JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
257,784 Commits 2 Branches 0 Tags 12 GiB
253de1fcdb
Commit Graph

19337 Commits

Author SHA1 Message Date
Gabriel Ebner
ce28fd3d22 nixos/pipewire: add media-session.d files 2020-11-29 17:43:07 +01:00
Gabriel Ebner
53029a15cc nixos/pipewire: enable sound on alsa support 
Otherwise sound.extraConfig has no effect.
 2020-11-29 15:08:38 +01:00
Frederik Rietdijk
0d8491cb2b Merge master into staging-next 2020-11-29 13:51:10 +01:00
Sarah Brofeldt
a7a5f7904c
Merge pull request #99173 from johanot/fix-initrd-ssh-commands-test 
nixos/initrd-ssh: set more defensive pemissions on sshd test key
 2020-11-29 11:27:03 +01:00
StigP
e2968a0442
Merge pull request #102061 from braunse/gogs-0-12-3 
gogs: 0.11.91 -> 0.12.3
 2020-11-29 10:01:47 +01:00
Ryan Mulligan
cb42d08df2
Merge pull request #62104 from Vizaxo/master 
nixos/exwm: allow custom Emacs load script
 2020-11-28 18:47:21 -08:00
Martin Weinelt
62ef710b54
Merge pull request #104268 from mvnetbiz/ha-allowpaths 
home-assistant: add allowlist_external_dirs to systemd unit ReadWritePaths
 2020-11-29 00:25:35 +01:00
Sander van der Burg
336628268f nixos/disnix: reorder startup to take MongoDB and InfluxDB into account, add option to add Disnix profile to the system PATH 2020-11-28 20:15:21 +01:00
Sander van der Burg
5e392940cf nixos/dysnomia: add InfluxDB configuration options, add option to use legacy modules, eliminate import from derivation hack 2020-11-28 20:15:21 +01:00
Silvan Mosberger
cb59ff4aab
Merge pull request #86225 from sorki/proxychains 
nixos/proxychains: init
 2020-11-28 19:45:32 +01:00
Tim Steinbach
8529788e73
jq: Add test 2020-11-28 13:42:36 -05:00
Tim Steinbach
fe8fa45573
bat: Add test 2020-11-28 13:42:36 -05:00
Tim Steinbach
2d85247086
lsd: Add test 2020-11-28 13:42:36 -05:00
Tim Steinbach
13ebb30910
minecraft-server: Add test 2020-11-28 12:43:17 -05:00
Tim Steinbach
0dc74a15ad
minecraft: Add test 2020-11-28 12:43:17 -05:00
Frederik Rietdijk
9e062723b2 Merge master into staging-next 2020-11-28 08:53:47 +01:00
Sebastien Braun
5c87a6b8ea gogs: 0.11.91 -> 0.12.3 2020-11-28 06:50:52 +01:00
Sandro
a390213f85
Merge pull request #85133 from snicket2100/mosquitto-service-sandboxing 
mosquitto: systemd service sandboxing
 2020-11-27 18:53:36 +01:00
Frederik Rietdijk
b2a3891e12 Merge master into staging-next 2020-11-27 15:09:19 +01:00
Milan Pässler
81aff9f411 nixos/gitlab: use bindsTo instead of requires for gitaly 2020-11-26 14:12:14 +01:00
Jan Tojnar
e95cc8519b
Merge pull request #104553 from jansol/pipewire 
pipewire: 0.3.15 -> 0.3.16
 2020-11-26 10:59:17 +01:00
Sarah Brofeldt
2e4d714334 nixos/tests/networking: Alleviate race in scripted test 2020-11-25 20:08:03 +01:00
Tim Steinbach
4196aa9660
awscli: Add test 2020-11-25 13:00:41 -05:00
Luke Granger-Brown
ad62155cb6 nixos/zram: add zramSwap.memoryMax option 
This allows capping the total amount of memory that will be used for
zram-swap, in addition to the percentage-based calculation, which is
useful when blanket-applying a configuration to many machines.

This is based off the strategy used by Fedora for their rollout of
zram-swap-by-default in Fedora 33
(https://fedoraproject.org/wiki/Changes/SwapOnZRAM), which caps the
maximum amount of memory used for zram at 4GiB.

In future it might be good to port this to the systemd zram-generator,
instead of using this separate infrastructure.
 2020-11-25 13:43:38 +00:00
Frederik Rietdijk
5790bb073f nixos auto-upgrade: remove flag when flake 
The `--no-build-output` flag that is added by default is only valid
for the old cli, which is not used when flakes are used.

