Commit Graph

448 Commits

Author SHA1 Message Date
Vladimír Čunát
d4720e9c1e
Merge branch 'staging-next' into staging
There was a nontrivial conflict in pkgs/stdenv/linux/bootstrap-tools*
(reorganizing code vs. modifying it)  I hope I really got it right.
2024-08-05 11:05:55 +02:00
Dan Nixon
2f2010f63c
msmtp: 1.8.22 -> 1.8.25
msmtpq patches had to be recreated:

- removal of the executable check and addition of systemd logging were
  kept and split into two patches.
- renaming of queue and log files was removed as the upstream script had
  renamed these to add the `MSMTPQ_` prefix (noted as a backwards
  incompatible change).
2024-08-04 22:08:56 +02:00
Motiejus Jakštys
bbd0655ae8 add compressDrv and compressDrvWeb
*compressDrv* compresses files in a given derivation.

*compressDrvWeb* compresses a derivation for a loosely-defined
pre-compressed "web server" usage.

This intends to replace the `passthru.data-compressed` derivations that
have accumulated in nixpkgs with something more reusable.
2024-08-04 10:10:16 +03:00
RatCornu
109219f369
nixos/pingvin-share: add release note 2024-08-04 01:30:14 +02:00
Vonfry
0849e0fe7a
nixos/ly: init module 2024-08-03 19:56:25 +08:00
github-actions[bot]
81cddc1677
Merge staging-next into staging 2024-08-03 00:02:50 +00:00
Florian Klink
129558261d
buildkite-agent: 3.59.0 -> 3.76.1 (#331340)
* buildkite-agent: 3.59.0 -> 3.76.1

* nixos/buildkite-agent: put each agent in its own private /tmp

Workaround for https://github.com/buildkite/agent/issues/2916, but
probably still a good idea.
2024-08-02 21:59:32 +02:00
Maximilian Bosch
7b01c5da3c
Merge pull request #329611 from Ma27/pg16
postgresql: 15 -> 16 for 24.11+
2024-08-02 07:09:50 +00:00
github-actions[bot]
fe3585d6db
Merge staging-next into staging 2024-08-02 06:01:37 +00:00
Masum Reza
1318ddf6f3
Merge pull request #326385 from Pandapip1/init-nixos-immersed-vr
nixos/immersed-vr: init module
2024-08-02 11:30:57 +05:30
K900
a4a42b3aec Merge remote-tracking branch 'origin/staging-next' into staging 2024-08-01 08:57:50 +03:00
Christina Sørensen
32ca66f3ed
nixos/kubernetes: refactor feature gates to attrsOf bool, making it possible to disable featureGates
This is a breaking change, requiring users of `featureGates` to change
from a `listOf str` to `attrsOf bool`.

Before:
```nix
featureGates = [ "EphemeralContainers" ];
extraOpts = pkgs.lib.concatStringsSep " " (
[
  "--container-runtime=remote"
  ''--feature-gates="CSIMigration=false"''
});
```

After:
```nix
featureGates = {EphemeralContainers = true; CSIMigration=false;};
```

This is much nicer, and sets us up for later work of migrating to
configuration files for other services, like e.g. has been happening
with kubelet (see: #290119).

Signed-off-by: Christina Sørensen <christina@cafkafk.com>
2024-08-01 07:51:34 +02:00
github-actions[bot]
bcb5e2eebe
Merge staging-next into staging 2024-07-31 12:01:52 +00:00
Arian van Putten
eabd328ae3 docs/release-notes: 24.11: add note about removal of systemd.enableUnifiedCgroupHierarchy 2024-07-31 13:49:58 +02:00
Sandro
3a6a3f6f90
Merge pull request #330787 from Naxdy/work/remove-gtkuseportal 2024-07-31 13:23:46 +02:00
Naxdy
632da75711
nixos/xdg/portal: remove deprecated option gtkUsePortal 2024-07-31 11:27:11 +02:00
euxane
4f2da6c9c1 nixos/fcgiwrap: add option migration instruction errors
This adds migration instructions for the removed global shared instance
configuration of fcgiwrap.

Adding those explicit messages to the previous options requires moving
the newly defined options from `services.fcgiwrap.*` to
`services.fcgiwrap.instances.*` due to an option namespace clash.

`mkRenamedOptionModule` was not used because the previous options do
not directly map to the new ones. In particular, `user` and `group`
were described as setting the socket's permission, but were actually
setting the process' running user.

