tobias/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-11-15 20:27:38 +01:00
Code Issues Packages Projects Releases Wiki Activity
886571 commits 216 branches 129 tags 15 GiB
Commit graph

2714 commits

Author SHA1 Message Date
Maximilian Bosch 285ea04d23
nextcloud32: init at 32.0.0 (#446632) 2025-10-09 18:00:09 +00:00
Maximilian Bosch cc1a69468d
nixos/nextcloud: avoid duplicate X-Robots-Tag header, remove option nginx.recommendedHttpHeaders (#449186) 2025-10-09 17:47:13 +00:00
Michael Hoang aeb2db1591 nixos/lasuite-meet: make settings lazy! 2025-10-09 16:43:03 +02:00
Martin Weinelt 531f6038cf
nixos/pretalx: run pretalx-manage migrate on plugin changes and upgrades (#450102) 2025-10-09 14:31:12 +00:00
Sandro Jäckel ad9e817cc2
nixos/pretalx: run pretalx-manage migrate on plugin changes and upgrades 
Some plugins like https://github.com/pretalx/pretalx-media-ccc-de
require database migrations to properly work.
 2025-10-09 16:11:46 +02:00
teutat3s ed6fed3410
nixos/nextcloud: recommended nginx headers should 
not be optional, because upstream recommends them
https://docs.nextcloud.com/server/stable/admin_manual/installation/harden_server.html#serve-security-related-headers-by-the-web-server
 2025-10-09 10:09:42 +02:00
teutat3s c794451fee
nixos/nextcloud: avoid duplicate X-Robots-Tag header 
We already set this header in nginx, and a duplicate header can lead to
issues, like: https://github.com/nextcloud/notes-android/issues/2848
 2025-10-09 09:42:29 +02:00
Bruno BELANYI 5ca9078d7f
nixos/homebox: update module (#436651) 2025-10-08 21:13:53 +00:00
dish 47a0293617
nixos/pixelfed: remove X-XSS-Protection header 
not recommended to set it, per OWASP, as it can actually introduce
security issues

https://owasp.org/www-project-secure-headers/#x-xss-protection
 2025-10-07 14:06:30 -04:00
h7x4 35ef0e22e8
nixos/linkwarden: init module, linkwarden: init at 2.13.0 (#347353) 2025-10-07 15:50:50 +00:00
Jan van Brügge 0bf693cb0f
nixos/linkwarden: init module 2025-10-07 12:57:55 +01:00
provokateurin f8d0f08acc
nixos/nextcloud: Use php84 by default 
php84 is supported by nextcloud31 and nextcloud32 and brings some additional performance improvements in nextcloud32.
 2025-10-07 09:45:28 +02:00
provokateurin 34a7111f89
nextcloud32: init at 32.0.0 2025-10-07 09:45:28 +02:00
Marcus Ramberg 39e076de80
nixos/immich: fix eval with settings == null (#449271) 2025-10-07 06:45:18 +00:00
Robert Schütz f1e52abf0d nixos/immich: fix eval with settings == null 
Using the module without declarative settings previously failed with

    error: attribute 'settingsFile' missing
 2025-10-06 15:08:09 -07:00
sadorowo 63da2caa10
fix: add missing lib.escapeShellArg 2025-10-06 13:58:53 +00:00
dish 231b923f0a
{nixos/,}.tt-rss: drop (#448401) 2025-10-06 13:54:05 +00:00
Florian Klink a2d829eaa7
nixos/gerrit: Apply more hardening settings (#448870) 2025-10-06 11:13:38 +00:00
dotlambda 65fb719b8c
nixos/immich: add secretSettings option (#448238) 2025-10-06 09:07:08 +00:00
Martin Weinelt 4d28f658ba
nixos/limesurvey: add nginx support 
The majority of services in nixpkgs uses nginx, so for better coexistence
we add support for it. The option design follows that of mediawiki.

