tobias/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-11-15 04:04:18 +01:00
Code Issues Packages Projects Releases Wiki Activity
585250 commits 213 branches 129 tags 14 GiB
Commit graph

29346 commits

Author SHA1 Message Date
Robert Schütz 1dd5f2b1f9 nixos/nginx: turn auth_request off for ACME challenge 
This is e.g. necessary when using tailscale-nginx-auth.
 2024-02-05 00:33:33 -08:00
github-actions[bot] 0f22335f7d
Merge master into staging-next 2024-02-05 06:01:04 +00:00
jerrita e686847d20
nixos/nftables: add option for flattening rulesetFile 
Co-authored-by: Lin Jian <me@linj.tech>
 2024-02-05 11:27:16 +08:00
360ied 11cf6ab0dd nixos/murmur: systemd service hardening 
Murmur provides an official systemd service file in their repo,
which contains various service hardening settings:

c4b5858d14/auxiliary_files/config_files/mumble-server.service.in (L7)

The service configuration in nixpkgs does not include these hardening settings.

This commit adds the hardening settings to the murmur service in nixpkgs.
This drops the `systemd-analyze security` score of murmur.service from 9.2 (UNSAFE) to 2.1 (OK).
 2024-02-04 21:23:34 -05:00
Sandro Jäckel c64c45da9c
nixos/nextcloud: don't execute cron when in maintenace/upgrade, don't kill cgroup 
Those are upstream recommendations taken from
22d2472b8f/admin_manual/configuration_server/background_jobs_configuration.rst (systemd)
 2024-02-05 01:29:13 +01:00
Sandro Jäckel 42daa00928
nixos/nextcloud: little formatting 2024-02-05 01:29:13 +01:00
LRFLEW 8b0d333f54
nixos/archisteamfarm: allow bots.*.passwordFile to be null (#284978) 
* Make services.archisteamfarm.bots.*.passwordFile Nullable

This adds support for alternate password specification methods, such as through the web-ui.

* Update description for services.archisteamfarm.bots.*.passwordFile

Adds note about omitting or setting to null to provide the password through the web-ui.
 2024-02-05 01:18:23 +01:00
github-actions[bot] 42e44c0583
Merge master into staging-next 2024-02-05 00:02:17 +00:00
oddlama b7f29692c0
nixos/hostapd: fix utf8Ssid setting not properly honored 2024-02-05 00:52:08 +01:00
Weijia Wang 7ece427021
Merge pull request #279268 from superherointj/etcd-fix-firewall-startup 
nixos/etcd: fixes etcd failing to start at boot and add openFirewall option
 2024-02-05 00:37:09 +01:00
Weijia Wang e2fb30fabc
Merge pull request #239785 from milibopp/neo4j-5.9.0 
neo4j: 4.4.11 -> 5.9.0
 2024-02-05 00:21:21 +01:00
Izorkin 15dfbbd4c3
fastfetch: add vulkanSupport option 2024-02-05 01:32:05 +03:00
Izorkin 69206539d4
fastfetch: add waylandSupport option 2024-02-05 01:32:04 +03:00
Izorkin 556b8c7b6f
fastfetch: add x11Support option 2024-02-05 01:32:03 +03:00
Robert Hensing 6761394083 nixos/rabbitmq: Rename cookie -> unsafeCookie 
Not a mkRenamedOptionModule, because user intervention is required
to determine whether they have a problem. mkRenamed* does not let
us explain anything to the user.
 2024-02-04 21:41:29 +01:00
github-actions[bot] 145a9cb679
Merge master into staging-next 2024-02-04 18:01:14 +00:00
Izorkin 9ad115e5f3
nixos/libvirt: changing process priority for oom killer 2024-02-04 19:54:02 +03:00
Artturi 8f893ff1da
Merge pull request #221628 from rhysmdnz/intune 
Microsoft Intune
 2024-02-04 17:31:58 +02:00
github-actions[bot] 5a036cc96a
Merge master into staging-next 2024-02-03 18:00:51 +00:00
Linus Heckemann 9f571cb4ef
Merge pull request #284508 from nikstur/etc-overlay-leading-slash 
nixos/etc: remove leading slash from paths
 2024-02-03 18:01:01 +01:00
linsui b88eaf5d62 nixos/nautilus-open-any-terminal: add to module-list.nix 2024-02-03 22:27:31 +08:00
Vincent Haupert e6854b295b nixos/github-runners: only override pkg if it has a nodeRuntimes arg 
Older versions of the github-runner package might not have the
`nodeRuntimes` argument yet causing an error as the NixOS module always
tries to override the argument.

The commit makes sure we only override `nodeRuntimes` if the configured
package has a `nodeRuntimes` argument.
 2024-02-03 14:33:39 +01:00
Felix Buehler ffadbb6788 kubernetes: prefer 'install' over 'mkdir/chmod/chown' 2024-02-03 11:16:23 +01:00
github-actions[bot] 95ffc37024
Merge staging-next into staging 2024-02-03 06:01:25 +00:00
Martin Weinelt e1ee205a99
Merge pull request #285931 from mweinelt/zigbee2mqtt-1.35.2 
zigbee2mqtt: 1.35.1 -> 1.35.2
 2024-02-03 03:44:36 +01:00
Martin Weinelt 165326d2ca
zigbee2mqtt: 1.35.1 -> 1.35.2 
https://github.com/Koenkk/zigbee2mqtt/releases/tag/1.35.2
 2024-02-03 02:21:15 +01:00
github-actions[bot] 58c80dd7b8
Merge staging-next into staging 2024-02-02 18:01:50 +00:00
Adam Stephens 7585f26855
nixos/incus: add zfs/lib/udev to path 
Incus needs to find zvol_id for some operations, but zfs does not put
this executable in the bin directory. Exposing lib/udev into the Incus
path solves discovery of the executable

