Commit Graph

417 Commits

Author SHA1 Message Date
Jörg Thalheim
6adc09ed30
knot: put runtime paths outside the nix store
Otherwise knot tries to write to non-writable directories.
This for example breaks dnssec signing.
While it's possible to overwrite these path in the configuration,
having a sane defaults is nicer.
2020-02-12 16:27:38 +00:00
Frederik Rietdijk
419bc0a4cd Revert "Revert "Merge master into staging-next""
In 87a19e9048 I merged staging-next into master using the GitHub gui as intended.
In ac241fb7a5 I merged master into staging-next for the next staging cycle, however, I accidentally pushed it to master.
Thinking this may cause trouble, I reverted it in 0be87c7979. This was however wrong, as it "removed" master.

This reverts commit 0be87c7979.
2020-02-05 19:41:25 +01:00
Frederik Rietdijk
0be87c7979 Revert "Merge master into staging-next"
I merged master into staging-next but accidentally pushed it to master.
This should get us back to 87a19e9048.

This reverts commit ac241fb7a5, reversing
changes made to 76a439239e.
2020-02-05 19:18:35 +01:00
Vladimír Čunát
baeed035ea
Merge #78628: knot-resolver: 4.3.0 -> 5.0.1
The service needed lots of changes. A few smaller changes
are added into the PR, e.g. replacement for PR #72014.
See the commit messages for details.
2020-02-05 16:57:02 +01:00
Vladimír Čunát
e3edb004c6
knot-resolver: 5.0.0 -> 5.0.1
https://gitlab.labs.nic.cz/knot/knot-resolver/tags/v5.0.1
2020-02-05 16:53:40 +01:00
Vladimír Čunát
ae74a0e27c
(nixos/)knot-resolver: 4.3.0 -> 5.0.0
Minor incompatibilities due to moving to upstream defaults:
  - capabilities are used instead of systemd.socket units
  - the control socket moved:
    /run/kresd/control -> /run/knot-resolver/control/1
  - cacheDir moved and isn't configurable anymore
  - different user+group names, without static IDs

