public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
292,970 Commits 1 Branch 0 Tags 1.5 GiB
Commit Graph

21851 Commits

Author SHA1 Message Date
Michael Lingelbach 676ddafd3d
nixos/dendrite: remove (#124524) 
* The options tlsKey and tlsCert require being accessible by DynamicUser at runtime, which currently requires copying the files into the matrix service state directory. Fixing this might require breaking changes. Thus the module should not be included in a stable release.
 2021-05-27 10:41:05 +02:00
Sandro 0a086ee342
Merge pull request #124509 from dotlambda/backport-124391 2021-05-27 04:30:18 +02:00
Maximilian Bosch 95f6c0b7e0
nixos/release-notes: fix `slaptest` command for openldap section 
When running - as suggested - `slaptest -f slapd.conf $TMPDIR` I get the
following result:

    [root@ldap:/tmp/tmp.De46ABIbFf]# slaptest -f /nix/store/lks3ihydj40ff6yqvz0k33ycrc9vbyry-slapd.conf $TMPDIR
    usage: slaptest [-v] [-d debuglevel] [-f configfile] [-F configdir] [-o <name>[=<value>]] [-n databasenumber] [-u] [-Q]

    [root@ldap:/tmp/tmp.De46ABIbFf]# echo $?
    1

Adding a `-F` option fixes the issue.

(cherry picked from commit b5a12b4b61fca35c7ca94de0338a7e16841888f4)
 2021-05-26 22:35:51 +02:00
Sandro Jäckel 0b4994f714 nixos/kresd: tell resolveconf to use local resolver 
(cherry picked from commit 140828ce3843444a8536db884147ed5c4b941259)
 2021-05-26 17:24:55 +02:00
Tom Fitzhenry 3c0ee5ac10 nixos/manual: document how to install over a serial port 
https://github.com/NixOS/nixpkgs/issues/58198
(cherry picked from commit 81e04717e8f30496ec9ec9edb6b0588deca41ee2)
 2021-05-25 08:46:20 +10:00
regnat 0cebbdf687
Revert "nixos/nix-daemon: fix sandbox-paths option" 
This reverts commit aeeee447bc.

(cherry picked from commit 113823669b9b71fff84bc592d1fd6022635c28eb)
Signed-off-by: Domen Kožar <domen@dev.si>
 2021-05-24 15:20:58 +02:00
Guillaume Girol 1c1e5094d9 Merge pull request #123902 from hyperfekt/mount-pstore-quiet 
nixos/filesystems: condition mount-pstore.service on unmounted /sys/fs/pstore

(cherry picked from commit d7555732bc8bb8a2acb50fd4ecba96c825b4f21e)

Reason: activation throws an error from failing to start the unit
 2021-05-23 15:04:41 +02:00
Jonathan Ringer d547493e0c
Revert "nixos/doc: add md-to-db.sh, convert "Building Your Own NixOS CD" to CommonMark" 
This reverts commit 6c14851943.
 2021-05-22 19:08:27 -07:00
Jonathan Ringer 4a974e6695
Revert "nixos/doc: convert "Contributing to this manual" to CommonMark" 
This reverts commit 7501467903.
 2021-05-22 19:08:23 -07:00
Jonathan Ringer c294c2fb40
Revert "nixos/doc: add 21.11 release notes stub" 
This reverts commit 6543c61311.
 2021-05-22 19:08:15 -07:00
Jonathan Ringer c2bb4bad68
Merge remote-tracking branch 'origin/master' into backport-staging-next 
Forgot to merge staging-next into master before branching off.
This is meant to include the additional stabilization changes.
 2021-05-22 18:48:23 -07:00
Jonathan Ringer 11a9ac00fc
Merge remote-tracking branch 'origin/master' into staging-next 
Conflicts:
 pkgs/tools/networking/xh/default.nix
 2021-05-22 18:19:10 -07:00
Ryan Mulligan 6543c61311 nixos/doc: add 21.11 release notes stub 2021-05-22 18:14:49 -07:00
Ryan Mulligan 7501467903 nixos/doc: convert "Contributing to this manual" to CommonMark 
Also updates it to mention running md-to-db.sh.
 2021-05-22 18:14:49 -07:00
Ryan Mulligan 6c14851943 nixos/doc: add md-to-db.sh, convert "Building Your Own NixOS CD" to CommonMark 2021-05-22 18:14:49 -07:00
Jonathan Ringer 12c5acf376
21.05 beta release 2021-05-22 17:56:13 -07:00
Martin Weinelt 84f649f693
Merge pull request #121626 from mweinelt/botamusique 2021-05-23 02:02:09 +02:00
Martin Weinelt d210ed99c4
nixos/tests/botamusique: init 2021-05-23 01:01:52 +02:00
Martin Weinelt 59e5ff4b29
nixos/botamusique: init 2021-05-23 01:01:51 +02:00
Jan Tojnar aea7b5f08e
Merge pull request #124073 from mkg20001/cinnamonpolkit 
nixos/cinnamon: add polkit_gnome to fix #124062
 2021-05-23 00:21:28 +02:00
Jan Tojnar 141e85cc69
Merge pull request #124056 from mkg20001/cinnamonlocale 
nixos/cinnamon: add cinnamon-translations to systemPackages
 2021-05-23 00:21:11 +02:00
Maciej Krüger eca2b05354
nixos/cinnamon: add cinnamon-translations to systemPackages 
This allows other cinnamon applications to use the locales

