1879 commits

Author	SHA1	Message	Date
Fabian Möller	da68f358bc	treewide: Remove usage of pkgs.{system,hostPlatform} aliases ... These aliases should not be used inside nixpkgs and are only there for backward compatibility.	2024-05-16 11:48:32 +02:00
Friedrich Altheide	64512b6200	virtualboxGuestAdditions: Add dragAndDrop service	2024-05-13 06:36:03 +02:00
Adam C. Stephens	215dd64e07	Merge pull request #307039 from adamcstephens/nixos-unstable ... nixos/incus: add support for soft daemon restarts	2024-05-09 09:59:37 -04:00
Adam Stephens	7d5b333dcd	nixos/incus: add support for soft daemon restart ... This is a feature supported out of the box by upstream and allows the incusd service to be restarted without impacting running instances. While this does give up a bit of reproducibility, qemu and lxc for example, there are clear benefits in allowing the host to apply updates without impacting instances. Modeled after the zabbly implementation: 2a67c3e260/systemd/incus-startup.service This will now be the default.	2024-05-09 09:01:12 -04:00
Sandro Jäckel	d8137e77ec	nixos/containers: set storage.settings via mkDefault ... to make them easily overwriteable, aka without mkForce	2024-05-06 16:34:00 +02:00
Leona Maroni	d9bdb87f7d	Merge pull request #307498 from SuperSandro2000/podman-storage-default ... nixos/containers: move storage.settings default into config	2024-05-03 22:31:06 +02:00
Robert Hensing	188ba247d5	nixos/podman: Create docker socket symlink via socket unit (#305803) ... This ensures that both "sockets" are available after sockets.target. See https://github.com/hercules-ci/arion/issues/238	2024-05-02 14:04:37 +00:00
Adam C. Stephens	51cc3442af	Merge pull request #307218 from adamcstephens/incus/more-deps ... nixos/incus: add missing packages to path	2024-05-01 09:08:22 -04:00
Michele Guerini Rocco	08e2a324ed	Merge pull request #287821 from ajamtli/qemu-vm-virtfs-security-model ... nixos/qemu-vm: add option to specify security model to use for a shared directory	2024-04-30 10:44:37 +02:00
illustris	523f157dba	nixos/proxmox-image: change scsi controller model to upstream default	2024-04-29 11:01:45 +05:30
Sandro Jäckel	aaa86f2926	nixos/containers: move storage.settings default into config ... This avoids having to use workarounds like the following to retain the default settings which podman requires to run. virtualisation.containers.storage.settings = lib.recursiveUpdate options.virtualisation.containers.storage.settings.default { storage.options.mount_program = lib.getExe pkgs.fuse-overlayfs; };	2024-04-28 17:55:56 +02:00
illustris	fe35866a2e	nixos/proxmox-image: add cloud init disk and use cloud-init by default	2024-04-28 00:48:18 +05:30
illustris	b90b63db92	nixos/proxmox-image: qemu: 7.2.1 -> 8.1.5	2024-04-27 22:43:09 +05:30
Adam Stephens	4ca0d88d17	nixos/incus: add missing packages to path ... I manually audited all `RunCommand` and `exec.LookPath` calls in the incus repo, combined with the following information /run/wrappers/bin lxc usable-cub 20240427123718.368 WARN idmap_utils - ../src/lxc/idmap_utils.c:lxc_map_ids:165 - newuidmap binary is missing iw lxc 20240427123830.358 ERROR network - ../src/lxc/network.c:lxc_netdev_move_wlan:1679 - Couldn't find the application iw in PATH minio-client https://github.com/lxc/incus/pull/777 ceph-client Added, but could be missing bits to actually work May need full ceph package for `radosgw-admin` for object storage?	2024-04-27 09:55:36 -04:00
illustris	6b2373aee1	nixos/proxmox-image: remove raw image from hydra-build-products	2024-04-27 18:34:18 +05:30
Adam C. Stephens	2a899c07e4	Merge pull request #301564 from adamcstephens/lxc/6 ... lxc: 5.0.3 -> 6.0.0	2024-04-26 16:26:14 -04:00
