nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-30 02:42:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
708,578 Commits 265 Branches 124 Tags 5.7 GiB
c7af27341c
Commit Graph

2683 Commits

Author SHA1 Message Date
Felix Buehler
fd12a26271 nixos/services.autorandr: remove with lib; 2024-08-28 22:38:13 +02:00
Jon Seager
fded2e8f7c
nixos/homepage-dashboard: set an explicit cache dir (#337902) 2024-08-28 15:15:25 +01:00
Jon Seager
c4c45fb768
nixos/homepage-dashboard: set an explicit cache dir 2024-08-28 10:09:03 +01:00
abysssol
4b417eb22b nixos/ollama: fix rocmOverrideGfx description 
Updated example to one that works, based on this comment:
https://github.com/NixOS/nixpkgs/issues/333123#issuecomment-2310706898
 2024-08-27 08:13:37 -04:00
Sandro
6b4d280cf5
Merge pull request #336797 from SuperSandro2000/paperless-ngx 2024-08-26 11:47:01 +02:00
Sandro Jäckel
bb69775568
paperless-ngx: drop inactive maintainers, add myself to maintainers 2024-08-25 21:39:54 +02:00
abysssol
503245dd07
Merge pull request #334903 from abysssol/ollama-load-models-service 
nixos/ollama: move `loadModels` script into a separate service
 2024-08-25 15:56:00 +00:00
Sandro Jäckel
57507a521a
nixos/graphical-desktop: add enable option 2024-08-17 23:11:37 +02:00
Andrew Morgan
67eb12c0ed open-webui: Add environmentFile option 
This option allows passing secrets to Open WebUI without directly
exposing them in nix configuration.
 2024-08-17 14:32:53 +01:00
abysssol
5f17f87a7f nixos/ollama: move loadModels script into a separate service 
Due to the large size of models, the script can run for a long time,
which can cause timeouts, since the startup phase has a time limit.
 2024-08-16 11:36:35 -04:00
Doron Behar
6bfd71d2b5
Merge pull request #318892 from doronbehar/pkg/taskwarrior3 
nixosTests.taskchampion-sync-server: init
 2024-08-14 19:43:33 +00:00
Pablo Andres Dealbera
189fc6cfbf nixos/bazarr: set systemd config KillSignal to SIGINT to fix timeout 2024-08-14 14:35:57 -03:00
Doron Behar
e58e0e1d95 doc: mention Taskwarrior 3 in taskserver module docs & in release notes 2024-08-14 08:06:11 +03:00
Doron Behar
ecf4caea3f nixos/taskchampion-sync-server: init 
Co-authored-by: Mohamed Laradji <mlaradji@proton.me>
 2024-08-14 08:06:11 +03:00
Doron Behar
54698e8db6 taskwarrior2: rename from taskwarrior, with a warning alias 
Also remove an outdated link in `taskserver/default.md`.
 2024-08-14 08:06:10 +03:00
nixupp
876cfeddfc
nixos/openwebui: add link to description 2024-08-13 12:18:54 +00:00
Eduard Bachmakov
cb10fe8aaf treewide: Remove ineffective capability grants. 
Systemd units with `PrivateUsers` set get their capabilities within the user namespace only [1].
As a result they do cannot bind to privileged ports even though they *appear* like they should be able to.

The units in this commit [2] set `PrivateUsers` unconditionally so binding to privileged ports is currently impossible.
Granting them CAP_NET_BIND_SERVICE is useless and misleading any reader of those modules.
Technically, this commit also hardens these modules ever so slightly.

(There are corner cases where this could make sense (e.g. across units, using `JoinsNamspaceOf`) but this is arcane enough to not to be present in nixpkgs.)

[1]: systemd.exec(5): PrivateUsers
[2]: found using `rg -e 'PrivateUsers.?=\s+[^f][^a]' -l | xargs rg -e '\bCAP_' -l`
 2024-08-09 23:10:30 +02:00
Pogobanane
8ccab48f1c gitlab-shell: rename bin/{install, check} to gitlab-shell-{install, check} 2024-08-08 17:41:20 +02:00
Masum Reza
d1cde1b920
nixos/ananicy: fix typo (#332771) 2024-08-06 23:07:39 +05:30
Florian
b929a6c31d
Merge pull request #330840 from erictapen/gollum 
gollum: 5.3.3 -> 6.0.1
 2024-08-06 07:27:50 +02:00
Masum Reza
0a7eaa55cc
Merge pull request #331722 from JohnRTitor/ananicy-cpp 
nixos/ananicy: disable ananicy-cpp's BPF on hardened kernels, cleanup
 2024-08-05 22:55:31 +05:30
Guanran Wang
ea6f4d5e86
treewide: remove periods from lib.mkEnableOption 
Co-authored-by: éclairevoyant <848000+eclairevoyant@users.noreply.github.com>
 2024-08-02 23:55:32 +08:00
John Titor
2cf5032969
nixos/ananicy: disable ananicy-cpp's BPF on hardened kernels 2024-08-02 15:06:35 +05:30
John Titor
d626da64ec
nixos/ananicy: format with nixfmt-rfc-style 2024-08-02 14:52:53 +05:30
John Titor
4c55a97341
nixos/ananicy: use lib. explicitly 2024-08-02 14:34:14 +05:30
Emily
accd3aa082
Merge pull request #331187 from emilylange/forgejo 
forgejo: refactor to support multiple versions, 7.0.5 -> 8.0.0, forgejo-lts: init at 7.0.6
 2024-08-01 15:07:21 +02:00
Arian van Putten
85e4fc50db nixos/ananicy: force unified cgroup hierachy 
This breaks the functionality of this module but I don't see a way around it
as 256 dropped support.

https://gitlab.com/ananicy-cpp/ananicy-cpp/-/issues/40
 2024-07-31 14:38:51 +02:00
euxane
fcb2a4a5ff nixos/zoneminder: set fcgiwrap socket owner 2024-07-31 11:03:06 +02:00
euxane
4f2da6c9c1 nixos/fcgiwrap: add option migration instruction errors 
This adds migration instructions for the removed global shared instance
configuration of fcgiwrap.

