Commit Graph

1223 Commits

Author SHA1 Message Date
Izorkin
36c95f331d nginxModules.cache-purge: 2.5 -> 2.5.1 2020-08-17 10:42:01 +03:00
Aaron Andersen
ec82ae3c39 nixos/postgresql: run ExecStartPost as an unprivileged user 2020-08-15 16:59:49 -04:00
Marek Mahut
f43fa60f02
Merge pull request #95010 from StijnDW/dokuwiki
dokuwiki: 2018-04-22b -> 2020-07-29
2020-08-14 16:27:38 +02:00
Aaron Andersen
f1f4cc6e1b
Merge pull request #95231 from aanderse/mysql-cleanup
nixos/mysql: run postStart as an unprivileged user
2020-08-13 21:38:44 -04:00
Aaron Andersen
806253800b nixos/mysql: update release notes 2020-08-13 17:03:23 -04:00
Daniël de Kok
2c0034d5fb
Merge pull request #91938 from spacefrogg/openafs-1.6-deprecation
openafs: 1.6.23 -> 1.6.24, mark broken due to EOL
2020-08-12 17:11:28 +02:00
Michael Raitza
b3c794d610 openafs: 1.6.23 -> 1.6.24, mark broken due to EOL
Last old stable release. Enforce switch to openafs_1_8 by marking broken while
leaving a reasonable short-term alternative.

Ref #90927
2020-08-12 15:31:11 +02:00
Florian Klink
bab13cc0df nixos/doc/manual/release-notes: document fontconfig 2.10.x config and cache removal 2020-08-12 13:40:46 +02:00
Florian Klink
921da91c8a
Merge pull request #93702 from tnias/usbguard20200723
nixos/usbguard: rework
2020-08-11 12:14:32 +02:00
Elis Hirwing
6be7d1c176
php: Drop PHP 7.2 support 2020-08-10 22:28:12 +02:00
zowoq
cc06d7a26f buildGoModule: change doCheck default to true 2020-08-10 16:01:03 +10:00
Stijn DW
552fb94877 dokuwiki: 2018-04-22b -> 2020-07-29 2020-08-09 17:42:57 +02:00
Philipp Bartsch
ffd18cc1b1 nixos/usbguard: rework
Use StateDirectory to create necessary directories and hardcode some
paths. Also drop file based audit logs, they can be found in the
journal. And add module option deprecation messages.
2020-08-08 23:26:07 +02:00
Jörg Thalheim
e879d83e38
Merge pull request #92106 from ju1m/transmission 2020-08-07 14:40:17 +01:00
Julien Moutinho
2a49db6a89 transmission: apply RFC0042 and harden the service 2020-08-07 04:28:11 +02:00
Aaron Andersen
4f5fc729c7 nixos/postgresql: use a standard default value for dataDir 2020-08-05 17:31:12 -04:00
Marek Mahut
0bc37f7cb4
Merge pull request #94609 from 1000101/dokuwiki
nixos/dokuwiki: drop SSL forcing and document incompatibility
2020-08-05 11:54:42 +02:00
Peter Hoeg
4d8cc104a9
Merge pull request #78166 from peterhoeg/m/logitech_lcd
nixos/lcd: add support for Logitech LCD
2020-08-05 08:32:05 +08:00
zowoq
bf9d9cef58 doc/2009: remove trailing whitespace 2020-08-05 09:21:34 +10:00
Peter Hoeg
0c7eb9426e doc: release-note details of Logitech LCDs 2020-08-04 20:52:45 +08:00
1000101
15b6edc4d1 release-notes/rl-2009: fix trailing whitespace 2020-08-03 16:31:54 +02:00
1000101
7d938b5e47 release-notes/rl-2009: document dokuwiki incompatibility 2020-08-03 16:26:17 +02:00
Marek Mahut
4181ae25bf
Merge pull request #94166 from 1000101/bitcoind
release-notes/rl-2009: amend bitcoind incompatibility
2020-08-03 15:56:56 +02:00
Maximilian Bosch
ee06b3047e
Merge pull request #94253 from fadenb/graylog_3.3.3
graylog: 3.3.2 -> 3.3.3
2020-07-30 22:00:47 +02:00
Tristan Helmich (omniIT)
70be15c91b doc/rl-2009: Add warning on Graylog changes in version 3.3.3 2020-07-30 19:16:12 +00:00
Maciej Krüger
2d63269e0d
doc/rl-2009: document new steam module in release notes 2020-07-30 20:26:34 +02:00
1000101
89b9c3ab92 release-notes/rl-2009: amend bitcoind incompatibility 2020-07-29 12:40:51 +02:00
Marek Mahut
b415ebae97
Merge pull request #93700 from 1000101/bitcoind
nixos/bitcoind: change to multi-instance + add tests
2020-07-27 12:55:29 +02:00
1000101
a5ba1315c2 release-notes/rl-2009: document bitcoind incompatibility 2020-07-27 11:27:50 +02:00
makefu
ecdc10db97
release-notes/rl-2009: add remark about udpt complete rewrite 2020-07-23 17:30:05 +02:00
adisbladis
ce49f8cbd0
nixos/doc/manual/release-notes: Add release notes for subuid/subgid mappings 2020-07-13 13:22:53 +02:00
worldofpeace
747fb48c72
Merge pull request #85065 from worldofpeace/autologin-unified
nixos/displayManager: make autoLogin options independent of DM type
2020-07-10 00:04:41 -04:00
worldofpeace
490cd7889e nixos/displayManager: make autoLogin options independent of DM type
Co-authored-by: volth <volth@volth.com>
2020-07-09 21:15:35 -04:00
lewo
9534da25bf
Merge pull request #90115 from asbachb/postfix-tls
postfix: Replaced config key by recommendation and introduced usage of system trust store
2020-07-09 20:29:49 +02:00
Fabian Möller
de00fa1041
nixos/manual: Fix invalid link reference in release notes 2020-07-05 18:01:00 +02:00
Vincent Breitmoser
6d52e2e897 nixos/nix-daemon: mention potential breakage in release notes 2020-07-05 16:53:38 +02:00
Benjamin Asbach
632104e5a4 postfix: deprecated sslCACert in favour of tlsTrustedAuthorities
`sslCACert` was used for trust store of client and server certificates. Since `smtpd_tls_ask_ccert` defaults to no the setup of `smtpd_tls_CApath` was removed.

>By default (see smtpd_tls_ask_ccert), client certificates are not requested, and smtpd_tls_CApath should remain empty.
see http://www.postfix.org/postconf.5.html#smtpd_tls_CAfile
2020-07-05 14:53:34 +02:00
Florian Klink
9e248c9ec9
Merge pull request #91046 from NinjaTrappeur/nin-delete-vm-state
test-driver.py: delete VM state directory after test run
2020-06-28 18:41:38 +02:00
Robert Schütz
595a3d14b7
Merge pull request #91168 from dotlambda/radicale-3.0.3
radicale: 2.1.11 -> 3.0.3
2020-06-28 12:48:56 +02:00
Robert Schütz
d77fb3729d nixos/radicale: use radicale3 2020-06-23 12:02:27 +02:00
Frederik Rietdijk
7481da9cbd Merge master into staging-next 2020-06-22 08:46:16 +02:00
Félix Baylac-Jacqué
7e7aa529d9
test-driver.py: delete VM state directory after test run
Keeping the VM state test across several run sometimes lead to subtle
and hard to spot errors in practice. We delete the VM state which
contains (among other things) the qcow volume.

We also introduce a -K (--keep-vm-state) flag making VM state to
persist after the test run. This flag makes test-driver.py to match
its previous behaviour.
2020-06-21 10:27:51 +02:00
Michele Guerini Rocco
1eef920a8d
Merge pull request #91128 from bbigras/rslsync-localhost
nixos/resilio: listen on [::1] by default
2020-06-20 20:43:04 +02:00
Bruno Bigras
dbb5bdfa09 nixos/resilio: listen on [::1] by default 2020-06-20 14:28:23 -04:00
Maximilian Bosch
f326e5a35e
nixos/nextcloud: update upgrade-path for nextcloud19
Enhance the heuristics to make sure that a user doesn't accidentally
upgrade across two major versions of Nextcloud (e.g. from v17 to v19).

The original idea/discussion has been documented in the nixpkgs manual[1].

This includes the following changes:

* `nextcloud19` will be selected automatically when having a stateVersion
  greater or equal than 20.09. For existing setups, the package has to
  be selected manually to avoid accidental upgrades.

* When using `nextcloud18` or older, a warning will be thrown which recommends
  upgrading to `nextcloud19`.

* Added a brief paragraph about `nextcloud19` in the NixOS 19.09 release
  notes.

