nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-01-09 06:23:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
396,567 Commits 175 Branches 125 Tags 6.8 GiB
bb10509584
Commit Graph

13684 Commits

Author SHA1 Message Date
Domen Kožar
5a14883a5f
Merge pull request #179634 from domenkozar/cachix-agent-avoid-restarts 
cachix-agent: properly handle not restarting the service
 2022-06-29 17:37:00 -05:00
Domen Kožar
c7b135ac8e cachix-agent: properly handle not restarting the service 2022-06-29 17:17:35 -05:00
Sandro
a59be4f6c8
Merge pull request #175919 from phaer/phaer-healthchecks 
healthchecks: init at 2.2.1
 2022-06-29 23:15:35 +02:00
Kai Wohlfahrt
60d1c1d9ad openldap: change runtime directory 
Use `openldap` for consistency between `/var/lib` and `/run`.
 2022-06-29 19:59:29 +02:00
Kai Wohlfahrt
334d622ec7 openldap: test starting with empty DB 
This addresses the original concern behind #92544
 2022-06-29 19:59:29 +02:00
Kai Wohlfahrt
8a7193fc0a openldap: test and fix mutable config 2022-06-29 19:59:29 +02:00
Kai Wohlfahrt
fd7d901133 openldap: run under systemd-defined user/group 
This improves security, by starting the service as an unprivileged user,
rather than starting as root and relying on the service to drop
privileges. This requires a significant cleanup of pre-init scripts, to
make use of StateDirectory and RuntimeDirectory for permissions.
 2022-06-29 19:59:29 +02:00
Kai Wohlfahrt
38ead944ce openldap: run in foreground 
Now that we use notify daemon type, this works safely and simplifies
configuration.
 2022-06-29 19:59:29 +02:00
Kai Wohlfahrt
d72f89a8fc openldap: Allow notify outside of main thread 
This fixes a bug I observed in deployment on a RPi, but not able to
reproduce in tests.
 2022-06-29 19:59:28 +02:00
Kai Wohlfahrt
6e6f33ad83 openldap: remove deprecated options 2022-06-29 19:59:06 +02:00
Lin Jian
d1b90cf540
nixos/caddy: force caddy to reload config in ExecReload 
This patch follows an upstream commit[1].

Before this patch, if acme module is used, caddy will still use an old
cert even a new one is available. The cause is that without --force
flag, caddy will not reload an unchanged config.

Refer to that commit[1] message for more information.

[1]: 979e498d6d
 2022-06-29 10:36:24 +08:00
ajs124
aea940da63 nixos/jitsi-meet: move prosodyctl calls into prosody preStart 2022-06-29 00:19:57 +02:00
Artturi
3cff3f75b4
Merge pull request #166340 from max-privatevoid/patch-6 2022-06-28 19:55:10 +03:00
Alyssa Ross
4684ff771e
nixos/dictd: make dict use local server 
Seems silly to install this for use with the local server, but to not
configure it to use the local server.  Otherwise, out of the box we
just get an error about no server being configured.
 2022-06-28 12:22:45 +00:00
Sandro
6dce91f57b
Merge pull request #178336 from astro/openwebrx 2022-06-28 11:36:27 +02:00
phaer
12d45dc313 healthchecks: init at 2.2.1 2022-06-28 10:28:46 +02:00
happysalada
b90fa9940b dgraph: add module 2022-06-28 02:34:54 -04:00
Astro
9123ed5f36 openwebrx: 1.1.0 -> 1.2.0 2022-06-28 00:46:32 +02:00
Pascal Bach
13df7151e1
Merge pull request #178783 from greizgh/fix-syncthing-doc 
nixos/syncthing: fix services.syncthing.folders description
 2022-06-27 22:37:56 +02:00
Kim Lindberger
8b404a1617
Merge pull request #177783 from talyz/parsedmarc-secrets 
parsedmarc, geoipupdate: Improve secrets handling and more
 2022-06-27 15:26:10 +02:00
Maximilian Bosch
ec5b885d95
Merge pull request #179236 from winterqt/nextcloud-improvements 
nixos/nextcloud: some small improvements
 2022-06-27 13:42:44 +02:00
Sandro
2cf13724e1
Merge pull request #168141 from mausch/radarr 2022-06-27 01:06:15 +02:00
Aaron Andersen
e3e82b92e8
Merge pull request #177106 from martinetd/logrotate 
logrotate: do not add mail if 'mail = false' is specified
 2022-06-26 23:39:38 +02:00
Aaron Andersen
bf5781e639
Merge pull request #151642 from antifuchs/fix-151550 
navidrome: Allow read access to /etc
 2022-06-26 23:32:18 +02:00
Aaron Andersen
28562b800e
Merge pull request #178154 from aanderse/nixos/prosody 
nixos/prosody: conditionally provision required directories with StateDirectory
 2022-06-26 22:45:18 +02:00
Winter
d6f59779c6 nixos/nextcloud: remove extraneous nginx config directive 2022-06-26 14:30:59 -04:00
Winter
e54ddddd2a nixos/nextcloud: make all services run after nextcloud-setup 2022-06-26 14:29:59 -04:00
Winter
6be3ce36b6 nixos/nextcloud: use mkOption.default for datadir 2022-06-26 14:27:03 -04:00
José Romildo
d18aeb6351 nixos/xfconf: init 
- Add a module for xfconf, the Xfce configuration storage system.
 2022-06-26 14:29:01 -03:00
Erik Arvstedt
1a32663efc
treewide: rename maintainer earvstedt -> erikarvstedt 
The maintainer name now matches the Github username, which simplifies
maintainer notifications.
 2022-06-26 19:12:18 +02:00
Lassulus
ea532fe833
Merge pull request #179168 from yayayayaka/revert-177536-hedgedoc-fix-statedirectory 2022-06-26 19:05:04 +02:00
José Romildo
bb5ec4625a nixos/thunar: init 
- Add a module for the thunar file manager, which depends on the xfconf dbus service, and also has a dbus service and a systemd unit.