Adding those explicit messages to the previous options requires moving
the newly defined options from `services.fcgiwrap.*` to
`services.fcgiwrap.instances.*` due to an option namespace clash.

`mkRenamedOptionModule` was not used because the previous options do
not directly map to the new ones. In particular, `user` and `group`
were described as setting the socket's permission, but were actually
setting the process' running user.

Co-authored-by: Minijackson <minijackson@riseup.net>
 2024-07-31 11:02:37 +02:00
emilylange
e271e748c9
nixos/forgejo: default to forgejo-lts 2024-07-31 03:59:11 +02:00
Víctor Martínez
bbb542ea66
nixos/ollama: add missing nvidia device group name (#331125) 
Fixes: #331069
 2024-07-30 19:03:08 +02:00
Kerstin Humm
ceb54bc2a7
nixos/gollum: format with nixfmt 2024-07-29 12:49:44 +02:00
Kerstin Humm
d6b9fb9ba3
gollum: 5.3.3 -> 6.0.1 
Changelog: https://github.com/gollum/gollum/releases
 2024-07-29 12:49:43 +02:00
Jörg Thalheim
5356420466 treewide: remove unused with statements from maintainer lists 
$ find -type f -name '*.nix' -print0 | xargs -P "$(nproc)" -0 sed -i \
  -e 's!with lib.maintainers; \[ *\];![ ];!' \
  -e 's!with maintainers; \[ *\];![ ];!'
 2024-07-29 10:06:20 +08:00
Vladimír Čunát
1e9b3c1af1
nixos/speechd: avoid by default on headless systems 
Incidentally this also fixes tests like nixosTests.installer.simple
/cc PR #329658
 2024-07-28 12:16:12 +02:00
Julien Moutinho
db44a65a61 nixos/radicle: fix support for encrypted privateKeyFile 2024-07-27 01:48:51 +02:00
Jörg Thalheim
cd8166ed1c
Merge pull request #329731 from ju1m/radicle 
nixos/radicle: fix support of absolute file paths for SSH keys
 2024-07-26 20:25:23 +02:00
Aleksana
19276533a7
Merge pull request #329968 from carbolymer/jackett-configurable-port 
nixos/jackett: add configurable port
 2024-07-26 11:23:05 +08:00
Aleksana
f6dda3bfc8
Merge pull request #330021 from ju1m/radicle-fix-node-listenAddress 
nixos/radicle: fix node.listenAddress to support both IPv4 and IPv6
 2024-07-26 11:18:10 +08:00
Julien Moutinho
d8401bc577 nixos/radicle: add a settings example 2024-07-26 01:15:03 +02:00
Julien Moutinho
5f335cfb8f nixos/radicle: fix node.listenAddress to support both IPv4 and IPv6 2024-07-25 23:46:16 +02:00
Mateusz Galazyn
a0906cbd16
nixos/jackett: add configurable port 2024-07-25 20:33:39 +02:00
abysssol
084f6a3e26 nixos/ollama: make rocmOverrideGfx backward compatible 
The initial version of `rocmOverrideGfx` incorrectly used `lib.mkIf`
in an attempt to prevent interference with previous uses of
`environmentVariables.HSA_OVERRIDE_GFX_VERSION`.

However, the effect was actually to simply erase existing definitions of
`HSA_OVERRIDE_GFX_VERSION` until `rocmOverrideGfx` was set,
which was the situation I was trying to avoid in the first place.

This fixes the bug by switching from `lib.mkIf` to `lib.optionalAttrs`.
 2024-07-24 16:11:09 -04:00
abysssol
246d1ee533 nixos/ollama: reformat with nixfmt-rfc-style 2024-07-24 16:09:56 -04:00
Julien Moutinho
43c36273b2 nixos/radicle: fix support of absolute file paths for SSH keys 2024-07-24 22:07:53 +02:00
Yaya
feeb53a430 nixos/gitlab: Replace git package with bundled git 
This commit switches gitaly's git package from `pkgs.git` to the bundled
`git` package in order to maintain compatibility with the supported git
release by gitaly.
 2024-07-24 10:51:55 +02:00
Franz Pletz
e6ae50bb83
Merge pull request #327986 from 7596ff/7596ff/airsonic-context-path 2024-07-23 23:15:27 +02:00
Pol Dellaiera
771c4624ed
Merge pull request #328713 from mweinelt/ollama-sandbox-issue 
nixos/ollama: replace flawed sandboxing option
 2024-07-22 22:21:16 +02:00
Martin Weinelt
fe58e8856f
nixos/ollama: make host example dualstack wildcard 
Binding to IPv6 wildcard generally binds dual-stack, which is also a
better example because the way to specify it is not always very clear.
 2024-07-22 14:51:40 +02:00
Martin Weinelt
12897b37a8
nixos/ollama: harden systemd unit 
Tested with CPU and CUDA acceleration. Researched for ROCm, but I have no
compatible card to test it with.
 2024-07-22 14:51:40 +02:00
Martin Weinelt
be7bce879f
nixos/ollama: remove writablePaths option 
Making the models directory always writable is much simpler, than having
to watch out for an option to facilitate that.
 2024-07-22 14:51:39 +02:00
Martin Weinelt
809ea5c6bd
nixos/ollama: replace flawed sandboxing option 
The ollama module in its default configuration relies on systemd's
`DynamicUser=` feature for user allocation. In #305076 that allocation
was made conditional and tied to the `sandboxing` option, that was
intended to fix access to model directories outside the allocated state
directory.