Thanks Mic92 for multiple ideas.
2020-01-31 15:22:52 +01:00
Vladimír Čunát
93ad21dedd
knot-resolver: remove older lua path workarounds
Part of this is approximate revert of commit f0d2da43a7.
2020-01-31 15:06:20 +01:00
Vladimír Čunát
e980e7a3ab
knot-resolver: enable checks on aarch64
The cqueues fix is in nixpkgs already, so it works now.
2020-01-30 18:48:57 +01:00
Niklas Hambüchen
43a62af3a1
Merge pull request #78561 from r-ryantm/auto-update/bind
bind: 9.14.9 -> 9.14.10
2020-01-27 14:27:45 +01:00
R. RyanTM
0c59818ce7 bind: 9.14.9 -> 9.14.10 2020-01-26 15:58:22 +00:00
Vladimír Čunát
1ee3c7b405
Revert "knot-resolver: skip a broken test"
This reverts commit 5c0567dcc6.
The issue had been fixed but I forgot to remove this workaround.
2020-01-25 13:42:46 +01:00
Christoph Hrdinka
03c8eca08b
Merge pull request #76340 from r-ryantm/auto-update/nsd
nsd: 4.2.3 -> 4.2.4
2019-12-29 11:01:46 +01:00
Peter Simons
bc555a24af
Merge pull request #76209 from r-ryantm/auto-update/bind
bind: 9.14.8 -> 9.14.9
2019-12-27 12:17:36 +01:00
Ryan Mulligan
264f44b1d0
Merge pull request #76355 from r-ryantm/auto-update/pdns-recursor
pdns-recursor: 4.2.0 -> 4.2.1
2019-12-26 07:56:25 -08:00
R. RyanTM
cd795f7c0a pdns-recursor: 4.2.0 -> 4.2.1 2019-12-23 20:39:18 -08:00
R. RyanTM
0e168753c1 nsd: 4.2.3 -> 4.2.4 2019-12-23 17:38:11 -08:00
R. RyanTM
603e3b1345 bind: 9.14.8 -> 9.14.9 2019-12-22 20:05:23 -08:00
Jörg Thalheim
725f85e271
net-snmp: rename from net_snmp 2019-12-21 22:56:08 +00:00
Jörg Thalheim
0913701d47
dnsdist: 1.3.2 -> 1.4.0
- fixes build against boost
- also enable DoH
2019-12-21 22:56:01 +00:00
markuskowa
aef959ed93
Merge pull request #75292 from r-ryantm/auto-update/powerdns
powerdns: 4.2.0 -> 4.2.1
2019-12-20 12:18:16 +01:00
Oleksii Filonenko
03aa4ac48f
coredns: 1.3.1 -> 1.6.6 2019-12-16 14:07:43 +02:00
Vladimír Čunát
877eedec61
knot-dns: 2.9.1 -> 2.9.2 (bugfixes)
https://gitlab.labs.nic.cz/knot/knot-dns/tags/v2.9.2
2019-12-12 10:36:39 +01:00
R. RyanTM
394ec51d5c powerdns: 4.2.0 -> 4.2.1 2019-12-08 12:36:22 -08:00
Vladimír Čunát
24a4f45319
knot-resolver: 4.2.2 -> 4.3.0 (security)
Fixes CVE-2019-19331 (DoS), but other changes as well:
https://gitlab.labs.nic.cz/knot/knot-resolver/tags/v4.3.0
2019-12-04 16:22:49 +01:00
R. RyanTM
0fc8c727e2 nsd: 4.2.2 -> 4.2.3 2019-12-01 18:40:50 +01:00
R. RyanTM
b470220a0b bind: 9.14.7 -> 9.14.8 2019-11-25 00:18:59 -08:00
Vladimír Čunát
35566eb61a
knot-dns: 2.9.0 -> 2.9.1
It's mainly bugfixes:
https://gitlab.labs.nic.cz/knot/knot-dns/raw/v2.9.1/NEWS
2019-11-12 10:58:45 +01:00
R. RyanTM
0060782d8e bind: 9.14.6 -> 9.14.7
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/bind/versions
2019-10-20 21:13:12 -07:00
Kai Wohlfahrt
8a293b42de dnsutils: remove obsolete config flag 2019-10-16 13:48:51 +01:00
Kai Wohlfahrt
39afb94585 dnsutils: add delv tool
delv is provided as a replacement for dig with better DNSSEC support.
2019-10-16 13:40:44 +01:00
Vladimír Čunát
0bd5120e22
knot-dns: 2.8.4 -> 2.9.0
I can't see any large incompatibilities.
https://gitlab.labs.nic.cz/knot/knot-dns/tags/v2.9.0
2019-10-14 14:31:46 +02:00
Vladimír Čunát
39049dbd37
knot-resolver: 4.2.1 -> 4.2.2 (tiny bugfix)
https://gitlab.labs.nic.cz/knot/knot-resolver/tags/v4.2.2
2019-10-07 14:52:06 +02:00
Jon
5dd2ff3679
Merge pull request #69707 from r-ryantm/auto-update/powerdns
powerdns: 4.1.13 -> 4.2.0
2019-09-30 18:14:50 -07:00
R. RyanTM
d8f5f0e349 powerdns: 4.1.13 -> 4.2.0
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/powerdns/versions
2019-09-27 15:21:06 -07:00
Vladimír Čunát
4b656c7447
knot-resolver: 4.2.0 -> 4.2.1 (bugfixes)
https://gitlab.labs.nic.cz/knot/knot-resolver/tags/v4.2.1
2019-09-27 10:49:45 +02:00
Vladimír Čunát
1b0771ac42
knot-dns: 2.8.3 -> 2.8.4
https://gitlab.labs.nic.cz/knot/knot-dns/raw/v2.8.4/NEWS
2019-09-24 12:57:25 +02:00
Will Dietz
88aaa57296
bind: 9.14.4 -> 9.14.6
9.14.5: https://gitlab.isc.org/isc-projects/bind9/blob/v9_14_5/CHANGES
9.14.6: https://gitlab.isc.org/isc-projects/bind9/blob/v9_14/CHANGES

9.14.6 above links to the 9.14 branch CHANGES, no tag yet.
ISC's website has 9.14.6, which is the authoritative source.
2019-09-18 20:44:18 -05:00
Frederik Rietdijk
e73f871285 Merge master into staging-next 2019-09-08 14:49:25 +02:00
Vladimír Čunát
014ffdf3db
powerdns: use default openssl instead of libressl_2_8
Fixes https://github.com/NixOS/nixpkgs/issues/67601
and also see that thread for discussion.
2019-09-08 09:09:29 +02:00
Will Dietz
743f96d3a2
nsd: 4.2.1 -> 4.2.2 2019-09-03 20:10:44 -05:00
Vladimír Čunát
2e6bf42a22
Merge branch 'master' into staging-next
There ver very many conflicts, basically all due to
name -> pname+version.  Fortunately, almost everything was auto-resolved
by kdiff3, and for now I just fixed up a couple evaluation problems,
as verified by the tarball job.  There might be some fallback to these
conflicts, but I believe it should be minimal.

