Commit Graph

2921 Commits

Author SHA1 Message Date
github-actions[bot]
aeb6db8171
Merge staging-next into staging 2022-01-20 18:01:55 +00:00
github-actions[bot]
ce88a19065
Merge master into staging-next 2022-01-20 18:01:19 +00:00
rnhmjoj
79b4b7eaa1
docs/release-notes: document dhcpd hardening 2022-01-20 15:54:38 +01:00
Janne Heß
96d36b0c2e
nixos/switch-to-configuration: Proper unit file parser
This replaces the naive K=V unit parser with a proper INI parser from a
library and adds proper support for override files. Also adds a bunch of
comments about parsing, I hope this makes it easier to understand and
maintain in the future.

There are multiple reasons to do so, the first one is just general
correctness with is nice imo. But to get to more serious reasons (I
didn't put in all that effort for nothing) is that this is the first
step torwards more clever restart/reload handling. By using a library
like Data::Compare a future PR could replace the current way of
fingerprinting units (which is to compare store paths) by comparing the
hashes. This is more precise because units won't get restarted because
the order of the options change, comments are added, some dependency of
writeText changes, .... Also this allows us to add a feature like
`X-Reload-Triggers` so the unit can either be reloaded when these change
or restarted when everything else changes, giving module authors the
ability to have their services reloaded without having to fear that
updates are not applied because the service doesn't get restarted.
Another reason why this feature is nice is that now that the unit files
are parsed correctly (and values are just extracted from one section),
potential future rewrites can just rely on some INI library without
having to implement their own weird parser that is compatible with this
script.

This also comes with a new subroutine to handle systemd booleans because
I thought the current way of handling it was just ugly. This also allows
overriding values this script reads in an override file.

Apart from making this script more compatible with the world around it,
this also fixes two issues I saw bugging exactly 0 (zero) people. First
is that this script now supports multiple override files, also ones that
are not called override.conf and the second one is that `1` and `on` are
treated as bools by systemd but were previously not parsed as such by
switch-to-configuration.
2022-01-20 15:10:23 +01:00
Jonas Heinrich
80475b46f5
nixos/invoiceplane: init module and package at 1.5.11 (#146909) 2022-01-20 22:45:35 +09:00
Jan Tojnar
a3a525b7b5
Merge pull request #155414 from jwygoda/fcc-unlock
modemmanager: 1.18.2 -> 1.18.4
2022-01-20 08:14:14 +01:00
Jarosław Wygoda
8e49e6168a modemmanager: 1.18.2 -> 1.18.4
Since release 1.18.4, the ModemManager daemon no longer automatically
performs the FCC unlock procedure by default. The user must, under their
own responsibility, enable the automatic FCC unlock as shipped by
ModemManager.
2022-01-19 23:06:11 +01:00
pennae
989fd06cb8 nixos/ssh: add release notes for extraHostNames option 2022-01-19 17:21:11 +01:00
github-actions[bot]
0fdca24272
Merge master into staging-next 2022-01-19 00:01:38 +00:00
sternenseemann
48965506a1 lib/asserts: use throw to display message for assertMsg
`assert` has the annoying property that it dumps a lot of code at the
user without the built in capability to display a nicer message. We have
worked around this using `assertMsg` which would *additionally* display
a nice message. We can do even better: By using `throw` we can make
evaluation fail before assert draws its conclusions and prevent it from
displaying the code making up the assert condition, so we get the nicer
message of `throw` and the syntactical convenience of `assert`.

Before:

    nix-repl> python.override { reproducibleBuild = true; stripBytecode = false; }
    trace: Deterministic builds require stripping bytecode.
    error: assertion (((lib).assertMsg  (reproducibleBuild -> stripBytecode))  "Deterministic builds require stripping bytecode.") failed at /home/lukas/src/nix/nixpkgs/pkgs/development/interpreters/python/cpython/2.7/default.nix:45:1

After:

    nix-repl> python.override { reproducibleBuild = true; stripBytecode = false; }
    error: Deterministic builds require stripping bytecode.
2022-01-19 00:50:06 +01:00
Robert Hensing
ef6f8783ea nixos/doc/rl-2205.section.md: Hint to avoid merge conflicts 2022-01-18 23:40:28 +01:00
bb2020
272fc86d2c nixos/mbpfan: convert to structural settings 2022-01-18 21:31:33 +03:00
github-actions[bot]
1b0315af15
Merge master into staging-next 2022-01-18 18:01:04 +00:00
pennae
21115ea8f9
Merge pull request #155041 from tokudan/ssh-rename-optionCRA
openssh: Rename option, old option is deprecated upstream
2022-01-18 16:07:20 +00:00
talyz
07b64a2ad7
nixos/bookstack: Add option config to replace extraConfig
The `extraConfig` parameter only handles text - it doesn't support
arbitrary secrets and, with the way it's processed in the setup
script, it's very easy to accidentally unescape the echoed string and
run shell commands / feed garbage to bash.

