Commit Graph

34605 Commits

Author SHA1 Message Date
Sandro
4c79ccf34d
nixos/luksroot: make it harder to accidentially break cryptsetup (#355464) 2024-11-21 18:38:55 +01:00
Sandro
b3ac2f4ead
nixos/meilisearch: fix disabling analytics (#356614) 2024-11-21 17:15:13 +01:00
Kerstin Humm
897954b8ae nixos/open-web-calendar: init module 2024-11-21 16:34:39 +01:00
Adam C. Stephens
63de272302
nixos/kanidm: add provisioning secret directories to BindReadOnlyPaths (#357440) 2024-11-21 09:46:02 -05:00
Aleksana
c1b9d0ce79
nixos/alertmanager: add additional docs about envsubst (#302536) 2024-11-21 21:20:44 +08:00
Aleksana
9612e216ce
nixos/tabby: fix typo (#355223) 2024-11-21 21:01:54 +08:00
Weijia Wang
02287a8c02
kubo-migrator: add migration from 15 to 16 (#344265) 2024-11-21 12:22:45 +01:00
Naïm Camille Favier
6735eef1b1
nixos/libreswan: use environment.etc."ipsec.secrets".text (#357626) 2024-11-21 08:18:24 +01:00
kirillrdy
c8021779cd
amazon-cloudwatch-agent: init at 1.300049.1 (#337212) 2024-11-21 17:18:47 +11:00
Thiago Kenji Okada
778f30c08c
porn-vault: init at 0.30.0-rc.11 (#355785) 2024-11-20 21:52:34 +00:00
Naïm Favier
b294762bb9
nixos/libreswan: use environment.etc."ipsec.secrets".text
This is to ensure compatibility with the networkmanager module, which
uses the `text` option.
2024-11-20 19:59:02 +01:00
Masum Reza
d834b054f4
nixos/scx: init module (#352300) 2024-11-21 00:10:45 +05:30
Luflosi
9e2866d215
kubo-migrator: rewrite
- Migrate to pkgs/by-name
- Format with nixfmt-rfc-style
- Make it possible to remove support for very old migrations in the future by increasing the `minRepoVersion` parameter
- Rename kubo-migrator-all-fs-repo-migrations to kubo-fs-repo-migrations since it may no longer include all migrations
- Add an alias for kubo-migrator-all-fs-repo-migrations to keep backwards compatibility
- Update descriptions to differentiate between kubo-migrator and kubo-migrator-unwrapped and better describe the purpose of the migrator
- Add a description to every individual migration
- Add a description to kubo-fs-repo-migrations
- Fetch the source code of the individual migrations from their specific Git tags, like upstream intends
- Enable tests for some migrations
- Check that the migrations don't crash on startup
- Mark two broken migrations as broken. They are not compatible with the latest Go versions and upstream is not interested in fixing this
- Change code to allow most updates to be done by only changing three lines (add new version and change git tag and hash)
- Add a stub for any disabled or broken migration to prevent downloading unsigned binaries from the internet, see https://github.com/ipfs/fs-repo-migrations/issues/148#issuecomment-2351355627 and https://github.com/ipfs/fs-repo-migrations/issues/188
- Use `lib.getExe` instead of hardcoding the binary name in the kubo NixOS module
- Use `substituteInPlace` with `--replace-fail` instead of `--replace`
2024-11-20 16:17:14 +01:00
Masum Reza
e1cedaabe5
nixos/obs-studio: nullable package (#356845) 2024-11-20 18:47:47 +05:30
TobTobXX
26fbd1adbe
nixos/bind: Fix cacheNetworks option
services.bind.cacheNetworks should only apply to recursive queryies, as
per the option documentation:
> Note that this is for recursive queries – all networks are allowed to
> query zones configured with the zones option by default [...].

This would correspond to the `allow-query-cache` option in named.conf,
as per the BIND docs[1]:
> Specifies which hosts (an IP address list) can access this server’s
> cache and thus effectively controls recursion.

And not `allow-query`, which restricts all requests (including requests
where the server has authority) [2]:
> Specifies which hosts (an IP address list) are allowed to send queries
> to this resolver.
> [...]
> Note:
> `allow-query-cache` is used to specify access to the cache.

[1]: https://bind9.readthedocs.io/en/v9.20.0/reference.html#namedconf-statement-allow-query-cache
[2]: https://bind9.readthedocs.io/en/v9.20.0/reference.html#namedconf-statement-allow-query
2024-11-20 10:47:06 +01:00
oddlama
3e29e0560d
nixos/kanidm: add provisioning secret directories to BindReadOnlyPaths 2024-11-20 01:41:31 +01:00
Luana
cc671e2b6b nixos/porn-vault: init module 2024-11-19 21:11:40 -03:00
Weijia Wang
5bdc0862bf
wordpress: 6.6.2 -> 6.7 (#356449) 2024-11-19 22:44:51 +01:00
Sandro
8bc2cc19bb
nixos/opendkim: modernize, add expandable settings option, put config file under standard location (#333758) 2024-11-19 22:29:49 +01:00
Marcus Ramberg
258174aead
nixos/pay-respects: actually import the module (#356231) 2024-11-19 20:56:02 +01:00
John Titor
3e710e6d15
nixos/scx: init
This adds a `services.scx.enable` option to enable sched-ext schedulers.

