Elis Hirwing
699ea65439
Merge pull request #131118 from etu/sanoid-syncoid-improvements
...
nixos/{syncoid,sanoid}: Improve ZFS permission delegation
2021-07-26 11:40:51 +02:00
Elis Hirwing
764e4acee1
nixos/tests/sanoid: Improve tests by checking that no permissions are left behind
2021-07-26 11:05:52 +02:00
Elis Hirwing
bd263441e2
nixos/rl-notes/21.11: Add note about remaining syncoid permissions
2021-07-26 11:05:48 +02:00
Elis Hirwing
a9d29a1d0d
nixos/syncoid: Drop ~[at]sync from the systemcallfilter to avoid coredumps
2021-07-26 11:05:45 +02:00
Elis Hirwing
ea9d5876a0
nixos/sanoid: Reformat file with nixpkgs-fmt
2021-07-26 11:05:37 +02:00
Elis Hirwing
fa58d89b24
nixos/syncoid: Reformat file with nixpkgs-fmt
2021-07-26 11:04:28 +02:00
Elis Hirwing
b9f98165ab
nixos/sanoid: Use a function to build allow/unallow commands
2021-07-26 11:03:35 +02:00
Elis Hirwing
ecd32b8104
nixos/syncoid: Build unallow commands as a post job to drop permissions
2021-07-26 11:02:13 +02:00
Michael Weiss
4ec2b24603
nixos/tests/chromium: Drop the workaround for Chrome GPU crashes
...
This regression was fixed by 51d83077ff
.
2021-07-25 12:39:45 +02:00
Michael Weiss
7b3c054514
nixos/tests/chromium: Check the version and that it's an official build
...
This also prints and screenshots the output of chrome://version which
contains useful information.
Outputs (stable, beta, ungoogled, chrome-stable, chrome-beta, chrome-dev):
Chromium 92.0.4515.107 (Official Build) (64-bit)
Chromium 92.0.4515.107 (Official Build) (64-bit)
Chromium 91.0.4472.164 (Official Build, ungoogled-chromium) (64-bit)
Google Chrome 92.0.4515.107 (Official Build) (64-bit)
Google Chrome 92.0.4515.107 (Official Build) beta (64-bit)
Google Chrome 93.0.4577.8 (Official Build) dev (64-bit)
2021-07-25 12:35:21 +02:00
Luke Granger-Brown
a0b7bd69ac
Merge pull request #124431 from hyperfekt/systemd-pstore
...
nixos/filesystems: mount-pstore.service improvements
2021-07-25 10:33:39 +01:00
Elis Hirwing
bb35e7c404
nixos/sanoid: Extract datasets rather than pools
...
When making new snapshots we only need to delegate permissions to the
specific dataset rather than the entire pool.
2021-07-25 10:13:17 +02:00
Elis Hirwing
70862830f0
nixos/syncoid: Extract datasets rather than pools
...
When sending or receiving datasets with the old implementation it
wouldn't matter which dataset we were sending or receiving, we would
always delegate permissions to the entire pool.
2021-07-25 10:12:32 +02:00
Aaron Andersen
8813af6821
Merge pull request #128724 from fortuneteller2k/nixos/iwd
...
nixos/iwd: add settings option
2021-07-24 23:06:42 -04:00
Elis Hirwing
6984e68c51
Merge pull request #98455 from ju1m/syncoid-split
...
nixos/syncoid: split in multiple systemd services and harden them
2021-07-24 22:08:42 +02:00
Yuka
7d24d06c71
nixos/postgresql: use postgres 13 for 21.11 ( #131018 )
...
Co-authored-by: Kim Lindberger <kim.lindberger@gmail.com>
2021-07-24 19:12:08 +02:00
Julien Moutinho
d05a1ab1e4
nixos/syncoid: split in multiple systemd services
2021-07-24 11:26:28 +02:00
Bernardo Meurer
f7e77f65ee
Merge pull request #131173 from zhaofengli/klipper-cfg-list
...
nixos/klipper: Allow lists as values for gcode_macro
2021-07-23 08:57:12 -07:00
Sandro
42c7bd28e3
Merge pull request #131215 from Ma27/bump-grocy
...
grocy: 3.0.1 -> 3.1.0
2021-07-23 17:53:35 +02:00
fortuneteller2k
6ea6734f71
nixos/iwd: add settings option
2021-07-23 23:06:15 +08:00
Benjamin Asbach
9fd41a9a5b
tuxguitar: 125945 ( #131028 )
...
