Commit Graph

25841 Commits

Author SHA1 Message Date
pacien
54be076ae7 nixos/exim: apply privilege restrictions
Since 816614bd62, the service is set to use the exim user so that
systemd takes care of the credentials ownership. The executable is
still required to run as root, to then drop privileges. The prefix '+'
that was used however interfers with the use of privilege restrictions
and other sandboxing options. Since we only want to escape the "User"
setting, we can use the '!' prefix instead.
2023-06-05 20:04:48 +02:00
github-actions[bot]
23f7318bde
Merge staging-next into staging 2023-06-05 18:02:10 +00:00
Sandro
048f167595
Merge pull request #233423 from tomaskala/self-deploy-after-network-online
nixos/self-deploy: set after to requires, type to oneshot and remove wantedBy
2023-06-05 19:47:10 +02:00
K900
57e1ea5a18 nixos/libvirtd: don't use cp -n 2023-06-05 19:14:01 +03:00
github-actions[bot]
dd60d8ee46
Merge staging-next into staging 2023-06-05 12:01:45 +00:00
github-actions[bot]
de4f02a6c8
Merge master into staging-next 2023-06-05 12:01:12 +00:00
Florian Klink
4627ee741d
Merge pull request #234877 from ElvishJerricco/auto-format-and-resize-with-systemd
Auto format and resize with systemd
2023-06-05 12:25:02 +03:00
misuzu
45ffb33514 nixos/gotosocial: init
Co-authored-by: Peder Bergebakken Sundt <pbsds@hotmail.com>
2023-06-05 09:07:34 +03:00
Will Fancher
b497502357 nixos: Use systemd-growfs for autoResize 2023-06-04 22:57:22 -04:00
Will Fancher
5176a4f113 nixos: Use systemd-makefs for autoFormat 2023-06-04 22:57:20 -04:00
github-actions[bot]
b2f58f98dd
Merge staging-next into staging 2023-06-05 00:03:13 +00:00
github-actions[bot]
4a640f8bb6
Merge master into staging-next 2023-06-05 00:02:32 +00:00
Sandro
793dd34507
Merge pull request #219602 from 999eagle/traefik-envsubst
nixos/traefik: add environmentFiles option
2023-06-05 00:36:43 +02:00
rnhmjoj
b4e5de4ba4
nixos/hardware/i2c: fix uaccess rule 2023-06-04 21:22:32 +02:00
github-actions[bot]
e97d10016c
Merge staging-next into staging 2023-06-04 18:01:37 +00:00
github-actions[bot]
22e7031b28
Merge master into staging-next 2023-06-04 18:00:59 +00:00
Julien Moutinho
b6ed3b8f40 nixos/public-inbox: explicit a few more freeform settings 2023-06-04 13:09:28 +00:00
Sergei Trofimovich
4e2cfde94e modules: fix fontconfig.nix to use '$dst', not 'dst'
Without the change non-default configs like:

    fonts.fontconfig.subpixel.rgba = "rgb"

fail to build the system as:

    fontconfig-conf> ln: failed to create symbolic link 'dst/': No such file or directory
2023-06-04 09:45:28 +01:00
github-actions[bot]
f39e9954d2
Merge staging-next into staging 2023-06-04 06:01:52 +00:00
github-actions[bot]
e50c762dbb
Merge master into staging-next 2023-06-04 06:01:17 +00:00
Tom Siewert
50d66bcba6
nixos/gitlab: Fix config reference for registry (#235639)
Support for gitlab-container-registry has been added in 014816cbe4.
However, when enabling the registry it will throw an error as it can't
find a `package` attribute.

This commit fixes the registry configuration by adding the missing
`registry` part.
2023-06-04 02:32:35 +02:00
github-actions[bot]
5fc7c08add
Merge staging-next into staging 2023-06-03 18:02:23 +00:00
github-actions[bot]
d8ea5b9435
Merge master into staging-next 2023-06-03 18:01:49 +00:00
Jan Tojnar
b575d76ce1 nixos/gdm: Do not require GTK for account-service-util 2023-06-03 17:31:15 +02:00
Sefa Eyeoglu
bd97ff5ff4 nixos/fontconfig: Change default antialiasing style to greyscale instead of subpixel
fontconfig before version 2.13.1 was apparently implicitly not using
subpixel antialiasing. The fontconfig NixOS module deviated from this,
using subpixel antialiasing with `rgb` layout by default. In fontconfig
2.14.1, subpixel antialiasing was inadvertently enabled as the default:
2b6afa02ab

According to https://gitlab.freedesktop.org/fontconfig/fontconfig/-/issues/337,
that deviates from GNOME/GTK’s defaults, which resulted in apps taking the
settings directly from fontconfig (e.g. Firefox) from diverging from GNOME
programs.

The change was subsequently reverted in 2.14.2, choosing the greyscale
antialiasing explicitly: 030759b74f
Let’s reflect this default setting in the NixOS module.

Co-authored-by: Jan Tojnar <jtojnar@gmail.com>
Signed-off-by: Sefa Eyeoglu <contact@scrumplex.net>
2023-06-03 16:02:22 +02:00
Sefa Eyeoglu
b5d2d701d1 nixos/fontconfig: refactor antialias option for fontconfig 2.14.1
`sub-pixel` has been enabled by default since 2.14.1: 2b6afa02ab
`antialias` since 2.14.1: 0825a178e8
`lcdfilter` since 2.13.95: e1c7c6d744
`hintstyle` since 2.12.1: 98434b3392

