colin/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
599,729 Commits 125 Branches 0 Tags 3.4 GiB
c77d192eb4
Commit Graph

18387 Commits

Author SHA1 Message Date
Ilan Joselevich
09078fd022
Merge pull request #295932 from Kranzes/nextcloud 
nixos/nextcloud: remove opcache.enable_cli=1
 2024-03-14 21:36:09 +02:00
Ilan Joselevich
9353fb2309
nixos/nextcloud: remove opcache.enable_cli=1 
Upstream no longer recommends enabling the opcache cli.
See the following:
 - https://github.com/nextcloud/documentation/issues/1439
 - https://github.com/nextcloud/server/pull/15468
 2024-03-14 18:36:11 +02:00
Bobby Rong
398cce395c
nixos/mate: Add enableWaylandSession option 
Make this an opt-in for now since the session is in early stage
and introduces a new set of wayfire closure.
 2024-03-14 23:34:11 +08:00
Bobby Rong
b45faa9834
nixos/mate: Add extraPanelApplets, extraCajaExtensions option 
Hopefully this is more user-friendly.
 2024-03-14 23:34:10 +08:00
Bobby Rong
a323f4f828
mate: Install mate-panel-with-applets by default 2024-03-14 23:34:06 +08:00
Bobby Rong
c87f6b5591
mate: Install caja-with-extensions by default 2024-03-14 23:34:05 +08:00
Stzx
8bf5cc2666
pinentry: fix DM option and user conflict 2024-03-14 21:54:35 +08:00
abysssol
b5e7a05bb7 nixos/ollama: add option to set environment variables 2024-03-14 04:21:36 -04:00
Sandro
db55012fa3
Merge pull request #291455 from SuperSandro2000/hydra-starman-worker 2024-03-13 13:57:12 +01:00
Pol Dellaiera
55251f1ffc
Merge pull request #295547 from Janik-Haag/unbound 
nixos/unbound: drop networkmanager since it doesn't support unbound anymore
 2024-03-13 10:33:52 +01:00
Janik H.
4147e50f18
nixos/unbound: drop networkmanager since it doesn't support unbound anymore 2024-03-13 09:50:56 +01:00
Pol Dellaiera
c35c016e5d
Merge pull request #295529 from Janik-Haag/networkmanager-drop-unbound 
nixos/networkmanager: drop unbound form dns servers
 2024-03-13 09:04:58 +01:00
Pol Dellaiera
6710011819
Merge pull request #295199 from blakesmith/gotosocial_14_2 
gotosocial 0.14.1 -> 0.14.2
 2024-03-13 08:53:37 +01:00
Janik H.
a97e56ae28
nixos/networkmanager: drop unbound form dns servers 
upstream dropped unbound in 5da17c689b
 2024-03-13 08:31:52 +01:00
éclairevoyant
e7db1f299c
nixos/scrutiny: fix timer not auto-starting 2024-03-12 22:25:54 -04:00
Blake Smith
b0529146b9 nixos/gotosocial: add blakesmith as a maintainer 2024-03-12 21:13:22 -05:00
Jörg Thalheim
721c6579d2
Merge pull request #295407 from Stunkymonkey/nixos-murmur-registerPassword-fix 
nixos/murmur: fix writing registerPassword to config
 2024-03-12 22:47:26 +01:00
Fabián Heredia Montiel
da8768347e
Merge pull request #293950 from DCsunset/nixos-hoogle 
nixos/hoogle: add extraOptions
 2024-03-12 14:57:30 -06:00
Felix Buehler
1e22e7d75e nixos/murmur: fix writing registerPassword to config 2024-03-12 21:19:24 +01:00
Peder Bergebakken Sundt
285d2dcf3c nixos/spotifyd: update configuration documentation url 2024-03-12 16:07:48 +01:00
Sandro Jäckel
b07cdeb1b3
nixos/plasma6: move out of x11 
This release focuses on wayland, lets give that justice
 2024-03-12 10:49:42 +01:00
emilylange
08c37ba899 nixos/lldap: set service UMask=0027 and StateDirectoryMode=0750 
While `/var/lib/lldap` isn't technically accessible by unprivileged
users thanks to `DynamicUser=true`, a user might prefer and change it to
`DynamicUser=false`.