Co-authored-by: Minijackson <minijackson@riseup.net>
2024-07-31 11:02:37 +02:00
K900
4f29b5a16b Merge remote-tracking branch 'origin/staging-next' into staging 2024-07-31 08:57:17 +03:00
Emily
d21a082a4d
Merge pull request #296691 from helsinki-systems/feat/restic-systemd-inhibit
nixos/restic: add option to inhibit going to sleep
2024-07-30 20:45:56 +02:00
Sandro
f22c61e419
Merge pull request #330109 from teutat3s/default-docker-27
docker: move default from 24.x to 27.x, docker_24 mark as vulnerable, docker_{25,26}: bump
2024-07-29 13:48:20 +02:00
Kerstin Humm
d6b9fb9ba3
gollum: 5.3.3 -> 6.0.1
Changelog: https://github.com/gollum/gollum/releases
2024-07-29 12:49:43 +02:00
Robert Scott
48bde3a189 cc-wrapper: add support for pacret hardening flag on aarch64 2024-07-28 19:27:14 +01:00
Emily
8a837af302
Merge pull request #326819 from risicle/ris-shadowstack
cc-wrapper: add support for `shadowstack` hardening flag
2024-07-28 19:07:52 +01:00
github-actions[bot]
9f368dc2ef
Merge staging-next into staging 2024-07-28 18:01:25 +00:00
Robert Hensing
70d94d8360
Merge pull request #330434 from ShamrockLee/test-overriding-attrs
tests.overriding: structure tests as an attribut set
2024-07-28 15:13:32 +02:00
github-actions[bot]
f8a6105aee
Merge staging-next into staging 2024-07-28 00:03:18 +00:00
Sergei Zimmerman
e3e6e94010
nixos/rathole: init module
Adds a module for rathole package. The package itself
and this module is very similar to frp, so the options
and tests are not very far off from those for frp.
2024-07-28 01:25:01 +03:00
K900
24076029d2 Merge remote-tracking branch 'origin/master' into staging-next 2024-07-28 01:04:35 +03:00
Julien Malka
3d3c0f4d34
Merge pull request #330017 from Mic92/boot-counting
nixos/systemd-boot: init boot counting
2024-07-27 19:53:49 +02:00
Yueh-Shun Li
fdd16729a2 tests.overriding: structure tests as an attribut set
Make individual tests accessible via tests.override.tests.<name>
2024-07-27 22:42:30 +08:00
github-actions[bot]
4007341b1f
Merge staging-next into staging 2024-07-27 12:01:37 +00:00
Vladimír Čunát
64c6a981fe
Merge branch 'master' into staging-next 2024-07-27 09:18:58 +02:00
nicoo
9587ddd261
nixos/nix-channel: don't set nix-path (#327683)
Otherwise, the empty path in `nix.conf` takes precedence over `NIX_PATH`,
and by extension the `nix.nixPath` configuration option.

Introduced in 61afc4d166.
2024-07-26 19:19:38 +00:00
teutat3s
b381163c0b
docker: move default from 24.x to 27.x
24.x is no longer maintained as of February 1, 2024[1].
It did not (yet?) receive a fix for CVE-2024-41110.

[1] https://github.com/moby/moby/pull/46772#discussion_r1686464084
2024-07-26 20:57:43 +02:00
Jörg Thalheim
11067484e9
Merge pull request #328722 from Cottand/update-nomad2
nomad: update 1.6 and 1.8, build with go 1.22 for 1.8 and 1.6, deprecate 1.5
2024-07-26 20:29:41 +02:00
Julien Malka
64edc7f00f nixos/systemd-boot: init boot counting
Update nixos/modules/system/boot/loader/systemd-boot/boot-counting.md

Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
2024-07-26 20:04:37 +02:00
github-actions[bot]
8c2e73a4ed
Merge staging-next into staging 2024-07-26 18:01:39 +00:00
Martin Weinelt
93f4195fe0
Merge remote-tracking branch 'origin/master' into staging-next
Conflicts:
- pkgs/applications/graphics/seamly2d/default.nix
2024-07-26 18:05:04 +02:00
Dennis Stengele
6f3ba8d714
nixos/zeronsd: init module and package (#253610)
* zeronsd: init at 0.5.2

* nixos/zeronsd: init at 0.5.2

This is the module for the new zeronsd package.
2024-07-26 15:20:56 +02:00
github-actions[bot]
df41014acf
Merge staging-next into staging 2024-07-26 12:01:48 +00:00
K900
26801aa449 Merge remote-tracking branch 'origin/master' into staging-next 2024-07-26 14:31:21 +03:00
Pol Dellaiera
ceda66b310
Merge pull request #251687 from martinetd/cryptpad
nixos/cryptpad: init, cryptpad: init at 2024.6.0
2024-07-26 09:21:51 +02:00
github-actions[bot]
a4b184a41e
Merge staging-next into staging 2024-07-24 18:01:51 +00:00
github-actions[bot]
7208220b63
Merge master into staging-next 2024-07-24 18:01:18 +00:00
Masum Reza
81cb83b07f
Merge pull request #290008 from eum3l/add-opengfw
opengfw: init at 0.4.0 (+NixOS module)
2024-07-24 20:39:41 +05:30
Bobby Rong
3a422267eb
Merge pull request #329199 from bobby285271/upd/cinnamon-by-name
Move all packages out of cinnamon scope
2024-07-24 22:04:34 +08:00
Peder Bergebakken Sundt
24899eea99
Merge pull request #327184 from bhankas/goatcounter
nixos/goatcounter: init
2024-07-24 15:38:27 +02:00
eum3l
86ae0fca93 nixos/opengfw: init 2024-07-24 15:11:23 +02:00
github-actions[bot]
df499e467c
Merge staging-next into staging 2024-07-24 12:01:42 +00:00
github-actions[bot]
8402add1f4
Merge master into staging-next 2024-07-24 12:01:12 +00:00
Silvan Mosberger
473e469d5a
Merge pull request #328381 from tie/map-attrs-flatten 2024-07-24 13:32:34 +02:00
Ivan Trubach
b9c51260d0 lib/deprecated: print deprecation warning for mapAttrsFlatten 2024-07-24 13:23:16 +03:00
Yaya
9ea48560ad nixos/doc/rl-2411: Mention a change in nixos/gitlab
`gitaly` is now using the bundled git package instead of `pkgs.git`
internally to maintain compatibility with GitLab.
2024-07-24 10:51:55 +02:00
Maximilian Bosch
bf2d040432
postgresql: 15 -> 16 for 24.11+
Upgrade default postgresql for stateVersion >=24.11.
This also rebuilds all packages linking against `libpq.so` to use
postgresql 16.

After re-reading https://www.postgresql.org/docs/16/release-16.html
I don't see any major risks about doing that.
2024-07-24 10:43:02 +02:00
Dominique Martinet
b846e8762f nixos/cryptpad: init
This is a full rewrite independent of the previously removed cryptpad
module, managing cryptpad's config in RFC0042 along with a shiny test.