Signed-off-by: Sefa Eyeoglu <contact@scrumplex.net>
2023-06-03 16:02:22 +02:00
github-actions[bot]
4e2bb74acd
Merge master into staging-next 2023-06-03 12:01:39 +00:00
happysalada
ba3d0f7a95 nixos/gitea: requires database 2023-06-03 05:14:46 -04:00
Bruno Adelé
0498957eac
nixos/smokeping: Fix smokeping preStart systemd 2023-06-03 08:06:18 +02:00
github-actions[bot]
6a837d8fb1
Merge master into staging-next 2023-06-03 06:01:11 +00:00
Gabriel Fontes
dff2e184f4 nixos/prometheus.exporters.graphite: init 2023-06-03 03:13:09 +00:00
Gabriel Fontes
147668b8cf nixos/sitespeed-io: init 2023-06-03 03:12:51 +00:00
github-actions[bot]
4b2e2c8b39
Merge master into staging-next 2023-06-03 00:02:20 +00:00
happysalada
ee1c6053fb nixos/ntfy-sh: use dynamic user and add defaults 2023-06-02 15:22:14 -04:00
github-actions[bot]
6084eca7dc
Merge master into staging-next 2023-06-02 18:01:04 +00:00
Linus Heckemann
15c3a653d5
Merge pull request #235440 from lheckemann/garage
nixos/garage: allow unsafe replication modes, restart on config change
2023-06-02 19:22:03 +02:00
Linus Heckemann
c4f727c944 nixos/garage: allow unsafe replication modes, restart on config change 2023-06-02 18:11:44 +02:00
K900
e534047e2d
Merge pull request #234620 from linj-fork/fix/murmur-after
nixos/murmur: make it be after network.target again
2023-06-02 18:13:12 +03:00
Ryan Lahfa
4a4238a840
Merge pull request #235143 from wlcx/patch-1
nixos/pixelfed: fix broken try_files
2023-06-02 17:12:14 +02:00
Ryan Lahfa
0902958046
Merge pull request #235295 from nikstur/qemu-vm-improve-comments-and-docs
nixos/qemu-vm: improve comments and option descriptions
2023-06-02 15:34:49 +02:00
Bobby Rong
7f96a08418
Merge pull request #235511 from bobby285271/upd/cinnamon-bpo
Cinnamon updates 2023-06-02
2023-06-02 21:25:34 +08:00
Bobby Rong
68dd259958
Merge pull request #235514 from bobby285271/upd/pantheon
Pantheon updates 2023-06-02
2023-06-02 20:36:02 +08:00
github-actions[bot]
c8021f68a8
Merge master into staging-next 2023-06-02 12:01:23 +00:00
Bobby Rong
e447cb9776
nixos/pantheon: enable xdg-desktop-portal-gtk by default 2023-06-02 19:29:26 +08:00
Ryan Lahfa
32630256f2
Merge pull request #235424 from AmineChikhaoui/ec2-amis-rel-23.05 2023-06-02 12:18:48 +02:00
github-actions[bot]
1625d790e1
Merge staging-next into staging 2023-06-02 06:01:45 +00:00
Bobby Rong
7cf3428fd5
nixos/cinnamon: fix slick-greeter icon theme package default 2023-06-02 11:40:09 +08:00
Nick Cao
9e2fa20321
Merge pull request #235425 from 999eagle/fix/nitter
nixos/nitter: fix proxy option
2023-06-01 20:26:54 -06:00
github-actions[bot]
8b93c4f667
Merge staging-next into staging 2023-06-02 00:03:07 +00:00
Silvan Mosberger
d4fe69faea nix-fallback-paths.nix: Update to 2.15.1 2023-06-01 22:55:14 +02:00
Thiago Kenji Okada
99d37f54f0 nixos/sway: fix package option documentation 2023-06-01 19:40:02 +00:00
Sophie Tauchert
2dbd1e56c1
nixos/nitter: fix proxy option 2023-06-01 19:59:48 +02:00
Amine Chikhaoui
709043ed97
add release 23.05 AWS AMIs 2023-06-01 13:46:53 -04:00
Doron Behar
5b6c95c4cb nixos/nextcloud: Mention that adminpassFile is only used on startup 2023-06-01 15:43:51 +03:00
github-actions[bot]
e8e956566c
Merge staging-next into staging 2023-06-01 12:02:11 +00:00
Pol Dellaiera
3090855141
Merge pull request #232360 from drupol/nixos/refactor-code-server
nixos/code-server: add tests and more command line options
2023-06-01 13:56:01 +02:00
github-actions[bot]
52e40d8261
Merge staging-next into staging 2023-06-01 00:03:14 +00:00
nikstur
003fec835c nixos/qemu-vm: remove grub references from useBootLoader description 2023-06-01 01:38:08 +02:00
nikstur
8ea8154a32 nixos/qemu-vm: (re-)move old/incorrect comments 2023-06-01 01:38:06 +02:00
Yaya
e9594e6031 nixos/gitlab: Warn users who are still using an external registry
This adds a warning for GitLab >=16.0.0 users who are still using an
external container registry such as `pkgs.docker-distribution`. Support
for external container registries has ended in GitLab 16.0 [1] and is
scheduled for removal in a future release. [2]

[1]: https://gitlab.com/gitlab-org/gitlab/-/issues/376217
[2]: https://gitlab.com/gitlab-org/gitlab/-/issues/403322
2023-05-31 22:14:25 +02:00
Yaya
014816cbe4 nixos/gitlab: Add support for gitlab-container-registry
Support for external container registries (namely
`pkgs.docker-distribution`) has ended in GitLab 16.0 [1] and is
scheduled for removal in a future release. [2]

This commit adds a new registry package option, defaulting to
`pkgs.docker-distribution` and `pkgs.gitlab-container-registry` for
system state versions >= 23.11.

While it is still possible to use the docker container registry, module
users should switch to gitlab's container registry fork soon. A warning
message will be added in a future commit to advise affected users to
back up their state and then switch to the new container registry
package.

[1]: https://gitlab.com/gitlab-org/gitlab/-/issues/376217
[2]: https://gitlab.com/gitlab-org/gitlab/-/issues/403322
2023-05-31 22:14:25 +02:00
Yaya
049d680510 nixos/dockerRegistry: add package option
This allows the module user to select an alternative container registry
package such as `pkgs.gitlab-container-registry` for GitLab users.
2023-05-31 22:14:25 +02:00
Yaya
2a4536952a nixos/gitlab: Require at least postgresql 13.6
https://docs.gitlab.com/16.0/ee/install/requirements.html#postgresql-requirements
2023-05-31 22:14:25 +02:00
Yaya
4321e48b68 nixos/gitlab: Remove procps from gitaly service
From my understanding, procps was added to the gitlay systemd service
path in #58487 to fix gitaly-ruby's internal memory leak detection.

Now that the last ruby remnants have been removed in gitaly 16.0.0,
this should not be necessary anymore.
2023-05-31 22:14:25 +02:00
Yaya
33411f2768 nixos/gitlab: Update redis configuration
Configuring Redis via environment variable is not supported anymore
since [1].

