Sascha Grunert
35f7a3347c
kubernetes: fix certificate generation
...
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
2020-09-10 13:07:32 +02:00
Izorkin
535896671b
nixos/nginx: remove option enableSandbox
2020-09-10 08:19:20 +03:00
Ryan Mulligan
531c08a1d9
nixos/jitsi-meet: add docs
2020-09-09 22:18:20 -07:00
ajs124
c97fcc3fe0
Merge pull request #97438 from pbogdan/openvpn-path
...
nixos/openvpn: path now requires conversion to a string
2020-09-09 23:59:01 +02:00
Kevin Cox
57b9d5c144
chrony: Create state directory with correct owner.
...
Fixes https://github.com/NixOS/nixpkgs/issues/97546
2020-09-09 15:48:48 -04:00
Thomas Tuegel
959c0bf468
Merge pull request #97456 from ttuegel/master--plasma5-no-qt-5.15
...
Remove Qt 5.15 from the Plasma 5 closure
2020-09-09 05:14:21 -05:00
Axel Forsman
b6139e58e3
nixos/picom: add experimentalBackends option
...
This option is only available as a command-line flag and not from the
config file, that is `services.picom.settings`. Therefore it is more
important that it gets its own option.
One reason one might need this set is that blur methods other than
kernel do not work with the old backends, see yshui/picom#464 .
For reference, the home-manager picom module exposes this option too.
2020-09-09 11:30:48 +02:00
WORLDofPEACE
e044909aba
Merge pull request #93764 from evenbrenden/xdg-session-id-user-units
...
nixos/displayManager: add XDG_SESSION_ID to systemd user environment
2020-09-08 21:29:24 -04:00
Peter Hoeg
42eebd7ade
Merge pull request #96844 from peterhoeg/m/nfs
...
nixos/nfsd: run rpc-statd as a normal user
2020-09-09 09:10:46 +08:00
Lassulus
dd966067ae
Merge pull request #97381 from xaverdh/xmonad-configurable
...
nixos/xmonad: give users some build and runtime control
2020-09-08 20:57:17 +02:00
Maximilian Bosch
40f7a4ecec
Merge pull request #97371 from WilliButz/bitwarden_rs/environment-file
...
nixos/bitwarden_rs: add environmentFile option
2020-09-08 20:25:28 +02:00
Maciej Krüger
8c4dd13e3f
nixos/cinnamon: add warpinator & blueberry pkgs
2020-09-08 17:09:12 +02:00
Peter Hoeg
5882e3072a
Merge pull request #97325 from peterhoeg/m/mailhog
...
nixos/mailhog: run with DynamicUser
2020-09-08 22:55:47 +08:00
Thomas Tuegel
053b05d14d
Remove Qt 5.15 from Plasma closure
2020-09-08 08:47:34 -05:00
Piotr Bogdan
cb141359bf
nixos/openvpn: path now requires conversion to a string
...
Following changes in https://github.com/NixOS/nixpkgs/pull/91092 the `path` attribute is now a list
instead of being a string. This resulted resulted in the following evaluation error:
"cannot coerce a list to a string, at [...]/nixos/modules/services/networking/openvpn.nix:16:18"
so we now need to convert it to the right type ourselves.
Closes https://github.com/NixOS/nixpkgs/issues/97360 .
2020-09-08 11:09:04 +01:00
Oleksii Filonenko
45d7f59da8
Merge pull request #97217 from sephii/nixos-caddy-v2-migration
2020-09-08 11:17:55 +03:00
Linus Heckemann
ef4e81d756
Merge pull request #96830 from mayflower/unifi-poller
...
unifi-poller: add service and prometheus-exporter
2020-09-08 09:53:07 +02:00
Sylvain Fankhauser
b8bfe941fa
caddy: address remaining MR comments for v2
2020-09-08 09:29:04 +02:00
Richard Marko
f54612264e
nixos/jack,pulseaudio: fix pulse connection to jackd service
...
This fixes the case when Jack Audio Daemon is running
as a service via `services.jack.jackd` and Pulseaudio
running as a *user* service.
Two issues prevented connecting `pulse` with `jackd`:
* Missing `JACK_PROMISCUOUS_SERVER` environment variable for `pulse` user service,
resulting in `pulse` trying to access `jackd` as if it was running as part of
the users session.
* `jackd` not being able to access socket created by `pulse` due to socket
created using user ID and `users` group. Change allows `jackd` to access
the socket created by `pulse` correctly.
`pulse` now also autoloads `module-jack-sink` and `module-jack-source`
if `services.jack.jackd.enable` is set.
The default `pulse` package is now set to `pulseaudioFull` automatically
if `services.jack.jackd.enable` is set.
2020-09-08 08:44:20 +02:00
Thomas Tuegel
0b3cc29f09
Merge pull request #97242 from ttuegel/qt-5.15
...
Qt 5.15.0
2020-09-07 20:18:57 -05:00
Maciej Krüger
04ea3a0ff6
nixos/cinnamon: init
...
Co-Authored-By: WORLDofPEACE <worldofpeace@protonmail.ch>
2020-09-08 01:44:09 +02:00
Dominik Xaver Hörl
10ecd1f45b
nixos/xmonad: allow passing compile time options to ghc invocation
2020-09-07 20:16:25 +02:00
Dominik Xaver Hörl
15d87cb81c
nixos/xmonad: allow passing command line arguments
2020-09-07 19:25:45 +02:00
WilliButz
76362dd7eb
nixos/bitwarden_rs: add environmentFile option
...
Add the option `environmentFile` to allow passing secrets to the service
without adding them to the Nix store, while keeping the current
configuration via the existing environment file intact.
2020-09-07 17:39:53 +02:00
Evan Stoll
a31736120c
nixos/lorri: add package option
2020-09-07 15:46:15 +02:00
Thomas Tuegel
20bfb27eaf
nixos/plasma5: Use Qt 5.14
2020-09-07 08:06:33 -05:00
Peter Hoeg
d6264419f5
nixos/nfsd: run rpc-statd as a normal user
2020-09-07 18:04:03 +08:00
Peter Hoeg
9123308be5
nixos/mailhog: run with DynamicUser
2020-09-07 17:56:53 +08:00
WilliButz
5d51096839
nixos/prometheus-exporters: fix default firewall filter
...
Instead of always using the default port of one exporter for its default
firewall filter, the port from the current service configuration is used.
2020-09-07 10:28:36 +02:00
Oleksii Filonenko
6322325a53
caddy: 1.0.5 -> 2.0.0
...
Rename legacy v1 to `caddy1`
2020-09-07 09:39:16 +02:00
Maximilian Bosch
cac5339531
nixos/doc/borgbackup: correct install instructions for vorta
...
No need to fiddle around with `flatpack` to get `vorta`, a graphical
desktop-client for `borgbackup` running as it's available in `nixpkgs`.
2020-09-06 22:44:37 +02:00
Silvan Mosberger
f822080b05
Merge pull request #68887 from teto/ssh_banner
...
services.openssh: add banner item
2020-09-06 22:15:25 +02:00
Matthieu Coudron
1835fc455b
services.openssh: add banner
...
Add the possibility to setup a banner.
Co-authored-by: Silvan Mosberger <github@infinisil.com>
2020-09-06 21:32:20 +02:00
Florian Klink
d7046947e5
Merge pull request #91121 from m1cr0man/master
...
Restructure acme module
2020-09-06 18:26:22 +02:00
elseym
aaf0002f68
prometheus-unifi-poller-exporter: init module
2020-09-06 17:48:19 +02:00
elseym
b381aacbba
nixos/unifi-poller: init unifi-poller service
2020-09-06 17:47:52 +02:00
Peter Hoeg
6e22c6ea6a
Merge pull request #96769 from peterhoeg/m/phpfpm
...
nixos/phpfpm: always restart service on failure
2020-09-06 21:41:38 +08:00
Florian Klink
569fdb2c35
Merge pull request #93424 from helsinki-systems/feat/gitlab-mailroom
...
nixos/gitlab: Support incoming mail
2020-09-06 15:34:02 +02:00
Julien Moutinho
fb6d63f3fd
apparmor: fix and improve the service
2020-09-06 07:43:03 +02:00
Peter Hoeg
5483b1e216
Merge pull request #97123 from peterhoeg/m/fscache
...
nixos/cachefilesd: don't set up manually
2020-09-06 10:23:32 +08:00
Evan Stoll
854a229ae5
nixos/terraria: allow dataDir to be configured ( #89033 )
...
* nixos/terraria: allow dataDir to be configured
add dataDir option to terraria module
* Update nixos/modules/services/games/terraria.nix
Co-authored-by: WORLDofPEACE <worldofpeace@protonmail.ch>
Co-authored-by: WORLDofPEACE <worldofpeace@protonmail.ch>
2020-09-05 16:37:52 -04:00
Lassulus
964606d40f
Merge pull request #96659 from doronbehar/module/syncthing
...
nixos/syncthing: add ignoreDelete folder option
2020-09-05 22:05:04 +02:00
Even Brenden
660882d883
nixos/displayManager: add XDG_SESSION_ID to systemd user environment
...
xss-lock needs XDG_SESSION_ID to respond to loginctl lock-session(s)
(and possibly other session operations such as idle hint management).
This change adds XDG_SESSION_ID to the list of imported environment
variables when starting systemctl.
