JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
400,187 Commits 2 Branches 0 Tags 12 GiB
9341cd89e9
Commit Graph

28552 Commits

Author SHA1 Message Date
markuskowa
8cd811ca08
Merge pull request #184254 from ck3d/fix-test-machinectl 
nixos/tests/systemd-machinectl: Fix resolved and UID shift check
 2022-07-31 21:18:53 +02:00
Sandro
be194e390f
nixos/ncdns: replace shortened link 2022-07-31 17:13:03 +02:00
github-actions[bot]
bb10509584
Merge master into staging-next 2022-07-31 12:02:29 +00:00
Guillaume Girol
479522bd60
Merge pull request #178873 from greizgh/update-seafile 
Fix broken seafile
 2022-07-31 11:23:09 +00:00
github-actions[bot]
eb9760b8f7
Merge master into haskell-updates 2022-07-31 00:15:01 +00:00
github-actions[bot]
95abc5680d
Merge master into staging-next 2022-07-31 00:03:10 +00:00
Mario Rodas
a255355f46
Merge pull request #182520 from danc86/sssd-kcm 
nixos/sssd: add an option to enable KCM support
 2022-07-30 18:52:05 -05:00
Christian Kögler
68973d60a2 nixos/tests/systemd-machinectl: Fix resolved and UID shift check 2022-07-30 22:32:12 +02:00
superherointj
564e99c187
Merge pull request #182445 from euank/k3s-multi-node-test 
nixos/tests/k3s: add multi-node test, test basic flannel networking
 2022-07-30 16:47:21 -03:00
Shawn8901
e5888c2436 noisetorch: Add noisetorch to systemPackages with programs.noisetorch.enable 2022-07-30 20:59:31 +02:00
Euan Kemp
b6da1d8198 nixos/tests/k3s: add multi-node test 
This adds a basic multi-node test and verifies networking works between
em.
 2022-07-30 11:55:32 -07:00
Euan Kemp
aa579635b9 nixos/tests/k3s: wait for default service account in test 
This lets us write a slightly simpler test, and more closely matches
actual k8s usage
 2022-07-30 11:55:24 -07:00
Euan Kemp
d5b1e25711 nixos/tests/k3s: reorganize test into a subdirectory 
In preperation for more tests, coming soon.
 2022-07-30 11:55:23 -07:00
github-actions[bot]
15686bdd94
Merge master into staging-next 2022-07-30 18:01:31 +00:00
Greizgh
dd8386c453
nixos/seafile: version 9.0x compatibility 2022-07-30 18:29:33 +02:00
Alyssa Ross
153bfc9966
treewide: use isx86 where appropriate 2022-07-30 16:21:10 +00:00
Alyssa Ross
5330c0a1af
treewide: use isAarch where appropriate 2022-07-30 16:18:27 +00:00
pennae
2e751c0772 treewide: automatically md-convert option descriptions 
the conversion procedure is simple:

 - find all things that look like options, ie calls to either `mkOption`
   or `lib.mkOption` that take an attrset. remember the attrset as the
   option
 - for all options, find a `description` attribute who's value is not a
   call to `mdDoc` or `lib.mdDoc`
 - textually convert the entire value of the attribute to MD with a few
   simple regexes (the set from mdize-module.sh)
 - if the change produced a change in the manual output, discard
 - if the change kept the manual unchanged, add some text to the
   description to make sure we've actually found an option. if the
   manual changes this time, keep the converted description

