colin/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
383,710 Commits 125 Branches 0 Tags 3.4 GiB
475b010143
Commit Graph

21383 Commits

Author SHA1 Message Date
Sandro
d8fad83d2c
Merge pull request #176133 from SuperSandro2000/asf-2 2022-06-06 14:34:44 +02:00
zowoq
e9f4412eb4 docker-edge: remove 2022-06-06 14:06:39 +10:00
Emery Hemingway
2d012163f2 nixos/uhub: fix plugins, set CAP_NET_BIND_SERVICE 
Fix generation of the plugins configuration and allow binding to
"privileged" ports.
 2022-06-05 13:58:26 -05:00
Guillaume Girol
7548b71138
Merge pull request #171778 from zhaofengli/infnoise-0.3.2 
infnoise: unstable-2019-08-12 -> 0.3.2, nixos/infnoise: init
 2022-06-05 17:30:34 +00:00
Anders Kaseorg
b362ef4eff pipewire: Never set an empty LD_LIBRARY_PATH 
An empty LD_LIBRARY_PATH may confuse some applications into appending
:, creating an empty segment that insecurely refers to the current
directory, not the absence of directories.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
 2022-06-05 13:34:35 +02:00
Wout Mertens
949e1e5277
Merge pull request #176075 from NixOS/netdata-poststart 
netdata: started when service can be pinged
 2022-06-05 13:10:37 +02:00
pennae
4a9708930d
Merge pull request #176116 from pennae/unifi-remove-deprecated 
nixos/unifi: change deprecated default for openFirewall
 2022-06-04 20:52:34 +00:00
lom
0df7cba1b0 nixos/asf: ipcPasswordFile use nullOr 2022-06-04 12:00:45 -06:00
pennae
18cce1008e
Merge pull request #175743 from scvalex/add-route-type-option 
nixos/network-interfaces: add networking.interfaces.<name>.ipv[46].routes.type
 2022-06-04 15:41:03 +00:00
Sandro Jäckel
032f15e566
nixos/asf: add me as maintainer 2022-06-03 18:52:48 +02:00
Sandro Jäckel
d8cd684b62
nixos/asf: restart when self restarting 2022-06-03 18:52:47 +02:00
Sandro Jäckel
4de6a81193
nixos/asf: fix state directory permissions, for real 2022-06-03 18:52:47 +02:00
Sandro Jäckel
28379c3a51
Revert "nixos/asf: set restrictive home permissions" 
This reverts commit 16f28933e7.
 2022-06-03 18:52:46 +02:00
Thiago Kenji Okada
44b5c8b6a7
Merge pull request #175965 from otavio/topic/nixos-restic 
Add new restic options for NixOS module
 2022-06-03 16:19:55 +01:00
Otavio Salvador
d9e3b1fafe nixos/restic: add backup{Prepare,Cleanup}Command options 
The backupPrepareCommand and backupCleanupCommand options offer a way to
run a script to prepare for backup and then cleanup it once finish.

Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
 2022-06-03 11:22:22 -03:00
Otavio Salvador
deae887c5a nixos/restic: add new repositoryFile option 
Allow providing the repository as a file, useful when we don't want it
being stored in the Git repository as plain text.

Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
 2022-06-03 11:21:37 -03:00
pennae
e21c4d67d5 nixos/unifi: change deprecated default for openFirewall 
this was deprecated 6 months ago in unstable for removal in 22.11,
so now seems like a good point to change the default.
 2022-06-03 15:59:41 +02:00
Sandro
c09782950f
Merge pull request #176030 from SuperSandro2000/asf 2022-06-03 12:12:23 +02:00
Sandro Jäckel
e438fad5e9
nixos/asf: format 2022-06-03 11:41:40 +02:00
Sandro Jäckel
17ec7e4401
nixos/asf: remove subdirectories from bot config 2022-06-03 11:41:38 +02:00
Sandro Jäckel
16f28933e7
nixos/asf: set restrictive home permissions 2022-06-03 11:41:37 +02:00
Sandro Jäckel
48b21f661c
nixos/asf: add ipcPasswordFile option, only delete bot configs when managed by nixos, make preStart clearer 2022-06-03 11:41:36 +02:00
Wout Mertens
7f025e2b34
netdata: started when service can be pinged 2022-06-03 10:45:27 +02:00
Otavio Salvador
082a4184ec nixos/restic: reformat 
Apply nixpkgs-fmt on file prior doing changes.

Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
 2022-06-02 16:48:43 -03:00
Rick van Schijndel
d93d4a5820
Merge pull request #175872 from uninsane/colinsane/phosh-phoc-scale 
phosh: allow fractional scaling
 2022-06-02 20:54:41 +02:00
Lassulus
8cea5e2fa1
Merge pull request #173664 from Izorkin/peertube-redis-server 
nixos/peertube: use redis.servers
 2022-06-02 20:26:29 +02:00
Alexandru Scvortov
3a09010b9d nixos/network-interfaces: add networking.interfaces.<name>.ipv[46].routes.type 2022-06-02 19:16:25 +01:00
Thiago Kenji Okada
679197e9ff
Merge pull request #174058 from jian-lin/fix-nvidia.powerManagement.finegrained-only-apply-workarounds-when-needed 
nixos/nvidia: only apply workarounds for finegrained when needed
 2022-06-02 17:55:23 +01:00
Thiago Kenji Okada
64870a0c57
Merge pull request #174259 from schuelermine/add-nixos-option/hardware.nvidia.forceFullCompositionPipeline 
nixos/nvidia: add hardware.nvidia.forceFullCompositionPipeline
 2022-06-02 17:50:50 +01:00
Thiago Kenji Okada
3ead2b58f5
Merge pull request #174057 from jian-lin/fix-nvidia.powerManagement.finegrained-remove-useless-setting 
nixos/nvidia: remove a useless option
 2022-06-02 17:32:24 +01:00
colin
1d0649f929 phosh: restrict the scale config value to strictly positive values or null 2022-06-02 01:46:08 -07:00
MatthiasBenaets
9a5c77c581 nixos/new-lg4ff: fix kernel selection 2022-06-02 08:27:42 +02:00
colin
cabf369f83 phosh: allow fractional scaling 2022-06-01 15:44:12 -07:00
Bernardo Meurer
f4d4b16d71
Merge pull request #175831 from lovesegfault/fix-localtime 
nixos/localtimed: hopefully fix geoclue
 2022-06-01 14:38:29 -07:00
lom
ec9204d732 nixos/new-lg4ff: respect enable option 2022-06-01 15:09:24 -06:00
Bernardo Meurer
ffae8569b0 nixos/localtimed: hopefully fix geoclue 2022-06-01 13:20:16 -07:00
Martin Weinelt
5a188dfbca
Merge pull request #175729 from DeterminateSystems/jellyfin-fix 2022-06-01 17:19:49 +02:00
Sandro
ba4c03124f
Merge pull request #174956 from MatthiasBenaets/new-lg4ff 
new-lg4ff: init at 0.3.3
 2022-06-01 16:42:55 +02:00
MatthiasBenaets
8dcba104aa new-lg4ff: init at 0.3.3 2022-06-01 14:31:52 +02:00
Linus Heckemann
7eab23d517 jellyfin: fix permissions on state directory 
Previously, all configuration and state data was accessible to all
users on the system running jellyfin. This included user passwords in
the Jellyfin database, as well as credentials for LDAP if configured.
The exact set of accessible data depends on system configuration.

Thanks to Sofie Finnes Øvrelid for reporting this issue.

Fixes: CVE-2022-32198

Co-Authored-By: Martin Weinelt <hexa@darmstadt.ccc.de>
 2022-06-01 12:31:23 +02:00
Martin Weinelt
5b8a2ab169
Merge pull request #175611 from waldheinz/systemd-boot-builder-does-not-update 
nixos/systemd-boot: fix systemd-boot-builder refusing to update
 2022-06-01 12:22:11 +02:00
Matthias Treydte
ff24f484af nixos/systemd-boot: fix systemd-boot-builder refusing to update 
Handling of the string length condition in should_update
was broken, as evident with the log message

> leaving systemd-boot 246 in place (250.4 is not newer)

Discussion with @mweinelt came to the conclusion
that Python's "<" operator already does what we need,
so the should_update function can be dropped.

Fixes a30de3b849
 2022-06-01 11:49:07 +02:00
Aaron Andersen
18a07645e5
Merge pull request #174959 from MoritzBoehme/openconnect-auto-start 
nixos/openconnect: add autoStart option
 2022-05-31 23:05:25 -04:00
Martin Weinelt
02e44ee3be
Merge pull request #174804 from dotlambda/prometheus-dmarc-exporter-no-poetry2nix 2022-06-01 01:46:30 +02:00
Robert Schütz
aff15c41fc dmarc-metrics-exporter: rename from prometheus-dmarc-exporter 
Also stop using poetry2nix.
 2022-05-31 23:25:18 +00:00
7c6f434c
39e6b1a240
Merge pull request #175558 from klemensn/atop-convert-logs-fix-startup 
nixos/atop: Convert log format to fix service start
 2022-05-31 20:37:23 +00:00
Sandro
8d8e031d25
Merge pull request #133771 from erdnaxe/libreddit_fix 
nixos/libreddit: service hardening and test
 2022-05-31 21:53:51 +02:00
Maximilian Bosch
185ee01e80
Merge pull request #173273 from kfollesdal/grafana-azuread 
nixos/grafana: add new options to grafana module
 2022-05-31 19:24:33 +02:00
Robert Hensing
53326189ba
Merge pull request #174829 from blaggacao/fix/cleanup-nixpkgs-initial-system 
nixos: remove effect-less nixpgks.initialSystem
 2022-05-31 16:26:25 +02:00
Klemens Nanni
09350ff7d4 nixos/atop: Convert log format to fix service start 
Raw logs are stored in a versioned binary format and must be update with
atopconvert(1) upon atop version updates.

Failure to do so results in atop.service startup failure as I found out
the hard way after the "atop: 2.6.0 -> 2.7.1"[0] bump:
```
May 31 01:49:25 <hostname> sh[2269709]: existing file /var/log/atop/atop_20220531 has incompatible header
May 31 01:49:25 <hostname> sh[2269709]: (created by version 2.6 - current version 2.7)
May 31 01:49:25 <hostname> systemd[1]: atop.service: Main process exited, code=exited, status=7/NOTRUNNING
```

Convert logs in `ExecStartPre` and replace them iff updated.
This is to avoid changing original modification times upon every service
start and thus work against atop's log rotation (see existing
`ExecStartPre`).

0: https://github.com/NixOS/nixpkgs/pull/175180#issuecomment-1141546487
 2022-05-31 07:21:01 +02:00