b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
529079 commits 2 branches 0 tags 3.3 GiB
Commit graph

35600 commits

Author SHA1 Message Date
Weijia Wang f9d1b02cde
Merge pull request #253510 from schmittlauch/cawbird-remove 
cawbird: remove due to being broken and abandoned
 2023-09-06 00:28:59 +02:00
Weijia Wang cfb61436d7
Merge pull request #252978 from oluceps/dae-upup 
dae,nixos/dae: 0.2.4 -> 0.3.0
 2023-09-05 23:57:14 +02:00
Michele Guerini Rocco 704c791a90
Merge pull request #253146 from rnhmjoj/pr-anbox 
anbox: unbreak
 2023-09-05 23:46:54 +02:00
Artturi 7b33eb656c
Merge pull request #250318 from Artturin/copycrossfix 2023-09-06 00:37:15 +03:00
Weijia Wang 8ba86153c6
Merge pull request #253391 from MrMebelMan/update/kratos_v1.0.0 
kratos: 0.10.1 -> 1.0.0
 2023-09-05 23:17:22 +02:00
Trolli Schmittlauch af66f4fd2a cawbird: remove due to being broken and abandoned 
-- dedicated to Larry the bird
 2023-09-05 22:12:50 +02:00
Niklas Hambüchen 5d778d1f03 Add programs.ecryptfs for mount wrappers. 
The `ecryptfs` package refers to the setuid wrapper paths, but they do
not exist so far in NixOS.
 2023-09-05 18:56:24 +00:00
Adam Stephens c811cf643f nixos/tests/lxd: disable virtual-machine test on aarch64 2023-09-05 15:28:00 +00:00
Adam Stephens a90385c62b nixos/lxd: add preseed option 2023-09-05 15:28:00 +00:00
Adam Stephens 85c14ff2ff nixos/lxd: remove with lib 2023-09-05 15:28:00 +00:00
ajs124 6de832b0e5 nixos/logrotate: add extraArgs option 2023-09-05 16:04:07 +02:00
Yaya c04722cf0c rl-2311: Mention faulty GitLab database schema 
GitLab instances created or updated between versions [15.11.0, 15.11.2]
have an incorrect database schema. [1] This will become a problem once
upgrading GitLab to >=16.2.0.

A workaround can be found in the GitLab docs: [2]

[1]: https://gitlab.com/gitlab-org/gitlab/-/issues/408835
[2]: https://docs.gitlab.com/ee/update/versions/gitlab_16_changes.html#undefined-column-error-upgrading-to-162-or-later
 2023-09-05 13:46:44 +02:00
Yaya 1a22627603 nixos/gitlab: Add a warning message 
GitLab instances created or updated between versions [15.11.0, 15.11.2]
have an incorrect database schema. [1] This will become a problem once
upgrading GitLab to >=16.2.0.

A workaround can be found in the GitLab docs: [2]

[1]: https://gitlab.com/gitlab-org/gitlab/-/issues/408835
[2]: https://docs.gitlab.com/ee/update/versions/gitlab_16_changes.html#undefined-column-error-upgrading-to-162-or-later
 2023-09-05 13:46:44 +02:00
ajs124 97dfc365e6 gitlab: 16.1.4 -> 16.3.1 
https://gitlab.com/gitlab-org/gitlab/-/blob/v16.3.1-ee/CHANGELOG.md

Fixes CVE-2022-4343
Fixes CVE-2023-0120
Fixes CVE-2023-1279
Fixes CVE-2023-1555
Fixes CVE-2023-3205
Fixes CVE-2023-3915
Fixes CVE-2023-3950
Fixes CVE-2023-4018
Fixes CVE-2023-4378
Fixes CVE-2023-4630
Fixes CVE-2023-4638
Fixes CVE-2023-4647

Co-Authored-By: Yaya <github@uwu.is>
 2023-09-05 13:46:44 +02:00
Mikael Voss b56f8149b2 nixos/tests/akkoma: Disable retrieving timeline 2023-09-05 12:26:33 +02:00
Yarny0 bbefd70784 nixos/sshd: avoid mock host key, permit RequiredRSASize 
With this commit, the validation of `sshd_config`
is performed with `sshd -G` instead of `sshd -t`.
The former does not require a valid host key.
Checking the host key was never useful for us:
We just generated a dummy host key to
make the validation mechanism happy.
With this change the dummy key is no longer needed.

This change not only saves some CPU cycles
(avoid the generation of an RSA key),
but it also permits to set `RequiredRSASize` to a value
larger than the current rsa key default size (3072).
 2023-09-05 11:34:09 +02:00
Vladyslav Burzakovskyy d284477a2c kratos: 0.10.1 -> 1.0.0 2023-09-05 11:21:19 +02:00
Matt Votava b3bb611ce6
nixos/tests/anbox: init 2023-09-05 10:09:45 +02:00
Samuel Dionne-Riel 7425d9254d
nixos/anbox: use --daemon to squash warning 
As noted in https://github.com/NixOS/nixpkgs/pull/102341 this is not
actually running as a forked process. It only tells the process that it
is running "as a daemon, so shut the warning up".

See `daemon_` here

 - 9de4e87cdd/src/anbox/cmds/container_manager.cpp (L38-L79)

It is **strictly** used to hide that message.

Co-authored-by: Matt Votava <mvnetbiz@gmail.com>
 2023-09-05 10:09:44 +02:00
Samuel Dionne-Riel 7fa154f3ee
nixos/anbox: allow applying changes to the image 2023-09-05 10:09:43 +02:00
Samuel Dionne-Riel cdc51c811a
nixos/anbox: handle new kernel configurations 2023-09-05 10:09:43 +02:00
Samuel Dionne-Riel 708e1eb8ba
nixos/anbox: mark anbox0 as unmanaged with NetworkManager 2023-09-05 10:09:42 +02:00
Morgan Helton 147d81d155 nixos/atuin: fix enable option typo 2023-09-05 08:34:34 +02:00
nicoo 6fdc291d5a nixos/terminfo: Add terminfo outputs for rio & tmux 2023-09-04 23:06:37 +00:00
Nick Cao 5451e0594a
Merge pull request #253121 from NickCao/mautrix 
python310Packages.mautrix: 0.20.0 -> 0.20.1
 2023-09-04 18:31:36 -04:00
nicoo 10b6e8ba21 nixos/sudo: Guard against security.sudo.package = pkgs.sudo-rs; 
This is not unlikely to happen, given the enthusiasm shown by some users,
but we are not there yet, and this will save them from breaking their system.
 2023-09-04 22:00:00 +00:00
tilpner 6e8591a8d1 nixos/mimir: add extraFlags option 2023-09-04 20:26:02 +00:00
Maciej Krüger ca6ed1cc8d
Merge pull request #241680 from 4z3/networking.nftables.checkRulesetRedirects 2023-09-04 22:07:50 +02:00
pennae 6e56e31d38 release-notes: add note about jack2 losing its tools 
let's spare anyone else using these the adventure of finding out why
their scripts broke and where the tools went.
 2023-09-04 21:06:07 +02:00
rnhmjoj b058de4ac8
nixos/release-notes: reword the Jool note 2023-09-04 18:47:05 +02:00
rnhmjoj 640c86c256
nixos/tests/jool: update for module changes 2023-09-04 18:38:25 +02:00
rnhmjoj 355a9fa040
nixos/jool: allow to manage multiple instances 2023-09-04 18:38:25 +02:00
Bobby Rong a8e3f93bcd
Merge pull request #252986 from FedericoSchonborn/budgie-module-update 
nixos/budgie: Use Network Manager Applet indicator, budgie.budgie-gsettings-overrides: Update defaults
 2023-09-05 00:02:22 +08:00
Nick Cao a2ddd389de
Merge pull request #253196 from rnhmjoj/pr-mautrix 
nixos/mautrix-whatsapp: various fixes
 2023-09-04 09:27:31 -04:00
Martin Weinelt 390d535562
Merge pull request #253259 from mweinelt/custom-ca-firefox-memlimit 
nixosTests.custom-ca: resolve out of memory situations
 2023-09-04 15:05:54 +02:00
Martin Weinelt 311ce2ad11
nixosTests.custom-ca: resolve out of memory situations 
They are easily observable on hydra. E.g. on the latest eval

https://hydra.nixos.org/build/233893887
https://hydra.nixos.org/build/233900101
 2023-09-04 14:34:21 +02:00
ajs124 308baf3049 uim: remove qt4, fix qt5 2023-09-04 13:54:50 +02:00
Mario Rodas 4f2c276497
Merge pull request #244093 from adamcstephens/lxd/vm 
lxd: Add VM image and server support for QEMU VMs
 2023-09-03 22:02:54 -05:00
pacien 12aaefa78d release-notes: add entry for new stalwart-mail module 2023-09-03 22:18:50 -04:00
pacien c6808723b0 nixos/stalwart-mail: add vm test 2023-09-03 22:18:50 -04:00
pacien f6961de637 nixos/stalwart-mail: add module 2023-09-03 22:18:50 -04:00
Adam Stephens efd1605be6
nixos/lxd: add virtual-machine support, image and module 2023-09-03 20:06:44 -04:00
rnhmjoj 4fb8212162
nixos/mautrix-whatsapp: log to the journal only 
Logging outside the journal requires to manually clean/rotate the logs
and is quite surprising behavior: it should not be the default.
 2023-09-04 01:20:17 +02:00
rnhmjoj 5fc70937a1
nixos/mautrix-whatsapp: set default homeserver address 
Without one the bridge won't start.
Note: localhost:8448 is the default listening address of matrix-synapse.
 2023-09-04 01:20:17 +02:00
rnhmjoj 035f905124
nixos/mautrix-whatsapp: fix merging of default settings 
This implements proper merging of user-provided values and default
values for the settings option.

