Commit Graph

458 Commits

Author SHA1 Message Date
Vladimír Čunát
01cf3b41aa
knot-dns: add libmaxminddb dependency
It's really small and some people might find it useful.
(If needed, its output could be split to make it even smaller.)
2020-08-13 08:19:58 +02:00
Timothy Stott
ba7c0893d4
treewide: remove obsolete attribute goPackagePath in buildGoModule derivations (#95092)
The buildGoModule infrastructure does not make use of goPackagePath it is a residue from buildGoPackage.
2020-08-11 21:04:55 +00:00
zowoq
cea7cd902e buildGoModule packages: set doCheck = false 2020-08-10 16:02:30 +10:00
R. RyanTM
98e8c6be06 pdns-recursor: 4.3.2 -> 4.3.3 2020-08-07 01:20:21 +00:00
Maximilian Bosch
0b6f0b7b07
Merge pull request #94399 from r-ryantm/auto-update/dnsdist
dnsdist: 1.4.0 -> 1.5.0
2020-08-04 23:23:47 +02:00
R. RyanTM
c90c363e64 dnsdist: 1.4.0 -> 1.5.0 2020-08-01 02:32:41 +00:00
zowoq
3c5750d1cd buildGoModule packages: editorconfig fixes 2020-07-31 13:58:04 +10:00
lf-
231e74dcbf ncdns: fix patch extension
The incorrect extension was confusing my code search tool.
2020-07-27 23:17:53 -07:00
R. RyanTM
1715eadebf nsd: 4.3.1 -> 4.3.2 2020-07-17 16:53:07 +00:00
Michele Guerini Rocco
400beaec1e
Merge pull request #92386 from r-ryantm/auto-update/pdns-recursor
pdns-recursor: 4.3.1 -> 4.3.2
2020-07-07 13:30:19 +02:00
Michele Guerini Rocco
fc553c0bc5
Merge pull request #89773 from rnhmjoj/ncdns
ncdns: init at 0.0.10.3
2020-07-07 10:58:55 +02:00
R. RyanTM
70e755c19a pdns-recursor: 4.3.1 -> 4.3.2 2020-07-05 23:04:23 +00:00
Vladimír Čunát
ec5ef6bd2b
knot-resolver: 5.1.1 -> 5.1.2
https://gitlab.nic.cz/knot/knot-resolver/-/tags/v5.1.2
I could highlight fixing the garbage collector on 32-bit systems.
2020-07-01 16:20:49 +02:00
Félix Baylac-Jacqué
7020dc8eac
nixos/nsd: symlink conf file to /etc/nsd
We remove the configFile build flag override in the NixOS module.

Instead of embedding the conf file link to the binaries, we symlink it
to /etc/nsd/nsd.nix, the hardcoded config file location for the
various CLI nsd utilities.

This config file build option override is triggerring a nsd rebuild
for each configuration change. This prevent us to use the nixos cache
in many cases.

Co-authored-by: Erjo <erjo@cocoba.work>
2020-06-26 20:18:33 +02:00
Félix Baylac-Jacqué
15c8a4800e
nsd: set passthru.tests 2020-06-26 17:56:06 +02:00
Matt Layher
6b9c728ef9 coredns: 1.6.9 -> 1.7.0 2020-06-19 09:01:44 -04:00
R. RyanTM
aecc33be22 coredns: 1.7.0 -> 1.7.1 2020-09-25 04:10:11 +00:00
Justin Humm
6cdbb1fb1f
bind: set BUILD_CC for cross compilation
This is due to a hint by @Ericson2314 in
https://github.com/NixOS/nixpkgs/pull/86166#issuecomment-633153996
2020-06-15 21:03:03 +02:00
rnhmjoj
8ff681a7ca
ncdns: add test to passthru.tests 2020-06-14 01:16:12 +02:00
rnhmjoj
5ec0bd7649
ncdns: init at 0.0.10.3 2020-06-14 01:09:32 +02:00
Vladimír Čunát
da752902c1
knot-dns: 2.9.4 -> 2.9.5
There's a bugfix important for some auto-signer setups.
https://gitlab.labs.nic.cz/knot/knot-dns/-/tags/v2.9.5