Requires a kernel with sched-ext enabled (6.12+) or a kernel with the patchset.

requiredKernelConfigs are taken from https://cateee.net/lkddb/web-lkddb/SCHED_CLASS_EXT.html
2024-11-19 23:09:53 +05:30
Martin Weinelt
fe8fdf8ff2
nixos/snapserver: restart systemd service on failure (#356584) 2024-11-19 15:08:13 +01:00
Jordan Williams
7031d0fdd0
nixos/snapserver: restart the systemd service on failure 2024-11-19 06:52:11 -06:00
Emily
60b321b6a3
nixos/acme: make address families in systemd service less restrictive (#357124) 2024-11-19 10:36:41 +00:00
Toast
d5808aee19
handheld-daemon-ui: init at 3.2.3 (#305027)
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
Co-authored-by: Arne Keller <2012gdwu+github@posteo.de>
2024-11-19 11:17:59 +01:00
Sandro
eaeca4c794
nixos/arp-scan: init, nixos/tcpdump: init (#356994) 2024-11-19 11:03:46 +01:00
Sandro
8b230d41d2
python312Packages.magic-wormhole-mailbox-server: 0.4.1 -> 0.5.1 (#354724) 2024-11-19 10:46:25 +01:00
Leona Maroni
3239d863ac
Merge: docs: remove old NixOS version references (#356684) 2024-11-19 09:10:51 +01:00
Will Fancher
9100366975
nixos/network-interfaces-systemd: improve default ethernet network matching (#347283) 2024-11-18 21:18:19 -08:00
Will Fancher
a599ce82dd
nixos/networkd: warn about naively replacing IPForward (#356955) 2024-11-18 20:10:52 -08:00
Will Fancher
768f628de7
nixos/systemd-stage-1: nixos-find-nixos-closure before initrd.target (#357135) 2024-11-18 19:33:21 -08:00
Will Fancher
af8279fe38 nixos/systemd-stage-1: nixos-find-nixos-closure before initrd.target
Without this, boot could proceed to the initrd cleanup step before the
closure was found, killing the service and breaking boot.
2024-11-18 21:14:51 -05:00
Malte Voos
d9bf91700e nixos/acme: make address families in systemd service less restrictive
This change is to support LEGO's capability to spawn an external process that
solves the DNS-01 challenge. In particular, this enables a setup where LEGO
runs a shell script that uses nsd-control to add an appropriate zone to a
local NSD instance.
2024-11-19 01:40:59 +01:00
commiterate
3d0e3156ea amazon-cloudwatch-agent: init at 1.300049.1 2024-11-18 19:19:35 -05:00
Cosima Neidahl
e6b5e795bf
kimai, nixos/kimai: init at 2.24.0 (#353187) 2024-11-19 01:05:53 +01:00
Colin
67fe3c2326
nixos/geoclue2: add package option (#326882) 2024-11-18 22:40:37 +00:00
kirillrdy
16952bdb0c
flarum: fix 'mysql' has been renamed to/replaced by 'mariadb' (#356868) 2024-11-19 08:54:08 +11:00
Cosima Neidahl
1d87ec425f
lomiri.*: OTA-6 (#355289) 2024-11-18 22:40:08 +01:00
MithicSpirit
d14392eaf6
nixos/obs-studio: nullable package
Allows setting `programs.obs-studio.package = null`, which is useful in
case the user wants the appropriate kernel modules from
`programs.obs-studio.enableVirtualCamera`, but does not wish to install
obs system-wide with nixos (e.g., because they want to install it just
for their user with home-manager or maybe via flatpak).
2024-11-18 11:33:43 -05:00
K900
45533e4b16
nixos/tools: add enable options to manual (#356992) 2024-11-18 19:03:51 +03:00
Sandro Jäckel
b4d622fd7a
nixos/{arp-scan,iftop,tcpdump,traceroute}: format 2024-11-18 16:47:56 +01:00
Sandro Jäckel
a6ee554a67
nixos/traceroute: use lib.getExe 2024-11-18 16:47:56 +01:00
Sandro Jäckel
4fae28967b
nixos/iftop: improve description, use lib.getExe 2024-11-18 16:47:55 +01:00
Sandro Jäckel
eb42ef0c24
nixos/tcpdump: init 2024-11-18 16:47:55 +01:00
Sandro Jäckel
2829181316
nixos/arp-scan: init 2024-11-18 16:40:20 +01:00
Maximilian Bosch
859c76c505
nixos/tools: add enable options to manual
E.g. when overriding `nix` with `pkgs.lix`, `nixos-option` will fail.
Given that I haven't used it in a very long time, I wanted to disable
it, but finding an option to turn off `nixos-option` is kinda hard given
that the options are generated here using `mkToolModule`.

I assumed that this isn't possible until I learned that
`system.tools.X.enable` exists. To me, this is a clear sign that these
shouldn't be internal.
2024-11-18 16:22:41 +01:00
Silvan Mosberger
555f0e9f1e
formats.ini: expose INI atom from all ini formats (#354800) 2024-11-18 16:11:51 +01:00
Johannes Kirschbauer
6b53949b0c
formats.ini: expose INI atom from all ini formats 2024-11-18 16:07:22 +01:00
Maximilian Bosch
06f50f4adf
nixos/networkd: warn about naively replacing IPForward
See https://github.com/systemd/systemd/issues/33414.

The way this was phrased sounded like a dumb search/replace operation to
me. This resulted in random parts of my routing being broken (forward
from if X -> Y being fine, but the opposite direction being broken).

This change makes it explicit that it's a little more complicated and
you should really consult the docs before making that change.
2024-11-18 14:16:38 +01:00
Martin Joerg
0afba0d517 python312Packages.magic-wormhole-mailbox-server: 0.4.1 -> 0.5.1
https://github.com/magic-wormhole/magic-wormhole-mailbox-server/compare/refs/tags/0.4.1...refs/tags/0.5.1
https://github.com/magic-wormhole/magic-wormhole-mailbox-server/blob/0.5.1/NEWS.md

Python 3.12 is now supported
2024-11-18 07:37:49 +00:00