Commit Graph

21508 Commits

Author SHA1 Message Date
Jan Tojnar
ebde08adf3 nixos/xdg.portal: deprecate gtkUsePortal option
It was never meant to be used for anything other than testing
and setting it globally can cause weird loops in GTK-based portals,
where the portal will end up waiting for itself until it times out.

https://github.com/NixOS/nixpkgs/issues/135898

Or it can mess up fonts:

https://github.com/NixOS/nixpkgs/issues/155291#issuecomment-1166199585

Having the option in NixOS makes it look like it is okay or even
desirable to enable, when in fact it is a hack that can subtly break apps.

Some apps allow opting into using portal-based APIs, e.g. for Firefox,
you can set `widget.use-xdg-desktop-portal.file-picker` to `1` in about:config.
Otherwise, you can set the `GTK_USE_PORTAL` environment variable to 1
for individual apps.

People who really want it and aware of the downsides can just set
`environment.sessionVariables.GTK_USE_PORTAL = "1";` NixOS option
directly to set the environment variable globally.
2022-06-27 00:33:59 +02:00
Jan Tojnar
5d5c2ef49b nixos/xdg.portal: avoid with statement 2022-06-22 21:26:53 +02:00
Maximilian Bosch
5ab65d9cd1 nixos/prometheus-postfix-exporter: fixes for systemd integration
* Allow the service to read from the journal w/systemd.enable
* Ensure that the service is started after postfix.service
2022-06-20 19:30:59 +02:00
pennae
9e109ffdb5
Merge pull request #178110 from pennae/fix-networkd-gateways
nixos/networking: fix v4+v6 default gateways with networkd
2022-06-20 14:17:41 +00:00
Sandro
b3df41c011
Merge pull request #177913 from Yarny0/clickshare
{nixos/,}clickshare-csc1: remove (qt4)
2022-06-20 15:55:24 +02:00
Lassulus
eb013128da
Merge pull request #178195 from dnr/pipewire-systemwide
nixos/pipewire: fix wireplumber with system-wide
2022-06-19 12:42:37 +02:00
Florian Klink
5f297c164e nixos/grafana-agent: add myself as maintainer 2022-06-19 11:50:32 +02:00
Florian Klink
b09836593e nixos/grafana-agent: move remote write config from integrations.prometheus_remote_write to metrics.global.remote_write
remote_write config in integrations.prometheus_remote_write is only
applied for integrations, so static configurations won't get written
anywhere.
2022-06-19 11:50:32 +02:00
Florian Klink
e578b4d3ed nixos/grafana-agent: drop server.{grpc,http}_listen_address,http_listen_port
According to https://grafana.com/docs/agent/latest/upgrade-guide/#v0240,
this has been deprecated/moved to -server.http.address and
-server.grpc.address (accepting ip and port) config options in v0.24.0,
and already listens on localhost and not port 80 by default.
2022-06-19 11:50:31 +02:00
Florian Klink
2cca676e69 nixos/grafana-agent: replace settings.prometheus with settings.metrics
According to https://github.com/grafana/agent/pull/1540, -prometheus.*
flages were deprecated in 0.19.0 in favor of the -metrics.*
counterparts. Same applies to `loki` being renamed to `logs`.

I'm not sure if the config file format is still supported (it could be),
but we shouldn't use deprecated configs.
2022-06-19 11:50:31 +02:00
Florian Klink
4386cb104e
Merge pull request #178200 from lopsided98/device-tree-preprocessor
nixos/device-tree: preprocess overlays before compiling
2022-06-19 11:13:54 +02:00
Jörg Thalheim
96b227697f
Merge pull request #177785 from Mic92/navidrome
nixos/navidrome: fixes missing ssl certficates
2022-06-19 07:07:41 +01:00
Ben Wolsieffer
754005bf48 nixos/device-tree: preprocess overlays before compiling
Run the device tree overlays through the preprocessor before compiling it, as
is done in the kernel. This helps make overlays easier to understand, and
improves compatibility with those found in the wild.

