nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-16 02:33:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
614,590 Commits 171 Branches 125 Tags 9.1 GiB
cba6af761a
Commit Graph

30315 Commits

Author SHA1 Message Date
Adam Stephens
790fb86a7f
nixos/users-groups: move linger to oneshot and add nixos test 2024-03-21 19:51:05 -04:00
Peder Bergebakken Sundt
554f412e2d
Merge pull request #294171 from Noodlez1232/joycond-cemuhook-fix 
nixos/joycond-cemuhook: fix missing module
 2024-03-22 00:40:59 +01:00
e1mo
bc25c4bd7d
nixos/pretix: raise TimeoutStartSec 
On some slower systems or ones with a slower database (connection) the
initial migrations can exceed the default 90s timeout.
 2024-03-21 21:49:40 +01:00
e1mo
6d5a6cab71
nixos/pretix: Fix pdf generation 
Previously, pdftk (part of the ticket, badge, ... generation pipeline)
would fail with:

```
Error occurred during initialization of VM
Failed to mark memory page as executable - check if grsecurity/PaX is enabled
```
Thise caused pdf generation to fail.

Since pdftk is a java application and, according to systemd.exec(5),

 > Note that [MemoryDenyWriteExecute=] is incompatible with programs and
 > libraries that generate program code dynamically at runtime, including
 > JIT execution engines, executable stacks, and code "trampoline" featu
 > re of various C compilers.

Disabling `MemoryDenyWriteExecute=` fixes it.
 2024-03-21 21:49:39 +01:00
K900
ff3d03a15f
Merge pull request #297697 from K900/plasma6-install-kio5 
plasma6: also install base kio5
 2024-03-21 23:05:33 +03:00
André Vitor de Lima Matos
bdc6b3abe0
nixos/wireplumber: fix systemwide bluetooth integration 
From https://gitlab.freedesktop.org/pipewire/pipewire/-/issues/3828#note_2270701
Broken/removed in #278760
 2024-03-21 16:21:59 -03:00
Bruno BELANYI
21a59137a6 nixos/podgrab: add user/group options 2024-03-21 19:16:20 +00:00
Adam Stephens
564c3749d9
nixos/users-groups: fix broken linger 2024-03-21 13:47:15 -04:00
K900
d23f4b140f
Merge pull request #297479 from cab404/raop-firewall 
nixos/pipewire: raopOpenFirewall option
 2024-03-21 18:05:20 +03:00
Bobby Rong
b79ac84d84
nixos/budgie: Use gnome-terminal by default 
- Both budgie-desktop-view and cinnamon-desktop defaults to gnome-terminal, there
  are no clear reason why we don't use the defaults here.
  The cinnamon-desktop org.cinnamon.desktop.default-applications.terminal schema
  is used in nemo for default emulator, since we use nemo by default this fixes nemo
  open in terminal entry without introducing another override.
- There are theming issues with Qogir when opening right-click menu in a second tab.
- Transparency is broken when hovering on other windows, showing only the wallpaper.

This also ensures a stable default for budgie-desktop-view, by using only the
executable name and not a nix store path.

ref: https://github.com/BuddiesOfBudgie/budgie-desktop-view/blob/v1.3/data/org.buddiesofbudgie.budgie-desktop-view.gschema.xml#L60
ref: https://github.com/linuxmint/cinnamon-desktop/blob/6.0.0/schemas/org.cinnamon.desktop.default-applications.gschema.xml.in#L46
ref: https://github.com/linuxmint/nemo/blob/6.0.0/src/nemo-view.c#L7193
 2024-03-21 22:16:25 +08:00
Martin Weinelt
3b7d9c77b3
Merge pull request #297622 from mweinelt/kea-exporter-0.7.0 
kea-exporter: 0.6.1 -> 0.7.0
 2024-03-21 14:29:42 +01:00
K900
4e5b7fe664 plasma6: also install base kio5 
Fixes #295814
 2024-03-21 15:19:44 +03:00
nikstur
80f60ad1f4
Merge pull request #297224 from WilliButz/repart-image/mkDerivation 
nixos/repart-image: refactor to use mkDerivation instead of runCommand
 2024-03-21 12:50:17 +01:00
Stig
468417b7f3
Merge pull request #296479 from marcusramberg/marcus/nimdow 
nixos/nimdow: module updates
 2024-03-21 12:14:56 +01:00
WilliButz
d9264d0568
nixos/repart-image: add myself as maintainer 2024-03-21 11:37:43 +01:00
WilliButz
5282cdd926
nixos/repart-image: add internal option to expose finalPartitions 2024-03-21 11:37:43 +01:00
WilliButz
d7ef2defda
nixos/repart-image: refactor to use mkDerivation 
As a follow-up to https://github.com/NixOS/nixpkgs/pull/294096 this
should further improve the flexibility around building OS images with
systemd-repart:

* Previously the attribute set `compression` needed to be fully
  populated, including `algorithm` and `level` because
  `compression.enable` was evaluated by bash, after being interpolated
  as strings into the `buildCommand`. Now it's sufficient to pass
  `compression.enable = false` to the builder, e.g. in `overrideAttrs`,
  to disable the compression.
* Using mkDerivation allows for much more customization than the
  previously used `runCommand`, making use of phases and pre/post hooks.
  This is especially helpful for building multiple images from the same
  system configuration, e.g. to build an image `Y` based on a partially
  built raw image `X`,  by injecting a UKI that depends on `X` into a
  defered ESP.
* Before this change it was non-trivial to conduct further manipulations
  on the amended repart definitions. Now, the definitions that
  systemd-repart uses to build the image can be easily manipulated in
  `postPatch` or `preBuild`.

Aside from this, the build is now executed in the build directory, rather
than `$out`. This allows references to relative paths in the build
environment to be used, especially for `--definitions`, which previously
required an absolute path.
 2024-03-21 11:37:43 +01:00
Doron Behar
2897be360b
Merge pull request #287966 from Guanran928/clash-meta 
nixos/mihomo: init
 2024-03-21 10:40:10 +02:00
Jörg Thalheim
3f71d1bc02 digital-ocean: no longer disable multiple nixos generations in bootloader 
Since digitalocean has a recovery console it's possible to boot
into an old generation.
 2024-03-21 08:10:00 +01:00
Jörg Thalheim
d87c4e1a72 digital-ocean: make it easier to use disko 
If the user provides a `fileSystems."/".device` option, it should have
higher precedence than the default value.
Same for `loader.grub.devices` (also set by disko internally).
 2024-03-21 08:09:27 +01:00
Martin Weinelt
c77d192eb4
prometheus-kea-exporter: 0.6.1 -> 0.7.0 
https://github.com/mweinelt/kea-exporter/blob/v0.7.0/HISTORY

Updates the module to use the target name, because it now supports both
UDS as well as HTTP URLs.
 2024-03-21 06:17:59 +01:00
Martin Weinelt
d702c91302
nixos/prometheus/exporters: pass utils into exporter modules 
This is useful, because it provides escapeSystemdShellArgs.
 2024-03-21 05:27:21 +01:00
github-actions[bot]
36232fff71
Merge master into staging-next 2024-03-20 18:01:02 +00:00
Dmitry Bogatov
5bb92281f5 nixos/dnscache: Provide explicit group for "dnscache" user 
Without this patch the module refuses to evaluate, complaining that
default "nogroup" is no longer supported.
 2024-03-20 16:45:50 +01:00
Cabia Rangris
eaf6b74366
nixos/pipewire: raopOpenFirewall option 
RAOP requires UDP/6001-6002 for timing
information, and won't work with apple devices if
firewall is enabled.
 2024-03-20 18:32:01 +03:00
Maciej Krüger
061b88c7f4
nixos/fcitx5: fix warning about plasma6 option 2024-03-20 15:18:51 +01:00
Sandro
50b2e2a029
Merge pull request #296866 from SuperSandro2000/xserver-pinentry 2024-03-20 14:32:44 +01:00
github-actions[bot]
90461ffe37
Merge master into staging-next 2024-03-20 12:01:15 +00:00
éclairevoyant
debb92775e nixos/starship: cleanup 2024-03-20 21:08:43 +11:00
éclairevoyant
4f9d91e276 nixos/starship: allow setting package 2024-03-20 21:08:43 +11:00
Florian Klink
40e49b40ab
Merge pull request #296949 from NixOS/mycelium_service 
nixos/mycelium: init
 2024-03-20 11:50:46 +02:00
nikstur
d5d1e6a4fa
Merge pull request #297227 from WilliButz/uki/expose-rendered-config 
nixos/uki: add configFile option
 2024-03-20 10:41:59 +01:00
Florian Klink
39ebd395cc
Merge pull request #224666 from grindhold/container_underscores 
check nixos-container names for underscores
 2024-03-20 11:41:34 +02:00
Pol Dellaiera
15541288f3
Merge pull request #297133 from trofi/etebase-server-fix-test 
etebase-server: fix the eval on `null` `cfg.unixSocket`
 2024-03-20 07:38:15 +01:00
K900
e240f8bde9 Merge remote-tracking branch 'origin/master' into staging-next 2024-03-20 09:27:30 +03:00
K900
e382906174
Merge pull request #295839 from peterhoeg/m/sddm_kwin 
nixos/sddm: add support for kwin_wayland
 2024-03-20 09:02:52 +03:00
Ameya Shenoy
99c0c32a49
usbguard: fix policy enums 
The available policies for `InsertedDevicePolicy` and
`ImplicitPolicyTarget` differ from the defined policy enum. This change
is to prevent users from configuring incorrect policies for `usbguard`

Related `usbguard` documentation
https://usbguard.github.io/documentation/configuration.html

Signed-off-by: Ameya Shenoy <shenoy.ameya@gmail.com>
 2024-03-20 08:41:21 +05:30
lassulus
b82a5ef764 nixos/mycelium: init 2024-03-20 03:56:58 +01:00
Adam Stephens
deb5be50c4
incus: move wrapper to nixos module 2024-03-19 22:48:07 -04:00
github-actions[bot]
a474411771
Merge master into staging-next 2024-03-20 00:02:08 +00:00
aleksana
b60f6b118b nixos/mandoc: add leading slash to manPath 2024-03-20 00:56:18 +01:00
aleksana
da089cf63a nixos/mandoc: fix invalid manpath directory and add cachePath option 2024-03-20 00:56:18 +01:00
Philip Taron
29a46d2802
nixos/nvidia: Set SidebandSocketPath to a user-writable path in /run 
The NVIDIA X driver uses a UNIX domain socket to pass information to
other driver components. If unable to connect to this socket, some
driver features, such as G-Sync, may not work correctly. The socket will
be bound to a file with a name unique to the X server instance created
in the directory specified by this option. Note that on Linux, an
additional abstract socket (not associated with a file) will also be
created, with this pathname socket serving as a fallback if connecting
to the abstract socket fails.

The default, which was in effect prior to this change, was `/var/run`.

The effect of not setting this option was that GDM X sessions
(and other non-root sessions) would see this warning in the log files:

```
   (WW) NVIDIA: Failed to bind sideband socket to
   (WW) NVIDIA:     '/var/run/nvidia-xdriver-b4f69129' Permission denied
```

I don't see any security implications of turning this on universally,
since there already was an abstract socket created according to the
docs.

