Commit Graph

23421 Commits

Author SHA1 Message Date
github-actions[bot]
2ad7b248e6
Merge staging-next into staging 2021-09-17 00:02:15 +00:00
rnhmjoj
e4da1edf8b
nixos/extra-layouts: avoid all rebuilds
Just setting the XKB_CONFIG_ROOT should be enough, so we don't need to
rebuild the xserver, xkbcomp and other packages anymore.
However, the variable has to be passed explicitely to scripts running at
build time: in particular to xkbvalidate and xkb-console-keymap.
2021-09-17 01:48:46 +02:00
Jan Tojnar
2006672bf0
Merge pull request #138160 from jansol/master
pipewire: 0.3.35 -> 0.3.36
2021-09-16 21:17:59 +02:00
Robert Hensing
70b9016e94
Merge pull request #137013 from mkenigs/rm-runInMachine
nixos/testing: remove unused function runInMachine
2021-09-16 20:04:35 +02:00
Sandro
5795c33bdd
Merge pull request #138051 from ehmry/tox-bootstrapd 2021-09-16 20:02:02 +02:00
github-actions[bot]
9905c2647a
Merge staging-next into staging 2021-09-16 18:01:40 +00:00
Timothy DeHerrera
f77b7736b3
Merge pull request #138056 from NixOS/SuperSandro2000-patch-1
nixos/documentation: use full option names
2021-09-16 11:42:53 -06:00
Jan Solanti
996b51ee85 pipewire: 0.3.35 -> 0.3.36 2021-09-16 18:52:08 +03:00
github-actions[bot]
85bd312fb6
Merge staging-next into staging 2021-09-16 12:02:04 +00:00
Jan Tojnar
79c444b5bd
Merge pull request #137533 from jansol/master
pipewire: 0.3.34 -> 0.3.35
2021-09-16 11:44:47 +02:00
github-actions[bot]
52ebc93c96
Merge staging-next into staging 2021-09-16 06:01:54 +00:00
Martin Weinelt
6f12ff7aa5
Merge pull request #138025 from NixOS/home-assistant
home-assistant: 2021.8.8 -> 2021.9.6
2021-09-16 04:48:39 +02:00
Martin Weinelt
cf75539971 nixos/home-assistant: allow serial access for usb discovery and zwave_js
via https://www.home-assistant.io/blog/2021/09/01/release-20219/#usb-discovery
and https://www.home-assistant.io/integrations/usb/
2021-09-16 04:22:32 +02:00
github-actions[bot]
6a10b23c61
Merge staging-next into staging 2021-09-16 00:02:05 +00:00
Artturi
74b3e9ff87
Merge pull request #136471 from Artturin/tmpontmpfssize 2021-09-16 02:25:02 +03:00
Sandro
4f78c74b57
nixos/documentation: use full option names 2021-09-15 22:43:44 +02:00
Emery Hemingway
0721aa49a3 nixos/tox-bootstrapd: use DynamicUser 2021-09-15 22:01:56 +02:00
rnhmjoj
dc34788a25
nixos/lock-kernel-modules: use udevadm settle
Instead of relying on systemd-udev-settle, which is deprecated,
directly call `udevamd settle` to wait for hardware to settle.
2021-09-15 14:36:50 +02:00
github-actions[bot]
24a34e5706
Merge staging-next into staging 2021-09-15 12:01:34 +00:00
Lara
fe034d33be nixos/gitlab: Enable roation of log files
This commit enables a logrotate service for gitlab using the default
values from omnibus. [1]

[1] https://gitlab.com/gitlab-org/omnibus-gitlab/-/blob/master/files/gitlab-cookbooks/gitlab/attributes/default.rb#L754

Resolves #136723
2021-09-15 09:57:18 +02:00
Michele Guerini Rocco
0e848f7b12
Merge pull request #134302 from rnhmjoj/gdm-no-udev-settle
nixos/gdm: remove udev-settle dependency
2021-09-15 09:52:10 +02:00
i-do-cpp
92139c2045 installers/tools: add test for system.disableInstallerTools option
This test ensures the installer tools are actually unavailable
with the option set to true.
2021-09-15 09:18:35 +02:00
github-actions[bot]
0f78d9c4b7
Merge staging-next into staging 2021-09-15 00:02:12 +00:00
github-actions[bot]
728f30ca03
Merge master into staging-next 2021-09-15 00:01:33 +00:00
Guillaume Girol
955d01c675
Merge pull request #137856 from symphorien/systemd-coredump-group
nixos/systemd: create a group for systemd-coredump
2021-09-14 20:07:47 +00:00
Guillaume Girol
777c50f3f2
Merge pull request #137854 from symphorien/vsftpd-nogroup
nixos/vsftpd: allocate group; fix fallout of #133166
2021-09-14 20:07:02 +00:00
github-actions[bot]
95f24a8a57
Merge staging-next into staging 2021-09-14 18:01:40 +00:00
github-actions[bot]
91c89490cc
Merge master into staging-next 2021-09-14 18:01:05 +00:00
Artturi
045bf139db
Merge pull request #104828 from matthewbauer/add-disableInstallerTools-option 2021-09-14 20:41:02 +03:00
Jonas Heinrich
94f775024e Opensnitch: Add module 2021-09-14 18:51:23 +02:00
Bobby Rong
39261adc92
Merge pull request #135626 from delroth/tor-netlink
nixos/tor: allow AF_NETLINK address family
2021-09-14 22:57:34 +08:00
ajs124
9c566248df
Merge pull request #137508 from helsinki-systems/fix/dry-activation
nixos/activation-script: Fix dependencies for dry activation
2021-09-14 15:55:37 +02:00
Guillaume Girol
9739ba6baf nixos/systemd: create a group for systemd-coredump
Fixes:
```
activating the configuration...
warning: user ‘systemd-coredump’ has unknown group ‘systemd-coredump’
setting up /etc...
```