[1] 1242965361
2023-05-31 22:14:25 +02:00
Yaya
6fed71cab2 gitaly: Remove ruby dependencies
Ruby dependencies in gitaly have been removed in the 16.0.0 release. [1]

See GitLab Epic &2862 [2] for more info.

[1]: 689556e70a
[2]: https://gitlab.com/groups/gitlab-org/-/epics/2862
2023-05-31 22:14:25 +02:00
github-actions[bot]
e436cc21a6
Merge staging-next into staging 2023-05-31 18:01:35 +00:00
Kira Bruneau
7e820610e3
Merge pull request #234207 from emilylange/acme-dns
acme-dns: init at 1.0; nixos/acme-dns: init; nixos/acme-dns: init
2023-05-31 11:40:35 -04:00
emilylange
d0af39521b
nixos/acme-dns: init 2023-05-31 15:08:37 +02:00
Sandro Jäckel
fdb8f4994a
vaapiIntel: rename to intel-vaapi-driver
I tripped over this way to often and a package attr matching the pname
is way nicer, anyway.
2023-05-31 15:05:32 +02:00
github-actions[bot]
323e9a44c2
Merge staging-next into staging 2023-05-31 12:01:43 +00:00
r-vdp
2b63df0a03 modules/sshd: print the offending keys when we detect duplicate sshd keys. 2023-05-31 12:07:06 +02:00
Sam W
6ad72aa37e
nixos/pixelfed: fix broken try_files
Add missing $ to try files directive. This fixes pixelfed federation and search, amongst presumably many other things!
2023-05-31 15:19:23 +08:00
github-actions[bot]
4265b54868
Merge staging-next into staging 2023-05-30 18:01:44 +00:00
github-actions[bot]
7443b1efc5
Merge staging-next into staging 2023-05-30 12:01:46 +00:00
Aaron Andersen
d098eec2da nixos/vmalert: init 2023-05-30 07:41:00 -04:00
Nick Cao
93ebabefb2
Merge pull request #234930 from NickCao/maddy
maddy: 0.6.3 -> 0.7.0
2023-05-30 05:16:51 -06:00
github-actions[bot]
36927e8629
Merge staging-next into staging 2023-05-30 06:01:32 +00:00
Jonas Heinrich
63f73b3295
nixos/maddy: change secrets option to accept a list of paths 2023-05-30 12:41:07 +08:00
github-actions[bot]
1df97aede2
Merge staging-next into staging 2023-05-30 00:02:56 +00:00
Gaetan Lepage
d93dc82ee9 nixos/river: fix display manager error 2023-05-29 22:41:48 +02:00
3JlOy_PYCCKUI
22c8251d7f nixos/dk: init 2023-05-29 19:05:55 +00:00
Will Fancher
76d668fae7
Merge pull request #227628 from m-bdf/logind-handle-keys
nixos/logind: Add key handling options
2023-05-29 14:31:43 -04:00
github-actions[bot]
5611fa71ab
Merge staging-next into staging 2023-05-29 18:01:43 +00:00
Julien Malka
9631553153 Revert "nixos/ntfy-sh: add defaults, use dynamic user"
This reverts commit 3dcca62a5e.
2023-05-29 11:11:32 -04:00
Florian Klink
8b8a64d737
Merge pull request #234442 from rnhmjoj/pr-fix-ifnames
network-interfaces-scripted: fix interface cleanup
2023-05-29 15:14:12 +02:00
github-actions[bot]
a0de937efb
Merge staging-next into staging 2023-05-29 12:02:05 +00:00
Weijia Wang
4387329d8f
Merge pull request #234729 from tie/pufferpanel-doc-fhsenv
nixos/pufferpanel: buildFHSUserEnv -> buildFHSEnv
2023-05-29 10:56:11 +03:00
Ivan Trubach
0143b16935 nixos/pufferpanel: buildFHSUserEnv -> buildFHSEnv
The pufferpanel module (#225274) was merged shortly after the tree-wide
rename f63a12f296 (#225748), so the use of
deperecated buildFHSUserEnv in the docs slipped through review 😅
2023-05-29 07:08:19 +03:00
happysalada
3dcca62a5e nixos/ntfy-sh: add defaults, use dynamic user 2023-05-28 21:17:14 -04:00
Lin Jian
0ae9df6c5e
nixos/murmur: make it be after network.target again
network.target was changed to network-online.target in this PR[1] to
workaround an issue[2].

The murmur version in Nixpkgs has fixed that issue[2].

[1]: https://github.com/NixOS/nixpkgs/pull/42860
[2]: https://github.com/mumble-voip/mumble/issues/1629
2023-05-28 21:03:40 +08:00
github-actions[bot]
19efa11381
Merge staging-next into staging 2023-05-28 06:01:45 +00:00
Bobby Rong
838dad5de9
Merge pull request #234231 from bobby285271/add/xdg-desktop-portal-xapp
xdg-desktop-portal-xapp: init at 1.0.0
2023-05-28 10:52:30 +08:00
github-actions[bot]
003f914d04
Merge staging-next into staging 2023-05-28 00:03:10 +00:00
Thomas Gerbet
a24848c470 nixos/etcd: allow to choose the package 2023-05-28 08:04:43 +10:00
Ryan Lahfa
77a1c48cca
Merge pull request #232011 from GaetanLepage/river
nixos/river: init module
2023-05-27 22:30:51 +02:00
github-actions[bot]
9441fc25d1
Merge staging-next into staging 2023-05-27 18:01:38 +00:00
Victor Freire
77520d39ce nixos/legit: init 2023-05-27 16:20:05 +00:00
Raito Bezarius
09d1022782 nixos/qemu-vm: fix 32-bits assert for memorySize
It should be an implication, rather than &&.
2023-05-27 17:20:08 +02:00
Martin Weinelt
108721e4d1
Merge pull request #170473 from NixOS/grahamc-patch-3
networkd: support specifying the ClientIdentifier for DHCPv4 options
2023-05-27 16:55:30 +02:00
Ryan Lahfa
537c6ede55
Merge pull request #234266 from emilylange/qemu-vm-2047mb
nixos/qemu-vm: add `virtualisation.memorySize < 2048` assertion on 32bit
2023-05-27 15:31:00 +02:00
rnhmjoj
6732106210
network-interfaces-scripted: fix interface cleanup
There is apparently a bug in the parser of iproute2 where the command
`ip link show <devname>` will not show the device but list all
interfaces (equivalent to `ip link show`) if devname is equal to one of
the flags of `ip-address(8)`. For example, `home`, or `optimistic`.

