Commit Graph

26947 Commits

Author SHA1 Message Date
Sandro
93da45162d
Merge pull request #166321 from wentasah/usbrelay 2022-04-25 02:23:19 +02:00
Linus Heckemann
fc1248c589
Merge pull request #169932 from Ma27/nextcloud-profile-setting
nixos/nextcloud: make `profile.enabled` configurable
2022-04-24 22:50:05 +02:00
Robin Gloster
0d8c3cf64b
Merge pull request #164650 from mayflower/jira-home
nixos/jira: set home for jira user
2022-04-24 14:27:33 +02:00
Lassulus
007f9d8103
Merge pull request #164209 from jonringer/fix-step-ca-warnings
tests/step-ca: give name, fix acme usage
2022-04-24 11:22:59 +01:00
Lassulus
33dc00eaaf
Merge pull request #164208 from jonringer/fix-peertube-warnings
tests/peertube: update redis usage
2022-04-24 11:19:58 +01:00
Jacek Galowicz
2656cb99bd
Merge pull request #167838 from tljuniper/test-driver-pipefail-fix
nixos/test-driver: shellopts with execute + timeout
2022-04-24 11:50:13 +02:00
Linus Heckemann
c85bc19cdf
Merge pull request #169303 from emccorson/fix/add-copy-system-config
nixos/tools: add copySystemConfiguration to configuration file template
2022-04-24 00:01:00 +02:00
Maximilian Bosch
9931c4a407
nixos/nextcloud: make profile.enabled configurable
I recently learned that Nextcloud 23's new profile feature — basically a
way for users to share personal contact details — has a problematic
default setting, profile data is shared with **everyone** by default.

This means that an unauthenticated user can access personal information
by accessing `nextcloud.tld/u/user.name`.

The announcement of v23 states[1]:

> We go a step further and introduce a profile page. Here you can put a
> description of yourself, show links to, for example, social media, what
> department you are in and information on how to contact you. All these
> are of course entirely optional and you can choose what is visible to who!
> The profile and user status are accessible also from our mobile and desktop clients.

It's not mentioned that by default you share personal information[3] with
everyone and personally I think that's somewhat problematic.

To work around that, I decided to add an option for the recently added[2]
and even set it to `false` by default to make an explicit opt-in for
that feature.

[1] https://nextcloud.com/blog/nextcloud-hub-2-brings-major-overhaul-introducing-nextcloud-office-p2p-backup-and-more/
[2] https://github.com/nextcloud/server/pull/31624/files
[3] By default, this affects the following properties:
    * About
    * Full name
    * Headline
    * Organisation
    * Profile picture
    * Role
    * Twitter
    * Website
    Phone, Address and Email are not affected and only shown to
    authenticated users by default.
2022-04-23 13:31:50 +02:00
Jonas Heinrich
24b53785cc nixos/create_ap: add module 2022-04-23 07:17:44 -04:00
Bernardo Meurer
900a440492
Merge pull request #169842 from K900/unbreak-tests
nixos/tests/installer: unbreak, optimize
2022-04-22 13:16:33 -07:00
Bernardo Meurer
b23ec41f14
Merge pull request #168554 from helsinki-systems/feat/systemd-stage-1-luks
nixos/systemd-stage-1: Add basic LUKS support
2022-04-22 12:37:25 -07:00
K900
adf3fe6811 nixos/tests/installer: disable vlans for initial VM
This saves 10-15 minutes of waiting for things to time out later.
2022-04-22 22:27:03 +03:00
K900
ed3cc9672a nixos/tests/installer: add missing dependency to image
Unbreaks nixosTests.installer.simple.
2022-04-22 21:03:46 +03:00
ajs124
1f9af33e1f
Merge pull request #166117 from chkno/fix-nar-serve
nixos/tests/nar-serve: Fix after nix version bump
2022-04-22 19:02:54 +01:00
Jan Tojnar
be9e3fdf7d
Merge pull request #169553 from jtojnar/gnome-default-dark-background
nixos/gnome: Add the NixOS background metadata
2022-04-21 21:36:19 +02:00
Bernardo Meurer
b57126a16e
Merge pull request #169477 from drupol/nix/add-2.8.0
nixVersions.stable: 2.7.0 -> 2.8.0
2022-04-21 11:18:25 -07:00
Jan Tojnar
cd2a6cd9cb nixos/gnome: Add the NixOS background metadata
This is needed to have it listed in the Control Center.
2022-04-21 20:16:41 +02:00
Jan Tojnar
818ac0c9ae Revert "nixos/gnome3: install nixos wallpapers"
There is no need to install them when they will not be picked up
by the Appearance panel of GNOME Control Center without
a XML metadata file anyway.

They will be pulled into the closure via overrides
so that is not a concern either.

This reverts commit 7f3bc5b8fa.
This reverts commit fa607bc939.
2022-04-21 20:00:29 +02:00
Artturi
98ff3e401c
Merge pull request #165892 from tpwrules/fix-initrd-dirlinks
make-initrd: fix reproducibility problems
2022-04-21 20:51:35 +03:00
Pol Dellaiera
b555b64346
nixVersions.stable: 2.7.0 -> 2.8.0 2022-04-21 19:43:40 +02:00
Pascal Bach
d9309f43b3
Merge pull request #155424 from tobim/nixos/snapserver-firewall
nixos/snapserver: don't open ports by default
2022-04-21 19:40:20 +02:00
Anna Gillert
dbc95f15b8 nixos/test-driver: Avoid shell injection in machine.execute() 2022-04-21 10:54:00 +02:00
tljuniper
ed945aeb6e nixos/manual: Clarify execute exit status
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2022-04-21 10:54:00 +02:00
Anna Gillert
f7e89a59da nixos/test-driver: fix missing shellopts in execute
Without this fix, setting the shellopts in `machine.execute` is
inconsitent.  When no timeout is used, shellopts `set -euo pipefail` are
applied to the command as expected. When a timeout is specified, the
shellopts are not applied to the command itself (which is called inside
a `sh -c` that doesn't inherit the shellopts) but rather to the
`timeout` command, leading to the following full command:

```bash
(set -euo pipefail; timeout 900 sh -c 'cmd') | (base64 --wrap 0; echo)\n
```