- Renames the option services.xserver.desktopManager.xfce.thunarPlugins to programs.thunar.plugins.
 2022-06-26 12:22:07 -03:00
Yaya
57617daaff
Revert "nixos/hedgedoc: Do not set StateDirectory to an absolute path" 2022-06-26 12:06:36 +02:00
Bernardo Meurer
83801da137
Merge pull request #176979 from winterqt/nginx-per-location-recommended-proxy-settings 
nixos/nginx: allow recommended proxy settings to be enabled per location
 2022-06-25 23:48:29 -07:00
piegames
aa3641fa90
Merge pull request #178838 from mweinelt/matrix-appservice-irc 
nixos/matrix-appservice-irc: wait for postgres to start
 2022-06-25 23:09:36 +02:00
Thomas Depierre
fc658c86f7 riak, nixos/riak: remove 
Riak have been updated a lot since the version 2.2 (now 3.0.10) but
has seen no updated to the package. This is at this point
a problem forcing us to maintain old versions of erlang.

We would be happy to re accept a newer version of Riak if someone want
to spend the time to set it up.
 2022-06-25 15:51:18 -04:00
Kim Lindberger
5710bac2b4
nixos/gitlab: Use Git 2.35.x to work around git bug (#177776) 
Git 2.36.1 seemingly contains a commit-graph related bug which is
easily triggered through GitLab, so let's downgrade it to 2.35.x until
this issue is solved. See
https://gitlab.com/gitlab-org/gitlab/-/issues/360783#note_992870101.
 2022-06-25 21:22:53 +02:00
Thiago Kenji Okada
66e8dceabc
Merge pull request #167907 from Misterio77/argonone-module 
nixos/argonone: init
 2022-06-25 10:48:22 +01:00
Gabriel Fontes
17fc78ea58
nixos/argonone: init 2022-06-24 21:20:32 -03:00
ajs124
5c39c81260
Merge pull request #176702 from Mic92/tt-rss 
tt-rss: downgrade to php 8.0
 2022-06-25 00:29:11 +02:00
Martin Weinelt
a24431e56f
Merge pull request #162808 from mweinelt/schleuder 
schleuder: init
 2022-06-24 21:38:22 +02:00
Linus Heckemann
1dabedae3e nixos/schleuder: init module and accompanying test 
Co-Authored-By: Martin Weinelt <hexa@darmstadt.ccc.de>
Co-Authored-By: Cole Helbling <cole.helbling@determinate.systems>
 2022-06-24 15:30:16 -04:00
Sandro
74ea995b11
Merge pull request #174446 from jsimonetti/routedns-init 
routedns: init at 0.1.5
 2022-06-24 16:31:03 +02:00
Martin Weinelt
6c1f44b3f1
nixos/matrix-appservice-irc: wait for postgres to start 
Closes: #178692
 2022-06-24 08:37:43 +02:00
Lassulus
8c2e25e98e
Merge pull request #177081 from azahi/trickster 
trickster: 0.1.10 -> 1.1.5
 2022-06-23 22:24:54 +02:00
Greizgh
ac1e34f0fe
nixos/syncthing: fix services.syncthing.folders description 
It was improperly referencing overrideDevices instead of overrideFolders.
 2022-06-23 20:44:59 +02:00
Bernardo Meurer
5332bc174a
Merge pull request #178483 from twitchyliquid64/tailscale-networkd 
tailscale: ignore tailscale link when using networkd
 2022-06-23 12:10:14 -04:00
pennae
db0dcf15c6
Merge pull request #177379 from hercules-ci/markdown-cassandra 
nixos/cassandra: Convert option docs to markdown
 2022-06-23 08:43:35 +00:00
ajs124
6c189d264e
Merge pull request #177077 from Lassulus/bitlbee_cfgdir 
nixos/bitlbee: allow writing to configDir
 2022-06-22 19:27:59 +02:00
Martin Weinelt
b15badc6c9
Merge pull request #151241 from andir/hass-reload-on-config-changes 2022-06-22 17:20:43 +02:00
Andreas Rammhold
cfbcf381c2
nixos/home-assistant: reload the daemon when configuration changed 
Reload the service when configuration changes. This means that we don't
have a potentially slow startup for every small configuration change.
 2022-06-22 16:20:11 +02:00
Lassulus
5308b5b44a
Merge pull request #178194 from spacekitteh/patch-35 
xpra: Add the ability to perform a start-desktop
 2022-06-22 14:41:15 +02:00
Naïm Favier
4af5c46faa
nixos/dhcpcd: use networking.resolvconf.package 
Allow using the appropriate resolver implementation to set DNS entries
(typically systemd-resolved instead of openresolv).
 2022-06-21 22:58:44 +02:00
Naïm Favier
953a5bd3dd
nixos/tailscale: use networking.resolvconf.package 
Allow using the appropriate resolver implementation to set DNS entries
(typically systemd-resolved instead of openresolv).
 2022-06-21 22:58:44 +02:00
Naïm Favier
458ac47a1d
nixos/wg-quick: improve usage with systemd-networkd 
Use `networking.resolvconf.package` to allow DNS entries to be set using
the system-wide resolver implementation instead of hardcoding systemd or
openresolv.

Extend the tests by adding DNS entries and making one of the peers use
systemd-networkd (hence systemd-resolved).

Also add a few `networkd`-specific settings.
 2022-06-21 22:58:44 +02:00
Tom
3b8a162680 tailscale: ignore tailscale link when using networkd 2022-06-21 13:23:28 -07:00
Robert Hensing
fe11145ec9 nixos/cassandra: Convert option docs to markdown 2022-06-21 13:20:13 +02:00
Robert Hensing
e2c261f2c0
Merge pull request #176146 from pennae/module-docs-markdown 
treewide: markdown option docs
 2022-06-21 13:16:02 +02:00
Maximilian Bosch
5ab65d9cd1 nixos/prometheus-postfix-exporter: fixes for systemd integration 
* Allow the service to read from the journal w/systemd.enable
* Ensure that the service is started after postfix.service
 2022-06-20 19:30:59 +02:00
Lassulus
eb013128da
Merge pull request #178195 from dnr/pipewire-systemwide 
nixos/pipewire: fix wireplumber with system-wide
 2022-06-19 12:42:37 +02:00
Florian Klink
5f297c164e nixos/grafana-agent: add myself as maintainer 2022-06-19 11:50:32 +02:00
Florian Klink
b09836593e nixos/grafana-agent: move remote write config from integrations.prometheus_remote_write to metrics.global.remote_write 
remote_write config in integrations.prometheus_remote_write is only
applied for integrations, so static configurations won't get written
anywhere.
 2022-06-19 11:50:32 +02:00
Florian Klink
e578b4d3ed nixos/grafana-agent: drop server.{grpc,http}_listen_address,http_listen_port 
According to https://grafana.com/docs/agent/latest/upgrade-guide/#v0240,
this has been deprecated/moved to -server.http.address and
-server.grpc.address (accepting ip and port) config options in v0.24.0,
and already listens on localhost and not port 80 by default.
 2022-06-19 11:50:31 +02:00
Florian Klink
2cca676e69 nixos/grafana-agent: replace settings.prometheus with settings.metrics 
According to https://github.com/grafana/agent/pull/1540, -prometheus.*
flages were deprecated in 0.19.0 in favor of the -metrics.*
counterparts. Same applies to `loki` being renamed to `logs`.