This bug causes a false positive in the clean up command of the
<devname>-netdev.service, the service fails and the interface is never
configured.

To avoid the bug we can simply use `ip link show dev <devname>`.
2023-05-27 15:09:22 +02:00
Graham Christensen
479712af11
networkd: support specifying the ClientIdentifier for DHCPv4 options 2023-05-27 15:06:06 +02:00
github-actions[bot]
824f05f73f
Merge staging-next into staging 2023-05-27 06:01:44 +00:00
Nick Cao
cf58ff13a3
Merge pull request #234254 from kevincox/mautrix-facebook-appservice-id
nixos.mautrix-facebook: Fix appservice name
2023-05-26 19:48:00 -06:00
Alyssa Ross
191075fa83
Merge remote-tracking branch 'origin/staging-next' into staging
Conflicts:
	pkgs/os-specific/linux/kernel/patches.nix
	pkgs/top-level/linux-kernels.nix
2023-05-26 18:37:26 +00:00
Raito Bezarius
69bb0f94de nixos/nginx: first-class PROXY protocol support
PROXY protocol is a convenient way to carry information about the
originating address/port of a TCP connection across multiple layers of
proxies/NAT, etc.

Currently, it is possible to make use of it in NGINX's NixOS module, but
is painful when we want to enable it "globally".
Technically, this is achieved by reworking the defaultListen options and
the objective is to have a coherent way to specify default listeners in
the current API design.
See `mkDefaultListenVhost` and `defaultListen` for the details.

It adds a safeguard against running a NGINX with no HTTP listeners (e.g.
only PROXY listeners) while asking for ACME certificates over HTTP-01.

An interesting usecase of PROXY protocol is to enable seamless IPv4 to
IPv6 proxy with origin IPv4 address for IPv6-only NGINX servers, it is
demonstrated how to achieve this in the tests, using sniproxy.

Finally, the tests covers:

- NGINX `defaultListen` mechanisms are not broken by these changes;
- NGINX PROXY protocol listeners are working in a final usecase
  (sniproxy);
- uses snakeoil TLS certs from ACME setup with wildcard certificates;

In the future, it is desirable to spoof-attack NGINX in this scenario to
ascertain that `set_real_ip_from` and all the layers are working as
intended and preventing any user from setting their origin IP address to
any arbitrary, opening up the NixOS module to bad™ vulnerabilities.

For now, it is quite hard to achieve while being minimalistic about the
tests dependencies.
2023-05-26 19:48:26 +02:00
emilylange
5dbd4f3243
nixos/qemu-vm: add virtualisation.memorySize < 2048 assertion on 32bit 2023-05-26 19:43:58 +02:00
Kevin Cox
5242aea64f
nixos.mautrix-facebook: Fix appservice name
It appears that newer mautrix-facebook versions default to the appservice name `facebook`. This was breaking our registration and causing mautrix-facebook to fail to start. This changes the name back and makes the registration generated match whatever the setting in the app is.
2023-05-26 12:39:37 -04:00
Bobby Rong
36abd7c9f8
nixos/cinnamon: enable portals by default 2023-05-26 23:53:15 +08:00
Ryan Lahfa
435237d641
Merge pull request #233350 from GrahamDennis/grahamdennis/testing-networks
nixos/qemu-vm: add option for named network interfaces
2023-05-26 15:57:01 +02:00
Alyssa Ross
a92bc576b1
nixos/stage-1: support bind mounts of files
On my system, / is tmpfs, and /etc/machine-id is bind mounted from
/persist.
2023-05-26 13:26:48 +00:00
Pol Dellaiera
2c95ebadf3
nixos/code-server: add more command line options 2023-05-26 09:51:33 +02:00
github-actions[bot]
59b8a4fae6
Merge staging-next into staging 2023-05-26 06:01:46 +00:00
lucasew
8587646ef3 nixos/virtualisation/google-compute-config: minor refactoring
Signed-off-by: lucasew <lucas59356@gmail.com>
2023-05-26 00:56:32 +00:00
github-actions[bot]
255911fcb9
Merge staging-next into staging 2023-05-26 00:02:51 +00:00
Lily Foster
83e9bcb109
Merge pull request #231891 from SuperSandro2000/gst-plugins-bad
nixos/no-x-libs: add gst-plugins-bad, gst-plugins-rs
2023-05-25 19:25:00 -04:00
Yaya
f63f781063 nixos/sftpgo: init
A fully featured and highly configurable SFTP server with optional
HTTP/S, FTP/S and WebDAV support.

https://github.com/drakkan/sftpgo
2023-05-25 22:46:15 +02:00
Jenny
0adbf8feb4
nixos/pam_mount: fix mounts without options (#234026)
This commit adds a comma in front of the given options, which makes the
mounts still succeed even if no options are given.