Inspired by home-manager, add importVariables configuration.
Set session to XDG_SESSION_ID when running xss-lock as a service.
Co-authored-by: misuzu <bakalolka@gmail.com>
2020-09-05 20:36:18 +02:00
Oleksii Filonenko
d71cadacd9
nixos/caddy: use v2 by default
2020-09-05 14:09:17 +02:00
Oleksii Filonenko
8cc592abfa
nixos/caddy: add support for v2
2020-09-05 14:09:16 +02:00
Peter Hoeg
6ef2152b5d
nixos/cachefilesd: don't set up manually
...
Use our available infrastructure instead of manually handling setup.
2020-09-04 16:11:55 +08:00
Philipp Bartsch
47928442a8
nixos/opendkim: add keyPath to ReadWritePaths
2020-09-03 17:54:16 +02:00
Philipp Bartsch
118f341723
nixos/opendkim: add systemd service sandbox
2020-09-03 17:54:15 +02:00
Lucas Savva
61dbf4bf89
nixos/acme: Add proper nginx/httpd config reload checks
...
Testing of certs failed randomly when the web server was still
returning old certs even after the reload was "complete". This was
because the reload commands send process signals and do not wait
for the worker processes to restart. This commit adds log watchers
which wait for the worker processes to be restarted.
2020-09-02 19:25:30 +01:00
Lucas Savva
982c5a1f0e
nixos/acme: Restructure module
...
- Use an acme user and group, allow group override only
- Use hashes to determine when certs actually need to regenerate
- Avoid running lego more than necessary
- Harden permissions
- Support "systemctl clean" for cert regeneration
- Support reuse of keys between some configuration changes
- Permissions fix services solves for previously root owned certs
- Add a note about multiple account creation and emails
- Migrate extraDomains to a list
- Deprecate user option
- Use minica for self-signed certs
- Rewrite all tests
I thought of a few more cases where things may go wrong,
and added tests to cover them. In particular, the web server
reload services were depending on the target - which stays alive,
meaning that the renewal timer wouldn't be triggering a reload
and old certs would stay on the web servers.
I encountered some problems ensuring that the reload took place
without accidently triggering it as part of the test. The sync
commands I added ended up being essential and I'm not sure why,
it seems like either node.succeed ends too early or there's an
oddity of the vm's filesystem I'm not aware of.
- Fix duplicate systemd rules on reload services
Since useACMEHost is not unique to every vhost, if one cert
was reused many times it would create duplicate entries in
${server}-config-reload.service for wants, before and
ConditionPathExists
2020-09-02 19:22:43 +01:00
Félix Baylac-Jacqué
09c383c17a
Merge pull request #94917 from ju1m/biboumi
...
nixos/biboumi: init
2020-09-02 17:43:27 +02:00
WORLDofPEACE
18348c7829
Merge pull request #96042 from rnhmjoj/loaOf
...
treewide: completely remove types.loaOf
2020-09-02 08:45:37 -04:00
Julien Moutinho
f333296776
nixos/biboumi: init
2020-09-02 08:31:53 +02:00
John Ericson
1965a241fc
Merge pull request #61019 from volth/gcc.arch-amd
...
platform.gcc.arch: support for AMD CPUs
2020-09-01 22:31:16 -04:00
rnhmjoj
bc62423a87
nixos/doc: convert loaOf options refs to attrsOf
2020-09-02 00:42:51 +02:00
rnhmjoj
20d491a317
treewide: completely remove types.loaOf
2020-09-02 00:42:50 +02:00
Aaron Andersen
c51e7b7874
nixos/beanstalkd: add openFirewall option
2020-09-01 10:07:28 -04:00
Janne Heß
d85f50b71f
nixos/gitlab: Support pages
...
Fixes #84525
2020-09-01 12:08:36 +02:00
Lassulus
a081e99e41
Merge pull request #83780 from hax404/robustirc-bridge
...
robustirc-bridge: init at 1.8
2020-08-31 18:14:45 +02:00
Frederik Rietdijk
303e0bca3b
Merge pull request #96610 from romildo/rm.deepin
...
deepin: remove from nixpkgs
2020-08-31 17:58:11 +02:00
Peter Hoeg
07408cac94
nixos/phpfpm: always restart service on failure
2020-08-31 21:19:54 +08:00
Silvan Mosberger
6716867eb3
Merge pull request #96686 from nixy/add/tor-package-option
...
tor: Add option to tor service for package
2020-08-30 23:02:37 +02:00
Andrew R. M
168a9c8d38
Add option to tor service for package
2020-08-30 14:35:36 -04:00
José Romildo Malaquias
b768afb2e9
deepin: remove from nixpkgs
...
The Deepin Desktop Environment (DDE) is not yet fully packaged in
nixpkgs and it has shown a very difficult task to complete, as
discussed in https://github.com/NixOS/nixpkgs/issues/94870 . The
conclusion is that it is better to completely remove it.
2020-08-30 15:27:42 -03:00
Georg Haas
9376dd8516
nixos/modules/robustirc-bridge: init
2020-08-30 18:34:22 +02:00
Doron Behar
8cd4d59a32
nixos/samba: remove upstream deprecated syncPasswordsByPam option
2020-08-30 14:29:13 +03:00
Doron Behar
5789ffc509
nixos/syncthing: add ignoreDelete folder option
2020-08-30 10:55:03 +03:00
Matthew Bauer
fc726e3494
Revert "nixos/nix-daemon.nix: assert distributedBuilds and buildMachines!=[]"
...
This reverts commit 67b6e56391
.
This reverts commit 250885d0ca
.
Causes issues for some configs, see 67b6e56391
2020-08-29 22:39:24 -05:00
Lassulus
a55bb108fc
Merge pull request #85328 from langston-barrett/lb/restart-dispatcher
...
nixos/networkmanager: restart dispatcher when nameservers change
2020-08-29 16:24:28 +02:00
Aaron Andersen
af25b37814
Merge pull request #96316 from aanderse/redmine
...
nixos/redmine: replace extraConfig option with settings option
2020-08-29 09:13:13 -04:00
Aaron Andersen
bcdcd5d9fc
Merge pull request #95880 from aanderse/postgresql-settings
...
nixos/postgresql: replace extraConfig option with settings option
2020-08-29 09:12:54 -04:00
Robert Hensing
4841b30784
Merge pull request #94804 from hercules-ci/init-nixos-hercules-ci-agent
...
nixos/hercules-ci-agent: init
2020-08-29 10:20:14 +02:00
Symphorien Gibol
7200fde2d5
nixos/dovecot: configure mailboxes for all processes
...
Notably fts plugins need them for fts_autoindex_exclude = \SomeFlag
2020-08-28 22:24:04 +02:00
Nick Hackman
626bd1f111
Fix typo in services/editors/emacs documentation
...
In section `sec-modify-via-packageOverrides`: is -> if
2020-08-27 16:58:52 -04:00
Matthew Bauer
3814422afa
Merge pull request #96218 from matthewbauer/cage-supply-pam-environment
...
nixos/cage: supply pamEnvironment
2020-08-27 10:15:29 -05:00
Matthew Bauer
fe8d0c2e0b
nixos/cage: supply pamEnvironment
...
Without this, you don’t get any of the sessionVariables in the cage
application. Things like XDG_DATA_DIRS, XCURSOR_PATH, etc. are
missing.
2020-08-27 10:11:45 -05:00
Lassulus
c265ca02ca
Merge pull request #85963 from seqizz/g_physlock_message
...
physlock: add optional lock message
2020-08-27 10:18:34 +02:00
Aaron Andersen
2a44265608
nixos/postgresql: replace extraConfig option with settings option
2020-08-26 17:06:48 -04:00
Lassulus
e453860b8f
Merge pull request #86236 from ThibautMarty/fix-nullOr-types
...
treewide: fix modules options types where the default is null
2020-08-26 18:21:29 +02:00
Lassulus
12baef56e4
Merge pull request #96127 from hmenke/shadowsocks
...
shadowsocks service: support plugins
2020-08-26 16:49:55 +02:00
Aaron Andersen
a7c69047df
nixos/redmine: remove database.password option
2020-08-26 07:08:07 -04:00
Aaron Andersen
6cf743e52d
nixos/redmine: allow user to override contents of additional_environment.rb
2020-08-26 07:08:07 -04:00
Aaron Andersen
dee97b8b44
nixos/redmine: replace extraConfig option with settings option
2020-08-26 07:08:07 -04:00
Henri Menke
d35cb15153
nixos/shadowsocks: support plugins
2020-08-26 14:01:41 +12:00
Lassulus
e357d0ec8c
Merge pull request #95678 from helsinki-systems/upd/sogo
...
sogo: 4.3.2 -> 5.0.0
2020-08-26 00:04:36 +02:00
Herwig Hochleitner
49dba2c4ad
Merge pull request #96263 from bendlas/warn-wpa-supplicant-config
...
nixos: wpa_supplicant: warn on unused config
2020-08-25 23:34:18 +02:00
Anderson Torres
fffabfaefd
Merge pull request #96179 from bbigras/sssd
...
nixos/sssd: fix the module
2020-08-25 16:59:11 -03:00
Jonathan Ringer
7e07d142e7
nixos/octoprint: improve example
2020-08-25 09:13:13 -07:00
Augustin Borsu
19a7012769
jupyterhub: fix authenticator configuration
...
authentication_class is invalid, it should be authenticator_class cfr [project doc|https://tljh.jupyter.org/en/latest/topic/authenticator-configuration.html ]
2020-08-25 13:50:18 +02:00
Herwig Hochleitner
8e3da733b1
nixos: wpa_supplicant: warn on unused config
2020-08-25 12:29:58 +02:00
Sebastien Bariteau
db2de55cbe
nixos/espanso: init module ( #93483 )
...
nixos/espanso: init module
2020-08-24 20:37:33 -04:00
Bruno Bigras
5d36e00b7d
nixos/sssd: fix the module
...
