Trolli Schmittlauch
0e893a9f22
nixos/forgejo docs: correct phrasing
2023-11-26 21:43:32 +01:00
Maciej Krüger
b63af5d7ea
Merge pull request #265728 from nbraud/nixos/sudo-rs/ssm-agent
2023-11-26 21:37:15 +01:00
Maciej Krüger
cdd67575e7
Merge pull request #265722 from nbraud/nixos/sudo-rs/btrbk
2023-11-26 21:36:20 +01:00
Sandro Jäckel
960527707b
nixos/mediawiki: don't clear default installed extensions
2023-11-26 20:29:49 +01:00
Jörg Thalheim
501680a656
nixos/telegraf: include procps if procstat input is configured
2023-11-26 20:26:48 +01:00
Sandro Jäckel
8ae9c8640c
nixos/mediawiki: don't assume language of main page
...
The mainpage might be named Hauptseite and mediawiki redirects from
/wiki/ on its own to there
2023-11-26 19:59:32 +01:00
Sandro Jäckel
f68be841c9
nixos/mediawiki: use fastcgi.conf file which contains extra parameter
2023-11-26 19:59:32 +01:00
Maciej Krüger
3250f15338
Merge pull request #263471 from nbraud/nixos/sudo-rs/cleanup
2023-11-26 19:57:31 +01:00
Robert Hensing
ecef65f019
Merge pull request #269970 from emilylange/nixos-containers-warning
...
nixos/containers: warn if containers are used but disabled
2023-11-26 19:39:32 +01:00
Robert Scott
5689f242a1
Merge pull request #269766 from gaykitty/stargazer-update
...
stargazer: 1.0.5 -> 1.1.0
2023-11-26 18:09:28 +00:00
Jörg Thalheim
f468e0d111
nixos/mediawiki: quote shell flags passed to installer
2023-11-26 17:25:14 +01:00
Jörg Thalheim
0bd8759d1c
nixos/mediawiki: drop sqlite variant
...
Probably no one ever tested this, mediawiki tries to create the database inside the read-only
package. There might be a proper fix but for now it's better to not advertise unsupported options.
2023-11-26 17:25:14 +01:00
Sandro
e580ab8c3e
nixos/mediawiki: update url option defaultText
2023-11-26 17:24:15 +01:00
Mihai-Drosi Câju
be6ac65b52
nixos/waydroid: remove with lib;
and friends
2023-11-26 17:13:15 +02:00
3JlOy_PYCCKUI
64002ec9b0
nixos/torrentstream: init
2023-11-26 16:36:48 +02:00
Pierre Bourdon
c6c20c63b4
Merge pull request #269954 from imincik/fix-tmate-ssh-server-module
...
nixos/tmate-ssh-server: fix tmate-client-config script
2023-11-26 12:42:09 +01:00
Thiago Kenji Okada
e6e0787c3f
Merge pull request #256159 from YtvwlD/yama
...
nixos/sysctl: Stop disabling yama by default
2023-11-26 10:32:32 +00:00
Tony Zorman
13da2e9463
nixos/emacs: Remove absolute paths from documentation
...
Apart from being bad practice, absolute paths may be confusing;
especially the `services.emacs.package` definition in the "Running
Emacs as a service" section. Remove them.
Supersedes: https://github.com/NixOS/nixpkgs/pull/192019
Co-authored-by: Alexander Bantyev <balsoft@balsoft.ru>
2023-11-26 11:22:28 +01:00
Ivan Mincik
df254b2dd2
nixos/tmate-ssh-server: fix tmate-client-config script
2023-11-26 09:34:51 +01:00
K900
54c8998ba1
treewide: /lib/libexec -> /libexec
...
/lib/libexec doesn't exist.
2023-11-26 10:55:37 +03:00
Lin Jian
5ba42a0de2
Merge pull request #260902 from LDprg/master
...
preload: init at 0.6.4
2023-11-25 23:29:40 -06:00
Mario Rodas
1744e3fa01
Merge pull request #266675 from anthonyroussel/sonic-server-nixos
...
nixos/sonic-server: init
2023-11-25 23:45:16 -05:00
Robert Scott
b7a2c41788
Merge pull request #268853 from nevivurn/feat/gvisor-unbreak
...
gvisor: 20221102.1 -> 20231113.0
2023-11-26 00:43:40 +00:00
Christoph Heiss
4e08f16893
nixos/networkd: fix manpage for WireGuardPeer
config
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2023-11-26 00:43:55 +01:00
Felix Buehler
1b5617e25b
nixos/libvirtd: add netcat and support
...
see: https://github.com/NixOS/nixpkgs/issues/180806
2023-11-25 23:45:18 +01:00
Sandro Jäckel
79e3ab84dd
nixos/tests/nextcloud: fix with-declarative-redis-and-secrets test
2023-11-25 22:58:06 +01:00
nikstur
fa41730b86
nixos/switch-to-configuration: remove explicit tmpfiles invocation
2023-11-25 21:39:10 +01:00
LDprg
a0f5d5e500
nixos/preload: init
2023-11-25 20:07:10 +01:00
emilylange
1c404d2584
nixos/containers: warn if containers are used but disabled
...
This is a follow-up to 8dfe8e447e
.
2023-11-25 20:01:42 +01:00
Lassulus
b821ac8070
Merge pull request #267278 from Stunkymonkey/nixos-packages-docu-fix
...
nixos/nextcloud: fix docu of packages
2023-11-25 18:48:28 +01:00
Peder Bergebakken Sundt
2ca79e7f9d
nixos/ejabberd: ensure erlang cookie is made
...
Apply the same fix as found in `couchdb` and `rabbitmq`.
2023-11-25 15:41:42 +01:00
Artturi
4706651a16
Merge pull request #268187 from imincik/geoserver-fix-data-dir
2023-11-25 16:22:31 +02:00
nicoo
bcc2d1238a
nixos/sudo-rs: Move support for pam_ssh_agent_auth(8)
to PAM's NixOS module
...
Similar to delroth's suggestion in #262790 .