There is currently also a PR open that intends to make `DynamicUser`
configurable via module option.

As such, `jwt_secret_file`, if bootstrapped by the service start
procedure, might be rendered world-readable due to its permissions
(`0644/-rw-r--r--`) defaulting to the service's umask (`022`) and
`/var/lib/lldap` to `0755/drwxr-xr-x` due to `StateDirectoryMode=0755`.

This would usually be fixed by using `(umask 027; openssl ...)` instead
of just `openssl ...`.

However, it was found that another file (`users.db`), this time
bootstrapped by `lldap` itself, also had insufficient permissions
(`0644/-rw-r--r--`) inherited by the global umask and would be left
world-readable as well.

Due to this, we instead change the service's to `027`.

And to lower the impact for already bootstrapped files on existing
instances like `users.db`, set `StateDirectoryMode=0750`.
 2024-03-11 17:34:29 +01:00
emilylange
61a651e362 nixos/lldap: bootstrap jwt_secret if not provided 
If not provided, lldap defaults to `secretjwtsecret` as value which is
hardcoded in the code base.

See https://github.com/lldap/lldap/blob/v0.5.0/server/src/infra/configuration.rs#L76-L77

This is really bad, because it is trivially easy to generate an admin
access token/cookie as attacker, if a `jwt_secret` is known.
 2024-03-11 17:34:29 +01:00
Sandro
869ec01e56
Merge pull request #294286 from SuperSandro2000/unbound-remote-config-check 2024-03-11 16:06:31 +01:00
WilliButz
a2c0efbf5e
Merge pull request #274307 from thillux/esdm-1.0.1 
esdm: update module after 1.0.1 changes
 2024-03-11 15:11:05 +01:00
Markus Theil
36f1c0c2b3 nixos/esdm: simplify module 
ESDM 1.0.1 fixed bugs related to Linux compatibility layer with CUSE.

During these fixes, the compatibility layer was simplified behind a
target in order to start the necessary services together or none of
them (services.esdm.linuxCompatServices).

Furthermore, a small helper was added to ESDM 1.0.1 in order to deal
with resume/suspend/hibernate (FUSE needs to be unblocked).

Removed options are marked.

