
 2024-02-27 18:45:55 -05:00
Andrew Marshall ce5b1e007e nixos/zfs: Fix typo in option doc 2024-02-27 18:45:55 -05:00
e1mo 43fee5401d
nixos/bird-lg: Update option description to indicate new features 
In release v1.3.3[0] support for CIDRs was added, thus updated the
option description to indicate the new support for that.

[0]: https://github.com/xddxdd/bird-lg-go/releases/tag/v1.3.3
 2024-02-27 23:54:21 +01:00
Linus Heckemann 98684f4504
Merge pull request #270611 from astro/systemd-netboot 
Systemd netboot
 2024-02-27 23:44:57 +01:00
Sandro f9477e3a75
Merge pull request #209506 from Izorkin/update-dhcpcd-exit-hook 
nixos/dhcpcd: optimize exitHook
 2024-02-27 23:01:22 +01:00
Astro 6fbf631a7b nixos netboot: prepend systemd initrd sysroot for store overlay 2024-02-27 22:41:45 +01:00
Sandro 9c1ea5e3a2
Merge pull request #267012 from alois31/plymouth-unbloat 
nixos/plymouth: drop the X11 renderer in the initrd
 2024-02-27 22:28:27 +01:00
Sandro 4c88c797b8
nixos/mosquitto: remove stutter in acl file name 2024-02-27 22:15:43 +01:00
Atemu 97f445e8f1
Merge pull request #245005 from Scrumplex/nixos-monado 
nixos/monado: init
 2024-02-27 20:11:04 +00:00
Sandro Jäckel 6753857664
nixos/tailscale: add option to pass flags to tailscaled 2024-02-27 20:08:08 +01:00
Philip Taron 27d6c242ea
nixos/networkd: accept true and false in addition to "yes" and "no" for DHCP= and LinkLocalAddressing= 
These were the only two systemd configuration values that were missing the `boolValues ++` treatment, according to my `rg` through the codebase.
 2024-02-27 08:53:32 -08:00
WilliButz 4d59ace14f
nixos/systemd-repart: add assertion for partition label length 
The maximum length for a GPT label supported by systemd is 36
characters. When a repart definition contains a label that is longer
than the supported maximum length, it is ignored by systemd-repart and
a log message is produced.

The new assertion makes this obvious to the user at evaluation time,
allowing them to either drop the property entirely or choose a supported
label within the length limit instead.
 2024-02-27 17:38:14 +01:00
Sandro Jäckel 6cd7477733
nixos/hydra: add option for starman workers 
This is useful for small deployments which do not need 5 spare starman
workers taking 160 MB of RAM each.
 2024-02-27 15:45:20 +01:00
Someone Serge 2a63db4e6f
nixos/virtualisation.containers.cdi.dynamic.nvidia: expose driverLink 
..shallowly
 2024-02-27 12:50:59 +00:00
Alyssa Ross 45f1428902
zfs_2_1: 2.1.14 -> 2.1.15 
This adds compatibility with newer kernels, which fixes
nixosTests.zfs.series_2_1, which broke when the default kernel version
was bumped.

This means we no longer need the removeLinuxDRM option at all, but
I've kept it around as a no-op so people can leave it set in case the
same thing happens again in future.
 2024-02-27 13:44:16 +01:00
Someone Serge 65dbac7215
nixos/virtualisation.containers.cdi.dynamic.nvidia: refactor w/ callPackage 2024-02-27 11:59:57 +00:00
Jon Seager d0b85d47c6
Merge pull request #289863 from mjm/nut-exporter-variables 
nixos/prometheus-nut-exporter: use extraFlags, add nutVariables option
 2024-02-27 11:11:30 +00:00
Siddhartha b470b4432d nixos/systemd-boot: Add support for an XBOOTLDR partition 2024-02-26 21:55:49 -05:00
Adam C. Stephens 3a3f30d6b9
Merge pull request #291547 from alyssais/zfs-linux-6.6-aarch64 
zfs: update latestCompatibleLinuxPackages
 2024-02-26 21:45:20 -05:00
pennae 13aff9b34c
Merge pull request #259937 from charmoniumQ/patch-1 
nixos/mosquitto: fix ACL permissions
 2024-02-26 22:58:40 +01:00
Atemu f53c775852
Merge pull request #278454 from litchipi/mealie 
mealie: init at 1.2.0
 2024-02-26 21:01:49 +00:00
Julien Malka d882852f8b
Merge pull request #291160 from jmbaur/systemd-boot-builder-cross 2024-02-26 21:43:23 +01:00
Luflosi a982176a71
nixos/memcached: clarify behaviour of enableUnixSocket 
Let's make it clear that enabling this option will disable listening on an IP address and port.
 2024-02-26 15:29:55 +01:00
Pol Dellaiera 033a375a23
Merge pull request #290363 from abysssol/update-ollama-0.1.26 
ollama: 0.1.24 -> 0.1.26
 2024-02-26 15:00:57 +01:00
Alyssa Ross 2b9f043823
zfs: update latestCompatibleLinuxPackages 
ZFS no longer tries to use GPL-only symbols on aarch64.

Tested by building nixosTests.zfs.stable (modified to use Linux 6.6)
and nixosTests.zfs.unstable.
 2024-02-26 12:27:10 +01:00
K900 d596c9b4b5
Merge pull request #291513 from K900/pipewire-lv2 
nixos/pipewire: add LV2 plugins option
 2024-02-26 10:19:28 +03:00
K900 eb74747f38 nixos/pipewire: add LV2 plugins option 
Follow-up #282377.

Some packages may want to load LV2 plugins directly from PipeWire config instead, so add another option to accomodate those.
 2024-02-26 10:04:45 +03:00
Weijia Wang 9798dc0a48
Merge pull request #291464 from Gerg-L/switcheroo2 
nixos/switcherooControl: add package option
 2024-02-26 07:56:34 +01:00
K900 92b9d11129
Merge pull request #282377 from hcsch/pipewire-wireplumber-config-packages 
nixos/pipewire: add configPackages options
 2024-02-26 09:12:06 +03:00
Adam C. Stephens af810fc67e
Merge pull request #284874 from shlevy/ovmf-ms 
Enable MS-compatible secure boot with OVMF
 2024-02-25 22:34:05 -05:00
Gerg-L d70c353c16
nixos/switcherooControl: add package option 
clean up
 2024-02-25 20:49:31 -05:00
Michele Guerini Rocco 9fcbb05a2c
Merge pull request #290240 from rhoriguchi/nixos/hardware/printers 
nixos/hardware/printers: fix empty ppdOptions
 2024-02-26 00:08:00 +01:00
abysssol b8d8c1f207 nixos/ollama: add option for hardware acceleration 2024-02-25 15:57:58 -05:00
Ryan Lahfa 5337ff6a80
Merge pull request #254405 from lf-/jade/nix-path-flakes 
nixos/flake: set up NIX_PATH and system flake registry automatically
 2024-02-25 21:08:19 +01:00
Ryan Horiguchi a52e27d4f6 nixos/hardware/printers: fix empty ppdOptions 2024-02-25 19:06:35 +01:00
Sandro f8545e512d
Merge pull request #289166 from thanegill/remove-grub-version 
treewide: remove deprecated grub.version references
 2024-02-25 18:20:33 +01:00
Ryan Lahfa 077d41f9d8
Merge pull request #289856 from pennae/supfs-set 
nixos/filesystems: make supportedFilesystems an attrset
 2024-02-25 18:05:29 +01:00
Thane Gill e3d82657a2 treewide: remove deprecated grub.version references 2024-02-25 08:29:58 -08:00
Peder Bergebakken Sundt 736c43fecc
Merge pull request #288215 from budimanjojo/patch-1 
nixos/oci-containers: don't login if image exists locally
 2024-02-25 14:32:32 +01:00
0x4A6F 97bca14e41
Merge pull request #290719 from martinetd/atuin 
atuin: small fixes
 2024-02-24 23:05:25 +01:00
RatCornu 2f460b3f53
nixos/suwayomi-server: add option settings.server.extensionRepos 
This option is now a key feature of Suwayomi-Server, so it is
interesting to have it directly available in a quick search.
 2024-02-24 19:43:03 +01:00
github-actions[bot] d6cc5bb41d
Merge master into staging-next 2024-02-24 18:00:56 +00:00
Sandro 7fab1e2013
Merge pull request #275024 from jerith666/lorri-less-protected 2024-02-24 16:07:13 +01:00
Jared Baur a786cc0227
nixos/systemd-boot: fix cross for lint check 
Since we are not in a `callPackage` context, dependencies in
`nativeBuildInputs` don't get spliced to the buildPlatform, causing a
cross-compiled nixos system to fail at this step when running mypy built
for the hostPlatform.
 2024-02-24 08:58:57 -06:00
github-actions[bot] a3e2b0de90
Merge master into staging-next 2024-02-24 12:01:15 +00:00
Colin a65967a12c nixos/nix: documentation: fix outdated reference to /etc/nix.conf 2024-02-24 21:29:38 +11:00
github-actions[bot] 3affb60f96
Merge master into staging-next 2024-02-24 06:03:30 +00:00
Kira Bruneau 84a19992c3
Merge pull request #285627 from opl-/steam-local-transfers 
nixos/steam: add localNetworkGameTransfers.openFirewall option
 2024-02-23 20:24:40 -05:00
Sandro 806772b178
Merge pull request #274662 from StarGate01/pcscd-debug 2024-02-24 01:23:10 +01:00
github-actions[bot] 8034cefe44
Merge master into staging-next 2024-02-24 00:02:02 +00:00
Sandro f6b46c1f59
Merge pull request #290119 from cafkafk/kublet-config 2024-02-24 00:34:46 +01:00
Michele Guerini Rocco ed9121e5d7
Merge pull request #282758 from rht/hardware_no_network 
hddfancontrol & thinkfan: disable network access.
 2024-02-24 00:15:24 +01:00
Fabián Heredia Montiel db1ee6dfe6 Merge remote-tracking branch 'origin/master' into staging-next 
fastcdr was moved to by-name

Related to:

- https://github.com/NixOS/nixpkgs/pull/290836
 2024-02-23 16:47:01 -06:00
opl 877179c89d nixos/steam: add localNetworkTransfers.openFirewall option 
Steam local network game transfers require TCP port 27040 to be open:
https://steamcommunity.com/groups/SteamClientBeta/discussions/0/3775742015034590856/#c3827537203130812127

They also require UDP port 27036 to allow discovering peers on the same network before a transfer on port 27040 can be initiated.