With this fix, this is the command we get:

```bash
timeout 900 sh -c 'set -euo pipefail; false | true') | (base64 --wrap 0; echo)\n
```
2022-04-21 10:54:00 +02:00
Anna Gillert
7586158ac9 nixos/manual: Refine doc for execute et al
- Clarify that shellopts are set in every `execute` call (rather than
  only `succeed`).
- Add documentation for the `timeout` parameter and its default values.
2022-04-21 10:54:00 +02:00
Jörg Thalheim
aa446f8d3c
Merge pull request #169437 from Mic92/consul
nixos/consul: allow ipv6-only
2022-04-21 07:22:02 +01:00
Sandro
786f0c486b
Merge pull request #159103 from pacien/nixos-taskserver-firewall-no-port-open
nixos/taskserver: do not open firewall port implicitly, port helper to Python 3
2022-04-21 01:56:36 +02:00
Randy Eckenrode
272876edae
ionide.ionide-fsharp: 5.11.0 -> 6.0.1 (#168874)
* ionide.ionide-fsharp: 5.11.0 -> 6.0.0

* doc/release-notes: document .NET 6 requirement for Ionide

* ionide: 6.0.0 -> 6.0.1
2022-04-21 01:54:39 +02:00
Tobias Mayer
0d49836dec
nixos/snapserver: don't open ports by default 2022-04-20 23:25:28 +02:00
Lassulus
b424ce3fd2
Merge pull request #161587 from helsinki-systems/feat/bird2-reload-trigger
nixos/bird: reloadIfChanged -> reloadTriggers
2022-04-20 18:24:05 +01:00
Jörg Thalheim
325a525467
nixos/consul: allow ipv6-only 2022-04-20 17:32:06 +02:00
Lassulus
c29e523824
Merge pull request #163030 from newAM/github-runner-harden
nixos/github-runner: systemd service hardening
2022-04-20 16:30:23 +01:00
Linus Heckemann
5e513b4b24
Merge pull request #167324 from alyssais/mailman-postfix
nixos/{postfix,mailman}: fix ordering between services
2022-04-20 16:34:43 +02:00
Alyssa Ross
572131c6a9
nixos/mailman: ensure Postfix is started after Mailman
On first run, Postfix will refuse to start if it's started before
Mailman is up, because it'll try to read the map files generated
Mailman the first time it's started, and they won't exist yet.  To fix
this, make sure Postfix isn't started until after Mailman is up if
they're both activated at the same time.
2022-04-20 13:17:28 +00:00
Janne Heß
4f3a868e59
Merge pull request #169049 from helsinki-systems/feat/systemd-stage-1-amdgpu-pro
nixos/amdgpu-pro: Add support for systemd stage 1
2022-04-20 11:36:53 +02:00
Martin Weinelt
0a0cf3d283
Merge pull request #169323 from n0emis/netbox-v3.2.1 2022-04-20 00:42:43 +02:00
Bernardo Meurer
97315af110
Merge pull request #169206 from nbraud/nixpkgs/kmscon/fonts
nixos/kmscon: Add fonts option
2022-04-19 12:57:26 -07:00
Jonas Heinrich
047473aa32 nixos/nextcloud: Support create database locally 2022-04-19 14:35:59 -04:00
Ember 'n0emis' Keske
896c716d1b
netbox: 3.1.10 -> 3.2.1 2022-04-19 17:52:09 +02:00
Eric Corson
0edfd89d6e nixos/tools: add copySystemConfiguration to configuration file template 2022-04-19 10:53:47 +01:00
Vladyslav Burzakovskyy
0c15d80f6b kratos: upgrade 0.8.3-alpha.1.pre.0 -> 0.9.0-alpha.3 2022-04-19 11:16:26 +02:00
ajs124
3fedfb5f8a
Merge pull request #110870 from asymmetric/doc/prom-node-exp
docs: modules/prometheus: finish exporter setup
2022-04-18 22:54:01 +01:00
Lassulus
cae8c76a9b
Merge pull request #163130 from xlambein/master
pipewire-media-session: changed options to take defaults from JSON
2022-04-18 19:55:31 +01:00
Michal Sojka
6a5b839069 usbrelay: init at 0.9 2022-04-18 19:02:41 +02:00
pennae
529ce4161a
Merge pull request #169176 from scvalex/fix-nbd-section-ordering
nixos/nbd: fix nbd-server config section ordering
2022-04-18 16:55:45 +00:00
Janne Heß
a719f5fb9d
Merge pull request #168965 from helsinki-systems/feat/systemd-stage-1-hostid
nixos/stage-1-init: Set host id for ZFS
2022-04-18 18:31:18 +02:00
Alexandru Scvortov
4646491175 nixos/nbd: fix nbd-server config section ordering
Closes #169103
2022-04-18 17:28:09 +01:00
nicoo
11bbb28f8a nixos/kmscon: Add fonts option 2022-04-18 15:56:34 +02:00
Martin Weinelt
df6fa84709 nixos/nscd: fix manual build 2022-04-18 23:50:46 +10:00
Janne Heß
28c7721aa3
nixos/stage-1-systemd: Add a test for LUKS keyfiles 2022-04-18 11:42:47 +01:00