Someone	7035968845	Merge pull request #290979 from ereslibre/cdi-add-nvidia-docker-1-directories ... CDI: Add `mount-nvidia-binaries` and `mount-nvidia-docker-1-directories` options	2024-04-23 19:55:41 +00:00
Rafael Fernández López	471ff2c33c	nixos/nvidia-container-toolkit: rename from virtualisation.containers.cdi.dynamic.nvidia.enable ... Add the NixOS option `hardware.nvidia-container-toolkit-cdi-generator.enable`. This enables the ability to expose GPU's in containers for container runtimes that support the Container Device Interface (CDI) Remove `cdi.static` and `cdi.dynamic.nvidia.enable` attributes.	2024-04-23 12:26:00 +02:00
Martin Weinelt	8541ec6d85	nixos/incus: add support for software TPMs ... Was previously broken due to a missing runtime dependency. > Error: Failed to start device "vtpm": Failed to validate environment: Required tool 'swtpm' is missing	2024-04-23 12:04:14 +02:00
Adam Stephens	f171f4ffd4	nixos/lxc: add package option and use for incus/lxd	2024-04-22 08:31:05 -04:00
Anders Johan Jamtli	cb46e6864b	nixos/qemu-vm: set secrurity model for 'shared' and 'certs' directories to 'none'	2024-04-22 05:55:58 +02:00
Anders Johan Jamtli	7aa7920fb0	Revert "nixos/qemu-vm: set security model for 'xchg' directory to 'none'" ... This reverts commit c16ff7f9f3.	2024-04-22 05:49:11 +02:00
Anders Johan Jamtli	c16ff7f9f3	nixos/qemu-vm: set security model for 'xchg' directory to 'none' ... Co-authored-by: Michele Guerini Rocco <rnhmjoj@users.noreply.github.com>	2024-04-22 05:41:11 +02:00
André Schröder	168793f151	digital-ocean: revert "make it easier to use disko" ... This reverts parts of commit d87c4e1a72 from @Mic92 After switching from nixos-23.11 to nixos-unstable, I got the following error: ``` $ nixos-rebuild switch --flake nixos/#digitalocean ... error: Failed assertions: - You must set the option ‘boot.loader.grub.devices’ or 'boot.loader.grub.mirroredBoots' to make the system bootable. ``` In my nixos config I don't set boot.loader.grub.devices or boot.loader.grub.mirroredBoots explicitly. It seems like the values are not really defaulted via mkDefault? I am still relatively new to Nix, not sure how to fix this properly, so I am proposing to revert this change.	2024-04-21 11:36:17 +02:00
Anders Johan Jamtli	11dfebc306	nixos/qemu-vm: set security model 'none' for shared xchg directory ... Co-authored-by: Michele Guerini Rocco <rnhmjoj@users.noreply.github.com>	2024-04-21 07:35:44 +02:00
Anders Johan Jamtli	b73cc8fe46	Merge branch 'NixOS:master' into qemu-vm-virtfs-security-model	2024-04-20 07:43:49 +02:00
Anders Johan Jamtli	5612e8ba7b	nixos/qemu-vm: removed use of lib.mdDoc ... Co-authored-by: éclairevoyant <848000+eclairevoyant@users.noreply.github.com>	2024-04-19 19:03:55 +02:00
Adam Stephens	76c69af624	nixos/lxd-virtual-machine: enable CPU hotplug for x86 VMs	2024-04-18 10:36:55 -04:00
stuebinm	6afb255d97	nixos: remove all uses of lib.mdDoc ... these changes were generated with nixq 0.0.2, by running nixq ">> lib.mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> Inherit >> mdDoc[remove]" --batchmode nixos/**.nix two mentions of the mdDoc function remain in nixos/, both of which are inside of comments. Since lib.mdDoc is already defined as just id, this commit is a no-op as far as Nix (and the built manual) is concerned.	2024-04-13 10:07:35 -07:00
Jörg Thalheim	949fe90552	Merge pull request #297640 from Mic92/digitalocean ... digital-ocean: 'make it easier to use disko' and 'no longer disable multiple nixos generations in bootloader'	2024-04-10 09:08:20 +02:00
Felix Buehler	42de9f06d5	nixos/vagrant-guest: prefer 'install' over 'chmod'	2024-04-09 21:41:00 +02:00
Adam C. Stephens	f3ee2a75d4	Merge pull request #301712 from adamcstephens/incus/6 ... incus: 0.7.0 -> 6.0.0, add lts	2024-04-08 23:25:58 -04:00