Without this the cinnamon UI is not properly translated
 2021-05-22 23:59:33 +02:00
Maciej Krüger 8664c2c743
nixos/cinnamon: add polkit_gnome to fix #124062 2021-05-22 23:58:06 +02:00
Maximilian Bosch 9cab80ce4d
Merge pull request #122203 from mohe2015/imperative-nixos-container-timeout 
nixos-containers: Increase startup timeout for imperative containers
 2021-05-22 23:04:12 +02:00
Maximilian Bosch 278bcdce1f
Merge pull request #123941 from mweinelt/matrix-synapse 
nixos/matrix-synapse: protect created files
 2021-05-22 22:20:16 +02:00
Martin Weinelt 79e675444c
nixos/matrix-synapse: protect created files 
Enforce UMask on the systemd unit to restrict the permissions of files
created. Especially the homeserver signing key should not be world
readable, and media is served through synapse itself, so no other user
needs access to these files.

Use a prestart chmod to fixup the permissions on the signing key.
 2021-05-22 20:30:49 +02:00
Sandro 7be85b5090
Merge pull request #104420 from danielfullmer/syncoid-perm-fix 2021-05-22 17:57:56 +02:00
Kira Bruneau cd4780fab4
maintainers: rename metadark -> kira-bruneau (#124035) 2021-05-22 16:47:40 +02:00
Domen Kožar fdd42cb68c
Merge pull request #123211 from mdevlamynck/pipewire-plasma-pa 
nixos/plasma5: also add plasma-pa when using pipewire with pulseaudio support
 2021-05-22 15:20:50 +02:00
github-actions[bot] 563389a7fd
Merge master into staging-next 2021-05-22 12:27:09 +00:00
sohalt be01cb8b97 nixos/spacenavd: run as user service 2021-05-22 12:48:12 +02:00
Domen Kožar 3a28f72e7b
Merge pull request #123970 from kisik21/nix-fix-sandbox-paths 
nixos/nix-daemon: fix sandbox-paths option
 2021-05-22 12:05:11 +02:00
Vika aeeee447bc
nixos/nix-daemon: fix sandbox-paths option 
In newer versions of Nix (at least on 2.4pre20201102_550e11f) the
`extra-` prefix for config options received a special meaning and the
option `extra-sandbox-paths` isn't recognized anymore. This commit fixes
it.