2023-11-25 14:11:25 +00:00
nicoo
f5d059b1f5
nixos/sudo-rs: Clarify security.sudo-rs.enable
's description
2023-11-25 14:11:24 +00:00
nicoo
46aaa5be70
nixos/sudo-rs: Refactor option definitions
2023-11-25 14:11:24 +00:00
nicoo
03db94319a
nixos/sudo-rs: refactor processing of cfg.extraRules
2023-11-25 14:11:24 +00:00
nicoo
211c4b0545
nixos/tests/sudo-rs: cleanup
2023-11-25 14:11:24 +00:00
nicoo
9b0a63c2fe
nixos/sudo-rs: Fix bug putting the wrong version of sudo in environment.systemPackages
2023-11-25 14:11:24 +00:00
nicoo
165b600f01
nixos/sudo-rs: Drop checks for sudo implementation
2023-11-25 14:11:23 +00:00
nicoo
cd42b18a2c
nixos/sudo-rs: uniformize ssh-agent auth behaviour with security.sudo
2023-11-25 14:11:23 +00:00
nicoo
c1b5226cd4
nixos/release-notes: Document pitfall when switching to sudo-rs
2023-11-25 14:11:23 +00:00
nicoo
b05648b541
nixos/sudo-rs: Simplify activation
2023-11-25 14:11:23 +00:00
Maciej Krüger
7b1e146a49
Merge pull request #266477 from duament/nixos-nat-nftables
...
nixos/nat: fix nat-nftables
2023-11-25 12:58:48 +01:00
gaykitty
88273849a6
nixosTests.stargazer: switch to using gemget
2023-11-24 19:44:35 -05:00
Maciej Krüger
2819a35bf4
Merge pull request #265532 from ProminentRetail/git
2023-11-24 22:38:57 +01:00
Minijackson
8ed9ed7459
meilisearch: 1.3.1 -> 1.5.0
2023-11-24 21:06:40 +00:00
Ryan Lahfa
264ddf3f05
Merge pull request #269199 from jnsgruk/lxd-ui-0.4
2023-11-24 21:48:14 +01:00
ProminentRetail
2db2f446c2
nixos/git: add prompt.enable
2023-11-24 20:38:16 +01:00
Yongun Seong
ee59d35be8
nixosTests.gvisor: remove flaky test
2023-11-25 03:05:11 +09:00
Ryan Lahfa
58fdc495ed
Merge pull request #269452 from RaitoBezarius/zfs-superstable
2023-11-24 17:41:43 +01:00
Raito Bezarius
e04c0b0d99
zfs_2_1: init at 2.1.13
...
This re-introduces the old stable ZFS version we had in the past following
the many predicted issues of ZFS 2.2.x series, that is much more stable
than any further ZFS version at the moment.
I am also removing myself from maintenance of any further ZFS versions as I am
planning to quit ZFS maintenance at some point.
In the meantime, for users like me who depend on ZFS for critical operations, here is a ZFS version
that is known to work for LTS kernels.
2023-11-24 15:47:21 +01:00
Nick Cao
9ad7bc9180
Merge pull request #269613 from jpds/caddy-restart-sec-typo
...
nixos/caddy: Fixed RestartSec typo
2023-11-24 09:41:10 -05:00
Chris Marchesi
6182b0bde8
nixos/xscreensaver: add module tests
...
Co-authored-by: Aidan Gauland <aidalgol@fastmail.net>
Co-authored-by: Anderson Torres <torres.anderson.85@protonmail.com>
2023-11-24 08:53:00 -03:00
Chris Marchesi
54020c36a2
nixos/xscreensaver: init module
...
This adds a NixOS module for XScreenSaver (from @aidalgol in #130218 ,
with a few updates).
The module:
* Installs XScreenSaver
* Sets up a suid wrapper for xscreensaver-auth
* Sets up a user service for xscreensaver
The suid wrapper should function correctly when xscreensaver is
installed via the derivation update in 40a00547b71.
Co-authored-by: Aidan Gauland <aidalgol@fastmail.net>
Co-authored-by: Anderson Torres <torres.anderson.85@protonmail.com>
2023-11-24 08:53:00 -03:00
Jonathan Davies
a1163912c2
nixos/caddy: Fixed RestartSec typo.
2023-11-24 11:03:32 +00:00
Jonas Heinrich
8f3f6a2a77
nixos/invoiceplane: Add settings option
2023-11-24 10:25:46 +00:00
happysalada
e5b0b76105
nixos/clamav: add fangfrisch updater
2023-11-24 09:09:46 +00:00
Maciej Krüger
2edba9d0b1
Merge pull request #269178 from mkg20001/lxdfix
2023-11-24 01:53:31 +01:00
Robert Hensing
11832690a8
Merge pull request #268871 from tweag/release-notes-lib
...
rl-2311: Add release notes on lib
2023-11-23 22:31:36 +01:00
Silvan Mosberger
38664f70d1
rl-2311: Add release notes on lib
...
NixOS releases are also `lib` releases :)
The release notes were collected from looking at the `git diff` since
22.11.
Since the NixOS and Nixpkgs manuals are rendered separately, I'm linking
to the "unstable" link to make sure the links definitely work on the time of
release. The "stable" link might take some time to become available
2023-11-23 21:13:59 +01:00
Valentin Gagarin
570757826e
Merge pull request #263056 from DanielSidhion/kernel-docs
...
doc: consolidate info on manual linux kernel configs
2023-11-23 18:21:10 +01:00
DS
1d7ee9ff09
doc: consolidate info on manual linux kernel configs
...
The Nixpkgs documentation on the linux kernel builders focused on
using and extending kernels that were already packaged, but never
mentioned that it's possible to also build a kernel almost "from
scratch".
The NixOS documentation went a bit deeper on manual linux kernel
configs, but that information wasn't particularly NixOS-specific.
This commit consolidates the information related to building the
kernel on Nixpkgs's documentation, while keeping any additional
NixOS-specific information on NixOS's documentation.
An additional README.md was created for contributor-facing
documentation.
2023-11-23 08:50:16 -08:00
Robert Hensing
779e50580c
Merge pull request #224611 from srhb/kafka-settings-module
...
Kafka: Settings and KRaft support
2023-11-23 17:35:29 +01:00
Ryan Lahfa
d783b6040d
Merge pull request #269381 from YellowOnion/bcachefs
2023-11-23 16:53:22 +01:00
K900
eead97a9b2
Merge pull request #269410 from K900/container-test-cleanup
...
nixos/tests/containers-ip: don't include channel sources
2023-11-23 18:26:28 +03:00
Yang, Bo
932441c86d
nixos/nvidia: load nvidia-uvm
kernel module via softdep
( #267335 )
2023-11-23 16:19:27 +01:00
nicoo
572413151a
nixos/release-notes: Tidy-up location of sudo-rs
link definition
...
