Commit Graph

29500 Commits

Author SHA1 Message Date
Martin Schwaighofer
bacef6bb09 dvd-image: replace faketime with --invariant for mkfs.vfat 2022-10-22 12:11:30 +02:00
Martin Schwaighofer
a1d6fd3702 sd-image: replace faketime with --invariant for mkfs.vfat
This is done for sd-images only here, but should probably also be done
for dvd-images.

The --invariant arg should be a better way of making mkfs.vfat deterministic.
The previous version of invoking faketime was building fine and reproducible
when I was compiling an sdimage for aarch64 under emulation.
It was however still logging errors:
ERROR: ld.so: object '/nix/store/1c2cp2709kmvby8ql2n9946v7l52nn50-libfaketime-0.9.9/lib/libfaketime.so.1' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.
ERROR: ld.so: object '/nix/store/1c2cp2709kmvby8ql2n9946v7l52nn50-libfaketime-0.9.9/lib/libfaketime.so.1' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.
The logged errors were presumably inaccurate somehow as calling
faketime was required for reproducibility, even though the log makes it
looks like it failed.
2022-10-22 12:11:30 +02:00
Martin Schwaighofer
f6ee247a1f sd-image: make firmware partition deterministic
Based on how it works for the EFI partition of an iso-image at
nixos/modules/installer/cd-dvd/iso-image.nix.
2022-10-22 12:11:30 +02:00
Sandro
0d1e0a9f80
Merge pull request #191061 from Izorkin/update-peertube-nginx 2022-10-22 00:02:11 +02:00
Sandro
67e4972c5d
Merge pull request #195745 from virusdave/patch-1 2022-10-22 00:00:52 +02:00
ajs124
3dd1098f45
Merge pull request #195567 from helsinki-systems/feat/jenkins-jdk17
nixos/jenkins: jdk11 -> jdk17
2022-10-21 22:59:03 +02:00
Elis Hirwing
844715a8b9
Merge pull request #196819 from Stunkymonkey/freshrss-api-fix
freshrss: fix greader-api
2022-10-21 19:56:55 +02:00
Jonas Heinrich
c54a28030f nixos/httpd: Make option adminAddr optional 2022-10-21 09:12:25 -04:00
Anderson Torres
77b67a2524
Merge pull request #196862 from atorres1985-contrib/hypr
hypr: init at unstable-2022-05-25
2022-10-21 08:00:20 -03:00
Florian Klink
690ccd9c4a
Merge pull request #196917 from flokli/nsncd
nixos/nscd: add option to use nsncd, init nsncd
2022-10-21 11:22:17 +02:00
Florian Klink
a86e080fa4 nixosTests.nscd: add nsncd specialisation
This shows that nsncd successfully passes all the tests that we run
against glibc-nscd.
2022-10-21 09:37:18 +02:00
Florian Klink
e7bc3e7504 nixosTests.nscd: dump nscd socket info with sockdump
This dumps what's sent over the nscd socket to the console output, which
allows debugging.
2022-10-21 09:37:18 +02:00
Florian Klink
aee40c2d8a nixos/nscd: add enableNsncd option
When set, this switches from using nscd to using nsncd.

It's a protocol-compatible, non-caching and much less flaky alternative.
2022-10-21 09:37:18 +02:00
AndersonTorres
af3779f819 nixos/hypr: add module 2022-10-21 00:01:43 -03:00
Guillaume Girol
91a3819bad
Merge pull request #177273 from dali99/escape-systemd
Make escapeSystemdPath implement the correct systemd escaping algorithm
2022-10-20 19:15:31 +00:00
Sandro
c9719e7fd6
Merge pull request #189269 from Tom-Hubrecht/ntfy-sh 2022-10-20 20:50:34 +02:00
Sandro
89e49d87d3
Merge pull request #196488 from SuperSandro2000/changedetectionio 2022-10-20 20:25:36 +02:00
Daniel Olsen
3251123a77 nixos/lib.escapeSystemdPath: Implement the correct algorithm for escaping names in systemd units
Co-authored-by: ajs124 <git@ajs124.de>
2022-10-20 20:12:15 +02:00
Dave Nicponski
1a73877305 Tweak nginx config for Let's Encrypt ACME challenges
Currently, this is using a "URI prefix match", but per nginx docs,

```
[...] the location with the longest matching prefix is selected and remembered. Then regular expressions are checked, in the order of their appearance in the configuration file. The search of regular expressions terminates on the first match, and the corresponding configuration is used. If no match with a regular expression is found then the configuration of the prefix location remembered earlier is used.
```
which means a config like this (from wordpress service) will override that
```
locations = {
          "~ /\\." = {
            priority = 800;
            extraConfig = "deny all;";
          };
};
```
😱
Luckily, from nginx docs:
```
If the longest matching prefix location has the “^~” modifier then regular expressions are not checked.
```

