nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-25 16:33:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
660,776 Commits 249 Branches 124 Tags 7.5 GiB
43fe9d2bbc
Commit Graph

42711 Commits

Author SHA1 Message Date
Robert Hensing
c5e5aa7266
Merge pull request #308822 from yorickvP/yorickvp/streamLayeredImage-overridable 
dockerTools.streamLayeredImage: add includeNixDB argument, expose conf and streamScript
 2024-07-24 16:02:35 +02:00
Peder Bergebakken Sundt
24899eea99
Merge pull request #327184 from bhankas/goatcounter 
nixos/goatcounter: init
 2024-07-24 15:38:27 +02:00
eum3l
86ae0fca93 nixos/opengfw: init 2024-07-24 15:11:23 +02:00
github-actions[bot]
8402add1f4
Merge master into staging-next 2024-07-24 12:01:12 +00:00
Silvan Mosberger
473e469d5a
Merge pull request #328381 from tie/map-attrs-flatten 2024-07-24 13:32:34 +02:00
Ivan Trubach
b9c51260d0 lib/deprecated: print deprecation warning for mapAttrsFlatten 2024-07-24 13:23:16 +03:00
Yaya
9ea48560ad nixos/doc/rl-2411: Mention a change in nixos/gitlab 
`gitaly` is now using the bundled git package instead of `pkgs.git`
internally to maintain compatibility with GitLab.
 2024-07-24 10:51:55 +02:00
Yaya
66f9d60dd7 nixosTests.gitlab: add git package 2024-07-24 10:51:55 +02:00
Yaya
feeb53a430 nixos/gitlab: Replace git package with bundled git 
This commit switches gitaly's git package from `pkgs.git` to the bundled
`git` package in order to maintain compatibility with the supported git
release by gitaly.
 2024-07-24 10:51:55 +02:00
TheRealGramdalf
d66d94b37b
nixos/caddy: fix group option description (#328034) 2024-07-24 16:40:07 +08:00
Sven Slootweg
51a72a8271
nixos/caddy: fix module docs for new root syntax (#328444) 
Old syntax no longer works; `root` now takes two arguments. Updated example in module documentation to reflect this.
 2024-07-24 16:38:48 +08:00
Dominique Martinet
7c448e8d44 nixos/cryptpad: harden service 
cryptpad is not directly exposed to the network, but has plenty that can
be hardened more properly, so fix that.
 2024-07-24 16:17:32 +09:00
Dominique Martinet
b846e8762f nixos/cryptpad: init 
This is a full rewrite independent of the previously removed cryptpad
module, managing cryptpad's config in RFC0042 along with a shiny test.

Upstream cryptpad provides two nginx configs, with many optimizations
and complex settings; this uses the easier variant for now but
improvements (e.g. serving blocks and js files directly through nginx)
should be possible with a bit of work and care about http headers.

the /checkup page of cryptpad passes all tests except HSTS, we don't
seem to have any nginx config with HSTS enabled in nixpkgs so leave this
as is for now.