I'm not sure if the config file format is still supported (it could be),
but we shouldn't use deprecated configs.
 2022-06-19 11:50:31 +02:00
Sophie Taylor
62494281d8
xpra: fix whitespace 2022-06-19 18:26:10 +10:00
Jörg Thalheim
96b227697f
Merge pull request #177785 from Mic92/navidrome 
nixos/navidrome: fixes missing ssl certficates
 2022-06-19 07:07:41 +01:00
David Reiss
33163bd0ef nixos/pipewire: fix wireplumber with system-wide 2022-06-18 18:46:41 -07:00
Sophie Taylor
f13c61a3b9
xpra: Add the ability to perform a start-desktop 2022-06-19 11:40:41 +10:00
Jörg Thalheim
4258952dc6
nixos/jellyfin: sync up with hardening provided in upstream 2022-06-18 17:09:31 +02:00
Aaron Andersen
078a53824e nixos/prosody: provide additional details in the user and group options description 2022-06-18 10:08:08 -04:00
Aaron Andersen
79bfd3c0d0 nixos/prosody: conditionally provision required directories with StateDirectory 2022-06-18 10:05:15 -04:00
Kevin Cox
b2537dc430
Merge pull request #177561 from max-privatevoid/ipfs-dont-leak-config 
nixos/ipfs: do not leak config to journal on startup
 2022-06-17 19:37:33 -04:00
Max
2a8bf9777d nixos/ipfs: do not leak config to journal on startup 
The preStart script for the IPFS service will print parts of the configuration
to stdout (and therefore, the journal) when applying profiles on startup. This
may lead to unwanted disclosure of private information, such as remote pinning
service API keys. Fix by sending stdout to /dev/null.
 2022-06-17 23:41:27 +02:00
Sandro
0e6db671a0
Merge pull request #178009 from bbenno/update-gollum 
gollum: 5.2.3 -> 5.3.0
 2022-06-17 21:08:57 +02:00
Benno Bielmeier
be0e2db8b9 nixos/gollum: add option local-time 
This feature was introduced in gollum v5.3.0
 2022-06-17 12:50:47 +02:00
Benno Bielmeier
9434ac0963 nixos/gollum: improve description of user-icons option 2022-06-17 12:50:13 +02:00
Jörg Thalheim
5d54641d7f
Merge pull request #177790 from superherointj/package-k3s-1.24.1+k3s1 
k3s: 1.23.6+k3s1 -> 1.24.1+k3s1
 2022-06-17 08:38:10 +01:00
talyz
858a0c3fa6
nixos/parsedmarc: Improve secret handling 
Make secret replacement more robust and futureproof:

- Allow any attribute in `services.parsedmarc.settings` to be a
  secret if set to `{ _secret = "/path/to/secret"; }`.

- Hash secret file paths before using them as a placeholders in the
  config file to minimize the risk of conflicting file paths being
  replaced instead.
 2022-06-16 13:58:20 +02:00
Lily Foster
b5818b7a30 nixos/pipewire: only add pipewire-pulse.conf conditionally 2022-06-15 15:05:44 -07:00
Lily Foster
1e3747b98b nixos/pipewire: add pkgs.pulseaudio to pipewire-pulse user unit path 2022-06-15 15:05:44 -07:00
superherointj
a6a0c44760 k3s: remove docker support 2022-06-15 16:40:29 -03:00
Jörg Thalheim
c772b13ee7 nixos/navidrome: fixes missing ssl certficates 2022-06-15 20:40:07 +02:00
talyz
32e057881a
nixos/parsedmarc: Remove kafka support 
It's broken (see https://github.com/domainaware/parsedmarc/issues/243)
and providing settings for it is therefore misleading.
 2022-06-15 20:15:09 +02:00
talyz
6686a3115c
nixos/parsedmarc: Fix compatibility with recent versions of grafana 2022-06-15 20:15:03 +02:00
talyz
4dddca8240
nixos/geoipupdate: Improve secret handling 
Make secret replacement more robust and futureproof:

- Allow any attribute in `services.geoipupdate.settings` to be a
  secret if set to `{ _secret = "/path/to/secret"; }`.

- Hash the license key path before using it as a placeholder in the
  config file to minimize the risk of conflicting file paths being
  replaced instead.
 2022-06-15 20:14:57 +02:00
talyz
23c15323ce
nixos/geoipupdate: Add error handling to scripts 2022-06-15 17:18:50 +02:00
zimbatm
31b47913f3
nixos: add grafana-agent module 
Easily ship logs and metrics to Grafana Cloud and other similar targets.
 2022-06-15 12:59:06 +02:00
Bobby Rong
6d1779c567
Merge pull request #175620 from bobby285271/nixos-pantheon 
nixos/pantheon: make it possible to remove core packages
 2022-06-15 18:49:37 +08:00
Lassulus
a632afba6d
Merge pull request #177536 from yayayayaka/hedgedoc-fix-statedirectory 
nixos/hedgedoc: Do not set StateDirectory to an absolute path
 2022-06-15 11:25:04 +02:00
M. A
becff58579 nixos/hedgedoc: Do not set StateDirectory to an absolute path 
Commit 8109d8a set the `StateDirectory=` option of the systemd service
configuration to the value of `cfg.workDir` which is wrong, according
to dasJ [1]. This commit resolves this issue by stripping the
`/var/lib/` prefix from `cfg.workDir`.