$ nix build -f nixos/release-combined.nix nixos.tests.knot.x86_64-linux
2020-05-25 10:56:49 +02:00
Vladimír Čunát
d0d90908c8
knot-resolver: 5.1.0 -> 5.1.1 (security)
https://en.blog.nic.cz/2020/05/19/nxnsattack-upgrade-resolvers-to-stop-new-kind-of-random-subdomain-attack/
2020-05-19 11:29:33 +02:00
Vladimír Čunát
13c485d63d
bind: 9.14.11 -> 9.14.12 (security)
https://www.isc.org/blogs/bind9-vulnerabilities-2020-05/
$ nix build -f nixos/release.nix tests.bind.x86_64-linux
2020-05-19 11:21:25 +02:00
Vladimír Čunát
6bf49e3777
pdns-recursor: 4.3.0 -> 4.3.1 (security)
https://doc.powerdns.com/recursor/changelog/4.3.html#change-4.3.1
It fixes DoS CVEs; details e.g. on http://www.nxnsattack.com/

$ nix build -f nixos/release.nix tests.pdns-recursor.x86_64-linux
2020-05-19 11:20:51 +02:00
Colin L Rice
d6162dab50
go-modules: Update files to use vendorSha256 2020-05-14 07:22:21 +01:00
R. RyanTM
bf707710af nsd: 4.3.0 -> 4.3.1 2020-05-06 10:34:36 -07:00
Vladimír Čunát
2147dd0648
knot-dns: 2.9.3 -> 2.9.4
https://gitlab.labs.nic.cz/knot/knot-dns/-/tags/v2.9.4
2020-05-05 09:20:32 +02:00
Vladimír Čunát
26d3ae2f24
knot-resolver: 5.0.1 -> 5.1.0
https://gitlab.labs.nic.cz/knot/knot-resolver/-/tags/v5.1.0

The upcoming major version will contain reworked
hints/policy/prefill/rebinding/view modules and related functionalities.
Please participate in the following survey to ensure we do not forget
about your particular use-case:
https://www.knot-resolver.cz/survey/
It will help us to improve Knot Resolver. Thank you!
2020-04-29 17:38:21 +02:00
Peter Hoeg
53c14c4e65
Merge pull request #81365 from peterhoeg/p/https-dns
https-dns-proxy: init at unstable-20200419
2020-04-20 14:06:40 +08:00
Peter Hoeg
93df15d79a https-dns-proxy: init at unstable-20200419 2020-04-20 13:36:59 +08:00
Michael Reilly
84cf00f980
treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
R. RyanTM
8866b7d72f coredns: 1.6.7 -> 1.6.9 2020-04-01 10:17:44 +00:00
Jörg Thalheim
066db11215
Revert "Merge pull request #83099 from marsam/fix-buildGoModule-packages-darwin"
This reverts commit 4e6bf03504, reversing
changes made to afd997aab6.

Instead we propagate those frameworks from the compiler again
2020-03-27 07:33:21 +00:00
Mario Rodas
36ae531bc2 coredns: fix build on darwin 2020-03-21 04:46:00 -05:00
R. RyanTM
ad1aff582f nsd: 4.2.4 -> 4.3.0 2020-03-19 12:08:16 -07:00
Jörg Thalheim
c5967df712
Merge pull request #82531 from r-ryantm/auto-update/coredns
coredns: 1.6.6 -> 1.6.7
2020-03-16 15:34:21 +00:00
Vladimír Čunát
47f61c9d7f
bind: 9.14.10 -> 9.14.11 (small bugfix)
I see just a single small bugfix in the news:
https://downloads.isc.org/isc/bind9/9.14.11/RELEASE-NOTES-bind-9.14.11.html
2020-03-15 09:15:41 +01:00
R. RyanTM
5389e95ce0 coredns: 1.6.6 -> 1.6.7 2020-03-14 04:28:21 +00:00
R. RyanTM
2c76b3d8d7 pdns-recursor: 4.2.1 -> 4.3.0 2020-03-09 01:24:14 +00:00
Vladimír Čunát
b7f5450e4d
knot-resolver: apply upstream patch
Encrypted ZFS users were affected, in particular some NixOS users
who reported the issue upstream.  Close #81188.
2020-03-04 13:36:54 +01:00
Vladimír Čunát
29a7464115 knot-dns: 2.9.2 -> 2.9.3
https://gitlab.labs.nic.cz/knot/knot-dns/-/tags/v2.9.3
2020-03-03 11:18:02 +01:00
Jörg Thalheim
6adc09ed30
knot: put runtime paths outside the nix store
Otherwise knot tries to write to non-writable directories.
This for example breaks dnssec signing.
While it's possible to overwrite these path in the configuration,
having a sane defaults is nicer.
2020-02-12 16:27:38 +00:00
Frederik Rietdijk
419bc0a4cd Revert "Revert "Merge master into staging-next""
In 87a19e9048 I merged staging-next into master using the GitHub gui as intended.
In ac241fb7a5 I merged master into staging-next for the next staging cycle, however, I accidentally pushed it to master.
Thinking this may cause trouble, I reverted it in 0be87c7979. This was however wrong, as it "removed" master.