this procedure converts 80% of nixos options to markdown. around 2000
options remain to be inspected, but most of those fail the "does not
change the manual output check": currently the MD conversion process
does not faithfully convert docbook tags like <code> and <package>, so
any option using such tags will not be converted at all.
 2022-07-30 15:16:34 +02:00
ajs124
0502d9466a
Merge pull request #183624 from Izorkin/update-nginx 2022-07-30 15:15:05 +02:00
Aaron Andersen
2aecc7fdc1
Merge pull request #183360 from Sohalt/nixos/headscale 
nixos/headscale: minor improvements
 2022-07-30 15:02:37 +02:00
github-actions[bot]
5ebd4b10df
Merge master into staging-next 2022-07-30 12:01:30 +00:00
Bobby Rong
1abe15cfa5
nixos/cinnamon: install xed-editor 
xed is not the editor you want in Nixpkgs but a x86 encoder decoder.
 2022-07-30 19:51:15 +08:00
Linus Heckemann
bb7f88ccc0
Merge pull request #178529 from oxalica/fix/systemd-initrd-vconsole 
nixos/console: add required store paths to initrd for systemd stage 1
 2022-07-30 10:15:14 +02:00
github-actions[bot]
93fa8bacfb
Merge master into staging-next 2022-07-30 06:01:19 +00:00
Andrew Marshall
51adf865a3 nixos/networkd: Fix example for dhcpServerStaticLeaseOptions option 
The example was not valid, and would raise an error.
 2022-07-30 00:55:56 -04:00
Andrew Marshall
a9fbd07f56 nixos/networkd: Fix example for ipv6Prefixes option 
The example was not valid, and would raise an error.
 2022-07-30 00:55:56 -04:00
github-actions[bot]
093f236f30
Merge master into haskell-updates 2022-07-30 00:13:25 +00:00
Anderson Torres
a34e3f299c
Merge pull request #183209 from AndersonTorres/nscde 
fvwm3: init at 1.0.4
 2022-07-29 21:10:55 -03:00
github-actions[bot]
6ed636d15c
Merge master into staging-next 2022-07-30 00:02:12 +00:00
Guillaume Girol
273697ed08
Merge pull request #182829 from symphorien/bootloader-doc 
rephrase nixos installation doc
 2022-07-29 19:54:47 +00:00
Brian Leung
feddd5e7f8
manual: fix typos 2022-07-29 11:20:55 -07:00
github-actions[bot]
50de8aa60e
Merge master into staging-next 2022-07-29 18:01:27 +00:00
Izorkin
97c56a12dd
nixos/tests/nginx: fix nginx-etag test 2022-07-29 20:31:43 +03:00
pennae
6662f40c24
Merge pull request #182756 from jian-lin/pr-add-kanata-module 
nixos/kanata: init
 2022-07-29 15:08:34 +02:00
github-actions[bot]
a37c393ba4
Merge staging-next into staging 2022-07-29 12:02:05 +00:00
Jörg Thalheim
dfda4ec196
Merge pull request #183269 from flokli/grafana-agent-merge-defaults 
nixos/grafana-agent: ensure defaults are merged
 2022-07-29 11:38:47 +01:00
Florian Klink
7df5b81fc3 nixos/grafana-agent: ensure defaults are merged 
Move the defaults to the `config` section of the module, and apply them
with mkDefault.

That way the defaults are merged with user-provided config, and are
merged without having to use lib.mkForce.
 2022-07-29 13:23:12 +07:00
Alexandre Badez
8457d9277a system.autoUpgrade: add boot option. 2022-07-29 08:21:07 +02:00
AndersonTorres
bef8e4df1d fvwm3: nixos module 2022-07-28 22:28:41 -03:00
AndersonTorres
2617a00699 fvwm: rename nixos module to fvwm2 2022-07-28 22:28:39 -03:00
github-actions[bot]
3c0b8e78a9
Merge master into haskell-updates 2022-07-29 00:13:37 +00:00
pennae
52b0ad17e3 nixos/docs: cache mergeJSON md conversion on baseOptionsJSON 
with ever more options being markdown rather than docbook the conversion
time is starting to become a significant factor of doc build time.
luckily we can pre-convert all nixos option docs to MD and cache the
result of this conversion, then merge the already-converted json file
with user option docs. we leave options.json unconverted to keep it as
close to the actual nix code as possible.
 2022-07-28 23:20:02 +02:00
pennae
18be724a58 nixos/make-options-doc: give MD conversion error locations 
during docs conversion it can be very useful to know exactly *where* the
error the script complained about is. the name of the option should be
sufficient since option merging is rather rare, and won't merge doc
attributes anyway.
 2022-07-28 20:03:02 +02:00
github-actions[bot]
6a1cd17d72
Merge staging-next into staging 2022-07-28 18:01:55 +00:00
sternenseemann
7f909b041b haskell.compiler: ghc923 -> ghc924 
https://www.haskell.org/ghc/download_ghc_9_2_4.html
 2022-07-28 18:09:33 +02:00
misuzu
9b1db3db0e nixos/gitlab-runner: undeprecate configFile option 2022-07-28 17:16:55 +02:00
misuzu
b4028126f1 nixos/gitlab-runner: add settings option 2022-07-28 17:16:55 +02:00
github-actions[bot]
437247fc43
Merge staging-next into staging 2022-07-28 12:02:23 +00:00
Sandro
b5b9c81496
Merge pull request #177573 from asbachb/bugfix/gitea/175967 2022-07-28 13:55:11 +02:00
ajs124
8b56c85a9a
Merge pull request #183154 from mweinelt/kea-2.2.0 2022-07-28 13:21:39 +02:00
Bernardo Meurer
2d070e3213
Merge pull request #182535 from lovesegfault/roon-hqplayerd-fixes 
nixos/{roon,hqplayerd}: small fixes
 2022-07-28 00:27:15 -07:00
github-actions[bot]
0049ace2ec
Merge staging-next into staging 2022-07-28 06:02:07 +00:00
Martin Weinelt
bfb1246d29
nixos/tests/vaultwarden: update 
New web builds required updated title information to look for.