Without this, the user must provide a complete configuration file, as
changing a single setting replaces the entire JSON value, rendering the
default values completely useless. In fact, the bridge won't even start
using the default settings.
 2023-09-04 01:19:54 +02:00
rnhmjoj 9e0457115e
nixos/mautrix-whatsapp: use static user and group 
The DynamicUser mechanism does not allow share the bridge
registration.yaml file with matrix-synapse in any easy way:

1. the mautrix-whatsapp group under which the service runs is not in
   /etc/group, so you can't add matrix-synapse to this.
   This makes the group read bit on the file useless as the group is
   effectively always empty.

2. It's not possible to use ACLs or copy the file during preStart or
   postStart because the commands are executed with low priviledges.

By using a normal (static) user/group the secret can be shared with
synapse as follows:

  services.matrix_synapse.settings.app_service_config_files =
    [ "/var/lib/mautrix-whatsapp/whatsapp-registration.yaml" ];

  users.users.matrix-synapse.extraGroups = [ "mautrix-whatsapp" ];
 2023-09-04 00:40:50 +02:00
rnhmjoj e932745cb8
nixos/mautrix-whatsapp: fix docbook description 
Until NixOS 23.11 is release all options must be marked as migrated from
docbook to markdown.
 2023-09-03 22:22:27 +02:00
Sandro c6af5494aa
nixos/nginx: fix services.nginx.defaultListen description 2023-09-03 16:45:10 +02:00
Jörg Thalheim 3a5ff9a68c nixos/release.nix: remove warning about missing state version for images 2023-09-03 16:32:37 +02:00
Nick Cao 69596874f1
nixos/mautrix-telegram: drop removed --base-config flag 
See also: 9b67b17ac4
 2023-09-03 08:59:57 -04:00
linsui 6b2934d6e9 nixos/yazi: init 2023-09-03 17:28:12 +08:00
Ramses 76f8cf18d1 nixos/update-users-groups: no need to include extra package 
Co-authored-by: Jörg Thalheim <Mic92@users.noreply.github.com>
 2023-09-03 11:26:37 +02:00
r-vdp d560a5e07d nixos/update-users-groups: fix cross compilation 
Since #246772, cross compiled NixOS is broken because the DateTime perl
package that was used in the update-users-groups.pl script depends on
Testutf8 which does not cross compile (see #198548).

This PR drops the DateTime dependency in favour of TimePiece, which has
less dependencies and whose closure does cross compile.
 2023-09-03 11:26:37 +02:00
Jörg Thalheim f6fa02c984 openrbg: set default based on what microcode updates are enabled 
nixos-generate-config sets either of these, so lets use them
 2023-09-03 07:16:52 +02:00
oluceps ec0755d5f7
nixos/dae: add example link 
Co-authored-by: Mathias Zhang <me@zzzsy.top>
 2023-09-03 11:54:36 +08:00
Artturin 053e69578f nixos/testing/driver: Copy cross fix from modules/misc/nixpkgs.nix 
f7077ba131

Fixes `error: makeWrapper/makeShellWrapper must be in nativeBuildInputs`

`pkgsCross.aarch64-multiplatform.nixosTests.sway`
 2023-09-03 00:19:29 +03:00
oluceps 17e386205b
nixos/dae: add basic test 2023-09-03 03:06:52 +08:00
Federico Damián Schonborn 5ab4510232
nixos/budgie: Use the Network Manager Applet indicator 
Signed-off-by: Federico Damián Schonborn <fdschonborn@gmail.com>
 2023-09-02 15:49:59 -03:00
zzzsyyy 8f070876da
nixos/dae: add confgFile option 
Co-authored-by: oluceps <nixos@oluceps.uk>
 2023-09-03 02:48:27 +08:00
oluceps 173ff5d2dd
nixos/dae: add more config options 2023-09-03 02:48:24 +08:00
Ivan Mincik 54444b5892 qgis: add nixos tests 
Add NixOS test for QGIS and QGIS-LTR. This test creates QGIS vector
memory layer containing Nix snowflake. This proves that application can
successfully start and Python bindings are working.

By default, Python script is executed in non-interactive mode and QGIS
is closed after script is finished. This script can be also executed
interactively by running following command:

```
 nix-build -A qgis
 QGIS_TEST_INTERACTIVE=True ./result/bin/qgis  --code pkgs/applications/gis/qgis/test.py
```

In this case, QGIS is not automatically closed.
 2023-09-02 17:15:56 +02:00
Sanjin Sehic 7f5e8a0113
nixos/healthchecks: enable _FILE variants for all secrets 
This change enables _FILE variants for all secrets in Healthchecks
configuration so they can be read from a file and not stored in
/nix/store.

In particular, it adds support for these secrets:
DB_PASSWORD, DISCORD_CLIENT_SECRET, EMAIL_HOST_PASSWORD,
LINENOTIFY_CLIENT_SECRET, MATRIX_ACCESS_TOKEN, PD_APP_ID,
PUSHBULLET_CLIENT_SECRET, PUSHOVER_API_TOKEN, S3_SECRET_KEY, SECRET_KEY,
SLACK_CLIENT_SECRET, TELEGRAM_TOKEN, TRELLO_APP_KEY, and TWILIO_AUTH.
 2023-09-02 09:43:19 +01:00
Sanjin Sehic 4a81613aa6
nixos/healthchecks: add EMAIL_HOST_PASSWORD_FILE option 
This allows keeping EMAIL_HOST_PASSWORD out of /nix/store.
 2023-09-02 09:43:17 +01:00
Sanjin Sehic 9e9f7c4aa6
nixos/healthchecks: define default DB_NAME for postgres and mysql 
Previously, if someone changed DB to postgres or mysql and forgot to
change DB_NAME, services.healthchecks would have used the hardcoded path
that was meant for the sqlite as DB_NAME.

This change introduces DB and DB_NAME options in
services.healthchecks.settings.
 2023-09-02 09:43:12 +01:00
Artturi 26b11c54d8
Merge pull request #247153 from Artturin/fixwarning1 2023-09-02 03:13:30 +03:00
Florian Klink 90204f058c
Merge pull request #251684 from jmbaur/user-activation-tmpfiles 
nixos/systemd-user: call systemd-tmpfiles during activation
 2023-09-01 21:52:19 +03:00
Jonas Chevalier 9ace789629
Merge pull request #249103 from yaxitech/github-runner-v2.308.0 
github-runner: 2.307.1 -> 2.308.0
 2023-09-01 16:31:29 +02:00
Atemu c54f4fdf8c
Merge pull request #248669 from Atemu/dnscrypt-proxy-update-alias 
dnscrypt-proxy: rename from dnscrypt-proxy2
 2023-09-01 14:37:13 +02:00
Matt Melling 9181483d66
nixos/cloudlog: remove pin for PHP 8.1 2023-08-31 23:51:25 +01:00
Andrew Marshall 189b14246a nixos/networkd: Reload (not restart) when only .network units change 
Underneath, systemd-networkd’s reload is just `networkctl reload`. Per
`man networkctl`, calling `reload` is expected to fully handle new,
modified, and removed .network files, but it only handles *new* .netdev
files. For simplicity, assume .network -> reload and .netdev -> restart.

