tobias/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-11-23 09:02:56 +01:00
Code Issues Packages Projects Releases Wiki Activity
597499 commits 199 branches 75 tags 12 GiB
Commit graph

39547 commits

Author SHA1 Message Date
Rok Garbas 6f11ba9ffe
Merge branch 'master' into amazon-ec2-amis 2024-03-13 00:37:12 +01:00
Christian Kögler bdd7e48646 nixos/test/machinectl: Add test for shared nix store 2024-03-12 23:27:45 +01:00
Christian Kögler de52b2b49e nixos/tests/machinectl: Make network routable 2024-03-12 23:27:45 +01:00
Jörg Thalheim 721c6579d2
Merge pull request #295407 from Stunkymonkey/nixos-murmur-registerPassword-fix 
nixos/murmur: fix writing registerPassword to config
 2024-03-12 22:47:26 +01:00
Fabián Heredia Montiel da8768347e
Merge pull request #293950 from DCsunset/nixos-hoogle 
nixos/hoogle: add extraOptions
 2024-03-12 14:57:30 -06:00
Felix Buehler 1e22e7d75e nixos/murmur: fix writing registerPassword to config 2024-03-12 21:19:24 +01:00
Arian van Putten 16526f454f nixos/binfmt: fix race condition between systemd-tmpfiles and systemd-binfmt 
We need to make sure systemd-tmpfiles-setup.service ran before we
start systemd-binft.service. Otherwise it might fail to start
due to non-existant files

Fixes #295365
 2024-03-12 21:08:03 +01:00
Pol Dellaiera 734b199708
Merge pull request #295197 from abysssol/ollama-tests 
nixos/ollama: add tests
 2024-03-12 20:28:16 +01:00
Azat Bahawi d3e30a442b
nixos/incus: fix systemd service path 
Fixes a regression introduced in #294754.
 2024-03-12 20:03:36 +03:00
Peder Bergebakken Sundt 285d2dcf3c nixos/spotifyd: update configuration documentation url 2024-03-12 16:07:48 +01:00
Sandro e220724911
Merge pull request #292141 from SuperSandro2000/plasma-out-xserver 2024-03-12 13:55:27 +01:00
K900 21adc4f16a
Merge pull request #295092 from K900/more-heinous-crimes 
nixos/iso-image: extremely cursed performance optimization for Hydra
 2024-03-12 15:45:38 +03:00
K900 77536af43b nixos/iso-image: extremely cursed performance optimization for Hydra 
Right now the worst case chain of events for building an ISO on Hydra is

    - copy everything to squashfs builder
    - run squashfs builder
    - download squashfs from builder
    - compress squashfs
    - upload squashfs to S3
    - copy squashfs to ISO builder
    - run ISO builder
    - download ISO from builder
    - compress ISO
    - upload ISO to S3

This inlines the squashfs build into the ISO build, which makes it

    - copy everything to ISO builder
    - run ISO builder
    - download ISO from builder
    - compress ISO
    - upload ISO to S3

Which should reduce queue runner load by $alot per ISO, which we have four of on small channels
(one release, one test per arch) and a lot more than four of on large channels (with various desktops)
 2024-03-12 15:41:59 +03:00
nikstur da05945c74
Merge pull request #295096 from jmbaur/uki-dtb 
nixos/uki: add ".dtb" section if devicetree is used
 2024-03-12 12:57:15 +01:00
Sandro Jäckel b07cdeb1b3
nixos/plasma6: move out of x11 
This release focuses on wayland, lets give that justice
 2024-03-12 10:49:42 +01:00
abysssol efed30f903 nixos/ollama: add test for the ollama service 2024-03-11 21:37:48 -04:00
cmspam 701fcd7982 nixos/incus: add openvswitch support 
1. Added openvswitch integration to incus service.
2. Added tests to test openvswitch functionality with incus.
 2024-03-12 01:03:39 +00:00
Jared Baur 2837c0d9aa
nixos/uki: add ".dtb" section if devicetree is used 
This ensures a ".dtb" PE section makes it into the UKI so systemd-stub
can install the correct devicetree for use by the Linux kernel. This is
often needed on systems that boot with u-boot since the devicetree used
by u-boot is often a paired down version of what the Linux kernel needs.
On those kinds of boards, the lack of this PE section means that u-boot
will end up installing its internal devicetree into the UEFI
configuration table, which is what the Linux kernel ends up using.
 2024-03-11 12:42:21 -07:00
Cosima Neidahl a44e09da5e
Merge pull request #294555 from r-ryantm/auto-update/miriway 
miriway: unstable-2024-02-14 -> unstable-2024-03-06
 2024-03-11 19:04:18 +01:00
emilylange 08c37ba899 nixos/lldap: set service UMask=0027 and StateDirectoryMode=0750 
While `/var/lib/lldap` isn't technically accessible by unprivileged
users thanks to `DynamicUser=true`, a user might prefer and change it to
`DynamicUser=false`.