Signed-off-by: Markus Theil <theil.markus@gmail.com>
 2024-03-11 14:28:26 +01:00
Pierre Allix
cf625fe5f0 nixos/networkmanager: add doc about nm profiles interaction with resolvconf 2024-03-11 12:55:27 +01:00
Sandro
80ec88edec
Merge pull request #292025 from RaHoni/baculaTls 2024-03-11 12:01:19 +01:00
Florian Klink
b437b19f54 nixos/yubikey-agent: fix eval error 
This has been refactored in https://github.com/NixOS/nixpkgs/
pull/133542, but this reference wasn't updated.
 2024-03-10 19:08:23 +02:00
Pol Dellaiera
2bd0c18d98
Merge pull request #282160 from gaykitty/stargazer-debug-mode 
nixos/stargazer: add missing debugMode setting
 2024-03-10 14:31:06 +01:00
Peder Bergebakken Sundt
4a4a70ca31
Merge pull request #280836 from numinit/nebula-port-zero 
nixos/nebula: default to port 0 for hosts other than lighthouse/relay
 2024-03-10 05:01:04 +01:00
éclairevoyant
6b80044d9d
Merge pull request #294584 from MinerSebas/plasma-samba 
nixos/plasma6: Dont add samba a second time to environment.systemPackages
 2024-03-09 23:40:45 +00:00
Sandro
c86e8fd7a0
Merge pull request #133542 from fpletz/refactor/pinentry-remove-multiple-outputs 
pinentry: remove multiple outputs
 2024-03-09 23:57:27 +01:00
Bernardo Meurer
6bb56dc681
Merge pull request #294544 from lilyinstarlight/fix/fwupd-uefi-capsule-settings 2024-03-09 16:31:44 -05:00
Emily
8b7eef367c
Merge pull request #292304 from networkException/unix-socket-sliding-sync-bindaddr 
nixos/matrix-sliding-sync: improve unix socket support
 2024-03-09 20:12:48 +01:00
Lily Foster
1801583855
nixos/fwupd: fix silent failure for uefiCapsuleSettings to ever be added 
Bug was introduced in 28ea07d4e3.
 2024-03-09 12:44:46 -05:00
MinerSebas
cf3a468eee nixos/plasma6: Dont add samba a second time to environment.systemPackages 2024-03-09 17:06:25 +01:00
gaykitty
366147b86d nixos/stargazer: add missing debugMode setting 2024-03-09 11:04:27 -05:00
networkException
f0097cf1d9
nixos/matrix-sliding-sync: create runtime directory in /run/matrix-sliding-sync 
this patch enables the creation of a runtime directory with the default
mode 0755 in /run/matrix-sliding-sync to offer a simple option for
SYNCV3_BINDADDR when using unix sockets.
 2024-03-08 23:16:05 +01:00
Franz Pletz
a270c43ea1
treewide: use sensible pinentry flavor 2024-03-08 23:09:02 +01:00
Sandro Jäckel
67c1193fab
nixos/unbound: disable checkconf when remote-control is used 
Closes #293001
 2024-03-08 15:34:00 +01:00
Weijia Wang
4acc19b18c
Merge pull request #291581 from Luflosi/nixos/memcached/clarify-setting 
nixos/memcached: clarify behaviour of `enableUnixSocket`
 2024-03-08 10:25:10 +01:00
éclairevoyant
2319821137
nixos/scrutiny: default collector api endpoint port to point at web app port 2024-03-07 23:21:53 -05:00
éclairevoyant
fc5116d75c
nixos/scrutiny: clean up mkEnableOption definitions 2024-03-07 23:21:53 -05:00
éclairevoyant
ce5dbf1b7b
nixos/scrutiny: inherit lib bindings 2024-03-07 23:21:52 -05:00
éclairevoyant
4e710d5221
nixos/scrutiny: remove redundant lib.mdDoc 2024-03-07 23:21:52 -05:00
Peder Bergebakken Sundt
5f9689332a
Merge pull request #278537 from wfdewith/syncoid-permissions 
nixos/syncoid: add missing ZFS mount permission
 2024-03-08 00:11:39 +01:00
Yt
0340f82b24
Merge pull request #292873 from ghthor/tabby 
Tabby: bump 0.7.0 -> 0.8.3 and add systemd service
 2024-03-07 21:51:06 +00:00
Maximilian Bosch
3c8f4e06e6
Merge pull request #287602 from Ma27/drop-postgres-ensurePermissions 
nixos/postgresql: drop ensurePermissions option
 2024-03-07 19:50:44 +00:00
Will Owens
d9188fc882
nixos/tabby: init module 
- Enable tabby to run as a systemd service
- Document standard tabby configuration
 2024-03-07 06:29:12 -05:00
DCsunset
38261d9556 nixos/hoogle: add extraOptions 2024-03-06 22:12:41 -05:00
Sandro
e656679228
Merge pull request #286523 from MarcelCoding/listmonk 
listmonk: 2.5.1 -> 3.0.0
 2024-03-06 18:49:20 +01:00
Franz Pletz
f05e5f3a51
Merge pull request #285807 from MinerSebas/prometheus-restic-exporter 
prometheus-restic-exporter: 1.4.0 -> 1.5.0
 2024-03-06 14:35:24 +01:00
Leona Maroni
182053a2cf
Merge pull request #293595 from SuperSandro2000/git-io-remove 
