tobias/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-11-19 15:14:56 +01:00
Code Issues Packages Projects Releases Wiki Activity
483562 commits 200 branches 75 tags 12 GiB
Commit graph

25326 commits

Author SHA1 Message Date
Bernardo Meurer afbc94b2a8
Merge pull request #223661 from filakhtov/resolvconf-disable 2023-03-29 09:39:06 -03:00
Sandro c2ae278eb8
Merge pull request #221851 from Ma27/postgresql-jit-support 
postgresql: implement opt-in JIT support
 2023-03-29 13:29:30 +02:00
zendo 907bd4927b nixos/clash-verge: init module 2023-03-29 19:05:40 +08:00
Maximilian Bosch e2fb651752
nixos/postgresql: fix enableJIT 
Make sure that JIT is actually available when using

    services.postgresql = {
      enable = true;
      enableJIT = true;
      package = pkgs.postgresql_15;
    };

The current behavior is counter-intuitive because the docs state that
`enableJIT = true;` is sufficient even though it wasn't in that case
because the declared package doesn't have the LLVM dependency.

Fixed by using `package.withJIT` if `enableJIT = true;` and
`package.jitSupport` is `false`.

Also updated the postgresql-jit test to test for that case.
 2023-03-29 08:39:47 +02:00
Maximilian Bosch 43dbeae02d
postgresql: pass through JIT-enabled variant of non-JIT postgres and vice versa 
This is useful if your postgresql version is dependant on
`system.stateVersion` and not pinned down manually. Then it's not
necessary to find out which version exactly is in use and define
`package` manually, but just stay with what NixOS provides as default:

    $ nix-instantiate -A postgresql
    /nix/store/82fzmb77mz2b787dgj7mn4a8i4f6l6sn-postgresql-14.7.drv
    $ nix-instantiate -A postgresql_jit
    /nix/store/qsjkb72fcrrfpsszrwbsi9q9wgp39m50-postgresql-14.7.drv
    $ nix-instantiate -A postgresql.withJIT
    /nix/store/qsjkb72fcrrfpsszrwbsi9q9wgp39m50-postgresql-14.7.drv
    $ nix-instantiate -A postgresql.withJIT.withoutJIT
    /nix/store/82fzmb77mz2b787dgj7mn4a8i4f6l6sn-postgresql-14.7.drv

I.e. you can use postgresql with JIT (for complex queries only[1]) like
this:

    services.postgresql = {
      enable = true;
      enableJIT = true;
    };

Performing a new override instead of re-using the `_jit`-variants for
that has the nice property that overlays for the original package apply
to the JIT-enabled variant, i.e.

    with import ./. {
      overlays = [
        (self: super: {
          postgresql = super.postgresql.overrideAttrs (_: { fnord = "snens"; });
        })
      ];
    };
    postgresql.withJIT.fnord

still gives the string `snens` whereas `postgresql_jit` doesn't have the
attribute `fnord` in its derivation.

[1] https://www.postgresql.org/docs/current/runtime-config-query.html#GUC-JIT-ABOVE-COST
 2023-03-29 08:39:46 +02:00
Peter Simons 7942e2e38f
Merge pull request #221108 from mrobbetts/bind_remove_allow_query 
bind: remove hard-coded `allow-query` config setting
 2023-03-29 07:50:47 +02:00
Garry Filakhtov d86e9911cd
nixos/modules/config/resolvconf.nix: skip systemPackages if disabled 
A change made in #166308 added `networking.resolvconf.package` to the
`environment.systemPackages` list, so it is installed as part of the
system image. However it does so unconditionally, meaning that even if
the `config.networking.resolvconf.enable` is set to false the package
listed in the `networking.resolvconf.package` would still be intalled.

This change makes it so the package installation will depend on the
status of the `config.networking.resolvconf.enable` option instead.
 2023-03-29 09:31:09 +11:00
nicoo deab2b3bf7 nixos/auto-cpufreq: Add configuration support. 2023-03-28 22:01:27 +00:00
Sandro fd46812f7e
Merge pull request #222667 from chuangzhu/proxychains-package 2023-03-28 22:19:38 +02:00
Daniel Nagy e1a383102f
nixos/x11: set XKB_CONFIG_ROOT from config 
The motivation is to make overriding `services.xserver.xkbDir` easier.
 2023-03-28 20:00:00 +02:00
Kasper Gałkowski 9a26e2dea9 merge master 2023-03-28 19:43:40 +02:00
Atemu 91f5aa3446
Merge pull request #213378 from Atemu/steam-env-vars 
steam: add extraEnv argument
 2023-03-28 17:25:14 +02:00
enc0urage a76bd96e4b nixos/malloc: set vm.max_map_count when using graphene-hardened 2023-03-28 10:18:20 +00:00
r-vdp 982ea4295b
NixOS/opengl: Use the default Mesa package by default. 
Fixes #223458
Fixes #223331
 2023-03-28 11:06:07 +02:00
Nick Cao ca7c52c4f5
Merge pull request #222762 from Kiskae/nvidia/530.41.03 
linuxPackages.nvidia_x11: 525.89.02 -> 530.41.03
 2023-03-28 08:23:48 +08:00
Ryan Lahfa 6fcf40805a
Merge pull request #223439 from mjlbach/fix/garage 
garage: fix missing stateVersion and default pkg
 2023-03-28 00:26:47 +02:00
Michael Lingelbach e6854e7d3a garage: fix missing stateVersion and default pkg 
* stateVersion was not in scope, added config.system.systemVersion
* garage_0_8_0 -> garage_0_8, the former does not exist
 2023-03-27 13:18:33 -07:00
Ryan Lahfa 16f67c4afc
Merge pull request #223242 from panicgh/nitrokey-libnitrokey 
libnitrokey: init at 3.8
 2023-03-27 22:07:24 +02:00
Ryan Lahfa 482c735228
Merge pull request #223388 from 06kellyjac/authelia-move 
authelia: move module under security and minor fixes
 2023-03-27 21:59:57 +02:00
K900 e74d28259d
Merge pull request #162479 from stuebinm/feature/mattermost-secrets 
nixos/mattermost: add secretFile option for declarative configs (again)
 2023-03-27 21:50:18 +03:00
stuebinm c29ca6704d mattermost: add environmentFile option to allow declarative secrets 
This adds an option `services.mattermost.environmentFile`, intended to be
useful especially when `services.mattermost.mutableConfig` is set to `false`.
Since all mattermost configuration options can also be set by environment
variables, this allows managing secret configuration values in a declarative
manner without placing them in the nix store.
 2023-03-27 20:46:01 +02:00
Jörg Thalheim d9c92360a8 nixos/install-grub: stop using bare file handles for readFile/WriteFile 2023-03-27 19:25:46 +02:00
Jörg Thalheim 5a23a24ba2 nixos/grub-install: don't rely on shell to run commands 
data passed to these programs might be accidentially interpreted as
shell. Discovered in https://github.com/Mic92/envfs/issues/111
 2023-03-27 19:21:55 +02:00
Sandro fc7d893822
Merge pull request #222592 from Luflosi/update/kubo 
kubo: 0.18.1 -> 0.19.0
 2023-03-27 15:24:34 +02:00
Lily Foster 6f07da7277
Merge pull request #220450 from arjan-s/qtile-options 
qtile: add more options to NixOS module and expose unwrapped package
 2023-03-27 07:23:15 -04:00
06kellyjac 9b60eef4bd authelia: move module under security and minor fixes 
Fixed test access to lib
Added nixos test to passthru
 2023-03-27 12:00:07 +01:00
Maximilian Bosch 3351d1bdb2
Merge pull request #223294 from SuperSandro2000/synapse.nix 
nixos/synapse: fix path
 2023-03-27 10:43:25 +02:00
Nicolas Benes 771d39638b nitrokey-udev-rules: replace with libnitrokey 2023-03-27 04:02:13 +02:00
Sandro Jäckel 40c8cebade
nixos/synapse: Fix incorrect module path after it was moved 
Fixes: 22f3d4e4db ("nixos: move matrix services into their category")
 2023-03-27 00:49:38 +02:00
Sandro Jäckel 056be64f11 nixos/podman: add example to enable network dns 2023-03-27 08:42:29 +10:00
Sandro 6f558d3009
Merge pull request #212599 from SuperSandro2000/podman-cleanup 2023-03-27 00:05:30 +02:00
Sandro 97d67f4a5f
Merge pull request #221643 from Tungsten842/wireshark-capabilities 2023-03-26 22:31:40 +02:00
github-actions[bot] 665b0409ad
Merge master into staging-next 2023-03-26 16:02:07 +00:00
Atemu 1f27e0b77a steam: add extraEnv option 2023-03-26 17:19:33 +02:00
Atemu 4731598712 nixos/steam: always apply extraLibraries and make them additive 
Before, setting {option}`programs.steam.package` would result in a steam without
the {option}`hardware.opengl.package`, {option}`hardware.opengl.extraPackages`
etc. You had to manually add them yourself.

Additionally, overlaying `steam = prev.steam.override { extraLibraries = [ ... ]; }`
resulted in those extra libraries not actually being put into the fhsenv because
they'd be fully overridden by the option's default.

Now, the user can supply a custom steam to {option}`programs.steam.package` with
its own list of extraLibraries which will not be overridden and overlays work as
expected too.
 2023-03-26 17:19:33 +02:00
Maximilian Bosch 0680f297f1
Merge pull request #223182 from dotlambda/nextcloud-x-robots-tag 
nixos/nextcloud: set X-Robots-Tag to "noindex, nofollow"
 2023-03-26 15:29:55 +02:00
github-actions[bot] 055dd6c5e5
Merge master into staging-next 2023-03-26 13:21:11 +00:00
K900 52038a5e50
Merge pull request #185528 from alois31/gdk-pixbuf-modules 
nixos/gdk-pixbuf: move GDK_PIXBUF_MODULE_FILE to sessionVariables
 2023-03-26 15:51:52 +03:00
K900 88edefb1b8
Merge pull request #223234 from Atemu/mesa-multi-version 
nixos/opengl: fix wrong function application
 2023-03-26 15:22:42 +03:00
Atemu 1d19eeefee nixos/opengl: fix wrong function application 
No idea how that one slipped through. Thanks for catching @maxeaubrey!
 2023-03-26 14:20:32 +02:00
Vladimír Čunát b544cd986c
Merge branch 'master' into staging-next 2023-03-26 11:38:50 +02:00
K900 22609a5d55
Merge pull request #217883 from Atemu/mesa-multi-version 
mesa_23: init at 23.0.1
 2023-03-26 11:53:44 +03:00
Robert Schütz 15b859cefe nixos/nextcloud: set X-Robots-Tag to "noindex, nofollow" 
Upstream did so in https://github.com/nextcloud/server/pull/36689 and
Nextcloud now complains that

    The "X-Robots-Tag" HTTP header is not set to "noindex, nofollow".
    This is a potential security or privacy risk, as it is recommended
    to adjust this setting accordingly.
 2023-03-25 19:48:13 -07:00
github-actions[bot] 07fb9cae4e
Merge master into staging-next 2023-03-26 00:02:45 +00:00
Atemu d8f58908ce nixos/opengl: mesa_22 -> mesa_23 2023-03-25 21:08:50 +01:00
Atemu 33a700b406 mesa: provide patch versions 
This allows us to bump the mesa attribute (used by many packages, see
https://github.com/NixOS/nixpkgs/issues/218232) independently from the packages
used by NixOS users.
 2023-03-25 21:08:50 +01:00
Atemu bf1785d0a9 nixos/opengl: add mesaPackage option 2023-03-25 21:08:50 +01:00
Lin Jian 4482c70530 nixos/kanata: notify systemd when starting up is finished 
- set service type to notify
- allow unix socket which is needed by systemd notify
 2023-03-25 20:56:48 +01:00
github-actions[bot] 392b3f3dc3
Merge master into staging-next 2023-03-25 18:01:17 +00:00
pennae dce79b3cb1
Merge pull request #221877 from ambroisie/woodpecker-agents 
nixos/woodpecker: refactor to multi-agents setup
 2023-03-25 16:32:55 +01:00
github-actions[bot] 6a3acb9982
Merge master into staging-next 2023-03-25 06:05:24 +00:00
Nick Cao 851cd65a21
Merge pull request #220776 from Vonfry/deprecated/fcitx4 
fcitx: remove version 4
 2023-03-25 10:23:06 +08:00
06kellyjac 6373a3966b nixos/authelia: init module 
Co-authored-by: Martin Weinelt <hexa@darmstadt.ccc.de>
 2023-03-24 21:23:41 -03:00
github-actions[bot] cead7e3e73
Merge master into staging-next 2023-03-25 00:02:20 +00:00
Kevin Mehall fef4baca37
nixos/ssh: Update github.com host key in programs.ssh.knownHostsFiles example 
The `programs.ssh.knownHostsFiles` option documentation uses github.com's host keys as an example. GitHub recently announced that the ssh-rsa key has been compromised and rotated it.

