Commit Graph

18905 Commits

Author SHA1 Message Date
github-actions[bot]
eeb7e66e97
Merge master into staging-next 2021-11-06 18:01:01 +00:00
Aaron Andersen
ecb6c3515f
Merge pull request #133006 from nberlee/pam-mk-homedir-umask
nixos/pam: pam_mkhomedir umask to 0077
2021-11-06 12:17:42 -04:00
Aaron Andersen
a97d32da9c
Merge pull request #144895 from arcnmx/ddclient-privs
nixos/ddclient: password permission fixes
2021-11-06 12:17:01 -04:00
arcnmx
cdd385510a nixos/ddclient: customizable package option 2021-11-06 08:50:39 -07:00
arcnmx
7deb5247a5 nixos/ddclient: fix privs when loading password 2021-11-06 08:50:39 -07:00
Izorkin
a71576b07b nixos/mastodon/streaming: add '@memlock' SystemCallFilter 2021-11-06 16:45:20 +01:00
Izorkin
91e510ae22 nixos/mastodon: add '@ipc' SystemCallFilter 2021-11-06 16:45:20 +01:00
Izorkin
700ea62f54 nixos/mastodon: remove duplicates SystemCallFilters 2021-11-06 16:45:20 +01:00
Izorkin
943f15d4b7 nixos/mastodon: add new sandboxing options 2021-11-06 16:45:20 +01:00
Nico Berlee
90bac670c0 nixos/pam: pam_mkhomedir umask to 0077
pam_mkhomedir should create homedirs with the same umask as the rest
of the system. Currently it creates homedirs with go+rx which makes
it readable for other non-privileged users.
2021-11-06 17:45:00 +02:00
Thomas Tuegel
a506f9c797
Merge pull request #143673 from oxalica/fix/sddm-default-session
plasma5: set default session to plasma X11 and fix sddm
2021-11-06 09:55:47 -05:00
github-actions[bot]
89ec09c858
Merge master into staging-next 2021-11-06 12:01:12 +00:00
Martin Weinelt
65be52ba2a
Merge pull request #144201 from misuzu/iptables-switch-fix 2021-11-06 12:28:51 +01:00
Jörg Thalheim
185aeb4ab8
Merge pull request #142765 from pennae/mosquitto-fixes
nixos/mosquitto: restore checkPasswords=false from old module, add module doc chapter
2021-11-06 10:08:43 +00:00
github-actions[bot]
2663e5b623
Merge master into staging-next 2021-11-05 12:01:17 +00:00
ajs124
ce21576c61
Merge pull request #142408 from mschwaig/fix-vmware-guest-headless
nixos/vmware-guest: fix headless option
2021-11-05 12:33:37 +01:00
Pascal Bach
0f60c45e9c nixos/unifi: refactor mountpoints
Use service internal bind mounts instead of global ones.

This also moves the logs to /var/log/unifi on the host
and the run directory to /run/unifi.

Closes #61424
2021-11-05 12:20:40 +01:00
Bernardo Meurer
1403ce522d
Merge pull request #144239 from illustris/hadoop
nixos/hadoop: Add HA services and HTTPFS
2021-11-04 23:30:47 -07:00
Cole Mickens
fd6e9350d0
Merge pull request #139354 from colemickens/nvidia
nvidia: fix egl-wayland loading
2021-11-04 23:09:38 -07:00
github-actions[bot]
ac4cb43546
Merge staging-next into staging 2021-11-05 00:02:01 +00:00
github-actions[bot]
20bee66ec8
Merge staging-next into staging 2021-11-04 18:01:44 +00:00
Bernardo Meurer
a13bfe7fbc
roon-server: 1.8-831 -> 1.8-846 2021-11-04 09:40:19 -07:00
Maciej Krüger
f37f1b2d01
Merge pull request #130388 from oxalica/fix/etc-nixos-tag-in-activation 2021-11-04 15:26:17 +01:00
Bas van Dijk
0140e239f3
Merge pull request #143147 from basvandijk/prometheus-reload
nixos/prometheus: optionally support reloading on config changes
2021-11-04 13:54:18 +01:00
github-actions[bot]
cca97be2f0
Merge staging-next into staging 2021-11-04 12:01:39 +00:00
Robert Hensing
3bccce68d1
Merge pull request #144440 from SuperSandro2000/lib-fromJSON
treewide: switch ``builtins.fromJSON(builtins.readFile ./file.json)``…
2021-11-04 12:17:40 +01:00
Bas van Dijk
f12e976ade module/prometheus: optionally support reloading on config changes
The new option `services.prometheus.enableReload` has been introduced
which, when enabled, causes the prometheus systemd service to reload
when its config file changes.

More specifically the following property holds: switching to a
configuration (`switch-to-configuration`) that changes the prometheus
configuration only finishes successully when prometheus has finished
loading the new configuration.