To fix this, implement a new option, `config`, which instead takes a
typed attribute set, generates the `.env` file in nix and does
arbitrary secret replacement. This option is then used to provide the
configuration for all other options which change the `.env` file.
2022-01-18 15:16:23 +01:00
talyz
e7fa7fdffc
nixos/bookstack: Clear the cache more reliably
When upgrading bookstack, if something in the cache conflicts with the
new installation, the artisan commands might fail. To solve this, make
the cache lifetime bound to the setup service. This also removes the
`cacheDir` option, since the path is now handled automatically by
systemd.
2022-01-18 15:16:04 +01:00
Daniel Frank
d851c11a9f
openssh: add release-notes entry for services.openssh.{challengeResponseAuthentication -> kbdInteractiveAuthentication} 2022-01-18 14:01:20 +01:00
Franz Pletz
76aa0af628
Merge branch 'master' into mattermost-6.3 2022-01-18 13:23:38 +01:00
github-actions[bot]
b456d67c98
Merge master into staging-next 2022-01-18 00:01:41 +00:00
Bernardo Meurer
eaf7be02b9
Merge pull request #150859 from helsinki-systems/feat/redo-restart-by-activation-script 2022-01-17 21:11:09 +00:00
Janne Heß
2cf157c781
nixos/switch-to-configuration: Rework activation script restarts
This removes `/run/nixos/activation-reload-list` (which we will need in
the future when reworking the reload logic) and makes
`/run/nixos/activation-restart-list` honor `restartIfChanged` and
`reloadIfChanged`. This way activation scripts don't have to bother with
choosing between reloading and restarting.
2022-01-17 17:57:23 +01:00
Frederik Rietdijk
4d125692e5 Merge master into staging-next 2022-01-17 16:10:06 +01:00
Spencer Janssen
ed5883c1b6 zrepl: 0.4.0 -> 0.5.0 2022-01-17 15:35:45 +01:00
github-actions[bot]
0eee7ee8c8
Merge master into staging-next 2022-01-17 12:01:25 +00:00
Timo Kaufmann
e3b041ac07
Merge pull request #145767 from midchildan/fix/noto-cjk
noto-fonts-cjk: add missing serif font
2022-01-17 11:23:40 +01:00
github-actions[bot]
f0a71fe6f3
Merge master into staging-next 2022-01-17 06:01:22 +00:00
Morgan Jones
9db1fb4772 nixos/mattermost: update release notes 2022-01-16 22:34:37 -07:00
Ben Darwin
43047ec128
nixos/rstudio-server: add to 22.05 release notes 2022-01-17 10:26:24 +11:00
midchildan
bd8132ac62
noto-fonts-cjk: add missing serif font
Fixes #99940
2022-01-17 02:04:02 +09:00
github-actions[bot]
122cae786e
Merge master into staging-next 2022-01-16 06:01:16 +00:00
Martin Weinelt
369db3b2f3
mailpile, nixos/mailpile: drop
Still actively developed and yet stuck on python2. Also marked as
vulnerable and their issue tracker contains yet another security issue
reported in 2021/10 that the upstream hasn't acknowledged yet.

Mind blown.

Closes: #135543, #97274, #97275
2022-01-16 02:36:20 +01:00
Anderson Torres
ce6fd0d857
Merge pull request #154051 from starcraft66/polymc
polymc: init at 1.0.4

polymc substitutes multimc.
2022-01-15 22:18:26 -03:00
Bernardo Meurer
4fa2647449
Merge pull request #154994 from mweinelt/kernel-disable-unpriv-ebpf
linux: enable BPF_UNPRIV_DEFAULT_OFF on 5.10 and later
2022-01-16 00:46:51 +00:00
Tristan Gosselin-Hane
155f315319 multimc: document replacement 2022-01-15 18:09:27 -05:00
Martin Weinelt
3ee206291a
linux: enable BPF_UNPRIV_DEFAULT_OFF between 5.10 and 5.15
Disable unprivileged access to BPF syscalls to prevent denial of service
and privilege escalation via

a) potential speculative execution side-channel-attacks on unmitigated
hardware[0]

or

b) unvalidated memory access in ringbuffer helper functions[1].

Fixes: CVE-2021-4204, CVE-2022-23222

[0] https://ebpf.io/summit-2021-slides/eBPF_Summit_2021-Keynote-Daniel_Borkmann-BPF_and_Spectre.pdf
[1] https://www.openwall.com/lists/oss-security/2022/01/13/1
2022-01-15 23:44:19 +01:00
github-actions[bot]
ed9751296d
Merge master into staging-next 2022-01-15 18:01:07 +00:00
Jonas Heinrich
75d417c267
nixos/dokuwiki: Drop deprecated old interface (#152676) 2022-01-16 02:38:20 +09:00
Jörg Thalheim
e91ed60026
Merge pull request #154805 from Lassulus/ergochat
ergochat: init at 2.9.1 (+ module/test)
2022-01-15 12:15:46 +00:00
github-actions[bot]
6d8719a23d
Merge master into staging-next 2022-01-15 12:01:13 +00:00
0x4A6F
3cbdd13b11
Merge pull request #151364 from matthiasbeyer/add-timetagger
Add timetagger
2022-01-15 09:52:21 +01:00
Matthias Beyer
65aaf4e22d Add timetagger to release notes
Why the f*** would anyone ever add generated stuff to a git repository,
where the sources for the generated stuff AND the scripts to generate
them are in the repository?