The new key can be checked against
https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/
https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/githubs-ssh-key-fingerprints
 2023-03-24 11:51:46 -07:00
oddlama ba0a1611fc
nixos/nginx: fix warning about duplicate mime entry 2023-03-24 19:44:00 +01:00
github-actions[bot] f2ead7fbda
Merge master into staging-next 2023-03-24 12:01:43 +00:00
Ryan Lahfa a119bfc80d
Merge pull request #211603 from farcaller/fish 
Assert that fish configuration is enabled if any user has fish as their shell
 2023-03-24 12:05:22 +01:00
Kiskae c3ce711249 nixos/nvidia: re-enable IBT for newer drivers 2023-03-24 11:37:35 +01:00
Vladimír Čunát 12dd95fbb1
Merge branch 'master' into staging-next 2023-03-24 09:07:41 +01:00
Will Fancher 5a9b9e620d
Merge pull request #176828 from therishidesai/luks-multi-key-files 
nixos/luksroot: add tryEmptyPassphrase option
 2023-03-24 03:02:20 -04:00
Bruno BELANYI 6048912d8b nixos/woodpecker-*: add myself as maintainer 2023-03-23 21:33:21 +00:00
Bruno BELANYI 67de7d105e nixos/woodpecker-agents: per-agent 'enable' option 2023-03-23 21:33:20 +00:00
Matt Melling 177b6a4bc3
cloudlog: remove import-from-derivation in config 2023-03-23 21:21:57 +00:00
Bruno Bigras 022436c47b nixos/logrotate: fix typo 2023-03-23 16:09:47 -04:00
K900 fae7294cf5
Merge pull request #222689 from K900/bye-dpi-2 
nixos/hidpi: remove harder
 2023-03-23 22:13:06 +03:00
K900 c9a74cf40f nixos/fontconfig: time capsule 2023-03-23 22:03:35 +03:00
Chuang Zhu 46344c77b3 nixos/proxychains: add package option 2023-03-24 02:55:11 +08:00
K900 8454084ffc nixos/hidpi: remove harder 
We can't agree on what the right settings are (see #222236), so let's make the users choose.
 2023-03-23 21:50:45 +03:00
github-actions[bot] 307b719414
Merge master into staging-next 2023-03-23 18:01:20 +00:00
Jan Tojnar 598cf2090c
Merge pull request #218990 from SuperSandro2000/dgraph 
dgraph: use --prefix to prefix PATH
 2023-03-23 16:40:43 +01:00
Ryan Lahfa e774156726
Merge pull request #222269 from SuperSandro2000/gitea-disable-updater 
nixos/gitea: disable updater by default
 2023-03-23 15:23:49 +01:00
Bruno BELANYI cd116db45e nixos/woodpecker-agents: bind network files 
Otherwise the agent might experience trouble with DNS resolution [1].

[1]: https://github.com/woodpecker-ci/plugin-git/issues/65
 2023-03-23 14:16:45 +00:00
Bruno BELANYI eb3bea6359 nixos/woodpecker-agents: simplify 'extraGroups' handling 2023-03-23 14:16:45 +00:00
Bruno BELANYI c3afdb82db nixos/woodpecker-agents: use list for environment files 2023-03-23 14:16:44 +00:00
Sandro Jäckel 20842ac039
nixos/gitea: disable updater by default 2023-03-23 14:46:51 +01:00
Sandro 995f9d1c95
Merge pull request #213874 from SuperSandro2000/nginx-zstd 
nixos/nginx: add recommendedZstdSettings
 2023-03-23 14:11:35 +01:00
Bruno BELANYI e4f5f1b718 nixos/woodpecker: refactor to multi-agents setup 
The module file has been renamed from `agent.nix` to `agents.nix` to
mirror the change.
 2023-03-23 12:47:47 +00:00
Vladimír Čunát 09c3a593df
Merge branch 'master' into staging-next 2023-03-23 11:13:46 +01:00
Weijia Wang 52ee7a6a92
Merge pull request #203236 from Flakebi/fail2ban 
fail2ban: 0.11.2 -> 1.0.2
 2023-03-23 10:36:14 +02:00
github-actions[bot] 705ac3185e
Merge master into staging-next 2023-03-23 06:01:22 +00:00
Nick Cao 1285c0a09b
Merge pull request #222205 from NickCao/zram-writeback-device 
nixos/zram: add writebackDevice option and corresponding test
 2023-03-23 13:14:08 +08:00
github-actions[bot] 6a3714135d
Merge master into staging-next 2023-03-23 00:02:14 +00:00
Maximilian Bosch c042a318a7
Merge pull request #222372 from NixOS/nextcloud26 
nextcloud26: init at 26.0.0
 2023-03-22 23:35:31 +01:00
Christoph Heiss c9c9abc608 openssh: fix 'undefined variable' error 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-03-22 22:38:14 +01:00
Maximilian Bosch 42c78ccc6b nixos/nextcloud: release notes 2023-03-22 22:37:17 +01:00
Maximilian Bosch cbc539c19f nixos/nextcloud: minor fixups 
* Apply review comments.
* Default to PHP 8.2 for v26.
 2023-03-22 22:37:17 +01:00
Maximilian Bosch 6a0b0a5de9 nextcloud: remove compat references to v23 
This is not needed anymore because the version is EOL for almost a year
now and we don't even have the packages anymore, only the attributes for
compatibility for upgrades from older NixOS versions.
 2023-03-22 22:37:17 +01:00
Raito Bezarius dd96b7d8b4 nextcloud26, nixos/web-apps/nextcloud: drop the autocreate db user patch and wire the default in the NixOS module 2023-03-22 22:37:16 +01:00
Raito Bezarius 5e5c4c975a nixos/web-apps/nextcloud: introduce nextcloud26 2023-03-22 22:37:13 +01:00
pennae 31f422d95f
Merge pull request #218721 from apfelkuchen6/nw 
nixos/networkd: add some missing options
 2023-03-22 22:22:03 +01:00
Ryan Lahfa 5b88469c21
Merge pull request #217366 from puppe/fix-yggdrasil 
nixos/yggdrasil: fix configFile option
 2023-03-22 20:18:25 +01:00
Ryan Lahfa 54de698c6f
Merge pull request #221576 from paumr/nixos-generate-config_fix_syntax 
nixos-generate-config: fix invalid sample config
 2023-03-22 20:10:43 +01:00
Luflosi ef9c99a035
nixos/kubo: add QUICv1 and WebTransport to Addresses.Swarm list 
According to https://github.com/ipfs/kubo/blob/v0.18.0/docs/config.md#addressesswarm, the default list of swarm multiaddrs includes QUICv1 and WebTransport since v0.18.0.
More information can be found in the release notes at https://github.com/ipfs/kubo/releases/tag/v0.18.0.
 2023-03-22 20:02:56 +01:00
github-actions[bot] 85f7b5276e
Merge master into staging-next 2023-03-22 18:01:11 +00:00
K900 d0f7d224da nixos/firewall-nftables: avoid using wildcards 
Those were added in kernel 5.13, which is newer than our oldest supported.
 2023-03-22 17:45:05 +03:00
Rishi Desai cccc3f8a8e nixos/luksroot: add tryEmptyPassphrase option 2023-03-22 09:17:23 -05:00
Weijia Wang 2d50326244
Merge pull request #222526 from wegank/wxgtk30-drop 
wxGTK30, wxmac: drop
 2023-03-22 16:13:12 +02:00
woojiq 296e7f92cd keyd: add keyd service and test 
The keyd package already exists, but without a systemd service.

Keyd requires write access to /var/run to create its socket. Currently
the directory it uses can be changed with an environment variable, but
the keyd repo state suggests that this may turn into a compile-time
option. with that set, and some supplementary groups added, we can run
the service under DynamicUser.

Co-authored-by: pennae <82953136+pennae@users.noreply.github.com>
 2023-03-22 15:12:29 +01:00
github-actions[bot] 0537539006
Merge master into staging-next 2023-03-22 12:01:22 +00:00
Weijia Wang 366e108e41 wxGTK30, wxmac: drop 2023-03-22 13:56:44 +02:00
K900 5bf9765c0a
Merge pull request #217482 from motiejus/headscale_oidc_client_secret 
headscale: natively support oidc.client_secret_path
 2023-03-22 14:30:03 +03:00
github-actions[bot] 797a2b9bcc
Merge master into staging-next 2023-03-21 18:01:07 +00:00
figsoda 8dd5f6227d
Merge pull request #220928 from figsoda/starship 2023-03-21 13:50:53 -04:00
Lassulus 3839340fdb
Merge pull request #220656 from oxzi/restic-cache-fix 
nixos/restic: generalize cache configuration
 2023-03-22 00:37:46 +07:00
Ryan Lahfa 06541976aa
Merge pull request #222236 from K900/bye-dpi 
nixos/hidpi: remove
 2023-03-21 15:04:59 +01:00
K900 39c344c893 nixos/console: let the kernel pick the default font 2023-03-21 13:29:57 +01:00
K900 4787ebf7ae nixos/hidpi: remove 
The single option tries to do too much work, which just ends up confusing people.

