Commit Graph

162 Commits

Author SHA1 Message Date
Danylo Hlynskyi
329102c47b
Merge #80328: postgresql: minor updates (security)
Forward-picked from merge 036c524a2e in staging to master,
as upstream claims it fixes CVE-2020-1720.
https://www.postgresql.org/about/news/2011/
2020-02-18 10:48:39 +01:00
danbst
2c77c53487 Merge branch 'master' into postgresql_group 2020-02-14 19:00:52 +02:00
Robin Gloster
ab0cfd9e03
treewide: NIX_*_COMPILE -> string 2019-12-31 00:10:18 +01:00
Mario Rodas
f2c73ca221
postgresql_12: 12.0 -> 12.1
Release notes: https://www.postgresql.org/docs/12/release-12-1.html
2019-11-14 20:04:00 -05:00
Mario Rodas
ac5cdc41b2
postgresql_11: 11.5 -> 11.6
Release notes: https://www.postgresql.org/docs/11/release-11-6.html
2019-11-14 20:03:00 -05:00
Mario Rodas
4e80093ca1
postgresql_10: 10.10 -> 10.11
Release notes: https://www.postgresql.org/docs/10/release-10-11.html
2019-11-14 20:02:00 -05:00
Mario Rodas
3b16df6b14
postgresql_9_6: 9.6.15 -> 9.6.16
Release notes: https://www.postgresql.org/docs/9.6/release-9-6-16.html
2019-11-14 20:01:00 -05:00
Mario Rodas
5a9ba33b70
postgresql_9_5: 9.5.19 -> 9.5.20
Release notes: https://www.postgresql.org/docs/9.5/release-9-5-20.html
2019-11-14 20:00:00 -05:00
Niklas Hambüchen
09ffd72207 postgresql: Disable 2 failing tests on musl 2019-10-30 13:27:40 +01:00
Mario Rodas
387020ecf8
postgresql_12: init at 12.0
Release notes: https://www.postgresql.org/docs/12/release-12.html
2019-10-07 20:03:32 -05:00
adisbladis
8e2fc57a80
postgresql_9_4: Remove package
It's only supported until February 13, 2020 which is during the 19.09 life cycle.
2019-09-07 15:31:27 +01:00
Vladimír Čunát
2e6bf42a22
Merge branch 'master' into staging-next
There ver very many conflicts, basically all due to
name -> pname+version.  Fortunately, almost everything was auto-resolved
by kdiff3, and for now I just fixed up a couple evaluation problems,
as verified by the tarball job.  There might be some fallback to these
conflicts, but I believe it should be minimal.

Hydra nixpkgs: ?compare=1538299
2019-08-24 08:55:37 +02:00
Robin Gloster
f4fc845e5b
Merge remote-tracking branch 'upstream/master' into openssl-1.1 2019-08-21 14:25:13 +02:00
Robin Gloster
4e60b0efae
treewide: update globin's maintained drvs 2019-08-20 19:36:05 +02:00
volth
46420bbaa3 treewide: name -> pname (easy cases) (#66585)
treewide replacement of

stdenv.mkDerivation rec {
  name = "*-${version}";
  version = "*";

to pname
2019-08-15 13:41:18 +01:00
Daniel Frank
bae6ce3b6c postgresql: fix CVE-2019-10208, CVE-2019-10209 (#66347) 2019-08-09 14:30:33 +03:00
Robin Gloster
2d6f0cb176
postgresql: build < 9.5 with openssl 1.0.2 2019-07-29 21:25:10 +02:00
danbst
92a015d35d nixos/postgresql: support 0750 for data directory
This is rework of part of https://github.com/NixOS/nixpkgs/pull/46670.
My usecase was to be able to inspect PG datadir as wheel user.

PG11 now allows starting server with 0750 mask for data dir.
`groupAccess = true` now does this automatically. The only thing you have to do
is to set group ownership.

For PG10 and below, I've described a hack how this can be done. Before this PR
hack was impossible. The hack isn't ideal, because there is short
period of time when dir mode is 0700, so I didn't want to make it official.