[1] https://github.com/NixOS/nixpkgs/pull/172824#issuecomment-1130350412
 2022-06-15 08:58:52 +00:00
Andreas
c028f5569b kcheckpass is gone(?) 2022-06-15 14:53:40 +08:00
Jeroen Simonetti
829167bd27
nixos/routedns: init 
Signed-off-by: Jeroen Simonetti <jeroen@simonetti.nl>
 2022-06-15 08:33:46 +02:00
Niklas Hambüchen
0652ef9a64
Merge pull request #176903 from nh2/vaultwarden-service-better-example 
nixos/vaultwarden: Make example more detailed.
 2022-06-15 01:21:40 +02:00
Azat Bahawi
82497b0e9f
trickster: 0.1.10 -> 1.1.5 2022-06-14 01:51:45 +03:00
Benjamin Asbach
6b913c40f0 gitea: bugfix: add check for empty file for secrets 
There are some cases were the files are present but not filled with secrets. In these cases the service fails to startup.

This fixes #175967
 2022-06-14 01:09:14 +03:00
Léo Gaspard
02cd48717d
nixos/openldap: fix systemd rejecting notification (#177084) 
On one of the two machines I have running openldap, openldap failed to start due to a "timeout". Increasing the allowed startup delay didn't help.

I noticed the following in logs:
```
openldap.service: Got notification message from PID 5224, but reception only permitted for main PID 5223
```

It turns out that on this machine at least, openldap apparently sends the notification from a non-main process, which means that we need this NotifyAccess setting for systemd to record that it successfully started. Without it, after 30 seconds systemd kills the process because it didn't receive the sd_notify call.

Somehow the other machine I have on nixos running ldap works fine even without this, but I could not figure out what changes the behavior.

Given that AFAIU NotifyAccess still restricts to "from the cgroup of the service", I think this change should be safe.
 2022-06-13 15:28:12 +02:00
Maximilian Bosch
7f9a78e197
Merge pull request #175330 from jtojnar/grafana-uid 
nixos/grafana: Allow setting UID for datasource
 2022-06-13 07:01:19 +02:00
Maximilian Bosch
5203011e4e
Merge pull request #177430 from Ma27/fix-wireguard-exporter 
nixos/prometheus-wireguard-exporter: fix broken options
 2022-06-13 06:14:30 +02:00
Aaron Andersen
37b6b161e5
Merge pull request #177321 from rnhmjoj/pr-fix-mpd 
mpd: fix socket activation
 2022-06-12 22:26:53 -04:00
Dominique Martinet
f878c8994f logrotate: do not add mail if 'mail = false' is specified 
Reported-by: Ricardo M. Correia <rcorreia@wizy.org>
 2022-06-13 08:57:49 +09:00
Winter
6c53004840 nixos/nginx: allow recommended proxy settings to be enabled per location 2022-06-12 19:52:35 -04:00
Maximilian Bosch
e03d41fb6b
nixos/prometheus-wireguard-exporter: fix broken options 
This is apparently a breaking change in a patch-level release[1] where
it's now necessary to specify values for each CLI argument.

[1] https://github.com/MindFlavor/prometheus_wireguard_exporter/releases/tag/3.6.1
 2022-06-12 20:27:25 +02:00
Maximilian Bosch
fd2a89b983
nixos/wpa_supplicant: don't log that wpa_supplicant.conf is ignored with allowAuxiliaryImperativeNetworks = true 
The warning is wrong with `allowAuxiliaryImperativeNetworks`[1] being
set to `true` because both files are included in this case with `-c` and
`-I`.

[1] https://nixos.org/manual/nixos/stable/options.html#opt-networking.wireless.allowAuxiliaryImperativeNetworks
 2022-06-12 17:07:36 +02:00
K900
6350d8d9b3 nixos/plasma5: add excludePackages option 
This is a pretty straightforward port of #151005.
More things can probably be made optional, I've only added ones
that I'm confident in.
 2022-06-12 14:39:59 +03:00
pennae
320aa2a791 treewide: attempt at markdown option docs 2022-06-12 12:44:38 +02:00
Bobby Rong
2375fac93d
nixos/pantheon: treat evince and file-roller as optional app 2022-06-12 13:12:15 +08:00
Bobby Rong
860781d909
nixos/pantheon: allow disabling pantheon-agent-geoclue2 2022-06-12 13:11:58 +08:00
Timothy DeHerrera
ec4e23d4e9
Merge pull request #171155 from cab404/wg-quick-files 
nixos/wg-quick: added support for configuration files
 2022-06-11 22:00:45 -07:00
Bobby Rong
1097e3e80c
nixos/pantheon: make it possible to remove core packages 2022-06-12 11:39:05 +08:00
Bobby Rong
c1559a07fe
nixos/pantheon: switch to xdg.icons.enable 2022-06-12 11:39:04 +08:00
Bobby Rong
9ca889d0fb
nixos/pantheon: switch to xdg.mime.enable 2022-06-12 11:39:01 +08:00
Jan Tojnar
c397df20d1
Merge pull request #151005 from rhoriguchi/gnome 
nixos/gnome: make it possible to remove core packages
 2022-06-11 21:40:35 +02:00
rnhmjoj
7149c5cb60
mpd: fix socket activation 
Apparently since systemd v250 a `ListenStream` in an override file won't
override the unit, but will be appended to a list of socket addresses.
The socket unit fails if two or more addresses have the same port,
probably because two systemd processes try to listen to it at once.
The solution is to add an empty `ListenStream=` to reset all previous
definitions.