Oversight of #133166
2021-09-14 12:00:00 +00:00
Guillaume Girol
eb328077c3 nixos/vsftpd: allocate group; fix fallout of #133166 2021-09-14 12:00:00 +00:00
github-actions[bot]
79a728d821
Merge staging-next into staging 2021-09-14 00:01:57 +00:00
github-actions[bot]
1db0c42d5a
Merge master into staging-next 2021-09-14 00:01:23 +00:00
Guillaume Girol
3592034595
Merge pull request #133166 from symphorien/nonogroup
Don't default to nogroup for the primary group of users.
2021-09-13 18:29:21 +00:00
github-actions[bot]
04e48fbe4f
Merge staging-next into staging 2021-09-13 18:01:51 +00:00
Jonathan Ringer
ca1731455d
Merge remote-tracking branch 'origin/master' into staging-next 2021-09-13 08:09:52 -07:00
Kim Lindberger
460d7f63c6
Merge pull request #125404 from talyz/parsedmarc
parsedmarc: Add package and NixOS module
2021-09-13 15:44:18 +02:00
talyz
6496902fb2
nixos/parsedmarc: Add manual entry and release note 2021-09-13 13:57:17 +02:00
talyz
d46e78fd76
nixos/parsedmarc: Add test 2021-09-13 13:57:11 +02:00
talyz
98d9617705
nixos/parsedmarc: Add NixOS module 2021-09-13 13:57:06 +02:00
talyz
3a1e1f0624
nixos/elasticsearch: Wait for elasticsearch to start up properly
Other services that depend on elasticsearch should be started after
it, but since the versions we're packaging have to run as
"Type=simple", they're started as soon as the elasticsearch binary has
been executed, likely winning the race against it.

This makes sure elasticsearch is up and running, responding to a
simple query, before dependents are started.
2021-09-13 13:57:01 +02:00
rnhmjoj
27b0c53d23
doc/release-notes: mention security.wrappers changes 2021-09-13 13:48:13 +02:00
rnhmjoj
65e83b0e23
nixos: fix nobody/nogroup in security.wrappers 2021-09-13 13:48:13 +02:00
rnhmjoj
fedd7cd690
nixos: explicitely set security.wrappers ownership
This is slightly more verbose and inconvenient, but it forces you
to think about what the wrapper ownership and permissions will be.
2021-09-13 13:48:13 +02:00
rnhmjoj
8f76a6eefc
nixos: add implict security.wrappers options
This is to keep the same permissions/setuid/setgid as before the change
in security.wrappers defaults.
2021-09-13 13:48:13 +02:00
rnhmjoj
41a498578e
nixos/mail: reuse security.wrappers type 2021-09-13 13:48:13 +02:00
rnhmjoj
27dcb04cde
nixos/security/wrappers: remove WRAPPER_PATH
This appears to be a leftover from 628e6a83.
2021-09-13 13:48:13 +02:00
rnhmjoj
936e8eaf41
nixos/security/wrappers: fix shell quoting 2021-09-13 13:48:12 +02:00
Alyssa Ross
0f279e2e0c nixos/top-level: fix cross
When cross-compiling, we can't run the runtime shell to check syntax
if it's e.g. for a different architecture.  We have two options here.
We can disable syntax checking when cross compiling, but that risks
letting errors through.  Or, we can do what I've done here, and change
the syntax check to use stdenv's shell instead of the runtime shell.
This requires the stdenv shell and runtime shell to be broadly
compatible, but I think that's so ingrained in Nixpkgs anyway that
it's fine.  And this way we avoid conditionals that check for cross.
2021-09-13 11:13:38 +00:00
rnhmjoj
7d8b303e3f
nixos/security/wrappers: check that sources exist
Add a shell script that checks if the paths of all wrapped programs
actually exist to catch mistakes. This only checks for Nix store paths,
which are always expected to exist at build time.
2021-09-13 10:38:04 +02:00
Florian Klink
8019c95b55
Merge pull request #131618 from andir/systemdv249
systemd v249
2021-09-13 09:39:49 +02:00
figsoda
ec2690c67f nixos/xdg/mime: add config for associations
between mimetypes and applications
2021-09-12 21:02:40 -04:00
github-actions[bot]
dfd1161f35
Merge staging-next into staging 2021-09-13 00:02:22 +00:00
github-actions[bot]
ac962ee61a
Merge master into staging-next 2021-09-13 00:01:41 +00:00
Sandro
a79648dd7f
Merge pull request #136109 from john-consumable/master 2021-09-13 00:42:54 +02:00
Andreas Rammhold
92442b1f99
nixos/tests/prometheus: wait for influxdb exporter before quering
Previously the influxdb exporter test was flaky as even after the
service has started there is still a race before the service is actually
listening and accepting connection on port 9122.