e5690705e8/internal/server/storage/drivers/driver_zfs_volumes.go (L1820C1-L1820C41)
 2024-02-02 12:36:41 -05:00
github-actions[bot] 0675b4b947
Merge staging-next into staging 2024-02-02 12:01:43 +00:00
h7x4 7ac5d2ce0c
Merge pull request #284154 from PassiveLemon/ALVR 
alvr: init at 20.6.1
 2024-02-02 11:36:08 +01:00
github-actions[bot] 3a8e4cc2aa
Merge staging-next into staging 2024-02-02 06:01:42 +00:00
Will Fancher 8c1a6046a2
Merge pull request #285411 from NickCao/networkd-stage1 
nixos/networkd: drop upstreamed stage-1 unit dependencies
 2024-02-01 20:35:17 -05:00
github-actions[bot] 6b866c8f85
Merge staging-next into staging 2024-02-02 00:02:44 +00:00
Rhys Davies d102910f47
nixos/pam: Add pam_intune 2024-02-02 10:01:52 +13:00
Rhys Davies 295a32a6b1
nixos/intune: init 2024-02-02 10:00:33 +13:00
h7x4 932344b54a
Merge pull request #270475 from MinerSebas/prometheus-restic-exporter 
prometheus-restic-exporter: init at 1.4.0
 2024-02-01 20:05:11 +01:00
Pierre Bourdon 3484985991
Merge pull request #285587 from edef1c/wrapper-cve-2023-6246 
nixos/modules/security/wrappers: limit argv0 to 512 bytes
 2024-02-01 19:18:45 +01:00
edef b4c9840652 nixos/modules/security/wrappers: limit argv0 to 512 bytes 
This mitigates CVE-2023-6246, crucially without a mass-rebuild.

Change-Id: I762a0d489ade88dafd3775d54a09f555dc8c2527
 2024-02-01 18:16:55 +00:00
github-actions[bot] 381e01e471
Merge staging-next into staging 2024-02-01 18:01:21 +00:00
Atemu f38bca1ca5
Merge pull request #279677 from leona-ya/paperless-nltk 
nixos/paperless: use nltk_data package as NLTK data source
 2024-02-01 16:59:28 +01:00
Leona Maroni 6300f478e9
nixos/paperless: use nltk_data package as NLTK data source 
nixos
 2024-02-01 16:53:34 +01:00
MinerSebas d1f031cbbd nixos/prometheus-restic-exporter: init module 2024-02-01 14:48:56 +01:00
Leona Maroni 0f2df9ff19 nixos/youtrack: rebuild module for 2023.x support 2024-02-01 13:36:13 +01:00
Martin Weinelt 27fa02d0f1
Merge remote-tracking branch 'origin/staging-next' into staging 
Conflicts:
-	pkgs/development/compilers/llvm/10/clang/default.nix
- pkgs/development/compilers/llvm/8/clang/default.nix
 2024-02-01 12:25:11 +01:00
Nick Cao 0850ee016b
nixos/networkd: drop upstreamed stage-1 unit dependencies 
Reference: https://github.com/systemd/systemd/pull/27791
 2024-01-31 22:52:52 -05:00
Andreas Stührk fc6c92faf3 nixos/nftables: remove default systemd dependencies 
With DefaultDependencies enabled, systemd adds "After=basic.target" to
service units. `basic.target` has a dependency on `sockets.target`, so
the `nftables` has (amongst others) the following order constraints:

* Before=network-pre.target
* After=sockets.target

Those constraints are often unsatisfiable. For example, `systemd-networkd`
has a dependency `After=network-pre.target`. When a socket unit now uses
`BindToDevice=` on a device managed by `networkd`, a timeout occurs
because `networkd` waits for `network-pre.target`, but
`network-pre.target` depends (through nftables) on `sockets.target`, but
the device to bind the socket to is never brought up, as this would
happen through `networkd`.

