Commit graph

6843 commits

Author SHA1 Message Date
WilliButz da5c3bde30
Merge pull request #248405 from fpletz/pkgs/mediamtx-1.0.0
mediamtx: 0.23.8 -> 1.0.0, refactor module, add test
2023-08-16 11:30:18 +02:00
Nikolay Korotkiy 6f46c37d92
nixosTests.agate: switch to using gemget 2023-08-16 01:26:54 +04:00
Maximilian Bosch 2b42b842ed
nixos/prometheus-exporters: fix smartctl test 2023-08-15 15:44:45 +02:00
linsui 038d78d4ce nixos/dconf: add locks support 2023-08-15 19:20:39 +08:00
Nick Cao fecb8c7752
nixosTests.fcitx5: make use of the newly added settings option 2023-08-15 08:36:07 +08:00
Maximilian Bosch a471325eaf
Merge pull request #221318 from mweinelt/synapse-extras
nixos/matrix-synapse: Allow passing extras, discover extras from config
2023-08-14 18:43:05 +02:00
Robert Hensing 8fe5918d06
Merge pull request #248138 from hercules-ci/update-nixops_unstable
nixops_unstable: update
2023-08-14 11:00:44 +02:00
enc0urage 00d7065913 nixos/systemd-boot: Replace proprietary memtest86 with free memtest86+ in UEFI 2023-08-14 03:05:24 +00:00
h7x4 66de20bc45
tests/prometheus-exporters: add test for mysqld exporter 2023-08-13 19:47:19 +02:00
Jonas Heinrich 5e6e949e84 nixos/opensnitch: add test 2023-08-13 17:49:19 +02:00
Fugi 5e75b36302
nixos/prometheus-sabnzbd-exporter: init 2023-08-13 16:31:52 +02:00
Janne Heß 7937c5816d
nixos/switchTest: Also check for base unit modifications 2023-08-13 14:25:24 +02:00
Franz Pletz 4fc07e7b48
nixos/tests/mediamtx: init 2023-08-10 20:43:26 +02:00
Ryan Lahfa ec409e6f79
Merge pull request #231673 from symphorien/suid_wrappers_userns 2023-08-10 11:52:59 +02:00
Franz Pletz 6574d90239
Merge pull request #248154 from onny/nextcloud-tests-fix
nixos/tests/nextcloud: Fix deprecation warning
2023-08-10 04:18:27 +02:00
Franz Pletz 50e7a02e67
nixos/chrony: add simple test 2023-08-10 03:04:04 +02:00
Franz Pletz 8e372c19d1
Merge pull request #245286 from codec/add-prometheus-idrac-exporter
prometheus-idrac-exporter: init at unstable-2023-06-29
2023-08-10 00:58:03 +02:00
Jonas Heinrich 14f7b1161d nixos/tests/nextcloud: Fix deprecation warning 2023-08-09 16:57:57 +02:00
Robert Hensing 4b51c5360f nixops_unstable: Fix tests attribute
The .overrideAttrs part is ok now, but a "passthru' workaround is
necessary now. See https://github.com/NixOS/nixpkgs/pull/247520
2023-08-09 15:47:13 +02:00
Franz Pletz dcafb07ed8
Merge pull request #232250 from YBeaugnon/libvirt-hooks
nixos/libvirtd: hooks support
2023-08-09 15:07:52 +02:00
Guillaume Girol 0e4b8a05b2 nixos/wrappers: allow setuid and setgid wrappers to run in user namespaces
In user namespaces where an unprivileged user is mapped as root and root
is unmapped, setuid bits have no effect. However setuid root
executables like mount are still usable *in the namespace* as the user
already has the required privileges. This commit detects the situation
where the wrapper gained no privileges that the parent process did not
already have and in this case does less sanity checking. In short there
is no need to be picky since the parent already can execute the foo.real
executable themselves.

Details:
man 7 user_namespaces:
   Set-user-ID and set-group-ID programs
       When a process inside a user namespace executes a set-user-ID
       (set-group-ID) program, the process's effective user (group) ID
       inside the namespace is changed to whatever value is mapped for
       the user (group) ID of the file.  However, if either the user or
       the group ID of the file has no mapping inside the namespace, the
       set-user-ID (set-group-ID) bit is silently ignored: the new
       program is executed, but the process's effective user (group) ID
       is left unchanged.  (This mirrors the semantics of executing a
       set-user-ID or set-group-ID program that resides on a filesystem
       that was mounted with the MS_NOSUID flag, as described in
       mount(2).)

The effect of the setuid bit is that the real user id is preserved and
the effective and set user ids are changed to the owner of the wrapper.
We detect that no privilege was gained by checking that euid == suid
== ruid. In this case we stop checking that euid == owner of the
wrapper file.