Signed-off-by: Matthias Beyer <mail@beyermatthias.de>
2022-01-15 09:08:52 +01:00
lassulus
eaf8890a6c nixos/ergochat: init 2022-01-14 23:33:23 +01:00
github-actions[bot]
d5e672b839
Merge master into staging-next 2022-01-14 18:01:18 +00:00
Robert Hensing
2bf5958169
Merge pull request #151082 from hercules-ci/nixos-cleanup-vmWithBootLoader
nixos: turn vmWithBootLoader into option (`nixos-rebuild build-vm`)
2022-01-14 18:49:27 +01:00
github-actions[bot]
a8b75d6f2f
Merge master into staging-next 2022-01-13 00:01:59 +00:00
0x4A6F
1e0d877e1d
Merge pull request #151946 from mweinelt/frr
frr: init at 8.1; libyang: init at 2.0.112
2022-01-12 20:51:12 +01:00
github-actions[bot]
7def368b6f
Merge master into staging-next 2022-01-12 18:01:16 +00:00
Daniel Thwaites
3f1ef8fe14
nixos/starship: init 2022-01-12 15:47:08 +00:00
adisbladis
02d732d2e4
Merge pull request #154742 from 06kellyjac/docbookrx
docbookrx: drop
2022-01-13 02:20:53 +12:00
06kellyjac
7148ebef25 docbookrx: drop 2022-01-12 12:04:44 +00:00
github-actions[bot]
9b5359861c
Merge master into staging-next 2022-01-12 12:01:06 +00:00
Winter
c772c572cf nixos/doc: fix mention of reading test logs 2022-01-11 20:43:08 -05:00
github-actions[bot]
e8dc263ca3
Merge staging-next into staging 2022-01-11 18:01:57 +00:00
Nikolay Amiantov
8956803ade prosody-filer service: init
Add user and group, as files stored are persistent and to be accessed by nginx or other web server.
2022-01-11 20:09:36 +03:00
Nikolay Amiantov
5a38ceb6a7
Merge pull request #154013 from abbradar/baget
BaGet package and service
2022-01-11 20:06:53 +03:00
Gabriel Ebner
b57d7dc58f
Merge pull request #153449 from Mic92/opensmtpd-extras
opensmtpd-extras: drop python2 option
2022-01-11 17:57:39 +01:00
Nikolay Amiantov
74a88c4961 baget service: init 2022-01-11 19:54:54 +03:00
Alyssa Ross
d77022e114
Merge remote-tracking branch 'nixpkgs/staging-next' into staging
Conflicts:
	nixos/doc/manual/from_md/release-notes/rl-2205.section.xml
	nixos/doc/manual/release-notes/rl-2205.section.md
2022-01-11 16:35:43 +00:00
Aaron Andersen
ee7e31edb4
Merge pull request #153825 from ymatsiuk/ymatsiuk/teleport-module-test-init
nixos/teleport: init + tests
2022-01-11 07:29:22 -05:00
Yurii Matsiuk
47dc5bf2b9
nixos/teleport: add release notes 2022-01-11 10:11:17 +01:00
wchresta
205b0f2c5e Idris2: Refactor default.nix
We take the idris2 projects version of the derivation. Originally,
Idris2 did not maintain their own nix derivation, so we created our
own. Now they maintain their own derivation, so we should try to
keep ours as close to theirs.

This change comes with the following differences:
* support files are in its own output, instead of packaged with idris2
  - This makes it necessary to provide --package for contrib and network
    !!! This is a breaking change !!!
* IDIRS2_PREFIX is set to ~/.idris2 instead of pointing to nix-store
  - This makes --install work as expected for the user
* Properly set IDRIS2_PACKAGE_PATH
* non-linux platform uses chez-racket instead of chez
2022-01-10 22:01:42 +01:00
Jan Tojnar
3dba2db347 Merge branch 'staging-next' into staging
; Conflicts:
;	nixos/doc/manual/from_md/release-notes/rl-2205.section.xml
;	nixos/doc/manual/release-notes/rl-2205.section.md
2022-01-10 19:27:28 +01:00
Bernardo Meurer
d72a2e7baf
firmwareLinuxNonfree -> linux-firmware
This renames our `firmwareLinuxNonfree` package to `linux-firmware`.
There is prior art for this in multiple other distros[1][2][3].

Besides making the package more discoverable by those searching for the
usual name, this also brings it in-line with the `kebab-case` we
normally see in `nixpkgs` pnames, and removes the `Nonfree` information
from the name, which I consider redundant given it's present in
`meta.license`.

The corresponding alias has been added, so this shouldn't break
anything.

