colin/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
598,829 Commits 125 Branches 0 Tags 3.4 GiB
bc95dfa2cd
Commit Graph

29775 Commits

Author SHA1 Message Date
abysssol
b5e7a05bb7 nixos/ollama: add option to set environment variables 2024-03-14 04:21:36 -04:00
nikstur
7f175e69ca
Merge pull request #295370 from arianvp/fix-295365 
nixos/binfmt: fix race condition between systemd-tmpfiles and systemd-binfmt
 2024-03-13 14:52:24 +01:00
Sandro
db55012fa3
Merge pull request #291455 from SuperSandro2000/hydra-starman-worker 2024-03-13 13:57:12 +01:00
Pol Dellaiera
55251f1ffc
Merge pull request #295547 from Janik-Haag/unbound 
nixos/unbound: drop networkmanager since it doesn't support unbound anymore
 2024-03-13 10:33:52 +01:00
Janik H.
4147e50f18
nixos/unbound: drop networkmanager since it doesn't support unbound anymore 2024-03-13 09:50:56 +01:00
Pol Dellaiera
c35c016e5d
Merge pull request #295529 from Janik-Haag/networkmanager-drop-unbound 
nixos/networkmanager: drop unbound form dns servers
 2024-03-13 09:04:58 +01:00
Pol Dellaiera
6710011819
Merge pull request #295199 from blakesmith/gotosocial_14_2 
gotosocial 0.14.1 -> 0.14.2
 2024-03-13 08:53:37 +01:00
Janik H.
a97e56ae28
nixos/networkmanager: drop unbound form dns servers 
upstream dropped unbound in 5da17c689b
 2024-03-13 08:31:52 +01:00
éclairevoyant
e7db1f299c
nixos/scrutiny: fix timer not auto-starting 2024-03-12 22:25:54 -04:00
Blake Smith
b0529146b9 nixos/gotosocial: add blakesmith as a maintainer 2024-03-12 21:13:22 -05:00
Rok Garbas
6f11ba9ffe
Merge branch 'master' into amazon-ec2-amis 2024-03-13 00:37:12 +01:00
Jörg Thalheim
721c6579d2
Merge pull request #295407 from Stunkymonkey/nixos-murmur-registerPassword-fix 
nixos/murmur: fix writing registerPassword to config
 2024-03-12 22:47:26 +01:00
Fabián Heredia Montiel
da8768347e
Merge pull request #293950 from DCsunset/nixos-hoogle 
nixos/hoogle: add extraOptions
 2024-03-12 14:57:30 -06:00
Felix Buehler
1e22e7d75e nixos/murmur: fix writing registerPassword to config 2024-03-12 21:19:24 +01:00
Arian van Putten
16526f454f nixos/binfmt: fix race condition between systemd-tmpfiles and systemd-binfmt 
We need to make sure systemd-tmpfiles-setup.service ran before we
start systemd-binft.service. Otherwise it might fail to start
due to non-existant files

Fixes #295365
 2024-03-12 21:08:03 +01:00
Azat Bahawi
d3e30a442b
nixos/incus: fix systemd service path 
Fixes a regression introduced in #294754.
 2024-03-12 20:03:36 +03:00
Peder Bergebakken Sundt
285d2dcf3c nixos/spotifyd: update configuration documentation url 2024-03-12 16:07:48 +01:00
Sandro
e220724911
Merge pull request #292141 from SuperSandro2000/plasma-out-xserver 2024-03-12 13:55:27 +01:00
K900
21adc4f16a
Merge pull request #295092 from K900/more-heinous-crimes 
nixos/iso-image: extremely cursed performance optimization for Hydra
 2024-03-12 15:45:38 +03:00
K900
77536af43b nixos/iso-image: extremely cursed performance optimization for Hydra 
Right now the worst case chain of events for building an ISO on Hydra is

    - copy everything to squashfs builder
    - run squashfs builder
    - download squashfs from builder
    - compress squashfs
    - upload squashfs to S3
    - copy squashfs to ISO builder
    - run ISO builder
    - download ISO from builder
    - compress ISO
    - upload ISO to S3

This inlines the squashfs build into the ISO build, which makes it

    - copy everything to ISO builder
    - run ISO builder
    - download ISO from builder
    - compress ISO
    - upload ISO to S3

