nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-13 17:23:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
547,537 Commits 207 Branches 125 Tags 8.8 GiB
09e9d47508
Commit Graph

17109 Commits

Author SHA1 Message Date
Anthony Roussel
09e9d47508
nixos/plantuml-server: add hardening 2023-11-15 15:12:58 +01:00
Anthony Roussel
e3839eef71
nixos/plantuml-server: remove with lib; notation 
https://nix.dev/guides/best-practices#with-scopes
 2023-11-15 15:12:58 +01:00
Izorkin
63ed35dac4 nixos/mastodon: update elasticsearch configuration 2023-11-15 14:01:47 +01:00
Ryan Lahfa
d983d6c863
Merge pull request #251950 from erictapen/mastodon 2023-11-15 01:46:50 +01:00
zzywysm
3f4c802d26 initrd/autofs4: remove legacy references to autofs4 kernel module 
Back in 2018, the kernel decided to remove the autofs4 module.

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2225d931f75ddd3c39f4d0d195fad99dfd68671

This caused immediate problems with systemd, so the kernel allowed autofs4 as a config option that would simply map back to autofs.

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d02d21ea007b6b33cdaf15c2f84fb1fea996ecc2

Earlier this year, in July 2023, the kernel got tired of people not adapting to the autofs change, and forced the issue by fixing it within the kernel defconfigs, which NixOS uses as a starting point for their own kernel configs.

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1f2190d6b7112d22d3f8dfeca16a2f6a2f51444e

This commit reflects the post-2018 reality by changing the remaining autofs4 references to autofs. Since this change initially happened in kernel 4.18 and we no longer support 4.x kernels, we don't need any backwards-compatibility tweaks.
 2023-11-14 15:37:50 -05:00
Kerstin Humm
c82195d9e8
mastodon: 4.1.6 -> 4.2.1 
- run streaming processes in separate systemd services
- remove redundancy in test
- fix update script
- release notes

See https://github.com/mastodon/mastodon/releases/tag/v4.2.1 for details
 2023-11-14 21:13:46 +01:00
Nathan Henrie
6c69d3c9ca nixos/navidrome: add openFirewall option 
This adds an option to the navidrome module to open the configured TCP
port in the firewall.
 2023-11-14 19:29:08 +01:00
Niklas Hambüchen
f9c7c12de6
Merge pull request #266702 from nh2/plausible-listen-address-no-distributed-erlang 
plausible, nixos/plausible: Add `listenAddress` option
 2023-11-14 10:52:21 +01:00
Niklas Hambüchen
65a471717c plausible, nixos/plausible: Add listenAddress option. 
This changes

* the plausible HTTP web server

to be listening on localhost only, explicitly.

This makes Plausible have an explicit safe default configuration,
like all other networked services in NixOS.

For background discussion, see: https://github.com/NixOS/nixpkgs/issues/130244

As per my upstream Plausible contribution
(https://github.com/plausible/analytics/pull/1190)
Plausible >= 1.5 also defaults to listening to localhost only;
nevertheless, this default should be stated explicitly in nixpkgs
for easier review and independence from upstream changes, and
a NixOS user must be able to configure the
`listenAddress`, as there are valid use cases for that.

Also, disable

* the Erlang Beam VM inter-node RPC port
* the Erlang EPMD port

because Plausible does not use them (see added comment).
This is done by setting `RELEASE_DISTRIBUTION=none`.

Thus, this commit also removes the NixOS setting `releaseCookiePath`,
because it now has no effect.
 2023-11-14 10:51:16 +01:00
Jörg Thalheim
54fd866569 nixos/harmonia: set extra-allowed-users 
This fixes the case where users enable harmonia but also have allowed-users set.
Having extra-allowed-users is a no-op when nix.settings.allowed-users is set to "*" (the default)
 2023-11-14 10:37:39 +01:00
Silvan Mosberger
3e5bc28ec5
Merge pull request #266598 from infinisil/fix-fwupd 
nixos/fwupd: Fix fwupd-refresh service
 2023-11-14 08:56:25 +01:00
eyjhb
2387a37fa0 nixos/flexget: remove TZ envvar 2023-11-14 06:35:40 +01:00
Felix Bühler
f2fc5b4195
Merge pull request #265696 from Stunkymonkey/nixos-exportarr 
nixos/exportarr: init
 2023-11-13 22:58:32 +01:00
Molly Miller
9cec5c807a nixos/mailman: restart services on failure and increase mailman timeouts 2023-11-13 16:10:55 +01:00
Jonas Heinrich
4f38dbab82
Merge pull request #266025 from onny/cups-firewall2 
nixos/printing: Fix openFirewall option
 2023-11-13 11:15:18 +01:00
dadada
f192930a79
nixos/soft-serve: fix typos in option descriptions 2023-11-12 22:34:54 +01:00
Jörg Thalheim
44cf4801c0 nixos/nix-serve: also set extra-allowed-users 
This fixes the case where users enable nix-serve but also have allowed-users set.
Having extra-allowed-users is a no-op when nix.settings.allowed-users is set to "*" (the default)
 2023-11-12 14:09:31 +01:00
tomberek
7859adb9d6
Merge pull request #245394 from christoph-heiss/pkgs/sourcehut 
sourcehut: update all component; lots of fixes
 2023-11-11 13:42:19 -05:00
Maciej Krüger
e9a5bf8ae4
Merge pull request #265712 from nbraud/nixos/sudo-rs/akkoma 2023-11-11 18:10:25 +01:00
K900
e792d7fec0
Merge pull request #264442 from anthonyroussel/update-url-redirects 
treewide: fix redirected and broken URLs
 2023-11-11 18:08:59 +03:00
Christoph Heiss
88a3d2a0b4
sourcehut: fix postgresql database permission for postgresql >= 15 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-11-11 15:50:16 +01:00
Christoph Heiss
66b86f8a2e
sourcehut: de-duplicate nginx add_header directives 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-11-11 14:14:59 +01:00
Christoph Heiss
acd21dad52
sourcehut: use systemd.tmpfiles instead of manually creating logfiles 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-11-11 14:14:59 +01:00
Christoph Heiss
641e54bb28
sourcehut: create logs directory unconditionally 
An empty log directory, in case it stays unused, does not hurt anyone.

Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-11-11 13:01:47 +01:00
Christoph Heiss
fc6addb147
sourcehut: reword api-origin option description 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-11-11 13:01:47 +01:00
Christoph Heiss
78cc2783c8
sourcehut: drop obsolete services array in favor of indivdual enable flags 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-11-11 13:01:47 +01:00
Christoph Heiss
6b25e09d2d
sourcehut: fix up some more bin paths 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-11-11 13:01:47 +01:00
Christoph Heiss
5841d27497
sourcehut: explicitly disallow openssh to socket-active 
This breaks the (already fragile) gitsrht-dispatch -> gitsrht-keys
command chain.

Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-11-11 13:01:47 +01:00
Christoph Heiss
c39ba7f5b1
sourcehut: remove set -x from ssh commands 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-11-11 13:01:46 +01:00
Christoph Heiss
6648488333
sourcehut: fix logging of git/hg ssh commands 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-11-11 13:01:45 +01:00
Christoph Heiss
6e51802196
sourcehut: fix repos path by using actual settings value 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-11-11 13:01:32 +01:00
Christoph Heiss
c123a37be6
sourcehut.gitsrht: 0.78.20 -> 0.84.2 
Newer version of the gitsrht-api service call setrlimit() on startup,
thus allow it in the `SystemCallFilter` definition for the service.

Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-11-11 13:01:30 +01:00
Christoph Heiss
d703173520
sourcehut: make /query endpoint config common to all services 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-11-11 12:39:28 +01:00
Anthony Roussel
e30f48be94
treewide: fix redirected and broken URLs 
Using the script in maintainers/scripts/update-redirected-urls.sh
 2023-11-11 10:49:01 +01:00
Félix Baylac Jacqué
dfa45288af maintainers: ninjatrappeur -> picnoir 
I changed my nickname from Ninjatrappeur to Picnoir. My github id is
stable, it shouldn't break too much stuff.

I took advantage of this handle change to remove myself from the
hostapd maintainers: I don't use NixOS as a router anymore.
 2023-11-11 08:31:16 +01:00
tu-maurice
40c06a143f prayer: remove 2023-11-10 20:44:28 -03:00
Martin Weinelt
3536221702
Merge pull request #160346 from mweinelt/hass-custom-everything 
home-assistant: custom components and lovelace modules
 2023-11-11 00:08:25 +01:00
Kira Bruneau
0cc094c041
Merge pull request #265886 from kira-bruneau/at-spi2-core 
nixos/gnome/at-spi2-core: fix disabling a11y in all contexts
 2023-11-10 16:31:53 -05:00
Martin Weinelt
f30192ae6f
nixos/home-assistant: add customComponents support 
Allows passing custom component packages, that get installed into
home-assistant's state directory.
Python depedencies, that are propagated from the custom component
get passed into `extraPackages`, so they are available to
home-assistant at runtime.

This is implemented in a way, that allows coexistence with custom
components not managed through the NixOS module.
 2023-11-10 22:00:36 +01:00
Martin Weinelt
9a941c58e5
nixos/home-assistant: add customLovelaceModules support 
Allows the installation of custom lovelace modules, that can inject
css/js into the frontend and offer a wide variety of widgets.
 2023-11-10 22:00:30 +01:00
Lin Jian
36f4c90526
Merge pull request #266150 from robryk/resticnotimer 
nixos/restic: allow timer to be disabled
 2023-11-10 17:51:14 +08:00
Silvan Mosberger
4587db7279 nixos/fwupd: Don't ignore stderr 2023-11-10 06:54:45 +01:00
Silvan Mosberger
6bf31e521e nixos/fwupd: Don't use DynamicUser 
Was introduced in dde6a4f397
but it doesn't work on my machine:

    fwupdmgr[439074]: Failed to connect to daemon: The connection is closed

Creating a persistent user does work however
 2023-11-10 06:51:56 +01:00
Felix Bühler
7aaa664cc2
Merge pull request #263054 from uninsane/pr-trust-dns-0.24.0 
trust-dns: 0.23.0 -> 0.24.0
 2023-11-08 19:35:23 +01:00
Caleb
c4d3afef06
wyoming-faster-whisper fix CUDA devices not being detected. (#266167) 
This change enables CUDA support by allowing access to /dev/nvidia0.
 2023-11-08 13:34:26 +01:00
Ryan Lahfa
bc2b72df73
Merge pull request #264234 from guiguid/guiguid-patch-netdata-systemd-journal 
netdata: 1.43.0 -> 1.43.2 and add systemd-journal plugin
 2023-11-08 13:30:43 +01:00
Rodrigo Gryzinski
23a5f1f80d nixos/wireguard: add wireguard to default kernel modules 
Previously the module was only dynamically loaded on service startup,
this is needed in case security.lockKernelModules is enabled.
 2023-11-07 22:02:51 -03:00
Robert Obryk
20b202b3c8 nixos/restic: allow timer to be disabled 2023-11-07 22:37:37 +01:00
Felix Buehler
4d1680ccc7 nixos/exportarr: init 2023-11-07 20:56:32 +01:00
Ryan Lahfa
0cd6f66fb7
Merge pull request #247376 from RageKnify/fix/smartd-mail 2023-11-07 18:00:56 +01:00