[1]: https://archlinux.org/packages/core/any/linux-firmware/
[2]: https://src.fedoraproject.org/rpms/linux-firmware
[3]: https://packages.gentoo.org/packages/sys-kernel/linux-firmware
2022-01-10 12:28:03 -03:00
Martin Weinelt
c61a33bc8b
Merge pull request #129559 from fortuneteller2k/thelounge 2022-01-10 11:46:46 +01:00
github-actions[bot]
0f8ce42c1f
Merge staging-next into staging 2022-01-10 06:01:45 +00:00
Aaron Andersen
03c291e6a3
Merge pull request #153987 from jakubgs/init/mtr-exporter
mtr-exporter: init at 0.1.0 (3ce854a5)
2022-01-09 22:34:30 -05:00
fortuneteller2k
38e1dbd942 nixos/thelounge: private -> public
Co-authored-by: Winter <78392041+winterqt@users.noreply.github.com>
2022-01-10 11:28:41 +08:00
legendofmiracles
d9b2a764b0
Merge pull request #148541 from legendofmiracles/final-asf 2022-01-09 20:45:13 -06:00
Jan Tojnar
f7aa55946b Merge branch 'staging-next' into staging
; Conflicts:
;	nixos/doc/manual/from_md/release-notes/rl-2205.section.xml
;	nixos/doc/manual/release-notes/rl-2205.section.md
;	pkgs/build-support/libredirect/default.nix
2022-01-10 01:26:05 +01:00
Martin Weinelt
24999924b4
Merge pull request #153038 from winterqt/thelounge-plugins 2022-01-10 00:59:33 +01:00
Winter
fe20f479e9 nixos/thelounge: add plugins option 2022-01-09 13:12:41 -05:00
Jakub Sokołowski
7d988867ff
mtr-exporter: init at 0.1.0 (3ce854a5)
This is a useful utility for monitoring network performance over time
using a combination of MTR and Prometheus. Also adding a service definition.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-01-09 13:57:06 +01:00
Nikolay Amiantov
f2c5970a76 users-groups service: add autoSubUidGidRange option
Previously we allocated subuids automatically for all normal users.
Make this explicitly configurable, so that one can use this for system
users too (or explicitly disable for normal users). Also don't allocate
automatically by default if a user already has ranges specified statically.
2022-01-09 09:43:55 +03:00
Martin Weinelt
6008460c04
nixos/frr: add to release notes 2022-01-09 04:13:42 +01:00
Robert Hensing
f80f85f228
Merge pull request #154015 from pennae/fix-docs-cross
nixos/documentation: fix docs cross build
2022-01-08 20:44:05 +01:00
Jacek Galowicz
048fd95f10
Merge pull request #146905 from Synthetica9/failure_mode
nixos/test-driver: add polling_condition
2022-01-08 18:28:25 +01:00
pennae
9d3ba92d63 nixos/documentation: fix docs cross build
a few things should've used buildPackages/nativeBuildInputs to not not require
the host architecture for building docs. tested by building aarch64-linux docs
on x86_64-linux, and the result looks good.
2022-01-08 16:03:23 +01:00
Jonathan Ringer
172bcecd6b
Merge remote-tracking branch 'origin/staging-next' into staging 2022-01-07 10:32:13 -08:00
Patrick Hilhorst
0c3f1cf420
Merge pull request #153273 from Synthetica9/passthru-driverInteractive 2022-01-07 16:04:43 +01:00
github-actions[bot]
1342506d40
Merge staging-next into staging 2022-01-07 00:04:19 +00:00
Renaud
952aa6f820
Merge pull request #148606 from McSinyx/fetch-srht-recurse
fetchFromSourcehut: allow recursive fetching
2022-01-06 22:55:23 +01:00
legendofmiracles
bf30cd48ed
nixos/archisteamfarm: init 2022-01-05 14:09:23 -06:00
github-actions[bot]
a738715d80
Merge staging-next into staging 2022-01-05 00:02:28 +00:00
Robert Hensing
70d27303da
Merge pull request #149532 from pennae/split-docs-build
nixos/*: split docs build
2022-01-04 22:33:23 +01:00
Patrick Hilhorst
d4dc638d77
nixos/test-driver: also passthru driverInteractive 2022-01-04 14:52:37 +01:00
Jörg Thalheim
e73fb8d32f opensmtpd-extras: drop python2 option
related to https://github.com/NixOS/nixpkgs/issues/148779
2022-01-04 09:17:33 +01:00
github-actions[bot]
25662d01ae
Merge staging-next into staging 2022-01-04 00:02:40 +00:00
piegames
ae040631c9
Merge pull request #142758: Add Heisenbridge module 2022-01-03 18:05:55 +01:00
piegames
4d69ad4b1f nixos/heisenbridge: Init 2022-01-03 15:40:40 +01:00
Philipp
3d47865f7f nixos/matrix-conduit: init 2022-01-03 15:36:56 +01:00
Nguyễn Gia Phong
b97ccaa18d
fetchFromSourcehut: allow recursive fetching 2022-01-03 16:37:16 +07:00
Andrew Marshall
238bf44f81 nixos/doc: Fix typo in release notes
Broken in f10aea2434.
2022-01-02 22:37:47 -05:00
pennae
50954ad1c5 nixos/make-options-doc: treat missing descriptions as errors by default
this partially solves the problem of "missing description" warnings of the
options doc build being lost by nix build, at the cost of failing builds that
previously ran. an option to disable this behaviour is provided.
2022-01-02 19:46:13 +01:00
pennae
fc614c37c6 nixos/documentation: split options doc build
most modules can be evaluated for their documentation in a very
restricted environment that doesn't include all of nixpkgs. this
evaluation can then be cached and reused for subsequent builds, merging
only documentation that has changed into the cached set. since nixos
ships with a large number of modules of which only a few are used in any
given config this can save evaluation a huge percentage of nixos
options available in any given config.