This is fixed by removing the implicit dependency on `basic.target`.
 2024-01-31 23:26:05 +01:00
Adam Stephens 75ec325cb9
nixos/pam: remove pam_cgfs 
pam_cgfs is a cgroups-v1 pam module. Verified with upstream that
this module no longer necessary on cgroups-v2 systems.
 2024-01-31 17:19:23 -05:00
Felix Bühler 6c22593ad4
Merge pull request #284799 from Pablo1107/photoprism-module/fix-manage-script 
nixos/photoprism: use nsenter to call photoprism bin with correct UID and PID
 2024-01-31 20:52:11 +01:00
Franz Pletz 9e485b2169
Merge pull request #284326 from WilliButz/snmp-exporter-module/fix-logPrefix 
nixos/prometheus-snmp-exporter: fix undefined logPrefix
 2024-01-31 19:55:40 +01:00
Jared Baur 50866dc20f
nixos/sysupdate: allow lists in sysupdate config 
Lists are convenient to have in sysupdate configuration when using
multiple `MatchPattern` under `Target` when the target can have multiple
filenames. This use-case is helpful for BootLoaderSpec bootcounting where the target file on
disk can have multiple filenames, and in order for sysupdate to properly
ensure only N number of instances of this target exist at one time, we
need to have multiple match patterns.
 2024-01-31 09:12:28 -08:00
Peder Bergebakken Sundt 0d13d2a90f nixos/ttyd: remove with lib; 2024-01-31 17:58:59 +01:00
Peder Bergebakken Sundt 4c70703931 nixos/ttyd: add writable option 
Co-authored-by: Carsten Rodin <19612711+carstoid@users.noreply.github.com>
 2024-01-31 17:57:42 +01:00
Peder Bergebakken Sundt 19159ced3e
Merge pull request #249523 from greizgh/seafile-10 
Seafile 10
 2024-01-31 17:13:54 +01:00
Peder Bergebakken Sundt d5d752af43
Merge pull request #280821 from SuperSandro2000/pretalx 
pretalx: init 2023.1.3
 2024-01-31 17:11:38 +01:00
Peder Bergebakken Sundt 9118823ed3
Merge pull request #226532 from SuperSandro2000/dhcpcd 
dhcpcd: change files after patching; nixos/dhcpcd: link dhcpcd.conf to /etc/ to fix dhcpcd -k
 2024-01-31 16:43:54 +01:00
Jörg Thalheim 7d5c09b02e
Merge pull request #285167 from Mic92/systemd-boot 
nixos/systemd-boot: fix editor option
 2024-01-31 22:38:09 +07:00
Nick Cao 2c4eca2c07
Merge pull request #285100 from Tungsten842/revert-281529-acpid 
Revert "acpid: Disable network access"
 2024-01-31 08:25:37 -05:00
Jörg Thalheim 202e697233 nixos/systemd-boot: fix editor option 2024-01-31 10:46:30 +07:00
Mario Rodas 4006079f95
Merge pull request #276177 from aaronjheng/prometheus-openvpn-exporter 
prometheus-openvpn-exporter: remove
 2024-01-30 19:32:50 -05:00
WilliButz ccff749532
nixos/boot.uki: allow partial overrides of default UKI settings 
Previously any user-provided config for boot.uki.settings would need to
either specify a full set of config for ukify or a combination of
mkOptionDefault to merge the "settings" attribute set with the module's
defaults and then mkOverride or mkForce to override a contained
attribute.