I found the correct command line by running the kernel build with V=1, and then
removing all the arguments related to dependency tracking.
2022-06-18 22:24:30 -04:00
Ben Wolsieffer
8e4b3323d1 nixos/device-tree: use new overlay syntax in example
Since dtc 1.4.7 (released in 2018), there has been a much nicer syntax for
device tree overlays. This commit converts the dtsText example to use this
syntax.
2022-06-18 22:24:30 -04:00
David Reiss
33163bd0ef nixos/pipewire: fix wireplumber with system-wide 2022-06-18 18:46:41 -07:00
Yarny0
bd86db1833 {nixos/,}clickshare-csc1: remove (prepare Qt4 removal)
Qt4 is on it's way out, according to

https://github.com/NixOS/nixpkgs/pull/174634

Barco's ClickShare driver/client requires Qt4;
an update isn't in sight anywhere.

To prepare for the removal of Qt4,
the commit at hand removes the
ClickShare package and its NixOS module.
The release notes are appended with a hint about the
removal and some alternatives that might help users
that are still in need of the driver/client functionality.
2022-06-18 11:47:08 +02:00
Martin Weinelt
86c4f203c1
Merge pull request #176475 from vlinkz/calamaresupdates 2022-06-18 10:11:06 +02:00
pennae
da28b26d64 nixos/networking: fix v4+v6 default gateways with networkd
fixes #178078
2022-06-18 09:33:35 +02:00
Kevin Cox
b2537dc430
Merge pull request #177561 from max-privatevoid/ipfs-dont-leak-config
nixos/ipfs: do not leak config to journal on startup
2022-06-17 19:37:33 -04:00
Max
2a8bf9777d nixos/ipfs: do not leak config to journal on startup
The preStart script for the IPFS service will print parts of the configuration
to stdout (and therefore, the journal) when applying profiles on startup. This
may lead to unwanted disclosure of private information, such as remote pinning
service API keys. Fix by sending stdout to /dev/null.
2022-06-17 23:41:27 +02:00
Sandro
8effa309cc
Merge pull request #176379 from SuperSandro2000/network-setup
nixos/network-interfaces-scripted: remove network-setup unit if unused
2022-06-17 22:36:45 +02:00
Sandro
0e6db671a0
Merge pull request #178009 from bbenno/update-gollum
gollum: 5.2.3 -> 5.3.0
2022-06-17 21:08:57 +02:00
Maciej Krüger
fc996dab2f
Merge pull request #178039 from adamcstephens/lxc-template-docs 2022-06-17 20:37:02 +02:00
Thiago Kenji Okada
4cf04594a9
Merge pull request #172660 from NickCao/nvidia-open
nvidia-open: init at 515.43.04
2022-06-17 18:59:32 +01:00
Adam Stephens
2e090e0d60 nixos/lxc-container: improve template example 2022-06-17 11:42:16 -04:00
Benno Bielmeier
be0e2db8b9 nixos/gollum: add option local-time
This feature was introduced in gollum v5.3.0
2022-06-17 12:50:47 +02:00
Benno Bielmeier
9434ac0963 nixos/gollum: improve description of user-icons option 2022-06-17 12:50:13 +02:00
Jörg Thalheim
5d54641d7f
Merge pull request #177790 from superherointj/package-k3s-1.24.1+k3s1
k3s: 1.23.6+k3s1 -> 1.24.1+k3s1
2022-06-17 08:38:10 +01:00
Lily Foster
b5818b7a30 nixos/pipewire: only add pipewire-pulse.conf conditionally 2022-06-15 15:05:44 -07:00
Lily Foster
1e3747b98b nixos/pipewire: add pkgs.pulseaudio to pipewire-pulse user unit path 2022-06-15 15:05:44 -07:00
superherointj
a6a0c44760 k3s: remove docker support 2022-06-15 16:40:29 -03:00
Jörg Thalheim
c772b13ee7 nixos/navidrome: fixes missing ssl certficates 2022-06-15 20:40:07 +02:00
zimbatm
31b47913f3
nixos: add grafana-agent module
Easily ship logs and metrics to Grafana Cloud and other similar targets.
2022-06-15 12:59:06 +02:00
Bobby Rong
6d1779c567
Merge pull request #175620 from bobby285271/nixos-pantheon
nixos/pantheon: make it possible to remove core packages
2022-06-15 18:49:37 +08:00
Lassulus
a632afba6d
Merge pull request #177536 from yayayayaka/hedgedoc-fix-statedirectory
nixos/hedgedoc: Do not set StateDirectory to an absolute path
2022-06-15 11:25:04 +02:00
M. A
becff58579 nixos/hedgedoc: Do not set StateDirectory to an absolute path
Commit 8109d8a set the `StateDirectory=` option of the systemd service
configuration to the value of `cfg.workDir` which is wrong, according
to dasJ [1]. This commit resolves this issue by stripping the
`/var/lib/` prefix from `cfg.workDir`.

