nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-11 16:23:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
534,943 Commits 191 Branches 125 Tags 8.5 GiB
62434843b0
Commit Graph

1658 Commits

Author SHA1 Message Date
R. Ryantm
9d228d71b5 dufs: 0.34.1 -> 0.34.2 2023-06-24 19:37:53 +00:00
Franz Pletz
6a4b949a95
nginxMainline: 1.25.0 -> 1.25.1 2023-06-21 13:47:28 +02:00
Hummeltech
a7fc0b6e70
mod_tile: testing enabled 
It looks like the commit used to build `mapnik` was just missing some additional variable definitions in `libmapnik.pc` which are relied upon by the commit used to build `mod_tile`
 2023-06-05 16:18:21 -07:00
R. Ryantm
45cb7359f8 dufs: 0.33.0 -> 0.34.1 2023-06-05 00:25:15 +00:00
R. Ryantm
1b4bcd4d8a jetty: 11.0.14 -> 11.0.15 2023-06-04 13:20:44 +00:00
Bjørn Forsman
14fdabbb7b lighttpd: 1.4.69 -> 1.4.71 
Changelogs:
https://www.lighttpd.net/2023/5/27/1.4.71/
https://www.lighttpd.net/2023/5/10/1.4.70/

Update the patch that disables legacy crypt tests, because it doesn't
apply anymore.
 2023-06-01 17:08:02 +02:00
Weijia Wang
99060dee6f
Merge pull request #234552 from r-ryantm/auto-update/router 
router: 1.18.1 -> 1.19.0
 2023-05-30 12:22:04 +03:00
R. Ryantm
c9b945e0f8 webhook: 2.8.0 -> 2.8.1 2023-05-30 02:04:29 +00:00
Sandro Jäckel
819289b1e5
nginxModules.zstd: add SuperSandro2000 as maintainer 2023-05-29 20:41:08 +02:00
Sandro Jäckel
0000007dcc
nginxModules.vts: 0.2.1 -> 0.2.2, add SuperSandro2000 as maintainer 2023-05-29 20:40:50 +02:00
R. Ryantm
cc62398c92 pomerium: 0.22.1 -> 0.22.2 2023-05-29 08:39:07 +00:00
R. Ryantm
6a35ff3d8a router: 1.18.1 -> 1.19.0 2023-05-28 03:48:55 +00:00
Raito Bezarius
69bb0f94de nixos/nginx: first-class PROXY protocol support 
PROXY protocol is a convenient way to carry information about the
originating address/port of a TCP connection across multiple layers of
proxies/NAT, etc.

Currently, it is possible to make use of it in NGINX's NixOS module, but
is painful when we want to enable it "globally".
Technically, this is achieved by reworking the defaultListen options and
the objective is to have a coherent way to specify default listeners in
the current API design.
See `mkDefaultListenVhost` and `defaultListen` for the details.

It adds a safeguard against running a NGINX with no HTTP listeners (e.g.
only PROXY listeners) while asking for ACME certificates over HTTP-01.

An interesting usecase of PROXY protocol is to enable seamless IPv4 to
IPv6 proxy with origin IPv4 address for IPv6-only NGINX servers, it is
demonstrated how to achieve this in the tests, using sniproxy.

Finally, the tests covers:

- NGINX `defaultListen` mechanisms are not broken by these changes;
- NGINX PROXY protocol listeners are working in a final usecase
  (sniproxy);
- uses snakeoil TLS certs from ACME setup with wildcard certificates;

In the future, it is desirable to spoof-attack NGINX in this scenario to
ascertain that `set_real_ip_from` and all the layers are working as
intended and preventing any user from setting their origin IP address to
any arbitrary, opening up the NixOS module to bad™ vulnerabilities.

For now, it is quite hard to achieve while being minimalistic about the
tests dependencies.
 2023-05-26 19:48:26 +02:00
figsoda
22ec7aebbc treewide/servers: use top-level fetchPypi 2023-05-25 12:06:38 -04:00
Weijia Wang
7ef1ddae9e
Merge pull request #233854 from chkno/hook-spelling 
Fix phase name typos in 5 packages' runHook invocations
 2023-05-24 23:40:57 +03:00
Sandro
c898813431
Merge pull request #233029 from jlamur/nginx-spnego-build-fix 
nginx: fix build of module spnego-http-auth
 2023-05-24 21:54:24 +02:00
Scott Worley
f34465fea5 pomerium: Spell "postBuild" correctly 2023-05-24 09:21:51 -07:00
ajs124
27d53b81cc nginxQuic: share src and version with nginxMainline 
quic support was merged
still a separate package, because it uses quictls
and sets configureFlags
 2023-05-23 18:37:54 +02:00
ajs124
91ecb7d7ff nginxMainline: 1.24.0 -> 1.25.0 2023-05-23 18:28:04 +02:00
Martin Weinelt
9d0bbc2c12
nginxModules.secure-token: 2020-08-28 -> 1.5 2023-05-22 16:29:55 +02:00
Martin Weinelt
2c1cc78307
nginxModules.vod: 1.29 -> 1.31 2023-05-22 16:29:55 +02:00
Robert Scott
6ace7552e3
Merge pull request #233002 from LeSuisse/tomcat9-9.0.75 
tomcat9: 9.0.68 -> 9.0.75
 2023-05-20 19:07:43 +01:00
Jules Lamur
dcb2cc849e
nginx: fix build of module spnego-http-auth 2023-05-20 16:12:04 +02:00
Robert Scott
ca7f83f6df tomcat*: add sourceProvenance binaryBytecode 2023-05-20 13:03:13 +01:00
Thomas Gerbet
0749e39f64 tomcat9: 9.0.68 -> 9.0.75 
Fixes CVE-2022-45143 and CVE-2023-28708.