Upstream cryptpad provides two nginx configs, with many optimizations
and complex settings; this uses the easier variant for now but
improvements (e.g. serving blocks and js files directly through nginx)
should be possible with a bit of work and care about http headers.

the /checkup page of cryptpad passes all tests except HSTS, we don't
seem to have any nginx config with HSTS enabled in nixpkgs so leave this
as is for now.

Co-authored-by: Pol Dellaiera <pol.dellaiera@protonmail.com>
Co-authored-by: Michael Smith <shmitty@protonmail.com>
2024-07-24 16:17:26 +09:00
Thomas Gerbet
e54753495c
linux/common-config: restrict access to dmesg
`SECURITY_DMESG_RESTRICT` is enabled by default by a lot of
other distributions for a quite a while now, NixOS is a bit of an outlier.
The main justification to enable it is that kernel log might leak kernel
pointers which can then be used by exploits to defeat KASLR (NixOS also
enables `kernel.kptr_restrict` by default since 2013).
2024-07-24 12:06:04 +05:30
Payas Relekar
aebb3d3474 nixos/goatcounter: init 2024-07-24 10:17:44 +05:30
Bobby Rong
be722f046d
cinnamon: Document scope deprecation 2024-07-23 22:12:43 +08:00
github-actions[bot]
d284ef371e
Merge master into staging-next 2024-07-23 12:01:18 +00:00
Gavin John
467f7b25f6 nixos/doc/rl-2411: Document programs.immersed-vr 2024-07-23 10:07:57 +01:00
Florian
a161b380a9
Merge pull request #328205 from litchipi/ifm
ifm: init at 4.0.2
2024-07-23 09:35:56 +02:00
Litchi Pi
0fb7268b9b Init IFM service at version 4.0.2
Signed-off-by: Litchi Pi <litchi.pi@proton.me>
2024-07-23 08:44:50 +02:00
github-actions[bot]
09a27d5bc1
Merge master into staging-next 2024-07-23 00:02:18 +00:00
Martin Weinelt
bd473ceae3
nixos/doc/rl-2411: add ollama changes 2024-07-22 14:51:40 +02:00
Cottand
6e52b03583 nomad_1_5: deprecate 2024-07-20 20:19:33 +01:00
Vladimír Čunát
577f40b8a9
Merge branch 'staging' into staging-next 2024-07-20 16:12:24 +02:00
Pavel Sobolev
c9c14f86db
nixos/flaresolverr: initial commit 2024-07-19 20:55:21 +03:00
github-actions[bot]
401d4660b3
Merge staging-next into staging 2024-07-18 18:01:57 +00:00
Krzysztof Nazarewski
676a51c41f nixos/hardware.display: init 2024-07-18 16:57:40 +03:00
github-actions[bot]
844ec2d5a1
Merge staging-next into staging 2024-07-18 12:01:55 +00:00
Martin Weinelt
983077457f
Merge remote-tracking branch 'origin/staging-next' into staging
Conflicts:
-	pkgs/development/python-modules/uvcclient/default.nix
-	pkgs/development/tools/rust/rust-analyzer/default.nix
2024-07-18 12:35:33 +02:00
Jacek Galowicz
dfc9d68303
Merge pull request #319308 from frederictobiasc/nixosTest-ipv6
nixosTest: Introduce IPv6
2024-07-18 11:52:10 +02:00
Frédéric Christ
c6f6c28218 nixos/testing: Add ipv6 configuration
This contribution enables a working IPv6 setup by default. This works
analog to the current automatic IPv4 setup.
2024-07-18 10:22:32 +02:00
Martin Weinelt
bf8439efae
Merge pull request #311927 from mweinelt/music-assistant
music-assistant: init at 2.0.7
2024-07-18 02:31:18 +02:00
Darragh Elliott
61820de2d4 ddns-updater: Add module, test, update script 2024-07-17 21:56:05 +00:00
Martin Weinelt
974165d1cc
nixos/doc/rl-2411: add music-assistant 2024-07-17 22:29:39 +02:00
Kira Bruneau
b37088de74
Merge pull request #326894 from kira-bruneau/replay-sorcery
replay-sorcery: remove as it is unmaintained upstream
2024-07-17 14:37:51 -04:00
Artturin
20cf80e167 Merge branch 'staging-next' into staging 2024-07-17 21:29:37 +03:00
Nicolas Mémeint
12f1589056 authelia: 4.37.5 -> 4.38.9 2024-07-17 17:26:46 +02:00
Weijia Wang
078fdedf26 Merge branch 'staging-next' into staging 2024-07-17 13:10:23 +02:00
Sandro
51fcc2c92e
Merge pull request #314440 from ju1m/radicle 2024-07-17 13:04:06 +02:00
Pyrox
a24fa6098d
nixos/gotenberg: init 2024-07-17 10:37:35 +02:00
Artturin
a516ea8c99 Merge branch 'staging-next' into staging 2024-07-16 19:07:48 +03:00
Kira Bruneau
c0c8a36716 replay-sorcery: remove as it is unmaintained upstream 2024-07-16 07:29:07 -04:00
Atemu
aba669227b
Merge pull request #326618 from emilazy/drop-ffmpeg-5
ffmpeg_5: drop
2024-07-16 13:06:36 +02:00
Robert Scott
b207b6ef74 cc-wrapper: add support for shadowstack hardening flag 2024-07-14 21:25:47 +01:00
seth
1b26960b05
nixos/doc/rl-2411: budgie and budgiePlugins have been removed 2024-07-14 15:38:11 -04:00
github-actions[bot]
31817540ee
Merge staging-next into staging 2024-07-14 18:01:37 +00:00
Masum Reza
47d9445dfa
Merge pull request #311189 from Luis-Licea/master
nixos/localsend: init
2024-07-14 19:53:43 +05:30
github-actions[bot]
0d7af056e2
Merge staging-next into staging 2024-07-14 12:02:04 +00:00
Pol Dellaiera
1a8e33d451
Merge pull request #326532 from drupol/module/add-tika
nixos/tika: init module
2024-07-14 12:27:27 +02:00
Emily
f9eee6b0a7 ffmpeg_5: drop 2024-07-14 08:35:56 +01:00
Vladimír Čunát
211398c03e
Merge branch 'staging-next' into staging 2024-07-14 08:35:35 +02:00
éclairevoyant
9665639708
Merge pull request #310708 from importantblimp/180654
nixos/input-method: deprecate .enabled option; add .type and .enable options
2024-07-14 00:02:13 +00:00
Gavin John
3e8b6a47fb
nixos/doc/rl-2411: Document programs.localsend 2024-07-14 00:08:34 +05:30
K900
3eeff54780 nixos/alsa: kill sound.enable and friends with fire 2024-07-13 13:56:18 +03:00
Pol Dellaiera
c8bf7321a9
nixos/tika: init module 2024-07-12 18:46:53 +02:00
github-actions[bot]
b66506a79e
Merge staging-next into staging 2024-07-12 12:01:44 +00:00
Martin Weinelt
e62de266ad
Merge pull request #326149 from mguentner/remove_mxisd_ma1sd
nixos/mxisd: remove module
2024-07-12 13:15:11 +02:00
Maximilian Güntner
23e62062bc
nixos/mxisd: remove module
mxisd and ma1sd are both unmaintained
2024-07-12 11:44:59 +02:00
GY
bcc7eff2c5
nixos/input-method: deprecate .enabled option; add .type and .enable options
This commit introduces two new properties:
`enable` and `type`, to replace the `enabled` property.
`enable` has the same meaning as is common across nixpkgs.
`type` has the same meaning as the existing `enabled` property.
`enabled` property is now deprecated and will be removed in a future release.

