Commit Graph

74 Commits

Author SHA1 Message Date
Robbert Gurdeep Singh
6fb0c40bbf nextcloud: 20.0.4 -> 20.0.5
Signed-off-by: Robbert Gurdeep Singh <git@beardhatcode.be>
2021-01-18 09:19:22 +01:00
Ben Siraphob
872973d7d1 pkgs/servers: stdenv.lib -> lib 2021-01-15 14:24:03 +07:00
Profpatsch
4a7f99d55d treewide: with stdenv.lib; in meta -> with lib;
Part of: https://github.com/NixOS/nixpkgs/issues/108938

meta = with stdenv.lib;

is a widely used pattern. We want to slowly remove
the `stdenv.lib` indirection and encourage people
to use `lib` directly. Thus let’s start with the meta
field.

This used a rewriting script to mostly automatically
replace all occurances of this pattern, and add the
`lib` argument to the package header if it doesn’t
exist yet.

The script in its current form is available at
https://cs.tvl.fyi/depot@2f807d7f141068d2d60676a89213eaa5353ca6e0/-/blob/users/Profpatsch/nixpkgs-rewriter/default.nix
2021-01-11 10:38:22 +01:00
Maximilian Bosch
78f022e791
nextcloud: improve documentation on defaults
* It should be made explicit in the eval-error that the CVE only affects
  a component which is turned off by default.
* For more clarity, the default version used by the module is noted in
  the manual.

Closes #108419
2021-01-05 22:32:05 +01:00
Maximilian Bosch
6d0745a454
nextcloud20: 20.0.3 -> 20.0.4
ChangeLog: https://nextcloud.com/changelog/#20-0-4
2020-12-16 11:59:59 +01:00
Maximilian Bosch
520b10453f
nextcloud: 19.0.4 -> 19.0.6, 20.0.1 -> 20.0.3, mark v19 as insecure
ChangeLogs:

* https://nextcloud.com/changelog/#20-0-3
* https://nextcloud.com/changelog/#19-0-6

For Nextcloud 20, security advisories for CVE-2020-8259[1] &
CVE-2020-8152[2] were published. The only way to fix those is to upgrade
to v20, although v19 and v18 are supported, the issue won't be fixed
there[3].

Even though both CVEs are only related to the encryption module[4] which
is turned off by default, I decided to add a vulnerability note to
`nextcloud19` since CVE-2020-8259's is rated as "High" by NIST (in
contrast to Nextcloud which rates it as "Low").

If one is not affected by the issue, `nextcloud19` can still be used by
declaring `permittedInsecurePackages`[5].

[1] https://nvd.nist.gov/vuln/detail/CVE-2020-8259,
    https://nextcloud.com/security/advisory/?id=NC-SA-2020-041
[2] https://nvd.nist.gov/vuln/detail/CVE-2020-8152,
    https://nextcloud.com/security/advisory/?id=NC-SA-2020-040
[3] https://help.nextcloud.com/t/fixes-for-cve-2020-8259-cve-2020-8152-in-nextcloud-18-19/98289
[4] https://docs.nextcloud.com/server/20/admin_manual/configuration_files/encryption_configuration.html
[5] https://nixos.org/manual/nixpkgs/stable/#sec-allow-insecure