There is currently also a PR open that intends to make `DynamicUser`
configurable via module option.

As such, `jwt_secret_file`, if bootstrapped by the service start
procedure, might be rendered world-readable due to its permissions
(`0644/-rw-r--r--`) defaulting to the service's umask (`022`) and
`/var/lib/lldap` to `0755/drwxr-xr-x` due to `StateDirectoryMode=0755`.

This would usually be fixed by using `(umask 027; openssl ...)` instead
of just `openssl ...`.

However, it was found that another file (`users.db`), this time
bootstrapped by `lldap` itself, also had insufficient permissions
(`0644/-rw-r--r--`) inherited by the global umask and would be left
world-readable as well.

Due to this, we instead change the service's to `027`.

And to lower the impact for already bootstrapped files on existing
instances like `users.db`, set `StateDirectoryMode=0750`.
 2024-03-11 17:34:29 +01:00
emilylange 61a651e362 nixos/lldap: bootstrap jwt_secret if not provided 
If not provided, lldap defaults to `secretjwtsecret` as value which is
hardcoded in the code base.

See https://github.com/lldap/lldap/blob/v0.5.0/server/src/infra/configuration.rs#L76-L77

This is really bad, because it is trivially easy to generate an admin
access token/cookie as attacker, if a `jwt_secret` is known.
 2024-03-11 17:34:29 +01:00
Sandro 869ec01e56
Merge pull request #294286 from SuperSandro2000/unbound-remote-config-check 2024-03-11 16:06:31 +01:00
WilliButz a2c0efbf5e
Merge pull request #274307 from thillux/esdm-1.0.1 
esdm: update module after 1.0.1 changes
 2024-03-11 15:11:05 +01:00
Markus Theil 36f1c0c2b3 nixos/esdm: simplify module 
ESDM 1.0.1 fixed bugs related to Linux compatibility layer with CUSE.

During these fixes, the compatibility layer was simplified behind a
target in order to start the necessary services together or none of
them (services.esdm.linuxCompatServices).

Furthermore, a small helper was added to ESDM 1.0.1 in order to deal
with resume/suspend/hibernate (FUSE needs to be unblocked).

Removed options are marked.

