Jörg Thalheim
5d54641d7f
Merge pull request #177790 from superherointj/package-k3s-1.24.1+k3s1
...
k3s: 1.23.6+k3s1 -> 1.24.1+k3s1
2022-06-17 08:38:10 +01:00
talyz
858a0c3fa6
nixos/parsedmarc: Improve secret handling
...
Make secret replacement more robust and futureproof:
- Allow any attribute in `services.parsedmarc.settings` to be a
secret if set to `{ _secret = "/path/to/secret"; }`.
- Hash secret file paths before using them as a placeholders in the
config file to minimize the risk of conflicting file paths being
replaced instead.
2022-06-16 13:58:20 +02:00
Lily Foster
b5818b7a30
nixos/pipewire: only add pipewire-pulse.conf conditionally
2022-06-15 15:05:44 -07:00
Lily Foster
1e3747b98b
nixos/pipewire: add pkgs.pulseaudio to pipewire-pulse user unit path
2022-06-15 15:05:44 -07:00
superherointj
a6a0c44760
k3s: remove docker support
2022-06-15 16:40:29 -03:00
Jörg Thalheim
c772b13ee7
nixos/navidrome: fixes missing ssl certficates
2022-06-15 20:40:07 +02:00
talyz
32e057881a
nixos/parsedmarc: Remove kafka support
...
It's broken (see https://github.com/domainaware/parsedmarc/issues/243 )
and providing settings for it is therefore misleading.
2022-06-15 20:15:09 +02:00
talyz
6686a3115c
nixos/parsedmarc: Fix compatibility with recent versions of grafana
2022-06-15 20:15:03 +02:00
talyz
4dddca8240
nixos/geoipupdate: Improve secret handling
...
Make secret replacement more robust and futureproof:
- Allow any attribute in `services.geoipupdate.settings` to be a
secret if set to `{ _secret = "/path/to/secret"; }`.
- Hash the license key path before using it as a placeholder in the
config file to minimize the risk of conflicting file paths being
replaced instead.
2022-06-15 20:14:57 +02:00
talyz
23c15323ce
nixos/geoipupdate: Add error handling to scripts
2022-06-15 17:18:50 +02:00
zimbatm
31b47913f3
nixos: add grafana-agent module
...
Easily ship logs and metrics to Grafana Cloud and other similar targets.
2022-06-15 12:59:06 +02:00
Bobby Rong
6d1779c567
Merge pull request #175620 from bobby285271/nixos-pantheon
...
nixos/pantheon: make it possible to remove core packages
2022-06-15 18:49:37 +08:00
Lassulus
a632afba6d
Merge pull request #177536 from yayayayaka/hedgedoc-fix-statedirectory
...
nixos/hedgedoc: Do not set StateDirectory to an absolute path
2022-06-15 11:25:04 +02:00
M. A
becff58579
nixos/hedgedoc: Do not set StateDirectory to an absolute path
...
Commit 8109d8ahttps://github.com/NixOS/nixpkgs/pull/172824#issuecomment-1130350412
2022-06-15 08:58:52 +00:00
Andreas
c028f5569b
kcheckpass is gone(?)
2022-06-15 14:53:40 +08:00
Jeroen Simonetti
829167bd27
nixos/routedns: init
...
Signed-off-by: Jeroen Simonetti <jeroen@simonetti.nl>
2022-06-15 08:33:46 +02:00
Niklas Hambüchen
0652ef9a64
Merge pull request #176903 from nh2/vaultwarden-service-better-example
...
nixos/vaultwarden: Make example more detailed.
2022-06-15 01:21:40 +02:00
Azat Bahawi
82497b0e9f
trickster: 0.1.10 -> 1.1.5
2022-06-14 01:51:45 +03:00
Léo Gaspard
02cd48717d
nixos/openldap: fix systemd rejecting notification ( #177084 )
...
On one of the two machines I have running openldap, openldap failed to start due to a "timeout". Increasing the allowed startup delay didn't help.
I noticed the following in logs:
```
openldap.service: Got notification message from PID 5224, but reception only permitted for main PID 5223
```
It turns out that on this machine at least, openldap apparently sends the notification from a non-main process, which means that we need this NotifyAccess setting for systemd to record that it successfully started. Without it, after 30 seconds systemd kills the process because it didn't receive the sd_notify call.
Somehow the other machine I have on nixos running ldap works fine even without this, but I could not figure out what changes the behavior.
Given that AFAIU NotifyAccess still restricts to "from the cgroup of the service", I think this change should be safe.
2022-06-13 15:28:12 +02:00
Maximilian Bosch
7f9a78e197
Merge pull request #175330 from jtojnar/grafana-uid
...
nixos/grafana: Allow setting UID for datasource
2022-06-13 07:01:19 +02:00
Maximilian Bosch
5203011e4e
Merge pull request #177430 from Ma27/fix-wireguard-exporter
...
nixos/prometheus-wireguard-exporter: fix broken options
2022-06-13 06:14:30 +02:00
Aaron Andersen
37b6b161e5
Merge pull request #177321 from rnhmjoj/pr-fix-mpd
...
mpd: fix socket activation
2022-06-12 22:26:53 -04:00
Dominique Martinet
f878c8994f
logrotate: do not add mail if 'mail = false' is specified
...
Reported-by: Ricardo M. Correia <rcorreia@wizy.org>
2022-06-13 08:57:49 +09:00
Winter
6c53004840
nixos/nginx: allow recommended proxy settings to be enabled per location
2022-06-12 19:52:35 -04:00
Maximilian Bosch
e03d41fb6b
nixos/prometheus-wireguard-exporter: fix broken options
...
This is apparently a breaking change in a patch-level release[1] where
it's now necessary to specify values for each CLI argument.
[1] https://github.com/MindFlavor/prometheus_wireguard_exporter/releases/tag/3.6.1
2022-06-12 20:27:25 +02:00
Maximilian Bosch
fd2a89b983
nixos/wpa_supplicant: don't log that wpa_supplicant.conf is ignored with allowAuxiliaryImperativeNetworks = true
...
The warning is wrong with `allowAuxiliaryImperativeNetworks`[1] being
set to `true` because both files are included in this case with `-c` and
`-I`.