It doesn't cause a behavior change when using older versions of Nix but
does cause an extra newline to appear in the config, thus changing the
hash.
 2021-05-22 05:14:56 +00:00
github-actions[bot] 901fb5e64e
Merge master into staging-next 2021-05-22 00:56:03 +00:00
Jonathan Ringer 5b61edfe47 docs/release-notes: mention ati_drivers_x11 removal 2021-05-21 16:16:48 -07:00
Jonathan Ringer ced04640c7 nixos/video: remove obsolete ati modules 2021-05-21 16:16:48 -07:00
Jan Tojnar a420acab1e
release notes: Mention automated gnomeExtensions 
https://github.com/NixOS/nixpkgs/pull/118232
 2021-05-21 23:53:16 +02:00
Martin Weinelt 71fb79ee6b
Merge pull request #123828 from Lassulus/solanum2 
nixos/solanum: init
 2021-05-21 23:23:01 +02:00
Maximilian Bosch a2379c69a4
Merge pull request #122833 from helsinki-systems/feat/prometheus-metric-relabel 
nixos/prometheus: Add support for metric relabeling
 2021-05-21 23:13:41 +02:00
lassulus 48c16e48aa nixos/solanum: init 2021-05-21 23:06:38 +02:00
Maximilian Bosch 5dbd28d754
Merge pull request #123009 from deviant/fix-mailman-doc-links 
nixos/mailman: fix documentation option links
 2021-05-21 22:00:47 +02:00
Jacek Galowicz 5d05391846
Merge pull request #123823 from misuzu/test-driver-usb-boot-speedup 
nixos/test-driver: use usb-ehci controller instead of piix3-usb-uhci
 2021-05-21 20:47:47 +02:00
Jonathan Ringer 5cd5b9b97f
Merge remote-tracking branch 'origin/master' into staging-next 
Conflicts:
 pkgs/development/tools/kubie/default.nix
 2021-05-21 10:39:34 -07:00
eyJhb 6000f420e8
nixos/znc: fixed chown not working after hardening (#123883) 2021-05-21 19:07:53 +02:00
Elis Hirwing e9cca93bf9
Merge pull request #121778 from talyz/keycloak-security 
nixos/keycloak: Security fixes + misc
 2021-05-21 16:55:26 +02:00
Kerstin Humm 224df6940f nixos/mastodon: use rails command instead of rake 
Co-Authored-By: Izorkin <izorkin@elven.pw>
 2021-05-21 15:04:12 +02:00
github-actions[bot] 929b12e7b5
Merge master into staging-next 2021-05-21 12:28:43 +00:00
ajs124 c455f3ccaf
Merge pull request #123084 from Yarny0/hylafax 
hylafaxplus & nixos/hylafax: small improvements
 2021-05-21 14:20:57 +02:00
talyz 2d8a870813
keycloak.tests: Test HTTPS support 2021-05-21 13:09:43 +02:00
talyz ba00b0946e
nixos/keycloak: Split certificatePrivateKeyBundle into two options 
Instead of requiring the user to bundle the certificate and private
key into a single file, provide separate options for them. This is
more in line with most other modules.
 2021-05-21 13:09:38 +02:00
talyz dbf91bc2f1
nixos/keycloak: keycloak.database* -> keycloak.database.* 
Move all database options to their own group / attribute. This makes
the configuration clearer and brings it in line with most other modern
modules.
 2021-05-21 13:09:32 +02:00
talyz 83e406e97a
nixos/keycloak: frontendUrl always needs to be suffixed with / 
In some places, Keycloak expects the frontendUrl to end with `/`, so
let's make sure it always does.
 2021-05-21 13:09:25 +02:00
talyz 58614f8416
nixos/keycloak: Add myself to maintainers 2021-05-21 13:09:19 +02:00
talyz d748c86389
nixos/keycloak: Improve readablility by putting executables in PATH 2021-05-21 13:09:14 +02:00
talyz 8309368e4c
nixos/keycloak: Set umask before copying sensitive files 
`install` copies the files before setting their mode, so there could
be a breif window where the secrets are readable by other users
without a strict umask.
 2021-05-21 13:09:09 +02:00
talyz c2bebf4ee2
nixos/keycloak: Improve bash error handling 2021-05-21 13:09:03 +02:00
talyz d6727d28e1
nixos/keycloak: Set the postgresql database password securely 
Feeding `psql` the password on the command line leaks it through the
`psql` process' `/proc/<pid>/cmdline` file. Using `echo` to put the
command in a file and then feeding `psql` the file should work around
this, since `echo` is a bash builtin and thus shouldn't spawn a new
process.
 2021-05-21 13:08:53 +02:00
Jonathan Ringer 6b15fdce86
Merge remote-tracking branch 'origin/master' into staging-next 
Conflicts:
 pkgs/shells/ion/default.nix
 pkgs/tools/misc/cicero-tui/default.nix
 2021-05-20 22:11:42 -07:00
Thiago Kenji Okada c96586d63f nixos/noisetorch: init 
NoiseTorch needs setcap set to 'cap_sys_resource=+ep' to work correctly
accordingly to the README.md:

https://github.com/lawl/NoiseTorch#download--install

So this PR adds it.
 2021-05-20 14:15:20 -07:00
misuzu b2319b086c nixos/test-driver: use usb-ehci controller instead of piix3-usb-uhci 
On my system this change offers ~5X speed up of
nixosTests.boot.biosUsb and nixosTests.boot.uefiUsb tests.
 2021-05-20 22:33:08 +03:00
legendofmiracles af0a54285e nixos/terraria: open ports in the firewall 2021-05-20 12:11:08 -07:00
Guillaume Girol 0d5fa1cff3
Merge pull request #120622 from symphorien/duplicity-master 
nixos/duplicity: enable to prevent backup from growing infinitely
 2021-05-20 19:00:59 +00:00
Jonas Chevalier 30c021fa15
Merge pull request #123744 from hercules-ci/init-ghostunnel 
ghostunnel: init
 2021-05-20 20:58:41 +02:00
Jonathan Ringer 14f3686af1
Merge remote-tracking branch 'origin/master' into staging-next 
Conflicts:
  pkgs/applications/terminal-emulators/alacritty/default.nix
  pkgs/servers/clickhouse/default.nix
 2021-05-20 09:12:42 -07:00
Emery Hemingway 520b4a8496 nixos: convert netatalk to settings-style configuration 
Also, set StateDirectory in systemd.….serviceConfig.
 2021-05-20 17:39:28 +02:00
Robert Hensing a37d157601
Merge pull request #123052 from xoe-labs/da-test-vm-innteractive-log-switch 
nixos/testing: add interactive serial stdout logs switch and dim them
 2021-05-20 15:32:54 +02:00
Robert Hensing dc9cb63de4 nixos/ghostunnel: init 2021-05-20 10:41:52 +02:00
Christoph Hrdinka 57acb6f9f7
Merge pull request #123598 from pschyska/master 
nixos/nsd: make nsd-checkconf work when configuration contains keys (#118140)
 2021-05-20 10:41:30 +02:00
Robert Hensing 76a7840f5f
Merge pull request #117275 from hercules-ci/nixosTest-remove-nixpkgs-commit-hash 
nixosTest: Make system.nixos.revision constant
 2021-05-20 10:40:59 +02:00
Maximilian Bosch 3f3cec6d9e clickhouse: 20.11.4.13-stable -> 21.3.11.5-lts 
Failing Hydra build: https://hydra.nixos.org/build/143269865
ZHF #122042
 2021-05-19 14:08:46 -07:00
Gabriel Gonzalez 8e9d803bac
Fix description for services.kubernetes.addonManager.enable (#71448) 
`mkEnableOption` already prefixes the description with
"Whether to enable"
 2021-05-19 13:49:27 -07:00
Sebastian Neubauer 68c618cba3
opensmtpd-filter-rspamd: init at 0.1.7 (#122823) 2021-05-19 22:37:49 +02:00
github-actions[bot] 8a5e4be6b6
Merge master into staging-next 2021-05-19 18:34:10 +00:00
Tim Van Baak 420b0fa378 nixos/nebula: Add release notes 2021-05-19 10:55:41 -07:00
Jonathan Ringer c1f8a15dac
Merge remote-tracking branch 'origin/master' into staging-next 
Conflicts:
  nixos/doc/manual/release-notes/rl-2105.xml
  pkgs/tools/security/sequoia/default.nix
 2021-05-19 10:39:54 -07:00
Paul Schyska 69202853ea
nixos/nsd: make nsd-checkconf work when configuration contains keys 2021-05-19 18:21:10 +02:00
Martin Weinelt 446c97f96f
Merge pull request #123355 from Ma27/bump-matrix-synapse 2021-05-19 18:12:14 +02:00
Robert Hensing 74bf82a202
Merge pull request #122784 from hercules-ci/nixpkgs-init-nixos-install-tools 
nixos-install-tools: init
 2021-05-19 17:45:43 +02:00
Jan Tojnar a858f1a90d
Merge pull request #123507 from jtojnar/no-flatpak-guipkgs 
nixos/flatpak: Remove `guiPackages` internal option
 2021-05-19 16:33:56 +02:00
Michael Weiss c21dd33953
Merge pull request #123609 from berbiche/cagebreak-use-waylands-utils-in-test 
nixos/tests/cagebreak: use wayland-info instead of wallutils
 2021-05-19 14:50:55 +02:00
Guillaume Girol 41c7fa448f nixos/duplicity: add options to exercise all possible verbs 
except restore ;)
 2021-05-19 12:00:00 +00:00
Michele Guerini Rocco 376eabdac3
Merge pull request #123254 from rnhmjoj/ipsec 
libreswan: 3.2 -> 4.4
 2021-05-19 13:36:04 +02:00
talyz 380b52c737
nixos/keycloak: Use replace-secret to avoid leaking secrets 
Using `replace-literal` to insert secrets leaks the secrets through
the `replace-literal` process' `/proc/<pid>/cmdline`
file. `replace-secret` solves this by reading the secret straight from
the file instead, which also simplifies the code a bit.
 2021-05-19 09:32:28 +02:00
talyz 88b76d5ef9
nixos/mpd: Use replace-secret to avoid leaking secrets 