Signed-off-by: Markus Theil <theil.markus@gmail.com>
 2024-03-11 14:28:26 +01:00
Maximilian Bosch 8d0e5a3402
postgresqlPackages.anonymizer: init at 1.3.1 2024-03-11 14:09:17 +01:00
Pierre Allix cf625fe5f0 nixos/networkmanager: add doc about nm profiles interaction with resolvconf 2024-03-11 12:55:27 +01:00
Sandro 80ec88edec
Merge pull request #292025 from RaHoni/baculaTls 2024-03-11 12:01:19 +01:00
OPNA2608 a49c3d2689 nixos/tests/miriway: Be more lenient when identifying the terminal prompts 2024-03-11 11:37:49 +01:00
Atemu ce8ddcd321
Merge pull request #281192 from diogotcorreia/pgvecto.rs 
postgresqlPackages.pgvecto-rs: init at 0.2.1
 2024-03-11 07:12:52 +00:00
Diogo Correia 6b97ba66a4
nixos/tests/pgvecto-rs: init 2024-03-11 01:02:17 +00:00
Sandro 88c9f04d1a
Merge pull request #294771 from flokli/yubikey-agent-eval 
nixos/yubikey-agent: fix eval error
 2024-03-11 00:15:31 +01:00
Guanran Wang 0a5801395a nixos/clash-verge: add cfg.package 2024-03-10 20:16:41 +01:00
Florian Klink b437b19f54 nixos/yubikey-agent: fix eval error 
This has been refactored in https://github.com/NixOS/nixpkgs/
pull/133542, but this reference wasn't updated.
 2024-03-10 19:08:23 +02:00
Pol Dellaiera 2bd0c18d98
Merge pull request #282160 from gaykitty/stargazer-debug-mode 
nixos/stargazer: add missing debugMode setting
 2024-03-10 14:31:06 +01:00
Peder Bergebakken Sundt 4a4a70ca31
Merge pull request #280836 from numinit/nebula-port-zero 
nixos/nebula: default to port 0 for hosts other than lighthouse/relay
 2024-03-10 05:01:04 +01:00
Peder Bergebakken Sundt 3021170dfe
Merge pull request #265687 from iblech/patch-test-socks 
nixos/tests/privoxy: Verify socks support
 2024-03-10 04:27:38 +01:00
Peder Bergebakken Sundt 298957b767
Merge pull request #283238 from D3vil0p3r/patch-1 
doc: add note in Partitioning and formatting section
 2024-03-10 04:01:18 +01:00
Will Fancher f592a7ea77
Merge pull request #293720 from vkleen/fix/systemd-boot-random-seed 
nixos/systemd: Only include systemd-boot-random-seed if the unit exists
 2024-03-09 21:01:35 -05:00
éclairevoyant 6b80044d9d
Merge pull request #294584 from MinerSebas/plasma-samba 
nixos/plasma6: Dont add samba a second time to environment.systemPackages
 2024-03-09 23:40:45 +00:00
Sandro c86e8fd7a0
Merge pull request #133542 from fpletz/refactor/pinentry-remove-multiple-outputs 
pinentry: remove multiple outputs
 2024-03-09 23:57:27 +01:00
Weijia Wang 8ca489efef
Merge pull request #292396 from wegank/unrar-bump 
unrar: 6.2.12 -> 7.0.7
 2024-03-09 22:54:53 +01:00
Bernardo Meurer 6bb56dc681
Merge pull request #294544 from lilyinstarlight/fix/fwupd-uefi-capsule-settings 2024-03-09 16:31:44 -05:00
Emily 8b7eef367c
Merge pull request #292304 from networkException/unix-socket-sliding-sync-bindaddr 
nixos/matrix-sliding-sync: improve unix socket support
 2024-03-09 20:12:48 +01:00
Lily Foster 1801583855
nixos/fwupd: fix silent failure for uefiCapsuleSettings to ever be added 
Bug was introduced in 28ea07d4e3.
 2024-03-09 12:44:46 -05:00
Maciej Krüger 8b8bc2c64b
Merge pull request #294497 from cmspam/patch-1 
incus.ui: Added incus-specific patches to fix branding and API
 2024-03-09 18:32:40 +01:00
Maciej Krüger 8a274e0c18
nixosTests.incus.*: enable nftables to fix tests 2024-03-09 17:23:03 +01:00
MinerSebas cf3a468eee nixos/plasma6: Dont add samba a second time to environment.systemPackages 2024-03-09 17:06:25 +01:00
gaykitty 366147b86d nixos/stargazer: add missing debugMode setting 2024-03-09 11:04:27 -05:00