Presumably introduced when reverting #253876
2023-11-23 12:31:17 +00:00
Jon Seager
78f17a3aaa
nixos/tests/lxd-ui: add a basic selenium test to check the UI is functioning
2023-11-23 10:27:41 +00:00
K900
3ff36ca61e
nixos/tests/containers-ip: don't include channel sources
...
They're not used in the test, saves a rebuild.
2023-11-23 12:54:31 +03:00
Finn Behrens
a51ea9ca17
nixos: fix bcachefs filesystem with symlinks
2023-11-23 08:14:27 +01:00
Daniel Hill
34a58ce86f
bcachefs: fix lib.kernel.option miss use.
...
option is a function not a set.
2023-11-23 19:08:57 +13:00
sinanmohd
da35c07d23
nixos/seatd: add readiness notification
2023-11-23 13:50:14 +11:00
sinanmohd
aa0b9d2780
nixos/tests/seatd: init
2023-11-23 13:50:14 +11:00
sinanmohd
9796cbb021
nixos/seatd: init
2023-11-23 13:50:14 +11:00
rewine
b9aa854644
deepin: don't wait dde-wm-chooser in v23
2023-11-23 10:00:46 +08:00
rewine
12fba79491
deepin: add v23 packages
2023-11-23 10:00:44 +08:00
rewine
245ae0f64f
services.deepin.app-services: add systemd service
...
https://github.com/linuxdeepin/dde-app-services/pull/45
2023-11-23 10:00:43 +08:00
Silvan Mosberger
bf01ec00a0
Merge pull request #250949 from ShamrockLee/apptainer-localstatedir
...
apptainer, singularity: use self-contained LOCALSTATEDIR by default
2023-11-23 01:37:54 +01:00
Florian Klink
ab21317170
Merge pull request #269280 from tazjin/nix-serve-unflaked
...
nixos/nix-serve: fix module compatibility with unflaked Nix
2023-11-22 23:24:50 +02:00
Vincent Ambo
b2f67d3f48
nixos/nix-serve: fix module compatibility with unflaked Nix
...
The option `extra-allowed-users` was introduced in Nix 2.4, and fails
config validation on Nix 2.3.
2023-11-23 00:03:31 +03:00
Martin Weinelt
754f40a5ff
Merge pull request #269277 from Artturin/restorepre
...
Revert "23.11 beta release"
2023-11-22 21:49:49 +01:00
Artturin
be6349fdee
Revert "23.11 beta release"
...
This line shouldn't be changed from pre to beta on master, only in the beta branch
https://nixos.github.io/release-wiki/Branch-Off.html#on-the-release-branch
This reverts commit dc7b3febf8
.
Revert "nixos/release: fix versionSuffix eval"
This reverts commit 625c450024
.
2023-11-22 22:39:48 +02:00
Andrew Morgan
54b7a39646
peertube: Clarify option descriptions of listenHttp
, listenWeb
, enableWebHttps
2023-11-22 21:15:36 +01:00
Paul Meyer
796b4926bb
mkosi: 18 -> 19
2023-11-22 20:00:37 +00:00
Nick Cao
0840c28c43
Merge pull request #268991 from undefined-moe/mongodb-exporter
...
add prometheus-mongodb-exporter
2023-11-22 09:29:50 -05:00
Emily Trau
0bcdafbd7e
Merge pull request #265276 from eliandoran/update/trilium
...
trilium-{desktop,server}: 0.60.4 -> 0.61.14
2023-11-23 01:25:59 +11:00
Maciej Krüger
daff2bb01d
maintainers/lxd: fix double modules
...
Otherwise it results in <nixpkgs/nixos/modules/modules...> being loaded
2023-11-22 13:25:17 +01:00
nicoo
744b456b49
nixos/systemd: Mark down the options description
2023-11-22 10:49:51 +00:00
nicoo
3f5e19aaf3
nixos/systemd: Link manpages in options' description
2023-11-22 10:49:50 +00:00
nicoo
f1b17edaea
nixos/systemd: Refactor package
option
2023-11-22 10:49:50 +00:00
nicoo
aba2edda44
nixos/systemd: Refactor references to config.systemd
2023-11-22 10:49:50 +00:00
nicoo
667e7ca0bd
nixos/systemd: refactor option definitions
...
- factor out `config.systemd.`;
- remove `lib.mdDoc` no-op.
2023-11-22 10:49:50 +00:00
c4lliope
e6fc0a2e3a
Enable wxWebView
in wxGTK32
.
...
Closes #267712
Needed as a dependency for a number of language-specific packages,
including https://hexdocs.pm/desktop in Elixir.
2023-11-22 10:28:20 +00:00
datafoo
480f5b14e3
nixos/syncoid: add possibility to use string type for sshKey options
...
The sshKey options do not need to be a valid path at build time. Using
string instead allow use case when the path is not known at build time
such as when using systemd credentials (e.g. `sshKey =
"\${CREDENTIALS_DIRECTORY}/zfs-replication_ed25519";`).
2023-11-22 10:57:58 +01:00
Sarah Brofeldt
cfe3ca1f2f
nixos/apache-kafka: Add manual chapter
2023-11-22 06:47:09 +01:00
Sarah Brofeldt
72d85cd36c
nixos/apache-kafka: release notes
2023-11-22 06:47:09 +01:00
Sarah Brofeldt
56973b2dd1
nixos/tests/kafka: test KRaft mode
2023-11-22 06:47:08 +01:00
Sarah Brofeldt
45f84cdfd5
nixos/apache-kafka: structured settings
...
- Use lazyAttrs (for config references) settings for main server.properties.
- Drop dangerous default for "log.dirs"
- Drop apache-kafka homedir; unused and confusing
- Support formatting kraft logdirs
2023-11-22 06:47:08 +01:00
happysalada
eb746540a9
nixos/clamav: run as clamav user not root
2023-11-22 03:08:30 +00:00
happysalada
ef6b8ff15a
nixos/clamav: use state and runtime directory
2023-11-22 03:08:30 +00:00
undefined
b46ec2c40f
nixos/prometheus-mongodb-exporter: init module
2023-11-22 09:42:27 +08:00
Stig
d35c19ca52
Merge pull request #262104 from zakame/contrib/convos-7.16
...
convos: 7.02 -> 8.05
2023-11-22 02:10:33 +01:00
Lassulus
ac1a9af078
Merge pull request #267445 from RTUnreal/add-dynamic-pw-loading-factorio
...
factorio: add dynamic game-password and login credentials loading
2023-11-21 23:46:51 +01:00
figsoda
625c450024
nixos/release: fix versionSuffix eval
2023-11-21 15:24:26 -05:00
RTUnreal
decdfde011
improve documentation of new options
2023-11-21 20:52:30 +01:00
Vladimír Čunát
35a3cb94c6
Merge #269032 : GNOME: 44 -> 45
2023-11-21 20:49:59 +01:00
figsoda
87cc06983c
24.05 is Uakari
2023-11-21 14:34:30 -05:00
RTUnreal
648ffcecae
fix some errors
2023-11-21 20:29:43 +01:00
figsoda
dc7b3febf8
23.11 beta release
...