'system.nssModules' was not set correctly
fix #91242
2020-08-24 10:10:47 -04:00
Robert Hensing
346a1b0ec6
nixos/hercules-ci-agent: init
2020-08-23 20:13:15 +02:00
Lassulus
bfd706923e
Merge pull request #87700 from serokell/mkaito/upstream/prometheus-port
...
prometheus: Split options listenAddress and port
2020-08-23 09:29:01 +02:00
Lassulus
4165f9869e
Merge pull request #91586 from manveru/amazon-ssm-agent-2.3.1319.0
...
ssm-agent: 2.0.633.0 -> 2.3.1319.0
2020-08-23 08:48:16 +02:00
Justin Humm
6a7b11055c
Merge pull request #93532 from erictapen/gollum-h1-title
...
nixos/gollum: introduce --h1-title option
2020-08-22 22:45:43 +02:00
Lassulus
2fb9ee9caa
Merge pull request #87553 from JoeDupuis/enhancing-monit-module
...
nixos/monit: Allow splitting the config in multiple files
2020-08-22 19:21:55 +02:00
Silvan Mosberger
af1ac757ff
Merge pull request #95986 from turboMaCk/imwheel-service
...
nixos/services.imwheel: sleep 3s before restarting
2020-08-22 16:51:48 +02:00
Silvan Mosberger
f8e6745ad3
Merge pull request #82817 from pacien/smartd-fix-hostname-notifications
...
smartmontools: fix missing hostname in notifications
2020-08-22 16:09:14 +02:00
Marek Fajkus
dcaa2d2c74
nixos/services.imwheel: sleep 3s before restarting
2020-08-22 14:52:18 +02:00
Lassulus
d8e671676d
Merge pull request #89785 from buckley310/logstash
...
logstash: fix support for multiple plugin paths
2020-08-22 14:07:20 +02:00
Atemu
eb4e67505f
undervolt: expose power limits as Nixopts
...
We no longer escape the flags because the power limit flags want two arguments
If we escaped them, we'd only get one argument with an escaped space in it.
Undervolt's flags don't have anything in them that would need to be escaped, so
that shouldn't break anything
2020-08-22 12:27:13 +02:00
Lassulus
82b424453b
Merge pull request #86632 from Atemu/undervolt-timer-optional
...
Undervolt: Make timer optional
2020-08-22 11:48:30 +02:00
Atemu
ed83bac1d9
undervolt: make timer opt-in
...
It should no longer be needed but is worth keeping around in case it is
2020-08-22 10:42:20 +02:00
Atemu
e6f0a1e7eb
undervolt: apply undervolt on boot and resume
...
The undervolt did not persist reboots or sleep/hibernation. With this
change you should no longer have to apply the undervolt on a timer
2020-08-22 10:42:19 +02:00
Silvan Mosberger
1b8a94db67
nixos/logrotate: Fix option reference
...
Fixes the manual build
2020-08-22 01:38:38 +02:00
Aaron Andersen
4df837063f
Merge pull request #95809 from aanderse/logrotate
...
nixos/logrotate: switch `paths` option type from listOf to attrsOf
2020-08-21 17:31:52 -04:00
Aaron Andersen
91db1c8aec
Merge pull request #87712 from aanderse/zabbix
...
zabbix: 4.4.8 -> 5.0.2
2020-08-21 17:11:55 -04:00
Aaron Andersen
06d17caf92
nixos/httpd: configure log rotation
2020-08-21 17:04:07 -04:00
Aaron Andersen
00f08005af
nixos/logrotate: switch paths
option type from listOf to attrsOf
2020-08-21 17:04:04 -04:00
Silvan Mosberger
bf777413f9
Merge pull request #95722 from Infinisil/dovecot-mailboxes-improved
...
nixos/dovecot: Improve mailboxes type
2020-08-21 22:40:50 +02:00
Jörg Thalheim
6f4141507b
meguca: remove ( #95920 )
2020-08-21 13:00:40 -07:00
Jörg Thalheim
b6e2e4c777
Merge pull request #93425 from helsinki-systems/feat/gitlab-shell-config
2020-08-21 19:20:42 +01:00
Janne Heß
ae1dada42f
nixos/gitlab: Support incoming mail
...
When incoming mails are enabled, an extra service is needed.
Closes #36125 .
2020-08-21 18:56:20 +02:00
Lassulus
ebf11e405d
Merge pull request #95122 from rudolph9/nixos/xmonad
...
nixos/xmonad: Fix behavior of config opt
2020-08-21 08:51:42 +02:00
adisbladis
7d6e7b3cd3
Merge pull request #95878 from adisbladis/emacs-26
...
emacs: Fix emacs26 attribute(s)
2020-08-21 01:26:44 +02:00
Aaron Andersen
b87b6abd17
Merge pull request #95294 from aanderse/postgresql-rootless
...
nixos/postgresql: run ExecStartPost as an unprivileged user
2020-08-20 19:16:23 -04:00
adisbladis
d1fdc67c53
nixos/editors: Remove any explicit mention of Emacs 25
2020-08-21 00:34:15 +02:00
Aaron Andersen
fd250d57bb
Merge pull request #79123 from aanderse/apachectl
...
nixos/httpd: remove impurity from /etc
2020-08-19 20:56:51 -04:00
Anderson Torres
e7139f46cd
Merge pull request #93654 from Church-/jellyfin_10.6.0
...
jellyfin 10.5.5 -> 10.6.0
2020-08-19 10:21:16 -03:00
Aaron Andersen
f6a3403055
nixos/zabbix: use proper character set and collation for mysql database
2020-08-18 10:30:27 -04:00
Silvan Mosberger
fc121e2813
nixos/dovecot: Improve mailboxes type
...
The previous use of types.either disallowed assigning a list at one
point and an attrset an another.
2020-08-18 14:25:51 +02:00
Frederik Rietdijk
fe7bab33d7
Merge pull request #95553 from zowoq/rename-maintainers
...
maintainers: prefix number with underscore
2020-08-18 11:30:24 +02:00
Silvan Mosberger
7db9fd1dbc
Merge pull request #81467 from dawidsowa/rss-bridge
...
rss-bridge: init at 2020-02-26
2020-08-18 05:00:41 +02:00
zowoq
0052523a18
maintainers: 1000101 -> _1000101
2020-08-18 07:59:48 +10:00
zowoq
7d9c49f8e6
maintainers: 0x4A6F -> _0x4A6F
2020-08-18 07:59:44 +10:00
Jörg Thalheim
8b18e07c40
Merge pull request #95522 from doronbehar/fix/transmission
...
nixos/transmission: handle watch-dir
2020-08-17 19:54:48 +01:00
Jörg Thalheim
914d37cbc9
Merge pull request #95686 from ju1m/transmission-fix
...
transmission: fix BindReadOnlyPaths=
2020-08-17 19:52:27 +01:00
Julien Moutinho
f6c3d4f723
transmission: fix BindReadOnlyPaths=
2020-08-17 14:09:12 +02:00
Martin Weinelt
a153452e54
Merge pull request #95508 from Ma27/nextcloud-nginx
...
nixos/nextcloud: update nginx config
2020-08-17 13:46:47 +02:00
ajs124
696357c376
sogo: remove SOGoZipPath
...
sogo links against libzip now
2020-08-17 12:15:16 +02:00
pacien
ea37c9caa1
smartmontools: use standard subject in notification emails
...
This makes the notification script use the subject generated by smartmontools
itself both for consistency with other distros and to include the hostname.
2020-08-16 20:48:42 +02:00
pacien
f1922cdbdc
smartmontools: fix missing hostname in notifications
...
This properly registers some missing dependencies of smartd_warning.sh.
2020-08-16 20:48:03 +02:00
Florian Klink
bda86eee87
Merge pull request #95222 from eadwu/kresd/runtime-fixes
...
kresd: runtime fixes
2020-08-16 18:44:27 +02:00
Florian Klink
16fc531784
Merge pull request #95505 from flokli/remove-mathics
...
mathics: remove package, module and test
2020-08-16 18:42:10 +02:00
Edmund Wu
68366adf3c
nixos/kresd: ensure /run/knot-resolver exists
2020-08-16 12:20:10 -04:00
Edmund Wu
6c67af2fac
nixos/kresd: ensure /var/lib/knot-resolver exists
2020-08-16 12:20:03 -04:00
Edmund Wu
1a6240bde4
nixos/kresd: fix CacheDirectory permissions as per tmpfiles
2020-08-16 12:18:32 -04:00
Edmund Wu
ed89d043dc
nixos/kresd: remove derivation from systemd.tmpfiles
...