Rocket by default only listens on localhost, set to 0.0.0.0 to be
reachable by the client.

Selenium/Webdriver API changes required updates to function calls.
 2022-07-28 02:00:28 +02:00
Martin Weinelt
14ad19feda
nixosTests.kea: set name 2022-07-27 23:27:29 +02:00
github-actions[bot]
c5298a170d
Merge staging-next into staging 2022-07-27 18:02:13 +00:00
github-actions[bot]
f6895f13b0
Merge master into staging-next 2022-07-27 18:01:33 +00:00
Alan Strohm
81cd3e229c
nixos/restic: add 'backups.package' option to override the restic package (#183028) 2022-07-27 13:47:41 -04:00
pennae
a16b25432e
Merge pull request #182685 from pennae/invariant-option-conversions 
treewide: invariant option conversions to MD
 2022-07-27 15:39:47 +02:00
Bobby Rong
36d7b18e75
Merge pull request #162980 from NickCao/mautrix-telegram-nixos 
nixos/mautrix-telegram: add lottieconverter to path
 2022-07-27 20:39:08 +08:00
github-actions[bot]
54f2dacce1
Merge staging-next into staging 2022-07-27 00:03:09 +00:00
github-actions[bot]
f110f87498
Merge master into staging-next 2022-07-27 00:02:31 +00:00
Rick van Schijndel
9e9f6fc1c3
Merge pull request #152065 from chkno/stunnel-extraConfig 
nixos/stunnel: Make free-form
 2022-07-26 23:24:31 +02:00
Stig Palmquist
8532168fd7
nixos/tests/convos: fix tests 
- Fix journal grep test
 2022-07-26 22:38:05 +02:00
github-actions[bot]
b21eff1a41
Merge staging-next into staging 2022-07-26 18:02:15 +00:00
github-actions[bot]
1071ab374f
Merge master into staging-next 2022-07-26 18:01:32 +00:00
Sandro
7206899cbf
nixos/i18n: add en_US.UTF-8 to default locales 
Closes #182798
 2022-07-26 14:50:02 +02:00
github-actions[bot]
52e7c12c41
Merge staging-next into staging 2022-07-26 06:02:58 +00:00
github-actions[bot]
8aaeccd647
Merge master into staging-next 2022-07-26 06:02:16 +00:00
Bernardo Meurer
1cfb6dab0f
Merge pull request #182789 from talyz/sshd-dont-delete-symlinks 
sshd: Don't remove symlinks to host key files
 2022-07-25 21:51:46 -07:00
Bjørn Forsman
9b6965dcfc nixos: add lighttpd test 2022-07-26 04:45:03 +02:00
Jared Baur
777e914c20 nixos/systemd.network: Add RequiredFamilyForOnline to linkConfig 
While writing a configuration, I found a usage for this field and
noticed it was missing when building the configuration.
 2022-07-26 04:11:33 +02:00
Stig
550aaf8c96
Merge pull request #182379 from stigtsp/fix/pam-u2f-cue 
nixos/security/pam: fix u2f options leakage
 2022-07-26 03:19:01 +02:00
github-actions[bot]
4defba0df7
Merge staging-next into staging 2022-07-26 00:03:07 +00:00
github-actions[bot]
19fd1d7e90
Merge master into staging-next 2022-07-26 00:02:26 +00:00
ajs124
66e9ea4827
Merge pull request #180008 from Luflosi/skip-fsck-for-bind-mount 2022-07-25 23:56:12 +02:00
Winter
c4665307de
Merge pull request #180148 from Luflosi/nginx-fix-listenAddresses-example 
nixos/nginx: fix broken listenAddresses example
 2022-07-25 17:47:00 -04:00
Guillaume Girol
063996d291
Merge pull request #182233 from symphorien/doc-iso-branch 
nixos/doc: don't advise to build master
 2022-07-25 20:48:49 +00:00
github-actions[bot]
2aa98a3fe0
Merge staging-next into staging 2022-07-25 18:02:05 +00:00
github-actions[bot]
db04e3c143
Merge master into staging-next 2022-07-25 18:01:19 +00:00
Roman Volosatovs
191f777c4a
nixos/amd.sev: init 
Signed-off-by: Roman Volosatovs <roman@profian.com>
Signed-off-by: Roman Volosatovs <rvolosatovs@riseup.net>
 2022-07-25 18:13:52 +02:00
Lin Jian
b6617bb594
nixos/kanata: init 2022-07-26 00:06:48 +08:00
Kevin Cox
6efae3d6a9
Merge pull request #118093 from stuebinm/nextcloud-secrets 
nixos/nextcloud: add extraOptions and secretFile options
 2022-07-25 11:29:11 -04:00
Otavio Salvador
7e8e00d656 nixos/restic: use postStop for backupCleanupCommand 
That way the `backupCleanupCommand` can also run when the backup service
failed for some reason.