Fixes #233946
2023-05-25 22:45:59 +02:00
Sandro
86b0cdb24b
Merge pull request #233517 from illustris/pve-fix
nixos/proxmox-image: fix qemu build failure
2023-05-25 22:07:14 +02:00
Sandro
ef2a17c946
Merge pull request #232339 from bl1nk/bl1nk/thelounge-package-option
nixos/thelounge: add package option
2023-05-25 22:04:22 +02:00
Will Fancher
fe43923a70
Merge pull request #229767 from mberndt123/mberndt123/stratis-rootfs
nixos/stratis: initrd support for stratis root volumes
2023-05-25 14:06:31 -04:00
Sandro
1b40315504
Merge pull request #233092 from midchildan/chore/mirakurun/node18 2023-05-25 14:47:50 +02:00
illustris
6a20c13258
nixos/proxmox-image: fix qemu build failure 2023-05-25 16:25:43 +05:30
Gaetan Lepage
8f421acbc5 nixos/river: init module 2023-05-25 00:05:23 +02:00
Gaetan Lepage
c7bd5289d6 nixos/programs: factor out wayland-session common options 2023-05-25 00:04:22 +02:00
nyanotech
3aad03a464 nixos/sshd: detect duplicate config keys 2023-05-25 00:01:03 +02:00
Sandro Jäckel
94baf8bfd9
nixos/no-x-libs: add gst-plugins-bad 2023-05-24 20:49:08 +02:00
midchildan
c3346f87c4
mirakurun: use node 18
Relates to #229910.
2023-05-25 03:44:13 +09:00
Maximilian Bosch
40dcc3375c
Merge pull request #232837 from emilylange/nixos/synapse
nixos/synapse: allow omitting `trusted_key_servers[].verify_keys`
2023-05-24 16:28:03 +02:00
Tomas Kala
37c95bc868
nixos/self-deploy: set after to requires, type to
... oneshot, remove wantedBy
2023-05-24 14:05:17 +02:00
Graham Dennis
93502aa3b1 nixos/qemu-vm: add option for named network interfaces
Adds a new option to the virtualisation modules that enables specifying explicitly named network interfaces in QEMU VMs.
The existing `virtualisation.vlans` option is still supported for cases where the name of the network interface is irrelevant.
2023-05-24 08:54:20 +10:00
Ryan Lahfa
0d13962366
Merge pull request #233518 from tie/bios-bootable-x86
nixos/iso-image: enable BIOS boot by default if possible
2023-05-23 17:05:21 +02:00
Ryan Lahfa
078d3ebcaa
Merge pull request #232235 from cyberus-technology/outline-0.69.2
outline: 0.68.1 -> 0.69.2
2023-05-23 15:14:18 +02:00
Robert Hensing
983bf78c16
Merge pull request #233397 from Kranzes/hci-module
nixos/hercules-ci-agent: sync module with upstream
2023-05-23 14:17:28 +02:00
Alexander Sieg
74bc42615c
outline: 0.68.1 -> 0.69.2 2023-05-23 10:44:02 +02:00
Maximilian Bosch
c0bbecef87
Merge pull request #232276 from LeSuisse/broken-php80-packages
grocy, limesurvey: mark as broken due to lack of PHP 8.1 compatibility
2023-05-23 07:19:17 +02:00
Ivan Trubach
c68a5bb85a nixos/iso-image: enable BIOS boot by default if possible
The change introduced in commit e5b072eca1
breaks backwards compatibility for some users, see
e5b072eca1 (commitcomment-113775008)
https://github.com/NixOS/nixpkgs/pull/219351#discussion_r1139773448

This change updates the implementation to enable BIOS boot if possible
for the build and host platforms, and also assert that BIOS boot is not
enabled for non-x86 host platforms.
2023-05-23 04:43:31 +03:00
Sandro
493c6d8505
Merge pull request #233053 from midchildan/chore/epgstation/node18
epgstation: use node18 + other fixes
2023-05-23 01:48:26 +02:00
0x4A6F
afad0c152b
Merge pull request #214428 from mweinelt/frigate-init
frigate: init at 0.12.0
2023-05-22 18:29:37 +02:00
Ryan Lahfa
2e1e1f8765
Merge pull request #231502 from SuperSandro2000/portunus-openldap
nixos/portunus: use openldap compiled with libxcrypt-legacy
2023-05-22 18:20:52 +02:00
Naïm Favier
7b28ea6783
Merge pull request #233377 from ncfavier/revert-226088
Revert "nixos/syncthing: use rfc42 style settings"
2023-05-22 16:35:04 +02:00
Martin Weinelt
f11d33afb7
nixos/frigate: init 2023-05-22 16:29:54 +02:00
Martin Weinelt
958fc81472
Merge pull request #216786 from mweinelt/go2rtc
go2rtc: init at 1.5.0
2023-05-22 16:00:54 +02:00
Will Fancher
636e03bef3
Merge pull request #232533 from nikstur/systemd-repart-create-root
nixos/systemd-repart: enable creating root partition
2023-05-22 09:13:00 -04:00
Ilan Joselevich
ebafd551d7
nixos/hercules-ci-agent: sync module with upstream 2023-05-22 15:05:16 +03:00
ners
afdf7705ad nixos/iso-image: add some types 2023-05-22 13:01:56 +02:00
ners
c281a355fe nixos/iso-image: prepend to ISO menu labels 2023-05-22 11:25:00 +02:00
Naïm Favier
d5e090d2d8
Revert "nixos/syncthing: use rfc42 style settings"
This reverts commit 32866f8d58.
This reverts commit 40a2df0fb0.
This reverts commit 4762932601.
2023-05-22 10:29:52 +02:00
Ryan Lahfa
0e662e669a
Merge pull request #227642 from Flakebi/powerdns-admin2
powerdns-admin: 0.3.0 -> 0.4.1
2023-05-22 09:30:24 +02:00
Martin Weinelt
eae2018b54
nixos/go2rtc: init 2023-05-22 03:48:47 +02:00
Flakebi
1a13b4c0f9
powerdns-admin: 0.3.0 -> 0.4.1
- Fix with flask-migrate 4+
- Update to 0.4.1
- Improve the test to check that using the database works
2023-05-22 00:39:58 +02:00
midchildan
94eb60a7d2
nixos/epgstation: add a new option 'ffmpeg'
Closes #187120.
2023-05-22 05:24:19 +09:00
midchildan
059006b84b
nixos/epgstation: add required directories to tmpfiles.d 2023-05-22 05:24:18 +09:00
Aaron Andersen
9889d76032
Merge pull request #232607 from plumelo/feat/redmine-5
redmine: 4.2.10 -> 5.0.5
2023-05-21 14:33:01 -04:00
Sandro Jäckel
0000000324
nixos/portunus: use openldap compiled with libxcrypt-legacy
It hardcodes sha256 crypt and the managed slapd crash loops otherwise.
2023-05-21 18:54:56 +02:00
Sandro
a74a4a2f32
Merge pull request #232534 from teutat3s/zhf/fix-prometheus-exporter-jitsi
jitsi-videobridge: refactor broken `apis` option to `colibriRestApi`
2023-05-21 18:43:59 +02:00
Sandro
59cb287790
Merge pull request #231260 from Luflosi/update/kubo
kubo: 0.19.2 -> 0.20.0
2023-05-21 17:15:22 +02:00
pennae
727086540f
Merge pull request #233238 from emilylange/username-change
maintainers: rename indeednotjames to emilylange
2023-05-21 17:07:05 +02:00
Sandro
b34c560d19
Merge pull request #186582 from midchildan/fix/epgstation-var-empty
nixos/epgstation: fix startup issue
2023-05-21 16:57:54 +02:00
emilylange
b0e7f7f5db
maintainers: rename indeednotjames to emilylange 2023-05-21 16:01:35 +02:00
teutat3s
cb81bd9340
jitsi-videobridge: refactor broken apis option to
colibriRestApi