Co-authored-by: Kira Bruneau <kira.bruneau@pm.me>
 2024-02-23 22:03:24 +01:00
Adam Stephens 6a0ad369f2
nixos/incus: assert nftables is used when firewall is enabled 
incus manages its own firewall rules and prefers nftables. The
advantages of nftables for segmenting multiple tools managing firewall
rules is sufficient to require nftables with incus.

https://linuxcontainers.org/incus/docs/main/howto/network_bridge_firewalld/#use-incus-firewall
 2024-02-23 15:49:33 -05:00
Pol Dellaiera f9ef0053c5
Merge pull request #288401 from katexochen/bees/refactor 
bee: refactor & update; bee{-unstable,-clef}: remove; maintainers: remove attila-lendvai
 2024-02-23 20:12:41 +01:00
Christoph Honal 6c5bcf43f1 nixos/pcscd: Add extraArgs option 2024-02-23 16:52:36 +01:00
Sefa Eyeoglu 3f7e9baeeb
nixos/monado: prevent Monado from restarting quickly 
Signed-off-by: Sefa Eyeoglu <contact@scrumplex.net>
 2024-02-23 14:25:16 +01:00
Sefa Eyeoglu 0e585a63e2
nixos/monado: make CAP_SYS_NICE wrapper configurable 
Signed-off-by: Sefa Eyeoglu <contact@scrumplex.net>
 2024-02-23 14:25:16 +01:00
Sefa Eyeoglu 2d2493b23d
nixos/monado: add option to make Monado the default OpenXR runtime 
Signed-off-by: Sefa Eyeoglu <contact@scrumplex.net>
 2024-02-23 14:25:15 +01:00
Sefa Eyeoglu ce36e73fdb
nixos/monado: link OpenXR runtimes 
Signed-off-by: Sefa Eyeoglu <contact@scrumplex.net>
 2024-02-23 14:25:15 +01:00
Sefa Eyeoglu 9003167522
xr-hardware: init at unstable-2023-11-08 
Signed-off-by: Sefa Eyeoglu <contact@scrumplex.net>
 2024-02-23 14:25:15 +01:00
Sefa Eyeoglu 5d57df8a80
nixos/monado: init 
Signed-off-by: Sefa Eyeoglu <contact@scrumplex.net>
 2024-02-23 14:25:15 +01:00
github-actions[bot] d08f9b5833
Merge master into staging-next 2024-02-23 12:01:18 +00:00
Emery Hemingway 28ffcffcbf nixos/ccache: add options to set ownership of cache dir 2024-02-23 11:08:02 +00:00
Emery Hemingway d843ec4e3d nixos/ccache: do not "with lib;" 2024-02-23 11:08:02 +00:00
Hans Christian Schmitz e722c56160
nixos/wireplumber: add required lv2 plugins to service path 2024-02-23 08:58:16 +01:00
Hans Christian Schmitz 5bf2637b48
nixos/wireplumber: add config packages option 2024-02-23 08:58:15 +01:00
Hans Christian Schmitz 054bba560a
nixos/pipewire: add config packages option 2024-02-23 08:57:16 +01:00
Hans Christian Schmitz 992582fdf8
nixos/pipewire: Fix capitalization 
In docs PipeWire and WirePlumber should be capitalized as in this
sentence.
 2024-02-23 08:57:12 +01:00
Christina Sørensen 26036ecf31
kubelet: Set Kubelet Parameters Via A intermediate Configuration File 
Signed-off-by: Christina Sørensen <christina@cafkafk.com>
 2024-02-23 08:55:02 +01:00
Litchi Pi 4ebf2b54b0 nixos/mealie: init module 
Signed-off-by: Litchi Pi <litchi.pi@proton.me>
 2024-02-23 07:15:24 +01:00
Weijia Wang 5f5062d1ef Merge branch 'master' into staging-next 2024-02-23 05:09:55 +01:00
Sandro 80e6bb31d5
Merge pull request #289956 from SuperSandro2000/archisteamfarm 2024-02-23 02:06:03 +01:00
Sandro 78745f4652
Merge pull request #289934 from jnsgruk/scrutiny 2024-02-23 00:43:55 +01:00
Dominique Martinet 85ee3198c7 atuin: Allow setting database.uri to null 
When a password is required to connect to postgres using
services.atuin.database.uri directly would make the password be written
in the nix store, which is suboptimal.
Instead we can have the password in a file accessible only to root by
having systemd read an EnvironmentFile directly, but we must ensure that
this file has priority over the environment set.
Not setting the variable in this case is more straightforward.
 2024-02-23 07:35:21 +09:00
Jon Seager 88d637c6dd
nixos/scrutiny: init 2024-02-22 21:20:10 +00:00
Maxine Aubrey e1863b4f79
nixos/networkmanager: support stable-ssid for cloned MAC addresses 2024-02-22 18:37:13 +01:00
Martin Weinelt 878609256b
Merge pull request #287348 from mweinelt/fastly-exporter-module 
nixos/prometheus-fastly-exporter: fix runtime environment, refactor, make things prettier
 2024-02-22 16:37:51 +01:00
Someone ee3923ed7d
Merge pull request #284507 from ereslibre/containers-cdi 
NixOS: Add support for CDI
 2024-02-22 13:03:18 +00:00
github-actions[bot] 024149d718
Merge master into staging-next 2024-02-22 06:01:10 +00:00
Adam C. Stephens f8131a5a2c
Merge pull request #290288 from mkg20001/lxc-initrd-fix 
nixos/lxc-container: link to prepare-root when boot.initrd.systemd.enable is on
 2024-02-21 22:29:04 -05:00
Jörg Thalheim 87f6f1fcbd
Merge pull request #290490 from nikstur/idempotent-etc-activation 
nixos/etc: make re-mounting /etc overlay idempotent
 2024-02-22 07:23:22 +07:00
nikstur 5df8caced4 nixos/etc: make re-mounting /etc overlay idempotent 2024-02-21 22:54:00 +01:00
Rafael Fernández López 8ba61ebb8a services/hardware: add nvidia-container-toolkit 2024-02-21 22:17:07 +01:00
github-actions[bot] bd56ae568b
Merge master into staging-next 2024-02-21 18:00:56 +00:00
Kiskae fe93ea4e8e
nixos/podman: pass proxy variables to podman API 2024-02-21 16:29:11 +01:00
Adam C. Stephens d1e2847664
Merge pull request #281000 from cablespaghetti/master 
sabnzbd: Add configurability of state directory owner and firewall
 2024-02-21 08:37:46 -05:00
github-actions[bot] 37e32d4bdd
Merge master into staging-next 2024-02-21 06:00:56 +00:00
adisbladis e4e474fbcf
Merge pull request #273670 from adisbladis/zope2-removal 
nixos/zope2: Remove module
 2024-02-21 17:19:07 +13:00
github-actions[bot] 97c19bdc7e
Merge master into staging-next 2024-02-21 00:02:04 +00:00
Maciej Krüger 39b4c0d686
nixos/lxc-container: link to prepare-root when boot.initrd.systemd.enable is on 
Previously we were doing some parts like activation in the init script,
so linking to that works for non-systemd init