Using per-unit directives as per https://github.com/NixOS/nixpkgs/pull/95222#issuecomment-674512571
2020-08-16 12:17:14 -04:00
Maximilian Bosch
e8bdadb864
Merge pull request #95109 from Ma27/nextcloud-reverse-proxy
...
nixos/nextcloud: add documentation for alternative reverse-proxies
2020-08-16 18:09:45 +02:00
Noah Hendrickson
ce9f0c42f9
nixos/jellyfin: added a package option to the options section, defaults to using the default jellyfin package if nixos version is 20.09 or greater, otherwise will default to using the new jellyfin_10_5 derivation for older systems.
2020-08-16 11:41:41 -04:00
Doron Behar
ccee8dc09f
nixos/mpd: Allow to configure a credentialsFile
...
Allow to specify a password file to be located outside the store, and be
read in `ExecStartPre`.
2020-08-16 18:03:47 +03:00
Florian Klink
b2f3bbd3fb
Merge pull request #95507 from flokli/remove-mesos
...
mesos: remove package, module and test (and chronos/marathon which depends on it)
2020-08-16 14:46:24 +02:00
Jörg Thalheim
aeffd67cec
Merge pull request #95493 from Izorkin/nginx-unit
2020-08-16 13:20:31 +01:00
paumr
d420369354
nixos/emacs: formatted with nixpkgs-fmt
2020-08-16 10:22:56 +00:00
Doron Behar
22abe3202f
nixos/transmission: handle watch-dir as incomplete-dir
...
`watch-dir` was neglected after #92106 - this change makes using this
setting work.
2020-08-16 12:43:02 +03:00
Aaron Andersen
8e045b42fd
nixos/postgresql: move ExecStartPost into postStart
2020-08-15 16:59:53 -04:00
Aaron Andersen
ec82ae3c39
nixos/postgresql: run ExecStartPost as an unprivileged user
2020-08-15 16:59:49 -04:00
Florian Klink
01684d6e9b
nixos/mathics: remove module
2020-08-15 20:16:13 +02:00
Florian Klink
b7be00ad5e
Merge pull request #93358 from helsinki-systems/fix/gitlab-customrb
...
nixos/gitlab: Fix extra-gitlab.rb
2020-08-15 20:13:28 +02:00
Maximilian Bosch
42f6244899
nixos/nextcloud: update nginx config
...
This patch ensures that latest Nextcloud works flawlessly again on our
`nginx`. The new config is mostly based on upstream recommendations
(again)[1]:
* Trying to access internals now results in a 404.
* All `.php`-routes get properly resolved now.
* Removed 404/403 handling from `nginx` as the app itself takes care of
this. Also, this breaks the `/ocs`-API.
* `.woff2?`-files expire later than other assets like images.
Closes #95293
[1] https://docs.nextcloud.com/server/latest/admin_manual/installation/nginx.html
2020-08-15 17:12:11 +02:00
Florian Klink
645ea787c9
nixos/marathon: remove module
...
The corresponding package failed to build for >9 months.
2020-08-15 16:59:58 +02:00
Florian Klink
a90b929020
nixos/chronos: remove module
...
The chronos package has been broken for > 9 months due to the breakage
of the mesos package.
2020-08-15 16:59:38 +02:00
Florian Klink
34d91a8cba
nixos/mesos*: remove
...
The mesos package has been broken for >9 months.
2020-08-15 16:59:37 +02:00
Izorkin
26898b8518
nixos/unit: update sandboxing options
2020-08-15 11:21:09 +03:00
Martin Weinelt
f1efdd2c0b
Merge pull request #89444 from mweinelt/pinnwand-module
...
nixos/pinnwand: init; steck: init at 0.5.0; nixos/tests/pinnwand: init
2020-08-14 22:09:33 +02:00
Aaron Andersen
f1f4cc6e1b
Merge pull request #95231 from aanderse/mysql-cleanup
...
nixos/mysql: run postStart as an unprivileged user
2020-08-13 21:38:44 -04:00
Aaron Andersen
f08049e712
nixos/mysql: move ExecStartPost into postStart
2020-08-13 17:03:22 -04:00
dawidsowa
9aaf34bdb8
nixos/rss-bridge: init
2020-08-13 19:51:30 +02:00
Florian Klink
962e15aebc
nixos: remove StandardOutput=syslog, StandardError=syslog lines
...
Since systemd 243, docs were already steering users towards using
`journal`:
eedaf7f322
systemd 246 will go one step further, it shows warnings for these units
during bootup, and will [automatically convert these occurences to
`journal`](f3dc6af20f
):
> [ 6.955976] systemd[1]: /nix/store/hwyfgbwg804vmr92fxc1vkmqfq2k9s17-unit-display-manager.service/display-manager.service:27: Standard output type syslog is obsolete, automatically updating to journal. Please update│······················
your unit file, and consider removing the setting altogether.
So there's no point of keeping `syslog` here, and it's probably a better
idea to just not set it, due to:
> This setting defaults to the value set with DefaultStandardOutput= in
> systemd-system.conf(5), which defaults to journal.
2020-08-13 18:49:15 +02:00
Jörg Thalheim
0f2ee10cbf
Merge pull request #94270 from jerith666/postfix-dane
...
postfix: add useDane config option
2020-08-13 06:53:53 +01:00
Matt McHenry
a45f1453eb
postfix: add useDane config option
2020-08-12 21:18:36 -04:00
Matthew Bauer
6fffd50623
Merge pull request #95220 from obsidiansystems/ipfs-quic-socket-activated
...
nixos/ipfs: Allow QUIC connections to socket activate too
2020-08-12 13:47:29 -05:00
Justin Humm
90ed2c01f0
Merge pull request #95266 from Lassulus/gollum-text
...
nixos/gollum: replace toFile with writeText
2020-08-12 19:28:41 +02:00
lassulus
957da625c5
nixos/gollum: replace toFile with writeText
2020-08-12 19:16:05 +02:00
Florian Klink
22e8ada3b3
Merge pull request #95264 from flokli/nginx-config-reload
...
nixos/nginx: move configuration testing script into reload command
2020-08-12 18:47:02 +02:00
Maximilian Bosch
fddeb7cb73
Revert "nextcloud: use mkDefault for whole nginx config"
...
This breaks the Nextcloud vhost declaration when adding e.g. another
vhost as the `services.nginx.virtualHosts` option has `{ nextcloud =
...; }` as *default* value which will be replaced by another
`virtualHosts`-declaration with a higher (e.g. the default) priority.
The following cases are now supported & covered by the module:
* `nginx` is enabled with `nextcloud` enabled and other vhosts can be
added / other options can be declared without having to care
about the declaration's priority.
* Settings in the `nextcloud`-vhost in `nginx` have to be altered using
`mkForce` as this is the only way how we officially support `nginx`
for `nextcloud` and customizations have to be done explicitly using
`mkForce`.
* `nginx` will be completely omitted if a user enables nextcloud
and disables nginx using `services.nginx.enable = false;`. (because
nginx will be enabled by this module using `mkDefault`).
This reverts commit 128dbb31cc
.
Closes #95259
2020-08-12 18:28:45 +02:00
Florian Klink
300049ca51
nixos/nginx: move configuration testing script into reload command
...
nginx -t not only verifies configuration, but also creates (and chowns)
files. When the `nginx-config-reload` service is used, this can cause
directories to be chowned to `root`, causing nginx to fail.
This moves the nginx -t command into a second ExecReload command, which
runs as nginx's user. While fixing above issue, this will also cause the
configuration to be verified when running `systemctl reload nginx`, not
only when restarting the dummy `nginx-config-reload` unit. The latter is
mostly a workaround for missing features in our activation script
anyways.
2020-08-12 18:13:29 +02:00
Jörg Thalheim
dc255dcac0
Merge pull request #94291 from Izorkin/gitea
2020-08-12 12:23:05 +01:00
Aaron Andersen
e3c210dfd1
nixos/mysql: run ExecStartPost as an unprivileged user
2020-08-12 07:21:27 -04:00
Aaron Andersen
31098a03a2
nixos/mysql: cleanup some descriptions
2020-08-12 07:11:00 -04:00
Aaron Andersen
ff9921f0fd
nixos/mysql: loosen mariadb check
2020-08-12 07:10:59 -04:00
Aaron Andersen
3792fef4ec
nixos/mysql: add group option
2020-08-12 07:10:56 -04:00
Aaron Andersen
9b56677634
nixos/mysql: remove variable with confusing name
2020-08-11 21:09:41 -04:00
John Ericson
e6fe9abd8b
nixos/ipfs: Allow QUIC connections to socket activate too
...
Well, via the underlying UDP. QUIC-level socket activation we'll get
someday.
2020-08-11 22:08:19 +00:00
Florian Klink
921da91c8a
Merge pull request #93702 from tnias/usbguard20200723
...
nixos/usbguard: rework
2020-08-11 12:14:32 +02:00
Silvan Mosberger
f21c42143b
Merge pull request #48740 from midchildan/add-mirakurun
...
mirakurun: init at 3.3.0
2020-08-11 06:55:56 +02:00
midchildan
3c951a6e93
video/mirakurun: add module
2020-08-11 13:52:17 +09:00
Kurt Robert Rudolph
c54beb953d
nixos/xmonad: Fix behavior of config opt
...
