tobias/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-11-14 03:36:04 +01:00
Code Issues Packages Projects Releases Wiki Activity
874707 commits 208 branches 129 tags 14 GiB
Commit graph

1601 commits

Author SHA1 Message Date
Felix Singer d06389e317 nixos/uptime-kuma: Ensure proper permissions for state directory 
Signed-off-by: Felix Singer <felixsinger@posteo.net>
 2025-10-07 15:54:51 +02:00
Felix Singer 7b791e1de7 nixos/uptime-kuma: Enable MountAPIVFS hardening in service config 
This setting is already implied by others, but add it for completeness
as well. For documentation see
https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#MountAPIVFS=

Signed-off-by: Felix Singer <felixsinger@posteo.net>
 2025-10-07 15:54:51 +02:00
Felix Singer 18af20e2b2 nixos/uptime-kuma: Set ProtectControlGroups to strict 
For documentation see
https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#ProtectControlGroups=

Signed-off-by: Felix Singer <felixsinger@posteo.net>
 2025-10-07 15:54:51 +02:00
Felix Singer 606424d609 nixos/uptime-kuma: Set ProtectProc to invisible 
For documentation see
https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#ProtectProc=

Signed-off-by: Felix Singer <felixsinger@posteo.net>
 2025-10-07 15:54:51 +02:00
Felix Singer 749fd94d19 nixos/uptime-kuma: Enable PrivateUsers hardening in service config 
For documentation see
https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#PrivateUsers=

Signed-off-by: Felix Singer <felixsinger@posteo.net>
 2025-10-07 15:54:51 +02:00
Acid Bong f418365067
maintainers: drop evils 2025-10-05 22:22:45 +03:00
Wolfgang Walther 91a8fee3aa
treewide: remove redundant parentheses 
Auto-fixed by nixf-diagnose.
 2025-10-05 10:52:03 +02:00
Wolfgang Walther c283f32d29
treewide: remove unused with 
Auto-fixed by nixf-diagnose.
 2025-10-05 10:50:41 +02:00
Wolfgang Walther 90e7159c55
treewide: remove unused rec 
Auto-fix by nixf-diagnose.
 2025-10-05 10:49:12 +02:00
xanderio e3a3b32cc2
nixos/loki: refine option descriptions (#442975) 2025-09-27 12:33:33 +00:00
Dionysis Grigoropoulos 377847e3c8
nixos/prometheus/storagebox: Init module 2025-09-26 20:24:04 +03:00
dish f4ac3ac7e4
{nixos/,}cockpit: add branding + small fixes (#413033) 2025-09-25 12:59:45 +00:00
jopejoe1 2032412fdb
various: use more accurate int types (#445244) 2025-09-22 21:50:55 +00:00
h7x4 a0f9e8c8b9
nixos/statsd: use types.port 2025-09-22 16:47:32 +02:00
h7x4 57c3d1033d
nixos/prometheus-exporters/fritzbox: use types.port 2025-09-22 16:32:58 +02:00
h7x4 32a008369e
various: prefer ints.between over enum for int ranges 2025-09-22 15:34:47 +02:00
Felix Stupp ef4b2e4f4b
nixos/loki: refine option descriptions 
- on `.enabled` make clear that Grafana Loki is meant
- on `.configuration` link to documentation
- on `.configFile` & `.configuration` make clear that both cannot specified together
 2025-09-14 20:31:31 +02:00
Maximilian Bosch 5f44bfc59b
nixos/grafana: document how to enable drilldown when using custom plugins 
IMHO, it's a bit surprising that drilldown doesn't show anything when
using `declarativePlugins` (and thus, the four apps are missing).

Add instructions on how to get these apps back.
 2025-09-14 13:42:22 +02:00
Jon Seager cfdb1500e3
scrutiny: remove jnsgruk from maintainers 2025-09-10 14:32:15 +01:00
Haylin Moore cf540f8c98 treewide/nixos: move number typed port options to types.port 2025-09-08 15:27:19 +02:00
andre4ik3 395b411240
nixos/cockpit: add SSH to wsinstance path and issue banner support 2025-09-05 17:57:23 +00:00
dish 2b2ff53811
prometheus-script-exporter: switch to maintained fork (#435767) 2025-09-05 11:57:06 -04:00
Maximilian Bosch 409107d2f5
nixos/grafana: don't set X-XSS-Protection anymore 
Part of #438800.

The OWASP recommentation[1] is:

> The X-XSS-Protection header has been deprecated by modern browsers
> and its use can introduce additional security issues on the client
> side. As such, it is recommended to set the header as X-XSS-Protection: 0
> in order to disable the XSS Auditor, and not allow it to take the default
> behavior of the browser handling the response. Please use
> Content-Security-Policy instead.