With boot.initrd.systemd.enable we no longer run activation in the init script,
but instead a new script named prepare-root, which is used instead.
 2024-02-20 23:12:41 +01:00
nikstur 911e22e80d
Merge pull request #288277 from WilliButz/uki/boot-counting-suffix 
nixos/boot.uki: add tries option for automatic boot assessment
 2024-02-20 22:50:45 +01:00
Leona Maroni 47b7eb8fd9
nixos/vikunja: remove setupNginx option 
The required nginx configuration is now really simple, and e.g. SSL/ACME
already required the user to interact with `services.nginx.virtualHosts`.
Therefore, and to reduce complexity, we now leave the web server
configuration to the user.
 2024-02-20 22:43:53 +01:00
Leona Maroni 8817f080cc
nixos/vikunja: adapt for vikunja 0.23.0 
This version removes dedicated api and frontend packages.
 2024-02-20 22:43:53 +01:00
Rick van Schijndel e5e1de76b7
Merge pull request #281058 from wineee/fi 
deepin: don't install packages using freeimage by default
 2024-02-20 20:27:47 +01:00
github-actions[bot] 999dc2b653
Merge master into staging-next 2024-02-20 18:01:22 +00:00
Sandro d9bc710130
Merge pull request #289754 from chewblacka/nixos/atuin-add-package-option 2024-02-20 14:11:14 +01:00
github-actions[bot] 13988f8414
Merge master into staging-next 2024-02-20 12:01:07 +00:00
Florian Klink 8b025e80dc
Merge pull request #288690 from maralorn/drop-unused-fs-binding 
nixos: Drop unused variable in systemd/initrd.nix
 2024-02-20 14:12:58 +07:00
github-actions[bot] ba5eeff4f5
Merge master into staging-next 2024-02-20 06:01:15 +00:00
Bobby Rong 931e2b8adc
Merge pull request #289788 from FedericoSchonborn/budgie-control-center-1.4.0 
budgie.budgie-control-center: 1.3.0 -> 1.4.0
 2024-02-20 12:43:23 +08:00
nikstur 1e1efbcf8c
Merge pull request #286956 from xaverdh/overlay-etc-payload 
nixos/etc: fix wrong payload in build-composefs-dump
 2024-02-20 01:12:40 +01:00
Sandro Jäckel 191e258e6c
nixos/boot: move name overwrite to pkgs.aggregateModules to option 
Before there was a kernel modules path named kernel-modules which then got turned
into linux-X.X.XX-modules-shrunk. Now the unshrunk package is called linux-X.X.XX-modules
and gets turned into X.X.XX-modules-shrunk.
 2024-02-20 00:13:16 +01:00
Dominik Xaver Hörl 97d6166176 nixos/etc: fix payload in build-composefs-dump for the file case 2024-02-19 23:27:34 +01:00
Federico Damián Schonborn b9c8b27f89
nixos/budgie: Enable SSH socket support in BCC when needed 
Signed-off-by: Federico Damián Schonborn <federicoschonborn@disroot.org>
 2024-02-19 18:06:33 -03:00
github-actions[bot] 2d9ce4a9af
Merge master into staging-next 2024-02-19 18:01:11 +00:00
Adam C. Stephens f542eeb243
Merge pull request #289278 from mkg20001/incusui 
modules/incus: add ui flag
 2024-02-19 10:27:52 -05:00
Nick Cao 2da4adbd10
Merge pull request #289862 from maxbrunet/feat/automatic-timezoned/v2 
automatic-timezoned: 1.0.148 -> 2.0.0
 2024-02-19 09:42:42 -05:00
Sandro 30f71249a8
Merge pull request #285866 from 999eagle/feat/pgbouncer-systemd 2024-02-19 14:42:01 +01:00
Sandro Jäckel 69f51e028a
ArchiSteamFarm,nixos/ArchiSteamFarm: take maintainership 
this is effectively already the case and I most updates in the last
months
 2024-02-19 13:25:57 +01:00
pennae 258b935d70 nixos/filesystems: make supportedFilesystems an attrset 
this lets us *dis*able filesystem explicitly, as is required by e.g. the
zfs-less installer images. currently that specifically is only easily
possible by adding an overlay that stubs out `zfs`, with the obvious
side-effect of also removing tooling that could run without the kernel
module loaded.
 2024-02-19 11:46:52 +01:00
github-actions[bot] b8e3b4bee5
Merge master into staging-next 2024-02-19 06:01:15 +00:00
budimanjojo fd3fa9f2d3
nixos/oci-containers: check if image exists locally before failing 
Signed-off-by: budimanjojo <budimanjojo@gmail.com>
 2024-02-19 10:38:26 +07:00
Sandro a332040396
Merge pull request #247668 from jtbx/nixos-teeworlds 
nixos/teeworlds: add more configuration options
 2024-02-19 02:51:04 +01:00
Lin Jian 2396cf1476
Merge pull request #289745 from linsui/yazi 
nixos/yazi: update document url
 2024-02-19 09:38:14 +08:00
Maxime Brunet 5c1c4c75f7 automatic-timezoned: 1.0.148 -> 2.0.0 2024-02-18 15:01:25 -08:00
Matt Moriarity bbad81f937 nixos/prometheus-nut-exporter: use extraFlags, add nutVariables option 2024-02-18 15:55:09 -07:00
John Garcia 7427bec3a7 nixos/atuin: add services.atuin.package option 2024-02-18 22:19:41 +00:00
Majiir Paktu 58a373809a nixos/systemd/initrd: follow init param symlinks 2024-02-18 14:57:12 -05:00
github-actions[bot] d076cde70c
Merge master into staging-next 2024-02-18 18:00:59 +00:00
Artturi dab023d0cc
Merge pull request #287257 from 999eagle/fix/hydra-pg-application-name 
nixos/hydra: use set-default in hydra-env wrapper package
 2024-02-18 17:21:53 +02:00
Aaron Andersen 0276bd7269
Merge pull request #288166 from Princemachiavelli/jhoffer/remove_fixed_mysql_timeout 
nixos/mysql: remove fixed timeout and use notify service type
 2024-02-18 09:13:46 -05:00
rasmus-kirk 9f2d51a4e7 nixos/transmission: fix log level bounds to match the transmission wiki 2024-02-18 23:45:10 +11:00
linsui 7e9402c7b9 nixos/yazi: update document url 2024-02-18 19:51:28 +08:00
adisbladis 3209343527 nixos/zope2: Remove module 
`zope2` is unmaintained and the module is relying on Python2.
 2024-02-18 17:48:24 +13:00
github-actions[bot] 2ad339408a
Merge staging-next into staging 2024-02-18 00:02:44 +00:00
Morgan Jones 32f56d7266
nixos/nebula: fix port resolution for firewall rules 2024-02-17 15:07:27 -08:00
Sandro 8f13ee7049
Merge pull request #179034 from viraptor/go-camo-service 
nixos/go-camo: init
 2024-02-17 22:12:13 +01:00
Sandro cf59adeb8c
Merge pull request #271324 from nessdoor/sourcehut/tests 
nixosTests.sourcehut: implement proper integration testing
 2024-02-17 20:58:22 +01:00
Sandro d12bb5b983
Merge pull request #213783 from SuperSandro2000/nox-vte 
nixos/vte: use vte without any GUI dependencies; nixos/no-x-libs: add vte
 2024-02-17 20:55:54 +01:00
Stanisław Pitucha 2eed715fbf
nixos/go-camo: init 2024-02-17 20:45:49 +01:00
github-actions[bot] 8bc9edd60d
Merge staging-next into staging 2024-02-17 18:01:24 +00:00
Kerstin cec6291925
Merge pull request #289353 from Izorkin/update-mastodon-redis 
nixos/mastodon: add option redis.passwordFile
 2024-02-17 17:04:12 +01:00
Maciej Krüger a6e237a86a
modules/incus: add ui flag 2024-02-17 16:49:32 +01:00
Rafael Fernández López fd464f0543
virtualisation/containers: add support for providing static CDI definitions 2024-02-17 16:34:12 +01:00
Jan Tojnar f896ce73af
Merge pull request #268197 from jtojnar/xdp-variable-changes 
xdg-desktop-portal: Use custom variable for finding portals
 2024-02-17 14:18:55 +01:00
Izorkin c1a97e1f49
nixos/mastodon: add option redis.passwordFile 2024-02-17 15:52:58 +03:00
Someone 5dec53ad28
Merge pull request #289401 from philiptaron/bolt 
nixos/bolt: add a services.hardware.bolt.package option
 2024-02-17 12:17:18 +00:00
github-actions[bot] e662338182
Merge staging-next into staging 2024-02-17 12:01:31 +00:00
jacekpoz 86abdfdf87 nixos/asusctl: add package option 2024-02-17 21:34:35 +11:00
Adam Stephens 1012b2a368 nixos/boot/kernel: add kernelPatches example of using kernel mailing list mbox url 2024-02-17 21:21:52 +11:00
github-actions[bot] 9b2d2d5403
Merge staging-next into staging 2024-02-17 06:01:44 +00:00
K900 b7efb1e376
Merge pull request #289331 from K900/greetd-restart-on-success 
nixos/greetd: only restart on success
 2024-02-17 08:39:45 +03:00
github-actions[bot] daaa4e1653
Merge staging-next into staging 2024-02-17 00:02:47 +00:00
Philip Taron ad029745ce
nixos/bolt: add a services.hardware.bolt.package option 
It just seems like good manners.
 2024-02-16 14:56:20 -08:00
Peder Bergebakken Sundt 513f2c6cf3
Merge pull request #251015 from TomaSajt/quark-goldleaf 
quark-goldleaf: init at 1.0.0
 2024-02-16 23:15:06 +01:00
Linus Heckemann 5863c27340
Merge pull request #287506 from Ma27/warn-user-password-options 
nixos/users-groups: warn on ambiguous password settings
 2024-02-16 22:20:38 +01:00
Sarah Brofeldt c267e823b7
Merge pull request #289227 from JorisBolsens/patch-3 
nixos/kubernetes: set k8 home permissions correctly
 2024-02-16 19:34:14 +01:00
Guy Boldon 0824756d05
coolercontrol.*: init at 1.1.1 2024-02-16 19:16:24 +01:00
github-actions[bot] 6d90f72388
Merge staging-next into staging 2024-02-16 18:01:48 +00:00
K900 56eb2542da nixos/greetd: only restart on success 
Otherwise, if the greeter/session crashes on startup, greetd enters a restart loop
that requires very precise timing to kill.
 2024-02-16 19:42:31 +03:00
Izorkin cf62e3257f
nixos/mastodon: redis now uses unix socket by default 2024-02-16 16:39:31 +03:00
Sandro 3eaa0bfc02
Merge pull request #284738 from Izorkin/update-pipewire 2024-02-16 13:34:10 +01:00
github-actions[bot] 2c4c233475
Merge staging-next into staging 2024-02-16 12:01:48 +00:00
WilliButz fbaf7446ec
nixos/boot.uki: add tries option for automatic boot assessment 
See https://uapi-group.org/specifications/specs/boot_loader_specification/#boot-counting
and https://systemd.io/AUTOMATIC_BOOT_ASSESSMENT/ .

Related to #284135.
 2024-02-16 11:31:40 +01:00
Maximilian Bosch f406c1d3f8
Merge pull request #289107 from lf-/jade/mkdefault-oomd 
nixos/systemd.oomd: set the memory pressure thresholds as mkDefault
 2024-02-16 10:46:47 +01:00
Izorkin 1293f046b5
nixos/dhcpcd: optimize exitHook 2024-02-16 10:12:52 +03:00
Joris Bolsens 81391bd22f nixos/kubernetes: set k8 home permissions correctly 2024-02-15 23:11:59 -08:00
Izorkin fdf77d10cb
nixos/no-x-libs: build pipewire without vulkan support 2024-02-16 09:21:00 +03:00
github-actions[bot] b84d283f08
Merge staging-next into staging 2024-02-16 00:02:45 +00:00
Sophie Tauchert f6278d4f6a
nixos/pgbouncer: fix openFirewall option 2024-02-15 21:42:27 +01:00
Sophie Tauchert b89cd583ae
nixos/pgbouncer: only depend on postgresql.service when enabled and use notify 
See also the upstream service file: e6ce619785/etc/pgbouncer.service
 2024-02-15 21:42:27 +01:00
Felix Bühler 60abd7c1f9
Merge pull request #288138 from ambroisie/tandoor-recipes-manage-script 
nixos/tandoor-recipes: improve manage script
 2024-02-15 20:26:03 +01:00
Felix Bühler 27f19c1efd
Merge pull request #288622 from Stunkymonkey/photoprism-manage-script 
nixos/photoprism: improve manage script
 2024-02-15 20:18:42 +01:00
github-actions[bot] 2035b66b68
Merge staging-next into staging 2024-02-15 18:01:39 +00:00
Jade Lovelace 5d1feba540 nixos/systemd.oomd: set the memory pressure thresholds as mkDefault 
These should be defaults as they're pretty reasonable to want to
override as a user. Unsure how to change the slice defaults to be
overridable, that should probably be a later conversation.
 2024-02-15 09:41:26 -08:00
Sarah Brofeldt ed0bc642b7
Merge pull request #288466 from JorisBolsens/patch-2 
nixos/kubernetes: don't delete the apitoken after its created
 2024-02-15 18:20:24 +01:00
Shea Levy 9188bb5186
OVMF: Add test with secure boot enabled 
Co-authored-by: Arthur Gautier <arthur.gautier@arista.com>
 2024-02-15 12:13:05 -05:00
Thomas 149fb601dd
nixos/tinyproxy: add quotes around the filter path 
Using already existing function
 2024-02-15 16:25:04 +01:00
github-actions[bot] 14262b89f6
Merge staging-next into staging 2024-02-15 12:01:37 +00:00
Jonas Chevalier c3ef726ee1
nixos/ldso: avoid instance of nixpkgs (#288509) 
Follow-up to #269551

Avoid creating a new instance of nixpkgs to access two variables.
`pkgs.pkgsi686Linux` was being accessed whenever the feature is being
used or not.

A second instance of nixpkgs is being created in
`nixos/modules/config/stub-ld.nix` and can be disabled by setting
`environment.ldso32 = null` or `environment.stub-ld.enable = false`.