Hydra nixpkgs: ?compare=1538299
2019-08-24 08:55:37 +02:00
Robin Gloster
353323e055
erlang: pin to openssl 1.0.2 for < R20 2019-08-21 23:21:55 +02:00
Marek Mahut
67089e7016
Merge pull request #66995 from r-ryantm/auto-update/nsd
nsd: 4.2.0 -> 4.2.1
2019-08-20 21:18:54 +02:00
Robin Gloster
4e60b0efae
treewide: update globin's maintained drvs 2019-08-20 19:36:05 +02:00
R. RyanTM
cae176b4e3 nsd: 4.2.0 -> 4.2.1
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/nsd/versions
2019-08-19 16:23:11 -07:00
Frederik Rietdijk
f65aa21bb2 Merge master into staging-next 2019-08-18 12:53:44 +02:00
volth
c814d72b51 treewide: name -> pname 2019-08-17 10:54:38 +00:00
Jonathan Ringer
5775243d40 doh-proxy: 0.0.8 -> 0.0.9 2019-08-17 12:38:55 +02:00
volth
46420bbaa3 treewide: name -> pname (easy cases) (#66585)
treewide replacement of

stdenv.mkDerivation rec {
  name = "*-${version}";
  version = "*";

to pname
2019-08-15 13:41:18 +01:00
Vladimír Čunát
5c0567dcc6
knot-resolver: skip a broken test
The test fails from roughly today's machine date onwards.
2019-08-09 16:09:18 +02:00
Ryan Mulligan
ab5682a7d2
Merge pull request #66012 from r-ryantm/auto-update/pdns-recursor
pdns-recursor: 4.1.14 -> 4.2.0
2019-08-07 06:11:48 -07:00
Vladimír Čunát
577508ef14
knot-resolver: 4.1.0 -> 4.2.0
No really significant changes, I'd say:
https://gitlab.labs.nic.cz/knot/knot-resolver/tags/v4.2.0
2019-08-05 20:31:40 +02:00
R. RyanTM
febd3c7c30 pdns-recursor: 4.1.14 -> 4.2.0
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/pdns-recursor/versions
2019-08-04 21:18:24 -07:00
R. RyanTM
dc55912d73 bind: 9.14.3 -> 9.14.4
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/bind/versions
2019-08-03 14:35:28 -07:00
Vladimír Čunát
49ca44cf17
knot-dns: 2.8.2 -> 2.8.3 (maintenance) 2019-07-16 13:52:27 +02:00
Vladimír Čunát
263b5244ef
powerdns: enableParallelBuilding = true;
The build just took quite a long time otherwise.
2019-07-13 11:35:15 +02:00
Vladimír Čunát
64cb53dc01
Merge #64272: powerdns: 4.1.9 -> 4.1.10 (DoS security)
CVE-2019-10162, CVE-2019-10163
2019-07-13 10:36:14 +02:00
Vladimír Čunát
75369ad991
knot-resolver: disable part of tests on darwin, for now 2019-07-10 18:26:26 +02:00
Vladimír Čunát
f15625a6c0
knot-resolver: 4.0.0 -> 4.1.0 (security)
https://lists.nic.cz/pipermail/knot-resolver-users/2019/000189.html
Fixes DNS spoofing problems: CVE-2019-10190 CVE-2019-10191
but also minor things, adds new features, etc.
In particular aarch64 should work now, at least as long as not using
some lua library that suffers from the same problem with lightuserdata,
e.g. cqueues does suffer from this.
2019-07-10 17:42:37 +02:00
Vladimír Čunát
9efdd2e434
knot-resolver: 3.2.1 -> 4.0.0
https://lists.nic.cz/pipermail/knot-resolver-users/2019/000136.html