So:
- don't force the console font, the kernel can figure this out as of #210205
- don't force the systemd-boot mode, it's an awkward mode that's not supported
  on most things and will break flicker-free boot
- add a separate option for the xorg cursor scaling trick and move it under the xorg namespace
- add a general `fonts.optimizeForVeryHighDPI` option that explicitly says what it does
- alias the old option to that
- don't set any of those automatically in nixos-generate-config
 2023-03-21 13:29:57 +01:00
Martin Weinelt ffe3165b27
Merge remote-tracking branch 'origin/master' into staging-next 
Conflicts:
- nixos/doc/manual/release-notes/rl-2305.section.md
 2023-03-21 12:35:53 +01:00
Motiejus Jakštys f2b3bed847 matrix-synapse: fix signing key path in fix-permissions script 
The preStart script will fail if the signing_key_path is nonstandard.
 2023-03-21 13:21:24 +02:00
Weijia Wang 4af0426bba
Merge pull request #222149 from wegank/limesurvey-bump 
limesurvey: 3.27.33+220125 -> 5.6.9+230306
 2023-03-21 08:52:42 +02:00
Nick Cao cd3ffbdfe6
nixos/zram: add writebackDevice option and corresponding test 2023-03-21 09:26:27 +08:00
Sandro 680e4d75b0
Merge pull request #222006 from mdarocha/remove-baget 2023-03-21 01:39:54 +01:00
ettom a375b000a6 nixos/zeyple: init 2023-03-21 00:14:03 +02:00
github-actions[bot] 75c28ec351
Merge master into staging-next 2023-03-20 18:01:16 +00:00
Sandro Jäckel 3a5de0e725
nixos/tmp: add a note to useTmpfs on potential issues 2023-03-20 17:27:06 +01:00
Vladimír Čunát d970a81035
Merge branch 'staging' into staging-next 
(it's slightly older staging)
 2023-03-20 16:27:31 +01:00
Alvar Penning 0810a6e018 nixos/prometheus.alertmanagerIrcRelay: init 
Co-authored-by: Martin Weinelt <mweinelt@users.noreply.github.com>
 2023-03-20 15:57:11 +01:00
Martin Weinelt 9959ec97f8
Merge remote-tracking branch 'origin/master' into staging-next 
Conflicts:
- pkgs/development/python-modules/wxPython/4.0.nix
- pkgs/development/python-modules/wxPython/4.1.nix
 2023-03-20 15:07:36 +01:00
Weijia Wang b64eb5bbbf limesurvey: 3.27.33+220125 -> 5.6.9+230306 2023-03-20 14:31:32 +02:00
Sandro 6f8210495c
Merge pull request #221684 from SuperSandro2000/portunus-localhost 
nixos/portunus: fix portunus not only listening on localhost
 2023-03-20 13:25:34 +01:00
Lily Foster ccae7d35d8
Merge pull request #221075 from fufexan/regreet 
nixos/regreet: init
 2023-03-20 08:22:18 -04:00
github-actions[bot] f785fd289c
Merge master into staging-next 2023-03-20 12:01:29 +00:00
K900 af8b2c25ee
Merge pull request #222151 from nazarewk/supergfxd-path 
supergfxd: add missing kmod to PATH
 2023-03-20 11:53:33 +03:00
Krzysztof Nazarewski ed4ce16637
supergfxd: add missing kmod to PATH 2023-03-20 09:44:47 +01:00
github-actions[bot] 96f7385465
Merge master into staging-next 2023-03-20 00:02:29 +00:00
Mihai Fufezan 692c28ec10
nixos/regreet: init 2023-03-20 02:01:50 +02:00
Sandro Jäckel dc5ffba52d
nixos/portunus: fix portunus not only listening on localhost 
Closes #221678
 2023-03-19 22:16:03 +01:00
Maximilian Bosch 23c5acad6a
Merge pull request #222042 from Ma27/fix-matrix-wellknown-example 
nixos/doc: fix .well-known example for matrix-synapse
 2023-03-19 21:44:19 +01:00
K900 f1d538b459
Merge pull request #221376 from laalsaas/plasma-exclude-packages 
plasma5: move excludePackages option for consistency
 2023-03-19 22:33:56 +03:00
Ryan Lahfa 618ba94934
Merge pull request #210205 from 9ary/kernel-fonts 
Build the large Terminus font into the kernel
 2023-03-19 20:13:25 +01:00
laalsaas 62b3fd5fd2
plasma5: move excludePackages option for consistency 2023-03-19 20:12:31 +01:00
Sandro 1641813e3b
Merge pull request #217515 from tensor5/nextcloud-s3-sse-c 2023-03-19 20:06:23 +01:00
Arjan Schrijver 1addf91b0b qtile: add more options and expose unwrapped package 2023-03-19 19:43:32 +01:00
Ryan Lahfa aa85df4561
Merge pull request #194594 from nbraud/hidpi 
nixos/hidpi: Harmonise default with documented recommendations
 2023-03-19 19:22:40 +01:00
Ryan Lahfa 49966f2c71
Merge pull request #221642 from Izorkin/fix-roundcube-tmp 
nixos/roundcube: add tmp directory
 2023-03-19 19:16:05 +01:00
Sandro Jäckel a5d95ac5fc
nixos/tmp: move /tmp options under boot.tmp 2023-03-19 18:49:37 +01:00
Maximilian Bosch 8c118951d5
nixos/doc: fix .well-known example for matrix-synapse 
I'm using this config on my homeserver and while trying out alternative
Matrix clients I discovered (pun intended) that the auto-discovery of my
homeserver is broken. While investigating I found out that neither the
JS nor the Rust SDK (tested via element-web and fractal) are happy about
an empty `m.identity_server`-block. Removing this part fixed the problem
for me.
 2023-03-19 17:38:32 +01:00
mdarocha 4062f28a76 baget: remove due to upstream being unmaintained 2023-03-19 14:19:49 +01:00
github-actions[bot] 7c9f4934b8
Merge master into staging-next 2023-03-19 12:01:32 +00:00
Bjørn Forsman 48b0aa7164 nixos/sssd: create symlinks in /etc to fix sssctl 
Without this, sssctl fails to read its configuration. Update the NixOS
test to ensure sssctl doesn't regress.
 2023-03-19 09:28:35 +01:00
github-actions[bot] c70342c89c
Merge master into staging-next 2023-03-19 00:02:27 +00:00
Alois Wohlschlager efd23ff1c8
nixos/gdk-pixbuf: move GDK_PIXBUF_MODULE_FILE to sessionVariables 
Some environments do not load /etc/profile, so environment.variables do
not work. In particular, this is the case for Plasma Wayland.

Use environment.sessionVariables for setting that variable instead,
which is handled by PAM and hence more reliable.
 2023-03-18 20:19:01 +01:00
Jörg Thalheim 2c19718bee dendrite: 0.11.0 -> 0.12.0 
Diff: https://github.com/matrix-org/dendrite/compare/v0.12.0...v0.12.0

Changelog: https://github.com/matrix-org/dendrite/releases/tag/v0.12.0
 2023-03-18 15:35:47 +01:00
github-actions[bot] a912b83051
Merge master into staging-next 2023-03-18 12:01:30 +00:00
talyz ccaa6078ba
nixos/gitlab: Fix error when GitLab Pages is not enabled 
Even if GitLab is used without Pages, some of its settings are still
used in the gitlab.yml file, resulting in errors such as

error: The option `services.gitlab.pages.settings.pages-domain' is used but not defined.

To fix this, make the settings' usage conditional on Pages being
enabled.
 2023-03-18 11:34:51 +01:00
Atemu bd7309c5a3
Merge pull request #221469 from wegank/solr-drop 
solr: drop
 2023-03-18 10:17:43 +01:00
github-actions[bot] 36748936f9
Merge master into staging-next 2023-03-18 06:01:16 +00:00
Sandro 8aedbfa038
Merge pull request #181013 from aidalgol/peroxide 2023-03-18 01:55:30 +01:00
github-actions[bot] 2c8e6963dc
Merge master into staging-next 2023-03-18 00:02:30 +00:00
K900 38d9db299e nixos/plasma5: remove supportDDC option 
The code for this was actually removed in #172078.
 2023-03-17 23:39:08 +03:00
Aidan Gauland 7fb4aae81f
nixos/peroxide: add module for peroxide service 2023-03-18 07:43:59 +13:00
github-actions[bot] d761f69867
Merge master into staging-next 2023-03-17 17:57:00 +00:00
Izorkin 6263c45580
nixos/roundcube: add tmp directory 2023-03-17 19:40:23 +03:00
Sandro 7ec767ff54
Merge pull request #173697 from jmbaur/avahi-daemon-deny-interfaces 
nixos/avahi: add denyInterfaces option
 2023-03-17 17:11:49 +01:00
Savyasachee Jha 4177ddcfd6 doas: refactor config generation 
According to Ted Unangst, since doas evaluates rules in a last
matched manner, it is prudent to have the "permit root to do everything
without a password at the end of the file.