With this commit the test will wait for the port to be open before
proceeding.
2021-09-12 23:45:55 +02:00
Andreas Rammhold
72197a5c79
nixos/tests/herbstluftwm: fix timeout that was given in seconds
Hydra accepts timeouts as value of seconds after which the test is
terminated / considered failed. Using the value 30 here has the effect
that the test was terminate after 30 seconds. That time might be
sufficient for the test execution itself but it has another downside:

Jobs on hydra inherit the timeout of their parent. In this case all the
builds that are a dependency of the herbstluftwm test *must* finish
(each) within 30s. And since not all of the dependencies are cached in
the binary cache this could lead to an issue with pacakges that take
longer than 30s to build at the time when the herbstluftwm test is built
by hydra.

It is best to not set the timeout here and let hydra deal with it.  Our
default timeout for builds is two hours which is more than sufficient
for most builds and tests. If the test fails we will spent ~2h doing
something or nothing at worst but at least we wont kill the build just
because a dependency wasn't fullfilled already.
2021-09-12 23:45:55 +02:00
Andreas Rammhold
64556974b6
systemd: 247.6 -> 249.4
This updates systemd to version v249.4 from version v247.6.

Besides the many new features that can be found in the upstream
repository they also introduced a bunch of cleanup which ended up
requiring a few more patches on our side.

a) 0022-core-Handle-lookup-paths-being-symlinks.patch:
  The way symlinked units were handled was changed in such that the last
  name of a unit file within one of the unit directories
  (/run/systemd/system, /etc/systemd/system, ...) is used as the name
  for the unit. Unfortunately that code didn't take into account that
  the unit directories themselves could already be symlinks and thus
  caused all our units to be recognized slightly different.

  There is an upstream PR for this new patch:
    https://github.com/systemd/systemd/pull/20479

b) The way the APIVFS is setup has been changed in such a way that we
   now always have /run. This required a few changes to the
   confinement tests which did assert that they didn't exist. Instead of
   adding another patch we can just adopt the upstream behavior. An
   empty /run doesn't seem harmful.

   As part of this work I refactored the confinement test just a little
   bit to allow better debugging of test failures. Previously it would
   just fail at some point and it wasn't obvious which of the many
   commands failed or what the unexpected string was. This should now be
   more obvious.

c) Again related to the confinement tests the way a file was tested for
   being accessible was optimized. Previously systemd would in some
   situations open a file twice during that check. This was reduced to
   one operation but required the procfs to be mounted in a units
   namespace.

   An upstream bug was filed and fixed. We are now carrying the
   essential patch to fix that issue until it is backported to a new
   release (likely only version 250). The good part about this story is
   that upstream systemd now has a test case that looks very similar to
   one of our confinement tests. Hopefully that will lead to less
   friction in the long run.

   https://github.com/systemd/systemd/issues/20514
   https://github.com/systemd/systemd/pull/20515

d) Previously we could grep for dlopen( somewhat reliably but now
   upstream started using a wrapper around dlopen that is most of the
   time used with linebreaks. This makes using grep not ergonomic
   anymore.

   With this bump we are grepping for anything that looks like a
   dynamic library name (in contrast to a dlopen(3) call) and replace
   those instead. That seems more robust. Time will tell if this holds.

   I tried using coccinelle to patch all those call sites using its
   tooling but unfornately it does stumble upon the _cleanup_
   annotations that are very common in the systemd code.

e) We now have some machinery for libbpf support in our systemd build.
   That being said it doesn't actually work as generating some skeletons
   doesn't work just yet. It fails with the below error message and is
   disabled by default (in both minimal and the regular build).

   > FAILED: src/core/bpf/socket_bind/socket-bind.skel.h
   > /build/source/tools/build-bpf-skel.py --clang_exec /nix/store/x1bi2mkapk1m0zq2g02nr018qyjkdn7a-clang-wrapper-12.0.1/bin/clang --llvm_strip_exec /nix/store/zm0kqan9qc77x219yihmmisi9g3sg8ns-llvm-12.0.1/bin/llvm-strip --bpftool_exec /nix/store/l6dg8jlbh8qnqa58mshh3d8r6999dk0p-bpftools-5.13.11/bin/bpftool --arch x86_64 ../src/core/bpf/socket_bind/socket-bind.bpf.c src/core/bpf/socket_bind/socket-bind.skel.h
   > libbpf: elf: socket_bind_bpf is not a valid eBPF object file
   > Error: failed to open BPF object file: BPF object format invalid
   > Traceback (most recent call last):
   >   File "/build/source/tools/build-bpf-skel.py", line 128, in <module>
   >     bpf_build(args)
   >   File "/build/source/tools/build-bpf-skel.py", line 92, in bpf_build
   >     gen_bpf_skeleton(bpftool_exec=args.bpftool_exec,
   >   File "/build/source/tools/build-bpf-skel.py", line 63, in gen_bpf_skeleton
   >     skel = subprocess.check_output(bpftool_args, universal_newlines=True)
   >   File "/nix/store/81lwy2hfqj4c1943b1x8a0qsivjhdhw9-python3-3.9.6/lib/python3.9/subprocess.py", line 424, in check_output
   >     return run(*popenargs, stdout=PIPE, timeout=timeout, check=True,
   >   File "/nix/store/81lwy2hfqj4c1943b1x8a0qsivjhdhw9-python3-3.9.6/lib/python3.9/subprocess.py", line 528, in run
   >     raise CalledProcessError(retcode, process.args,
   > subprocess.CalledProcessError: Command '['/nix/store/l6dg8jlbh8qnqa58mshh3d8r6999dk0p-bpftools-5.13.11/bin/bpftool', 'g', 's', '../src/core/bpf/socket_bind/socket-bind.bpf.o']' returned non-zero exit status 255.
   > [102/1457] Compiling C object src/journal/libjournal-core.a.p/journald-server.c.oapture output)put)ut)
   > ninja: build stopped: subcommand failed.

