Commit Graph

4799 Commits

Author SHA1 Message Date
K900
e792d7fec0
Merge pull request #264442 from anthonyroussel/update-url-redirects
treewide: fix redirected and broken URLs
2023-11-11 18:08:59 +03:00
Niklas Hambüchen
f9611764c6 manual: Fix QEMU_NET_OPTS VM-side address.
In my earlier commit

    manual: Don't suggest exposing VM port to local network.

I made a side change titled

    Use `127.0.0.1` also on the VM side, otherwise connections to
    services that, in the VM, bind to `127.0.0.1` only
    (doing the safe approach) do not work.

Unfortunately, that was wrong:

QEMU inside the VM always communicates via the virtualised
Ethernet interface, not via the VM's loopback interface.
So trying to connect to `127.0.0.1` on the VM's side cannot work.
2023-11-11 15:40:55 +01:00
Anthony Roussel
e30f48be94
treewide: fix redirected and broken URLs
Using the script in maintainers/scripts/update-redirected-urls.sh
2023-11-11 10:49:01 +01:00
tu-maurice
40c06a143f prayer: remove 2023-11-10 20:44:28 -03:00
Pyrox
8575645827 yarn-berry: 3.4.1 -> 4.0.1
The only breaking change here is that Yarn drops support for NodeJS versions <18.12

Besides that, no major changes that I think deserve a mention
2023-11-10 15:15:40 -08:00
Martin Weinelt
3536221702
Merge pull request #160346 from mweinelt/hass-custom-everything
home-assistant: custom components and lovelace modules
2023-11-11 00:08:25 +01:00
Niklas Hambüchen
dcceeb9868 manual: tests: Describe how to port-forward into test VMs 2023-11-10 22:29:12 +01:00
Niklas Hambüchen
5d73d954cd manual: Don't suggest exposing VM port to local network.
The setting

    QEMU_NET_OPTS="hostfwd=tcp::2222-:22"

caused the VM's port 2222 to be advertised on the host as
`0.0.0.0:2222`, thus anybody in the local network of the host
could SSH into the VM.
Instead, port-forward to localhost only.

Use `127.0.0.1` also on the VM side, otherwise connections to
services that, in the VM, bind to `127.0.0.1` only
(doing the safe approach) do not work.

See e.g. https://github.com/NixOS/nixpkgs/issues/100192
for more info why localhost listening is the best default.
2023-11-10 22:29:12 +01:00
Martin Weinelt
6d05ad6a6b
nixos/rl-2311: mention new home-assistant module features 2023-11-10 22:00:38 +01:00
Ryan Lahfa
b8218af2e6
Merge pull request #256226 from ElvishJerricco/systemd-stage-1-testing-backdoor 2023-11-10 14:08:07 +01:00
Will Fancher
9a0f523372 systemd-stage-1: Enable backdoor in nixos tests 2023-11-09 17:53:48 -05:00
Arnout Engelen
97b0ae26f7
doc: avoid 'simply' (#266434)
While the word 'simply' is usually added to encourage readers, it often has the
opposite effect and may even appear condescending, especially when the reader
runs into trouble trying to apply the suggestions from the documentation. It is
almost always an improvement to simply drop the word from the sentence.

(there are more possible improvements like this, we can apply those in separate
PRs)
2023-11-09 21:48:05 +01:00
Yang, Bo
b5c2407d56 nixos/doc: release notes for virtualisation.googleComputeImage.efi 2023-11-08 21:05:21 +01:00
Martin Weinelt
a3708ce91c
Merge pull request #230380 from graham33/feature/zwave-js-server_module
zwave-js: module init, zwave-js-server: init at 1.33.0
2023-11-06 20:24:56 +01:00
Michele Guerini Rocco
5654dea8a5
Merge pull request #264787 from katexochen/feat/xkb-extralayouts
nixos/x11: move extraLayouts into xkb attrset
2023-11-03 13:49:14 +01:00
Rick van Schijndel
3eccaf87a8
Merge pull request #264292 from the-furry-hubofeverything/blender-withPackages-test
blender: allow functional declaration within withPackages
2023-11-03 13:01:40 +01:00
the-furry-hubofeverything
fe4c776ae9 blender: allow functional declaration within withPackages
Based on #257780, separated since it introduces significant changes.

bpycv: update passthru.tests.render

blender-with-packages: deprecated
it is still backwards compatible, but no longer preferred.
2023-11-02 23:03:34 -07:00
Alexandru Scvortov
cbbe57bc52 elixir: make 1.15 default and pin existing pkgs to 1.14 2023-11-02 20:16:00 +00:00
Janik
8a897821fe
Merge pull request #262781 from Janik-Haag/woodpecker
nixos/woodpecker-server: change type of environmentFile to list of paths
2023-11-02 17:40:07 +01:00
Graham Bennett
b2fccae809 zwave-js: module init, zwave-js-server: init at 1.33.0
Co-authored-by: Martin Weinelt <mweinelt@users.noreply.github.com>
Co-authored-by: h7x4 <h7x4@nani.wtf>
2023-11-02 08:21:09 +00:00
Paul Meyer
143680787e nixos/x11: move extraLayouts into xkb attrset
[Motivation](NixOS#257817 (comment))

`extraLayouts` was missed in #259891, so moving it to the other xkb
options with this PR.