treewide: stop using deprecated git.io shortlink service
 2024-03-06 11:14:14 +01:00
Sandro Jäckel
04d33b98e1
treewide: stop using deprecated git.io shortlink service 2024-03-05 22:58:29 +01:00
Sandro
911b4015d2
Merge pull request #283319 from phaer/etebase-server 
etebase: fix runtime crash due to wrong pydantic..
 2024-03-05 21:37:21 +01:00
Adam C. Stephens
a51a27a78b
Merge pull request #291554 from jnsgruk/homepage-config 
nixos/homepage-dashboard: support structured config
 2024-03-05 09:48:19 -05:00
Jon Seager
c0330351a0
nixos/homepage-dashboard: support structured config 2024-03-05 14:38:52 +00:00
Someone
46b75bf589
Merge pull request #291828 from SomeoneSerge/refactor/cdi-nvidia 
nixos/cdi.dynamic.nvidia: expose driverLink
 2024-03-04 18:32:34 +00:00
Nick Cao
8e19126885
Merge pull request #289009 from 999eagle/feat/miniflux-no-db 
nixos/miniflux: add option to disable configuring a local postgresql db
 2024-03-04 09:47:14 -05:00
Sophie Tauchert
cb5f2a8e87
nixos/tests/miniflux: add test for external database 2024-03-04 09:07:21 +01:00
Sophie Tauchert
1f8385d6d1
nixos/miniflux: add option to disable configuring a local postgresql db 2024-03-04 09:07:20 +01:00
Robert Schütz
e67761b6f6
Merge pull request #292854 from SuperSandro2000/vaultwarden-bitwarden_rs 
vaultwarden: cleanup maintainers, nixos/vaultwarden: drop aliases
 2024-03-04 00:36:06 +00:00
Sandro Jäckel
06a6371247
nixos/vaultwarden: set meta.maintainers to package maintainer 2024-03-04 00:41:56 +01:00
Martin Weinelt
f09b7dc6a5
Merge pull request #289961 from leona-ya/vikunja-0.23.0 
vikunja: 0.22.1 -> 0.23.0
 2024-03-03 19:15:35 +01:00
Guillaume Girol
dc9a74e61e
Merge pull request #291934 from e1mo/bird-lg-1-3-5 
bird-lg: 1.3.1 -> 1.3.5
 2024-03-03 15:50:42 +01:00
Guillaume Girol
9887be970b
Merge pull request #292437 from deviant/nixos-nixseparatedebuginfod-nix2.3 
nixos/nixseparatedebuginfod: fix compatibility with Nix 2.3
 2024-03-03 14:12:27 +01:00
Pol Dellaiera
f480f9f47e
Merge pull request #292823 from SuperSandro2000/paperless-too-many-open-files 
nixos/paperless: fix too many open files
 2024-03-02 23:51:11 +01:00
Leona Maroni
46ad1987b9
Merge pull request #278698 from bachp/photoprism-update 
photoprism: 231011-63f708417 -> 231128-f48ff16ef
 2024-03-02 23:03:49 +01:00
Maximilian Bosch
a9bcd3b8b7
Merge pull request #292825 from SuperSandro2000/nextcloud-with-apps-local 
nixos/nextcloud: build with-apps local
 2024-03-02 21:39:36 +00:00
Sandro Jäckel
4264ded76e
nixos/vaultwarden: drop aliases 2024-03-02 20:18:55 +01:00
Sandro Jäckel
907b5ebcee
nixos/nextcloud: build with-apps local 2024-03-02 18:01:38 +01:00
Sandro Jäckel
da1ccb628f
nixos/paperless: fix too many open files 
paperless-web-start[658743]: kombu.exceptions.OperationalError: [Errno 24] Too many open files: '/nix/store/k6h0pihpi3ih31zjk6ragqcp4mjz4pjs-python3.11-concurrent-log-handler-0.9.24/lib/python3.11/site-packages/concurrent_log_handler-0.9.24.dist-info/entry_points.txt'
 2024-03-02 17:52:18 +01:00
Franz Pletz
764d15f59f
pinentry: remove multiple outputs package 
fixes #133156 #124753
 2024-03-02 17:16:53 +01:00
K900
57746ceea5
Merge pull request #292748 from K900/sycoca-oof 
nixos/plasma6: nuke sycoca on activation
 2024-03-02 15:21:39 +03:00
Yt
492678349b
Merge pull request #292412 from bobrippling/fix/ebusd-logging 
ebusd: fix logging overrides
 2024-03-02 11:46:35 +00:00
K900
d7a4bf5998 nixos/plasma6: nuke sycoca on activation 
This is not the right solution, but it should get us going for now.
 2024-03-02 11:26:41 +03:00
nuko
636584b3ff
nixos/komga: use lib.getExe 2024-03-02 13:56:20 +13:00
nuko
b18bcf3a04
nixos/komga: add systemd service hardening 2024-03-02 13:55:25 +13:00
phaer
fa34964ef1 etebase: make proper package... 
and remove the ad-hoc python environment.
Also remove daphne and use uvicorn just as upstream does
 2024-03-01 22:55:27 +01:00
phaer
720a1eb5e7 modules/etebase-server: add package, pythonPackage 
options, to keep the packaeges configurable
 2024-03-01 14:32:46 +01:00
RaHoni
2af073f716
nixos/bacula: refactor option generation 
The generation of the descriptions always used lib explicitly even
thoughit was already specified with 'with'.

