JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
218,691 Commits 2 Branches 0 Tags 13 GiB
4f44435071
Commit Graph

16505 Commits

Author SHA1 Message Date
Josef Kemetmüller
bffc749210 nixosTests.fenics: Add basic test 2020-03-19 21:48:27 -07:00
Silvan Mosberger
b962045c94
Merge pull request #82960 from Infinisil/fix-nixos-eval-pkgs 
nixos: Fix pkgs exporting
 2020-03-19 22:26:37 +01:00
Silvan Mosberger
d28f138160
nixos: Fix pkgs exporting 
This needs adjustment after dcdd232939
 2020-03-19 21:19:25 +01:00
Jesper Geertsen Jonsson
02c2c864d1 resilio: fix a list being assigned to the option config.users.groups 2020-03-19 11:25:56 -05:00
Florian Klink
d96bd3394b nixos/manual: fix build 2020-03-19 15:32:34 +01:00
Florian Klink
4e53f84c79 nixos/zerotierone: switch from manually generating the .link file to use the module 
Previously, systemd.network.links was only respected with networkd
enabled, but it's really udev taking care of links, no matter if
networkd is enabled or not.

With our module fixed, there's no need to manually manage the text file
anymore.

This was originally applied in 3d1079a20d,
but was reverted due to 1115959a8d causing
evaluation errors on hydra.
 2020-03-19 14:16:26 +01:00
Florian Klink
355c58e485 nixos/networkd: respect systemd.network.links also with disabled systemd-networkd 
This mirrors the behaviour of systemd - It's udev that parses `.link`
files, not `systemd-networkd`.

This was originally applied in 36ef112a47,
but was reverted due to 1115959a8d causing
evaluation errors on hydra.
 2020-03-19 14:15:32 +01:00
Izorkin
c75398b10a nixos/fail2ban: disable work fail2ban without firewall 2020-03-18 09:54:19 +03:00
Martin Baillie
6e055c9f4a tailscale: init at 0.96-33 
Signed-off-by: Martin Baillie <martin@baillie.email>
 2020-03-18 05:07:47 +00:00
Niklas Hambüchen
9d45737ae7
Merge pull request #82767 from thefloweringash/rpfilter-assertion-types 
nixos/firewall: fix types in reverse path assertion
 2020-03-18 04:11:01 +01:00
Andrew Childs
e110f5ecc1 nixos/firewall: fix types in reverse path assertion 
Broken by 0f973e273c284a97a8dffeab7d9c0b09a88b7139 in #73533

The type of the checkReversePath option allows "strict" and "loose" as
well as boolean values.
 2020-03-18 10:54:55 +09:00
Niklas Hambüchen
0908ec4952
Merge pull request #82665 from bhipple/doc/upower 
doc: update 20.03 release notes regarding upower
 2020-03-18 02:44:18 +01:00
Antoine Eiche
39621bb8de nixos/alertmanager: start after the network-online target 
If the host network stack is slow to start, the alertmanager fails to
start with this error message:

    caller=main.go:256 msg="unable to initialize gossip mesh" err="create memberlist: Failed to get final advertise address: No private IP address found, and explicit IP not provided"

This bug can be reproduced by shutting down the network stack and
restarting the alertmanager.

Note I don't know why I didn't hit this issue with previous
alertmanager releases.
 2020-03-17 22:18:20 +01:00
goibhniu
5241e5a193
Merge pull request #79851 from mmilata/supybot-enhancements 
nixos/supybot: switch to python3, enable systemd sandboxing, add option for installing plugins
 2020-03-17 19:07:41 +00:00
davidak
dc434b0704 Doc: Fix typo 2020-03-17 13:26:55 +01:00
Benjamin Hipple
90c3fa478b doc: update 20.03 release notes regarding upower 
UPower works just fine in 20.03, but only if the service is enabled.