It’s desirable to perform reload instead of restart, as restart has the
potential to bring down interfaces, resulting in a loss of network
connectivity.
 2023-08-31 12:24:17 -04:00
Sagi Sarussi f3cf8b679b nixos/kanidm: fix broken doc links 2023-08-31 14:03:30 +03:00
name_snrl 9345e48bb4 privoxy: fix types.string -> types.str 2023-08-30 23:08:13 +05:00
Emery Hemingway 55c8f51af5 nixos/nncp: add caller and daemon services 2023-08-29 21:31:19 +01:00
Martin Weinelt d17a82f986
Merge pull request #252041 from mweinelt/unbound-exporter 
prometheus-unbound-exporter: replace at 0.4.4
 2023-08-29 21:26:42 +02:00
Jared Baur e39c9f13bc
nixos/systemd-user: call systemd-tmpfiles during activation 
Just like with system-wide tmpfiles, call `systemd-tmpfiles --create
--remove` for users during activation. This fixes an issue where new
entries in a user's tmpfiles are not reflected after activation, only at
boot when the user service systemd-tmpfiles-setup.service runs or only
after running systemd-tmpfiles manually.
 2023-08-29 10:46:44 -07:00
Silvan Mosberger f616ad76f0
Merge pull request #250885 from tweag/spp-1a 
[RFC 140] Simple package paths, part 1a: Checking tool
 2023-08-29 16:36:26 +02:00
Silvan Mosberger 34c8b0a8e5 nixos/release-combined.nix: Build pkgs/by-name tester 2023-08-29 16:35:07 +02:00
Martin Weinelt 73c5a5a778
nixos/prometheus/unbound-exporter: update for new package 
The command line interface changed slightly, but still supports the TCP
as well as the UDS control interface.
 2023-08-28 23:21:52 +02:00
Artturi 206ca4bef4
Merge pull request #246487 from amjoseph-nixpkgs/pr/binfmt-mips 2023-08-28 22:40:30 +03:00
Jan Tojnar 434d160d7c
Merge pull request #234615 from linsui/dconf 
nixos/dconf: support generating from attrs
 2023-08-28 18:31:52 +02:00
ajs124 dbb69f82c6 nixos/restic: add wrapper scripts that set parameters for backup 
and use in test
 2023-08-28 15:17:37 +02:00
ajs124 4732cbf3f8 nixos/restic: use openssh as configured in programs.ssh 2023-08-28 15:03:12 +02:00
Pol Dellaiera df24943cc0
Merge pull request #249765 from NixOS/nixos/modules/honk-init 
nixos/honk: init
 2023-08-28 10:40:23 +02:00
Janne Heß fd454fe4b6
Merge pull request #250316 from helsinki-systems/feat/stc-improve-mount-units 
nixos/switch-to-configuration: Improve mount unit handling
 2023-08-28 09:18:44 +02:00
Maciej Krüger 369e18f1c7
networking/nftables: ensure deletions 2023-08-28 00:44:16 +02:00
Maciej Krüger 6658b3fcf1
networking/nftables: make ruleset+rulesetFile non-exclusive 2023-08-28 00:40:22 +02:00
Maciej Krüger a1dd69d761
networking/nftables: enable flushRuleset by default if rulset{,File} used 2023-08-28 00:40:21 +02:00
Maciej Krüger 55213b54f0
nixos/nftables: save deletions to file and run them afterwards 
Co-authored-by: duament
 2023-08-28 00:40:20 +02:00
Maciej Krüger 5f300ad70c
networking/nftables: only delete our tables if flushRuleset is set to false 2023-08-28 00:40:19 +02:00
Maciej Krüger d5a0826686
networking/nftables: remove no longer relevant conflict warnings 2023-08-28 00:40:18 +02:00
Maciej Krüger dc3f8728b9
release-notes: add networking.nftables.tables news 2023-08-28 00:40:14 +02:00
Maciej Krüger cd3af25932
networking/nftables: enable flushing ruleset for older versions 
Co-authored-by: Naïm Favier <n@monade.li>
 2023-08-28 00:35:39 +02:00
Maciej Krüger 311d2fa994
*: migrate to using nftables.tables instead of ruleset directly 2023-08-28 00:30:29 +02:00
Maciej Krüger 048ef0d455
networking/nftables: add .tables property and disable ruleset flushing by default 
This allows for other unmanaged tables to co-exist peacefully on the os,
by having the nixos-managed tables be re-created atomically and the other
tables will simply be left untouched.
 2023-08-28 00:30:28 +02:00
Pol Dellaiera 48de649336
nixos/modules/honk: init 2023-08-27 23:43:40 +02:00
Theodore Ni c68a6a21ca
Merge pull request #247909 from Sigmanificient/ragnarwm 
ragnarwm: init at 1.3.1
 2023-08-27 13:41:04 -07:00
K900 f900e733c1
Merge pull request #250778 from NixOS/staging-next 
staging-next 2023-08-22
 2023-08-27 20:22:51 +03:00
Wietse de Vries 2c622185a7 nixos/calibre-web: add package and enableKepubify options 2023-08-27 15:25:17 +02:00
happysalada 676fe5e01b lemmy: fix ui commit_hash path 2023-08-27 20:44:10 +08:00
Robert Obryk 13d3b0c733 nixos/security/wrappers: add one regression test for #98863 
Note that this regression test checks only s[gu]id wrappers. The issue
for capability wrappers is not fixed yet.
 2023-08-27 14:10:38 +02:00
Robert Obryk c64bbd4466 nixos/security/wrappers: remove all the assertions about readlink(/proc/self/exe) 
Given that we are no longer inspecting the target of the /proc/self/exe
symlink, stop asserting that it has any properties. Remove the plumbing
for wrappersDir, which is no longer used.

Asserting that the binary is located in the specific place is no longer
necessary, because we don't rely on that location being writable only by
privileged entities (we used to rely on that when assuming that
readlink(/proc/self/exe) will continue to point at us and when assuming
that the `.real` file can be trusted).

Assertions about lack of write bits on the file were
IMO meaningless since inception: ignoring the Linux's refusal to honor
S[UG]ID bits on files-writeable-by-others, if someone could have
modified the wrapper in a way that preserved the capability or S?ID
bits, they could just remove this check.

Assertions about effective UID were IMO just harmful: if we were
executed without elevation, the caller would expect the result that
would cause in a wrapperless distro: the targets gets executed without
elevation. Due to lack of elevation, that cannot be used to abuse
privileges that the elevation would give.

This change partially fixes #98863 for S[UG]ID wrappers. The issue for
capability wrappers remains.
 2023-08-27 14:10:38 +02:00
Robert Obryk e3550208de nixos/security/wrappers: read capabilities off /proc/self/exe directly 
/proc/self/exe is a "fake" symlink. When it's opened, it always opens
the actual file that was execve()d in this process, even if the file was
deleted or renamed; if the file is no longer accessible from the current
chroot/mount namespace it will at the very worst fail and never open the
wrong file. Thus, we can make a much simpler argument that we're reading
capabilities off the correct file after this change (and that argument
doesn't rely on things such as protected_hardlinks being enabled, or no
users being able to write to /run/wrappers, or the verification that the
path readlink returns starts with /run/wrappers/).
 2023-08-27 14:10:38 +02:00
Robert Obryk 1bdbc0b0fe nixos/security/wrappers: stop using .real files 
Before this change it was crucial that nonprivileged users are unable to
create hardlinks to SUID wrappers, lest they be able to provide a
different `.real` file alongside. That was ensured by not providing a
location writable to them in the /run/wrappers tmpfs, (unless
disabled) by the fs.protected_hardlinks=1 sysctl, and by the explicit
own-path check in the wrapper. After this change, ensuring
that property is no longer important, and the check is most likely
redundant.

The simplification of expectations of the wrapper will make it
easier to remove some of the assertions in the wrapper (which currently
cause the wrapper to fail in no_new_privs environments, instead of
executing the target with non-elevated privileges).

Note that wrappers had to be copied (not symlinked) into /run/wrappers
due to the SUID/capability bits, and they couldn't be hard/softlinks of
each other due to those bits potentially differing. Thus, this change
doesn't increase the amount of memory used by /run/wrappers.

This change removes part of the test that is obsoleted by the removal of
`.real` files.
 2023-08-27 14:10:36 +02:00
Robert Obryk 44fde723be nixos/security/wrappers: generate a separate and more complete apparmor policy fragment for each wrapper 
This change includes some stuff (e.g. reading of the `.real` file,
execution of the wrapper's target) that belongs to the apparmor policy
of the wrapper. This necessitates making them distinct for each wrapper.
The main reason for this change is as a preparation for making each
wrapper be a distinct binary.
 2023-08-27 14:10:07 +02:00
Maciej Krüger c3ed95307e
Merge pull request #251413 from karolinschlegel/init-odoo-v15 
odoo15: init at 15.0-20230720
 2023-08-27 14:10:04 +02:00
Robert Obryk c0e607da61 nixos/tests/wrappers: test apparmor configuration 
Wrappers generate pieces of apparmor policies for inclusion, which are
used only in a single place in nixpkgs, for `ping`. They are built only
if apparmor is enabled.

This change causes the test to test:
 - that the apparmor includes can be generated,
 - that `ping` works with apparmor enabled (as the only policy that
   references these includes).

Ideally there would be some other NixOS test that verifies that `ping`
specifically works. Sadly, there isn't one.
 2023-08-27 14:09:57 +02:00
Karolin Schlegel 4eee509d25 odoo15: init at 15.0-20230720 
This contribution adds `odoo15` as a fixed version. To allow reusing the
existing test for Odoo, I made the package attribute configurable. To
reference the test for `odoo15` in `passthru` I added it to
`all-tests.nix`.
 2023-08-27 09:52:43 +02:00
github-actions[bot] d78f502c6b
Merge master into staging-next 2023-08-27 06:00:58 +00:00
Nick Cao 3b5bb2461c
Merge pull request #249726 from hughobrien/restic-service-network-target 
nixos/restic: wait for network-online for timed backups
 2023-08-27 13:06:19 +08:00
github-actions[bot] 47ae3f6c28
Merge master into staging-next 2023-08-27 00:02:24 +00:00
Theodore Ni 80a74ec050
Merge branch 'master' into staging-next 
Manually fixed a merge conflict between https://github.com/NixOS/nixpkgs/pull/227900
and https://github.com/NixOS/nixpkgs/pull/246022.
 2023-08-26 16:08:02 -07:00
kyren 7c2a459244 aseprite: drop free version and alias to unfree version 
The free version of Aseprite has a maintained fork, LibreSprite which is
already packaged in nixpkgs. The only really useful version of Aseprite
vs LibreSprite is the unfree version, and the free version will never
receive updates.
 2023-08-26 19:03:38 -04:00
Franz Pletz da9db25ca4
Merge pull request #222515 from codedownio/tmux-run-plugins-last 2023-08-26 22:47:33 +02:00
Maciej Krüger ebdd6efe6c
Merge pull request #251412 from karolinschlegel/update-odoo 2023-08-26 21:32:48 +02:00
Janik 321734bc2b
Merge pull request #251157 from NetaliDev/vmagent-extra-options 2023-08-26 21:21:11 +02:00
Janik 1f0c325739
Merge pull request #250976 from Shados/sddm-include-tmpfile-config 2023-08-26 20:21:20 +02:00
github-actions[bot] 3503eea847
Merge master into staging-next 2023-08-26 18:00:55 +00:00
Ryan Lahfa 72494b65bc
Merge pull request #219873 from r-ryantm/auto-update/dolibarr 2023-08-26 16:23:13 +02:00
Mario Rodas 913c460a8c
Merge pull request #251431 from adamcstephens/lxd/5.17 
lxd: 5.16 -> 5.17
 2023-08-26 09:19:53 -05:00
Adam Stephens 6175a329d2
lxd: fix passthru test building 2023-08-26 08:51:13 -04:00
Raito Bezarius 7207b25099 nixos/tests/dolibarr: use -X GET instead -X POST to test for redirection 
Previously, we were POST-ing the homepage to test for redirection, this is wrong.

