Commit Graph

34059 Commits

Author SHA1 Message Date
jmir1
858b5c6762 nixos/ddclient: Fix ip command with usev4 and usev6 2024-10-18 20:32:16 +02:00
Sandro
d72c0ce546
nixos/nextcloud-notify_push: fix connecting to mysql via socket (#348114) 2024-10-18 20:25:32 +02:00
Gary Guo
cabbab19e2
nixos-firewall-tool: add nftables support
Co-authored-by: Rvfg <i@rvf6.com>
2024-10-18 20:16:27 +02:00
K900
e1bc488872
nixos/plasma6: fix shellcheck findings with enableStrictShellChecks e… (#349580) 2024-10-18 20:09:15 +03:00
Christina Sørensen
d218858bb1
nixos/wakapi: add database options; gate db creation behind database.createLocally (#341176) 2024-10-18 18:04:46 +02:00
Sandro Jäckel
fc31cfea42
nixos/plasma6: fix shellcheck findings with enableStrictShellChecks enabled 2024-10-18 17:29:23 +02:00
Atemu
dddcb35140
nixos/jupyter: set user primary group (#349415) 2024-10-18 12:05:43 +02:00
r-vdp
c9160efd81
nixos/kmonad: init 2024-10-18 11:47:26 +02:00
Rasmus Précenth
00e1112f9b
nixos/docker-registry: fix extraConfig docs
Co-authored-by: teutat3s <10206665+teutat3s@users.noreply.github.com>
2024-10-18 11:45:18 +02:00
Robert Hensing
01eb8df5f1
Rename macos-builder.nix -> nix-builder-vm.nix (#347255) 2024-10-18 11:26:20 +02:00
Vladimír Čunát
a8f84a9dff
nixos/kresd: add link to upstream doc (#311915) 2024-10-18 10:22:18 +02:00
Atemu
267847014a
nixos/immich: do not set services.redis.servers.immich.user (#345126) 2024-10-18 10:19:46 +02:00
Jacek Galowicz
d3a7fdf5b8
nixos/test-instrumentation: forward journald to correct tty also in systemd initrd (#349479) 2024-10-18 10:16:22 +02:00
nikstur
ea9b0daeee nixos/test-instrumentation: forward journald to correct tty also in systemd initrd
This is a follow up for #339730 where forwarding was correctly setup for
stage 2 but not for stage 1 if it is using systemd.
2024-10-18 10:08:29 +02:00
Jack Wilsdon
df03b32278 nixos/jupyter: set user primary group 2024-10-17 23:44:53 +01:00
Will Fancher
594ac9011f
nixos/systemd-initrd: add missing kmod-blacklist src (#348505) 2024-10-17 15:46:51 -04:00
David McFarland
cd286b21e4
resolvconf: use correct output files when used with dnsmasq (#349320) 2024-10-17 16:44:18 -03:00
David McFarland
403604ca66 resolvconf: use correct output files when used with dnsmasq 2024-10-17 14:20:57 -03:00
scrufulufugus
969102bd11 system76-scheduler: migrate to pkgs/by-name format 2024-10-17 18:22:34 +02:00
scrufulufugus
1d4df7adcc system76-scheduler: Move out of kernel category
system76-scheduler: add alias at old location
2024-10-17 18:22:34 +02:00
scrufulufugus
a1c03ab062 system76-power: Move out of kernel category
system76-power: add alias at old location
2024-10-17 18:22:34 +02:00
Paul Meyer
71c64f8ecc initrd: drop effectless modification of kmod-blacklist
The perl snippet as been added years ago. I assume the intention was to
remove the `## file: iwlwifi.conf` section up to the next `## file:`,
but as there is no file following, the snippet currently does nothing.
We should be fine to remove it.