Fixes: #182089.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
 2022-07-25 11:53:01 -03:00
github-actions[bot]
d31202e8c3
Merge staging-next into staging 2022-07-25 12:02:27 +00:00
github-actions[bot]
ded08eff9c
Merge master into staging-next 2022-07-25 12:01:46 +00:00
Guillaume Girol
5eb63756ca rephrase nixos installation doc 
systemd-boot is not the only option, even though it "just works" better.
 2022-07-25 12:00:00 +00:00
Maximilian Bosch
f923f5b9aa
Merge pull request #182456 from mayflower/crowd-secrets 
nixos/crowd: store openid password securely
 2022-07-25 12:02:57 +02:00
github-actions[bot]
a5a3f67b15
Merge staging-next into staging 2022-07-25 00:03:30 +00:00
github-actions[bot]
e706db2a81
Merge master into staging-next 2022-07-25 00:02:44 +00:00
Mario Rodas
f97827178e
Merge pull request #181021 from melvyn2/patch-1 
Add `bash` to netdata service path
 2022-07-24 16:12:07 -05:00
Vladimír Čunát
687d59d7e6
Merge branch 'master' into staging-next 2022-07-24 22:27:27 +02:00
Sandro
87c66cbb56
nixos/hydra: fix runuser in init 2022-07-24 18:05:10 +02:00
Sandro
8f89704410
Merge pull request #182648 from SuperSandro2000/hedgedoc-module 
nixos/hedgedoc: improve ldap settings
 2022-07-24 16:33:11 +02:00
github-actions[bot]
4a6e124c33
Merge staging-next into staging 2022-07-24 12:02:06 +00:00
github-actions[bot]
21a6aafb7d
Merge master into staging-next 2022-07-24 12:01:21 +00:00
pennae
ff56c775c8
Merge pull request #182098 from pennae/option-doc-md 
convert some varlists in option docs to MD
 2022-07-24 13:14:40 +02:00
pennae
5bf55a4ad5 nixos/virtualization: invariant option docs MD conversions 2022-07-24 13:01:47 +02:00
pennae
b115622f4b nixos/tasks: invariant option docs MD conversions 2022-07-24 13:01:47 +02:00
pennae
860a0449ce nixos/system: invariant option docs MD conversions 2022-07-24 13:01:47 +02:00
pennae
cbc44d68a7 nixos/security: invariant option docs MD conversions 2022-07-24 13:01:18 +02:00
pennae
da37ca6760 nixos/programs: invariant option docs MD conversions 2022-07-24 13:01:18 +02:00
pennae
4f91838584 nixos/misc: invariant option docs MD conversions 2022-07-24 13:01:18 +02:00
pennae
4ba72f8615 nixos/installer: invariant option docs MD conversions 2022-07-24 13:01:18 +02:00
pennae
77d56dfc22 nixos/i18n: invariant option docs MD conversions 2022-07-24 13:01:18 +02:00
pennae
4dd84a34db nixos/hardware: invariant option docs MD conversions 2022-07-24 13:01:18 +02:00
pennae
8a79dfd94a nixos/config: invariant option docs MD conversions 2022-07-24 13:01:18 +02:00
Michael Weiss
a4c8c46831
Merge pull request #182508 from primeos/signal-desktop 
nixos/tests/signal-desktop: Fix the sqlite3 part of the test (regressed)
 2022-07-24 12:27:38 +02:00
Felix Buehler
17e93b090e services.murmur: add openFirewall option 2022-07-24 10:32:37 +02:00
Vladimír Čunát
4ba8bc7d40
Merge branch 'master' into staging-next 2022-07-24 09:44:09 +02:00
Sandro Jäckel
98f180b0e3
nixos/hedgedoc: set good default for ldap.tlsca 2022-07-24 04:08:18 +02:00
Sandro Jäckel
1a7f6b4070
nixos/hedgedoc: do not require to set searchAttributes when ldap login is used 2022-07-24 04:08:18 +02:00
kilianar
2133278f96 nixosTests.podgrab: fix failing test 
defaultPort and customPort aren't python variables causing the test to
fail. We instead use the nix variables with string interpolation.
 2022-07-23 17:19:01 +02:00
github-actions[bot]
b38a1818bc
Merge staging-next into staging 2022-07-23 12:02:12 +00:00
github-actions[bot]
6629a2339e
Merge master into staging-next 2022-07-23 12:01:31 +00:00
Bjørn Forsman
65399c4742 nixos/syncthing: don't leak the secret API key in process listings 2022-07-23 13:59:11 +02:00
Bjørn Forsman
16108ff74a nixos/jenkins-job-builder: set serviceConfig.Type = "oneshot" 
This change allows detecting configuration errors during
switch-to-configuration instead of them being reported asynchronously
*after* switch-to-configuration has exited.