Resolves #82529; see issue for details.
 2020-03-16 20:08:35 -04:00
Léo Gaspard
a0307bad46
Merge pull request #79120 from symphorien/iodine 
Iodine: ipv6 support, updates, hardening, nixos test....
 2020-03-16 23:42:12 +01:00
Danylo Hlynskyi
fab05f17d1
Merge pull request #80114 from rnhmjoj/initrd 
nixos/boot: add option to disable initrd
 2020-03-16 20:04:24 +02:00
Maximilian Bosch
a2e06fc342
Merge pull request #80447 from Ma27/bump-matrix-synapse 
matrix-synapse: 1.9.1 -> 1.11.1
 2020-03-16 10:55:38 +01:00
Maximilian Bosch
849e16888f
nixos/doc/matrix-synapse: refactor 
* Linkify all service options used in the code-examples.
* Demonstrated the use of `riot-web.override {}`.
* Moved the example how to configure a postgresql-database for
  `matrix-synapse` to this document from the 20.03 release-notes.
 2020-03-16 10:39:42 +01:00
Pierre Bourdon
b8ef2285b5 nixos/stubby: set Type=notify on the systemd service 
Fixes some dependency ordering problems at boot time with services that
require DNS. Without Type=notify these services might be started before
stubby was ready to accept DNS requests.
 2020-03-16 10:10:45 +05:30
Maximilian Bosch
8be61f7a36
matrix-synapse: 1.9.1 -> 1.11.1 
https://github.com/matrix-org/synapse/releases/tag/v1.10.0
https://github.com/matrix-org/synapse/releases/tag/v1.10.1
https://github.com/matrix-org/synapse/releases/tag/v1.11.0
https://github.com/matrix-org/synapse/releases/tag/v1.11.1
 2020-03-15 17:09:51 +01:00
Silvan Mosberger
7c3f3e9c51
Merge pull request #72029 from lschuermann/tpm2-module 
nixos/tpm2: init
 2020-03-15 15:47:06 +01:00
Silvan Mosberger
779b7ff3d8
Merge pull request #80931 from LEXUGE/master 
smartdns: init at 30
 2020-03-15 15:36:05 +01:00
Leon Schuermann
156b879c2e nixos/tpm2: init 
This commit adds udev rules, the userspace resource manager and
PKCS#11 module support.
 2020-03-15 12:16:32 +01:00
Léo Gaspard
7566b4f924
Merge pull request #82614 from Ekleog/xfce4-remove-alias 
xfce4-12: remove alias
 2020-03-15 12:00:20 +01:00
adisbladis
c00777042f
Merge pull request #82620 from aanderse/ssh-silent 
nixos/ssh: silence ssh-keygen during configuration validation
 2020-03-15 01:21:38 +00:00
Harry Ying
629d3bab18
nixos/smartdns: init first generation config 2020-03-15 08:53:20 +08:00
Aaron Andersen
f383fa344e nixos/sshd: only include AuthorizedKeysCommand and AuthorizedKeysCommandUser options if explicitly set 2020-03-14 19:50:11 -04:00
Aaron Andersen
f5951f520c nixos/ssh: silence ssh-keygen during configuration validation 2020-03-14 19:37:30 -04:00
Florian Klink
74f451b851
Merge pull request #82413 from aanderse/authorized-keys-command 
nixos/sshd: add authorizedKeysCommand and authorizedKeysCommandUser options
 2020-03-14 23:58:47 +01:00
Léo Gaspard
175f9ef4f8 xfce4-12: remove alias 2020-03-14 22:05:50 +01:00
zimbatm
001be890f7 folding@home: 6.02 -> 7.5.1 
The v7 series is very different.

This commit introduces the 3 packages: fahclient, fahcontrol and
fahviewer. It also rebuilds the NixOS module to map better with the new
client.
 2020-03-14 13:01:26 -07:00
Jörg Thalheim
4a8a014be4
Merge pull request #82468 from Mic92/kvmgt 
nixos/kvmgt: udev rules + fix module initialisation
 2020-03-14 07:17:28 +00:00
Andrew Childs
01f03f30db nixos/prometheus: add checkConfig 
Workaround for https://github.com/prometheus/prometheus/issues/5222
 2020-03-14 04:40:55 +00:00
Andrew Childs
2c121f4215 nixos/firewall: fix inverted assertion for reverse path filtering 
Previously the assertion passed if the kernel had support OR the
filter was *enabled*. In the case of a kernel without support, the
`checkReversePath` option defaulted to false, and then failed the
assertion.
 2020-03-14 04:32:07 +00:00
florianjacob
8b07500163
nixos/lib: use removePrefix in escapeSystemdPath 2020-03-14 03:13:04 +00:00
Joachim Fasting
1b575dbd79 nixos/firejail: use local runCommand 
Also:

- use `runtimeShell`; and
- remove unused `makeWrapper` input; and
- `exec()` to shed wrapping shell
 2020-03-14 03:09:48 +00:00
Mario Rodas
ee599f376c
Merge pull request #71329 from tilpner/cadvisor-no-docker 
nixos/cadvisor: don't enable docker
 2020-03-13 20:35:46 -05:00
Vladimír Čunát
0729b8c55e
Revert Merge #82310: nixos/systemd: apply .link 
...even when networkd is disabled

This reverts commit ce78f3ac70, reversing
changes made to dc34da0755.