Documentation:

1. [NVIDIA X Config Options](https://download.nvidia.com/XFree86/Linux-x86_64/440.82/README/xconfigoptions.html#SidebandSocketPath)

Diagnosis:

1. [Arch Linux BBS post](https://bbs.archlinux.org/viewtopic.php?pid=1909115#p1909115)
 2024-03-19 16:34:41 -07:00
maxine
b0f45b4837
Merge pull request #295926 from savannidgerinel/savanni/1password-8.10.28-21 
_1password-gui_beta: 8.10.28-11 -> 8.10.28-21 + refactor
 2024-03-19 23:11:29 +01:00
Savanni D'Gerinel
61b6a6ae6f
_1password-gui-beta: 8.10.28-11 -> 8.10.28-21 
- Updating the 1Password beta release to 8.10.28
- Removing the KeyringHelper application.
 2024-03-19 23:09:37 +01:00
Silvan Mosberger
308671dbe8 nixos/nix: Fix example for nix.settings option 
Attribute sets aren't valid option values, needs to be a list
 2024-03-19 22:55:19 +01:00
Peter Hoeg
404a2363d1 nixos/plasma6: use kwin with sddm 2024-03-19 21:14:46 +01:00
Peter Hoeg
8c642cd40a nixos/sddm: add support for kwin_wayland 2024-03-19 20:55:23 +01:00
github-actions[bot]
7338a5dec5
Merge master into staging-next 2024-03-19 18:01:00 +00:00
Will Fancher
f0701b576a
Merge pull request #290061 from SuperSandro2000/kernel-modules-package-name 
nixos/boot: move name overwrite to pkgs.aggregateModules to option
 2024-03-19 13:04:19 -04:00
WilliButz
e9fa0ec5fe
nixos/uki: add configFile option 
This option makes it easier to reuse a system's ukify.conf without the
need for manually calling the generator on `settings` again to receive a
rendered configuration file.

Theoretically, a complete configuration file could now be provided by
users.
 2024-03-19 17:58:28 +01:00
Martin Weinelt
7762462405
Merge remote-tracking branch 'origin/master' into staging-next 
Conflicts:
- pkgs/development/python-modules/flask-security-too/default.nix
 2024-03-19 17:30:16 +01:00
Bobby Rong
2dcadb7087
Merge pull request #297072 from FedericoSchonborn/add-federicoschonborn 
maintainers: Add federicoschonborn back again
 2024-03-19 23:12:06 +08:00
ajs124
bdabdf0c16 nixos/gitlab: use workhorse package from option in path 2024-03-19 13:47:55 +01:00
ajs124
1bada61543 nixos/gitlab: switch from sidekiq to sidekiq-cluster 2024-03-19 13:47:55 +01:00
Sandro
4a9a5fab1c
Merge pull request #283501 from SuperSandro2000/hedgedoc-fix-tools-exec 2024-03-19 13:37:46 +01:00
Sergei Trofimovich
5a3bd05394 etebase-server: fix the eval on null cfg.unixSocket 
Without the change the test eval fails as:

    $ nix build --no-link -f. etebase-server.tests
       error: cannot coerce null to a string: null
 2024-03-19 08:59:57 +00:00
Federico Damián Schonborn
455b915be0
maintainers: Add federicoschonborn back again 
Signed-off-by: Federico Damián Schonborn <federicoschonborn@disroot.org>
 2024-03-18 21:51:28 -03:00
github-actions[bot]
7c0bd382c7
Merge master into staging-next 2024-03-19 00:02:09 +00:00
Lily Foster
e3c0bb4255
Merge pull request #294542 from Janik-Haag/garage 
nixos/garage: add env-var wrapper for admin cli
 2024-03-18 16:10:15 -07:00
Janik H.
9ec0e31f79
nixos/garage: add env-var wrapper for admin cli 2024-03-18 22:53:21 +01:00
Will Fancher
57f69255d7
Merge pull request #293591 from lf-/jade/fix-luksroot-assert 
nixos.luksroot: fix assertion message to name correct option
 2024-03-18 17:46:11 -04:00
maralorn
b6668ded0e
Merge pull request #296977 from slotThe/maintainer 
Add slotThe as a maintainer
 2024-03-18 22:43:38 +01:00
Jade Lovelace
a72afcbc48 nixos.luksroot: fix assertion message to name correct option 2024-03-18 14:41:47 -07:00
Ryan Lahfa
ae07fcb07b
Merge pull request #293271 from nikstur/test-instrumentation-without-usr-bin-env 
nixos/test-instrumentation: use full path to env
 2024-03-18 13:57:37 -07:00
Tony Zorman
240c39ef2e nixos/xmonad: add slotThe as a maintainer 2024-03-18 20:27:15 +01:00
Martin Weinelt
00e2713c5b
Merge remote-tracking branch 'origin/master' into staging-next 2024-03-18 19:59:23 +01:00
Will Fancher
99587a3411
Merge pull request #209964 from Majiir/fix-initrd-systemd-closure 
nixos/systemd/initrd: follow init param symlinks
 2024-03-18 14:39:37 -04:00
Florian Klink
70d7abc09c
Merge pull request #296924 from flokli/document-servers-empty-fallback 
nixos/timesyncd: further document services.timesyncd.servers
 2024-03-18 20:08:22 +02:00
Jon Seager
ffc736695c
Merge pull request #296937 from MinerSebas/scrutiny-collector-ordering 2024-03-18 17:16:40 +00:00
Martin Weinelt
03fcd060ff
Merge pull request #296921 from patka-123/engelsystem-cleanup 
engelsystem: cleanup
 2024-03-18 17:14:59 +01:00
Patka
93aba53a08
engelsystem: cleanup 
The custom php with extensions is not needed. The default already has all the needed extensions enabled by default.
 2024-03-18 17:08:01 +01:00
K900
823897dde8 wireplumber: 0.4.17 -> 0.5.0 2024-03-18 18:57:05 +03:00
MinerSebas
9d384c350b nixos/scrutiny: Order scrutiny-collector after scrutiny 2024-03-18 16:30:51 +01:00
Florian Klink
78d8e2ca11 nixos/timesyncd: further document services.timesyncd.servers 
Running systemd-timesyncd with an empty list of timeservers to sync from
does not work.

In case an empty list is configured here, systemd will fall back to its
compiled-in defaults, which NixOS sets to `{0..4}.nixos.pool.ntp.org`,
as per https://github.com/systemd/systemd/blob/main/docs/DISTRO_PORTING.md#ntp-pool

This has caused some confusion. Explicitly document this, and describe
how to disable timesyncd.
 2024-03-18 17:23:55 +02:00
Jonas Heinrich
30036c3d10 nixos/initrd-ssh: Add authorizedKeyFiles option 2024-03-18 15:27:15 +01:00
github-actions[bot]
d5491af22d
Merge master into staging-next 2024-03-18 12:01:22 +00:00
Sandro
124ec2d9d6
nixos/xserver: don't conflict pinentry package with DEs 2024-03-18 11:22:48 +01:00
nikstur
a1c4f0a754
Merge pull request #282022 from ElvishJerricco/gpt-auto-root 
nixos: Support systemd-gpt-auto-root
 2024-03-18 10:27:22 +01:00
yunfachi
05901fbaec nixos/uni-sync: init 2024-03-18 10:35:43 +03:00
github-actions[bot]
819a14ad05
Merge master into staging-next 2024-03-18 06:01:21 +00:00
github-actions[bot]
ac91cf83c1
Merge master into staging-next 2024-03-18 00:02:20 +00:00
Alex Martens
bdb6849a32 nixos/llama-cpp: fix binary path 2024-03-17 16:48:51 -07:00
Sandro
1f212fd6e6
Merge pull request #289025 from tcheronneau/issue-288907 
nixos/tinyproxy: fix the quotes around the filter path
 2024-03-17 23:33:42 +01:00
Will Fancher
486e837cbe
Merge pull request #293710 from B4dM4n/networkd-policy-rule-port-range 
nixos/networkd: allow RoutingPolicyRule port ranges
 2024-03-17 12:36:30 -07:00
github-actions[bot]
100b3bb178
Merge master into staging-next 2024-03-17 18:00:54 +00:00
github-actions[bot]
c222aba0b8
Merge master into staging-next 2024-03-17 12:01:55 +00:00
Patka
c4e1ffb96b
engelsystem: 3.4.1 -> 3.5.0 
Release notes: https://github.com/engelsystem/engelsystem/releases/tag/v3.5.0
 2024-03-17 12:24:29 +01:00
Maximilian Bosch
6af7e814af
Merge pull request #292993 from wolfgangwalther/postgresql-refactor 
postgresql: refactor and cleanup
 2024-03-17 10:00:07 +00:00
Schweber
beb139496a
nixos/resolvconf: add option "trust-ad" when useLocalResolver is enabled 2024-03-17 07:52:00 +00:00
Sandro
62748bdf42
Merge pull request #295891 from Stzx/pinentry-conflict 
pinentry: fix DM option and user conflict
 2024-03-17 08:50:13 +01:00
Bobby Rong
a4bca9aaef
nixos/pantheon: Add missing gala-daemon systemd services 
Otherwise it doesn't autostart after user session managed by systemd.
 2024-03-17 13:42:33 +08:00
Bobby Rong
0b41a85c95
nixos/display-managers: Don't force graphical-session.target activation for Pantheon 
See Nixpkgs pull request 233981.
 2024-03-17 13:42:33 +08:00
Bobby Rong
7522f97cbe
pantheon: Manage user session with systemd 
This is now needed as gnome-session 46 drops `--builtin` option.
 2024-03-17 13:41:51 +08:00
github-actions[bot]
2178d8d857
Merge master into staging-next 2024-03-17 00:02:17 +00:00
Martin Weinelt
2b003c0269
nixos/pretix: make state directory world-readable 
Pretix creates static files in its state directory, that nginx needs to
serve, so locking down the permissions that hard is not going to work.
 2024-03-16 23:44:37 +01:00
Atemu
44a3dd2ef4
Merge pull request #296009 from Atemu/steamcompattools 
proton-ge-bin: init at 9-1, nixos/steam: use steamcompattool output for extraCompatPackages
 2024-03-16 20:57:05 +00:00
Jon Seager
bfa0fb2dbe
Merge pull request #296463 from MinerSebas/scrutiny-split 2024-03-16 19:41:40 +00:00
Marcus Ramberg
20eec34036 nixos/nimdow: Make package configurable, ensure nimdow can start a terminal in it's default config 2024-03-16 19:32:34 +01:00
github-actions[bot]
60fbf92c10
Merge master into staging-next 2024-03-16 18:01:00 +00:00
Pol Dellaiera
5ebdb3eda7
Merge pull request #296465 from Janik-Haag/networkmanager-ensure-profiles 
nixos/networkmanager: ensure-profiles, make sure networkmanager is running
 2024-03-16 18:46:12 +01:00
Janik H.
847a53742c
nixos/networkmanager: ensure-profiles, make sure networkmanager is running 2024-03-16 18:11:58 +01:00
MinerSebas
2210ac7764 nixos/scrutiny: Order scrutiny.service after influxdb2.service 2024-03-16 18:02:17 +01:00
MinerSebas
7d6917088c nixos/scrutiny: Dont enable influxdb when only using scrutiny-collector 2024-03-16 18:02:10 +01:00
Atemu
bdc55d2f86 nixos/steam: provide example in extraCompatPackages 2024-03-16 17:59:27 +01:00
Atemu
2b619c2314 nixos/steam: use steamcompattool output for extraCompatPackages 
This sets a standard for Steam compat tools in NixOS where they must have the
compat tool in a special steamcompattool output.