This reverts commit 0be87c7979.
2020-02-05 19:41:25 +01:00
Frederik Rietdijk
0be87c7979 Revert "Merge master into staging-next"
I merged master into staging-next but accidentally pushed it to master.
This should get us back to 87a19e9048.

This reverts commit ac241fb7a5, reversing
changes made to 76a439239e.
2020-02-05 19:18:35 +01:00
Vladimír Čunát
baeed035ea
Merge #78628: knot-resolver: 4.3.0 -> 5.0.1
The service needed lots of changes. A few smaller changes
are added into the PR, e.g. replacement for PR #72014.
See the commit messages for details.
2020-02-05 16:57:02 +01:00
Vladimír Čunát
e3edb004c6
knot-resolver: 5.0.0 -> 5.0.1
https://gitlab.labs.nic.cz/knot/knot-resolver/tags/v5.0.1
2020-02-05 16:53:40 +01:00
Vladimír Čunát
ae74a0e27c
(nixos/)knot-resolver: 4.3.0 -> 5.0.0
Minor incompatibilities due to moving to upstream defaults:
  - capabilities are used instead of systemd.socket units
  - the control socket moved:
    /run/kresd/control -> /run/knot-resolver/control/1
  - cacheDir moved and isn't configurable anymore
  - different user+group names, without static IDs