Prior to this change, the `config` option (which allows you define the
haskell configuration for xmonad in your configuration.nix instead of
needing something in the home directory) prevents desktop manager
resources from starting. This can be demonstrated by configuring the
following:
```
services.xserver = {
displayManager.defaultSession = "xfce+xmonad";
displayManager.lightdm.enable = true;
desktopManager.xterm.enable = false;
desktopManager.xfce.enable = true;
desktopManager.xfce.enableXfwm = false;
desktopManager.xfce.noDesktop = true;
windowManager.xmonad = {
enable = true;
enableContribAndExtras = true;
extraPackages = haskellPackages: [
haskellPackages.xmonad-contrib
haskellPackages.xmonad-extras
haskellPackages.xmonad
];
config = ''
import XMonad
import XMonad.Config.Xfce
main = xmonad xfceConfig
{ terminal = "terminator"
, modMask = mod4Mask }
'';
};
};
```
and after user log in, search for xfce processes `ps aux | grep xfce`.
You will not find xfce processes running until after the xmonad process is killed.
The bug prevents utilities included with the desktopManager,
(e.g. powerManagement, session logout, etc.)
from working as expected.
2020-08-10 19:17:54 -07:00
Maximilian Bosch
dd957c2cb7
nixos/nextcloud: add documentation for alternative reverse-proxies
...
Follow-up for #93584[1]. This change adds a simple example how to use
`Nextcloud` with `httpd`.
[1] https://github.com/NixOS/nixpkgs/pull/93584#discussion_r465233063
2020-08-10 22:09:01 +02:00
Chris Ostrouchov
2147589c7a
pythonPackages.systemdspawner: init at 0.14
2020-08-10 10:03:43 -07:00
Chris Ostrouchov
228f08035d
nixos/jupyterhub: init service
2020-08-10 10:03:43 -07:00
Matt Layher
15e5ad6c7c
nixos/corerad: use SIGHUP to restart the service
...
Signed-off-by: Matt Layher <mdlayher@gmail.com>
2020-08-09 16:15:49 -07:00
Stefan Frijters
5141082267
nixos/urserver: init
2020-08-09 12:33:37 -07:00
Izorkin
2f6a18af5a
nixos/netadata: enable simple sandboxing
2020-08-09 10:19:30 +03:00
Martin Weinelt
8774b9090d
nixos/pinnwand: init
2020-08-09 01:52:22 +02:00
Philipp Bartsch
ffd18cc1b1
nixos/usbguard: rework
...
Use StateDirectory to create necessary directories and hardcode some
paths. Also drop file based audit logs, they can be found in the
journal. And add module option deprecation messages.
2020-08-08 23:26:07 +02:00
Luflosi
4d9dec0aba
nixos/ipfs: add QUIC transport to swarmAddress list
...
According to https://github.com/ipfs/go-ipfs/blob/master/docs/config.md#addressesswarm , the default list of swarm multiaddrs now includes the QUIC transport.
2020-08-08 23:08:56 +02:00
Jörg Thalheim
08ba31a660
Merge pull request #94907 from zowoq/ecc-nixos
...
nixos/*: editorconfig fixes
2020-08-08 20:35:29 +01:00
Peter Hoeg
4767015ec8
Merge pull request #84073 from pnelson/nextdns-1.4.36
...
nextdns: init at 1.7.0
2020-08-08 14:29:12 +08:00
zowoq
8fb410c0ad
nixos/*: editorconfig fixes
2020-08-08 10:54:16 +10:00
Jörg Thalheim
ba930d8679
nixos/modules: remove trailing whitespace
...
This leads to ci failure otherwise if the file gets changed.
git-blame can ignore whitespace changes.
2020-08-07 14:45:39 +01:00
Jörg Thalheim
e879d83e38
Merge pull request #92106 from ju1m/transmission
2020-08-07 14:40:17 +01:00
Florian Klink
38724d8e8e
Merge pull request #94837 from aanderse/gitlab
...
nixos/gitlab: fix module after #94454
2020-08-07 09:05:35 +02:00
Aaron Andersen
69eb22e4cd
nixos/gitlab: fix module after #94454
2020-08-06 22:37:48 -04:00
Julien Moutinho
2a49db6a89
transmission: apply RFC0042 and harden the service
2020-08-07 04:28:11 +02:00
aszlig
1365b9ac70
nixos/manual: Fix build
...
In fd9eb16b24
, the option
"services.nextcloud.nginx.enable" has been removed since the module now
exclusively supports nginx only.
Unfortunately, with the option gone from the manual, the link in the
Nextcloud-specific documentation referencing the NixOS option also
became a dead link and thus the manual will no longer build.
I also removed a second reference to this option in the Nextcloud-
specific documentation, which while it doesn't lead to a build error in
the manual is nevertheless a good idea to remove as well to ensure we
don't present outdated information to readers of the manual.
Signed-off-by: aszlig <aszlig@nix.build>
Cc: @DavHau, @Ma27
2020-08-07 03:27:42 +02:00
Pascal Bach
cee4e14bdf
nixos/postgresql: fix setup script
...
The missing () caused parts of the escripts to be added to the
ExecStartPost line instead of inside the script.
This caused postgresql start to fail under certain conditions.
2020-08-06 19:47:17 +02:00
Maximilian Bosch
50d8cdb3ca
Merge pull request #93584 from DavHau/nextcloud-improvements
...
nextcloud: restrict web server support to nginx; stop sharing nginx user/group; improve setup service
2020-08-06 19:00:21 +02:00
Florian Klink
056bb77adb
Merge pull request #94454 from aanderse/postgresql-cleanup
...
nixos/postgresql: fix several issues
2020-08-06 11:12:31 +02:00
Jonathan Ringer
8d57f75f7a
nixos/smartd: fix description for docbook
2020-08-06 10:06:59 +10:00
Aaron Andersen
f42f8a6d3c
nixos/postgresql: replace deprecated usage of PermissionsStartOnly
2020-08-05 17:31:16 -04:00
Aaron Andersen
e50e89e1a8
nixos/postgresql: conditionally provision data directory with StateDirectory
2020-08-05 17:31:16 -04:00
Aaron Andersen
4f5fc729c7
nixos/postgresql: use a standard default value for dataDir
2020-08-05 17:31:12 -04:00
tmplt
f9f48250fe
nixos/smartd: add option for notifiction email sender
2020-08-05 14:26:48 -07:00
volth
5c384e1268
nix-daemon: platform.gcc.arch is not x86 specific
2020-08-05 17:03:45 +00:00
volth
707e43b961
nix-daemon: platform.gcc.arch is not x86 specific
2020-08-05 17:02:30 +00:00
Aaron Andersen
4e3b009778
Merge pull request #94624 from dadada/dadada/dokuwiki-acl-path
...
nixos/dokuwiki: fix path to ACL
2020-08-05 07:28:12 -04:00
volth
cf7b63df5b
gcc.arch: refactor, move tables under lib/
2020-08-05 11:18:26 +00:00
Marek Mahut
0bc37f7cb4
Merge pull request #94609 from 1000101/dokuwiki
...
nixos/dokuwiki: drop SSL forcing and document incompatibility
2020-08-05 11:54:42 +02:00
Marek Mahut
6cf131d54e
Merge pull request #94340 from 1000101/maintainer
...
nixos/modules: add myself as maintainer of several services
2020-08-05 11:54:29 +02:00
Izorkin
31ce2636a4
nixos/gitea: add lfs options
2020-08-05 11:19:33 +03:00
Izorkin
6c258a7c21
nixos/gitea: add ssh options
2020-08-05 11:19:32 +03:00
Izorkin
dfd32f11f3
nixos/gitea: update sandboxing options
2020-08-05 11:19:32 +03:00
Izorkin
6a0fd33b4c
nixos/gitea: add support socket connection
2020-08-05 11:19:32 +03:00
Izorkin
1a0e633c60
nixos/gitea: enable pid file
2020-08-05 11:19:32 +03:00
Izorkin
4e68da6337
nixos/gitea: add 'backupDir' option
2020-08-05 11:19:32 +03:00
Izorkin
f77e28d83d
nixos/gitea: enable data access only for 'gitea' group
2020-08-05 11:19:32 +03:00
DavHau
128dbb31cc
nextcloud: use mkDefault for whole nginx config
2020-08-05 11:50:26 +07:00
Ryan Mulligan
c4814c03b7
treewide: add Jitsi maintainers
...
* makes jitsi maintainer team
2020-08-04 13:07:36 -07:00
Aaron Andersen
620e154921
Merge pull request #94043 from aanderse/zabbix-settings
...
nixos/zabbix*: replace extraConfig option with settings option
2020-08-04 12:49:43 -04:00
Jörg Thalheim
1476c6f349
Merge pull request #91146 from tmplt/doc-zfs-replicate
...
nixos/zfs-replication: document expected lz4 on host system
2020-08-04 08:46:06 +01:00
dadada
938bd67988
nixos/dokuwiki: fix path to ACL
2020-08-03 23:40:41 +02:00
Ryan Mulligan
4162c69b3c
Merge pull request #92468 from petabyteboy/jitsi-meet
...
nixos/jitsi-meet: init
2020-08-03 12:43:37 -07:00
1000101
850b3ea028
nixos/dokuwiki: drop SSL forcing
2020-08-03 16:10:05 +02:00
Aaron Andersen
34298f0673
Merge pull request #94551 from StijnDW/dokuwiki
...
nixos/dokuwiki: fix https redirect
2020-08-03 08:17:37 -04:00
DavHau
ca916e8cb3
nextcloud: deprecate nginx, use chgrp, mkDefault for nginx, fix tests
2020-08-03 14:21:45 +07:00
Martin Weinelt
cc4f533a9a
nixos/snapserver: update module to work with snapcast 0.20
2020-08-02 16:58:07 +02:00
Stijn DW
f7b6bfd113
nixos/dokuwiki: fix https redirect
...