[1] https://nixos.org/manual/nixos/stable/options.html#opt-networking.wireless.allowAuxiliaryImperativeNetworks
2022-06-12 17:07:36 +02:00
K900
6350d8d9b3
nixos/plasma5: add excludePackages option
...
This is a pretty straightforward port of #151005 .
More things can probably be made optional, I've only added ones
that I'm confident in.
2022-06-12 14:39:59 +03:00
pennae
320aa2a791
treewide: attempt at markdown option docs
2022-06-12 12:44:38 +02:00
Bobby Rong
2375fac93d
nixos/pantheon: treat evince and file-roller as optional app
2022-06-12 13:12:15 +08:00
Bobby Rong
860781d909
nixos/pantheon: allow disabling pantheon-agent-geoclue2
2022-06-12 13:11:58 +08:00
Timothy DeHerrera
ec4e23d4e9
Merge pull request #171155 from cab404/wg-quick-files
...
nixos/wg-quick: added support for configuration files
2022-06-11 22:00:45 -07:00
Bobby Rong
1097e3e80c
nixos/pantheon: make it possible to remove core packages
2022-06-12 11:39:05 +08:00
Bobby Rong
c1559a07fe
nixos/pantheon: switch to xdg.icons.enable
2022-06-12 11:39:04 +08:00
Bobby Rong
9ca889d0fb
nixos/pantheon: switch to xdg.mime.enable
2022-06-12 11:39:01 +08:00
Jan Tojnar
c397df20d1
Merge pull request #151005 from rhoriguchi/gnome
...
nixos/gnome: make it possible to remove core packages
2022-06-11 21:40:35 +02:00
rnhmjoj
7149c5cb60
mpd: fix socket activation
...
Apparently since systemd v250 a `ListenStream` in an override file won't
override the unit, but will be appended to a list of socket addresses.
The socket unit fails if two or more addresses have the same port,
probably because two systemd processes try to listen to it at once.
The solution is to add an empty `ListenStream=` to reset all previous
definitions.
Fix #175478 .
2022-06-11 20:56:19 +02:00
Rick van Schijndel
5bc0350e7c
Merge pull request #177256 from rnhmjoj/pr-picom
...
nixos/picom: remove deprecated refreshRate option
2022-06-11 20:09:28 +02:00
Soham Sen
feff6ddbe7
expressvpn: init at 3.25.0.13
2022-06-11 17:10:33 +05:30
rnhmjoj
26526f02ad
nixos/picom: remove deprecated refreshRate option
...
Fix #175765
2022-06-11 08:59:20 +02:00
piegames
4ebc288038
Merge #172819 : nixos: move matrix services into their category
2022-06-10 10:54:18 +02:00
Elis Hirwing
7afff45088
Merge pull request #174555 from etu/php-drop-php74
...
php: Drop PHP 7.4
2022-06-10 10:43:31 +02:00
Martin Weinelt
7b3e907a6f
Merge pull request #176561 from K900/pipewire-create-home
2022-06-10 09:25:41 +02:00
lassulus
a12e525410
nixos/bitlbee: allow writing to configDir
2022-06-09 21:05:16 +02:00
Domen Kožar
f38fd46992
cachix-agent: set USER to please cachix
2022-06-09 17:07:28 +01:00
Ryan Horiguchi
42ceb20d29
nixos/gnome: make it possible to remove core packages
...
Co-Authored-By: Jan Tojnar <jtojnar@gmail.com>
2022-06-09 13:09:55 +02:00
Jan Tojnar
ca23e42105
nixos/gnome: Move sessionPath to core-shell group
...
This will allow people to disable these packages.
2022-06-09 13:04:20 +02:00
Jan Tojnar
016b99dce6
nixos/gnome: drop hicolor-icon-theme
...
It is already installed by xdg.icons.enable.
Let’s also enable that option explicitly to prevent users from accidentally
disabling it since GNOME will be severely broken without it.
2022-06-09 13:04:20 +02:00
Jan Tojnar
aad39fe41a
nixos/gnome: drop shared-mime-info
...
It is already installed by xdg.mime.enable.
Let’s also enable that option explicitly to prevent users from accidentally
disabling it since GNOME will be severely broken without it.
2022-06-09 13:04:19 +02:00
Julien Moutinho
17c6f62503
nixos/sourcehut: some settings became mandatory upstream
2022-06-08 19:46:04 -04:00
Julien Moutinho
f34d654860
nixos/sourcehut: increase RestartSec to better avoid degraded states
2022-06-08 19:46:04 -04:00
Julien Moutinho
cd6808ba9f
sourcehut: fix Unix socket support for Redis
2022-06-08 19:46:04 -04:00
Julien Moutinho
43b5dcd60c
nixos/sourcehut: remove forgotten unused files
2022-06-08 19:46:04 -04:00
Julien Moutinho
876f3a8bf0
sourcehut.todosrht: 0.67.2 -> 0.71.0
2022-06-08 19:46:04 -04:00
Julien Moutinho
bcb91bbeb7
sourcehut.metasrht: 0.57.5 -> 0.58.8
2022-06-08 19:46:04 -04:00
Julien Moutinho
59d8439966
sourcehut.listssrht: 0.51.7 -> 0.51.9
2022-06-08 19:46:04 -04:00
Julien Moutinho
658d8f1240
sourcehut.hgsrht: 0.29.4 -> 0.31.2
2022-06-08 19:46:04 -04:00
Julien Moutinho
b57ed0fa1d
sourcehut.gitsrht: 0.77.3 -> 0.78.18
2022-06-08 19:46:04 -04:00
Julien Moutinho
43f856ab2c
sourcehut.buildsrht: 0.75.2 -> 0.79.1
2022-06-08 19:46:04 -04:00
Elis Hirwing
da19e4ae97
nixos/snipe-it: Upgrade to PHP 8.1
...