Both combined fixes this error:

    error: attribute 'i686-linux' missing
 2024-02-15 13:01:03 +01:00
Vladimír Čunát aaca7a186f
Merge #286596: nixos/knot: add support for XDP setups 2024-02-15 09:19:59 +01:00
github-actions[bot] 604991674d
Merge staging-next into staging 2024-02-15 00:02:51 +00:00
Yt f13f90978a
Merge pull request #288638 from ThyMYthOS/update-stalwart 
stalwart-mail: fix default configuration and test
 2024-02-14 21:42:46 +00:00
github-actions[bot] fc96101774
Merge staging-next into staging 2024-02-14 18:01:42 +00:00
Michele Guerini Rocco f74d88a6f1
Merge pull request #281162 from kennycallado/master 
nixos/icewm: Update icewm start command
 2024-02-14 18:17:27 +01:00
maxine 8c8cc53769
Merge pull request #288531 from chewblacka/update-undervolt 
undervolt: 0.3.0 -> 0.4.0
 2024-02-14 17:30:53 +01:00
Michele Guerini Rocco cd02351ae0
Merge pull request #233017 from koenw/libreswan-StateDirectory 
nixos/libreswan: Use StateDirectory to setup ipsec/nss
 2024-02-14 14:36:43 +01:00
Michele Guerini Rocco c1f27ae1d3
Merge pull request #199515 from MangoIV/mangoiv/add-note-to-boot-initrd-secrets 
Add documentation for moved secrets in stage 1
 2024-02-14 14:35:04 +01:00
Michele Guerini Rocco bac2597d26
Merge pull request #270737 from bramd/brltty-6.6 
Update BRLTTY to 6.6
 2024-02-14 14:10:32 +01:00
Michele Guerini Rocco dc91f91987
Merge pull request #286393 from oddlama/fix-hostapd-utf8-ssid 
nixos/hostapd: fix utf8Ssid setting not properly honored
 2024-02-14 14:08:46 +01:00
Sandro eb76e99000
Merge pull request #288527 from K900/chromium-plasma-typo 2024-02-14 13:13:50 +01:00
github-actions[bot] b272934b4b
Merge staging-next into staging 2024-02-14 06:01:47 +00:00
maralorn 6634b86601 nixos: Drop unused variable in systemd/initrd.nix 2024-02-14 01:22:58 +01:00
Matt Leon c0846f900a
matter-server: add nixos service module 
New module to run the python-matter-server executable as a sandboxed
system service.
 2024-02-13 19:17:53 -05:00
github-actions[bot] 8bbfcea60e
Merge staging-next into staging 2024-02-14 00:02:43 +00:00
Jeremy e01eda6edd nixos/teeworlds: add more configuration options, revise 
- add 'package' option
- add 'game' and 'server' attrset
- reduce repetition by using functions bool and optionalSetting
- add default value for cfg.name
- revise some option descriptions
 2024-02-14 10:57:08 +13:00
Manuel Stahl cd8aad903c stalwart-mail: fix default configuration and test 2024-02-13 20:34:22 +01:00
emilylange 993083f0ab
nixos/garage: allow all available log levels in cfg.logLevel 
`error` and `warn` have always been valid log levels.
But because the upstream docs never mentioned those, we simply didn't
add them to the enum of our module option.

The upstream docs have been updated and now mention `error` and `warn`
as well.

Upstream PR: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/716
 2024-02-13 20:26:29 +01:00
Peder Bergebakken Sundt bf7c95ce73
Merge pull request #285314 from pbsds/ttyd-1706718068 
nixos/ttyd: add `entrypoint` and `writable` option
 2024-02-13 19:41:11 +01:00
Felix Buehler 9db5906a6f nixos/photoprism: improve manage script 2024-02-13 18:51:30 +01:00
John Garcia eaa1034a80 nixos/undervolt: add turbo option 2024-02-13 13:38:22 +00:00
Martin Weinelt ec89463a61
nixos/knot: refactor 
- Stop using `with lib`
- Drop `lib.mdDoc`
- Use `escaepSystemdExecArgs` for escaping
 2024-02-13 13:44:32 +01:00
Martin Weinelt d1d8dd3e55
nixos/knot: add support for XDP setups 
The Express Data Path (XDP) is a way to circumvent the traditional Linux
networking stack and instead run an eBPF program on your NIC, that makes
the decision to provide Knot with certain packets. This is way faster
and more scalable but comes at the cost of reduced introspection.

Unfortunately the `knotc conf-check` command fails hard with missing
interfaces or IP addresses configured in `xdp.listen`, so we disable it
for now, once the `xdp` config section is set. We also promote the config
check condition to a proper option, so our conditions become public
documentation, and we allow users to deal with corner cases, that we have
not thought of yet.

We follow the pre-requisites documented in the Knot 3.3 manual, and set
up the required capabilities and allow the AF_XDP address family.

But on top of that, due to our strict hardening, we found two more
requirements, that were communicated upstream while debugging this.

- There is a requirement on AF_NETLINK, likely to query for and configure
  the relevant network interface
- Running eBPF programs requires access to the `bpf` syscall, which we
  deny through the `~@privileged` configuration.

In summary We now conditionally loosen the hardening of the unit once we
detect that an XDP configuration is wanted. And since we cannot
introspect arbitrary files from the `settingsFiles` option, we expose XDP
support through the `enableXDP` toggle option on the module.
 2024-02-13 13:44:31 +01:00
K900 526bcf58da nixos/chromium: fix incorrect option definition 
Fixes #232528
 2024-02-13 15:17:45 +03:00
github-actions[bot] 6d11c074e2
Merge staging-next into staging 2024-02-13 12:01:40 +00:00
Yt 971fbfd00a
Merge pull request #276468 from onny/opensnitch-update4 
opensnitch: 1.6.4 -> 1.6.5, opensnitch-ui: 1.6.4 -> 1.6.5
 2024-02-13 10:46:01 +00:00
Joris Bolsens 6a11b7a777
nixos/kubernetes: don't delete the apitoken after its created 
This was breaking the nixos-kubernetes-node-join script
the token gets copied, and then immediately overridden with /dev/null when certmgr restarts.
 2024-02-12 22:50:27 -08:00
github-actions[bot] c0e8987b85
Merge staging-next into staging 2024-02-13 00:02:40 +00:00
Paul Meyer ce0a47cd2c maintainers: remove attila-lendvai 2024-02-12 23:10:03 +01:00
Paul Meyer 11eef97f3c bee-clef: remove 2024-02-12 23:10:03 +01:00
Sandro Jäckel 80e79ded15
nixos/unbound: check validity of config file 2024-02-12 22:49:03 +01:00
Maximilian Bosch d363f52625
nixos/postgresql: drop ensurePermissions option 
...effectively what was planned already in #266270, but it was too late
because the branches were restricted and didn't allow any breaking
changes anymore.

It also suffers from the same issue that we already had when discussing
this the last time[1] when `ensureDBOwnership` was ultimately introduced
as band-aid fix: newly created users don't get CREATE permission on
the `public` schema anymore (since psql 15), even with `ALL PRIVILEGES`.

If one's use-case is more sophisticated than having a single owner, it's
questionable anyways if this module is the correct tool since
permissions aren't dropped on a change to this option or a removal which
is pretty surprising in the context of NixOS.

[1] https://github.com/NixOS/nixpkgs/pull/266270
 2024-02-12 21:10:33 +01:00
Sandro 886449aef2
Merge pull request #268979 from con-f-use/warn_docker_storage_driver 
nixos/docker: warn about changing storageDriver and remove `devicemapper` value
 2024-02-12 19:46:05 +01:00
github-actions[bot] 917c8637e8
Merge staging-next into staging 2024-02-12 18:01:31 +00:00
Janik 29f575d7e6
Merge pull request #288284 from NetaliDev/rustdesk-extra-args 
nixos/rustdesk-server: add extra args options for hbbr and hbbs
 2024-02-12 16:52:01 +01:00
github-actions[bot] f9874c4b8c
Merge staging-next into staging 2024-02-12 14:49:17 +00:00
Pol Dellaiera 2d627a2a70
Merge pull request #277220 from nu-nu-ko/nixos-jellyfin-dirs 
nixos/jellyfin: add directory options
 2024-02-12 14:06:46 +01:00
Jennifer Graul c412263319
nixos/rustdesk-server: add extra args options for hbbr and hbbs 2024-02-12 13:41:08 +01:00
Jonas Heinrich 31b9a9d18c opensnitch: 1.6.4 -> 1.6.5, opensnitch-ui: 1.6.4 -> 1.6.5.1 2024-02-12 11:58:44 +01:00
Sophie Tauchert b670443f42
nixos/hydra: use set-default in hydra-env wrapper package 2024-02-12 11:16:32 +01:00
github-actions[bot] 1153f50c55
Merge staging-next into staging 2024-02-12 00:02:35 +00:00
Josh Hoffer b445085c22 nixos/mysql: Use notify service type for MySQL >= 8.0 2024-02-11 15:41:25 -08:00
Josh Hoffer e553e37abf nixos/mysql: remove MySQL fixed 30 second timeout 
Removed hard coded timeout in postScript, allow using
more general systemd TimeoutStartSec instead.
 2024-02-11 15:41:25 -08:00
Bruno BELANYI 5e43c70867 nixos/tandoor-recipes: improve manage script 
This is mirroring the way the manage script is created in the paperless
module, which is more robust to special characters.
 2024-02-11 21:21:02 +00:00
maxine 9b52568c86
Merge pull request #288122 from amaxine/fwupd-internal-tests 2024-02-11 21:15:52 +01:00
Maxine Aubrey 4a4904c2b2
nixos/fwupd: make test option internal, be explicit about removal 2024-02-11 20:27:02 +01:00
kirillrdy 76d14d166c
Merge pull request #287708 from JorisBolsens/patch-1 
nixos/kubernetes: use correct -o option with bash install when copying certs in cfssl prestart script
 2024-02-12 06:14:44 +11:00
Ryan Lahfa d9e7a2a88a
Merge pull request #286857 from RaitoBezarius/cacerts 
nixos/security/ca: enable support for compatibility bundles
 2024-02-11 19:44:02 +01:00
Maximilian Bosch 417fdb06d7
Merge pull request #287856 from emilylange/nixos-gitea-package-forgejo-warning 
nixos/gitea: warn when using `services.gitea` with forgejo
 2024-02-11 18:06:05 +01:00
Raito Bezarius 19159a2349 nixos/security/ca: enable support for compatibility bundles 
Certain software stacks have no support for OpenSSL non-standard PEM format and will fail to use
our NixOS CA bundle.

For this, it is necessary to fallback on a 'compatibility' bundle which will contain no additional
trust rules.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-02-11 17:51:00 +01:00
Sam Weston c49e6bf8b8 nixos/sabnzbd: use stateDirectory and mkIf-ify user/group creation 2024-02-11 16:49:08 +00:00
Sam Weston d3d5b72c65 nixos/sabnzbd: add openFirewall 2024-02-11 16:48:05 +00:00
Aaron Andersen e163373592
Merge pull request #284814 from yaxitech/github-runner-module-update 
nixos/github-runners: remove single runner module, rework default name, add `noDefaultLabels`
 2024-02-11 06:10:56 -08:00
Martin Weinelt 18899b0c58
Merge pull request #287926 from mweinelt/home-assistant-2024.2.0-fixes 
home-assistant: fixes for 2024.2.0
 2024-02-11 04:35:53 +01:00
Will Fancher d4ee957afa
Merge pull request #287445 from fricklerhandwerk/qemu-env-vars 
doc: expand on parameters passed to QEMU VMs
 2024-02-10 22:12:06 -05:00
Martin Weinelt 055a8f709a
nixos/home-assistant: always add dependencies for default integrations 
These are loaded unconditionally during bootstrap, and home-assistant
will now fail to start, if these aren't provided.
 2024-02-11 04:09:52 +01:00
Lin Jian f3a93440fb
Merge pull request #285813 from jerrita/nft-precheck-flatten 
nixos/nftables: add option for flattening rulesetFile
 2024-02-11 10:41:17 +08:00
Jan Tojnar fe40e99020 nixos/xdg/portal: Use systemPackage instead of buildEnv 
Portals are global so we can just link them globally.

There might, in theory, be some unexpected system-path contamination
(e.g. when a portal package installs its executables to `/bin`)
but I think the risk is relatively minor compared to the added complexity.