* tuxguitar: Ensure that tuxguitar is launched with java 8 comtabilbe jre and libraries as greate java version is not supported
* tuxguitar: Added test to verify application starts without problems
* tuxguitar: 1.5.2 -> 1.5.4
2021-07-23 10:02:20 -04:00
Maximilian Bosch
ccd348f846
Merge pull request #129732 from nivadis/patch-2
...
nextcloud: remove expires header
2021-07-23 12:29:52 +02:00
Jörg Thalheim
e2561ba61f
Merge pull request #129408 from kurnevsky/swap-luks-discards
...
nixos/swap: allow luks discards if swap discards are enabled
2021-07-23 11:11:04 +01:00
Maximilian Bosch
07b51f58df
grocy: 3.0.1 -> 3.1.0
...
ChangeLog: https://github.com/grocy/grocy/releases/tag/v3.1.0
2021-07-23 11:45:31 +02:00
Michael Weiss
70d1af74df
Merge pull request #131190 from primeos/nixos-tests-chromium
...
chromium: Check the text rendering
2021-07-23 10:59:28 +02:00
Robert Hensing
98352288bd
Merge pull request #128032 from Artturin/add-swap-options
...
nixos/swap: add options option
2021-07-23 10:45:53 +02:00
Michael Weiss
11400dcd65
chromium: Check the text rendering
...
This should catch regressions like #131074 in the future. In that case a
glibc update caused a regression that caused most of the text to become
invisible (just not the "Web Store" we've already been checking for).
2021-07-23 10:15:25 +02:00
Zhaofeng Li
34d2b83291
nixos/klipper: Allow lists as values for gcode_macro
2021-07-22 22:01:44 -07:00
Samuel Dionne-Riel
3af210329f
Merge pull request #131151 from tomfitzhenry/patch-1
...
nixos/iio: mention iio-sensor-proxy in option description
2021-07-23 00:27:37 -04:00
Tom
5409235160
nixos/iio: mention iio-sensor-proxy in option description
...
In https://github.com/NixOS/nixpkgs/pull/131094 I mistakenly created a new NixOS module for iio-sensor-proxy because I did not know about `hardware.sensor.iio`.
To help people find `hardware.sensor.iio`, include the string "iio-sensor-proxy" in the description.
To search for an iio-sensor-proxy module, I tried in vain:
* `find -iname '*iio-sensor-proxy*'`
* https://search.nixos.org/options?channel=unstable&from=0&size=50&sort=relevance&query=iio-sensor-proxy
* This PR will ensure this search query finds `hardware.sensor.iio`
2021-07-23 11:10:30 +10:00
Florian Klink
013e089000
Merge pull request #130503 from flokli/nss-fix-ordering
...
nixos/systemd: fix NSS database ordering
2021-07-23 02:28:32 +02:00
Martin Weinelt
b09661d41f
Merge pull request #129644 from NixOS/home-assistant
2021-07-23 01:16:55 +02:00
Martin Weinelt
a284c01d2a
nixos/home-assistant: allow serial access for the zwave component
2021-07-23 00:27:16 +02:00
Martin Weinelt
70774da509
Merge pull request #130853 from mweinelt/pppd
2021-07-22 20:00:00 +02:00
Sandro
ead8cf4fc9
Merge pull request #128841 from Artturin/udevil
2021-07-22 15:55:21 +02:00
Maximilian Bosch
15dab3835f
Merge pull request #128649 from nrdxp/fix-unstable-nix-zsh-completions
...
zsh: fix nixUnstable completions
2021-07-22 14:58:20 +02:00
Maximilian Bosch
65d60ae78b
Merge pull request #130062 from nh2/plausible-fix-shell-scripting-errors
...