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-11-01 11:55:25 +01:00
Robin Gloster
7e2992c01b
Merge pull request #264584 from Ma27/drop-privacyidea
privacyidea: remove
2023-10-31 16:46:37 +01:00
Janik H.
8e5729517e
nixos/woodpecker-server: change type of environmentFile to list of paths 2023-10-31 15:46:53 +01:00
K900
46bc9e79a9
Merge pull request #259765 from 70m6/bugfix/bitcoind-enable
bugfix/bitcoind-enable
2023-10-31 17:35:10 +03:00
Tom Barrett
a4b31637b5 bitcoind: only use enabled services 2023-10-31 15:29:17 +01:00
Maximilian Bosch
5927d55685
privacyidea: remove
Related to #262907 (Django3 removal from nixpkgs).

This package already required an unreasonable amount of maintenance
regularly for a such small leaf-package. It has a few highly outdated
dependencies (e.g. flask 1, jinja2 2.11, sqlalchemy 1.3).

After at least each Python package-set update one had to fix up a lot of
dependencies to fix the package itself, so it was only useful on stable
branches. And having so much outdated software in a security-sensitive
piece of software seems questionable.

Finally, globin and I won't be available for maintaining this now that
Mayflower is migrating to another solution (and we'll do that as well)
and I'd expect this to bitrot extremely quick if we both bail out.
2023-10-31 14:17:48 +01:00
nikstur
ccd110837b
Merge pull request #264564 from nikstur/repart-image-builder-docs-in-manual
nixos/image: move repart image builder docs into manual
2023-10-31 13:24:13 +01:00
Mario Rodas
af211100e9
Merge pull request #258207 from aaronjheng/cassandra
cassandra: use cassandra_4
2023-10-31 07:17:17 -05:00
nikstur
84722633b7 nixos/image: move docs into manual 2023-10-31 11:27:56 +01:00
Alexandru Scvortov
fa54eeea5c livebook: add systemd user service, test, and docs
Co-authored-by: Yt <happysalada@tuta.io>
2023-10-31 07:31:18 +00:00
Aaron Jheng
0b757d681f
cassandra: use cassandra_4 2023-10-31 11:34:35 +08:00
Maximilian Bosch
1220a4d4dd
postgresql_11: remove
As described in the release lifecycle docs from postgresql[1], v11 will
stop receiving fixes as of Nov 9 2023. This means it's EOL throughout
the entire lifetime of 23.11, so let's drop it now.

A lot of examples are also referencing postgresql_11. Where it's
sensible, use postgresql_15 as example now to avoid confusion.

This is also handy because the LLVM 16 fix for postgresql is not
available for postgresql 11 ;-)

[1] https://www.postgresql.org/support/versioning/
2023-10-30 10:41:16 +01:00
Michele Guerini Rocco
800965ce8c
Merge pull request #245855 from rnhmjoj/pr-sslh
nixos/sslh: update and refactor for RFC42
2023-10-29 23:19:38 +01:00
Emily
707696ccd6
Merge pull request #261870 from emilylange/drop-chromium-beta-dev
chromium{Beta,Dev},google-chrome-{beta,dev}: drop
2023-10-29 21:37:24 +01:00
Matthieu Coudron
f15e58cbeb
luarocks-packages-update: init (#262156)
* luarocks-packages-updater: init

Goal is to make it possible to maintain out-of-tree luarocks packages
without needing to clone nixpkgs.

maintainers/scripts/update-luarocks-packages gets renamed to
pkgs/development/lua-modules/updater/updater.py

Once merged you can run for instance
nix run nixpkgs#luarocks-packages-updater -- -i contrib/luarocks-packages.csv -o contrib/generated-packages.nix

I also set the parallelism (--proc) to 1 by default else luarocks fails
because of https://github.com/luarocks/luarocks/issues/1540