https://tomcat.apache.org/tomcat-9.0-doc/changelog.html
 2023-05-20 13:09:20 +02:00
R. Ryantm
17db7c08d8 pomerium: 0.21.3 -> 0.22.1 2023-05-19 10:22:11 +00:00
R. Ryantm
b166262b1b router: 1.18.0 -> 1.18.1 2023-05-17 00:05:19 +00:00
Izorkin
e5aa2e3b30
unit: add ruby 3.2 2023-05-13 16:55:50 +03:00
Izorkin
ba455450b1
unit: remove ruby_2_7 2023-05-13 16:55:50 +03:00
Izorkin
baa5550162
unit: 1.29.1 -> 1.30.0 2023-05-13 16:55:47 +03:00
divanorama
4d494b82de
Update pkgs/servers/http/envoy/default.nix 2023-05-12 22:04:55 +02:00
Dmitry Ivankov
5a14400712 bazel_6: 6.1.2 -> 6.2.0 
https://github.com/bazelbuild/bazel/releases/tag/6.2.0
 2023-05-12 15:33:48 +02:00
Luke Granger-Brown
23cd27508f envoy: 1.25.1 -> 1.26.1 2023-05-12 07:54:56 +00:00
Martin Weinelt
4579dfb9ce
Merge pull request #231193 from mweinelt/couchdb-3.3.2 
couchdb3: 3.3.1 -> 3.3.2
 2023-05-11 16:03:28 +02:00
Martin Weinelt
34ba6c7e16
couchdb3: 3.3.1 -> 3.3.2 
https://docs.couchdb.org/en/latest/whatsnew/3.3.html#version-3-3-2
https://docs.couchdb.org/en/latest/cve/2023-26268.html

Fixes: CVE-2023-26268
 2023-05-11 02:41:41 +02:00
Dmitry Ivankov
e0d1e77c23 bazel_5: 5.4.0->5.4.1 
Also update the updater script.