(And update the NixOS test accordingly.)
 2022-07-23 13:30:53 +02:00
Nick Cao
f1a08f54f0
nixos/mautrix-telegram: add lottieconverter to path 2022-07-23 16:43:39 +08:00
github-actions[bot]
f036546286
Merge staging-next into staging 2022-07-23 06:02:03 +00:00
github-actions[bot]
1ce437589a
Merge master into staging-next 2022-07-23 06:01:20 +00:00
Bernardo Meurer
836af9c15e nixos/hqplayerd: allow GPU acceleration 2022-07-22 21:21:46 -07:00
Bernardo Meurer
d66f766cac nixos/roon-server: fix openFirewall 2022-07-22 21:20:50 -07:00
Dan Callaghan
133ebbe46a
nixos/sssd: add an option to enable KCM support 2022-07-23 10:14:09 +10:00
Shamrock Lee
c25543b554 wineWowPackages: default mainProgram to "wine64" 2022-07-22 22:45:44 +00:00
Michael Weiss
59de06d093
nixos/tests/signal-desktop: Fix the sqlite3 part of the test (regressed) 
Due to recent changes (likely a sqlite3 update) the sqlite3 meta-command
did suddenly succeed while sqlite3 is still unable to read the still
encrypted database. It just prints the following output and doesn't
seem to try to open/read the DB (which would fail):
```
main: /home/alice/.config/Signal/sql/db.sqlite r/w
```

We can simply fix this "regression" by instructing sqlite3 to list the tables
in the database (which fails because it cannot read the encrypted DB):
```
machine: must fail: su - alice -c 'sqlite3 ~/.config/Signal/sql/db.sqlite .tables'
machine # [   47.036720] su[1178]: Successful su for alice by root
machine # [   47.041049] su[1178]: pam_unix(su:session): session opened for user alice(uid=1000) by (uid=0)
machine # Error: file is not a database
machine # [   47.116070] su[1178]: pam_unix(su:session): session closed for user alice
(finished: must fail: su - alice -c 'sqlite3 ~/.config/Signal/sql/db.sqlite .tables', in 0.12 seconds)
```

Fix #181463.
 2022-07-22 23:42:55 +02:00
github-actions[bot]
b4832bac52
Merge staging-next into staging 2022-07-22 15:34:59 +00:00
Artturin
6789222b1c Merge branch 'master' into staging-next 2022-07-22 18:23:16 +03:00
Jörg Thalheim
8807057296 nixos/openldap: drop myself as maintainer 2022-07-22 16:54:13 +02:00
Sandro
8455ba6d64
Merge pull request #181258 from SuperSandro2000/onlyoffice 2022-07-22 16:28:13 +02:00
Martin Weinelt
b5e4c14806 Merge remote-tracking branch 'origin/master' into staging-next 2022-07-22 14:56:01 +02:00
pennae
e4d4b3cd64
Merge pull request #182441 from leungbk/lemmy-whitespace 
services/web-apps/lemmy.nix: Remove space that causes a type error
 2022-07-22 14:30:23 +02:00
Maximilian Bosch
200ce70e63
Merge pull request #180603 from m-bdf/substitute-nix-instantiate 
nixos-generate-config: substitute nix-instantiate
 2022-07-22 14:22:52 +02:00
Maximilian Bosch
779853b52b
Merge pull request #182413 from NetaliDev/pam-mount-fix-refactor 
nixos/pam: refactor pam_mount unmounting fix
 2022-07-22 14:05:44 +02:00
github-actions[bot]
dec2508b80
Merge staging-next into staging 2022-07-22 12:02:21 +00:00
github-actions[bot]
a3ba713cd4
Merge master into staging-next 2022-07-22 12:01:35 +00:00
Maximilian Bosch
ee2413c326
nixos/crowd: store openid password securely 2022-07-22 13:13:12 +02:00
Maximilian Bosch
1f6910b7dd
Merge pull request #182267 from mayflower/confluence-secrets 
nixos/confluence: store crowd SSO password securely
 2022-07-22 13:12:17 +02:00
Maximilian Bosch
85231bbd6e
Merge pull request #182261 from mayflower/mailman-rest-api-pass-file 
nixos/mailman: don't leak MAILMAN_REST_API_PASS into the store
 2022-07-22 13:11:37 +02:00
Ilan Joselevich
d0617a58e2
services/web-apps/lemmy.nix: Remove space that causes a type error 2022-07-22 01:19:28 -07:00
Florian Klink
ad29dc19c1
Merge pull request #182436 from K900/systemd-initrd-fixes 
nixos/systemd: make sure all the device nodes are created in stage1
 2022-07-22 15:06:59 +07:00
Florian Klink
7c119675a3
Merge pull request #179002 from klemensn/move-passwdEntry-type 
move passwdEntry type
 2022-07-22 14:16:57 +07:00
K900
c9183d3738 nixos/systemd: make sure all the device nodes are created in stage1 
The ConditionFileNotEmpty override patch wasn't correct for stage1, which
does have the modules in /lib. So, remove the patch and set
the right path with overrides in the final system.