`enableReload` is `false` by default in which case the old semantics
of restarting the prometheus systemd service are in effect.
2021-11-04 11:15:21 +00:00
github-actions[bot]
524db8975e
Merge staging-next into staging 2021-11-04 06:02:01 +00:00
illustris
57225575df nixos/hadoop: fix errors in HTTPFS 2021-11-04 11:26:32 +05:30
illustris
8331b56701 nixos/hadoop: correct openFirewall options 2021-11-04 11:18:11 +05:30
illustris
c8df915e0e nixos/hadoop: add links for config files 2021-11-04 11:07:32 +05:30
Aaron Andersen
0c5d86b18c
Merge pull request #135601 from stackshadow/code-server-bin
code-server: init code-server-module
2021-11-03 22:15:26 -04:00
github-actions[bot]
3567177949
Merge staging-next into staging 2021-11-03 18:10:58 +00:00
illustris
42e14ff69f nixos/hadoop: replace enable = mkoption bools with mkEnableOption 2021-11-03 22:44:25 +05:30
illustris
c3d147f507 nixos/hadoop: replace "enabled" options with "enable" options
The module has been using "enabled" in place of enable since init ( 0c10b2baa6 )
2021-11-03 22:44:25 +05:30
illustris
9ca4363191 nixos/hadoop: add HTTPFS 2021-11-03 22:44:25 +05:30
illustris
39c007ce9c nixos/hadoop: Add HA capabilities
- Add HDFS journalnode and ZKFC services
- Test failover of HDFS and YARN master services in full hadoop test
- Check if a minimal HDFS cluster works in the minimal HDFS test
2021-11-03 22:44:24 +05:30
Sandro Jäckel
8547db919a
treewide: switch `builtins.fromJSON(builtins.readFile ./file.json)` to lib.importJSON ./file.json 2021-11-03 14:43:52 +01:00
Maciej Krüger
e7fd175e97
nixos/lxd-image-server: init
Co-authored-by: Aaron Andersen <aaron@fosslib.net>
2021-11-03 14:32:44 +01:00
github-actions[bot]
bf39715fe0
Merge staging-next into staging 2021-11-03 12:01:58 +00:00
Maciej Krüger
f9bbc60cfb
nixos/odoo: apply suggestions from review 2021-11-03 12:40:59 +01:00
Maciej Krüger
19781e6663
Merge pull request #120965 from mkg20001/lxd-roundup 2021-11-03 11:10:24 +01:00
Cole Helbling
516b49155e nixos/zfs: replace parentheses with braces
The parentheses prevent the `continue` line from working by running the
enclosed in a subshell -- I noticed that ZFS would start asking me for
my password to encrypted child datasets, even though they were not
specified in `requestEncryptionCredentials`. The following logs would
also be present in the import unit's journal:

    Oct 31 22:13:17 host systemd[1]: Starting Import ZFS pool "pool"...
    Oct 31 22:13:44 host zfs-import-pool-start[3711]: importing ZFS pool "pool"...
    Oct 31 22:13:44 host zfs-import-pool-start[4017]:pool/nix/store/39zij3xcxn4w38v6x8f88bx8y91nv0rm-unit-script-zfs-import-pool-start/bin/zfs-import-pool-start: line 31: continue: only meaningful in a `for', `while', or `until' loop
    Oct 31 22:13:44 host zfs-import-pool-start[4020]:pool/nix/store/39zij3xcxn4w38v6x8f88bx8y91nv0rm-unit-script-zfs-import-pool-start/bin/zfs-import-pool-start: line 31: continue: only meaningful in a `for', `while', or `until' loop
    Oct 31 22:15:14 host zfs-import-pool-start[4023]: Failed to query password: Timer expired
    Oct 31 22:15:14 host zfs-import-pool-start[4024]: Key load error: encryption failure
    Oct 31 22:15:14 host systemd[1]: zfs-import-pool.service: Main process exited, code=exited, status=255/EXCEPTION
    Oct 31 22:15:14 host systemd[1]: zfs-import-pool.service: Failed with result 'exit-code'.
    Oct 31 22:15:14 host systemd[1]: Failed to start Import ZFS pool "pool".
2021-11-03 04:59:46 -04:00
Alyssa Ross
703ffa2f5d
Merge remote-tracking branch 'nixpkgs/staging-next' into staging 2021-11-03 07:34:33 +00:00
Pascal Bach
b01c019afd
Merge pull request #136191 from LeSuisse/nixos-unifi-poller-loki
nixos/unifi-poller: add support of Loki
2021-11-03 08:25:13 +01:00
Maciej Krüger
1c31f8db6a
nixosTest.lxdImage: add lxdImage test 2021-11-03 07:49:54 +01:00
Maciej Krüger
a797967cec
lxdImage: split from docker profile, use generators.toYAML 2021-11-03 07:49:54 +01:00
Maciej Krüger
fec499bb98
virtualisation.lxc: replace /sbin/init on switch
in the future maybe a proper shim-bootloader could be used that supports 
switching out /sbin/init (so nixos-rebuild boot would just switch the 
link)
2021-11-03 07:49:53 +01:00
Maciej Krüger
8eac2a669a
virtualisation.lxc: add default for .templates 2021-11-03 07:49:53 +01:00
Maciej Krüger
681bd59661
virtualisation.lxc: apply changes from review 2021-11-03 07:49:52 +01:00