Commit Graph

77977 Commits

Author SHA1 Message Date
Franz Pletz
3fd51a9ab2 fixup! gitlab: 8.0.5 -> 8.5.0, service improvements
Some debugging and development leftovers.
2016-02-26 07:08:31 +01:00
Franz Pletz
bcfa59bf82 gitlab: 8.0.5 -> 8.5.0, service improvements
Updates gitlab to the current stable version and fixes a lot of features that
were broken, at least with the current version and our configuration.

Quite a lot of sweat and tears has gone into testing nearly all features and
reading/patching the Gitlab source as we're about to deploy gitlab for our
whole company.

Things to note:

 * The gitlab config is now written as a nix attribute set and will be
   converted to JSON. Gitlab uses YAML but JSON is a subset of YAML.
   The `extraConfig` opition is also an attribute set that will be merged
   with the default config. This way *all* Gitlab options are supported.

 * Some paths like uploads and configs are hardcoded in rails  (at least
   after my study of the Gitlab source). This is why they are linked from
   the Gitlab root to /run/gitlab and then linked to the  configurable
   `statePath`.

 * Backup & restore should work out of the box from another Gitlab instance.

 * gitlab-git-http-server has been replaced by gitlab-workhorse upstream.
   Push & pull over HTTPS works perfectly. Communication to gitlab is done
   over unix sockets. An HTTP server is required to proxy requests to
   gitlab-workhorse over another unix socket at
   `/run/gitlab/gitlab-workhorse.socket`.

 * The user & group running gitlab are now configurable. These can even be
   changed for live instances.

 * The initial email address & password of the root user can be configured.