Signed-off-by: figsoda <figsoda@pm.me>
2023-11-21 14:04:49 -05:00
Zak B. Elep
69d54db300
nixos/tests/convos: drop journalctl test
2023-11-22 00:47:11 +08:00
ners
ed31e0235e
treewide: replace broken udev paths with systemd
2023-11-21 15:09:38 +01:00
Someone Serge
395b7cc35b
python311Packages.torch: choose magma at the expression level
...
...instead of at the callPackage site.
Addresses https://github.com/NixOS/nixpkgs/issues/268736
2023-11-21 13:35:05 +00:00
Jan Tojnar
f962d04ed3
nixos/rl-2311: Mention default application changes in GNOME 45
2023-11-21 09:21:55 +01:00
Jan Tojnar
b32a490b14
nixos/gnome: Do not install Photos
...
829b9aacc5
2023-11-21 09:21:55 +01:00
Bobby Rong
9b4a846409
nixos/xdg/portal: Fix link to portals.conf documentation
...
The original url is now 404.
Let's keep this link in sync with the one in doc/manpage-urls.json.
2023-11-21 08:42:55 +01:00
Bobby Rong
a1bf4b1b60
nixos/rl-2311: Mention XDG Portal changes
...
Co-authored-by: Jan Tojnar <jtojnar@gmail.com>
2023-11-21 08:42:49 +01:00
piegames
cec1751cbd
nixosTests.gnome-extensions: Init
2023-11-21 08:42:34 +01:00
piegames
27be325d39
nixosTests.gnome: Small cleanup
2023-11-21 08:42:33 +01:00
Bobby Rong
23e483408f
nixos/rl-2311: Mention GNOME 45
2023-11-21 08:42:21 +01:00
Bobby Rong
fd788f9d1a
nixos/wayland: Add xdg.portal.config or xdg.portal.configPackages
...
See the changes in x-d-p 1.17 for details.
2023-11-21 08:42:17 +01:00
Bobby Rong
39a1279b4d
nixos/desktop-managers: Add xdg.portal.config or xdg.portal.configPackages
...
See the changes in x-d-p 1.17 for details.
2023-11-21 08:42:17 +01:00
Bobby Rong
d7a8877d9d
nixos/xdg/portal: Add config and configPackages option
...
In x-d-p 1.17, when no configs are given, you apps will likely not
able to find a backend. Let users aware of the changes.
2023-11-21 08:42:10 +01:00
Bobby Rong
511d457142
nixos/gnome: Replace eog with loupe
...
ad3b4ca520
Acked-by: Jan Tojnar <jtojnar@gmail.com>
2023-11-21 08:41:54 +01:00
Bobby Rong
14fb201c7c
nixos/gnome: Replace cheese with snapshot
...
f2b0abe388
Acked-by: Jan Tojnar <jtojnar@gmail.com>
2023-11-21 08:41:50 +01:00
Bobby Rong
3bdcdae69d
gnome.gnome-initial-setup: 44.0 → 45.beta
...
https://gitlab.gnome.org/GNOME/gnome-initial-setup/-/compare/44.0...45.beta
Install dconf presets: 0c607f104e
Use tecla: 3dcb8709ba
Changelog-reviewed-by: Bobby Rong <rjl931189261@126.com>
Changelog-reviewed-by: Jan Tojnar <jtojnar@gmail.com>
2023-11-21 08:41:32 +01:00
John Chadwick
412543ddd8
nixos/libvirtd: add support for nss modules
2023-11-21 01:39:02 -05:00
Dmitry Kalinkin
a126a8545a
Merge pull request #268613 from xworld21/texlive-tldeps
...
texlive: fix dependency bug, add docs and release notes
2023-11-20 17:58:03 -05:00
Atemu
cfe0155154
Merge pull request #268324 from Janik-Haag/nixos-firewall-tool
...
nixos/firewall: install nixos-firewall-tool for iptables by default
2023-11-20 23:23:24 +01:00
Jonas Chevalier
c57a434386
maintainers: remove the numtide team ( #268684 )
...
It doesn't really make sense for us as team members are focused on
different things. At the end of the day it's the individuals that do the
work.
2023-11-20 22:27:26 +01:00
Ryan Lahfa
5d08323dda
Merge pull request #268717 from SuperSandro2000/patch-2
2023-11-20 19:05:01 +01:00
Nick Cao
90ef10b571
Merge pull request #253918 from tie/centrifugo
...
centrifugo: init at 5.1.1
2023-11-20 08:59:54 -05:00
Sandro
809f926017
nixos/postgresql: fix mentioned settings in ensurePermissions warnings
2023-11-20 14:42:57 +01:00
Vincenzo Mantova
5d6f4ec5f0
rl-2311: mention new texlive.withPackages and simpler custom TeX packages
2023-11-20 10:03:22 +00:00
Ivan Trubach
3be1aab86f
centrifugo: init at 5.1.1
2023-11-20 10:18:21 +03:00
Ivan Trubach
5c898bec57
nixos/redis: loosen systemd address family restrictions
...
Do not assume that port and unixSocket are the only options that affect
address families used by Redis. There are other options, e.g. tls-port,
and also clustered setup that are not covered by the declarative
configuration. Instead of trying to selectively restrict unused address
families based on the configuration, limit address families to IP and
Unix sockets and let users lib.mkForce a stricter sandboxing is needed.
See also
https://docs.redis.com/latest/rs/networking/port-configurations/
2023-11-20 07:11:34 +03:00
Mario Rodas
fa14a14694
Merge pull request #258036 from anthonyroussel/fix-ssm-seelog
...
nixos/amazon-ssm-agent: fix missing seelog.xml file
2023-11-19 18:55:57 -05:00
Mario Rodas
c93541b24e
Merge pull request #264910 from anthonyroussel/ocsinventory-agent+nixos
...
nixos/ocsinventory-agent: init
2023-11-19 18:55:06 -05:00
Emily
1f9a04da3f
Merge pull request #265465 from jpds/caddy-restart-on-failure
...
nixos/caddy: Set systemd unit to restart on-failure
2023-11-19 23:59:20 +01:00
Artturi
0bd183e065
Merge pull request #268110 from tyxieblub/squid-service
2023-11-19 23:32:10 +02:00
Robert Hensing
f3e9d7f84b
darwin.linux-builder: Disable installer tools
2023-11-19 21:33:58 +01:00
Robert Hensing
64b587e3e2
nixos/system.disableInstallerTools: Do define options without effect
...
