tobias/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-11-17 21:25:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
687755 commits 216 branches 129 tags 15 GiB
Commit graph

44782 commits

Author SHA1 Message Date
h7x4 f88d5e23d9
nixos/bacula: add system-bacula.slice (#338739) 2024-09-21 17:07:20 +02:00
h7x4 b12aa4265c
nixos/ups: add system-ups.slice (#338556) 2024-09-21 17:05:26 +02:00
zendo fe0d4615fe clash-verge: remove 2024-09-21 22:31:17 +08:00
Daniel Nagy fdf019979e
nixos/jenkinsSlave: remove with lib; 2024-09-21 16:30:00 +02:00
K900 1f9fc918ce treewide: use pkgs.nixos-enter instead of config.system.build.nixos-enter 2024-09-21 16:13:36 +03:00
K900 5dcbab6b74 nixos/tools: continue cleanup 
- remove with lib
- shuffle some things around for readability
- add separate options for each tool
 2024-09-21 16:10:32 +03:00
github-actions[bot] d3ae261fc3
Merge master into staging-next 2024-09-21 12:05:16 +00:00
Maximilian Bosch 789562caae
Merge: nixos/tests: add postgresql wal2json test (#315095) 2024-09-21 13:27:22 +02:00
Masum Reza 3f3cc85de3
nixos/nautilus-open-any-terminal: only set NAUTILUS_4_EXTENSION_DIR in non GNOME environment (#343447) 2024-09-21 16:43:30 +05:30
Daniel Nagy 608bd15ce5
nixos/i2pd: remove with lib; 2024-09-21 12:45:00 +02:00
Sandro a2fe2c872a
tailscale: only autoconnect after backend is up (#338210) 2024-09-21 11:27:18 +02:00
linsui c9f8285f05 nixos/nautilus-open-any-terminal: only set NAUTILUS_4_EXTENSION_DIR in non GNOME environment 2024-09-21 16:28:55 +08:00
Daniel Nagy 84b8922e82
nixos/darkhttpd: remove with lib; 2024-09-21 09:00:00 +02:00
Daniel Nagy 991fd5f462 nixos/yggdrasil: add nagy as maintainer 2024-09-21 06:30:54 +00:00
Daniel Nagy cb7635612e nixos/yggdrasil: remove with lib; 2024-09-21 06:30:54 +00:00
github-actions[bot] 754402a237
Merge staging-next into staging 2024-09-21 00:13:41 +00:00
Nick Cao a1d92660c6
hydra: 0-unstable-2024-09-15 -> 0-unstable-2024-09-20 (#338902) 2024-09-20 18:35:44 -04:00
Ryan Horiguchi c26ca03c4d nixos/dnsmasq: remove deprecated option "extraConfig" 2024-09-20 22:44:16 +02:00
Will Fancher a0165bd5af nixos/systemd/tpm2: Enable tpm2-setup and tpm2.target 
tpm2.target was functionally useless without these services and this
generator. When systemd-cryptsetup-generator creates
systemd-cryptsetup@.service units, they are ordered after
systemd-tpm2-setup-early.service, not tpm2.target. These services are
themselves ordered after tpm2.target.

Note: The systemd-tpm2-setup(-early) services will serve no *function*
under a normal NixOS system at the moment. Because of their
ConditionSecurity=measured-uki, they will always be skipped, unless
you are building an appliance with the system.build.uki feature. Thus,
these are enabled solely for their systemd unit ordering properties.
 2024-09-20 14:33:36 -04:00
Will Fancher 5034450095 nixos/systemd: Factor out tpm2 support into separate module 2024-09-20 14:33:35 -04:00
github-actions[bot] 7fc19ff961
Merge staging-next into staging 2024-09-20 18:05:01 +00:00
Ryan Lahfa fed418aaf1
add support for building fully dm-verity protected images with systemd-repart (#343252) 2024-09-20 19:59:50 +02:00
Quag 3115573f29 zutty: init at 0.16-unstable-2024-08-18 2024-09-20 19:24:35 +02:00
Adam C. Stephens d6ef7833cc
lxc/incus LTS upgrades: 6.0.1 -> 6.0.2 (#343058) 2024-09-20 12:42:44 -04:00
superherointj e9002b6b54 nixosTests.k3s.{single-node,multi-node}: nixfmt 2024-09-20 13:08:41 -03:00
superherointj 05e13bffe1 nixosTests.k3s.{single-node,multi-node}: enable check-config for aarch64 2024-09-20 12:54:58 -03:00
WilliButz 56d038e17d
nixos/tests/appliance-repart-image-verity-store: init 
This test should illustrate how to build a verity-protected NixOS image
with systemd-repart, using the opinionated image.repart.verityStore module.
 2024-09-20 17:35:49 +02:00
WilliButz 942588c686
nixos/repart-verity-store: init 
This module provides some abstraction for a multi-stage build to create
a dm-verity protected NixOS repart image.

The opinionated approach realized by this module is to first create an
immutable, verity-protected nix store partition, then embed the root
hash of the corresponding verity hash partition in a UKI, that is then
injected into the ESP of the resulting image.
The UKI can then precisely identify the corresponding data from which
the entire system is bootstrapped.