However, by disabling sandboxing ollama would inadvertently run as root,
given that `User=` and `Group=` are not required to be set.

The correct way to grant access to other paths is to allocate static
user and group, and grant permissions to the destination path to that
allocation.

We therefore replace the sandboxing option user and group options, that
default to `null`, which means they default to `DynamicUser=`, but can
be replaced with a statically allocated user/group, and thereby a stable
uid/gid.

Fixes: 552eb759 ("nixos/ollama: add options to bypass sandboxing")
 2024-07-22 14:51:39 +02:00
Bruno BELANYI
c8f2bb1b65 nixos/tandoor-recipes: revert 'GUNICORN_MEDIA=1' 
Quoting from upstream's documentation [1]:

> Basically everyone recommends not doing this. Please use [a webserver]
> to handle media file serving.

Given that this commit broke the module for unrelated reasons, I've
decided to just revert it and let downstream users make the choice of
easy vs. secure.

[1]: https://docs.tandoor.dev/system/configuration/#gunicorn-media

This reverts commit e8c56de827.
 2024-07-22 09:17:41 +00:00
Pavel Sobolev
c9c14f86db
nixos/flaresolverr: initial commit 2024-07-19 20:55:21 +03:00
Sandro
89d95fb2bc
Merge pull request #327939 from Guanran928/libreddit 2024-07-19 13:47:14 +02:00
Cassandra McCarthy
c6ba378b7b
airsonic: update context-path directive 
This line has been broken since the service file was created. According
to the [spring docs] that Airsonic uses, server.context-path is what
should be here. I've tested this by manually setting it as an extra JVM
option on my machine, and it works.

[spring docs]: https://docs.spring.io/spring-boot/docs/1.4.5.RELEASE/reference/htmlsingle/#common-application-properties
 2024-07-17 13:23:19 -04:00
Guanran Wang
f7a0c71b61
libreddit: remove as unmaintained upstream 2024-07-17 23:03:14 +08:00
Aleksana
a9a4e171c7
Merge pull request #327032 from danc86/push-krkxkxtnruqp 
nixos/sssd: fix KCM to use new krb5 settings
 2024-07-17 22:29:09 +08:00
Sandro
51fcc2c92e
Merge pull request #314440 from ju1m/radicle 2024-07-17 13:04:06 +02:00
Pyrox
a24fa6098d
nixos/gotenberg: init 2024-07-17 10:37:35 +02:00
OTABI Tomoya
43d306e7db
Merge pull request #326398 from phaer/etebase-python 
etebase-server: use buildPythonApplication, default to withLdap = false
 2024-07-17 10:00:42 +09:00
phaer
c437fb23e1 etebase-server: use buildPythonApplication... 
...not pythonPackage. This is an app, living in pkgs/servers, so
we just use callPackage in all-packages and drop the python module.

python3.pkgs.toPythonModule could be used if a python module was needed.
Before that change legacyPackages.x86_64-linux.python311.pkgs.etebase-server.python
would give a python 3.12 release, and was therefore broken.

etebase-server = toPythonModule (pkgs.etebase-server.override {
  python3 = python;
});

would now be correct
 2024-07-16 20:20:29 +02:00
Jörg Thalheim
fdfe59f7b3 xmr-stak: remove 2024-07-15 09:30:59 +02:00
Florian Brandes
f312bdb5d7
nixos/blendfarm: init 
Signed-off-by: Florian Brandes <florian.brandes@posteo.de>
 2024-07-14 21:01:04 +05:30
Dan Callaghan
375ef3c127 nixos/sssd: fix KCM to use new krb5 settings 
krb5.libdefaults moved to security.krb5.settings.libdefaults in PR #243169.
 2024-07-14 16:43:56 +10:00
lassulus
ee2d97a3ce
Merge pull request #323604 from LennyPenny/patch-1 
nixos/tandoor-recipes: enable serving of media files by default
 2024-07-13 21:36:17 +02:00
Sandro
ebd625a22a
Merge pull request #276692 from dani0854/nixos/languagetool/add_jvm_options 
nixos/languagetool: add jvm options
 2024-07-07 16:41:41 +02:00
Julien Moutinho
88fb6d37e3 nixos/radicle: init services 2024-07-05 22:07:32 +02:00
lucasew
5d49d4cfa1 nixos/guix: use exec to start the payload binary 
Signed-off-by: lucasew <lucas59356@gmail.com>
 2024-07-05 14:38:51 -03:00
Aleksana
1c1df68b1e
Merge pull request #323020 from bjornfor/nixos-dictd-exit-status 
nixos/dictd: treat SIGTERM exit status as success
 2024-07-05 02:01:21 +08:00
Nicholas Sielicki
56ceae07be
nixos/jellyseerr: add package option (#276616) 
Co-authored-by: seth <getchoo@tuta.io>
Co-authored-by: Franz Pletz <fpletz@fnordicwalking.de>
 2024-07-04 18:56:38 +02:00
❄️
a5dad94280
Merge pull request #324083 from Djabx/fix-config-snapper 
nixos/snapper: fix timeline options type
 2024-07-04 12:50:01 -03:00
David McFarland
b44b62db30
Merge pull request #291640 from tie/sonarr-v4 
sonarr: build from source
 2024-07-04 12:08:02 -03:00
OTABI Tomoya
3ca8ba2a73
Merge pull request #324114 from NyCodeGHG/renovate-unix-socket 
nixos/renovate: allow AF_UNIX access
 2024-07-03 22:40:17 +09:00
Alexandre Badez
e37b07ffba nixos/snapper: fix timeline options type 2024-07-03 13:52:34 +02:00
Alexandre Badez
0c80191081 nixos/snapper: add maintainer 2024-07-03 13:52:34 +02:00
Thomas Gerbet
8ddb1bb721
Merge pull request #318599 from pacien/nixos-fcgiwrap-isolation 
nixos/fcgiwrap: refactor to fix permissions
 2024-07-02 21:52:33 +02:00
Sandro
4f90cfd2f9
Merge pull request #313984 from yayayayaka/gitlab-17.0.1 
gitlab: 16.11.5 -> 17.1.1
 2024-07-02 20:12:42 +02:00
Marie Ramlow
787354f63c nixos/renovate: allow AF_UNIX access 
renovate can update nix dependencies, which results in nix trying to communicate with the nix-daemon over a unix socket.
 2024-07-02 20:09:12 +02:00
ckie
7d34b64eca maintainers: remove ckie 
well, we failed. we have not saved nix together[0], and today's show of
utter incompetence[1] has pushed me over the edge along with many others[2]