Source: https://flak.tedunangst.com/post/doas-mastery
 2023-03-17 09:05:08 -07:00
Tungsten842 8668d96c28 nixos/wireshark: set the correct capabilities 2023-03-17 13:17:36 +01:00
github-actions[bot] 2394986204
Merge master into staging-next 2023-03-17 12:01:17 +00:00
Weijia Wang 32f39395a7
Merge pull request #210101 from helsinki-systems/upd/jitsi 
Update of all Jitsi Meet components
 2023-03-17 12:23:14 +02:00
paumr a6b712f8a4 nixos-generate-config: fix invalid sample config 
This issue was reported in #221510
 2023-03-17 01:24:28 +01:00
github-actions[bot] d96e74c8b8
Merge staging-next into staging 2023-03-17 00:03:06 +00:00
github-actions[bot] 6746017444
Merge master into staging-next 2023-03-17 00:02:33 +00:00
Pascal Bach 7c166f412b
Merge pull request #221096 from awakesecurity/minio-paths 
nixos/minio: gracefully handle root credentials file
 2023-03-16 20:56:37 +01:00
github-actions[bot] 2530eb2c82
Merge staging-next into staging 2023-03-16 18:01:58 +00:00
github-actions[bot] 455127ad5e
Merge master into staging-next 2023-03-16 18:01:20 +00:00
John Soo 740fea3edd
fixup! nixos/minio: activate/restart service on credentials path changes 2023-03-16 09:45:09 -07:00
Bernardo Meurer 79cfdf110a
Merge pull request #219351 from tie/make-bios-bootable 2023-03-16 11:33:03 -03:00
Weijia Wang c24a8ccc98 solr: drop 2023-03-16 16:17:04 +02:00
Bernardo Meurer 6e55733359
Merge pull request #219747 from Stunkymonkey/deprecate-isNull 2023-03-16 11:10:22 -03:00
s1341 6d299334b0 nixos/freeipa: init 2023-03-16 08:40:13 +02:00
apfelkuchen06 0ddfb0a5df nixos/networkd: add BridgeVLAN options 2023-03-16 03:31:04 +01:00
apfelkuchen06 cd650b3fa3 nixos/networkd: add QuickFairQueueingClass options 2023-03-16 03:31:04 +01:00
apfelkuchen06 fde806d5a5 nixos/networkd: add QuickFairQueueing options 2023-03-16 03:31:04 +01:00
apfelkuchen06 493ed75418 nixos/networkd: add HeavyHitterFilter options 2023-03-16 03:31:04 +01:00
apfelkuchen06 88d99a3630 nixos/networkd: add HierarchyTokenBucketClass options 2023-03-16 03:31:04 +01:00
apfelkuchen06 24df07c786 nixos/networkd: add HierarchyTokenBucket options 2023-03-16 03:31:03 +01:00
apfelkuchen06 29e5451963 nixos/networkd: add TrivialLinkEqualizer options 2023-03-16 03:31:03 +01:00
apfelkuchen06 cf470ebd88 nixos/networkd: add FairQueueing options 2023-03-16 03:31:03 +01:00
apfelkuchen06 dbc14e5a44 nixos/networkd: add FairQueueingControlledDelay options 2023-03-16 03:31:03 +01:00
apfelkuchen06 5b5c79c6a0 nixos/networkd: add GenericRandomEarlyDetection options 2023-03-16 03:28:23 +01:00
apfelkuchen06 ca496f8754 nixos/networkd: add EnhancedTransmissionSelection options 2023-03-16 03:28:23 +01:00
apfelkuchen06 3cde7aaa36 nixos/networkd: add DeficitRoundRobinSchedulerClass options 2023-03-16 03:28:23 +01:00
apfelkuchen06 0d06e85996 nixos/networkd: add DeficitRoundRobinScheduler options 2023-03-16 03:28:23 +01:00
apfelkuchen06 49df6bc669 nixos/networkd: add ControlledDelay options 2023-03-16 03:28:23 +01:00
apfelkuchen06 728108555e nixos/networkd: add CAKE options 2023-03-16 03:28:23 +01:00
apfelkuchen06 7a6cae0e15 nixos/networkd: add PFIFOFast options 2023-03-16 03:28:23 +01:00
apfelkuchen06 f75ec30fee nixos/networkd: add PFIFOHeadDrop options 2023-03-16 03:28:23 +01:00
apfelkuchen06 d9e1963a15 nixos/networkd: add BFIFO options 2023-03-16 03:28:22 +01:00
apfelkuchen06 f2ca28f658 nixos/networkd: add PFIFO options 2023-03-16 03:28:22 +01:00
apfelkuchen06 51689e86b9 nixos/networkd: add StochasticFairnessQueueing options 2023-03-16 03:28:22 +01:00
apfelkuchen06 736650ccf1 nixos/networkd: add StochasticFairBlue options 2023-03-16 03:28:22 +01:00
apfelkuchen06 872a4823cf nixos/networkd: add FlowQueuePIE options 2023-03-16 03:28:22 +01:00
apfelkuchen06 2784862e41 nixos/networkd: add PIE options 2023-03-16 03:28:22 +01:00
apfelkuchen06 d63035329e nixos/networkd: add TokenBucketFilter options 2023-03-16 03:28:21 +01:00
apfelkuchen06 55cd970d73 nixos/networkd: add NetworkEmulator options 2023-03-16 03:28:21 +01:00
apfelkuchen06 b08e5be98d nixos/networkd: add QDisc options 2023-03-16 03:28:21 +01:00
apfelkuchen06 09e745c784 nixos/networkd: add IPoIB options 2023-03-16 03:28:21 +01:00
apfelkuchen06 df14953724 nixos/networkd: add CAN options 2023-03-16 03:28:21 +01:00
apfelkuchen06 a7724b8f91 nixos/networkd: add LLDP options 2023-03-16 03:28:21 +01:00
apfelkuchen06 ae15b86d4d nixos/networkd: add BridgeMDB option 2023-03-16 03:28:21 +01:00
apfelkuchen06 d646f7c7f2 nixos/networkd: add BridgeFDB options 2023-03-16 03:28:21 +01:00
apfelkuchen06 28ddd570f7 nixos/networkd: add Bridge options 2023-03-16 03:28:20 +01:00
apfelkuchen06 590ccae1f8 nixos/networkd: add L2TP options 2023-03-16 03:28:20 +01:00
Majiir Paktu 1021a7d928 nixos/ddclient: fix permissions warning 2023-03-15 17:47:08 -04:00
github-actions[bot] 795332a826
Merge staging-next into staging 2023-03-15 18:01:44 +00:00
Martin Weinelt 578fb7fd1f
Merge pull request #220557 from mweinelt/libxcrypt-strong 
libxcrypt: Build only with strong hashes
 2023-03-15 16:43:12 +00:00
Vladimír Čunát a86610144f
Merge #219444: staging-next 2023-03-04 2023-03-15 17:35:39 +01:00
Sandro fbeb9b9a96
Merge pull request #215835 from illustris/hbase 
nixos/hbase: add thrift and rest servers
 2023-03-15 16:55:36 +01:00
Sandro 83dcadaf61
Merge pull request #218482 from illustris/ec2-metadata 
nixos/ec2: don't populate nonexistent metadata files
 2023-03-15 16:53:40 +01:00
Sandro c817b58614
Merge pull request #220278 from bdd/fix-binfmt-x86_64-windows-extension 
nixos/binfmt: fix extension for Windows binaries
 2023-03-15 16:15:47 +01:00
Martin Weinelt 1c52b361a8
Merge remote-tracking branch 'origin/master' into staging-next 2023-03-15 14:36:40 +01:00
Robert Hensing c3b245d540
Merge pull request #195511 from DeterminateSystems/include-build-deps 
nixos/top-level: add includeBuildDependencies option
 2023-03-15 13:33:24 +01:00
Charles Hall 65c6ffaae9 don't enable lightdm if greetd is enabled 2023-03-15 13:26:41 +01:00
github-actions[bot] a3b786aa94
Merge staging-next into staging 2023-03-15 00:03:06 +00:00
Martin Weinelt 231c1145f2
Merge remote-tracking branch 'origin/master' into staging-next 
Conflicts:
- pkgs/development/python-modules/rflink/default.nix
 2023-03-14 22:33:40 +01:00
Janik H dafedbbba6 nixos/woodpecker: init 2023-03-14 20:31:39 +01:00
github-actions[bot] 9feb9fda3e
Merge staging-next into staging 2023-03-14 18:02:00 +00:00
github-actions[bot] 2df6c043e6
Merge master into staging-next 2023-03-14 18:01:25 +00:00
K900 1fab86929f nixos/pipewire: spring cleaning 
- drop media-session (rip 💀)
- stop trying to let people override default configs, those never got merged correctly
- drop all the complexity arising from having to vendor default config files
- build docs in sandbox as we no longer recurse
 2023-03-14 20:31:32 +03:00
K900 b8ac3f9a93 pipewire: 0.3.66 -> 0.3.67 2023-03-14 20:31:03 +03:00
Kasper Gałkowski e5eb0322a2 merge master 2023-03-14 17:07:39 +01:00
Sandro 66e0910e86
Merge pull request #199729 from peat-psuwit/zoneminder-1.36.31 
zoneminder, nixos/zoneminder: 1.36.28 -> 1.36.31, fix issues relating to upgrade
 2023-03-14 17:02:05 +01:00
Martin Weinelt 9e4d592114
Merge remote-tracking branch 'origin/master' into staging-next 
Conflicts:
- pkgs/development/python-modules/eve/default.nix
 2023-03-14 16:49:37 +01:00
Linus Heckemann 7ca65eeecf
Merge pull request #219354 from Izorkin/update-profiles-base 
nixos/profiles: optimize base and minimal profiles
 2023-03-14 14:45:15 +01:00
Domen Kožar c08c079893
Merge pull request #216635 from DavHau/patch-4 
services.cachix-watch-store: fix description of compressionLevel
 2023-03-14 13:44:58 +00:00
Thomas Dy fbb554fa58 nixos/kubernetes: update coredns 1.7.1 -> 1.10.1 2023-03-14 22:15:43 +10:00
github-actions[bot] 60e9cbe0f9
Merge staging-next into staging 2023-03-14 12:02:08 +00:00
Linus Heckemann eb45cd5108 nixos/top-level: add includeBuildDependencies option 
This option allows adding the build closure of the system to its
runtime closure, enabling fully-offline rebuilds (as long as no new
packages are added).
 2023-03-14 11:55:13 +01:00
Martin Weinelt 6b67186fe9
Merge remote-tracking branch 'origin/master' into staging-next 
Conflicts:
- pkgs/development/python-modules/crownstone-cloud/default.nix
- pkgs/development/python-modules/exrex/default.nix
- pkgs/development/python-modules/mkdocs-minify/default.nix
- pkgs/development/python-modules/myjwt/default.nix
- pkgs/development/tools/analysis/checkov/default.nix
 2023-03-14 08:14:26 +01:00
Franz Pletz bc0a1dd982
Merge pull request #220461 from SuperSandro2000/prometheus 
prometheus: 2.41.0 -> 2.42.0, split outputs, other cleanups
 2023-03-14 05:28:59 +01:00
Matthew Robbetts f5b754881d bind: remove hard-coded allow-query config file entry, so it can be customized via extraConfig 2023-03-13 20:47:02 -07:00
John Soo e30469a37b
nixos/minio: activate/restart service on credentials path changes 
Otherwise the `minio.service` service will fail either:

* with a message that the EnvironmentFile does not exist
* or silently with potentially stale credentials
 2023-03-13 17:43:19 -07:00
John Soo 7f85002ec0
nixos/minio: format with nixpkgs-fmt 2023-03-13 17:36:52 -07:00
Artturi b978bf0f0f
Merge pull request #220570 from Artturin/fixlints1 2023-03-14 02:15:55 +02:00
Artturi 9d18216aa3
Merge pull request #221050 from Luflosi/nixos-generate-config-microcode-condition 
nixos-generate-config: update microcode only on bare metal
 2023-03-13 22:56:28 +02:00
7c6f434c f7eeb48523
Merge pull request #213301 from bcc32/atop-dont-leave-new-log-files 
nixos/atop: Remove upgraded logfiles if not replaced
 2023-03-13 20:20:40 +00:00
Luflosi 1d65c7279c
nixos-generate-config: update microcode only on bare metal 
Guest operating systems inside VMs or containers can't update the host CPU's microcode for obvious security reasons, so setting the `hardware.cpu.*.updateMicrocode` options is pointless.
 2023-03-13 20:15:13 +01:00
github-actions[bot] 59ffe854f9
Merge staging-next into staging 2023-03-13 18:01:48 +00:00
Martin Weinelt bb14c4255b Merge remote-tracking branch 'origin/master' into staging-next 2023-03-13 17:14:19 +00:00
Florian Klink 504d66bae9
Merge pull request #216826 from gdamjan/systemd-253 
systemd: 252.5 -> 253
 2023-03-13 17:37:39 +01:00
Marcus Ramberg f834dfad8f nimdow: Add nixos windowmanager option 2023-03-13 11:37:32 -05:00
Vonfry 4e8ad00ae8
fcitx: remove packages and update documentations and aliases to fcitx5 2023-03-13 18:50:05 +08:00
Vonfry 051b74fe7d
nixos/fcitx: deprecated, and suggestions to use fcitx5 instead 2023-03-13 18:47:05 +08:00
Vladimír Čunát 2d51a0e8ad
Merge branch 'master' into staging-next 2023-03-13 08:25:10 +01:00
Martin Weinelt 4472cf44eb
treewide: Make yescrypt the default algorithm for pam_unix.so 
This ensures `passwd` will default to yescrypt for newly generated
passwords.
 2023-03-13 07:54:27 +01:00
Martin Weinelt 0d7cd66652
nixos/users-groups: Update password scheme validation 
Updates the warnings message for statefully set up passwords, now that
weak algorithms have been removed from our libxcrypt package.

Additionall we now add proper validation for hashing schemes used in
`hashedPassword`.

Neither will prevent a rebuiild, but instead issue a warning, that this
requires immediate remediation, or else users will be unable to login.

Reuses the crypt scheme ids as provided by the libxcrypt package.
 2023-03-13 07:54:27 +01:00
Elis Hirwing ce76a6838c
Merge pull request #203487 from jocelynthode/init-readarr 
readarr: init at 0.1.4.1596
 2023-03-13 06:56:35 +01:00
Lassulus 47233b27c9
Merge pull request #167319 from schnusch/cgit 2023-03-13 09:51:08 +07:00
figsoda 928c8115ba nixos/starship: add interactiveOnly option 2023-03-12 21:23:23 -04:00
Ben Wolsieffer b92dae961c nixos/chrony: allow @chown syscall set 
The module was allowing specific chown syscalls, which is brittle because
there are several and different ones are used by glibc on different
architectures. For example, fchownat was already added to the allowlist for
aarch64, while on armv6l chrony crashes because chown32 is not in the
allowlist.

systemd provides the @chown syscall set, which includes all the chown
syscalls and avoids this brittleness. I believe the syscalls would all be
equivalent from an attacker's perspective, so there is unlikely to be any
security impact.
 2023-03-12 18:10:56 -05:00
Martin Weinelt d03d74aa67
Merge remote-tracking branch 'origin/master' into staging-next 
Conflicts:
- pkgs/development/python-modules/aiopulse/default.nix
- pkgs/development/python-modules/identify/default.nix
- pkgs/development/python-modules/spur/default.nix
 2023-03-12 23:28:23 +01:00
nicoo df4faec23b nixos/hidpi: Explicitely refer to fontconfig.nix for the choice of defaults 2023-03-12 21:33:38 +00:00
Jocelyn Thode e7f54823b1
readarr: init at 0.1.4.1596 2023-03-12 20:54:23 +01:00
Guillaume Girol db901673ea
Merge pull request #209156 from pwaller/issue-114594 
nixos/grub: Name initrd-secrets by system, not by initrd
 2023-03-12 18:50:33 +00:00
Vladimír Čunát 1dd94ad62f
Merge branch 'master' into staging-next 2023-03-12 09:06:28 +01:00
Ryan Lahfa ac93edb3ac
Merge pull request #209829 from notgne2/fix/systemd-boot-always-profile-path 
nixos/systemd-boot: always use profile_path() for system closure paths
 2023-03-11 22:08:18 +01:00
Janne Heß 6798068e84
Merge pull request #220555 from lilyinstarlight/feature/fwupd-uefi-capsule 
nixos/fwupd: add settings option for uefi_capsule.conf
 2023-03-11 20:04:32 +01:00
github-actions[bot] feb117e32c
Merge master into staging-next 2023-03-11 18:01:19 +00:00
Jonas Heinrich 161a1ca129
Merge pull request #191974 from tu-maurice/btrbk-doas 
btrbk: Use sudo or doas based on configuration
 2023-03-11 16:10:50 +01:00
Lily Foster 9c1d627508
Merge pull request #208414 from RossComputerGuy/feat/java-binfmt 
nixos/java: add binfmt option
 2023-03-11 10:04:43 -05:00
nachoslover813260 4b0bc9ea72 nixos/plasma5: add ark as an optional package instead 2023-03-11 21:29:24 +08:00
nachoslover813260 9e8f51fc6c Adding Ark as a file archiver 
Since the default plasma desktop already got dolphin-plugins adding ark for archiving would make plasma desktop more complete as well
 2023-03-11 21:29:24 +08:00
Alvar Penning adafbeff4a nixos/restic: generalize cache configuration 
The restic repository cache location defaults to ~/.cache/restic when
not overwritten either by the --cache-dir command line parameter or the
universal RESTIC_CACHE_DIR environment variable.