in tests of this caching, despite having to copy most of nixos/, saves
about 80% of the time needed to build the system manual, or about two
second on the machine used for testing. build time for a full system
config shrank from 9.4s to 7.4s, while turning documentation off
entirely shortened the build to 7.1s.
2022-01-02 19:46:13 +01:00
Madoura
e16074e889
nixos/tetrd: init 2022-01-01 17:43:37 -06:00
Patrick Hilhorst
4e1556ed4d
nixos/test-driver: add polling_condition 2022-01-01 23:17:32 +01:00
Aaron Andersen
34c283deda
Merge pull request #150846 from onny/maddy
nixos/maddy: Better description, user and group handling
2022-01-01 15:05:42 -05:00
Morgan Jones
f5901b85d1 mattermost: update release notes 2021-12-31 23:49:00 -05:00
Martin Weinelt
5dd90167ce nixos/moinmoin, nixos/tests/moinmoin, python2Packages.moinmoin: remove
Stuck on python2 and the NixOS test has been failing for 6 months.
2021-12-31 16:39:24 -08:00
Jan Tojnar
d995596052 Merge branch 'staging-next' into staging
; Conflicts:
;	nixos/doc/manual/from_md/release-notes/rl-2205.section.xml
;	nixos/doc/manual/release-notes/rl-2205.section.md
2021-12-31 15:32:37 +01:00
sternenseemann
710699449a nixos/doc: document documentation.man changes in 22.05 rel notes 2021-12-31 11:17:34 +01:00
Michael Weiss
2c82929645
iputils: 20210722 -> 20211215
The tools "tftpd" and "traceroute6" were removed. See [0] for more details.

[0]: https://github.com/iputils/iputils/releases/tag/20211215
2021-12-30 15:00:33 +01:00
Jonas Heinrich
71c423671b nixos/maddy: Better description, user and group handling 2021-12-30 14:17:00 +01:00
zowoq
45dbb95515 nixos/kubernetes: remove dashboard 2021-12-30 18:51:03 +10:00
Lyndon Sanche
c7008f8fdf
nixos/duplicati: Add dataDir to service
Other services such as minecraft-server and plex allow configuration of
the dataDir option, allowing the files stored by each service to be in a
custom location.

Co-authored-by: Aaron Andersen <aaron@fosslib.net>
2021-12-29 08:35:41 -07:00
Benoit de Chezelles
e040ff57a0 nixos/doc/rl-2205: Add note about reduced closure of python3.pkgs.matplotlib 2021-12-28 20:14:53 -05:00
Nikolay Amiantov
a3e7a83514
Merge pull request #150774 from abbradar/docker-rootless
Rootless Docker service
2021-12-27 20:32:57 +03:00
Martin Weinelt
99e8065d4c
Merge pull request #147784 from m1cr0man/acme 2021-12-27 17:37:39 +01:00
Bobby Rong
2684d1a990
Merge pull request #148832 from r-ryantm/auto-update/autorestic
autorestic: 1.3.0 -> 1.5.0
2021-12-27 10:01:42 +08:00
Lucas Savva
07c1583309
nixos/acme: Update release notes 2021-12-26 16:49:52 +00:00
Bobby Rong
8bc21bca03
nixos/rl-2205: mention autorestic update 2021-12-25 20:18:09 +08:00
Emery Hemingway
02cb654a4d nixos/stubby: reduce to a settings-style configuration
Extract the example configuration from the package to provide a
working example.

Remove pkgs.stubby from `environment.systemPackages`.
2021-12-25 12:07:06 +01:00
Nikolay Amiantov
ab64310a5e docker-rootless service: init 2021-12-22 14:23:23 +03:00
rembo10
3898a66cc4 Update nixos-rebuild man page to reflect target-host change
See:
https://github.com/NixOS/nixpkgs/pull/126614
2021-12-22 00:56:19 -08:00
Elis Hirwing
e3a7c62565
Merge pull request #147411 from drupol/php/php-8.1.0
php: Init at 8.1.1
2021-12-21 12:33:07 +01:00
Pol Dellaiera
3d3479f717
php81: init at 8.1.1 2021-12-20 15:51:00 +01:00
Bob van der Linden
c1b0d4acf5
rename daemonConfig -> daemon.settings 2021-12-19 14:16:58 +01:00
Bob van der Linden
142a1540d6
nixos/docker: add daemonConfig option
Adds the virtualisation.docker.daemonConfig option that allows
changing Docker daemon settings as done in daemon.conf.
2021-12-19 14:15:18 +01:00
Andrew Marshall
f10aea2434 nixos/ssh: Add enableAskPassword
Previously, this was only implicitly enabled if xserver.enable = true.
However, Wayland-based desktops do not require this, and so configuring
SSH_ASKPASS on a Wayland desktop becomes cumbersome. This simplifies
that by adding a new option that defaults to the old conditional.
2021-12-18 12:13:02 -05:00
pennae
2000a1edcd nixos/unifi: add deprecation warning for openPorts
modules are discouraged from opening ports in the firewall unless
explicitly told to do so. add a deprecation notice for this in unifi.
2021-12-17 21:30:52 +01:00
Robert Hensing
439d7d493d nixos: Add release note about vmVariant 2021-12-17 14:49:31 +01:00
Flakebi
368b22d09b powerdns-admin: fix and add module
- Add the migrations directory to the package
- Add postgres support to the package
- Add a service for powerdns-admin