* Restart `phpfpm` if the Nextcloud-package (`cfg.package`) changes[2].

[1] https://nixos.org/nixos/manual/index.html#module-services-nextcloud-maintainer-info
[2] https://github.com/NixOS/nixpkgs/pull/89427#issuecomment-638885727
2020-06-20 11:30:11 +02:00
rnhmjoj
4dd95c0cfc
nixos/release-notes: mention new man.generateCaches option 2020-06-18 10:36:24 +02:00
Benjamin Asbach
275a913971 netbeans: updated jdk to latest lts release 2020-06-17 23:11:53 +02:00
Maximilian Bosch
e826a6ce03
nixos/dovecot2: refactor mailboxes option
Specifying mailboxes as a list isn't a good approach since this makes it
impossible to override values. For backwards-compatibility, it's still
possible to declare a list of mailboxes, but a deprecation warning will
be shown.
2020-06-17 22:05:58 +02:00
Jörg Thalheim
a9a5016644
Merge pull request #87833 from Izorkin/sandbox-mysql 2020-06-16 18:13:43 +01:00
Andreas Rammhold
55c09a884a nixos/modules/system/boot/networkd: enable socket activation
Since cd1dedac67 systemd-networkd has it's
netlink socket created via a systemd.socket unit. One might think that
this doesn't make much sense since networkd is just going to create it's
own socket on startup anyway. The difference here is that we have
configuration-time control over things like socket buffer sizes vs
compile-time constants.

For larger setups where networkd has to create a lot of (virtual)
devices the default buffer size of currently 128MB is not enough.

A good example is a machine with >100 virtual interfaces (e.g.,
wireguard tunnels, VLANs, …) that all have to be brought up during
startup. The receive buffer size will spike due to all the generated
message from the new interfaces. Eventually some of the message will be
dropped since there is not enough (permitted) buffer space available.

By having networkd start through / with a netlink socket created by
systemd we can configure the `ReceiveBufferSize` parameter in the socket
options without recompiling networkd.

Since the actual memory requirements depend on hardware, timing, exact
configurations etc. it isn't currently possible to infer a good default
from within the NixOS module system. Administrators are advised to
monitor the logs of systemd-networkd for `rtnl: kernel receive buffer
overrun` spam and increase the memory as required.

Note: Increasing the ReceiveBufferSize doesn't allocate any memory.  It
just increases the upper bound on the kernel side. The memory allocation
depends on the amount of messages that are queued on the kernel side of
the netlink socket.
2020-06-16 00:41:41 +02:00
Samuel Dionne-Riel
04161c4c72
Merge pull request #90391 from samueldr/fix/manual-zstd-note
nixos/release-notes: Amend note about image compression
2020-06-15 14:58:39 -04:00
Samuel Dionne-Riel
0f7fb7d62f nixos/release-notes: Amend note about image compression 2020-06-15 14:46:22 -04:00
Florian Klink
af3c1000a4
Merge pull request #90343 from flokli/hardware-u2f-remove
hardware/u2f: remove module
2020-06-15 17:53:47 +02:00
Frederik Rietdijk
59dda0a42a Merge master into staging-next 2020-06-15 08:07:00 +02:00
Florian Klink
89c3e73dad hardware/u2f: remove module
udev gained native support to handle FIDO security tokens, so we don't
need a module which only added the now obsolete udev rules.

Fixes: https://github.com/NixOS/nixpkgs/issues/76482
2020-06-14 15:13:31 +02:00
Michele Guerini Rocco
1d924f0354
Merge pull request #89772 from rnhmjoj/dnschain
dnschain: remove
2020-06-13 13:37:02 +02:00
rnhmjoj
8fa6c0d12d
nixos/release-notes: document dnschain removal 2020-06-13 12:33:31 +02:00
Frederik Rietdijk
febc27b59a Merge master into staging-next 2020-06-12 08:57:26 +02:00
adisbladis
1a5dafcd5b
services.x11.videoDrivers: Don't include vmware driver by default
A better option for vmware guests is to set `virtualisation.vmware.guest.enable`.
2020-06-11 18:49:29 +02:00
Izorkin
df7e52814d nixos/mysql: enable sandbox mode 2020-06-10 12:38:40 +03:00
Frederik Rietdijk
8576d24b2a Merge staging-next into staging 2020-06-08 12:08:51 +02:00
Frederik Rietdijk
dc33419285 Merge master into staging-next 2020-06-08 12:06:12 +02:00
Marek Mahut
7b9d7cc05d
Merge pull request #85947 from prusnak/images-zstd
Use zstd for ISO and SD images
2020-06-07 19:09:43 +02:00
Frederik Rietdijk
1c68570ab2 Merge staging-next into staging 2020-06-05 19:42:16 +02:00
Frederik Rietdijk
43f71029cc Merge master into staging-next 2020-06-05 19:40:53 +02:00
Vladimír Čunát
677e3960b5
Merge #82342: rustPlatform: increase build-speed of checkPhase
...for rust-packages (into staging)
2020-06-05 09:12:30 +02:00
Ben Wolsieffer
14eceb5991 nixos/grub: support initrd secrets 2020-06-04 18:30:46 -04:00
Frederik Rietdijk
b7ff746540 python3: now points to python38
Note this also means python3Minimal is now also Python 3.8.

This reverts commit eb1369670b and adds more.
2020-06-04 18:08:29 +02:00
Lorenzo Manacorda
408b1a0e90 rl-2003: mention grub 2.04 update 2020-06-04 12:43:42 +02:00
Maximilian Bosch
59e8e7a129
rust: improve docs
Co-authored-by: cole-h <cole.e.helbling@outlook.com>
Co-authored-by: asymmetric <lorenzo@mailbox.org>
2020-05-31 21:47:32 +02:00
Frederik Rietdijk
362d88c2b1 Merge staging-next into staging 2020-05-27 15:27:28 +02:00
Michael Weiss
993baa587c
nixos: Require networking.hostName to be a valid DNS label
This also means that the hostname must not contain the domain name part
anymore (i.e. must not be a FQDN).
See RFC 1035 [0], "man 5 hostname", or the kernel documentation [1].
Note: For legacy reasons we also allow underscores inside of the label
but this is not recommended and intentionally left undocumented.

[0]: https://tools.ietf.org/html/rfc1035
[1]: https://www.kernel.org/doc/html/latest/admin-guide/sysctl/kernel.html#domainname-hostname

Co-authored-by: zimbatm <zimbatm@zimbatm.com>
2020-05-25 18:13:39 +02:00
Michael Weiss
234d95a6fc
nixos/networking: Add the FQDN and hostname to /etc/hosts
This fixes the output of "hostname --fqdn" (previously the domain name
was not appended). Additionally it's now possible to use the FQDN.

This works by unconditionally adding two entries to /etc/hosts:
127.0.0.1 localhost
::1 localhost

These are the first two entries and therefore gethostbyaddr() will
always resolve "127.0.0.1" and "::1" back to "localhost" [0].
This works because nscd (or rather the nss-files module) returns the
first matching row from /etc/hosts (and ignores the rest).

The FQDN and hostname entries are appended later to /etc/hosts, e.g.:
127.0.0.2 nixos-unstable.test.tld nixos-unstable
::1 nixos-unstable.test.tld nixos-unstable
Note: We use 127.0.0.2 here to follow nss-myhostname (systemd) as close
as possible. This has the advantage that 127.0.0.2 can be resolved back
to the FQDN but also the drawback that applications that only listen to
127.0.0.1 (and not additionally ::1) cannot be reached via the FQDN.
If you would like this to work you can use the following configuration:
```nix
networking.hosts."127.0.0.1" = [
  "${config.networking.hostName}.${config.networking.domain}"
  config.networking.hostName
];
```

Therefore gethostbyname() resolves "nixos-unstable" to the FQDN
(canonical name): "nixos-unstable.test.tld".

Advantages over the previous behaviour:
- The FQDN will now also be resolved correctly (the entry was missing).
- E.g. the command "hostname --fqdn" will now work as expected.
Drawbacks:
- Overrides entries form the DNS (an issue if e.g. $FQDN should resolve
  to the public IP address instead of 127.0.0.1)
  - Note: This was already partly an issue as there's an entry for
    $HOSTNAME (without the domain part) that resolves to
    127.0.1.1 (!= 127.0.0.1).
- Unknown (could potentially cause other unexpected issues, but special
  care was taken).

[0]: Some applications do apparently depend on this behaviour (see
c578924) and this is typically the expected behaviour.