Fixes #180654
2024-07-12 03:59:20 -04:00
Doron Behar
3cddaded22
Merge pull request #318015 from doronbehar/pkg/yarnConfigHook
Create yarnBuildHook and yarnConfigHook
2024-07-12 09:45:26 +03:00
Vladimír Čunát
2c053848df
Merge branch 'master' into staging 2024-07-11 22:05:05 +02:00
Aleksana
e04b0e7323
Merge pull request #326162 from jopejoe1/vim-refactor
nixos/vim: add enable option and link `/share/vim-plugins` only when …
2024-07-11 21:35:06 +08:00
Sandro
24cefb01b3
Merge pull request #284419 from ocfox/realm 2024-07-11 10:46:47 +02:00
jopejoe1
5f56edf0b9 nixos/vim: add enable option and link /share/vim-plugins only when vim is enabled 2024-07-11 08:08:12 +02:00
Martin Weinelt
176a56c40f
Merge remote-tracking branch 'origin/staging-next' into staging
Conflicts:
- pkgs/applications/misc/blender/default.nix
- pkgs/development/web/nodejs/nodejs.nix
2024-07-11 01:06:28 +02:00
jopejoe1
a9007d0831 nixos/nano: only link /share/nano when nano is enabled 2024-07-10 20:29:50 +02:00
ocfox
f0e2e1d83e
nixos/realm: add release note 2024-07-10 16:43:18 +02:00
Doron Behar
238d267aef doc: mention yarn hooks in release notes 2024-07-10 09:39:48 +03:00
Gavin John
e922115dfd nixos/doc/rl-2411: Document nixos/qgroundcontrol 2024-07-09 18:19:19 -04:00
Pol Dellaiera
db41081a91
Merge pull request #323743 from NixOS/nixos/module/glance-init
nixos/glance: init module
2024-07-09 06:42:22 +02:00
Pol Dellaiera
00e9e54702
nixos/glance: init module 2024-07-08 13:14:09 +02:00
Max Hausch
a8038698d3
nixos/restic: add option to inhibit going to sleep 2024-07-08 09:43:27 +02:00
Franz Pletz
e5fadeaa27
Merge pull request #321962 from LostAttractor/iproute2/libbpf 2024-07-07 02:08:31 +02:00
Martin Weinelt
e7b1ee45cf
Merge remote-tracking branch 'origin/staging-next' into staging
Conflicts:
- pkgs/tools/misc/watchlog/default.nix
2024-07-06 01:52:35 +02:00
Martin Weinelt
d9610a9f2e
Merge remote-tracking branch 'origin/master' into staging-next 2024-07-06 01:51:14 +02:00
Weijia Wang
93244d111c
Merge pull request #276106 from 9ary/pam_u2f-rfc42
nixos/pam/u2f: implement RFC0042
2024-07-05 23:20:03 +02:00
Maximilian Bosch
c4a59a99ba
Merge pull request #324617 from NotAShelf/271968-take-two
nixos/roundcube: adjust maxAttachmentSize, clarify documentation
2024-07-05 21:16:45 +00:00
Julien Moutinho
88fb6d37e3 nixos/radicle: init services 2024-07-05 22:07:32 +02:00
novenary
fcccfb9e48 nixos/pam/u2f: implement RFC0042
This module has a lot of options, so it's a good candidate for freeform
settings.
2024-07-05 17:07:02 +03:00
github-actions[bot]
4bba3c5730
Merge master into staging-next 2024-07-05 12:01:14 +00:00
Jonas Heinrich
e97d5eb3eb
Merge pull request #293210 from onny/eintopf
nixos/eintopf: init; eintopf: init at 0.13.16
2024-07-05 13:12:59 +02:00
Jonas Heinrich
28512d1ba4 nixos/eintopf: init 2024-07-05 13:12:35 +02:00
Martin Weinelt
fda13875da Merge remote-tracking branch 'origin/master' into staging-next
Conflicts:
- pkgs/development/python-modules/deebot-client/default.nix
- pkgs/development/python-modules/pytest-examples/default.nix
- pkgs/development/python-modules/w3lib/default.nix
2024-07-05 13:04:01 +02:00
tomberek
d9c0b9d611
Merge pull request #324627 from justinas/teleport-16
teleport_16: init at 16.0.4
2024-07-04 23:18:27 -04:00
github-actions[bot]
30cfd4445f
Merge master into staging-next 2024-07-05 00:02:21 +00:00
❄️
f5c3f086bf
Merge pull request #321015 from Pandapip1/init-envision
envision: init at 0-unstable-2024-06-23
2024-07-04 20:26:56 -03:00
Sandro
ff3896167e
Merge pull request #319743 from azuwis/moonlight-qt
moonlight-qt: 5.0.1 -> 6.0.1, and other enhancements
2024-07-04 21:53:02 +02:00
Justinas Stankevicius
e7e3ca4bb5 teleport_16: init at 16.0.4 2024-07-04 21:04:27 +03:00