These won't cause anything to appear in toplevel.
2023-11-19 21:21:16 +01:00
Robert Hensing
66b2913797
darwin.linux-builder: Disable evaluation
...
A remote builder does not need to evaluate anything, so let's trim
it down to (eventually) save some space, and make the purpose of
the builder clear.
Users should evaluate on the host instead.
2023-11-19 21:06:32 +01:00
Luna Nova
135690307d
input-remapper: 1.5.0 -> 2.0.1
...
Corrected data path replacement
Updated test for new UI
https://github.com/sezanzeb/input-remapper/releases/tag/2.0.0
https://github.com/sezanzeb/input-remapper/releases/tag/2.0.1
2023-11-19 11:02:46 -08:00
Artturi
b736459b60
Merge pull request #260089 from anthonyroussel/thanos_0_32_4
2023-11-19 18:37:48 +02:00
Ryan Lahfa
ff3b480354
Merge pull request #252117 from nalves599/252116-pixiecore-firewall
2023-11-19 16:16:54 +01:00
Ryan Lahfa
cbd983e1cd
Merge pull request #266151 from JulienMalka/append-secret-reproducible
2023-11-19 16:16:01 +01:00
Adrian Pistol
b30601bba2
nixos/chrony: Add missing rtcsync assertion.
...
Due to a lot of rebasing, I dropped my added assertion in #259405 . This is important.
2023-11-19 09:08:26 -06:00
Mario Rodas
d3deaacfb4
Merge pull request #263550 from anthonyroussel/updates/axis2
...
axis2: 1.7.9 -> 1.8.2, tomcat10: 10.0.27 -> 10.1.15, tomcat9: 9.0.75 -> 9.0.82
2023-11-19 09:39:19 -05:00
Paul Meyer
3e4e76e676
greetd: create cache dir for tuigreet
2023-11-19 14:09:48 +01:00
Otavio Salvador
cf7fa1145b
rio: 0.0.19 -> 0.0.27
...
Refs: #260413 .
Fixes : #257334 .
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
2023-11-18 22:24:10 -03:00
RTUnreal
20e9267cbb
factorio: add dynamic server-settings loading
2023-11-18 22:18:03 +01:00
Ryan Lahfa
66a09f19cd
Merge pull request #267640 from Madouura/pr/bcachefs
2023-11-18 21:39:57 +01:00
Artturi
8896579a83
Merge pull request #264521 from stephen-huan/mullvad-vpn-resolvconf
2023-11-18 21:47:51 +02:00
Will Fancher
b606ebb355
Merge pull request #266990 from ElvishJerricco/systemd-boot-boot-pass-flags-to-update
...
nixos/systemd-boot: pass EFI variable flags during update too
2023-11-18 12:34:10 -05:00
Patrick Steinhardt
a8617e2b0d
nixos/networkd: allow configuring AckFilter for CAKE qdisc
...
The CAKE section for systemd.network units allows configuring whether or
not redundant ACKs should be dropped. This option corresponds to the
respective tc-cake(8) params "ack-filter", "ack-filter-aggressive" or
"no-ack-filter".
Add support for these values in the `cakeConfig` module so that users
can configure it.
2023-11-19 03:40:51 +11:00
Janik H.
fa9cdc83ab
nixos/firewall: install nixos-firewall-tool for iptables by default
2023-11-18 17:08:30 +01:00
Madoura
05b651843e
rl-2311: Note bcachefs kernel deprecation changes
2023-11-18 09:58:59 -06:00
Madoura
c2450c4515
treewide: add bcachefsLinuxTesting and bcachefsLinuxTesting tests
...
nixos/tests/installer: add bcachefsLinuxTesting and bcachefsLinuxTesting tests
bcachefs-tools: add bcachefsLinuxTesting and bcachefsLinuxTesting tests
2023-11-18 09:58:56 -06:00
Madoura
890cf0a79c
nixos/bcachefs: soft-deprecate 'linuxPackages_testing_bcachefs'
...
'bcachefs' is included in the linux kernel since 6.7-rc1
2023-11-18 09:58:51 -06:00
Nick Cao
d936414252
Merge pull request #268132 from bendlas/forgejo-release-notes
...
nixos/forgejo/docs: fix typo
2023-11-18 09:39:29 -05:00
Madoura
0adbda28d3
nixos/bcachefs: remove 'with lib;'
2023-11-18 07:59:01 -06:00
Yang, Bo
6d69feb35e
google-compute-image: add the missing /boot filesystem
2023-11-18 13:37:42 +01:00
emilylange
b3e8dae766
nixos/forgejo: remove postgresql_15
permission work-around
...
This is no longer necessary as of
ccfe07c316
.
Previously: b8585a119c
.
2023-11-18 12:14:09 +01:00
Ivan Mincik
a08880000d
geoserver: add nixos test
2023-11-18 11:13:05 +01:00
Philip Taron
bc7a939ced
nixos/networkd: add [IPVLAN] and [IPVTAP] configuration options to systemd.netdev files
...
[IPVLAN](https://www.freedesktop.org/software/systemd/man/latest/systemd.netdev.html#%5BIPVLAN%5D%20Section%20Options )
[IPVTAP](https://www.freedesktop.org/software/systemd/man/latest/systemd.netdev.html#%5BIPVTAP%5D%20Section%20Options )
2023-11-18 08:43:21 +01:00
Philip Taron
7686f24675
nixos/networkd: add ipvtap kind to netdev and IPVTAP= to network
...
From `man systemd.netdev`: https://www.freedesktop.org/software/systemd/man/latest/systemd.netdev.html#Supported%20netdev%20kinds
From `man systemd.network`: https://www.freedesktop.org/software/systemd/man/latest/systemd.network.html#IPoIB=
2023-11-18 08:43:21 +01:00
Ryan Lahfa
d3530f494c
Merge pull request #264358 from RaitoBezarius/drop-nodejs
2023-11-17 23:26:13 +01:00
Felix Buehler
7f9abdcfcb
nixos/nextcloud: fix docu of packages
2023-11-17 23:16:23 +01:00
William McKinnon
869fb56797
nixos/syncthing: respect the dataDir option
...