Co-authored-by: Pol Dellaiera <pol.dellaiera@protonmail.com>
Co-authored-by: Michael Smith <shmitty@protonmail.com>
 2024-07-24 16:17:26 +09:00
Vladimír Čunát
cd346565bb
Merge branch 'master' into staging-next 2024-07-24 07:19:19 +02:00
Payas Relekar
aebb3d3474 nixos/goatcounter: init 2024-07-24 10:17:44 +05:30
Masum Reza
13da3c09fb
Merge pull request #327499 from max-privatevoid/pam-kanidm-package-option 
nixos/pam: use Kanidm's package option
 2024-07-24 09:24:09 +05:30
Franz Pletz
b865ea167d
Merge pull request #321644 from pedorich-n/netdata-146 2024-07-23 23:23:30 +02:00
Franz Pletz
e6ae50bb83
Merge pull request #327986 from 7596ff/7596ff/airsonic-context-path 2024-07-23 23:15:27 +02:00
Franz Pletz
f1f5d9433b
Merge pull request #329014 from n8henrie/n8henrie-espanso-maintainer 2024-07-23 23:14:53 +02:00
Kiskae
bfeb6e74cf nixos/nvidia: default open for version 560+ 2024-07-23 22:41:30 +02:00
Jan Tojnar
3178439a4e
Merge pull request #282317 from dawidd6/gdm-autologin-unlocks-keyring 
nixos/gdm: autologin unlocks keyring when possible
 2024-07-23 21:04:35 +02:00
Bobby Rong
be722f046d
cinnamon: Document scope deprecation 2024-07-23 22:12:43 +08:00
Bobby Rong
d2ec434026
nixos/cinnamon: Fix excludePackages example 
We don't ship blueberry and blueberry is in top-level.
 2024-07-23 22:12:42 +08:00
Bobby Rong
22b54a6e7f
cinnamon-gsettings-overrides: Move from cinnamon scope to top-level 2024-07-23 22:12:42 +08:00
Bobby Rong
ab6606dfb8
cinnamon-screensaver: Move from cinnamon scope to top-level 2024-07-23 22:12:42 +08:00
Bobby Rong
d1a7acfc47
cinnamon-common: Move from cinnamon scope to top-level 2024-07-23 22:12:41 +08:00
Bobby Rong
6fd4a53e3e
cinnamon-control-center: Move from cinnamon scope to top-level 2024-07-23 22:12:41 +08:00
Bobby Rong
bf4ffb38d0
cinnamon-session: Move from cinnamon scope to top-level 2024-07-23 22:12:41 +08:00
Bobby Rong
f3d0454e4a
nemo-with-extensions: Move from cinnamon scope to top-level 2024-07-23 22:12:40 +08:00
Bobby Rong
925db507a8
nemo: Move from cinnamon scope to top-level 2024-07-23 22:00:19 +08:00
Bobby Rong
e5373c3e6c
cinnamon-settings-daemon: Move from cinnamon scope to top-level 2024-07-23 22:00:18 +08:00
Bobby Rong
e8fd435f36
cinnamon-translations: Move from cinnamon scope to top-level 2024-07-23 22:00:18 +08:00
Bobby Rong
6f102799e7
cinnamon-menus: Move from cinnamon scope to top-level 2024-07-23 22:00:18 +08:00
Bobby Rong
3fba5befb1
cinnamon-desktop: Move from cinnamon scope to top-level 2024-07-23 22:00:18 +08:00
Franz Pletz
38953c157e
Merge pull request #326369 from getchoo/nixos/nvidia/modesetting 2024-07-23 14:16:56 +02:00
github-actions[bot]
d284ef371e
Merge master into staging-next 2024-07-23 12:01:18 +00:00
Florian
a161b380a9
Merge pull request #328205 from litchipi/ifm 
ifm: init at 4.0.2
 2024-07-23 09:35:56 +02:00
Dawid Dziurla
097b63d424
nixos/gdm: autologin unlocks keyring when possible 2024-07-23 09:34:19 +02:00
Litchi Pi
0fb7268b9b Init IFM service at version 4.0.2 
Signed-off-by: Litchi Pi <litchi.pi@proton.me>
 2024-07-23 08:44:50 +02:00
github-actions[bot]
09a27d5bc1
Merge master into staging-next 2024-07-23 00:02:18 +00:00
Franz Pletz
b12aaa9f9b
Merge pull request #316139 from Luflosi/bind-service-wait-for-ready-status 2024-07-23 00:19:53 +02:00
Pol Dellaiera
771c4624ed
Merge pull request #328713 from mweinelt/ollama-sandbox-issue 
nixos/ollama: replace flawed sandboxing option
 2024-07-22 22:21:16 +02:00
Artturin
60e9cffe2c Merge branch 'master' into staging-next 2024-07-22 22:53:31 +03:00
nikstur
be0df72dfa
Merge pull request #328926 from nikstur/sysusers-only-for-sysusers 
Sysusers only for sysusers
 2024-07-22 20:55:58 +02:00
Bruno BELANYI
87a80cdaf9
Merge pull request #329112 from ambroisie/tandoor-module 
nixos/tandoor-recipes: revert 'GUNICORN_MEDIA=1'
 2024-07-22 15:48:52 +01:00
Jonas Heinrich
4edef1362f sane-backends: configure and use lock dir 2024-07-22 16:46:30 +02:00
Bobby Rong
3e9b9159cb
Merge pull request #327144 from bobby285271/upd/cinnamon-xapps-by-name 
Move various packages out of cinnamon scope
 2024-07-22 21:33:16 +08:00
Martin Weinelt
fe58e8856f
nixos/ollama: make host example dualstack wildcard 
Binding to IPv6 wildcard generally binds dual-stack, which is also a
better example because the way to specify it is not always very clear.
 2024-07-22 14:51:40 +02:00
Martin Weinelt
bd473ceae3
nixos/doc/rl-2411: add ollama changes 2024-07-22 14:51:40 +02:00
Martin Weinelt
12897b37a8
nixos/ollama: harden systemd unit 
Tested with CPU and CUDA acceleration. Researched for ROCm, but I have no
compatible card to test it with.
 2024-07-22 14:51:40 +02:00
Martin Weinelt
be7bce879f
nixos/ollama: remove writablePaths option 
Making the models directory always writable is much simpler, than having
to watch out for an option to facilitate that.
 2024-07-22 14:51:39 +02:00
Martin Weinelt
809ea5c6bd
nixos/ollama: replace flawed sandboxing option 
The ollama module in its default configuration relies on systemd's
`DynamicUser=` feature for user allocation. In #305076 that allocation
was made conditional and tied to the `sandboxing` option, that was
intended to fix access to model directories outside the allocated state
directory.

However, by disabling sandboxing ollama would inadvertently run as root,
given that `User=` and `Group=` are not required to be set.

The correct way to grant access to other paths is to allocate static
user and group, and grant permissions to the destination path to that
allocation.

We therefore replace the sandboxing option user and group options, that
default to `null`, which means they default to `DynamicUser=`, but can
be replaced with a statically allocated user/group, and thereby a stable
uid/gid.