They state that they support PHP 8.1:
https://snipe-it.readme.io/docs/requirements
2022-06-08 18:09:15 +02:00
Elis Hirwing
d7f000b98b
nixos/moodle: Upgrade to PHP 8.1
2022-06-08 18:09:11 +02:00
Elis Hirwing
d0862b0ed9
nixos/nextcloud: Upgrade to PHP 8.0
2022-06-08 18:09:07 +02:00
Elis Hirwing
a69ba21a29
nixos/invoiceplan: Upgrade to PHP 8.1
...
They seem to be working to get PHP 8.1 support:
https://github.com/InvoicePlane/InvoicePlane/issues/798
2022-06-08 18:09:03 +02:00
Elis Hirwing
f822b894c5
nixos/dokuwiki: Upgrade to PHP 8.1
...
They seem to run tests against 8.1 since this commit:
7aee97ee81
2022-06-08 18:08:59 +02:00
Elis Hirwing
c53c34ee72
nixos/postfixadmin: Upgrade to PHP 8.1
2022-06-08 18:08:56 +02:00
Elis Hirwing
4580a63bc4
nixos/grocy: Upgrade to PHP 8.0
2022-06-08 18:08:52 +02:00
Niklas Hambüchen
5683c6e03b
nixos/vaultwarden: Make example more detailed.
...
It took me a while to figure out how to correctly setup
vaultwarden on NixOS.
I hope that this more detailed example will help others.
2022-06-08 17:03:53 +02:00
Alyssa Ross
c0b05f106f
nixos/localtime: add missing mkRenamedOptionModule
...
Fixes: ffae8569b0
2022-06-08 13:46:26 +00:00
Martin Weinelt
e0169d7a9d
Merge pull request #176558 from Artturin/bumpnofileinfinity
2022-06-08 12:03:01 +02:00
Sandro
be96e24124
Merge pull request #163226 from lodi/persistent-evdev
...
persistent-evdev: init at unstable-2022-01-14
2022-06-07 23:46:13 +02:00
Ben Siraphob
033da0465f
Merge pull request #176418 from Yureien/init/dragonflydb
...
dragonflydb: init at 0.1.0
2022-06-07 14:02:26 -07:00
lodi
3f1ec25f90
persistent-evdev: init at unstable-2022-01-14
2022-06-07 13:20:52 -04:00
Daniel Poelzleithner
e78c2d05da
hedgedoc: ensure upload directory exists
...
Upload directory is not created when uploading, but will fail silently.
Ensure the upload directory is created.
2022-06-07 09:06:56 -05:00
Jörg Thalheim
70b31373b4
tt-rss: downgrade to php 8.0
2022-06-07 14:24:07 +02:00
happysalada
f5ef819e24
mimir: switch pname to mimir
2022-06-07 06:53:15 -04:00
cab
8de1e9e2f8
nixos/wg-quick: added support for configuration files
2022-06-07 01:28:50 +04:00
Rick van Schijndel
3037752d1d
Merge pull request #175961 from helsinki-systems/rem/broken
...
remove some packages marked broken for over 1.5 years
2022-06-06 20:44:39 +02:00
Sebastien Bourdeauducq
6cecab9cd8
hydra: create runcommand-logs directory
2022-06-06 11:36:58 -07:00
Artturin
c8f5b17a98
nixos/nix-daemon: set LimitNOFILE to 1048576
...
fixes 'too many open files'
2022-06-06 21:16:47 +03:00
K900
955d1a6dde
pipewire: create home directory for the pipewire user when running systemwide
...
wireplumber wants to store state there
2022-06-06 18:06:38 +03:00
Sandro
d8fad83d2c
Merge pull request #176133 from SuperSandro2000/asf-2
2022-06-06 14:34:44 +02:00
Nguyễn Gia Phong
22f3d4e4db
nixos: move matrix services into their category
2022-06-06 13:50:58 +09:00
Soham Sen
109e13db24
dragonflydb: init at 0.1.0
2022-06-06 04:05:48 +05:30
Emery Hemingway
2d012163f2
nixos/uhub: fix plugins, set CAP_NET_BIND_SERVICE
...
Fix generation of the plugins configuration and allow binding to
"privileged" ports.
2022-06-05 13:58:26 -05:00
Guillaume Girol
7548b71138
Merge pull request #171778 from zhaofengli/infnoise-0.3.2
...
infnoise: unstable-2019-08-12 -> 0.3.2, nixos/infnoise: init
2022-06-05 17:30:34 +00:00
Anders Kaseorg
b362ef4eff
pipewire: Never set an empty LD_LIBRARY_PATH
...
An empty LD_LIBRARY_PATH may confuse some applications into appending
:, creating an empty segment that insecurely refers to the current
directory, not the absence of directories.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2022-06-05 13:34:35 +02:00
Wout Mertens
949e1e5277
Merge pull request #176075 from NixOS/netdata-poststart
...
netdata: started when service can be pinged
2022-06-05 13:10:37 +02:00
pennae
4a9708930d
Merge pull request #176116 from pennae/unifi-remove-deprecated
...
nixos/unifi: change deprecated default for openFirewall
2022-06-04 20:52:34 +00:00
lom
0df7cba1b0
nixos/asf: ipcPasswordFile use nullOr
2022-06-04 12:00:45 -06:00
Sandro Jäckel
032f15e566
nixos/asf: add me as maintainer
2022-06-03 18:52:48 +02:00
Sandro Jäckel
d8cd684b62
nixos/asf: restart when self restarting
2022-06-03 18:52:47 +02:00
Sandro Jäckel
4de6a81193
nixos/asf: fix state directory permissions, for real
2022-06-03 18:52:47 +02:00
Sandro Jäckel
28379c3a51
Revert "nixos/asf: set restrictive home permissions"
...
This reverts commit 16f28933e7
2022-06-03 18:52:46 +02:00
Thiago Kenji Okada
44b5c8b6a7
Merge pull request #175965 from otavio/topic/nixos-restic
...
Add new restic options for NixOS module
2022-06-03 16:19:55 +01:00
Otavio Salvador
d9e3b1fafe
nixos/restic: add backup{Prepare,Cleanup}Command options
...
The backupPrepareCommand and backupCleanupCommand options offer a way to
run a script to prepare for backup and then cleanup it once finish.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
2022-06-03 11:22:22 -03:00
Otavio Salvador
deae887c5a
nixos/restic: add new repositoryFile option
...