Using `replace-literal` to insert secrets leaks the secrets through
the `replace-literal` process' `/proc/<pid>/cmdline`
file. `replace-secret` solves this by reading the secret straight from
the file instead.
 2021-05-19 09:32:22 +02:00
talyz 3a29b7bf5b
nixos/mpdscribble: Use replace-secret to avoid leaking secrets 
Using `replace-literal` to insert secrets leaks the secrets through
the `replace-literal` process' `/proc/<pid>/cmdline`
file. `replace-secret` solves this by reading the secret straight from
the file instead, which also simplifies the code a bit.
 2021-05-19 09:32:17 +02:00
talyz 7842e89bfc
nixos/gitlab: Use replace-secret to avoid leaking secrets 
Using `replace-literal` to insert secrets leaks the secrets through
the `replace-literal` process' `/proc/<pid>/cmdline`
file. `replace-secret` solves this by reading the secret straight from
the file instead, which also simplifies the code a bit.
 2021-05-19 09:32:12 +02:00
talyz 38398fade1
nixos/discourse: Use replace-secret to avoid leaking secrets 
Using `replace-literal` to insert secrets leaks the secrets through
the `replace-literal` process' `/proc/<pid>/cmdline`
file. `replace-secret` solves this by reading the secret straight from
the file instead, which also simplifies the code a bit.
 2021-05-19 09:32:06 +02:00
Jörg Thalheim 5b4915fb7a
Merge pull request #110927 from Izorkin/fix-qemu-ga 
nixos/qemu-guest-agent: fix start service
 2021-05-19 05:42:06 +01:00
Aaron Andersen 58ddbfa71d
Merge pull request #118395 from jwygoda/grafana-google-oauth2 
grafana: add google oauth2 config
 2021-05-18 23:11:24 -04:00
Nicolas Berbiche 5e2cedfae3
nixos/tests/cagebreak: use wayland-info instead of wallutils 
wayland-info from wayland-utils is already used in other Wayland
tests whereas wallutils' wayinfo is not.
 2021-05-18 22:02:24 -04:00
github-actions[bot] 7000ae2b9a
Merge master into staging-next 2021-05-19 00:55:36 +00:00
Martin Weinelt a8f71f069f
Merge pull request #123006 from mweinelt/postgresqlbackup-startat 
nixos/postgresqlBackup: allow defining multiple times to start at
 2021-05-19 01:54:38 +02:00
Martin Weinelt 4c798857e2
Merge pull request #100274 from hax404/prometheus-xmpp-alerts 2021-05-19 01:36:28 +02:00
Georg Haas 03c092579a
prometheus-xmpp-alerts: apply RFC 42 2021-05-19 01:08:38 +02:00
Jonathan Ringer ca46ad3762
Merge remote-tracking branch 'origin/master' into staging-next 
Conflicts:
  pkgs/tools/package-management/cargo-release/default.nix
 2021-05-18 11:03:38 -07:00
Pamplemousse 037e51702e
nixos/services/foldingathome: Add an option to set the "nice level" (#122864) 
Signed-off-by: Pamplemousse <xav.maso@gmail.com>
 2021-05-18 18:44:52 +02:00
Maciej Krüger 7458dcd956
Merge pull request #75242 from mkg20001/cjdns-fix 
services.cjdns: add missing, optional login & peerName attribute
 2021-05-18 18:22:29 +02:00
Jonathan Ringer f7a112f6c4
Merge remote-tracking branch 'origin/master' into staging-next 
Conflicts:
  pkgs/applications/graphics/emulsion/default.nix
  pkgs/development/tools/misc/texlab/default.nix
  pkgs/development/tools/rust/bindgen/default.nix
  pkgs/development/tools/rust/cargo-udeps/default.nix
  pkgs/misc/emulators/ruffle/default.nix
  pkgs/tools/misc/code-minimap/default.nix
 2021-05-18 08:57:16 -07:00
Robert Schütz d189df235a
Merge pull request #122241 from dotlambda/znc-harden 
nixos/znc: harden systemd unit
 2021-05-18 17:44:14 +02:00
Maciej Krüger 7409f9bab3
services.cjdns: add missing, optional login & peerName attribute 2021-05-18 17:39:04 +02:00
Ashlynn Anderson 903665f31c
nixos/self-deploy: init (#120940) 
Add `self-deploy` service to facilitate continuous deployment of NixOS
configuration from a git repository.
 2021-05-18 08:29:37 -07:00
Maciej Krüger 362ca08510
Merge pull request #123448 from mweinelt/phosh-pam 
nixos/phosh: Fix PAM configuration
 2021-05-18 17:26:21 +02:00
Martin Weinelt ec9cfba2d3
nixos/phosh: Fix unrestricted login because of insecure PAM config 
The PAM config deployed would not check anything meaningful. Remove it
and rely on the defaults in the security.pam module to fix login with
arbitrary credentials.