I'm sorry; Hydra has been unable to evaluate, always returning
> error: unexpected EOF reading a line
and I've been unable to reproduce the problem locally.  Bisecting
pointed to this merge, but I still can't see what exactly was wrong.
 2020-03-13 22:05:33 +01:00
Michele Guerini Rocco
7b15d6cee4
Merge pull request #81241 from thefloweringash/nesting-system 
nixos/activation: propagate system to nested configurations
 2020-03-13 09:58:10 +01:00
Jörg Thalheim
505d241ee3
nixos/kvmgt: add udev rules for unprivileged access 2020-03-13 07:04:26 +00:00
Jörg Thalheim
85aae79ca1
nixos/kvmgt: fix driver option 
extraModprobeConfig could be applied too late i.e. if the driver has been
loaded in initrd, while the harddrive is still encrypted.
Using a kernelParams works in all cases however.
 2020-03-13 07:03:45 +00:00
snicket2100
65abd808d5 firejail: system package on programs.firejail.enable 
this way the man page etc. becomes available if we enable firejail with
`programs.firejail.enable = true`
 2020-03-13 03:28:08 +00:00
Maximilian Bosch
7e978ca324
nixos/manual: fix build 2020-03-13 02:04:26 +01:00
Aaron Andersen
dbe59eca84 nixos/sshd: add authorizedKeysCommand and authorizedKeysCommandUser options 2020-03-12 21:00:12 -04:00
Maximilian Bosch
6d14bac048
nixos/python-test-driver: allow single char as hostName and fix misleading error-message 
In case of invalid chars, the error-message references "perl variables"
which is not the case here as the python-based framework is used.
 2020-03-13 01:06:12 +01:00
Florian Klink
ce78f3ac70
Merge pull request #82310 from flokli/systemd-network-link-no-networkd 
nixos/systemd: apply .link even when networkd is disabled
 2020-03-12 15:47:59 -07:00
Léo Gaspard
693d834c37
Merge pull request #76739 from symphorien/mail_plugins 
nixos/dovecot: add an option to enable mail_plugins
 2020-03-12 22:44:23 +01:00
Léo Gaspard
26b1ef1506
Merge pull request #80141 from symphorien/scrub 
nixos/btrfs: make autoScrub not prevent shutdown or suspend
 2020-03-12 22:39:34 +01:00
adisbladis
f3adcbd150
Merge pull request #82411 from adisbladis/ntpd-extraconfig 
services.ntpd: Add extraConfig parameter
 2020-03-12 16:37:25 +00:00
Silvan Mosberger
8f2109cda4
Merge pull request #81945 from Infinisil/hostFiles 
Introduce `networking.hostFiles` option
 2020-03-12 15:56:30 +01:00
adisbladis
63c35a9c28
services.ntpd: Add extraConfig parameter 2020-03-12 14:44:59 +00:00
Léo Gaspard
06bdfc5e32
Merge pull request #82185 from matt-snider/master 
ankisyncd, nixos/ankisyncd: init at 2.1.0
 2020-03-12 11:47:42 +01:00
lewo
cbb21b2a8a
Merge pull request #81214 from buckley310/updateDelay 
NixOS/auto-upgrade: Add optional randomized delay
 2020-03-12 09:06:32 +01:00
Florian Klink
2220060133
Merge pull request #82148 from devhell/tests_signal-desktop 
tests: Fix signal-desktop
 2020-03-11 17:52:48 -07:00
Graham Christensen
10f625b3d2
Merge pull request #81402 from mmilata/firejail-example 
nixos/firejail: add example for wrappedBinaries
 2020-03-11 20:28:35 -04:00
Jörg Thalheim
154f9e1bd9
Merge pull request #82340 from nyanloutre/vsftpd_pam_fix 
nixos/vsftpd: fix missing default pam_service_name
 2020-03-11 22:29:43 +00:00
Jörg Thalheim
9aa23e31b3
Merge pull request #80904 from talyz/haproxy-fixes 
nixos/haproxy: Revive the haproxy user and group
 2020-03-11 22:23:13 +00:00
Maximilian Bosch
b7cdb64ac2
treewide: remove myself from a few packages I don't use anymore 2020-03-11 22:29:30 +01:00
nyanloutre
7ab00c48d8
nixos/vsftpd: fix missing default pam_service_name 
9458ec4 removed the ftp pam service which was used by default by vsftpd
 2020-03-11 21:15:47 +01:00
Elis Hirwing
a04010b64a
php: 7.3.15 -> 7.4.3 2020-03-11 20:20:22 +01:00
talyz
bb7ad853fb nixos/haproxy: Revive the haproxy user and group 
Running haproxy with "DynamicUser = true" doesn't really work, since
it prohibits specifying a TLS certificate bundle with limited
permissions. This revives the haproxy user and group, but makes them
dynamically allocated by NixOS, rather than statically allocated. It
also adds options to specify which user and group haproxy runs as.
 2020-03-11 19:52:37 +01:00
Silvan Mosberger
fc2b132c94
Merge pull request #82326 from mmilata/rename-fix-module-path 
nixos: fix module paths in rename.nix
 2020-03-11 19:35:40 +01:00
Martin Milata
d08ede042b nixos: fix module paths in rename.nix 2020-03-11 15:59:22 +01:00
Florian Klink
3d1079a20d nixos/zerotierone: switch from manually generating the .link file to use the module 
Previously, systemd.network.links was only respected with networkd
enabled, but it's really udev taking care of links, no matter if
networkd is enabled or not.