nixos/plausible: Fix shell scripting errors, runtime fixes
2021-07-22 00:27:56 +02:00
Timothy DeHerrera
6dbf8c0409
zsh: include completions for nix-* commands
2021-07-21 15:55:25 -06:00
Timothy DeHerrera
9ad645dce8
zsh: format module with nixpkgs-fmt
2021-07-21 15:55:25 -06:00
Timothy DeHerrera
d687fe88fd
zsh: remove conflicting nixUnstable completions
2021-07-21 15:55:22 -06:00
Pavol Rusnak
f4860dc785
Merge pull request #130945 from mdlayher/mdl-corerad-docs
...
nixos/corerad: update link to reference configuration file
2021-07-21 23:12:47 +02:00
Andreas Rammhold
ef9be9288b
Merge pull request #124799 from rissson/nixos-unbound-fix-124780
...
nixos/unbound: fix define-tag option
2021-07-21 22:08:44 +02:00
Martin Weinelt
ee26807e35
nixos/pppd: allow AF_NETLINK
...
The pppd daemon starting with version 2.4.9 uses rtnetlink to configure
the ipv6 peer address on the ppp interface. It therefore requires
allowing AF_NETLINK sockets.
2021-07-21 16:38:51 +02:00
Matt Layher
5c17e35a31
nixos/corerad: update link to reference configuration file
...
Signed-off-by: Matt Layher <mdlayher@gmail.com>
2021-07-21 10:35:48 -04:00
Ben Siraphob
1308c47b1f
Merge pull request #130864 from pstn/mingw-64
...
mingw-64: 6.0.0 -> 9.0.0
2021-07-21 21:22:34 +07:00
Martin Weinelt
8abcc6ba09
nixos/pppd: replace CAP_SYS_ADMIN with CAP_BPF
...
The kernel before version 5.7 required CAP_SYS_ADMIN to conduct BPF
operations. After that a separate capability CAP_BPF was created, which
should be sufficient in this scenario and will further tighten the
sandbox around our pppd service.
Tested on my personal DSL line.
2021-07-21 15:20:47 +02:00
Michael Weiss
12e7ee0f31
Merge pull request #130877 from primeos/chromium
...
chromium: 91.0.4472.164 -> 92.0.4515.107
2021-07-21 11:38:02 +02:00
Michael Weiss
97570d30c7
chromium: 91.0.4472.164 -> 92.0.4515.107
...
https://chromereleases.googleblog.com/2021/07/stable-channel-update-for-desktop_20.html
This update includes 35 security fixes.
CVEs:
CVE-2021-30565 CVE-2021-30566 CVE-2021-30567 CVE-2021-30568
CVE-2021-30569 CVE-2021-30571 CVE-2021-30572 CVE-2021-30573
CVE-2021-30574 CVE-2021-30575 CVE-2021-30576 CVE-2021-30577
CVE-2021-30578 CVE-2021-30579 CVE-2021-30580 CVE-2021-30581
CVE-2021-30582 CVE-2021-30583 CVE-2021-30584 CVE-2021-30585
CVE-2021-30586 CVE-2021-30587 CVE-2021-30588 CVE-2021-30589
Note: This won't be the smoothest update. Chromium seems to be fine but
requires gtk3 in $LD_LIBRARY_PATH to find libgtk-3.so.0 (otherwise it
crashes during startup) but Google Chrome fails to initialize
("GPU process exited unexpectedly: exit_code=132") and requires
"--use-gl=angle --use-angle=swiftshader" for hardware(?) acceleration
(which seems to work work fine and performant but SwiftShader should
actually use the CPU instead of the GPU).
2021-07-21 11:20:38 +02:00
Ryan Mulligan
b8d3210113
Merge pull request #130852 from seqizz/g_clipcat
...
nixos/clipcat: add user service module
2021-07-20 18:56:21 -07:00
Philipp
c60a0b0447
mingw-64: 6.0.0 -> 9.0.0
2021-07-20 22:34:50 +02:00