Allow providing the repository as a file, useful when we don't want it
being stored in the Git repository as plain text.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
2022-06-03 11:21:37 -03:00
pennae
e21c4d67d5
nixos/unifi: change deprecated default for openFirewall
...
this was deprecated 6 months ago in unstable for removal in 22.11,
so now seems like a good point to change the default.
2022-06-03 15:59:41 +02:00
Sandro
c09782950f
Merge pull request #176030 from SuperSandro2000/asf
2022-06-03 12:12:23 +02:00
Sandro Jäckel
e438fad5e9
nixos/asf: format
2022-06-03 11:41:40 +02:00
Sandro Jäckel
17ec7e4401
nixos/asf: remove subdirectories from bot config
2022-06-03 11:41:38 +02:00
Sandro Jäckel
16f28933e7
nixos/asf: set restrictive home permissions
2022-06-03 11:41:37 +02:00
Sandro Jäckel
48b21f661c
nixos/asf: add ipcPasswordFile option, only delete bot configs when managed by nixos, make preStart clearer
2022-06-03 11:41:36 +02:00
Wout Mertens
7f025e2b34
netdata: started when service can be pinged
2022-06-03 10:45:27 +02:00
Otavio Salvador
082a4184ec
nixos/restic: reformat
...
Apply nixpkgs-fmt on file prior doing changes.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
2022-06-02 16:48:43 -03:00
Rick van Schijndel
d93d4a5820
Merge pull request #175872 from uninsane/colinsane/phosh-phoc-scale
...
phosh: allow fractional scaling
2022-06-02 20:54:41 +02:00
Lassulus
8cea5e2fa1
Merge pull request #173664 from Izorkin/peertube-redis-server
...
nixos/peertube: use redis.servers
2022-06-02 20:26:29 +02:00
ajs124
5bb61d6a25
syslogng_incubator: remove after being marked broken for over 18 months
...
It was marked in commit 6d797c8462
2022-06-02 18:03:52 +02:00
1d0649f929
phosh: restrict the scale config value to strictly positive values or null
2022-06-02 01:46:08 -07:00
cabf369f83
phosh: allow fractional scaling
2022-06-01 15:44:12 -07:00
Bernardo Meurer
ffae8569b0
nixos/localtimed: hopefully fix geoclue
2022-06-01 13:20:16 -07:00
Martin Weinelt
5a188dfbca
Merge pull request #175729 from DeterminateSystems/jellyfin-fix
2022-06-01 17:19:49 +02:00
Linus Heckemann
7eab23d517
jellyfin: fix permissions on state directory
...
Previously, all configuration and state data was accessible to all
users on the system running jellyfin. This included user passwords in
the Jellyfin database, as well as credentials for LDAP if configured.
The exact set of accessible data depends on system configuration.
Thanks to Sofie Finnes Øvrelid for reporting this issue.
Fixes: CVE-2022-32198
Co-Authored-By: Martin Weinelt <hexa@darmstadt.ccc.de>
2022-06-01 12:31:23 +02:00
Aaron Andersen
18a07645e5
Merge pull request #174959 from MoritzBoehme/openconnect-auto-start
...
nixos/openconnect: add autoStart option
2022-05-31 23:05:25 -04:00
Martin Weinelt
02e44ee3be
Merge pull request #174804 from dotlambda/prometheus-dmarc-exporter-no-poetry2nix
2022-06-01 01:46:30 +02:00
Robert Schütz
aff15c41fc
dmarc-metrics-exporter: rename from prometheus-dmarc-exporter
...
Also stop using poetry2nix.
2022-05-31 23:25:18 +00:00
Sandro
8d8e031d25
Merge pull request #133771 from erdnaxe/libreddit_fix
...
nixos/libreddit: service hardening and test
2022-05-31 21:53:51 +02:00
Maximilian Bosch
185ee01e80
Merge pull request #173273 from kfollesdal/grafana-azuread
...
nixos/grafana: add new options to grafana module
2022-05-31 19:24:33 +02:00
markuskowa
412168b4ae
Merge pull request #175316 from markuskowa/upd-slurm
...
slurm: 21.08.8.2 -> 22.05.0.1
2022-05-30 21:18:28 +02:00
ajs124
30186896ee
nixos/nginx: fix SystemCallFilter for openresty
2022-05-30 11:58:28 +02:00
linj
37792e5766
nixos/dendrite: add an option loadCredential
...
systemd-247 provides a mechanism called LoadCredential for secrets and
it is better than environment file. See the section of Environment=
in the manual of systemd.exec for more information.
Some options in config.yaml need values to be strings, which currently
can be used with environmentFile but not loadCredential. But it's
possible to use loadCredential for those options, e.g. we can
substitute their values in ExecStart, but not in ExecStartPre due to
[1].
[1]: https://github.com/systemd/systemd/issues/19604
2022-05-29 13:34:14 -07:00
Jan Tojnar
81291cc793
nixos/grafana: Allow setting UID for datasource
2022-05-29 19:22:02 +02:00
Markus Kowalewski
b6020f42a5
nixos/slurm: update systemd service for slurmd
...
Adjust according to upstream recommendation
2022-05-29 17:17:01 +02:00
Jörg Thalheim
d32a2bf207
nixos/mimir: also expose mimirtool to users
2022-05-29 03:49:17 -04:00
Jörg Thalheim
6497902407
nixos/mimir: set workingdirectory
...
Mimir writes files relatative to its working directory.
With this option less files have to be configured.
2022-05-29 03:49:17 -04:00
Aleksandar Topuzović
fd86efb8c2
nixos/nextcloud: Fix broken config file
2022-05-28 19:14:12 +01:00
Zhaofeng Li
6c4bfe583c
nixos/infnoise: init
2022-05-27 15:18:43 -07:00
Moritz Böhme
106bfcaf8a
nixos/openconnect: add autoStart option
2022-05-27 17:41:03 +02:00
Sandro
23ec1c06c0
Merge pull request #173126 from NULLx76/update-hedgedoc-module
...
nixos/hedgedoc: fix and add config options
2022-05-27 16:03:22 +02:00
Maximilian Bosch
57a8966d03
Merge pull request #171227 from aidalgol/nextcloud-setup-script-fix
...
nixos/nextcloud: Fix broken error suppression in setup script
2022-05-27 13:23:10 +02:00
Jörg Thalheim
9ae4a910e4
nixos/timetagger: drop non-evaluating service files
...