github-actions[bot]
36cbae9ff0
Merge master into staging-next 2024-07-04 18:01:19 +00:00
NotAShelf
48d1d14633
nixos/roundcube: adjust maxAttachmentSize, clarify documentation 2024-07-04 20:07:19 +03:00
Paul-Henri Froidmont
bca32a4163
nixos/patroni: remove raft 2024-07-04 10:22:19 +02:00
Masum Reza
410d1213cd
Merge pull request #323983 from Aleksanaa/cargoSha256-change
treewide: remove all cargoSha256 usage
2024-07-04 10:50:18 +05:30
Vladimír Čunát
c76085b3a9
Merge branch 'master' into staging-next 2024-07-03 19:07:35 +02:00
Gavin John
2e8c8e4905 nixos/doc/rl-2411: Document programs.envision 2024-07-03 15:12:28 +00:00
aleksana
f6ee8a0bdc nixos/doc/rl-2411: mention cargoSha256 deprecation 2024-07-03 21:54:40 +08:00
Sandro
d47039cd5d
Merge pull request #322597 from tomodachi94/drop/vscode-css-json-html-languageserver-bin 2024-07-03 15:28:49 +02:00
Weijia Wang
f5a7e092f3 Merge branch 'master' into staging-next 2024-07-02 22:22:02 +02:00
Thomas Gerbet
8ddb1bb721
Merge pull request #318599 from pacien/nixos-fcgiwrap-isolation
nixos/fcgiwrap: refactor to fix permissions
2024-07-02 21:52:33 +02:00
Sandro
4f90cfd2f9
Merge pull request #313984 from yayayayaka/gitlab-17.0.1
gitlab: 16.11.5 -> 17.1.1
2024-07-02 20:12:42 +02:00
K900
c7268baf73 Merge remote-tracking branch 'origin/master' into staging-next 2024-07-02 20:59:57 +03:00
K900
caff135cb1
Merge pull request #323419 from Ma27/bump-grafana
grafana: 11.0.0 -> 11.1.0
2024-07-02 20:59:21 +03:00
Alyssa Ross
629d1dc03e
Merge remote-tracking branch 'origin/master' into staging-next
Conflicts:
	pkgs/development/lua-modules/generated-packages.nix
2024-07-01 14:34:32 +02:00
Jörg Thalheim
c08bd9add4
Merge pull request #307123 from CaptainJawZ/shiori
shiori: 1.5.5 -> 1.7.0
2024-07-01 13:46:24 +02:00
Martin Weinelt
9b79a05ae1
Merge remote-tracking branch 'origin/master' into staging-next
Conflicts:
- pkgs/development/python-modules/flexcache/default.nix
- pkgs/development/python-modules/flexparser/default.nix
- pkgs/development/python-modules/odp-amsterdam/default.nix
- pkgs/development/python-modules/pint/default.nix
- pkgs/development/python-modules/uncertainties/default.nix
- pkgs/top-level/python-packages.nix
2024-07-01 01:07:21 +02:00
Bobby Rong
4b2a0b20e6
Merge pull request #319091 from bobby285271/upd/cinnamon
Cinnamon 6.2
2024-06-30 20:47:37 +08:00
Jörg Thalheim
64bd039d92 rl-2411: document new setting required for shiori 2024-06-30 13:48:21 +02:00
zowoq
7244df6927 buildbot: 3.11.3 -> 4.0.0
sometimes takes a while for upstream to publish on pypi so switch to using github source for master, pkg, worker and github releases for the plugins which require built assets
2024-06-30 13:26:51 +10:00
h7x4
f4ebfc297c
Merge pull request #200654 from aacebedo/aacebedo/playerctld
playerctl: add daemon service
2024-06-30 03:41:17 +02:00
h7x4
8a76b6258e
doc/release-notes: add note about new service playerctld 2024-06-30 02:27:20 +02:00
Maximilian Bosch
61c8a190f7
nixos/rl-2411: document breaking change in grafana 2024-06-29 19:09:05 +02:00
Bobby Rong
49d0f43f57
nixos/doc/rl-2411: Mention Cinnamon 6.2 update 2024-06-29 23:56:38 +08:00
github-actions[bot]
2f3bfad6d2
Merge master into staging-next 2024-06-28 00:02:11 +00:00
Silvan Mosberger
c8dec6df38
Merge pull request #322801 from eclairevoyant/discourage-mkpackageoptionmd
lib: deprecate mkPackageOptionMD
2024-06-27 20:15:08 +02:00
Yaya
d7fd9d19b2 nixos/doc/rl-2411: Mention minimal postgresql requirement for gitlab 17
`gitlab` >= 17.0 requires at least `postgresql` >= 14.9. GitLab users
are advised to follow the mentioned steps in the manual to upgrade their
PostgreSQL installation.
2024-06-27 19:52:03 +02:00
Martin Weinelt
d50a1e97b1