Adam Stephens	dce92a3114	incus-lts: init at 6.0.0 and make default	2024-04-08 14:18:02 -04:00
Kira Bruneau	f0034ee975	Merge pull request #297517 from kira-bruneau/nixos-containers ... nixos/nixos-containers: require mounts for bind mount host paths	2024-04-06 18:07:45 -04:00
Ryan Lahfa	99ca8d4ea5	Merge pull request #300757 from K900/installer-tests-unfucking ... nixos/tests/installer: spring cleaning	2024-04-05 03:50:39 -07:00
K900	15d95c7b74	nixos/qemu-vm: split up the "keep EFI variables from system image" logic	2024-04-05 09:00:12 +03:00
Kira Bruneau	7f3643bef6	nixos/nixos-containers: require mounts for bind mount host paths ... Fixes starting containers before bind mount host paths are mounted	2024-04-04 19:48:15 -04:00
K900	7b602cff5c	nixos/tests/installer: avoid create_machine, clean up ... - use normal VM nodes for target, with some extra trickery - rename preBootCommands to postBootCommands to match its actual intent - rename VMs to installer and target, so they're not all called machine - set platforms on non-UEFI tests properly - add missing packages for systemd-boot test - fix initrd secrets leaking into the store and having wrong paths	2024-04-03 16:16:11 +03:00
Adam Stephens	893be2587b	lxd: rename to lxd-lts	2024-04-02 19:35:44 -04:00
Adam Stephens	91a3a6a29b	lxd-ui: move to standalone by-name and format	2024-04-02 00:10:11 -04:00
Adam Stephens	cf4a88db79	nixos/incus: fix OVMF path for existing VMs	2024-03-29 15:33:26 -04:00
K900	95318bd0b8	Merge pull request #290122 from FriedrichAltheide/virtualbox-guest-additions-fixes ... virtualbox: guest additions resize & clipboard fixes	2024-03-28 11:42:22 +03:00
Adam Stephens	a5a4da89ba	incus: 0.6 -> 0.7	2024-03-26 20:08:43 -04:00
Friedrich Altheide	f0887fa040	virtualbox: fix guest additions resize support ... - Build virtualbox guest additions from source and fix paths - Install VBoxDRMClient to support resizing - Support resizing on wayland and x11 - Adding multiple new options - clipboard - seamless - Removing x11 option - Support linux 6.8	2024-03-26 11:47:00 +01:00
Adam C. Stephens	c9c612f159	Merge pull request #294548 from adamcstephens/incus/override ... incus: move wrapper to nixos module	2024-03-25 16:40:14 -04:00
Jörg Thalheim	3f71d1bc02	digital-ocean: no longer disable multiple nixos generations in bootloader ... Since digitalocean has a recovery console it's possible to boot into an old generation.	2024-03-21 08:10:00 +01:00
Jörg Thalheim	d87c4e1a72	digital-ocean: make it easier to use disko ... If the user provides a `fileSystems."/".device` option, it should have higher precedence than the default value. Same for `loader.grub.devices` (also set by disko internally).	2024-03-21 08:09:27 +01:00
Florian Klink	39ebd395cc	Merge pull request #224666 from grindhold/container_underscores ... check nixos-container names for underscores	2024-03-20 11:41:34 +02:00
Adam Stephens	deb5be50c4	incus: move wrapper to nixos module	2024-03-19 22:48:07 -04:00
Arian van Putten	d211b80d29	Merge pull request #294493 from endgame/ec2-image-ssm-agent ... nixos/amazon-image: Enable Amazon SSM Agent by default	2024-03-16 17:57:42 +01:00
Rok Garbas	6f11ba9ffe	Merge branch 'master' into amazon-ec2-amis	2024-03-13 00:37:12 +01:00
Azat Bahawi	d3e30a442b	nixos/incus: fix systemd service path ... Fixes a regression introduced in #294754.	2024-03-12 20:03:36 +03:00
cmspam	701fcd7982	nixos/incus: add openvswitch support ... 1. Added openvswitch integration to incus service. 2. Added tests to test openvswitch functionality with incus.	2024-03-12 01:03:39 +00:00
Jack Kelly	dc158268f7	nixos/amazon-image: Enable Amazon SSM Agent by default ... Amazon-provided EC2 images do this. See: https://docs.aws.amazon.com/systems-manager/latest/userguide/ami-preinstalled-agent.html	2024-03-08 16:24:00 +10:00