The file was not included in the module list and also does not evaluate.
2022-05-25 21:24:48 +02:00
Sandro
7fa8d8b2e2
Merge pull request #153481 from Tchekda/submit/bird-lg
2022-05-25 18:20:58 +02:00
Philipp Woelfel
81ed7d8861
nixos/calibre-web: Add quotes to test for calibre library
2022-05-23 20:03:28 -06:00
Maximilian Bosch
2b7e06e0b6
Merge pull request #174145 from alarsyo/nextcloud24-php8
...
nixos/nextcloud: use PHP 8 avoiding broken 2FA app
2022-05-23 20:23:11 +02:00
Antoine Martin
f3f0b60006
nixos/nextcloud: use PHP 8 avoiding broken 2FA app
2022-05-23 18:39:39 +02:00
github-actions[bot]
f51499324c
Merge master into staging-next
2022-05-23 12:01:25 +00:00
pennae
023e25264c
Merge pull request #172983 from pennae/mosquitto-bind-interface
...
nixos/mosquitto: add bind_interface listener option, fix assertion messages
2022-05-23 10:53:08 +00:00
github-actions[bot]
107b6041bc
Merge master into staging-next
2022-05-22 18:01:20 +00:00
Martin Weinelt
05232d19b6
Merge pull request #163220 from fleaz/init-r53_ddns
2022-05-22 17:08:55 +02:00
Benno Bielmeier
d156db7d17
nixos/gollum: add option 'no-edit'
2022-05-22 15:06:00 +02:00
Benno Bielmeier
8e7b82be49
nixos/gollum: add option 'user-icons'
2022-05-22 15:06:00 +02:00
Benno Bielmeier
8a770f06a2
gollum: refactor package
...
use `bundlerApp` in preference to `stdenv.mkDerivation`
2022-05-22 15:06:00 +02:00
github-actions[bot]
86ec85655d
Merge master into staging-next
2022-05-22 12:01:28 +00:00
Yureka
821724b184
nixos/gitlab: support 15.x
2022-05-22 13:09:36 +02:00
Jörg Thalheim
e2e77bfb9a
Merge pull request #173978 from alyssais/postfix-RemainAfterExit
...
nixos/postfix: make postfix-setup RemainAfterExit
2022-05-22 12:04:04 +01:00
Alyssa Ross
27530ba856
nixos/postfix: make postfix-setup RemainAfterExit
...
Otherwise, it wouldn't get restarted when a new system configuration
was activatad, so the Postfix configuration wouldn't be updated.
Fixes: fb2fa1b50f
2022-05-22 10:33:22 +00:00
github-actions[bot]
dbef850602
Merge master into staging-next
2022-05-22 00:02:20 +00:00
Francesco Gazzetta
6bb9d0ce3b
nixos/zeronet: fix systemd after
2022-05-21 17:46:28 -04:00
Francesco Gazzetta
183e391256
nixos/zeronet: add package option
2022-05-21 17:46:28 -04:00
Guillaume Girol
4f709ea817
Merge pull request #164883 from oxalica/feat/btrbk-no-timer
...
nixos/btrbk: allow instances without timers and simplify
2022-05-21 20:04:54 +00:00
github-actions[bot]
084f3d75e7
Merge master into staging-next
2022-05-21 18:01:06 +00:00
Maximilian Bosch
bfa8abf3b0
Merge pull request #170797 from Ma27/mailman
...
mailman: refactor package structure
2022-05-21 19:24:24 +02:00
Maximilian Bosch
33c44a1031
nextcloud22: drop
...
Version 22 will be EOLed in July 2022[1] and we shouldn't have
unsupported software in the soon-to-be-released NixOS 22.05, hence
dropping it already.
[1] https://github.com/nextcloud/server/wiki/Maintenance-and-Release-Schedule
2022-05-21 18:34:28 +02:00
Jan Tojnar
b8b9f52393
Merge branch 'master' into staging-next
...
Conflicts:
- pkgs/applications/networking/browsers/firefox/common.nix between 318fae87c0f6c5761935
2022-05-21 17:52:39 +02:00
Bobby Rong
ce084ad5bf
Merge pull request #173842 from bobby285271/pantheon-updates
...
nixos/pantheon: install sideload when Flatpak is enabled
2022-05-21 17:34:41 +08:00
Bobby Rong
646336ee06
nixos/pantheon: install sideload when Flatpak is enabled
...
Tested by installing VLC from Flathub, sideload is installed by default on elementary OS.
2022-05-21 14:05:42 +08:00
Aidan Gauland
80367c8db8
nixos/nextcloud: Remove confusing comment
...
There is a comment above the invocation of 'nextcloud-occ app:enable', stating
that the script should not fail if any of the apps cannot be enabled, but there
is nothing in place to suppress errors. The app:enable command already
continues installing the remaining apps when one fails to install, and we do not
want to suppress errors in the setup script, so this just removes the comment
about not failing.
2022-05-21 10:36:51 +12:00
David Tchekachev
0f63bd3ba8
nixos/bird-lg: init
2022-05-20 15:44:00 +03:00
Janne Heß
cd139069fd
Merge pull request #173668 from mweinelt/slapd-notify
...
nixos/openldap: use upstream unit defaults
2022-05-20 10:20:13 +02:00
github-actions[bot]
ce95d139b7
Merge master into staging-next
2022-05-20 06:01:19 +00:00
Bobby Rong
cee75cb765
Merge pull request #173459 from bobby285271/pantheon-updates
...
Pantheon 7 updates 2022-05-18
2022-05-20 13:12:39 +08:00
github-actions[bot]
75906ed245
Merge master into staging-next
2022-05-20 00:02:29 +00:00
Maximilian Bosch
aea3ec632d
mailman: split python env for web and mailman
2022-05-20 01:36:48 +02:00
Maximilian Bosch
72a14ea563
mailman: refactor package structure
...