While at it, let’s point the environment variable to system-path.
That will allow changes to installed portals to apply without having to re-log in.
 2024-02-11 03:32:47 +01:00
Jan Tojnar 3b2f55e89f xdg-desktop-portal: Use custom variable for finding portals 
x-d-p only looks for portal definitions in one of two places:
- datadir (which we cannot install anything to, since Nix packages are immutable)
- when `XDG_DESKTOP_PORTAL_DIR` environment variable is set, the path specified therein
  (meant for tests, disables looking for portal configuration anywhere else)

Let’s introduce our own `NIX_XDG_DESKTOP_PORTAL_DIR` environment variable
that will only control the portal definitions lookup.
We will not use it for searching for configuration
because it would require looking in the parent directory
and `XDG_CONFIG_DIRS` variable is sufficient for us.
 2024-02-11 03:21:55 +01:00
Martin Weinelt aeea37e779
Merge pull request #287480 from NixOS/home-assistant 
home-assistant: 2024.1.6 -> 2024.2.1
 2024-02-11 01:18:04 +01:00
emilylange ca3cfc841a
nixos/gitea: warn when using services.gitea with forgejo 
since this is no longer supported and we have a dedicated module for
forgejo for quite some time now.

Such warning is, however, becoming more and more important, since
forgejo is no longer a soft-fork of gitea, but rather a hard-fork.

And as such, it will slowly but surely no longer be a drop-in
replacement.

Additionally, I hope that this warning will prevent users from
reporting issues with forgejo to nixos/gitea maintainers.

The accompanying forgejo.md, from which the manual section is created,
will be updated over the next few weeks when forgejo officially
publishes their blog post about all this and the way forward, so we can
link to it.
 2024-02-10 20:47:04 +01:00
tomberek 6e60c8526b
Merge pull request #286993 from christoph-heiss/srht-updates-next-round 
sourcehut: update all components
 2024-02-10 11:52:53 -05:00
Sandro 756e574ebd
Merge pull request #282971 from wegank/restya-board-drop 
restya-board: drop
 2024-02-10 17:28:05 +01:00
Peder Bergebakken Sundt 40cb108adf
Merge pull request #232528 from SuperSandro2000/chromium-kde 
nixos/chromium: add enablePlasmaBrowserIntegration option
 2024-02-10 17:15:14 +01:00
Peder Bergebakken Sundt c43fd32e03
Merge pull request #248315 from apeschar/oci-containers-backend-stop 
nixos/oci-containers: stop container using backend
 2024-02-10 17:12:56 +01:00
Peder Bergebakken Sundt 6f55f021df
Merge pull request #287304 from ambroisie/pyload-user-group 
nixos/pyload: add user/group options
 2024-02-10 14:59:23 +01:00
Maximilian Bosch 66a0b77a78
Merge pull request #286394 from SuperSandro2000/nextcloud-timer 
nixos/nextcloud: don't execute cron when in maintenace/upgrade, don't kill cgroup
 2024-02-10 12:48:05 +01:00
Peder Bergebakken Sundt 5caded32fe
Merge pull request #277189 from anpin/fix/cloudflared-service 
cloudflared: fixed missing configuration options
 2024-02-10 12:45:08 +01:00
maxine 53f6fedd04
Merge pull request #287512 from r-vdp/fwupd_1_9_13 
fwupd: 1.9.12 -> 1.9.13
 2024-02-10 11:05:51 +01:00
Joris Bolsens 1856e7e4b1 nixos/kubernetes: use correct -o option with bash install when copying certs in cfssl prestart script 2024-02-10 01:46:00 -08:00
Martin Weinelt 3d67816966
home-assistant: 2024.1.6 -> 2024.2.1 
https://www.home-assistant.io/blog/2024/02/07/release-20242/
https://github.com/home-assistant/core/releases/tag/2024.2.1
 2024-02-10 04:15:41 +01:00
Silvan Mosberger 11cd405226
Merge pull request #280322 from h7x4/add-hocon-format-generator 
pkgs.formats: Add HOCON format generator
 2024-02-10 03:07:51 +01:00
Silvan Mosberger 5de4385620
Merge pull request #285833 from 360ied/murmur-hardened 
nixos/murmur: systemd service hardening
 2024-02-10 02:48:46 +01:00
github-actions[bot] b64b4f2d6a
Merge master into staging-next 2024-02-09 18:01:06 +00:00
Bernardo Meurer f459aeeb8d
Merge pull request #287528 from arianvp/amazon-image-maintainer 
nixos/amazon-image: Take over maintainership
 2024-02-09 12:33:11 -05:00
Will Fancher 0cf1e24f32
Merge pull request #284627 from Trundle/nftables-ordering 
nixos/nftables: remove default systemd dependencies
 2024-02-09 12:29:24 -05:00
Arian van Putten a1232992ac nixos/amazon-image: Take over maintainership 
I am actively working on bringing back Amazon Images for 24.05.
Please track progress in https://github.com/nixos/amis
 2024-02-09 18:02:40 +01:00
Maximilian Bosch bd8acd0141
Merge pull request #286172 from mweinelt/matrix-uds-listeners 
nixos/matrix-synapse: Add UNIX domain socket listener support
 2024-02-09 17:58:41 +01:00
Vincent Haupert 6d8391a3ce nixos/github-runners: add a group option to set the executing group 
Similar to the `user` option, the added `group` option sets the group of
the executing process. If not `null`, it also sets `DynamicUser=false`.
In case `user` is set to `null` (the default), systemd would run the
service as root implicitly. As this is dangerous and most certainly not
what users want, we force them to set `user = "root"` explicitly if
that's really their intention. That's achieved through an assertion.
 2024-02-09 16:58:09 +01:00
r-vdp 12de1b3a38
fwupd: 1.9.12 -> 1.9.13 
Changelog: https://github.com/fwupd/fwupd/releases/tag/1.9.13
 2024-02-09 16:45:09 +01:00
Maximilian Bosch f6954309e8
nixos/users-groups: warn on ambiguous password settings 
After 4b128008c5 it took me a while in a
test setup to find out why `root` didn't have the password anymore I
declared in my config.

Because of that I got reminded how the order of preference works for the
password options:

    hashedPassword > password > hashedPasswordFile

If the user is new, initialPassword & initialHashedPassword are also
relevant. Also, the override is silent in contrast to any other
conflicting definition in NixOS.

To make this less surprising I decided to warn in such a case -
assertions would probably break too much that technically works as
intended.

Also removed the `initialHashedPassword` for `root`. This would cause a
warning whenever you set something in your own config and a `!` is added
automatically by `users-groups.pl`.

`systemd-sysusers` also seems to implement these precedence rules, so
having the warning for that case also seems useful.
 2024-02-09 16:44:35 +01:00
h7x4 39a779e269
treewide: use formats.hocon 2024-02-09 16:40:22 +01:00
Vincent Haupert 35df23c07d nixos/github-runners: set DynamicUser=false if user not null 2024-02-09 16:19:23 +01:00
Vincent Haupert 3f13f8d85e nixos/github-runners: align nodeRuntimes option with package 
The `github-runner` package only supports `nodejs_20` since `nodejs_16`
was removed in a2976db919.

It still makes sense to keep the `nodeRuntimes` option as this is
probably not the last Node.js we'll deprecate with at least some grace
period.
 2024-02-09 16:19:23 +01:00
Vincent Haupert 782b164523 nixos/github-runners: rework name default 2024-02-09 16:19:19 +01:00
Martin Weinelt 91d9c159da
nixos/matrix-synapse: fix recursive filtering of null values 
Using `filterAttrsRecursive` is not sufficient to account for a nested
attribute set with list values, like used for listeners.
 2024-02-09 16:05:05 +01:00
Martin Weinelt 143d266f0d
nixos/matrix-synapse: add UNIX domain socket listener support 
Exposes two options, `path` and `mode`, to configure the location and
permissions on the socket file.

The `mode` needs to be specified as string in octal and will be converted
into a decimal integer, so it correctly passes through the YAML parser
and arrives at the `os.chmod` call in the Twisted codebase. What a fun
detour.

Adds an assertion, that either `path` or `bind_addresses` and `port` are
configured on every listener.

Migrates the default replication listener of the main instance to a UNIX
domain socket, because it is more efficient.

Introduces the `enableRegistrationScript` option, to gracefully disable
the user registration script, when the client listener listens on a UNIX
domain socket, which is something the script does not support.
 2024-02-09 16:05:05 +01:00
Valentin Gagarin e385b36a32
Merge pull request #287438 from fricklerhandwerk/qemu-docs-link 2024-02-09 15:37:35 +01:00
Vincent Haupert 9ad02c831a nixos/github-runner: deprecate module in favor of github-runners.* 2024-02-09 15:14:32 +01:00
Vincent Haupert ab57ba24cf nixos/github-runners: document new runner registrations 
Make the documentation of the options `workDir` and `ephemeral` reflect
that changing these options will trigger a new runner registration.
 2024-02-09 15:14:32 +01:00
Vincent Haupert a9c807496f nixos/github-runners: add noDefaultLabels option 
Add option `noDefaultLabels` which controls the `--no-default-labels`
switch passed to the configure script.
 2024-02-09 15:14:32 +01:00
Vincent Haupert ae140cd468 nixos/github-runners: remove superfluous usages of lib 2024-02-09 15:14:31 +01:00
github-actions[bot] a7f4ae0644
Merge master into staging-next 2024-02-09 12:01:11 +00:00
nikstur 8a3e1cf40a
Merge pull request #287013 from WilliButz/qemu-vm/tmpfiles-settings 
nixos/qemu-vm: convert tmpfiles rules to settings
 2024-02-09 11:42:17 +01:00
Valentin Gagarin 85f4b05e39 doc: add link to QEMU reference documentation in QEMU module 2024-02-09 11:21:07 +01:00
Valentin Gagarin 11c26d4cc5 use code for env var notation 2024-02-09 11:16:28 +01:00
Valentin Gagarin d9009e0028 doc: expand on parameters passed to QEMU VMs 2024-02-09 10:48:52 +01:00
Valentin Gagarin b1f6e08177 doc: add link to Nix manual 2024-02-09 10:47:08 +01:00
Linus Heckemann 4916e22812
Merge pull request #286176 from nikstur/writable-overlays 
nixos/filesystems: init overlayfs
 2024-02-09 08:22:09 +01:00
Martin Weinelt a43d9cd69a
nixos/prometheus-fastly-exporter: fix runtime environment 
- Make the token a required option
- Drop the proto from the listen parameter
- Use systemd credentials to pass the token file
- Drop debug flag, use extraArgs instead
- Actually hook up extraArgs
- Escape shell arguments
- Drop overly broad `with lib` statement
 2024-02-09 02:24:48 +01:00
github-actions[bot] 592e5dab71
Merge master into staging-next 2024-02-09 00:02:27 +00:00
Bruno BELANYI c14f029dae nixos/pyload: add user/group options 2024-02-08 20:27:14 +00:00
nikstur 4d2c5b722a
Merge pull request #285114 from WilliButz/improve-uki-settings-merging 
nixos/boot.uki: allow partial overrides of default UKI settings
 2024-02-08 21:15:08 +01:00
github-actions[bot] 13d222c591
Merge master into staging-next 2024-02-08 18:01:04 +00:00
Aaron Andersen 2d8bd81554
Merge pull request #286063 from yaxitech/github-runner-node-runtimes-286059 
nixos/github-runners: only override pkg if it has a `nodeRuntimes` arg
 2024-02-08 07:20:13 -08:00
github-actions[bot] 74098fff88
Merge master into staging-next 2024-02-08 06:01:13 +00:00
Ryan Lahfa f5c054af12
Merge pull request #264369 from RaitoBezarius/drop-pamusb 
pam_usb, nixos/pam-usb: drop
 2024-02-08 04:26:23 +01:00
Raito Bezarius 2d78f55438 pam_usb, nixos/pam-usb: drop 
`security.pam.usb` is broken anyway and upstream has abandoned the software.
 2024-02-08 02:59:45 +01:00
github-actions[bot] 8cb642cb14
Merge master into staging-next 2024-02-08 00:02:08 +00:00
Peter Hoeg 9a113b42b3 nixos/version: add ANSI_COLOR 2024-02-08 00:14:53 +01:00
Jörg Thalheim ded6a6cb80
Merge pull request #277137 from ajs124/fix/tt-rss-phpPackage 
nixos/tt-rss: add phpPackage option
 2024-02-07 23:19:57 +01:00
nikstur 1c1cfa073a nixos/filesystems: init overlayfs 2024-02-07 22:13:00 +01:00
Kim Lindberger debe2ca258
Merge pull request #286532 from flyingcircusio/PL-131811-gitlab-loose-coupling-upstream 
nixos.gitlab: loosen the coupling of gitlab services to postgresql and redis
 2024-02-07 19:29:01 +01:00
github-actions[bot] 296d2f6991
Merge master into staging-next 2024-02-07 18:00:58 +00:00
Sarah Brofeldt cd5c10f696
Merge pull request #275896 from hoppla20/master 
nixos/kubernetes: fix pki's mkSpec function
 2024-02-07 18:44:35 +01:00
Oliver Schmidt 13ba002dd0 nixos/services.gitlab: loosen the coupling between gitlab and postgres/ redis to avoid restarts and races 
Gitlab stays running at redis and postgresql restarts as if these
components were on a different host anyways. Handling reconnetctions is
part of the application logic.