it's been good. a lot of PRs. a lot of endless reviews.
some new friends, some old friends converted :P

cya in the next world, cuties <3

[0] https://save-nix-together.org/
[1] https://discourse.nixos.org/t/nca-member-jonringer-joint-announcement/48231
[2] https://github.com/NixOS/nixpkgs/issues?q=label%3A%228.has%3A+maintainer-list+%28update%29%22+remove+in%3Atitle+created%3A%3C2024-07-10
 2024-07-02 02:40:02 +02:00
abysssol
bf91b72c06 nixos/ollama: remove linuxPackages override 
`linuxPackages.nvidia_x11` is no longer used by the `ollama` package.
 2024-07-01 04:50:19 -04:00
Lenny
e8c56de827
nixos/tandoor-recipes: enable serving of media files by default 
Fixes 404 when tandoor is trying to serve recipe images.
 2024-06-30 14:47:21 +00:00
Bjørn Forsman
7db3dc0fa4 nixos/dictd: treat SIGTERM exit status as success 
dictd doesn't handle SIGTERM and terminates with code 143 (128 + 15
(SIGTERM) instead of 0. This results in systemd marking the service as
failed when a user stops it (with `systemctl stop dictd`). Fix it by
treating code 143 as success.
 2024-06-29 13:40:49 +02:00
Yaya
b4d242907c nixos/gitlab: Add missing state folder 2024-06-27 19:52:03 +02:00
Yaya
59583de9d1 nixos/gitlab: Assert PostgreSQL >= 14.9 
Support for PostgreSQL 13 has been removed in GitLab 17.0. [1]
Module users should upgrade their database installation to
PostgreSQL >= 14.9.

[1]: https://docs.gitlab.com/ee/update/deprecations.html#postgresql-13-no-longer-supported
 2024-06-27 19:52:03 +02:00
Pol Dellaiera
f6727a9e3e nixos/ollama: add loadModels config option 
Allows users to download model files upon service startup,
instead of at the first use of the model, improving percieved startup latency.
 2024-06-26 15:11:37 -04:00
Sandro
33f83c6252
Merge pull request #316977 from eclairevoyant/fix-mkEnableOption 
treewide: fix mkEnableOption usage
 2024-06-25 22:42:16 +02:00
Pol Dellaiera
f95c186eb9
nixos/private-gpt: remove drupol from maintainers 2024-06-24 09:13:15 +02:00
tomberek
73d924022e
Merge pull request #314917 from christoph-heiss/sourcehut-fix 
nixos: sourcehut: fix some binary paths
 2024-06-23 18:43:57 -04:00
Pol Dellaiera
420c9a60c0
Merge pull request #321664 from abysssol/ollama-override-gfx 
nixos/ollama: add option for `HSA_OVERRIDE_GFX_VERSION`
 2024-06-23 11:02:57 +02:00
Bruno BELANYI
9caa682281
Merge pull request #262892 from l0b0/test/tandoor-script-name 2024-06-22 23:23:35 +01:00
euxane
8101ae41f8 nixos/fcgiwrap: adapt consumer modules and tests 2024-06-22 19:45:25 +02:00
euxane
bf2ad6f48c nixos/fcgiwrap: adapt consumer modules and tests 
This also fixes the gitolite-fcgiwrap test by running git through
fcgiwrap as the proper user.
 2024-06-22 19:45:25 +02:00
abysssol
42c70e2923 nixos/ollama: add option for HSA_OVERRIDE_GFX_VERSION 
There are several GPUs that ROCm doesn't officially support but
will work correctly if ROCm is directed to treat the GPU as a different
one that is supported and has a similar architecture.
This can be done by setting `HSA_OVERRIDE_GFX_VERSION`.
Ollama has documentation on this topic: https://github.com/ollama/ollama/blob/main/docs/gpu.md#amd-radeon
 2024-06-22 13:13:08 -04:00
Alexandre Badez
754618f7bd nixos/snapper: formating 2024-06-21 09:49:55 +02:00
Alexandre Badez
a1ded8273d nixos/snapper: add timeline limit options 2024-06-21 09:49:51 +02:00
K900
20b7b4f619
Merge pull request #320228 from K900/opengl-cleanups 
treewide: big opengl cleanups
 2024-06-20 12:37:59 +03:00
Victor Engmark
d70be9d211
nixosTests.tandoor-recipes-script-name: init 
Verify that all `href` attributes emitted as part of the entrypoint page
after logging in are reachable.