As a reminder here are the values of euid, ruid, suid, stat.st_uid and
stat.st_mode & S_ISUID in various cases when running a setuid 42 executable as user 1000:

Normal case:
ruid=1000 euid=42 suid=42
setuid=2048, st_uid=42

nosuid mount:
ruid=1000 euid=1000 suid=1000
setuid=2048, st_uid=42

inside unshare -rm:
ruid=0 euid=0 suid=0
setuid=2048, st_uid=65534

inside unshare -rm, on a suid mount:
ruid=0 euid=0 suid=0
setuid=2048, st_uid=65534
2023-08-09 12:00:00 +00:00
Robert Hensing bc9d2d6a7c
Merge pull request #247520 from Atemu/fix/kernel-passthru.tests
kernel: fix passthru.tests
2023-08-08 21:29:19 +02:00
Michele Guerini Rocco ccc33bd3d7
Merge pull request #245852 from rnhmjoj/pr-fix-dnscrypt
dnscrypt-wrapper fixes
2023-08-08 10:34:27 +02:00
Franz Pletz 9640eb3970
Merge pull request #246029 from ehmry/eris-go 2023-08-08 06:18:03 +02:00
Franz Pletz 7fdf825d82
Merge pull request #247823 from emilylange/caddy 2023-08-08 05:57:37 +02:00
emilylange efdcf6b96c
nixosTests.caddy: remove etag subtest
Caddy 2.7.x does no longer return etags for files with unix modtimes of
0 and 1.
Files in /nix/store have a modtime of 1.

This is something that has been specifically implemented for nix.

For now, we decided to remove the test.
But I might reimplement a similar etag subtest some time in the future.
2023-08-07 23:47:07 +02:00
Wout Mertens ea07a9a98e
Merge pull request #247319 from DDoSolitary/patch-netdata-ipc
netdata: set NETDATA_PIPENAME to /run/netdata/ipc
2023-08-07 08:27:29 +02:00
emilylange 02601e17a5
nixosTests.forgejo: fork from nixosTests.gitea 2023-08-06 18:41:37 +02:00
Atemu a0dcabb690 kernel: fix passthru.tests
https://github.com/NixOS/nixpkgs/pull/191540 indirectly broke kernel
passthru.tests; calling the testsForLinuxPackages and testsForKernel functions
with some args intended for some other exposed test-internal function.

Organise the passed-through functions under `passthru` to prevent this from
happening.
2023-08-06 15:47:54 +02:00
Atemu 6229f0bc8f all-tests: exclude passthru attributes from test discovery
discoverTests tries to discover some sort of internal function and tries to call
it with the arguments for that internal function. This poses an issue when you
want to expose some other functions (i.e. a parameterisation for a test) in
nixosTests.

This commit allows a test to pass through arbitrary values via `.passthru`
without them having discovery applied to them; including functions.
2023-08-06 15:40:10 +02:00
Gregor Godbersen 540a20546a nixos/paperless: add test for plaintext document 2023-08-05 22:06:27 +02:00
DDoSolitary 060a47e1e4
netdata: set NETDATA_PIPENAME to /run/netdata/ipc
Netdata creates its control socket at /tmp/netdata-ipc by default, which
is insecure and actually inaccessible with systemd's PrivateTmp enabled.

Originally we patched its source code to move the socket to
/run/netdata/ipc. However, it was removed due to incompatibility when
upgrading to v1.41.0: 1d2a2dc7d0

Fortunately, this new version of netdata adds support for setting the
location of the control socket via the environment variable
NETDATA_PIPENAME. So let's set it for the netdata service and the
command line utility so that they can communicate properly.
2023-08-05 18:19:08 +08:00
Martin Weinelt 3d36620b0e
Merge pull request #247109 from helsinki-systems/fix/networking-test
nixos/tests/networking: dhcpd -> kea
2023-08-04 16:48:45 +02:00
ajs124 1690adc424 nixos/tests/networking/caseSensitiveRenaming: fix bash syntax
was introduced broken in 93502aa3b1
2023-08-04 14:38:08 +02:00
ajs124 799a69971e nixos/tests/networking: dhcpd -> kea
forgotten in 413d9d3864
2023-08-04 14:23:09 +02:00
ajs124 bf4d2e6c1e
Merge pull request #242538 from tnias/fix/apparmor
apparmor: add some policies and improve abstractions and utils
2023-08-04 13:05:52 +02:00
codec 47db2bfffb prometheus-idrac-exporter: init at unstable-2023-06-29 2023-08-04 00:57:19 +02:00
Bobby Rong 58a421640c
Merge pull request #246743 from bobby285271/fix/wait-for-x
nixos/tests/{budgie,gnome-flashback}: unbreak
2023-08-03 10:37:45 +08:00
Bobby Rong 0c3697f511
nixos/tests/gnome-flashback: skip graphical-session.target check
https://hydra.nixos.org/build/230009507/log