networkException f0097cf1d9
nixos/matrix-sliding-sync: create runtime directory in /run/matrix-sliding-sync 
this patch enables the creation of a runtime directory with the default
mode 0755 in /run/matrix-sliding-sync to offer a simple option for
SYNCV3_BINDADDR when using unix sockets.
 2024-03-08 23:16:05 +01:00
Franz Pletz a270c43ea1
treewide: use sensible pinentry flavor 2024-03-08 23:09:02 +01:00
Leona Maroni 399dc3f09e
Merge pull request #290925 from r-vdp/networkd_use_gateway 
systemd-networkd: add missing UseGateway key in the DHCPv4 section
 2024-03-08 16:38:14 +01:00
Sandro Jäckel 67c1193fab
nixos/unbound: disable checkconf when remote-control is used 
Closes #293001
 2024-03-08 15:34:00 +01:00
nikstur 4fc409b977
Merge pull request #294096 from WilliButz/repart-image/overridability 
systemd-repart: improve overridability of image builder
 2024-03-08 15:23:45 +01:00
K900 73e3a5866a
Merge pull request #294269 from K900/test-driver-mypy-fixes 
nixos/lib/test-driver: fix mypy errors after staging-next merge
 2024-03-08 15:35:59 +03:00
K900 7764fc5335 nixos/lib/test-driver: fix mypy errors after staging-next merge 2024-03-08 15:33:48 +03:00
Maciej Krüger 53c527b694
Merge pull request #292817 from mkg20001/steam-team 
teams.steam: add - ref #289561
 2024-03-08 13:26:02 +01:00
K900 7b8d88fa05 nixos/steam: fix eval after #293564 2024-03-08 14:42:31 +03:00
Vladimír Čunát 335c734226
Merge #292500: staging-next 2024-03-01 2024-03-08 12:35:06 +01:00
Maciej Krüger 26c09016b9
modules/steam: transfer maintainership to steam team 2024-03-08 12:25:03 +01:00
Thiago Kenji Okada 488f218407
Merge pull request #293564 from Shawn8901/steam-compat-tools 
steam: add extraCompatPackages
 2024-03-08 11:06:15 +00:00
maxine b587c07865
Merge pull request #292847 from jwillikers/linger-hotfix 
Fix the update-lingering activation script to not fail when a user is removed
 2024-03-08 09:54:44 +00:00
r-vdp 4c26c97d21
nixos/networkd: add missing UseGateway key in the DHCPv4 section 2024-03-08 10:54:03 +01:00
Weijia Wang 4acc19b18c
Merge pull request #291581 from Luflosi/nixos/memcached/clarify-setting 
nixos/memcached: clarify behaviour of `enableUnixSocket`
 2024-03-08 10:25:10 +01:00
Weijia Wang 9dd105625d unrar: 6.2.12 -> 7.0.7 2024-03-08 09:57:11 +01:00
Viktor Kleen 0aed32b9dd
nixos/systemd: Only include systemd-boot-random-seed if the unit exists 
The unit file is only present if systemd was built with bootloader support.
 2024-03-08 08:52:11 +00:00
éclairevoyant 2319821137
nixos/scrutiny: default collector api endpoint port to point at web app port 2024-03-07 23:21:53 -05:00
éclairevoyant fc5116d75c
nixos/scrutiny: clean up mkEnableOption definitions 2024-03-07 23:21:53 -05:00
éclairevoyant ce5dbf1b7b
nixos/scrutiny: inherit lib bindings 2024-03-07 23:21:52 -05:00
éclairevoyant 4e710d5221
nixos/scrutiny: remove redundant lib.mdDoc 2024-03-07 23:21:52 -05:00
github-actions[bot] bca99088c2
Merge master into staging-next 2024-03-08 00:02:17 +00:00
Peder Bergebakken Sundt 5f9689332a
Merge pull request #278537 from wfdewith/syncoid-permissions 
nixos/syncoid: add missing ZFS mount permission
 2024-03-08 00:11:39 +01:00
Yt 0340f82b24
Merge pull request #292873 from ghthor/tabby 
Tabby: bump 0.7.0 -> 0.8.3 and add systemd service
 2024-03-07 21:51:06 +00:00
WilliButz 82ef47d3b7
nixos/repart-image: add options to specify mkfs parameters 
This new option makes it easier to specify extra mkfs parameters for the
systemd-repart builder.