Co-authored-by: Bruno BELANYI <bruno@belanyi.fr>
 2024-06-20 00:06:38 +12:00
Victor Engmark
f5710b2b83
nixos/tandoor-recipes: Fix working directory 
Run `tandoor-recipes` from within its `MEDIA_ROOT` directory to support
the `SCRIPT_NAME` setting.

Closes #262857.
 2024-06-20 00:06:16 +12:00
Artturin
7324a175cf
Merge pull request #320673 from rvl/snapper-systemd-fix 
nixos/snapper: Don't create broken snapper-boot.service
 2024-06-19 14:59:00 +03:00
Ben Siraphob
a79a4ec458
anki-sync-server: fix typo 2024-06-19 11:22:35 +07:00
Ivan Trubach
5d7d3dcfe7 nixos/sonarr: use lib.getExe and escape args 2024-06-19 04:44:07 +03:00
Rodney Lorrimar
52ef91d339
nixos/snapper: Don't create broken snapper-boot.service 2024-06-18 10:31:50 +08:00
Aleksana
d8178ec050
Merge pull request #319291 from arianvp/amazon-ssm-agent-remove-override-etc 
amazon-ssm-agent: remove overrideEtc parameter
 2024-06-18 01:15:30 +08:00
K900
98cef4c273 treewide: big opengl cleanup 
- rename hardware.opengl to hardware.graphics
- remove hardware.opengl.driSupport, which does nothing
- remove hardware.opengl.setLdLibraryPath, which should never be done
- rename hardware.opengl.driSupport32Bit to hardware.graphics.enable32Bit
- lost of small docs / formatting cleanups
 2024-06-16 14:11:33 +03:00
Danil Suetin
571ec7031a
nixos/languagetool: add restart on failure 
Restart languageserver systemd service on fail
 2024-06-15 21:35:37 +02:00
Danil Suetin
0adac36fd5
nixos/languagetool: add jvm options 
Languagetool server can use quite a lot of memory, so it is useful to be able to pass JVM options such as `-Xmx` and others.
 2024-06-15 21:35:26 +02:00
nuko
40916ded4a
maintainers: rename nu-nu-ko to fsnkty 2024-06-15 14:21:38 +12:00
éclairevoyant
7d8742da87
treewide: fix mkEnableOption usage 2024-06-14 02:41:42 -04:00
Arian van Putten
494442762c amazon-ssm-agent: remove overrideEtc parameter 
This was meant to make amazon-ssm-agent work "out of the box" on non-NixOS
systems but the feature never really worked.

The problem is that amazon-ssm-agent looks for the files "amazon-ssm-agent.json"
and "seelog.xml" but the files in the package are named
"amazon-ssm-agent.json.template" and "seelog.xml.template". So even with
this overrideEtc = true it would not be able to find the config.

E.g. you'd get an error like

Error occurred fetching the seelog config file path:  open /nix/store/pyfxjr0i0hszcj9b6fqly6344zf9zhcb-amazon-ssm-agent-3.3.484.0/etc/amazon/ssm/seelog.xml: no such file or directory
on startup.

Removing this parameter from the from the package doesn't break things as it didn't work in the first place.
 2024-06-12 11:50:17 +02:00
OTABI Tomoya
1f278a2082
Merge pull request #318384 from NyCodeGHG/nixos/renovate 
nixos/renovate: init
 2024-06-12 10:05:27 +09:00
Marie Ramlow
0adb3b8033 nixos/renovate: init 2024-06-11 18:57:04 +02:00
Sandro
4a77c223c9
Merge pull request #269460 from tie/pghero 
pghero: init at 3.4.1
 2024-06-11 01:00:56 +02:00
Sandro
41386672b7
Merge pull request #286099 from Cynerd/mqtt2influxdb-package-fix 
nixos/mqtt2influxdb: add missing package option
 2024-06-10 13:46:24 +02:00
Pol Dellaiera
028584b548
nixos/open-webui: add more default variables 2024-06-07 23:15:54 +02:00
Karel Kočí
4ace1c0faf
nixos/mqtt2influxdb: add missing package option 
This is used in the module but option wasn't defined at all.
 2024-06-07 11:37:04 +02:00
Justinas Stankevicius
6e14231e83 nixos/prowlarr: set HOME for the service 2024-06-05 23:42:14 +03:00
Adam C. Stephens
af4ac075a3
Merge pull request #312523 from emilylange/nixos-forgejo-secrets 
nixos/forgejo: refactor secrets, add `cfg.secrets`, forgejo: build `environment-to-ini`, nixos/tests/forgejo: test `cfg.secrets` using /metrics endpoint
 2024-06-05 10:01:37 -04:00
Pol Dellaiera
309451127f
nixos/open-webui: update options default values 2024-06-05 08:05:19 +02:00
Pol Dellaiera
5664bb7899
nixos/open-webui: add example in options 2024-06-05 08:05:18 +02:00
Pol Dellaiera
a8670536e5
nixos/open-webui: remove preStart step 
nixos/open-webui: remove `preStart` step
 2024-06-05 08:05:18 +02:00
Pol Dellaiera
61ab4de94c
nixos/open-webui: update option and service descriptions 2024-06-05 08:05:18 +02:00
Pol Dellaiera
709eb8ebaf
nixos/open-webui: add openFirewall option 2024-06-05 08:05:18 +02:00
Pol Dellaiera
c54890e226
nixos/ollama: update port option, use types.port 2024-06-05 08:05:18 +02:00
Pol Dellaiera
cb8670469b
nixos/ollama: add openFirewall option 2024-06-05 07:09:13 +02:00
emilylange
694db856ed
nixos/forgejo: refactor secrets, add cfg.secrets 
This is not a breaking change. Existing setups continue to work as-is.