* Removed unused `.package`-option.
* Added explicit postgresql support.
* Create a new meta-package for mailman to make sure each component has
the **same** python and packages can be downgraded if needed (e.g.
psycopg2 or sqlalchemy) without interfering with `pythonPackages` in any way.
* Document why certain python overrides are needed.
Closes #170035
Closes #158424
2022-05-20 01:21:20 +02:00
Izorkin
0b1340f57b
nixos/peertube: use redis.servers
2022-05-19 23:52:50 +03:00
Martin Weinelt
885d4e047b
nixos/openldap: use upstream unit defaults
...
OpenLDAP since version 2.5.4¹ supports sd_notify, so we should make use
of it.
Also updates the unit description and documentation with the values
upstream provides.
Starts slapd only after reaching `network-online.target`, which ensures
binding to specific ip addresses is possible, since `network.target`
only guarantees interfaces exist, but not that addressing is finished.
[1] https://bugs.openldap.org/show_bug.cgi?id=8707
2022-05-19 22:31:26 +02:00
Jörg Thalheim
e56ae50ed9
Merge pull request #173109 from Mic92/upterm
...
nixos/upterm: additional hardening
2022-05-19 20:16:13 +01:00
github-actions[bot]
b833efbcd7
Merge master into staging-next
2022-05-19 18:06:51 +00:00
sternenseemann
f181d591ce
Merge pull request #173623 from xaverdh/xmonad-fix-example
...
nixos/xmonad: adjust to reflect v0.17.0 update of xmonad
2022-05-19 19:18:55 +02:00
Dominik Xaver Hörl
34a1ff28e0
nixos/xmonad: adjust example to reflect v0.17.0 update of xmonad
2022-05-19 18:10:55 +02:00
Silvan Mosberger
f224a4f1b3
Merge pull request #76315 from nek0/restya-board-config-fix2
...
restya-board: further fix for functionality
2022-05-19 16:04:41 +02:00
Niklas Hambüchen
23aee34b6f
Merge pull request #171264 from NixOS/nebula-always-restart
...
nixos/nebula: Always restart
2022-05-19 14:05:49 +02:00
github-actions[bot]
bd83e4cf98
Merge master into staging-next
2022-05-19 12:01:54 +00:00
Anillc
6958412083
nixos/frr: add extraOptions option
...
Support passing options to daemons. For example, bgpd needs '-M rpki' to
enable rpki functions.
2022-05-19 16:02:47 +08:00
Kristoffer Føllesdal
298e2ce302
nixos/grafana: add disableLoginForm option
2022-05-18 16:09:04 +02:00
Kristoffer Føllesdal
ea8f7e7bbd
nixos/grafana: add serveFromSubPath option
2022-05-18 16:08:15 +02:00
github-actions[bot]
bd9c07eb24
Merge master into staging-next
2022-05-18 12:01:24 +00:00
Shea Levy
7456be85db
Merge branch 'staging-next' into staging
2022-05-18 06:40:21 -04:00
Maximilian Bosch
f1f849afb8
Merge pull request #171736 from arnottcr/nextcloud
...
nextcloud24: init at 24.0.0
2022-05-18 12:14:01 +02:00
Silvan Mosberger
26ab617a10
Merge pull request #172393 from mweinelt/openssh/sntrup761x25519-sha512-kexmethod
...
nixos/openssh: Add sntrup761x25519-sha512 kexAlgo
2022-05-18 12:03:00 +02:00
Maximilian Bosch
a0bcf1e9ea
nixos/nextcloud: styling
2022-05-18 11:50:53 +02:00
Maximilian Bosch
e46bff9569
nixos/nextcloud: upgrade instructions / info for v23
2022-05-18 11:47:50 +02:00
Maximilian Bosch
6f80d6836a
nixos/nextcloud: mariadb workaround is for versions >=24 not needed anymore
2022-05-18 11:22:31 +02:00
Lassulus
a976121d57
Merge pull request #165474 from jian-lin/fix-wireguard-systemd-unit-dependency
...
nixos/wireguard: fix dependencies on network-related targets
2022-05-18 11:16:25 +02:00
Bobby Rong
c601126bc8
nixos/pantheon: enable power-profiles-daemon
...
switchboard-plug-power is providing support for this since 2.7.0.
Note that we don't handle the conflict with tlp because we have
no way of knowing which way a user wants to resolve the conflict.
2022-05-18 14:19:53 +08:00
Bobby Rong
b93b4f71f2
nixos/pantheon: also treat gnome-font-viewer as non-core apps
2022-05-18 14:19:53 +08:00
Bobby Rong
6f23ca82bd
nixos/pantheon: use pantheon.gnome-settings-daemon
...
pantheon.gnome-settings-daemon *is* gnome.gnome-settings-daemon338,
doing this so I don't need to update this on every GSD update.
2022-05-18 13:13:54 +08:00
Robert Schütz
ae758a85d7
nixos/radicale: give access to /dev/urandom
...
A git command was failing in the test with
error: unable to get random bytes for temporary file: Operation not permitted
error: unable to create temporary file: Operation not permitted
error: .Radicale.lock: failed to insert into database
error: unable to index file '.Radicale.lock'
2022-05-17 22:23:57 +02:00
Cole Helbling
c0723eef37
nixos/prometheus: enable checking syntax only
...
This allows config checking with external files to not fail inside the
sandbox.
2022-05-17 10:45:49 -07:00
Maximilian Bosch
6e6ba864b3
Merge pull request #130434 from mrVanDalo/feature/fix_nextcloud_logging
...
nextcloud: fix logging parameter
2022-05-17 18:53:36 +02:00
Maximilian Bosch
ab8a7cae2c
nixos/nextcloud: remove unneeded log_level-param
...
Actually it's called `loglevel` on both v22 and v23.
2022-05-17 18:11:40 +02:00
Maximilian Bosch
0b904cfc7e
Merge pull request #172926 from aidalgol/nextcloud-hsts-options
...
nixos/nextcloud: Add option for max-age HSTS directive
2022-05-17 18:04:25 +02:00
github-actions[bot]
9232271f66
Merge master into staging-next
2022-05-17 00:02:18 +00:00
Jan Tojnar
ff691ed9ba
nixos/gdm: Fix missing icons
...
