Commit Graph

36664 Commits

Author SHA1 Message Date
Jörg Thalheim
44cf4801c0 nixos/nix-serve: also set extra-allowed-users
This fixes the case where users enable nix-serve but also have allowed-users set.
Having extra-allowed-users is a no-op when nix.settings.allowed-users is set to "*" (the default)
2023-11-12 14:09:31 +01:00
K900
2e5993d508 nixos/tests/udisks2: actually start udisks 2023-11-12 12:09:58 +03:00
tomberek
7859adb9d6
Merge pull request #245394 from christoph-heiss/pkgs/sourcehut
sourcehut: update all component; lots of fixes
2023-11-11 13:42:19 -05:00
Peder Bergebakken Sundt
0e8902941b
Merge pull request #266469 from ambroisie/fix-tandoor-recipes
tandoor-recipes: fix `django-allauth`
2023-11-11 20:42:10 +02:00
Bruno BELANYI
2fa56fcb30 nixos/tests/tandoor-recipes: use SQLite
This is a work-around for getting the tests working until #216989 is
fixed.
2023-11-11 18:37:33 +00:00
Maciej Krüger
e9a5bf8ae4
Merge pull request #265712 from nbraud/nixos/sudo-rs/akkoma 2023-11-11 18:10:25 +01:00
Maciej Krüger
9c61d268a7
Merge pull request #265727 from nbraud/nixos/sudo-rs/google_oslogin 2023-11-11 18:09:39 +01:00
Maciej Krüger
c647a12d7f
Merge pull request #265725 from nbraud/nixos/sudo-rs/gce 2023-11-11 18:09:20 +01:00
K900
e792d7fec0
Merge pull request #264442 from anthonyroussel/update-url-redirects
treewide: fix redirected and broken URLs
2023-11-11 18:08:59 +03:00
Christoph Heiss
88a3d2a0b4
sourcehut: fix postgresql database permission for postgresql >= 15
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2023-11-11 15:50:16 +01:00
Niklas Hambüchen
f9611764c6 manual: Fix QEMU_NET_OPTS VM-side address.
In my earlier commit

    manual: Don't suggest exposing VM port to local network.

I made a side change titled

    Use `127.0.0.1` also on the VM side, otherwise connections to
    services that, in the VM, bind to `127.0.0.1` only
    (doing the safe approach) do not work.

Unfortunately, that was wrong:

QEMU inside the VM always communicates via the virtualised
Ethernet interface, not via the VM's loopback interface.
So trying to connect to `127.0.0.1` on the VM's side cannot work.
2023-11-11 15:40:55 +01:00
Christoph Heiss
66b86f8a2e
sourcehut: de-duplicate nginx add_header directives
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2023-11-11 14:14:59 +01:00
Christoph Heiss
acd21dad52
sourcehut: use systemd.tmpfiles instead of manually creating logfiles
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2023-11-11 14:14:59 +01:00
Christoph Heiss
641e54bb28
sourcehut: create logs directory unconditionally
An empty log directory, in case it stays unused, does not hurt anyone.

Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2023-11-11 13:01:47 +01:00
Christoph Heiss
fc6addb147
sourcehut: reword api-origin option description
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2023-11-11 13:01:47 +01:00
Christoph Heiss
589b75bdc8
sourcehut: disable IPv6 completely for tests
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2023-11-11 13:01:47 +01:00
Christoph Heiss
78cc2783c8
sourcehut: drop obsolete services array in favor of indivdual enable flags
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2023-11-11 13:01:47 +01:00
Christoph Heiss
6b25e09d2d
sourcehut: fix up some more bin paths
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2023-11-11 13:01:47 +01:00
Christoph Heiss
5841d27497
sourcehut: explicitly disallow openssh to socket-active
This breaks the (already fragile) gitsrht-dispatch -> gitsrht-keys
command chain.

Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2023-11-11 13:01:47 +01:00
Christoph Heiss
c39ba7f5b1
sourcehut: remove set -x from ssh commands
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2023-11-11 13:01:46 +01:00
Christoph Heiss
6648488333
sourcehut: fix logging of git/hg ssh commands
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2023-11-11 13:01:45 +01:00
Christoph Heiss
6e51802196
sourcehut: fix repos path by using actual settings value
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2023-11-11 13:01:32 +01:00
Christoph Heiss
c123a37be6
sourcehut.gitsrht: 0.78.20 -> 0.84.2
Newer version of the gitsrht-api service call setrlimit() on startup,
thus allow it in the `SystemCallFilter` definition for the service.

Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2023-11-11 13:01:30 +01:00
Christoph Heiss
d703173520
sourcehut: make /query endpoint config common to all services
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2023-11-11 12:39:28 +01:00
Anthony Roussel
e30f48be94
treewide: fix redirected and broken URLs
Using the script in maintainers/scripts/update-redirected-urls.sh
2023-11-11 10:49:01 +01:00
Félix Baylac Jacqué
dfa45288af maintainers: ninjatrappeur -> picnoir
I changed my nickname from Ninjatrappeur to Picnoir. My github id is
stable, it shouldn't break too much stuff.