Which should reduce queue runner load by $alot per ISO, which we have four of on small channels
(one release, one test per arch) and a lot more than four of on large channels (with various desktops)
 2024-03-12 15:41:59 +03:00
nikstur
da05945c74
Merge pull request #295096 from jmbaur/uki-dtb 
nixos/uki: add ".dtb" section if devicetree is used
 2024-03-12 12:57:15 +01:00
Sandro Jäckel
b07cdeb1b3
nixos/plasma6: move out of x11 
This release focuses on wayland, lets give that justice
 2024-03-12 10:49:42 +01:00
cmspam
701fcd7982 nixos/incus: add openvswitch support 
1. Added openvswitch integration to incus service.
2. Added tests to test openvswitch functionality with incus.
 2024-03-12 01:03:39 +00:00
Jared Baur
2837c0d9aa
nixos/uki: add ".dtb" section if devicetree is used 
This ensures a ".dtb" PE section makes it into the UKI so systemd-stub
can install the correct devicetree for use by the Linux kernel. This is
often needed on systems that boot with u-boot since the devicetree used
by u-boot is often a paired down version of what the Linux kernel needs.
On those kinds of boards, the lack of this PE section means that u-boot
will end up installing its internal devicetree into the UEFI
configuration table, which is what the Linux kernel ends up using.
 2024-03-11 12:42:21 -07:00
emilylange
08c37ba899 nixos/lldap: set service UMask=0027 and StateDirectoryMode=0750 
While `/var/lib/lldap` isn't technically accessible by unprivileged
users thanks to `DynamicUser=true`, a user might prefer and change it to
`DynamicUser=false`.

There is currently also a PR open that intends to make `DynamicUser`
configurable via module option.

As such, `jwt_secret_file`, if bootstrapped by the service start
procedure, might be rendered world-readable due to its permissions
(`0644/-rw-r--r--`) defaulting to the service's umask (`022`) and
`/var/lib/lldap` to `0755/drwxr-xr-x` due to `StateDirectoryMode=0755`.

This would usually be fixed by using `(umask 027; openssl ...)` instead
of just `openssl ...`.

However, it was found that another file (`users.db`), this time
bootstrapped by `lldap` itself, also had insufficient permissions
(`0644/-rw-r--r--`) inherited by the global umask and would be left
world-readable as well.

Due to this, we instead change the service's to `027`.

And to lower the impact for already bootstrapped files on existing
instances like `users.db`, set `StateDirectoryMode=0750`.
 2024-03-11 17:34:29 +01:00
emilylange
61a651e362 nixos/lldap: bootstrap jwt_secret if not provided 
If not provided, lldap defaults to `secretjwtsecret` as value which is
hardcoded in the code base.

See https://github.com/lldap/lldap/blob/v0.5.0/server/src/infra/configuration.rs#L76-L77

This is really bad, because it is trivially easy to generate an admin
access token/cookie as attacker, if a `jwt_secret` is known.
 2024-03-11 17:34:29 +01:00
Sandro
869ec01e56
Merge pull request #294286 from SuperSandro2000/unbound-remote-config-check 2024-03-11 16:06:31 +01:00
WilliButz
a2c0efbf5e
Merge pull request #274307 from thillux/esdm-1.0.1 
esdm: update module after 1.0.1 changes
 2024-03-11 15:11:05 +01:00
Markus Theil
36f1c0c2b3 nixos/esdm: simplify module 
ESDM 1.0.1 fixed bugs related to Linux compatibility layer with CUSE.

During these fixes, the compatibility layer was simplified behind a
target in order to start the necessary services together or none of
them (services.esdm.linuxCompatServices).

Furthermore, a small helper was added to ESDM 1.0.1 in order to deal
with resume/suspend/hibernate (FUSE needs to be unblocked).

Removed options are marked.