Co-authored-by: Zhaofeng Li <hello@zhaofeng.li>
2021-12-17 10:33:40 +01:00
David Anderson
7708b9db26 infuxdb2: add package split to 22.05 release notes. 2021-12-16 12:17:20 -08:00
Kim Lindberger
ebaa226853
elk7: 7.11.1 -> 7.16.1, 6.8.3 -> 6.8.21 + add filebeat module and tests (#150879)
* elk7: 7.11.1 -> 7.16.1

* nixosTests.elk: Improve reliability and compatibility with ELK 7.x

- Use comparisons in jq instead of grepping
- Match for `.hits.total.value` if version >= 7, otherwise it always
  passes
- Make curl fail if requests fails

* nixos/filebeat: Add initial module and test

Filebeat is an open source file harvester, mostly used to fetch logs
files and feed them into logstash.

This module can be used instead of journalbeat if used with
`filebeat7` and configured with the `journald` input.

* python3Packages.parsedmarc.tests: Fix breakage

- Don't use the deprecated elasticsearch7-oss package
- Improve jq query robustness and add tracing

* rl-2205: Note the addition of the filebeat service

* elk6: 6.8.3 -> 6.8.21

The latest version includes a fix for CVE-2021-44228.

* nixos/journalbeat: Add a loose dependency on elasticsearch

Avoid unnecssary back-off when elasticsearch is running on the same
host.
2021-12-17 00:20:52 +09:00
Markus S. Wamser
b93e478777 writers.PyPy{2,3}: init 2021-12-15 10:01:08 +01:00
Markus S. Wamser
4e42f6bcb3 writers.writePython2: remove 2021-12-15 09:56:14 +01:00
Julien Moutinho
7475554372 nixos/redis: enable multiple instances of redis-server 2021-12-13 14:42:19 -05:00
Vincent Haupert
0b5c9f81e2 nixos/aesmd: add module
Co-authored-by: Alex Zero <joseph@marsden.space>
2021-12-10 10:18:31 +01:00
Silvan Mosberger
15c41e1d54
Merge pull request #147265 from pennae/option-docs-build
put all option docs build flavors on equal footing
2021-12-08 21:27:02 +01:00
Patrick Hilhorst
29671bc365
Merge pull request #137260 from onny/maddy 2021-12-08 00:00:13 +01:00
Jonas Heinrich
ecd88f91a0
nixos/maddy: Add module for maddy
Co-authored-by: Patrick Hilhorst <git@hilhorst.be>
2021-12-07 22:58:22 +01:00
Maximilian Bosch
c959de5b30
Merge pull request #148360 from helsinki-systems/drop/pg96
postgresql_9_6: drop
2021-12-06 21:57:05 +01:00
pennae
c533b01863 nixos/doc/manual: remove non-matching optionsXML inherit 2021-12-06 16:12:32 +01:00
Alvar Penning
521f30f80c claws-mail: remove claws-mail-gtk2 version
The GTK+ 2 version of Claws Mail, major version number three, relies on
Python 2, which is end-of-life and might be dropped in the nixpkgs.

In favour of #148779, this older branch of Claws Mail was removed.
2021-12-05 23:08:18 +01:00
Martin Weinelt
68dc5484e9 nixos/doc/manual/release-notes/rl-2111: add prometheus-smartctl-exporter 2021-12-05 03:18:17 +01:00
Dmitry Kalinkin
721e732e36
Merge pull request #147809 from veprbl/pr/wafHook_release_notes
doc: add release notes for a wafHook change
2021-12-03 11:57:26 -05:00
Philipp Dargel
a3401f6e33 OpenJDK: expose more versions
Provide a way to access all JDK versions.
2021-12-02 17:54:20 -08:00
ajs124
757dd008b2 postgresql_9_6: drop 2021-12-03 01:14:29 +01:00
Nicolas Benes
7065725f68
doc: add release notes for a wafHook change 2021-12-02 18:46:48 -05:00
Martin Weinelt
34d4676e9d
nixos/doc/manual/release-notes/rl-2111: fix multiple option links 2021-12-02 19:03:05 +01:00
Martin Weinelt
d1da5658a6
nixos/doc/manual/release-notes/rl-2111: move highlights introduction 2021-12-02 18:45:04 +01:00
Vonfry
932ab304f0
emacsPackages.orgPackages: deprecated
org elpa is deprecated and moved into gnu elpa and nongnu elpa.

link: nix-community/emacs-overlay#191
2021-12-02 16:16:59 +08:00
Michele Guerini Rocco
d616fde3ae
Merge pull request #146967 from AndrewKvalheim/PermanentMACAddress
nixos/doc: improve example of renaming network interfaces
2021-12-01 09:03:14 +01:00
Timothy DeHerrera
2f0f91fe69
Merge pull request #147898 from tomberek/release_bump
nixos/rl-21.11: bump
2021-11-29 19:12:44 -07:00
Timothy DeHerrera
b1faa37cdf 21.11 Release Notes: fix typos 2021-11-29 20:15:37 -05:00
Tom Bereknyei
af92f1c0cc [21.11] update README.md
[21.11] update upgrading