Currently, the --cache-dir variable is set to only some restic commands,
but, e.g., not to the unit's preStart command for the module's
initialize option. This results in two distinct cache locations, one at
~/.cache/restic for the initialize commands and one at the configured
--cache-dir location for the restic backup command.

By explicitly setting RESTIC_CACHE_DIR for the unit, only one cache at
the correct location will be used.

https://restic.readthedocs.io/en/v0.15.1/manual_rest.html#caching
 2023-03-11 12:59:10 +01:00
github-actions[bot] d165f35883
Merge master into staging-next 2023-03-11 06:01:15 +00:00
Mario Rodas 2ce9b9842b
Merge pull request #219355 from tomfitzhenry/phosh-0.25.1 
phosh: 0.23 -> 0.25.1
 2023-03-10 21:03:33 -05:00
Artturin cab4a24c34 treewide: fix lints 
Arg to lib.optional is a list

build time tool in buildInputs
 2023-03-11 00:55:17 +02:00
Lily Foster 6e6d31f4bc
nixos/fwupd: add settings option for uefi_capsule.conf 2023-03-10 15:25:41 -05:00
Alyssa Ross 8c70bfb9f2
Merge remote-tracking branch 'origin/master' into staging-next 
Conflicts:
	pkgs/development/libraries/librsvg/default.nix
	pkgs/development/python-modules/r2pipe/default.nix
 2023-03-10 18:46:21 +00:00
genesis cab32f0f86 nixos/jellyseerr: init 2023-03-10 16:18:00 +01:00
Yureka 7efee351ec
Merge branch 'gitlab-pages' of github.com:talyz/nixpkgs into HEAD 2023-03-10 14:36:25 +01:00
Martin Weinelt ef91384e6f Merge remote-tracking branch 'origin/master' into staging-next 2023-03-10 13:09:25 +01:00
Sandro Jäckel da2f281453
prometheus: split doc and cli into extra outputs 2023-03-10 11:45:45 +01:00
Sandro bca9ab3d26
Merge pull request #205060 from jslight90/patch-8 
nixos/prometheus: Add new relabel_configs actions
 2023-03-10 11:19:31 +01:00
Stanisław Pitucha 5496585eb8
Merge pull request #186076 from viraptor/gemstash-service 
nixos/gemstash: init module
 2023-03-10 14:21:53 +11:00
Martin Weinelt da1a690688 Merge remote-tracking branch 'origin/master' into staging-next 2023-03-10 01:50:42 +01:00
Artturi eec92afc64
Merge pull request #220374 from Artturin/qt5splicing 2023-03-09 23:26:49 +02:00
Rick van Schijndel 8d8f5ede91
Merge pull request #216451 from Mindavi/hydra/systemd-target 
nixos/hydra: wait for network-online before evaluator start
 2023-03-09 20:53:21 +01:00
Artturin 2cbbef006b qt5: use makeScopeWithSplicing 
if there is more than one qt5 attr and this file is copied then the arg
to generateSplicesForMkScope should be changed
 2023-03-09 21:16:03 +02:00
Ivan Trubach 905be9f8c5 nixos/iso-image: s/efi/EFI in documentation 2023-03-09 19:07:33 +03:00
Ivan Trubach e5b072eca1 nixos/iso-image: add an option to disable BIOS boot 
This change adds an option to disable legacy BIOS boot support for ISO
images. The implementation uses syslinux package that currently does not
support non-x86 platforms and thus cannot be cross-compiled, e.g. from
AArch64 system.
 2023-03-09 19:07:33 +03:00
github-actions[bot] 39f6788067
Merge master into staging-next 2023-03-09 12:01:27 +00:00
Florian Klink 2a278943b5
Merge pull request #220232 from aanderse/nixos/systemd-oomd 
nixos/systemd-oomd: avoid unintentionally creating the systemd-oomd u…
 2023-03-09 10:15:56 +01:00
Domen Kožar 6a231a6eb7
Merge pull request #197613 from shyim/add-coder 
coder: fix web frontend building
 2023-03-09 12:04:16 +04:00
github-actions[bot] 98d00577f6
Merge master into staging-next 2023-03-09 06:01:01 +00:00
Berk D. Demir 147186a95b nixos/binfmt: fix extension for Windows binaries 
Extension based matching for Windows targets define it '.exe' but kernel
documentation explicitly states it should be passed "without the .".

From https://docs.kernel.org/admin-guide/binfmt-misc.html
> * magic:
>   [...] If you chose filename extension matching, this is the
>   extension to be recognised (without the ., the \x0a specials are not
>   allowed).
 2023-03-08 21:07:31 -08:00
Will Fancher 46089f7efe
Merge pull request #217886 from lilyinstarlight/fix/qemu-vm-initrd-mkdir-0755 
nixos/qemu-vm: fix minor typo
 2023-03-08 19:17:28 -05:00
github-actions[bot] c8c1423cd9
Merge master into staging-next 2023-03-09 00:02:23 +00:00
Aaron Andersen 374fc068ec nixos/systemd-oomd: disable systemd-oomd when enableUnifiedCgroupHierarchy is false 
fixup for https://github.com/NixOS/nixpkgs/pull/203596
 2023-03-08 18:39:18 -05:00
Jonas Heinrich 9f10a2e82a
Merge pull request #218633 from onny/networkd-dispatcher-rules 
nixos/networkd-dispatcher: add rules option
 2023-03-08 20:41:06 +01:00
github-actions[bot] 7072ae38b6
Merge master into staging-next 2023-03-08 18:01:34 +00:00
K900 23b0152ffb
Merge pull request #218530 from K900/murmur-dbus 
nixos/murmur: expose dbus
 2023-03-08 18:35:56 +03:00
K900 d8d8b55e7d nixos/murmur: expose dbus 2023-03-08 18:03:51 +03:00
Martin Weinelt 4729f61158 Merge remote-tracking branch 'origin/master' into staging-next 2023-03-08 15:04:13 +01:00
Ilan Joselevich 944436f290
Merge pull request #218921 from wineee/waybar 
nixos/waybar: allow change waybar package to use
 2023-03-08 14:05:03 +02:00
Motiejus Jakštys 2b168ba3f0 headscale: rename oidc.client_secret_file to oidc.client_secret_path 
Headscale now supports passing the OIDC client secret via a file, as
added in [juanfont/headscale#1127][1127]. Lets use that.

The headscale option is `client_secret_path`; let's make it consistent
and rename the Nix option to this. Note that I wasn't able to do this:

    mkRenamedOptionModule [ ... "client_secret_file" ] [ ... "client_secret_path" ]

I get such error:

    error: evaluation aborted with the following error message: 'cannot find attribute `services.headscale.settings.oidc.client_secret_file''

[1127]: https://github.com/juanfont/headscale/pull/1127
 2023-03-08 11:26:45 +02:00
Jonas Heinrich 26e14e57af nixos/networkd-dispatcher: add rules option 2023-03-08 10:20:47 +01:00
rewine ffcf148a8d
nixos/waybar: allow change waybar package to use 
also add waybar package to environment.systemPackages
 2023-03-08 17:16:37 +08:00
Robert Schütz 9af96def95 Merge branch 'master' into staging-next 2023-03-07 21:35:26 -08:00
SharzyL 5e651fe37e
nixos/nexttrace: init 2023-03-08 11:21:06 +08:00
Rick van Schijndel 60446dda1f nixos/hydra: wait for network-online before evaluator start 
This prevents issues I'm seeing with the hydra I'm running on my laptop.
Every time I reboot it I see eval errors like this:

```
error fetching latest change from git repo at `https://github.com/nixos/nixpkgs.git':
fatal: unable to access 'https://github.com/nixos/nixpkgs.git/': Could not resolve host: github.com
```

This is because the evaluator already starts before the network is
actually online. It should wait until the network is fully online before
starting evaluation to prevent evaluation errors like above.
 2023-03-07 21:58:23 +01:00
github-actions[bot] f1b48b2a95
Merge master into staging-next 2023-03-07 18:01:12 +00:00
Izorkin 5eb5d881a4
nixos/nginx: add defaultMimeTypes option 2023-03-07 19:37:18 +03:00
Stanisław Pitucha 70073985ae nixos/gemstash: init module 2023-03-07 15:56:56 +11:00
github-actions[bot] fa94414f70
Merge master into staging-next 2023-03-07 00:02:41 +00:00
Felix Buehler d10e69c86b treewide: deprecate isNull 
https://nixos.org/manual/nix/stable/language/builtins.html#builtins-isNull
 2023-03-06 22:40:04 +01:00
7c6f434c c5b8a7f55b
Merge pull request #218718 from KoviRobi/atop-service-no-previous-logs 
nixos/atop: Don't choke if no existing atop logs
 2023-03-06 20:27:25 +00:00
Martin Weinelt 86eedea2fe Merge remote-tracking branch 'origin/master' into staging-next 2023-03-06 17:38:35 +00:00
Ilan Joselevich edff57cff4
Merge pull request #218455 from veehaitch/gh-runner-builddotnet 
github-runner: switch to `buildDotnetModule`
 2023-03-06 19:11:06 +02:00
Martin Weinelt bcf6c81a88 Merge remote-tracking branch 'origin/master' into staging-next 2023-03-06 16:55:14 +00:00
Valentin Gagarin e16a8baa41
Merge pull request #218830 from fricklerhandwerk/command-line-suggestion 
configuration.nix: suggest a command line program
 2023-03-06 15:59:33 +01:00
Martin Weinelt b04848e5fe Merge remote-tracking branch 'origin/master' into staging-next 2023-03-06 08:21:14 +01:00
Sandro 66ee57d44d
Merge pull request #217555 from SuperSandro2000/nox-qt5-no-self 2023-03-06 01:17:25 +01:00
Naïm Favier 6082d5bd0a
Merge pull request #219549 from SEIAROTg/master 
nixos/wireguard: fix mtu after switching netns.
 2023-03-05 22:56:29 +01:00
Ryan Lahfa c91b85416b
Merge pull request #216015 from r-ryantm/auto-update/dolibarr 
dolibarr: 16.0.3 -> 16.0.4
 2023-03-05 21:19:46 +01:00
Дамјан Георгиевски 83f65146ab nixos/systemd: systemd-growfs* units are real files now 
`systemd-growfs@.service` and `systemd-growfs-root.service` became real units since:
50072ccf1b

we need to add them to the nixos module so growfs works again
 2023-03-05 20:05:00 +01:00
notgne2 ca9f0682fd
nixos/systemd-boot: always use profile_path() for system closure paths 2023-03-05 06:13:45 -07:00
Дамјан Георгиевски d2837a9cb3 nixos/systemd-initrd: create the /tmp mount point in the initrd 
systemd now requires the /tmp mount point in the initrd cpio archive
since https://github.com/systemd/systemd/pull/25723

setting `"/tmp/.keep".text` will create the directory.