The module comes with a script that checks the UKI used in the final
image corresponds to the intermediate image created in the first step.
This is necessary to notice incompatible substitutions of
non-reproducible store paths, for example when working with distributed
builds, or when offline-signing the UKI.
 2024-09-20 17:35:49 +02:00
phaer 01fd62f37a tests/playwright-python: init 
For some reason, chromium, which is still the nixpkgs version hangs
 inside the normal test vm, while working fine in .driverInteractive.

I suspect that might have to do with the existence of a display in
.driverInteractive. Neither vm does run X11 or wayland.
 2024-09-20 14:52:35 +02:00
github-actions[bot] 33e2cbc61f
Merge staging-next into staging 2024-09-20 12:05:56 +00:00
Cosima Neidahl eee25622ff
nixosTests.terminal-emulators: Fix lomiri-terminal-app test after mesa change (#341573) 2024-09-20 13:42:57 +02:00
Moritz Sanft 5ee6467bd3
nixos: add support for dm-verity 
Co-authored-by: nikstur <nikstur@outlook.com>
Co-authored-by: WilliButz <willibutz@posteo.de>
 2024-09-20 13:03:10 +02:00
Robert Hensing d12ed107be
nixos/nixpkgs: fix assertion text & show def files (#343212) 2024-09-20 11:53:58 +02:00
Matt Sturgeon 6d9dfef94f
nixos/nixpkgs: show definition files in config assertion 2024-09-20 10:42:45 +01:00
Matt Sturgeon 1bd4da1848
nixos/nixpkgs: fix config assertion text 
The assertion message should include the `nixpkgs.config` value, however
it currently includes the entire `nixpkgs.config` _option_.

This means the type, declarations, definitions, etc were all printed.
 2024-09-20 10:42:05 +01:00
Marie 29a1bcb9ec
doc: 24.11: fix taskwarrior typo 2024-09-20 11:03:13 +02:00
Weijia Wang 98a31cdb8d
wordpress: 6.6.1 -> 6.6.2 (#343013) 2024-09-20 10:17:04 +02:00
zowoq 2ff3fa0e87 nixos/hydra: set a default for hydra-compress-logs service 
follow up from 0c454e9317
 2024-09-20 17:36:22 +10:00
K900 685d691da1
nixos/tools: start cleanup (#343075) 2024-09-20 10:08:12 +03:00
K900 51b47621ac nixos-install: move to pkgs/by-name 2024-09-20 08:44:37 +03:00
K900 825f6ffa9e nixos-enter: move to pkgs/by-name 2024-09-20 08:44:37 +03:00
K900 8353a681b5 nixos-build-vms: move to pkgs/by-name 2024-09-20 08:44:36 +03:00
K900 d8a54461fc Merge remote-tracking branch 'origin/staging-next' into staging 2024-09-20 07:27:56 +03:00
Sandro 97ca40d3ca
turn-rs: init at 3.1.0 (#338928) 2024-09-19 22:53:28 +02:00
Weijia Wang d582ac052d nixos/wordpress: fix tests 2024-09-19 22:25:37 +02:00
Bjørn Forsman b03e47330b
smartmontools: build with systemdLibs on linux (#342407) 2024-09-19 20:49:26 +02:00
h7x4 490abc3b8c
hedgedoc: correct typo in deprecation notice (#343083) 2024-09-19 20:38:46 +02:00
Andrew Kvalheim 818d2a60a8 hedgedoc: correct typo in deprecation notice 
Continues #244941
 2024-09-19 11:05:05 -07:00
K900 d2e6b8dac6 nixos/tests/wpa_supplicant: explicitly set channel 
mac80211_hwsim can't emulate ACS, so explicitly choose a channel.
 2024-09-19 20:47:18 +03:00
Felipe Silva 51344369d5 doc: 24.11: document isync version bump 2024-09-19 19:14:55 +02:00
K900 1bf0ffb22e nixos-rebuild: inline get-version-suffix script 
It has no other consumers anyway. Also saves some work.
 2024-09-19 20:05:58 +03:00
Michele Guerini Rocco ebdd7ce69d
Revert "nixos/wireless: link config to /etc by default" (#343039) 2024-09-19 18:38:39 +02:00
Adam Stephens ee30c817cb
incus-lts: 6.0.1 -> 6.0.2 
https://discuss.linuxcontainers.org/t/incus-6-0-2-lts-has-been-released/21633
 2024-09-19 12:17:17 -04:00
Peder Bergebakken Sundt 9f0fb06ceb
nixos/ttyd: allow caFile=null when enableSSL=true (#340554) 2024-09-19 17:30:29 +02:00
Bjørn Forsman 86a6ef5f15 nixos/prometheus-smartctl-exporter: fix NVMe scanning 
smartctl_exporter already runs with SupplementaryGroups "disk", which
gives full access to SATA drives, but NVMe devices are owned by
root:root, resulting in no access:

  [...] msg="Smartctl open device: /dev/nvme0 failed: Permission denied"

This patch introduces a "smartctl-exporter-access" supplementary
group, and an udev rule with setfacl to give the exporter access to NVMe
drives, without changing the base root:root ownership.

Fixes https://github.com/NixOS/nixpkgs/issues/210041
 2024-09-19 17:28:30 +02:00
Josh Hoffer 4080d35d2b nixos/udev: only restart when udev rules change 
Only restart `systemd-udevd.service` if udev rules in `/etc/udev/rules`
actually changed. The paths of `services.udev.packages` may change
frequently but the resulting udev rules built by `udevRulesFor`
likely change less often.