Merge remote-tracking branch 'origin/master' into staging-next 2024-06-27 16:16:01 +02:00
Jonas Heinrich
77e7768849
Merge pull request #322397 from Ma27/bump-nextcloud
nextcloud: drop 27, 28.0.6 -> 28.0.7, 29.0.2 -> 29.0.3
2024-06-27 14:09:29 +02:00
éclairevoyant
77f6192786
lib: deprecate mkPackageOptionMD 2024-06-26 23:14:45 -04:00
ChaosAttractor
b87367d6ce
iproute2: add libbpf support 2024-06-26 20:25:34 +08:00
Tomodachi94
5912dfd17c
nixos/doc/rl-2411: drop nodePackages.vscode-*-bin
Packages dropped:
* nodePackages.vscode-css-languageserver-bin
* nodePackages.vscode-json-languageserver-bin
* nodePackages.vscode-html-languageserver-bin
2024-06-26 02:19:16 -07:00
github-actions[bot]
27074b7d07
Merge master into staging-next 2024-06-26 00:02:13 +00:00
Sandro
3176d6fb53
Merge pull request #315144 from mattpolzin/default-nodename-fix
nixos/services.kubernetes.kubelet: handle non-lower case chars in hostname
2024-06-25 22:38:46 +02:00
Sandro
1813936aff
Merge pull request #272895 from xanderio/wg-access-server-0.10.1
wg-access-server: init at 0.12.1
2024-06-25 21:21:19 +02:00
github-actions[bot]
08b5c3c46a
Merge master into staging-next 2024-06-25 18:01:20 +00:00
Yaya
8e85799e54 nixos/doc/rl-2411: Add a deprecation notice for gitlab-runner 2024-06-25 17:06:45 +02:00
Yaya
95bd18b5c5 nixos/doc/rl-2411: Add a deprecation notice for gitlab 2024-06-25 17:06:45 +02:00
Maximilian Bosch
60657a4591
nextcloud27: remove
Version will be EOL by the end of 2024-06.
2024-06-25 14:08:15 +02:00
Martin Weinelt
de245ec4a5
Merge remote-tracking branch 'origin/master' into staging-next 2024-06-25 13:00:25 +02:00
Alexander Sieg
32f2e9c950
wg-access-server: add release notes entry 2024-06-25 11:03:02 +02:00
Moritz Sanft
43990c5428
nixos/prometheus: remove minio exporter 2024-06-25 11:00:01 +02:00
Mathew Polzin
88d934879a nixos/services.kubernetes.kubelet: handle non-lower case characters in hostname 2024-06-23 14:06:42 -05:00
github-actions[bot]
07b6f9e8ae
Merge staging-next into staging 2024-06-23 18:01:37 +00:00
Artturin
2cfac74be5
Merge pull request #319139 from NyCodeGHG/android-ndks
android-ndks: add 25, 26 ndks, update default ndk and sdk
2024-06-23 20:39:28 +03:00
Martin Weinelt
2096642430
Merge remote-tracking branch 'origin/staging-next' into staging
Conflicts:
- pkgs/os-specific/windows/mingw-w64/default.nix
2024-06-23 19:09:00 +02:00
Niklas Hambüchen
65378f632a
Merge pull request #321966 from nh2/libe57format-3.1.1
libe57format: 2.2.0 -> 3.1.1
2024-06-23 19:00:23 +02:00
Niklas Hambüchen
dbbaf02a9c release-notes: Mention libe57format upgrade 2024-06-23 16:18:56 +00:00
Yt
12cdce24bb
Merge pull request #317239 from pacien/nixos-stalwart-no-dynamic-user-release-log
doc/release-notes: migration note for stalwart-mail user
2024-06-23 01:13:30 +00:00
Doron Behar
9c7e7d8f18
Merge pull request #258058 from doronbehar/pkg/transmission_4
transmission: sent a warning and alias it to transmission_3
2024-06-23 00:07:37 +03:00
Yueh-Shun Li
657517056c
clang-tools: add release note entry about moving into llvmPackages
Add 24.11 release note entry about moving clang-tools into llvmPackages
and making clang-tools_<version> aliases.
2024-06-23 01:35:02 +05:30
euxane
2d8626bf0a nixos/cgit: configurable user instead of root
This allows running cgit instances using dedicated users instead of
root. This is now set to "cgit" by default.
2024-06-22 19:45:25 +02:00
euxane
51b246a1ac nixos/fcgiwrap: do not run as root by default
Use a dynamic user instead unless one is specified.
2024-06-22 19:45:25 +02:00
euxane
81f72015f0 nixos/fcgiwrap: add unix socket owner, private by default
This adds a few options to properly set the ownership and permissions
on UNIX local sockets, set to private by default.