this fixes a boot failure:
```
(sd-gens): Failed to overmount /tmp/: No such file or directory
```
 2023-03-05 04:41:08 +01:00
SEIAROTg 5a4dc2128e
nixos/wireguard: fix mtu after switching netns. 
mtu is set after switching netns and thus the new netns should be used.
 2023-03-04 18:51:12 +00:00
Martin Weinelt e93e71ce44 Merge remote-tracking branch 'origin/master' into staging-next 2023-03-04 14:58:24 +01:00
Isa 8225d6db3a smokeping: fix css and js symlink 2023-03-04 14:39:43 +01:00
Izorkin bb5370b8b3
nixos/modules/installer/netboot/netboot-minimal: reduce closure size 2023-03-04 16:19:39 +03:00
K900 3c5319ad3a
Merge pull request #219463 from K900/virtualbox-7.0.6 
virtualbox: 6.1.40 -> 7.0.6
 2023-03-04 15:14:45 +03:00
github-actions[bot] 8480c21d06
Merge master into staging-next 2023-03-04 12:01:17 +00:00
Naïm Favier 45e44c56f1
Merge pull request #217342 from pennae/nrd-html-manual 
nixos-render-docs: add manual html renderer, use it for the nixos manual
 2023-03-04 12:58:38 +01:00
K900 e8fbf83f5e nixos/virtualbox-image: remove the raw image trick 
This is slower, but the raw image thing no longer works with VirtualBox 7.0.6.
 2023-03-04 13:39:50 +03:00
Ryan Lahfa fd09c1bdc5
Merge pull request #214759 from Tom-Hubrecht/borgmatic 
nixos/borgmatic: Allow defining multiple configurations
 2023-03-04 11:38:39 +01:00
Raito Bezarius 51b00a5e89 nixos/web-apps/dolibarr: lib.optionalAttr -> lib.optionalAttrs typo 2023-03-04 11:31:28 +01:00
Frederik Rietdijk 8cf8d77121 Merge master into staging-next 2023-03-04 09:38:25 +01:00
K900 18f85de76d nixos/firewall: assert that the kernel supports conntrack helper auto-loading 2023-03-04 10:53:47 +03:00
Linus Heckemann 48269da315
Merge pull request #206839 from lheckemann/stateless-vms 
nixos/qemu-vm: allow use without a disk image
 2023-03-04 02:02:45 +01:00
Izorkin 3e3367aa6a
nixos/profiles/base: remove duplicate and optimize fsPackages 2023-03-03 23:32:48 +03:00
github-actions[bot] a74c8d03ea
Merge staging-next into staging 2023-03-03 18:01:44 +00:00
Sandro 2665f5e379
Merge pull request #178447 from Francesco149/dendrite-prestart 2023-03-03 18:45:09 +01:00
Tom Fitzhenry 2455dfab0d phosh: 0.23.0 -> 0.25.1 2023-03-04 00:38:29 +11:00
Izorkin 0367cc8b5a
nixos/profiles/base: remove duplicate systemPackages 2023-03-03 16:12:56 +03:00
nicoo fc65af6a74 nixos/hidpi: Minor refactor 2023-03-03 12:42:55 +00:00
nicoo e1220cf121 nixos/hidpi: Don't set subpixel order 
It has no effect with `subpixel.lcdfilter = "none"`.

If the user overrides the module's default, the correct subpixel order
depends on their actual monitor, and cannot be known by this module.
 2023-03-03 12:42:55 +00:00
nicoo b2366655e2 nixos/hidpi: Disable font hinting 
Per the documentation:
> At high resolution (> 200 dpi) hinting will do nothing (at best);
> users of such displays may want to disable this option.
 2023-03-03 12:42:55 +00:00
nicoo f03716715f nixos/hidpi: Disable anti-aliasing 
Per the documentation:
> At high resolution (> 200 DPI), antialiasing has no visible effect;
> users of such displays may want to disable this option.
 2023-03-03 12:42:55 +00:00
Martin Weinelt 0580d85143 Merge remote-tracking branch 'origin/staging-next' into staging 2023-03-03 04:46:31 +01:00
Maximilian Bosch 72f45f225f
Merge pull request #218269 from theHedgehog0/gitea-module-getexe 
nixos/gitea: Move to lib.getExe
 2023-03-02 19:46:45 +01:00
Kasper Gałkowski e141ed8312 stumpwm: fix after major changes to lisp-modules 2023-03-02 19:04:47 +01:00
Pyrox 98dd7f5307
nixos/gitea: Move to lib.getExe 
This makes it so that alternative packages, such as `pkgs.forgejo` are
able to be used instead of the default `pkgs.gitea`.

Also adds myself as a maintainer of the module.

The varible `gitea`, which was used instead of `cfg.package`, has been
replaced with the variable `exe`, and is instead the value of the main
executable, as gotten from `lib.getExe`. `cfg.package` is used when this
value is not appropriate.
 2023-03-02 12:16:30 -05:00
Maximilian Bosch f8bbedfcac
Merge pull request #219073 from IndeedNotJames/gitea-gpg 
nixos/gitea: fix commit signing (`gpg`) core dump, add nixos test
 2023-03-02 17:24:02 +01:00
github-actions[bot] 6c8444842c
Merge staging-next into staging 2023-03-02 12:02:00 +00:00
Arian van Putten 17ca3dd2a6
Merge pull request #217852 from justinas/teleport-12 
teleport: 11.3.4 -> 12.0.2, reintroduce teleport_11
 2023-03-02 11:18:24 +01:00
Luke Granger-Brown b3c09089e4
Merge pull request #215750 from puppe/fix-paperless 
nixos/paperless: download NLTK data
 2023-03-02 10:00:46 +00:00
illustris 653d1f0534
nixos/hbase: add examples for options 2023-03-02 15:03:10 +05:30
Yureka 55da71c10e
nixos/nftables: add checkRuleset option (#216531) 
* nixos/nftables: add checkRuleset option

* lkl: 2022-05-18 -> 2023-01-27
 2023-03-02 10:28:01 +01:00
github-actions[bot] f61eca4e68
Merge staging-next into staging 2023-03-02 06:01:44 +00:00
Bobby Rong 3374c1ab48
Merge pull request #219004 from bobby285271/fix/pantheon-add-mutter-udev 
nixos/pantheon: add mutter to services.udev.packages
 2023-03-02 09:55:20 +08:00
IndeedNotJames 93c1d370db
nixos/gitea: fix commit signing (gpg) core dump 
Gitea spawns `gpg` processes for commit signing related actions.
Those `gpg` processes need `mlock` (probably to prevent secrets
in the memory to swap).
Blocking it (as part of the `@memlock` preset) causes any
commit signing related actions to error out as http/500
 2023-03-01 23:44:21 +01:00
github-actions[bot] 736c488efe
Merge staging-next into staging 2023-03-01 18:01:48 +00:00
K900 1e00e82f9d
Merge pull request #218437 from K900/x11-default-modesetting 
nixos/x11: default to the modesetting driver
 2023-03-01 17:51:04 +03:00
Sandro 86053e5ec2
dgraph: use --prefix to prefix PATH 
This is more robust in case PATH is empty or otherwise weird.
 2023-03-01 13:55:30 +01:00
Bobby Rong 1f9308f005
nixos/pantheon: add mutter to services.udev.packages 
For ./lib/udev/rules.d/61-mutter.rules

Same as d1eeb64. This is forgotten in PR 130380.
 2023-03-01 10:00:53 +08:00
Martin Weinelt 3686005e6e Merge remote-tracking branch 'origin/staging-next' into staging 2023-02-28 21:17:51 +00:00
maxine 7ceeb440c1
Merge pull request #213604 from mikroskeem/feature/docker-local-log-driver 
nixos/docker: add "local" as valid logDriver option
 2023-02-28 21:47:55 +01:00
Valentin Gagarin 4e0525a8cd configuration.nix: suggest a command line program 
adding two graphical programs makes a strong assmuption that users will
use a graphical environment.

add a command line program as an alternative suggestion that is easy to
comment in as a first-steps measure.
 2023-02-28 17:16:03 +01:00
github-actions[bot] 445e4a4069
Merge staging-next into staging 2023-02-28 12:01:54 +00:00
Justinas Stankevicius 31b5597cbd nixos/teleport: add "package" option 2023-02-28 13:22:50 +02:00
Jon Seager cad6488509
nixos/multipass: typo s/SyslogIdentifer/SyslogIdentifier/ 2023-02-28 10:45:38 +00:00
zowoq 48642c634e podman: remove wrapper 
trying to get all of the podman functionality to work with the wrapper
 is becoming more complicated with each release, it isn't sustainable

removing the wrapper does mean that using extraPackages will need to build from source

- remove unnecessary serviceConfig overrides

- set HELPER_BINARIES_DIR to libexec/podman

- use install.bin target on linux for podman/tmpfiles
  - also installs quadlet/rootlessport in libexec

- symlink binaries from helpersBin into HELPER_BINARIES_DIR

- remove unnecessary rootlessport output

- remove unnecessary substituteInPlace
 2023-02-28 18:08:29 +10:00
github-actions[bot] 51c18e4be1
Merge staging-next into staging 2023-02-28 06:01:38 +00:00
Robert Kovacsics 476bb88308 nixos/atop: Don't choke if no existing atop logs 2023-02-28 00:22:11 +00:00
Luke Granger-Brown 997d8d5870
Merge pull request #218618 from dali99/headscale-openid 
nixos/headscale: update oidc options
 2023-02-28 00:21:04 +00:00
github-actions[bot] 387a5e220d
Merge staging-next into staging 2023-02-28 00:03:08 +00:00
Jared Baur ea0dc2c5eb
nixos/avahi: add denyInterfaces option 2023-02-27 15:41:53 -08:00
Will Fancher ace4d26ccc
Merge pull request #217887 from lilyinstarlight/fix/allow-overriding-systemd-initrd-bins 
nixos/systemd-initrd: allow overriding initrdBin with extraBin
 2023-02-27 17:43:30 -05:00
Stefan Frijters 2af041ab44 nixos/gitlab-runner: do not pull in Docker if gitlab-runner-clear-docker-cache is disabled 
Only create the service if the option is enabled and if any docker executors exist.
 2023-02-27 22:24:14 +01:00
Robert Hensing 692a1033ff
Merge pull request #218365 from winterqt/revert-static-gid-migration 
Revert systemd-coredump and polkit static GIDs
 2023-02-27 20:16:57 +01:00
Eelco Dolstra 056b679c35 nix-fallback-paths.nix: Update to 2.13.3 2023-02-27 10:40:18 -08:00
Luke Granger-Brown f43347d8a3
Merge pull request #214346 from SFrijters/postfix-ipv4 
nixos/postfix: restrict inet_protocols to ipv4 when ipv6 is disabled
 2023-02-27 18:24:53 +00:00
github-actions[bot] 40707bbbb3
Merge staging-next into staging 2023-02-27 18:02:06 +00:00
Cabia Rangris f8b026c478
Merge pull request #218637 from Luflosi/klipper-fix-typo 
nixos/klipper: fix assert message to match actual assertion
 2023-02-27 21:17:18 +04:00
Soner Sayakci ff7dfcba57 nixos/opensearch: fix opensearch startup 2023-02-27 16:07:12 +00:00
Luflosi 2378d1a214
nixos/klipper: fix assert message to match actual assertion 
This error was introduced in 849c40b5f5.
 2023-02-27 17:04:48 +01:00
Daniel Olsen ea31ef91af nixos/headscale: update oidc options 2023-02-27 15:17:16 +01:00
github-actions[bot] 5e46cfeba0
Merge staging-next into staging 2023-02-27 12:01:41 +00:00
Riley c713217380
nixos/k3s: add environmentFile as an option 
* k3s: add environmentFile option

Enabling to include secrets through configuration such as 'sops'

* Update nixos/doc/manual/release-notes/rl-2305.section.md

Co-authored-by: Jairo Llopis <973709+yajo@users.noreply.github.com>
 2023-02-27 08:15:25 -03:00
github-actions[bot] 288c9d7892
Merge staging-next into staging 2023-02-27 06:01:44 +00:00
schnusch bbc988ba00 nixos/matrix-synapse: fix .well-known delegation of federated traffic 
Synapse is reverse-proxied on ${fqdn} not ${config.networking.domain} and
the .well-known delegation info must point to the domain on which synapse
is hosted, see https://matrix-org.github.io/synapse/latest/delegate.html
 2023-02-27 02:02:35 +01:00
github-actions[bot] 405409fce7
Merge staging-next into staging 2023-02-26 22:01:26 +00:00
Sergei Trofimovich e7e072d05a Merge remote-tracking branch 'origin/staging-next' into staging 
Conflicts:
	pkgs/top-level/python-aliases.nix

