Commit Graph

4301 Commits

Author SHA1 Message Date
Bobby Rong
838dad5de9
Merge pull request #234231 from bobby285271/add/xdg-desktop-portal-xapp
xdg-desktop-portal-xapp: init at 1.0.0
2023-05-28 10:52:30 +08:00
Thomas Gerbet
85f15277d0 etcd: switch to etcd_3_5 2023-05-28 08:04:43 +10:00
Ryan Lahfa
77a1c48cca
Merge pull request #232011 from GaetanLepage/river
nixos/river: init module
2023-05-27 22:30:51 +02:00
Raito Bezarius
69bb0f94de nixos/nginx: first-class PROXY protocol support
PROXY protocol is a convenient way to carry information about the
originating address/port of a TCP connection across multiple layers of
proxies/NAT, etc.

Currently, it is possible to make use of it in NGINX's NixOS module, but
is painful when we want to enable it "globally".
Technically, this is achieved by reworking the defaultListen options and
the objective is to have a coherent way to specify default listeners in
the current API design.
See `mkDefaultListenVhost` and `defaultListen` for the details.

It adds a safeguard against running a NGINX with no HTTP listeners (e.g.
only PROXY listeners) while asking for ACME certificates over HTTP-01.

An interesting usecase of PROXY protocol is to enable seamless IPv4 to
IPv6 proxy with origin IPv4 address for IPv6-only NGINX servers, it is
demonstrated how to achieve this in the tests, using sniproxy.

Finally, the tests covers:

- NGINX `defaultListen` mechanisms are not broken by these changes;
- NGINX PROXY protocol listeners are working in a final usecase
  (sniproxy);
- uses snakeoil TLS certs from ACME setup with wildcard certificates;

In the future, it is desirable to spoof-attack NGINX in this scenario to
ascertain that `set_real_ip_from` and all the layers are working as
intended and preventing any user from setting their origin IP address to
any arbitrary, opening up the NixOS module to bad™ vulnerabilities.

For now, it is quite hard to achieve while being minimalistic about the
tests dependencies.
2023-05-26 19:48:26 +02:00
Bobby Rong
36abd7c9f8
nixos/cinnamon: enable portals by default 2023-05-26 23:53:15 +08:00
Ryan Lahfa
435237d641
Merge pull request #233350 from GrahamDennis/grahamdennis/testing-networks
nixos/qemu-vm: add option for named network interfaces
2023-05-26 15:57:01 +02:00
Yaya
ae47862b93 nixos/doc: add release note for sftpgo 2023-05-25 22:46:15 +02:00
Will Fancher
fe43923a70
Merge pull request #229767 from mberndt123/mberndt123/stratis-rootfs
nixos/stratis: initrd support for stratis root volumes
2023-05-25 14:06:31 -04:00
Weijia Wang
67e3953505 foundationdb: default to foundationdb71 2023-05-25 01:08:10 +03:00
Gaetan Lepage
8f421acbc5 nixos/river: init module 2023-05-25 00:05:23 +02:00
Weijia Wang
94dca479f4
Merge pull request #229321 from kira-bruneau/clonehero
clonehero: 0.23.2.2 -> 1.0.0.4080
2023-05-25 01:03:18 +03:00
Syboxez Blank
47a2d457b0 clonehero: 0.23.2.2 -> 1.0.0.4080
Co-authored-by: Kira Bruneau <kira.bruneau@pm.me>
2023-05-24 17:07:32 -04:00
Artturi
9cde82ecd2
Merge pull request #231996 from amjoseph-nixpkgs/pr/release-notes/powerpc64le-linux 2023-05-25 00:04:45 +03:00
Artturi
05bf5e1c91
Merge pull request #232001 from amjoseph-nixpkgs/pr/release-notes/powerpc-ieee-long-double 2023-05-25 00:03:40 +03:00
Graham Dennis
93502aa3b1 nixos/qemu-vm: add option for named network interfaces
Adds a new option to the virtualisation modules that enables specifying explicitly named network interfaces in QEMU VMs.
The existing `virtualisation.vlans` option is still supported for cases where the name of the network interface is irrelevant.
2023-05-24 08:54:20 +10:00
Bobby Rong
44b98d80ea
rl-2311: Add placeholder entries
This fixes manual-combined validation.
2023-05-23 12:59:58 +08:00
Raito Bezarius
2c28f1de7c 23.11 is Tapir 2023-05-22 21:16:04 +02:00
Martin Weinelt
f11d33afb7
nixos/frigate: init 2023-05-22 16:29:54 +02:00
Martin Weinelt
eae2018b54
nixos/go2rtc: init 2023-05-22 03:48:47 +02:00
Ryan Lahfa
270dcda1e8
Merge pull request #231062 from bobvanderlinden/espanso-update-2.1.8
espanso: 0.7.3 -> 2.1.8
2023-05-21 21:44:41 +02:00
Bob van der Linden
5762a20a25
espanso: 0.7.3 -> 2.1.8 2023-05-21 19:10:34 +02:00
Sandro
a74a4a2f32
Merge pull request #232534 from teutat3s/zhf/fix-prometheus-exporter-jitsi
jitsi-videobridge: refactor broken `apis` option to `colibriRestApi`
2023-05-21 18:43:59 +02:00
teutat3s
cb81bd9340
jitsi-videobridge: refactor broken apis option to
colibriRestApi