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2024-10-17 16:23:01 +02:00
Brendan Taylor
04e39de6eb nixos/immich: do not set services.redis.servers.immich.user
the redis module expects a user and group to exist with this name.
previously if there was no group with the same name as
`services.immich.user` the immich redis server would fail to start.

instead we can use the redis module's default behaviour: it will
create a user & group named "redis-immich".
2024-10-17 07:19:02 -06:00
Atemu
644c36174b
nixos/redis: add option services.redis.servers.*.group (#345327) 2024-10-17 10:39:48 +02:00
Leona Maroni
edd292c18b
nixos/dokuwiki,nixos/wordpress,nixos/invoiceplane: Remove deprecated isCoercibleToString (#292801) 2024-10-17 09:32:14 +02:00
K900
bb72b22c6b
steam (and friends): migrate to by-name, small cleanups all over (#349109) 2024-10-16 23:54:49 +03:00
K900
5c33791df3 steam (and friends): migrate to by-name, small cleanups all over
- rename "steam-original" or "steam" to "steam-unwrapped", as that's what it is
- rename "steam-fhsenv" to "steam", as that's what you actually want
- remove some no-longer-relevant hacks
2024-10-16 23:27:24 +03:00
Ramses
7715240587
nixos/etc-overlay: avoid rebuilding the initrd every time the etc contents change (#340722) 2024-10-16 22:21:13 +02:00
Felix Bühler
cc42a1be7b
nixos/services.mysql: remove with lib; (#338048) 2024-10-16 21:38:48 +02:00
Robert Schütz
a9dee7c45b
immich: 1.117.0 -> 1.118.1 (#348890) 2024-10-16 12:31:58 -07:00
Robert Schütz
e3152f80bf nixos/immich: change default port to 2283
This was always upstream's default but they also change the internal
port, i.e. behind the reverse proxy, to 2283 in
https://github.com/immich-app/immich/pull/13185.
2024-10-16 10:30:34 -07:00
Adam Stephens
bece21421b
nixos/atticd: wants network-online.target
fixes:

trace: evaluation warning: atticd.service is ordered after 'network-online.target' but doesn't depend on it
2024-10-16 12:36:19 -04:00
r-vdp
24bf6e9cb8
nixos/etc-overlay: avoid rebuilding the initrd every time the etc contents change
Before this change, the hash of the etc metadata image was included in
the mount unit that's responsible for mounting this metadata image in the
initrd.
And because this metadata image changes with every change to the etc
contents, the initrd would be rebuild every time as well.
This can lead to a lot of rebuilds (especially when revision info is
included in /etc/os-release) and all these initrd archives use up a lot of
space on the ESP.

With this change, we instead include a symlink to the metadata image in the
top-level directory, in the same way as we already do for things like init and
prepare-root, and we deduce the store path from the init= kernel parameter,
in the same way as we already do to find the path to init and prepare-root.

Doing so avoids rebuilding the initrd all the time.
2024-10-16 17:42:58 +02:00
r-vdp
763dc50b08
nixos/systemd-initrd: pull the logic to find the nixos closure into a separate service 2024-10-16 17:42:50 +02:00
nikstur
e81710fa8b
nixos/userborn: fix username typo (#346773) 2024-10-16 17:00:39 +02:00
Friedrich Altheide
53b37c99b4 virtualbox: nixfmt 2024-10-16 13:15:42 +02:00
Aaron Andersen
2ab323a087
nixos/github-runners: Make 'enable' functional (#342996) 2024-10-16 10:18:14 +02:00
K900
70cc7b62f2
nixos/murmur: Set UMask to 027 (#348652) 2024-10-16 05:16:09 +03:00
Robert Schütz
fb2d897809
nixos/headscale: don't set deprecated options in config (#347991) 2024-10-15 16:22:18 -07:00
Felix Bühler
e544a67eba
nixos/freshrss: fix phpfpm.pool (#347324) 2024-10-15 22:39:24 +02:00
Azat Bahawi
e2337957df
nixos/zapret: init (#347805) 2024-10-15 20:37:40 +00:00
Dmitry Voronin
5a5c04d1ea
nixos/zapret: init 2024-10-15 21:51:53 +03:00
Peder Bergebakken Sundt
13bf1d6259
nixos/resilio: add package option (#346427) 2024-10-15 20:38:41 +02:00
Will Fancher
a6e54f566a
nixos/networkd: support systemd-creds in WireGuard (#346964) 2024-10-15 14:31:27 -04:00
Felix Singer
13f6e2d85f nixos/murmur: Set UMask to 027
Group only needs limited access, while other users don't need access at
all. So set the UMask to 027.