Closes #106212
2020-12-11 12:39:57 +01:00
Konrad Borowski
7a36e41375 nextcloud18: 18.0.9 -> 18.0.10 2020-11-03 11:26:46 +01:00
Konrad Borowski
055a9adabf nextcloud19: 19.0.3 -> 19.0.4 2020-11-03 11:26:46 +01:00
Jörg Thalheim
753f5ee01d
nextcloud: 20.0.0 -> 20.0.1 2020-10-26 05:06:34 +01:00
Maximilian Bosch
71098fba81
nextcloud20: init 2020-10-04 21:55:58 +02:00
Maximilian Bosch
6b48deee54
nixos/nextcloud: drop nextcloud17, deprecate nextcloud18
Both packages will get EOLed within the lifetime of 20.09. `nextcloud17`
can be removed entirely (the attribute-path is kept however to provide
meaningful errors), however `nextcloud18` must be kept as `insecure` to
make sure that users from `nextcloud17` can properly upgrade to
`nextcloud19` on NixOS 20.09.
2020-09-27 19:21:21 +02:00
Martin Puppe
731d55baad
nextcloud18: 18.0.7 -> 18.0.9 2020-09-20 18:50:20 +02:00
Martin Puppe
85ece7792b
nextcloud19: 19.0.1 -> 19.0.3 2020-09-20 18:50:17 +02:00
Maximilian Bosch
2d543718fb
nextcloud: 19.0.0 -> 19.0.1
https://nextcloud.com/changelog/#19-0-1
2020-07-20 21:47:11 +02:00
Daniel Frank
34ec5c7b67
nextcloud: 18.0.6 -> 18.0.7 2020-07-16 17:14:21 +02:00
Maximilian Bosch
a2a5aa2634
nextcloud19: init at 19.0.0
https://nextcloud.com/blog/nextcloud-hub-brings-productivity-to-home-office/
2020-06-19 22:16:52 +02:00
Daniel Frank
660973d823
nextcloud: 18.0.4 -> 18.0.6 2020-06-14 01:54:03 +02:00
Martin Milata
ed301e7158 nextcloud18: 18.0.3 -> 18.0.4
Changes: https://nextcloud.com/changelog/#latest18
2020-05-18 20:06:01 +02:00
Martin Milata
cd2a208bdb nextcloud17: 17.0.4 -> 17.0.6
Changes: https://nextcloud.com/changelog/#latest17

Fixes: https://nvd.nist.gov/vuln/detail/CVE-2020-8154
2020-05-18 20:00:43 +02:00
Maximilian Bosch
1b95c71989
nextcloud*: add passthru.tests to reference VM-tests 2020-04-16 02:31:54 +02:00
Michael Reilly
84cf00f980
treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
Daniel Frank
2496942c7a
nextcloud: 18.0.2 -> 18.0.3 2020-03-29 23:54:53 +02:00
Maximilian Bosch
702f645aa8
nixos/nextcloud: implement a safe upgrade-path between 19.09 and 20.03
It's impossible to move two major-versions forward when upgrading
Nextcloud. This is an issue when comming from 19.09 (using Nextcloud 16)
and trying to upgrade to 20.03 (using Nextcloud 18 by default).

This patch implements the measurements discussed in #82056 and #82353 to
improve the update process and to circumvent similar issues in the
future:

* `pkgs.nextcloud` has been removed in favor of versioned attributes
  (currently `pkgs.nextcloud17` and `pkgs.nextcloud18`). With that
  approach we can safely backport major-releases in the future to
  simplify those upgrade-paths and we can select one of the
  major-releases as default depending on the configuration (helpful to
  decide whether e.g. `pkgs.nextcloud17` or `pkgs.nextcloud18` should be
  used on 20.03 and `master` atm).

* If `system.stateVersion` is older than `20.03`, `nextcloud17` will be
  used (which is one major-release behind v16 from 19.09). When using a
  package older than the latest major-release available (currently v18),
  the evaluation will cause a warning which describes the issue and
  suggests next steps.

  To make those package-selections easier, a new option to define the
  package to be used for the service (namely
  `services.nextcloud.package`) was introduced.

* If `pkgs.nextcloud` exists (e.g. due to an overlay which was used to
  provide more recent Nextcloud versions on older NixOS-releases), an
  evaluation error will be thrown by default: this is to make sure that
  `services.nextcloud.package` doesn't use an older version by accident
  after checking the state-version. If `pkgs.nextcloud` is added
  manually, it needs to be declared explicitly in
  `services.nextcloud.package`.

* The `nixos/nextcloud`-documentation contains a
  "Maintainer information"-chapter  which describes how to roll out new
  Nextcloud releases and how to deal with old (and probably unsafe)
  versions.