proton-ge-bin was adjusted to conform with it.
 2024-03-16 17:59:27 +01:00
Arian van Putten
d211b80d29
Merge pull request #294493 from endgame/ec2-image-ssm-agent 
nixos/amazon-image: Enable Amazon SSM Agent by default
 2024-03-16 17:57:42 +01:00
Guillaume Girol
119099506c
Merge pull request #292477 from nu-nu-ko/nixos-komga-hardening 
nixos/komga: add service hardening and misc format changes.
 2024-03-16 17:34:45 +01:00
Martin Weinelt
fe8d02e2bc
Merge pull request #296180 from mweinelt/pretix 
pretix: init at 2024.2.0
 2024-03-16 17:28:20 +01:00
Manuel Sanchez Pinar
a1301766eb
nixos/silverbullet: init module 2024-03-16 17:11:59 +01:00
MinerSebas
9e1fe5cddd nixos/restic-rest-server: Make the service socket activated 2024-03-16 17:07:55 +01:00
Jörg Thalheim
56db90d274
Merge pull request #296164 from bubuntux/ivsc-option 
Add ivsc-firmware to ipu6 option
 2024-03-16 16:14:05 +01:00
Martin Weinelt
b05a529fd6
nixos/pretix: init 2024-03-16 14:50:56 +01:00
Bobby Rong
3b48b3aaa9
Merge pull request #289062 from bobby285271/upd/mate 
MATE 1.28
 2024-03-16 21:38:24 +08:00
github-actions[bot]
9db4d84312
Merge master into staging-next 2024-03-16 12:01:19 +00:00
MinerSebas
7762c2233c nixos/restic-rest-server: Add additional service hardening 2024-03-16 08:18:50 +01:00
Pol Dellaiera
4285a30496
Merge pull request #295837 from abysssol/ollama-env-vars 
nixos/ollama: add option to set environment variables
 2024-03-16 08:02:55 +01:00
github-actions[bot]
7006358e6a
Merge master into staging-next 2024-03-16 00:02:02 +00:00
Will Fancher
f1731f2e28 nixos: Support systemd-gpt-auto-root 2024-03-15 18:22:04 -04:00
Guillaume Girol
1f26e67560
Merge pull request #278064 from symphorien/nix_config_extra 
nixos/nix: add workaround for https://github.com/NixOS/nix/issues/9487
 2024-03-15 22:46:51 +01:00
Pol Dellaiera
21456ee2a7
Merge pull request #296183 from laalsaas/etebase-server-fix 
etebase-server: create required tmpdir
 2024-03-15 22:08:15 +01:00
Wolfgang Walther
4b6bce5c31
postgresql: refactor to remove "this" argument 
This was proposed by abbradar in #150801, but left out of the follow up PR
#221851 by Ma27 to reduce the size of the diff. Compared to the initial
proposal this includes the callPackage call in the recursion, which avoids
breaking the withJIT/withoutJIT helpers.

In terms of nixpkgs, this is a pure refactor, no derivations change. However,
this makes downstream expressions like the following possible:

  (postgresql.override { jitSupport = true; }).pkgs.postgis

This would have not worked before without passing another "this" argument,
which is error prone as can be seen in this example:

  https://github.com/PostgREST/postgrest/pull/3222/files
 2024-03-15 21:11:09 +01:00
Wolfgang Walther
14b3ea2789
postgresql: refactor to pass jitSupport/llvm via scope instead of passthru 
This makes it less error-prone to use the llvm package in extensions, because
it will always match the package used by the postgresql derivation itself.

Previously, you could've accidentally used llvm instead of postgresql.llvm
with a different result.
 2024-03-15 21:11:09 +01:00
Maximilian Bosch
0d17fd9524
Merge pull request #292473 from networkException/fix-synapse-unix-socket-permissions 
nixos/matrix-synapse: allow synapse to write to directories of unix socket paths
 2024-03-15 18:53:04 +00:00
Janik H.
fc060cc3cb nixos/resolvconf: add ::1 as local dns resolver 2024-03-15 19:31:37 +01:00
github-actions[bot]
00729a3d21
Merge master into staging-next 2024-03-15 18:01:19 +00:00
laalsaas
1d4c8cb0ff etebase-server: create required tmpdir 2024-03-15 16:52:21 +01:00
Julio Gutierrez
811872a489 Add ivsc-firmware to ipu6 option 2024-03-15 09:29:46 -05:00
Andrew Marshall
24ae983076 darwin.linux-builder: Exit scripts on error 
For example, if the user decided to ctrl-c upon getting the sudo
password prompt, the script previously continued on to start the VM, but
that should not be the case.
 2024-03-15 08:52:30 -04:00
Peder Bergebakken Sundt
3399de5396
Merge pull request #295342 from pbsds/spotifyd-url-1710255988 
nixos/spotifyd: update configuration documentation url
 2024-03-15 13:03:01 +01:00
github-actions[bot]
4aac48ff7f
Merge master into staging-next 2024-03-15 06:01:09 +00:00
Bobby Rong
9254f99be6
Merge pull request #296019 from bobby285271/upd/budgie 
nixos/budgie: Fix default fonts
 2024-03-15 08:35:12 +08:00
github-actions[bot]
2bffd64e73
Merge master into staging-next 2024-03-15 00:01:59 +00:00
Bobby Rong
f7f3a3ec53
nixos/budgie: Fix default fonts 
Always install noto fonts and hack font.
 2024-03-15 07:56:02 +08:00
Ilan Joselevich
09078fd022
Merge pull request #295932 from Kranzes/nextcloud 
nixos/nextcloud: remove opcache.enable_cli=1
 2024-03-14 21:36:09 +02:00
Ilan Joselevich
9353fb2309
nixos/nextcloud: remove opcache.enable_cli=1 
Upstream no longer recommends enabling the opcache cli.
See the following:
 - https://github.com/nextcloud/documentation/issues/1439
 - https://github.com/nextcloud/server/pull/15468
 2024-03-14 18:36:11 +02:00
Bobby Rong
398cce395c
nixos/mate: Add enableWaylandSession option 
Make this an opt-in for now since the session is in early stage
and introduces a new set of wayfire closure.
 2024-03-14 23:34:11 +08:00
Bobby Rong
b45faa9834
nixos/mate: Add extraPanelApplets, extraCajaExtensions option 
Hopefully this is more user-friendly.
 2024-03-14 23:34:10 +08:00
Bobby Rong
a323f4f828
mate: Install mate-panel-with-applets by default 2024-03-14 23:34:06 +08:00
Bobby Rong
c87f6b5591
mate: Install caja-with-extensions by default 2024-03-14 23:34:05 +08:00
Stzx
8bf5cc2666
pinentry: fix DM option and user conflict 2024-03-14 21:54:35 +08:00
abysssol
b5e7a05bb7 nixos/ollama: add option to set environment variables 2024-03-14 04:21:36 -04:00
github-actions[bot]
f4c4bfc9fc
Merge master into staging-next 2024-03-13 18:00:53 +00:00
nikstur
7f175e69ca
Merge pull request #295370 from arianvp/fix-295365 
nixos/binfmt: fix race condition between systemd-tmpfiles and systemd-binfmt
 2024-03-13 14:52:24 +01:00
Sandro
db55012fa3
Merge pull request #291455 from SuperSandro2000/hydra-starman-worker 2024-03-13 13:57:12 +01:00
github-actions[bot]
cecf050e96
Merge master into staging-next 2024-03-13 12:01:25 +00:00
Pol Dellaiera
55251f1ffc
Merge pull request #295547 from Janik-Haag/unbound 
nixos/unbound: drop networkmanager since it doesn't support unbound anymore
 2024-03-13 10:33:52 +01:00
Janik H.
4147e50f18
nixos/unbound: drop networkmanager since it doesn't support unbound anymore 2024-03-13 09:50:56 +01:00
Pol Dellaiera
c35c016e5d
Merge pull request #295529 from Janik-Haag/networkmanager-drop-unbound 
nixos/networkmanager: drop unbound form dns servers
 2024-03-13 09:04:58 +01:00
Pol Dellaiera
6710011819
Merge pull request #295199 from blakesmith/gotosocial_14_2 
gotosocial 0.14.1 -> 0.14.2
 2024-03-13 08:53:37 +01:00
Janik H.
a97e56ae28
nixos/networkmanager: drop unbound form dns servers 
upstream dropped unbound in 5da17c689b
 2024-03-13 08:31:52 +01:00
éclairevoyant
e7db1f299c
nixos/scrutiny: fix timer not auto-starting 2024-03-12 22:25:54 -04:00
Blake Smith
b0529146b9 nixos/gotosocial: add blakesmith as a maintainer 2024-03-12 21:13:22 -05:00
annalee
8e038835fe
Merge remote-tracking branch 'upstream/master' into staging-next 2024-03-13 00:38:07 +00:00
Rok Garbas
6f11ba9ffe
Merge branch 'master' into amazon-ec2-amis 2024-03-13 00:37:12 +01:00
Jörg Thalheim
721c6579d2
Merge pull request #295407 from Stunkymonkey/nixos-murmur-registerPassword-fix 
nixos/murmur: fix writing registerPassword to config
 2024-03-12 22:47:26 +01:00
Fabián Heredia Montiel
da8768347e
Merge pull request #293950 from DCsunset/nixos-hoogle 
nixos/hoogle: add extraOptions
 2024-03-12 14:57:30 -06:00
Felix Buehler
1e22e7d75e nixos/murmur: fix writing registerPassword to config 2024-03-12 21:19:24 +01:00
Arian van Putten
16526f454f nixos/binfmt: fix race condition between systemd-tmpfiles and systemd-binfmt 
We need to make sure systemd-tmpfiles-setup.service ran before we
start systemd-binft.service. Otherwise it might fail to start
due to non-existant files

Fixes #295365
 2024-03-12 21:08:03 +01:00
github-actions[bot]
6b78f024b2
Merge staging-next into staging 2024-03-12 18:01:46 +00:00
Azat Bahawi
d3e30a442b
nixos/incus: fix systemd service path 
Fixes a regression introduced in #294754.
 2024-03-12 20:03:36 +03:00
Peder Bergebakken Sundt
285d2dcf3c nixos/spotifyd: update configuration documentation url 2024-03-12 16:07:48 +01:00
Sandro
e220724911
Merge pull request #292141 from SuperSandro2000/plasma-out-xserver 2024-03-12 13:55:27 +01:00
K900
21adc4f16a
Merge pull request #295092 from K900/more-heinous-crimes 
nixos/iso-image: extremely cursed performance optimization for Hydra
 2024-03-12 15:45:38 +03:00
K900
77536af43b nixos/iso-image: extremely cursed performance optimization for Hydra 
Right now the worst case chain of events for building an ISO on Hydra is

    - copy everything to squashfs builder
    - run squashfs builder
    - download squashfs from builder
    - compress squashfs
    - upload squashfs to S3
    - copy squashfs to ISO builder
    - run ISO builder
    - download ISO from builder
    - compress ISO
    - upload ISO to S3

This inlines the squashfs build into the ISO build, which makes it

    - copy everything to ISO builder
    - run ISO builder
    - download ISO from builder
    - compress ISO
    - upload ISO to S3

Which should reduce queue runner load by $alot per ISO, which we have four of on small channels
(one release, one test per arch) and a lot more than four of on large channels (with various desktops)
 2024-03-12 15:41:59 +03:00
github-actions[bot]
1cef2a1be7
Merge staging-next into staging 2024-03-12 12:01:40 +00:00
nikstur
da05945c74
Merge pull request #295096 from jmbaur/uki-dtb 
nixos/uki: add ".dtb" section if devicetree is used
 2024-03-12 12:57:15 +01:00
Sandro Jäckel
b07cdeb1b3
nixos/plasma6: move out of x11 
This release focuses on wayland, lets give that justice
 2024-03-12 10:49:42 +01:00
github-actions[bot]
0917422ffe
Merge staging-next into staging 2024-03-12 06:01:24 +00:00
cmspam
701fcd7982 nixos/incus: add openvswitch support 
1. Added openvswitch integration to incus service.
2. Added tests to test openvswitch functionality with incus.
 2024-03-12 01:03:39 +00:00
Jared Baur
2837c0d9aa
nixos/uki: add ".dtb" section if devicetree is used 
This ensures a ".dtb" PE section makes it into the UKI so systemd-stub
can install the correct devicetree for use by the Linux kernel. This is
often needed on systems that boot with u-boot since the devicetree used
by u-boot is often a paired down version of what the Linux kernel needs.
On those kinds of boards, the lack of this PE section means that u-boot
will end up installing its internal devicetree into the UEFI
configuration table, which is what the Linux kernel ends up using.
 2024-03-11 12:42:21 -07:00
github-actions[bot]
06e5eb63d3
Merge staging-next into staging 2024-03-11 18:01:53 +00:00
emilylange
08c37ba899 nixos/lldap: set service UMask=0027 and StateDirectoryMode=0750 
While `/var/lib/lldap` isn't technically accessible by unprivileged
users thanks to `DynamicUser=true`, a user might prefer and change it to
`DynamicUser=false`.