Signed-off-by: Felix Singer <felixsinger@posteo.net>
2024-10-15 02:43:42 +02:00
Masum Reza
18760e4c99
{nixos/gpu-screen-recorder,gpu-screen-recorder{-,gtk}}: update to 4.1.11, remove cap_sys_nice (#339874) 2024-10-15 02:16:59 +05:30
Someone
a9b63f037b
nvidia-container-toolkit: add "nvidia" to services.xserver.videoDrivers (#344174) 2024-10-14 19:58:35 +00:00
Pol Dellaiera
242832e023
nixos/nix-fallback-paths: 2.24.8 -> 2.24.9 (#348411) 2024-10-14 21:10:40 +02:00
Sandro Jäckel
db12279890
nixos/go-camo: fix shellcheck findings with enableStrictShellChecks enabled 2024-10-14 18:21:30 +02:00
Sandro Jäckel
1ada7c1d36
nixos/nextcloud: fix shellcheck findings with enableStrictShellChecks enabled 2024-10-14 18:20:25 +02:00
Arian van Putten
f167bdaab9
Make arianvp codeowner of aws (#348499) 2024-10-14 16:16:56 +02:00
Michele Guerini Rocco
35618d0b14
nixos/dhcpcd: fix race between namespace setup and resolvconf (#348305) 2024-10-14 15:44:32 +02:00
Adam C. Stephens
86420f4ee8
nixos/atticd: init module (#347749) 2024-10-14 09:33:35 -04:00
Martin Weinelt
f4226b78df
knot-dns: 3.4.0 -> 3.4.1 (#348476) 2024-10-14 14:20:26 +02:00
Richard Steinmetz
b9ca8498aa nixos/nextcloud-notify_push: fix connecting to mysql via socket 2024-10-14 13:30:05 +02:00
Arian van Putten
0890727868 nixos/ec2-data: Make arianvp maintainer 2024-10-14 12:44:16 +02:00
Paul Meyer
2f6e0c8de3 nixos/systemd-initrd: add missing kmod-blacklist src
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2024-10-14 11:34:27 +02:00
Vladimír Čunát
46954f61c6
nixos/knotd: extend SystemCallFilter
It was breaking knot-dns.tests.knot
New knotd uses fchown to cover cases where user changes during startup.
In typical Linux cases the user is kept the same and there are
capabilities instead, but the syscall still happens and got caught here.
2024-10-14 10:26:46 +02:00
Markus Kowalewski
812640f38a
nixos/saunafs: add module + test (#347337) 2024-10-14 09:24:51 +02:00
rnhmjoj
52e2e7027d
dhcpcd: fix race between namespace setup and resolvconf
systemd requires paths in `ReadWritePaths=` to exist before setting up
the service sandbox, so dhcpcd should be ordered after resolvconf.
Making resolvconf a oneshot service ensure `After=resolvconf.service`
works correctly.
2024-10-14 08:02:46 +02:00
Pol Dellaiera
56cbea0d2e
snapweb: init at 0.8.0 (#347536) 2024-10-14 07:14:23 +02:00
zowoq
a87bc99783 nixos/nix-fallback-paths: 2.24.8 -> 2.24.9
https://releases.nixos.org/nix/nix-2.24.9/fallback-paths.nix
2024-10-14 13:00:57 +10:00
Felix Buehler
de810c5163 nixos/freshrss: update de parameters 2024-10-13 23:07:46 +02:00
Bjørn Forsman
21529d1813 nixos/ups: shutdown UPS at host shutdown
Implement the missing bit of the NUT shutdown design[1]. This ensures
that machines come back up automatically after a power outage. (Without
this change they will only come back up if the UPS completely empties
its battery.)

