b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
488725 commits 2 branches 0 tags 3.3 GiB
Commit graph

488725 commits

This branch
This branch
All branches
Author SHA1 Message Date
Raito Bezarius 69bb0f94de nixos/nginx: first-class PROXY protocol support 
PROXY protocol is a convenient way to carry information about the
originating address/port of a TCP connection across multiple layers of
proxies/NAT, etc.

Currently, it is possible to make use of it in NGINX's NixOS module, but
is painful when we want to enable it "globally".
Technically, this is achieved by reworking the defaultListen options and
the objective is to have a coherent way to specify default listeners in
the current API design.
See `mkDefaultListenVhost` and `defaultListen` for the details.

It adds a safeguard against running a NGINX with no HTTP listeners (e.g.
only PROXY listeners) while asking for ACME certificates over HTTP-01.

An interesting usecase of PROXY protocol is to enable seamless IPv4 to
IPv6 proxy with origin IPv4 address for IPv6-only NGINX servers, it is
demonstrated how to achieve this in the tests, using sniproxy.

Finally, the tests covers:

- NGINX `defaultListen` mechanisms are not broken by these changes;
- NGINX PROXY protocol listeners are working in a final usecase
  (sniproxy);
- uses snakeoil TLS certs from ACME setup with wildcard certificates;

In the future, it is desirable to spoof-attack NGINX in this scenario to
ascertain that `set_real_ip_from` and all the layers are working as
intended and preventing any user from setting their origin IP address to
any arbitrary, opening up the NixOS module to bad™ vulnerabilities.