Also, make sure systemd-tmpfiles-setup-dev is pulled in to create
all the necessary symlinks.
 2022-07-22 10:01:21 +03:00
Netali
93132dc09c
nixos/pam: refactor pam_mount unmounting fix 2022-07-22 04:17:14 +02:00
Dan Callaghan
b30534eb02 openldap: load client config from /etc, not the nix store 
We want Openldap clients to load /etc/ldap.conf at runtime, not
${pkgs.openldap}/etc/ldap.conf which is always a sample config.

Pass sysconfdir=/etc at compile time, so that /etc/krb5.conf is embedded
in the library as the path of its config file.

Pass sysconfdir=${out}/etc at install time, so that the sample configs
and schema files are correctly included in the build output.

This hack works because the Makefiles are not smart enough to notice
that the sysconfdir variable has changed across invocations -- because
nobody ever writes their Makefiles to be that smart. :-)

Fixes #181937.
 2022-07-22 03:19:46 +02:00
github-actions[bot]
df9f22a8b8
Merge staging-next into staging 2022-07-22 00:03:25 +00:00
github-actions[bot]
d44e369b44
Merge master into staging-next 2022-07-22 00:02:40 +00:00
Martin Weinelt
fa8de76521
Revert "openldap: load client config from /etc, not the nix store" 2022-07-22 00:29:21 +02:00
Martin Weinelt
b435482234
Merge pull request #182080 from danc86/openldap-sysconfdir 2022-07-22 00:28:49 +02:00
Martin Weinelt
457d109dcd
Merge pull request #179597 from Mic92/openldap-path 
[staging] openldap: remove deprecated options, improve encapsulation
 2022-07-22 00:26:32 +02:00
Stig Palmquist
d07f3037e2
nixos/security/pam: fix u2f options leakage 
Fix bug where pam_u2f options would be partially included in other pam.d
files if the module was enable for specific services, resulting in
broken configuration.
 2022-07-21 23:14:09 +02:00
Sandro
98b4daa994
Merge pull request #181881 from SuperSandro2000/searx 2022-07-21 22:39:48 +02:00
Sandro
f7f8721b1e
Merge pull request #162689 from astro/glusterfs 
nixos/glusterfs: exclude hook "S10selinux-label-brick.sh"
 2022-07-21 22:15:00 +02:00
Lassulus
bcd7e09db0
Merge pull request #182204 from helsinki-systems/upd/vdo 
(k)vdo: 8.1.1.360 -> 8.2.0.2
 2022-07-21 21:46:27 +02:00
Sofi
e2b34f0f11
nixos/minecraft-server: let server shutdown cleanly (#182149) 2022-07-21 15:05:43 -04:00
github-actions[bot]
a92f7ed60a
Merge staging-next into staging 2022-07-21 18:02:00 +00:00
talyz
ddf8182d5b
sshd: Don't remove symlinks to host key files 
If a host key file is a symlink pointing to an as of yet non-existent
file, we don't want to remove it, but instead follow the symlink and
create the file at that location.