I took advantage of this handle change to remove myself from the
hostapd maintainers: I don't use NixOS as a router anymore.
2023-11-11 08:31:16 +01:00
tu-maurice
40c06a143f prayer: remove 2023-11-10 20:44:28 -03:00
Pyrox
8575645827 yarn-berry: 3.4.1 -> 4.0.1
The only breaking change here is that Yarn drops support for NodeJS versions <18.12

Besides that, no major changes that I think deserve a mention
2023-11-10 15:15:40 -08:00
Martin Weinelt
3536221702
Merge pull request #160346 from mweinelt/hass-custom-everything
home-assistant: custom components and lovelace modules
2023-11-11 00:08:25 +01:00
Kira Bruneau
0cc094c041
Merge pull request #265886 from kira-bruneau/at-spi2-core
nixos/gnome/at-spi2-core: fix disabling a11y in all contexts
2023-11-10 16:31:53 -05:00
Niklas Hambüchen
dcceeb9868 manual: tests: Describe how to port-forward into test VMs 2023-11-10 22:29:12 +01:00
Niklas Hambüchen
5d73d954cd manual: Don't suggest exposing VM port to local network.
The setting

    QEMU_NET_OPTS="hostfwd=tcp::2222-:22"

caused the VM's port 2222 to be advertised on the host as
`0.0.0.0:2222`, thus anybody in the local network of the host
could SSH into the VM.
Instead, port-forward to localhost only.

Use `127.0.0.1` also on the VM side, otherwise connections to
services that, in the VM, bind to `127.0.0.1` only
(doing the safe approach) do not work.

See e.g. https://github.com/NixOS/nixpkgs/issues/100192
for more info why localhost listening is the best default.
2023-11-10 22:29:12 +01:00
Martin Weinelt
6d05ad6a6b
nixos/rl-2311: mention new home-assistant module features 2023-11-10 22:00:38 +01:00
Martin Weinelt
c85cecedf1
nixos/tests/home-assistant: test custom things cleanup
Make sure we properly remove custom components and custom lovelace
modules, when they're not configured anymore.
2023-11-10 22:00:38 +01:00
Martin Weinelt
8108ce0a4f
nixos/tests/home-assistant: test loading custom components 2023-11-10 22:00:37 +01:00
Martin Weinelt
f2bd10bb1e
nixos/tests/home-assistant: test loading lovelace modules 2023-11-10 22:00:37 +01:00
Martin Weinelt
f30192ae6f
nixos/home-assistant: add customComponents support
Allows passing custom component packages, that get installed into
home-assistant's state directory.
Python depedencies, that are propagated from the custom component
get passed into `extraPackages`, so they are available to
home-assistant at runtime.

This is implemented in a way, that allows coexistence with custom
components not managed through the NixOS module.
2023-11-10 22:00:36 +01:00
Martin Weinelt
9a941c58e5
nixos/home-assistant: add customLovelaceModules support
Allows the installation of custom lovelace modules, that can inject
css/js into the frontend and offer a wide variety of widgets.
2023-11-10 22:00:30 +01:00
Ryan Lahfa
b8218af2e6
Merge pull request #256226 from ElvishJerricco/systemd-stage-1-testing-backdoor 2023-11-10 14:08:07 +01:00
Lin Jian
36f4c90526
Merge pull request #266150 from robryk/resticnotimer
nixos/restic: allow timer to be disabled
2023-11-10 17:51:14 +08:00
K900
b0dd91c32a
Merge pull request #266509 from K900/remove-nixos-option-shim
nixos/installer: remove nixos-option compat shim
2023-11-10 10:47:18 +03:00
Yureka
6d475b6d95 nixos/tests/sudo: check that sudo is enabled by default 2023-11-10 03:32:26 +01:00
Yureka
b0206f9bf9 nixos/sudo: enable by default
The default was accidentally changed to false in #262790
2023-11-10 03:30:39 +01:00
Will Fancher
e9e2240763 nixos/tests/systemd-initrd-modprobe: Test parameter in stage 1 2023-11-09 17:53:49 -05:00
Will Fancher
b41cbee0fd nixos/tests/systemd-initrd-networkd-ssh: Test with backdoor not LUKS 2023-11-09 17:53:49 -05:00
Will Fancher
8900b027c7 nixos/tests/systemd-initrd-networkd: Use initrdBackdoor 2023-11-09 17:53:49 -05:00
Will Fancher
90e2658693 nixos/tests/systemd-initrd-networkd: Separate into different tests 2023-11-09 17:53:49 -05:00
Will Fancher
9a0f523372 systemd-stage-1: Enable backdoor in nixos tests 2023-11-09 17:53:48 -05:00
Will Fancher
f8ba8be54b testing-instrumentation: Factor backdoor service out to variable 2023-11-09 17:02:01 -05:00
Will Fancher
c20ad5d379
Merge pull request #266369 from SuperSandro2000/systemd-unit-empty-lines
systemd-lib: cleanup empty lines in unit files
2023-11-09 16:49:11 -05:00