Sandro	5f39678474	Merge pull request #292552 from diogotcorreia/oci-containers-fix-stop-one-shot ... nixos/oci-containers: ignore nonexistent container when stopping	2024-03-07 21:23:51 +01:00
adisbladis	5cdb38bb16	Merge pull request #288579 from blitz/vbox-kvm-2 ... virtualboxKvm: init	2024-03-05 18:58:57 +13:00
Arian van Putten	cc04ae5878	nixos/amazon-ec2-amis: Add NixOS 23.11 ... Note that this list will stop being updated from now on. Please use https://nixos.github.io/amis/ and https://nixos.github.io/amis/images.json instead. We are working on integrating this in the https://nixos.org/ website These get updated for every channel bump.	2024-03-02 22:40:50 +01:00
nikstur	b6401f808a	Merge pull request #292636 from RaitoBezarius/smm-works-for-something-else-than-x86-actually ... OVMF: remove invalid `assert` on SMM	2024-03-02 21:04:12 +01:00
Maciej Krüger	55ead8c56a	Merge pull request #290976 from adamcstephens/incus/nft ... nixos/incus: assert nftables is used when firewall is enabled	2024-03-02 17:40:44 +01:00
nikstur	ce1d1f3e6c	nixos/qemu-vm: remove implicit dependency on SSM ... The qemu module shouldn't implicitly (and for all architectures) enable SSM when enabling Secure Boot. Additionally, this breaks aarch64 Secure Boot tests because this module doesn't use the right machine type for anything but X86.	2024-03-01 23:40:36 +01:00
Diogo Correia	81f21e3936	nixos/oci-containers: ignore nonexistent container when stopping ... Fixes #292551	2024-03-01 10:41:00 +00:00
Sandro	b8ec4c1475	Merge pull request #290449 from Kiskae/patch-2 ... nixos/podman: pass proxy variables to podman API	2024-03-01 00:37:27 +01:00
Julian Stecklina	a9822fa200	nixos/virtualbox-host: expose option to run with KVM	2024-02-28 17:36:22 +01:00
Adam C. Stephens	af810fc67e	Merge pull request #284874 from shlevy/ovmf-ms ... Enable MS-compatible secure boot with OVMF	2024-02-25 22:34:05 -05:00
Sandro	f8545e512d	Merge pull request #289166 from thanegill/remove-grub-version ... treewide: remove deprecated grub.version references	2024-02-25 18:20:33 +01:00
Ryan Lahfa	077d41f9d8	Merge pull request #289856 from pennae/supfs-set ... nixos/filesystems: make supportedFilesystems an attrset	2024-02-25 18:05:29 +01:00
Thane Gill	e3d82657a2	treewide: remove deprecated grub.version references	2024-02-25 08:29:58 -08:00
Peder Bergebakken Sundt	736c43fecc	Merge pull request #288215 from budimanjojo/patch-1 ... nixos/oci-containers: don't login if image exists locally	2024-02-25 14:32:32 +01:00
Adam Stephens	6a0ad369f2	nixos/incus: assert nftables is used when firewall is enabled ... incus manages its own firewall rules and prefers nftables. The advantages of nftables for segmenting multiple tools managing firewall rules is sufficient to require nftables with incus. https://linuxcontainers.org/incus/docs/main/howto/network_bridge_firewalld/#use-incus-firewall	2024-02-23 15:49:33 -05:00
Someone	ee3923ed7d	Merge pull request #284507 from ereslibre/containers-cdi ... NixOS: Add support for CDI	2024-02-22 13:03:18 +00:00
Rafael Fernández López	8ba61ebb8a	services/hardware: add nvidia-container-toolkit	2024-02-21 22:17:07 +01:00
Kiskae	fe93ea4e8e	nixos/podman: pass proxy variables to podman API	2024-02-21 16:29:11 +01:00
Maciej Krüger	39b4c0d686	nixos/lxc-container: link to prepare-root when boot.initrd.systemd.enable is on ... Previously we were doing some parts like activation in the init script, so linking to that works for non-systemd init With boot.initrd.systemd.enable we no longer run activation in the init script, but instead a new script named prepare-root, which is used instead.	2024-02-20 23:12:41 +01:00