See https://github.com/nix-community/impermanence/issues/101 for more
information on the issue the original behavior creates.
 2022-07-21 19:15:04 +02:00
Timothy DeHerrera
e8c3d13d00
Merge pull request #181674 from nrdxp/nvidia-udev 
nvidia: improve robustness of udev rules
 2022-07-21 09:00:47 -07:00
Jacek Galowicz
8429701cbf
Merge pull request #182324 from snpschaaf/testdriver-vde-hub-mode 
use vde switch in hubmode by default
 2022-07-21 17:48:15 +02:00
Philippe Schaaf
5ae6580474 add hub mode comment 
Signed-off-by: Philippe Schaaf <philippe.schaaf@secunet.com>
 2022-07-21 16:34:09 +02:00
Philippe Schaaf
df52d556bb wip: add vlan-ping test 
Signed-off-by: Philippe Schaaf <philippe.schaaf@secunet.com>
 2022-07-21 16:19:20 +02:00
Vincent Haupert
539b61ea37 nixos/github-runner: fix capset syscall filtering 
capset(2) is a single system call, not a set of multiple system calls.
 2022-07-21 16:08:15 +02:00
Robert Hensing
9aa588ecc3 nixos/documentation: Add unit test 2022-07-21 15:32:10 +02:00
Robert Hensing
ec3e1c6a3a nixos/documentation: Remove systemd/initrd dependency 
Working towards a unit-testable documentation module.
 2022-07-21 15:32:10 +02:00
Robert Hensing
08e6f45747 nixos: Declare module dependencies 
Working towards a unit-testable documentation module.
 2022-07-21 15:32:10 +02:00
Robert Hensing
5a98c63077 nixos: Move getty helpLine definition to getty module 
Working towards a unit-testable documentation module.
 2022-07-21 15:32:00 +02:00
Robert Hensing
9a0b26b216 nixos/documentation: Make extraModules configurable 2022-07-21 15:31:35 +02:00
Robert Hensing
e135c417bb nixos/documentation: Forward the specialArgs 
This is necessary when generating the complete documenation for
configurations that import modules from the module arguments.
 2022-07-21 15:31:35 +02:00
Philippe Schaaf
f6a290932e use vde switch in hubmode by default 
Within a dual VM test-setup a strange behaviour was observed.
The two VMs are connected via one vde_switch instance
(instancevirtualisation.vlans = [ 1 ]; IMO a bad attribute name for
switch instances, has nothing to do with VLANs in sense of 802.1Q).

A ping on the base interface (eth1) works, but not on VLAN
subinterfaces (vlan1@eth1). A tcpdump of eth1 includes the ARP requests
tagged with the subinterfaces VLAN ID, but responses seems not to pass
the vde_switch. This works fine if performed on the base interface.

Putting the vde_switch in hub mode results in flooding
traffic to all vde_switch ports. This results in a expected behaviour
and a ping on a VLAN subinterface works as expected.

Signed-off-by: Philippe Schaaf <philippe.schaaf@secunet.com>
 2022-07-21 11:38:03 +02:00
github-actions[bot]
f09c360345
Merge staging-next into staging 2022-07-21 00:03:40 +00:00
Maximilian Bosch
258060c37d
nixos/confluence: store crowd SSO password securely 
Basically the same as the JIRA change[1], but I figured that we can
actually implement that in a backwards compatible manner.