Closes #82056
2020-03-25 22:07:29 +01:00
Daniel Frank
09dea9e30d Nextcloud: 18.0.1 -> 18.0.2 2020-03-13 19:44:50 +00:00
R. RyanTM
91250fe625 nextcloud: 18.0.0 -> 18.0.1 2020-02-20 11:27:23 +00:00
R. RyanTM
e95752f272 nextcloud: 17.0.2 -> 18.0.0 2020-01-22 02:34:54 +00:00
Jan Hrnko
b167c29620 nextcloud: 17.0.1 -> 17.0.2 2019-12-20 19:32:21 +01:00
ajs124
03fef7cff3 nextcloud: 17.0.0 -> 17.0.1 2019-11-25 08:54:52 -08:00
cw
ad3f51f737 nextcloud: 16.0.5 -> 17.0.0 2019-10-04 06:18:42 +02:00
Victor SENE
70d08871da nexcloud: 16.0.4 -> 16.0.5 2019-09-30 22:09:25 +02:00
Vladimír Čunát
2e6bf42a22
Merge branch 'master' into staging-next
There ver very many conflicts, basically all due to
name -> pname+version.  Fortunately, almost everything was auto-resolved
by kdiff3, and for now I just fixed up a couple evaluation problems,
as verified by the tarball job.  There might be some fallback to these
conflicts, but I believe it should be minimal.

Hydra nixpkgs: ?compare=1538299
2019-08-24 08:55:37 +02:00
R. RyanTM
649a61ddf9 nextcloud: 16.0.3 -> 16.0.4
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/nextcloud/versions
2019-08-19 13:29:13 -07:00
volth
46420bbaa3 treewide: name -> pname (easy cases) (#66585)
treewide replacement of

stdenv.mkDerivation rec {
  name = "*-${version}";
  version = "*";

to pname
2019-08-15 13:41:18 +01:00
Andreas Wiese
9dc6e984b5 nextcloud: 16.0.2 -> 16.0.3 2019-07-15 22:45:09 +02:00
Andreas Wiese
dc87d574ad nextcloud: 16.0.1 -> 16.0.2 2019-07-15 22:45:09 +02:00
volth
f3282c8d1e treewide: remove unused variables (#63177)
* treewide: remove unused variables

* making ofborg happy
2019-06-16 19:59:05 +00:00
R. RyanTM
b187bef267 nextcloud: 15.0.8 -> 16.0.1
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/nextcloud/versions
2019-06-02 01:14:59 -07:00
Florian Klink
4bc40350ae nextcloud: 15.0.7 -> 15.0.8 2019-05-21 16:06:45 +09:00
Andreas Wiese
e0bdb4d05e nextcloud: 15.0.6 -> 15.0.7 2019-04-24 22:45:03 +02:00
Will Dietz
ee22cea1cc nextcloud: 15.0.5 -> 15.0.6
(tagged, not on nextcloud.com/changelog ?)
(admin panel bugged about the update, so should be good :))
2019-04-06 10:36:49 -05:00
Franz Pletz
3eda950518
nextcloud: 15.0.4 -> 15.0.5 2019-03-02 02:18:56 +01:00
R. RyanTM
a45b2032ff nextcloud: 15.0.2 -> 15.0.4
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/nextcloud/versions
2019-02-15 23:11:22 -08:00
Florian Klink
58af931a57 nextcloud: 15.0.0 -> 15.0.2 2019-01-12 22:13:23 +01:00
Florian Klink
66060d3bb0 nextcloud: 14.0.4 -> 15.0.0 2018-12-16 11:16:57 +01:00
Simon Lackerbauer
ee1613aea6
nextcloud: 14.0.3 -> 14.0.4 2018-12-05 18:13:08 +01:00
Leon Schuermann
6d3b54a1e9 nextcloud: 14.0.1 -> 14.0.3 2018-10-14 10:47:05 +00:00
Florian Klink
1fd6477b35 nextcloud: fix sendmail path discovery 2018-10-01 02:07:44 +09:30
Ruben Maher
e5b3ea56e1 nextcloud: 13.0.6 -> 14.0.1
Co-authored-by: Robin Gloster <mail@glob.in>
2018-10-01 02:07:44 +09:30
R. RyanTM
836ce9d91e nextcloud: 13.0.5 -> 13.0.6 (#46236)
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
nextcloud
2018-09-09 14:16:41 +02:00
ajs124
6b8a2a79cf nextcloud: 13.04 -> 13.05 2018-07-26 03:08:24 +02:00