Fixes: 552eb759 ("nixos/ollama: add options to bypass sandboxing")
 2024-07-22 14:51:39 +02:00
Bruno BELANYI
c8f2bb1b65 nixos/tandoor-recipes: revert 'GUNICORN_MEDIA=1' 
Quoting from upstream's documentation [1]:

> Basically everyone recommends not doing this. Please use [a webserver]
> to handle media file serving.

Given that this commit broke the module for unrelated reasons, I've
decided to just revert it and let downstream users make the choice of
easy vs. secure.

[1]: https://docs.tandoor.dev/system/configuration/#gunicorn-media

This reverts commit e8c56de827.
 2024-07-22 09:17:41 +00:00
PopeRigby
a5eaa1df10
nixos/scrutiny: enable collector by default if scrutiny is enabled (#329069) 2024-07-22 07:38:45 +01:00
Aleksana
b841e48094
Merge pull request #329018 from Aleksanaa/nixos/appimage 
nixos/appimage: minor fix eval
 2024-07-22 07:57:16 +08:00
aleksana
71b3f89bee nixos/appimage: minor fix eval 2024-07-22 07:47:00 +08:00
Sohalt
c11439943d
nixos/containers: add wants and after dependency for network interfaces (#153234) 
Co-authored-by: Franz Pletz <fpletz@fnordicwalking.de>
 2024-07-22 01:22:19 +02:00
Nathan Henrie
de322fa088 nixos/espanso: add n8henrie to maintainers 
I help maintain espanso and would like to help maintain both the package
and the module.
 2024-07-21 17:08:24 -06:00
Marcus Ramberg
585a077fd2
Merge pull request #327665 from bolives-hax/add-qemu-s390x-binfmt 
added s390x option type via magic attributes
 2024-07-21 23:12:55 +02:00
Sandro
4b97ce3bc4
Merge pull request #322095 from illustris/hadoop_3_4 
hadoop: init 3.4, drop 3.2
 2024-07-21 21:24:10 +02:00
Sandro
af3e8fe556
Merge pull request #322173 from illustris/hbase 
hbase: version upgrades
 2024-07-21 21:23:28 +02:00
Sandro
49831e2e65
Merge pull request #328604 from illustris/pve-kvm 
nixos/proxmoxImage: fix build
 2024-07-21 21:23:06 +02:00
bl0v3
e83fc89111 nixos/binfmt: added s390x option type via magic attributes 2024-07-21 20:17:16 +02:00
Bobby Rong
d114d56aad
nixos/cinnamon: Do not use "with pkgs.cinnamon" 
Otherwise with allowAliases enabled, the aliases are preferred and used,
spamming deprecation warnings.
 2024-07-22 01:02:17 +08:00
Bobby Rong
508637b0e3
xapp: Move from cinnamon scope to top-level 
* The timeshift changes are used to make by-name check happy.
* More by-name changes in the next commit.
 2024-07-22 01:02:16 +08:00
Atemu
f6d4f4f055
Merge pull request #328662 from Aleksanaa/nixos/appimage 
nixos/appimage: support both type-1 and type-2 appimages in binfmt
 2024-07-21 17:44:39 +02:00
Sandro
4cc8b29327
Merge pull request #299599 from SuperSandro2000/kde-pim 
programs/kde-pim: init
 2024-07-21 16:26:01 +02:00
nikstur
2ca04530c9 nixos/systemd-sysusers: assert against password and hashedPassword 
Regardless of mutable or immutable users, systemd-sysupdate never
updates existing user records and thus will for example never change
passwords for you.

It only support initial passwords and now actively asserts agains other
paswords.
 2024-07-21 16:23:11 +02:00
nikstur
2710a49adb nixos/systemd-sysusers: stop creating users statically 
On Linux we cannot feasbibly generate users statically because we need
to take care to not change or re-use UIDs over the lifetime of a machine
(i.e. over multiple generations). This means we need the context of the
running machine.

Thus, stop creating users statically and instead generate them at
runtime irrespective of mutableUsers.

When /etc is immutable, the password files (e.g. /etc/passwd etc.) are
created in a separate directory (/var/lib/nixos/etc). /etc will be
pre-populated with symlinks to this separate directory.