Co-Authored-By: Julien Malka <julien@malka.sh>
 2025-10-05 22:29:44 +02:00
Martin Weinelt 9d9f70b4e9
nixos/limesurvey: deduplicate php references 2025-10-05 22:29:44 +02:00
Martin Weinelt 5b039b9fd4
nixos/limesurvey: fix default config merging when config is defined, set userquestionthemerootdir default (#400448) 2025-10-05 21:34:02 +02:00
Franek 3e5de98fc8
chore: remove dead code 2025-10-05 19:29:53 +02:00
Franek e9b91d0f2d
fix: use JSON and then convert to YAML for backwards compatibility 2025-10-05 19:27:48 +02:00
Franek 3fd6717c22
chore: reformat file properly 2025-10-05 17:41:05 +02:00
Franek 59f3789f45
chore: reformat and fix typo 2025-10-05 17:36:58 +02:00
Felix Singer 8dac7deb3d nixos/gerrit: Enable PrivateUsers hardening in service config 
For documentation see
https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#PrivateUsers=

Signed-off-by: Felix Singer <felixsinger@posteo.net>
 2025-10-05 16:06:19 +02:00
Felix Singer 1ed557f179 nixos/gerrit: Set ProtectProc to invisible 
For documentation see
https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#ProtectProc=

Signed-off-by: Felix Singer <felixsinger@posteo.net>
 2025-10-05 15:58:16 +02:00
Felix Singer 302eaedd92 nixos/gerrit: Enable MountAPIVFS hardening in service config 
This setting is already implied by others, but add it for completeness
as well. For documentation see
https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#MountAPIVFS=

Signed-off-by: Felix Singer <felixsinger@posteo.net>
 2025-10-05 15:38:50 +02:00
Vladimír Čunát 15ed8f7638
staging-next 2025-09-21 (#444862) 2025-10-05 13:28:34 +00:00
Florian Klink bf496bd1d2
nixos/gerrit: Enable PrivateMounts hardening in service config (#448492) 2025-10-05 13:24:15 +00:00
sadorowo a22dc98a36
invidious: use YAML configuration by default (#448476) 2025-10-05 13:17:12 +00:00
Florian Klink 3627818f3c
nixos/gerrit: Make sure service directories have proper permissions set (#448496) 2025-10-05 12:16:58 +00:00
nixpkgs-ci[bot] 17eefed8a0
Merge master into staging-next 2025-10-05 12:06:14 +00:00
Florian Klink b17d512a77
nixos/gerrit: Set ProtectControlGroups to strict (#448646) 2025-10-05 11:24:43 +00:00
Robert Schütz c78079059a nixos/immich: add secretSettings option 2025-10-05 02:44:08 -07:00
K900 e93c560b79 Merge remote-tracking branch 'origin/master' into staging-next 2025-10-05 12:17:08 +03:00
Wolfgang Walther 91a8fee3aa
treewide: remove redundant parentheses 
Auto-fixed by nixf-diagnose.
 2025-10-05 10:52:03 +02:00
Wolfgang Walther c283f32d29
treewide: remove unused with 
Auto-fixed by nixf-diagnose.
 2025-10-05 10:50:41 +02:00
Wolfgang Walther 90e7159c55
treewide: remove unused rec 
Auto-fix by nixf-diagnose.
 2025-10-05 10:49:12 +02:00
Felix Singer 37e40baa36 nixos/gerrit: Set ProtectControlGroups to strict 
For documentation see
https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#ProtectControlGroups=

Signed-off-by: Felix Singer <felixsinger@posteo.net>
 2025-10-04 23:49:28 +02:00
nixpkgs-ci[bot] 45e7932c78
Merge master into staging-next 2025-10-04 12:05:54 +00:00
Felix Singer cb6ac21a2b nixos/gerrit: Make sure cache directory has proper permissions set 
Signed-off-by: Felix Singer <felixsinger@posteo.net>
 2025-10-04 12:10:58 +02:00
Felix Singer 49cc0ce8a3 nixos/gerrit: Make sure state directory has proper permissions set 
Signed-off-by: Felix Singer <felixsinger@posteo.net>
 2025-10-04 12:09:39 +02:00
Felix Singer 26d0023f71 nixos/gerrit: Enable PrivateMounts hardening in service config 
Signed-off-by: Felix Singer <felixsinger@posteo.net>
 2025-10-04 11:58:09 +02:00
dish 69b4b86d23
{nixos/,}.tt-rss: drop 
Per https://community.tt-rss.org/t/the-end-of-tt-rss-org/7164, it will
cease development on 2025-11-01, and since it cannot be maintained
through the release of NixOS 25.11, it is being dropped now.
 2025-10-03 22:24:16 -04:00
Maximilian Bosch b95a14f2ee
nixos/limesurvey: use php83 
This is what the version we currently have is packaged against[1]. No
actual maintenance is done, this package will need a new person feeling
responsible for this.

