Martin Weinelt
7da17ece76
Merge pull request #310366 from mweinelt/pretix-pretalx-homemode
...
pretix, pretalx: fixes, hardening
2024-05-10 14:50:24 +02:00
Franz Pletz
fb382c2628
Merge pull request #310452 from fpletz/nginx-acme-servername
...
nixos/nginx: fix reference to acme cert hostname
2024-05-10 14:04:24 +02:00
nu-nu-ko
1c0d10e4f4
nixos/navidrome: add nu-nu-ko to maintainers
2024-05-10 21:16:30 +12:00
nu-nu-ko
7519d230b5
nixos/navidrome: ensure data & cache dirs exist with valid permissions
2024-05-10 21:16:30 +12:00
nu-nu-ko
ffc0d8bf58
nixos/navidrome: remove apply from settings option
2024-05-10 21:16:30 +12:00
nu-nu-ko
da8cdc2782
nixos/navidrome: use lib.getExe
2024-05-10 21:16:30 +12:00
nu-nu-ko
4987663e27
nixos/navidrome: add user/group options
2024-05-10 21:16:29 +12:00
nu-nu-ko
bbba2bde44
nixos/navidrome: rfcfmt, rm mdDoc & with lib;
2024-05-10 21:16:29 +12:00
Franz Pletz
b7d060d10d
nixos/nginx: fix reference to acme cert hostname
...
The change introduced in #308303 refers to the virtualHosts attrset
key which can be any string. The servername is the actual primary
hostname used for the certificate.
This fixes use cases like:
services.nginx.virualHosts.foobar.serverName = "my.fqdn.org";
2024-05-10 01:36:34 +02:00
Martin Weinelt
622af635bb
pretalx: adopt and set up code ownership
2024-05-09 18:20:14 +02:00
Martin Weinelt
9afcf733f3
nixos/pretix: update hardening
...
- Transition from world-readable to group-readable UMask
- Remove world permissions from state directory
2024-05-09 18:20:14 +02:00
Martin Weinelt
82f2cc7489
nixos/pretalx: set up hardening
2024-05-09 18:20:13 +02:00
Martin Weinelt
b4b3165619
nixos/pretalx: fix state directory mode
...
The state directory contains static files that need to be accessible by
a webserver, but homeMode defaults to 0750 and switching the generation
will always force the homeMode, thereby breaking access to the assets.
Instead, fully rely on systemd to provide the StateDirectory with the
correct mode.
2024-05-09 18:20:13 +02:00
Martin Weinelt
a4193dba8f
nixos/pretix: fix state directory mode
...
The state directory contains static files that need to be accessible by
a webserver, but homeMode defaults to 0750 and switching the generation
will always force the homeMode, thereby breaking access to the assets.
Instead, fully rely on systemd to provide the StateDirectory with the
correct mode.
2024-05-09 17:00:02 +02:00
Nick Cao
fe4d8b1b73
Merge pull request #310298 from rouven0/portunus-dex
...
nixos/portunus: fix dangling service files for dex
2024-05-09 09:50:54 -04:00
Rouven Seifert
06667e028f
nixos/portunus: fix dangling service files for dex
2024-05-09 11:29:23 +02:00
Guillaume Girol
2931e934d0
Merge pull request #277368 from niklaskorz/nixos-mautrix-signal
...
nixos/mautrix-signal: add module
2024-05-08 22:33:29 +02:00
Linus Heckemann
a10842c7f0
Merge pull request #302300 from Ma27/kernel-zstd
...
linux kernel: prefer zstd where possible
2024-05-08 15:17:45 +02:00
7c6f434c
55e9b296c1
Merge pull request #309696 from Uthar/lisp-removal-of-previous-variants
...
Lisp modules - removal of previous variants
2024-05-08 10:04:39 +00:00
Jonas Heinrich
4a451cb3ce
Merge pull request #308291 from Ma27/nc-update-db
...
nixos/nextcloud: add nextcloud-update-db.service, nextcloud-cron isn't oneshot
2024-05-08 11:29:45 +02:00
Pascal Wittmann
a751e2faa2
Merge pull request #302908 from kai-tub/nixos/restic/fix-checkCmd
...
nixos/restic: fix skipping of check command
2024-05-08 10:29:31 +02:00
nikstur
951e023010
Merge pull request #309838 from cyberus-technology/take-plausible-maintainership
...
plausible: take take-plausible-maintainership
2024-05-07 18:34:24 +02:00
Leona Maroni
31be9134a2
Merge pull request #309836 from cyberus-technology/fix-nixos-plausible-unit
...
nixos/plausible: fix unit start script
2024-05-07 15:46:50 +02:00
Alexander Sieg
8edee82bc2
plausible: take take-plausible-maintainership
2024-05-07 15:35:22 +02:00
Alexander Sieg
3be1b16698
nixos/plausible: fix unit start script
...
In 8bb777ee37
a condition was added to
only execute the createdb.sh script if database setup was configurated.
However a superfluace " was added at the end of the line which cased an
escaping error the resulted in #309520 .