We are supposed to GET-ing it.

This is fixed.
 2023-08-26 13:44:19 +02:00
Karolin Schlegel 19d7454123 odoo: 15.20230317 -> 16.20230722 2023-08-26 10:22:57 +02:00
github-actions[bot] 7acb56e802
Merge master into staging-next 2023-08-26 06:00:59 +00:00
Peter Hoeg 8a390e0210 doc: document baloo re-indexing 2023-08-26 06:45:39 +02:00
Franz Pletz 08c65ad526
Merge pull request #251370 from leona-ya/paperless-ngx-mail-ca-certs 
nixos/paperless: allow systemd services to read ca-certificates
 2023-08-26 03:20:25 +02:00
Franz Pletz da37904672
Merge pull request #246772 from R-VdP/nixos-user-expiry 
nixos/update-users-groups: add support for account expiry
 2023-08-26 02:41:34 +02:00
github-actions[bot] a23616289b
Merge master into staging-next 2023-08-26 00:01:43 +00:00
Franz Pletz fe907aa37e
Merge pull request #242365 from h7x4/add-mysqld-exporter 
services/prometheus/exporters: add mysqld
 2023-08-25 23:56:22 +02:00
github-actions[bot] e79f8fd118
Merge master into staging-next 2023-08-25 18:00:58 +00:00
Majiir Paktu 1f34babe84 nixos/network-interfaces-systemd: add bridge interfaces in systemd-initrd 2023-08-25 13:11:40 -04:00
Majiir Paktu a3211ceb47 nixos/tests/systemd-initrd-bridge: init 2023-08-25 13:11:20 -04:00
Leona Maroni 87f21ac4e6
nixos/paperless: allow systemd services to read ca-certificates 
This fixes a regression introduced with the update to 1.17.0.
Since this version paperless-ngx checks the ssl certificates of remote
email servers.
 2023-08-25 16:54:04 +02:00
Majiir Paktu 2cb4671ebc nixos/network-interfaces-systemd: add VLAN interfaces in systemd-initrd 2023-08-25 10:44:43 -04:00
revol-xut 0ebb3b6ed8 nixos/netbox: add keycloakClientSecret option 2023-08-25 15:42:44 +01:00
Majiir Paktu 1f845ebc34 nixos/tests/systemd-initrd-vlan: init 2023-08-25 10:32:10 -04:00
Maximilian Bosch c4494e2f9b
Merge pull request #251293 from linj-fork/fix-pass 
pass: stop installing password-store.el
 2023-08-25 14:32:57 +02:00
github-actions[bot] 8680fe99a1
Merge master into staging-next 2023-08-25 12:01:24 +00:00
Lin Jian 665651c736 emacs: remove outdated doc about package initialization 
Since Emacs 27[1], there is no need to call package-initialize in the
init file.

[1]: https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS.27?id=cae528457cb862dc886a34240c9d4c73035b6659#n227
 2023-08-25 10:22:30 +00:00
Lin Jian 0d3ba90f52 nixos/emacs: replace emacs with Emacs in the doc 2023-08-25 10:22:30 +00:00
Arnout Engelen 4dcaa04151
Merge pull request #242942 from raboof/prometheus-nextcloud-auth-token 
prometheus-exporter-nextcloud: support for auth tokens
 2023-08-25 09:54:23 +02:00
Ingolf Wagner 7f2b869560
nixos/tts: fix error messages read before text 
with a config like this :

```
services.tts = {
  servers = {
    english = {
      enable = true;
      port = 5300;
      model = "tts_models/en/ljspeech/vits"
    };
  };
};
```

You the WAVs tts creates contain an error message which will be read to
you before the text you typed in will be read to you.
This patch fixes that.
 2023-08-25 09:48:46 +02:00
Lin Jian 85217382d6
pass: stop installing password-store.el 
password-store.el is on MELPA so it is available in Nixpkgs as
emacs.pkgs.password-store.

Using emacs.pkgs.password-store is preferred because of better package
quality:
- Emacs lisp package dependencies are automatically installed
- byte-compilation is done
- native-compilation is done
 2023-08-25 12:33:54 +08:00
github-actions[bot] d4c8d05cac
Merge master into staging-next 2023-08-25 00:01:49 +00:00
Ilan Joselevich 0f95d1cfe1
Merge pull request #248748 from acid-bong/zshLsColors 
nixos/zsh: add enableLsColors
 2023-08-24 22:04:43 +03:00
Ilan Joselevich 649fadd226
Merge pull request #250761 from gepbird/dwm-fix-java-gui 
dwm: add _JAVA_AWT_WM_NONREPARENTING=1
 2023-08-24 22:02:38 +03:00
github-actions[bot] abaaf09a76
Merge master into staging-next 2023-08-24 18:00:52 +00:00
Benjamin Staffin 63f858bdf8
hddfancontrol: license and metadata tweaks (#251184) 
* nixos/hddfancontrol: missed a few code review tweaks

Following up on https://github.com/NixOS/nixpkgs/pull/239801#pullrequestreview-1498132501

* hddfancontrol: Fix license field
 2023-08-24 12:41:43 -04:00
Jennifer Graul f0b76e7d10
nixos/vmagent: add extraOptions option 2023-08-24 15:09:29 +02:00
github-actions[bot] 4328391132
Merge master into staging-next 2023-08-24 12:01:05 +00:00
K900 9ab379753f
Merge pull request #250974 from K900/wine-binfmt-mask 
nixos/binfmt: use PE magic to detect Wine executables
 2023-08-24 12:54:21 +03:00
Ryan Lahfa 4fb9aeae23
Merge pull request #250843 from RaitoBezarius/listmonk 2023-08-24 10:59:58 +02:00
Pierre Bourdon 4428f3a79a
Revert "nixos/security/wrappers: simplifications and a fix for #98863" 2023-08-24 08:35:11 +02:00
github-actions[bot] a451dcf514
Merge master into staging-next 2023-08-24 06:01:14 +00:00
Mario Rodas 8720d96225
Merge pull request #248395 from adamcstephens/lxd/tests 
nixos/tests/lxd: move into subdir, use minimal init, remove sleeps
 2023-08-24 00:37:04 -05:00
Nick Cao 6408fedbfa
Merge pull request #248855 from NickCao/zram-generator 
nixos/zram: use nixos/zram-generator as backing implementation
 2023-08-24 08:57:22 +08:00
Nick Cao 8d524e610b
Merge pull request #249502 from oddlama/feat-influxdb-provision-full 
nixos/influxdb2: add provisioning and nixos tests
 2023-08-24 08:55:38 +08:00
Nick Cao e2689c1c98
nixos/zram-generator: drop outdated comments 2023-08-24 08:47:19 +08:00
github-actions[bot] 18b5b2d448
Merge master into staging-next 2023-08-24 00:01:48 +00:00
Pierre Bourdon 0930308453
Merge pull request #199599 from robryk/suidwrapnoreal 
nixos/security/wrappers: simplifications and a fix for #98863
 2023-08-24 01:09:36 +02:00
Ilan Joselevich 49f76fea56
Merge pull request #251032 from Kranzes/twingate-resolved 
nixos/twingate: avoid conflicts with resolved
 2023-08-24 01:39:27 +03:00
Pol Dellaiera ef45c82289
Merge pull request #250648 from mfrw/mfrw/tailscale 
tailscale: 1.46.1 -> 1.48.1
 2023-08-24 00:22:26 +02:00
Felix Bühler fb6665f4de
Merge pull request #250970 from alyssais/virtualbox-test-eval 
nixosTests.virtualbox: fix eval
 2023-08-23 22:02:34 +02:00
Ilan Joselevich e739ef8066
nixos/twingate: avoid conflicts with resolved 2023-08-23 23:01:47 +03:00
Emily 73a060e7ca
Merge pull request #244626 from Sohalt/caddy-rfc42 
nixos/caddy: Add rfc42 settings option
 2023-08-23 20:36:46 +02:00
github-actions[bot] 3e9e11f99a
Merge master into staging-next 2023-08-23 18:01:00 +00:00
Benjamin Staffin 5b198578db
Merge pull request #239801 from benley/hddfancontrol 
hddfancontrol: init at 1.5.1 (plus nixos module)
 2023-08-23 13:32:37 -04:00
Benjamin Staffin 12b3178bd2 nixos/hddfancontrol: initial module & test 2023-08-23 13:25:29 -04:00
Raito Bezarius ffdeabbadf listmonk: perform tests only linux supported platforms 
Otherwise, Darwin will try to run them and fail.
 2023-08-23 17:50:28 +02:00
Alyssa Ross 42f1b5c6db
nixosTests.os-prober: add bintools to the VM 
machine # warning: error: unable to download 'https://ftpmirror.gnu.org/bash/bash-5.2.tar.gz': Couldn't resolve host name (6); retrying in 329 ms
machine # warning: error: unable to download 'https://ftpmirror.gnu.org/bash/bash-5.2.tar.gz': Couldn't resolve host name (6); retrying in 530 ms
machine # warning: error: unable to download 'https://ftpmirror.gnu.org/bash/bash-5.2.tar.gz': Couldn't resolve host name (6); retrying in 1066 ms
machine # warning: error: unable to download 'https://ftpmirror.gnu.org/bash/bash-5.2.tar.gz': Couldn't resolve host name (6); retrying in 2544 ms
machine # [ 1283.199545] GUEST-test1[1465]: [  414.478221] stage-1-init: [Wed Aug 23 13:26:29 UTC 2023] + loadkmap
machine # error:
machine #        … writing file '/nix/store/v28dv6l0qk3j382kp40bksa1v6h7dx9p-bash-5.2.tar.gz'
machine #
machine #        error: unable to download 'https://ftpmirror.gnu.org/bash/bash-5.2.tar.gz': Couldn't resolve host name (6)
machine # error: builder for '/nix/store/5jrd75v747s76s16zxk59384xfcjqn58-bash-5.2.tar.gz.drv' failed with exit code 1
machine # error: 1 dependencies of derivation '/nix/store/0cgj4m2h51hjhmz5h4440pd73kv5lm5v-bash-5.2-p15.drv' failed to build
machine # error: 1 dependencies of derivation '/nix/store/d2x66i0dfv9w81gl1w3nbkn0nz7mawaz-bash-5.2-p15.drv' failed to build
machine # error: 1 dependencies of derivation '/nix/store/lcz1v3h1nsbyz2fp7xkp113jvyjqq0sx-bash-5.2-p15.drv' failed to build
machine # building '/nix/store/20d5pi1a5i9jj041i0gvr9zcs7bjbw46-binutils-2.40.tar.bz2.drv'...
machine # error: 1 dependencies of derivation '/nix/store/zb0ykvcllgc8l9ki38fdv9n8xp3rnphb-gcc-12.3.0.drv' failed to build
machine # error: 1 dependencies of derivation '/nix/store/7kxjnzmc79sickp7hiyp8v169idyw8f2-gettext-0.21.1.drv' failed to build
machine # error: 1 dependencies of derivation '/nix/store/wp7hpglhgwljl3fsfyx8caaakh4a1r72-xgcc-12.3.0.drv' failed to build
machine # error: 1 dependencies of derivation '/nix/store/f7glbcn7n59k22b911bx1vyy13g4bdxh-binutils-2.40.drv' failed to build
machine # error: 1 dependencies of derivation '/nix/store/q7yvprjmnqprx743ikkcz4kqx2mjdas4-binutils-wrapper-2.40.drv' failed to build
machine # building '/nix/store/vks3aqqal1rjvrsbj61nl1yh7r5shhdh-builder.pl.drv'...
machine # error: 1 dependencies of derivation '/nix/store/qmdff14r0l31mzx8al7h1kp9h5pck5wr-extra-utils.drv' failed to build
machine # error: 1 dependencies of derivation '/nix/store/rdlk4188b2jp4ac38w94qazdaxk6sga9-stage-1-init.sh.drv' failed to build
machine # error: 1 dependencies of derivation '/nix/store/rq15acvd6hcr52a5dlmk1p7mlyzjack0-initrd-linux-6.1.46.drv' failed to build
machine # error: 1 dependencies of derivation '/nix/store/h1rch2zqjacijnn0szq2hgwmd6v1r1ld-nixos-system-nixos-23.11pre-git.drv' failed to build
 2023-08-23 13:50:44 +00:00
K900 c6cf85b0d5 nixos/binfmt: use PE magic to detect Wine executables 
Otherwise we break every Meson build because it creates native executables named foo.exe
 2023-08-23 16:20:57 +03:00
Alexei Robyn 4d0d7fb93e nixos/sddm: avoid systemd-tmpfiles-clean removing user's $XAUTHORITY 2023-08-23 22:52:50 +10:00
oddlama 8b5b7def91
nixos/influxdb2: add org, bucket, users and auth provisioning 2023-08-23 14:46:52 +02:00
Alyssa Ross 2d66a9db22
nixosTests.virtualbox: fix eval 
There's no "lib" in scope here.  The test uses "with pkgs.lib;", so
this failed to evaluate.