Trivial conflict of multiple added aliases.
 2023-02-26 21:53:22 +00:00
Robert Schütz 9e1d4dff3e nixos/openvpn: use writeShellScript 
Previously the upScript would fail with

    Syntax error: "(" unexpected (expecting "done")

on line 7 if /bin/sh is not bash.
 2023-02-26 10:12:28 -08:00
illustris 7e4e6e8bd7
nixos/ec2: don't populate nonexistent metadata files 2023-02-26 23:25:09 +05:30
Vincent Haupert 137db83090 nixos/github-runners: use Runner.Listener directly for registration 
Nothing the script `config.sh` does prior to the final call to
`Runner.Listener configure` is relevant for the systemd service.
Particularly, we don't need (nor want) any of the artifacts the `env.sh`
script creates.
 2023-02-26 15:39:19 +01:00
K900 82964d1694 nixos/x11: default to the modesetting driver 
The upstream drivers are very dead:
- nouveau:
   - https://gitlab.freedesktop.org/xorg/driver/xf86-video-nouveau/-/commits/master
   - last meaningful change in August 2020
- ati (aka radeon):
   - https://gitlab.freedesktop.org/xorg/driver/xf86-video-ati/-/commits/master
   - last meaningful change in April 2020
- amdgpu:
   - https://gitlab.freedesktop.org/xorg/driver/xf86-video-amdgpu/-/commits/master
   - barely alive, mostly thanks to Valve people

Modesetting isn't even the future, it's the now, especially with Wayland.
We should embrace it.
 2023-02-26 16:11:13 +03:00
Aaron Andersen d8c0a9204a
Merge pull request #217834 from yaxitech/gh-runner-workdir-clean 
nixos/github-runners: clean `workDir` as root
 2023-02-26 08:05:05 -05:00
Vladimír Čunát 30e272bc04
Merge #216499: staging-next 2023-02-15 2023-02-26 10:11:50 +01:00
happysalada 8872f52732 qdrant: service module init 2023-02-26 01:33:15 -05:00
github-actions[bot] de3f71e277
Merge staging-next into staging 2023-02-26 06:02:30 +00:00
github-actions[bot] 399e2c78d4
Merge master into staging-next 2023-02-26 06:01:09 +00:00
Winter ee6517a915 Revert "nixos/polkit: guard static gid for polkituser behind state version" 
This reverts commit 2265160fc0 and
e56db577a1.

Ideally, we shouldn't cause friction for users that bump `stateVersion`,
and I'd consider having to switch and/or manually hardcode a UID/GID
to supress the warning friction. I think it'd be more beneficial to, in
this rare case of an ID being missed, just let it be until more
discussion happens surrounding this overall issue.

See https://github.com/NixOS/nixpkgs/pull/217785 for more context.
 2023-02-25 22:32:16 -05:00
Winter 15f1369b95 Revert "nixos/systemd-coredump: guard static gid for systemd-coredump behind state version" 
This reverts commits f5483464d5 and
6b9583e5e1.

Ideally, we shouldn't cause friction for users that bump `stateVersion`,
and I'd consider having to switch and/or manually hardcode a UID/GID
to supress the warning friction. I think it'd be more beneficial to, in
this rare case of an ID being missed, just let it be until more
discussion happens surrounding this overall issue.

See https://github.com/NixOS/nixpkgs/pull/217785 for more context.
 2023-02-25 22:31:56 -05:00
Nick Cao e0bf055d99
Merge pull request #217785 from NickCao/ugid 
nixos/{polkit,systemd-coredump}: guard static gid behind state version
 2023-02-26 09:44:56 +08:00
Jan Tojnar 9bb986284f Merge branch 'staging-next' into staging 
# Conflicts:
#	pkgs/development/python-modules/mdp/default.nix
#	pkgs/top-level/python-aliases.nix
 2023-02-26 01:13:37 +01:00
github-actions[bot] 348549a031
Merge master into staging-next 2023-02-26 00:02:44 +00:00
Lily Foster c56e5ef801 nixos/users-groups: update option description to clarify initial* option precedence 2023-02-25 14:27:35 -05:00
Lily Foster bfa0bff644 nixos/update-users-groups: let hashedPassword take precedence over initialHashedPassword 
Without this change, users that have both `initialHashedPassword` and
`hashedPassword` set will have `initialHashedPassword` take precedence,
but only for the first time `/etc/passwd` is generated. After that,
`hashedPassword` takes precedence. This is surprising behavior as it
would generally be expected for `hashedPassword` to win if both are set.

This wouldn't be a noticeable problem (and an assert could just be made
instead) if the users-groups module did not default the
`root.intialHashedPassword` value to `!`, to prevent login by default.
That means that users who set `root.hashedPassword` and use an ephemeral
rootfs (i.e. `/etc/passwd` is created every boot) are not able to log in
to the root account by default, unless they switch to a new generation
during the same boot (i.e. `/etc/passwd` already exists and
`hashedPassword` is used instead of `initialHashedPassword`) or they set
`root.initialHashedPassword = null` (which is unintuitive and seems
redundant).
 2023-02-25 14:27:35 -05:00
github-actions[bot] 78fc07ec20
Merge master into staging-next 2023-02-25 00:02:47 +00:00
superherointj 371c7b8239
Merge pull request #217718 from Kiskae/nvidia/unbreak-6.2 
linuxPackages_6_2.nvidia_x11: disable ibt
 2023-02-24 17:46:26 -03:00
Nicola Squartini a2eeaddea2
nixos/nextcloud: support SSE-C for S3 primary storage 
Add configuration option to enable [server-side encryption with
customer-provided keys][1] (SSE-C) when using S3 as primary storage in
Nextcloud.

[1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerSideEncryptionCustomerKeys.html
 2023-02-24 16:59:41 +01:00
github-actions[bot] 13fb68e8cf
Merge staging-next into staging 2023-02-24 12:01:52 +00:00
github-actions[bot] 2384cd723b
Merge master into staging-next 2023-02-24 12:01:20 +00:00
Sandro 83b8193be9
Merge pull request #201780 from helsinki-systems/init/nextcloud-notify-push 
nextcloud-notify-push: init at 0.5.0
 2023-02-24 12:10:02 +01:00
Martin Puppe ebdfdae156 nixos/paperless: download NLTK data 
Since version 1.10.0 paperless-ngx depends on the NLTK library which is
used to pre-process data for machine learning. NLTK needs certain
data for stemming, stopword removal etc. This data has to be downloaded
first. This commit introduces a new systemd service that does the
downloading.
 2023-02-23 21:34:49 +01:00
Lily Foster 5210ddc701
nixos/systemd-initrd: allow overriding initrdBin with extraBin 
Being able to override `boot.initrd.systemd.initrdBin` with `boot.initrd.systemd.extraBin` is a desirable behavior, so this PR changes the `ln -s` command to `ln -sf` to force link even if the file already exists.
 2023-02-23 13:23:15 -05:00
Lily Foster e78dc938d8
nixos/qemu-vm: fix minor typo 
The typo creates an empty directory 0755 in initrd rootfs rather than
create the Nix store directories with mode 0755.

I guess setting the mode is not strictly necessary if it worked before
this change, but I'll leave the `-m 0755` in just in case.
 2023-02-23 13:01:53 -05:00
github-actions[bot] 3cdd771820
Merge staging-next into staging 2023-02-23 18:01:49 +00:00
Alyssa Ross 52c286ee5b
Merge remote-tracking branch 'origin/master' into staging-next 
Conflicts:
	pkgs/development/libraries/pmdk/default.nix
 2023-02-23 13:51:34 +00:00
Naïm Favier 129b6f7812
Merge pull request #216504 from ncfavier/unbound-state-dir-writable 
nixos/unbound: make stateDir writable
 2023-02-23 14:23:53 +01:00
Bernardo Meurer ef9030a3ba
Merge pull request #216430 from peterhoeg/m/qmk 2023-02-23 12:14:31 +00:00
github-actions[bot] 5dc5c20564
Merge staging-next into staging 2023-02-23 12:01:43 +00:00
github-actions[bot] 390b789c39
Merge master into staging-next 2023-02-23 12:01:07 +00:00
Profpatsch d316c28a30 modules/github-runner: Improve tokenFile docs 
We’ve been having trouble figuring out which kind of token to use and
why our setup would break every few system updates.

This should clarify which options there are, and which ones lead to
better results.

Ideally there would be a manual section that has a step-by-step guide
on how to set up the github runner, with screenshots and everything.
 2023-02-23 12:37:30 +01:00
Nick Cao f5483464d5
nixos/systemd-coredump: guard static gid for systemd-coredump behind state version 2023-02-23 17:07:50 +08:00
Nick Cao 2265160fc0
nixos/polkit: guard static gid for polkituser behind state version 2023-02-23 17:07:49 +08:00
Vincent Haupert 36949b9718 nixos/github-runners: clean workDir as root 
Purge contents of `workDir` as root to also allow the removal of files
marked as read-only. It is easy to create read-only files in `workDir`,
e.g., by copying files from the Nix store.
 2023-02-23 09:05:27 +01:00
github-actions[bot] 36f198081c
Merge staging-next into staging 2023-02-23 06:01:36 +00:00
github-actions[bot] 010946fcbd
Merge master into staging-next 2023-02-23 06:01:03 +00:00
Weijia Wang b65d2ea436
Merge pull request #192672 from amjoseph-nixpkgs/pr/nixos/sd/powerpc64le 
enable NixOS installer for powerpc64le
 2023-02-23 07:09:46 +02:00
Adam Joseph f99e8bafe6 nixos/installer: add sd-image-powerpc64le.nix 
This builds on top of nixpkgs mainline 00d8347180
with the following two PRs cherry-picked:

- https://github.com/NixOS/nixpkgs/pull/192670
- https://github.com/NixOS/nixpkgs/pull/192668

using the following command:

```
nix build -f nixos -L \
  -I nixos-config=nixos/modules/installer/sd-card/sd-image-powerpc64le.nix \
  config.system.build.sdImage
```

I was able to successfully boot the image, although it boots to a login prompt
rather than a shell, and won't accept the empty password for `root`.  I guess
I'll have to figure out why that is.

To boot the image: `zstd`-decompress the it, mount it, and use `kexec`:

```
cd boot/nixos
kexec -l \
  *-vmlinux \
  --initrd *-initrd \
  --dt-no-old-root \
  --command-line="$(grep APPEND ../extlinux/extlinux.conf | sed 's_^ *APPEND *__')"
```

The machine I used for testing has only one storage device which is completely
allocated to LVM.  It appears that the NixOS ISO loader doesn't look for
partition tables within LVM volumes.  To work aroundn this, I had to extract the
`ext4` image within the partition table within the `sd-card` image and put that
in its own LVM volume.  This likely won't be an obstacle for users who write the
image to a USB stick or similar.
 2023-02-23 06:18:52 +02:00
Robert Schütz 89c8ef30a6 nixos/imaginary: bind to localhost by default 2023-02-22 17:37:36 -08:00
Henri Menke 64be5cc145
nixos/alps: fix embarrasing typo 2023-02-22 20:41:17 +01:00
github-actions[bot] 9c68d30a50
Merge staging-next into staging 2023-02-22 18:01:38 +00:00
github-actions[bot] 68dd6912f3
Merge master into staging-next 2023-02-22 18:01:07 +00:00
Kiskae d120c53077 linuxPackages_6_2.nvidia_x11: disable ibt 2023-02-22 18:08:41 +01:00
K900 8a678a16f8
Merge pull request #217578 from eduarrrd/pam 
PAM service fixups for plasma5 and sddm
 2023-02-22 16:30:02 +03:00
Sandro Jäckel 5e5a84b193
nixos/nginx: add recommendedZstdSettings 2023-02-22 13:59:53 +01:00
github-actions[bot] 67e4f6dde0
Merge staging-next into staging 2023-02-22 12:02:05 +00:00
github-actions[bot] 0f910f5664
Merge master into staging-next 2023-02-22 12:01:31 +00:00
Nick Cao d377d9bc2e
Merge pull request #216785 from 1sixth/set-polkituser-gid 
nixos/polkit: set static gid for polkituser
 2023-02-22 18:14:40 +08:00
github-actions[bot] f95edd46da
Merge staging-next into staging 2023-02-22 06:01:53 +00:00
github-actions[bot] 77f501b5df
Merge master into staging-next 2023-02-22 06:01:21 +00:00
1sixth e56db577a1
nixos/polkit: set static gid for polkituser 
polkituser needs a group since https://github.com/NixOS/nixpkgs/pull/130522.
 2023-02-22 08:46:55 +08:00
github-actions[bot] a13cd94b7b
Merge staging-next into staging 2023-02-22 00:03:12 +00:00
github-actions[bot] 3cd1b92b06
Merge master into staging-next 2023-02-22 00:02:34 +00:00
Luflosi e5ffc94ea9
nixos/mautrix-facebook: fix copy&paste error 
Closes https://github.com/NixOS/nixpkgs/issues/166312.
 2023-02-22 00:03:19 +01:00
Sandro 5b7d323435
Merge pull request #216909 from emilytrau/tailscale-tweaks 2023-02-21 23:21:09 +01:00
Eduard Bachmakov 45a6488f9c nixos/sddm + nixos/plasma5: switch PAM service to login. 
GDM and LightDM are already using this approach. It also allows us to
enable Kwallet integration more globally without generating stray PAM
services.