Since using `with lib` is discouraged this was also changed to inherit.
 2024-03-01 14:11:57 +01:00
RaHoni
ad2f55dc4e
nixos/bacula: Add support for TLS 
Added the majority of TLS options used for transport encryption.

This uses a submodule since all resources share the same settings.

The documentation can be found under:
https://www.bacula.org/13.0.x-manuals/en/main/Bacula_TLS_Communications_E.html
 2024-03-01 14:11:57 +01:00
Sandro
5ad27da222
Merge pull request #291907 from SuperSandro2000/tailscaled-flags 2024-03-01 13:54:54 +01:00
Sandro
b84bc4ea3a
Merge pull request #264087 from leonm1/matter-server-module 2024-03-01 13:51:19 +01:00
Sandro
51e92056db
Merge pull request #283660 from ocfox/transfer 2024-03-01 13:36:03 +01:00
Marcel
896a4d62d8
listmonk: ensure correct application of data migration 2024-03-01 10:45:12 +01:00
Sarah Brofeldt
13a94ad1fb
Merge pull request #292291 from cafkafk/dockerRegistry-openFirewall 
nixos/dockerRegistry: add `openFirewall` option
 2024-03-01 09:57:07 +01:00
Christina Sørensen
d31cbb78ca
nixos/dockerRegistry: add openFirewall option 
Signed-off-by: Christina Sørensen <christina@cafkafk.com>
 2024-03-01 09:56:03 +01:00
K900
690d54ef45
Merge pull request #292326 from hcsch/pipewire-wireplumber-doc-fix 
nixos/pipewire: doc fixes as a follow-up to #282377 and #291946
 2024-03-01 09:28:17 +03:00
K900
b4622a277e
Merge pull request #292483 from mjm/plasma6-kcmutils 
nixos/plasma6: install kcmutils
 2024-03-01 09:25:51 +03:00
Matt Moriarity
e59d120fc1 nixos/plasma6: install kcmutils 2024-02-29 20:12:42 -07:00
nuko
502f34f3e0
nixos/komga: rfcfmt, rm mdDoc & toplvl with lib 2024-03-01 15:13:06 +13:00
networkException
10fc05bfc1
nixos/matrix-synapse: allow synapse to write to directories of unix socket paths 
this patch takes the path of all unix socket listeners and appends their
respective parent directories to the ReadWritePaths allow list for the
matrix-synapse systemd service.

previously configuring a unix socket in a directory not writable by
synapse would fail.
 2024-03-01 02:36:29 +01:00
Sandro
bbabfca453
Merge pull request #263765 from numinit/armagetronad-module 
nixos/armagetronad: Add module with NixOS tests
 2024-03-01 00:46:34 +01:00
Sandro
daa33a4bf7
Merge pull request #287299 from SuperSandro2000/unbound-checkconf 
nixos/unbound: check validity of config file
 2024-03-01 00:33:36 +01:00
V
ff990ea66a nixos/nixseparatedebuginfod: fix compatibility with Nix 2.3 
Appending to options with the `extra-` prefix was added in Nix 2.4,
which makes config validation fail on this version without the guard.

Change-Id: Ie253978dbaf00b228fecc08698a3dcc01cd2d82b
 2024-02-29 23:10:31 +01:00
Rob Pilling
979ae4c6e5 nixos/ebusd: fix logging overrides 
This fixes #292131 - currently we specify --log=all:<level>, which
overrides all other log areas. Specifying this first allows the
further log areas to be specified without being replaced.
 2024-02-29 21:02:26 +00:00
Kerstin
51363e5c0d
Merge pull request #280628 from h7x4/nixos-module-update-kanidm-add-backup-dir-to-bindpaths 
nixos/kanidm: declare `online_backup` options
 2024-02-29 15:19:34 +01:00
Michele Guerini Rocco
11b122ec70
Merge pull request #292185 from dotlambda/searxng-mainProgram 
searxng: set meta.mainProgram
 2024-02-29 14:19:51 +01:00