The previous -home argument worked as such:
"Set common configuration and data directory. The default configuration directory is $HOME/.config/syncthing (Unix-like), $HOME/Library/Application Support/Syncthing (Mac) and %LOCALAPPDATA%\Syncthing (Windows)"
This resulted in syncthing not respecting different home and data dirs
declared in its config. The default behaviour will remain the same, as
we set the datadir default value to homeDir + .config/syncthing.
2023-11-17 22:58:46 +01:00
Julien Malka
4d968c70fb
Merge pull request #265365 from JulienMalka/systemd-boot-garbage-test
...
nixos/tests/systemd-boot: add garbage-collect-entry test
2023-11-17 22:34:30 +01:00
Julien Malka
cac11727b3
Merge pull request #227588 from camillemndn/jitsi-meet
...
nixos/jitsi-meet: updated prosody, support secure domain setup and Excalidraw whiteboards
2023-11-17 22:08:05 +01:00
Adam C. Stephens
4b8d7d814e
Merge pull request #265556 from adamcstephens/slimserver/fix
...
slimserver: fix broken package
2023-11-17 15:47:26 -05:00
Raito Bezarius
7d0e6984c6
rl-2311: explain how dependent packages were removed due to Node.js drop
2023-11-17 20:26:55 +01:00
Raito Bezarius
72911a99d3
code-server: drop
...
Depends on Node.js 16 and cannot be trivially upgraded to Node.js 18.
2023-11-17 20:26:55 +01:00
Raito Bezarius
022ee4d701
kibana7: drop
...
Depends on EOL software and no maintenance has been attempted to change this after a ping
(https://github.com/NixOS/nixpkgs/issues/259178 )
Feel free to adopt and re-introduce if you care about this software.
This will probably seriously hamper ELK usability in nixpkgs, but as it
receives no maintenance…
2023-11-17 20:26:55 +01:00
Ryan Lahfa
65481ecfef
Merge pull request #267985 from JulienMalka/absent-bootspec
2023-11-17 18:07:10 +01:00
Ryan Lahfa
ccfe07c316
Merge pull request #266270 from Ma27/postgresql-ownership-15
2023-11-17 18:02:17 +01:00
Herwig Hochleitner
8c441fc2a7
nixos/forgejo/docs: fix typo
2023-11-17 17:18:57 +01:00
Herwig Hochleitner
e7c7d97167
nixos/postgresql: document psql 15 changes ( #267238 )
...
* nixos/postgresql: document psql 15 changes
* nixos/postgresql: manual heading ids
* nixos/postgresql: reword warning against initialScript
Co-authored-by: Ryan Lahfa <masterancpp@gmail.com>
* nixos/postgresql: wording PERMISSIONS -> PRIVILEGES
Co-authored-by: Ryan Lahfa <masterancpp@gmail.com>
* nixos/postgresql: document intermediate oneshot / service user method
* nixos/postgresql/docs: clarify security benefits of `ensureDBOwnership`
* nixos/postgresql/docs: service type -> serviceConfig.Type
---------
Co-authored-by: Ryan Lahfa <masterancpp@gmail.com>
2023-11-17 16:06:01 +01:00
Raito Bezarius
82037ad0b8
rl-2311: inform about services.postgresql.ensurePermissions
deprecation
2023-11-17 15:57:19 +01:00
Herwig Hochleitner
20832d5995
nixos/forgejo: changelog and migration instructions ( #267248 )
...
* nixos/forgejo: changelog and migration instructions
* nixos/forgejo/docs: clarify sentence
Co-authored-by: Trolli Schmittlauch <schmittlauch@users.noreply.github.com>
* nixos/forgejo/docs: document migration via gitea impersonation
* nixos/forgejo/docs: note about url change on migration
* nixos/forgejo/docs: note about migration (non-)requirement
* nixos/forgejo/docs: header ids
* nixos/forgejo/docs: clarify release notes entry
Co-authored-by: Emily <git@emilylange.de>
* nixos/forgejo/docs: improve manual entry
Co-authored-by: Emily <git@emilylange.de>
* nixos/forgejo/docs: move changelog line to the middle of the section
as noted <!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->
---------
Co-authored-by: Trolli Schmittlauch <schmittlauch@users.noreply.github.com>
Co-authored-by: Emily <git@emilylange.de>
2023-11-17 15:55:24 +01:00
Raito Bezarius
10baca4935
nixos/invidious: do not use ensureDBOwnership
...
Invidious uses a strange setup where the database name is different from the system username
for non-explicit reasons.
Because of that, it makes it hard to migrate it to use `ensureDBOwnership`, we leave it to Invidious' maintainers
to pick up the pieces.
2023-11-17 15:53:08 +01:00
Raito Bezarius
f653734c4d
nixos/mobilizon: do not use ensureDBOwnership
...
Mobilizon can have a custom database username and it is not trivial to sort out how to remove this.
In the meantime, for the upcoming 23.11 release, I apply the classical workaround
and defer to Mobilizon's maintainers.
2023-11-17 15:52:51 +01:00
Raito Bezarius
7cd63bff21
nixos/sourcehut: do not use ensureDBOwnership
...
Given that SourceHut uses unfortunate defaults for database name, it will not
be realistic to fix this in time for 23.11.
We will leave the workaround and leave it to SourceHut maintainers to pick up the work
to clean this up after 23.11.
2023-11-17 15:52:51 +01:00
Raito Bezarius
73198870cd
nixos/tests/pgbouncer: do not use ensureDBOwnership
...
pgbouncer test is special in the sense where it actually tries
to connect via SCRAM SHA, let's avoid `ensureDBOwnership` here
otherwise for some reason pgbouncer will try to look in pg_shadow
for the authuser…
2023-11-17 15:52:51 +01:00
Julien Malka
81e378618e
nixos/systemd-boot: allow for bootspec-less generations
...
Generation built with old versions of NixOS with no bootspec
support may still be present on the system and must be
accounted for.