There is currently also a PR open that intends to make `DynamicUser`
configurable via module option.

As such, `jwt_secret_file`, if bootstrapped by the service start
procedure, might be rendered world-readable due to its permissions
(`0644/-rw-r--r--`) defaulting to the service's umask (`022`) and
`/var/lib/lldap` to `0755/drwxr-xr-x` due to `StateDirectoryMode=0755`.

This would usually be fixed by using `(umask 027; openssl ...)` instead
of just `openssl ...`.

However, it was found that another file (`users.db`), this time
bootstrapped by `lldap` itself, also had insufficient permissions
(`0644/-rw-r--r--`) inherited by the global umask and would be left
world-readable as well.

Due to this, we instead change the service's to `027`.

And to lower the impact for already bootstrapped files on existing
instances like `users.db`, set `StateDirectoryMode=0750`.
 2024-03-11 17:34:29 +01:00
emilylange
61a651e362 nixos/lldap: bootstrap jwt_secret if not provided 
If not provided, lldap defaults to `secretjwtsecret` as value which is
hardcoded in the code base.

See https://github.com/lldap/lldap/blob/v0.5.0/server/src/infra/configuration.rs#L76-L77

This is really bad, because it is trivially easy to generate an admin
access token/cookie as attacker, if a `jwt_secret` is known.
 2024-03-11 17:34:29 +01:00
Sandro Jäckel
4799ffc61d
nixos/vaultwarden: drop lib.mdDoc 2024-03-11 16:32:53 +01:00
Sandro Jäckel
d5ae85691a
nixos/vaultwarden: drop with lib over entire file 2024-03-11 16:32:49 +01:00
Sandro
869ec01e56
Merge pull request #294286 from SuperSandro2000/unbound-remote-config-check 2024-03-11 16:06:31 +01:00
WilliButz
a2c0efbf5e
Merge pull request #274307 from thillux/esdm-1.0.1 
esdm: update module after 1.0.1 changes
 2024-03-11 15:11:05 +01:00
Markus Theil
36f1c0c2b3 nixos/esdm: simplify module 
ESDM 1.0.1 fixed bugs related to Linux compatibility layer with CUSE.

During these fixes, the compatibility layer was simplified behind a
target in order to start the necessary services together or none of
them (services.esdm.linuxCompatServices).

Furthermore, a small helper was added to ESDM 1.0.1 in order to deal
with resume/suspend/hibernate (FUSE needs to be unblocked).

Removed options are marked.

Signed-off-by: Markus Theil <theil.markus@gmail.com>
 2024-03-11 14:28:26 +01:00
github-actions[bot]
339816cfdf
Merge staging-next into staging 2024-03-11 12:01:42 +00:00
Pierre Allix
cf625fe5f0 nixos/networkmanager: add doc about nm profiles interaction with resolvconf 2024-03-11 12:55:27 +01:00
Sandro
80ec88edec
Merge pull request #292025 from RaHoni/baculaTls 2024-03-11 12:01:19 +01:00
Guanran Wang
a6857b00fe
nixos/mihomo: init 2024-03-11 09:51:36 +08:00
github-actions[bot]
e5f37c0e88
Merge staging-next into staging 2024-03-11 00:02:46 +00:00
Sandro
88c9f04d1a
Merge pull request #294771 from flokli/yubikey-agent-eval 
nixos/yubikey-agent: fix eval error
 2024-03-11 00:15:31 +01:00
Guanran Wang
0a5801395a nixos/clash-verge: add cfg.package 2024-03-10 20:16:41 +01:00
github-actions[bot]
43d40d2ee7
Merge staging-next into staging 2024-03-10 18:01:43 +00:00
Florian Klink
b437b19f54 nixos/yubikey-agent: fix eval error 
This has been refactored in https://github.com/NixOS/nixpkgs/
pull/133542, but this reference wasn't updated.
 2024-03-10 19:08:23 +02:00
Pol Dellaiera
2bd0c18d98
Merge pull request #282160 from gaykitty/stargazer-debug-mode 
nixos/stargazer: add missing debugMode setting
 2024-03-10 14:31:06 +01:00
github-actions[bot]
973ef4b818
Merge staging-next into staging 2024-03-10 06:01:30 +00:00
Peder Bergebakken Sundt
4a4a70ca31
Merge pull request #280836 from numinit/nebula-port-zero 
nixos/nebula: default to port 0 for hosts other than lighthouse/relay
 2024-03-10 05:01:04 +01:00
Will Fancher
f592a7ea77
Merge pull request #293720 from vkleen/fix/systemd-boot-random-seed 
nixos/systemd: Only include systemd-boot-random-seed if the unit exists
 2024-03-09 21:01:35 -05:00
github-actions[bot]
3ce29d4386
Merge staging-next into staging 2024-03-10 00:02:48 +00:00
éclairevoyant
6b80044d9d
Merge pull request #294584 from MinerSebas/plasma-samba 
nixos/plasma6: Dont add samba a second time to environment.systemPackages
 2024-03-09 23:40:45 +00:00
Sandro
c86e8fd7a0
Merge pull request #133542 from fpletz/refactor/pinentry-remove-multiple-outputs 
pinentry: remove multiple outputs
 2024-03-09 23:57:27 +01:00
Bernardo Meurer
6bb56dc681
Merge pull request #294544 from lilyinstarlight/fix/fwupd-uefi-capsule-settings 2024-03-09 16:31:44 -05:00
Emily
8b7eef367c
Merge pull request #292304 from networkException/unix-socket-sliding-sync-bindaddr 
nixos/matrix-sliding-sync: improve unix socket support
 2024-03-09 20:12:48 +01:00
Lily Foster
1801583855
nixos/fwupd: fix silent failure for uefiCapsuleSettings to ever be added 
Bug was introduced in 28ea07d4e3.
 2024-03-09 12:44:46 -05:00
MinerSebas
cf3a468eee nixos/plasma6: Dont add samba a second time to environment.systemPackages 2024-03-09 17:06:25 +01:00
gaykitty
366147b86d nixos/stargazer: add missing debugMode setting 2024-03-09 11:04:27 -05:00
networkException
f0097cf1d9
nixos/matrix-sliding-sync: create runtime directory in /run/matrix-sliding-sync 
this patch enables the creation of a runtime directory with the default
mode 0755 in /run/matrix-sliding-sync to offer a simple option for
SYNCV3_BINDADDR when using unix sockets.
 2024-03-08 23:16:05 +01:00
Franz Pletz
a270c43ea1
treewide: use sensible pinentry flavor 2024-03-08 23:09:02 +01:00
github-actions[bot]
c05ba82277
Merge staging-next into staging 2024-03-08 18:01:49 +00:00
Leona Maroni
399dc3f09e
Merge pull request #290925 from r-vdp/networkd_use_gateway 
systemd-networkd: add missing UseGateway key in the DHCPv4 section
 2024-03-08 16:38:14 +01:00
Sandro Jäckel
67c1193fab
nixos/unbound: disable checkconf when remote-control is used 
Closes #293001
 2024-03-08 15:34:00 +01:00
nikstur
4fc409b977
Merge pull request #294096 from WilliButz/repart-image/overridability 
systemd-repart: improve overridability of image builder
 2024-03-08 15:23:45 +01:00
Maciej Krüger
53c527b694
Merge pull request #292817 from mkg20001/steam-team 
teams.steam: add - ref #289561
 2024-03-08 13:26:02 +01:00
github-actions[bot]
1d176721c2
Merge staging-next into staging 2024-03-08 12:01:49 +00:00
K900
7b8d88fa05 nixos/steam: fix eval after #293564 2024-03-08 14:42:31 +03:00
Maciej Krüger
26c09016b9
modules/steam: transfer maintainership to steam team 2024-03-08 12:25:03 +01:00
Thiago Kenji Okada
488f218407
Merge pull request #293564 from Shawn8901/steam-compat-tools 
steam: add extraCompatPackages
 2024-03-08 11:06:15 +00:00
maxine
b587c07865
Merge pull request #292847 from jwillikers/linger-hotfix 
Fix the update-lingering activation script to not fail when a user is removed
 2024-03-08 09:54:44 +00:00
r-vdp
4c26c97d21
nixos/networkd: add missing UseGateway key in the DHCPv4 section 2024-03-08 10:54:03 +01:00
maxine
d231374084
Merge pull request #288873 from amaxine/networkmanager_1.46 
networkmanager: 1.44.2 → 1.46.0
 2024-03-08 09:52:14 +00:00
Weijia Wang
4acc19b18c
Merge pull request #291581 from Luflosi/nixos/memcached/clarify-setting 
nixos/memcached: clarify behaviour of `enableUnixSocket`
 2024-03-08 10:25:10 +01:00
Viktor Kleen
0aed32b9dd
nixos/systemd: Only include systemd-boot-random-seed if the unit exists 
The unit file is only present if systemd was built with bootloader support.
 2024-03-08 08:52:11 +00:00
Jack Kelly
dc158268f7 nixos/amazon-image: Enable Amazon SSM Agent by default 
Amazon-provided EC2 images do this.

See: https://docs.aws.amazon.com/systems-manager/latest/userguide/ami-preinstalled-agent.html
 2024-03-08 16:24:00 +10:00
éclairevoyant
2319821137
nixos/scrutiny: default collector api endpoint port to point at web app port 2024-03-07 23:21:53 -05:00
éclairevoyant
fc5116d75c
nixos/scrutiny: clean up mkEnableOption definitions 2024-03-07 23:21:53 -05:00
éclairevoyant
ce5dbf1b7b
nixos/scrutiny: inherit lib bindings 2024-03-07 23:21:52 -05:00
éclairevoyant
4e710d5221
nixos/scrutiny: remove redundant lib.mdDoc 2024-03-07 23:21:52 -05:00
~noodlez1232
555aad70c0 nixos/joycond-cemuhook: fix missing module 
It seems that the joycond-cemuhook.nix module was missing from the
module-list.nix. This commit should fix that problem.
 2024-03-07 17:17:46 -08:00
Diogo Correia
9b7e02dd4b
nixos/dnsproxy: init module 2024-03-07 23:26:59 +00:00
Peder Bergebakken Sundt
5f9689332a
Merge pull request #278537 from wfdewith/syncoid-permissions 
nixos/syncoid: add missing ZFS mount permission
 2024-03-08 00:11:39 +01:00
Max Niederman
3609e216a4
nixos/photonvision: init module 2024-03-07 14:59:20 -08:00
Yt
0340f82b24
Merge pull request #292873 from ghthor/tabby 
Tabby: bump 0.7.0 -> 0.8.3 and add systemd service
 2024-03-07 21:51:06 +00:00
WilliButz
82ef47d3b7
nixos/repart-image: add options to specify mkfs parameters 
This new option makes it easier to specify extra mkfs parameters for the
systemd-repart builder.