[21.11] update release date

run generation
2021-11-29 20:15:35 -05:00
sternenseemann
31ff641504 Merge remote-tracking branch 'origin/master' into haskell-updates 2021-11-28 19:31:56 +01:00
Daniel Olsen
0fff6b89ea hydrus: 462 -> 463 2021-11-28 04:11:31 +01:00
Daniel Olsen
40fb87f5ca nixos/doc: Add note about big updates regarding hydrus to release notes 2021-11-28 04:11:30 +01:00
github-actions[bot]
7012b918c3
Merge master into haskell-updates 2021-11-28 00:08:47 +00:00
Michael Weiss
1cfecb636b
Revert "Merge pull request #141192 from helsinki-systems/feat/improved-socket-handling2"
This reverts commit 57961d2b83, reversing
changes made to b04f913afc.
(I.e. this reverts PR #141192.)

While well-intended, this change does unfortunately introduce very
serious regressions that are especially disruptive/noticeable on desktop
systems (e.g. users of Sway will loose their graphical session when
running "nixos-rebuild switch").

Therefore, this change has to be reverted ASAP instead of trying to fix
it in "production".
Note: An updated version should be extensively discussed, reviewed, and
tested before re-landing this change as an earlier version also had to
be reverted for the exact same issues [0].

Fix: #146727

[0]: https://github.com/NixOS/nixpkgs/pull/73871#issuecomment-559783752
2021-11-27 17:22:22 +01:00
sternenseemann
d4c2ca42d9 Merge remote-tracking branch 'origin/master' into haskell-updates 2021-11-25 21:20:21 +01:00
sternenseemann
558da925f3 ghc: make sure top level exposed GHC is always host->target
See the added comment in all-packages.nix for a more detailed
explanation. This makes the top-level GHC different from
haskellPackages.ghc (which is build->host and used for building the
package set), but more consistent with gcc, gnat etc.

Specifically, pkgsCross.${platform}.buildPackages.ghc will now be a
cross-compiler instead of a native build->build compiler.

Since this change has a slight chance of being disruptive, add a note to
the changelog.
2021-11-25 20:18:25 +01:00
Vladyslav Burzakovskyy
4deec4ec53 kratos: 0.7.6-alpha.1 -> 0.8.0-alpha.3 2021-11-23 16:11:48 +01:00
sternenseemann
ef63ed7b10 nixos/doc: check in converted docbook for 22.05 release notes
This was forgotten in 2768bc07f7 and
should hopefully avoid an all too confusing rebase / merge conflict
later.
2021-11-22 23:21:27 +01:00
Timothy DeHerrera
2768bc07f7
add release notes for 22.05 and update codename 2021-11-22 15:10:53 -07:00
Graham Christensen
6cfd23fa0b nixos-install: support --no-root-password 2021-11-22 22:09:50 +02:00
Andrew Kvalheim
12bab91d3b nixos/doc: improve example of renaming network interfaces
For reliably identifying network interfaces, `PermanentMACAddress` is
likely to be preferable to `MACAddress`. NetworkManager in particular
commonly changes the MAC address of wireless interfaces.

Reference:

  - https://www.freedesktop.org/software/systemd/man/systemd.link.html#PermanentMACAddress=
2021-11-21 20:12:31 -08:00
Thiago Kenji Okada
36f6fd1f41 nixos/doc: add release notes about retroarch changes 2021-11-20 16:34:01 -03:00
sternenseemann
debf4fc929 gnat: 9 -> 11
Update the default GNAT version from 9 to 11, as GNAT >= 11 is required
to compile the 22.* AdaCore libraries.