Refactor option to use jvb.conf and convert to boolean. Using the CLI
argument broke a while ago and is deprecated by upstream since 2021:
https://github.com/jitsi/jitsi-videobridge/pull/1738/files#diff-d9f589d2aae1673693461d7c3b9214324201ca1f43db63a3c773d4acfc52bc81

This fixes the currently broken test:
nixosTests.prometheus-exporters.jitsi
2023-05-21 15:31:14 +02:00
jarkad
2fa279fbf3 gajim: 1.6.1 -> 1.7.3 2023-05-20 22:34:46 +03:00
José Romildo Malaquias
85fb079d0f
Merge pull request #226270 from Flakebi/albert
albert: 0.17.6 -> 0.20.13
2023-05-20 09:16:13 -03:00
figsoda
701bcdbead nixos: fix typos 2023-05-19 22:31:04 -04:00
Alyssa Ross
43465c94d4 nixos/mailman: randomly generate REST API token 2023-05-19 12:03:41 +02:00
Matthias Berndt
cb410a8c59 Merge remote-tracking branch 'upstream/master' into mberndt123/stratis-rootfs 2023-05-17 21:47:19 -04:00
Doron Behar
84d5e9b123 release-notes: Mention services.syncthing changes due to RFC 42
Fixup to #226088 and #232439.
2023-05-17 22:25:49 +03:00
Matthias Berndt
92814241a8 improve stratis initrd support
it is now possible to supply a stratis pool uuid
for every filesystem, and if that filesystem
is required for boot, the relevant pool will be
started in the initramfs.
2023-05-16 22:48:36 -04:00
Sandro
efb55108b3
Merge pull request #231435 from drupol/openvscode-server/systemd-service 2023-05-16 14:14:29 +02:00
Pol Dellaiera
1d37fe1526
nixos/openvscode-server: init 2023-05-15 21:48:08 +02:00
Jonas Heinrich
8a4f016281 nixos/maddy: tls.loader add acme support, add secrets option 2023-05-15 15:00:16 -04:00
K900
d5c292af6b
Merge pull request #197524 from f2k1de/graylog4
graylog: init at 4.0.8, 4.3.9, 5.0.2
2023-05-15 19:42:04 +03:00
Sandro
872c89e5a7
Merge pull request #221750 from rhendric/rhendric/nixos/snapper 2023-05-15 17:24:25 +02:00
figsoda
783ebc7682
Merge pull request #231707 from figsoda/trip 2023-05-15 09:13:59 -04:00
Ryan Lahfa
8c4a3f67b5
Merge pull request #228956 from tensor5/pam-zfs-key
nixos/pam: enable unlocking ZFS home dataset
2023-05-15 11:42:30 +02:00
Adam Joseph
c87e1115d7 release-notes: mention that powerpc64 now uses IEEE-standard floats 2023-05-15 01:05:04 -07:00
Ryan Lahfa
fa06a3b646
Merge pull request #230888 from Misterio77/nextcloud-createlocally-optin
nixos/nextcloud: default createLocally to false
2023-05-15 09:28:15 +02:00
Nicola Squartini
5466f76755 nixos/pam: improve documentation of ZFS module 2023-05-15 09:22:39 +02:00
Adam Joseph
2983698c4b release-notes: note ability to build powerpc64le-linux NixOS ISOs
This commit adds a mention to the release notes of the fact that
NixOS 23.05 can build installer ISOs for a new platform.
2023-05-15 00:21:41 -07:00
Nicola Squartini
09f4bf7f16 nixos/pam: enable unlocking ZFS home dataset 2023-05-15 09:20:40 +02:00
Ryan Lahfa
feb7fcde4b
Merge pull request #231481 from nikstur/rshim-user-space
rshim for Nvidia BlueField
2023-05-15 09:03:50 +02:00
Ryan Lahfa
e3bd7faa18
Merge pull request #226830 from Janik-Haag/birdwatcher
birdwatcher: init at 2.2.4, alice-lg: init at 6.0.0, nixos/birdwatcher: init, nixos/alice-lg: init
2023-05-15 08:42:10 +02:00
Janik H
40136a1f7f nixos/birdwatcher: init 2023-05-15 02:52:06 +02:00