Co-authored-by: Florian Klink <flokli@flokli.de>
2020-05-25 14:06:25 +02:00
rnhmjoj
201bf4bfb8
nixos/release-notes: document bazaar removal 2020-05-25 09:28:48 +02:00
Maximilian Bosch
6574ba1946
rust*: add docs for testing packages
See also https://discourse.nixos.org/t/rust-build-speed-improvements/7225
2020-05-24 18:37:34 +02:00
Frederik Rietdijk
d578248611 Merge staging-next into staging 2020-05-24 10:10:06 +02:00
Frederik Rietdijk
8a77c900dd Merge staging-next into staging 2020-05-23 10:25:19 +02:00
Jamie McClymont
3d2def38ae grafana: 6.7.3 -> 7.0.0
This version removes PhantomJS support.

Upstream also stopped vendoring dependencies, so I switched to buildGoModule.
2020-05-23 12:04:18 +12:00
Orivej Desh
16d7f7edae Merge branch 'master' into staging 2020-05-22 09:13:23 +00:00
Florian Klink
822918df4c nixos/scripted-networking: use udev to configure link MACAddress and MTUBytes
The `network-link-${i.name}` units raced with other things trying to
configure the interface, or ran before the interface was available.

Instead of running our own set of shell scripts on boot, and hoping
they're executed at the right time, we can make use of udev to configure
the interface *while they appear*, by providing `.link` files in
/etc/systemd/network/*.link to set MACAddress and MTUBytes.

This doesn't require networkd to be enabled, and is populated properly
on non-networkd systems since
https://github.com/NixOS/nixpkgs/pull/82941.

This continues clean-up work done in
https://github.com/NixOS/nixpkgs/pull/85170 for the scripted networking
stack.

The only leftover part of the `network-link-${i.name}` unit (bringing
the interface up) is moved to the beginning of the
`network-addresses-${i.name}` unit.

Fixes: https://github.com/NixOS/nixpkgs/issues/74471
Closes: https://github.com/NixOS/nixpkgs/pull/87116
2020-05-22 10:58:00 +02:00
zowoq
f4852591c1
nixos/zram: make zstd the default (#87917) 2020-05-21 21:30:03 +03:00
Jörg Thalheim
834ef12d4f
release-notes: document buildGoModule changes better. 2020-05-20 11:25:46 +01:00
gnidorah
b9d37e55a0
maxx: drop (#87715) 2020-05-19 14:38:59 -04:00
Wout Mertens
fd05023849
Merge pull request #86848 from primeos/git-add-doc-output
git: Add a doc output for the HTML and text files
2020-05-18 21:28:58 +02:00
Jan Tojnar
f8a9c6efac
Merge branch 'staging-next' into staging 2020-05-18 21:09:48 +02:00
Michael Weiss
9f2faa1f6f
git-doc: init 2020-05-18 16:53:13 +02:00
zowoq
5195aed617 rkt: remove 2020-05-16 09:23:07 +10:00
Florian Klink
6f4f37d655 nixos/manual: fix build
This broke in https://github.com/NixOS/nixpkgs/pull/86376

Also, fix some stray trailing whitespaces
2020-05-14 18:18:34 +02:00
Izorkin
a4c7e0f502 nixos/mysql: add release notes 2020-05-14 17:29:40 +03:00
Frederik Rietdijk
404fe35d65 Merge staging-next into staging 2020-05-14 09:37:03 +02:00
Colin L Rice
c5f18c44b1
go-modules: Doc updates 2020-05-14 07:21:52 +01:00
Izorkin
94391fce1d nixos/nginx: add option enableSandbox 2020-05-12 20:03:29 +03:00
Izorkin
97a0928ccb nixos/nginx: add release notes 2020-05-12 20:03:28 +03:00
John Ericson
1ac5398589 *-wrapper; Switch from infixSalt to suffixSalt
I hate the thing too even though I made it, and rather just get rid of
it. But we can't do that yet. In the meantime, this brings us more
inline with autoconf and will make it slightly easier for me to write a
pkg-config wrapper, which we need.
2020-05-12 00:44:44 -04:00
Matthew Bauer
43545032af
Merge pull request #87314 from matthewbauer/bazel-flat
build-bazel-package: switch hash mode to “flat”
2020-05-11 15:27:48 -05:00
Matthew Bauer
fe48f63c3c build-bazel-package: Add hash change to changelog 2020-05-11 13:19:52 -05:00
Jörg Thalheim
11c18faa4e
Merge pull request #85862 from Izorkin/nginx-paths 2020-05-11 11:17:04 +01:00
adisbladis
68ee2396f6
Merge pull request #86488 from cole-h/doas
nixos/doas: init
2020-05-10 10:33:29 +02:00
Michele Guerini Rocco
dc9c88a451
Merge pull request #86678 from rnhmjoj/picom
nixos/picom: cleanup
2020-05-06 10:27:16 +02:00
Cole Helbling
f798f07619
rl-2009: document new module security.doas 2020-05-05 20:07:41 -07:00
Frederik Rietdijk
9875bbae75 Merge master into staging-next 2020-05-05 19:51:09 +02:00
Izorkin
2d8d8415c0 nixos/nginx: add release notes 2020-05-04 16:36:38 +03:00
adisbladis
2f7747526c
nixos/docker-containers: Rename to virtualisation.oci-containers.containers.
And allow the runtime to be configurable via the
`virtualisation.oci-containers.backend` option.

Valid choices are "podman" and "docker".
2020-05-04 13:47:25 +01:00
rnhmjoj
027d4e639a
nixos/picom: document breaking change in release notes 2020-05-04 08:58:09 +02:00
Pavol Rusnak
7b0167204d treewide: use https for nixos.org and hydra.nixos.org
tarballs.nixos.org is omitted from the change because urls from there
are always hashed and checked
2020-05-03 22:14:21 -07:00
Frederik Rietdijk
afb1041148 Merge master into staging-next 2020-05-02 09:39:00 +02:00
Florian Klink
0a98d10850
Merge pull request #82026 from andir/systemd-update-networkd-options
nixos/networkd: update configuration options
2020-05-01 13:49:24 +02:00
Andreas Rammhold
819e8bb35f
nixos/networkd: rename the networkd dhcpConfig option to dhcpV4Config
This follows upstreams change in documentation. While the `[DHCP]`
section might still work it is undocumented and we should probably not
be using it anymore. Users can just upgrade to the new option without
much hassle.

I had to create a bit of custom module deprecation code since the usual
approach doesn't support wildcards in the path.
2020-05-01 13:33:54 +02:00
Andreas Rammhold
7b78f0f098
nixos/networkd: remove CriticalConnection= fields in favor of KeepConnection
Systemd upstream has deprecated CriticalConnection with v244 in favor of
KeepConnection as that seems to be more flexible:

  The CriticalConnection= setting in .network files is now deprecated,
  and replaced by a new KeepConfiguration= setting which allows more
  detailed configuration of the IP configuration to keep in place.
2020-05-01 13:33:53 +02:00
Frederik Rietdijk
484ee79050 Merge staging-next into staging 2020-05-01 08:57:10 +02:00
Elis Hirwing
27b9b7b3af
Merge pull request #85026 from talyz/php_buildenv_override
php.buildEnv: Make the exported php package overridable, improve handling of currently enabled extensions, etc
2020-04-29 19:57:37 +02:00
Jan Tojnar
2874eebfd2
Merge branch 'staging-next' into staging 2020-04-29 08:35:47 +02:00
Eelco Dolstra
4426104c8c
Merge pull request #85711 from worldofpeace/gnome-iso
nixos/release: add GNOME ISO
2020-04-28 21:03:03 +02:00
zowoq
3f17518490 buildGoPackage: use $out instead of $bin 2020-04-28 20:30:23 +10:00
talyz
72636bc2f6
php: Get rid of all config.php parameters
Since all options controlled by the config.php parameters can now be
overridden directly, there's no reason to keep them around.
2020-04-26 16:43:23 +02:00
talyz
2ba7926959
php.buildEnv: Provide a list of currently enabled extensions
Rework withExtensions / buildEnv to handle currently enabled
extensions better and make them compatible with override. They now
accept a function with the named arguments enabled and all, where
enabled is a list of currently enabled extensions and all is the set
of all extensions. This gives us several nice properties:

 - You always get the right version of the list of currently enabled
   extensions

 - Invocations chain

 - It works well with overridden PHP packages - you always get the
   correct versions of extensions

As a contrived example of what's possible, you can add ImageMagick,
then override the version and disable fpm, then disable cgi, and
lastly remove the zip extension like this:

{ pkgs ? (import <nixpkgs>) {} }:
with pkgs;

let
  phpWithImagick = php74.withExtensions ({ all, enabled }: enabled ++ [ all.imagick ]);

  phpWithImagickWithoutFpm743 = phpWithImagick.override {
    version = "7.4.3";
    sha256 = "wVF7pJV4+y3MZMc6Ptx21PxQfEp6xjmYFYTMfTtMbRQ=";
    fpmSupport = false;
  };

  phpWithImagickWithoutFpmZip743 = phpWithImagickWithoutFpm743.withExtensions (
    { enabled, all }:
      lib.filter (e: e != all.zip) enabled);

  phpWithImagickWithoutFpmZipCgi743 = phpWithImagickWithoutFpmZip743.override {
    cgiSupport = false;
  };
in
  phpWithImagickWithoutFpmZipCgi743
2020-04-26 16:43:05 +02:00
Aaron Andersen
16ab83760f
Merge pull request #85043 from aanderse/httpd-2020
nixos/httpd: modernize module standards
2020-04-25 20:04:05 -04:00
Pavol Rusnak
99f4ca8bf8
manual/rl-2009.xml: add mention about SD/ISO images compression 2020-04-24 18:45:07 +02:00
zowoq
b464d76126 nixos/cri-o: share registries with nixos/containers 2020-04-24 20:53:36 +10:00
Aaron Andersen
7bc9f24fb6 nixos/httpd: update release notes 2020-04-21 20:34:55 -04:00
Alexandre Esteves
4cc383dd9a
Fix typos (#85693) 2020-04-22 01:02:11 +02:00
Ismaël Bouya
3dbd3f2651 rl-2003: Update the release documentation
It currently says that everything will be backward compatible between lego and simp-le certificates, but it’s not.

(cherry picked from commit 21c4a33ceef77dec2b821f7164e13971862d5575)
2020-04-21 23:51:12 +02:00
adisbladis
2d91da909e
Merge pull request #85604 from adisbladis/podman-module
nixos/virtualisation.podman: Init module
2020-04-21 23:48:48 +02:00
worldofpeace
873f20f63e rl-2009: GNOME ISO 2020-04-21 15:46:20 -04:00
worldofpeace
37e146c255 nixos/manual: fix build 2020-04-21 15:43:20 -04:00
Florian Klink
91e3358f62
Merge pull request #85692 from nh2/systemd-update-default-rate-limit
journald service: Increase default rate limit 1000 -> 10000.
2020-04-21 21:06:48 +02:00
Niklas Hambüchen
d16d34732c journald service: Increase default rate limit 1000 -> 10000.
Follows the upstream change of this default:

https://github.com/systemd/systemd/pull/8660
2020-04-21 18:29:03 +02:00
adisbladis
b512a788a4
nixos/virtualisation.podman: Init module 2020-04-21 10:03:18 +01:00
worldofpeace
e9e9582986
Merge pull request #85186 from worldofpeace/20.03-readme
README.md: 20.03 release
2020-04-20 11:57:45 -04:00
worldofpeace
6380be302a rl-2003: release date 2020-04-20 11:52:57 -04:00
Edmund Wu
4727e95eb6
manual/rl-2009.xml: fix build (#85478)
16a4332d60 (diff-43de86228df91216c5cfc9446cb041feL249)
2020-04-18 07:51:06 +02:00
Milan Pässler
16a4332d60 nixos/deluge: support 2.x 2020-04-18 02:00:04 +02:00
John Ericson
923dc61c9b
Merge pull request #85085 from Ericson2314/document-haskell-env-changes
nixos/doc: Document breaking change to Haskell dev shells
2020-04-12 16:33:53 -04:00
John Ericson
8594285c25 nixos/doc: Document breaking change to Haskell dev shells 2020-04-12 11:58:05 -04:00
Graham Christensen
35d8514a91
Merge pull request #81848 from grahamc/nested-specialisation
specialisation: replace nesting with named configurations
2020-04-12 08:56:11 -04:00
Graham Christensen
ec2d28e323
specialisation: replace nesting with named configurations
Co-authored-by: worldofpeace <worldofpeace@protonmail.ch>
2020-04-12 08:12:50 -04:00
Rouven Czerwinski
e670094109 rl-2003: remove section on intel GPU workaround
According to my analysis the last critical fix went into v5.4.23, I have
confirmed this by running WebGL over night and haven't seen a single
i915 GPU hang. Lets remove the notes from the release notes.

(cherry picked from commit da764d22ce3b698707861d58824843ded87cbb0a)
2020-04-12 06:05:42 -04:00
worldofpeace
afd2e244c4 rl-2003: qa touchups
Fixes https://github.com/NixOS/nixpkgs/issues/82777

(cherry picked from commit 7c9f30befaa5360a9c3d7d566fdf1922f84ee6c5)
2020-04-11 12:13:47 +02:00
Florian Klink
3bc5c8bb5c nixos/release-notes/rl-2003.xml: add highlights
Fixes #79180.

(cherry picked from commit ec11fd21637535d87cdbac95c8caa095a73674ef)
2020-04-11 12:13:45 +02:00
Maximilian Bosch
9cddcac995
nixos/release-notes: fix minor spelling mistake in the Nextcloud section
As discovered by flokli.
2020-04-11 10:36:08 +02:00
Niklas Hambüchen
ba50a7a3f1 release notes: Explain how to run nginx master as root. Fixes #84391 2020-04-11 02:57:15 +02:00
Justin Humm
788f572380 nixos/release-notes: mention that dhcpcd stopped giving IPv4 addresses to bridges by default
This is an backward incompatible change from upstream dhcpcd [0], as
this could have easily locked me out of my box.

As dhcpcd doesn't allow to use only a blacklist (denyinterfaces in
dhcpcd.conf) of devices and use all remaining devices, while explicitly
allowing some interfaces like bridges, I think the best option would be
to not change anything about it and just educate the users here about
that edge case and how to solve it.

[0] https://roy.marples.name/archives/dhcpcd-discuss/0002621.html

(cherry picked from commit eeeb2bf8035b309a636d596de6a3b1d52ca427b1)
2020-04-08 17:46:13 -04:00
Maximilian Bosch
e8a4b9fe9b
Merge pull request #84501 from Ma27/bump-hydra
hydra: 2020-03-24 -> 2020-04-07
2020-04-08 20:08:29 +02:00
devhell
beae5a9caf manual/rl-2009.xml: Fix literal closing tag
Cc: @flokli
2020-04-08 17:14:06 +01:00
Florian Klink
d0dd8e6cca notmuch: make emacs a separate output
This puts all emacs-related binaries and code to a separate output,
removing emacs from the runtime closure of neomutt.
2020-04-07 22:02:48 +02:00
Maximilian Bosch
0f5c38feed
hydra: 2020-03-24 -> 2020-04-07
Also removed `pkgs.hydra-flakes` since flake-support has been merged
into master[1]. Because of that, `pkgs.hydra-unstable` is now compiled
against `pkgs.nixFlakes` and currently requires a patch since Hydra's
master doesn't compile[2] atm.

[1] https://github.com/NixOS/hydra/pull/730
[2] https://github.com/NixOS/hydra/pull/732
2020-04-07 14:11:12 +02:00
Michael Weiss
230b54c3cb
Merge pull request #83792 from primeos/gollum
gollum: 4.1.4 -> 5.0.1
2020-04-07 12:36:25 +02:00
worldofpeace
0594a76774 rl-2003: mention python driver
(cherry picked from commit a435d41af5ca29c879ee84b19186c55f2caa35ee)
2020-04-06 20:31:50 -04:00
Michael Weiss
bce93ec4c6
gollum: 4.1.4 -> 5.0.1
Some changes might require manual migration steps:
"Due to changes to the way in which Gollum handles filenames, you may
have to change some links in your wiki when migrating from gollum 4.x.
See the release notes [0] for more details. You may find the
bin/gollum-migrate-tags script helpful to accomplish this. Also see the
--lenient-tag-lookup option for making tag lookup backwards compatible
with 4.x, though note that this will decrease performance on large wikis
with many tags." (source: [1])

[0]: https://github.com/gollum/gollum/wiki/5.0-release-notes
[1]: https://github.com/gollum/gollum/blob/v5.0.0/HISTORY.md
2020-04-06 18:09:35 +02:00
Robert Helgesson
40bbbb8f7d
documentation: minor spelling and stylistic fixes 2020-04-05 23:12:15 +02:00
Elis Hirwing
3b6539896b
Merge pull request #83896 from etu/slim-down-default-php-v3
PHP: Make the default package more sane [v3]
2020-04-05 20:00:03 +02:00
talyz
4ff523f691
php: Simplify php-packages import, rename exts -> extensions 2020-04-05 16:45:41 +02:00
Elis Hirwing
a2099156ec
php: split php.packages to php.packages and php.extensions
So now we have only packages for human interaction in php.packages and
only extensions in php.extensions. With this php.packages.exts have
been merged into the same attribute set as all the other extensions to
make it flat and nice.

