Commit Graph

28759 Commits

Author SHA1 Message Date
K900
fcea1ef75f
Merge pull request #188771 from K900/vaultwarden-permissions
nixos/vaultwarden: protect the default data directory more
2022-08-30 09:41:15 +03:00
Bernardo Meurer
34be73b158
Merge pull request #188812 from Ma27/rust-motd 2022-08-29 19:38:06 -03:00
Martin Weinelt
f3b7d6414b
Merge pull request #128192 from clerie/keepalived-secrets 2022-08-29 23:44:34 +02:00
Sandro
905f15bfe9
Merge pull request #188772 from edolstra/fallback-paths 2022-08-29 22:36:50 +02:00
Anton Bulakh
b79f9e9b8a nixos/awesome: fix luaModules using pkgs.lua instead of awesome.lua 2022-08-29 17:25:11 +02:00
Maximilian Bosch
0178db0da3
nixos/rust-motd: init
Makes it easier to configure `rust-motd`. Currently, it takes care of
the following things:

* Creating a timer to regularly refresh the `motd`-text and a hardened
  service (which is still root to get access to e.g. fs-mounts, but
  read-only because of hardening flags).
* Disabling `PrintLastLog` in `sshd.conf` if the last-login feature of
  `rust-motd` is supposed to be used.
* Ensure that the banner is actually shown when connecting via `ssh(1)`
  to a remote server with this being enabled.
2022-08-29 15:27:14 +02:00
K900
a7bfb90ea8 nixos/vaultwarden: protect the default data directory more
Fixes #179415
2022-08-29 09:26:31 +03:00
Eelco Dolstra
9fc7a29da5
nix-fallback-paths.nix: Update to 2.11.0 2022-08-29 08:24:17 +02:00
Jake Hamilton
ff997b83e1
nixos/writefreely: init 2022-08-28 16:29:14 -07:00
iko
4bc69a5235
nixos/searx: improve searxng compatibility 2022-08-28 16:52:42 +03:00
Sandro
ff94c4e74f
Merge pull request #188532 from wegank/pulseaudio-compat 2022-08-28 13:43:26 +02:00
Thiago Kenji Okada
2d92f70c32
Merge pull request #188539 from linj-fork/pr/fix-fontconfig-hint
nixos/fontconfig: add missing config for Xft.hintstyle
2022-08-27 22:46:14 +01:00
Lin Jian
c5b6df912b
nixos/fontconfig: add missing config for Xft.hintstyle
This config is removed when removing[1] fonts.fontconfig.hinting.style
option.

However, when adding[2] that option back, this config is missing.

[1]: 65592837b6
[2]: 659096dd89
2022-08-28 05:24:41 +08:00
Christian Kögler
0b6ffe6511
Merge pull request #188362 from pcpthm/fix-nix-registry-flake
nixos/nix-daemon: Add missing parentheses
2022-08-27 22:33:17 +02:00
Bernardo Meurer
a53ad0ca15
Merge pull request #188513 from Sciencentistguy/plex-pidfile
nixos/plex: specify PIDFile in systemd service
2022-08-27 17:27:01 -03:00
Weijia Wang
c882c08f9c pulseaudio: remove compat for 15.0 2022-08-27 22:02:19 +02:00
pennae
e607b30abe nixos/tor: convert option descriptions to MD
no change in rendered output. the html manual could render <screen>
blocks differently, but so far it hasn't (and if we need to make a
distinction we can use a special info string).
2022-08-27 19:18:29 +02:00
pennae
5a20c87970 nixos/vsftpd: convert option descriptions to MD
no change to rendered output.
2022-08-27 19:18:29 +02:00
pennae
c2e133a422 nixos/thanos: convert option descriptions to MD
no change to outputs.
2022-08-27 19:18:29 +02:00
pennae
0046b457d5 nixos/public-inbox: convert option descriptions to MD
no change to manpage or html.
2022-08-27 19:18:29 +02:00
pennae
429ae9ff3d nixos/thinkfan: convert descriptions to MD
also convert multi-line literals to code blocks to make them render in a
legible manner.
2022-08-27 19:18:29 +02:00
pennae
9217509ece nixos/network-interfaces: convert option descriptions to MD 2022-08-27 19:18:29 +02:00
pennae
65fd6f0774 nixos/make-options-doc: eat newlines in MD admonitions
leaving some newlines around after an admonition was closed causes the
newline rule to match, which in turn inserts literallayout newlines into
te xml output. that's not what we want.
2022-08-27 19:18:29 +02:00
pennae
51a11254a7 nixos/*: literalDocBook -> literalMD
no change to rendered output
2022-08-27 19:18:29 +02:00
pennae
169072fb60 nixos/prometheus: convert option descriptions to MD
this notable also now interprets a markdown-flavored list in
triton_sd_config as actual markdown and renders it differently, but this
is arguably for the better (and probably the original intention).