See https://github.com/systemd/systemd/blob/v255/docs/ENVIRONMENT.md?plain=1#L575-L577
 2024-03-07 22:50:56 +01:00
Sandro
5f39678474
Merge pull request #292552 from diogotcorreia/oci-containers-fix-stop-one-shot 
nixos/oci-containers: ignore nonexistent container when stopping
 2024-03-07 21:23:51 +01:00
Maximilian Bosch
3c8f4e06e6
Merge pull request #287602 from Ma27/drop-postgres-ensurePermissions 
nixos/postgresql: drop ensurePermissions option
 2024-03-07 19:50:44 +00:00
WilliButz
f88148f05e
nixos/repart-image: improve overridability, use structuredAttrs 
Parameters passed to systemd-repart are now passed to the build script
via environment variable, which is defined as a list of strings in
combination with `__structuredAttrs = true`. This should make it easier
to customize the image build using `overrideAttrs`.

Both the script used to amend the repart definitions and the amended
definitions are now available via passthru.
 2024-03-07 18:27:11 +01:00
Emily
2ab0d96297
Merge pull request #293251 from nesteroff/chromium-initial-prefs 
nixos/chromium: add the ability to set initial preferences
 2024-03-07 16:33:09 +01:00
Will Owens
d9188fc882
nixos/tabby: init module 
- Enable tabby to run as a systemd service
- Document standard tabby configuration
 2024-03-07 06:29:12 -05:00
DCsunset
38261d9556 nixos/hoogle: add extraOptions 2024-03-06 22:12:41 -05:00
Yuri Nesterov
960f93fd4f nixos/chromium: add the ability to set initial preferences 2024-03-06 21:32:18 +02:00
Shawn8901
93a891f0e8 steam: add extraCompatPackages 2024-03-06 20:24:55 +01:00
Sandro
e656679228
Merge pull request #286523 from MarcelCoding/listmonk 
listmonk: 2.5.1 -> 3.0.0
 2024-03-06 18:49:20 +01:00
Franz Pletz
f05e5f3a51
Merge pull request #285807 from MinerSebas/prometheus-restic-exporter 
prometheus-restic-exporter: 1.4.0 -> 1.5.0
 2024-03-06 14:35:24 +01:00
Leona Maroni
182053a2cf
Merge pull request #293595 from SuperSandro2000/git-io-remove 
treewide: stop using deprecated git.io shortlink service
 2024-03-06 11:14:14 +01:00
Fabian Möller
f753e58e6e
nixos/networkd: allow RoutingPolicyRule port ranges 
Linux and Systemd allow port ranges to be used in routing policy rules.

https://www.freedesktop.org/software/systemd/man/latest/systemd.network.html#SourcePort=
 2024-03-06 09:11:54 +01:00
Sandro Jäckel
04d33b98e1
treewide: stop using deprecated git.io shortlink service 2024-03-05 22:58:29 +01:00
Sandro
911b4015d2
Merge pull request #283319 from phaer/etebase-server 
etebase: fix runtime crash due to wrong pydantic..
 2024-03-05 21:37:21 +01:00
Adam C. Stephens
a51a27a78b
Merge pull request #291554 from jnsgruk/homepage-config 
nixos/homepage-dashboard: support structured config
 2024-03-05 09:48:19 -05:00
Jon Seager
c0330351a0
nixos/homepage-dashboard: support structured config 2024-03-05 14:38:52 +00:00
adisbladis
5cdb38bb16
Merge pull request #288579 from blitz/vbox-kvm-2 
virtualboxKvm: init
 2024-03-05 18:58:57 +13:00
Someone
46b75bf589
Merge pull request #291828 from SomeoneSerge/refactor/cdi-nvidia 
nixos/cdi.dynamic.nvidia: expose driverLink
 2024-03-04 18:32:34 +00:00
nikstur
c0feba86fb nixos/test-instrumentation: use full path to env 
It is sometimes useful to have a seprate /usr partition to make systemd
tools happy (e.g. repart, sysupdate, gpt-auto-generator etc.). The test
script should not depend on usrbinenv to make this possible.
 2024-03-04 16:12:56 +01:00
Nick Cao
8e19126885
Merge pull request #289009 from 999eagle/feat/miniflux-no-db 
nixos/miniflux: add option to disable configuring a local postgresql db
 2024-03-04 09:47:14 -05:00
Brian McKenna
40bebc8749 extest: refactor to use mkEnableOption 2024-03-04 19:18:20 +11:00
Brian McKenna
5dffe7eebf extest: init at 1.0.2 2024-03-04 19:18:20 +11:00
Sophie Tauchert
cb5f2a8e87
nixos/tests/miniflux: add test for external database 2024-03-04 09:07:21 +01:00
Sophie Tauchert
1f8385d6d1
nixos/miniflux: add option to disable configuring a local postgresql db 2024-03-04 09:07:20 +01:00
Robert Schütz
e67761b6f6
Merge pull request #292854 from SuperSandro2000/vaultwarden-bitwarden_rs 
vaultwarden: cleanup maintainers, nixos/vaultwarden: drop aliases
 2024-03-04 00:36:06 +00:00
Sandro Jäckel
06a6371247
nixos/vaultwarden: set meta.maintainers to package maintainer 2024-03-04 00:41:56 +01:00
Cosima Neidahl
c981cb00dd
Merge pull request #248972 from codifryed/coolercontrol-0.17.0 
coolercontrol: init at 1.1.1
 2024-03-03 19:31:59 +01:00
Martin Weinelt
f09b7dc6a5
Merge pull request #289961 from leona-ya/vikunja-0.23.0 
vikunja: 0.22.1 -> 0.23.0
 2024-03-03 19:15:35 +01:00
Jordan Williams
8558d7b1ce
nixos/users-groups: Fix the update-lingering activation script failing 
The update-lingering activation script currently fails during rebuilds.
This happens when removing a user with linger enabled.
The call to loginctl disable-linger runs for the non-existent user.
This returns an error code which causes the failure.

To mitigate this, this PR removes any residual linger files.
These are files named for the user in /var/lib/systemd/linger.
A simple check for user existence determines whether to delete the file.
This happens before the call to disable-linger to avoid any errors.

Fixes #283769.
 2024-03-03 12:00:25 -06:00
Guillaume Girol
5b274d5f01 nixos/nix: add workaround for https://github.com/NixOS/nix/issues/9487 
Nix has a suprising behavior where if the option `extra-foo` is set before `foo`, then setting `foo` overwrites the setting for `extra-foo`. This is reported as https://github.com/NixOS/nix/issues/9487, and will likely not be fixed any time soon.

This works around this issue by always putting `extra-*` settings after non-extra ones in the nixos-generated `/etc/nix.conf`.
 2024-03-03 17:03:46 +01:00
Guillaume Girol
dc9a74e61e
Merge pull request #291934 from e1mo/bird-lg-1-3-5 
bird-lg: 1.3.1 -> 1.3.5
 2024-03-03 15:50:42 +01:00
Guillaume Girol
9887be970b
Merge pull request #292437 from deviant/nixos-nixseparatedebuginfod-nix2.3 
nixos/nixseparatedebuginfod: fix compatibility with Nix 2.3
 2024-03-03 14:12:27 +01:00
Pol Dellaiera
f480f9f47e
Merge pull request #292823 from SuperSandro2000/paperless-too-many-open-files 
nixos/paperless: fix too many open files
 2024-03-02 23:51:11 +01:00
Pol Dellaiera
6e201a6d91
Merge pull request #292850 from newAM/llama-cpp-module-list 
nixos/llama-cpp: add to module-list
 2024-03-02 23:49:14 +01:00
Sandro Jäckel
75c7e61601
nixos/oauth2_proxy_nginx: allow placing the login page itself under a separate domain 
OIDC provider usually requires a callback URL which can now be set to
one domain when securing multiple virtualHosts under different (sub)domains
 2024-03-02 23:07:48 +01:00
Leona Maroni
46ad1987b9
Merge pull request #278698 from bachp/photoprism-update 
photoprism: 231011-63f708417 -> 231128-f48ff16ef
 2024-03-02 23:03:49 +01:00
Mynacol
84f4100520 rss-bridge: Use new tmpfiles syntax 2024-03-02 22:45:52 +01:00
Mynacol
f7a6e75b42 rss-bridge: Move whitelist option to general config 
Prefer setting the whitelisted bridges through the generic configuration
method. Removes the need for a whitelist.txt file.

Preserves backwards compatibility by taking the same values and
essentially just renaming the config option.
 2024-03-02 22:42:21 +01:00
Arian van Putten
cc04ae5878 nixos/amazon-ec2-amis: Add NixOS 23.11 
Note that this list will stop being updated from now on.
Please use https://nixos.github.io/amis/ and https://nixos.github.io/amis/images.json instead.
We are working on integrating this in the https://nixos.org/ website
These get updated for every channel bump.
 2024-03-02 22:40:50 +01:00
Mynacol
a949f4b6e2 rss-bridge: Integrate filecache path with config 
Preserve the default value for the filecache path, but also allow
modifying it, adapting the tmpfiles rule to create the directory with
the right permissions.

Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
 2024-03-02 22:40:12 +01:00
Maximilian Bosch
a9bcd3b8b7
Merge pull request #292825 from SuperSandro2000/nextcloud-with-apps-local 
nixos/nextcloud: build with-apps local
 2024-03-02 21:39:36 +00:00
Mynacol
f2201789fe rss-bridge: add config option 
This allows managing rss-bridge's config with nix.
It leverages the environment variable way of setting the config options,
introduced quite [some time ago](https://github.com/RSS-Bridge/rss-bridge/pull/2100)
It is the only existing way to set config options independent of the
document root, and upstream is [hesitant](https://github.com/RSS-Bridge/rss-bridge/pull/3842)
to change the config loading methods.

Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
 2024-03-02 22:26:11 +01:00
Julien Malka
4ee410d8f8
Merge pull request #283547 from r-vdp/boot_sort_key 2024-03-02 22:17:52 +01:00
nikstur
b6401f808a
Merge pull request #292636 from RaitoBezarius/smm-works-for-something-else-than-x86-actually 
OVMF: remove invalid `assert` on SMM
 2024-03-02 21:04:12 +01:00
Sandro Jäckel
4264ded76e
nixos/vaultwarden: drop aliases 2024-03-02 20:18:55 +01:00
Alex Martens
aafa54a1a8 nixos/llama-cpp: add to module-list 2024-03-02 10:46:24 -08:00
Sandro Jäckel
907b5ebcee
nixos/nextcloud: build with-apps local 2024-03-02 18:01:38 +01:00
K900
633a090546
Merge pull request #292822 from xNaxdy/work/plasma6-install-sshfs 
programs/kdeconnect: install sshfs
 2024-03-02 19:59:13 +03:00
Sandro Jäckel
da1ccb628f
nixos/paperless: fix too many open files 
paperless-web-start[658743]: kombu.exceptions.OperationalError: [Errno 24] Too many open files: '/nix/store/k6h0pihpi3ih31zjk6ragqcp4mjz4pjs-python3.11-concurrent-log-handler-0.9.24/lib/python3.11/site-packages/concurrent_log_handler-0.9.24.dist-info/entry_points.txt'
 2024-03-02 17:52:18 +01:00
Naxdy
bc910886a1
programs/kdeconnect: install sshfs 2024-03-02 17:51:04 +01:00
Maciej Krüger
55ead8c56a
Merge pull request #290976 from adamcstephens/incus/nft 
nixos/incus: assert nftables is used when firewall is enabled
 2024-03-02 17:40:44 +01:00
Paul Meyer
a217ccfe1f
Merge pull request #292773 from attilaolah/patch-1 
Add missing closing parens
 2024-03-02 17:32:16 +01:00
Franz Pletz
764d15f59f
pinentry: remove multiple outputs package 
fixes #133156 #124753
 2024-03-02 17:16:53 +01:00
Nick Cao
2646fba84d
Merge pull request #292702 from NickCao/fcitx5-plasma6 
nixos/fcitx5: enable plasma6Support by default if plasma6 is enabled
 2024-03-02 10:54:19 -05:00
K900
57746ceea5
Merge pull request #292748 from K900/sycoca-oof 
nixos/plasma6: nuke sycoca on activation
 2024-03-02 15:21:39 +03:00
Yt
492678349b
Merge pull request #292412 from bobrippling/fix/ebusd-logging 
ebusd: fix logging overrides
 2024-03-02 11:46:35 +00:00
Attila Oláh
ac4441fabd
Add missing closing parens. 
https://xkcd.com/859
 2024-03-02 12:40:40 +01:00
K900
d7a4bf5998 nixos/plasma6: nuke sycoca on activation 
This is not the right solution, but it should get us going for now.
 2024-03-02 11:26:41 +03:00
Nick Cao
48e5de444b
nixos/fcitx5: enable plasma6Support by default if plasma6 is enabled 2024-03-01 22:43:56 -05:00
r-vdp
a8ab8b59a7
systemd-boot: introduce options to set a sort-key for systemd-boot entries 
Without sort-keys specified on entries, the entries are sorted only by
file name (in decreasing order, so starting at the end of the alphabet!),
without taking any other fields into account (see
[the boot loader specification reference][1]).
Moreover, entries without a sort-key are always ordered after all
entries with a sort-key, so by not adding a sort-key to the NixOS ones,
we cannot add a sort-key to any other entry while keeping it below the
NixOS entries.