Even if the webserver had https disabled, the user would still get redirected to an https url when attemting to login.
2020-08-02 16:08:40 +02:00
xeji
89e0d97d7e
Merge pull request #93538 from erictapen/tinc-rsa-key-file
...
nixos/tinc: allow configuration of RSA private key file
2020-08-01 23:32:26 +02:00
Jörg Thalheim
633958732d
Merge pull request #94064 from Mic92/tlp
...
tlp: use structured config to fix cpu governor
2020-08-01 10:23:44 +01:00
1000101
b5d21137f3
nixos/modules: add myself as maintainer of several services
2020-07-31 15:53:46 +02:00
Matthew Bauer
67b6e56391
nixos/nix-daemon.nix: fix nix.distributedBuilds assertion
2020-07-30 21:38:24 -05:00
Matthew Bauer
ed1423b03c
Merge pull request #92415 from matthewbauer/nix-daemon-distributed-builds
...
Add assertion on distributedBuilds & buildMachines != []
2020-07-30 19:56:23 -05:00
Matthew Bauer
250885d0ca
nixos/nix-daemon.nix: assert distributedBuilds and buildMachines!=[]
...
Without distributedBuilds, you can’t use buildMachines flag.
Fixes #56593
2020-07-30 19:55:12 -05:00
Milan
e49fb87b05
nixos/gitlab-runner: add clone-url option ( #93894 )
2020-07-30 10:24:33 +02:00
Milan Pässler
2d819e968e
nixos/mautrix-telegram: fix base-config path
2020-07-29 16:34:30 +02:00
Peter Hoeg
e3d45be66f
Merge pull request #93699 from NixOS/f/do
...
nixos/do-agent: use .service from upstream
2020-07-29 09:13:56 +08:00
Aaron Andersen
7415ba0be8
nixos/zabbixProxy: replace extraConfig option with settings option
2020-07-28 08:11:33 -04:00
Jörg Thalheim
4d0077addd
tlp: use structured config to fix cpu governor
...
Previously this module just disabled them.
Now tlp merges system defaults in
2020-07-28 09:41:18 +01:00
worldofpeace
654b66e0e4
Merge pull request #93963 from seqizz/g_typo_environment
...
treewide: fix typo on word environment
2020-07-28 02:18:28 -04:00
Gürkan Gür
eb627de968
treewide: fix typo on word environment
2020-07-28 08:00:38 +02:00
Aaron Andersen
b58e0905d0
nixos/zabbixAgent: replace extraConfig option with settings option
2020-07-27 22:09:25 -04:00
Aaron Andersen
3aa68faa78
nixos/zabbixServer: replace extraConfig option with settings option
2020-07-27 22:09:20 -04:00
DavHau
b90a70d53f
nextcloud: shorten nginx group reference
...
Co-authored-by: Aaron Andersen <aaron@fosslib.net>
2020-07-27 20:20:13 +07:00
Marek Mahut
b415ebae97
Merge pull request #93700 from 1000101/bitcoind
...
nixos/bitcoind: change to multi-instance + add tests
2020-07-27 12:55:29 +02:00
1000101
95440f040e
nixos/bitcoind: minor refactoring
2020-07-27 10:40:06 +02:00
DavHau
5823ed7841
nextcloud: fix group permissions on startup
2020-07-27 12:41:42 +07:00
DavHau
fd9eb16b24
nextcloud: restrict web server support to nginx only
2020-07-27 12:06:04 +07:00
Silvan Mosberger
ff5bdca1ed
Merge pull request #93813 from bobismijnnaam/update-wpa-supplicant-config
...
Ensure wpa_supplicant.conf is written when userControlled and extraConfig are used
2020-07-26 16:43:56 +02:00
Jan Tojnar
a86f4110a7
Merge pull request #93771 from jtojnar/flatpak-1.8
2020-07-26 13:56:16 +02:00
Jan Tojnar
5d3f240ebd
Merge pull request #93712 from jtojnar/malcontent-0.8
...
malcontent: 0.7.0 → 0.8.0
2020-07-26 13:55:02 +02:00
DavHau
6ee3004132
nextcloud improve user/group handling
...
- remove optons cfg.user, cfg.groups
- add option `serverUser` which is required when not using nginx
- add `serverUser` to nextcloud group
- set user/group to "nextcloud" for nextcloud services
- make setup-service non-root
2020-07-26 15:54:23 +07:00
Florian Klink
ebfae82674
nixos/yubikey-agent: add missing mkIf
...
This accidentially added pkgs.yubikey-agent to
environment.systemPackages unconditionally.
2020-07-26 09:34:24 +02:00
Emery Hemingway
d800d1e884
fixup! nixos/yggdrasil: add manual section
2020-07-25 16:34:20 +02:00
Emery Hemingway
764a9252a3
nixos/yggdrasil: add manual section
2020-07-25 16:34:20 +02:00
Emery Hemingway
a8780387ba
nixos/dhcpd: make authoritative mode optional
...
There are circumstances where running secondary DHCP servers in
non-authoritative mode is advantageous. Retain the previous
authoritative behavior as a default.
2020-07-25 16:33:04 +02:00
Bob Rubbens
71ea6a9a41
nixos/wpa_supplicant: update config generation
...
Ensure wpa_supplicant.conf is also generated when userControlled and
extraConfig are used. (As discussed in issue #59959 )
2020-07-25 14:24:57 +02:00
Léo Gaspard
0c075ce453
Merge pull request #93715 from lovesegfault/roon-server-revamp
...
roon-server: revamp
2020-07-24 20:11:01 +02:00
Jan Tojnar
98710d2552
flatpak: 1.6.3 → 1.8.1
...
Changes:
* https://github.com/flatpak/flatpak/releases/tag/1.7.1
* https://github.com/flatpak/flatpak/releases/tag/1.7.2
* https://github.com/flatpak/flatpak/releases/tag/1.7.3
* https://github.com/flatpak/flatpak/releases/tag/1.8.0
* https://github.com/flatpak/flatpak/releases/tag/1.8.1
Commits:
https://github.com/flatpak/flatpak/compare/1.6.3...1.7.1
https://github.com/flatpak/flatpak/compare/1.7.1...1.8.1
Notable packaging changes:
* Flatpak now ships a sysusers.d file for allowing systemd to create the required users.
4df019063b
* Completion support for fish shell
* If an app has filesystem access, the host /lib is accessible as /run/host/lib, etc.
* New filesystem permission "host-etc" and "host-os" give access to system /usr and /etc.
fe2536b844
* We now always expose the host timezone data, allowing us the expose the host /etc/localtime in a way that works better, fixing several apps that had timezone issues.
dc4e198766
* We now ship a systemd unit (not installed by default) to automatically detect plugged in usb sticks with sideload repos.
* By default we no longer install the gdm env.d file, as the systemd generators work better
7c3a85bf43
* Use variant-schema-compiler for some GVariant code
https://github.com/flatpak/flatpak/pull/3366
* zstd compression for oci deltas:
bfa71e208a
Additionally:
* Remove glibcLocales which is not used since 1.4 bump because glibc contains a locale archive with C.UTF-8
1728bc8d22
* Stop using aliases for docbook-xsl-nons and pkg-config packages
* Stop using autoreconfHook, the autogen.sh script contains some extra that are necessary when building from git.
* Increase disk space for installed tests, they were running out.
* Enable building developer documentation.
2020-07-24 19:38:51 +02:00
Emery Hemingway
76d60b0fcd
nixos/molly-brown: init
2020-07-24 11:04:33 +02:00
Kirill Elagin
e1d80de838
prometheus: Add assert for legacy listenAddress
2020-07-23 18:16:13 -04:00
Kirill Elagin
5d2a465add
prometheus: Use types.port for port
2020-07-23 18:15:57 -04:00
Jan Tojnar
097117cf72
malcontent: 0.7.0 → 0.8.0
...
* Update: https://gitlab.freedesktop.org/pwithnall/malcontent/-/releases/0.8.0
* Fix the separation patch.
* Add `itstool` to ui (needed for building localized help).
* Use `pkg-config` instead of the `pkgconfig` alias.
* Fix some issues related to multiple outputs:
* Make the module pass specific output to `dbus.packages` since the `dbus` NixOS module will not generate configuration with correct interface paths otherwise.
* Change `malcontent-ui` package to primarily-a-program type derivation (`out`+`lib` instead of `bin`+`out`) since there are more and more `malcontent-control`-specific assets.
* This also fixes the issue where application data (desktop files, icons…) were installed to `out`, which is not installed by `environment.systemPackages`/`system-path.nix`’s `buildEnv` by default when `bin` output is also present.
* Make `malcontent` package install `out` output too so that `system-path.nix` links that too. It contains the AccountsService & Polkit data files.
* Split the library and PAM module out of `malcontent.out` so that they are not installed with the data files.
* This revealed a bug in the `gobject-introspection` setup hook.