2023-11-17 14:39:04 +01:00
Adam Stephens
226b8a9f9a
nixos/tests/slimserver: add end to end with squeezelite
2023-11-17 08:18:34 -05:00
Adam Stephens
431b9f23ad
slimserver: add bin symlink and meta.mainProgram
2023-11-17 08:18:32 -05:00
Adam Stephens
aafccbad47
nixos/slimserver: init service test
2023-11-17 08:18:31 -05:00
joris
18f3c1fb55
services/squid: explicit usage of coreutils' kill on ExecReload
2023-11-17 13:55:21 +01:00
Martino Fontana
84e51c525d
nixos/plasma5: enable dconf by default
2023-11-17 11:48:00 +01:00
fortuneteller2k
d3c568b7bc
maintainers: fortuneteller2k -> moni
2023-11-17 18:03:27 +08:00
Artturi
28d9d26f5a
Merge pull request #264480 from paumr/archi_test_init
2023-11-17 04:19:37 +02:00
Ilan Joselevich
d7e7a2136e
Merge pull request #267761 from jpds/grafana-restart-on-failure
...
nixos/grafana: Set systemd unit to restart on failure
2023-11-17 00:59:25 +00:00
paumr
f561320b8e
nixos/tests/archi: init smoke tests for Archi
2023-11-17 01:09:08 +01:00
Weijia Wang
478409d4c6
alsa-utils: fix eval
2023-11-17 00:46:24 +01:00
Weijia Wang
5d0ea948f7
Merge pull request #267490 from onny/wordpress-update5
...
wordpress6_4: init at 6.4.1; wordpressPackages: update
2023-11-16 22:24:07 +01:00
Vladimír Čunát
a7a8f8253d
Merge #263535 : staging-next 2023-10-26
2023-11-16 22:06:22 +01:00
Matthias Beyer
da1923d134
Merge pull request #267931 from picnoir/pic/toot-0-38-2
...
toot: 0.38.1 -> 0.38.2
2023-11-16 21:20:06 +01:00
Elian Doran
0f35107810
trilium-{desktop,server}: 0.60.4 -> 0.61.14
2023-11-16 22:08:54 +02:00
Daniel Ziltener
beca814e27
Modify Pharo entry in rl-2311.section.md
2023-11-16 19:06:59 +00:00
github-actions[bot]
dba5c9ef4e
Merge master into staging-next
2023-11-16 18:01:17 +00:00
Pol Dellaiera
3acc2484cf
Merge pull request #267560 from anthonyroussel/bugfix/plantuml-server-nixos
...
nixos/plantuml-server: fix
2023-11-16 18:32:44 +01:00
Félix Baylac Jacqué
7e7d403939
nixosTests.pleroma: un-vendor toot
...
Upstream released 0.38.2. This new release contains the pleroma fix we
previously were getting from master.
We don't need this override anymore to get the test to succeed.
https://github.com/ihabunek/toot/issues/399#issuecomment-1814712723
2023-11-16 18:16:15 +01:00
talyz
4b0b3413b4
nixos/keycloak: Allow setting hostname-url
2023-11-16 16:12:07 +01:00
Kim Lindberger
9c4df4d618
Merge pull request #246992 from cransom/cransom-parsedmarc-smtp
...
nixos/parsedmarc: fix validation for smtp
2023-11-16 15:06:20 +01:00
github-actions[bot]
301fcc69ba
Merge master into staging-next
2023-11-16 12:01:02 +00:00
Sarah Brofeldt
54f00576aa
Merge pull request #265193 from 0z13/opensearch-module-link-plugins
...
nixos/opensearch: link plugins from opensearch package
2023-11-16 11:30:09 +01:00
Michele Guerini Rocco
f4b1ed666e
Merge pull request #245888 from rnhmjoj/pr-dnscrypt
...
nixos/tests/dnscrypt-wrapper: test TCP and run on port 443
2023-11-16 10:49:25 +01:00
Vladimír Čunát
0fe5300699
Merge branch 'master' into staging-next
2023-11-16 09:49:24 +01:00
Lin Jian
bf8a6ad72c
Merge pull request #265733 from nbdd0121/unbound
...
nixos/unbound: fix wrong syscall filter and tighten sandbox
2023-11-16 14:38:46 +08:00
Jonathan Davies
58cbf94b38
nixos/grafana: Set systemd unit to restart on failure
2023-11-15 23:20:59 +00:00
Adrian Pistol
7a1d45811e
nixos/chrony: Let Chrony control/track RTC drift
2023-11-15 15:09:22 -06:00
rnhmjoj
7f71262745
nixos/tests/dnscrypt-wrapper: test TCP and run on port 443
...
- Test both TCP and UDP queries (tinydns → bind)
- Test IPv6 by default
- Run DNSCrypt on port 443 along with HTTPS
2023-11-15 21:42:40 +01:00
Weijia Wang
1a85914512
Merge pull request #266528 from lucasbergman/unifi-jvmoptions
...
nixos/unifi: Add the ability to specify extra JVM options
2023-11-15 17:53:25 +01:00
Anthony Roussel
8c7c1e7a30
nixos/plantuml-server: remove deprecated allowPlantumlInclude option
...
See https://github.com/plantuml/plantuml-server/pull/301
2023-11-15 15:14:28 +01:00
Anthony Roussel
deae39af43
nixos/plantuml-server: use jetty_11
...
PlantUML Server does not support Jetty versions higher than 12.x.
Jetty 12.x has introduced major breaking changes, see
* https://github.com/jetty/jetty.project/releases/tag/jetty-12.0.0
* https://eclipse.dev/jetty/documentation/jetty-12/programming-guide/index.html#pg-migration-11-to-12
2023-11-15 15:14:28 +01:00
Anthony Roussel
2c94d267c2
nixos/plantuml-server: use mkPackageOptionMD
2023-11-15 15:12:58 +01:00
Anthony Roussel
3b17b80525
nixos/plantuml-server: add anthonyroussel to maintainers
2023-11-15 15:12:58 +01:00
Anthony Roussel
09e9d47508
nixos/plantuml-server: add hardening
2023-11-15 15:12:58 +01:00
Anthony Roussel
e3839eef71
nixos/plantuml-server: remove with lib;
notation
...
https://nix.dev/guides/best-practices#with-scopes
2023-11-15 15:12:58 +01:00
Anthony Roussel
2b455c1649
nixosTests.plantuml-server: init
2023-11-15 15:12:56 +01:00
Izorkin
63ed35dac4
nixos/mastodon: update elasticsearch configuration
2023-11-15 14:01:47 +01:00
github-actions[bot]
eba04b3485
Merge master into staging-next
2023-11-15 12:01:18 +00:00
Ryan Lahfa
75fbff2576
Merge pull request #263442 from JulienMalka/systemd-boot-bootspec
2023-11-15 08:40:19 +01:00
Vladimír Čunát
c46eae0f35
Merge branch 'master' into staging-next
2023-11-15 07:33:10 +01:00
Samuel Dionne-Riel
3d88cc85dd
Merge pull request #262595 from tpwrules/fix-extra-config-documentation
...
nixos/kernel: correct kernelPatches.extraConfig documentation
2023-11-14 22:40:04 -05:00
Ryan Lahfa
d983d6c863
Merge pull request #251950 from erictapen/mastodon
2023-11-15 01:46:50 +01:00
Mario Rodas
1d8fbb4459
Merge pull request #267535 from ajs124/ejabber-drop-maint
...
nixos/test/ejabberd: remove myself as maintainer
2023-11-14 18:35:18 -05:00
ajs124
bf93b0bd3f
nixos/test/ejabberd: remove myself as maintainer
2023-11-14 22:34:27 +01:00
zzywysm
3f4c802d26
initrd/autofs4: remove legacy references to autofs4 kernel module
...