Resolves: #123435
 2021-05-18 16:39:03 +02:00
Michael Weiss 1b114586e8
Merge pull request #123381 from primeos/nixos-tests-cagebreak 
nixos/tests/cagebreak: Fix the test
 2021-05-18 16:01:37 +02:00
Jan Tojnar 1b1faeb2db
Merge pull request #86288 from worldofpeace/gnome-doc 
nixos/gnome3: add docs
 2021-05-18 14:19:33 +02:00
Jan Tojnar ed47351533
nixos/flatpak: Remove `guiPackages` internal option 
It was basically just a `environment.systemPackages` synonym,
only GNOME used it, and it was stretching the responsibilities
of the flatpak module too far.

It also makes it cleaner to avoid installing the program
using GNOME module’s `excludePackages` option.

Partially reverts: https://github.com/NixOS/nixpkgs/pull/101516
Fixes: https://github.com/NixOS/nixpkgs/issues/110310
 2021-05-18 14:06:23 +02:00
Michael Raskin 02ba3238d2
Merge pull request #123053 from pschyska/master 
atop, netatop, nixos/atop: improve packaging and options
 2021-05-18 10:54:13 +00:00
rnhmjoj 0de7e41520
docs/release-notes: mention libreswan update 2021-05-18 08:13:37 +02:00
rnhmjoj 3a46314455
nixos/tests/libreswan: add test 2021-05-18 08:13:36 +02:00
rnhmjoj 1a4db01c84
nixos/libreswan: update for version 4.x 
- Use upstream unit files
- Remove deprecated config options
- Add option to disable redirects
- Add option to configure policies
 2021-05-18 08:13:36 +02:00
Sandro 9dba669e8a
Merge pull request #123385 from veehaitch/systemd-dhcpserver-options 
nixos/networkd: add missing [DHCPServer] options
 2021-05-18 01:53:39 +02:00
Vladimír Čunát b09fc82382
nixos/release-combined: fix a test name 
Broken by 513143fe4 and breaking evaluation of trunk-combined jobset.
 2021-05-17 22:52:28 +02:00
Sandro 4fc08dd955
Merge pull request #121500 from servalcatty/v2ray 
v2ray: 4.37.3 -> 4.38.3
 2021-05-17 19:18:56 +02:00
Michael Weiss f691e6c074
nixos/tests/cagebreak: Simplify the startup 2021-05-17 18:41:27 +02:00
Michael Weiss 81b2ce96c6
nixos/tests/cagebreak: Fix the test 
Starting Cagebreak as X11 client doesn't work anymore as wlroots 0.13
started to require the DRI3 extension which isn't supported by LLVMpipe:
machine # [   13.508284] xsession[938]: 00:00:00.003 [ERROR] [backend/x11/backend.c:433] X11 does not support DRI3 extension
machine # [   13.666989] show_signal_msg: 62 callbacks suppressed
machine # [   13.666993] .cagebreak-wrap[938]: segfault at 8 ip 0000000000408574 sp 00007ffef76f2440 error 4 in .cagebreak-wrapped[407000+d000]
machine # [   13.670483] Code: f4 ff ff 4c 8b 84 24 70 01 00 00 8d 45 01 48 89 c5 49 8b 3c c0 48 85 ff 75 e4 4c 89 c7 e8 84 f4 ff ff 48 8b bc 24 18 01 00 00 <48> 8b 47 08 4c 8d 6f d8 48 8d 68 d8 48 39 df 75 0e eb 36 66 0f 1f
machine # [   13.518274] xsession[938]: 00:00:00.006 [ERROR] [../cagebreak.c:313] Unable to create the wlroots backend

The test broke after updating Cagebreak in #121652 (bf8679ba94).