Fixes: 6672dde558 ("treewide: use optionalAttrs instead of 'else {}'")
 2023-08-23 12:25:34 +00:00
github-actions[bot] 11e56ed9bb
Merge master into staging-next 2023-08-23 12:01:03 +00:00
Atemu 65f20da184
Merge pull request #246008 from Atemu/emacs-daemon-fix-display 
nixos/emacs: start emacs service with the graphical-session
 2023-08-23 11:46:52 +02:00
Muhammad Falak R Wani 3f141be99c
tailscale: add mfrw as maintainer 
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
 2023-08-23 08:32:33 +05:30
github-actions[bot] 84387348d4
Merge master into staging-next 2023-08-23 00:01:50 +00:00
Raito Bezarius b4658cada3 listmonk: revamp the tests 
Previously, the transactional template was in id=2.
It is now id=3.

I moved a bit the code to improve the ability to load templates and subscribers properly.
I am planning to upstream `type` for templates API request so we can easily filter out
and select the accordingly template.
 2023-08-23 00:25:47 +02:00
sohalt c01874615b nixos/caddy: Add rfc42 settings option 2023-08-22 20:14:35 +02:00
Vincent Haupert 388bfcef4a nixos/github-runners: add nodeRuntimes option 2023-08-22 15:52:35 +02:00
Arian van Putten 3eb0214551 modules/image/repart: Fix stripNixStorePrefix 
It seems it wasn't working
 2023-08-22 13:09:03 +02:00
Gutyina Gergő 2a71e7815e
dwm: add _JAVA_AWT_WM_NONREPARENTING=1 
dwm is not in Java's internal list of non-reparrenting
window managers. Running Java GUI programs without this
variable on window managers (eg. jd-gui) causes the window
to be blank.
 2023-08-22 12:56:59 +02:00
github-actions[bot] 602e1b2392
Merge staging-next into staging 2023-08-22 06:01:39 +00:00
Samuel Dionne-Riel faa0c27293
Merge pull request #245739 from dev-null-undefined/grub-specialisations 
nixos/grub: Add submenu for each generation with specialisation
 2023-08-21 23:03:59 -04:00
github-actions[bot] 1f6fb14d17
Merge staging-next into staging 2023-08-22 00:02:25 +00:00
Benjamin Staffin 63e9b2f8c0
Merge pull request #246354 from minijackson/netbox-fixes 
netbox: 3.5.6 -> 3.5.7 + migration fixes + upgrade NixOS test
 2023-08-21 16:22:38 -04:00
dev-null-undefined a39526b3ef
nixos/grub: Add submenu for each generation with specialisation 
Before this commit there was no way to access (boot into) specialisation of previous generations from grub,even tho they are there.

This commit will add grub submenu for each generation if the generation has any specialisation.
Which will allow you to boot into them.

Co-authored-by: Samuel Dionne-Riel <samuel@dionne-riel.com>
 2023-08-21 21:44:42 +02:00
Ember Keske 0138e327c1 grocy: clear viewcache before start 2023-08-21 10:36:24 +02:00
Janne Heß eb831f759b
nixos/stc: Improve mount unit handling 
We should sometimes restart the units rather than reloading them so the
changes are actually applied. / and /nix are explicitly excluded because
there was some very old issue where these were unmounted. I don't think
this will affect many people since most people use fstab mounts instead
but I plan to adapt this behavior for fstab mounts as well in the future
(once I wrote a test for the fstab thingies).
 2023-08-21 09:07:14 +02:00
Bruno BELANYI 200c3bad42 nixos/woodpecker-agents: add 'path' option 
See #249602.
 2023-08-20 22:26:52 +02:00
Sigmanificient 0482394fe0 ragnarwm: init at 1.3.1 2023-08-20 18:20:39 +02:00
github-actions[bot] 435d3aef59
Merge staging-next into staging 2023-08-20 12:01:50 +00:00
github-actions[bot] 57d8f92a86
Merge master into staging-next 2023-08-20 12:01:23 +00:00
Rick van Schijndel 12701f7a26
Merge pull request #250248 from Artturin/onlylimiti686 
make-squashfs: Only limit cores to 48 on i686
 2023-08-20 11:26:28 +02:00
github-actions[bot] f6d3a09e06
Merge staging-next into staging 2023-08-20 06:01:25 +00:00
github-actions[bot] 1bb285561e
Merge master into staging-next 2023-08-20 06:00:56 +00:00
Bobby Rong 5f75be53ea
Merge pull request #249712 from bobby285271/upd/cinnamon-qt-style 
nixos/cinnamon: Override Qt apps style again
 2023-08-20 11:35:23 +08:00
github-actions[bot] 8a62479e06
Merge staging-next into staging 2023-08-20 00:03:24 +00:00
github-actions[bot] f6a4c6f912
Merge master into staging-next 2023-08-20 00:02:29 +00:00
Tobias Widmann e4a62b0fd1 nixos/htop: fix boolean values in settings option 
When generating htoprc, in order to be recognized by htop, a boolean value
of 'false' should be written as '0', not an empty string.
 2023-08-20 00:10:24 +02:00
Martin Weinelt 7c75694db9
Merge pull request #240982 from rnhmjoj/pr-jool 
nixos/jool: add service for setting up SIIT/NAT64
 2023-08-19 23:32:05 +02:00
Artturin 91dd8b9324 make-squashfs: Only limit cores to 48 on i686 
There shouldn't be a need to limit it on other systems
 2023-08-19 23:40:07 +03:00
Doron Behar ab1fe60481
Merge pull request #249860 from errnoh/goxlr-utility 
goxlr-utility: init at 0.12.6 (fixes #243701)
 2023-08-19 19:10:40 +00:00
github-actions[bot] 9145b3fd81
Merge staging-next into staging 2023-08-19 18:01:22 +00:00
github-actions[bot] b34f222b02
Merge master into staging-next 2023-08-19 18:00:51 +00:00
Bruno BELANYI 6dd4c5f73f nixos/woodpecker-agents: use 'literalExample' 
The next commit is going to add an option which takes a list of
packages. So the example must be converted to make it documentable.