So currently we have options to set the file names for additional entries like
memtest and netbootxyz.
However, as mentioned above, the sorting by file name is not very intuitive and
actually sorts in the opposite order of what is currently mentioned in the option
descriptions.

With this commit, we set a configurable sort-key on all NixOS entries,
and add options for setting the sort-keys for the memtest and netbootxyz
entries.
The sorting by sort-key is more intuitive (it starts at the start of the
alphabet) and also takes into account the machine-id and version for entries
with identical sort-keys.

We use a bootspec extension to store the sort keys, which allows us to
redefine the sort key for individual specialisations without needing any
special casing.

[1]: https://uapi-group.org/specifications/specs/boot_loader_specification/#sorting
 2024-03-02 02:11:32 +01:00
nuko
636584b3ff
nixos/komga: use lib.getExe 2024-03-02 13:56:20 +13:00
nuko
b18bcf3a04
nixos/komga: add systemd service hardening 2024-03-02 13:55:25 +13:00
nikstur
ce1d1f3e6c nixos/qemu-vm: remove implicit dependency on SSM 
The qemu module shouldn't implicitly (and for all architectures) enable
SSM when enabling Secure Boot.

Additionally, this breaks aarch64 Secure Boot tests because this module
doesn't use the right machine type for anything but X86.
 2024-03-01 23:40:36 +01:00
phaer
fa34964ef1 etebase: make proper package... 
and remove the ad-hoc python environment.
Also remove daphne and use uvicorn just as upstream does
 2024-03-01 22:55:27 +01:00
nikstur
1df98b23f6
Merge pull request #292061 from nikstur/systemd-random-seed 
nixos/systemd: include systemd-boot-random-seed.service
 2024-03-01 21:46:39 +01:00
Nick Cao
fcba479b33
Merge pull request #292607 from NickCao/fcitx5-nixos 
nixos/fcitx5: add plasma6 support option
 2024-03-01 13:36:04 -05:00
Robert Hensing
55dcd06bdb
Merge pull request #292487 from jmbaur/nixos-cross-check 
nixos/nixpkgs: fix determination for cross-compiled nixos system
 2024-03-01 18:19:58 +01:00
Jared Baur
3794246066
nixos/nixpkgs: fix determination for cross-compiled nixos system 
Since the output of `lib.systems.elaborate` contains functions, an
equality check with `==` does not suffice, `lib.systems.equals` should
be used instead.
 2024-03-01 09:05:08 -08:00
Nick Cao
6e2d4054ae
nixos/fcitx5: add plasma6 support option 2024-03-01 11:34:09 -05:00
Adam C. Stephens
b52452f8c7
Merge pull request #291951 from amarshall/zfs-pkgs-renaming 
zfs: rename zfsStable -> zfs_2_2; zfsUnstable -> zfs_unstable; remove enableUnstable option in favor of package
 2024-03-01 10:09:12 -05:00
phaer
720a1eb5e7 modules/etebase-server: add package, pythonPackage 
options, to keep the packaeges configurable
 2024-03-01 14:32:46 +01:00
RaHoni
2af073f716
nixos/bacula: refactor option generation 
The generation of the descriptions always used lib explicitly even
thoughit was already specified with 'with'.

Since using `with lib` is discouraged this was also changed to inherit.
 2024-03-01 14:11:57 +01:00
RaHoni
ad2f55dc4e
nixos/bacula: Add support for TLS 
Added the majority of TLS options used for transport encryption.

This uses a submodule since all resources share the same settings.

The documentation can be found under:
https://www.bacula.org/13.0.x-manuals/en/main/Bacula_TLS_Communications_E.html
 2024-03-01 14:11:57 +01:00
Sandro
5ad27da222
Merge pull request #291907 from SuperSandro2000/tailscaled-flags 2024-03-01 13:54:54 +01:00
Sandro
b84bc4ea3a
Merge pull request #264087 from leonm1/matter-server-module 2024-03-01 13:51:19 +01:00
Sandro
51e92056db
Merge pull request #283660 from ocfox/transfer 2024-03-01 13:36:03 +01:00
Diogo Correia
81f21e3936
nixos/oci-containers: ignore nonexistent container when stopping 
Fixes #292551
 2024-03-01 10:41:00 +00:00
Marcel
896a4d62d8
listmonk: ensure correct application of data migration 2024-03-01 10:45:12 +01:00
Sarah Brofeldt
13a94ad1fb
Merge pull request #292291 from cafkafk/dockerRegistry-openFirewall 
nixos/dockerRegistry: add `openFirewall` option
 2024-03-01 09:57:07 +01:00
Christina Sørensen
d31cbb78ca
nixos/dockerRegistry: add openFirewall option 
Signed-off-by: Christina Sørensen <christina@cafkafk.com>
 2024-03-01 09:56:03 +01:00
K900
690d54ef45
Merge pull request #292326 from hcsch/pipewire-wireplumber-doc-fix 
nixos/pipewire: doc fixes as a follow-up to #282377 and #291946
 2024-03-01 09:28:17 +03:00
K900
b4622a277e
Merge pull request #292483 from mjm/plasma6-kcmutils 
nixos/plasma6: install kcmutils
 2024-03-01 09:25:51 +03:00
Matt Moriarity
e59d120fc1 nixos/plasma6: install kcmutils 2024-02-29 20:12:42 -07:00
nuko
502f34f3e0
nixos/komga: rfcfmt, rm mdDoc & toplvl with lib 2024-03-01 15:13:06 +13:00
networkException
10fc05bfc1
nixos/matrix-synapse: allow synapse to write to directories of unix socket paths 
this patch takes the path of all unix socket listeners and appends their
respective parent directories to the ReadWritePaths allow list for the
matrix-synapse systemd service.

previously configuring a unix socket in a directory not writable by
synapse would fail.
 2024-03-01 02:36:29 +01:00
Sandro
bbabfca453
Merge pull request #263765 from numinit/armagetronad-module 
nixos/armagetronad: Add module with NixOS tests
 2024-03-01 00:46:34 +01:00
Sandro
b8ec4c1475
Merge pull request #290449 from Kiskae/patch-2 
nixos/podman: pass proxy variables to podman API
 2024-03-01 00:37:27 +01:00
Sandro
daa33a4bf7
Merge pull request #287299 from SuperSandro2000/unbound-checkconf 
nixos/unbound: check validity of config file
 2024-03-01 00:33:36 +01:00
V
ff990ea66a nixos/nixseparatedebuginfod: fix compatibility with Nix 2.3 
Appending to options with the `extra-` prefix was added in Nix 2.4,
which makes config validation fail on this version without the guard.

Change-Id: Ie253978dbaf00b228fecc08698a3dcc01cd2d82b
 2024-02-29 23:10:31 +01:00
Rob Pilling
979ae4c6e5 nixos/ebusd: fix logging overrides 
This fixes #292131 - currently we specify --log=all:<level>, which
overrides all other log areas. Specifying this first allows the
further log areas to be specified without being replaced.
 2024-02-29 21:02:26 +00:00
Kerstin
51363e5c0d
Merge pull request #280628 from h7x4/nixos-module-update-kanidm-add-backup-dir-to-bindpaths 
nixos/kanidm: declare `online_backup` options
 2024-02-29 15:19:34 +01:00
Michele Guerini Rocco
11b122ec70
Merge pull request #292185 from dotlambda/searxng-mainProgram 
searxng: set meta.mainProgram
 2024-02-29 14:19:51 +01:00
Hans Christian Schmitz
3f86bd950c
nixos/pipewire: add docs for passthru.requiredLv2Packages 2024-02-29 13:28:04 +01:00
Hans Christian Schmitz
b97450b007
nixos/wireplumber: fix incorrect option name in docs 2024-02-29 13:28:04 +01:00
Arnout Engelen
728d2d1fd9
Merge pull request #287805 from raboof/sway-update-to-1.9 
sway: 1.8.1 -> 1.9.0
 2024-02-29 12:06:52 +01:00
Arnout Engelen
36e51d7cbf
sway: 1.8.1 -> 1.9.0 
Co-authored-by: Phileas Lebada <norpol@users.noreply.github.com>
Co-authored-by: éclairevoyant <848000+eclairevoyant@users.noreply.github.com>
 2024-02-29 11:37:30 +01:00
networkException
644eac31e6
nixos/matrix-sliding-sync: document unix socket support in SYNCV3_BINDADDR 2024-02-29 11:03:01 +01:00
Leona Maroni
3302864e6e
Merge pull request #292030 from Flakebi/paperless 
paperless: fix uploading files via local folder
 2024-02-29 08:10:28 +01:00
Robert Schütz
3330e3c9c3 nixos/searx: use lib.getExe 2024-02-28 17:51:24 -08:00
Silvan Mosberger
cd5dc76d83 substitute: Deprecate replacements, introduce replacementsList 
Also:
- Add tests
- Treewide update
- Improve docs
 2024-02-29 00:35:27 +01:00
abysssol
8720397720 nixos/ollama: replace incorrect use of overrideAttrs 
The bug prevents nixos from compiling
if the ollama service is built with cuda enabled.
 2024-02-28 17:15:30 -05:00
Julian Stecklina
a9822fa200 nixos/virtualbox-host: expose option to run with KVM 2024-02-28 17:36:22 +01:00
K900
7d93928492 nixos/release: add Plasma 6 ISO variant 2024-02-28 18:49:33 +03:00
K900
2614e40893 sddm: add Wayland to the wrapper if enabled 2024-02-28 18:49:33 +03:00
K900
7b74d9a4ac sddm: 0.20.0-unstable -> 0.21.0 2024-02-28 18:49:33 +03:00
K900
ad1b1e8aca nixos/gnupg: check for plasma 6 2024-02-28 18:49:33 +03:00
K900
3f650b567f nixos/plasma6: init 2024-02-28 18:49:33 +03:00
K900
8be79e54c5 nixos/pam/kwallet: rename option, allow setting package 2024-02-28 18:49:33 +03:00
K900
2248bdfbbc nixos/sddm: add extraPackages option 2024-02-28 18:49:12 +03:00
André Vitor de Lima Matos
675ad00f22
pipewire: fix wireplumber config paths 
Quickfix for systemWide pipewire after #282377
 2024-02-28 10:46:52 -03:00
nikstur
380f36f350 nixos/systemd: include systemd-boot-random-seed.service 
This is necessary to properly refresh the boot loader random seed.
See https://www.freedesktop.org/software/systemd/man/latest/systemd-boot-random-seed.service.html#
 2024-02-28 12:14:06 +01:00
nikstur
bd4c49f29b nixos/systemd: remove a superfluous override 
This is already the upstream default.
 2024-02-28 11:45:39 +01:00
Pol Dellaiera
200390b3ed
Merge pull request #291748 from abysssol/update-ollama-0.1.27 
ollama: 0.1.26 -> 0.1.27
 2024-02-28 10:15:42 +01:00
Flakebi
9db96ee839
paperless: fix uploading files via local folder 
The consumer service needs to be in the same namespace as the
task-queue, otherwise they cannot see each others temporary files.
Same as for web uploading.