Follow-up to c9daa81eff.
 2020-11-25 08:34:04 +01:00
Florian Klink
5b3a952e04
Merge pull request #102938 from cruegge/dev-symlinks 
nixos/stage-1: create /dev/std{in,out,err} symlinks
 2020-11-25 01:57:21 +01:00
Stijn DW
3d3bcc5cc9 nixos/factorio: Don't open firewall ports by default 2020-11-24 23:14:57 +01:00
Stijn DW
d93434458b nixos/factorio: add openFirewall option 2020-11-24 23:14:57 +01:00
Graham Christensen
d9c3f13df3
Merge pull request #104776 from grahamc/utillinux 
utillinux: rename to util-linux
 2020-11-24 15:14:36 -05:00
Graham Christensen
bc49a0815a
utillinux: rename to util-linux 2020-11-24 12:42:06 -05:00
adisbladis
302df2a9a1
Merge pull request #81661 from adisbladis/ssh-pam-sudo-keys 
pam_ssh_agent_auth: Honour services.openssh.authorizedKeysFiles
 2020-11-24 16:06:47 +01:00
Artturin
4db239272c mullvad-vpn: add iproute2 2020-11-24 06:12:32 -08:00
Ryan Mulligan
91f1d7e405
Merge pull request #104734 from ju1m/fix-udev 
nixos/network-interfaces: fix typo in udev rule syntax
 2020-11-24 05:44:52 -08:00
Peter Simons
58f29d3ca8
Merge pull request #104721 from vkleen/postfix-smtp-fix 
nixos.postfix: make postfix.enableSmtp work again
 2020-11-24 08:58:35 +01:00
Jan Tojnar
6d99109b12
Merge branch 'staging-next' into staging 2020-11-24 05:44:44 +01:00
Julien Moutinho
2263fa5698 nixos/network-interfaces: fix typo in udev rule syntax 2020-11-24 04:21:44 +01:00
adisbladis
ba1fa0c604
pam_ssh_agent_auth: Honour services.openssh.authorizedKeysFiles 
If a system administrator has explicitly configured key locations this
should be taken into account by `sudo`.
 2020-11-24 02:47:07 +01:00
Viktor Kleen
6216c843ed
nixos/postfix: make postfix.enableSmtp work again 
This fixes issue #104715.
 2020-11-23 23:46:06 +00:00
Florian Klink
bbf3c9483b
Merge pull request #104520 from Izorkin/wsdd 
wsdd: init at 0.6.2
 2020-11-23 23:18:23 +01:00
Frederik Rietdijk
587538d087 Merge staging-next into staging 2020-11-23 18:10:33 +01:00
Izorkin
0aa34a03d0
nixos/tests/samba-wsdd: add check WSD Discovery 2020-11-23 17:13:22 +03:00
Izorkin
03760ab82e
nixos/samba-wsdd: init service samba-wsdd 2020-11-23 13:26:00 +03:00
Jan Solanti
aca97840da pipewire: 0.3.15 -> 0.3.16 
This release replaces the libpulseaudio shim with a pipewire module that acts as a fake pulseaudio server along with a systemd service that loads that module on demand.
 2020-11-23 10:40:35 +02:00
zowoq
dbbd289982 nixos/*: fix indentation 2020-11-23 08:42:51 +10:00
zowoq
bbcbaeb54d nixos/tests/fctix: remove trailing whitespace 2020-11-23 08:42:51 +10:00
Florian Klink
c76891314d
Merge pull request #104094 from flokli/systemd-unified-cgroup-hierarchy 
systemd: switch to unified cgroup hierarchy by default
 2020-11-22 22:35:42 +01:00
Graham Christensen
1ee1134cb1
Merge pull request #104456 from endgame/refresh-instance-metadata-on-boot 
Refresh instance metadata on boot
 2020-11-22 08:23:14 -05:00
Florian Klink
904f124247
Merge pull request #99116 from jslight90/gitlab-13.4.0 
GitLab 13.0.14 -> 13.6.0
 2020-11-22 12:00:03 +01:00
Jack Kelly
6fd871dec4 rl-21.03: describe EC2 instance user/meta data reloading 2020-11-22 12:22:46 +10:00
Jack Kelly
43bfd7e5b1 {ec2,openstack}-metadata-fetcher: unconditionally fetch metadata 
The metadata fetcher scripts run each time an instance starts, and it
is not safe to assume that responses from the instance metadata
service (IMDS) will be as they were on first boot.