2020-07-23 21:59:23 +02:00
Bernardo Meurer
0aadd405a3
services.roon-server: fix binary path
2020-07-23 11:38:13 -07:00
Florian Klink
8f7a623af6
Merge pull request #92936 from philandstuff/add-yubikey-agent
...
yubikey-agent: init at 0.1.3
2020-07-23 17:52:30 +02:00
Peter Hoeg
e0589ec65b
nixos/do-agent: use .service from upstream
2020-07-23 19:30:01 +08:00
1000101
c6017d9895
nixos/bitcoind: change to multi-instance
2020-07-23 12:05:40 +02:00
Florian Klink
80c2d2e2af
Merge pull request #93423 from helsinki-systems/feat/gitlab-redis-url
...
nixos/gitlab: Make redis URL configurable
2020-07-22 19:05:28 +02:00
DavHau
07076e9fe0
nextcloud: configurable user and group, enabled nginx, improve setup
2020-07-21 08:23:45 +00:00
Lassulus
72f66e7e42
Merge pull request #72320 from sweber83/sw-zigbee2mqtt
...
zigbee2mqtt package & module
2020-07-21 05:23:43 +02:00
Florian Klink
fec45bdfbc
Merge pull request #93355 from Izorkin/nginx-unit
...
nixos/unit: add 'tmp' directory
2020-07-21 00:17:54 +02:00
Florian Klink
f67288925a
Merge pull request #93422 from helsinki-systems/fix/gitlab-sidekiq-warn
...
nixos/gitlab: Drop sidekiq PID file
2020-07-21 00:11:24 +02:00
Florian Klink
f14799c8e7
Merge pull request #93073 from helsinki-systems/tmpfiles-packages
...
nixos/systemd: Implement a packages option for tmpfiles
2020-07-20 23:56:41 +02:00
Simon Weber
1af8759693
nixos/zigbee2mqtt: init
2020-07-20 21:48:14 +02:00
Justin Humm
1192255677
nixos/tinc: allow configuration of RSA key file
...
This is necessary for VPNs where some of the nodes run pre-1.1 versions.
Most of Linux distros [0] and even the nixpkgs.tinc attribute run on that
version, so it might be useful to have that option.
[0] https://repology.org/project/tinc/versions
2020-07-20 21:39:22 +02:00
Justin Humm
d6f6424ac8
nixos/gollum: introduce --h1-title option
2020-07-20 16:15:18 +02:00
Daniël de Kok
d0c12dc612
Merge pull request #85689 from danieldk/resilio-module-fix
...
nixos/resilio: fix directoryRoot configuration
2020-07-20 11:31:36 +02:00
Daniël de Kok
b9e0992e87
nixos/resilio: fix directoryRoot configuration
...
The resilio module places the directoryRoot configuration in the webui
section. However, the generated configuration fails on the current
version of Resilio Sync with:
Invalid key context: 'directory_root' must be in global config section
This change places this key in the global configuration section to
solve this error.
2020-07-20 11:24:33 +02:00
Nikola Knežević
53f42f245a
oauth2_proxy: 5.1.1 -> 6.0.0 ( #93121 )
...
The new release fixes one of the outstanding CVEs against oauth2_proxy:
https://github.com/oauth2-proxy/oauth2-proxy/security/advisories/GHSA-5m6c-jp6f-2vcv .
In addition, rename the owner and the project name to reflect the
changes upstream (it now belongs to the oauth2-proxy organization, and
the name is oauth2-proxy)
2020-07-19 22:08:33 -07:00
aszlig
4e92b613cc
nixos/wireguard: Fix mismatched XML tag
...
Build error introduced in fe7053f75a
:
parser error : Opening and ending tag mismatch: commmand line 6139 and command
escription><para>Base64 preshared key generated by <commmand>wg genpsk</command>
^
Writing "command" with only two "m" fixes building the NixOS manual.
Signed-off-by: aszlig <aszlig@nix.build>
2020-07-20 00:14:44 +02:00
Jörg Thalheim
1c26e6baec
Merge pull request #93474 from tnias/fix20200719
2020-07-19 21:07:05 +01:00
Philipp Bartsch
fe7053f75a
nixos/wireguard: fix typos and unify formatting
2020-07-19 14:57:39 +02:00
Janne Heß
f459122ea3
nixos/gitlab: Support extra config for shell
2020-07-18 16:46:33 +02:00
Janne Heß
e9bf4ca80f
nixos/gitlab: Make redis URL configurable
...
We run Redis via Unix socket
2020-07-18 16:28:59 +02:00
Janne Heß
026b4eb3ae
nixos/gitlab: Drop sidekiq PID file
...
> WARNING: PID file creation will be removed in Sidekiq 6.0, see #4045 .
Please use a proper process supervisor to start and manage your
services
Since NixOS uses a proper process supervisor AND does not use the PID
file anywhere, we can just drop it to be upwards compatible and fix that
warning.
2020-07-18 16:00:04 +02:00
Janne Heß
a44b2cdd3a
nixos/systemd: Implement a packages option for tmpfiles
...
Also drop the `portables` tmpfiles because the file is missing in the
systemd derivation.
2020-07-18 00:03:47 +02:00
WilliButz
c8a29f640a
Merge pull request #93291 from mdlayher/mdl-mmexporter
...
prometheus-modemmanager-exporter: init at 0.1.0, add NixOS module
2020-07-17 20:02:56 +02:00
Matt Layher
a58346a5ee
nixos/prometheus-modemmanager-exporter: new module
...
Signed-off-by: Matt Layher <mdlayher@gmail.com>
2020-07-17 13:54:58 -04:00
Janne Heß
25bad1f9b8
nixos/gitlab: Fix extra-gitlab.rb
...
Line 794 removes the entire directory, rendering the tmpfiles rule
useless.
cc @bgamari @talyz
2020-07-17 19:34:49 +02:00
Izorkin
8129816f98
nixos/unit: add 'tmp' directory
2020-07-17 19:46:56 +03:00
Lassulus
b6eca9a2af
Merge pull request #93104 from Kloenk/moodle-plugins
...
nixos/moodle: add plugins
2020-07-17 17:47:11 +02:00
claudiiii
2d468be964
nixos/matrix-synapse: update documentation
2020-07-17 16:28:12 +02:00
Finn Behrens
832d2289c3
moodle: update to 3.9.1
...
use phpEnv to provide xmlrpc
2020-07-16 23:48:08 +02:00
Philip Potter
e4029c34fc
yubikey-agent: init at 0.1.3
...
This adds yubikey-agent as a package and a nixos module.
On macOS, we use `wrapProgram` to set pinentry_mac as default in PATH;
on Linux we rely on the user to set their preferred pinentry in PATH.
In particular, we use a systemd override to prefix PATH to select a
chosen pinentry program if specified.
On Linux, we need libnotify to provide the notify-send utility for
desktop notifications (such as "Waiting for Yubikey touch...").
This might work on other flavors of unix, but I haven't tested.
We reuse the programs.gnupg.agent.pinentryFlavor option for
yubikey-agent, but in doing so I hit a problem: pinentryFlavour's
default value is specified in a mkDefault, but only conditionally. We
ought to be able to pick up the pinentryFlavour whether or not gpg-agent
is running. As a result, this commit moves the default value to the
definition of programs.gnupg.agent.enable.
2020-07-16 15:29:33 +01:00
Milan Pässler
1a5f3d133d
Revert "nixos/jicofo: use ExecStart instead of script"
...
This reverts commit d3a26a5ecd
.
Using ServiceConfig.ExecStart instead of script lead to the content not
being executed in a shell anymore, which broke the secrets being read
from a file and passed as a command line parameter.
2020-07-15 21:41:29 +02:00
Florian Klink
e99389a942
Merge pull request #93001 from aanderse/gitolite
...
nixos/gitolite: provision data directory only before service begins
2020-07-14 20:40:35 +02:00
Atemu
206dc0cfac
spotifyd: make option link clickable
2020-07-14 08:34:28 +02:00
Roman Sharapov
d53d13b6ee
nixos/buildbot: enable configurable keepalive for buildbot worker
...
In the current implementation, there's no possibility to modify the default
parameter for keepalive. This is a number that indicates how frequently
keepalive messages should be sent from the worker to the buildmaster,
expressed in seconds. The default (600) causes a message to be sent to
the buildmaster at least once every 10 minutes.
If the worker is behind a NAT box or stateful firewall, these messages
may help to keep the connection alive: some NAT boxes tend to forget about
a connection if it has not been used in a while. When this happens, the
buildmaster will think that the worker has disappeared, and builds will
time out. Meanwhile the worker will not realize than anything is wrong.
2020-07-13 13:07:20 -04:00
Aaron Andersen
5e32ec39ca
nixos/gitolite: provision data directory only before service begins
2020-07-12 09:19:00 -04:00
Florian Klink
8c0708f0bb
Merge pull request #91424 from i077/restic-rclone-opts
...
nixos/restic: Add rclone options
2020-07-11 23:57:47 +02:00
Maximilian Bosch
3d9c143b77
Merge pull request #91895 from kristoff3r/jupyter-service
...
Improve jupyter service
2020-07-11 18:03:31 +02:00
Justin Humm
ce111fcc26
Merge pull request #92225 from bachp/unifi-5.13.32
...
unifiStable: 5.13.29 -> 5.13.32
2020-07-11 17:14:19 +02:00
worldofpeace
747fb48c72
Merge pull request #85065 from worldofpeace/autologin-unified
...
nixos/displayManager: make autoLogin options independent of DM type
2020-07-10 00:04:41 -04:00
worldofpeace
490cd7889e
nixos/displayManager: make autoLogin options independent of DM type
...