no other rendering changes.
2022-08-27 19:18:29 +02:00
pennae
97b6defb7b nixos/prometheus: turn markdown in docbook
there seems to be a lot of markdown in the prometheus module that
should've been docbook instead. temporarily convert it to docbook to
keep the diff for the docbook->md conversion of prometheus inspectable.
2022-08-27 19:18:29 +02:00
pennae
7f6d0d1674 nixos/users-groups: convert remaining descriptions to MD
manpage is unchanged, html change is only in whitespace
2022-08-27 19:18:29 +02:00
pennae
a2ceee8ffe nixos/strongswan: convert to MD descriptions
no changes to the manpage output. the html output changes, but only by
whitespace.
2022-08-27 19:18:29 +02:00
Gauvain 'GovanifY' Roussel-Tarbouriech
f7e49fae0d nixos/prometheus.sachet: add module 2022-08-27 12:41:54 -04:00
Jamie Quigley
e8f1b09014
nixos/plex: specify PIDFile in systemd service 2022-08-27 17:23:44 +01:00
clerie
bf7d05e64d nixos/keepalived: add secrets support 2022-08-27 17:19:16 +02:00
Sofi
07c76c980c nixos/minecraft-server: optimize world generation inside test
Due to how complex minecraft world generation has gotten in recent
years, it now can take several minutes to complete the first generation
of a world seed, even on relatively new and powerful hardware.

We are testing if a minecraft server can run inside of a nix enviroment,
and not so much about stress testing the CI.

Test running before this change:

> (finished: waiting for TCP port 43000, in 118.49 seconds)

Test running with this change:

> (finished: waiting for TCP port 43000, in 27.88 seconds)

Choice of using `level-type` and `generate-structures` was made as they
support almost every version of minecraft. These two also make it
extremely clear what it does, compared to the more complex
`generator-settings` and all its toggles.
2022-08-26 23:22:52 -04:00
Will Fancher
037cf37ad2
Merge pull request #185085 from ElvishJerricco/shutdown-ramfs-protection
shutdown: Protect system from make-initrd-ng
2022-08-26 13:25:31 -04:00
Pascal Bach
481f9b246d
Merge pull request #187876 from jakubgs/geth-add-authrpc
go-ethereum: add support for Auth RPC CLI flags
2022-08-26 17:16:48 +02:00
Martin Weinelt
2ae8a945fb
Merge pull request #188309 from Sohalt/systemd-networkd-dhcpserver-missing-options 2022-08-26 11:50:50 +02:00
sohalt
8b74b21d23 nixos/networkd: add missing options for DHCPServer and IPV6SendRA 2022-08-26 11:42:58 +02:00
Sandro
0116b56989
Merge pull request #187246 from drupol/hedgedoc/add-provider-name-setting 2022-08-26 11:03:47 +02:00
Maximilian Bosch
1652bbcfc3
Merge pull request #188174 from yayayayaka/matrix-synapse-systemd-hardening
nixos/matrix-synapse: Harden systemd serivce
2022-08-26 10:10:04 +02:00
pcpthm
f7922cb328 nixos/nix-daemon: Add missing parenthesis
When `nix.registry.<name>.flake` option is used, additional attributes of the flake were not written to the flake registry file because of a missing parenthesis.
2022-08-26 15:53:59 +09:00
Martin Weinelt
e7454ee38b
Merge pull request #187444 from peigongdsd/test 2022-08-26 08:17:46 +02:00
Bernardo Meurer
d05ae63d23
Merge pull request #179155 from linj-fork/caddy-improve-security
nixos/caddy: improve security about acme certs
2022-08-25 10:36:10 -03:00
Jonas Heinrich
21ba29f226
Merge pull request #181338 from thyol/diamond
diamond: 0.8.36 -> 2.0.15
2022-08-25 15:25:03 +02:00
Weijia Wang
05958b228b nixos/console: detect unicode properly 2022-08-25 11:38:47 +00:00
Bobby Rong
0913634fac
Merge pull request #188215 from Mechtecs/fix/nvidia
Remove deleted option from nvidia.nix breaking nixos builds
2022-08-25 19:06:06 +08:00
Yaya
0c5fbf9c08 nixos/matrix-synapse: Harden systemd serivce
This commit introduces hardening options to the `matrix-synapse`
systemd service.
2022-08-25 08:58:22 +00:00
Benno Bielmeier
312fd31a58 nixos/meilisearch: Update tests to reflect API changes
in [v0.25.0][1]: Breaking changes of Task API (relevant summarized)

- `update` -> `task`
- `GET - /indexes/:indexUid/updates/:updateId` -> `/indexes/:indexUid/tasks`
- `updateId` -> `uid` of `task`
- also: new `GET - /tasks/:taskUid` introduced
- `status` values changed

in [v0.28.0][2]: Breaking changes in `/indexes` endpoints

- `total` now appear in the response body

[1]: https://github.com/meilisearch/meilisearch/releases/tag/v0.25.0
[2]: https://github.com/meilisearch/meilisearch/releases/tag/v0.28.0
2022-08-24 22:00:26 -04:00
Max Schorradt
2461a62334 nvidia: remove deleted useGlamor option 2022-08-24 21:34:42 +02:00
Elis Hirwing
658f66299c
Merge pull request #187905 from ju1m/sanoid
nixos/sanoid: fix aliased options
2022-08-24 20:40:41 +02:00
Stig
24f160cfcd
Merge pull request #187884 from helsinki-systems/feat/perl-sri
perlPackages: Switch to SRI hashes, add `hash` support to bootstrap fetchurl, bump minimal nix version
2022-08-24 17:28:04 +02:00
Thiago Kenji Okada
59058bae2a
Merge pull request #188084 from thiagokokada/refactor-xserver
nixos/xserver: remove useGlamor option
2022-08-24 15:25:19 +01:00