Back in 2018, the kernel decided to remove the autofs4 module.
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2225d931f75ddd3c39f4d0d195fad99dfd68671
This caused immediate problems with systemd, so the kernel allowed autofs4 as a config option that would simply map back to autofs.
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d02d21ea007b6b33cdaf15c2f84fb1fea996ecc2
Earlier this year, in July 2023, the kernel got tired of people not adapting to the autofs change, and forced the issue by fixing it within the kernel defconfigs, which NixOS uses as a starting point for their own kernel configs.
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1f2190d6b7112d22d3f8dfeca16a2f6a2f51444e
This commit reflects the post-2018 reality by changing the remaining autofs4 references to autofs. Since this change initially happened in kernel 4.18 and we no longer support 4.x kernels, we don't need any backwards-compatibility tweaks.
2023-11-14 15:37:50 -05:00
Kerstin Humm
c82195d9e8
mastodon: 4.1.6 -> 4.2.1
...
- run streaming processes in separate systemd services
- remove redundancy in test
- fix update script
- release notes
See https://github.com/mastodon/mastodon/releases/tag/v4.2.1 for details
2023-11-14 21:13:46 +01:00
Kerstin Humm
0f535d40f9
nixos/mastodon: fix integration test
2023-11-14 21:13:45 +01:00
Julien Malka
372d07dc29
nixos/systemd-boot: conform backend to RFC-0125
...
Now the builder is using Bootspec documents.
2023-11-14 20:37:07 +01:00
Léo Gaspard
b1c25de57b
nixos/acme: do not eat Let's Encrypt's request limits if misconfigured on first try ( #266155 )
2023-11-14 20:29:50 +01:00
Yang, Bo
a9b36a5fb3
nixos/doc: release notes for waagent
provisioning
2023-11-14 19:47:27 +01:00
Yang, Bo
bff548fef1
waagent: enable provisioning
2023-11-14 19:47:27 +01:00
Nathan Henrie
6c69d3c9ca
nixos/navidrome: add openFirewall option
...
This adds an option to the navidrome module to open the configured TCP
port in the firewall.
2023-11-14 19:29:08 +01:00
github-actions[bot]
6cc772a6fa
Merge master into staging-next
2023-11-14 18:01:11 +00:00
Jonas Heinrich
0d6a668d40
nixos/wordpress: Add test for wordpress6_4
2023-11-14 18:34:57 +01:00
Pierre Bourdon
68367e66e1
Merge pull request #267037 from nbraud/nixos/sudo/assertion
...
nixos/sudo: Update `cfg.package` assertion
2023-11-14 17:26:08 +01:00
Félix Baylac Jacqué
f80b2b510d
nixosTests/pleroma: fix test
...
Two issues:
1. We need a subjectAltName on the TLS cert. Stolen from the akkoma
test. <3 illdefined
2. There's a bug in the current toot release wrt. date parsing. It's
been fixed upstream but it's not been released yet. Using the
current toot master for this VM test to work around this.
Note: I warned upstream we'd need a new toot release.
Fixes https://github.com/NixOS/nixpkgs/issues/264951
2023-11-14 16:45:54 +01:00
Jonathan Zielinski
aca76b750d
nixos/opensearch: link plugins from opensearch package
...
disable security module by default, it crashes unit expecting
certificates.
2023-11-14 14:00:30 +01:00
nicoo
d5a8e667d2
nixos/sudo: Update assertion message
2023-11-14 12:25:55 +00:00
Martin Weinelt
3c336a1647
Merge remote-tracking branch 'origin/master' into staging-next
...
Conflicts:
- pkgs/development/libraries/gdcm/default.nix
2023-11-14 13:16:34 +01:00
Tomas Antonio Lopez
5476b490d4
nixos/sourcehut: compile and integrate paste.sr.ht API component
2023-11-14 11:12:14 +01:00
Niklas Hambüchen
f9c7c12de6
Merge pull request #266702 from nh2/plausible-listen-address-no-distributed-erlang
...
plausible, nixos/plausible: Add `listenAddress` option
2023-11-14 10:52:21 +01:00
Niklas Hambüchen
fc3f56f2fe
release notes: Mention removal of services.plausible.releaseCookiePath
2023-11-14 10:51:16 +01:00
Niklas Hambüchen
65a471717c
plausible, nixos/plausible: Add listenAddress
option.
...
This changes
* the plausible HTTP web server
to be listening on localhost only, explicitly.
This makes Plausible have an explicit safe default configuration,
like all other networked services in NixOS.
For background discussion, see: https://github.com/NixOS/nixpkgs/issues/130244
As per my upstream Plausible contribution
(https://github.com/plausible/analytics/pull/1190 )
Plausible >= 1.5 also defaults to listening to localhost only;
nevertheless, this default should be stated explicitly in nixpkgs
for easier review and independence from upstream changes, and
a NixOS user must be able to configure the
`listenAddress`, as there are valid use cases for that.
Also, disable
* the Erlang Beam VM inter-node RPC port
* the Erlang EPMD port
because Plausible does not use them (see added comment).
This is done by setting `RELEASE_DISTRIBUTION=none`.
Thus, this commit also removes the NixOS setting `releaseCookiePath`,
because it now has no effect.
2023-11-14 10:51:16 +01:00
Jörg Thalheim
54fd866569
nixos/harmonia: set extra-allowed-users
...
This fixes the case where users enable harmonia but also have allowed-users set.
Having extra-allowed-users is a no-op when nix.settings.allowed-users is set to "*" (the default)
2023-11-14 10:37:39 +01:00