See also the discussion here:
https://github.com/paperless-ngx/paperless-ngx/discussions/5606
 2024-02-28 09:14:48 +01:00
K900
a64a75a7ca
Merge pull request #291946 from hcsch/pipewire-wireplumber-config-packages-migration 
nixos/pipewire: add assertions for migration to `extraConfig`/`configPackages`
 2024-02-28 09:17:34 +03:00
Morgan Jones
a5c305d170
nixos/armagetronad: address code review feedback 2024-02-27 18:59:37 -08:00
Will Fancher
b9fe04d671
Merge pull request #291825 from WilliButz/repart/max-label-length 
nixos/systemd-repart: add assertion for partition label length
 2024-02-27 20:37:02 -05:00
aleksana
ec87671bd1 nixos/plymouth: improving documentation of logo option 2024-02-28 09:35:44 +08:00
Will Fancher
a587a6a357
Merge pull request #285401 from sdht0/systemd-boot-xbootldr 
nixos/systemd-boot: Add support for an XBOOTLDR partition
 2024-02-27 20:35:03 -05:00
Will Fancher
031978580c
Merge pull request #291882 from philiptaron/systemd-networkd/boolValuesPlus 
nixos/networkd: accept `true` and `false` in addition to "yes" and "no" for DHCP= and LinkLocalAddressing=
 2024-02-27 20:33:08 -05:00
pennae
b71ca1c90a
Merge pull request #291922 from NixOS/mosquitto-2 
nixos/mosquitto: remove stutter in acl file name
 2024-02-28 02:06:01 +01:00
Ryan Lahfa
e53c07f4cc
Merge pull request #291822 from alyssais/zfs-2.1.15 
zfs_2_1: 2.1.14 -> 2.1.15
 2024-02-28 01:43:56 +01:00
Andrew Marshall
1f32eb724d nixos/zfs: Remove enableUnstable in favor of setting package 
This just adds complexity and confusion. Once-upon-a-time, there was no
`package` and only `enableUnstable`, but now it is just confusing to
have both, as it would be possible to do e.g. `package = pkgs.zfs` and
`enableUnstable = true`, but then `enableUnstable` does nothing.
 2024-02-27 19:30:19 -05:00
Hans Christian Schmitz
5f6dca8403
nixos/pipewire: add assertions for migration to extraConfig/configPackages 
The PR #282377 made files/directories specified in
`environment.etc."pipewire<...>"` and `environment.etc."wireplumber<...>"`
conflict with existing configuration of the PipeWire NixOS module due to how
the `configPackages` options were implemented. This sadly wasn't easily
avoidable. As this can cause breakage for users moving from 23.11 to 24.05
though, assertions can help guide them to use `services.pipewire.extraConfig`
or `services.pipewire.configPackages` / `services.wireplumber.configPackages`
instead, fixing the breakage.
 2024-02-28 01:22:28 +01:00
abysssol
5c143f0366 nixos/ollama: override kernelPackages with nvidia driver 
Instead of setting linuxPackages to a singleton set with nvidia_x11,
override the system's kernelPackages with the nvidia driver.
This is more semantically correct, though doesn't change any behavior.
 2024-02-27 18:51:54 -05:00
Andrew Marshall
2e36c49949 nixos/pam: Do not incorrectly use zfs.enableUnstable in assertion 
`zfs.enableUnstable` only has an effect if `zfs.enabled = true`, so only
require `zfs.enabled` to be true here.
 2024-02-27 18:46:00 -05:00
Andrew Marshall
929fcf9335 zfs_unstable: Rename from zfsUnstable 
This matches the naming of other zfs_* pkgs.
 2024-02-27 18:45:55 -05:00
Andrew Marshall
ce5b1e007e nixos/zfs: Fix typo in option doc 2024-02-27 18:45:55 -05:00
e1mo
43fee5401d
nixos/bird-lg: Update option description to indicate new features 
In release v1.3.3[0] support for CIDRs was added, thus updated the
option description to indicate the new support for that.

[0]: https://github.com/xddxdd/bird-lg-go/releases/tag/v1.3.3
 2024-02-27 23:54:21 +01:00
Linus Heckemann
98684f4504
Merge pull request #270611 from astro/systemd-netboot 
Systemd netboot
 2024-02-27 23:44:57 +01:00
Sandro
f9477e3a75
Merge pull request #209506 from Izorkin/update-dhcpcd-exit-hook 
nixos/dhcpcd: optimize exitHook
 2024-02-27 23:01:22 +01:00
Astro
6fbf631a7b nixos netboot: prepend systemd initrd sysroot for store overlay 2024-02-27 22:41:45 +01:00
Sandro
9c1ea5e3a2
Merge pull request #267012 from alois31/plymouth-unbloat 
nixos/plymouth: drop the X11 renderer in the initrd
 2024-02-27 22:28:27 +01:00
Sandro
4c88c797b8
nixos/mosquitto: remove stutter in acl file name 2024-02-27 22:15:43 +01:00
Atemu
97f445e8f1
Merge pull request #245005 from Scrumplex/nixos-monado 
nixos/monado: init
 2024-02-27 20:11:04 +00:00
Sandro Jäckel
6753857664
nixos/tailscale: add option to pass flags to tailscaled 2024-02-27 20:08:08 +01:00
Philip Taron
27d6c242ea
nixos/networkd: accept true and false in addition to "yes" and "no" for DHCP= and LinkLocalAddressing= 
These were the only two systemd configuration values that were missing the `boolValues ++` treatment, according to my `rg` through the codebase.
 2024-02-27 08:53:32 -08:00
WilliButz
4d59ace14f
nixos/systemd-repart: add assertion for partition label length 
The maximum length for a GPT label supported by systemd is 36
characters. When a repart definition contains a label that is longer
than the supported maximum length, it is ignored by systemd-repart and
a log message is produced.

The new assertion makes this obvious to the user at evaluation time,
allowing them to either drop the property entirely or choose a supported
label within the length limit instead.
 2024-02-27 17:38:14 +01:00
Sandro Jäckel
6cd7477733
nixos/hydra: add option for starman workers 
This is useful for small deployments which do not need 5 spare starman
workers taking 160 MB of RAM each.
 2024-02-27 15:45:20 +01:00
Someone Serge
2a63db4e6f
nixos/virtualisation.containers.cdi.dynamic.nvidia: expose driverLink 
..shallowly
 2024-02-27 12:50:59 +00:00
Alyssa Ross
45f1428902
zfs_2_1: 2.1.14 -> 2.1.15 
This adds compatibility with newer kernels, which fixes
nixosTests.zfs.series_2_1, which broke when the default kernel version
was bumped.

This means we no longer need the removeLinuxDRM option at all, but
I've kept it around as a no-op so people can leave it set in case the
same thing happens again in future.
 2024-02-27 13:44:16 +01:00
Someone Serge
65dbac7215
nixos/virtualisation.containers.cdi.dynamic.nvidia: refactor w/ callPackage 2024-02-27 11:59:57 +00:00
Jon Seager
d0b85d47c6
Merge pull request #289863 from mjm/nut-exporter-variables 
nixos/prometheus-nut-exporter: use extraFlags, add nutVariables option
 2024-02-27 11:11:30 +00:00
Siddhartha
b470b4432d nixos/systemd-boot: Add support for an XBOOTLDR partition 2024-02-26 21:55:49 -05:00
Adam C. Stephens
3a3f30d6b9
Merge pull request #291547 from alyssais/zfs-linux-6.6-aarch64 
zfs: update latestCompatibleLinuxPackages
 2024-02-26 21:45:20 -05:00
pennae
13aff9b34c
Merge pull request #259937 from charmoniumQ/patch-1 
nixos/mosquitto: fix ACL permissions
 2024-02-26 22:58:40 +01:00
Atemu
f53c775852
Merge pull request #278454 from litchipi/mealie 
mealie: init at 1.2.0
 2024-02-26 21:01:49 +00:00
Julien Malka
d882852f8b
Merge pull request #291160 from jmbaur/systemd-boot-builder-cross 2024-02-26 21:43:23 +01:00
Luflosi
a982176a71
nixos/memcached: clarify behaviour of enableUnixSocket 
Let's make it clear that enabling this option will disable listening on an IP address and port.
 2024-02-26 15:29:55 +01:00
Pol Dellaiera
033a375a23
Merge pull request #290363 from abysssol/update-ollama-0.1.26 
ollama: 0.1.24 -> 0.1.26
 2024-02-26 15:00:57 +01:00
Alyssa Ross
2b9f043823
zfs: update latestCompatibleLinuxPackages 
ZFS no longer tries to use GPL-only symbols on aarch64.

Tested by building nixosTests.zfs.stable (modified to use Linux 6.6)
and nixosTests.zfs.unstable.
 2024-02-26 12:27:10 +01:00
K900
d596c9b4b5
Merge pull request #291513 from K900/pipewire-lv2 
nixos/pipewire: add LV2 plugins option
 2024-02-26 10:19:28 +03:00
K900
eb74747f38 nixos/pipewire: add LV2 plugins option 
Follow-up #282377.