Co-authored-by: volth <volth@volth.com>
2020-07-09 21:15:35 -04:00
lewo
9534da25bf
Merge pull request #90115 from asbachb/postfix-tls
...
postfix: Replaced config key by recommendation and introduced usage of system trust store
2020-07-09 20:29:49 +02:00
Milan Pässler
d3a26a5ecd
nixos/jicofo: use ExecStart instead of script
2020-07-09 00:25:30 +02:00
Milan Pässler
5ff05249cf
nixos/jitsi-meet: allow more room names
2020-07-09 00:20:34 +02:00
Milan Pässler
dcc12e4df6
nixos/jitsi-meet: enableACME by default
2020-07-09 00:20:34 +02:00
Milan Pässler
1a071343f2
nioxs/jicofo: use existing generator
2020-07-09 00:00:05 +02:00
Martin Milata
3f68a83c88
nixos/jitsi-meet: init
2020-07-09 00:00:04 +02:00
Martin Milata
47c38f00b2
nixos/jicofo: init
2020-07-09 00:00:04 +02:00
Martin Milata
c695d57895
nixos/jitsi-videobridge: init
2020-07-09 00:00:04 +02:00
Maximilian Bosch
87d7f0f0f3
Merge pull request #92329 from asbachb/roundcube/add-message-size
...
roundcube: Added new option `maxAttachmentSize` to configure max attachment size
2020-07-08 11:22:14 +02:00
Maximilian Bosch
5bc22adb5a
nixos/manual: fix build
...
Option names must be `opt-<full-option-name>` in docbook XML.
2020-07-08 11:09:01 +02:00
worldofpeace
aba048f0bf
Merge pull request #92587 from worldofpeace/session-settings-update
...
Pantheon updates 2020-07-07
2020-07-08 01:01:05 -04:00
Benjamin Asbach
12e0d726fd
roundcube: Added new option maxAttachmentSize
to configure the maximum attachment size
...
The multiplication is used since roundcube uses only 70% of the php configured upload size.
2020-07-08 01:22:28 +02:00
worldofpeace
eb3c53b4e9
nixos/pantheon: update greeter whitelist to new wording
...
This was a simple non fatal deprecation.
https://github.com/elementary/wingpanel/pull/326
2020-07-07 11:35:21 -04:00
Samuel Gräfenstein
82cf1d9dcd
nixos/plasma5: Noto Mono -> Noto Sans Mono
...
The font has been renamed.
See https://github.com/googlefonts/noto-fonts/pull/1029
2020-07-07 17:07:27 +02:00
Kristoffer Søholm
80a7a4295a
nixos/jupyter: add package and command options
2020-07-07 15:00:49 +02:00
Michele Guerini Rocco
fc553c0bc5
Merge pull request #89773 from rnhmjoj/ncdns
...
ncdns: init at 0.0.10.3
2020-07-07 10:58:55 +02:00
Imran Hossain
7dd656a037
nixos/restic: Add options for rclone repositories
2020-07-06 10:27:55 -04:00
Eric Wolf
8af58eda12
postfix: Add submissions option for postfix and test ( #91691 )
...
RFC 8314 suggests, for end user submission of
mails, SMTP over TLS on port 465 should be used.
Closes #91690
2020-07-06 03:37:56 +02:00
Benjamin Hipple
152a29fef8
Merge pull request #77557 from c0deaddict/feature/nginx-sso-package-option
...
nixos/nginx.sso: add package option
2020-07-05 21:24:22 -04:00
Benjamin Hipple
1e835d98c5
Merge pull request #89498 from 0x4A6F/master-xandikos
...
xandikos: 0.1.0 -> 0.2.2
2020-07-05 20:04:50 -04:00
Vincent Breitmoser
5395397fd6
nixos/nix-daemon: work on buildMachines submodule
2020-07-05 16:51:55 +02:00
John Ericson
1ed248eac2
nixos/nix-daemon: Organize buildMachine options with a submodule
2020-07-05 16:51:55 +02:00
Benjamin Asbach
632104e5a4
postfix: deprecated sslCACert
in favour of tlsTrustedAuthorities
...
`sslCACert` was used for trust store of client and server certificates. Since `smtpd_tls_ask_ccert` defaults to no the setup of `smtpd_tls_CApath` was removed.
>By default (see smtpd_tls_ask_ccert), client certificates are not requested, and smtpd_tls_CApath should remain empty.
see http://www.postfix.org/postconf.5.html#smtpd_tls_CAfile
2020-07-05 14:53:34 +02:00
Benjamin Asbach
9d697837f0
postfix: used recommended configuration key to enable tls
...
> With Postfix 2.3 and later use smtp_tls_security_level instead.
http://www.postfix.org/postconf.5.html#smtp_use_tls
2020-07-05 14:50:40 +02:00
worldofpeace
d3a40e7cfc
Merge pull request #92270 from samuelgrf/fix/whether-typo
...
nixos/*: fix misspellings of whether
2020-07-04 09:34:28 -04:00
Samuel Gräfenstein
5bb0b72720
nixos/*: wheter -> whether
2020-07-04 15:20:41 +02:00
Samuel Gräfenstein
850d7d1790
nixos/*: wether -> whether
2020-07-04 15:17:03 +02:00
Pascal Bach
3e7d650bcc
nixos/unifi: restart service on package update
...
Currently the service doesn't detect if on of the packages is updated
and doesn't restart.
By manually adding a trigger we make sure the service restarts if any of
the involved packages update.
2020-07-03 22:34:29 +02:00
Peter Hoeg
8bc7721fb1
Merge pull request #91765 from asdf8dfafjk/onedrive_module
...
nixos/onedrive: init
2020-07-03 10:08:42 +08:00
Vincent Ambo
c0122d335b
nixos/openldap: add option for configuring OpenLDAP package to use
...
In certain cases, for example when custom OpenLDAP modules are
compiled into the binary, users may want to override the package used
for OpenLDAP.
This is especially common in setups where LDAP is the primary
authentication source, as good password hashing mechanisms need to be
enabled as extra modules.
2020-07-01 20:49:04 +01:00
_
a3b0864bb0
nixos/onedrive: init
2020-06-29 19:56:41 +05:30
misuzu
fc9f994ee5
nixos/gitlab-runner: add more global options ( #86946 )
2020-06-29 13:35:21 +00:00
Florian Klink
aed85b7279
Merge pull request #85223 from arianvp/acme-fix-nginx-after
...
nixos/acme: Fix ordering of certificate requests (#81482 )
2020-06-29 10:17:25 +02:00
Linus Heckemann
5b8b201e44
Revert "traefik: unify TOML generation"
...
This reverts commit a5e6901702
.
yj doesn't distinguish floats and ints, which breaks some configs.
2020-06-29 09:34:41 +02:00
Robert Schütz
595a3d14b7
Merge pull request #91168 from dotlambda/radicale-3.0.3
...
radicale: 2.1.11 -> 3.0.3
2020-06-28 12:48:56 +02:00
Graham Christensen
38060ee399
Merge pull request #91666 from Atemu/undervolt-warning
...
undervolt: clarify that the service is unofficial
2020-06-27 08:39:55 -04:00
Atemu
2c7402b54d
undervolt: clarify that the service is unofficial
...
The original warning almost made it sound like the service was made by or
somehow connected to Intel which is not the case
2020-06-27 14:21:58 +02:00
Christoph Hrdinka
b2655b6a34
Merge pull request #91514 from NinjaTrappeur/nin-fix-nsdconf
...
nixos/nsd: symlink conf file to /etc/nsd
2020-06-26 23:24:30 +02:00
Marek Mahut
bb7c60708a
Merge pull request #91497 from 1000101/blockbook
...
nixos/blockbook-frontend: init
2020-06-26 21:17:36 +02:00
Félix Baylac-Jacqué
7020dc8eac
nixos/nsd: symlink conf file to /etc/nsd
...
We remove the configFile build flag override in the NixOS module.
Instead of embedding the conf file link to the binaries, we symlink it
to /etc/nsd/nsd.nix, the hardcoded config file location for the
various CLI nsd utilities.
This config file build option override is triggerring a nsd rebuild
for each configuration change. This prevent us to use the nixos cache
in many cases.
Co-authored-by: Erjo <erjo@cocoba.work>
2020-06-26 20:18:33 +02:00
1000101
de3c56ffd8
nixos/blockbook-frontend: init
2020-06-26 16:16:49 +02:00
Michael Fellinger
d1c4bf967b
ssm-agent: 2.0.633.0 -> 2.3.1319.0
2020-06-26 12:43:27 +02:00
zowoq
29b75dc074
Merge pull request #91458 from mdlayher/mdl-corerad-0.2.7
...
corerad: 0.2.6 -> 0.2.7
2020-06-26 09:45:59 +10:00
Kim Lindberger
c00bf081d9
Merge pull request #88940 from stigtsp/package/convos-init
...
convos: init at 4.22
2020-06-25 09:32:33 +02:00
Matt Layher
09f0d65317
nixos/corerad: set systemd unit Type=notify
...
Signed-off-by: Matt Layher <mdlayher@gmail.com>
2020-06-24 22:09:20 -04:00