Now it is possible to trivially override parts of the module's default
config, such as the initrd or kernel command line, but overriding the
full set of settings now requires mkOverride / mkForce.
 2024-01-30 23:54:40 +01:00
Thomas Gerbet 898c3061fe
Merge pull request #279253 from risicle/ris-packagekit-1.2.8 
packagekit: 1.2.5.1pre -> 1.2.8
 2024-01-30 23:37:46 +01:00
Tungsten842 c1afcd1c8c
Revert "acpid: Disable network access" 2024-01-30 22:49:43 +01:00
Robert Scott 19b3ab3fe4 packagekit: use test_nop backend by default 
nix backend is broken and this is causing the nixos test to
fail
 2024-01-30 20:41:15 +00:00
Martin Weinelt 8f03632997
nixos/pretalx: init 2024-01-30 17:41:34 +01:00
Ryan Lahfa 386c037cb7
Merge pull request #284174 from jmbaur/repart-sector-size 
Fix appliance-repart-image NixOS VM test
 2024-01-30 16:36:09 +01:00
K900 3176d495ff nixos/plasma5: enable qt stuff 
Otherwise things like themes only work due to lucky wrapper leakage.
 2024-01-30 17:36:06 +03:00
Weijia Wang 5116ea824d
Merge pull request #280549 from wineee/deepin-icon 
deepin: move distribution.info back to deepin-desktop-base
 2024-01-30 14:50:13 +01:00
Luke Granger-Brown 23310f467a
Merge pull request #284980 from patka-123/update-paperless-service-example-doc 
nixos/paperless: update extraConfig to settings in service docs.
 2024-01-30 12:53:31 +00:00
Yureka a6c64fbd39
nixos/strongswan-swanctl: add includes option for secrets (#284742) 2024-01-30 12:47:33 +01:00
h7x4 ba5f81a6b6
Merge pull request #276547 from ambroisie/pyload-module 
nixos/pyload: init module
 2024-01-30 12:29:46 +01:00
Patka 3d028d17c9
nixos/paperless: update extraConfig to settings in service docs 
Signed-off-by: Patka <patka@patka.dev>
 2024-01-30 11:26:04 +01:00
Sandro 4891afd8df
Merge pull request #284735 from Izorkin/update-gpg-tui 2024-01-30 11:09:05 +01:00
K900 0f34032f5a nixos/plasma5: install missing style plugins 2024-01-30 11:38:10 +03:00
github-actions[bot] 2f68b418f1
Merge staging-next into staging 2024-01-30 06:01:22 +00:00
Luke Granger-Brown a12b828a26
Merge pull request #277661 from appsforartists/handheld-daemon 
handheld-daemon: init at 1.1.0
 2024-01-30 04:01:11 +00:00
Brenton Simpson b960a217bd handheld-daemon: touchup code style to better match nixpkgs 
Co-authored-by: h7x4 <h7x4@nani.wtf>
Co-authored-by: Luke Granger-Brown <git@lukegb.com>
Co-authored-by: Bruno BELANYI <bruno@belanyi.fr>
 2024-01-29 17:20:30 -08:00
github-actions[bot] 93a73aa6cf
Merge staging-next into staging 2024-01-30 00:02:29 +00:00
Franz Pletz 3432be07e4
Merge pull request #278555 from leona-ya/kresd-port-only-regex 2024-01-30 00:41:53 +01:00
Bernardo Meurer 429a3accd9
Merge pull request #284800 from lovesegfault/fix-moonraker-warn 
nixos/moonraker: fix update_manager.enable_system_updates being [bool] and not bool
 2024-01-29 18:23:33 -05:00
Franz Pletz da226d14bf
Merge pull request #284749 from 2xsaiko/outgoing/dovecot-fix-1 2024-01-30 00:17:12 +01:00
Felix Bühler b6e25194a4
Merge pull request #283778 from linsui/noat 
nixos/nautilus-open-any-terminal: init
 2024-01-29 22:07:23 +01:00
Marco Rebhan 522d660f25
nixos/dovecot: fix sieve script config generation 2024-01-29 19:42:55 +01:00
github-actions[bot] 6a27b0be74
Merge staging-next into staging 2024-01-29 18:01:37 +00:00
Bernardo Meurer 392b32b2af
nixos/moonraker: fix update_manager.enable_system_updates being [bool] and not bool 2024-01-29 11:31:12 -05:00
Pablo Andres Dealbera bb40443e77 nixos/photoprism: use nsenter to call photoprism bin with correct UID and PID 2024-01-29 13:26:35 -03:00
Bobby Rong 850bac2305
Merge pull request #284633 from FedericoSchonborn/budgie-desktop-10.9 
Budgie Desktop 10.9
 2024-01-29 21:58:15 +08:00
Marco Rebhan 26e71b5a5b
nixos/dovecot: remove unused imports 2024-01-29 12:21:58 +01:00
Izorkin fd21b17628
nixos/no-x-libs: add gpg-tui 2024-01-29 12:35:22 +03:00
Nick Cao 519ebe37e2
Merge pull request #283452 from SuperSandro2000/pcsclite-outputs 
pcsclite: move binaries, polkit, systemd files to out, move libraries to lib
 2024-01-28 21:19:51 -05:00
Felix Bühler da47763cb8
Merge pull request #279384 from Stunkymonkey/recursive-pth-loader-normalize 
python311Packages.recursive-pth-loader: rename from recursivePthLoader
 2024-01-29 00:40:42 +01:00
Federico Damián Schonborn 0d209c6641
nixos/budgie: Replace gnome-session with budgie-session 
Signed-off-by: Federico Damián Schonborn <fdschonborn@gmail.com>
 2024-01-28 20:08:59 -03:00
Joachim F 6dd56e1483
Merge pull request #275579 from tamara-schmitz/master 
update hardened profile to new recommendations
 2024-01-28 20:25:27 +01:00
Sandro Jäckel 3da096a5c3
pcsclite: move binaries, polkit, systemd files to out, move libraries to lib 
This should make the things related to the udev rules and binaries a lot
simpler and more expected.
 2024-01-28 19:31:54 +01:00
Sandro 263af58884
Merge pull request #284488 from Silver-Golden/master 
Bitwarden directory connector: fix bad preStart
 2024-01-28 19:18:10 +01:00
K900 499b9a5de0
Merge pull request #284562 from K900/lemmy-nginx-fix 
lemmy: fix nginx config generation
 2024-01-28 20:48:51 +03:00
Kerstin 45b1d68c35
Merge pull request #283981 from f2k1de/mastodon-too-many-open-files-fix 
mastodon: set LimitNOFILE
 2024-01-28 18:47:53 +01:00
Nick Cao 2389ab15b4
Merge pull request #284496 from ElvishJerricco/systemd-255-hibernate-resume 
systemd-stage-1: Fix hibernate-resume with systemd v255
 2024-01-28 11:20:04 -05:00
K900 c34a1d5135 lemmy: fix nginx config generation 2024-01-28 19:15:02 +03:00
Aaron Andersen 0ed21f3b09
Merge pull request #284122 from Stunkymonkey/zabbix-write-secret 
nixos/{zabbixServer,zabbixProxy}: prefer 'install' over 'mkdir/chmod/chown'
 2024-01-28 06:24:11 -08:00
nikstur dff64f549e nixos/x11: remove leading slash from environment.etc path 
Even if the tools that assemble /etc can handle leading slashes, this
still is not correct. For example, you could have both /X11 and X11 in
environment.etc which makes overriding hard.
 2024-01-28 13:38:09 +01:00
nikstur a9161ceb5a nixos/etc: remove leading slash from target paths in build-composefs-dump.py 
This is necessary so that duplicates in the composefs dump are avoided.
 2024-01-28 13:37:23 +01:00
Will Fancher 6f1b17d4b8 systemd-stage-1: Fix hibernate-resume with systemd v255 2024-01-28 06:52:21 -05:00
Brendan Golden fe59b6d24b
Bitwarden directory connector: fix bad preStart 2024-01-28 10:52:43 +00:00
Jared Baur 4e139026b5
nixos/repart: add option for configuring sector size 
This option is helpful for situations when the target host disk's sector
size differs from that of the build host.
 2024-01-27 17:19:32 -08:00
nikstur 92b98478a8 nixos/etc: fix type checking of build-composefs-dump.py 2024-01-28 01:58:56 +01:00
PassiveLemon 1d3e2a92bc nixos/alvr: init module 2024-01-27 19:45:27 -05:00
Martin Weinelt 0deb00012d
Merge pull request #255707 from micahsoftdotexe/update-navidrome 
nixos/navidrome: accept DataFolder option
 2024-01-28 00:08:18 +01:00
Micah Tanner 7d9e3e510b nixos/navidrome: accept DataFolder option 2024-01-27 17:54:50 -05:00
Tamara Schmitz b80c3284d5
nixos/hardened: update hardened profile to new recommendations 
Borrowing from here to match hardened profile with more recent kernels:
* https://madaidans-insecurities.github.io/guides/linux-hardening.html?#boot-parameters
* https://github.com/a13xp0p0v/kernel-hardening-checker/

Removed "slub_debug" as that option disables kernel memory address
hashing. You also see a big warning about this in the dmesg:
"This system shows unhashed kernel memory addresses via the console, logs, and other interfaces."