This has the added benefit of not adding `services.udev.packages` to
the system closure if they are only used for their udev rules
(issue #308937).
 2024-09-19 17:26:01 +02:00
rnhmjoj 7efc956510
Revert "nixos/wireless: link config to /etc by default" 
This reverts commit 89eb93dc3f.

It broken setups where /etc/wpa_supplicant.conf is configured
imperatively and reloading of the service on configuration changes.
 2024-09-19 16:36:34 +02:00
K900 b3b9bdd901 Revert "nix: nix_2_18 -> nix_2_24" 
This reverts commit 2e702d07bb.

Segfaults during evaluation in yet-to-be-determined circumstances.
Investigation is ongoing, reverting for now to be safe.

Upstream issue: https://github.com/NixOS/nix/issues/11547
 2024-09-19 17:17:16 +03:00
K900 fb38235766 Revert "nixos/nix-fallback-paths: 2.24.2 -> 2.24.6" 
This reverts commit ac849e5658.

Nix 2.24 segfaults semi-randomly during evaluation on specific configs (?).
This commit prepares for another revert, putting the default back to 2.18.

Upstream issue: https://github.com/NixOS/nix/issues/11547
 2024-09-19 17:17:10 +03:00
github-actions[bot] 1f0ce6a4e5
Merge staging-next into staging 2024-09-19 12:05:50 +00:00
Casey Link 5b64b4072a
nixos/davis: fix nginx conf's well-known redirect 
We mistakenly used a non-existing nginx variable for the X-Forwarded-Proto causing
the well-known redirect to return erroneous Location headers like:

    Location: ://dav.example/dav

instead of the correct:

    Location: https://dav.example/dav
 2024-09-19 12:03:51 +02:00
Arian van Putten 5a7ae8f7de
amazon-ssm-agent: add the system's software to the path (#342947) 2024-09-19 10:37:59 +02:00
h7x4 a79863f0e1
nixos/services.tarsnap: fix escapeSystemdPath (#342911) 2024-09-19 09:21:02 +02:00
h7x4 dcf1beb438
nixos/authelia: complete level enum (#342619) 2024-09-19 09:17:30 +02:00
lassulus a7e62e65f8
cdemu-daemon: 3.2.6 -> 3.2.7 (#342883) 2024-09-19 08:43:45 +02:00
K900 248236048f
nixos/plasma6: install discover if flatpak is enabled (#342852) 2024-09-19 09:31:02 +03:00
github-actions[bot] 44c701d84e
Merge staging-next into staging 2024-09-19 06:05:13 +00:00
adisbladis 4087c4a5c9
nrfutil: reinit at 7.11.1 (#327945) 2024-09-19 03:52:13 +00:00
Graham Christensen 7547a1f5f8
amazon-ssm-agent: add the system's software to the path 
Follow up to #342584.

Similarly to that PR, it is surprising that software which was installed by the user isn't available to a script run over ssm by default.

When executing commands with ssm, users will now have more predictable access to baked-in software instead of an extremely bare-minimum set currently there.
 2024-09-18 23:18:28 -04:00
Josh Hoffer 6295433b2b installer: only use squashfs threads=multi on supported kernels 
The `threads` SquashFS mount option was introduced in Linux 6.2 [1].
Since we still support older kernels and external users of nixpkgs
may reuse the ISO installer modules, this option should be guarded
by a kernel version check.

[1] https://www.kernelconfig.io/config_squashfs_choice_decomp_by_mount?arch=x86&kernelversion=6.10.10
 2024-09-18 17:27:20 -07:00
github-actions[bot] f8ad48a5a2
Merge staging-next into staging 2024-09-19 00:14:04 +00:00
Ashish SHUKLA f6e2fb5e11
nixos/services.tarsnap: fix escapeSystemdPath invocation 2024-09-19 00:12:13 +00:00
wxt 1a742a9f80 nixos/turn-rs: init 2024-09-19 07:33:51 +08:00
h7x4 1a88d90413
nixos/pulseview: init module (#342878) 2024-09-19 00:45:04 +02:00
Emily 5320e21a4b
nixos/xen: refactor dom0 configuration (#324911) 2024-09-18 23:22:38 +01:00
Robert Schütz 5e89ea3d30 nixos/cdemu: use lib.getExe 2024-09-18 14:39:39 -07:00
hatch01 abc51d1654
nixos/authelia: complete level enum 2024-09-18 23:34:21 +02:00
Nydragon 69ca85cc7b
nixos/pulseview: init module 
Pulseview needs the libsigrok udev rules to be installed, this module
removes the need for the enduser to think about this dependency.
 2024-09-18 23:20:57 +02:00
Fernando Rodrigues 9e5f77a3e2
nixos/xen: refactor dom0 configuration 
- Cleans up downstream systemd units in favour of using upstream units.
- Xen 4.18 on Nixpkgs now supports EFI booting, so we have an EFI boot
  builder here that runs after systemd-boot-builder.py.
- Add more options for setting up dom0 resource limits.
- Adds options for the declarative configuration of oxenstored.
- Disables the automatic bridge configuration, as it was broken.
- Drops legacy BIOS boot
- Adds an EFI boot entry builder script.

Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
Co-authored-by: Yaroslav Bolyukin <iam@lach.pw>
 2024-09-18 17:36:39 -03:00
Arian van Putten feafed382a
amazon-init: include the general system's software and wrappers in PATH (#342584) 2024-09-18 22:03:11 +02:00
github-actions[bot] 71d46fbcdf
Merge staging-next into staging 2024-09-18 18:04:48 +00:00
Jared Baur 46b97e7f0f
nixos/plasma6: install discover if flatpak is enabled 
Just like for gnome, we should install the respective PackageKit
frontend for KDE Plasma if flatpak is enabled in the NixOS config.
 2024-09-18 10:45:12 -07:00
Robert Hensing 85dee2c70e
nix-serve: Make test reusable and expose linked nix in passthru (#342778) 2024-09-18 16:18:09 +02:00
h7x4 50470da36e
nixos/matrix-hookshot: init module (#323196) 2024-09-18 16:04:30 +02:00
Adam C. Stephens 7f206b648b
zfs: deprecate latestCompatibleLinuxPackages (#341596) 2024-09-18 10:01:00 -04:00
Jörg Thalheim 9098810fa3
nixos/programs/yubikey-touch-detector: expose configuration variables (#337910) 2024-09-18 15:56:42 +02:00
Nick Cao 5d9d66572b
nixos/services.mediatomb: fix vlc reference (#341865) 2024-09-18 09:26:36 -04:00
Jörg Thalheim d66f976cee
nixos/generic-extlinux-compatible: add mirroredBoots option (#335131) 2024-09-18 14:08:31 +02:00
Robert Hensing 30620e7736 nixosTests.nix-serve: Use new entrypoint 
This reuses the `pkgs`, so that `pkgs.nixosTests.nix-serve` will
run with the overlays of `pkgs` applied.
 2024-09-18 13:42:35 +02:00
Finn Landweber 6974feb92c
nixos/matrix-hookshot: init module 2024-09-18 13:03:42 +02:00
github-actions[bot] b638e02a58
Merge staging-next into staging 2024-09-18 00:13:59 +00:00
Gautier DI FOLCO 7960660f55
nixos/services.mediatomb: drop not supported transcoding profile for the current vlc version 2024-09-18 00:04:56 +02:00
Gautier DI FOLCO caf4aa4e10
nixos/services.mediatomb: fix vlc reference 2024-09-18 00:03:31 +02:00
Fabián Heredia Montiel e25a409cef
nix: 2.18 -> 2.24 (#335342) 2024-09-17 15:34:47 -06:00
Fernando Rodrigues c3fa245245
nixos/xen: format with nixfmt-rfc-style 
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
 2024-09-17 21:02:14 +00:00
h7x4 142e77e733
nixos/doc: add release note about nrfutil repackaging 2024-09-17 22:36:38 +02:00
h7x4 f954d6185c
wstunnel: exclude TLS arguments when enableHTTPS is false (#342203) 2024-09-17 21:30:58 +02:00
K900 87cbfcba1c Merge remote-tracking branch 'origin/staging-next' into staging 2024-09-17 21:07:02 +03:00
Michele Guerini Rocco e3191b8ded
nixos/dhcpcd: harden and run as unprivileged user (#336988) 2024-09-17 19:21:11 +02:00
Graham Christensen 76b614be39 amazon-init: include the general system's software and wrappers in PATH 
It is surprising that software which was installed by the user at AMI
generation time isn't available to a script run over user data by
default.

When authoring user data to execute at startup, users will now have
more predictable access to baked-in software instead of an extremely
bare-minimum set currently there.
 2024-09-17 12:57:43 -04:00
K900 1047f0a6bf nixos/hostapd: set default channel to auto 
The current default, 7, is, to put it nicely, absolutely ridiculous.

On 2.4 GHz, the only channels you should use are 1, 6 and 11, because
every other channel overlaps one of those and causes interference.

On 5/6 GHz, channel 7 does not exist at all.

Also, it's 2024, most things will support automatic channel selection,
and those that don't will likely need extra care to support prehistoric
hardware anyway.
 2024-09-17 19:07:47 +03:00
nicoo 40e940fae3
doc(livebook): Fix small spelling mistake (#342373) 2024-09-17 14:55:22 +00:00
Vladimír Čunát 75da841952
Merge branch 'master' into staging 2024-09-17 16:38:37 +02:00
Fabián Heredia Montiel 3029a1f91d
frr: 10.0.1 -> 10.1 (#342259) 2024-09-17 07:25:12 -06:00
Adam Stephens 2dbc1128b3
zfs: deprecate latestCompatibleLinuxPackages 
Using zfs.latestCompatibleLinuxPackages can result in downgrades to the kernel on a system, potentially causing breakage.
This breakage may not be apparent during build and switch, but only after attempting to reboot into the updated generation.
By forcing users to explicitly manage their kernel version, we can ensure that the breakage will be apparent at build time instead.
 2024-09-17 08:57:38 -04:00
github-actions[bot] 73cf025711
Merge staging-next into staging 2024-09-17 12:05:50 +00:00
Sandro b3c4e7f536
nixos/nvidia: assert open option is manually set on drivers >= 560 (#339025) 2024-09-17 11:32:47 +02:00
Aleksana 99d5afb211
nixos/doc: mention "No such file or directory" error on Nextcloud (#342353) 2024-09-17 17:30:00 +08:00
Aleksana e9e4fb40ef
nixos/ly: unlock gnome-keyring on login when enabled (#341900) 2024-09-17 16:10:38 +08:00
kirillrdy 14392643b6
nixos/tests/freetube: fix ocr (#342383) 2024-09-17 17:36:55 +10:00
Doron Behar 8efaf0d2d6 nixos/tzupdate: use timedatectl to actually set the timezone 
See also: https://github.com/cdown/tzupdate/issues/135
 2024-09-17 09:32:44 +03:00
Doron Behar 94892f8f20 tzupdate: add doronbehar to maintainers 2024-09-17 09:32:14 +03:00
K900 b24e9a53ca Merge remote-tracking branch 'origin/staging-next' into staging 2024-09-17 09:07:34 +03:00
Christina Sørensen a011aa9e02
nixos/doc: recommend usage of --use-remote-sudo when switching configurations (#342338) 2024-09-17 06:09:31 +02:00
github-actions[bot] 3aaf0938c0
Merge staging-next into staging 2024-09-17 00:12:19 +00:00
Raymond Douglas e868bfa5b1
wstunnel: exclude TLS arguments when enableHTTPS is false 2024-09-16 14:27:42 -07:00
h7x4 4423e93451
nixos/smartd: set Type = notify on systemd service 2024-09-16 23:21:24 +02:00
Fernando Rodrigues 8bf0396bf6
nixos/doc: alter wording to explain the usage of --use-remote-sudo 
Also recommends the usage of sudo's -E flag if --use-remote-sudo cannot
be used. This should still be discouraged IMO, as it means Nix may write
root-owned files to the user's home directory.

Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
 2024-09-16 17:55:30 -03:00
ghpzin adff49b178
nixos/tests/freetube: fix ocr 
- change text that is waited for on preferences page, as previous one
stopped being recognized by OCR on xorg after freetube update to 0.21.0
- increase timeout from 30 sec to 60 sec as OCR is sometimes slow
 2024-09-16 22:56:00 +03:00
Jörg Thalheim d82fa80488
nixos/services.cloudflared: fix filterConfig (#342370) 2024-09-16 21:37:42 +02:00
Jörg Thalheim ceb3a26ac2
nixos/nixpkgs: fix incorrect lib usage (#342375) 2024-09-16 21:36:46 +02:00
David Knaack b6fed52cbc
nixos/services.snapraid: re-add missing lib. for lib imports 
Related #335631
 2024-09-16 21:10:57 +02:00
Felix Buehler 22cbc6c0f6 nixos/nixpkgs: fix incorrect lib usage 2024-09-16 21:07:34 +02:00
Aos Dabbagh 44a4c266c3 doc(livebook): Fix small spelling mistake 2024-09-16 14:54:45 -04:00
Felix Buehler 4cbff7e5d4 nixos/services.cloudflared: fix filterConfig 2024-09-16 20:47:07 +02:00
github-actions[bot] 1eb2a0e2d5
Merge staging-next into staging 2024-09-16 18:04:57 +00:00
seth 43764ae2c3
nixos/nvidia: assert open option is manually set on drivers >= 560 
This requirement was introduced in
https://github.com/NixOS/nixpkgs/pull/337289 as a way to make sure users
"explicitly pick which version of the driver they want since nvidia
recommends the open one, but that is incompatible with older drivers".
This is reasonable, however the user isn't informed in any real way
aside from the upcoming release notes

This has caused a
[good](https://github.com/NixOS/nixpkgs/pull/337289#issuecomment-2313802016)
[amount](https://github.com/NixOS/nixpkgs/pull/337289#issuecomment-2318571311)
[of](https://github.com/NixOS/nixpkgs/issues/338196)
[confusion](https://github.com/NixOS/nixos-hardware/issues/1092) amongst
users. By introducing this assertion and using a new `useOpenModules`
local variable, we can have the same behavior but display a proper error
message to hopefully clear things up until we can safely make this a
default
 2024-09-16 13:04:39 -04:00
Maximilian Bosch 3302dc7c34
nixos/doc: mention "No such file or directory" error on Nextcloud 
That was... interesting to debug. It took a me a bit of reading C code
until I realized that the realpath cache is internally used for
`file_get_contents`, but not for `file_exists` 🙃

I'm not comfortable on doing the workaround in the module, but I think
it's good to have this documented in the manual.
 2024-09-16 18:57:10 +02:00
Jörg Thalheim 09b875f827
nixos/syncoid: use local escapeUnitName instead of lib (#342347) 2024-09-16 18:49:58 +02:00
Jörg Thalheim 224510cec2 nixos/syncoid: don't prepend escapeUnitName 2024-09-16 18:45:00 +02:00
Fernando Rodrigues 116f14ed36
nixos/doc: replace nixos-rebuild commands running as root by --use-remote-sudo 
After a discussion on Matrix, it has become clear that building as root
is discouraged, and the (inappropriately named) --use-remote-sudo flag
should be enouraged as the de-facto way to selectively escalate to root
after a system build has finished.

Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
 2024-09-16 16:01:16 +00:00
Connor Baker 58a8cfa7da
Faster SquashFS decompression of Nix Store (#341149) 2024-09-16 08:07:40 -07:00
Masum Reza 3a01706964
nixos/nautilus-open-any-terminal: make module function properly (#342104) 2024-09-16 19:51:06 +05:30
Jörg Thalheim 0f00e553c5
nixos/buildbot: fix usage of escapeStr (#342276) 2024-09-16 14:38:12 +02:00
github-actions[bot] 1c3463dc7a
Merge staging-next into staging 2024-09-16 12:06:19 +00:00
Weijia Wang 53eac0b4de nixos/buildbot: fix usage of escapeStr 2024-09-16 13:34:58 +02:00
Eman Resu f78e6b8839
nautilus-open-any-terminal: add required config from project README so module functions intuitively 
bb0fe33c48/README.md (nixpkgs-nixos-)
 2024-09-16 16:35:08 +05:30
Aleksana f1580efb3b
maintainers/team-list: add cyberus team (#331059) 2024-09-16 18:14:16 +08:00
Markus Theil 83cdec2e16 nixos/tests/frr: fix ping command 
Signed-off-by: Markus Theil <theil.markus@gmail.com>
 2024-09-16 11:31:35 +02:00
Sandro fd3ddb6b60
dnscrypt-wrapper: remove package and NixOS modules (#341838) 2024-09-16 11:25:30 +02:00
Markus Theil 5b19e716f3 mention new OpenSSL default version in release notes 
The new OpenSSL default 3.3.x increased the default security level,
mention this in release notes.

Signed-off-by: Markus Theil <theil.markus@gmail.com>
 2024-09-16 09:45:58 +02:00
kirillrdy 51b7b3bddf
flarum: fix installation and migration logic (#341340) 2024-09-16 16:58:19 +10:00
rnhmjoj 67700c521e
nixos/release-notes: mention dhcpcd changes 2024-09-16 08:07:56 +02:00
rnhmjoj 234b7541be
dhcpcd: move database to /var/lib 2024-09-16 08:07:56 +02:00
rnhmjoj b447fd58c7
nixos/dhcpcd: harden and run as unprivileged user 2024-09-16 08:07:55 +02:00
rnhmjoj bad5251e87
nixos/tests/networking: test nameservers via DHCP 2024-09-16 08:07:55 +02:00
rnhmjoj aff5d1d523
nixos/dhcpcd: remove ntpd workaround 
This workaround for NTP daemons has been there for 12 years and is most
likely not needed anymore.
 2024-09-16 08:07:55 +02:00
github-actions[bot] 7aea2e99a8
Merge staging-next into staging 2024-09-16 00:14:57 +00:00
rnhmjoj a432668acf
dhcpcd: disable privsep by default 
The priviledge separation mode has several downsides:

  - it's incompatible with alternative memory allocators, including
    graphene-hardened;

  - it needs an unreleased patch to fix a crash;

  - it results in none less than 6 subprocesses running at any time,
    increasing the memory usage;

  - the privileged process (albeit not doing any networking related
    tasks) is still running as root, so it has complete access to the
    system.