Co-authored-by: Kim Lindberger <kim.lindberger@gmail.com>
for formatting fixes and test failure debugging.
 2024-02-07 18:19:18 +01:00
Sandro f7654894a3
Merge pull request #285298 from SuperSandro2000/govee2mqtt 
govee2mqtt: init at 2024.01.21-088d4ca8, nixos/govee2mqtt: init
 2024-02-07 18:14:05 +01:00
ajs124 106626b8d7 nixos/tt-rss: add phpPackage option 
right now, we have php81 and php (which points to php82), which means that:
- php-fpm uses php81
- the update preStart uses php81
- the actual updater uses php82
 2024-02-07 17:41:27 +01:00
ajs124 33ca948d6a
Merge pull request #259604 from sefidel/tt-rss-force-update-schema 
nixos/tt-rss: supply --force-yes to update-schema
 2024-02-07 17:39:03 +01:00
WilliButz 0139970416
nixos/qemu-vm: convert tmpfiles rules to settings 
This change replaces the previously hard-coded `/boot` path with a
reference to `efiSysMountPoint` and more importantly this change makes
it possible to override these rules in scenarios in which they are not
desired.

One such scenario would be when `systemd-gpt-auto-generator(8)` is used
to automount the ESP. Consider this section from the mentioned manpage:

> The ESP is mounted to /boot/ if that directory exists and is not used
> for XBOOTLDR, and otherwise to /efi/. Same as for /boot/, an automount
> unit is used. The mount point will be created if necessary.

Prior to this change, the ESP would be automounted under `/efi` on first
boot, then the previous tmpfiles rules caused `/boot` to be created.
Following the quote above, this meant that the ESP is mounted under
`/boot` for each subsequent boot.
 2024-02-07 16:25:30 +01:00
Robert Schütz 743b095b5e
Merge pull request #286454 from dotlambda/nginx-acme-auth_request-off 
nixos/nginx: turn auth_request off for ACME challenge
 2024-02-07 15:08:08 +00:00
Sandro Jäckel d449e88309
nixos/chromium: remove lots of extra whitespace from docs 2024-02-07 16:04:26 +01:00
Sandro Jäckel 42b58f2c73
nixos/plasma5: enable programs.chromium.enablePlasmaBrowserIntegration 2024-02-07 16:04:25 +01:00
Sandro Jäckel d4df5391d0
nixos/chromium: add enablePlasmaBrowserIntegration, plasmaBrowserIntegrationPackage options 2024-02-07 16:04:25 +01:00
Sandro Jäckel a73a43d737
nixos/chromium: don't generate empty files 2024-02-07 16:04:20 +01:00
Sandro Jäckel 5538de972d
nixos/chromium: cleanup formatting a bit to 
this also reduces the diff in the next commits
 2024-02-07 16:03:42 +01:00
Kerstin a3ed4692b7
Merge pull request #286943 from Tom-Hubrecht/kanidm 
kanidm: 1.1.0-rc.15 -> 1.1.0-rc.16
 2024-02-07 15:07:13 +01:00
Christoph Heiss 62854c0103
sourcehut: add myself as maintainer 
I worked already a lot on this stuff, esp. modules - so it just makes
sense.

Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-02-07 14:58:12 +01:00
Tom Hubrecht ad67485526 kanidm: 1.1.0-rc.15 -> 1.1.0-rc.16 
Release notes: https://github.com/kanidm/kanidm/releases/tag/v1.1.0-rc.16
 2024-02-07 14:14:39 +01:00
Martin Weinelt 02324756dd
nixos/zigbee2mqtt: revert systemd unit to simple type 
A recent release added systemd notify support, so I migrated our unit
towards that. The NixOS test did not reveal that the unit would not fully
activate.

Reverts: 165326d2c (partially)
Closes: #286977
 2024-02-07 13:51:11 +01:00
github-actions[bot] 03dd2b9470
Merge master into staging-next 2024-02-07 12:01:11 +00:00
Franz Pletz 5ef42fcd84
Merge pull request #286832 from trofi/crda-removal-and-wireless-regdb-update 
crda: remove package, wireless-regdb: 2023.09.01 -> 2024.01.23
 2024-02-07 11:52:55 +01:00
Sandro Jäckel 1b3f92087b
nixos/govee2mqtt: init 2024-02-07 10:39:23 +01:00
Rodney Lorrimar 8513f69b24 nixos/phosh: Ensure that desktop session is identified as Phosh 2024-02-07 20:10:15 +11:00
Will Fancher ee9becfdfb
Merge pull request #285315 from jmbaur/sysupdate-fixes 
nixos/sysupdate: allow lists in sysupdate config
 2024-02-07 03:01:49 -05:00
Weijia Wang 29b534a3d4 restya-board: drop 2024-02-07 01:33:05 +01:00
github-actions[bot] 9824e51195
Merge master into staging-next 2024-02-07 00:02:01 +00:00
Martin Weinelt 7317fb9f77
Merge pull request #286287 from fleaz/frigate-update 
frigate: 0.12.1 -> 0.13.1
 2024-02-07 00:09:42 +01:00
Sergei Trofimovich 275855d632 nixos: hostapd: drop unused crda package import 2024-02-06 22:45:01 +00:00
fleaz 250078ceba
frigate: 0.12.1 -> 0.13.1 
Changelog:
https://github.com/blakeblackshear/frigate/releases/tag/v0.13.0
https://github.com/blakeblackshear/frigate/releases/tag/v0.13.1

Co-Authored-By: Martin Weinelt <hexa@darmstadt.ccc.de>
 2024-02-06 22:54:22 +01:00
Sandro Jäckel e91a7b7a4e
hedgedoc: move files to share/hedeodc in the package 2024-02-06 19:26:21 +01:00
Felix Bühler 481c7ffc8e
Merge pull request #286069 from linsui/nau 
nixos/nautilus-open-any-terminal: add to module-list.nix
 2024-02-06 19:21:49 +01:00
Felix Bühler 9e23c379c7
Merge pull request #286032 from Stunkymonkey/k8s-pki-remove-chown 
kubernetes: prefer 'install' over 'mkdir/chmod/chown'
 2024-02-06 19:21:08 +01:00
Sandro Jäckel 26316368cb
hedgedoc: fix executing any of the management clis, remove heroku bin 
as we don't need that
 2024-02-06 19:13:51 +01:00
Felix Bühler 5dac2ab264
Merge pull request #286577 from Pablo1107/photoprism-module/fix-manage-script-typo 
nixos/photoprism: fix typo with duplicated exec call
 2024-02-06 19:09:53 +01:00
github-actions[bot] 33b366b63f
Merge master into staging-next 2024-02-06 18:01:02 +00:00
Sandro ed742ab4fc
Merge pull request #275621 from Yarny0/tsm-client-update 
tsm-client: 8.1.20.0 -> 8.1.21.0
 2024-02-06 17:17:40 +01:00
Florian Klink 7c0a129076
Merge pull request #256652 from giorgiga/rateLimitBurst-documentation 
Clarify journal size limit defaults in documentaiton of services.journald.rateLimitBurst
 2024-02-06 13:26:35 +01:00
github-actions[bot] 952bd69944
Merge master into staging-next 2024-02-06 06:00:54 +00:00
Sandro 4494fcaab7
nixos/acme: default to lets encrypt production URL instead of null, mention lets encrypt staging URI (#270221) 2024-02-06 01:51:09 +01:00
github-actions[bot] 8e7913be95
Merge master into staging-next 2024-02-06 00:02:21 +00:00
Pablo Andres Dealbera 14a1f86791 nixos/photoprism: fix typo 2024-02-05 19:34:43 -03:00
nu-nu-ko ccf92aad9b nixos/jellyfin: add directory options 2024-02-06 11:07:33 +13:00
Robert Hensing 274ae6a454
Merge pull request #284117 from Stunkymonkey/amqp-write-secret 
nixos/rabbitmq: prefer 'install' over 'mkdir/chmod/chown'
 2024-02-05 19:29:19 +01:00
github-actions[bot] 2579984b85
Merge master into staging-next 2024-02-05 18:01:13 +00:00
Peder Bergebakken Sundt a8880f1647 nixos/ttyd: add entrypoint option 2024-02-05 17:38:00 +01:00
Leona Maroni 2b7e1ddb4a
nixos/youtrack: fix warnings (#285775) 
* nixos/youtrack: fix extraParams warning

* nixos/youtrack: use new option for port in nginx config
 2024-02-05 17:17:45 +01:00
Sandro 1b06c0f273
Merge pull request #286341 from Izorkin/update-fastfetch 2024-02-05 17:08:45 +01:00
Franz Pletz fadde8db1f
Merge pull request #286324 from Izorkin/update-libvirt-oom 
nixos/libvirt: changing process priority for oom killer
 2024-02-05 15:47:25 +01:00
Robert Schütz 1dd5f2b1f9 nixos/nginx: turn auth_request off for ACME challenge 
This is e.g. necessary when using tailscale-nginx-auth.
 2024-02-05 00:33:33 -08:00
github-actions[bot] 0f22335f7d
Merge master into staging-next 2024-02-05 06:01:04 +00:00
jerrita e686847d20
nixos/nftables: add option for flattening rulesetFile 
Co-authored-by: Lin Jian <me@linj.tech>
 2024-02-05 11:27:16 +08:00
360ied 11cf6ab0dd nixos/murmur: systemd service hardening 
Murmur provides an official systemd service file in their repo,
which contains various service hardening settings:

c4b5858d14/auxiliary_files/config_files/mumble-server.service.in (L7)

The service configuration in nixpkgs does not include these hardening settings.