Refactor option to use jvb.conf and convert to boolean. Using the CLI
argument broke a while ago and is deprecated by upstream since 2021:
https://github.com/jitsi/jitsi-videobridge/pull/1738/files#diff-d9f589d2aae1673693461d7c3b9214324201ca1f43db63a3c773d4acfc52bc81

This fixes the currently broken test:
nixosTests.prometheus-exporters.jitsi
2023-05-21 15:31:14 +02:00
Ilan Joselevich
5f6ad63b4f
Merge pull request #233037 from SuperSandro2000/libvirt-polkit
nixos/libvirtd: enable polkit
2023-05-20 20:03:22 +03:00
Jenny
7abd408b7f
nixos/pam_mount: fix cryptmount options (#232873)
There was a bug in the pam_mount module that crypt mount options were
not passed to the mount.crypt command. This is now fixed and
additionally, a cryptMountOptions NixOS option is added to define mount
options that should apply to all crypt mounts.

Fixes #230920
2023-05-20 17:40:36 +02:00
Sandro Jäckel
64361e26b2
nixos/libvirtd: enable polkit
it is enforced by an assert anyway
2023-05-20 17:30:34 +02:00
figsoda
701bcdbead nixos: fix typos 2023-05-19 22:31:04 -04:00
Weijia Wang
e70a5fac10
Merge pull request #231744 from wineee/pinentryFlavor
nixos/gnupg: default to qt pinentry program in deepin
2023-05-20 03:04:49 +03:00
Bjørn Forsman
ef85c3fe51 nixos: use passAsFile to avoid "Argument list too long" error
This patch fixes "Argument list too long" build failure when passing a
list of store paths to system.extraDependencies that exceeds Linux'
MAX_ARG_STRLEN limit of 128 KiB. With the shortest possible derivation
names (one byte), the 128 KiB limit is equivalent to about 2850
derivations. With longer derivations names, the limit is hit earlier.
Fix this restriction.
2023-05-19 22:31:31 +02:00
Matthias Berndt
765349d345 minor refactoring 2023-05-19 10:22:45 -04:00
nikstur
ef80e11032 nixos/systemd-repart: enable creating root partition 2023-05-19 15:54:55 +02:00
IndeedNotJames
d212ec13b8
nixos/synapse: allow omitting trusted_key_servers[].verify_keys
Synapse does not require the `verify_keys` attr/object to be set.
It made sense back in the day, when federation traffic used to use self-signed certificates. But this is no longer the case.

The previous `types.nullOr` didn't actually allow omitting `verify_keys` because Synapse's config parser is unable to parse that.

Not a breaking change.

Upstream docs: https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html?highlight=verify_keys#trusted_key_servers
2023-05-19 15:46:53 +02:00
Alyssa Ross
7ddca49451 nixos/mailman: set RemainAfterExit for settings
This seems to be required to have the unit re-run if
services.mailman.restApiPassFile gets set.
2023-05-19 12:03:41 +02:00
Alyssa Ross
43465c94d4 nixos/mailman: randomly generate REST API token 2023-05-19 12:03:41 +02:00
Yureka
97c8817371
nixos/clickhouse: Notify systemd about successful startup (#232443)
https://github.com/ClickHouse/ClickHouse/pull/43400
https://github.com/ClickHouse/ClickHouse/pull/46613
2023-05-19 00:24:20 +02:00
Sandro
58f987450c
Merge pull request #226116 from erdnaxe/nitter-update-module
nixos/nitter: update module options
2023-05-18 23:45:39 +02:00
Naïm Favier
84f249a0c4
Merge pull request #232582 from Lassulus/syncthing-folder-fix
nixos/syncthing: fix disabled folders
2023-05-18 22:19:36 +02:00
Lily Foster
3e014434a7
Merge pull request #230876 from purin-aurelia/nixos-openrgb-fix
nixos/openrgb: fix data dir & amd i2c
2023-05-18 15:00:13 -04:00
Will Fancher
edcd3d3056
Merge pull request #229318 from ReneHollander/fix/nixos-zfs-systemd-unlock-times-out
nixos/zfs: disable unlock timeout with systemd
2023-05-18 12:42:21 -04:00
Meghea Iulian
eb222f0f97
redmine: upgrade start command 2023-05-18 14:35:38 +03:00
K900
b451cc7668 nixos/libinput: only enable when X11 is enabled 2023-05-18 13:58:18 +03:00
Sefa Eyeoglu
5c08d4fa3e
nixos/qt: also install qt6ct if using qt5ct
If QT_QPA_PLATFORMTHEME is set to qt5ct, Qt 6 apps can utilize qt6ct, to
achieve consistent theming across the two major versions.