Recent `wrapGAppsHook` change stops `adwaita-icon-theme` from being added to `XDG_DATA_DIRS`:
b1e73fa2e0https://github.com/NixOS/nixpkgs/issues/171692
2022-05-17 00:19:18 +02:00
github-actions[bot]
e87bfef273
Merge staging-next into staging
2022-05-16 18:11:41 +00:00
github-actions[bot]
115f2f7878
Merge master into staging-next
2022-05-16 18:05:56 +00:00
Ian Kerins
560ca02280
nixos/nitter: update example configuration file URL
...
It was moved.
2022-05-16 10:16:06 -05:00
Kristoffer Føllesdal
e13ec87217
nixos/grafana: add Azure AD OAuth options
2022-05-16 16:37:02 +02:00
github-actions[bot]
add75748e2
Merge staging-next into staging
2022-05-16 12:03:45 +00:00
github-actions[bot]
f10256fb7a
Merge master into staging-next
2022-05-16 12:02:51 +00:00
Jörg Thalheim
9b5e36cf13
Merge pull request #173207 from SuperSandro2000/ddclient-verbose
...
nixos/ddclient: turn verbose off by default
2022-05-16 07:01:25 +01:00
Sandro
6c0dc6d621
nixos/ddclient: turn verbose off by default
...
verbose is a debugging setting one step noisier than debug and should only be turned on when debugging because it leaks quite some credentials and tokens in the journalctl.
2022-05-16 01:49:08 +02:00
Victor
e9b1375878
nixos/hedgedoc: fix and add config options
...
* fixed minio endpoint config option name
* add requireFreeURLAuthentication config option
2022-05-15 11:57:15 +02:00
pennae
c1115d37ff
nixos/mosquitto: fix attribute path display in assertions
2022-05-15 10:33:38 +02:00
pennae
2145dbc4fc
nixos/mosquitto: add missing listener option bind_interface
...
we expose it under settings instead of at the listener toplevel because
mosquitto seems to pick the addresses it will listen on
nondeterministically from the set of addresses configured on the
interface being bound to. encouraging its use by putting it into the
toplevel options for a listener seems inadvisable.
2022-05-15 10:33:38 +02:00
Jörg Thalheim
eefafb54ef
nixos/upterm: additional hardening
...
Before:
$ ps aux | grep upterm
root 2575046 0.0 0.0 1085080
2022-05-15 09:57:52 +02:00
github-actions[bot]
a41870fcba
Merge staging-next into staging
2022-05-15 06:01:50 +00:00
github-actions[bot]
a44988ac0d
Merge master into staging-next
2022-05-15 06:01:17 +00:00
Jan Tojnar
d1b77f990f
Merge branch 'staging-next' into staging
...
Conflicts:
pkgs/applications/networking/browsers/firefox/common.nix between f6c5761935a373324120
2022-05-15 07:08:29 +02:00
Aaron Andersen
82716bddb5
Merge pull request #170079 from bb2020/mbpfan
...
nixos/mbpfan: minor changes
2022-05-14 22:13:05 -04:00
github-actions[bot]
3328bc9666
Merge master into staging-next
2022-05-14 00:02:10 +00:00
Aidan Gauland
59244e07f0
nixos/nextcloud: Add option for max-age HSTS directive
...
* Add an option services.nextcloud.nginx.hstsMaxAge for setting the max-age
directive of the Strict-Transport-Security HTTP header.
* Make the Strict-Transport-Security HTTP header in the Nginx virtualhost block
dependant upon the option services.nextcloud.https instead of
services.nextcloud.nginx.recommendedHttpHeaders, as this header makes no sense
when not using HTTPS. (Closes #169465 )
2022-05-14 09:04:45 +12:00
adisbladis
fb222e0086
Merge pull request #172820 from alyssais/compressed-firmware
...
Compressed firmware
2022-05-14 02:38:48 +08:00
github-actions[bot]
fe71877bbd
Merge staging-next into staging
2022-05-13 18:03:04 +00:00
github-actions[bot]
bcb22e9a7b
Merge master into staging-next
2022-05-13 18:01:23 +00:00
Martin Weinelt
3607d087ec
Merge pull request #112682 from hax404/upterm
2022-05-13 18:24:54 +02:00
Georg Haas
18ffb9690c
nixos/uptermd: init
2022-05-13 17:44:44 +02:00
Alyssa Ross
8aa8e0ce7f
nixos/udev: compress all firmware if supported
...
This should be a significant disk space saving for most NixOS
installations. This method is a bit more complicated than doing it in
the postInstall for the firmware derivations, but this way it's
automatic, so each firmware package doesn't have to separately
implement its compression.
Currently, only xz compression is supported, but it's likely that
future versions of Linux will additionally support zstd, so I've
written the code in such a way that it would be very easy to implement
zstd compression for those kernels when they arrive, falling back to
xz for older (current) kernels.
I chose the highest possible level of compression (xz -9) because even
at this level, decompression time is negligible. Here's how long it took
to decompress every firmware file my laptop uses:
i915/kbl_dmc_ver1_04.bin 2ms
regulatory.db 4ms
regulatory.db.p7s 3ms
iwlwifi-7265D-29.ucode 62ms
9d71-GOOGLE-EVEMAX-0-tplg.bin 22ms
intel/dsp_fw_kbl.bin 65ms
dsp_lib_dsm_core_spt_release.bin 6ms
intel/ibt-hw-37.8.10-fw-22.50.19.14.f.bseq 7ms
And since booting NixOS is a parallel process, it's unlikely (but
difficult to measure) that the time to user interaction was held up at
all by most of these.