XWayland still fails for unknown reasons:
Modifiers specified, but DRI is too old
libEGL warning: DRI2: failed to create dri screen
libEGL warning: NEEDS EXTENSION: falling back to kms_swrast
glamor: No eglstream capable devices found
glamor: 'wl_drm' not supported
Missing Wayland requirements for glamor GBM backend
Missing Wayland requirements for glamor EGLStream backend
Failed to initialize glamor, falling back to sw
00:00:03.534 [ERROR] [xwayland/server.c:252] waitpid for Xwayland fork
failed: No child processes
(EE) failed to write to XWayland fd: Broken pipe
/nix/store/kcm3x8695fgycf31grzl9fy5gggwpram-xterm-367/bin/xterm: Xt
error: Can't open display: :0

The fallback to software rendering is to be expected but it looks like
XWayland is crashing with "failed to write to XWayland fd: Broken pipe".
 2021-05-17 18:41:12 +02:00
Vincent Haupert faeb9e3233
nixos/networkd: add missing [DHCPServer] options 
`systemd.network.networks.*.dhcpServerConfig` did not accept all of
the options which are valid for networkd's [DHCPServer] section. See
systemd.network(5) of systemd 247 for details.
 2021-05-17 18:30:37 +02:00
Martin Weinelt 213e488192
Merge pull request #123375 from helsinki-systems/apparmor_utillinux 
nixos/security/apparmor: utillinux -> util-linux
 2021-05-17 17:30:38 +02:00
ajs124 e2cf342ba9 nixos/security/apparmor: utillinux -> util-linux 2021-05-17 17:14:08 +02:00
Michael Weiss aa2537b554
Merge pull request #122926 from primeos/signal-desktop-fix-db-encryption 
signal-desktop: Fix the database encryption by preloading SQLCipher
 2021-05-17 16:06:52 +02:00
Jonathan Ringer c227fb4b17
Merge remote-tracking branch 'origin/master' into staging-next 
Conflicts:
	pkgs/development/tools/rust/cargo-cache/default.nix
	pkgs/development/tools/rust/cargo-embed/default.nix
	pkgs/development/tools/rust/cargo-flash/default.nix
	pkgs/servers/nosql/influxdb2/default.nix
 2021-05-17 07:01:38 -07:00
Robert Schütz a22ebb6d6d
Merge pull request #123017 from DavHau/davhau-scikitlearn 
python3Packages.scikitlearn: rename to scikit-learn
 2021-05-17 15:13:33 +02:00
ajs124 8e78793029 nixos/tasks/filesystems: utillinux -> util-linux 2021-05-17 14:47:57 +02:00
Maximilian Bosch 2addab5fd6
nixos/matrix-synapse: `room_invite_state_types` was deprecated and `room_prejoin_state` is used now 
See https://github.com/matrix-org/synapse/blob/release-v1.34.0/UPGRADE.rst#upgrading-to-v1340
 2021-05-17 13:45:28 +02:00
Jörg Thalheim b900661f6e
Merge pull request #122825 from Izorkin/update-duplicates-systemcallfilters 
treewide: remove duplicates SystemCallFilters
 2021-05-17 12:06:06 +01:00
DavHau cd8f3e6c44 python3Packages.scikitlearn: rename to scikit-learn 2021-05-17 17:41:36 +07:00
Eelco Dolstra c3b27282d7
Merge pull request #123272 from kini/nixos/security.pki/pems-without-final-newline 
nixos/security.pki: handle PEMs w/o a final newline
 2021-05-17 11:14:03 +02:00
Richard Marko 16b0f07890 nixos/nginx: fix comment about acme postRun not running as root 
As of 67a5d66 this is no longer true, since acme postRun runs as root.
The idea of the service is good so reword a comment a bit.
 2021-05-17 18:03:04 +09:00
Richard Marko 7423afb5e4 nixos/molly-brown: fix description of certPath 
`allowKeysForGroup` is no longer available so this drops

```
security.acme.certs."example.com".allowKeysForGroup = true;
```

line. `SupplementaryGroups` should be enough for
allowing access to certificates.
 2021-05-17 18:03:04 +09:00
Richard Marko 29158fc0ac nixos/postgresql: fix description of ensureUsers.ensurePermissions 
`attrName` and `attrValue` are now in correct order.
 2021-05-17 18:03:04 +09:00
Jan Tojnar 354e005d6c nixos/dconf: fix d-bus activation 
dconf now supports autostarting the d-bus service using systemd's d-bus activation.

2781a86848

On NixOS, that requires making systemd aware of the package.