Signed-off-by: Markus Theil <theil.markus@gmail.com>
 2024-03-11 14:28:26 +01:00
Pierre Allix
cf625fe5f0 nixos/networkmanager: add doc about nm profiles interaction with resolvconf 2024-03-11 12:55:27 +01:00
Sandro
80ec88edec
Merge pull request #292025 from RaHoni/baculaTls 2024-03-11 12:01:19 +01:00
Sandro
88c9f04d1a
Merge pull request #294771 from flokli/yubikey-agent-eval 
nixos/yubikey-agent: fix eval error
 2024-03-11 00:15:31 +01:00
Guanran Wang
0a5801395a nixos/clash-verge: add cfg.package 2024-03-10 20:16:41 +01:00
Florian Klink
b437b19f54 nixos/yubikey-agent: fix eval error 
This has been refactored in https://github.com/NixOS/nixpkgs/
pull/133542, but this reference wasn't updated.
 2024-03-10 19:08:23 +02:00
Pol Dellaiera
2bd0c18d98
Merge pull request #282160 from gaykitty/stargazer-debug-mode 
nixos/stargazer: add missing debugMode setting
 2024-03-10 14:31:06 +01:00
Peder Bergebakken Sundt
4a4a70ca31
Merge pull request #280836 from numinit/nebula-port-zero 
nixos/nebula: default to port 0 for hosts other than lighthouse/relay
 2024-03-10 05:01:04 +01:00
Will Fancher
f592a7ea77
Merge pull request #293720 from vkleen/fix/systemd-boot-random-seed 
nixos/systemd: Only include systemd-boot-random-seed if the unit exists
 2024-03-09 21:01:35 -05:00
éclairevoyant
6b80044d9d
Merge pull request #294584 from MinerSebas/plasma-samba 
nixos/plasma6: Dont add samba a second time to environment.systemPackages
 2024-03-09 23:40:45 +00:00
Sandro
c86e8fd7a0
Merge pull request #133542 from fpletz/refactor/pinentry-remove-multiple-outputs 
pinentry: remove multiple outputs
 2024-03-09 23:57:27 +01:00
Bernardo Meurer
6bb56dc681
Merge pull request #294544 from lilyinstarlight/fix/fwupd-uefi-capsule-settings 2024-03-09 16:31:44 -05:00
Emily
8b7eef367c
Merge pull request #292304 from networkException/unix-socket-sliding-sync-bindaddr 
nixos/matrix-sliding-sync: improve unix socket support
 2024-03-09 20:12:48 +01:00
Lily Foster
1801583855
nixos/fwupd: fix silent failure for uefiCapsuleSettings to ever be added 
Bug was introduced in 28ea07d4e3.
 2024-03-09 12:44:46 -05:00
MinerSebas
cf3a468eee nixos/plasma6: Dont add samba a second time to environment.systemPackages 2024-03-09 17:06:25 +01:00
gaykitty
366147b86d nixos/stargazer: add missing debugMode setting 2024-03-09 11:04:27 -05:00
networkException
f0097cf1d9
nixos/matrix-sliding-sync: create runtime directory in /run/matrix-sliding-sync 
this patch enables the creation of a runtime directory with the default
mode 0755 in /run/matrix-sliding-sync to offer a simple option for
SYNCV3_BINDADDR when using unix sockets.
 2024-03-08 23:16:05 +01:00
Franz Pletz
a270c43ea1
treewide: use sensible pinentry flavor 2024-03-08 23:09:02 +01:00
Leona Maroni
399dc3f09e
Merge pull request #290925 from r-vdp/networkd_use_gateway 
systemd-networkd: add missing UseGateway key in the DHCPv4 section
 2024-03-08 16:38:14 +01:00
Sandro Jäckel
67c1193fab
nixos/unbound: disable checkconf when remote-control is used 
Closes #293001
 2024-03-08 15:34:00 +01:00
nikstur
4fc409b977
Merge pull request #294096 from WilliButz/repart-image/overridability 
systemd-repart: improve overridability of image builder
 2024-03-08 15:23:45 +01:00
Maciej Krüger
53c527b694
Merge pull request #292817 from mkg20001/steam-team 
teams.steam: add - ref #289561
 2024-03-08 13:26:02 +01:00
K900
7b8d88fa05 nixos/steam: fix eval after #293564 2024-03-08 14:42:31 +03:00
Maciej Krüger
26c09016b9
modules/steam: transfer maintainership to steam team 2024-03-08 12:25:03 +01:00
Thiago Kenji Okada
488f218407
Merge pull request #293564 from Shawn8901/steam-compat-tools 
steam: add extraCompatPackages
 2024-03-08 11:06:15 +00:00
maxine
b587c07865
Merge pull request #292847 from jwillikers/linger-hotfix 
Fix the update-lingering activation script to not fail when a user is removed
 2024-03-08 09:54:44 +00:00
r-vdp
4c26c97d21
nixos/networkd: add missing UseGateway key in the DHCPv4 section 2024-03-08 10:54:03 +01:00
Weijia Wang
4acc19b18c
Merge pull request #291581 from Luflosi/nixos/memcached/clarify-setting 
nixos/memcached: clarify behaviour of `enableUnixSocket`
 2024-03-08 10:25:10 +01:00
Viktor Kleen
0aed32b9dd
nixos/systemd: Only include systemd-boot-random-seed if the unit exists 
The unit file is only present if systemd was built with bootloader support.
 2024-03-08 08:52:11 +00:00
Jack Kelly
dc158268f7 nixos/amazon-image: Enable Amazon SSM Agent by default 
Amazon-provided EC2 images do this.