Immutable users are now implemented by bind-mounting the password files
read-only onto themselves and only briefly re-mounting them writable to
re-execute sysusers. The biggest limitation of this design is that you
now need to manually unmount this bind mount to change passwords because
sysusers cannot change passwords for you. This shouldn't be too much of
an issue because system users should only rarely need to change their
passwords.
 2024-07-21 16:23:11 +02:00
nikstur
d43e323b4a nixos/systemd-sysusers: only create systemusers 
systemd-sysusers cannot create normal users (i.e. with a UID > 1000).
Thus we stop trying an explitily only use systemd-sysusers when there
are no normal users on the system (e.g. appliances).
 2024-07-21 16:22:01 +02:00
Bobby Rong
350a70036a
mint-themes: Move from cinnamon scope to top-level 2024-07-21 21:17:11 +08:00
Bobby Rong
2359076f1f
mint-y-icons: Move from cinnamon scope to top-level 2024-07-21 21:17:10 +08:00
Bobby Rong
c09bdb5d5e
mint-cursor-themes: Move from cinnamon scope to top-level 2024-07-21 21:17:09 +08:00
github-actions[bot]
968bf02dc2
Merge master into staging-next 2024-07-21 12:01:16 +00:00
Will Fancher
6f959a9e96 nixos/make-initrd-ng: dlopen ELF notes 2024-07-21 06:31:42 -04:00
Will Fancher
e6c544270c nixos/make-initrd-ng: Pass contents as JSON 2024-07-21 06:31:42 -04:00
Will Fancher
519680f662 nixos/systemd: Check that systemd-boot is copied to both places. 2024-07-21 06:31:42 -04:00
nikstur
d4a80b6d0c systemd: 255.6 -> 256.2 2024-07-21 06:31:37 -04:00
Franz Pletz
1a3c164570
Merge pull request #328682 from fpletz/nixos/fix-proxmox-lxc 2024-07-21 09:09:40 +02:00
github-actions[bot]
be3262bae8
Merge master into staging-next 2024-07-21 00:02:58 +00:00
Nick Cao
b7080d0dd7
Revert "nixos/keycloak: disable keycloak-metrics-spi in tests" 
This reverts commit 0360d42e20.
 2024-07-20 15:39:58 -04:00
Cottand
6e52b03583 nomad_1_5: deprecate 2024-07-20 20:19:33 +01:00
Adam C. Stephens
65ef67740b
Merge pull request #328665 from adamcstephens/incus/fix-lts-unstable 
incus: fix OVMF path backward compatibility
 2024-07-20 14:09:46 -04:00
github-actions[bot]
e533bfc8da
Merge master into staging-next 2024-07-20 18:01:23 +00:00
lassulus
e209fc2f2f
Merge pull request #241373 from nikstur/qemu-vm-simplify-nix-store-image 
nixos/qemu-vm: simplify building nix store image
 2024-07-20 19:27:40 +02:00
Franz Pletz
ceafec213f
nixos/proxmox-lxc: fix nixos-rebuild 
Same is being done in lxc-container module.
 2024-07-20 16:54:29 +02:00
Franz Pletz
c501d3fa97
nixos/proxmox-lxc: fix getty start 
Otherwise there is no getty on tty1 in Proxmox.
 2024-07-20 16:54:28 +02:00
Franz Pletz
4aa419c046
nixos/proxmox-lxc: reformat 2024-07-20 16:54:28 +02:00
Franz Pletz
7c67f72893
Merge pull request #320075 from illustris/pve-lxc-ping-fix 2024-07-20 16:52:05 +02:00
illustris
aa794162ba
hbase: version upgrades 
- 2.4.17 -> 2.4.18
- 2.5.4 -> 2.5.9
- init 2.6.0
- 3.0.0-alpha-3 -> 3.0.0-beta-1
 2024-07-20 20:21:00 +05:30
Vladimír Čunát
577f40b8a9
Merge branch 'staging' into staging-next 2024-07-20 16:12:24 +02:00
Arian van Putten
8afba669e2 nixos/wrappers: use normal mount for /run/wrappers 
We want to get rid of specialFileSystems / earlyMountScript eventually and
there is no need to run this before systemd anymore now that
the wrappers themselves are set up in a systemd unit since https://github.com/NixOS/nixpkgs/pull/263203