"init_on_alloc=1" and "init_on_free=1" zeroes all SLAB and SLUB allocations. Introduced in 6471384af2a6530696fc0203bafe4de41a23c9ef. Also the default for the Android Google kernel btw. It is on by default through the KConfig.

"slab_nomerge" prevents the merging of slab/slub caches. These are
effectively slab/slub pools.

"LEGACY_VSYSCALL_NONE" disables the older vsyscall mechanic that relies on
static address. It got superseeded by vdsos a decade ago. Read some
LWN.net to learn more ;)

"debugfs=off" I'm sure there are some few userspace programs that rely on
debugfs, but they shouldn't.

Most other things mentioned on the blog where already the default on a
running machine or may not be applicable.

Most other Kconfigs changes come from the kernel hardening checker and
were added, when they were not applied to the kernel already.

Unsure about CONFIG_STATIC_USERMODEHELPER. Would need testing.
 2024-01-27 20:43:58 +00:00
WilliButz 3a00809390
nixos/prometheus-snmp-exporter: fix undefined logPrefix 
When I added `coerceConfigFile` based on the blackbox exporter module, I
did not notice the missing attribute definition.
 2024-01-27 20:59:41 +01:00
Sandro Jäckel 1af95a24c1
nixos/dhcpcd: link dhcpcd.conf to /etc/ to fix dhcpcd -k 2024-01-27 18:12:55 +01:00
Nick Cao 8138e47046
Merge pull request #284115 from jacekpoz/ratbagd-module 
nixos/ratbagd: add package option
 2024-01-27 11:12:55 -05:00
Sandro 8219e2c1bc
Merge pull request #279050 from SuperSandro2000/portunus-seedsettings 
nixos/portunus: add seedSettings option
 2024-01-27 16:08:41 +01:00
Will Fancher 2af1ee5bba
Merge pull request #259196 from liff/mod/systemd-lock-handler 
nixos/systemd-lock-handler: init with corresponding package at 2.4.2
 2024-01-27 06:13:38 -05:00
Maximilian Bosch abd098fce8
Merge pull request #283972 from onny/nextcloud-settings 
nixos/nextcloud: Rename extraOptions to settings
 2024-01-27 11:01:23 +01:00
Olli Helenius e103c5cfcf
nixos/systemd-lock-handler: init 2024-01-27 11:55:46 +02:00
Pierre Bourdon b0051767f1
Merge pull request #284153 from JulienMalka/systemd-boot-builder-folder 
nixos/systemd-boot: move builder script in bin folder
 2024-01-27 06:58:18 +01:00
K900 b5dc67dd94
Merge pull request #284130 from xNaxdy/fix-plasma5-mobilegear 
nixos/plasma5: fix plasmaMobileGear path
 2024-01-27 07:07:52 +03:00
Weijia Wang 7d021ca26b
Merge pull request #265056 from rgri/init-mouse-actions 
mouse-actions: init at 0.4.4
 2024-01-27 03:47:42 +01:00
Julien Malka ceeddc5b15 nixos/systemd-boot: move builder script in bin folder 2024-01-27 01:29:40 +00:00
Thomas Gerbet 117fd19a77
Merge pull request #276306 from ambroisie/aria2-rpc-secret-file 
nixos/aria2: implement 'rpcSecretFile'
 2024-01-27 00:46:56 +01:00
Naxdy edc49b2e83
nixos/plasma5: fix plasmaMobileGear path 2024-01-26 23:52:49 +01:00
Yt a759a579fb
Merge pull request #283447 from Munksgaard/livebook-fixes 
livebook: Use `mix release` to build instead of escript
 2024-01-26 22:14:08 +00:00
Felix Buehler bdce5312c9 nixos/{zabbixServer,zabbixProxy}: prefer 'install' over 'mkdir/chmod/chown' 2024-01-26 23:10:57 +01:00
jacekpoz 49130d8bf7
nixos/ratbagd: add package option 2024-01-26 22:58:44 +01:00
Felix Buehler 4c9b5cb310 nixos/rabbitmq: prefer 'install' over 'mkdir/chmod/chown' 2024-01-26 22:56:28 +01:00
maxine 642317d03f
Merge pull request #283618 from SuperSandro2000/tailscale-resoleconf 
nixos/tailscale: make resolvconf package depending on enablement of module
 2024-01-26 22:41:14 +01:00
Felix Bühler d9de6dd272
Merge pull request #284075 from rhoriguchi/nixos/esphome 
nixos/esphome: add option to use ping to check online status of devices
 2024-01-26 22:13:11 +01:00
Kira Bruneau 473b20c3d7
Merge pull request #281909 from kira-bruneau/gamemode 
nixos/gamemode: add gamemode group
 2024-01-26 15:25:56 -05:00
superherointj cbe8e0c980 nixos/etcd: fix etcd category from misc to databases 2024-01-26 16:40:11 -03:00
superherointj 29d18e8f6f nixos/etcd: fixes etcd failing to start at boot and add openFirewall option 
Fixes etcd failing to start at boot for network and firewall not being ready and etcd peers being unavailable because of network/firewall