* Update maintainers/scripts/pluginupdate.py

Co-authored-by: Marc Jakobi <mrcjkb89@outlook.com>

---------

Co-authored-by: Marc Jakobi <mrcjkb89@outlook.com>
2023-10-29 21:02:55 +01:00
rnhmjoj
fc4691cd06
nixos/release-notes: mention sslh changes 2023-10-29 18:13:38 +01:00
Robert Hensing
8b385c91c3
Merge pull request #263462 from nikstur/rebuildable-system
Rebuildable system & appliance
2023-10-29 08:02:35 +01:00
Peder Bergebakken Sundt
37c7104f53
Merge pull request #262915 from chayleaf/certspotter
certspotter: init at 0.17.0; nixos/certspotter: init
2023-10-29 05:10:04 +01:00
emilylange
59719f787e
chromium{Beta,Dev},google-chrome-{beta,dev}: drop
This is mainly due to the lack of maintenance in nixpkgs.
`google-chrome-{beta,dev}` depend on `chromium{Beta,Dev}`'s version
info.

`chromium{Beta,Dev}` are rarely updated and explicitly blocklisted by
`hydra.nixos.org`, meaning they are almost always outdated and not
cached in `cache.nixos.org`.

`chromium{Beta,Dev}` were intended to fix the build derivation of each
new major release (if something broke) *before* stable reached that
new major release.
Allowing for fast bumps in nixpkgs, especially if the stable bump
contains very important critical security fixes.

Something that can easily be replicated by using an early-stable release
or by manually entering a dev/beta version string in stable's
`upstream-info.nix`.

This resolves exposing end-users to outdated and vulnerable
`google-chrome-{beta,dev}` and `chromium{Beta,Dev}` versions.
2023-10-28 22:55:18 +02:00
nikstur
79eba74561 nixos: release notes for system.switch.enable 2023-10-28 13:26:39 +02:00
nikstur
996cf6ac56 nixos/docs: add non-switchable-systems section 2023-10-28 13:26:33 +02:00
chayleaf
f4aeeb9e81
nixos/certspotter: init 2023-10-28 14:19:36 +07:00
Peder Bergebakken Sundt
dc42e2603b
Merge pull request #263335 from anthonyroussel/nixos-goss
nixos/goss: init
2023-10-28 06:36:43 +02:00
Bjørn Forsman
7a81d99872 nixos/release-notes: remove wrong entry about services.ddclient
ddclient was later restored.
2023-10-27 16:26:33 +02:00
Anthony Roussel
3a2d3bc3d8
nixos/goss: init 2023-10-27 08:00:48 +02:00
Ivan Timokhin
efb9f909d6 junicode: 1.003 -> 2.001
Release announcement:
https://github.com/psb1558/Junicode-font/releases/tag/v2.001

This is a breaking change, at least in font file naming (Junicode.ttf
is now Junicode-Regular.ttf). In general, 2.0 adds a lot more font
variants and opentype and web font versions of the font.

Seeing as backward compatibility is broken anyway, I opted to break it
a bit more and change custom install path (`junicode-ttf`) to
seemingly more conventional `truetype`; new .otf and .woff2 variants
are then naturally placed in corresponding directories. This
does *not* affect the `fonts.packages` NixOS option, which rearranges
font files anyway, but brings a degree of consistency with other
fonts.

Both the file renaming and the directory structure change break
satysfi, however, so I adjusted its builder accordingly, copying over
only those font variants that were also present in 1.0 series.
2023-10-26 22:52:23 +03:00
Henri Menke
e0cebb254e
nixos/c2fmzq-server: init module
Co-authored-by: Peder Bergebakken Sundt <pbsds@hotmail.com>
Co-authored-by: Anselm Schüler <mail@anselmschueler.com>
Co-authored-by: h7x4 <h7x4@nani.wtf>
2023-10-26 17:27:51 +02:00
nicoo
87c22100a6 stdenv.mkDerivation: Reject MD5 hashes
While there is no fetcher or builder (in nixpkgs) that takes an `md5` parameter,
for some inscrutable reason the nix interpreter accepts the following:
```nix
fetchurl {
  url = "https://www.perdu.com";
  hash = "md5-rrdBU2a35b2PM2ZO+n/zGw==";
}
```

Note that neither MD5 nor SHA1 are allowed by the syntax of SRI hashes.
2023-10-25 23:14:15 +00:00
chayleaf
413011ddf4 kea: use separate runtime directories for each service
Kea may clean the runtime directory when starting (or maybe systemd does
it). I ran into this issue when restarting Kea after changing its
configuration, so I think the fact it normally doesn't clean it is a
race condition (it's cleaned on service start, and normally all Kea
services start at roughly the same time).
2023-10-26 02:51:43 +07:00
Mario Rodas
84a877ed30
Merge pull request #261722 from anthonyroussel/ssm-agent-rename
amazon-ssm-agent: rename from ssm-agent
2023-10-25 04:18:24 -05:00