Also this is needed to make soft-reboot work. We want to make sure
that we remount /run/wrappers with the nosuid bit removed on soft-reboot
but because @earlyMountScript@ happens in initrd, this wouldn't happen
 2024-07-20 16:07:43 +02:00
Adam Stephens
28922c4421
incus: fix OVMF path backward compatibility 
incus 6.3.0 changed the OVMF path, but our module needs to support LTS
as well. Also move the newer OCI deps to be conditional on version.
 2024-07-20 09:54:07 -04:00
aleksana
1d1676b2ee nixos/appimage: support both type-1 and type-2 appimages in binfmt 2024-07-20 21:23:59 +08:00
K900
5e13e3e566
Merge pull request #324894 from paveloom/flaresolverr 
flaresolverr: init at 3.3.21 + nixos/flaresolverr: initial commit
 2024-07-20 11:06:18 +03:00
illustris
0dca765a25
nixos/proxmoxImage: fix build 2024-07-20 12:12:16 +05:30
Robert Rose
c58c1e8f55 nixos/k3s: add options for graceful node shutdown and kubelet config 
Allow to set kubelet configuration parameters
via an option. Additionally, expose the
respective options for graceful node
shutdown directly, as it is anticipated to
be used frequently.
 2024-07-19 20:28:00 +02:00
github-actions[bot]
637b531dcf
Merge staging-next into staging 2024-07-19 18:01:40 +00:00
Pavel Sobolev
c9c14f86db
nixos/flaresolverr: initial commit 2024-07-19 20:55:21 +03:00
OPNA2608
029b06454e tests/teleports: ubuntu_font_family -> ubuntu-classic 2024-07-19 19:23:19 +02:00
OPNA2608
2d49594644 tests/lomiri-clock-app: ubuntu_font_family -> ubuntu-classic 2024-07-19 19:23:00 +02:00
OPNA2608
005ef5ab39 tests/lomiri-calculator-app: ubuntu_font_family -> ubuntu-classic 2024-07-19 19:22:45 +02:00
OPNA2608
dc004592e8 tests/lomiri-filemanager-app: ubuntu_font_family -> ubuntu-classic 2024-07-19 19:22:25 +02:00
OPNA2608
47e508ba36 tests/morph-browser: ubuntu_font_family -> ubuntu-classic 2024-07-19 19:21:56 +02:00
OPNA2608
6613de20f2 tests/lomiri-system-settings: ubuntu_font_family -> ubuntu-classic 2024-07-19 19:21:32 +02:00
OPNA2608
c768ee4aa3 nixos/lomiri: ubuntu_font_family -> ubuntu-classic 2024-07-19 19:20:59 +02:00
Peder Bergebakken Sundt
b2a54feb35
Merge pull request #279408 from alyssais/mailman-nginx-timeout 
nixos/mailman: increase nginx proxy timeout
 2024-07-19 17:56:07 +02:00
Aleksana
532db1f9d1
Merge pull request #310621 from Istvan91/dont_write_defaults_in_ssh_config 
nixos/ssh: don't write addressfamily with default value in config
 2024-07-19 21:23:08 +08:00
github-actions[bot]
a6c20a7387
Merge staging-next into staging 2024-07-19 12:01:49 +00:00
Sandro
89d95fb2bc
Merge pull request #327939 from Guanran928/libreddit 2024-07-19 13:47:14 +02:00
Sarah Brofeldt
54fbcf1be8
Merge pull request #321632 from PedroRegisPOAR/kubernetes-mkCert-drops-nogroup-as-default 
nixos/kubernetes: adds argument to mkCert defaulting to kubernetes group
 2024-07-19 12:49:49 +02:00
Jonas Chevalier
676e42a45e
Merge pull request #327729 from zimbatm/odoo-fixes 
odoo fixes
 2024-07-19 12:35:03 +02:00
Sirio Balmelli
c2b4c0e51d tests/odoo: replace db init workaround with services.odoo.autoInit 
Signed-off-by: Sirio Balmelli <sirio@b-ad.ch>
 2024-07-19 11:52:01 +02:00
Sirio Balmelli
85761ade56 modules/odoo: add autoInitExtraFlags 
Allow module user to specify additional flags to be passed on autoInit

Signed-off-by: Sirio Balmelli <sirio@b-ad.ch>
 2024-07-19 11:51:57 +02:00
Sirio Balmelli
67bcb287ec modules/odoo: execute autoInit only once 
Signed-off-by: Sirio Balmelli <sirio@b-ad.ch>
 2024-07-19 11:51:52 +02:00
Philip Taron
c67ed48869
nixos/ldap: avoid top-level with expression (#327992) 2024-07-19 11:19:51 +02:00
Philip Taron
f56ba38335
make-disk-image.nix: avoid top-level with statement (#327020) 2024-07-19 11:19:19 +02:00
Ivan Trubach
7919709a23 nixos/modules: use mapAttrsToList instead of mapAttrsFlatten 2024-07-19 11:39:39 +03:00
Frédéric Christ
0539bbe086 nixos/tests: Fix tests failing with new default IPv6 configuration 2024-07-19 09:58:25 +02:00
github-actions[bot]
f6ed4c2f35
Merge staging-next into staging 2024-07-19 06:01:45 +00:00
Matthew Croughan
be9599e3d4
nixos/scion: introduce package option (#327765) 2024-07-19 02:30:10 +02:00
github-actions[bot]
f316203fda
Merge staging-next into staging 2024-07-19 00:03:05 +00:00
lassulus
3575fad9da
Merge pull request #323466 from andersk/grep-stray 
nixos/udev: Fix `grep: warning: stray \ before /`
 2024-07-18 23:02:07 +02:00
Jörg Thalheim
054c2d71f7
Merge pull request #328221 from nikstur/fix-overlay-etc 
nixos/etc: handle mountpoints on top of /etc when switching
 2024-07-18 21:59:30 +02:00
nikstur
6abbe725ca nixos/etc: handle mountpoints on top of /etc when switching 
The activation script that remounts the /etc overlay now handles other
mount points on top of /etc by bind mounting them to the new temporary
/etc overlay and then atomically revealing it.
 2024-07-18 21:28:53 +02:00
nikstur
289dd22132 nixos/qemu-vm: simplify building nix store image 
Summary of this change:

- Simplify code.
- Stop a disk image from being cached in the binary cache.
- Make erofs Nix Store image build in an acceptable time outside of
  testing environments (like `darwin.builder`).
- Do not regress on performance for tests that use many store paths in
  their Nix store image.
- Slightly longer startup time for tests where not many store paths are
  included in the image (these probably shouldn't use `useNixStoreImage`
  anyways).
- Slightly longer startup time when inputs of VM do not change because
  the Nix store image is not cached anymore.

Remove the `storeImage` built with make-disk-image.nix. This produced a
separate derivation which is then cached in the binary cache. These
types of images should be avoided because they gunk up the cache as they
change frequently. Now all Nix store images, whether read-only or
writable are based on the erofs image previously only used for read-only
images.