https://github.com/bazelbuild/bazel/releases/tag/5.4.1

- [X] recalculate fetchAttrs digest for packages built with bazel_5
 2023-05-10 16:09:19 +02:00
Sandro
9757bdca3b
Merge pull request #229911 from bbigras/router 
router: 1.15.1 -> 1.18.0
 2023-05-07 15:42:40 +02:00
Bruno Bigras
5cee3aa13f router: 1.15.1 -> 1.18.0 2023-05-07 01:59:17 -04:00
Thomas Gerbet
62b0017f86 envoy: mark with knownVulnerabilities 
Attempts to update `envoy` have not been successful.
Nobody with enough Bazel skills has step up to untangle
the build issues with the latest version.
 2023-05-04 23:10:57 +02:00
zowoq
9f8b8befcf nginxModules.zstd: add missing meta 2023-05-04 20:21:37 +10:00
Sandro
7a4d8131fa
Merge pull request #208161 from SuperSandro2000/nginx-modules-meta 
nginx: add meta section to modules
 2023-05-04 00:59:20 +02:00
Alyssa Ross
2d8c06b637 bozohttpd: 20210227 -> 20220517 2023-05-03 09:38:12 +00:00
R. Ryantm
342ff3209c apacheHttpd: 2.4.56 -> 2.4.57 2023-04-29 07:43:39 +00:00
Sandro Jäckel
50b8c237b7
nginx: move aliases behind config.allowAliases 2023-04-28 21:38:43 +02:00
Sandro Jäckel
0d58522055
nginx: add meta section to modules 
Also resolve one github redirect.
 2023-04-28 21:38:43 +02:00
R. Ryantm
b94c7f3acc jetty: 11.0.13 -> 11.0.14 2023-04-27 07:14:15 +00:00
Weijia Wang
da3414f938
Merge pull request #227314 from r-ryantm/auto-update/apacheHttpdPackages.mod_auth_mellon 
apacheHttpdPackages.mod_auth_mellon: 0.18.0 -> 0.18.1
 2023-04-22 22:42:05 +03:00
Ryan Lahfa
1bcb219bd5
Merge pull request #227026 from LeSuisse/unit-drop-php80 
unit: drop PHP 8.0 support, add PHP 8.2 support
 2023-04-21 15:21:21 +02:00
R. Ryantm
d0070ed03d apacheHttpdPackages.mod_auth_mellon: 0.18.0 -> 0.18.1 2023-04-20 18:47:44 +00:00
Thomas Gerbet
9817e6af85 unit: add PHP 8.2 support 2023-04-19 10:36:33 +02:00
Thomas Gerbet
4855a6f817 unit: drop PHP 8.0 support 
PHP 8.0 will be end-of-life before the end of life of the next stable
version of NixOS. Related to #224505.
 2023-04-19 10:24:02 +02:00
Bruno Bigras
18a0deb942 router: 1.15.0 -> 1.15.1 2023-04-18 16:14:50 -04:00
Bruno Bigras
2f81686ec8 router: init at 1.15.0 
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
 2023-04-17 20:39:47 -04:00
ajs124
68c39e6f41 nginxMainline: 1.23.4 -> 1.24.0 2023-04-11 22:12:12 +02:00
ajs124
58cb284c0e nginxStable: 1.22.1 -> 1.24.0 2023-04-11 22:11:07 +02:00
Franz Pletz
a50962e4c4
Merge pull request #224458 from helsinki-systems/upd/nginx 
nginxMainline: 1.23.3 -> 1.23.4
 2023-04-08 11:49:55 +02:00
Uri Baghin
f8ee061247 buildBazelPackage: fix difference between linux and darwin deps 2023-04-06 11:42:46 +10:00
Uri Baghin
440b4de588 buildBazelPackage: support multiple targets 2023-04-05 12:59:54 +10:00
ajs124
8be794b197 nginx: sha256 -> hash 2023-04-03 12:40:49 +02:00
ajs124
9554582b34 nginxMainline: 1.23.3 -> 1.23.4 2023-04-03 12:29:54 +02:00
Izorkin
9f2a1d98aa
nginxQuic: 3be953161026 -> 0af598651e33 2023-04-01 13:09:48 +03:00
Sandro
5332b2b4d3
Merge pull request #213168 from LeSuisse/rustls-ffi-init 
rustls-ffi: init at 0.9.2 and make possible to build Apache mod_tls with it
 2023-03-31 11:25:24 +02:00
R. Ryantm
aa6fd7cb06 pomerium: 0.21.2 -> 0.21.3 2023-03-29 02:57:27 +00:00
Martin Weinelt
e911a4d6cd
Merge pull request #223055 from LeSuisse/apache-2.4.56 
apacheHttpd: 2.4.55 -> 2.4.56
 2023-03-29 01:14:27 +02:00
Thomas Gerbet
ce5b2e3773 apacheHttpd: add option to build experimental mod_tls 
https://httpd.apache.org/docs/2.4/mod/mod_tls.html

Note: the attribute has been named `modTlsSupport` instead of
`tlsSupport` to try to limit the confusion with the existing
`sslSupport` attribute.
 2023-03-28 18:00:35 +02:00
Martin Weinelt
8c4c762da2
lighttpd: Disable tests for DES and MD5 
These are legacy ciphers, which we don't support any longer.
 2023-03-26 15:58:08 +02:00
Thomas Gerbet
5475dfc18d apacheHttpd: 2.4.55 -> 2.4.56 
Fixes CVE-2023-27522 and CVE-2023-25690.

