b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
489247 commits 2 branches 0 tags 3.3 GiB
Commit graph

27122 commits

Author SHA1 Message Date
figsoda bdd9d25e2c
Merge pull request #234555 from r-ryantm/auto-update/telegraf 
telegraf: 1.26.2 -> 1.26.3
 2023-05-28 10:01:19 -04:00
figsoda 3aed07b966
Merge pull request #234581 from sikmir/flashmq 
flashmq: init at 1.4.5
 2023-05-28 09:57:55 -04:00
Nikolay Korotkiy bbefb9b2a3
flashmq: init at 1.4.5 2023-05-28 16:51:14 +04:00
Weijia Wang 4f4d0cc939
Merge pull request #228961 from r-ryantm/auto-update/victoriametrics 
victoriametrics: 1.89.1 -> 1.91.0
 2023-05-28 10:38:34 +03:00
R. Ryantm a007ccb08d telegraf: 1.26.2 -> 1.26.3 2023-05-28 04:39:24 +00:00
Weijia Wang 93e6e97194 victoriametrics: add upstream patches 2023-05-28 01:58:50 +03:00
Weijia Wang b80714f2c1
Merge pull request #234485 from r-ryantm/auto-update/nats-server 
nats-server: 2.9.16 -> 2.9.17
 2023-05-28 01:42:27 +03:00
Thomas Gerbet ed33222971 etcd_3_3: mark vulnerable to CVE-2023-32082 2023-05-28 08:04:43 +10:00
Thomas Gerbet 85f15277d0 etcd: switch to etcd_3_5 2023-05-28 08:04:43 +10:00
Weijia Wang f794726617
Merge pull request #234465 from wegank/influxdb-refactor 
influxdb, influxdb2: migrate to bindgenHook
 2023-05-27 23:04:00 +03:00
R. Ryantm cbf3c2f6f5 nats-server: 2.9.16 -> 2.9.17 2023-05-27 19:45:43 +00:00
Weijia Wang 2e290f5676 influxdb2: migrate to bindgenHook 2023-05-27 20:05:57 +03:00
Weijia Wang 26d5c72cac influxdb: migrate to bindgenHook 2023-05-27 20:05:28 +03:00
Thomas Gerbet 55a9632753 metabase: 0.46.2 -> 0.46.4 
Fixes CVE-2023-32680.

Changelogs:
https://github.com/metabase/metabase/releases/tag/v0.46.4
https://github.com/metabase/metabase/releases/tag/v0.46.3
 2023-05-27 18:42:39 +02:00
Alyssa Ross 6abae5cbb5 xwayland: set meta.mainProgram 2023-05-27 15:00:40 +00:00
Robert Scott b65f4b653b
Merge pull request #234398 from lorenz/fix-prom 
prometheus: skip tests on 32-bit platforms
 2023-05-27 15:59:04 +01:00
Lorenz Brun e1a0a7aa76 prometheus: skip tests on 32-bit platforms 2023-05-27 15:58:45 +02:00
Robert Scott 2d895ae34c
Merge pull request #234392 from lorenz/fix-teleport 
teleport: mark as broken on <64 bit platforms
 2023-05-27 12:48:04 +01:00
Weijia Wang ae0b0867da
Merge pull request #234349 from r-ryantm/auto-update/mediamtx 
mediamtx: 0.23.0 -> 0.23.3
 2023-05-27 12:57:45 +03:00
Lorenz Brun 12be07b11c teleport: mark as broken on <64 bit platforms 2023-05-27 11:18:34 +02:00
R. Ryantm c256f09dac mediamtx: 0.23.0 -> 0.23.3 2023-05-27 03:05:34 +00:00
figsoda fba54af741
Merge pull request #234329 from wegank/sonic-server-refactor 
sonic-server: migrate to bindgenHook
 2023-05-26 21:48:14 -04:00
Ryan Lahfa d74e5f4a18
Merge pull request #213510 from RaitoBezarius/nginx-proxyprotocol 
nixos/nginx: first-class PROXY protocol support
 2023-05-27 03:37:33 +02:00
Weijia Wang 442a6dbd36 surrealdb: fix build on aarch64-linux 2023-05-26 21:00:38 -04:00
Weijia Wang cbb545fbba sonic-server: migrate to bindgenHook 2023-05-27 02:56:05 +03:00
markuskowa a367e2ba0a
Merge pull request #234174 from markuskowa/upd-nfs-ganesha 
nfs-ganesha: 5.1 -> 5.2
 2023-05-26 20:30:38 +02:00
Sander f3a4973aeb meilisearch: allow builds on aarch64-linux 2023-05-26 14:04:33 -04:00
Raito Bezarius 69bb0f94de nixos/nginx: first-class PROXY protocol support 
PROXY protocol is a convenient way to carry information about the
originating address/port of a TCP connection across multiple layers of
proxies/NAT, etc.