The nextcloud module have been updated to reflect this change as well
as the documentation.
2020-04-05 16:45:17 +02:00
Elis Hirwing
a4bc30c802
docs/rl: Update release log to match the updates to the default attributes 2020-04-05 16:45:11 +02:00
Frederik Rietdijk
92124ed660 Merge master into staging-next 2020-04-03 21:54:40 +02:00
Izorkin
0296e678cf mariadb: add option to build server without tokudb storage 2020-04-02 18:05:04 +03:00
Maximilian Bosch
12c634ca2a
Merge pull request #83617 from Ma27/mongodb-changelog
nixos/release-notes: mention that mongodb is unfree now
2020-03-31 22:03:03 +02:00
Jörg Thalheim
10059e4b71
Merge remote-tracking branch 'upstream/master' into HEAD 2020-03-29 14:08:10 +01:00
Elis Hirwing
cdad5f9134
php: Add release log entry for the php changes 2020-03-29 11:07:50 +02:00
Graham Christensen
4d226bad77
Merge pull request #83600 from Ma27/hydra-two-stage-deploy
hydra: 2020-02-06 -> 2020-03-{24,27}
2020-03-28 19:18:10 -04:00
Maximilian Bosch
bd5324c4fc
hydra: 2020-02-06 -> 2020-03-{24,27}
Upgrades Hydra to the latest master/flake branch. To perform this
upgrade, it's needed to do a non-trivial db-migration which provides a
massive performance-improvement[1].

The basic ideas behind multi-step upgrades of services between NixOS versions
have been gathered already[2]. For further context it's recommended to
read this first.

Basically, the following steps are needed:

* Upgrade to a non-breaking version of Hydra with the db-changes
  (columns are still nullable here). If `system.stateVersion` is set to
  something older than 20.03, the package will be selected
  automatically, otherwise `pkgs.hydra-migration` needs to be used.

* Run `hydra-backfill-ids` on the server.

* Deploy either `pkgs.hydra-unstable` (for Hydra master) or
  `pkgs.hydra-flakes` (for flakes-support) to activate the optimization.

The steps are also documented in the release-notes and in the module
using `warnings`.

`pkgs.hydra` has been removed as latest Hydra doesn't compile with
`pkgs.nixStable` and to ensure a graceful migration using the newly
introduced packages.

To verify the approach, a simple vm-test has been added which verifies
the migration steps.

[1] https://github.com/NixOS/hydra/pull/711
[2] https://github.com/NixOS/nixpkgs/pull/82353#issuecomment-598269471
2020-03-28 23:33:25 +01:00
Frederik Rietdijk
a36be028f5 Merge staging-next into staging 2020-03-28 21:15:15 +01:00
Maximilian Bosch
27121521b8
nixos/release-notes: mention that mongodb is unfree now 2020-03-28 21:03:15 +01:00
Yegor Timoshenko
5626cb9486
Merge pull request #82603 from emilazy/nixos-initrd-openssh
nixos/initrd-ssh: switch from Dropbear to OpenSSH
2020-03-28 09:22:02 +01:00
Maximilian Bosch
b65ff5d455
nixos/release-notes: mention mongodb update 2020-03-26 14:04:42 +01:00
Maximilian Bosch
89bcf4b7e2
Merge pull request #82353 from Ma27/nextcloud-upgrade-path
nixos/nextcloud: fix upgrade path from 19.09 to 20.03
2020-03-26 11:00:23 +01:00
Maximilian Bosch
702f645aa8
nixos/nextcloud: implement a safe upgrade-path between 19.09 and 20.03
It's impossible to move two major-versions forward when upgrading
Nextcloud. This is an issue when comming from 19.09 (using Nextcloud 16)
and trying to upgrade to 20.03 (using Nextcloud 18 by default).

This patch implements the measurements discussed in #82056 and #82353 to
improve the update process and to circumvent similar issues in the
future:

* `pkgs.nextcloud` has been removed in favor of versioned attributes
  (currently `pkgs.nextcloud17` and `pkgs.nextcloud18`). With that
  approach we can safely backport major-releases in the future to
  simplify those upgrade-paths and we can select one of the
  major-releases as default depending on the configuration (helpful to
  decide whether e.g. `pkgs.nextcloud17` or `pkgs.nextcloud18` should be
  used on 20.03 and `master` atm).

* If `system.stateVersion` is older than `20.03`, `nextcloud17` will be
  used (which is one major-release behind v16 from 19.09). When using a
  package older than the latest major-release available (currently v18),
  the evaluation will cause a warning which describes the issue and
  suggests next steps.

  To make those package-selections easier, a new option to define the
  package to be used for the service (namely
  `services.nextcloud.package`) was introduced.

* If `pkgs.nextcloud` exists (e.g. due to an overlay which was used to
  provide more recent Nextcloud versions on older NixOS-releases), an
  evaluation error will be thrown by default: this is to make sure that
  `services.nextcloud.package` doesn't use an older version by accident
  after checking the state-version. If `pkgs.nextcloud` is added
  manually, it needs to be declared explicitly in
  `services.nextcloud.package`.

* The `nixos/nextcloud`-documentation contains a
  "Maintainer information"-chapter  which describes how to roll out new
  Nextcloud releases and how to deal with old (and probably unsafe)
  versions.

Closes #82056
2020-03-25 22:07:29 +01:00
Emily
d930466b77 nixos/initrd-ssh: switch from Dropbear to OpenSSH
Dropbear lags behind OpenSSH significantly in both support for modern
key formats like `ssh-ed25519`, let alone the recently-introduced
U2F/FIDO2-based `sk-ssh-ed25519@openssh.com` (as I found when I switched
my `authorizedKeys` over to it and promptly locked myself out of my
server's initrd SSH, breaking reboots), as well as security features
like multiprocess isolation. Using the same SSH daemon for stage-1 and
the main system ensures key formats will always remain compatible, as
well as more conveniently allowing the sharing of configuration and
host keys.

The main reason to use Dropbear over OpenSSH would be initrd space
concerns, but NixOS initrds are already large (17 MiB currently on my
server), and the size difference between the two isn't huge (the test's
initrd goes from 9.7 MiB to 12 MiB with this change). If the size is
still a problem, then it would be easy to shrink sshd down to a few
hundred kilobytes by using an initrd-specific build that uses musl and
disables things like Kerberos support.

This passes the test and works on my server, but more rigorous testing
and review from people who use initrd SSH would be appreciated!
2020-03-25 08:26:50 +00:00
Tor Hedin Brønner
038a8890a7
rl-2009: note gnome desktop upgrade 2020-03-24 07:11:17 +01:00
Aaron Andersen
6f0c1cdbd9 nixos/duosec: rename ikey option to integrationKey 2020-03-22 20:25:11 -04:00
Aaron Andersen
b9dca769f1 nixos/duosec: replace insecure skey option with secure secretKeyFile option 2020-03-22 20:23:55 -04:00
Florian Klink
d96bd3394b nixos/manual: fix build 2020-03-19 15:32:34 +01:00
Florian Klink
355c58e485 nixos/networkd: respect systemd.network.links also with disabled systemd-networkd
This mirrors the behaviour of systemd - It's udev that parses `.link`
files, not `systemd-networkd`.

This was originally applied in 36ef112a47,
but was reverted due to 1115959a8d causing
evaluation errors on hydra.
2020-03-19 14:15:32 +01:00
Niklas Hambüchen
0908ec4952
Merge pull request #82665 from bhipple/doc/upower
doc: update 20.03 release notes regarding upower
2020-03-18 02:44:18 +01:00
goibhniu
5241e5a193
Merge pull request #79851 from mmilata/supybot-enhancements
nixos/supybot: switch to python3, enable systemd sandboxing, add option for installing plugins
2020-03-17 19:07:41 +00:00
davidak
dc434b0704 Doc: Fix typo 2020-03-17 13:26:55 +01:00
Benjamin Hipple
90c3fa478b doc: update 20.03 release notes regarding upower
UPower works just fine in 20.03, but only if the service is enabled.