For now, it is quite hard to achieve while being minimalistic about the
tests dependencies.
 2023-05-26 19:48:26 +02:00
Samuel Ainsworth bbdb8416a0
Merge pull request #233851 from ConnorBaker/feat/cudnn_8_9_1 
cudaPackages.cudnn: version bumps; remove patch from name
 2023-05-26 10:26:30 -07:00
Samuel Ainsworth 80c63c04c2
Merge pull request #234085 from ConnorBaker/fix/pytorch_2_0_1-supported-cuda-targets 
python3Packages.torch: update CUDA capabilities for v2.0.1 release
 2023-05-26 10:23:45 -07:00
Samuel Ainsworth ef24799942
Merge pull request #234053 from ConnorBaker/fix/cudatoolkit_11_8-broken-symlink 
cudaPackages_11_8.cudatoolkit: remove broken include/include symlink
 2023-05-26 10:18:19 -07:00
figsoda b2abc0e2e5
Merge pull request #234233 from cameronfyfe/protoc-gen-rust-3-2-0 
protoc-gen-rust: 3.1.0 -> 3.2.0
 2023-05-26 12:54:31 -04:00
figsoda e512455cb2
Merge pull request #234241 from r-ryantm/auto-update/angle-grinder 
angle-grinder: 0.19.0 -> 0.19.2
 2023-05-26 12:49:03 -04:00
figsoda 7cf56760d0
Merge pull request #234240 from r-ryantm/auto-update/cirrus-cli 
cirrus-cli: 0.98.0 -> 0.99.0
 2023-05-26 12:45:21 -04:00
R. Ryantm 02b2355964 angle-grinder: 0.19.0 -> 0.19.2 2023-05-26 15:46:49 +00:00
Ellie Hermaszewska 757a0d107c
Merge pull request #234060 from bddvlpr/submit/lighthouse-steamvr-1.0.0 
lighthouse-steamvr: unstable-2021-03-28 -> 1.0.0
 2023-05-26 23:28:08 +08:00
R. Ryantm 192871cfc5 cirrus-cli: 0.98.0 -> 0.99.0 2023-05-26 15:25:30 +00:00
Alyssa Ross c9bcecf0ab kernelPatches.make-maple-state-reusable-after-mas_empty_area: drop 
No longer used.
 2023-05-26 15:19:03 +00:00
Weijia Wang bb37145bf7
Merge pull request #233741 from hzeller/20230523-update-doctest 
doctest: 2.4.9 -> 2.4.11
 2023-05-26 18:13:48 +03:00
Weijia Wang 294f443aa3
Merge pull request #234211 from MaxHearnden/mkl 
pkgsStatic.mkl: change tools dir to lib
 2023-05-26 17:59:17 +03:00
Weijia Wang 0d497d9380
Merge pull request #233286 from wegank/ueberzugpp-bump 
ueberzugpp: 2.8.3 -> 2.8.5
 2023-05-26 17:40:41 +03:00
figsoda 4cca6cf888
Merge pull request #234194 from r-ryantm/auto-update/kyverno 
kyverno: 1.9.3 -> 1.9.4
 2023-05-26 10:30:29 -04:00
Weijia Wang 0ddb02dc78
Merge pull request #234215 from earldouglas/scala-cli 
scala-cli: 1.0.0-RC2 -> 1.0.0
 2023-05-26 17:12:23 +03:00
Sandro 36b457fa36
Merge pull request #223271 from wineee/qt6fix 2023-05-26 16:11:16 +02:00
Ilan Joselevich 67a0cb5051
Merge pull request #232889 from AndrewKvalheim/yubikey-touch-detector/icon 
yubikey-touch-detector: add icon
 2023-05-26 17:08:07 +03:00
Ilan Joselevich 2b54d69007
Merge pull request #234072 from ShamrockLee/write-script-bin-mainprogram 
writeScriptBin, writeShellScriptBin: add meta.mainProgram automatically
 2023-05-26 17:07:42 +03:00
Ryan Lahfa 435237d641
Merge pull request #233350 from GrahamDennis/grahamdennis/testing-networks 
nixos/qemu-vm: add option for named network interfaces
 2023-05-26 15:57:01 +02:00
Weijia Wang 1aca05b5e3
Merge pull request #234209 from yayayayaka/maintainers-update-yayayayaka 
maintainers: update yayayayaka
 2023-05-26 16:42:29 +03:00
eyJhb dd6d95536c
python3Packages.stopit: added setuptools dependency (#234153) 2023-05-26 09:32:47 -04:00
Martin Weinelt c9ff452fd2
Merge pull request #234208 from imincik/owslib-0.29.2 
python3Packages.owslib: 0.28.1 -> 0.29.2
 2023-05-26 15:15:51 +02:00
figsoda 0bc2c39688
Merge pull request #234035 from figsoda/vim 
vimPlugins: update
 2023-05-26 09:10:46 -04:00
Alyssa Ross 101d8b7ba8 linux_6_2: drop 
EOL
 2023-05-26 13:03:57 +00:00
markuskowa b1dae64b54
Merge pull request #233834 from sheepforce/taco 
taco: init at 02-08-2022_unstable
 2023-05-26 14:49:42 +02:00
Sandro 80264b939d
Merge pull request #221861 from NixOS/diffoscope-unfree 2023-05-26 14:23:15 +02:00
Weijia Wang a84996a76b
Merge pull request #234195 from wegank/389-bump 
_389-ds-base: 2.3.1 -> 2.4.1
 2023-05-26 15:21:06 +03:00
Weijia Wang 455157f2fe
Merge pull request #233687 from yayayayaka/cups-filters-fix-cve-2023-24805 
cups-filters: fix CVE-2023-24805
 2023-05-26 15:20:23 +03:00
Sandro 2a03135ef8
Merge pull request #232012 from gador/pgadmin-7.1 2023-05-26 14:14:35 +02:00
James Earl Douglas 224a8d3d7e
scala-cli: 1.0.0-RC2 -> 1.0.0 2023-05-26 05:14:26 -07:00
Weijia Wang a4bc320e67
Merge pull request #234193 from r-ryantm/auto-update/gotrue-supabase 
gotrue-supabase: 2.67.1 -> 2.69.1
 2023-05-26 15:09:32 +03:00
Weijia Wang de87ba42c9 ueberzugpp: drop mainProgram 2023-05-26 15:00:44 +03:00
Weijia Wang 7f9057a133 ueberzugpp: adjust options 2023-05-26 15:00:44 +03:00
Weijia Wang b388107dd5 ueberzugpp: 2.8.4 -> 2.8.5 2023-05-26 14:59:35 +03:00
Weijia Wang 32e7065239 ueberzugpp: 2.8.3 -> 2.8.4 2023-05-26 14:58:59 +03:00
MaxHearnden f5df7df08c pkgsStatic.mkl: change tools dir to lib 
when installing pkg-config files
 2023-05-26 12:57:48 +01:00
Weijia Wang 25d265d433
Merge pull request #234198 from wegank/microsoft-gsl-rename 
treewide: microsoft_gsl -> microsoft-gsl
 2023-05-26 14:56:27 +03:00
Yaya 8a16017d40 maintainers: update yayayayaka 2023-05-26 11:52:29 +00:00
Ulrik Strid b25d03cc2f
Merge pull request #234037 from ligolang/ligo--0_66_0 
ligo: 0.65.0 -> 0.66.0
 2023-05-26 13:32:49 +02:00
Ivan Mincik 0645048f9e python3Packages.owslib: 0.28.1 -> 0.29.2 
* disable new test failing due to missing network access
* set Geospatial team as maintainer
 2023-05-26 13:32:12 +02:00
Arian van Putten ed377113b4
Merge pull request #234063 from nikstur/systemd-minimal-without-ukify 
systemdMinimal: explicitly disable ukify
 2023-05-26 13:23:18 +02:00
John Ericson 55358b47b4
Merge pull request #233391 from emilytrau/minimal-imports 
minimal-bootstrap: remove imports from outside bootstrap
 2023-05-26 13:17:18 +02:00
Phillip Seeber a615eb5a75 taco: init at 02-08-2022_unstable 
taco: change python to python3 


taco: fix python call


taco: pass python as null default


taco: add llvmPackages for darwin
 2023-05-26 13:17:16 +02:00
Bobby Rong 240d8405b1
Merge pull request #234192 from 06kellyjac/apko-cleanup 
apko: use checkflags and minor cleanup
 2023-05-26 19:16:59 +08:00
Weijia Wang 671cb8e663
Merge pull request #233989 from 06kellyjac/deno 
deno: 1.33.3 -> 1.34.0
 2023-05-26 14:07:02 +03:00
K900 fe3b3c9dfa
Merge pull request #234190 from K900/qtcreator-qt6-fix 
qtcreator-qt6: fix build with qt 6.5.1
 2023-05-26 14:02:05 +03:00
Bobby Rong 852e258823
Merge pull request #233618 from ragingpastry/zarf-0.27.0 
zarf: 0.26.4 -> 0.27.0
 2023-05-26 19:01:09 +08:00
Bobby Rong a83cb9c559
Merge pull request #233586 from QJoly/pv-migration-completion 
pv-migrate: add shell completions
 2023-05-26 18:47:41 +08:00
Weijia Wang 580133ea14
Merge pull request #234079 from wegank/bento4-bump 
bento4: 1.6.0-639 -> 1.6.0-640
 2023-05-26 13:45:40 +03:00