Users of `cfg.mailerPasswordFile` will get an option rename/deprecation
warning, but that's it (assuming there is no regression).

This adds `cfg.secrets`, which is a wrapper over systemd's
`LoadCredential=` leveraging Forgejo's `environment-to-ini`.

`environment-to-ini` is intended for configuring Forgejo in OCI
containers.

It requires some fairly annoying escaping of the section names to fit
into the allowed environment variable charset.

E.g. `"log.console".COLORIZE = false` becomes
`FORGEJO__LOG_0x2E_CONSOLE__COLORIZE=false`.

 - `.` needs to be replaced with `_0X2E_` and
 - `-` needs to be replaced with `_0X2D_`

Those are simply the hex representation of each char from an ASCII
table:

. = ASCII 46 = 46 (decimal) = 2E (hex) = 0x2E = _OX2E_

To make interacting with `environment-to-ini` less annoying, we template
and escape the sections/keys in nix:

`cfg.secrets` takes the same free-form sections/keys as `cfg.settings`.
Meaning there is now a generalized abstraction for all keys, not just
those that have been manually implemented in the past.

It goes as far as theoretically allowing one to have `DEFAULT.APP_NAME`
read from a secret file.

I don't know why one would want to do that, but it has been made
possible by this :^)

More reasonable examples are listed in the `cfg.secrets` option example.

We also continue to bootstrap a handful of secrets like
`security.SECRET_KEY`. This is done is a sort of sidecar bootstrap unit
fittingly called `forgejo-secrets.service`.

Overriding those is, just like before, not really intended and requires
the use of `lib.mkForce` and might lead to breakage. But it is, in a
way, more possible than before.
 2024-06-05 00:45:59 +02:00
Pol Dellaiera
6b6d4aeb35
Merge pull request #316248 from shivaraj-bh/open-webui 
open-webui: init at 0.2.4
 2024-06-04 15:47:03 +02:00
shivaraj-bh
f66cb82fef nixos/open-webui: init 2024-06-04 16:46:19 +05:30
Florian Klink
77a51024c0
Merge pull request #316697 from bbenno/fix-gollum 
nixos/gollum: fix systemd tempfile permission
 2024-06-03 08:25:04 +03:00
Sandro
6f02edec1a
Merge pull request #316358 from majewsky/portunus-remove-libxcrypt-legacy 2024-06-02 23:10:26 +02:00
Benno Bielmeier
b5c7987b52 nixos/gollum: fix systemd tempfile permission 
When services.gollum.{user,group} was specified a value other than its
default (i.e. "gollum"), the build failed due to referencing a
non-existing user.
 2024-06-02 18:00:19 +02:00
Silas Schöffel
37afbbb602
nixos/invidious-router: remove redundant "Enables" in description 2024-06-02 13:27:22 +02:00
Stefan Majewsky
d11d18df30 portunus: remove libxcrypt-legacy usage 2024-06-01 10:28:21 +02:00
Sandro
9584ef2c26
Merge pull request #315189 from SuperSandro2000/gitea-maint 2024-05-29 15:49:00 +02:00
Ivan Trubach
a5499ee535 nixos/pghero: init 2024-05-29 03:40:48 +03:00
Christina Rust
343ddd9f4b
Merge pull request #315263 from srhb/devpi-loadcredential 
nixos/devpi-server: fix loading credentials as DynamicUser
 2024-05-28 19:22:40 +02:00
abysssol
c01818d57c
Merge pull request #314722 from abysssol/ollama-split-listenaddress 
nixos/ollama: split `listenAddress` into `host` and `port`
 2024-05-28 15:37:51 +00:00
Sarah Brofeldt
4d4571b20a nixos/devpi-server: fix loading credentials as DynamicUser 2024-05-28 08:58:24 +02:00
Sandro Jäckel
73c11de701
gitea,nixos/gitea: add SuperSandro2000 as maintainer, remove inactive maintainers, unify maintainers 2024-05-27 22:48:14 +02:00
abysssol
428e60cad9 nixos/ollama: split listenAddress into host and port 
breaking change; do not backport
 2024-05-25 21:22:15 -04:00
sodiboo
0fa287f2ff nixos/invidious-router: maintianers.s1ls -> maintainers.sils 2024-05-25 13:10:20 +02:00
Matt Kline
234f4db797 nixos/snapper, nixos/borgbackup: Fix module doc typo 
The persistentTimer argument sets the _Persistent_ field in
systemd.timer(5).