With our module fixed, there's no need to manually manage the text file
anymore.
 2020-03-11 10:21:37 +01:00
Florian Klink
36ef112a47 nixos/networkd: respect systemd.network.links also with disabled systemd-networkd 
This mirrors the behaviour of systemd - It's udev that parses `.link`
files, not `systemd-networkd`.
 2020-03-11 10:21:37 +01:00
Félix Baylac-Jacqué
1115959a8d tests/networking: remove pkgs.lib usages. 2020-03-11 10:21:37 +01:00
Edward Tjörnhammar
b155a62dad nixos/lightdm-tiny-greeter: init module 2020-03-11 08:12:35 +00:00
Sarah Brofeldt
9093928444
Merge pull request #81941 from volth/patch-390 
tests/kubernetes: remove unreferenced variable and import from inexisting file
 2020-03-11 07:45:33 +01:00
Jan Tojnar
6bba9428d9
Merge pull request #81431 from jtojnar/malcontent-0.6 
malcontent: 0.4.0 → 0.6.0
 2020-03-11 04:08:59 +01:00
Jan Tojnar
31dd8332bc
nixos/malcontent: init 2020-03-10 23:30:20 +01:00
Jesper Geertsen Jonsson
b42babd160 nixos/netdata: add module package option 2020-03-10 23:06:01 +01:00
Matt Snider
acba458b7e nixos/ankisyncd: init at 2.1.0 2020-03-10 22:45:33 +01:00
Aaron Andersen
641b94bdd0 nixos/mysql: add settings and configFile options 2020-03-10 15:15:11 -04:00
Linus Heckemann
dfc70d37f4
Merge pull request #82252 from mayflower/radius-http2 
FreeRADIUS improvements
 2020-03-10 16:01:46 +01:00
Linus Heckemann
065716ab95 nixos/freeradius: depend on network.target, not online 2020-03-10 15:54:29 +01:00
Linus Heckemann
0587329191 freeradius: make debug logging optional 2020-03-10 15:54:02 +01:00
adisbladis
6fcce60fd5
Merge pull request #82139 from adisbladis/switch-to-configuration-manual 
switch-to-configuration: Add new option X-OnlyManualStart
 2020-03-10 11:17:33 +00:00
Martin Milata
1affd47cc1 nixos/supybot: python3 switch, add plugin options 
Python2 seems to be no longer supported by limnoria upstream.
 2020-03-09 23:32:54 +01:00
Martin Milata
57f5fb62d4 nixos/supybot: enable systemd sandboxing options 2020-03-09 23:32:54 +01:00
Martin Milata
b150e08169 nixos/supybot: stateDir in /var/lib, use tmpfiles 
Moving the stateDir is needed in order to use ProtectSystem=strict
systemd option.
 2020-03-09 23:29:04 +01:00
devhell
534f1337c1 tests: Fix signal-desktop 
This test fails due to OOM on the VM. Setting the memory of the VM to
1024 lets the test succeed.