This will also allow adding comments, to explain why some options are
used.
 2023-08-19 16:29:10 +01:00
Bruno BELANYI 7d246a2873 nixos/woodpecker-agents: fix typos in doc 
The name of the backend is `local`, not `exec`.

`environmentFile` is supposed to be a list.
 2023-08-19 16:28:31 +01:00
Bruno BELANYI f7151209c4 nixos/woodpecker-agents: fix 'podman' example 
The name should match the fact that we're using `podman` instead of
`docker`.

And the group was wrong.
 2023-08-19 16:28:31 +01:00
Erno Hopearuoho 3748c8b483 goxlr-utility: init module 2023-08-19 17:16:41 +03:00
francescoDeSimone 42f0af4abe nixos/duplicati: add package option 2023-08-19 16:08:39 +02:00
Ilan Joselevich 6e3d657482
Merge pull request #247776 from f2k1de/graylog-5.1 
graylog-5_1: init at 5.1.4
 2023-08-19 16:00:11 +03:00
github-actions[bot] bb1bf988bc
Merge staging-next into staging 2023-08-19 12:01:31 +00:00
github-actions[bot] d3b2560b73
Merge master into staging-next 2023-08-19 12:01:03 +00:00
Ember Keske 0b1ef8ea9e grocy: 4.0.0 -> 4.0.2 2023-08-19 13:52:07 +02:00
Franz Pletz 4fe4a74fe5
Merge pull request #246713 from n0emis/grocy-4.0.0 
grocy: 3.3.0 -> 4.0.0
 2023-08-19 13:41:22 +02:00
Ember Keske 66ee520289 grocy: replace @ma27 with @n0emis as maintainer 2023-08-19 13:02:04 +02:00
Pol Dellaiera cac8909c85
Merge pull request #250100 from NixOS/ioquake3/update 
ioquake3: fix missing `.so` files at startup and clean-up
 2023-08-19 12:31:33 +02:00
Alexandre Iooss 64a71aea98 nixos/galene: do not restrict AF_NETLINK 
Built-in TURN server requires AF_NETLINK address family.
 2023-08-19 08:47:01 +02:00
Pol Dellaiera 849c75577d
nixos/openarena: cleanup 
- Remove `with lib;`
- Add `package` config option
- Adjust paths accordingly in `ExecStart`
 2023-08-19 07:28:14 +02:00
Pol Dellaiera 5fdff213c9
nixos/quake3-server: add package config option 
- Remove top-level `with lib;`
 2023-08-19 07:07:08 +02:00
Hugh O'Brien a08d69ba63
nixos/restic: wait for network-online for timed backups 2023-08-18 20:02:16 -04:00
github-actions[bot] 313f7c5380
Merge staging-next into staging 2023-08-19 00:02:13 +00:00
github-actions[bot] 4a9909e0db
Merge master into staging-next 2023-08-19 00:01:42 +00:00
Theodore Ni ece0953571
Merge branch 'staging-next' into staging 2023-08-18 16:02:27 -07:00
Adam Stephens 1403486d17 nixos/lxd-agent: init module from distrobuilder generator 2023-08-18 22:28:59 +00:00
github-actions[bot] 1949ef2080
Merge master into staging-next 2023-08-18 18:00:57 +00:00
Nick Cao a4c6594dcd
nixos/influxdb2: do not load passwordFile and tokenFile when provisioning is disabled 2023-08-18 20:25:53 +08:00
Adam Stephens f1c0589e4c
nixos/tests/lxd: move into subdir, use minimal init, remove sleeps 2023-08-17 21:02:08 -04:00
github-actions[bot] f1d7a13229
Merge master into staging-next 2023-08-18 00:01:46 +00:00
Artturi 52be2cdfea
Merge pull request #249788 from Niki4tap/dwm-fix-hash 2023-08-17 22:08:55 +03:00
Felix Bühler 96481fd201
Merge pull request #249323 from kevincox/photoprism-chmod 
nixos.photoprism: Relax sandbox to allow running exiftool
 2023-08-17 21:01:40 +02:00
Niki4tap bd0b732bef dwm: use correct hash in example 2023-08-17 21:14:35 +03:00
Manuel Bärenz bad4b37c7e Remove turion (myself) as maintainer from some packages 
I have removed myself as maintainer from those packages that:

* Have at least one other maintainer
* Are outside of my actual expertise,
  i.e. I wouldn't really know how to fix them if they broke
 2023-08-17 17:20:18 +02:00
github-actions[bot] 3b76a64c44
Merge master into staging-next 2023-08-17 12:01:23 +00:00
Arnout Engelen 46d051737d
Merge pull request #248011 from onny/opensnitch-test 
nixos/opensnitch: add test
 2023-08-17 12:43:42 +02:00
Jacek Galowicz 36e94693b7
Merge pull request #245879 from teto/test-driver 
test-driver: add persistent history
 2023-08-17 11:57:37 +02:00
Bobby Rong 26adac4d27
nixos/cinnamon: Override Qt apps style again 
Use gtk2 to follow Mint's decision for now.
 2023-08-17 17:08:29 +08:00
Bobby Rong fd1f73aaa2
Merge pull request #249312 from FedericoSchonborn/budgie/magpie 
budgie.magpie: init at 0.9.2, replace Mutter with it on Budgie
 2023-08-17 15:43:43 +08:00
Bobby Rong 888d0bb9fa
Merge pull request #249561 from bobby285271/fix/fail-test-when-coredump 
nixosTests.pantheon, nixosTests.budgie: Fail the test when coredump happens
 2023-08-17 15:33:25 +08:00
github-actions[bot] 2e936d668c
Merge master into staging-next 2023-08-17 06:00:58 +00:00
Federico Damián Schonborn 9325eefbdc
nixos/budgie: Add Magpie to services.udev.packages 
Signed-off-by: Federico Damián Schonborn <fdschonborn@gmail.com>
 2023-08-17 00:56:43 -03:00
Nick Cao acd40c3925
Merge pull request #249432 from linj-fork/fix-aspell 
nixos/environment: stop setting ASPELL_CONF
 2023-08-17 08:20:52 +08:00
Ilan Joselevich fb1f530bc6
Merge pull request #249521 from Kranzes/oauth2-proxy 
nixos/oauth2_proxy: service after network.target -> network-online.target
 2023-08-17 03:16:10 +03:00
github-actions[bot] 43454c8a64
Merge master into staging-next 2023-08-17 00:01:52 +00:00
Freakmiko 66469836be Fix Lemmy Caddy config static path handling 
Due to lemmy-ui using a sub-path for the static files, the original static path handling was not sufficient
 2023-08-17 04:19:48 +08:00
github-actions[bot] 583df4e091
Merge master into staging-next 2023-08-16 18:01:01 +00:00
Jan Tojnar 86797b2008 Merge branch 'staging-next' into staging 
Conflicts:
- pkgs/development/libraries/qt-6/default.nix
  Merge a5b92645f1 and 0597d865ef
 2023-08-16 19:37:11 +02:00
Doron Behar 62730f2c31
Merge pull request #248701 from doronbehar/nixos/manpages 
nixos/install-tools: Add manpages to packages instead of seperating them
 2023-08-16 15:49:49 +00:00
Bobby Rong ba96b6bdaa
nixosTests.budgie: Re-add checks for budgie-wm 
This is the shell of the desktop, it is still a good idea to do something with it.
 2023-08-16 23:33:52 +08:00
Bobby Rong d86dc7c016
nixosTests.pantheon: Ensure the test fails when gala coredumps 
It can be possible that pgrep failed to catch this. See the GNOME 45 PR.
 2023-08-16 23:20:38 +08:00
Martin Weinelt e57875a2c4
Merge pull request #248409 from CobaltCause/conduit-0.6.0 
matrix-conduit: 0.5.0 -> 0.6.0
 2023-08-16 16:30:08 +02:00
K900 200eeb9ebe
Merge pull request #249101 from motiejus/headscale-oidc 
headscale.oidc: client_secret_path is a string
 2023-08-16 17:23:56 +03:00
Maciej Krüger 56700d64b1
Merge pull request #226821 from enc0urage/memtest 2023-08-16 15:31:32 +02:00
Nick Cao 2dadab4889
Merge pull request #249211 from oddlama/feat-influxdb-provision 
nixos/influxdb2: automatic initial setup and nixos tests
 2023-08-16 21:29:16 +08:00
oddlama b4d718f14a
nixos/influxdb2: add initial setup automation and nixos tests 2023-08-16 14:31:49 +02:00
github-actions[bot] d99b92b3f7
Merge master into staging-next 2023-08-16 12:01:02 +00:00
Janne Heß bc9b484db8
Merge pull request #232230 from oddlama/fix-activation-template-unit-specializations 
Fix detection of changed template unit specializations in switch-to-configuration.pl
 2023-08-16 13:46:45 +02:00
Ilan Joselevich 0a732d2adf
nixos/oauth2_proxy: service after network.target -> network-online.target 2023-08-16 14:40:33 +03:00
Robert Obryk 46c9aed62b nixos/security/wrappers: add one regression test for #98863 
Note that this regression test checks only s[gu]id wrappers. The issue
for capability wrappers is not fixed yet.
 2023-08-16 11:33:22 +02:00
Robert Obryk ff204ca32b nixos/security/wrappers: remove all the assertions about readlink(/proc/self/exe) 
Given that we are no longer inspecting the target of the /proc/self/exe
symlink, stop asserting that it has any properties. Remove the plumbing
for wrappersDir, which is no longer used.