Example: an EC2 instance can have its user data changed while
the instance is stopped. When the instance is restarted, we want to
see the new user data applied.
 2020-11-22 11:04:46 +10:00
Jack Kelly
8c39655de3 {ec2,openstack}-metadata-fetcher: introduce wget_imds function 2020-11-22 11:04:46 +10:00
Jack Kelly
f8c3027812 openstack-metadata-fetcher: stop lying in log message 2020-11-22 11:04:46 +10:00
Jörg Thalheim
258903e725
Merge pull request #94610 from kwohlfahrt/openldap 2020-11-21 23:09:40 +01:00
Aaron Andersen
30c2069a9c
Merge pull request #78168 from active-group/subversion-apache-config-docs 
nixos/doc: Rudimentary documentation for Subversion-inside-Apache HTTP.
 2020-11-21 15:17:45 -05:00
Kai Wohlfahrt
c96f18feee nixos/openldap: migrate sssd-ldap to new settings 2020-11-21 16:13:03 +00:00
Kai Wohlfahrt
db5bb4e26b nixos/openldap: Fix sssd-ldap test 
Use this as a test of the migration warnings/functionality.
 2020-11-21 16:13:03 +00:00
Kai Wohlfahrt
fefc26f844 nixos/openldap: use mkRenamedOptionModule 
This offers less helpful warnings, but makes the implementation
considerably more straightforward.
 2020-11-21 16:13:03 +00:00
Kai Wohlfahrt
ce1acd97a7 nixos/openldap: fix path + base64 value types 2020-11-21 16:13:03 +00:00
Kai Wohlfahrt
b2ebffe186 nixos/openldap: Fix indentation 2020-11-21 16:13:03 +00:00
Kai Wohlfahrt
3f892c2174 nixos/openldap: Remove extraConfig options 
Instead of deprecating, as per PR feedback
 2020-11-21 16:13:03 +00:00
Kai Wohlfahrt
2050376cae nixos/openldap: Mention schemas in migration hint 2020-11-21 15:45:16 +00:00
Kai Wohlfahrt
5fafbee87a nixos/openldap: Add release-notes for OLC config 2020-11-21 15:45:15 +00:00
Kai Wohlfahrt
adda7e62d0 nixos/openldap: Add support for base64 values 2020-11-21 15:39:20 +00:00
Kai Wohlfahrt
d05061c5cd nixos/openldap: Pick some PR nits 2020-11-21 15:39:20 +00:00
Kai Wohlfahrt
9528faf182 nixos/openldap: Allow declarativeContents for multiple databases 2020-11-21 15:39:19 +00:00
Kai Wohlfahrt
057cb570be nixos/openldap: Add delcarativeConfig by suffix 
Adding by index could be an issue if the user wanted the data to be
added to a DB other than the first.
 2020-11-21 15:39:19 +00:00
Kai Wohlfahrt
1fde3c3561 nixos/openldap: switch to slapd.d configuration 
The old slapd.conf is deprecated. Replace with slapd.d, and use this
opportunity to write some structured settings.

Incidentally, this fixes the fact that openldap is reported up before
any checks have completed, by using forking mode.
 2020-11-21 15:39:19 +00:00
Joachim F
547d660f64
Merge pull request #104052 from TredwellGit/nixos/malloc 
nixos/malloc: fix Scudo
 2020-11-21 14:31:58 +00:00
Frederik Rietdijk
f36b838e2a nixos test-driver: fix single line docstrings, fixes #104467 
Single line docstrings should have the """ on a single line according to PEP 8.
It seems support for this landed in the latest version of Black.
 2020-11-21 09:51:31 +01:00
Frederik Rietdijk
1ffd7cf0d6 Merge master into staging-next 2020-11-21 08:43:10 +01:00
Milan Pässler
d6e0d38b84 nixos/tests/gitlab: add 32 byte secrets 2020-11-21 01:39:08 +01:00
Milan Pässler
0f82bd767b nixos/gitlab: start gitaly after gitlab 2020-11-21 01:38:11 +01:00
Guillaume Girol
01083f116d
Merge pull request #102235 from symphorien/paperwork2 
Paperwork 2.0
 2020-11-20 21:30:08 +00:00
Jeff Slight
f98a6322e6 nixos/gitlab: add changes for gitlab 13.4.x 2020-11-20 19:26:30 +01:00
Graham Christensen
75d7828724
Merge pull request #98544 from Mic92/unfuck-update-user-group 
nixos/update-user-groups: Fix encoding issues + atomic writes
 2020-11-20 10:28:52 -05:00
Florian Klink
90d5bdb12f nixosTests.podman: run default backends, don't run runc rootless 
The runc backend doesn't work with unified cgroup hierarchy, and it
failing is a known issue.