See https://github.com/systemd/systemd/blob/v255/docs/ENVIRONMENT.md?plain=1#L575-L577
 2024-03-07 22:50:56 +01:00
Soenke Klinger d0a888c315
doc: added nvidiaLegacy driver version 470 to available options in nixos manual (#290231) 
Its possible to install the nvidiaLegacy470 driver for the slightly outdated GPUs, but the documentation only has the hints how to install the drivers for the even older GPUs.
 2024-03-07 22:29:13 +01:00
Sandro 5f39678474
Merge pull request #292552 from diogotcorreia/oci-containers-fix-stop-one-shot 
nixos/oci-containers: ignore nonexistent container when stopping
 2024-03-07 21:23:51 +01:00
Maximilian Bosch 3c8f4e06e6
Merge pull request #287602 from Ma27/drop-postgres-ensurePermissions 
nixos/postgresql: drop ensurePermissions option
 2024-03-07 19:50:44 +00:00
WilliButz f88148f05e
nixos/repart-image: improve overridability, use structuredAttrs 
Parameters passed to systemd-repart are now passed to the build script
via environment variable, which is defined as a list of strings in
combination with `__structuredAttrs = true`. This should make it easier
to customize the image build using `overrideAttrs`.

Both the script used to amend the repart definitions and the amended
definitions are now available via passthru.
 2024-03-07 18:27:11 +01:00
Martin Weinelt 1371fe6327
Merge remote-tracking branch 'origin/master' into staging-next 
Conflicts:
- pkgs/servers/home-assistant/default.nix
 2024-03-07 17:12:13 +01:00
Emily 2ab0d96297
Merge pull request #293251 from nesteroff/chromium-initial-prefs 
nixos/chromium: add the ability to set initial preferences
 2024-03-07 16:33:09 +01:00
Nick Cao b4f564dbff
Merge pull request #293821 from NickCao/knot-test-quic 
nixosTests.knot: test zone transfer over quic
 2024-03-07 09:43:04 -05:00
Will Owens d9188fc882
nixos/tabby: init module 
- Enable tabby to run as a systemd service
- Document standard tabby configuration
 2024-03-07 06:29:12 -05:00
DCsunset 38261d9556 nixos/hoogle: add extraOptions 2024-03-06 22:12:41 -05:00
github-actions[bot] e0fd83a658
Merge master into staging-next 2024-03-07 00:02:06 +00:00
Robert Hensing f32e786e98
Merge pull request #292099 from hercules-ci/update-nixops_unstable 
nixops_unstable to nixops_unstable_minimal.withPlugins migration + update
 2024-03-07 00:46:59 +01:00
Robert Hensing 76fc2db1f5 nixosTests.nixops_unstable: Set memorySize to 2G 
Give the evaluator some breathing room.
 2024-03-06 22:47:23 +01:00
Robert Hensing 663b3d4be7 nixops_unstable*: Make withPlugins.*.tests.nixos behave correctly 2024-03-06 22:47:22 +01:00
Philip Taron 86ae7a6243
Remove top level with lib; in docs (#293829) 2024-03-06 22:35:43 +01:00
Yuri Nesterov 960f93fd4f nixos/chromium: add the ability to set initial preferences 2024-03-06 21:32:18 +02:00
Shawn8901 93a891f0e8 steam: add extraCompatPackages 2024-03-06 20:24:55 +01:00
Nick Cao 3b7625845b
nixosTests.knot: test zone transfer over quic 2024-03-06 13:41:24 -05:00
Peder Bergebakken Sundt 715b2ae92e
Merge pull request #292608 from onemoresuza/hare-crosscomp 
hare: enable cross-compilation
 2024-03-06 19:36:45 +01:00
github-actions[bot] 8a8a630460
Merge master into staging-next 2024-03-06 18:01:19 +00:00
Sandro e656679228
Merge pull request #286523 from MarcelCoding/listmonk 
listmonk: 2.5.1 -> 3.0.0
 2024-03-06 18:49:20 +01:00
Coutinho de Souza 478cff8d32
haredoc: init at 0.24.0 
Also add a mention to the release notes of 24.05 about `hare` and
`haredoc` being split into different packages.
 2024-03-06 11:57:55 -03:00
superherointj ac497db437
Merge pull request #292418 from superherointj/k3s-to-k3s_1_29 
k3s: k3s_1_28 -> k3s_1_29
 2024-03-06 11:10:02 -03:00
Franz Pletz f05e5f3a51
Merge pull request #285807 from MinerSebas/prometheus-restic-exporter 
prometheus-restic-exporter: 1.4.0 -> 1.5.0
 2024-03-06 14:35:24 +01:00
github-actions[bot] d6370b05b5
Merge master into staging-next 2024-03-06 12:01:15 +00:00
Leona Maroni 182053a2cf
Merge pull request #293595 from SuperSandro2000/git-io-remove 
treewide: stop using deprecated git.io shortlink service
 2024-03-06 11:14:14 +01:00
Jacek Galowicz 3b2b12769d
Merge pull request #293573 from hercules-ci/nixos-running-tests-requirements 
nixos/doc: Describe NixOS test system requirements
 2024-03-06 07:51:02 +01:00
github-actions[bot] 8660ec23c7
Merge master into staging-next 2024-03-06 00:02:17 +00:00