[1] https://github.com/LimeSurvey/LimeSurvey/blob/6.10.2%2B250127/.github/workflows/main.yml#L20
 2025-10-03 23:37:00 +02:00
Maximilian Bosch f4b702bb11
invoiceplane: remove, doesn't support php >8.1 2025-10-03 23:21:57 +02:00
Maximilian Bosch 3d04c5aaa8
nixos/dokuwiki: use php 8.4 
PHP 8.1 needs to be removed since it'll be EOLed by the end of the year.
 2025-10-03 22:57:06 +02:00
nixpkgs-ci[bot] dd2d512251
Merge master into staging-next 2025-10-03 00:15:52 +00:00
Felix Bühler afd64ceb0a
photoprism: 250321-57590c48b -> 250426-27ec7a128 (#407100) 2025-10-02 18:56:28 +00:00
Felix Buehler 4a14d1e05d nixos/photoprism: disallow passwords in store 2025-10-01 23:13:46 +02:00
Felix Buehler 771a0ec704 nixos/photoprism: add databasePasswordFile option 2025-10-01 23:13:34 +02:00
nixpkgs-ci[bot] 100015447b
Merge master into staging-next 2025-10-01 06:06:28 +00:00
Yt 6af2210e0c
{chatgpt-retrieval-plugin,nixos/chatgpt-retrieval-plugin}: drop (#447045) 2025-10-01 00:53:34 +00:00
K900 4999ae577c Merge remote-tracking branch 'origin/master' into staging-next 2025-09-30 21:47:55 +03:00
Leon Schwarzäugl 91352f2f83
nixos/homebox: update for v0.20.0 storage options 
- v0.20.0 replaced HBOX_STORAGE_DATA in favor of
  HBOX_STORAGE_CONN_STRING and HBOX_STORAGE_PREFIX_PATH.
  Added options for these.
- Added support for custom user/group.
 2025-09-30 15:57:01 +02:00
Michael Daniels 01cb0dae78
nixos/chatgpt-retrieval-plugin: drop 
Corresponding package has been marked broken for a full release cycle.