Thanks Mic92 for multiple ideas.
2020-01-31 15:22:52 +01:00
Vladimír Čunát
93ad21dedd
knot-resolver: remove older lua path workarounds
Part of this is approximate revert of commit f0d2da43a7.
2020-01-31 15:06:20 +01:00
Vladimír Čunát
e980e7a3ab
knot-resolver: enable checks on aarch64
The cqueues fix is in nixpkgs already, so it works now.
2020-01-30 18:48:57 +01:00
Niklas Hambüchen
43a62af3a1
Merge pull request #78561 from r-ryantm/auto-update/bind
bind: 9.14.9 -> 9.14.10
2020-01-27 14:27:45 +01:00
R. RyanTM
0c59818ce7 bind: 9.14.9 -> 9.14.10 2020-01-26 15:58:22 +00:00
Vladimír Čunát
1ee3c7b405
Revert "knot-resolver: skip a broken test"
This reverts commit 5c0567dcc6.
The issue had been fixed but I forgot to remove this workaround.
2020-01-25 13:42:46 +01:00
Christoph Hrdinka
03c8eca08b
Merge pull request #76340 from r-ryantm/auto-update/nsd
nsd: 4.2.3 -> 4.2.4
2019-12-29 11:01:46 +01:00
Peter Simons
bc555a24af
Merge pull request #76209 from r-ryantm/auto-update/bind
bind: 9.14.8 -> 9.14.9
2019-12-27 12:17:36 +01:00
Ryan Mulligan
264f44b1d0
Merge pull request #76355 from r-ryantm/auto-update/pdns-recursor
pdns-recursor: 4.2.0 -> 4.2.1
2019-12-26 07:56:25 -08:00
R. RyanTM
cd795f7c0a pdns-recursor: 4.2.0 -> 4.2.1 2019-12-23 20:39:18 -08:00
R. RyanTM
0e168753c1 nsd: 4.2.3 -> 4.2.4 2019-12-23 17:38:11 -08:00
R. RyanTM
603e3b1345 bind: 9.14.8 -> 9.14.9 2019-12-22 20:05:23 -08:00
Jörg Thalheim
725f85e271
net-snmp: rename from net_snmp 2019-12-21 22:56:08 +00:00
Jörg Thalheim
0913701d47
dnsdist: 1.3.2 -> 1.4.0
- fixes build against boost
- also enable DoH
2019-12-21 22:56:01 +00:00
markuskowa
aef959ed93
Merge pull request #75292 from r-ryantm/auto-update/powerdns
powerdns: 4.2.0 -> 4.2.1
2019-12-20 12:18:16 +01:00
Oleksii Filonenko
03aa4ac48f
coredns: 1.3.1 -> 1.6.6 2019-12-16 14:07:43 +02:00
Vladimír Čunát
877eedec61
knot-dns: 2.9.1 -> 2.9.2 (bugfixes)
https://gitlab.labs.nic.cz/knot/knot-dns/tags/v2.9.2
2019-12-12 10:36:39 +01:00
R. RyanTM
394ec51d5c powerdns: 4.2.0 -> 4.2.1 2019-12-08 12:36:22 -08:00
Vladimír Čunát
24a4f45319
knot-resolver: 4.2.2 -> 4.3.0 (security)
Fixes CVE-2019-19331 (DoS), but other changes as well:
https://gitlab.labs.nic.cz/knot/knot-resolver/tags/v4.3.0
2019-12-04 16:22:49 +01:00
R. RyanTM
0fc8c727e2 nsd: 4.2.2 -> 4.2.3 2019-12-01 18:40:50 +01:00
R. RyanTM
b470220a0b bind: 9.14.7 -> 9.14.8 2019-11-25 00:18:59 -08:00
Vladimír Čunát
35566eb61a
knot-dns: 2.9.0 -> 2.9.1
It's mainly bugfixes:
https://gitlab.labs.nic.cz/knot/knot-dns/raw/v2.9.1/NEWS
2019-11-12 10:58:45 +01:00
R. RyanTM
0060782d8e bind: 9.14.6 -> 9.14.7
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/bind/versions
2019-10-20 21:13:12 -07:00
Kai Wohlfahrt
8a293b42de dnsutils: remove obsolete config flag 2019-10-16 13:48:51 +01:00
Kai Wohlfahrt
39afb94585 dnsutils: add delv tool
delv is provided as a replacement for dig with better DNSSEC support.
2019-10-16 13:40:44 +01:00
Vladimír Čunát
0bd5120e22
knot-dns: 2.8.4 -> 2.9.0
I can't see any large incompatibilities.
https://gitlab.labs.nic.cz/knot/knot-dns/tags/v2.9.0
2019-10-14 14:31:46 +02:00
Vladimír Čunát
39049dbd37
knot-resolver: 4.2.1 -> 4.2.2 (tiny bugfix)
https://gitlab.labs.nic.cz/knot/knot-resolver/tags/v4.2.2
2019-10-07 14:52:06 +02:00
Jon
5dd2ff3679
Merge pull request #69707 from r-ryantm/auto-update/powerdns
powerdns: 4.1.13 -> 4.2.0
2019-09-30 18:14:50 -07:00
R. RyanTM
d8f5f0e349 powerdns: 4.1.13 -> 4.2.0
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/powerdns/versions
2019-09-27 15:21:06 -07:00
Vladimír Čunát
4b656c7447
knot-resolver: 4.2.0 -> 4.2.1 (bugfixes)
https://gitlab.labs.nic.cz/knot/knot-resolver/tags/v4.2.1
2019-09-27 10:49:45 +02:00
Vladimír Čunát
1b0771ac42
knot-dns: 2.8.3 -> 2.8.4
https://gitlab.labs.nic.cz/knot/knot-dns/raw/v2.8.4/NEWS
2019-09-24 12:57:25 +02:00
Will Dietz
88aaa57296
bind: 9.14.4 -> 9.14.6
9.14.5: https://gitlab.isc.org/isc-projects/bind9/blob/v9_14_5/CHANGES
9.14.6: https://gitlab.isc.org/isc-projects/bind9/blob/v9_14/CHANGES