Test/example is present too.
2019-07-23 21:56:26 +03:00
Franz Pletz
290cfc767c
postgresql: fix systemd support
See comments in #61581. versionAtLeast was called with arguments in the
wrong order.
2019-07-23 05:08:28 +02:00
Niklas Hambüchen
943baed788 postgresql: Make systemd support configurable. See #61580. (#61581)
On by default, as was before.

The systemd dependency means that all libraries or applications using only libpq
will also pull systemd into their closures.

Further, no application or library using libpq can be built against musl, as
systemd relies on glibc-only features and thus does not build with musl.

With it being configurable, packages that need only the library can at
least turn it off to reduce their closure size.
2019-07-21 22:13:06 +03:00
Danylo Hlynskyi
caa0f82bf8
docs: update docs for postgresql plugins (#64899)
docs: update docs for postgresql plugins

Co-Authored-By: Mario Rodas <marsam@users.noreply.github.com>
2019-07-21 22:05:41 +03:00
Mario Rodas
5ba133ed2e
postgresql_11: 11.3 -> 11.4 2019-06-20 23:47:59 -05:00
Mario Rodas
76d3cbb096
postgresql_10: 10.8 -> 10.9 2019-06-20 23:47:33 -05:00
Mario Rodas
0f612b8ec4
postgresql_9_6: 9.6.13 -> 9.6.14 2019-06-20 23:47:08 -05:00
Mario Rodas
14de736372
postgresql_9_5: 9.5.17 -> 9.5.18 2019-06-20 23:46:39 -05:00
Mario Rodas
69f1914ab7
postgresql_9_4: 9.4.22 -> 9.4.23 2019-06-20 23:46:13 -05:00
Frederik Rietdijk
d3afcac771 Merge master into staging-next 2019-06-09 12:28:52 +02:00
Matthew Bauer
0c3b7ea547 postgresql: disable tests on darwin
reported in https://www.postgresql.org/message-id/4D8E1BC5-BBCF-4B19-8226-359201EA8305%40gmail.com
2019-06-06 00:18:38 -04:00
Matthew Bauer
f5e7e1c24b
Merge pull request #62271 from matthewbauer/cleanup-after-postgresql
postgresql: install in $out/share/postgresql
2019-06-01 15:00:03 -04:00
Matthew Bauer
376bb5108a postgresql: install in $out/share/postgresql
Fixes #62235
2019-05-30 22:30:15 -04:00
Austin Seipp
3b0b55df67
Merge pull request #61395 from risicle/ris-postgres-enable-check
postgresql: enable pre-install checks
2019-05-14 14:49:03 -05:00
Mario Rodas
fa9015f511 postgresql_11: 11.2 -> 11.3 2019-05-14 09:55:30 +02:00
Mario Rodas
34309d7373 postgresql_10: 10.7 -> 10.8 2019-05-14 09:55:30 +02:00
Mario Rodas
04cc838523 postgresql_9_6: 9.6.12 -> 9.6.13 2019-05-14 09:55:30 +02:00
Mario Rodas
63f8f36c3d postgresql_9_5: 9.5.16 -> 9.5.17 2019-05-14 09:55:30 +02:00
Mario Rodas
e6cf849d8b postgresql_9_4: 9.4.21 -> 9.4.22 2019-05-14 09:55:30 +02:00
Robert Scott
d7f36ecb3d postgresql: enable pre-install checks 2019-05-13 19:32:53 +01:00
John Ericson
4ccb74011f Merge commit '18aa59b0f26fc707e7313f8467e67159e61600c2' from master into staging
There was one conflict in the NixOS manual; I checked that it still
built after resolving it.
2019-04-01 00:40:03 -04:00
aszlig
f5106019d3
postgresql: Only use /run/postgresql on Linux
We only have /run on modern GNU/Linux systems and it's not necessarily
the case for Mac OS X or *BSD, so let's add the patch only if
stdenv.isLinux.

Thanks to @danbst for catching this.