pennae	258b935d70	nixos/filesystems: make supportedFilesystems an attrset ... this lets us *dis*able filesystem explicitly, as is required by e.g. the zfs-less installer images. currently that specifically is only easily possible by adding an overlay that stubs out `zfs`, with the obvious side-effect of also removing tooling that could run without the kernel module loaded.	2024-02-19 11:46:52 +01:00
budimanjojo	fd3fa9f2d3	nixos/oci-containers: check if image exists locally before failing ... Signed-off-by: budimanjojo <budimanjojo@gmail.com>	2024-02-19 10:38:26 +07:00
Maciej Krüger	a6e237a86a	modules/incus: add ui flag	2024-02-17 16:49:32 +01:00
Rafael Fernández López	fd464f0543	virtualisation/containers: add support for providing static CDI definitions	2024-02-17 16:34:12 +01:00
Anders Johan Jamtli	a77095a2af	nixos/qemu-vm: added security model for shared host nix store ... Setting security model for shared host nix store to 'none'. Using the default 'mapped-xattr' model results in a kernel panic when running the VM.	2024-02-17 07:18:52 +01:00
Anders Johan Jamtli	2c74da898e	nixos/qemu-vm: changed default security model ... Changed the default security model for shared directories from 'none' to the 'mapped-xattr'. QEMU recommends using this option for its security and reliability benefits.	2024-02-16 06:26:26 +01:00
Anders Johan Jamtli	200e3a934b	nixos/qemu-vm: added description of security model options, removed 'mapped' security model ... Co-authored-by: Michele Guerini Rocco <rnhmjoj@users.noreply.github.com>	2024-02-16 05:52:12 +01:00
Shea Levy	9188bb5186	OVMF: Add test with secure boot enabled ... Co-authored-by: Arthur Gautier <arthur.gautier@arista.com>	2024-02-15 12:13:05 -05:00
Sandro	886449aef2	Merge pull request #268979 from con-f-use/warn_docker_storage_driver ... nixos/docker: warn about changing storageDriver and remove `devicemapper` value	2024-02-12 19:46:05 +01:00
Will Fancher	d4ee957afa	Merge pull request #287445 from fricklerhandwerk/qemu-env-vars ... doc: expand on parameters passed to QEMU VMs	2024-02-10 22:12:06 -05:00
Anders Johan Jamtli	777f5b67c2	nixos/qemu-vm: add option to specify security model to use for a shared directory	2024-02-10 17:19:25 +01:00
Peder Bergebakken Sundt	c43fd32e03	Merge pull request #248315 from apeschar/oci-containers-backend-stop ... nixos/oci-containers: stop container using backend	2024-02-10 17:12:56 +01:00
Arian van Putten	a1232992ac	nixos/amazon-image: Take over maintainership ... I am actively working on bringing back Amazon Images for 24.05. Please track progress in https://github.com/nixos/amis	2024-02-09 18:02:40 +01:00
Valentin Gagarin	e385b36a32	Merge pull request #287438 from fricklerhandwerk/qemu-docs-link	2024-02-09 15:37:35 +01:00
Valentin Gagarin	85f4b05e39	doc: add link to QEMU reference documentation in QEMU module	2024-02-09 11:21:07 +01:00
Valentin Gagarin	11c26d4cc5	use code for env var notation	2024-02-09 11:16:28 +01:00
Valentin Gagarin	d9009e0028	doc: expand on parameters passed to QEMU VMs	2024-02-09 10:48:52 +01:00
WilliButz	0139970416	nixos/qemu-vm: convert tmpfiles rules to settings ... This change replaces the previously hard-coded `/boot` path with a reference to `efiSysMountPoint` and more importantly this change makes it possible to override these rules in scenarios in which they are not desired. One such scenario would be when `systemd-gpt-auto-generator(8)` is used to automount the ESP. Consider this section from the mentioned manpage: > The ESP is mounted to /boot/ if that directory exists and is not used > for XBOOTLDR, and otherwise to /efi/. Same as for /boot/, an automount > unit is used. The mount point will be created if necessary. Prior to this change, the ESP would be automounted under `/efi` on first boot, then the previous tmpfiles rules caused `/boot` to be created. Following the quote above, this meant that the ESP is mounted under `/boot` for each subsequent boot.	2024-02-07 16:25:30 +01:00