Fixes #8598.
2016-02-26 07:08:31 +01:00
Charles Strahan
ce7aa71880 vte-ng: 0.42.1.a -> 0.42.4.a 2016-02-26 00:48:39 -05:00
Charles Strahan
e08dd09c25 emacs: add optional support for 24-bit color ttys 2016-02-26 00:33:56 -05:00
Graham Christensen
737e808913 libssh2: 1.6.0 -> 1.7.0
This release includes the following changes:
      o libssh2_session_set_last_error: Add function
      o mac: Add support for HMAC-SHA-256 and HMAC-SHA-512
      o WinCNG: support for SHA256/512 HMAC
      o kex: Added diffie-hellman-group-exchange-sha256 support
      o OS/400 crypto library QC3 support
    This release includes the following security advisory:
      o diffie_hellman_sha256: convert bytes to bits
        CVE-2016-0787: http://www.libssh2.org/adv_20160223.html
    This release includes the following bugfixes:
      o SFTP: Increase speed and datasize in SFTP read
      o openssl: make libssh2_sha1 return error code
      o openssl: fix memleak in _libssh2_dsa_sha1_verify()
      o cmake: include CMake files in the release tarballs
      o Fix builds with Visual Studio 2015
      o hostkey.c: Fix compiling error when OPENSSL_NO_MD5 is defined
      o GNUmakefile: add support for LIBSSH2_LDFLAG_EXTRAS
      o GNUmakefile: add -m64 CFLAGS when targeting mingw64
      o kex: free server host key before allocating it (again)
      o SCP: add libssh2_scp_recv2 to support large (> 2GB) files on windows
      o channel: Detect bad usage of libssh2_channel_process_startup
      o userauth: Fix off by one error when reading public key file
      o kex: removed dupe entry from libssh2_kex_methods
      o _libssh2_error: Support allocating the error message
      o hostkey: fix invalid memory access if libssh2_dsa_new fails
      o hostkey: align code path of ssh_rsa_init to ssh_dss_init
      o libssh2.pc.in: fix the output of pkg-config --libs
      o wincng: fixed possible memory leak in _libssh2_wincng_hash
      o wincng: fixed _libssh2_wincng_hash_final return value
      o add OpenSSL 1.1.0-pre2 compatibility
      o agent_disconnect_unix: unset the agent fd after closing it
      o sftp: stop reading when buffer is full
      o sftp: Send at least one read request before reading
      o sftp: Don't return EAGAIN if data was written to buffer
      o sftp: Check read packet file offset
      o configure: build "silent" if possible
      o openssl: add OpenSSL 1.1.0-pre3-dev compatibility
      o GNUmakefile: list system libs after user libs
2016-02-25 22:09:21 -06:00
Profpatsch
70c02402c8 networkmanager: fix link-local ip addresses
NetworkManager needs an additional avahi-user to use link-local
IPv4 (and probably IPv6) addresses. avahi-autoipd also needs to be
patched to the right path.
2016-02-26 03:28:56 +01:00
Tanner Doshier
4e5ef470a7 ec2-data: ensure providing a SSH host key is actually optional
2701665904 broke this.
2016-02-25 20:11:49 -06:00
zimbatm
b9db67d8e2 Merge pull request #8393 from hrdinka/update/hugin
hugin: update 2013.0.0 -> 2015.0.0
2016-02-26 01:03:47 +00:00
zimbatm
69f151f577 Merge pull request #8547 from Ralith/boost-clang
Fix detection of clang toolset
2016-02-26 00:58:05 +00:00
zimbatm
d2f3e250cf Merge pull request #8576 from obadz/nix-prefetch-zip
Add --ext option to nix-prefetch-zip
2016-02-26 00:57:30 +00:00
zimbatm
b5407d402d Merge pull request #11812 from bnikolic/recoll-update
recoll: 1.20.6 -> 1.21.3
2016-02-26 00:41:47 +00:00
zimbatm
3110d60cf6 Merge pull request #10768 from rycee/refactor/nix-generate-from-cpan
nix-generate-from-cpan: large refactor
2016-02-26 00:40:15 +00:00
zimbatm
b73c5ae291 Merge pull request #10546 from aszlig/nixops-issue-350
Fixes for NixOps issue #350
2016-02-26 00:33:49 +00:00
tg(x)
629a89343e simp_le: external_pem.sh plugin is now called external.sh 2016-02-26 01:31:58 +01:00
zimbatm
30891166be Merge pull request #11997 from benley/google-chrome-variants
google-chrome: add -beta and -unstable variants
2016-02-26 00:13:00 +00:00
zimbatm
428e12d23f Merge pull request #13154 from zimbatm/git-rebase-fix-v2
git: fixes references to gettext properly
2016-02-26 00:03:17 +00:00
zimbatm
853a213698 Merge pull request #13323 from rycee/ddclient/platform
ddclient: add meta.platforms
2016-02-26 00:02:06 +00:00
zimbatm
d4e29d0e6d Merge pull request #12896 from rycee/bump/udiskie
udiskie: 1.1.2 -> 1.4.8
2016-02-26 00:01:34 +00:00
zimbatm
06a12136a5 Merge pull request #12824 from cransom/aws_shell
aws_shell: init at 0.1.0
2016-02-26 00:00:10 +00:00
zimbatm
1b0e81c41e Merge pull request #13453 from mayflower/pkgs_upstream/gti
gti: init at 2015-05-21 (edaac79)
2016-02-25 23:57:17 +00:00
zimbatm
e3da8a40e2 Merge pull request #12235 from deeky666/update-php-packages-attributes
phpPackages: init php56Packages and php70Packages
2016-02-25 23:56:18 +00:00
zimbatm
71e1fd1a0b Merge pull request #12599 from ftrvxmtrx/e19-update-1.16.1
e19: update
2016-02-25 23:50:31 +00:00
zimbatm
35f47333d0 Merge pull request #13463 from avnik/feature/gimp-with-plugins
Feature: gimp with plugins
2016-02-25 23:27:25 +00:00
Benjamin Staffin
fe6ad9e912 git-stree: init at 0.4.5 2016-02-25 15:26:06 -08:00
zimbatm
0b33cd7b59 Merge pull request #13465 from benley/git-alphabetize
git-and-tools: alphabetize attributes before it gets too huge
2016-02-25 23:24:32 +00:00
Pascal Wittmann
48db4391e8 Merge pull request #13464 from zimbatm/termite-11
Termite 11
2016-02-25 23:58:13 +01:00
Benjamin Staffin
ca5f243697 git-and-tools: alphabetize attributes before it gets too huge 2016-02-25 14:23:34 -08:00
zimbatm
3f3599f6be termite: split terminfo into it's own output
Fixes #6141
2016-02-25 22:14:58 +00:00
zimbatm
f1df89f902 termite: 10 -> 11 2016-02-25 22:14:55 +00:00
Tim Steinbach
7506c58d74 linux_3_10: 3.10.96 -> 3.10.97 (close #13405) 2016-02-25 23:09:08 +01:00
Tuomas Tynkkynen
0e1319f03f linux-3.10: fixup config by a slightly hacky way
For explanation see:
https://github.com/NixOS/nixpkgs/pull/13405#issuecomment-188357637
2016-02-25 23:07:47 +01:00
Alexander V. Nikolaev
0649c8bde7 gimp: add gimp-with-plugin derivation
By default all plugins from pkgs.gimpPlugins set are enabled.