Signed-off-by: aszlig <aszlig@nix.build>
2019-03-16 12:34:00 +01:00
aszlig
ef553788d0
postgresql: Move socket dir to /run/postgresql
The default, which is /tmp, has a few issues associated with it:

One being that it makes it easy for users on the system to spoof a
PostgreSQL server if it's not running, causing applications to connect
to their provided sockets instead of just failing to connect.

Another one is that it makes sandboxing of PostgreSQL and other services
unnecessarily difficult. This is already the case if only PrivateTmp is
used in a systemd service, so in order for such a service to be able to
connect to PostgreSQL, a bind mount needs to be done from /tmp to some
other path, so the service can access it. This pretty much defeats the
whole purpose of PrivateTmp.

We regularily run into issues with this in the past already (one example
would be https://github.com/NixOS/nixpkgs/pull/24317) and with the new
systemd-confinement mode upcoming in
https://github.com/NixOS/nixpkgs/pull/57519, it makes it even more
tedious to sandbox services.

I've tested this change against all the postgresql NixOS VM tests and
they still succeed and I also grepped through the source tree to replace
other occasions where we might have /tmp hardcoded. Luckily there were
very few occasions.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @ocharles, @thoughtpolice, @danbst
2019-03-15 04:52:35 +01:00
Lancelot SIX
a90cf49fa9
postgresql_10: 10.6 -> 10.7
See https://www.postgresql.org/about/news/1920/ for release information.
2019-02-25 15:43:07 +01:00
Lancelot SIX
70a31c2e00
postgresql_9_6: 9.6.11 -> 9.6.12
See https://www.postgresql.org/about/news/1920/ for release information.
2019-02-25 15:42:46 +01:00
Lancelot SIX
74c715e39c
postgresql_9_5: 9.5.15 -> 9.5.16
See https://www.postgresql.org/about/news/1920/ for release information.
2019-02-25 15:42:10 +01:00
Lancelot SIX
d1dd3a1f1a
postgresql_9_4: 9.4.20 -> 9.4.21
See https://www.postgresql.org/about/news/1920/ for release information.
2019-02-25 15:40:42 +01:00
Danylo Hlynskyi
d0d099266e
postgresql: fix regression in NixOS after update to 11.2 (#56146)
ryantm bot updates `psqlSchema` alongside with version: https://github.com/NixOS/nixpkgs/pull/50646, https://github.com/NixOS/nixpkgs/pull/55860
but `psqlSchema` is used to generate `stateDir`. It shouldn't be updated.

Ideally it should be equal to postgresql major version for pg versions,
but we already have deployments in /var/lib/postgresql/11.1. Strange why
nobody complained when it was changed from 11.0 -> 11.1.

I propose do correct naming for PG12+, but status quo for current versions.

Fixes https://github.com/NixOS/nixpkgs/issues/56134
2019-02-21 19:21:08 +02:00
Shea Levy
bb52ff3df8
postgresql: Don't move libs unnecessarily out of $lib.
In particular, when static linking pkgconfig expects libpq.a in $lib
2019-02-18 20:31:09 -05:00
R. RyanTM
e9aeffdc0a postgresql_11: 11.1 -> 11.2
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/postgresql/versions
2019-02-15 16:02:50 -08:00
John Ericson
c85a8a1fad postgresql: No need to refer to super
self.callPackage works fine for now. If/when that changes, we have a
repo-wide thing to deal with so no reason to do anything now.
2019-02-02 15:56:52 -05:00
Danylo Hlynskyi
8e985dced0
postgresql: reorganize package and its extensions (#54319)
* postgresql: reorganize package and it's extensions

Extracts some useful parts of https://github.com/NixOS/nixpkgs/pull/38698,
in particular, it's vision that postgresql plugins should be namespaced.
2019-01-26 19:46:57 +02:00
Austin Seipp
73f56ae191 nixpkgs: move postgresql patches into a common directory
This simply makes it easier to browse the PostgreSQL package directory. More to
come.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2019-01-19 17:33:32 -06:00