Fix #175478.
 2022-06-11 20:56:19 +02:00
Rick van Schijndel
5bc0350e7c
Merge pull request #177256 from rnhmjoj/pr-picom 
nixos/picom: remove deprecated refreshRate option
 2022-06-11 20:09:28 +02:00
Soham Sen
feff6ddbe7 expressvpn: init at 3.25.0.13 2022-06-11 17:10:33 +05:30
rnhmjoj
26526f02ad
nixos/picom: remove deprecated refreshRate option 
Fix #175765
 2022-06-11 08:59:20 +02:00
piegames
4ebc288038
Merge #172819: nixos: move matrix services into their category 2022-06-10 10:54:18 +02:00
Elis Hirwing
7afff45088
Merge pull request #174555 from etu/php-drop-php74 
php: Drop PHP 7.4
 2022-06-10 10:43:31 +02:00
Martin Weinelt
7b3e907a6f
Merge pull request #176561 from K900/pipewire-create-home 2022-06-10 09:25:41 +02:00
lassulus
a12e525410 nixos/bitlbee: allow writing to configDir 2022-06-09 21:05:16 +02:00
Domen Kožar
f38fd46992 cachix-agent: set USER to please cachix 2022-06-09 17:07:28 +01:00
Ryan Horiguchi
42ceb20d29 nixos/gnome: make it possible to remove core packages 
Co-Authored-By: Jan Tojnar <jtojnar@gmail.com>
 2022-06-09 13:09:55 +02:00
Jan Tojnar
ca23e42105 nixos/gnome: Move sessionPath to core-shell group 
This will allow people to disable these packages.
 2022-06-09 13:04:20 +02:00
Jan Tojnar
016b99dce6 nixos/gnome: drop hicolor-icon-theme 
It is already installed by xdg.icons.enable.

Let’s also enable that option explicitly to prevent users from accidentally
disabling it since GNOME will be severely broken without it.
 2022-06-09 13:04:20 +02:00
Jan Tojnar
aad39fe41a nixos/gnome: drop shared-mime-info 
It is already installed by xdg.mime.enable.

Let’s also enable that option explicitly to prevent users from accidentally
disabling it since GNOME will be severely broken without it.
 2022-06-09 13:04:19 +02:00
Julien Moutinho
17c6f62503 nixos/sourcehut: some settings became mandatory upstream 2022-06-08 19:46:04 -04:00
Julien Moutinho
f34d654860 nixos/sourcehut: increase RestartSec to better avoid degraded states 2022-06-08 19:46:04 -04:00
Julien Moutinho
cd6808ba9f sourcehut: fix Unix socket support for Redis 2022-06-08 19:46:04 -04:00
Julien Moutinho
43b5dcd60c nixos/sourcehut: remove forgotten unused files 2022-06-08 19:46:04 -04:00
Julien Moutinho
876f3a8bf0 sourcehut.todosrht: 0.67.2 -> 0.71.0 2022-06-08 19:46:04 -04:00
Julien Moutinho
bcb91bbeb7 sourcehut.metasrht: 0.57.5 -> 0.58.8 2022-06-08 19:46:04 -04:00
Julien Moutinho
59d8439966 sourcehut.listssrht: 0.51.7 -> 0.51.9 2022-06-08 19:46:04 -04:00
Julien Moutinho
658d8f1240 sourcehut.hgsrht: 0.29.4 -> 0.31.2 2022-06-08 19:46:04 -04:00
Julien Moutinho
b57ed0fa1d sourcehut.gitsrht: 0.77.3 -> 0.78.18 2022-06-08 19:46:04 -04:00
Julien Moutinho
43f856ab2c sourcehut.buildsrht: 0.75.2 -> 0.79.1 2022-06-08 19:46:04 -04:00
Elis Hirwing
da19e4ae97
nixos/snipe-it: Upgrade to PHP 8.1 
They state that they support PHP 8.1:
https://snipe-it.readme.io/docs/requirements
 2022-06-08 18:09:15 +02:00
Elis Hirwing
d7f000b98b
nixos/moodle: Upgrade to PHP 8.1 2022-06-08 18:09:11 +02:00
Elis Hirwing
d0862b0ed9
nixos/nextcloud: Upgrade to PHP 8.0 2022-06-08 18:09:07 +02:00
Elis Hirwing
a69ba21a29
nixos/invoiceplan: Upgrade to PHP 8.1 
They seem to be working to get PHP 8.1 support:
https://github.com/InvoicePlane/InvoicePlane/issues/798
 2022-06-08 18:09:03 +02:00
Elis Hirwing
f822b894c5
nixos/dokuwiki: Upgrade to PHP 8.1 
They seem to run tests against 8.1 since this commit:
7aee97ee81
 2022-06-08 18:08:59 +02:00
Elis Hirwing
c53c34ee72
nixos/postfixadmin: Upgrade to PHP 8.1 2022-06-08 18:08:56 +02:00
Elis Hirwing
4580a63bc4
nixos/grocy: Upgrade to PHP 8.0 2022-06-08 18:08:52 +02:00
Niklas Hambüchen
5683c6e03b nixos/vaultwarden: Make example more detailed. 
It took me a while to figure out how to correctly setup
vaultwarden on NixOS.
I hope that this more detailed example will help others.
 2022-06-08 17:03:53 +02:00
Alyssa Ross
c0b05f106f
nixos/localtime: add missing mkRenamedOptionModule 
Fixes: ffae8569b0 ("nixos/localtimed: hopefully fix geoclue")
 2022-06-08 13:46:26 +00:00
Martin Weinelt
e0169d7a9d
Merge pull request #176558 from Artturin/bumpnofileinfinity 2022-06-08 12:03:01 +02:00
Sandro
be96e24124
Merge pull request #163226 from lodi/persistent-evdev 
persistent-evdev: init at unstable-2022-01-14
 2022-06-07 23:46:13 +02:00
sohalt
f1669775bc nixos/headscale: do not run gin webframework in debug mode 2022-06-07 23:22:05 +02:00
sohalt
18c899d963 nixos/headscale: only set oidc secret if not null 2022-06-07 23:21:13 +02:00
Ben Siraphob
033da0465f
Merge pull request #176418 from Yureien/init/dragonflydb 
dragonflydb: init at 0.1.0
 2022-06-07 14:02:26 -07:00
lodi
3f1ec25f90 persistent-evdev: init at unstable-2022-01-14 2022-06-07 13:20:52 -04:00
Daniel Poelzleithner
e78c2d05da hedgedoc: ensure upload directory exists 
Upload directory is not created when uploading, but will fail silently.
Ensure the upload directory is created.
 2022-06-07 09:06:56 -05:00
Jörg Thalheim
70b31373b4
tt-rss: downgrade to php 8.0 2022-06-07 14:24:07 +02:00
happysalada
f5ef819e24 mimir: switch pname to mimir 2022-06-07 06:53:15 -04:00
cab
8de1e9e2f8
nixos/wg-quick: added support for configuration files 2022-06-07 01:28:50 +04:00
Rick van Schijndel
3037752d1d
Merge pull request #175961 from helsinki-systems/rem/broken 
remove some packages marked broken for over 1.5 years
 2022-06-06 20:44:39 +02:00
Sebastien Bourdeauducq
6cecab9cd8 hydra: create runcommand-logs directory 2022-06-06 11:36:58 -07:00
Artturin
c8f5b17a98 nixos/nix-daemon: set LimitNOFILE to 1048576 
fixes 'too many open files'
 2022-06-06 21:16:47 +03:00
K900
955d1a6dde pipewire: create home directory for the pipewire user when running systemwide 
wireplumber wants to store state there
 2022-06-06 18:06:38 +03:00
Sandro
d8fad83d2c
Merge pull request #176133 from SuperSandro2000/asf-2 2022-06-06 14:34:44 +02:00
Nguyễn Gia Phong
22f3d4e4db
nixos: move matrix services into their category 2022-06-06 13:50:58 +09:00
Soham Sen
109e13db24 dragonflydb: init at 0.1.0 2022-06-06 04:05:48 +05:30
Emery Hemingway
2d012163f2 nixos/uhub: fix plugins, set CAP_NET_BIND_SERVICE 
Fix generation of the plugins configuration and allow binding to
"privileged" ports.
 2022-06-05 13:58:26 -05:00
Guillaume Girol
7548b71138
Merge pull request #171778 from zhaofengli/infnoise-0.3.2 
infnoise: unstable-2019-08-12 -> 0.3.2, nixos/infnoise: init
 2022-06-05 17:30:34 +00:00
Anders Kaseorg
b362ef4eff pipewire: Never set an empty LD_LIBRARY_PATH 
An empty LD_LIBRARY_PATH may confuse some applications into appending
:, creating an empty segment that insecurely refers to the current
directory, not the absence of directories.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
 2022-06-05 13:34:35 +02:00
Wout Mertens
949e1e5277
Merge pull request #176075 from NixOS/netdata-poststart 
netdata: started when service can be pinged
 2022-06-05 13:10:37 +02:00
pennae
4a9708930d
Merge pull request #176116 from pennae/unifi-remove-deprecated 
nixos/unifi: change deprecated default for openFirewall
 2022-06-04 20:52:34 +00:00
lom
0df7cba1b0 nixos/asf: ipcPasswordFile use nullOr 2022-06-04 12:00:45 -06:00
Sandro Jäckel
032f15e566
nixos/asf: add me as maintainer 2022-06-03 18:52:48 +02:00
Sandro Jäckel
d8cd684b62
nixos/asf: restart when self restarting 2022-06-03 18:52:47 +02:00
Sandro Jäckel
4de6a81193
nixos/asf: fix state directory permissions, for real 2022-06-03 18:52:47 +02:00
Sandro Jäckel
28379c3a51
Revert "nixos/asf: set restrictive home permissions" 
This reverts commit 16f28933e7.
 2022-06-03 18:52:46 +02:00
Thiago Kenji Okada
44b5c8b6a7
Merge pull request #175965 from otavio/topic/nixos-restic 
Add new restic options for NixOS module
 2022-06-03 16:19:55 +01:00
Otavio Salvador
d9e3b1fafe nixos/restic: add backup{Prepare,Cleanup}Command options 
The backupPrepareCommand and backupCleanupCommand options offer a way to
run a script to prepare for backup and then cleanup it once finish.

Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
 2022-06-03 11:22:22 -03:00
Otavio Salvador
deae887c5a nixos/restic: add new repositoryFile option 
Allow providing the repository as a file, useful when we don't want it
being stored in the Git repository as plain text.

Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
 2022-06-03 11:21:37 -03:00
pennae
e21c4d67d5 nixos/unifi: change deprecated default for openFirewall 
this was deprecated 6 months ago in unstable for removal in 22.11,
so now seems like a good point to change the default.
 2022-06-03 15:59:41 +02:00
Sandro
c09782950f
Merge pull request #176030 from SuperSandro2000/asf 2022-06-03 12:12:23 +02:00
Sandro Jäckel
e438fad5e9
nixos/asf: format 2022-06-03 11:41:40 +02:00
Sandro Jäckel
17ec7e4401
nixos/asf: remove subdirectories from bot config 2022-06-03 11:41:38 +02:00
Sandro Jäckel
16f28933e7
nixos/asf: set restrictive home permissions 2022-06-03 11:41:37 +02:00
Sandro Jäckel
48b21f661c
nixos/asf: add ipcPasswordFile option, only delete bot configs when managed by nixos, make preStart clearer 2022-06-03 11:41:36 +02:00
Wout Mertens
7f025e2b34
netdata: started when service can be pinged 2022-06-03 10:45:27 +02:00
Otavio Salvador
082a4184ec nixos/restic: reformat 
Apply nixpkgs-fmt on file prior doing changes.

Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
 2022-06-02 16:48:43 -03:00
Rick van Schijndel
d93d4a5820
Merge pull request #175872 from uninsane/colinsane/phosh-phoc-scale 
phosh: allow fractional scaling
 2022-06-02 20:54:41 +02:00
Lassulus
8cea5e2fa1
Merge pull request #173664 from Izorkin/peertube-redis-server 
nixos/peertube: use redis.servers
 2022-06-02 20:26:29 +02:00
ajs124
5bb61d6a25 syslogng_incubator: remove after being marked broken for over 18 months 
It was marked in commit 6d797c8462 by Jörg Thalheim on 2018-08-27 (commited on 2018-08-27)
 2022-06-02 18:03:52 +02:00
colin
1d0649f929 phosh: restrict the scale config value to strictly positive values or null 2022-06-02 01:46:08 -07:00
colin
cabf369f83 phosh: allow fractional scaling 2022-06-01 15:44:12 -07:00
Bernardo Meurer
ffae8569b0 nixos/localtimed: hopefully fix geoclue 2022-06-01 13:20:16 -07:00
Martin Weinelt
5a188dfbca
Merge pull request #175729 from DeterminateSystems/jellyfin-fix 2022-06-01 17:19:49 +02:00
Linus Heckemann
7eab23d517 jellyfin: fix permissions on state directory 
Previously, all configuration and state data was accessible to all
users on the system running jellyfin. This included user passwords in
the Jellyfin database, as well as credentials for LDAP if configured.
The exact set of accessible data depends on system configuration.