Currently, it is possible to make use of it in NGINX's NixOS module, but
is painful when we want to enable it "globally".
Technically, this is achieved by reworking the defaultListen options and
the objective is to have a coherent way to specify default listeners in
the current API design.
See `mkDefaultListenVhost` and `defaultListen` for the details.

It adds a safeguard against running a NGINX with no HTTP listeners (e.g.
only PROXY listeners) while asking for ACME certificates over HTTP-01.

An interesting usecase of PROXY protocol is to enable seamless IPv4 to
IPv6 proxy with origin IPv4 address for IPv6-only NGINX servers, it is
demonstrated how to achieve this in the tests, using sniproxy.

Finally, the tests covers:

- NGINX `defaultListen` mechanisms are not broken by these changes;
- NGINX PROXY protocol listeners are working in a final usecase
  (sniproxy);
- uses snakeoil TLS certs from ACME setup with wildcard certificates;

In the future, it is desirable to spoof-attack NGINX in this scenario to
ascertain that `set_real_ip_from` and all the layers are working as
intended and preventing any user from setting their origin IP address to
any arbitrary, opening up the NixOS module to bad™ vulnerabilities.

For now, it is quite hard to achieve while being minimalistic about the
tests dependencies.
 2023-05-26 19:48:26 +02:00
Weijia Wang a84996a76b
Merge pull request #234195 from wegank/389-bump 
_389-ds-base: 2.3.1 -> 2.4.1
 2023-05-26 15:21:06 +03:00
Weijia Wang dc57610254 _389-ds-base: 2.3.1 -> 2.4.1 2023-05-26 13:31:03 +03:00
Weijia Wang 3b99ef4582
Merge pull request #234161 from wahjava/update-tailscale 
tailscale: 1.40.1 -> 1.42.0
 2023-05-26 13:14:49 +03:00
happysalada 938e5e2fbe timescaledb_toolkit: mark broken on darwin 2023-05-26 06:07:33 -04:00
Markus Kowalewski 04f05e328d
nfs-ganesha: 5.1 -> 5.2 2023-05-26 10:57:33 +02:00
Weijia Wang 98fff47d56
Merge pull request #234121 from r-ryantm/auto-update/jackett 
jackett: 0.21.17 -> 0.21.34
 2023-05-26 11:28:12 +03:00
Weijia Wang a7f164903c
Merge pull request #234155 from r-ryantm/auto-update/martin 
martin: 0.8.2 -> 0.8.3
 2023-05-26 11:27:38 +03:00
Weijia Wang 92f37aaa8a
Merge pull request #234064 from drupol/openvscode-server/bump-may-2023 
openvscode-server: 1.78.1 -> 1.78.2
 2023-05-26 10:32:05 +03:00
Ashish SHUKLA 532f47f28b
tailscale: 1.40.1 -> 1.42.0 2023-05-26 09:11:07 +02:00
Weijia Wang e8be664256
Merge pull request #234083 from wegank/rippled-insecure 
rippled: mark as insecure
 2023-05-26 10:10:49 +03:00
R. Ryantm 4d28c34fff martin: 0.8.2 -> 0.8.3 2023-05-26 06:37:57 +00:00
Pol Dellaiera 67ec520e07
openvscode-server: 1.78.1 -> 1.78.2 2023-05-26 08:15:30 +02:00
R. Ryantm df85fc53a3 jackett: 0.21.17 -> 0.21.34 2023-05-26 02:32:55 +00:00
R. Ryantm e74103437c rustypaste: 0.9.0 -> 0.9.1 2023-05-26 01:51:00 +00:00
Weijia Wang 8de9fea9ea
Merge pull request #231811 from misuzu/snac2-darwin 
snac2: build on darwin
 2023-05-26 01:12:40 +03:00
Weijia Wang 1ebd98fe8c rippled: mark as insecure 2023-05-26 00:54:15 +03:00
Yaya 931a1b97f7 nixos/tests/sftpgo: init 2023-05-25 22:46:15 +02:00
Yaya 643d213ea6 sftpgo: add yayayayaka to maintainers 2023-05-25 22:46:15 +02:00
Yaya 2e2d5659d5 sftpgo: Include openapi, static and templates folders 
Those are needed for serving the web client
 2023-05-25 22:46:15 +02:00
Sandro 32e61ec5ad
Merge pull request #228553 from chvp/bump-hookshot 
matrix-hookshot: 3.2.0 -> 4.0.0
 2023-05-25 22:04:45 +02:00
Weijia Wang f0ca52ee9f
Merge pull request #233929 from r-ryantm/auto-update/janus-gateway 
janus-gateway: 1.1.3 -> 1.1.4
 2023-05-25 22:42:27 +03:00
Sandro e29207b95a
Merge pull request #231630 from OPNA2608/fix/mir_keyboard_missing 
mir: Pull patch to fix evdev device misses
 2023-05-25 21:40:42 +02:00