Hence, we turn this off, diverging from the upstream defaults here. An
upstream issue has been opened[2].

[1] https://owasp.org/www-project-secure-headers/#x-xss-protection
[2] https://github.com/grafana/grafana/issues/110369
 2025-08-31 15:22:16 +02:00
undefined 5365b3cdd9
gatus: 5.19.0 -> 5.23.2 2025-08-30 05:51:34 +08:00
Sandro bab1ec5bd3
victoriametrics & vmagent: Make the config check optional (#419908) 2025-08-27 22:25:51 +02:00
dish 970dcca69c
treewide: Fix links in module documentation 2025-08-25 12:55:11 -04:00
C4 Patino 4a80d00387
prometheus-script-exporter: switch to maintained fork 2025-08-22 23:47:48 -05:00
Maximilian Bosch eb6a408547
Merge: nixos/grafana: add prune option to provision.datasources (#431775) 2025-08-22 21:48:35 +02:00
misuzu 4b66d476f3
kminion: 2.2.7 → 2.2.13, init module (#318792) 2025-08-18 19:30:40 +03:00
Sandro b146c51ce7
vlagent: init at 1.25.0 (#424934) 2025-08-18 01:12:26 +02:00
Christina Sørensen 8373b65856
kminion: format source 
Signed-off-by: Christina Sørensen <ces@fem.gg>
 2025-08-17 14:07:18 +00:00
Jonathan Davies 314b467ac1
nixos/prometheus-exporters: Added kafka exporter 2025-08-17 14:07:13 +00:00
Maximilian Bosch c7eb566c41
nixos/grafana: add prune option to provision.datasources 
Closes #430532
 2025-08-07 17:03:57 +02:00
Matthias Beyer 2c06381907
nixos/traccar: Rework configuration file creation. (#413653) 2025-08-04 10:26:00 +02:00
Martin Weinelt 56674702b0
nixos/postfix: modernize, cleanup (#416840) 2025-08-02 23:50:59 +02:00
Frédéric Christ 51462b8a68 nixos/traccar: Rework configuration file creation. 
Previously, a flat attribute set was expected. The new implementation
uses nested attribute sets. This is a breaking change.
 2025-08-01 21:25:45 +02:00
Franz Pletz bec2364ee4
nixos/prometheus.exporters.bitcoin: fix SC2155 (#411022) 2025-07-31 17:18:43 +02:00
Martin Weinelt 7f52135a59
nixos/postfix: fold main and master config into settings attribute 2025-07-28 17:03:08 +02:00
Martin Weinelt 029f408b94
treewide: migrate postfix configurations to service.postfix.config 
The `services.postfix.config` option is a freeform type that represents
settings in `main.cf`. The top-level options on the postfix module were
replaced by these and that is the reason behind this migration.
 2025-07-28 16:42:17 +02:00
Grimmauld 84cbe9dce4
nixos/netdata: remove cgroup accounting enable 
cgroup accounting is enabled by default, and the option is scheduled for removal.
 2025-07-28 11:26:41 +02:00
Ryan Horiguchi 62d7be2954
nixos/netdata: fix module when withSystemdJournal = false 2025-07-27 07:32:56 +02:00
diniamo 5bb944c6f5 nixos/grafana: add openFirewall option 2025-07-25 10:02:17 +02:00
Shawn8901 37deae36ba nixos/vlagent: init 2025-07-24 19:55:02 +02:00
Wolfgang Walther 5a0711127c
treewide: run nixfmt 1.0.0 2025-07-24 13:55:40 +02:00
Wolfgang Walther 62fe016519
treewide: run treefmt with mdcr/nixfmt 2025-07-24 13:52:31 +02:00
Wolfgang Walther 6c47e7d5da
treewide: fix syntax errors in nix code blocks 
Fixes all code blocks with "nix" language in markdown files for syntax
errors to be able to run nixfmt in the next step.
 2025-07-24 13:52:29 +02:00
Felix Bargfeldt 4c6641db92
nixos/alertmanager-ntfy: improve documentation about topic option (#426956) 2025-07-23 19:35:42 +02:00
Maximilian Bosch 0bb1514207
nixos/alertmanager-ntfy: improve documentation about topic option 
This cannot be left unset, otherwise the evaluation would fail. However,
it should be treated as secret. Update description to reflect that.
 2025-07-23 18:51:19 +02:00
mivorasu d80ed4cb91 treewide: conform descriptions to the standards 
Co-authored-by: Pol Dellaiera <pol.dellaiera@protonmail.com>
 2025-07-22 23:44:23 +00:00
nixpkgs-ci[bot] adc74351e2
Merge staging-next into staging 2025-07-04 00:18:19 +00:00