Thanks to Sofie Finnes Øvrelid for reporting this issue.

Fixes: CVE-2022-32198

Co-Authored-By: Martin Weinelt <hexa@darmstadt.ccc.de>
 2022-06-01 12:31:23 +02:00
Aaron Andersen
18a07645e5
Merge pull request #174959 from MoritzBoehme/openconnect-auto-start 
nixos/openconnect: add autoStart option
 2022-05-31 23:05:25 -04:00
Martin Weinelt
02e44ee3be
Merge pull request #174804 from dotlambda/prometheus-dmarc-exporter-no-poetry2nix 2022-06-01 01:46:30 +02:00
Robert Schütz
aff15c41fc dmarc-metrics-exporter: rename from prometheus-dmarc-exporter 
Also stop using poetry2nix.
 2022-05-31 23:25:18 +00:00
Sandro
8d8e031d25
Merge pull request #133771 from erdnaxe/libreddit_fix 
nixos/libreddit: service hardening and test
 2022-05-31 21:53:51 +02:00
Maximilian Bosch
185ee01e80
Merge pull request #173273 from kfollesdal/grafana-azuread 
nixos/grafana: add new options to grafana module
 2022-05-31 19:24:33 +02:00
markuskowa
412168b4ae
Merge pull request #175316 from markuskowa/upd-slurm 
slurm: 21.08.8.2 -> 22.05.0.1
 2022-05-30 21:18:28 +02:00
ajs124
30186896ee nixos/nginx: fix SystemCallFilter for openresty 2022-05-30 11:58:28 +02:00
linj
37792e5766 nixos/dendrite: add an option loadCredential 
systemd-247 provides a mechanism called LoadCredential for secrets and
it is better than environment file. See the section of Environment=
in the manual of systemd.exec for more information.

Some options in config.yaml need values to be strings, which currently
can be used with environmentFile but not loadCredential. But it's
possible to use loadCredential for those options, e.g. we can
substitute their values in ExecStart, but not in ExecStartPre due to
[1].

[1]: https://github.com/systemd/systemd/issues/19604
 2022-05-29 13:34:14 -07:00
Jan Tojnar
81291cc793 nixos/grafana: Allow setting UID for datasource 2022-05-29 19:22:02 +02:00
Markus Kowalewski
b6020f42a5
nixos/slurm: update systemd service for slurmd 
Adjust according to upstream recommendation
 2022-05-29 17:17:01 +02:00
Jörg Thalheim
d32a2bf207 nixos/mimir: also expose mimirtool to users 2022-05-29 03:49:17 -04:00
Jörg Thalheim
6497902407 nixos/mimir: set workingdirectory 
Mimir writes files relatative to its working directory.
With this option less files have to be configured.
 2022-05-29 03:49:17 -04:00
Aleksandar Topuzović
fd86efb8c2 nixos/nextcloud: Fix broken config file 2022-05-28 19:14:12 +01:00
Zhaofeng Li
6c4bfe583c nixos/infnoise: init 2022-05-27 15:18:43 -07:00
Moritz Böhme
106bfcaf8a
nixos/openconnect: add autoStart option 2022-05-27 17:41:03 +02:00
Sandro
23ec1c06c0
Merge pull request #173126 from NULLx76/update-hedgedoc-module 
nixos/hedgedoc: fix and add config options
 2022-05-27 16:03:22 +02:00
Maximilian Bosch
57a8966d03
Merge pull request #171227 from aidalgol/nextcloud-setup-script-fix 
nixos/nextcloud: Fix broken error suppression in setup script
 2022-05-27 13:23:10 +02:00
Jörg Thalheim
9ae4a910e4
nixos/timetagger: drop non-evaluating service files 
The file was not included in the module list and also does not evaluate.
 2022-05-25 21:24:48 +02:00
Sandro
7fa8d8b2e2
Merge pull request #153481 from Tchekda/submit/bird-lg 2022-05-25 18:20:58 +02:00
Philipp Woelfel
81ed7d8861 nixos/calibre-web: Add quotes to test for calibre library 2022-05-23 20:03:28 -06:00
Maximilian Bosch
2b7e06e0b6
Merge pull request #174145 from alarsyo/nextcloud24-php8 
nixos/nextcloud: use PHP 8 avoiding broken 2FA app
 2022-05-23 20:23:11 +02:00
Antoine Martin
f3f0b60006 nixos/nextcloud: use PHP 8 avoiding broken 2FA app 2022-05-23 18:39:39 +02:00
github-actions[bot]
f51499324c
Merge master into staging-next 2022-05-23 12:01:25 +00:00
pennae
023e25264c
Merge pull request #172983 from pennae/mosquitto-bind-interface 
nixos/mosquitto: add bind_interface listener option, fix assertion messages
 2022-05-23 10:53:08 +00:00
github-actions[bot]
107b6041bc
Merge master into staging-next 2022-05-22 18:01:20 +00:00
Martin Weinelt
05232d19b6
Merge pull request #163220 from fleaz/init-r53_ddns 2022-05-22 17:08:55 +02:00
Benno Bielmeier
d156db7d17 nixos/gollum: add option 'no-edit' 2022-05-22 15:06:00 +02:00
Benno Bielmeier
8e7b82be49 nixos/gollum: add option 'user-icons' 2022-05-22 15:06:00 +02:00
Benno Bielmeier
8a770f06a2 gollum: refactor package 
use `bundlerApp` in preference to `stdenv.mkDerivation`
 2022-05-22 15:06:00 +02:00
github-actions[bot]
86ec85655d
Merge master into staging-next 2022-05-22 12:01:28 +00:00
Yureka
821724b184 nixos/gitlab: support 15.x 2022-05-22 13:09:36 +02:00
Jörg Thalheim
e2e77bfb9a
Merge pull request #173978 from alyssais/postfix-RemainAfterExit 
nixos/postfix: make postfix-setup RemainAfterExit
 2022-05-22 12:04:04 +01:00
Alyssa Ross
27530ba856
nixos/postfix: make postfix-setup RemainAfterExit 
Otherwise, it wouldn't get restarted when a new system configuration
was activatad, so the Postfix configuration wouldn't be updated.