This commit adds the hardening settings to the murmur service in nixpkgs.
This drops the `systemd-analyze security` score of murmur.service from 9.2 (UNSAFE) to 2.1 (OK).
 2024-02-04 21:23:34 -05:00
Sandro Jäckel c64c45da9c
nixos/nextcloud: don't execute cron when in maintenace/upgrade, don't kill cgroup 
Those are upstream recommendations taken from
22d2472b8f/admin_manual/configuration_server/background_jobs_configuration.rst (systemd)
 2024-02-05 01:29:13 +01:00
Sandro Jäckel 42daa00928
nixos/nextcloud: little formatting 2024-02-05 01:29:13 +01:00
LRFLEW 8b0d333f54
nixos/archisteamfarm: allow bots.*.passwordFile to be null (#284978) 
* Make services.archisteamfarm.bots.*.passwordFile Nullable

This adds support for alternate password specification methods, such as through the web-ui.

* Update description for services.archisteamfarm.bots.*.passwordFile

Adds note about omitting or setting to null to provide the password through the web-ui.
 2024-02-05 01:18:23 +01:00
github-actions[bot] 42e44c0583
Merge master into staging-next 2024-02-05 00:02:17 +00:00
oddlama b7f29692c0
nixos/hostapd: fix utf8Ssid setting not properly honored 2024-02-05 00:52:08 +01:00
Weijia Wang 7ece427021
Merge pull request #279268 from superherointj/etcd-fix-firewall-startup 
nixos/etcd: fixes etcd failing to start at boot and add openFirewall option
 2024-02-05 00:37:09 +01:00
Weijia Wang e2fb30fabc
Merge pull request #239785 from milibopp/neo4j-5.9.0 
neo4j: 4.4.11 -> 5.9.0
 2024-02-05 00:21:21 +01:00
Izorkin 15dfbbd4c3
fastfetch: add vulkanSupport option 2024-02-05 01:32:05 +03:00
Izorkin 69206539d4
fastfetch: add waylandSupport option 2024-02-05 01:32:04 +03:00
Izorkin 556b8c7b6f
fastfetch: add x11Support option 2024-02-05 01:32:03 +03:00
Robert Hensing 6761394083 nixos/rabbitmq: Rename cookie -> unsafeCookie 
Not a mkRenamedOptionModule, because user intervention is required
to determine whether they have a problem. mkRenamed* does not let
us explain anything to the user.
 2024-02-04 21:41:29 +01:00
github-actions[bot] 145a9cb679
Merge master into staging-next 2024-02-04 18:01:14 +00:00
Izorkin 9ad115e5f3
nixos/libvirt: changing process priority for oom killer 2024-02-04 19:54:02 +03:00
Artturi 8f893ff1da
Merge pull request #221628 from rhysmdnz/intune 
Microsoft Intune
 2024-02-04 17:31:58 +02:00
Jade Lovelace e456032add nixos/flake: put nixpkgs in NIX_PATH and system registry for flake configs 
Currently there are a bunch of really wacky hacks required to get nixpkgs
path correctly set up under flake configs such that `nix run
nixpkgs#hello` and `nix run -f '<nixpkgs>' hello` hit the nixpkgs that
the system was built with. In particular you have to use specialArgs or
an anonymous module, and everyone has to include this hack in their
own configs.

We can do this for users automatically.

I have tested these manually with a basic config; I don't know if it is
even possible to write a nixos test for it since you can't really get a
string-with-context to yourself unless you are in a flake context.
 2024-02-03 20:44:38 -08:00
github-actions[bot] 5a036cc96a
Merge master into staging-next 2024-02-03 18:00:51 +00:00
Linus Heckemann 9f571cb4ef
Merge pull request #284508 from nikstur/etc-overlay-leading-slash 
nixos/etc: remove leading slash from paths
 2024-02-03 18:01:01 +01:00
linsui b88eaf5d62 nixos/nautilus-open-any-terminal: add to module-list.nix 2024-02-03 22:27:31 +08:00
Vincent Haupert e6854b295b nixos/github-runners: only override pkg if it has a nodeRuntimes arg 
Older versions of the github-runner package might not have the
`nodeRuntimes` argument yet causing an error as the NixOS module always
tries to override the argument.

The commit makes sure we only override `nodeRuntimes` if the configured
package has a `nodeRuntimes` argument.
 2024-02-03 14:33:39 +01:00
Felix Buehler ffadbb6788 kubernetes: prefer 'install' over 'mkdir/chmod/chown' 2024-02-03 11:16:23 +01:00
github-actions[bot] 95ffc37024
Merge staging-next into staging 2024-02-03 06:01:25 +00:00
Martin Weinelt e1ee205a99
Merge pull request #285931 from mweinelt/zigbee2mqtt-1.35.2 
zigbee2mqtt: 1.35.1 -> 1.35.2
 2024-02-03 03:44:36 +01:00
Martin Weinelt 165326d2ca
zigbee2mqtt: 1.35.1 -> 1.35.2 
https://github.com/Koenkk/zigbee2mqtt/releases/tag/1.35.2
 2024-02-03 02:21:15 +01:00
github-actions[bot] 58c80dd7b8
Merge staging-next into staging 2024-02-02 18:01:50 +00:00
Adam Stephens 7585f26855
nixos/incus: add zfs/lib/udev to path 
Incus needs to find zvol_id for some operations, but zfs does not put
this executable in the bin directory. Exposing lib/udev into the Incus
path solves discovery of the executable

e5690705e8/internal/server/storage/drivers/driver_zfs_volumes.go (L1820C1-L1820C41)
 2024-02-02 12:36:41 -05:00
MinerSebas de306fb3d6 nixos/prometheus-restic-exporter: Use LoadCredential for password file 2024-02-02 14:47:46 +01:00
MinerSebas e7a2d8aa18 prometheus-restic-exporter: 1.4.0 -> 1.5.0 2024-02-02 14:47:43 +01:00
github-actions[bot] 0675b4b947
Merge staging-next into staging 2024-02-02 12:01:43 +00:00
h7x4 7ac5d2ce0c
Merge pull request #284154 from PassiveLemon/ALVR 
alvr: init at 20.6.1
 2024-02-02 11:36:08 +01:00
github-actions[bot] 3a8e4cc2aa
Merge staging-next into staging 2024-02-02 06:01:42 +00:00
Will Fancher 8c1a6046a2
Merge pull request #285411 from NickCao/networkd-stage1 
nixos/networkd: drop upstreamed stage-1 unit dependencies
 2024-02-01 20:35:17 -05:00
github-actions[bot] 6b866c8f85
Merge staging-next into staging 2024-02-02 00:02:44 +00:00
Rhys Davies d102910f47
nixos/pam: Add pam_intune 2024-02-02 10:01:52 +13:00
Rhys Davies 295a32a6b1
nixos/intune: init 2024-02-02 10:00:33 +13:00
h7x4 932344b54a
Merge pull request #270475 from MinerSebas/prometheus-restic-exporter 
prometheus-restic-exporter: init at 1.4.0
 2024-02-01 20:05:11 +01:00
Pierre Bourdon 3484985991
Merge pull request #285587 from edef1c/wrapper-cve-2023-6246 
nixos/modules/security/wrappers: limit argv0 to 512 bytes
 2024-02-01 19:18:45 +01:00
edef b4c9840652 nixos/modules/security/wrappers: limit argv0 to 512 bytes 
This mitigates CVE-2023-6246, crucially without a mass-rebuild.

Change-Id: I762a0d489ade88dafd3775d54a09f555dc8c2527
 2024-02-01 18:16:55 +00:00
github-actions[bot] 381e01e471
Merge staging-next into staging 2024-02-01 18:01:21 +00:00
Atemu f38bca1ca5
Merge pull request #279677 from leona-ya/paperless-nltk 
nixos/paperless: use nltk_data package as NLTK data source
 2024-02-01 16:59:28 +01:00
Leona Maroni 6300f478e9
nixos/paperless: use nltk_data package as NLTK data source 
nixos
 2024-02-01 16:53:34 +01:00
MinerSebas d1f031cbbd nixos/prometheus-restic-exporter: init module 2024-02-01 14:48:56 +01:00
Leona Maroni 0f2df9ff19 nixos/youtrack: rebuild module for 2023.x support 2024-02-01 13:36:13 +01:00
Martin Weinelt 27fa02d0f1
Merge remote-tracking branch 'origin/staging-next' into staging 
Conflicts:
-	pkgs/development/compilers/llvm/10/clang/default.nix
- pkgs/development/compilers/llvm/8/clang/default.nix
 2024-02-01 12:25:11 +01:00
Nick Cao 0850ee016b
nixos/networkd: drop upstreamed stage-1 unit dependencies 
Reference: https://github.com/systemd/systemd/pull/27791
 2024-01-31 22:52:52 -05:00
Andreas Stührk fc6c92faf3 nixos/nftables: remove default systemd dependencies 
With DefaultDependencies enabled, systemd adds "After=basic.target" to
service units. `basic.target` has a dependency on `sockets.target`, so
the `nftables` has (amongst others) the following order constraints:

* Before=network-pre.target
* After=sockets.target

Those constraints are often unsatisfiable. For example, `systemd-networkd`
has a dependency `After=network-pre.target`. When a socket unit now uses
`BindToDevice=` on a device managed by `networkd`, a timeout occurs
because `networkd` waits for `network-pre.target`, but
`network-pre.target` depends (through nftables) on `sockets.target`, but
the device to bind the socket to is never brought up, as this would
happen through `networkd`.