Asserting that the binary is located in the specific place is no longer
necessary, because we don't rely on that location being writable only by
privileged entities (we used to rely on that when assuming that
readlink(/proc/self/exe) will continue to point at us and when assuming
that the `.real` file can be trusted).

Assertions about lack of write bits on the file were
IMO meaningless since inception: ignoring the Linux's refusal to honor
S[UG]ID bits on files-writeable-by-others, if someone could have
modified the wrapper in a way that preserved the capability or S?ID
bits, they could just remove this check.

Assertions about effective UID were IMO just harmful: if we were
executed without elevation, the caller would expect the result that
would cause in a wrapperless distro: the targets gets executed without
elevation. Due to lack of elevation, that cannot be used to abuse
privileges that the elevation would give.

This change partially fixes #98863 for S[UG]ID wrappers. The issue for
capability wrappers remains.
 2023-08-16 11:33:22 +02:00
Robert Obryk 11ca4dcbb8 nixos/security/wrappers: read capabilities off /proc/self/exe directly 
/proc/self/exe is a "fake" symlink. When it's opened, it always opens
the actual file that was execve()d in this process, even if the file was
deleted or renamed; if the file is no longer accessible from the current
chroot/mount namespace it will at the very worst fail and never open the
wrong file. Thus, we can make a much simpler argument that we're reading
capabilities off the correct file after this change (and that argument
doesn't rely on things such as protected_hardlinks being enabled, or no
users being able to write to /run/wrappers, or the verification that the
path readlink returns starts with /run/wrappers/).
 2023-08-16 11:33:22 +02:00
Robert Obryk ec36e0218f nixos/security/wrappers: stop using .real files 
Before this change it was crucial that nonprivileged users are unable to
create hardlinks to SUID wrappers, lest they be able to provide a
different `.real` file alongside. That was ensured by not providing a
location writable to them in the /run/wrappers tmpfs, (unless
disabled) by the fs.protected_hardlinks=1 sysctl, and by the explicit
own-path check in the wrapper. After this change, ensuring
that property is no longer important, and the check is most likely
redundant.

The simplification of expectations of the wrapper will make it
easier to remove some of the assertions in the wrapper (which currently
cause the wrapper to fail in no_new_privs environments, instead of
executing the target with non-elevated privileges).

Note that wrappers had to be copied (not symlinked) into /run/wrappers
due to the SUID/capability bits, and they couldn't be hard/softlinks of
each other due to those bits potentially differing. Thus, this change
doesn't increase the amount of memory used by /run/wrappers.
 2023-08-16 11:33:22 +02:00
WilliButz da5c3bde30
Merge pull request #248405 from fpletz/pkgs/mediamtx-1.0.0 
mediamtx: 0.23.8 -> 1.0.0, refactor module, add test
 2023-08-16 11:30:18 +02:00
Doron Behar 307da96e17
nixos/doc: small rephrase in documentation of documentation 
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
 2023-08-16 06:24:37 +00:00
Lin Jian 1c704628dc
nixos/environment: stop setting ASPELL_CONF 
We set[1] ASPELL_CONF to the last nix profile containing lib/aspell in
2013.  In 2017, aspell is patched[2] to search NIX_PROFILES, which
makes [1] not needed any more.

Deleting it is also agreed in this discussion[3].

[1]: 0192c02720
[2]: ba4cefe4ae
[3]: https://github.com/NixOS/nixpkgs/pull/30234
 2023-08-16 09:18:45 +08:00
github-actions[bot] bc80066085
Merge master into staging-next 2023-08-16 00:01:57 +00:00
Nikolay Korotkiy 6f46c37d92
nixosTests.agate: switch to using gemget 2023-08-16 01:26:54 +04:00
Jan Tojnar 86f6b16d28 Merge branch 'master' into staging-next 
Conflicts:
- pkgs/servers/mail/mailman/python.nix (relevant to mailman-web)
  between f8a17e4200 and 84f6a6755a
 2023-08-15 21:39:20 +02:00
Izorkin 272b35bc91
mariadb-connector-c: enable default v3.3.x 2023-08-15 21:02:28 +03:00
Pol Dellaiera 11f3cbc0c3
Merge pull request #246181 from jvanbruegge/haproxy-package 
nixos/haproxy: allow to specify haproxy package
 2023-08-15 19:46:13 +02:00
Maximilian Bosch 609397e683
Merge pull request #249308 from r-ryantm/auto-update/prometheus-smartctl-exporter 
prometheus-smartctl-exporter: 0.9.1 -> 0.10.0
 2023-08-15 16:27:32 +02:00
Maximilian Bosch 2b42b842ed
nixos/prometheus-exporters: fix smartctl test 2023-08-15 15:44:45 +02:00
Silvan Mosberger be9b7ddbdc
Merge pull request #246447 from 999eagle/update/invidious 
invidious: unstable-2023-06-06 -> unstable-2023-08-07
 2023-08-15 14:05:19 +02:00
Kevin Cox 86c67a1f11
nixos.photoprism: Relax sandbox to allow running exiftool 
exiftool is written in Perl which appears to call `chown` as part of startup. This is blocked by the `@privileged` system call group. This causes a failure when changing image orientation.

Fixes: https://github.com/NixOS/nixpkgs/issues/249120
 2023-08-15 07:58:42 -04:00
Jan van Brügge 90da2c1223
nixos/haproxy: allow to specify haproxy package 2023-08-15 12:24:55 +01:00
linsui 0e6827ed9c nixos/gdm: switch to dconf settings 2023-08-15 19:20:39 +08:00
linsui 038d78d4ce nixos/dconf: add locks support 2023-08-15 19:20:39 +08:00
linsui fb52d5df86 nixos/dconf: add settings support 2023-08-15 19:20:39 +08:00
linsui cce75fa51e nixos/dconf: refractor 
remove `with lib;`
profiles option now accepts packages in addition to paths.
profiles option is no longer internal.
cfgDir definition has been inlined.
pulled GIO_EXTRA_MODULES inside mkif.
removed pointless comments with section headings.
defined profiles are now turned into package, allowing to simplify the db update logic.
 2023-08-15 19:20:39 +08:00
Kerstin f65301cdd3
Merge pull request #219700 from h7x4/kanidm-add-package-option 
nixos/kanidm: add package option
 2023-08-15 12:06:11 +02:00
Michele Guerini Rocco e7a57d07a8
Merge pull request #248390 from sersorrel/picom-package 
nixos/picom: add `package` option
 2023-08-15 11:05:35 +02:00
Sophie Tauchert 1a3b7f61b2
nixos/invidious: generate hmac_key automatically 
This change also generates the invidious config by putting JSON
snippets into a bash array and then using jq to merge them all into
a single configuration where later elements override previous
elements.
 2023-08-15 10:48:30 +02:00
h7x4 655a04a8fa
nixos/kanidm: add package option 
Signed-off-by: h7x4 <h7x4@nani.wtf>
 2023-08-15 10:05:44 +02:00
github-actions[bot] df770ba961
Merge master into staging-next 2023-08-15 06:01:24 +00:00
Nick Cao fecb8c7752
nixosTests.fcitx5: make use of the newly added settings option 2023-08-15 08:36:07 +08:00
Nick Cao 2af24d4417
nixos/fcitx5: fix evaluation 2023-08-15 08:15:41 +08:00
github-actions[bot] 039c7dfa75
Merge master into staging-next 2023-08-15 00:01:55 +00:00
Silvan Mosberger 50d11650a7
Merge pull request #245243 from tweag/contributing-combining 
Clean up contributing documentation
 2023-08-14 21:06:06 +02:00
github-actions[bot] 674c2b1920
Merge master into staging-next 2023-08-14 18:01:03 +00:00
Silvan Mosberger de5a39f5e7 CONTRIBUTING.md: Move boot loader-specific sentence to pkgs/README.md 
This needs a rewrite at some point..
 2023-08-14 19:50:02 +02:00
Maximilian Bosch a471325eaf
Merge pull request #221318 from mweinelt/synapse-extras 
nixos/matrix-synapse: Allow passing extras, discover extras from config
 2023-08-14 18:43:05 +02:00
K900 25c37880ec
Merge pull request #249150 from Ma27/tempo-extraflags 
nixos/tempo: add `extraFlags` option
 2023-08-14 19:24:31 +03:00
Maximilian Bosch 10c6be32e4
nixos/tempo: add extraFlags option 
Main use-case for me is to specify `-config.expand-env=true` which
allows me inject secrets via systemd's environment file mechanism[1]
like this:

    storage.trace.s3 = {
      /* all the other stuff */
      secret_key = "\${GARAGE_SECRET_KEY}";
    };