Additionally, simplify the way the erofs image is built by copying the
paths to include to a separate directory and build the erofs image from
there.

Before this change, the list of Nix store paths to include in the Nix
store image was converted to a complex regex that *excludes* all other
paths from a potentially large Nix store.

This previous approach suffers from two issues:

1. The regex is complex and, as admitted in the source code of the
   includes-to-excludes.py script, most likely contains at least one
   error. This means that it's unlikely that anyone will touch this
   piece of software again.

2. When the Nix store image is built from a large Nix store (like when
   you build the VM script to run outside of any testing context) this
   regex becomes painfully slow. There is at least one prominent
   use-case where this matters: `darwin.builder`.

Benchmarking impressions:

- Building Nix store via make-disk-image.nix takes ~25s
- Building Nix store as an erofs image takes ~4s
- Running nixosTests.qemu-vm-writable-store-image takes ~10s when
  building the erofs image with the regex vs ~14s when building by
  copying to a temporary directory.
- nixosTests.gitlab which had the biggest gains from the initial erofs
  change takes the same time as before.
- On a host with ~140k paths in /nix/store, building the erofs image
  with the regex takes 410s as opposed to 6s when copying to a temporary
  directory.
 2024-07-18 20:24:58 +02:00
github-actions[bot]
401d4660b3
Merge staging-next into staging 2024-07-18 18:01:57 +00:00
lassulus
a62c421981
Merge pull request #290730 from nikstur/qemu-vm-refactoring 
qemu-vm.nix refactoring
 2024-07-18 19:34:51 +02:00
nikstur
b6e354f052 nixos/qemu-vm: remove creation of /etc/nixos 
/etc/nixos is already created by stage-2-init.sh
 2024-07-18 19:11:28 +02:00
nikstur
cb5a876e82 nixos/qemu-vm: consistently use efiSysMountPoint 
Remove the explicit creation of efiSysMountPoint. This is not needed in
the scripted or the systemd initrd.
 2024-07-18 19:11:27 +02:00
nikstur
b7b90d0455 nixos/qemu-vm: fsck ESP 
The ESP is a writable vfat filesystem that can be fscked like any other
fs thus we should stick to the default.
 2024-07-18 19:11:27 +02:00
nikstur
0e5f929851 nixos/tests/qemu-vm-store: init 2024-07-18 19:11:27 +02:00
nikstur
ded6d983d6 nixos/qemu-vm: use new overlayfs API 2024-07-18 19:11:24 +02:00
nikstur
54674e9063 nixos/qemu-vm: remove duplication between scripted and systemd initrd 2024-07-18 19:09:28 +02:00
Michael Hoang
ab65220a1a regreet: add options for controlling theming 2024-07-19 01:28:45 +10:00
Krzysztof Nazarewski
676a51c41f nixos/hardware.display: init 2024-07-18 16:57:40 +03:00
github-actions[bot]
844ec2d5a1
Merge staging-next into staging 2024-07-18 12:01:55 +00:00
Martin Weinelt
983077457f
Merge remote-tracking branch 'origin/staging-next' into staging 
Conflicts:
-	pkgs/development/python-modules/uvcclient/default.nix
-	pkgs/development/tools/rust/rust-analyzer/default.nix
 2024-07-18 12:35:33 +02:00
Jacek Galowicz
dfc9d68303
Merge pull request #319308 from frederictobiasc/nixosTest-ipv6 
nixosTest: Introduce IPv6
 2024-07-18 11:52:10 +02:00
Sandro
fa5abfe559
Merge pull request #317623 from jmbaur/stc-ng-followup 2024-07-18 11:33:59 +02:00
Frédéric Christ
c6f6c28218 nixos/testing: Add ipv6 configuration 
This contribution enables a working IPv6 setup by default. This works
analog to the current automatic IPv4 setup.
 2024-07-18 10:22:32 +02:00
Aaron Andersen
2e930eafb9
Merge pull request #318285 from gador/nixos-zabbixWeb-nginx 
nixos/zabbixWeb: Add nginx as webserver, add zabbix 6.4
 2024-07-17 21:22:13 -04:00
Martin Weinelt
bf8439efae
Merge pull request #311927 from mweinelt/music-assistant 
music-assistant: init at 2.0.7
 2024-07-18 02:31:18 +02:00
Darragh Elliott
61820de2d4 ddns-updater: Add module, test, update script 2024-07-17 21:56:05 +00:00
Sandro
669a3a6fe0
Merge pull request #327748 from lluchs/fix-tsm-client-lists 
nixos/tsm-client: Fix multi-value dsm.sys options
 2024-07-17 23:05:09 +02:00
Florian Brandes
7d3b77d66f
nixos/zabbixWeb: format 
Signed-off-by: Florian Brandes <florian.brandes@posteo.de>
 2024-07-17 22:33:47 +02:00
Florian Brandes
9ca5b84e27
nixos/zabbixWeb: add nginx config 
Co-authored-by: Aaron Andersen <aaron@fosslib.net>
Signed-off-by: Florian Brandes <florian.brandes@posteo.de>
 2024-07-17 22:31:50 +02:00
Martin Weinelt
974165d1cc
nixos/doc/rl-2411: add music-assistant 2024-07-17 22:29:39 +02:00
Martin Weinelt
0abdf47358
nixos/tests/music-assistant: init 2024-07-17 22:29:38 +02:00
Martin Weinelt
76442766ea
nixos/music-assistant: init 2024-07-17 22:29:38 +02:00
Johannes Jöns
3f7fcbb2f9
Merge pull request #290014 from jopejoe1/ubuntu-font 
ubuntu-sans{,-mono}: rename from ubuntu_font_family, 0.83 -> 1.004
 2024-07-17 18:46:36 +00:00
Kira Bruneau
b37088de74
Merge pull request #326894 from kira-bruneau/replay-sorcery 
replay-sorcery: remove as it is unmaintained upstream
 2024-07-17 14:37:51 -04:00
Artturin
20cf80e167 Merge branch 'staging-next' into staging 2024-07-17 21:29:37 +03:00
Philip Taron
33a4732e46
nixos/swap: avoid top-level with expressions (#327991) 2024-07-17 20:23:14 +02:00
Pol Dellaiera
74d05311fd
Merge pull request #327886 from drupol/nixos-tika-module-add-options 
nixos/tika: add `enableOcr` option
 2024-07-17 20:10:06 +02:00
Philip Taron
1438803fb5
nixos/users-groups: avoid top level with lib; use lib before builtins (#327757) 2024-07-17 20:00:54 +02:00
Cassandra McCarthy
c6ba378b7b
airsonic: update context-path directive 
This line has been broken since the service file was created. According
to the [spring docs] that Airsonic uses, server.context-path is what
should be here. I've tested this by manually setting it as an extra JVM
option on my machine, and it works.