Similar commit worked fine for me, including the nixos service.
I'd like to still improve the service to support easy passing of sockets
to http module.
2019-07-10 17:40:04 +02:00
Vladimír Čunát
6fdd315178
knot-resolver: add a check for the last problem 2019-07-05 11:02:14 +02:00
Vladimír Čunát
f0d2da43a7
knot-resolver: hotfix for a recent $LUA_PATH regression
I hope I got all the transitive dependencies.
The 'http' module load again, at least.
Close https://github.com/NixOS/nixpkgs/pull/64174
2019-07-05 10:46:38 +02:00
Alyssa Ross
b1552d92dd
powerdns: use meta.broken not meta.platforms 2019-07-04 00:27:19 +00:00
Alyssa Ross
0fd9b67e98
powerdns: 4.1.9 -> 4.1.10
CVE-2019-10162
CVE-2019-10163
2019-07-04 00:27:17 +00:00
Robert Scott
46dfe2bab9 powerdns: 4.1.7 -> 4.1.9
fixing CVE-2019-10162, CVE-2019-10163
2019-07-01 01:07:22 +01:00
Alyssa Ross
5284663c50
bind: 9.14.2 -> 9.14.3
CVE-2019-6471
2019-06-20 17:44:06 +00:00
Mario Rodas
f7e30c4b46
Merge pull request #63313 from r-ryantm/auto-update/nsd
nsd: 4.1.27 -> 4.2.0
2019-06-20 05:27:39 -05:00
Ryan Mulligan
a7a10fd790
Merge pull request #63329 from r-ryantm/auto-update/pdns-recursor
pdns-recursor: 4.1.13 -> 4.1.14
2019-06-19 20:34:05 -07:00
Matthieu Coudron
c33153bf13
Merge pull request #63108 from Shados/lua-packaging-improvements-pr
Lua/luarocks packaging improvements
2019-06-19 14:23:31 +02:00
R. RyanTM
7f794bca5b pdns-recursor: 4.1.13 -> 4.1.14
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/pdns-recursor/versions
2019-06-17 06:33:37 -07:00
R. RyanTM
81b311cd1a nsd: 4.1.27 -> 4.2.0
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/nsd/versions
2019-06-17 02:52:59 -07:00
volth
f3282c8d1e treewide: remove unused variables (#63177)
* treewide: remove unused variables

* making ofborg happy
2019-06-16 19:59:05 +00:00
Alexei Robyn
274715cbc3 luaPackages: Replace all rockspec packages with generated ones
luaPackages replaced by generated ones:
- bit32
- compat53
- cqueues
- luacyrussasl -> cyrussasl (luarocks name)
- luaexpat
- luadbi -> luadbi front-end module + separate backend modules
  luadbi-{mysql,postgresql,sqlite3}
- luafilesystem
- luaossl
- luasec
- luasocket
- luastdlib -> stdlib (luarocks name)
- lrexlib -> lrexlib-pcre (we already have lrexlib-gnu and
  lrexlib-posix, lrexlib-pcre however appears to be the variant used in
  mudlet, which is the only current dep in nixpkgs)
- luasqlite -> luasql-sqlite3 (luarocks name)
- lfs -> luafilesytem (we literally had two manually written
  luafilesystem expressions, under different names)

Changes and additions to overrides to generated luarocks packgaes,
including:
- busted: Install bash completions along with the zsh ones
- cqueues:
    - Perform minor surgery on the rockspec to allow using a single
      rockspec to build for all supported Lua versions
    - Add a patch by @vcunat to work around a build issue
- luuid: Wrote a tiny patch to allow for Lua 5.1/Luajit compatibility
- General changes:
    - Sorted the packages
    - Attempted to make the formatting consistent
    - Preferenced `.override` instead of `.overrideAttrs` wherever
      possible

Minor changes to other packages to adjust for the Lua package changes:
- luakit expression simplified
- prosody expression simplified; but users will now need to specify the
  luadbi backend module they intend to use in withExtraLibs
- knot-resolver inputs correctd
- mudlet inputs corrected (although this package was and should still be
  broken)
2019-06-14 13:17:15 +10:00
Vladimír Čunát
a1bb64e792
Merge #62873: bind: fix build on some ARMs 2019-06-09 10:02:10 +02:00
Vladimír Čunát
c5c366156c
bind: drop a darwin-specific patch (#62882)
The patch didn't apply since 9.12 -> 9.14 (26026c3e1a).
I'll hope it's not needed anymore (and let Borg verify that).
It was reportedly just a configure-time error: e4602677.
2019-06-09 09:44:00 +02:00
Ben Wolsieffer
b473f17e40 bind: fix build on armv6l 2019-06-08 19:02:43 -04:00
Vladimír Čunát
8f5edef47e
Merge branch 'staging-next' (PR #62209) 2019-06-07 08:07:10 +02:00
Vladimír Čunát
ec2b43e07a
knot-dns: 2.8.1 -> 2.8.2
https://gitlab.labs.nic.cz/knot/knot-dns/raw/v2.8.2/NEWS
2019-06-05 12:50:21 +02:00
Vladimír Čunát
576af17187
Merge branch 'master' into staging-next
Hydra nixpkgs: ?compare=1523575
2019-06-05 11:06:44 +02:00
R. RyanTM
5215f3e081 pdns-recursor: 4.1.12 -> 4.1.13
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/pdns-recursor/versions
2019-06-02 04:58:11 -07:00
Will Dietz
ee4fc39aa7
bind: 9.12.4-P1 -> 9.14.2
9.12 is EOL as of May 2019.