To allow this, we need to pick a patch from ghdl's master fixing a
compilation problem with GNAT 11.
2021-11-15 22:41:56 +01:00
Mikael Voss
aeaafd1502 doc: Explain daemon(IO)NiceLevel removal in release note 2021-11-15 18:34:17 +01:00
github-actions[bot]
c0c7fbda14
Merge master into staging-next 2021-11-13 00:01:45 +00:00
Artturi
4e61e1242c
Merge pull request #144933 from Artturin/ananicyinit
ananicy: init at unstable-2021-11-05
2021-11-12 21:08:14 +02:00
github-actions[bot]
f2d7271432
Merge master into staging-next 2021-11-11 18:01:13 +00:00
Sandro
8f5e231aae
Merge pull request #144618 from fgaz/staticjinja/4.1.1 2021-11-11 14:43:45 +01:00
Artturin
8743e81cd3 nixos/ananicy: init 2021-11-11 02:05:42 +02:00
github-actions[bot]
259e08cd22
Merge master into staging-next 2021-11-10 18:01:21 +00:00
Anderson Torres
d8f5d7f06b
Merge pull request #145227 from Synthetica9/julia-to-stable
julia: point to -stable instead of -lts
2021-11-10 12:58:23 -03:00
github-actions[bot]
6e4d2d1f10
Merge master into staging-next 2021-11-10 00:01:31 +00:00
Janne Heß
edb295084a
Merge pull request #145181 from helsinki-systems/release-notes/openssh
nixos/changelog: Mention OpenSSH upgrade
2021-11-09 21:56:43 +01:00
Bernardo Meurer
8aa7ae22b8
nixos/doc/manual/release-notes/rl-2111: Nix 2.4 2021-11-09 10:47:08 -08:00
Patrick Hilhorst
6a75497278
julia: -lts -> -stable 2021-11-09 19:05:26 +01:00
Janne Heß
fd567ad54a
nixos/changelog: Mention OpenSSH upgrade 2021-11-09 11:38:30 +01:00
github-actions[bot]
f14d7cb2f6
Merge master into staging-next 2021-11-08 18:01:24 +00:00
Bas van Dijk
7f7780daa5 nixos/prometheus: throw a helpful error when services.prometheus.environmentFile is defined 2021-11-07 19:04:24 +00:00
Bas van Dijk
0e4abb0df7 nixos/prometheus: remove services.prometheus.environmentFile
The option `services.prometheus.environmentFile` has been removed since it was causing [issues](https://github.com/NixOS/nixpkgs/issues/126083) and Prometheus now has native support for secret files.
2021-11-07 14:45:40 +00:00
github-actions[bot]
e0cac44f90
Merge master into staging-next 2021-11-07 12:01:18 +00:00
happysalada
db34ebb557 loki: 2.3.0 -> 2.4.0 2021-11-07 18:40:42 +09:00
github-actions[bot]
9166210176
Merge master into staging-next 2021-11-07 00:01:38 +00:00
Victor Freire
46180e407e nixos/xmrig: init 2021-11-06 15:04:14 -03:00
github-actions[bot]
eeb7e66e97
Merge master into staging-next 2021-11-06 18:01:01 +00:00
Nico Berlee
90bac670c0 nixos/pam: pam_mkhomedir umask to 0077
pam_mkhomedir should create homedirs with the same umask as the rest
of the system. Currently it creates homedirs with go+rx which makes
it readable for other non-privileged users.
2021-11-06 17:45:00 +02:00
Robert Hensing
2a4d433b1f nixosTest: Add xclip as example of stdout blocker 2021-11-06 13:46:51 +01:00
github-actions[bot]
2663e5b623
Merge master into staging-next 2021-11-05 12:01:17 +00:00
Pascal Bach
0f60c45e9c nixos/unifi: refactor mountpoints
Use service internal bind mounts instead of global ones.

This also moves the logs to /var/log/unifi on the host
and the run directory to /run/unifi.

Closes #61424
2021-11-05 12:20:40 +01:00
Vladimír Čunát
555a4016a2
Merge branch 'staging-next' into staging 2021-11-05 10:48:58 +01:00
Bernardo Meurer
1403ce522d
Merge pull request #144239 from illustris/hadoop
nixos/hadoop: Add HA services and HTTPFS
2021-11-04 23:30:47 -07:00
Bernardo Meurer
86373221ae
Merge pull request #144679 from hercules-ci/fix-issue-144613-nixosTest-wait-stdout
nixosTest: document wait for stdout behavior, fix #144613
2021-11-04 22:57:06 -07:00
Robert Hensing
698fb089d8 nixosTest: Document stdout waiting behavior 2021-11-05 02:41:25 +01:00
github-actions[bot]
ac4cb43546
Merge staging-next into staging 2021-11-05 00:02:01 +00:00
Maximilian Bosch
49e31e85be
Merge pull request #143230 from nomeata/docs-boot-nixos-rebuild-switch
Nixos manual: nixos-rebuild switch to clear boot entries
2021-11-04 23:45:16 +01:00
github-actions[bot]
20bee66ec8
Merge staging-next into staging 2021-11-04 18:01:44 +00:00
Francesco Gazzetta
7c6d4c902a staticjinja: 4.1.0 -> 4.1.1 2021-11-04 15:27:22 +01:00
Bas van Dijk
0140e239f3
Merge pull request #143147 from basvandijk/prometheus-reload
nixos/prometheus: optionally support reloading on config changes
2021-11-04 13:54:18 +01:00
Bas van Dijk
f12e976ade module/prometheus: optionally support reloading on config changes
The new option `services.prometheus.enableReload` has been introduced
which, when enabled, causes the prometheus systemd service to reload
when its config file changes.

More specifically the following property holds: switching to a
configuration (`switch-to-configuration`) that changes the prometheus
configuration only finishes successully when prometheus has finished
loading the new configuration.

`enableReload` is `false` by default in which case the old semantics
of restarting the prometheus systemd service are in effect.
2021-11-04 11:15:21 +00:00
github-actions[bot]
524db8975e
Merge staging-next into staging 2021-11-04 06:02:01 +00:00
Aaron Andersen
0c5d86b18c
Merge pull request #135601 from stackshadow/code-server-bin
code-server: init code-server-module
2021-11-03 22:15:26 -04:00
illustris
0bd4b60a42 nixos/hadoop: release notes 2021-11-03 22:59:17 +05:30
github-actions[bot]
bf39715fe0
Merge staging-next into staging 2021-11-03 12:01:58 +00:00
Alyssa Ross
703ffa2f5d
Merge remote-tracking branch 'nixpkgs/staging-next' into staging 2021-11-03 07:34:33 +00:00