* configure etcd systemd unit to:

  - delay etcd start-up until network and firewall are ready
  - restart on failure and be always on

* add openFirewall option

  The official etcd ports are 2379 for client requests and 2380 for peer communication:
  https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.txt
  https://etcd.io/docs/v3.4/op-guide/configuration/
 2024-01-26 16:40:11 -03:00
Philip Munksgaard 1ee8e72834
livebook: Set KillMode=mixed 
This will gracefully shut down the service instead of resulting in errors like
this:

```
Jan 24 10:11:11 foo livebook[981676]: 10:11:11.922 [error] GenServer :disksup terminating
Jan 24 10:11:11 foo livebook[981676]: ** (stop) {:port_died, :normal}
Jan 24 10:11:11 foo livebook[981676]: Last message: {:EXIT, #Port<0.8>, :normal}
Jan 24 10:11:11 foo livebook[981676]: 10:11:11.922 [error] GenServer :memsup terminating
Jan 24 10:11:11 foo livebook[981676]: ** (stop) {:port_died, :normal}
```
 2024-01-26 20:19:49 +01:00
Philip Munksgaard 897d5670a3
livebook: Use mix release to build instead of escript 
The current build of livebook does not work with the new [Livebook
Teams](https://livebook.dev/teams/) features. The problem can be observed by
running the current version of livebook, adding a new team and going to the team
page. The process will crash and the team page will show a 500 error.

The base of the problem is that the escript build method is not officially
supported. This commit changes the livebook package to use the `mix release`
workflow, which is also the one used to build the official Docker container.

Unfortunately, the binary built with `mix release` does not support command line
arguments like the `escript` binary does. Instead, users need to pass in most of
the configuration as environment variables, as documented
[here](https://hexdocs.pm/livebook/readme.html#environment-variables). As a
result, this commit also changes the Livebook service to reflect this new way of
configuring Livebook.

Finally, the Livebook release configuration specifically excludes the
ERTS (Erlang Runtime System), which means that the resulting release cannot run
without Erlang installed.

I have tested the results (both of the package and the service) locally.
 2024-01-26 20:19:46 +01:00
Ryan Horiguchi 17243e6a84 nixos/esphome: add option to use ping to check online status of devices 2024-01-26 19:39:49 +01:00
Ryan Lahfa 37832d237e
Merge pull request #283244 from bjornfor/nixos-add-polkit-to-installation-device 
nixos/installation-device: enable polkit
 2024-01-26 14:46:48 +01:00
Jonas Heinrich e1c0d281b2 nixos/nextcloud: Rename extraOptions to settings 2024-01-26 14:22:49 +01:00
Isa 24930dadca mastodon: set LimitNOFILE 2024-01-26 12:30:57 +01:00
Lassulus da25b2382d
Merge pull request #280373 from h7x4/treewide-use-new-tmpfiles-api 
treewide: use new tmpfiles API
 2024-01-26 10:47:18 +01:00
tomberek 7aea9330a6
Merge pull request #60804 from jluttine/add-brightness-keys-to-light 
light: support brightness control keys
 2024-01-26 02:43:19 -05:00
Aaron Jheng 096f6d6c00
prometheus-openvpn-exporter: remove 2024-01-26 14:37:05 +08:00
rgri 28614f6861 mouse-actions: init at 0.4.4 
Co-authored-by: Donovan Glover <donovan@dglover.co>
Co-authored-by: Arne Keller <2012gdwu+github@posteo.de>
 2024-01-25 22:25:29 -06:00
Will Fancher f6d787c27f
Merge pull request #283818 from ElvishJerricco/revert-258680-network-online-x-multi-user 
nixos/systemd: Temporarily bring back multi-user -> network-online
 2024-01-25 18:18:18 -05:00
Robert Schütz 8433938f9b
Merge pull request #283617 from SuperSandro2000/headscale 
nixos/headscale: install package system wide
 2024-01-25 13:40:29 -08:00
Bruno BELANYI d3a1465196 nixos/aria2: implement 'rpcSecretFile' 
Since this is supposed to be a secret, use a file path as an input
instead of making it part of the expression, which would expose it in
the nix store.
 2024-01-25 21:36:21 +00:00
Felix Buehler d35003e302 python311Packages.recursive-pth-loader: rename from recursivePthLoader 2024-01-25 22:13:17 +01:00
Will Fancher 0d85bf0efe nixos/systemd: Temporarily bring back multi-user -> network-online 
There were several modules, critically including NetworkManager, which
were not prepared for this change. Most of the change was good,
however. Let's bring back the dependency and change the assertion to a
warning for now.
 2024-01-25 15:53:52 -05:00
maxine 066ccb996b
Merge pull request #282963 from NukaDuka/prometheus-pve-exporter-update 
prometheus-pve-exporter: 2.3.0 -> 3.2.1
 2024-01-25 21:17:19 +01:00
Ryan Lahfa 8cc42008aa
Merge pull request #274281 from RaitoBezarius/hebbot-module 
nixos/hebbot: init
 2024-01-25 20:33:02 +01:00
Ryan Lahfa ae910a15e6
Merge pull request #281001 from RaitoBezarius/new-sieve-dovecot-api 
nixos/mail/dovecot2: re-introduce extra settings and rename `sieveScripts`
 2024-01-25 20:32:35 +01:00
Ryan Lahfa 6fe2736c6f
Merge pull request #246055 from Tom-Hubrecht/netbird 
nixos/netbird: Allow running multiple netbird networks in parallel
 2024-01-25 20:08:58 +01:00
Raito Bezarius 78bc60b8a4 nixos/hebbot: init 
This is a NixOS module to support TWIM-style Matrix bots.
 2024-01-25 18:27:33 +01:00
rnhmjoj 1a1b91b3b9
nixos/dnsdist: add options for dnscrypt 2024-01-25 18:25:40 +01:00
Tom Hubrecht c2d822e6b0 nixos/netbird: Allow running multiple netbird networks in parallel 2024-01-25 17:25:59 +01:00
Raito Bezarius 3cb7823738 nixos/mail/dovecot2: warn about potential collision due to structured configuration 
Plugin configuration is pesky in dovecot2, let's warn about potential conflicts
in the module system by using a fancy regex.