9.14.2 release notes (which appear to extend those for 9.14.1):

https://ftp.isc.org/isc/bind9/9.14.2/RELEASE-NOTES-bind-9.14.2.html

Please check the security fixes and prioritize this as appropriate.
2019-05-17 03:36:59 -05:00
Vladimír Čunát
110fb944f1
lua*Packages.http: 0.3 -> 0.4 (and generate)
One bugfix patch is included - merged upstream but not released yet.
knot-resolver wrapper would need to add binaryheap explicitly,
so it's migrated to the automatic LUA path discovery instead.
2019-05-01 11:28:47 +02:00
Andreas Rammhold
37dd347cd3
bind: apply atomics to refcount patch
Upstream added a commit [1] right after the release that fixes the
aarch64 atomic operation linker issue we have been seeing [2].

[1] d72f436b7d
[2] https://github.com/NixOS/nixpkgs/issues/60301#issue-437896459
2019-04-27 17:51:43 +02:00
Will Dietz
f0f081d3b4 bind: 9.12.3-P4 -> 9.12.4-P1
https://www.openwall.com/lists/oss-security/2019/04/25/1

CVE-2018-5743, CVE-2019-6467, and CVE-2019-6468
2019-04-26 02:08:44 -05:00
Matthew Bauer
290a5d916e treewide: update homepages to https where available
Based on "problems" from repology:

https://repology.org/repository/nix_unstable/problems

Mostly simple changes to reflect redirects.
2019-04-15 10:10:05 -04:00
Vladimír Čunát
6e9f6a63a2
knot-dns: 2.8.0 -> 2.8.1 (maintenance)
https://lists.nic.cz/pipermail/knot-dns-users/2019-April/001660.html
2019-04-09 16:15:55 +02:00
Christoph Hrdinka
2bf0116d34
Merge pull request #58727 from r-ryantm/auto-update/nsd
nsd: 4.1.26 -> 4.1.27
2019-04-05 09:10:22 +02:00
Jörg Thalheim
d03ced8648
pdns-recursor: 4.1.11 -> 4.1.12 2019-04-04 19:42:37 +01:00
R. RyanTM
a5300c7c8f nsd: 4.1.26 -> 4.1.27
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/nsd/versions
2019-04-01 19:08:12 -07:00
Andreas Rammhold
f4e9e42725
powerdns: 4.1.6 -> 4.1.7
This addresses CVE-2019-3871. The details of the issue can be retrieved
from the official announcement page [0].

[0] https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-03.html
2019-03-20 10:44:55 +01:00
Vladimír Čunát
3e4d8d2fc6
knot-dns: 2.7.6 -> 2.8.0
https://gitlab.labs.nic.cz/knot/knot-dns/tags/v2.8.0
Some explanation for the patching is in this ML thread:
https://lists.nic.cz/pipermail/knot-dns-users/2019-March/001616.html
2019-03-06 19:19:13 +01:00
R. RyanTM
e08f01f4e7 bind: 9.12.3-P1 -> 9.12.3-P4
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/bind/versions
2019-03-01 13:47:33 -08:00
Vladimír Čunát
98385ff540
knot-resolver: cross-compilation fix 2019-02-23 18:17:35 +01:00
Jan Malakhovski
a111b5fde4 bind: move defaults to package file 2019-02-03 15:33:28 +00:00
Franz Pletz
c5e606b713
powerdns: 4.1.5 -> 4.1.6 2019-02-11 22:46:10 +01:00
Franz Pletz
ac55d24f53
pdns-recursor: 4.1.10 -> 4.1.11 2019-02-11 22:46:10 +01:00
Duarte David
f7a16402b4 coredns: Add deltaevo as maintainer 2019-02-03 16:32:56 +01:00
Duarte David
d80b81ab5d coredns: 005 -> 1.3.1 2019-01-30 12:50:31 +01:00
R. RyanTM
48b40d01ba pdns-recursor: 4.1.8 -> 4.1.10
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/pdns-recursor/versions
2019-01-27 18:56:35 -08:00
Vladimír Čunát
5237df5186
knot-dns: 2.7.5 -> 2.7.6
Maintenance update, nothing really important, probably.
https://gitlab.labs.nic.cz/knot/knot-dns/tags/v2.7.6
2019-01-23 14:04:32 +01:00