Whew!
2022-10-20 10:59:28 -04:00
Bernardo Meurer
d473597e33
Merge pull request #196904 from hercules-ci/nixos-nixpkgs-only-error-when-used 2022-10-20 09:10:29 -04:00
Izorkin
abdcfec3a0
nixos/peertube: add nginx configuration 2022-10-20 14:49:51 +03:00
Florian Klink
7987b41d44 nixos/nscd: nixpkgs-fmt 2022-10-20 13:15:16 +02:00
Florian Klink
a3b07e3693 nixosTests.nscd: update subtest name and comment
test_host_lookups can be used against different daemons speaking the
nscd protocol.
2022-10-20 13:15:16 +02:00
Robert Hensing
1e9864c85e nixos/nixpkgs: Only error when nixpkgs options are actually used 2022-10-20 11:19:20 +02:00
Janne Heß
24167c94f0
Merge pull request #196337 from SuperSandro2000/update-users-groups
nixos/update-users-groups.pl: sort json file for better reproducibility
2022-10-20 11:11:49 +02:00
Felix Bühler
27e5ca478b
Merge pull request #196140 from uninsane/pr/freshrss-patchShebangs
freshrss: patchShebangs instead of specifying interpreter at use site
2022-10-20 00:03:13 +02:00
Sandro
ab6c14bf9a
Merge pull request #196624 from Minion3665/replace-polymc-with-prismlauncher 2022-10-19 23:36:35 +02:00
Felix Buehler
fe9fb739a9 freshrss: fix greader-api 2022-10-19 23:34:26 +02:00
Sandro Jäckel
c9aab9ba97
nixos/changedetection-io: init 2022-10-19 21:33:31 +02:00
Skyler Grey
49c81f001c
release-notes: state that PolyMC has been replaced 2022-10-19 19:06:55 +01:00
Skyler Grey
fcbbc69f13
release-notes-2205: suggest using prismlauncher
- Previously PolyMC was the suggested replacement for MultiMC
- As PolyMC is marked as insecure and prismlauncher is a replacement,
  this commit suggests using it instead
2022-10-19 19:06:54 +01:00
Domen Kožar
d2cfe468f8
Merge pull request #196728 from veehaitch/github-runner-new-pats
nixos/github-runner: support fine-grained personal access tokens
2022-10-19 14:40:23 +02:00
Martin Weinelt
5d2330ddb5
Merge pull request #195760 from jmbaur/prometheus-kea-exporter 2022-10-19 14:02:15 +02:00
Vincent Haupert
ea8cf2e486 nixos/github-runners: support fine-grained personal access tokens
Add support for GitHub's new fine-grained personal access tokens [1]. As
opposed to the classic PATs, those start with `github_pat_` instead of
`ghp_`.

Make sure to use a token which has read and write access to the
"Administration" resource group [2] to allow for registrations of new
runners.

[1] https://github.blog/2022-10-18-introducing-fine-grained-personal-access-tokens-for-github/

[2] https://docs.github.com/en/rest/overview/permissions-required-for-github-apps#administration
2022-10-19 13:50:34 +02:00
Domen Kožar
ff27dc3a09
Merge pull request #176691 from codedownio/multiple-github-runners
GitHub runners: configurable user, environment, and service overrides + multiple runners
2022-10-19 13:38:23 +02:00
Tom McLaughlin
c2cc9aeafd Use config name by default, falling back to attr name 2022-10-19 03:33:30 -07:00
Tom Hubrecht
bbf5ba11b4
nixos/ntfy-sh: init 2022-10-19 02:20:16 +02:00
Sandro
e188e93b8f
Merge pull request #196477 from MatthewCroughan/mc/stateless-cups 2022-10-18 23:22:12 +02:00
Sandro
2917c9a67e
Merge pull request #195205 from NULLx76/vmagent 2022-10-18 21:16:10 +02:00
Sandro
7307c3ae6c
Merge pull request #191922 from NukaDuka/karma 2022-10-18 21:10:04 +02:00
Robert Hensing
314959198f
Merge pull request #196447 from Cynerd/oci-container-docker
nixos/modules/virtualisation: fix oci-containers with docker
2022-10-18 15:06:18 +02:00
Robert Hensing
14a822f72a
Merge pull request #196281 from hercules-ci/restore-nixos-test-dx
nixos: Restore test DX
2022-10-18 11:38:37 +02:00
Robert Hensing
6259b29f29
Merge pull request #194035 from Ma27/show-option-quoting
lib/options/showOption: fix quoting of attr-names that are not identifiers
2022-10-18 11:31:54 +02:00
matthewcroughan
a99ab1fbc1 nixos/printing: add services.printing.stateless option
This will remove all state directories related to CUPS on startup, which
is particularly useful for guaranteeing that printer discovery works
more reliably on some networks, since CUPS will no longer be able to
store state that effects the next run of the service, such as old
printer names and mDNS information.

Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
2022-10-17 22:59:24 +01:00
Jean-François Roche
dc529302fe
nixos: add cachix watch-store service
Self hosted CI push built packages asynchronously to cachix using a service.

Based on @Mic92 [code](https://github.com/cachix/cachix/issues/370#issuecomment-817081937)
2022-10-17 18:24:03 +02:00
Karel Kočí
76e1e908c1
nixos/modules/virtualisation: fix oci-containers with docker
The empty attribute set is invalidly provided as service config and
results in evaluation error.
2022-10-17 16:11:56 +02:00
Vladimír Čunát
8b880dd5d1
Merge #195505: nixosTests: avoid some broken ones, fix some others 2022-10-17 09:09:53 +02:00
Tom McLaughlin
5221e7af04 Add comments to explain about the name defaults 2022-10-17 00:04:52 -07:00
Tom McLaughlin
2c099d1a14 Set runner name to attr name for github-runners.${name} 2022-10-17 00:01:04 -07:00
Sarah Brofeldt
85d3faa877
Merge pull request #196218 from qowoz/k8s
kubernetes: drop e2e tests
2022-10-17 06:33:01 +02:00