9.14.6 above links to the 9.14 branch CHANGES, no tag yet.
ISC's website has 9.14.6, which is the authoritative source.
2019-09-18 20:44:18 -05:00
Frederik Rietdijk
e73f871285 Merge master into staging-next 2019-09-08 14:49:25 +02:00
Vladimír Čunát
014ffdf3db
powerdns: use default openssl instead of libressl_2_8
Fixes https://github.com/NixOS/nixpkgs/issues/67601
and also see that thread for discussion.
2019-09-08 09:09:29 +02:00
Will Dietz
743f96d3a2
nsd: 4.2.1 -> 4.2.2 2019-09-03 20:10:44 -05:00
Vladimír Čunát
2e6bf42a22
Merge branch 'master' into staging-next
There ver very many conflicts, basically all due to
name -> pname+version.  Fortunately, almost everything was auto-resolved
by kdiff3, and for now I just fixed up a couple evaluation problems,
as verified by the tarball job.  There might be some fallback to these
conflicts, but I believe it should be minimal.

Hydra nixpkgs: ?compare=1538299
2019-08-24 08:55:37 +02:00
Robin Gloster
353323e055
erlang: pin to openssl 1.0.2 for < R20 2019-08-21 23:21:55 +02:00
Marek Mahut
67089e7016
Merge pull request #66995 from r-ryantm/auto-update/nsd
nsd: 4.2.0 -> 4.2.1
2019-08-20 21:18:54 +02:00
Robin Gloster
4e60b0efae
treewide: update globin's maintained drvs 2019-08-20 19:36:05 +02:00
R. RyanTM
cae176b4e3 nsd: 4.2.0 -> 4.2.1
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/nsd/versions
2019-08-19 16:23:11 -07:00
Frederik Rietdijk
f65aa21bb2 Merge master into staging-next 2019-08-18 12:53:44 +02:00
volth
c814d72b51 treewide: name -> pname 2019-08-17 10:54:38 +00:00
Jonathan Ringer
5775243d40 doh-proxy: 0.0.8 -> 0.0.9 2019-08-17 12:38:55 +02:00
volth
46420bbaa3 treewide: name -> pname (easy cases) (#66585)
treewide replacement of

stdenv.mkDerivation rec {
  name = "*-${version}";
  version = "*";

to pname
2019-08-15 13:41:18 +01:00
Vladimír Čunát
5c0567dcc6
knot-resolver: skip a broken test
The test fails from roughly today's machine date onwards.
2019-08-09 16:09:18 +02:00
Ryan Mulligan
ab5682a7d2
Merge pull request #66012 from r-ryantm/auto-update/pdns-recursor
pdns-recursor: 4.1.14 -> 4.2.0
2019-08-07 06:11:48 -07:00
Vladimír Čunát
577508ef14
knot-resolver: 4.1.0 -> 4.2.0
No really significant changes, I'd say:
https://gitlab.labs.nic.cz/knot/knot-resolver/tags/v4.2.0
2019-08-05 20:31:40 +02:00
R. RyanTM
febd3c7c30 pdns-recursor: 4.1.14 -> 4.2.0
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/pdns-recursor/versions
2019-08-04 21:18:24 -07:00
R. RyanTM
dc55912d73 bind: 9.14.3 -> 9.14.4
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/bind/versions
2019-08-03 14:35:28 -07:00
Vladimír Čunát
49ca44cf17
knot-dns: 2.8.2 -> 2.8.3 (maintenance) 2019-07-16 13:52:27 +02:00
Vladimír Čunát
263b5244ef
powerdns: enableParallelBuilding = true;
The build just took quite a long time otherwise.
2019-07-13 11:35:15 +02:00
Vladimír Čunát
64cb53dc01
Merge #64272: powerdns: 4.1.9 -> 4.1.10 (DoS security)
CVE-2019-10162, CVE-2019-10163
2019-07-13 10:36:14 +02:00
Vladimír Čunát
75369ad991
knot-resolver: disable part of tests on darwin, for now 2019-07-10 18:26:26 +02:00
Vladimír Čunát
f15625a6c0
knot-resolver: 4.0.0 -> 4.1.0 (security)
https://lists.nic.cz/pipermail/knot-resolver-users/2019/000189.html
Fixes DNS spoofing problems: CVE-2019-10190 CVE-2019-10191
but also minor things, adds new features, etc.
In particular aarch64 should work now, at least as long as not using
some lua library that suffers from the same problem with lightuserdata,
e.g. cqueues does suffer from this.
2019-07-10 17:42:37 +02:00