Fixes (partially?) #148197
2022-05-13 14:36:34 +00:00
Jelle Besseling
0f69a517a4
nixos/mastodon: use redis.servers
2022-05-13 15:39:44 +02:00
Maximilian Bosch
4d0e1bfb3a
Merge pull request #172381 from mayflower/atlassian-service-restart
...
nixos/{jira,crowd,confluence}: restart service on failure
2022-05-13 14:10:30 +02:00
github-actions[bot]
814126147f
Merge staging-next into staging
2022-05-13 12:02:03 +00:00
github-actions[bot]
477cc9463d
Merge master into staging-next
2022-05-13 12:01:27 +00:00
Mario Rodas
9457a82e42
Merge pull request #171459 from ivan/postgresql-is-14
...
nixos/postgresql: use postgres 14 for 22.05
2022-05-13 06:44:25 -05:00
Linus Heckemann
a7ee915179
Merge pull request #172378 from Mindavi/hydra-updates-3
...
Hydra updates 3
2022-05-13 12:55:53 +02:00
Max Hausch
2802e8f05c
nixos/hedgedoc: Set StateDirectory to workDir and uploadsPath
...
This is needed to make uploading files possible in the hedgedoc ui.
2022-05-13 10:27:51 +02:00
github-actions[bot]
97ea1401a7
Merge master into staging-next
2022-05-13 00:03:00 +00:00
Silvan Mosberger
486992aca7
Merge pull request #160752 from svrana/desktop-manager-script-start
...
desktop manager script: start properly
2022-05-12 20:49:13 +02:00
Silvan Mosberger
fd50826952
Merge pull request #104457 from ju1m/public-inbox
...
Update public-inbox to 1.8.0 and add systemd services
2022-05-12 20:46:39 +02:00
github-actions[bot]
6b23d26afc
Merge master into staging-next
2022-05-12 18:02:25 +00:00
Daniel Poelzleithner
64878e3a67
automysqlbackp: fix missing permissions for mysqldump
...
automysqldump passes the --events flag, but without the EVENTS permission a error occures:
> mysqldump: Couldn't execute 'show events': Access denied for user 'automysqlbackup'@'localhost' to database 'mysql' (1044)
2022-05-12 13:17:14 +02:00
Julien Moutinho
c646d375d3
nixos/public-inbox: support enabling confinement
...
Add support for enabling confinement
but does not enable it by default yet
because so far no module within NixOS uses confinement
hence that would set a precedent.
2022-05-12 01:56:46 +02:00
Julien Moutinho
0e290442ba
nixos/public-inbox: add tests
2022-05-12 01:56:16 +02:00
Julien Moutinho
8514800c42
nixos/public-inbox: init
2022-05-12 01:56:15 +02:00
oxalica
085a5256c1
nixos/btrbk: inherit lib functions to simplify use-sites
2022-05-12 05:55:39 +08:00
oxalica
60e13131b6
nixos/btrbk: allow instances without timers
...
This allows btrbk instances without a triggering timer by setting
`onCalendar` to `null`.
This is useful for manual-starting only btrbk backup settings.
2022-05-12 05:55:17 +08:00
github-actions[bot]
7dbfbc2e90
Merge staging-next into staging
2022-05-11 18:10:52 +00:00
Thiago Kenji Okada
eb6c3e1591
Merge pull request #171101 from NickCao/dendrite-bump
...
dendrite: 0.8.1 -> 0.8.4
2022-05-11 14:27:50 +01:00
Nick Cao
82f0b53588
dendrite: 0.8.1 -> 0.8.4
2022-05-11 18:40:05 +08:00
Rick van Schijndel
3a7f7c1153
hydra-unstable -> hydra_unstable
2022-05-10 23:32:02 +02:00
Martin Weinelt
fa7ce6bc7f
nixos/openssh: Add sntrup761x25519-sha512 kexAlgo
...
Introduced in OpenSSH 9.0 it became the part of the default kexAlgorithm
selection, visibile in sshd_config(5).
It is also enabled by default in the OpenSSH client, as can be seen from
$ ssh -Q KexAlgorithms
Also clarifies that we use the referenced documents as the lower bound,
given that they haven't been updated for 5-7y.
2022-05-10 23:20:54 +02:00
Maximilian Bosch
6f9099fa62
nixos/{jira,crowd,confluence}: restart service on failure
...
In case of unexpected failures of the services - such as an OOM - it
shouldn't be necessary for an administrator to restart the service by
hand (which is usually sufficient). Instead, this should happen
automatically.
Also, I decided to increase the interval between restart attempts from
100ms[1] to 10s for a small grace period as suggested by several online
resources[2][3].
[1] See `systemd.service(5)`
[2] https://it.megocollector.com/linux/create-systemd-services-for-atlassian-apps/
[3] https://anteru.net/blog/2017/jira-confluence-with-systemd-on-centos/
2022-05-10 22:31:22 +02:00
github-actions[bot]
3a79190750
Merge staging-next into staging
2022-05-10 18:01:50 +00:00
Lara
9cb388739f
nixos/snipe-it: init
...
Snipe-IT is a free open source IT asset/license management system
https://snipeitapp.com/
2022-05-10 16:57:21 +02:00
bb2020
8bdcffc4fe
nixos/mbpfan: minor changes
2022-05-10 15:40:17 +03:00
github-actions[bot]
27575e98ee
Merge staging-next into staging
2022-05-09 12:08:45 +00:00
Janne Heß
e6fb1e63d1
Merge pull request #171650 from helsinki-systems/feat/config-systemd-package
...
treewide: pkgs.systemd -> config.systemd.package
2022-05-09 10:23:04 +02:00
github-actions[bot]
31938a3f5c
Merge staging-next into staging
2022-05-09 00:03:28 +00:00
github-actions[bot]
f39e774f11
Merge master into staging-next
2022-05-09 00:02:27 +00:00
Sandro
8803756fd3
Merge pull request #172072 from ivan/tinc-unbreak
...
nixos/tinc: unbreak the service
2022-05-09 01:27:12 +02:00
Sandro
b196dea22d
Merge pull request #172080 from wentasah/usbrelay-1.0
...
usbrelay: 0.9 -> 1.0
2022-05-09 01:02:08 +02:00
Michal Sojka
26ec7081d6
nixos/usbrelayd: set myself as module maintainer
...
I forgot setting that when creating the module.
2022-05-08 21:44:50 +02:00
Michal Sojka
3effbca0bc
usbrelay: 0.9 -> 1.0
2022-05-08 21:16:32 +02:00