  f) We do now have support for TPM2 based disk encryption in our
     systemd build. The actual bits and pieces to make use of that are
     missing but there are various ongoing efforts in that direction.
     There is also the story about systemd in our initrd to enable this
     being used for root volumes. None of this will yet work out of the
     box but we can start improving on that front.

  g) FIDO2 support was added systemd and consequently we can now use
     that. Just with TPM2 there hasn't been any integration work with
     NixOS and instead this just adds that capability to work on that.

Co-Authored-By: Jörg Thalheim <joerg@thalheim.io>
2021-09-12 23:45:49 +02:00
Maximilian Bosch
2444c11431
nixos/kernel: add 5.14 to kernel test-suite
I guess that this was just forgotten in #136150 and I realized while
running these tests for the latest kernel updates.
2021-09-12 22:43:46 +02:00
Sandro
e4b50b4821
Merge pull request #66415 from ToxicFrog/crossfire 2021-09-12 22:13:02 +02:00
rnhmjoj
22004f7e8f
nixos/security/wrappers: use fixed defaults
To keep backward compatibility and have a typing would require making
all options null by default, adding a defaultText containing the actual
value, write the default value logic based on `!= null` and replacing
the nulls laters. This pretty much defeats the point of having used
a submodule type.
2021-09-12 21:43:25 +02:00
rnhmjoj
904f68fb0f
nixos/security/wrappers: make well-typed
The security.wrappers option is morally a set of submodules but it's
actually (un)typed as a generic attribute set. This is bad for several
reasons:

1. Some of the "submodule" option are not document;
2. the default values are not documented and are chosen based on
   somewhat bizarre rules (issue #23217);
3. It's not possible to override an existing wrapper due to the
   dumb types.attrs.merge strategy;
4. It's easy to make mistakes that will go unnoticed, which is
   really bad given the sensitivity of this module (issue #47839).