Default location of plugins changed from $out/${gimp.name} to
$out/lib/gimp/${majorVersion}. Resulting derivation for gimp+plugins
is set as search path for plugins by default (additional tweaking in
gimprc done for old plugin scheme should be removed)
2016-02-25 23:34:28 +02:00
Alexander V. Nikolaev
fdd11c2c2b gimp: Use http link as gimp-gap sources 2016-02-25 23:34:17 +02:00
Frederik Rietdijk
4a4c432f06 pythonPackages.ipykernel: 4.2.2 -> 4.3.0 2016-02-25 22:32:40 +01:00
Frederik Rietdijk
05608d50f4 kde5.kcalc: init at 15.12 2016-02-25 22:21:56 +01:00
Frederik Rietdijk
b2298b02cf kde5.filelight: init at 15.12 (close #13456)
vcunat also added himself to maintainers,
as filelight has been extremely helpful on closure-size branch.
2016-02-25 21:56:23 +01:00
Frederik Rietdijk
db54eed69c Merge pull request #13460 from nlewo/master
ledger-autosync: fix ofxclient propagation
2016-02-25 21:26:34 +01:00
Antoine Eiche
359ff7d230 ledger-autosync: fix ofxclient propagation
Closes #13411
2016-02-25 21:21:27 +01:00
Tobias Geerinckx-Rice
2179b1d491 geolite-legacy 2016-02-08 -> 2016-02-25 2016-02-25 20:54:39 +01:00
Tobias Geerinckx-Rice
500132ab5c sane-backends-git -> 2016-02-25 2016-02-25 20:54:24 +01:00
Tobias Geerinckx-Rice
1eb8139100 libpsl: 2016-02-16 -> 2016-02-25 2016-02-25 20:54:24 +01:00
zimbatm
76f5cf3f31 Merge pull request #13324 from zimbatm/doc-from-wiki
Converting the wiki to documentation
2016-02-25 19:37:43 +00:00
zimbatm
dc314aad12 samba module: add more description
Fixes #13281
2016-02-25 19:36:55 +00:00
zimbatm
93a0306e79 sane module: add more documentation
Imported from https://nixos.org/wiki/Scanners
2016-02-25 19:36:46 +00:00
Pascal Wittmann
8106d61c12 libfilezilla: 0.3.1 -> 0.4.0 2016-02-25 19:57:39 +01:00
Eelco Dolstra
1b4b7d53c1 Merge pull request #13455 from grahamc/chromium
chromium{,Beta,Dev}: 48.0.2564.97 -> 48.0.2564.116
2016-02-25 19:25:38 +01:00
Graham Christensen
712d59225e chromium{,Beta,Dev}: 48.0.2564.97 -> 48.0.2564.116
From the debian security mailing list:

Several vulnerabilities have been discovered in the chromium web browser.

CVE-2016-1622

    It was discovered that a maliciously crafted extension could bypass
    the Same Origin Policy.

CVE-2016-1623

    Mariusz Mlynski discovered a way to bypass the Same Origin Policy.

CVE-2016-1624

    lukezli discovered a buffer overflow issue in the Brotli library.

CVE-2016-1625

    Jann Horn discovered a way to cause the Chrome Instant feature to
    navigate to unintended destinations.

CVE-2016-1626

    An out-of-bounds read issue was discovered in the openjpeg library.

CVE-2016-1627

    It was discovered that the Developer Tools did not validate URLs.

CVE-2016-1628

    An out-of-bounds read issue was discovered in the pdfium library.

CVE-2016-1629

    A way to bypass the Same Origin Policy was discovered in Blink/WebKit,
    along with a way to escape the chromium sandbox.
2016-02-25 12:00:12 -06:00
Tristan Helmich
3234ca49d1 gti: init at 2015-05-21 (edaac79) 2016-02-25 18:52:19 +01:00
Arseniy Seroka
edeb5480fc Merge pull request #13438 from kamilchm/nimble
nimble: init at 0.7.2
2016-02-25 20:50:46 +03:00
Graham Christensen
f91c979f8a xerces-c: 3.1.1 -> 3.1.3 2016-02-25 11:25:00 -06:00