Some packages may want to load LV2 plugins directly from PipeWire config instead, so add another option to accomodate those.
 2024-02-26 10:04:45 +03:00
Weijia Wang
9798dc0a48
Merge pull request #291464 from Gerg-L/switcheroo2 
nixos/switcherooControl: add package option
 2024-02-26 07:56:34 +01:00
K900
92b9d11129
Merge pull request #282377 from hcsch/pipewire-wireplumber-config-packages 
nixos/pipewire: add configPackages options
 2024-02-26 09:12:06 +03:00
Adam C. Stephens
af810fc67e
Merge pull request #284874 from shlevy/ovmf-ms 
Enable MS-compatible secure boot with OVMF
 2024-02-25 22:34:05 -05:00
Gerg-L
d70c353c16
nixos/switcherooControl: add package option 
clean up
 2024-02-25 20:49:31 -05:00
Michele Guerini Rocco
9fcbb05a2c
Merge pull request #290240 from rhoriguchi/nixos/hardware/printers 
nixos/hardware/printers: fix empty ppdOptions
 2024-02-26 00:08:00 +01:00
abysssol
b8d8c1f207 nixos/ollama: add option for hardware acceleration 2024-02-25 15:57:58 -05:00
Ryan Lahfa
5337ff6a80
Merge pull request #254405 from lf-/jade/nix-path-flakes 
nixos/flake: set up NIX_PATH and system flake registry automatically
 2024-02-25 21:08:19 +01:00
Ryan Horiguchi
a52e27d4f6 nixos/hardware/printers: fix empty ppdOptions 2024-02-25 19:06:35 +01:00
Sandro
f8545e512d
Merge pull request #289166 from thanegill/remove-grub-version 
treewide: remove deprecated grub.version references
 2024-02-25 18:20:33 +01:00
Ryan Lahfa
077d41f9d8
Merge pull request #289856 from pennae/supfs-set 
nixos/filesystems: make supportedFilesystems an attrset
 2024-02-25 18:05:29 +01:00
Thane Gill
e3d82657a2 treewide: remove deprecated grub.version references 2024-02-25 08:29:58 -08:00
Peder Bergebakken Sundt
736c43fecc
Merge pull request #288215 from budimanjojo/patch-1 
nixos/oci-containers: don't login if image exists locally
 2024-02-25 14:32:32 +01:00
0x4A6F
97bca14e41
Merge pull request #290719 from martinetd/atuin 
atuin: small fixes
 2024-02-24 23:05:25 +01:00
RatCornu
2f460b3f53
nixos/suwayomi-server: add option settings.server.extensionRepos 
This option is now a key feature of Suwayomi-Server, so it is
interesting to have it directly available in a quick search.
 2024-02-24 19:43:03 +01:00
github-actions[bot]
d6cc5bb41d
Merge master into staging-next 2024-02-24 18:00:56 +00:00
Sandro
7fab1e2013
Merge pull request #275024 from jerith666/lorri-less-protected 2024-02-24 16:07:13 +01:00
Jared Baur
a786cc0227
nixos/systemd-boot: fix cross for lint check 
Since we are not in a `callPackage` context, dependencies in
`nativeBuildInputs` don't get spliced to the buildPlatform, causing a
cross-compiled nixos system to fail at this step when running mypy built
for the hostPlatform.
 2024-02-24 08:58:57 -06:00
github-actions[bot]
a3e2b0de90
Merge master into staging-next 2024-02-24 12:01:15 +00:00
Colin
a65967a12c nixos/nix: documentation: fix outdated reference to /etc/nix.conf 2024-02-24 21:29:38 +11:00
github-actions[bot]
3affb60f96
Merge master into staging-next 2024-02-24 06:03:30 +00:00
Kira Bruneau
84a19992c3
Merge pull request #285627 from opl-/steam-local-transfers 
nixos/steam: add localNetworkGameTransfers.openFirewall option
 2024-02-23 20:24:40 -05:00
Sandro
806772b178
Merge pull request #274662 from StarGate01/pcscd-debug 2024-02-24 01:23:10 +01:00
github-actions[bot]
8034cefe44
Merge master into staging-next 2024-02-24 00:02:02 +00:00
Sandro
f6b46c1f59
Merge pull request #290119 from cafkafk/kublet-config 2024-02-24 00:34:46 +01:00
Michele Guerini Rocco
ed9121e5d7
Merge pull request #282758 from rht/hardware_no_network 
hddfancontrol & thinkfan: disable network access.
 2024-02-24 00:15:24 +01:00
Fabián Heredia Montiel
db1ee6dfe6 Merge remote-tracking branch 'origin/master' into staging-next 
fastcdr was moved to by-name

Related to:

- https://github.com/NixOS/nixpkgs/pull/290836
 2024-02-23 16:47:01 -06:00
opl
877179c89d nixos/steam: add localNetworkTransfers.openFirewall option 
Steam local network game transfers require TCP port 27040 to be open:
https://steamcommunity.com/groups/SteamClientBeta/discussions/0/3775742015034590856/#c3827537203130812127

They also require UDP port 27036 to allow discovering peers on the same network before a transfer on port 27040 can be initiated.

Co-authored-by: Kira Bruneau <kira.bruneau@pm.me>
 2024-02-23 22:03:24 +01:00
Adam Stephens
6a0ad369f2
nixos/incus: assert nftables is used when firewall is enabled 
incus manages its own firewall rules and prefers nftables. The
advantages of nftables for segmenting multiple tools managing firewall
rules is sufficient to require nftables with incus.

https://linuxcontainers.org/incus/docs/main/howto/network_bridge_firewalld/#use-incus-firewall
 2024-02-23 15:49:33 -05:00
Pol Dellaiera
f9ef0053c5
Merge pull request #288401 from katexochen/bees/refactor 
bee: refactor & update; bee{-unstable,-clef}: remove; maintainers: remove attila-lendvai
 2024-02-23 20:12:41 +01:00
Christoph Honal
6c5bcf43f1 nixos/pcscd: Add extraArgs option 2024-02-23 16:52:36 +01:00
Sefa Eyeoglu
3f7e9baeeb
nixos/monado: prevent Monado from restarting quickly 
Signed-off-by: Sefa Eyeoglu <contact@scrumplex.net>
 2024-02-23 14:25:16 +01:00
Sefa Eyeoglu
0e585a63e2
nixos/monado: make CAP_SYS_NICE wrapper configurable 
Signed-off-by: Sefa Eyeoglu <contact@scrumplex.net>
 2024-02-23 14:25:16 +01:00
Sefa Eyeoglu
2d2493b23d
nixos/monado: add option to make Monado the default OpenXR runtime 
Signed-off-by: Sefa Eyeoglu <contact@scrumplex.net>
 2024-02-23 14:25:15 +01:00
Sefa Eyeoglu
ce36e73fdb
nixos/monado: link OpenXR runtimes 
Signed-off-by: Sefa Eyeoglu <contact@scrumplex.net>
 2024-02-23 14:25:15 +01:00
Sefa Eyeoglu
9003167522
xr-hardware: init at unstable-2023-11-08 
Signed-off-by: Sefa Eyeoglu <contact@scrumplex.net>
 2024-02-23 14:25:15 +01:00
Sefa Eyeoglu
5d57df8a80
nixos/monado: init 
Signed-off-by: Sefa Eyeoglu <contact@scrumplex.net>
 2024-02-23 14:25:15 +01:00
github-actions[bot]
d08f9b5833
Merge master into staging-next 2024-02-23 12:01:18 +00:00
Emery Hemingway
28ffcffcbf nixos/ccache: add options to set ownership of cache dir 2024-02-23 11:08:02 +00:00
Emery Hemingway
d843ec4e3d nixos/ccache: do not "with lib;" 2024-02-23 11:08:02 +00:00
Hans Christian Schmitz
e722c56160
nixos/wireplumber: add required lv2 plugins to service path 2024-02-23 08:58:16 +01:00
Hans Christian Schmitz
5bf2637b48
nixos/wireplumber: add config packages option 2024-02-23 08:58:15 +01:00
Hans Christian Schmitz
054bba560a
nixos/pipewire: add config packages option 2024-02-23 08:57:16 +01:00
Hans Christian Schmitz
992582fdf8
nixos/pipewire: Fix capitalization 
In docs PipeWire and WirePlumber should be capitalized as in this
sentence.
 2024-02-23 08:57:12 +01:00
Christina Sørensen
26036ecf31
kubelet: Set Kubelet Parameters Via A intermediate Configuration File 
Signed-off-by: Christina Sørensen <christina@cafkafk.com>
 2024-02-23 08:55:02 +01:00
Litchi Pi
4ebf2b54b0 nixos/mealie: init module 
Signed-off-by: Litchi Pi <litchi.pi@proton.me>
 2024-02-23 07:15:24 +01:00
Weijia Wang
5f5062d1ef Merge branch 'master' into staging-next 2024-02-23 05:09:55 +01:00
Sandro
80e6bb31d5
Merge pull request #289956 from SuperSandro2000/archisteamfarm 2024-02-23 02:06:03 +01:00
Sandro
78745f4652
Merge pull request #289934 from jnsgruk/scrutiny 2024-02-23 00:43:55 +01:00
Dominique Martinet
85ee3198c7 atuin: Allow setting database.uri to null 
When a password is required to connect to postgres using
services.atuin.database.uri directly would make the password be written
in the nix store, which is suboptimal.
Instead we can have the password in a file accessible only to root by
having systemd read an EnvironmentFile directly, but we must ensure that
this file has priority over the environment set.
Not setting the variable in this case is more straightforward.
 2024-02-23 07:35:21 +09:00
Jon Seager
88d637c6dd
nixos/scrutiny: init 2024-02-22 21:20:10 +00:00
Maxine Aubrey
e1863b4f79
nixos/networkmanager: support stable-ssid for cloned MAC addresses 2024-02-22 18:37:13 +01:00
Martin Weinelt
878609256b
Merge pull request #287348 from mweinelt/fastly-exporter-module 
nixos/prometheus-fastly-exporter: fix runtime environment, refactor, make things prettier
 2024-02-22 16:37:51 +01:00
Someone
ee3923ed7d
Merge pull request #284507 from ereslibre/containers-cdi 
NixOS: Add support for CDI
 2024-02-22 13:03:18 +00:00
github-actions[bot]
024149d718
Merge master into staging-next 2024-02-22 06:01:10 +00:00
Adam C. Stephens
f8131a5a2c
Merge pull request #290288 from mkg20001/lxc-initrd-fix 
nixos/lxc-container: link to prepare-root when boot.initrd.systemd.enable is on
 2024-02-21 22:29:04 -05:00
Jörg Thalheim
87f6f1fcbd
Merge pull request #290490 from nikstur/idempotent-etc-activation 
nixos/etc: make re-mounting /etc overlay idempotent
 2024-02-22 07:23:22 +07:00
nikstur
5df8caced4 nixos/etc: make re-mounting /etc overlay idempotent 2024-02-21 22:54:00 +01:00
Rafael Fernández López
8ba61ebb8a services/hardware: add nvidia-container-toolkit 2024-02-21 22:17:07 +01:00
github-actions[bot]
bd56ae568b
Merge master into staging-next 2024-02-21 18:00:56 +00:00
Kiskae
fe93ea4e8e
nixos/podman: pass proxy variables to podman API 2024-02-21 16:29:11 +01:00
Adam C. Stephens
d1e2847664
Merge pull request #281000 from cablespaghetti/master 
sabnzbd: Add configurability of state directory owner and firewall
 2024-02-21 08:37:46 -05:00
github-actions[bot]
37e32d4bdd
Merge master into staging-next 2024-02-21 06:00:56 +00:00
adisbladis
e4e474fbcf
Merge pull request #273670 from adisbladis/zope2-removal 
nixos/zope2: Remove module
 2024-02-21 17:19:07 +13:00
github-actions[bot]
97c19bdc7e
Merge master into staging-next 2024-02-21 00:02:04 +00:00
Maciej Krüger
39b4c0d686
nixos/lxc-container: link to prepare-root when boot.initrd.systemd.enable is on 
Previously we were doing some parts like activation in the init script,
so linking to that works for non-systemd init

With boot.initrd.systemd.enable we no longer run activation in the init script,
but instead a new script named prepare-root, which is used instead.
 2024-02-20 23:12:41 +01:00
nikstur
911e22e80d
Merge pull request #288277 from WilliButz/uki/boot-counting-suffix 
nixos/boot.uki: add tries option for automatic boot assessment
 2024-02-20 22:50:45 +01:00
Leona Maroni
47b7eb8fd9
nixos/vikunja: remove setupNginx option 
The required nginx configuration is now really simple, and e.g. SSL/ACME
already required the user to interact with `services.nginx.virtualHosts`.
Therefore, and to reduce complexity, we now leave the web server
configuration to the user.
 2024-02-20 22:43:53 +01:00
Leona Maroni
8817f080cc
nixos/vikunja: adapt for vikunja 0.23.0 
This version removes dedicated api and frontend packages.
 2024-02-20 22:43:53 +01:00
Rick van Schijndel
e5e1de76b7
Merge pull request #281058 from wineee/fi 
deepin: don't install packages using freeimage by default
 2024-02-20 20:27:47 +01:00
github-actions[bot]
999dc2b653
Merge master into staging-next 2024-02-20 18:01:22 +00:00