Fixes: https://github.com/NixOS/nixpkgs/issues/123265
 2021-05-17 09:46:07 +02:00
Evils 7641769055 nixos/fancontrol: back to running as root 
regular users don't have write access to /sys/devices
  which is where the kernel endpoints are to control fan speed
 2021-05-17 00:00:01 -07:00
github-actions[bot] 3ff6965554
Merge master into staging-next 2021-05-17 06:22:23 +00:00
Jonathan Ringer d8e62d8e41
Merge remote-tracking branch 'origin/master' into staging-next 
Fix cargo-flash build
 2021-05-16 18:27:14 -07:00
Sandro ec1dd62608
Merge pull request #118521 from SuperSandro2000/nginx-proxy-timeout 
nixos/nginx: add option to change proxy timeouts
 2021-05-17 03:15:54 +02:00
Sandro 700942d2a5
Merge pull request #121119 from SuperSandro2000/remove-gnidorah 
treewide: remove gnidorah
 2021-05-17 02:42:24 +02:00
Sandro Jäckel 51166f90c6
nixos/nginx: add option to change proxy timeouts 2021-05-17 02:37:44 +02:00
Keshav Kini 348858f297 nixos/security.pki: handle PEMs w/o a final newline 
According to the ABNF grammar for PEM files described in [RFC
7468][1], an eol character (i.e. a newline) is not mandatory after the
posteb line (i.e. "-----END CERTIFICATE-----" in the case of
certificates).

This commit makes our CA certificate bundler expression account for
the possibility that files in config.security.pki.certificateFiles
might not have final newlines, by using `awk` instead of `cat` to
concatenate them. (`awk` prints a final newline from each input file
even if the file doesn't end with a newline.)

[1]: https://datatracker.ietf.org/doc/html/rfc7468#section-3
 2021-05-16 17:23:11 -07:00
Martin Weinelt 7bd65d54f7 treewide: remove nand0p as maintainer 
While looking at the sphinx package I noticed it was heavily
undermaintained, which is when we noticed nand0p has been inactive for
roughly 18 months. It is therefore prudent to assume they will not be
maintaining their packages, modules and tests.

- Their last contribution to nixpkgs was in 2019/12
- On 2021/05/08 I wrote them an email to the address listed in the
  maintainer-list, which they didn't reply to.
 2021-05-17 01:50:49 +02:00
Florian Klink 6c0058f47f
Merge pull request #85073 from hyperfekt/systemd-pstore 
nixos/systemd|filesystems: mount and evacuate /sys/fs/pstore using systemd-pstore
 2021-05-17 00:00:52 +02:00
Aaron Andersen 21f5dd5c6e
Merge pull request #122647 from onny/caddy 
nixos/caddy: support user and group options
 2021-05-16 17:23:57 -04:00
Robert Hensing 338baef861
Merge pull request #122458 from serokell/team-serokell 
maintainers: add serokell team, move various packages to it
 2021-05-16 22:37:50 +02:00
Johan Thomsen 7e310dd8e8 nixos/containerd: StartLimit* options must be in the unit-section 
also, raise limits to ensure reasonable startup time, now that StartLimits are actually enforced
 2021-05-17 06:17:18 +10:00
Johan Thomsen 2142f88526 nixos/containerd: sanitize StateDirectory and RuntimeDirectory 2021-05-17 06:17:18 +10:00
Paul Schyska 563ba07543
nixos/atop: Split up restart triggers between atop and netatop 2021-05-16 22:00:24 +02:00
Paul Schyska 526bc6a4d5
nixos/atop: Add a note about netatop tainting the kernel 2021-05-16 21:43:20 +02:00
github-actions[bot] 6cdac75d25
Merge staging-next into staging 2021-05-16 18:32:44 +00:00
Paul Schyska fb90a9c552
nixos/atop: Rework the test 
- use "with subtest" everywhere
- do more in nix and less in python
- use makeTest directly to define multiple tests instead of one with
  multiple nodes -> this enables them to run in parallel
 2021-05-16 18:22:03 +02:00
Paul Schyska b87c366046
nixos/atop: Never enable setuidWrapper by default, rename service/timer enabling options 2021-05-16 18:22:03 +02:00
Paul Schyska 8f3d2e5c3b
nixos/atop: Add configuration for atop services, allow to enable netatop, gpuatop, allow setuid wrapper 2021-05-16 18:22:03 +02:00
Jan Tojnar 684991c696
Merge branch 'master' into staging-next 
- Thunderbird 68 has been dropped on master.
- gccCrossLibcStdenv has been factored out on staging-next in all-packages.nix, while the file has been re-formatted on master.
 2021-05-16 15:34:51 +02:00