This is fixed by removing the implicit dependency on `basic.target`.
 2024-01-31 23:26:05 +01:00
Adam Stephens 75ec325cb9
nixos/pam: remove pam_cgfs 
pam_cgfs is a cgroups-v1 pam module. Verified with upstream that
this module no longer necessary on cgroups-v2 systems.
 2024-01-31 17:19:23 -05:00
Felix Bühler 6c22593ad4
Merge pull request #284799 from Pablo1107/photoprism-module/fix-manage-script 
nixos/photoprism: use nsenter to call photoprism bin with correct UID and PID
 2024-01-31 20:52:11 +01:00
Franz Pletz 9e485b2169
Merge pull request #284326 from WilliButz/snmp-exporter-module/fix-logPrefix 
nixos/prometheus-snmp-exporter: fix undefined logPrefix
 2024-01-31 19:55:40 +01:00
Jared Baur 50866dc20f
nixos/sysupdate: allow lists in sysupdate config 
Lists are convenient to have in sysupdate configuration when using
multiple `MatchPattern` under `Target` when the target can have multiple
filenames. This use-case is helpful for BootLoaderSpec bootcounting where the target file on
disk can have multiple filenames, and in order for sysupdate to properly
ensure only N number of instances of this target exist at one time, we
need to have multiple match patterns.
 2024-01-31 09:12:28 -08:00
Peder Bergebakken Sundt 0d13d2a90f nixos/ttyd: remove with lib; 2024-01-31 17:58:59 +01:00
Peder Bergebakken Sundt 4c70703931 nixos/ttyd: add writable option 
Co-authored-by: Carsten Rodin <19612711+carstoid@users.noreply.github.com>
 2024-01-31 17:57:42 +01:00
Peder Bergebakken Sundt 19159ced3e
Merge pull request #249523 from greizgh/seafile-10 
Seafile 10
 2024-01-31 17:13:54 +01:00
Peder Bergebakken Sundt d5d752af43
Merge pull request #280821 from SuperSandro2000/pretalx 
pretalx: init 2023.1.3
 2024-01-31 17:11:38 +01:00
Peder Bergebakken Sundt 9118823ed3
Merge pull request #226532 from SuperSandro2000/dhcpcd 
dhcpcd: change files after patching; nixos/dhcpcd: link dhcpcd.conf to /etc/ to fix dhcpcd -k
 2024-01-31 16:43:54 +01:00
Jörg Thalheim 7d5c09b02e
Merge pull request #285167 from Mic92/systemd-boot 
nixos/systemd-boot: fix editor option
 2024-01-31 22:38:09 +07:00
Nick Cao 2c4eca2c07
Merge pull request #285100 from Tungsten842/revert-281529-acpid 
Revert "acpid: Disable network access"
 2024-01-31 08:25:37 -05:00
Jörg Thalheim 202e697233 nixos/systemd-boot: fix editor option 2024-01-31 10:46:30 +07:00
Mario Rodas 4006079f95
Merge pull request #276177 from aaronjheng/prometheus-openvpn-exporter 
prometheus-openvpn-exporter: remove
 2024-01-30 19:32:50 -05:00
WilliButz ccff749532
nixos/boot.uki: allow partial overrides of default UKI settings 
Previously any user-provided config for boot.uki.settings would need to
either specify a full set of config for ukify or a combination of
mkOptionDefault to merge the "settings" attribute set with the module's
defaults and then mkOverride or mkForce to override a contained
attribute.

Now it is possible to trivially override parts of the module's default
config, such as the initrd or kernel command line, but overriding the
full set of settings now requires mkOverride / mkForce.
 2024-01-30 23:54:40 +01:00
Thomas Gerbet 898c3061fe
Merge pull request #279253 from risicle/ris-packagekit-1.2.8 
packagekit: 1.2.5.1pre -> 1.2.8
 2024-01-30 23:37:46 +01:00
Tungsten842 c1afcd1c8c
Revert "acpid: Disable network access" 2024-01-30 22:49:43 +01:00
Robert Scott 19b3ab3fe4 packagekit: use test_nop backend by default 
nix backend is broken and this is causing the nixos test to
fail
 2024-01-30 20:41:15 +00:00
Martin Weinelt 8f03632997
nixos/pretalx: init 2024-01-30 17:41:34 +01:00
Ryan Lahfa 386c037cb7
Merge pull request #284174 from jmbaur/repart-sector-size 
Fix appliance-repart-image NixOS VM test
 2024-01-30 16:36:09 +01:00
K900 3176d495ff nixos/plasma5: enable qt stuff 
Otherwise things like themes only work due to lucky wrapper leakage.
 2024-01-30 17:36:06 +03:00
Weijia Wang 5116ea824d
Merge pull request #280549 from wineee/deepin-icon 
deepin: move distribution.info back to deepin-desktop-base
 2024-01-30 14:50:13 +01:00
Luke Granger-Brown 23310f467a
Merge pull request #284980 from patka-123/update-paperless-service-example-doc 
nixos/paperless: update extraConfig to settings in service docs.
 2024-01-30 12:53:31 +00:00
Yureka a6c64fbd39
nixos/strongswan-swanctl: add includes option for secrets (#284742) 2024-01-30 12:47:33 +01:00
h7x4 ba5f81a6b6
Merge pull request #276547 from ambroisie/pyload-module 
nixos/pyload: init module
 2024-01-30 12:29:46 +01:00
Patka 3d028d17c9
nixos/paperless: update extraConfig to settings in service docs 
Signed-off-by: Patka <patka@patka.dev>
 2024-01-30 11:26:04 +01:00
Sandro 4891afd8df
Merge pull request #284735 from Izorkin/update-gpg-tui 2024-01-30 11:09:05 +01:00
K900 0f34032f5a nixos/plasma5: install missing style plugins 2024-01-30 11:38:10 +03:00
github-actions[bot] 2f68b418f1
Merge staging-next into staging 2024-01-30 06:01:22 +00:00
Luke Granger-Brown a12b828a26
Merge pull request #277661 from appsforartists/handheld-daemon 
handheld-daemon: init at 1.1.0
 2024-01-30 04:01:11 +00:00
Brenton Simpson b960a217bd handheld-daemon: touchup code style to better match nixpkgs 
Co-authored-by: h7x4 <h7x4@nani.wtf>
Co-authored-by: Luke Granger-Brown <git@lukegb.com>
Co-authored-by: Bruno BELANYI <bruno@belanyi.fr>
 2024-01-29 17:20:30 -08:00
github-actions[bot] 93a73aa6cf
Merge staging-next into staging 2024-01-30 00:02:29 +00:00
Franz Pletz 3432be07e4
Merge pull request #278555 from leona-ya/kresd-port-only-regex 2024-01-30 00:41:53 +01:00
Bernardo Meurer 429a3accd9
Merge pull request #284800 from lovesegfault/fix-moonraker-warn 
nixos/moonraker: fix update_manager.enable_system_updates being [bool] and not bool
 2024-01-29 18:23:33 -05:00
Franz Pletz da226d14bf
Merge pull request #284749 from 2xsaiko/outgoing/dovecot-fix-1 2024-01-30 00:17:12 +01:00
Felix Bühler b6e25194a4
Merge pull request #283778 from linsui/noat 
nixos/nautilus-open-any-terminal: init
 2024-01-29 22:07:23 +01:00
Marco Rebhan 522d660f25
nixos/dovecot: fix sieve script config generation 2024-01-29 19:42:55 +01:00
github-actions[bot] 6a27b0be74
Merge staging-next into staging 2024-01-29 18:01:37 +00:00
Bernardo Meurer 392b32b2af
nixos/moonraker: fix update_manager.enable_system_updates being [bool] and not bool 2024-01-29 11:31:12 -05:00
Pablo Andres Dealbera bb40443e77 nixos/photoprism: use nsenter to call photoprism bin with correct UID and PID 2024-01-29 13:26:35 -03:00
Bobby Rong 850bac2305
Merge pull request #284633 from FedericoSchonborn/budgie-desktop-10.9 
Budgie Desktop 10.9
 2024-01-29 21:58:15 +08:00
Marco Rebhan 26e71b5a5b
nixos/dovecot: remove unused imports 2024-01-29 12:21:58 +01:00
Izorkin fd21b17628
nixos/no-x-libs: add gpg-tui 2024-01-29 12:35:22 +03:00
Nick Cao 519ebe37e2
Merge pull request #283452 from SuperSandro2000/pcsclite-outputs 
pcsclite: move binaries, polkit, systemd files to out, move libraries to lib
 2024-01-28 21:19:51 -05:00
Felix Bühler da47763cb8
Merge pull request #279384 from Stunkymonkey/recursive-pth-loader-normalize 
python311Packages.recursive-pth-loader: rename from recursivePthLoader
 2024-01-29 00:40:42 +01:00
Federico Damián Schonborn 0d209c6641
nixos/budgie: Replace gnome-session with budgie-session 
Signed-off-by: Federico Damián Schonborn <fdschonborn@gmail.com>
 2024-01-28 20:08:59 -03:00
Morgan Jones 1dc5eb13b0
nixos/armagetronad: add module with tests 2024-01-28 13:58:05 -08:00
Joachim F 6dd56e1483
Merge pull request #275579 from tamara-schmitz/master 
update hardened profile to new recommendations
 2024-01-28 20:25:27 +01:00
Sandro Jäckel 3da096a5c3
pcsclite: move binaries, polkit, systemd files to out, move libraries to lib 
This should make the things related to the udev rules and binaries a lot
simpler and more expected.
 2024-01-28 19:31:54 +01:00
Sandro 263af58884
Merge pull request #284488 from Silver-Golden/master 
Bitwarden directory connector: fix bad preStart
 2024-01-28 19:18:10 +01:00
K900 499b9a5de0
Merge pull request #284562 from K900/lemmy-nginx-fix 
lemmy: fix nginx config generation
 2024-01-28 20:48:51 +03:00
Kerstin 45b1d68c35
Merge pull request #283981 from f2k1de/mastodon-too-many-open-files-fix 
mastodon: set LimitNOFILE
 2024-01-28 18:47:53 +01:00
ocfox 01e674ba90
nixos/transfer-sh: init 
Co-authored-by: Pablo Ovelleiro Corral <mail@pablo.tools>
 2024-01-29 00:44:35 +08:00
Nick Cao 2389ab15b4
Merge pull request #284496 from ElvishJerricco/systemd-255-hibernate-resume 
systemd-stage-1: Fix hibernate-resume with systemd v255
 2024-01-28 11:20:04 -05:00
K900 c34a1d5135 lemmy: fix nginx config generation 2024-01-28 19:15:02 +03:00
Aaron Andersen 0ed21f3b09
Merge pull request #284122 from Stunkymonkey/zabbix-write-secret 
nixos/{zabbixServer,zabbixProxy}: prefer 'install' over 'mkdir/chmod/chown'
 2024-01-28 06:24:11 -08:00
nikstur dff64f549e nixos/x11: remove leading slash from environment.etc path 
Even if the tools that assemble /etc can handle leading slashes, this
still is not correct. For example, you could have both /X11 and X11 in
environment.etc which makes overriding hard.
 2024-01-28 13:38:09 +01:00
nikstur a9161ceb5a nixos/etc: remove leading slash from target paths in build-composefs-dump.py 
This is necessary so that duplicates in the composefs dump are avoided.
 2024-01-28 13:37:23 +01:00
Will Fancher 6f1b17d4b8 systemd-stage-1: Fix hibernate-resume with systemd v255 2024-01-28 06:52:21 -05:00
Brendan Golden fe59b6d24b
Bitwarden directory connector: fix bad preStart 2024-01-28 10:52:43 +00:00
Jared Baur 4e139026b5
nixos/repart: add option for configuring sector size 
This option is helpful for situations when the target host disk's sector
size differs from that of the build host.
 2024-01-27 17:19:32 -08:00
nikstur 92b98478a8 nixos/etc: fix type checking of build-composefs-dump.py 2024-01-28 01:58:56 +01:00
PassiveLemon 1d3e2a92bc nixos/alvr: init module 2024-01-27 19:45:27 -05:00
Martin Weinelt 0deb00012d
Merge pull request #255707 from micahsoftdotexe/update-navidrome 
nixos/navidrome: accept DataFolder option
 2024-01-28 00:08:18 +01:00
Micah Tanner 7d9e3e510b nixos/navidrome: accept DataFolder option 2024-01-27 17:54:50 -05:00