This is only band-aid, this should be removed ASAP.

We clean up also a 21.05-era warning.
 2024-01-25 17:18:58 +01:00
Sandro Jäckel 922351ec86
nixos/tailscale: make resolvconf package depending on enablement of module 
If resolvconf is not enabled, trying to use it always fails because
/etc/resolvconf.conf contains an `exit 1`.
 2024-01-25 15:50:36 +01:00
linsui 6d1e022e7c nixos/nautilus-open-any-terminal: init 2024-01-25 22:00:23 +08:00
github-actions[bot] 8c2ba7797a
Merge master into staging-next 2024-01-25 12:01:19 +00:00
Julien Malka 39a2e0bb03
Merge pull request #283396 from newAM/clevis-clarify 2024-01-25 08:52:44 +01:00
github-actions[bot] 5af80acc9a
Merge master into staging-next 2024-01-25 06:01:04 +00:00
Elijah M. Immer c847e364ea nixos/hyprland: move to programs/wayland 
Just moved to hyprland module to programs/wayland.
This has no effect on the module side (still accessed the same way in
the module `programs.hyprland`) just moved to be inline with other
wayland compositors.

Also edit the module list to reflect where the file is located.
 2024-01-24 20:20:07 -08:00
Jörg Thalheim 559ddda570
Merge pull request #279852 from Madouura/pr/bcachefs 
bcachefs: update comments, release-notes, only use IFS for bcachefs, update bcachefs-tools and module
 2024-01-25 01:11:04 +01:00
github-actions[bot] a4b5a14b07
Merge master into staging-next 2024-01-25 00:02:13 +00:00
Sandro Jäckel 9f395dae71
nixos/headscale: install package system wide 
this is required to confirm nodes and generally manage everything
 2024-01-24 23:00:54 +01:00
Lassulus 65f1d64303
Merge pull request #279923 from jopejoe1/sshfs 
nixos/filesystems: set `system.fsPackages` for sshfs
 2024-01-24 22:04:41 +01:00
Alyssa Ross 0a95fd24f0
Merge remote-tracking branch 'origin/master' into staging-next 
Conflicts:
	pkgs/development/libraries/libunwind/default.nix
 2024-01-24 22:00:49 +01:00
r-vdp 28ea07d4e3
fwupd: 1.9.11 -> 1.9.12 
The fwupd daemon refuses to start when there is an uefi_capsule key without any
values in the config file, so I modified the module to only include this
key when there are actually values that go inside.
 2024-01-24 20:29:01 +01:00
github-actions[bot] d45e853c88
Merge master into staging-next 2024-01-24 12:01:06 +00:00
Vladimír Čunát 7f979aeb86
nixos/knot: allow specifying the clear section 
It was added in 3.3.4.  I'm not sure if it will be useful with NixOS
services, but I added it in the usual way anyway.
 2024-01-24 10:33:55 +01:00
a-n-n-a-l-e-e 18cc181b9b
Merge pull request #279511 from DanielSidhion/tigerbeetle-service 
nixos/tigerbeetle: init module
 2024-01-23 23:13:54 -08:00
github-actions[bot] bd24648ae1
Merge master into staging-next 2024-01-24 06:00:59 +00:00
Alex Martens c37de24b78 nixos/clevis: clairify secret creation 2024-01-23 20:46:52 -08:00
h7x4 f5d513c573
treewide: use new tmpfiles api 2024-01-24 05:13:17 +01:00
h7x4 e5f115b0d4
Merge pull request #283059 from Nanotwerp/patch-1 
nixos/corectrl: add package option
 2024-01-24 05:10:36 +01:00
github-actions[bot] 6a4e9dff73
Merge master into staging-next 2024-01-24 00:02:25 +00:00
Nanotwerp 6638cf69fe nixos/corectrl: add package option 
Co-authored-by: Emily <git@emilylange.de>
 2024-01-23 15:35:44 -05:00
github-actions[bot] 01a65d81f3
Merge master into staging-next 2024-01-23 18:00:56 +00:00
ppom 65544c693b
rustdesk-server: init module 2024-01-23 18:01:54 +01:00
Niklas Hambüchen aa6c8ae3a6
Merge pull request #253488 from nh2/install-grub-dont-stat-network-fs 
install-grub.pl: Do stat() last to not hang on hanging network FS
 2024-01-23 16:36:49 +01:00
Niklas Hambüchen b9ba9df3e8 install-grub.pl: Do stat() last to not hang on hanging network FS 2024-01-23 15:34:40 +00:00
Bjørn Forsman dadc54aabe nixos/installation-device: enable polkit 
Polkit enables running 'reboot' and 'poweroff' in the installer without
being root, and non-root is the default login for a few NixOS releases
now.