See: https://docs.aws.amazon.com/systems-manager/latest/userguide/ami-preinstalled-agent.html
 2024-03-08 16:24:00 +10:00
éclairevoyant
2319821137
nixos/scrutiny: default collector api endpoint port to point at web app port 2024-03-07 23:21:53 -05:00
éclairevoyant
fc5116d75c
nixos/scrutiny: clean up mkEnableOption definitions 2024-03-07 23:21:53 -05:00
éclairevoyant
ce5dbf1b7b
nixos/scrutiny: inherit lib bindings 2024-03-07 23:21:52 -05:00
éclairevoyant
4e710d5221
nixos/scrutiny: remove redundant lib.mdDoc 2024-03-07 23:21:52 -05:00
Peder Bergebakken Sundt
5f9689332a
Merge pull request #278537 from wfdewith/syncoid-permissions 
nixos/syncoid: add missing ZFS mount permission
 2024-03-08 00:11:39 +01:00
Yt
0340f82b24
Merge pull request #292873 from ghthor/tabby 
Tabby: bump 0.7.0 -> 0.8.3 and add systemd service
 2024-03-07 21:51:06 +00:00
WilliButz
82ef47d3b7
nixos/repart-image: add options to specify mkfs parameters 
This new option makes it easier to specify extra mkfs parameters for the
systemd-repart builder.

See https://github.com/systemd/systemd/blob/v255/docs/ENVIRONMENT.md?plain=1#L575-L577
 2024-03-07 22:50:56 +01:00
Sandro
5f39678474
Merge pull request #292552 from diogotcorreia/oci-containers-fix-stop-one-shot 
nixos/oci-containers: ignore nonexistent container when stopping
 2024-03-07 21:23:51 +01:00
Maximilian Bosch
3c8f4e06e6
Merge pull request #287602 from Ma27/drop-postgres-ensurePermissions 
nixos/postgresql: drop ensurePermissions option
 2024-03-07 19:50:44 +00:00
WilliButz
f88148f05e
nixos/repart-image: improve overridability, use structuredAttrs 
Parameters passed to systemd-repart are now passed to the build script
via environment variable, which is defined as a list of strings in
combination with `__structuredAttrs = true`. This should make it easier
to customize the image build using `overrideAttrs`.

Both the script used to amend the repart definitions and the amended
definitions are now available via passthru.
 2024-03-07 18:27:11 +01:00
Emily
2ab0d96297
Merge pull request #293251 from nesteroff/chromium-initial-prefs 
nixos/chromium: add the ability to set initial preferences
 2024-03-07 16:33:09 +01:00
Will Owens
d9188fc882
nixos/tabby: init module 
- Enable tabby to run as a systemd service
- Document standard tabby configuration
 2024-03-07 06:29:12 -05:00
DCsunset
38261d9556 nixos/hoogle: add extraOptions 2024-03-06 22:12:41 -05:00
Yuri Nesterov
960f93fd4f nixos/chromium: add the ability to set initial preferences 2024-03-06 21:32:18 +02:00
Shawn8901
93a891f0e8 steam: add extraCompatPackages 2024-03-06 20:24:55 +01:00
Sandro
e656679228
Merge pull request #286523 from MarcelCoding/listmonk 
listmonk: 2.5.1 -> 3.0.0
 2024-03-06 18:49:20 +01:00
Franz Pletz
f05e5f3a51
Merge pull request #285807 from MinerSebas/prometheus-restic-exporter 
prometheus-restic-exporter: 1.4.0 -> 1.5.0
 2024-03-06 14:35:24 +01:00
Leona Maroni
182053a2cf
Merge pull request #293595 from SuperSandro2000/git-io-remove 
treewide: stop using deprecated git.io shortlink service
 2024-03-06 11:14:14 +01:00
Fabian Möller
f753e58e6e
nixos/networkd: allow RoutingPolicyRule port ranges 
Linux and Systemd allow port ranges to be used in routing policy rules.