This makes the option a proper set of submodule and add strict types and
descriptions to every sub-option. Considering it's not yet clear if the
way the default values are picked is intended, this reproduces the current
behavior, but it's now documented explicitly.
2021-09-12 21:43:03 +02:00
Maximilian Bosch
364b5555ee
Merge pull request #137132 from Ma27/pi-sudo
nixos/privacyidea: use `sudo(8)` that's configured via the module
2021-09-12 20:09:49 +02:00
github-actions[bot]
fef6f602e6
Merge staging-next into staging 2021-09-12 18:01:50 +00:00
github-actions[bot]
a13bf1828b
Merge master into staging-next 2021-09-12 18:01:21 +00:00
Maximilian Bosch
8b13843f4e
Merge pull request #135751 from zhaofengli/promtail-allow-positions-file
nixos/promtail: Allow write access to positions file if not in CacheDirectory
2021-09-12 18:17:25 +02:00
Matthieu Coudron
ab9c7819fe
Merge pull request #136615 from teto/lua-flat
Various lua changes/cleanup
2021-09-12 18:08:53 +02:00
Daniël de Kok
6f2ce2a65e treewide: remove danieldk as maintainer from a set of packages
I currently do not have much time to work on nixpkgs. Remove
myself as a maintainer from a bunch of packages to avoid that
people are waiting on me for a review.
2021-09-12 14:42:12 +00:00
ajs124
119c9e1f70 nixos/rabbitmq: clean-up after f091420c1d 2021-09-12 16:32:36 +02:00
Jan Solanti
f4fbb21176 pipewire: 0.3.34 -> 0.3.35 2021-09-12 16:33:50 +03:00
Guillaume Girol
27f0f8965b nixos/tests/caddy.nix: fix eval 2021-09-12 14:59:30 +02:00
Guillaume Girol
476fcfd2aa nixos: add release notes about users.users.name.group 2021-09-12 14:59:30 +02:00
Guillaume Girol
bc3bca822a nixos: define the primary group of users where needed 2021-09-12 14:59:30 +02:00
github-actions[bot]
7267016c66
Merge staging-next into staging 2021-09-12 12:01:42 +00:00
github-actions[bot]
acd45cb351
Merge master into staging-next 2021-09-12 12:01:10 +00:00
Sandro
e26b155274
Merge pull request #137444 from SuperSandro2000/wicd
treewide: yank wicd as it is abandoned
2021-09-12 12:56:10 +02:00
Janne Heß
4db13430fb
nixos/activation-script: Fix dependencies for dry activation 2021-09-12 11:34:13 +02:00
github-actions[bot]
3d192af340
Merge staging-next into staging 2021-09-12 06:01:33 +00:00
github-actions[bot]
45de5d0c9a
Merge master into staging-next 2021-09-12 06:01:00 +00:00
Jörg Thalheim
fc4247e827
Merge pull request #137082 from bobby285271/markdown
nixos/doc: Convert more articles to CommonMark
2021-09-12 04:51:20 +01:00
zowoq
07109dd495 nixos/kubernetes: add cni-plugin-flannel to kubelet.cni.packages
the flannel plugin was removed from `cni-plugins` in ee8ed2cd8d
2021-09-12 12:47:45 +10:00
Bobby Rong
7fb52b1325
nixos: nixos/doc/manual/installation/installing.xml to CommonMark 2021-09-12 09:26:37 +08:00
Matthieu Coudron
b97977681e lua: add LUA_PATH changes to release notes
lua interpreters have been patched not to look into FHS folders anymore.
2021-09-12 03:03:56 +02:00
happysalada
30a04a1ad9 rl-2111: add bash default upgrade to version 5 2021-09-12 09:48:54 +09:00
github-actions[bot]
3f2255106a
Merge master into staging-next 2021-09-12 00:01:45 +00:00
John Soo
b1c57920f5 nixos/datadog-agent: Note breaking changes in release notes. 2021-09-11 15:32:14 -07:00
John Soo
a51ee771be nixos/datadog-agent: Update process collection binary. 2021-09-11 15:32:14 -07:00
John Soo
e131d6bf51 datadog-agent: Add release note entry. 2021-09-11 15:32:14 -07:00
Sandro Jäckel
781766e30c
treewide: yank wicd as it is abandoned 2021-09-11 23:46:52 +02:00
Timothy DeHerrera
8e2f255cb6
Merge pull request #137325 from figsoda/git-module
nixos/git: init
2021-09-11 15:42:22 -06:00
Davíð Steinn Geirsson
4598ff3bb8 nixos/libinput: Add transformation matrix option 2021-09-11 20:53:29 +00:00
github-actions[bot]
c435b0e35f
Merge master into staging-next 2021-09-11 18:01:16 +00:00
Sandro
667711513d
Merge pull request #137039 from figsoda/sx-extra-layouts 2021-09-11 14:51:05 +02:00
github-actions[bot]
4170ee273c
Merge master into staging-next 2021-09-11 12:01:12 +00:00
Alyssa Ross
2f9ec5838e
nixos/doc: fix merged items in 20.09 rel notes
These items (notmuch and device tree) are completely different topics,
so were obviously merged into a single bullet by mistake.
2021-09-11 08:16:31 +00:00
figsoda
44853e8cf3 nixos/git: init 2021-09-10 18:50:04 -04:00
figsoda
9c82ab55b1 nixos/xserver: fix extraLayouts with displayManager.sx.enable 2021-09-10 18:48:14 -04:00
Martin Weinelt
d9341eafa2
Merge branch 'master' into staging-next 2021-09-10 15:04:01 +02:00
Kevin Cox
a49a3d97ac
Merge pull request #137113 from kevincox/ipfs-profile-fix
nixos.ipfs: Fix startup after unclean shutdown.
2021-09-10 08:26:04 -04:00
Jörg Thalheim
c2b276369d
Merge pull request #137224 from helsinki-systems/dry-activation-scripts-to-changelog
nixos/release-notes: Document dry activation scripts
2021-09-10 11:19:12 +01:00
github-actions[bot]
3f7ad651c7
Merge master into staging-next 2021-09-10 06:01:06 +00:00
Elis Hirwing
eac6215607
Merge pull request #136460 from misuzu/sanoid-recursive-zfs
nixos/sanoid: allow zfs value for recursive
2021-09-10 07:13:12 +02:00
happysalada
75c7c16df2 release-docs: add ipfs localdiscovery false change 2021-09-10 09:39:55 +09:00
happysalada
6a51087bba ipfs: default to not listen on the local network 2021-09-10 09:39:55 +09:00
github-actions[bot]
912b8082df
Merge master into staging-next 2021-09-10 00:01:31 +00:00
Janne Heß
23b21c77f6
nixos/release-notes: Document dry activation scripts 2021-09-09 22:32:55 +02:00