Pointed out in #312549
 2024-05-23 14:23:40 -07:00
Sandro
f53713e2cf
Merge pull request #304893 from SuperSandro2000/portunus-note 
nixos/portunus: add note about allowed characters to id
 2024-05-23 20:10:52 +02:00
Peder Bergebakken Sundt
087055ed4f
Merge pull request #293118 from xyven1/harden-plex-service 
nixos/plex: Harden plex service
 2024-05-21 00:37:47 +02:00
tomberek
2c55e033f2
Merge pull request #306909 from mrkline/snapper-timer 
nixos/snapper: Add persistent option to config
 2024-05-17 10:01:04 -05:00
Aleksana
be3aee43dd
Merge pull request #311397 from Raroh73/fix/services.llama-cpp 
nixos/llama-cpp: fix rocm support
 2024-05-16 20:26:28 +08:00
Pol Dellaiera
8821e81e02
Merge pull request #311307 from michaelpj/mpj/remove-some-maintennce 
Remove myself from some packages I no longer use
 2024-05-14 21:23:12 +02:00
Aleksana
39458d9055
Merge pull request #300564 from Cynerd/bcg-fix 
nixos/bcg: fix usage without environment files
 2024-05-14 21:27:59 +08:00
Raroh73
1f2c3812d4
nixos/llama-cpp: fix rocm support 2024-05-13 17:01:33 +02:00
Christina Rust
31a5a35b7e
Merge pull request #305286 from cafkafk/devpi-server-init 
nixos/devpi-server: init
 2024-05-13 13:14:51 +02:00
Christina Sørensen
52e0ad744d
nixos/devpi-server: init 
Signed-off-by: Christina Sørensen <christina@cafkafk.com>
 2024-05-13 12:14:44 +02:00
Michael Peyton Jones
cd981c1cc6
tzupdate: remove michaelpj as maintainer 2024-05-13 10:57:00 +01:00
Xyven1
201a5ff61f nixos/plex: add systemd hardening configuration 2024-05-12 14:22:04 -04:00
Pol Dellaiera
aff1950a3f
nixos/private-gpt: init 2024-05-11 22:42:04 +02:00
Rouven Seifert
06667e028f
nixos/portunus: fix dangling service files for dex 2024-05-09 11:29:23 +02:00
Karel Kočí
282f8b7be3
nixos/bcg: fix usage without environment files 
The preStart script should be used only if it is really needed.
 2024-05-07 14:58:19 +02:00
Niklas Hambüchen
9d7a729277 treewide: ReadWriteDirectories -> ReadWritePaths. 
These were renamed in systemd v231:
2a624c36e6
 2024-05-07 01:06:02 +02:00
éclairevoyant
b43ad60e1a
Merge pull request #308966 from Guanran928/wastebin 
nixos/wastebin: fix typo
 2024-05-04 06:28:36 +00:00
Guanran Wang
c46effbdf0
nixos/wastebin: fix typo 2024-05-04 13:00:34 +08:00
piegames
315db4f0f2 heisenbridge: Drop piegames from maintainers 2024-05-03 13:38:25 +02:00
nicoo
1207b23cc2
Merge #305764: nixos/gitlab: Add a second database connection 2024-05-02 17:44:56 +00:00
Matt Kline
ff0f4540c0 snapper: Add persistentTimer option to config 
Defaults to false, but allows users to enable it for machines that
aren't on persistently (e.g., laptops, home PCs).
 2024-04-25 22:26:18 -07:00
Pyrox
11255ef03c
maintainers: thehedgeh0g -> pyrox0 
Also updates my information and contact info.

I no longer use The Hedgehog as my github username or online presence
username, so this fixes that. It also matches my github username, so it
should be easier for others to mention me if needed.
 2024-04-24 12:53:58 -04:00
Yaya
c743d6d617 nixos/gitlab: Add a second database connection 
GitLab deprecated single database connections in 15.9. [1]
From GitLab 17.0 onward it will be mandatory to define both `main` and
`ci` sections in the `database.yml`. [2]

This commit updates the module to address the upcoming breaking change.

[1]: https://gitlab.com/gitlab-org/gitlab/-/issues/387898
[2]: https://docs.gitlab.com/16.10/ee/install/installation.html#configure-gitlab-db-settings
 2024-04-21 16:59:37 +02:00
Yaya
df9bc1f9a7 nixos/gitlab: Rename postgresql port option 2024-04-21 16:58:30 +02:00
Preston Hunt
b87790536d nixos/greenclip: restart daemon if it exits 2024-04-21 23:58:10 +10:00
Pol Dellaiera
31805d0367
Merge pull request #305076 from abysssol/ollama-sandbox 
nixos/ollama: add options to bypass sandboxing
 2024-04-20 10:49:28 +02:00
Leona Maroni
3905a63bdc
Merge pull request #305267 from e1mo/paperless-always-eng 
nixos/paperless: Always buidl tesseract with english
 2024-04-19 12:07:02 +02:00
Bruno BELANYI
5d8f1c0172
Merge pull request #297805 from ambroisie/podgrab-user 
nixos/podgrab: add user/group/dataDirectory options
 2024-04-19 10:08:04 +01:00
e1mo
f0721f3779
nixos/paperless: Always buidl tesseract with english 
With the changes introduced in #303388 tesseract would only be compiled
with the languages defined in `PAPERLESS_OCR_LANGUAGE`. However, english
is always required, making tesseract fail to build when only non-english
languages are defined in tesseract:

```
eng.traineddata must be present in tessdata for Tesseract to work
```
 2024-04-19 10:47:54 +02:00
Bruno BELANYI
65251f102d nixos/podgrab: add 'dataDirectory' option 2024-04-18 16:43:06 +00:00
abysssol
552eb75964 nixos/ollama: add options to bypass sandboxing 2024-04-18 10:52:20 -04:00
Christina Sørensen
d5851d5676
nixos/dockerRegistry: add configFile option 
defaultText based on how nixos/modules/services/development/athens.nix
does it.