Izorkin	9ad115e5f3	nixos/libvirt: changing process priority for oom killer	2024-02-04 19:54:02 +03:00
Adam Stephens	7585f26855	nixos/incus: add zfs/lib/udev to path ... Incus needs to find zvol_id for some operations, but zfs does not put this executable in the bin directory. Exposing lib/udev into the Incus path solves discovery of the executable e5690705e8/internal/server/storage/drivers/driver_zfs_volumes.go (L1820C1-L1820C41)	2024-02-02 12:36:41 -05:00
Franz Pletz	e7279b9102	Merge pull request #281186 from Sohalt/podman-dns-firewall	2024-01-19 17:01:23 +01:00
Jade Lovelace	fe474ed61a	nixos: fix remaining services for network-online dep fix	2024-01-19 00:11:34 -08:00
Jade Lovelace	6c5ab28fce	nixos: fix a bunch of services missing dep on network-online.target ... This was done by generating a truly hilarious configuration: rg 'services\.[^.]+\.enable\t' opts-tags | cut -f1 > allonconfig.nix The following were not tested due to other evaluation errors. They should probably be manually audited. services.amule services.castopod services.ceph services.chatgpt-retrieval-plugin services.clamsmtp services.clight services.dante services.dex services.discourse services.dwm-status services.engelsystem services.foundationdb services.frigate services.frp services.grocy services.guacamole-client services.hedgedoc services.home-assistant services.honk services.imaginary services.jitsi-meet services.kerberos_server services.limesurvey services.mastodon services.mediawiki services.mobilizon services.moodle services.mosquitto services.nextcloud services.nullmailer services.patroni services.pfix-srsd services.pgpkeyserver-lite services.postfixadmin services.roundcube services.schleuder services.self-deploy services.slskd services.spacecookie services.statsd services.step-ca services.sympa services.tsmBackup services.vdirsyncer services.vikunja services.yandex-disk services.zabbixWeb	2024-01-19 00:11:34 -08:00
Adam C. Stephens	887d3f54c6	Merge pull request #278753 from adamcstephens/incus/migrate-test ... incus, lxd: ensure lxd->incus migration is supported and tested	2024-01-18 08:01:23 -05:00
sohalt	38b2778765	nixos/podman: open firewall for aardvark-dns	2024-01-15 18:43:48 +01:00
Adam Stephens	ffdcec2d94	nixos/tests/incus: add lxd-to-incus migration test	2024-01-14 09:26:49 -05:00
Alois Wohlschlager	77e5fa5ea6	nixos/libvirtd: support out-of-tree vhost-user drivers ... Add an option allowing packages containing out-of-tree vhost-user drivers for QEMU to be specified. The relevant configurations are then linked at runtime where libvirt expects them. An example use case for this is virtiofs.	2024-01-13 00:39:33 +01:00
Peder Bergebakken Sundt	92327152cd	Merge pull request #274813 from pbsds/lxd-package-option-fix ... nixos/lxd: convert cfg.package and company to mkPackageOption	2024-01-09 23:36:42 +01:00
Philip Taron	da90576aac	nixos/lxd-agent: fix evaluation regression caused by nixos/nixpkgs#271326	2023-12-30 08:45:30 -08:00
nikstur	682cb1d640	nixos/vmware-host: replace activationScript ... Replace with a dedicated system servie ordered before the other VMWare services.	2023-12-29 03:16:03 +01:00
Adam Stephens	3f8b1d2d26	nixos/lxd-agent: add system path for exec	2023-12-28 14:27:05 -05:00
nikstur	c9569af3e0	Merge pull request #271326 from philiptaron/shutdown.target ... treewide: depend on `shutdown.target` if `DefaultDependencies=no` in almost every case	2023-12-27 08:33:26 +01:00
Mihai-Drosi Câju	800af4240b	nixos/waydroid: Replace requirement for ASHMEM with MEMFD_CREATE ... * fixes #250302 * ASHMEM was removed in Linux 5.18 and waydroid can use MEMFD instead. MEMFD is enabled by default in 4.18 and later kernels while we already require this version for namespace support.	2023-12-24 16:04:20 +02:00