Timothy DeHerrera
6dbeb3190d
Merge pull request #126544 from jonringer/nixos-rebuild-use-substitutes
nixos-rebuild: add --use-substitutes option
2021-09-09 13:53:37 -06:00
Pavol Rusnak
60c852813a
Merge pull request #137214 from alyssais/exists
treewide: "does not exists" -> "does not exist"
2021-09-09 21:40:54 +02:00
Alyssa Ross
c9ce275aa4
treewide: "does not exists" -> "does not exist"
I noticed this minor grammar mistake when running update.nix, and then
while grepping to find the source I noticed we had it a few times in
Nixpkgs.  Just as easy to fix treewide as it was to fix the one
occurrence I noticed.
2021-09-09 18:45:33 +00:00
Lassulus
2e04b29a17
Merge pull request #126247 from kmein/feature/spotifyd
spotifyd: generate TOML config via formats
2021-09-09 20:08:03 +02:00
github-actions[bot]
fc5d1c0828
Merge master into staging-next 2021-09-09 12:01:24 +00:00
Janne Heß
e8388f8574
nixos/switch-to-configuration: Allow activation scripts to restart units
The primary use case is tools like sops-nix and agenix to restart units
when secrets change. There's probably other reasons to restart units as
well and a nice thing to have in general.
2021-09-09 13:11:52 +02:00
Jörg Thalheim
146ae89c63
Merge pull request #137120 from helsinki-systems/feat/activate-syntax
nixos/top-level: Check activation script syntax
2021-09-09 07:21:11 +01:00
github-actions[bot]
8cd1da2362
Merge master into staging-next 2021-09-09 00:01:35 +00:00
Maximilian Bosch
69e75754d5
nixos/privacyidea: use sudo(8) that's configured via the module 2021-09-08 22:45:50 +02:00
Pavol Rusnak
9ceefd7e37
Merge pull request #137088 from bricewge/master
maintainers: remove bricewge
2021-09-08 20:15:52 +02:00
Janne Heß
2bcd3dad86
nixos/top-level: Check activation script syntax 2021-09-08 20:08:44 +02:00
github-actions[bot]
31efc58eb0
Merge master into staging-next 2021-09-08 18:01:03 +00:00
Artturin
f45e8d560e nixos/tmp: add tmpOnTmpfsSize 2021-09-08 19:30:52 +03:00
Lassulus
7cd6b6dfc8
Merge pull request #132786 from helsinki-systems/feat/initrd-dm-cache
tasks/lvm: add all tools from thin-provisioning-tools
2021-09-08 18:19:41 +02:00
Kevin Cox
af354d2049
nixos.ipfs: Fix startup after unclean shutdown.
Fixes https://github.com/NixOS/nixpkgs/issues/135684
2021-09-08 12:17:22 -04:00
Lassulus
5f4004ea94
Merge pull request #136605 from helsinki-systems/feat/dry-activation-scripts
nixos: Add dry activation for users/groups
2021-09-08 18:10:09 +02:00
github-actions[bot]
5ed67a849a
Merge master into staging-next 2021-09-08 12:01:27 +00:00
Matthew Kenigsberg
b00d2a8f3e
nixos/testing: remove unused function runInMachine
runInMachine and runInMachineWithX are not used for any tests and can be
removed
2021-09-08 06:25:20 -05:00
Bobby Rong
b8efe91ce2
nixos: nixos/doc/manual/development/writing-modules.xml to CommonMark 2021-09-08 17:57:11 +08:00
Brice Waegeneire
a49177e0ce maintainers: remove bricewge
So long, and thanks for all the fish!
2021-09-08 11:56:00 +02:00
Alexandre Iooss
bbc51efb46 nixos/grafana: systemd unit hardening 2021-09-08 10:43:46 +02:00
Bobby Rong
785d40d4d8
nixos: nixos/doc/manual/configuration/profiles.xml to CommonMark 2021-09-08 16:35:17 +08:00
Bobby Rong
2e808c8144
nixos: nixos/doc/manual/configuration/networking.xml to CommonMark 2021-09-08 16:35:16 +08:00
Bobby Rong
4c10e0ff9d
nixos: nixos/doc/manual/configuration/file-systems.xml to CommonMark 2021-09-08 16:35:16 +08:00
Bobby Rong
7d7d2a4455
nixos: nixos/doc/manual/configuration/package-mgmt.xml to CommonMark 2021-09-08 16:35:16 +08:00
Bobby Rong
12a9632ab0
nixos: nixos/doc/manual/devlopment/nixos-tests.xml to CommonMark 2021-09-08 15:47:16 +08:00
Bobby Rong
45c1d8f4aa
nixos: nixos/doc/manual/configuration/config-syntax.xml to CommonMark 2021-09-08 15:47:16 +08:00
Bobby Rong
8ce611b9fb
nixos: nixos/doc/manual/configuration/declarative-packages.xml to CommonMark 2021-09-08 15:47:05 +08:00
Bobby Rong
3d711cfc5e
nixos: nixos/doc/manual/administration/troubleshooting.xml to CommonMark 2021-09-08 14:42:23 +08:00
Bobby Rong
5aaeddee5f
nixos: nixos/doc/manual/administration/containers.xml to CommonMark 2021-09-08 14:40:26 +08:00
github-actions[bot]
58f8f1f058
Merge master into staging-next 2021-09-08 00:01:42 +00:00
Jan Tojnar
1e75936926
Merge pull request #130047 from NixOS/doc-manpage-role
doc: Add support for manpage references
2021-09-07 21:29:26 +02:00
github-actions[bot]
80cab1d056
Merge master into staging-next 2021-09-07 18:01:08 +00:00
Ryan Mulligan
c863de29a7 nixos/doc/md-to-db.sh: handle Docbook inclues in CommonMark
You can do includes like this:

```{=docbook}
<xi:include href="rl-2111.section.xml" />
```
2021-09-07 06:29:21 -07:00
github-actions[bot]
fbefda3466
Merge master into staging-next 2021-09-07 12:01:13 +00:00
Michele Guerini Rocco
4755c30647
Merge pull request #136915 from ncfavier/manualPages
nixos/documentation: expose manualPages as a hidden option
2021-09-07 13:40:50 +02:00
Robert Hensing
e16c267e48
Merge pull request #128916 from heisenberg33/patch-4
Fix default pager environment
2021-09-07 12:45:36 +02:00
Naïm Favier
459957f9d4
nixos/documentation: expose manualPages
Allows advanced users to select what packages they want to generate the
man cache for, and even more advanced users to make manualPages
content-addressed to avoid needless rebuilds.
2021-09-07 11:13:32 +02:00
matthewcroughan
11aedaec1f nixos: nix.sshServe: add write option
Adds the ability to provide the --write flag in addition to the --serve flag via
a new option, services.sshServe.write.