Signed-off-by: Christina Sørensen <christina@cafkafk.com>
 2024-04-18 06:11:06 +02:00
Sandro Jäckel
8c3a2b0a10
nixos/portunus: add note about allowed characters to id 2024-04-17 23:09:45 +02:00
abysssol
f53ced0368 nixos/ollama: set service working directory to home 2024-04-17 03:07:00 -04:00
Marie Ramlow
8785ef0a2d nixos/db-rest: init 2024-04-16 10:42:02 +02:00
Leona Maroni
025d3a2f65
Merge pull request #303388 from SuperSandro2000/paperless-only-enabled-languages 
nixos/paperless: override enabled tesseract languages with the in paperless configured ones
 2024-04-14 14:59:33 +02:00
Pol Dellaiera
5d67f4277d
Merge pull request #303708 from abysssol/update-ollama-0.1.31 
ollama: 0.1.30 -> 0.1.31
 2024-04-14 10:57:54 +02:00
abysssol
4508b59900 nixos/ollama: update documentation 2024-04-13 19:52:08 -04:00
Sandro Jäckel
b579dac4ed
nixos/paperless: override enabled tesseract languages with the in paperless configured ones 2024-04-13 22:44:19 +02:00
stuebinm
6afb255d97 nixos: remove all uses of lib.mdDoc 
these changes were generated with nixq 0.0.2, by running

  nixq ">> lib.mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix
  nixq ">> mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix
  nixq ">> Inherit >> mdDoc[remove]" --batchmode nixos/**.nix

two mentions of the mdDoc function remain in nixos/, both of which
are inside of comments.

Since lib.mdDoc is already defined as just id, this commit is a no-op as
far as Nix (and the built manual) is concerned.
 2024-04-13 10:07:35 -07:00
Casey Link
789684ad02
nixos/paperless: Switch to systemd.tmpfiles.settings 
This option resolves #301746 by allowing the admin to bypass the
creation of the paperless directories by systemd-tmpfiles.

This is necessary when, for example, those directories lie inside an NFS
mount that the root user does not have rw access to.

Fixes #301746
 2024-04-11 08:19:24 +02:00
Casey Link
9532793d59
nixos/paperless: refactor to use systemd LoadCredential 
This replaces the paperless-copy-password service with the use of
systemd's LoadCredential mechanism.

It is not a breaking change since it is gated behind `cfg.passwordFile`.
 2024-04-11 08:19:05 +02:00
Christoph Heiss
6729c6c653
nixos: sourcehut: fix some binary paths 
Use the (wrapped) executable from the package directly, instead of
through the custom python env.

Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-04-10 19:57:30 +02:00
Adam C. Stephens
e8ff41fa85
Merge pull request #285041 from r-vdp/nix-optimise-fix-timer 
nix-optimise: only create timer unit if needed
 2024-04-10 13:48:22 -04:00
K900
2704f5bb2f
Merge pull request #302595 from motiejus/autorandr-match-edid 
nixos/autorandr: add --match-edid
 2024-04-09 23:23:59 +03:00
Motiejus Jakštys
dd1e21f39f nixos/autorandr: add --match-edid 
It is useful when outputs change, but EDIDs do not. See [upstream PR][1]
for more details.

[1]: https://github.com/phillipberndt/autorandr/pull/293
 2024-04-09 23:22:08 +03:00
Sandro
4cc6ce454d
Merge pull request #291913 from SuperSandro2000/sddm-wayland-only 2024-04-09 14:31:12 +02:00
Bjørn Forsman
a29010fe79 nixos: improve many 'enable' descriptions 2024-04-09 07:10:17 +02:00
Sandro Jäckel
5598d81e94
nixos/graphical-desktop: extract generic graphical things from xserver 
This is required to fix the keymap in SDDM without X.
 2024-04-08 21:56:37 +02:00
abysssol
18a5476aa7 nixos/ollama: add options to override HOME and OLLAMA_MODELS 2024-04-07 22:56:43 -04:00
Jozef Hollý
e8a9775a61 nixos/nzbget: add option to override package 2024-04-07 00:47:09 +02:00
Sandro
0bb462d49c
Merge pull request #301267 from bb2020/mbpfan 2024-04-04 16:01:21 +02:00
bb2020
678bc2cec5 nixos/mbpfan: remove syslog.target 2024-04-04 16:07:14 +03:00
bb2020
bf57e97ef0 nixos/mbpfan: minor changes 2024-04-04 16:06:49 +03:00
Felix Buehler
8dab54e2b3 nixos/gogs: prefer 'umask' over 'chmod' 2024-04-03 19:40:12 +02:00
Aaron Andersen
46bcc66f01
Merge pull request #300805 from felixsinger/pkgs/redmine/fix-assertion 
nixos/redmine: Fix broken assertion when SQLite is used
 2024-04-02 11:37:39 +00:00
Yaya
dcd0f499c6 nixos/gitlab: Add option sidekiq.concurrency. 
This commit adds an option to configure the amount of threads to use
with sidekiq-cluster. The GitLab default is currently set to 20 threads. In
space constrained environments this may become a problem with running
out of memory as a result.
 2024-04-02 07:30:12 +02:00
Mario Rodas
5b3704b4d3
Merge pull request #296616 from Ma27/postgresql-rfc42-submodule 
nixos/postgresql: turn `settings` into a submodule
 2024-04-01 18:26:51 -05:00
Zebreus
eafd39c605 nixos/redmine: Fix broken assertion with sqlite3 database 
Somehow this was missed while working on commit ddd15dc2d9. So make the
assertion working when SQLite is used.
 2024-04-02 00:17:23 +02:00