[1] https://github.com/NixOS/nixpkgs/pull/172824#issuecomment-1130350412
2022-06-15 08:58:52 +00:00
Andreas
c028f5569b kcheckpass is gone(?) 2022-06-15 14:53:40 +08:00
Niklas Hambüchen
0652ef9a64
Merge pull request #176903 from nh2/vaultwarden-service-better-example
nixos/vaultwarden: Make example more detailed.
2022-06-15 01:21:40 +02:00
Léo Gaspard
02cd48717d
nixos/openldap: fix systemd rejecting notification (#177084)
On one of the two machines I have running openldap, openldap failed to start due to a "timeout". Increasing the allowed startup delay didn't help.

I noticed the following in logs:
```
openldap.service: Got notification message from PID 5224, but reception only permitted for main PID 5223
```

It turns out that on this machine at least, openldap apparently sends the notification from a non-main process, which means that we need this NotifyAccess setting for systemd to record that it successfully started. Without it, after 30 seconds systemd kills the process because it didn't receive the sd_notify call.

Somehow the other machine I have on nixos running ldap works fine even without this, but I could not figure out what changes the behavior.

Given that AFAIU NotifyAccess still restricts to "from the cgroup of the service", I think this change should be safe.
2022-06-13 15:28:12 +02:00
Maximilian Bosch
7f9a78e197
Merge pull request #175330 from jtojnar/grafana-uid
nixos/grafana: Allow setting UID for datasource
2022-06-13 07:01:19 +02:00
Maximilian Bosch
5203011e4e
Merge pull request #177430 from Ma27/fix-wireguard-exporter
nixos/prometheus-wireguard-exporter: fix broken options
2022-06-13 06:14:30 +02:00
Aaron Andersen
37b6b161e5
Merge pull request #177321 from rnhmjoj/pr-fix-mpd
mpd: fix socket activation
2022-06-12 22:26:53 -04:00
Mario Rodas
cc73dc83b3
Revert "nixos/security/wrappers: use an assertion for the existence check" 2022-06-12 15:38:05 -05:00
Maximilian Bosch
e03d41fb6b
nixos/prometheus-wireguard-exporter: fix broken options
This is apparently a breaking change in a patch-level release[1] where
it's now necessary to specify values for each CLI argument.

[1] https://github.com/MindFlavor/prometheus_wireguard_exporter/releases/tag/3.6.1
2022-06-12 20:27:25 +02:00
Michele Guerini Rocco
2b6c834377
Merge pull request #177336 from ncfavier/wrappers-source-check
nixos/security/wrappers: use an assertion for the existence check
2022-06-12 18:07:40 +02:00
Maximilian Bosch
fd2a89b983
nixos/wpa_supplicant: don't log that wpa_supplicant.conf is ignored with allowAuxiliaryImperativeNetworks = true
The warning is wrong with `allowAuxiliaryImperativeNetworks`[1] being
set to `true` because both files are included in this case with `-c` and
`-I`.

[1] https://nixos.org/manual/nixos/stable/options.html#opt-networking.wireless.allowAuxiliaryImperativeNetworks
2022-06-12 17:07:36 +02:00
Florian Klink
f9b0f5d09c
Merge pull request #177048 from NixOS/packages-systemd
nixos/systemd: use cfg.package in systemPackages to avoid confusion
2022-06-12 10:20:51 +02:00
Florian Klink
2b9be3117e
Merge pull request #177010 from flokli/make-kexec
nixos/modules/installer/kexec/kexec-boot.nix: move into nixos/lib, expose `kexec` nixos/release.nix
2022-06-12 10:07:35 +02:00
Bobby Rong
2375fac93d
nixos/pantheon: treat evince and file-roller as optional app 2022-06-12 13:12:15 +08:00
Bobby Rong
860781d909
nixos/pantheon: allow disabling pantheon-agent-geoclue2 2022-06-12 13:11:58 +08:00