A user can now share their system as a remote builder with friends easily as
follows:

{
  nix = {
    sshServe = {
      enable = true;
      write = true;
      keys = ["ssh-dss AAAAB3NzaC1k... alice@example.org"];
    };
  };
}

Co-authored-by: Raphael Megzari <raphael@megzari.com>
2021-09-07 18:10:55 +09:00
Janne Heß
a851b4d20e
nixos/users-groups: Add dry mode 2021-09-07 10:30:42 +02:00
Bobby Rong
745cf36f95
Merge branch 'staging-next-fix' into staging-next 2021-09-07 16:17:21 +08:00
Bobby Rong
90354922c2
nixos/doc: adjust to the new structure of kernel packages 2021-09-07 16:13:15 +08:00
Michele Guerini Rocco
a350fcd078
Merge pull request #134070 from malte-v/gnunet-public-tmpdir
nixos/gnunet: use public $TMPDIR
2021-09-07 09:30:15 +02:00
Vladimír Čunát
09f5763784
Merge branch 'master' into staging-next
Conflicts:
 - pkgs/development/python-modules/pathspec/default.nix
   The hashes are equivalent, so it's not a real conflict.
 - pkgs/top-level/static.nix
   I can't see a solution, deffered redoing this to the later PR:
   https://github.com/NixOS/nixpkgs/pull/136849
2021-09-07 08:43:26 +02:00
Jörg Thalheim
00f361a846
Merge pull request #129074 from bobby285271/pr11
nixos/doc: convert Chapter 57, 59, 60, 63 to CommonMark
2021-09-07 07:15:42 +01:00
Jörg Thalheim
4015c275ca
Merge pull request #129121 from bobby285271/pr13
nixos/doc: convert Chapter 7, 9, 10, 11, 12, 14, 15, 48 to CommonMark
2021-09-07 06:29:45 +01:00
Jörg Thalheim
e622dd1c84
Merge pull request #129154 from bobby285271/pr15
nixos/doc: convert Chapter 1, 3, 4 to CommonMark
2021-09-07 06:29:19 +01:00
Jörg Thalheim
c7d32059b1
Merge pull request #129136 from bobby285271/pr14
nixos/doc: convert "Chapter 58. Writing NixOS Modules" to CommonMark
2021-09-07 06:28:57 +01:00
Jörg Thalheim
929f0156cc
Merge pull request #128933 from bobby285271/pr5
nixos/doc: convert "8.1. LUKS-Encrypted File Systems" to CommonMark
2021-09-07 06:28:37 +01:00
Jörg Thalheim
48dc5e4ba6
Merge pull request #129003 from bobby285271/pr10
nixos/doc: convert "2.5. Additional installation notes" to CommonMark
2021-09-07 06:24:42 +01:00
Jörg Thalheim
0d789e992f
Merge pull request #128937 from bobby285271/pr8
nixos/doc: convert "Chapter 55. Container Management" to CommonMark
2021-09-07 06:24:21 +01:00
Jörg Thalheim
5de68de484
Merge pull request #128935 from bobby285271/pr7
nixos/doc: convert "Chapter 56. Troubleshooting" to CommonMark
2021-09-07 06:20:47 +01:00
Jörg Thalheim
2a55504a99
Merge pull request #128934 from bobby285271/pr6
nixos/doc: convert "6.2. Ad-Hoc Package Management" to CommonMark
2021-09-07 06:20:26 +01:00
Jörg Thalheim
96c98af211
Merge pull request #128892 from bobby285271/pr4
nixos/doc: convert "Chapter 13. Networking" to CommonMark
2021-09-07 06:20:04 +01:00
Jörg Thalheim
c0735214e1
Merge pull request #129083 from bobby285271/pr12
nixos/doc: convert Chapter 49, 50, 51, 52, 53, 54 to CommonMark
2021-09-07 06:19:33 +01:00
midchildan
21a7695b8a mirakurun: build with yarn2nix 2021-09-07 12:22:59 +09:00
happysalada
9cbdd2655c elasticsearch: auto_import_dangling_indices in single-node mode 2021-09-07 12:18:16 +09:00
happysalada
f4b40d572c elasticsearch: update configuration
- transport.tcp.port -> transport.port https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-7.1.html
- default to start a single-node cluster https://stackoverflow.com/questions/59350069/elasticsearch-start-up-error-the-default-discovery-settings-are-unsuitable-for
2021-09-07 12:18:16 +09:00
Jörg Thalheim
6e17c53b98
Merge pull request #128885 from bobby285271/pr3
nixos/doc: convert "Chapter 5. Configuration Syntax" to CommonMark
2021-09-07 03:56:34 +01:00
Jörg Thalheim
b9ed8cbaff
Merge pull request #128878 from bobby285271/pr2
nixos/doc: convert "6.1. Declarative Package Management" to CommonMark
2021-09-07 03:55:22 +01:00
Jörg Thalheim
c0e53b6857
Merge pull request #128760 from bobby285271/master
nixos/doc: convert "Chapter 45. Profiles" to CommonMark
2021-09-07 03:54:22 +01:00
github-actions[bot]
79667a59e7
Merge master into staging-next 2021-09-06 00:01:28 +00:00
Anders Kaseorg
d8ef13fc13 modules/programs/command-not-found: Fix ShellCheck warnings
https://github.com/koalaman/shellcheck/wiki/SC2086
Double quote to prevent globbing and word splitting.

https://github.com/koalaman/shellcheck/wiki/SC2166
Prefer `[ p ] && [ q ]` as `[ p -a q ]` is not well defined.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2021-09-06 08:49:34 +09:00
Anders Kaseorg
d44b6ae6cb modules/programs/bash: Fix ShellCheck warnings
https://github.com/koalaman/shellcheck/wiki/SC2086
Double quote to prevent globbing and word splitting.

https://github.com/koalaman/shellcheck/wiki/SC2166
Prefer `[ p ] && [ q ]` as `[ p -a q ]` is not well defined.

https://github.com/koalaman/shellcheck/wiki/SC2219
Instead of `let expr`, prefer `(( expr ))` .