Resolves #82529; see issue for details.
2020-03-16 20:08:35 -04:00
Maximilian Bosch
849e16888f
nixos/doc/matrix-synapse: refactor
* Linkify all service options used in the code-examples.
* Demonstrated the use of `riot-web.override {}`.
* Moved the example how to configure a postgresql-database for
  `matrix-synapse` to this document from the 20.03 release-notes.
2020-03-16 10:39:42 +01:00
Maximilian Bosch
8be61f7a36
matrix-synapse: 1.9.1 -> 1.11.1
https://github.com/matrix-org/synapse/releases/tag/v1.10.0
https://github.com/matrix-org/synapse/releases/tag/v1.10.1
https://github.com/matrix-org/synapse/releases/tag/v1.11.0
https://github.com/matrix-org/synapse/releases/tag/v1.11.1
2020-03-15 17:09:51 +01:00
Léo Gaspard
7566b4f924
Merge pull request #82614 from Ekleog/xfce4-remove-alias
xfce4-12: remove alias
2020-03-15 12:00:20 +01:00
Florian Klink
74f451b851
Merge pull request #82413 from aanderse/authorized-keys-command
nixos/sshd: add authorizedKeysCommand and authorizedKeysCommandUser options
2020-03-14 23:58:47 +01:00
Léo Gaspard
175f9ef4f8 xfce4-12: remove alias 2020-03-14 22:05:50 +01:00
Vladimír Čunát
0729b8c55e
Revert Merge #82310: nixos/systemd: apply .link
...even when networkd is disabled

This reverts commit ce78f3ac70, reversing
changes made to dc34da0755.

I'm sorry; Hydra has been unable to evaluate, always returning
> error: unexpected EOF reading a line
and I've been unable to reproduce the problem locally.  Bisecting
pointed to this merge, but I still can't see what exactly was wrong.
2020-03-13 22:05:33 +01:00
Maximilian Bosch
7e978ca324
nixos/manual: fix build 2020-03-13 02:04:26 +01:00
Aaron Andersen
dbe59eca84 nixos/sshd: add authorizedKeysCommand and authorizedKeysCommandUser options 2020-03-12 21:00:12 -04:00
Florian Klink
ce78f3ac70
Merge pull request #82310 from flokli/systemd-network-link-no-networkd
nixos/systemd: apply .link even when networkd is disabled
2020-03-12 15:47:59 -07:00
Elis Hirwing
a04010b64a
php: 7.3.15 -> 7.4.3 2020-03-11 20:20:22 +01:00
Florian Klink
36ef112a47 nixos/networkd: respect systemd.network.links also with disabled systemd-networkd
This mirrors the behaviour of systemd - It's udev that parses `.link`
files, not `systemd-networkd`.
2020-03-11 10:21:37 +01:00
Martin Milata
57f5fb62d4 nixos/supybot: enable systemd sandboxing options 2020-03-09 23:32:54 +01:00
Vladimír Čunát
1cf4fea33f
nixos/release-notes: fix a tiny typo 2020-03-05 14:03:27 +01:00
Maximilian Bosch
f4d71e2e73
nixos/release-notes: mention fix for predictable network-interfaces in initrd 2020-03-02 17:57:05 +01:00
Michele Guerini Rocco
d54f028941
Merge pull request #81473 from pacien/riot-no-phoning-home-release-notes-20-03
riot-web: mention incompatible config change in release notes
2020-03-02 03:13:39 +01:00
pacien
6d4fd13612 riot-web: mention incompatible config change in release notes
Mention the changes introduced in commit c9e5cca.

GitHub: closes #81416
2020-03-02 00:44:51 +01:00
Maximilian Bosch
e661d071f5
Merge pull request #80666 from netixx/grafana-phantomhs2-optional
grafana: made phantomjs2 optional
2020-02-25 22:49:51 +01:00
Maximilian Bosch
7458509972
nixos/manual: fix dates for support-plan of 20.09 2020-02-25 20:52:23 +01:00
Netix (Espinet François)
9f0014b6f2
grafana: made phantomjs2 optional
On servers especially, phantomjs2 pulls graphical dependencies which is unecessary.
This pathes enable the package to be linked/installed without
phantomjs2. Phantomjs2 is disabled by default since it has been deprecated in grafana https://grafana.com/docs/grafana/latest/guides/whats-new-in-v6-4/
2020-02-25 20:36:47 +01:00
Maximilian Bosch
c391343fcd
nixos/nixos-build-vms: switch to python test-driver
In 0945178b3c we decided that Perl-based
VM tests should be deprecated and will be removed between 20.03 and
20.09. So let's switch `nixos-build-vms(8)` to python as well (which is
entirely interactive, so other scripts won't break).

In my experience, the test-driver isn't used most of the time, so this
patch is mainly supposed to get rid of the (probably misleading)
deprecation warning when running `nixos-build-vms`. Apart from that, the
interface for python's test-driver is way nicer.
2020-02-15 19:35:17 +01:00
worldofpeace
be01f27adc rl-2009: typo 2020-02-10 14:23:00 -05:00
worldofpeace
2ba2b0cf23 20.09 is Nightingale 2020-02-10 14:14:18 -05:00
Silvan Mosberger
e3c5d299dc
Merge pull request #78373 from serokell/yorickvp/buildkites
nixos/buildkite-agents: support multiple buildkite agents
2020-02-10 14:39:40 +01:00
Yorick van Pelt
e242eccb0b
nixos/buildkite-agents: update release notes 2020-02-10 13:36:30 +01:00
aszlig
8754986076
nixos: Fix build of manual
XML error introduced with merge commit 4e0fea3fe2.

This was probably because of wrong conflict resolution, because the
actual change (d8e697b4fc) had the close
tag of the <para/> element, but the merge commit didn't.

Signed-off-by: aszlig <aszlig@nix.build>
2020-02-10 13:33:52 +01:00
Florian Klink
4e0fea3fe2 Merge pull request #77578 from m1cr0man/master
Replace simp-le with lego and support DNS-01 challenge
2020-02-10 11:47:30 +01:00
Maximilian Bosch
dd6a291e9f
gcc-snapshot: remove
Package is marked as broken for >2 years and used a fairly old
snapshot from the gcc7-branch, so I fairly doubt that this is
somewhere used (and is also pretty misleading as you don't expect a
random snapshot from gcc7 at `pkgs.gcc-snapshot`).
2020-02-09 22:46:29 +01:00
Lucas Savva
75fa8027eb
nixos/acme: Update release note, remove redundant requires
Merge remote-tracking branch 'remotes/upstream/master'
2020-02-09 16:31:07 +00:00
Lucas Savva
d8e697b4fc
nixos/acme: update release notes for 20.03 2020-02-09 15:59:03 +00:00
Symphorien Gibol
4600fe67c5 nixos/roundcube: add release notes for #77532 2020-02-05 12:00:00 +00:00
Maximilian Bosch
294f667121
sqldeveloper: {17.4.1.054.0712,18.2.0.183.1748} -> 19.4.0.354.1759
There are no new releases of sqldeveloper v17/v18 and I don't think that
we should keep obviously unmaintained software that interacts with
database systems.

I removed `sqldeveloper_18` and `pkgs.sqldeveloper` now points to
version 19.4. Unfortunately I had to drop darwin support as JavaFX is
required for 19.4 which is part of the `oraclejdk` which isn't packaged
for darwin yet.

For further information please refer to the release notes:

https://www.oracle.com/technetwork/developer-tools/sql-developer/downloads/sqldev-relnotes-194-5908846.html
2020-02-04 13:51:52 +01:00
Marek Mahut
2abe12a39a manual.release-notes: qesteidutil is deprecated 2020-02-03 11:22:19 +01:00
worldofpeace
915060d03f rl-2003: dnscrypt-proxy2 2020-02-02 11:11:27 -05:00
Maximilian Bosch
0c960262d1
oraclejdk8: document removals in the release notes 2020-02-02 12:11:50 +01:00
worldofpeace
22c56b847e
Merge pull request #79054 from worldofpeace/geary-module-note
rl-2003: add note about Geary module
2020-02-01 18:05:40 -05:00
worldofpeace
4200386fb6 rl-2003: add note about Geary module 2020-02-01 18:01:25 -05:00
Franz Pletz
e8b8e8c615
rspamd: 1.9.4 -> 2.2 2020-02-01 14:20:51 +01:00
Linus Heckemann
3af5a40fe2
Merge pull request #78843 from rnhmjoj/ipv6-privacy
nixos/networking-interfaces: change preferTempAddress to allow disabling temp addresses
2020-02-01 12:04:58 +01:00
rnhmjoj
0c19bfb8ac
nixos/docs: document preferTempAddress -> tempAddress change 2020-02-01 11:38:40 +01:00
Maximilian Bosch
7f49fa63ca
Merge pull request #75439 from Ma27/submodule-fixes-for-nixos-option
nixos/nixos-option: fix evaluator to render a full submodule entry
2020-02-01 10:00:59 +01:00
worldofpeace
51b95565a6
Merge pull request #78713 from vcunat/p/linux_5_4-default
linuxPackages: 4.19 -> 5.4
2020-01-31 14:32:10 -05:00
Vladimír Čunát
bba954f34e
nixos release notes: document linuxPackages update 2020-01-31 15:58:46 +01:00
Maximilian Bosch
f73d725967 llvm_{3,4}: re-add attributes with an error message about their removal
With this change, expressions relying on those old LLVM versions will
fail with a meaningful error message.
2020-01-30 18:39:42 -05:00
Alyssa Ross
6ea79d2707 nixos/doc: add Mailman release notes for 20.03 2020-01-30 23:14:45 +00:00
worldofpeace
1be8ee98f5 rl-2003: fix typo
networkd on your mind 😜
2020-01-30 05:50:03 -05:00
worldofpeace
c95612a5a2 nixos/display-managers/auto: remove
This module allows root autoLogin, so we would break that for users, but
they shouldn't be using it anyways. This gives the impression like auto
is some special display manager, when it's just lightdm and special pam
rules to allow root autoLogin. It was created for NixOS's testing
so I believe this is where it belongs.
2020-01-29 19:05:46 -05:00
Maximilian Bosch
dd583e7f12
nixos/release-notes: document gcc5 removal 2020-01-28 20:23:53 +01:00
Maximilian Bosch
69d127cc81
citrix_workspace_19_3_0: mark as unsupported
Will be unsupported within the lifespan of 20.03. Also there aren't any
known issues that require this version as workaround, so a removal
should be fairly safe.
2020-01-28 11:40:20 +01:00
Marek Mahut
a5798cf78e rl-2003.xml: adding note about FIDO2 luks 2020-01-22 08:38:16 +01:00
Florian Klink
eba10dcbcb
Merge pull request #77950 from flokli/buildkite-3
nixos/buildkite-agent: move to v3
2020-01-19 14:23:49 +01:00
worldofpeace
ffcfb80781
Merge pull request #77690 from gnidorah/way-cooler
way-cooler: Remove
2020-01-18 14:50:41 -05:00
Matthias Beyer
29bb16a9cd way-cooler: Remove
As of 2020-01-09, way-cooler is officially dead:

    http://way-cooler.org/blog/2020/01/09/way-cooler-post-mortem.html

hence, remove the package and the module.

Signed-off-by: Matthias Beyer <mail@beyermatthias.de>

docs/release-notes: remove way-cooler

way-cooler: show warnings about removal

Apply suggestions from code review

Co-Authored-By: worldofpeace <worldofpeace@protonmail.ch>

way-cooler: add suggestion by @Infinisil
2020-01-18 18:25:01 +03:00
Florian Klink
b9182529b4 nixos/buildkite: add release notes 2020-01-17 23:11:26 +01:00
Silvan Mosberger
9d4b59b549
nixos/doc: Add incompatibility note for either submodule path
Co-Authored-By: Robert Hensing <roberth@users.noreply.github.com>
2020-01-09 16:47:53 +01:00
rnhmjoj
fa3919de5f
nixos/doc: document the loaOf type deprecation 2020-01-08 00:47:59 +01:00
Vladimír Čunát
c3d4998e41
Merge #75803: kresd service: unify listen declarations 2019-12-27 15:55:38 +01:00
Aaron Andersen
4d2dd15546
Merge pull request #73113 from aanderse/httpd-vhost
nixos/httpd: support overridable virtual hosts
2019-12-26 08:09:08 -05:00
Dima
2467edf80c nixos/manual: fixing links for awstats release note (#76500)
`linkend` attribute needs to point to an option.
2019-12-25 21:06:18 +02:00
Aaron Andersen
79215f0df1 nixos/httpd: limit serving web content to virtual hosts, convert virtualHosts option type from listOf to attrsOf, add ACME integration 2019-12-24 20:27:48 -05:00
Ben Harper
dade94cdb9 nixos/awstats: refactor module 2019-12-24 12:20:52 -05:00
Florian Klink
0a41dae98b
Merge pull request #56255 from Izorkin/nginx-temp1
nginx: do not run anything as root
2019-12-20 23:34:55 +01:00
rnhmjoj
9802bc5b32
docs/release-notes: fix indentation 2019-12-20 00:27:35 +01:00
rnhmjoj
bce1437493
docs/release-notes: document console related changes 2019-12-20 00:27:34 +01:00
Chuck
ed51fd0033 nixos/nixos-option: Convert --all into -r 2019-12-19 15:00:43 +01:00
Jan Tojnar
6be14ee97b
Merge pull request #53843 from hedning/session-default
nixos/displayManager: introduce defaultSession
2019-12-18 21:16:06 +01:00
Dustin Frisch
f886a14dbd
kresd: Unified listen declarations
Deperecates the interfaces option which was used to generate a host:port
list whereas the port was always hardcoded to 53. This unifies the
listen configuration for plain and TLS sockets and allows to specify a
port without an address for wildcard binds.
2019-12-17 12:44:24 +01:00
Danylo Hlynskyi
d206f2304f
nixos containers: disable NixOS manual in container config. (#75659)
This makes ~2.5x speed up of an empty container instantiate, hence reduces
rebuild time of system with many declarative containers.

Note that this doesn't affect production systems much, becaseu those most
likely already include `minimal.nix` profile.
2019-12-15 18:21:52 +02:00
Izorkin
2a413da57e nixos/nginx: do not run anything as root 2019-12-15 11:21:08 +03:00
Jan Tojnar
8dc5ff7dcf
nixos/displayManager: deprecate separate options for default wm/dm
The upstream session files display managers use have no concept of sessions being composed from
desktop manager and window manager. To be able to set upstream session files as default
session, we need a single option. Having two different ways to set default session would be confusing,
though, so we decided to deprecate the old method.

We also created separate script for each session, just like we already had a separate desktop
file for each one, and started using displayManager.sessionPackages mechanism to make the
session handling more uniform.
2019-12-15 04:16:20 +01:00
Frederik Rietdijk
dfdf1597a7 Merge master into staging-next 2019-12-13 11:43:39 +01:00
Frederik Rietdijk
f3618342ec Merge staging-next into staging 2019-12-10 19:01:27 +01:00
worldofpeace
efc1c027ad nixos/polkit: remove root from adminIdentities
Fixes https://github.com/NixOS/nixpkgs/issues/75075.

To summarize the report in the aforementioned issue, at a glance,
it's a different default than what upstream polkit has. Apparently
for 8+ years polkit defaults admin identities as members of
the wheel group [0]. This assumption would be appropriate on NixOS, where
every member of group 'wheel' is necessarily privileged.

[0]: 763faf434b
2019-12-09 19:11:09 -05:00
Renaud
f640cf49d1
rdf4store: remove pkg and service modules
(#74214)
2019-12-08 20:33:51 +01:00
Renaud
421e9248c1
doc/rl-2003: fix typo 2019-12-08 18:34:47 +01:00
Frederik Rietdijk
c9a19b5f7e Merge staging-next into staging 2019-12-05 10:19:54 +01:00
worldofpeace
b12aef05a4
Merge pull request #73968 from mat8913/upower-config-master
nixos/upower: Allow customization of UPower.conf
2019-12-05 05:25:00 +00:00
Matthew Harm Bekkema
aecfea098e nixos/upower: Allow customization of UPower.conf
Documentation of options and default values taken from the upstream
UPower.conf. The documentation was modified slightly to make more sense
when displayed on https://nixos.org/nixos/options.html.

A copy of upstream UPower.conf can be found here:
https://cgit.freedesktop.org/upower/tree/etc/UPower.conf?id=28bd86c181e2510ef6a1dc7cfa26f97803698a79
2019-12-04 12:26:30 +11:00
Jan Tojnar
77b605546c
Merge branch 'staging-next' into staging 2019-12-03 16:52:44 +01:00
Eelco Dolstra
946c5fb8f7
Tweag releaase notes 2019-12-03 15:09:55 +01:00
davidak
0ba3761ba8 nixos/version: PRETTY_NAME in /etc/os-release uses the release now instead of full version
to be more suitable for presentation to the user
2019-12-02 20:04:44 +01:00
Daniël de Kok
02553c114d rl-2003: mention the removal of dump1090's internal web server 2019-12-02 14:47:19 +01:00
Dima
c25d4abc21 release-notes: adding pango font loading deprecation 2019-12-02 02:32:05 +01:00
rnhmjoj
1598f3d257
nixos/bluetooth: don't install obex tools by default 2019-11-29 21:08:58 +01:00
Andreas Rammhold
059faab65a
Merge pull request #73803 from andir/buildRustCrate-lib-output
buildRustCrate: add lib output
2019-11-28 15:36:45 +01:00
talyz
86223aade7 rl-2003: Fix typo
Fix a typo introduced in a06529b7ad which prevents the manual from building.
2019-11-26 17:04:59 +01:00
Andreas Rammhold
1b748554d5
buildRustCrate: add lib output
This cuts down the dependency tree on some rust builds where a crate not
just exposes a binary but also a library. `$out/lib` contained a bunch
of extra support files that among other information carry linker flags
(including the full path to link-time dependencies). Worst case this led
to some binary outputs depending on the full build closure of rust
crates.