However, the default backends should work in both rootless and as-root
scenarios, so make sure we test these.
 2020-11-20 16:23:35 +01:00
adisbladis
da3516f694
Merge pull request #104374 from adisbladis/dockertools-cross-aarch64 
dockerTools: Always cross compile for another arch in the cross example
 2020-11-20 14:57:26 +01:00
Eelco Dolstra
80097e57c9
nix: 2.3.8 -> 2.3.9 2020-11-20 13:03:04 +01:00
adisbladis
b7b22c5814
dockerTools: Always cross compile for another arch in the cross example 
The example fails to build on aarch64, so lets cross build for gnu64.
 2020-11-20 12:57:58 +01:00
Frederik Rietdijk
553b7a8bf0 Merge master into staging-next 2020-11-20 08:12:06 +01:00
Jan Tojnar
f6105d21e3
Merge branch 'master' into staging-next 2020-11-20 01:38:32 +01:00
Graham Christensen
b339462460
nixos: release-combined: only build the amazon image for x86_64,aarch64-linux -- exclude i686 2020-11-19 19:34:23 -05:00
Graham Christensen
1115df837e
Merge pull request #104322 from grahamc/amazon-image 
nixos/release-small: add amazonImage
 2020-11-19 18:45:07 -05:00
Graham Christensen
1ef139f3b0
nixos/release-small: add amazonImage 
fixup breakage from #104193
 2020-11-19 17:45:40 -05:00
Graham Christensen
7fa7bf2fda
Merge pull request #104193 from grahamc/ec2-metadata-imdsv2 
NixOS EC2 AMI: Support IMDSv2
 2020-11-19 16:11:32 -05:00
Robert Hensing
c68e739300
Merge pull request #104271 from adisbladis/dockertools-cross 
dockerTools.buildLayeredImage: Fix cross compilation
 2020-11-19 20:41:53 +01:00
Frederik Rietdijk
ea7b8978ef Merge master into staging-next 2020-11-19 20:08:15 +01:00
Graham Christensen
0d87ce610e
nixos: release: add amazonImage as a channel blocker 2020-11-19 13:56:55 -05:00
Graham Christensen
f2cfecdec3
nixos ami: preflight the imds token 
According to Freenode's ##AWS, the metadata server can sometimes
take a few moments to get its shoes on, and the very first boot
of a machine can see failed requests for a few moments.
 2020-11-19 13:56:44 -05:00
Graham Christensen
83ea88e03f
nixos: ec2 ami: support IMDSv2 
AWS's metadata service has two versions. Version 1 allowed plain HTTP
requests to get metadata. However, this was frequently abused when a
user could trick an AWS-hosted server in to proxying requests to the
metadata service. Since the metadata service is frequently used to
generate AWS access keys, this is pretty gnarly. Version two is
identical except it requires the caller to request a token and provide
it on each request.

Today, starting a NixOS AMI in EC2 where the metadata service is
configured to only allow v2 requests fails: the user's SSH key is not
placed, and configuration provided by the user-data is not applied.
The server is useless. This patch addresses that.

Note the dependency on curl is not a joyful one, and it expand the
initrd by 30M. However, see the added comment for more information
about why this is needed. Note the idea of using `echo` and `nc` are
laughable. Don't do that.
 2020-11-19 13:00:56 -05:00
adisbladis
11367b2db1
dockerTools: Add cross compilation test 2020-11-19 18:13:22 +01:00
Florian Klink
f6832971f5 nixosTests.systemd: increase accounting coverage 
For now, testing IO Accounting is skipped, as it seems to be either
broken, or hard to reproduce in a VM.
 2020-11-19 16:56:46 +01:00
Florian Klink
5d45f269aa nixos/k3s: disable unifiedCgroupHierarchy 
This gets automatically disabled by docker if the docker backend is
used, but the bundled containerd also doesn't seem to support cgroupsv2,
so disable it explicitly here, too.
 2020-11-19 16:56:46 +01:00
Florian Klink
d22b3ed4bc systemd: switch to unified cgroup hierarchy by default 
See https://www.redhat.com/sysadmin/fedora-31-control-group-v2 for
details on why this is desirable, and how it impacts containers.

Users that need to keep using the old cgroup hierarchy can re-enable it
by setting `systemd.unifiedCgroupHierarchy` to `false`.

Well-known candidates not supporting that hierarchy, like docker and
hidepid=… will disable it automatically.

Fixes #73800
 2020-11-19 16:56:46 +01:00
Jörg Thalheim
2bf5899d6a
Merge pull request #104105 from spacefrogg/openafs-1.9 2020-11-19 14:42:17 +01:00
Matt Votava
746efadcce home-assistant: add allowlist_external_dirs to systemd unit ReadWritePaths 2020-11-19 04:29:03 -08:00
Robert Hensing
c790ed8c4e
Merge pull request #96371 from asdf8dfafjk/fcitx_commit 
fcitx: Add test (Unicode input, table input, m17n)
 2020-11-19 11:05:36 +01:00
Silvan Mosberger
3307adf755
Merge pull request #98980 from JustinLovinger/idmapd 
nixos/nfs: add idmapd.settings option
 2020-11-18 22:46:48 +01:00
Jörg Thalheim
58bf9ed18b
nixos/telegraf: fix test 2020-11-18 21:42:01 +01:00
Jörg Thalheim
0f84e08fcd
nixos/telegraf: make example a bit more compact 2020-11-18 21:41:58 +01:00