[spring docs]: https://docs.spring.io/spring-boot/docs/1.4.5.RELEASE/reference/htmlsingle/#common-application-properties
 2024-07-17 13:23:19 -04:00
Sandro
1607a42b49
Merge pull request #290452 from flandweber/borgmatic-exporter 
borgmatic-exporter: init at 0.2.5
 2024-07-17 19:08:28 +02:00
Nicolas Mémeint
1ceb55d4b9 nixos/authelia: Remove options incompatible with new settings 
- Remove settings.server.{host,port} options
  - Replaced by settings.server.address
  - If any of settings.server.{host,port,path} are specified in the
    configuration, a warning is displayed and these values will be used
    instead of settings.server.address

- Change what secrets.oidcIssuerPrivateKeyFile maps to
  - Previously: AUTHELIA_IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY_FILE
  - Now: identity_providers.oidc.jwks[0].key
    - Not done directly in the NixOS settings config but as a separate
      YAML config file
    - Done that way because Go templates are not correctly handled by
      the YAML generator (#319716)

- Change secrets.jwtSecretFile env variable mapping
  - Previously: AUTHELIA_JWT_SECRET_FILE
  - Now: AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET_FILE
 2024-07-17 17:26:46 +02:00
Nicolas Mémeint
12f1589056 authelia: 4.37.5 -> 4.38.9 2024-07-17 17:26:46 +02:00
Guanran Wang
f7a0c71b61
libreddit: remove as unmaintained upstream 2024-07-17 23:03:14 +08:00
Aleksana
a9a4e171c7
Merge pull request #327032 from danc86/push-krkxkxtnruqp 
nixos/sssd: fix KCM to use new krb5 settings
 2024-07-17 22:29:09 +08:00
Pol Dellaiera
6b3c00c65a
nixos/tika: add enableOcr option 2024-07-17 13:14:35 +02:00
Weijia Wang
078fdedf26 Merge branch 'staging-next' into staging 2024-07-17 13:10:23 +02:00
Sandro
51fcc2c92e
Merge pull request #314440 from ju1m/radicle 2024-07-17 13:04:06 +02:00
Kartik Gokte
dbba11e241 nixos/prometheus-pve-exporter: added new options introduced in v3.4.3 2024-07-17 16:09:11 +05:30
zimbatm
d11a54cb2f nixos/odoo: set data_dir explicitly 
Don't hide the data is a private sub-folder.

Before:
* /var/lib/private/odoo/.local/share/Odoo/
After:
* /var/lib/private/odoo/data
 2024-07-17 10:59:01 +02:00
Pyrox
a24fa6098d
nixos/gotenberg: init 2024-07-17 10:37:35 +02:00
OTABI Tomoya
43d306e7db
Merge pull request #326398 from phaer/etebase-python 
etebase-server: use buildPythonApplication, default to withLdap = false
 2024-07-17 10:00:42 +09:00
github-actions[bot]
4c086d8ee0
Merge staging-next into staging 2024-07-17 00:03:16 +00:00
Lukas Werling
f52ee2af39 nixos/tsm-client: Fix multi-value dsm.sys options 
A configuration such as:

    programs.tsmClient.servers.backup.domain = [ "/dir1" "dir2" ];