Moving all the `$out/lib` files to `$lib/lib` solves this nicely.

`lib` might be a bit weird here as they are most of the time just rlib
files (rust libraries). Those are essential only required during
compilation but they can also be shared objects (like with traditional
C-style packages). Which is why I went with `lib` for the new output.

One of the caveats we are running into here is that we do not (always)
know ahead of time of a crate produces just a library or just a binary.
Cargo allows for some ambiguity regarding whether or not a crate
provides one, two, … binaries and libraries as it's outputs. Ideally we
would be able to rely on the `crateType` entirely but so far that isn't
the case. More work on that area might show how difficult that actually
is.
2019-11-26 15:05:01 +01:00
Andreas Rammhold
a06529b7ad
nixos: default environment.homeBinInPath to false
This is a more sane default since we do not magically (without opt-in)
pull in binaries from `~/bin`. That is not really an expected behavior
for many users. Users that still want that behavior can now just flip
that switch.
2019-11-26 12:44:12 +01:00
Florian Klink
02f869ff30 osquery: remove
osquery was marked as broken since April.

If somebody steps up to fix it, we can always revive it from the
histroy, but there's not much value in shipping completely broken things
in current master.

cc @ma27
2019-11-24 22:38:07 +01:00
Florian Klink
c3e17efaab nixos/beegfs: remove module
packages are marked as broken for quite some time.
2019-11-24 17:33:51 +01:00
Jan Tojnar
77661f8cfd
nixos/plasma5: drop enableQt4Support option
Phonon no longer supports Qt4 so this is useless.
2019-11-22 09:01:05 +01:00
Florian Klink
4321a88f44 nixos/phpfpm: enable PrivateTmp=true
This seems to be mostly a pre - #57677 relict. As postgresql sockets now
are not in /tmp anymore, isolate /tmp.
2019-11-21 23:31:19 +01:00
Frederik Rietdijk
65edeb8633 Merge master into staging-next 2019-11-20 10:01:49 +01:00
worldofpeace
0c56d05643 rl-2003: add release note about one Xfce package-set 2019-11-19 18:47:03 -05:00
Frederik Rietdijk
f6b39f852e Merge master into staging-next 2019-11-19 10:53:44 +01:00
Franz Pletz
622e12330b
nixos/manual: fix xml syntax error 2019-11-18 02:26:17 +01:00
Thomas Depierre
8de4654d4b beam-modules/hex-snapshot: remove
The package set is not maintained. It is also not used by most of the
BEAM community. Removing it to allow a more useful set of tools fit to
the BEAM community in Nixpkgs.
2019-11-17 13:45:57 +01:00
Frederik Rietdijk
be7125dde7 Merge master into staging-next 2019-11-16 11:45:07 +01:00
worldofpeace
4583e293fd
Merge pull request #73251 from worldofpeace/remove-slim
nixos/slim: remove
2019-11-15 15:56:48 +00:00
Sascha Grunert
7f358a5f3b
nixos/kubernetes: Module and test compatibility with kubernetes 1.16
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
2019-11-15 05:58:35 +01:00
David Kleuker
d793d53b0d doc/rl-1909: fix language
(#71516)
2019-11-15 00:32:09 +01:00
worldofpeace
9c7db09e48 rl-2003: add note about slim 2019-11-11 17:10:41 -05:00
Frederik Rietdijk
c4e30cf98c Merge staging-next into staging 2019-11-05 14:18:08 +01:00
Robin Gloster
754e315fb5 release-notes 20.03: added notice for rewritten nixos-option 2019-11-04 15:14:42 +01:00
John Ericson
9df7efe0c6 stdenv: Don't stop set -u-ing
Before, we very carefully unapplied and reapplied `set -u` so the rest
of Nixpkgs could continue to not fail on undefined variables. Let's rip
off the band-aid.
2019-11-01 22:03:47 +00:00
Frederik Rietdijk
09c9a2de7e Merge master into staging-next 2019-10-23 16:50:09 +02:00
Florian Klink
c3098d182d nixos/network: remove 99-main.network
Just maching all network interfaces caused many breakages, see #18962
and #71106.

We already don't support the global networking.useDHCP,
networking.defaultGateway(6) options if networking.useNetworkd is
enabled, but direct users to configure the per-device
networking.interfaces.<name?>.… options.
2019-10-23 11:39:27 +02:00
Frederik Rietdijk
a456fbfeed Merge staging-next into staging 2019-10-22 09:20:03 +02:00
Florian Klink
f24b4fb411
nixos/networkmanager: remove networking.networkmanager.dynamic… (#71337)
nixos/networkmanager: remove networking.networkmanager.dynamicHosts
2019-10-21 02:33:28 +02:00
Vladimír Čunát
9a54d17799 nixos release notes: interfaces might get renamed
Fixes #71086.
2019-10-20 20:12:03 -04:00
worldofpeace
18ea428e76 rl-1909: add note for blueman 2019-10-20 19:37:13 -04:00
Dima
a16de399a1 release-notes 19.09: removal of non-LTS kernel attrs
Even though the release obviously already happened, I think it might
still make sense to add a short note about the attributes not being
supported any longer (and going forward).

(cherry picked from commit 7163d3a9df35904d0c9acc9f643fd70ee3108539)
(cherry picked from commit a64b8c3c191af1317cfdc1ea4f4e5f881c4cf503)
2019-10-20 19:35:22 -04:00
Florian Klink
ca6c91e395 nixos/networkmanager: remove networking.networkmanager.dynamicHosts
This option was removed because allowing (multiple) regular users to
override host entries affecting the whole system opens up a huge attack
vector. There seem to be very rare cases where this might be useful.
Consider setting system-wide host entries using networking.hosts,
provide them via the DNS server in your network, or use
networking.networkmanager.appendNameservers to point your system to
another (local) nameserver to set those entries.
2019-10-20 16:37:41 +02:00
edef
5b1f864242
Merge pull request #59806
openssh: 7.9p1 -> 8.1p1
2019-10-19 12:16:08 +00:00
Will Dietz
6db7c9cf1d nixos: add release note for openssh upgrade \o/ 2019-10-19 12:05:27 +00:00
Franz Pletz
3d832dee59 gnupg: disable gui/pinentry support by default
This solves the dependency cycle in gcr alternatively so there won't be
two gnupg store paths in a standard NixOS system which has udisks2 enabled
by default.

NixOS users are expected to use the gpg-agent user service to pull in the
appropriate pinentry flavour or install it on their systemPackages and set
it in their local gnupg agent config instead.

Co-authored-by: Florian Klink <flokli@flokli.de>
2019-10-16 20:31:16 -04:00
worldofpeace
2fbccbc728 Revert "Merge pull request #71095 from flokli/pinentry-cleanup"
This reverts commit 823da4d492, reversing
changes made to b75c8ee3bc.
2019-10-16 20:28:21 -04:00
Franz Pletz
b5bea4ce32 gnupg: disable gui/pinentry support by default
This solves the dependency cycle in gcr alternatively so there won't be
two gnupg store paths in a standard NixOS system which has udisks2 enabled
by default.

NixOS users are expected to use the gpg-agent user service to pull in the
appropriate pinentry flavour or install it on their systemPackages and set
it in their local gnupg agent config instead.

Co-authored-by: Florian Klink <flokli@flokli.de>
2019-10-16 19:56:50 -04:00
Arian van Putten
8fb23f6117
Fix typo in 19.09 release notes 2019-10-14 23:30:09 +02:00
Jörg Thalheim
d633ec9787
Merge pull request #70601 from Mic92/zfs-trim
nixos/zfs: only enable trim if zfs is enabled
2019-10-14 11:04:35 +01:00
Jörg Thalheim
12880e57e1
nixos/zfs: mention trim support in the release notes 2019-10-14 10:30:59 +01:00
Jörg Thalheim
9a89467606
nixos/zfs: simplify logic for scrub/autosnapshot service
This makes them consistent with the way zfs.trim is enabled
and allow to enable them by default in future.
2019-10-14 10:30:57 +01:00
worldofpeace
f853bb4369 rl-1909: brief package version changes 2019-10-09 13:51:44 -04:00
Eelco Dolstra
37c22b9d30
Revive systemd.coredump.enable 2019-10-07 20:28:13 +02:00