Previously, the created UNIX local sockets could be used by any local
user. This was especially problematic when fcgiwrap is running as root
(the default).
2024-06-22 19:45:25 +02:00
euxane
41419ca288 nixos/fcgiwrap: refactor for multiple instances
This allows configuring and starting independent instances of the
fgciwrap service, each with their own settings and running user,
instead of having to share a global one.

I could not use `mkRenamedOptionModule` on the previous options
because the aliases conflict with `attrsOf submodule` now defined at
`services.fcgiwrap`. This makes this change not backward compatible.
2024-06-22 19:45:15 +02:00
Benjamin Staffin
e93ccda887
nixos/ipa: Make ipa_hostname configurable (#321588)
Some sites put hosts in domains outside of the IPA server's default
domain, so this needs to be user-configurable.  The default is to use
the system's FQDN if it is configured, otherwise fallback to the
previous default behaviour of assuming the IPA's server's domain.
2024-06-22 11:29:54 -04:00
Nick Cao
d10d0fc423
nixos/keycloak: update options for release 25.0.0
Reference: https://www.keycloak.org/docs/25.0.0/upgrading/
2024-06-22 10:23:09 -04:00
github-actions[bot]
c6707a9686
Merge staging-next into staging 2024-06-21 12:01:53 +00:00
Doron Behar
7645dde059 transmission_3: rename from transmission 2024-06-21 12:33:37 +03:00
h7x4
11c5359c4f
Merge pull request #319516 from r-vdp/wstunnel-init
wstunnel: 9.6.2 -> 9.7.0
2024-06-21 09:17:42 +02:00
github-actions[bot]
667f4bf852
Merge staging-next into staging 2024-06-20 12:01:36 +00:00
K900
5ce022e0e0
Merge pull request #319865 from JohnRTitor/amdgpu-module
nixos/amdgpu: init module
2024-06-20 14:29:01 +03:00
Rick van Schijndel
43ce0f9ee0
Merge pull request #318256 from risicle/ris-stack-clash-protection
cc-wrapper: add stack clash protection hardening flag
2024-06-19 19:54:30 +02:00
github-actions[bot]
446fc5bdf3
Merge staging-next into staging 2024-06-19 00:03:05 +00:00
Martin Weinelt
f822b2ba5c Merge remote-tracking branch 'origin/staging-next' into staging
Conflicts:
- pkgs/development/python-modules/langsmith/default.nix
- pkgs/development/python-modules/rich-pixels/default.nix
- pkgs/servers/teleport/generic.nix
2024-06-18 20:16:19 +02:00
Thiago Kenji Okada
6b15cd0387 nixos/doc: add services.flood to rl-2411 2024-06-18 08:47:29 -03:00
r-vdp
0faddabc33
nixos/wstunnel: Add a mention in the release notes 2024-06-18 11:07:07 +03:00
John Titor
4f0fbbd09a
docs/release-notes: 24.11: add amdgpu module 2024-06-18 10:04:03 +05:30
Marie Ramlow
56d1e7a41b lib.systems.examples: update default android sdk to 33, ndk to 26 2024-06-17 09:53:31 +02:00
Sandro
f88f5fec3e
Merge pull request #318933 from mweinelt/vaultharden
nixos/vaultwarden: update state directory name, harden systemd unit
2024-06-16 13:31:10 +02:00
Pol Dellaiera
31ec299d80
Merge pull request #320194 from numinit/android-studio-full
android-studio-full: fix changelog ordering
2024-06-16 10:11:43 +02:00
Florian Klink
69efc46438
Merge pull request #315205 from widlarizer/tracy-remove-legacy
tracy: fix wayland - remove legacy build, add deps
2024-06-16 10:03:23 +03:00
Morgan Jones
cb452d89b3
android-studio-full: move changelog; fix duplicate merged line 2024-06-16 00:00:19 -07:00
Martin Weinelt
be53df7236
nixos/vaultwarden: harden systemd unit
Drops the capability to bind to privileged ports.
2024-06-16 01:33:12 +02:00
Emil J. Tywoniak
aefaf8f50b tracy: move to wayland, add tracy-x11 2024-06-15 22:52:03 +02:00
Zach Mitchell
aeba240cf3 moonlight-qt: 5.0.1 -> 6.0.0 2024-06-13 19:11:19 +08:00
github-actions[bot]
aacd9cf894
Merge staging-next into staging 2024-06-13 00:02:48 +00:00
Masum Reza
7082d01967
nixos/amdvlk: init module (#318175) 2024-06-12 22:45:01 +02:00
github-actions[bot]
d4adfab6df
Merge staging-next into staging 2024-06-12 06:01:24 +00:00
OTABI Tomoya
1f278a2082
Merge pull request #318384 from NyCodeGHG/nixos/renovate
nixos/renovate: init
2024-06-12 10:05:27 +09:00
Marie Ramlow
0adb3b8033 nixos/renovate: init 2024-06-11 18:57:04 +02:00
euxane
e23df553b0 doc/release-notes: migration note for stalwart-mail user
This follows 6ee84bcda0.