[1] https://networkupstools.org/docs/user-manual.chunked/Configuration_notes.html#Shutdown_design
2024-10-13 17:55:52 +02:00
Bjørn Forsman
3b781a1e72 nixos/ups: document default upsmon MONITOR value 2024-10-13 17:55:52 +02:00
Bjørn Forsman
2b90f4cdb3 nixos/ups: sort settings attributes
They're listed twice (documentation and implementation) and this change
makes it easier to compare the attrsets.
2024-10-13 17:55:52 +02:00
Adam Stephens
8d4f3f2b3e
nixos/atticd: init module
Copied from 1b29816235/nixos/atticd.nix and modified
2024-10-13 08:23:34 -04:00
Robert Schütz
cc4d29d353 nixos/headscale: assert that dns.base_domain is set when using MagicDNS 2024-10-12 18:28:17 -07:00
github-actions[bot]
4a5ad0965f
Merge master into staging-next 2024-10-13 00:15:27 +00:00
nikstur
ca8147e42e
qemu-vm: fix case-hack appearing in store image (#347636) 2024-10-12 21:50:11 +02:00
K900
001fb496bf Merge remote-tracking branch 'origin/master' into staging-next 2024-10-12 21:08:11 +03:00
Kerstin
35c52ab030
mastodon: 4.2.13 -> 4.3.0 (#337545) 2024-10-12 19:37:08 +02:00
Markus Kowalewski
d22d60f3ac
nixos/saunafs: add module + test 2024-10-12 19:13:00 +02:00
Florian Klink
2afe930c60
ipu6: update packages (#347918) 2024-10-12 19:27:43 +03:00
Maximilian Bosch
f840d87a6e
Merge: nixos/nginx: expand proxyResolveWhileRunning's description (#347164) 2024-10-12 17:14:43 +02:00
Cosima Neidahl
e58a261efb
lomiri.*: Updates (#341377) 2024-10-12 16:49:25 +02:00
github-actions[bot]
4433a315bd
Merge master into staging-next 2024-10-12 12:05:08 +00:00
Florian Klink
237016d023
gogs: remove (#348053) 2024-10-12 13:13:13 +03:00
Ramses
b1e4854ecb
nixos/automatic-timezoned: set time.timeZone to null to avoid silent overriding (#347217) 2024-10-12 11:12:27 +02:00
Pol Dellaiera
afd96bad04
Bump and fix nextjs-ollama-llm-ui (#347856) 2024-10-12 10:42:53 +02:00
Maximilian Bosch
875f00ed40
gogs: remove
Upstream development has stalled and several critical vulnerabilities
that weren't addressed within a year[1][2].

Back then it was fair to mark it as insecure, but given nothing has
happened since, it's time to remove it.

[1] https://forgejo.org/2023-11-release-v1-20-5-1/
[2] https://github.com/gogs/gogs/issues/7777
2024-10-12 10:36:06 +02:00
Robert Schütz
0673e98248 nixos/headscale: update option descriptions 2024-10-11 20:17:15 -07:00
Robert Schütz
dfb0f00fc9 nixos/headscale: don't set deprecated options in config
We cannot use `mkRenamedOptionModule` or `mkRemovedOptionModule` inside
a freeform option. Thus we have to manually assert these deprecated
options aren't used rather than aliasing them to their replacement.
2024-10-11 20:05:29 -07:00
github-actions[bot]
4f2eec3440
Merge master into staging-next 2024-10-12 00:13:45 +00:00
Matej Cotman
f53387e15a ipu6: update packages
This updates the ipu6 driver and firmware to a more recent version,
which seems to at least work in Chrom{e,ium}.