Florian Klink	b6cad0fd94	Merge pull request #274220 from flokli/waagent-cleanups ... waagent: cleanups	2023-12-19 19:19:40 +02:00
Adam C. Stephens	6b43e4b0bc	Merge pull request #260128 from adamcstephens/lxd/no-restart-agent ... nixos/lxd-agent: prevent restarting on change	2023-12-19 08:41:21 -05:00
Florian Klink	f1c8d0709b	nixos/waagent: provide waagent udev rules in initrd ... This should make /dev/disk/azure appear in-initrd too.	2023-12-18 13:18:11 +02:00
Florian Klink	276939e0a1	nixos/waagent: move runtime dependencies to systemd service ... The udev rules shell out to chmod, cut and readlink, which are available for udev rules (see https://github.com/NixOS/nixpkgs/pull/274236).	2023-12-18 13:18:11 +02:00
Peder Bergebakken Sundt	4071c294ac	nixos/lxd: convert cfg.package to mkPackageOption ... Also fixes the documentation of `virtualisation.lxd.ui.package`, which currently says the package is `pkgs.ui`	2023-12-16 21:30:18 +01:00
Adam Stephens	27064dd722	nixos/lxc: remove with lib	2023-12-04 10:06:54 -05:00
Adam Stephens	ccb7b8e309	nixos/lxcfs: remove with lib	2023-12-04 10:06:52 -05:00
Adam Stephens	6765aac154	treewide/lxc: set lxc team as maintainer	2023-12-04 10:06:50 -05:00
Silvan Mosberger	54c8a15650	Merge pull request #271247 from h7x4/treewide-mkpackageoptionmd-to-mkpackageoption ... treewide: replace `mkPackageOptionMD` with `mkPackageOption`	2023-12-01 02:09:10 +01:00
Philip Taron	0a226a0639	nixos/qemu: ensure correct ordering w.r.t. shutdown.target	2023-11-30 15:44:36 -08:00
Philip Taron	07004b46ac	nixos/lxd-agent: ensure correct ordering w.r.t. shutdown.target	2023-11-30 15:42:49 -08:00
Franz Pletz	9619439772	Merge pull request #270004 from Stunkymonkey/libvirtd-add-netcat	2023-11-30 21:04:02 +01:00
Franz Pletz	32caf62376	Merge pull request #268887 from jchw-forks/libvirt-nss	2023-11-30 20:48:24 +01:00
h7x4	79d3d59f58	treewide: replace mkPackageOptionMD with mkPackageOption	2023-11-30 19:03:14 +01:00
Maciej Krüger	50bb5d3338	Merge pull request #264929 from adamcstephens/incus/generator	2023-11-30 16:01:35 +01:00
Weijia Wang	feeae486de	Merge pull request #261702 from h7x4/replace-mkoption-with-mkpackageoption ... treewide: use `mkPackageOption`	2023-11-30 02:49:30 +01:00
Adam Stephens	0fdef67e07	nixos/lxc-container: add adamcstephens as maintainer	2023-11-28 15:14:45 -05:00
Adam Stephens	2cd9619801	nixos/lxc-container: use lxc systemd generator	2023-11-28 15:14:43 -05:00
h7x4	0a37316d6c	treewide: use mkPackageOption ... This commit replaces a lot of usages of `mkOption` with the package type, to be `mkPackageOption`, in order to reduce the amount of code.	2023-11-27 01:28:36 +01:00
Robert Hensing	ecef65f019	Merge pull request #269970 from emilylange/nixos-containers-warning ... nixos/containers: warn if containers are used but disabled	2023-11-26 19:39:32 +01:00
Mihai-Drosi Câju	be6ac65b52	nixos/waydroid: remove with lib; and friends	2023-11-26 17:13:15 +02:00
Felix Buehler	1b5617e25b	nixos/libvirtd: add netcat and support ... see: https://github.com/NixOS/nixpkgs/issues/180806	2023-11-25 23:45:18 +01:00
emilylange	1c404d2584	nixos/containers: warn if containers are used but disabled ... This is a follow-up to 8dfe8e447e.	2023-11-25 20:01:42 +01:00
con-f-use	5254684a0f	nixos/docker: warn about changing storageDriver ... Add warning to the documentation of `virtualisation.docker.storageDriver` that changing will cause any existing containers and images to become inaccessible.	2023-11-21 16:00:36 +01:00
John Chadwick	412543ddd8	nixos/libvirtd: add support for nss modules	2023-11-21 01:39:02 -05:00
Yang, Bo	6d69feb35e	google-compute-image: add the missing /boot filesystem	2023-11-18 13:37:42 +01:00