https://downloads.apache.org/httpd/CHANGES_2.4.56
 2023-03-25 11:55:59 +01:00
Weijia Wang
dedf17650f
Merge pull request #222562 from r-ryantm/auto-update/dufs 
dufs: 0.32.0 -> 0.33.0
 2023-03-24 21:34:49 +02:00
Sandro
995f9d1c95
Merge pull request #213874 from SuperSandro2000/nginx-zstd 
nixos/nginx: add recommendedZstdSettings
 2023-03-23 14:11:35 +01:00
R. Ryantm
2a345b3b6d dufs: 0.32.0 -> 0.33.0 2023-03-22 16:35:10 +00:00
Morgan Helton
c1bfba963d pomerium: 0.20.0 -> 0.21.2 2023-03-18 06:49:42 -05:00
Morgan Helton
d76601d559 pomerium: add update script 2023-03-18 06:48:41 -05:00
Sergei Trofimovich
fce04e0bca
Merge pull request #221357 from tfc/mod_tile-cmake 
apacheHttpdPackages.mod_tile: Update and use cmake to build mod_tile.so and renderd
 2023-03-16 15:50:26 +00:00
R. Ryantm
95cb05fe7f lighttpd: 1.4.68 -> 1.4.69 2023-03-16 14:11:07 +01:00
Jacek Galowicz
40fa259b7e apacheHttpdPackages.mod_tile: Update and use cmake to build mod_tile.so and renderd 2023-03-16 10:40:43 +01:00
Yureka
7efee351ec
Merge branch 'gitlab-pages' of github.com:talyz/nixpkgs into HEAD 2023-03-10 14:36:25 +01:00
R. Ryantm
f5fe3e69a1 unit: 1.29.0 -> 1.29.1 2023-03-02 16:01:31 +00:00
Weijia Wang
b454ccfa61
Merge pull request #217973 from r-ryantm/auto-update/dufs 
dufs: 0.31.0 -> 0.32.0
 2023-02-27 21:57:11 +02:00
Weijia Wang
3710ff90fd
Merge pull request #212196 from r-ryantm/auto-update/gitlab-pages 
gitlab-pages: 1.62.0 -> 15.7.3
 2023-02-26 00:13:59 +02:00
R. Ryantm
02b0106dd6 dufs: 0.31.0 -> 0.32.0 2023-02-24 05:55:49 +00:00
Artturin
f9fdf2d402 treewide: move NIX_CFLAGS_COMPILE to the env attrset 
with structuredAttrs lists will be bash arrays which cannot be exported
which will be a issue with some patches and some wrappers like cc-wrapper

this makes it clearer that NIX_CFLAGS_COMPILE must be a string as lists
in env cause a eval failure
 2023-02-22 21:23:04 +02:00
Artturin
6f6cc4a22d treewide: use toString on list NIX_CFLAGS_COMPILE 
with structuredAttrs lists will be bash arrays which cannot be exported
which will be a issue with some patches and some wrappers like cc-wrapper
 2023-02-22 21:23:04 +02:00
Sandro Jäckel
e31461fff1
nginx.modules.zstd: init 2023-02-22 13:59:55 +01:00
R. Ryantm
2a54120d5a go-camo: 2.4.2 -> 2.4.3 2023-02-21 03:48:05 +00:00
Mario Rodas
aad47a0188
Merge pull request #215914 from marsam/update-tengine 
tengine: 2.3.4 -> 2.4.0
 2023-02-19 18:37:05 -05:00
Weijia Wang
e446e05077
Merge pull request #217094 from r-ryantm/auto-update/go-camo 
go-camo: 2.4.1 -> 2.4.2
 2023-02-20 00:30:51 +02:00
Luke Granger-Brown
22d9547ce3 envoy: 1.23.3 -> 1.25.1 2023-02-19 18:56:55 +00:00
R. Ryantm
17ce1cc30c go-camo: 2.4.1 -> 2.4.2 2023-02-19 06:09:42 +00:00
Sandro
a68a88698f
Merge pull request #215150 from SuperSandro2000/nginx-with-lib 
nginx: remove with lib over entire file
 2023-02-15 16:22:35 +01:00
Sandro
14b15a92dc
Merge pull request #206368 from hmenke/njs 2023-02-13 00:10:02 +01:00
Mario Rodas
37e3c5d085 tengine: 2.3.4 -> 2.4.0 
https://github.com/alibaba/tengine/releases/tag/2.4.0
 2023-02-11 04:20:00 +00:00
Henri Menke
2fb3714761 nginxModules.njs: 0.7.9 -> 0.7.10 2023-02-10 09:57:49 +01:00
Henri Menke
160472e179 nginxModules.njs: 0.7.8 -> 0.7.9 2023-02-10 09:52:56 +01:00
Andreas Stührk
304c84ff10 envoy: build with noexecstack 2023-02-09 12:07:03 +01:00
Sandro Jäckel
79a301305b
nginx: remove with lib over entire file 2023-02-07 17:25:15 +01:00
Aaron Jheng
fa62da13c2
dave: use buildGoModule 2023-01-27 01:45:35 +00:00
Thomas Gerbet
3470711e51 apacheHttpd: 2.4.54 -> 2.4.55 
Fixes CVE-2022-37436, CVE-2022-36766 and CVE-2006-20001

https://downloads.apache.org/httpd/CHANGES_2.4.55
 2023-01-24 23:39:56 +01:00
R. Ryantm
525e514bfb gitlab-pages: 1.62.0 -> 15.7.3 2023-01-23 01:26:13 +00:00
Weijia Wang
218c4c526e
Merge pull request #212002 from mothsART/feature/replace_http_by_https 
treewide: replace http by https when https is a permanent redirection
 2023-01-22 03:26:02 +01:00
Ferry Jérémie
65d7e87fdb treewide: replace http by https when https is a permanent redirection 2023-01-22 02:46:49 +01:00