Dropping per RFC 180.
 2025-09-30 07:34:16 -04:00
Ruby Iris Juric 6d7ea3cf45
maintainers: remove srxl 2025-09-30 17:21:37 +10:00
nixpkgs-ci[bot] 256acf7aa7
Merge master into staging-next 2025-09-30 00:16:28 +00:00
Felix Buehler 53f95e2ea8 nixos/photoprism: use PHOTOPRISM_ADMIN_PASSWORD_FILE 2025-09-30 00:32:43 +02:00
Arne Keller 2891f9938c
nixos/gerrit: Drop global lib expansion (#446636) 2025-09-29 20:35:19 +00:00
Robert Schütz d4257061d6 Merge branch 'master' into staging-next 2025-09-29 09:51:09 -07:00
dotlambda 6b36977077
nextcloud30: drop (#446070) 2025-09-29 16:18:14 +00:00
provokateurin 3afd6ec50d
nextcloud30: drop 2025-09-29 16:03:32 +02:00
nixpkgs-ci[bot] 14c85cbfc9
Merge master into staging-next 2025-09-28 12:05:54 +00:00
xanderio 2a3cb7e9dc
nixos/onlyoffice: fix nginx syntax error (#444037) 2025-09-28 06:44:15 +00:00
Felix Singer cfaae64388 nixos/gerrit: Drop global lib expansion 
Signed-off-by: Felix Singer <felixsinger@posteo.net>
 2025-09-27 14:58:05 +02:00
Leon Schwarzäugl 144131b2ee
nixos/homebox: add Swarsel as maintainer 2025-09-25 10:15:16 +02:00
nixpkgs-ci[bot] f4c61486bf
Merge master into staging-next 2025-09-24 12:07:37 +00:00
Cabia Rangris 320f897dda
outline: 0.87.3 -> 0.87.4 (#444287) 2025-09-24 09:49:02 +00:00
h7x4 4910b0b715
nixos/mealie: add extraOptions to allow setting trusted proxies (#408843) 2025-09-24 08:16:40 +00:00
nixpkgs-ci[bot] 88bda6eff1
Merge master into staging-next 2025-09-23 12:26:40 +00:00
dotlambda 79e615c4c6
nixos/miniflux: use freeformType (#443744) 2025-09-23 09:30:00 +00:00
nixpkgs-ci[bot] 562c842d00
Merge master into staging-next 2025-09-23 00:16:56 +00:00
Pol Dellaiera ea27db1959
various: use types.port instead of types.int (#445243) 2025-09-22 19:49:35 +00:00
nixpkgs-ci[bot] 66a3cd62a8
Merge master into staging-next 2025-09-22 18:05:40 +00:00
Robert Schütz bc58ca994c nixos/miniflux: use freeformType 2025-09-22 11:01:44 -07:00
Jonas Heinrich 7d6f47b055
nixos/invoiceplane: Add quoteTemplates option (#384521) 2025-09-22 17:45:49 +02:00
h7x4 c2b14be993
nixos/nifi: use types.port 2025-09-22 16:48:08 +02:00
h7x4 a955f6ac31
nixos/plantuml-server: use types.port 2025-09-22 16:46:45 +02:00
h7x4 24c79fd3cc
nixos/silverbullet: use types.port 2025-09-22 16:46:44 +02:00
h7x4 0269d83980
nixos/pgpkeyserver-lite: use types.port 2025-09-22 16:33:03 +02:00
h7x4 84d3b8350d
nixos/kasmweb: use types.port 2025-09-22 16:33:03 +02:00
h7x4 f2b5f25655
nixos/anuko-time-tracker: use types.port 2025-09-22 16:33:02 +02:00
h7x4 25332ea522
nixos/cryptpad: use types.port 2025-09-22 16:33:01 +02:00
h7x4 c31d264b5d
nixos/nexus: use types.port 2025-09-22 16:33:01 +02:00
nixpkgs-ci[bot] f08a85f704
Merge master into staging-next 2025-09-22 12:07:05 +00:00
Alexander Sieg 5daa3ed068
nixos/outline: ajust for deprecation of MAXIMUM_IMPORT_SIZE 2025-09-22 11:04:19 +02:00
h7x4 4ba3f60b8a
various: use mkPackageOption 2025-09-22 02:46:54 +02:00
nixpkgs-ci[bot] 76f580bfad
Merge staging-next into staging 2025-09-20 12:06:51 +00:00
dotlambda c36c047cbc
nixos/immich: set $XDG_CACHE_HOME (#444330) 2025-09-20 11:53:35 +00:00
nixpkgs-ci[bot] ca7f2a47c0
Merge staging-next into staging 2025-09-19 18:06:36 +00:00
Robert Schütz 3fbb8e08a1 nixos/immich: set $XDG_CACHE_HOME 
The immich-machine-learning service can fail with

    RuntimeError: Data processing error: I/O error: Operation not permitted (os error 1)

because huggingface attempts to download files to $HOME/.cache (which
doesn't exist in this case) unless $XDG_CACHE_HOME or $HF_HOME is set.
 2025-09-19 05:35:12 -07:00
royce-c 0d9a7c4386
ente: fix AmbientCapabilities systemd unit option typo 2025-09-19 00:47:58 -07:00
Arnout Engelen 14a3cc02bd
onlyoffice: fix syntax error 
The `more_set_headers` syntax was wrong.

Syntax docs: https://github.com/openresty/headers-more-nginx-module?tab=readme-ov-file#more_set_headers

This led to:

```
{\"Exception\":\"InvalidArgumentException\",\"Message\":\"\\\"attachment;\\\" is not valid header name.\",\"Code\":0,\"Trace\":[
{\"file\":\"/nix/store/4y4c191pd9pa5nd78i8flvkf50gd4lvp-nextcloud-31.0.8/3rdparty/guzzlehttp/psr7/src/MessageTrait.php\",\"line\":153,\"function\":\"assertHeader\",\"class\":\"GuzzleHttp\\\\Psr7\\\\Response\",\"type\":\"->\"},
```

Introduced in https://github.com/NixOS/nixpkgs/pull/419765
 2025-09-18 16:17:03 +02:00
nixpkgs-ci[bot] 97577361ff
Merge staging-next into staging 2025-09-18 05:48:07 +00:00
dish 6c45dd68c1
peertube: 7.2.3 -> 7.3.0 (#443185) 2025-09-18 03:06:38 +00:00
nixpkgs-ci[bot] 592e2df8c6
Merge staging-next into staging 2025-09-17 00:16:57 +00:00
Sandro 5413fb37b8
szurubooru: 2.5-unstable-2025-02-11 -> 2.5-unstable-2025-07-19, fix build for python3.13 (#427826) 2025-09-16 20:59:41 +00:00