Fixes: fb2fa1b50f ("nixos/postfix: pull setup into its own unit")
 2022-05-22 10:33:22 +00:00
github-actions[bot]
dbef850602
Merge master into staging-next 2022-05-22 00:02:20 +00:00
Francesco Gazzetta
6bb9d0ce3b nixos/zeronet: fix systemd after 2022-05-21 17:46:28 -04:00
Francesco Gazzetta
183e391256 nixos/zeronet: add package option 2022-05-21 17:46:28 -04:00
Guillaume Girol
4f709ea817
Merge pull request #164883 from oxalica/feat/btrbk-no-timer 
nixos/btrbk: allow instances without timers and simplify
 2022-05-21 20:04:54 +00:00
github-actions[bot]
084f3d75e7
Merge master into staging-next 2022-05-21 18:01:06 +00:00
Maximilian Bosch
bfa8abf3b0
Merge pull request #170797 from Ma27/mailman 
mailman: refactor package structure
 2022-05-21 19:24:24 +02:00
Maximilian Bosch
33c44a1031
nextcloud22: drop 
Version 22 will be EOLed in July 2022[1] and we shouldn't have
unsupported software in the soon-to-be-released NixOS 22.05, hence
dropping it already.

[1] https://github.com/nextcloud/server/wiki/Maintenance-and-Release-Schedule
 2022-05-21 18:34:28 +02:00
Jan Tojnar
b8b9f52393 Merge branch 'master' into staging-next 
Conflicts:
- pkgs/applications/networking/browsers/firefox/common.nix between 318fae87c0 and f6c5761935.
 2022-05-21 17:52:39 +02:00
Bobby Rong
ce084ad5bf
Merge pull request #173842 from bobby285271/pantheon-updates 
nixos/pantheon: install sideload when Flatpak is enabled
 2022-05-21 17:34:41 +08:00
Bobby Rong
646336ee06
nixos/pantheon: install sideload when Flatpak is enabled 
Tested by installing VLC from Flathub, sideload is installed by default on elementary OS.
 2022-05-21 14:05:42 +08:00
Aidan Gauland
80367c8db8
nixos/nextcloud: Remove confusing comment 
There is a comment above the invocation of 'nextcloud-occ app:enable', stating
that the script should not fail if any of the apps cannot be enabled, but there
is nothing in place to suppress errors.  The app:enable command already
continues installing the remaining apps when one fails to install, and we do not
want to suppress errors in the setup script, so this just removes the comment
about not failing.
 2022-05-21 10:36:51 +12:00
David Tchekachev
0f63bd3ba8
nixos/bird-lg: init 2022-05-20 15:44:00 +03:00
Janne Heß
cd139069fd
Merge pull request #173668 from mweinelt/slapd-notify 
nixos/openldap: use upstream unit defaults
 2022-05-20 10:20:13 +02:00
github-actions[bot]
ce95d139b7
Merge master into staging-next 2022-05-20 06:01:19 +00:00
Bobby Rong
cee75cb765
Merge pull request #173459 from bobby285271/pantheon-updates 
Pantheon 7 updates 2022-05-18
 2022-05-20 13:12:39 +08:00
github-actions[bot]
75906ed245
Merge master into staging-next 2022-05-20 00:02:29 +00:00
Maximilian Bosch
aea3ec632d
mailman: split python env for web and mailman 2022-05-20 01:36:48 +02:00
Maximilian Bosch
72a14ea563
mailman: refactor package structure 
* Removed unused `.package`-option.
* Added explicit postgresql support.
* Create a new meta-package for mailman to make sure each component has
  the **same** python and packages can be downgraded if needed (e.g.
  psycopg2 or sqlalchemy) without interfering with `pythonPackages` in any way.
* Document why certain python overrides are needed.

Closes #170035
Closes #158424
 2022-05-20 01:21:20 +02:00
Izorkin
0b1340f57b
nixos/peertube: use redis.servers 2022-05-19 23:52:50 +03:00
Martin Weinelt
885d4e047b
nixos/openldap: use upstream unit defaults 
OpenLDAP since version 2.5.4¹ supports sd_notify, so we should make use
of it.

Also updates the unit description and documentation with the values
upstream provides.

Starts slapd only after reaching `network-online.target`, which ensures
binding to specific ip addresses is possible, since `network.target`
only guarantees interfaces exist, but not that addressing is finished.

[1] https://bugs.openldap.org/show_bug.cgi?id=8707
 2022-05-19 22:31:26 +02:00
Jörg Thalheim
e56ae50ed9
Merge pull request #173109 from Mic92/upterm 
nixos/upterm: additional hardening
 2022-05-19 20:16:13 +01:00
github-actions[bot]
b833efbcd7
Merge master into staging-next 2022-05-19 18:06:51 +00:00
sternenseemann
f181d591ce
Merge pull request #173623 from xaverdh/xmonad-fix-example 
nixos/xmonad: adjust to reflect v0.17.0 update of xmonad
 2022-05-19 19:18:55 +02:00
Dominik Xaver Hörl
34a1ff28e0 nixos/xmonad: adjust example to reflect v0.17.0 update of xmonad 2022-05-19 18:10:55 +02:00
Silvan Mosberger
f224a4f1b3
Merge pull request #76315 from nek0/restya-board-config-fix2 
restya-board: further fix for functionality
 2022-05-19 16:04:41 +02:00
Niklas Hambüchen
23aee34b6f
Merge pull request #171264 from NixOS/nebula-always-restart 
nixos/nebula: Always restart
 2022-05-19 14:05:49 +02:00
github-actions[bot]
bd83e4cf98
Merge master into staging-next 2022-05-19 12:01:54 +00:00