Yang, Bo	bff548fef1	waagent: enable provisioning	2023-11-14 19:47:27 +01:00
Maciej Krüger	c647a12d7f	Merge pull request #265725 from nbraud/nixos/sudo-rs/gce	2023-11-11 18:09:20 +01:00
Thiago Kenji Okada	da8c62363e	Merge pull request #266310 from Atry/patch-4 ... azure-agent: add dependencies for its extensions	2023-11-09 09:52:10 +00:00
Yang, Bo	1ce985242c	google-compute-image: support NVMe and UEFI	2023-11-08 21:05:21 +01:00
Yang, Bo	c4086e5ce9	azure-agent: add dependencies for its extensions ... waagent's extension `Microsoft.OSTCExtensions.VMAccessForLinux` requires Python, otherwise it would be failed to install with the following error message in `/var/log/waagent.log`: ``` No Python interpreter found on the box ``` waagent's extension `Microsoft.CPlat.Core.RunCommandLinux` needs lsof, otherwise it would produce the following error message in `/var/log/waagent.log`: ``` /var/lib/waagent/Microsoft.Azure.Extensions.CustomScript-2.1.10/bin/custom-script-shim: line 60: lsof: command not found ```	2023-11-08 17:54:08 +00:00
Florian Brandes	2ed7a5ab59	nixos/virtualization: fix shellcheck login ... fixes https://www.shellcheck.net/wiki/SC2002 Signed-off-by: Florian Brandes <florian.brandes@posteo.de>	2023-11-07 13:40:42 +01:00
Alyssa Ross	8ab2f09522	nixos/qemu-vm: fix infinite recursion ... The virtualisation.directBoot.initrd option was added for netboot images, but the assertion to check directBoot enabled if it was used caused an infinite recursion if it was. Minimal reproduction: import nixos/tests/make-test-python.nix ({ pkgs, ... }: { name = ""; nodes = { machine = { config, ...}: { imports = [ nixos/modules/installer/netboot/netboot-minimal.nix ]; virtualisation.directBoot = { enable = true; initrd = "${config.system.build.netbootRamdisk}/${config.system.boot.loader.initrdFile}"; }; }; }; testScript = ""; }) {} The fix is to swap the two conditions, so that cfg.directBoot.enable is checked first, and the initrd comparision will be short circuited. This wasn't noticed during review because in earlier versions of the virtualisation.directBoot patch, the assertion was accidentally in the conditional above, so wasn't evaluated unless port forwarding was in use.	2023-11-06 13:49:31 +01:00
nicoo	89fd59c12a	nixos/vagrant-guest: Set security.sudo-rs.wheelNeedsPassword too	2023-11-06 12:39:04 +01:00
adisbladis	a1592fb410	Merge pull request #258299 from Arcayr/virtualisation-hostname ... nixos/virtualisation: add hostname option to oci-containers.	2023-11-06 10:44:26 +13:00
nicoo	326904b128	nixos/google-compute-config: Add sudo-rs rules	2023-11-05 20:33:19 +00:00
Lily Foster	5c5d730067	Merge pull request #262347 from adamcstephens/incus/module ... nixos/incus: init module and tests	2023-11-03 09:42:24 -04:00
Adam Stephens	3132ba6cda	nixos/incus: shutdown instances on service stop	2023-11-02 19:54:11 -04:00
Adam Stephens	3087595a6b	nixos/incus: preseed should not trigger socket-activation	2023-11-02 19:54:04 -04:00
Adam Stephens	1fff6a9031	nixos/incus: init module and tests	2023-11-02 19:54:02 -04:00
Franz Pletz	265ca81834	Merge pull request #241908 from picnoir/nin/oci-container-pre-start-list	2023-10-31 15:53:35 +01:00
K900	6f06066e94	nixos/containers: use latest stateVersion as example ... Hopefully this way we don't confuse people into thinking you have to set it to 21.05.	2023-10-27 12:56:12 +03:00
Albert Peschar	6ed6953e22	nixos/oci-containers: stop container using backend ... Make systemd actually call `podman stop` when stopping a container unit. Fixes #249332	2023-10-26 12:52:59 +00:00
Robert Hensing	5dfc78a8ad	Merge pull request #262021 from Enzime/linux-builder-cross ... linux-builder: support `x86_64-linux` on `aarch64`	2023-10-24 14:34:29 +02:00