Here I prefer a simple mention in the release notes instead of some
automatic migration, which could interfere with all the other changes
already potentially requiring some admin interventions.

Co-authored-by: Sandro Jäckel <sandro.jaeckel@gmail.com>
2024-06-10 21:03:24 +02:00
github-actions[bot]
507aeeb037
Merge staging-next into staging 2024-06-09 00:03:32 +00:00
github-actions[bot]
26e3a02633
Merge master into haskell-updates 2024-06-08 00:14:17 +00:00
Robert Scott
6375a5878d doc/release-notes: 24.11: addition of stackclashprotection hardening flag 2024-06-07 23:55:33 +01:00
github-actions[bot]
ef554485a4
Merge staging-next into staging 2024-06-07 18:01:57 +00:00
Thomas Churchman
d226935fd7 nixos/ddclient: deprecate use, implement use{v4,v6}
Upstream replaced `use` with `use{v4,v6}`:
4a1b06630b/ChangeLog.md (new-features)
2024-06-07 17:28:25 +02:00
Martin Weinelt
7ff8facb8b
Merge remote-tracking branch 'origin/staging-next' into staging 2024-06-07 07:25:52 +02:00
github-actions[bot]
a5d1b908b4
Merge master into haskell-updates 2024-06-07 00:13:56 +00:00
Peder Bergebakken Sundt
4f06a00fa9
Merge pull request #295155 from onemoresuza/hare-hook
hareHook: init
2024-06-06 23:55:33 +02:00
github-actions[bot]
4883735d0c
Merge staging-next into staging 2024-06-06 06:01:40 +00:00
github-actions[bot]
bd4363d68b
Merge master into haskell-updates 2024-06-06 00:13:27 +00:00
Jonathan Davies
7d7cb3e425
doc/release-notes: 24.11: Added Quickwit item to new services. 2024-06-06 00:49:42 +01:00
github-actions[bot]
937c2fa134
Merge staging-next into staging 2024-06-05 18:01:19 +00:00
Adam C. Stephens
af4ac075a3
Merge pull request #312523 from emilylange/nixos-forgejo-secrets
nixos/forgejo: refactor secrets, add `cfg.secrets`, forgejo: build `environment-to-ini`, nixos/tests/forgejo: test `cfg.secrets` using /metrics endpoint
2024-06-05 10:01:37 -04:00
github-actions[bot]
d7993cebbc
Merge staging-next into staging 2024-06-05 12:01:43 +00:00
Thomas Gerbet
ef6fea2d86 openssh: move Kerberos support into a dedicated package
The `openssh` and `openssh_hpn` packages are now built without
the Kerberos support by default in an effort to reduce the attack surface.

The Kerberos support is likely used only by a fraction of the total users
(I'm guessing mainly users integrating SSH in an Active Directory env) so
dropping it should not impact too many users. It should also be noted that
the Kerberos/GSSAPI auth is disabled by default in the configuration.
`opensshWithKerberos` and `openssh_hpnWithKerberos` are added in order
to provide an easy migration path for users needing this support.

The `openssh_gssapi` package is kept untouched.
2024-06-05 19:45:31 +10:00
Pol Dellaiera
133aa44c38
Merge pull request #317286 from drupol/open-webui-add-more-env
nixos/{ollama,open-webui}: minor service update
2024-06-05 09:12:28 +02:00
Pol Dellaiera
8ea262601a
nixos/open-webui: add release note entry 2024-06-05 08:05:18 +02:00
github-actions[bot]
daadd0b777
Merge master into haskell-updates 2024-06-05 00:13:17 +00:00
github-actions[bot]
1e2381cfc5
Merge staging-next into staging 2024-06-05 00:02:59 +00:00
Coutinho de Souza
b0fcfa88cf
hareHook: init
Co-authored-by: Colin <colin@uninsane.org>
2024-06-04 20:32:51 -03:00
emilylange
ac20219508
nixos/rl-2411: add services.forgejo.secrets
and the accompanying `services.forgejo.mailerPasswordFile` deprecation.
2024-06-05 01:05:47 +02:00
José Ribeiro
6fc5c63584
doc(rl-24.11): zx v8 breaking changes 2024-06-03 22:16:55 +01:00
Robert Scott
35b3c16331 nixos/doc/rl-2411: zerocallusedregs hardening flag enabled by default 2024-06-03 22:02:18 +01:00
github-actions[bot]
ac1903efd3
Merge master into haskell-updates 2024-06-03 00:13:54 +00:00
Stefan Majewsky
d11d18df30 portunus: remove libxcrypt-legacy usage 2024-06-01 10:28:21 +02:00
sternenseemann
c2b48909d6 Merge master into haskell-updates 2024-05-31 12:49:29 +02:00
Yt
6606ce9c0c
Merge pull request #273101 from onny/invoiceplane-settings2
nixos/invoiceplane: Remove deprecated extraConfig
2024-05-31 00:04:34 +00:00
euxane
0174aa1c56 nixos/stalwart-mail: rocksdb as default storage
This sets RocksDB as the default storage backend for `stateVersion` >=
24.11. For previous `stateVersion`s, the structured data and blobs
remain on SQLite and the filesystem respectively.

This is closer to the suggested upstream configuration for fully local
storage.
2024-05-30 16:22:03 +02:00
github-actions[bot]
7476d0d0c9
Merge master into haskell-updates 2024-05-30 00:13:58 +00:00
Someone Serge
fdf0e19b73 imgui: mention cmake integration in release notes 2024-05-28 19:58:02 +00:00
Jonas Heinrich
4217b9cd9a nixos/invoiceplane: Remove deprecated extraConfig 2024-05-28 14:07:44 +02:00
Rebecca Turner
d2618822ab haskell.lib.compose.justStaticExecutables: Forbid references to GHC
This makes `justStaticExecutables` error if the produced store path
contains references to GHC. This is almost always erroneous and due to
the generated `Paths_*` module being imported. This helps prevent
`justStaticExecutables` from producing binaries with closure sizes in
the gigabytes.

See: https://github.com/NixOS/nixpkgs/issues/164630

Co-authored-by: sternenseemann <sternenseemann@systemli.org>
2024-05-27 21:08:16 +02:00
superherointj
f2a202ff38 nixos/doc/rl-2411: nginx now has gd, geoip as an optional 2024-05-25 12:12:50 -03:00
Jonas Heinrich
3c80361f9a nixos/stalwart-mail: add release notes 2024-05-24 12:25:33 +02:00
Lucas Hoffmann
eff2e77eee nvimpager: 0.12.0 -> 0.13.0 2024-05-23 14:57:33 +02:00
Weijia Wang
f7da007372 doc/release-notes: update codename 2024-05-22 18:48:39 +02:00
Weijia Wang
4a817d2083 24.05 is Vicuña 2024-05-22 18:15:34 +02:00