Janik H
8ed86700a2 nixos/alice-lg: init 2023-05-15 02:52:06 +02:00
nikstur
5435eaaa4d nixos/rshim: init 2023-05-15 01:24:48 +02:00
Ryan Lahfa
285330f081
Merge pull request #230153 from mklca/swap-encrypt-enhancement
nixos/config/swap: improve randomEncrytion
2023-05-14 19:01:56 +02:00
Gabriel Fontes
f9f76529cd
nixos/nextcloud: default createLocally to false 2023-05-14 12:09:50 -03:00
Ryan Lahfa
8ef486b60e
Merge pull request #207194 from RaitoBezarius/pixelfed-module
pixelfed: init at 0.11.5, module, tests
2023-05-14 17:09:19 +02:00
figsoda
3aa6580f46 nixos/trippy: init 2023-05-14 10:05:29 -04:00
github-actions[bot]
2f665c348c
Merge master into staging-next 2023-05-13 00:02:05 +00:00
Harshil Jani
aa0b851e83
manual: fix matrix room link (#231523)
Co-authored-by: figsoda <figsoda@pm.me>
2023-05-12 18:55:19 -04:00
Isa
efbcbc5611 graylog: init at 4.0.8, 4.3.8, 5.0.6 2023-05-12 20:16:05 +02:00
github-actions[bot]
206417b7a2
Merge master into staging-next 2023-05-12 18:01:18 +00:00
Martin Weinelt
1c80c494ca
Merge pull request #228422 from mweinelt/gitea-actions-runner-module
nixos/gitea-actions-runner: init
2023-05-12 17:54:16 +02:00
github-actions[bot]
0a82cd9e62
Merge master into staging-next 2023-05-12 08:49:13 +00:00
K900
b136129246
Merge pull request #231293 from K900/libinput-default
nixos/x11/hardware/libinput: enable by default
2023-05-12 09:42:23 +03:00
github-actions[bot]
b9c14e0e61
Merge master into staging-next 2023-05-11 18:01:13 +00:00
Robert Hensing
5c3e59b6d6
Merge pull request #230523 from hercules-ci/fast-nixos-test-eval
Fast nixos test eval
2023-05-11 17:34:46 +02:00
K900
9fec1a09bd nixos/x11/hardware/libinput: enable by default
Basically everything Wayland uses this, it's much more actively
maintained than xf86-input-evdev, and we should really be shipping
it by default.
2023-05-11 16:49:10 +03:00
github-actions[bot]
079dc4c27d
Merge master into staging-next 2023-05-11 00:02:13 +00:00
figsoda
9eff400dd9
Merge pull request #230939 from figsoda/sniffnet-module 2023-05-10 17:24:47 -04:00
Sandro
84b4373d8c
Merge pull request #230550 from Mic92/harmonia 2023-05-10 16:55:06 +02:00
Robert Hensing
16d594a0e2 lib.types.pkgs: init
A nominal type.
2023-05-10 15:55:08 +02:00
Jörg Thalheim
76ffeaf06c nixos/harmonia: init service 2023-05-10 14:52:31 +02:00
github-actions[bot]
2d07e76d1a
Merge staging-next into staging 2023-05-10 00:03:33 +00:00
figsoda
282e5e03a8 nixos/sniffnet: init 2023-05-09 15:53:34 -04:00
asonix
cb2941db79 pict-rs: 0.3.0-alpha.37 -> 0.3.3 2023-05-09 15:24:54 -04:00
github-actions[bot]
b5b52a946a
Merge staging-next into staging 2023-05-09 18:02:32 +00:00
06kellyjac
6b78c0b80e k3d: add notice of rename in release notes 2023-05-09 14:22:59 +01:00
github-actions[bot]
5b562cf621
Merge staging-next into staging 2023-05-09 00:02:44 +00:00
Raito Bezarius
16658f7634 nixos/netdata: introduce deadlineBeforeStopSec
Previously, we hardcoded a 60 second timer to stop netdata if we didn't have any answer back.
This is wrong and can cause data loss because the SIGTERM sent by systemd can sometimes be not honored.
Which in turn becomes a SIGKILL, causing potential data loss / corruption.