The default configuration of login service includes both options sddm
was setting explicitly.
 2023-02-21 22:48:09 +01:00
Eduard Bachmakov 2ca5a88f8e nixos/plasma5: remove non-existant/unused PAM service configs. 
This removes two unused service configs from /etc/pam.d/ and, more
importantly, reduces confusion.

* kdm no longer exists in nixpkgs
* `pam.d/gdm` is not used by gdm
* `pam.d/lightdm` IS used by lightdm but hardcoded using .text rather
  than attrset+template.
 2023-02-21 22:28:32 +01:00
Sandro Jäckel a4f63a6e77
nixos/no-x-libs: hide qt5's self 2023-02-21 21:14:08 +01:00
github-actions[bot] 9acd1eb7fd
Merge staging-next into staging 2023-02-21 18:01:45 +00:00
github-actions[bot] fd8dd0c966
Merge master into staging-next 2023-02-21 18:01:08 +00:00
pennae 3794c04d79 nixos/manual: fix manpage links 
{manpage} already exapnds to a link but akkoma wants to link to
a specific setting. split the mention for clarity.

networkd just straight up duplicated what {manpage} generates anyway, so
that link can go away completely.
 2023-02-21 18:26:39 +01:00
Dominic Shelton 38593bc3c0 nixos/flipperzero: init 2023-02-21 17:45:14 +01:00
ajs124 bdb0566f8b nixos/nextcloud-notify_push: use lib.genAttrs 2023-02-21 15:53:27 +01:00
ajs124 6c24a28ea6 nixos/nextcloud-notify_push: add some restart config to the service 2023-02-21 15:05:17 +01:00
ajs124 671bd1ef7a nixos/nextcloud-notify_push: add database options 2023-02-21 15:05:16 +01:00
ajs124 1f0aa74c8f nixos/nextcloud-notify_push: init 2023-02-21 15:05:16 +01:00
github-actions[bot] 8d3dc41d38
Merge staging-next into staging 2023-02-21 12:02:07 +00:00
github-actions[bot] a160ec1116
Merge master into staging-next 2023-02-21 12:01:36 +00:00
Martin Weinelt 0663b90f54
Merge pull request #213232 from mweinelt/tts-module 
nixos/tts: init
 2023-02-21 11:33:20 +00:00
Martin Weinelt 198713cf82
nixos/tts: init 
Provide a module to configure Coqui TTS, available as `tts` in nixpkgs
for a few releases already.

The module supports multiple servers in parallel, so multiple languages
and testing scenarios can be covered, without affecting any production
usage.
 2023-02-21 11:59:17 +01:00
Franz Pletz 0e6e15e124
Merge pull request #216815 from R-VdP/flashrom-udev-rules 
flashrom: use a udev uaccess tag instead of introducing a custom flashrom group
 2023-02-21 11:41:53 +01:00
Sandro 7606d0e004
Merge pull request #199798 from j2ghz/patch-1 
Add package override to mimir
 2023-02-21 09:37:57 +01:00
github-actions[bot] 2d285b1590
Merge staging-next into staging 2023-02-21 06:01:33 +00:00
github-actions[bot] af79979d58
Merge master into staging-next 2023-02-21 06:01:00 +00:00
Aaron Andersen ab8815a4b6
Merge pull request #215789 from bb2020/mbpfan 
nixos/mbpfan: add aggressive option
 2023-02-20 22:24:11 -05:00
Martin Weinelt d92d6030be
Merge pull request #217089 from mweinelt/hass-pythonpath 
home-assistant: Load optional deps from PYTHONPATH
 2023-02-21 00:52:47 +00:00
github-actions[bot] fc3641aa1e
Merge staging-next into staging 2023-02-21 00:03:04 +00:00
github-actions[bot] e3e8374b6f
Merge master into staging-next 2023-02-21 00:02:33 +00:00
Martin Puppe 8bc615d0e0 nixos/yggdrasil: correct documentation 
The option `LinkLocalTCPPort` does not exist anymore in recent versions
of Yggdrasil. The port for incoming link-local connections is now
configured as part of the `MulticastInterfaces` option. Our
documentation should reflect that.
 2023-02-20 23:10:54 +01:00
Martin Puppe cf8b1fb85e nixos/yggdrasil: support HJSON files as configFile 
Yggdrasil uses HJSON as its configuration file format. The NixOS module
meanwhile only supports pure JSON. This commit adds support for HJSON
files.
 2023-02-20 23:10:54 +01:00
Martin Puppe 78ac812356 nixos/yggdrasil: fix configFile option 
As far as I can tell the configFile option cannot have worked as
intended. The Yggdrasil systemd service uses a dynamic user. As it was,
there was no way to set the correct permissions on a config file
beforehand which would allow the dynamic user to read the config file
without making it readable for all users. But since the config file can
contain a private key it *must not* be world-readable.

The file must only be readable by root. The file has to be copied and
the permissions have to be fixed during service startup. This can either
be done in a ExecStartPre directive with the '+' prefix (which executes
that command with elevated privileges), or it can be done more
declarative with the LoadCredential directive. I have chosen the latter
approach because it delegates more work to systemd itself. It should be
noted that this has the minor tradeoff that the config file must not be
larger than 1 MB. This is a limit which systemd imposes on credential
files. But I think 1 MB ought to be enough for anybody ;).
 2023-02-20 23:04:24 +01:00
Martin Puppe 9b2e2e8006 nixos/yggdrasil: nixpkgs-fmt 2023-02-20 22:02:59 +01:00
Will Fancher bb7cd63150
Merge pull request #215381 from lilyinstarlight/fix/make-initrd-ng-wrapped-executables 
make-initrd-ng: support wrapped executables
 2023-02-20 14:11:48 -05:00
github-actions[bot] e579b2b641
Merge staging-next into staging 2023-02-20 18:02:05 +00:00
github-actions[bot] 08d46af354
Merge master into staging-next 2023-02-20 18:01:32 +00:00
Martin Weinelt e01ccd6245
home-assistant: Inject extra dependencies through PYTHONPATH 
Injecting configuration specific dependencies into the
propagatedBuildInputs of the home-assistant package forces alot of
rebuilds while setting up home-assistant, which is annoying.

By passing optional dependencies into home-assistant via the systemd
units PYTHONPATH environment variable, only he concatenation of
library paths in the systemd unit requires a rebuild.

This also means users can rely heavily on the cached home-assistant
package and will rarely have to build from source, if ever.
 2023-02-20 18:37:20 +01:00
Joachim Breitner 20c135b191 docs: borg expects --rsh, not -rsh 2023-02-20 18:02:28 +01:00
Kim Lindberger e0c0a6c80c
Merge pull request #215523 from talyz/discourse-3.1.0.beta2 
discourse: 2.9.0.beta14 -> 3.1.0.beta2
 2023-02-20 13:58:05 +01:00
Lily Foster 1fa1b58c25
nixos/console,nixos/systemd-initrd: remove now-unnecessary wrapped bin inclusions 2023-02-20 07:02:55 -05:00
github-actions[bot] 8e4dd5face
Merge staging-next into staging 2023-02-20 06:02:09 +00:00
github-actions[bot] b629ad5e83
Merge master into staging-next 2023-02-20 06:01:33 +00:00
Nick Cao 902b5229e2
Merge pull request #216922 from NickCao/mautrix-telegram 
mautrix-telegram: unstable-2023-01-28 -> unstable-2023-02-16, with dependency and module updates
 2023-02-20 08:56:43 +08:00
Bernardo Meurer 39182edca4
Merge pull request #217196 from NixOS/linux-firmware-update 2023-02-20 00:54:25 +00:00
github-actions[bot] 539195e509
Merge staging-next into staging 2023-02-20 00:03:04 +00:00
github-actions[bot] 4a14359163
Merge master into staging-next 2023-02-20 00:02:26 +00:00
Bernardo Meurer fc9e3696e0
rtw89-firmware: drop 2023-02-19 23:26:53 +00:00
Yureka c683aaaa1d
nixos/nixos-containers: add specialArgs option (#216677) 2023-02-19 21:25:04 +01:00
bb2020 1e75de336c nixos/mbpfan: add aggressive option 2023-02-19 16:57:07 +03:00
github-actions[bot] 1ce3b0f272
Merge staging-next into staging 2023-02-19 12:02:03 +00:00
github-actions[bot] 85ba84c218
Merge master into staging-next 2023-02-19 12:01:25 +00:00
Jonas Heinrich 553c376a49 nixos/networkd-dispatcher: init 2023-02-19 04:42:25 -05:00
Nick Cao a1291d0d02
Merge pull request #205784 from Eliot00/v2raya-fix 
v2raya: v2rayA should start after nftables
 2023-02-19 15:08:29 +08:00
github-actions[bot] 8c0220980d
Merge staging-next into staging 2023-02-19 00:03:03 +00:00
github-actions[bot] a1eb3e0b3e
Merge master into staging-next 2023-02-19 00:02:27 +00:00
Kim Lindberger 30ed4863cd
Merge pull request #209147 from vojta001/parsedmarc_grafana 
nixos/parsedmarc: fix Grafana provisioning
 2023-02-18 23:38:33 +01:00
Sandro 6c611e8ff0
Merge pull request #216159 from Cynerd/gitlab-runner-bash-quote 2023-02-18 19:54:37 +01:00
github-actions[bot] 0e856cc7de
Merge staging-next into staging 2023-02-18 18:01:58 +00:00
github-actions[bot] 05782cfb75
Merge master into staging-next 2023-02-18 18:01:22 +00:00
Florian Klink 4bfb6411e3
Merge pull request #215188 from ElvishJerricco/binfmt-bad-setting-fix 
binfmt: Don't create invalid service with no registrations
 2023-02-18 15:39:46 +01:00
Nick Cao 2cf8e2f7ad
nixos/mautrix-telegram: add ffmpeg-full to path 
Used for converting tgs to webm and webp format, as well as generating
video thumbnails. Using ffmpeg-full for webp support.
 2023-02-18 15:40:55 +08:00
Emily Trau 949b1df785 nixos/tailscale: fix config priority conflict 2023-02-18 13:28:04 +11:00
github-actions[bot] c466fa7ff4
Merge staging-next into staging 2023-02-18 00:02:56 +00:00
github-actions[bot] 69a8c9e227
Merge master into staging-next 2023-02-18 00:02:21 +00:00
Jonas Heinrich 13ff144c70 nixos/maddy: Add option ensureAccounts 2023-02-17 17:42:27 -05:00
Lin Jian 405919c6c9 nixos/kanata: misc improvements 
- simplify some descriptions
- use getExe instead of hardcoding a binary path
- remove a unneeded "lib."
 2023-02-17 22:34:38 +01:00