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2021-09-06 08:49:34 +09:00
github-actions[bot]
6c9e0f15dc
Merge master into staging-next 2021-09-04 18:01:10 +00:00
Maximilian Bosch
da537dbfb8
Merge pull request #136505 from bew/update-rofi-1.7.0
rofi: 1.6.1 -> 1.7.0
2021-09-04 18:24:45 +02:00
github-actions[bot]
e3f1f8bba2
Merge master into staging-next 2021-09-04 00:01:34 +00:00
Robert Scott
8ae687b26b
Merge pull request #136334 from c0deaddict/master
release-notes: add nats service
2021-09-04 00:58:49 +01:00
Guillaume Girol
0f15a8f489 nixos/users-groups: don't default users.users.<name>.group to nogroup
this is unsafe, as many distinct services may be running as the same
nogroup group.
2021-09-03 21:22:07 +02:00
Timothy DeHerrera
bb1058f1f0
Merge pull request #136534 from kevincox/synapse-server-name
nixos.matrix-synapse: Clarify documentation of server_name.
2021-09-03 13:07:27 -06:00
Alyssa Ross
071a7a4583
Merge remote-tracking branch 'nixpkgs/master' into staging-next 2021-09-03 18:23:45 +00:00
Janne Heß
3156730402
nixos/switch-to-configuration: Add dry activation scripts 2021-09-03 18:40:11 +02:00
Graham Christensen
3677d4bc22 kexec-tools: rename from kexectools to match the project name 2021-09-03 10:17:21 -04:00
Artturi
45b7c5b223
Merge pull request #136475 from Artturin/pipewirejackldpath
nixos/pipewire: use absolute path for jack libs
2021-09-03 16:36:39 +03:00
Jos van Bakel
d68d6477c2
release-notes: add nats service 2021-09-03 13:57:04 +02:00
Kevin Cox
6f7fc1c693
nixos.matrix-synapse: Clarify documentation of server_name.
Matrix homeservers have two important domains. The user-visible server_name and the homeserver domain which serves most of the traffic but is really seen by users. The docs around this variable said "This is used by remote servers to connect to this server" which is very confusing because most of the remote server traffic actually goes the server domain, not the server_name domain. (The server_name domain is only used to fetch the .well-known file that points at the server domain).

I largely copied the wording from https://matrix-org.github.io/synapse/latest/usage/configuration/homeserver_sample_config.html as I found it much more clear.
2021-09-02 21:27:00 -04:00
github-actions[bot]
704a7a86ca
Merge master into staging-next 2021-09-03 00:01:42 +00:00
Benoit de Chezelles
2d9bf01310 rofi: 1.6.1 -> 1.7.0
And add myself as a maintainer
2021-09-02 23:15:45 +02:00
Bernardo Meurer
62f6985869
Merge pull request #135182 from lovesegfault/nixos-distcc
nixos/distccd: init
2021-09-02 20:41:28 +00:00
github-actions[bot]
0630061ef3
Merge master into staging-next 2021-09-02 18:01:20 +00:00
Artturin
756e60344f nixos/pipewire: use absolute path for jack libs 2021-09-02 17:17:15 +03:00
Matthias Treydte
9ce8df127d nixos/etc: make sure local "source" files are imported to the store
The treatment of the "source" parameter changed
with eb7120dc79, breaking stuff.

Before that commit, the source parameter was converted to a
string by implicit coercion, which would copy the file to the
store and yield an string containing the store path. Now, by
the virtue of escapeShellArg, toString is called explicitly on
that path, which will yield an string containing the absolute
path of the file.

This commit restores the old behavior.
2021-09-02 15:50:44 +02:00
legendofmiracles
5258463721
nixos/weylus: init 2021-09-02 06:33:23 -06:00
github-actions[bot]
3cc5df2052
Merge master into staging-next 2021-09-02 12:01:09 +00:00
misuzu
df972a3dde nixos/sanoid: allow zfs value for recursive 2021-09-02 14:56:23 +03:00
Michele Guerini Rocco
052009bf2b
Merge pull request #135315 from johnjameswhitman/johnjameswhitman/fix-wlan-sub-interfaces
nixos/tasks/network-interfaces: Assign mac to new wlan interface instead of underlying one
2021-09-02 09:37:04 +02:00
github-actions[bot]
ba543de038
Merge master into staging-next 2021-09-02 06:01:01 +00:00
Aaron Andersen
abfdb24af0
Merge pull request #125687 from malte-v/soju-module-new
nixos/soju: add module
2021-09-01 22:09:44 -04:00
happysalada
4ddc5c6b2a elasticsearch: remove logic for version less than 6 2021-09-02 10:57:02 +09:00
happysalada
d58fa9e445 elasticsearch: fix jvm gc log path 2021-09-02 10:57:02 +09:00
happysalada
e13906fff0 elasticsearch: nixpkgs-fmt 2021-09-02 10:57:02 +09:00