Let's disable this by default and instead run dhcpcd as an unpriviledge
user with only the necessary capabilities.
 2024-09-16 01:23:54 +02:00
rnhmjoj 19a494135a
nixos/resolvconf: add a resolvconf group 
This group is useful to allow specific users to run resolvconf and
(and this modify /etc/resolv.conf) without root privileges.
 2024-09-16 01:22:58 +02:00
KFearsoff ad11a7357b
maintainers: remove kfears (#342128) 
remove kfears from maintainers
 2024-09-16 00:57:14 +02:00
azahi 94c62f5036
nixos/networking.firewall: fix refactor regression 
This fixes a regression that was introduced in #335631
 2024-09-16 01:10:55 +03:00
misuzu 4c1d53818b
nixos/doc: update Installing section (#341995) 
Mention how to set a user password right after installation.
Also don't suggest to use `useradd` to add users.
 2024-09-15 20:48:27 +02:00
Masum Reza a5cfe01240
nixos/shairport-sync: Add pulse group also for pipewire (#341172) 2024-09-15 23:39:57 +05:30
github-actions[bot] 952947bdf8
Merge staging-next into staging 2024-09-15 18:04:54 +00:00
Robert James Hernandez a49a45f85e scion: individually verify certs in vmTest 2024-09-15 17:54:03 +00:00
Robert James Hernandez e15e5e8d95 scion: make vmTest handle failured nodes 2024-09-15 17:54:03 +00:00
Sandro df716be1dc
nixos/release-notes: fix md link in section about gitea (#342083) 2024-09-15 18:57:57 +02:00
Maximilian Bosch 1c9765accf
nixos/release-notes: fix md link in section about gitea 
Reported in https://github.com/NixOS/nixpkgs/pull/336995#discussion_r1760042825.
 2024-09-15 16:38:13 +02:00
Matt Moriarity 768db4009e nixos: remove environment.noXlibs 2024-09-15 07:51:45 -06:00
Nick Cao 04cc842ee5
nixos/dendrite: fix broken example conf link (#342056) 2024-09-15 09:37:32 -04:00
misuzu 2505777e0c nixos/netbird: remove misuzu as maintainer 2024-09-15 12:57:13 +00:00
M. Ian Graham 70f53bf307
nixos/dendrite: fix broken example conf link 
Example config yaml has moved to: https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.yaml
 2024-09-15 21:31:37 +09:00
github-actions[bot] 84a5c54b60
Merge staging-next into staging 2024-09-15 12:05:26 +00:00
Sandro 76d7694a3f
nixos/neo4j: always set http values, even when disabled (#341586) 2024-09-15 12:42:20 +02:00
Jörg Thalheim 6bb59d8a47
treewide/nixos: remove with lib; part 4 (#335631) 2024-09-15 12:02:25 +02:00
Aleksana c45a2954a5
nixosTests.bittorrent: Fix pkgs scope (#293562) 2024-09-15 17:09:33 +08:00
Jörg Thalheim b4b8ef5bb6 nixos/network-filesystems/samba: fix eval 2024-09-15 11:02:11 +02:00
Felix Buehler f1dfc8d363 nixos/virtualisation.vmware.guest: remove with lib; 2024-09-15 10:43:58 +02:00
Felix Buehler 7d7e294262 nixos/virtualbox-image: remove with lib; 2024-09-15 10:43:58 +02:00
Felix Buehler 217557441c nixos/virtualisation.virtualbox.host: remove with lib; 2024-09-15 10:43:58 +02:00
Felix Buehler 49fe5ca12c nixos/virtualisation.virtualbox.guest: remove with lib; 2024-09-15 10:43:58 +02:00
Felix Buehler 3cd35f7830 nixos/virtualisation.docker.rootless: remove with lib; 2024-09-15 10:43:58 +02:00
Felix Buehler dd7ab59690 nixos/services.nfs: remove with lib; 2024-09-15 10:43:58 +02:00
Felix Buehler a83ffb43de nixos/boot.tmp: remove with lib; 2024-09-15 10:43:58 +02:00
Felix Buehler 2f7c0a170f nixos/boot.loader.efi: remove with lib; 2024-09-15 10:43:58 +02:00
Felix Buehler 0a51fdb520 nixos/systemd.enableEmergencyMode: remove with lib; 2024-09-15 10:43:57 +02:00
Felix Buehler 91cb7594d0 nixos/boot.initrd.clevis: remove with lib; 2024-09-15 10:43:57 +02:00
Felix Buehler 1cd7970bb8 nixos/services.matterbridge: remove with lib; 2024-09-15 10:43:57 +02:00
Felix Buehler 252e9bb1e7 nixos/services.lxd-image-server: remove with lib; 2024-09-15 10:43:57 +02:00
Felix Buehler 2e30f07cc0 nixos/services.logmein-hamachi: remove with lib; 2024-09-15 10:43:57 +02:00
Felix Buehler 196a14a174 nixos/services.lldpd: remove with lib; 2024-09-15 10:43:57 +02:00
Felix Buehler 0d57426bae nixos/services.lambdabot: remove with lib; 2024-09-15 10:43:57 +02:00
Felix Buehler 081c71df4b nixos/services.keybase: remove with lib; 2024-09-15 10:43:57 +02:00
Felix Buehler f3bb24eb64 nixos/services.jotta-cli: remove with lib; 2024-09-15 10:43:57 +02:00
Felix Buehler 6c50168c7c nixos/services.jitsi-videobridge: remove with lib; 2024-09-15 10:43:57 +02:00
Felix Buehler fee0a07c28 nixos/services.jigasi: remove with lib; 2024-09-15 10:43:57 +02:00
Felix Buehler 0cca8e9756 nixos/services.jicofo: remove with lib; 2024-09-15 10:43:56 +02:00
Felix Buehler 050c81941d nixos/services.ivpn: remove with lib; 2024-09-15 10:43:56 +02:00
Felix Buehler aa27551b00 nixos/services.iodine: remove with lib; 2024-09-15 10:43:56 +02:00
Felix Buehler b610b3cac2 nixos/services.inadyn: remove with lib; 2024-09-15 10:43:56 +02:00
Felix Buehler f69dd2df9a nixos/services.i2p: remove with lib; 2024-09-15 10:43:56 +02:00
Felix Buehler 49224ecc3b nixos/services.htpdate: remove with lib; 2024-09-15 10:43:56 +02:00
Felix Buehler 9ceab680a6 nixos/services.haproxy: remove with lib; 2024-09-15 10:43:56 +02:00
Felix Buehler f30e72ffbb nixos/services.hans: remove with lib; 2024-09-15 10:43:56 +02:00