Signed-off-by: Sefa Eyeoglu <contact@scrumplex.net>
2023-05-18 12:45:01 +02:00
lassulus
4762932601 nixos/syncthing: fix disabled folders 2023-05-18 11:06:57 +02:00
Matthias Berndt
cb410a8c59 Merge remote-tracking branch 'upstream/master' into mberndt123/stratis-rootfs 2023-05-17 21:47:19 -04:00
Anderson Torres
c637afe9c1
Merge pull request #229030 from atorres1985-contrib/with-lib-is-bad
With lib is bad: removes `with lib;` occurrences - part I
2023-05-17 20:24:46 -03:00
Martin Weinelt
a919e81dbf
Merge pull request #231512 from n0emis/zammad-5.4.1
zammad: 5.1.1 -> 5.4.1
2023-05-17 18:36:29 +02:00
Markus Cisler
a0b7802372 nixos/thelounge: add package option
Adds a package option to the thelounge NixOS module.
2023-05-17 08:34:18 -07:00
Naïm Favier
40a2df0fb0
nixos/syncthing: fixup #226088 2023-05-17 16:53:01 +02:00
Ember Keske
8c5087c1f6 zammad: link test in passthru.tests 2023-05-17 16:06:50 +02:00
Ryan Lahfa
d4abba5c1e
Merge pull request #232243 from mklca/issue-232229
nixos/config/swap: resolve swapfile issue !232229
2023-05-17 11:38:48 +02:00
K900
86c366b440
nixos/grafana-agent: remove deprecated option (#232375)
Deprecated in version 0.21: 323c1eb36d/docs/sources/static/upgrade-guide.md (L417)
2023-05-17 11:21:27 +02:00
Matthias Berndt
92814241a8 improve stratis initrd support
it is now possible to supply a stratis pool uuid
for every filesystem, and if that filesystem
is required for boot, the relevant pool will be
started in the initramfs.
2023-05-16 22:48:36 -04:00
Lassulus
52bbee772a
Merge pull request #232019 from 4z3/master-wireguard 2023-05-16 22:29:17 +02:00
Thomas Gerbet
bc48fa8f5e limesurvey: mark as broken
limesurvey is not yet compatible with PHP 8.1.
2023-05-16 19:18:22 +02:00
Thomas Gerbet
314c64c409 grocy: mark as broken
grocy is not yet compatible with PHP 8.1
2023-05-16 19:13:00 +02:00
Alexandre Iooss
1ab4e66b79 nixos/nitter: remove replaceInstagram option 2023-05-16 18:54:17 +02:00
Alexandre Iooss
d1d81f1866 nixos/nitter: add new upstream options 2023-05-16 18:54:02 +02:00
Mikaela Allan
4101d3b56f
nixos/config/swap: resolve swapfile issue !232229 2023-05-16 10:48:53 -04:00
Sandro
efb55108b3
Merge pull request #231435 from drupol/openvscode-server/systemd-service 2023-05-16 14:14:29 +02:00
Sandro
bcd46a36a7
Merge pull request #227338 from erictapen/mastodon 2023-05-16 13:52:28 +02:00
Doron Behar
9b0a03fc88
Merge pull request #226088 from Xyz00777/master
nixos/syncthing: applied rfc42 and added some additional options
2023-05-16 13:29:36 +03:00
tv
50b845c5a6 nixos/wireguard: allow customizing peer unit name 2023-05-16 10:28:24 +02:00
Maciej Krüger
5bb24e21ee
Merge pull request #231097 from aanderse/lxc/nixos-rebuild-boot 2023-05-16 04:13:01 +02:00
Matthias Berndt
3aa262b644 make nixos-generate-config generate stratis pool UUIDs 2023-05-15 20:48:10 -04:00
Martin Weinelt
d38127eb13
Merge pull request #232017 from NickCao/mjolnir
mjolnir: 1.5.0 -> 1.6.4, build with mkYarnPackage
2023-05-16 01:37:54 +02:00
Robert Hensing
25f227fc67
Merge pull request #231316 from hercules-ci/nixos-system.checks
NixOS: add `system.checks`
2023-05-15 23:16:29 +02:00
Pol Dellaiera
1d37fe1526
nixos/openvscode-server: init 2023-05-15 21:48:08 +02:00
Jonas Heinrich
8a4f016281 nixos/maddy: tls.loader add acme support, add secrets option 2023-05-15 15:00:16 -04:00
K900
d5c292af6b
Merge pull request #197524 from f2k1de/graylog4
graylog: init at 4.0.8, 4.3.9, 5.0.2
2023-05-15 19:42:04 +03:00
Sandro
872c89e5a7
Merge pull request #221750 from rhendric/rhendric/nixos/snapper 2023-05-15 17:24:25 +02:00
Nick Cao
dde3cb6977
Merge pull request #232007 from Janik-Haag/restic
restic: add persistent default for timer unit
2023-05-15 07:37:51 -06:00
Nick Cao
1de301aef3
Merge pull request #231954 from mac-chaffee/acme-ipv6
nixos/security/acme: Fix listenHTTP bug with IPv6 addresses
2023-05-15 07:30:57 -06:00
woojiq
2ee66a3000 keyd: run systemd service as root user 2023-05-15 15:28:34 +02:00
Sandro
5bb17df552
Merge pull request #231705 from ambroisie/add-vikunja-port 2023-05-15 15:27:31 +02:00
Janik H
95e1099d2a restic: add persistent default for timer unit 2023-05-15 15:16:58 +02:00
figsoda
783ebc7682
Merge pull request #231707 from figsoda/trip 2023-05-15 09:13:59 -04:00
Xyz00777
32866f8d58 nixos/syncthing: use rfc42 style settings 2023-05-15 14:38:56 +02:00
nikstur
6852dc2359 nixos/rshim: fix shell escape
Using escapeShellArg does not make sense here because (a) it turned the
list into a string, so the entire service failed and (b) because systemd
does not use the same escaping mechanism as bash.
2023-05-15 14:06:26 +02:00
Nick Cao
c256ecf7a3
nixos/mjolnir: explicitly set --mjolnir-config 2023-05-15 18:40:57 +08:00
Raito Bezarius
3f446bfbd3 nixos/pam: fix ZFS support assertion
It was always complaining even if you didn't enable PAM ZFS.
2023-05-15 12:06:04 +02:00
Ryan Lahfa
8c4a3f67b5
Merge pull request #228956 from tensor5/pam-zfs-key
nixos/pam: enable unlocking ZFS home dataset
2023-05-15 11:42:30 +02:00
Ryan Lahfa
fa06a3b646
Merge pull request #230888 from Misterio77/nextcloud-createlocally-optin
nixos/nextcloud: default createLocally to false
2023-05-15 09:28:15 +02:00
Nicola Squartini
87cbaf7ce3 nixos/pam: assert ZFS support for PAM module 2023-05-15 09:22:42 +02:00
Nicola Squartini
5466f76755 nixos/pam: improve documentation of ZFS module 2023-05-15 09:22:39 +02:00
Nicola Squartini
09f4bf7f16 nixos/pam: enable unlocking ZFS home dataset 2023-05-15 09:20:40 +02:00
Maximilian Nitsch
25f3323d60 nixos/etcd: Fix mapping of clientCertAuth option
The clientCertAuth option must be mapped to the etcd environment
variable ETCD_CLIENT_CERT_AUTH and the peerClientCertAuth option to
ETCD_PEER_CLIENT_CERT_AUTH.