[1] https://github.com/NixOS/nixpkgs/pull/181715
 2022-07-20 23:11:53 +02:00
Maximilian Bosch
db9937b578
nixos/mailman: don't leak MAILMAN_REST_API_PASS into the store 2022-07-20 22:23:54 +02:00
Maximilian Bosch
501bbad4ce
Merge pull request #182104 from mayflower/mail-exporter-secrets 
nixos/prometheus-mail-exporter: support storing `passphrase` outside of the store, use umask when using envsubst
 2022-07-20 20:42:14 +02:00
Maximilian Bosch
92bd77e85e
nixos/prometheus-mail-exporter: umask to avoid accidental world-readability 2022-07-20 20:29:38 +02:00
Maximilian Bosch
590e60d124
nixos/mxisd: umask to avoid accidental world-readability 2022-07-20 20:29:38 +02:00
Maximilian Bosch
81add6600c
nixos/privacyidea-ldap-proxy: umask to avoid accidental world-readability 2022-07-20 20:29:38 +02:00
ajs124
c386f8658b (k)vdo: 8.1.1.360 -> 8.2.0.2 2022-07-20 15:00:53 +02:00
Guillaume Girol
b996269988 nixos/doc: don't advise to build master 2022-07-20 12:00:00 +00:00
github-actions[bot]
9c32c81a99
Merge staging-next into staging 2022-07-20 06:02:01 +00:00
Winter
fa9030465e
Merge pull request #182126 from pbsds/polaris-os-24 
nixos/tests/polaris: fix type check fail
 2022-07-20 00:24:05 -04:00
Peder Bergebakken Sundt
b81c81be13 nixos/tests/polaris: fix type check fail 
This test was introduced in a PR predating typechecking, but got merged afterwards.
 2022-07-19 21:12:14 +02:00
github-actions[bot]
49299f66ad
Merge staging-next into staging 2022-07-19 18:02:05 +00:00
kilianar
a3c5c5eec4 nixosTests.airsonic: fix failure (type error) 
airsonic_is_up should return a bool, but machine.succeed returns a
string causing testScriptWithTypes to fail. This is fixed by executing
the cmd with machine.execute and checking the status code.
 2022-07-19 19:05:20 +02:00
Maximilian Bosch
39c0694709
nixos/prometheus-mail-exporter: support storing passphrase outside of the store 2022-07-19 17:32:08 +02:00
pennae
7388711363 nixos/resolved: convert option docs to MD 2022-07-19 16:23:57 +02:00
pennae
3fdde45825 nixos/oci-containers: convert option docs to MD 
no changes to the manpages, no rendering changes to the html manual
 2022-07-19 16:23:57 +02:00
pennae
875acd1c2b nixos/qt5: convert option docs to MD 
changing a varlist to an md list changes the rendering slightly.
 2022-07-19 16:23:56 +02:00
Dan Callaghan
be2175dc94
openldap: load client config from /etc, not the nix store 
We want Openldap clients to load /etc/ldap.conf at runtime, not
${pkgs.openldap}/etc/ldap.conf which is always a sample config.

Pass sysconfdir=/etc at compile time, so that /etc/krb5.conf is embedded
in the library as the path of its config file.

Pass sysconfdir=${out}/etc at install time, so that the sample configs
and schema files are correctly included in the build output.

This hack works because the Makefiles are not smart enough to notice
that the sysconfdir variable has changed across invocations -- because
nobody ever writes their Makefiles to be that smart. :-)

Fixes #181937.
 2022-07-19 22:32:45 +10:00
github-actions[bot]
f0d5e4f5ad
Merge staging-next into staging 2022-07-19 12:02:34 +00:00
github-actions[bot]
cfe78489c9
Merge master into staging-next 2022-07-19 12:01:43 +00:00
Sandro
bca69a4037
Merge pull request #181867 from newAM/github-runner 
nixos/github-runner: fix systemd defaults for common workflows
 2022-07-19 12:56:17 +02:00
Euan Kemp
f158ac45ef nixos/k3s: use default cgroup-driver again 
Setting `cgroup-driver=systemd` was originally necessary to match with
docker, else the kubelet would not start (#111835)

However, since then, docker support has been dropped from k3s (#177790).
As such, this option is much less necessary.

More importantly, it now seems to be actively causing issues. Due to an
upstream k3s bug, it's resulting in the kubelet and containerd having
different cgroup drivers, which seems to result in some difficult to
debug failure modes.

See
https://github.com/NixOS/nixpkgs/issues/181790#issuecomment-1188840862
for a description of this problem.

Removing this flag entirely seems reasonable to me, and it results in
k3s working again on my machine.
 2022-07-19 02:52:12 -07:00
Wei Tang
b0a0087d53
nixos/flannel: upgrade to etcdv3 (#180315) 2022-07-19 16:09:42 +10:00
github-actions[bot]
1ae70f1c80
Merge staging-next into staging 2022-07-19 06:03:43 +00:00
github-actions[bot]
305e8cb7b8
Merge master into staging-next 2022-07-19 06:03:02 +00:00
Wout Mertens
3ee8d4c909
netdata module: fix ExecStartPost (#181976) 2022-07-19 06:19:18 +02:00
github-actions[bot]
5467a35e74
Merge staging-next into staging 2022-07-19 00:02:54 +00:00
github-actions[bot]
d64d75f2f3
Merge master into staging-next 2022-07-19 00:02:21 +00:00
Artturi
6dc4ee65f7
Merge pull request #179163 from cmm/network-setup-bindTo 
nixos/network-interfaces-scripted: don't bindTo absent network-setup.service
 2022-07-19 01:33:14 +03:00
Joachim F
0640ef2ccc
Merge pull request #180231 from dfithian/heartbeat 
heartbeat service: specify package
 2022-07-18 20:56:08 +02:00
Dan Fithian
49a5377557 heartbeat service: specify package 
Other elastic services can specify the package. Now we can also do it for heartbeat.
 2022-07-18 14:39:22 -04:00
github-actions[bot]
9339fffb65
Merge staging-next into staging 2022-07-18 18:01:57 +00:00