Felix Buehler a811ef8255 nixos/services.gobgpd: remove with lib; 2024-09-15 10:43:56 +02:00
Felix Buehler 90a98fc103 nixos/services.go-shadowsocks2: remove with lib; 2024-09-15 10:43:55 +02:00
Felix Buehler 2ec70782ab nixos/services.go-neb: remove with lib; 2024-09-15 10:43:55 +02:00
Felix Buehler 9ca9ac0b51 nixos/services.go-autoconfig: remove with lib; 2024-09-15 10:43:55 +02:00
Felix Buehler 3e72e14a6d nixos/services.gnunet: remove with lib; 2024-09-15 10:43:55 +02:00
Felix Buehler 7a65f58698 nixos/services.globalprotect: remove with lib; 2024-09-15 10:43:55 +02:00
Felix Buehler 878c5dc6eb nixos/services.gitDaemon: remove with lib; 2024-09-15 10:43:55 +02:00
Felix Buehler 0b865525e8 nixos/services.gdomap: remove with lib; 2024-09-15 10:43:55 +02:00
Felix Buehler d0901224e1 nixos/services.gateone: remove with lib; 2024-09-15 10:43:55 +02:00
Felix Buehler 191b68cd26 nixos/services.frr: remove with lib; 2024-09-15 10:43:55 +02:00
Felix Buehler fdcec053e6 nixos/services.frp: remove with lib; 2024-09-15 10:43:55 +02:00
Felix Buehler 7cc95389d1 nixos/services.freeradius: remove with lib; 2024-09-15 10:43:54 +02:00
Felix Buehler a49fa6ee3b nixos/services.freenet: remove with lib; 2024-09-15 10:43:54 +02:00
Felix Buehler 688b08939c nixos/services.flannel: remove with lib; 2024-09-15 10:43:54 +02:00
Felix Buehler 00d0e3ba98 nixos/networking.firewall: remove with lib; 2024-09-15 10:43:54 +02:00
Felix Buehler e915ced804 nixos/networking.firewall.nftables: remove with lib; 2024-09-15 10:43:54 +02:00
Felix Buehler 15edaa6e16 nixos/networking.firewall.iptables: remove with lib; 2024-09-15 10:43:54 +02:00
Felix Buehler f12d3df878 nixos/services.fireqos: remove with lib; 2024-09-15 10:43:54 +02:00
Felix Buehler 17f8650ace nixos/services.ferm: remove with lib; 2024-09-15 10:43:54 +02:00
Felix Buehler abc0a6e035 nixos/services.expressvpn: remove with lib; 2024-09-15 10:43:54 +02:00
Felix Buehler 19e88959ef nixos/services.eternal-terminal: remove with lib; 2024-09-15 10:43:54 +02:00
Felix Buehler 6233a59db3 nixos/services.epmd: remove with lib; 2024-09-15 10:43:54 +02:00
Felix Buehler a09250d8ab nixos/services.envoy: remove with lib; 2024-09-15 10:43:54 +02:00
Felix Buehler aa2c039ab0 nixos/services.ejabberd: remove with lib; 2024-09-15 10:43:53 +02:00
Felix Buehler e59cdc8e99 nixos/services.doh-proxy-rust: remove with lib; 2024-09-15 10:43:53 +02:00
Felix Buehler 504abe12d1 nixos/services.dnsmasq: remove with lib; 2024-09-15 10:43:53 +02:00
Felix Buehler 3a05a07ef7 nixos/services.dnsdist: remove with lib; 2024-09-15 10:43:53 +02:00
Felix Buehler 56576f90e3 nixos/services.dnscache: remove with lib; 2024-09-15 10:43:53 +02:00
Felix Buehler 630754ae20 nixos/networking.dhcpcd: remove with lib; 2024-09-15 10:43:53 +02:00
Felix Buehler 8681b42c62 nixos/services.ddclient: remove with lib; 2024-09-15 10:43:53 +02:00
Felix Buehler 657cd334e6 nixos/services.dante: remove with lib; 2024-09-15 10:43:53 +02:00
Felix Buehler 4589149299 nixos/services.create_ap: remove with lib; 2024-09-15 10:43:53 +02:00
Felix Buehler 7fcd972c94 nixos/services.coturn: remove with lib; 2024-09-15 10:43:53 +02:00
Felix Buehler bd2d5c89ce nixos/services.corerad: remove with lib; 2024-09-15 10:43:53 +02:00
Felix Buehler c4bbbbbb10 nixos/services.coredns: remove with lib; 2024-09-15 10:43:53 +02:00
Felix Buehler 6c6b5e7f80 nixos/services.consul: remove with lib; 2024-09-15 10:43:52 +02:00
Felix Buehler 5438332690 nixos/services.cntlm: remove with lib; 2024-09-15 10:43:52 +02:00
Felix Buehler 5506afac27 nixos/services.cloudflared: remove with lib; 2024-09-15 10:43:52 +02:00
Felix Buehler 14f2d0a94b nixos/services.cloudflare-dyndns: remove with lib; 2024-09-15 10:43:52 +02:00
Felix Buehler a3c69c111e nixos/services.clatd: remove with lib; 2024-09-15 10:43:52 +02:00
Felix Buehler 742185f18c nixos/services.cjdns: remove with lib; 2024-09-15 10:43:52 +02:00
Felix Buehler f6077c6bcd nixos/services.chisel-server: remove with lib; 2024-09-15 10:43:52 +02:00
Felix Buehler 87c989da08 nixos/services.cgit: remove with lib; 2024-09-15 10:43:52 +02:00
Felix Buehler 8e6795a029 nixos/services.blocky: remove with lib; 2024-09-15 10:43:52 +02:00
Felix Buehler 939ba8a2c3 nixos/services.blockbook-frontend: remove with lib; 2024-09-15 10:43:52 +02:00
Felix Buehler d9c47dac16 nixos/services.bitlbee: remove with lib; 2024-09-15 10:43:52 +02:00
Felix Buehler 416649cbe6 nixos/services.birdwatcher: remove with lib; 2024-09-15 10:43:51 +02:00
Felix Buehler c666e7b2dd nixos/services.bird-lg: remove with lib; 2024-09-15 10:43:51 +02:00
Felix Buehler 9ce866bc9b nixos/services.bind: remove with lib; 2024-09-15 10:43:51 +02:00
Felix Buehler 42facf73b7 nixos/services.biboumi: remove with lib; 2024-09-15 10:43:51 +02:00
Felix Buehler 6bf37cd201 nixos/services.bee: remove with lib; 2024-09-15 10:43:51 +02:00
Felix Buehler 7da36d70ff nixos/services.babeld: remove with lib; 2024-09-15 10:43:51 +02:00
Felix Buehler eb8d4ed264 nixos/services.avahi: remove with lib; 2024-09-15 10:43:51 +02:00
Felix Buehler d861803952 nixos/services.autossh: remove with lib; 2024-09-15 10:43:51 +02:00
Felix Buehler 06032d6956 nixos/services.atftpd: remove with lib; 2024-09-15 10:43:51 +02:00