https://www.freedesktop.org/software/systemd/man/latest/systemd.network.html#SourcePort=
 2024-03-06 09:11:54 +01:00
Sandro Jäckel
04d33b98e1
treewide: stop using deprecated git.io shortlink service 2024-03-05 22:58:29 +01:00
Sandro
911b4015d2
Merge pull request #283319 from phaer/etebase-server 
etebase: fix runtime crash due to wrong pydantic..
 2024-03-05 21:37:21 +01:00
Adam C. Stephens
a51a27a78b
Merge pull request #291554 from jnsgruk/homepage-config 
nixos/homepage-dashboard: support structured config
 2024-03-05 09:48:19 -05:00
Jon Seager
c0330351a0
nixos/homepage-dashboard: support structured config 2024-03-05 14:38:52 +00:00
adisbladis
5cdb38bb16
Merge pull request #288579 from blitz/vbox-kvm-2 
virtualboxKvm: init
 2024-03-05 18:58:57 +13:00
Someone
46b75bf589
Merge pull request #291828 from SomeoneSerge/refactor/cdi-nvidia 
nixos/cdi.dynamic.nvidia: expose driverLink
 2024-03-04 18:32:34 +00:00
Nick Cao
8e19126885
Merge pull request #289009 from 999eagle/feat/miniflux-no-db 
nixos/miniflux: add option to disable configuring a local postgresql db
 2024-03-04 09:47:14 -05:00
Brian McKenna
40bebc8749 extest: refactor to use mkEnableOption 2024-03-04 19:18:20 +11:00
Brian McKenna
5dffe7eebf extest: init at 1.0.2 2024-03-04 19:18:20 +11:00
Sophie Tauchert
cb5f2a8e87
nixos/tests/miniflux: add test for external database 2024-03-04 09:07:21 +01:00
Sophie Tauchert
1f8385d6d1
nixos/miniflux: add option to disable configuring a local postgresql db 2024-03-04 09:07:20 +01:00
Robert Schütz
e67761b6f6
Merge pull request #292854 from SuperSandro2000/vaultwarden-bitwarden_rs 
vaultwarden: cleanup maintainers, nixos/vaultwarden: drop aliases
 2024-03-04 00:36:06 +00:00
Sandro Jäckel
06a6371247
nixos/vaultwarden: set meta.maintainers to package maintainer 2024-03-04 00:41:56 +01:00
Cosima Neidahl
c981cb00dd
Merge pull request #248972 from codifryed/coolercontrol-0.17.0 
coolercontrol: init at 1.1.1
 2024-03-03 19:31:59 +01:00
Martin Weinelt
f09b7dc6a5
Merge pull request #289961 from leona-ya/vikunja-0.23.0 
vikunja: 0.22.1 -> 0.23.0
 2024-03-03 19:15:35 +01:00
Jordan Williams
8558d7b1ce
nixos/users-groups: Fix the update-lingering activation script failing 
The update-lingering activation script currently fails during rebuilds.
This happens when removing a user with linger enabled.
The call to loginctl disable-linger runs for the non-existent user.
This returns an error code which causes the failure.

To mitigate this, this PR removes any residual linger files.
These are files named for the user in /var/lib/systemd/linger.
A simple check for user existence determines whether to delete the file.
This happens before the call to disable-linger to avoid any errors.

Fixes #283769.
 2024-03-03 12:00:25 -06:00
Guillaume Girol
5b274d5f01 nixos/nix: add workaround for https://github.com/NixOS/nix/issues/9487 
Nix has a suprising behavior where if the option `extra-foo` is set before `foo`, then setting `foo` overwrites the setting for `extra-foo`. This is reported as https://github.com/NixOS/nix/issues/9487, and will likely not be fixed any time soon.

This works around this issue by always putting `extra-*` settings after non-extra ones in the nixos-generated `/etc/nix.conf`.
 2024-03-03 17:03:46 +01:00
Guillaume Girol
dc9a74e61e
Merge pull request #291934 from e1mo/bird-lg-1-3-5 
bird-lg: 1.3.1 -> 1.3.5
 2024-03-03 15:50:42 +01:00
Guillaume Girol
9887be970b
Merge pull request #292437 from deviant/nixos-nixseparatedebuginfod-nix2.3 
nixos/nixseparatedebuginfod: fix compatibility with Nix 2.3
 2024-03-03 14:12:27 +01:00
Pol Dellaiera
f480f9f47e
Merge pull request #292823 from SuperSandro2000/paperless-too-many-open-files 
nixos/paperless: fix too many open files
 2024-03-02 23:51:11 +01:00
Pol Dellaiera
6e201a6d91
Merge pull request #292850 from newAM/llama-cpp-module-list 
nixos/llama-cpp: add to module-list
 2024-03-02 23:49:14 +01:00
Leona Maroni
46ad1987b9
Merge pull request #278698 from bachp/photoprism-update 
photoprism: 231011-63f708417 -> 231128-f48ff16ef
 2024-03-02 23:03:49 +01:00
Arian van Putten
cc04ae5878 nixos/amazon-ec2-amis: Add NixOS 23.11 
Note that this list will stop being updated from now on.
Please use https://nixos.github.io/amis/ and https://nixos.github.io/amis/images.json instead.
We are working on integrating this in the https://nixos.org/ website
These get updated for every channel bump.
 2024-03-02 22:40:50 +01:00