Signed-off-by: Maximilian Nitsch <maximilian.nitsch@d3tn.com>
2023-05-15 09:11:41 +02:00
Ryan Lahfa
feb7fcde4b
Merge pull request #231481 from nikstur/rshim-user-space
rshim for Nvidia BlueField
2023-05-15 09:03:50 +02:00
Ryan Lahfa
e3bd7faa18
Merge pull request #226830 from Janik-Haag/birdwatcher
birdwatcher: init at 2.2.4, alice-lg: init at 6.0.0, nixos/birdwatcher: init, nixos/alice-lg: init
2023-05-15 08:42:10 +02:00
Janik H
40136a1f7f nixos/birdwatcher: init 2023-05-15 02:52:06 +02:00
Janik H
8ed86700a2 nixos/alice-lg: init 2023-05-15 02:52:06 +02:00
Mac Chaffee
33b15fdce0
security/acme: Fix listenHTTP bug with IPv6 addresses 2023-05-14 20:27:52 -04:00
nikstur
5435eaaa4d nixos/rshim: init 2023-05-15 01:24:48 +02:00
Bernardo Meurer
d8b94f5b2c
Merge pull request #231881 from lovesegfault/klipper-log 2023-05-14 16:48:48 -04:00
Jonas Chevalier
9c63dd372d
cloud-init module: fix default settings (#231867)
The `//` operator doesn't do deep merge so it was overriding the first
attrset and not recording the defaults.
2023-05-14 22:35:06 +02:00
Jörg Thalheim
3007746b3f
Merge pull request #231473 from B4dM4n/eval-config-pass-system
treewide: pass system argument to eval-config.nix
2023-05-14 20:13:12 +01:00
Bernardo Meurer
570fff5e92
nixos/klipper: add logFile option 2023-05-14 13:02:08 -04:00
Bernardo Meurer
7a5f684ffd
nixos/klipper: use klippy from $out/bin 2023-05-14 13:02:06 -04:00
Ryan Lahfa
285330f081
Merge pull request #230153 from mklca/swap-encrypt-enhancement
nixos/config/swap: improve randomEncrytion
2023-05-14 19:01:56 +02:00
Ryan Lahfa
1ee11b8a31
Merge pull request #231283 from nikstur/filesystems-erofs
nixos/filesystems: init erofs
2023-05-14 18:54:37 +02:00
Jörg Thalheim
fc8c839fe8
Merge pull request #231841 from Ma27/wikijs-node18
wiki-js: use nodejs18
2023-05-14 16:22:56 +01:00
Gabriel Fontes
f9f76529cd
nixos/nextcloud: default createLocally to false 2023-05-14 12:09:50 -03:00
Ryan Lahfa
8ef486b60e
Merge pull request #207194 from RaitoBezarius/pixelfed-module
pixelfed: init at 0.11.5, module, tests
2023-05-14 17:09:19 +02:00
Sophie Tauchert
8af23590d3 nixos/borgbackup: fix extraCompactArgs
Fixes the extraCompactArgs introduced with #224072 as the variable
currently isn't added to the script's environment.
2023-05-14 16:51:24 +02:00
figsoda
3aa6580f46 nixos/trippy: init 2023-05-14 10:05:29 -04:00
Maximilian Bosch
577ffe768c
wiki-js: use nodejs18
Part of #229910.

Unfortunately this is a little hacky because upstream doesn't intend to
support it for 2.5, but only for 3.0 which isn't out yet, however nodejs-16
will get out of maintenance during the support-span of NixOS 23.05[1].

The only breaking change is that `extract-files` uses a deprecated way
of exposing modules, I went through the list of other breaking
changes in v17 and v18[2][3] and couldn't spot any usage of removed
features, also local testing didn't reveal further issues.

Unfortunately fixing that breakage turned out to be non-trivial.
Currently, `extract-files@9.0.0` is used with the problematic portions
in its `package.json`, however it's only a transitive dependency of
`@graphql-tools/url-loader` & `apollo-upload-client`. Unfortunately, the
versions of that in use require v9 and don't work with a newer version of
`extract-files` with the problem fixed[4]. Also, upgrading the
dependencies in question is not a feasible option because `graphql-tools`
was split up into multiple smaller packages in v8 and also some of the
APIs in use in `wiki.js` were dropped there[5], so this would also be
very time-consuming and non-trivial to fix.

Since this was the only issue, I decided to go down the hacky route and
patch the problem in `package.json` of `extract-files` manually during
our `patchPhase`.

[1] https://github.com/requarks/wiki/discussions/6388
[2] https://nodejs.org/en/blog/release/v17.0.0
[3] https://nodejs.org/en/blog/release/v18.0.0
[4] Upon local testing, this broke with the following error:

        Error [ERR_PACKAGE_PATH_NOT_EXPORTED]: Package subpath './public/extractFiles' is not defined by "exports" in /wiki/node_modules/extract-files/package.json
[5] For instance `SchemaDirectiveVisitor` in
  `server/graph/directives/auth`.
2023-05-14 14:25:33 +02:00
Jonas Heinrich
9241cee3c4
Merge pull request #224274 from SuperSandro2000/nixos/nextcloud-notify_push
nixos/nextcloud: add configureRedis option; nixos/nextcloud-notify_push: add bendDomainToLocalhost
2023-05-14 10:35:57 +02:00
linsui
c3a2ce47a1 nixos/neovim: fix runtime.text 2023-05-13 23:41:50 +02:00
rewine
71d6ed698f
nixos/gnupg: default to qt pinentry program in deepin 2023-05-14 05:32:38 +08:00
Vladimír Čunát
1ba92fc952
Merge branch 'master' into staging-next 2023-05-13 19:23:59 +02:00
Bruno BELANYI
f3f709af74 nixos/vikunja: add 'port' option 2023-05-13 18:01:36 +01:00
ajs124
831e41f469
Merge pull request #231629 from Izorkin/update-unit
unit: 1.29.1 -> 1.30.0
2023-05-13 19:01:33 +02:00