...would previously result in an error ("cannot coerce a list to a
string"), since `makeDsmSysLines` would return a nested list.
 2024-07-16 23:38:14 +02:00
Robert Hensing
2d9a686483 nixos/nix-channel.nix: shellcheck and fix the activation check 2024-07-16 22:09:33 +02:00
zimbatm
c570314635 nixos/odoo: add autoInit option 
When enabled, Odoo will automatically initialize the database on
startup.
 2024-07-16 21:55:13 +02:00
zimbatm
750f1478fc nixos/odoo: use env vars to configure Odoo 
This allows running multiple commands with the same settings.
 2024-07-16 21:55:13 +02:00
Robert Hensing
3f76dcea93 nixosTests.installer.switchToFlake: It is probably really stupid 
We may want to clear NIX_PATH when channels are disabled, or maybe
it has to be a separate option.
This is just very frustrating to me.
 2024-07-16 21:45:00 +02:00
Julien Malka
af6c7624fa
Merge pull request #327708 from SuperSandro2000/systemdBootBuilder 2024-07-16 21:38:10 +02:00
Robert Hensing
46df92b270 nixosTests.installer.switchToFlake: Adjust for workaround in #323613 2024-07-16 21:34:40 +02:00
Robert Hensing
34fee8c804 nixos/nix-channel: Highlight and tidy the warnings 2024-07-16 21:34:40 +02:00
Pol Dellaiera
dfef8af6e9
Merge pull request #326939 from abysssol/ollama-split-test 
nixos/ollama: split cuda and rocm from service test
 2024-07-16 21:02:07 +02:00
Robert Hensing
1022da85ab nixos/activation-script: Add lib.sh with warn() 2024-07-16 20:42:06 +02:00
phaer
c437fb23e1 etebase-server: use buildPythonApplication... 
...not pythonPackage. This is an app, living in pkgs/servers, so
we just use callPackage in all-packages and drop the python module.

python3.pkgs.toPythonModule could be used if a python module was needed.
Before that change legacyPackages.x86_64-linux.python311.pkgs.etebase-server.python
would give a python 3.12 release, and was therefore broken.

etebase-server = toPythonModule (pkgs.etebase-server.override {
  python3 = python;
});

would now be correct
 2024-07-16 20:20:29 +02:00
github-actions[bot]
df8055b727
Merge staging-next into staging 2024-07-16 18:01:37 +00:00
Sandro Jäckel
0e5342f48a
nixos/systemd-boot: give systemdBootBuilder a better name 
Before it had twice a store hash which made nix store diff-closures
kinda ugly.
 2024-07-16 19:53:57 +02:00
Artturin
a516ea8c99 Merge branch 'staging-next' into staging 2024-07-16 19:07:48 +03:00
Sandro
c0e4367e8f
Merge pull request #267764 from Silver-Golden/nixos/proxmox-lxc-import-not-activate 2024-07-16 17:02:47 +02:00
❄️
930b0dca59
Merge pull request #327476 from rorosen/k3s-extra-flags-list 
nixos/k3s: accept a list of extraFlags
 2024-07-16 09:27:19 -03:00
Sandro
0397741f8a
Merge pull request #324698 from bbenno/graylog-6_0 2024-07-16 14:24:21 +02:00
Sandro
11964fa63e
Merge pull request #327361 from arthsmn/flatpak-builder-update 2024-07-16 13:55:12 +02:00
Kira Bruneau
c0c8a36716 replay-sorcery: remove as it is unmaintained upstream 2024-07-16 07:29:07 -04:00
lassulus
40e2c89c57
Merge pull request #327324 from quantenzitrone/ydotool 
programs.ydotool: remove invalid systemd directive
 2024-07-16 13:24:36 +02:00
Atemu
aba669227b
Merge pull request #326618 from emilazy/drop-ffmpeg-5 
ffmpeg_5: drop
 2024-07-16 13:06:36 +02:00
Finn Landweber
0d58b75cba
added prometheus-borgmatic-exporter module 2024-07-16 12:17:49 +02:00
Sandro
10635f7d2a
Merge pull request #202068 from justinas/nginxlog-exporter-typed-options 2024-07-16 11:07:18 +02:00
Aleksana
ae5d2af73e
Merge pull request #327288 from Mic92/xmr-stak 
xmr-stak: remove
 2024-07-16 16:37:20 +08:00
Robert Rose
cc2790ff1e nixos/k3s: accept a list of extraFlags 
Accept a list of strings for the extraFlags
option in addition to the previous single
string.
 2024-07-16 08:20:32 +02:00
Philip Taron
2e17c4a4da
nixos/amazon-image: avoid top-level with statements 2024-07-15 22:02:39 -07:00
Philip Taron
3ba72e2834
nixos/amazon-image: avoid top-level with statements in maintainers script 2024-07-15 22:02:39 -07:00
Max
1dd44eaf67 nixos/pam: use Kanidm's package option 2024-07-16 00:39:03 +02:00
Adam C. Stephens
a167a16697
Merge pull request #326620 from bbigras/incus 
incus: 6.2.0 -> 6.3.0
 2024-07-15 14:47:18 -04:00
Masum Reza
c796e4e5ac
Merge pull request #323877 from Luflosi/update/darling-dmg 
darling-dmg: 1.0.4+git20200427 -> 1.0.4-unstable-2023-07-26
 2024-07-15 22:40:06 +05:30