Fixes #309520
2024-05-07 15:27:08 +02:00
Pol Dellaiera
9f3f549360
Merge pull request #309550 from linj-fork/pr/kanata-check-config-at-build-time
...
nixos/kanata: check the config file at build time
2024-05-07 09:59:18 +02:00
Lin Jian
50f535b067
Merge pull request #309609 from linj-fork/pr/kanata-module-doc
...
nixos/kanata: improve doc
2024-05-07 11:05:26 +08:00
Kasper Gałkowski
fc5b715e1a
nixos/clfswm: use sbclPackages - lispPackages was removed
2024-05-07 03:35:07 +02:00
Niklas Hambüchen
8907c1017d
Merge pull request #309424 from NixOS/ReadWriteDirectories-ReadWritePaths
...
nixos/{zoneminder,caddy,traefik}: ReadWriteDirectories -> ReadWritePaths
2024-05-07 01:13:06 +02:00
Niklas Hambüchen
9d7a729277
treewide: ReadWriteDirectories -> ReadWritePaths.
...
These were renamed in systemd v231:
2a624c36e6
2024-05-07 01:06:02 +02:00
Bernardo Meurer
7c87bee77b
nixos/oauth2-proxy: fix missing lib.
2024-05-06 14:05:17 -04:00
Lin Jian
75a864edf1
nixos/kanata: replace deflayer with deflayermap in config example
...
IMHO, this style is more intuitive.
2024-05-07 01:52:08 +08:00
Lin Jian
4eafe1458d
nixos/kanata: improve links to the upstream documentation
2024-05-07 01:51:57 +08:00
Lin Jian
f7b50c3977
nixos/kanata: improve example of the package option
...
Before this patch, it is rendered as "Example: kanata-with-cmd".
With this patch applied, it is "Example: pkgs.kanata-with-cmd".
2024-05-07 01:51:51 +08:00
Lin Jian
1d93534ec4
nixos/kanata: check the config file at build time
...
Before this patch, checking the config file is done at runtime.
Doing so at build time shortens the feedback loop[1][2].
[1]: https://github.com/NixOS/nixpkgs/issues/278135
[2]: https://github.com/jtroo/kanata/issues/689
2024-05-06 20:25:09 +08:00
Sandro
ed7d332850
Merge pull request #309304 from Ma27/nc-dav
2024-05-06 14:17:52 +02:00
Niklas Hambüchen
7b6b627a66
nixos/caddy: Comment why ExecStart is reset
2024-05-06 03:18:29 +02:00
nicoo
db5f88c41a
nixos/ssh: Make ~/.ssh/authorized_keys
optional in AuthorizedKeysFiles ( #279894 )
2024-05-06 01:11:03 +00:00
Sandro
bdd2e6b121
Merge pull request #309324 from evenbrenden/move-jotta-cli
...
nixos/jotta-cli: move to services.jotta-cli
2024-05-05 23:17:24 +02:00
K900
8d9c2c8a1c
Merge pull request #309318 from oxalica/feat/plasma6-kwin-wayland-nice
...
nixos/plasma6: add CAP_SYS_NICE for kwin_wayland
2024-05-05 22:00:27 +03:00
Florian Klink
135fbd12c3
Merge pull request #309068 from SuperSandro2000/dbus-broker
...
nixos/dbus: fix switching from dbus-broker to dbus
2024-05-05 21:32:53 +03:00
André Silva
7142a2dec9
Merge pull request #306655 from devusb/sunshine-update
...
sunshine: 0.23.0 -> 0.23.1
2024-05-05 19:14:28 +01:00
Even Brenden
9fa89d0e2c
nixos/jotta-cli: move to services.jotta-cli
2024-05-05 19:30:16 +02:00
Maximilian Bosch
c7a1616be7
nixos/nextcloud: add trailing slashes to carddav/caldav redirect
...
This seems to solve the problem with the warning about carddav/caldav
redirects being broken.
2024-05-05 18:17:25 +02:00
Niklas Korz
346d23fdf2
nixos/mautrix-signal: add module
2024-05-05 13:57:50 +02:00
Sandro Jäckel
06643a08b2
nixos/display-managers: fix assertion
2024-05-05 11:17:49 +02:00
Jade Lovelace
f96f3c9e30
nixos/keycloak: pass --verbose to starting keycloak
...
This sets the exception handler to show the full exception on startup.
We don't think it does anything else, with respect to logging, for
instance. Everything else can be configured in the config file, and this
is plain reasonable to simply always enable in our view.
2024-05-04 17:43:38 -07:00
Kai Norman Clasen
c650982a43
nixos/restic: Add runCheck option
...
This commit fixes the requirement to provide a pruneOption to ensure
that the check command is run when a check option is set. This is useful
for check-only configurations. The option is implicitly set if checkOpts
are given by default.
2024-05-04 22:44:37 +02:00
Sandro Jäckel
21ab17debe
nixos/dbus: fix switching from dbus-broker to dbus
2024-05-04 21:56:17 +02:00
Aaron Andersen
efd518852d
Merge pull request #300090 from lytedev/300088
...
plausible: Do not run createdb.sh unless configured to setup the database
2024-05-04 18:41:49 +00:00