Cc: @flokli
 2020-03-09 13:13:51 +00:00
adisbladis
db6c94304f
switch-to-configuration: Add new option X-OnlyManualStart 
This is to facilitate units that should _only_ be manually started and
not activated when a configuration is switched to.

More specifically this is to be used by the new Nixops deploy-*
targets created in https://github.com/NixOS/nixops/pull/1245 that are
triggered by Nixops before/after switch-to-configuration is called.
 2020-03-09 11:28:07 +00:00
zimbatm
cc90ececa7
environment.etc: fix typo 2020-03-09 12:01:41 +01:00
Florian Klink
dceec409cc nixos/cage: move ConditionPathExists to service config 
It doesn't belong into [Service]:
> Unknown key name 'ConditionPathExists' in section 'Service', ignoring.
 2020-03-09 00:47:49 +01:00
Domen Kožar
508a2c6849
Merge pull request #80921 from hercules-ci/buildLayeredImage-allow-empty-store 
buildLayeredImage: Allow empty store, no paths to add
 2020-03-08 23:05:27 +01:00
Dmitry Kalinkin
93745d243b
Merge pull request #79488 from danielfullmer/zoneminder-1.34.2 
zoneminder: 1.32.3 -> 1.34.3
 2020-03-07 13:25:17 -05:00
Daniel Fullmer
cb5da4eacb nixos/zoneminder: update on startup if needed 2020-03-07 12:59:39 -05:00
Silvan Mosberger
4f69262c19
Merge pull request #81369 from mweinelt/pr/acme-chmod 
nixos/acme: apply chmod and ownership unconditionally
 2020-03-07 03:24:46 +01:00
Silvan Mosberger
64ee425a01
nixos/cjdns: Fix connectTo example rendering 2020-03-07 02:01:41 +01:00
Silvan Mosberger
1906320e68
nixos/cjdns: Don't use IFD for extra hosts 2020-03-07 02:01:19 +01:00
Silvan Mosberger
ec6e4db6e4
nixos/networking: Add hostFiles option 
When blocklists are built with a derivation, using extraHosts would
require IFD, since the result of the derivation needs to be converted to
a string again.

By introducing this option no IFD is needed for such use-cases, since
the fetched files can be assigned directly.
 2020-03-07 01:53:31 +01:00
volth
78ee22041a
tests/kubernetes: remove unreferenced variable and import from inexsisting file 2020-03-07 00:21:11 +00:00
Lancelot SIX
74c0ce5376
Merge pull request #81907 from atlaua/lr/wg-typo 
nixos/wireguard: Fix typo in error message
 2020-03-06 22:43:32 +01:00
Luis Ressel
b19c485b22
nixos/wireguard: Fix typo in error message 
generatePrivateKey -> generatePrivateKeyFile
 2020-03-06 16:19:23 +01:00
Jörg Thalheim
391b7b31d8
Merge pull request #81891 from emilazy/nginx-use-mozilla-tls-config 
nixos/nginx: use Mozilla Intermediate TLS configuration
 2020-03-06 14:30:28 +00:00
Jörg Thalheim
87ae01e70b
Merge pull request #81752 from alexbakker/fix-55221 
uwsgi: use pyhome instead of pythonpath for uwsgi vassals
 2020-03-06 13:16:26 +00:00
Emily
4ed98d69ed nixos/nginx: use Mozilla Intermediate TLS configuration 
The configuration at https://ssl-config.mozilla.org/#server=nginx&config=intermediate
is reliably kept up-to-date in terms of security and compatible with a
wide range of clients. They've probably had more care and thought put
into them than our defaults, and will be easier to keep updated in
the future.

The only removed (rather than changed) configuration option here is
ssl_ecdh_curve, per https://github.com/mozilla/server-side-tls/issues/189.

Resolves #80952.
 2020-03-06 13:08:56 +00:00
Silvan Mosberger
dc70633913
Merge pull request #81774 from ju1m/shorewall_fix_RestartTriggers 
shorewall: fix RestartTriggers
 2020-03-06 11:58:35 +01:00