Offer a flag to users and bump the deadline to 2 minutes.
2023-05-08 19:29:13 +02:00
github-actions[bot]
4532c723ec
Merge staging-next into staging 2023-05-08 00:02:49 +00:00
Sandro
6197953fb6
Merge pull request #207106 from autrimpo/gonic-module
nixos/gonic: init
2023-05-08 01:28:24 +02:00
Michal Koutenský
8118e3de43 nixos/gonic: init 2023-05-07 22:43:23 +02:00
Matthias Berndt
1632e73b19 nixos/stratis: enable booting from stratis volume 2023-05-07 18:48:28 +02:00
github-actions[bot]
1edcdf34e3
Merge staging-next into staging 2023-05-06 18:01:44 +00:00
Gabriel Fontes
e2854d332d nixos/kavita: init 2023-05-06 13:57:53 -03:00
Martin Weinelt
1c963cea48
nixos/gitea-actions-runner: init 2023-05-06 17:34:15 +02:00
github-actions[bot]
76e7973d1c
Merge staging-next into staging 2023-05-06 00:02:57 +00:00
nikstur
c947bf5c0c nixos/release-notes: add systemd-repart 2023-05-05 22:45:44 +02:00
Mikaela Allan
21b6bec0ff
nixos/config/swap: improve randomEncrytion
* add sector size parameter to swap randomEncryption
  * add key size parameter to swap randomEncryption
  * allow deviceName to be overridden for encrypted swap
  * create test for swap random encryption
  * update release notes
2023-05-05 13:36:42 -04:00
github-actions[bot]
2181c1e956
Merge staging-next into staging 2023-05-05 12:02:09 +00:00
Jacek Galowicz
3ba45b082e
Merge pull request #228111 from alyssais/nixosTest-hostname
nixosTest: remove hostname limitations
2023-05-05 08:12:36 +02:00
github-actions[bot]
1b8f2397cf
Merge staging-next into staging 2023-05-05 00:02:42 +00:00
Sandro
3971f4c98c
Merge pull request #226652 from totoroot/remove-qlandkartegt
qlandkartegt: remove
2023-05-04 23:07:21 +02:00
Jonas Chevalier
3d2bdd0788
python: implement PEP 668 (#229166)
Add a marker file to the python outputs that tells pip and other tooling
following PEP 668 that they should not be installing things system-wide.

This provides better feedback to the user and also potentially avoids issues in
single-user installs where the /nix/store is owned by the user.

For more details, see <https://peps.python.org/pep-0668/>

Here is how it currently looks like:

    $ pip install requests
    error: externally-managed-environment

    × This environment is externally managed
    ╰─> This command has been disabled as it tries to modify the immutable
        `/nix/store` filesystem.

        To use Python with Nix and nixpkgs, have a look at the online documentation:
        <https://nixos.org/manual/nixpkgs/stable/#python>.
2023-05-04 18:30:25 +02:00
Matthias Thym
4138d6a449 qlandkartegt: remove 2023-05-03 21:58:12 +02:00
pennae
407f6196a2 nixos-render-docs: add examples support
the nixos manual contains enough examples to support them as a proper
toc entity with specialized rendering, and if in the future the nixpkgs
wants to use nixos-render-docs we will definitely have to support them.
this also allows us to restore some examples that were lost in previous
translation steps because there were too few to add renderer support
back then.
2023-05-03 19:58:21 +02:00
Izorkin
544ebba973 nixos/fail2ban: update bantime options 2023-05-03 08:45:26 +02:00
Artturi
2d256ca7c2
Merge pull request #227499 from tollb/w20230421d_use_systemd_hwdb_to_build_udev_hwdb 2023-05-02 19:04:06 +03:00
Jonas Heinrich
d932d6929b
Merge pull request #227401 from onny/maddytls2
nixos/maddy: Add tls option
2023-05-02 07:32:56 +02:00
Jonas Heinrich
fcf6662fb5
Merge pull request #229159 from Misterio77/refactor-nextcloud-createlocally
nixos/nextcloud: refactor database.createLocally
2023-05-01 20:04:20 +02:00
Jonas Heinrich
616ba4ae5c nixos/maddy: Add tls option 2023-05-01 19:12:26 +02:00
Gabriel Fontes
fddf531c6f
nixos/nextcloud: refactor database.createLocally
Fixes https://github.com/NixOS/nixpkgs/issues/228971
2023-05-01 12:20:40 -03:00
Vladimír Čunát
8663481786
Merge #228476: staging-next 2023-04-27 2023-05-01 11:20:22 +02:00
K900
5c95114a2f
Merge pull request #228951 from aacebedo/aacebedo/asusctl_4.6.2
asusctl: 4.5.8 -> 4.6.2
2023-05-01 12:08:37 +03:00
Alexandre Acebedo
576d7d34c4 asusctl: 4.5.8 -> 4.6.2 2023-05-01 11:07:39 +02:00
Weijia Wang
cdefca3d7a nixos/release-notes: fix typo 2023-05-01 14:21:01 +08:00