There's no size increase in the minimal ISO:

  $ git checkout nixpkgs-unstable
  $ nix-build -A config.system.build.isoImage -I nixos-config=nixos/modules/installer/cd-dvd/installation-cd-minimal.nix nixos/default.nix && du -sc ./result/iso/*.iso
  /nix/store/bfvbvrrqjmnqqhyqyxc0w32gagdz2rya-nixos-24.05.git.1149dab64e7-x86_64-linux.iso
  998404  ./result/iso/nixos-24.05.git.1149dab64e7-x86_64-linux.iso
  998404  total

  $ git checkout THIS_COMMIT
  $ nix-build -A config.system.build.isoImage -I nixos-config=nixos/modules/installer/cd-dvd/installation-cd-minimal.nix nixos/default.nix && du -sc ./result/iso/*.iso
  /nix/store/l9x9rwlvfddnri70h1ifx865q0cvka5l-nixos-24.05.git.1149dab64e7-x86_64-linux.iso
  998404  ./result/iso/nixos-24.05.git.1149dab64e7-x86_64-linux.iso
  998404  total
 2024-01-23 16:10:31 +01:00
Bruno BELANYI 70d0a6e547 nixos/pyload: init 2024-01-23 15:04:44 +00:00
Raito Bezarius 72e23635e6 nixos/mail/dovecot2: imapsieve.mailbox.*.causes is a list 
Otherwise, it's not possible to pass `COPY,APPEND` properly.
 2024-01-23 14:04:08 +01:00
Raito Bezarius caf9e51e0f nixos/mail/dovecot2: re-introduce extra settings and rename sieveScripts 
https://github.com/NixOS/nixpkgs/pull/275031 introduced structured configuration
for the dovecot2 sieve plugin, by doing so, it broke SNM configuration doing Sieve configurations.

This attempts to fix up the public API to make it possible for SNM to pick up the pieces.
 2024-01-23 14:04:08 +01:00
Kartik Gokte dde72e969e nixos/prometheus-pve-exporter: updated schema and options to v3.2.1 2024-01-23 11:19:37 +05:30
Brenton Simpson f571033ce0 handheld-daemon: use kebab-case instead of camelCase for service name 2024-01-22 19:26:43 -08:00
Brenton Simpson bcf9a24332 handheld-daemon: init at 0.2.7 2024-01-22 19:26:42 -08:00
github-actions[bot] 8303a96c2d
Merge master into staging-next 2024-01-23 00:02:30 +00:00
Peder Bergebakken Sundt 76e9a3eafc
Merge pull request #272147 from SuperSandro2000/archisteamfarm 
nixos/archisteamfarm: don't use asf abbreviation for more clarity
 2024-01-22 22:57:04 +01:00
Ryan Lahfa 5b14fea3d6
Merge pull request #280405 from RaitoBezarius/keepalived-unicast 
nixos/networking/keepalived: do not emit `unicastPeers` when there are none
 2024-01-22 22:43:29 +01:00
Raito Bezarius 08c9562995 keepalived: add myself as a maintainer 
I will use this for a while, so… let's keep it tidy.
 2024-01-22 21:56:04 +01:00
Ryan Lahfa 32a6e224ae
Merge pull request #282929 from minijackson/netbox-3.7.1 
Netbox 3.7.1
 2024-01-22 20:52:54 +01:00
Robert Schütz 6de0d9293e
Revert "Dovecot: Do not include empty sieve_extensions and sieve_global_extensions" 2024-01-22 10:02:51 -08:00
github-actions[bot] 3c7375b75c
Merge master into staging-next 2024-01-22 18:00:55 +00:00
nikstur 3ea482163b
Merge pull request #282320 from helsinki-systems/fix/nix-gc-unit-type 
nixos/nix-gc: Minor module fixups
 2024-01-22 17:49:18 +01:00
nikstur 733c8ee469
Merge pull request #282086 from nikstur/uki 
nixos/uki: init
 2024-01-22 17:43:09 +01:00
Minijackson 5d2370f800
netbox_3_5: remove 2024-01-22 16:31:45 +01:00
Minijackson 163fed297e
netbox: 3.6.9 -> 3.7.1 
Or another way to see it:

netbox_3_7: init at 3.7.1

Make NetBox 3.7 the default version if stateVersion >= 24.05,
switch upgrade test to test upgrade from 3.6 to 3.7,
remove clearcache command for >=3.7.0,
make reindex command mandatory
 2024-01-22 16:31:45 +01:00
Jörg Thalheim b0a5444e43
Merge pull request #282878 from Mic92/buildbot 
nixos/buildbot: don't require network-online.target
 2024-01-22 15:53:13 +01:00
Luke Granger-Brown f5344c8b87
Merge pull request #280658 from simonhollingshead/add-fixedrandomdelay 
nixos/auto-upgrade: add system.autoUpgrade.fixedRandomDelay
 2024-01-22 14:48:23 +00:00
github-actions[bot] 3a8094730e
Merge master into staging-next 2024-01-22 12:01:10 +00:00