ipu6-drivers now relies on the in-kernel ipu6 kernel driver, so we
update our logic and metadata for it.
2024-10-12 00:45:04 +03:00
Kira Bruneau
79a1c330d3
nixos/gamemode: use listsAsDuplicateKeys for settings (#345121) 2024-10-11 17:36:26 -04:00
Robert Schütz
d4ae06c73b nixos/headscale: assert that server_url does not contain base_domain 2024-10-11 13:29:04 -07:00
Bruno Bigras
986d7cad0d
wakapi: set StateDirectory (#347431) 2024-10-11 14:48:16 -04:00
Atemu
12ef18d2e3
nixos/systemd-boot: Simpler windows dual booting (#344327) 2024-10-11 20:25:08 +02:00
github-actions[bot]
b415f9c282
Merge master into staging-next 2024-10-11 18:04:32 +00:00
MithicSpirit
08831a7160
nixos/gamemode: use listsAsDuplicateKeys for settings
This allows settings multiple scripts in `.custom.start` and
`.custom.end`, as Gamemode reads them back out into a list.

This is slightly annoying, as *any* duplicate keys will appear multiple
times, while gamemode will only accept the last one for most keys
(clobbering previous ones). Ideally, it would be possible to only enable
`listsAsDuplicateKeys` for scripts, but this does not seem to be
possible in `pkgs.formats.ini`.
2024-10-11 11:41:35 -04:00
Florian Klink
7ba149e9d1
nixos/gerrit: Apply initial hardening using the systemd unit (#347661) 2024-10-11 15:16:09 +03:00
Peder Bergebakken Sundt
233d422887 nixos/tailscale: document tailscale-autoconnect 2024-10-11 10:59:49 +02:00
Felix Uhl
73011ba96f nixos/systemd-boot: add windows option for easy dual-booting
When installing NixOS on a machine with Windows, the "easiest" solution
to dual-boot is re-using the existing EFI System Partition (ESP), which
allows systemd-boot to detect Windows automatically.

However, if there are multiple ESPs, maybe even on multiple disks,
systemd-boot is unable to detect the other OSes, and you either have to
use Grub and os-prober, or do a tedious manual configuration as
described in the wiki:
https://wiki.nixos.org/w/index.php?title=Dual_Booting_NixOS_and_Windows&redirect=no#EFI_with_multiple_disks

This commit automates and documents this properly so only a single line
like

    boot.loader.systemd-boot.windows."10".efiDeviceHandle = "HD0c2";

is required.

In the future, we might want to try automatically detecting this
during installation, but finding the correct device handle while the
kernel is running is tricky.
2024-10-11 10:56:02 +02:00
Felix Uhl
f2e5b04c4e nixos/systemd-boot: add edk2-uefi-shell boot option
We already have a edk2-uefi-shell package in nixpkgs, but adding it to
systemd-boot was somewhat tedious. Now it's a single line of nix.
2024-10-11 10:53:42 +02:00
Felix Uhl
548206583d nixos/systemd-boot: autoformat 2024-10-11 10:53:38 +02:00
Kranium Gikos Mendoza
f385d942e1 nextjs-ollama-llm-ui: fix nextjs cache dir (#344316) 2024-10-11 17:35:37 +11:00
github-actions[bot]
e26f69eb82
Merge master into staging-next 2024-10-11 06:04:46 +00:00
Emily
50c2aef3e7
nixos/netboot: Compress squashfs with zstd 19 (#341422) 2024-10-11 05:11:50 +01:00
OPNA2608
6037708c33 lomiri.lomiri-content-hub: Rename from lomiri.content-hub, 1.1.1 -> 2.0.0 2024-10-11 05:17:29 +02:00