[1] https://grafana.com/docs/tempo/latest/configuration/#use-environment-variables-in-the-configuration
 2023-08-14 18:07:24 +02:00
github-actions[bot] af70853335
Merge master into staging-next 2023-08-14 12:01:04 +00:00
Alejandro Angulo 874e431f7a rl-2311: mention upgrade of html-proofer to major version 5 2023-08-14 11:26:50 +00:00
Motiejus Jakštys 28cf78b857 headscale.oidc: client_secret_path is a string 
It can be include an environment-variable, like
`${CREDENTIALS_DIRECTORY}/some-path`, failing validation for
`types.path`.
 2023-08-14 13:03:06 +03:00
Nick Cao 2e6e83d27a
Merge pull request #244982 from linsui/fcitx5 
nixos/fcitx5: add settings
 2023-08-14 03:01:41 -06:00
Robert Hensing 8fe5918d06
Merge pull request #248138 from hercules-ci/update-nixops_unstable 
nixops_unstable: update
 2023-08-14 11:00:44 +02:00
linsui 30bb15152e nixos/fcitx5: add settings 2023-08-14 16:25:17 +08:00
Ilan Joselevich e0fad0515b
nixos/picom: use lib.getExe 
Co-authored-by: Jian Lin <75130626+jian-lin@users.noreply.github.com>
 2023-08-14 11:19:41 +03:00
Ilan Joselevich 94a3092895
nixos/picom: mkPackageOption -> mkPackageOptionMD 2023-08-14 11:18:06 +03:00
Enno Richter 3f52185de8 boot.initrd.systemd: make TPM2 modules optional 2023-08-14 09:34:29 +02:00
github-actions[bot] b782e1dc08
Merge master into staging-next 2023-08-14 06:00:58 +00:00
enc0urage 00d7065913 nixos/systemd-boot: Replace proprietary memtest86 with free memtest86+ in UEFI 2023-08-14 03:05:24 +00:00
Silvan Mosberger 15ca783f10 nixos/README.md: GitHub markdown fixes 2023-08-14 04:49:24 +02:00
Bobby Rong 85efefd8f4
Merge pull request #248544 from bobby285271/rm/qgnomeplatform 
nixos/pantheon, nixos/cinnamon: Drop qgnomeplatform
 2023-08-14 10:49:10 +08:00
github-actions[bot] 667a7541cd
Merge master into staging-next 2023-08-14 00:01:53 +00:00
Silvan Mosberger 5789cc3754 CONTRIBUTING.md: Clean up "Making patches" section 
Moving and collecting bits into the appropriate places, also writing
some new sentences
 2023-08-13 22:04:57 +02:00
Silvan Mosberger f3a050a191 doc/reviewing-contributions: Rough move to new contribution doc files 
No content was changed, new titles are wrapped with () to signal that
they will need to be decided on in a future commit.

Section in the manual have been preserved with a simple redirect to
GitHub, the proper anchors should be filled out in a future commit once
the new section names are decided.
 2023-08-13 22:04:56 +02:00
Silvan Mosberger d70091c3ad Create unified markdown files for contributing docs 2023-08-13 21:54:50 +02:00
LёNya 54f5045571 nixos/zoneminder: replace lib.optional with lib.optionals to make module work 2023-08-13 22:32:42 +03:00
github-actions[bot] 12e030d6da
Merge master into staging-next 2023-08-13 18:00:59 +00:00
h7x4 66de20bc45
tests/prometheus-exporters: add test for mysqld exporter 2023-08-13 19:47:19 +02:00
h7x4 8981783b60
services/prometheus/exporters: add mysqld 
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
 2023-08-13 19:46:30 +02:00
Bernardo Meurer 70dd76d94f
Merge pull request #247475 from qowoz/nix217 2023-08-13 13:27:20 -04:00
Jonas Heinrich 5e6e949e84 nixos/opensnitch: add test 2023-08-13 17:49:19 +02:00
Fugi 5e75b36302
nixos/prometheus-sabnzbd-exporter: init 2023-08-13 16:31:52 +02:00
Jonas Heinrich c5f4a46036 nixos/opensnitch: Add support for EPBF process monitor 
Co-authored-by: Slime90
 2023-08-13 22:19:48 +08:00
Atemu 5f98e7c92b
Merge pull request #247357 from atorres1985-contrib/emacs-update 
emacs: update to 29.1
 2023-08-13 16:15:36 +02:00
Atemu 7706f570a7 dnscrypt-proxy: rename from dnscrypt-proxy2 
An alias is added for dnscrypt-proxy2
 2023-08-13 16:03:31 +02:00
Janne Heß da6c61cc19
nixos/manual: Add chapter about instance unit overrides 2023-08-13 14:40:25 +02:00
Janne Heß d995da11d8
nixos/switch-to-configuration: Fix unit location in toplevel 2023-08-13 14:26:30 +02:00
Janne Heß 7937c5816d
nixos/switchTest: Also check for base unit modifications 2023-08-13 14:25:24 +02:00
enc0urage 1488a2bc1a nixos/grub: Replace proprietary memtest86 with free memtest86+ in UEFI mode 2023-08-13 12:04:34 +00:00
github-actions[bot] 0ee8715a0d
Merge master into staging-next 2023-08-13 12:00:52 +00:00
happysalada 4022b2733a nixos/rustus: add user name to enable restoring of backups 2023-08-13 12:59:20 +01:00
Jörg Thalheim 38b2c039bd gitea-actions-runner: restart on failure 2023-08-13 12:54:15 +01:00
DavHau 3d58bac73b services.gitea-actions-runner: make ExecStartPre extensible 2023-08-13 12:54:15 +01:00
Jörg Thalheim 7ad7e99370 nixos/gitea-actions-runner: settings option to configure daemon 2023-08-13 12:54:15 +01:00
Nick Cao 0814089e05
nixos/zram: use nixos/zram-generator as backing implementation 2023-08-13 15:38:40 +08:00
Nick Cao a7e095d9fd
nixos/zram-generator: init 2023-08-13 15:36:23 +08:00
github-actions[bot] f5eb026a2a
Merge master into staging-next 2023-08-13 06:00:52 +00:00
Nick Cao 722e1e2313
Merge pull request #247899 from DavHau/zerotier-docs 
nixos/zerotierone: document networks never left automatically
 2023-08-13 00:00:35 -06:00
Bobby Rong ddd4973ddb
nixos/cinnamon: Drop qgnomeplatform 
The upstream is not maintained, and qadwaitadecoration
does not seem to be xorg-related. We should have proper
shadows when using SSD.
 2023-08-13 12:21:54 +08:00
Bobby Rong f4e1e8627d
nixos/pantheon: Drop qgnomeplatform 
The upstream is not maintained, and qadwaitadecoration
does not seem to be xorg-related. We should have proper
shadows when using SSD.
 2023-08-13 12:21:54 +08:00
Samuel Dionne-Riel f064a5bcc2
Merge pull request #220263 from samueldr/feature/misc-grub-fixes 
nixos/grub: Fixes to allow flicker-free boot, themes and bug fixes
 2023-08-12 20:32:51 -04:00
Doron Behar 924a07dc22 nixos/doc: Improve documentation of documentation 
- Move contents of README.md from
  nixos/modules/installer/tools/manpages/ to
  nixos/doc/manual/contributing-to-this-manual.chapter.md.
- Don't mention DocBook as its obsolete and too specific.
- Rename derivation attribute name of configuration.nix(5) manual page,
  both on the `contributing-to-this-manual.chapter.md`, and in other
  places.
 2023-08-12 22:28:04 +03:00
github-actions[bot] 1c639fb6fb
Merge master into staging-next 2023-08-12 18:00:55 +00:00
Acid Bong c76bb0d58e
nixos/zsh: add enableLsColors 
Borrowed from nixos/bash/ls-colors module
 2023-08-12 20:53:05 +03:00
Jan Tojnar 08d242047c iso_gnome: Fix evaluation 
`qt.enable` option requires `qt.style` to be set.
Previously, this was set in GNOME module but it has been removed
in 622745942b
 2023-08-12 19:30:49 +02:00
Doron Behar 32f75a0f2a nixos/install-tools: Add manpages to packages instead of seperating them 
Since each such `nixos-*` tool has it's own derivation, exposed in pkgs,
There is no point in separating the manuals from the packages. If
someone wishes to have the tools without the manuals, they can use
meta.outputsToInstall to disable the installation of the manpages of
these packages. This Fixes #244450.
 2023-08-12 18:01:06 +03:00
Maximilian Bosch 66ab687151
Merge pull request #248131 from Ma27/captive-browser-setcap 
nixos/captive-browser: drop setcap wrapper for captive-browser
 2023-08-12 14:52:38 +02:00
github-actions[bot] 9f3079a7c3
Merge master into staging-next 2023-08-12 12:01:01 +00:00
Ilan Joselevich 2393e099a6
Merge pull request #247008 from fufexan/hyprland 
Update hyprwm packages and nixos/hyprland
 2023-08-12 14:55:29 +03:00
Doron Behar 9d0bb6e67a nixos-option: Include manual page in the package 2023-08-12 12:57:16 +03:00
Doron Behar 68e6cc5831 nixos-rebuild: Include manual page in the package 2023-08-12 12:52:46 +03:00
Franz Pletz b6fb9b86a4
Merge pull request #248586 from oddlama/fix-hostapd-pwfile 
nixos/hostapd: add missing stringification of path in INI format
 2023-08-12 10:55:47 +02:00
Jan Tojnar 622745942b nixos/gnome: Do not force Qt apps to Adwaita 
adwaita-qt tries valiantly to ensure a visual consistency
but unfortunately, it often falls into an uncanny valley instead.
Let’s make it opt-in again for more vanilla default experience.

Related: https://pagure.io/fedora-workstation/issue/351
 2023-08-12 10:29:34 +02:00
Franz Pletz 5522989d34
Merge pull request #248521 from ehmry/liquidsoap 
nixos/liquidsoap: restart always
 2023-08-12 10:21:35 +02:00
oddlama bbac87a2dd
nixos/hostapd: add missing stringification of path in INI format 2023-08-11 22:44:08 +02:00