Also silence warning: Module argument `nodes.machine.config` is deprecated. Use `nodes.machine` instead.
2023-08-03 09:52:12 +08:00
Bobby Rong 0ec48ee059
nixos/tests/budgie: skip graphical-session.target check
https://hydra.nixos.org/build/230010129/log
2023-08-03 09:52:11 +08:00
Martin Weinelt a98ba7fdae
Merge pull request #246564 from erictapen/kanidm
kanidm: 1.1.0-alpha.12 -> 1.1.0-beta.13
2023-08-02 22:51:18 +02:00
r-vdp 127e2ed645
nixos/update-users-groups: add nixos test for the expires option 2023-08-02 13:51:06 +02:00
Nick Cao c1e1fe0068
Merge pull request #246533 from wineee/terminal-emulators
deepin-terminal: enable nixosTests.terminal-emulators
2023-08-01 18:27:28 -06:00
Nick Cao 33b6f8b63d
Merge pull request #246493 from NickCao/singbox
sing-box: 1.3.4 -> 1.3.5
2023-08-01 18:22:25 -06:00
Maximilian Bosch 1b623f27b0
Merge pull request #245357 from onny/nextcloud-fix-test
nixos/tests/nextcloud: Fix tests, fix broken webdav url
2023-08-01 18:14:13 +02:00
Martin Weinelt 184d15cc06
kanidm: 1.1.0-alpha.12 -> 1.1.0-beta.13
https://github.com/kanidm/kanidm/releases/tag/v1.1.0-beta.13

The kanidmd process now creates a unix socket, over which admin tasks
can be done, without having to shut kanidm down first.

The kanidm_unixd process now wants access to /etc/shadow and /etc/group,
so it can rule out collisions with the host system.
2023-08-01 17:13:58 +02:00
Minijackson de8086be4f
nixos/tests/netbox-upgrade: init
Test that the upgrade from NetBox 3.3 to NetBox 3.5 runs fine
2023-08-01 14:45:01 +02:00
h7x4 fd01b3f59c nixos/atuin: fix database.createLocally behaviour
Co-authored-by: Andrew Marshall <andrew@johnandrewmarshall.com>
2023-08-01 18:17:37 +08:00
Anderson Torres 871bf7c875 nixos/tests/systemd-initrd-networkd-ssh.nix: remove overuses of with 2023-08-01 10:12:12 +00:00
Anderson Torres 2dd9923c8a nixos/tests/sftpgo.nix: remove overuses of with 2023-08-01 10:12:12 +00:00
Anderson Torres c5ffb694d9 nixos/tests/osquery.nix: remove overuses of with 2023-08-01 10:12:12 +00:00
Anderson Torres 62f6f01085 nixos/tests/initrd-network-ssh/default.nix: remove overuses of with 2023-08-01 10:12:12 +00:00
Anderson Torres c532a4f227 nixos/tests/deepin.nix: remove overuses of with 2023-08-01 10:12:12 +00:00
Anderson Torres eb03402e28 nixos/tests/buildkite-agents.nix: remove overuses of with 2023-08-01 10:12:12 +00:00
Anderson Torres a282d36592 nixos/tests/binary-cache.nix: remove overuses of with 2023-08-01 10:12:12 +00:00
rewine 6fbb653d0e
nixosTests.terminal-emulators: deprecated machine' attribute by nodes.machine' 2023-08-01 18:01:18 +08:00
rewine 9278b39e90
deepin-terminal: enable nixosTests.terminal-emulators 2023-08-01 17:49:39 +08:00
Jonas Heinrich b0ba7d2406 nixos/tests/nextcloud: Fix broken webdav url
Starting with Rclone v1.63, which is used in the Nextcloud tests for
synchronization, the client relies on the correct WebDAV endpoint url,
see https://github.com/rclone/rclone/issues/7103
2023-08-01 09:11:27 +02:00
Nick Cao 9d8828915b
sing-box: 1.3.4 -> 1.3.5
Diff: https://github.com/SagerNet/sing-box/compare/v1.3.4...v1.3.5
2023-08-01 13:01:54 +08:00
Florian Klink a2a7096157
Merge pull request #246082 from ElvishJerricco/exitrd-fix-shutdown-loop
systemd shutdownRamfs: Fix infinite shutdown loop
2023-07-30 00:11:55 +02:00
Florian Klink 0546c70849
Merge pull request #246084 from ElvishJerricco/simplify-hibernate-test
Simplify hibernate test
2023-07-30 00:10:19 +02:00
Ryan Lahfa 899b60de3f
Merge pull request #245893 from h7x4/move-nginx-status-page-declaration 2023-07-29 20:22:58 +02:00
Will Fancher a923cc53e7 nixos/tests/hibernate: Simplify and always set resumeDevice 2023-07-29 14:21:28 -04:00
Will Fancher 4ecd0c119a systemd shutdownRamfs: Fix infinite shutdown loop 2023-07-29 13:52:52 -04:00
Emery Hemingway 354821c1e8 nixos/eris-server: init 2023-07-29 11:56:58 +01:00
h7x4 ecb40c69d8
nixos/nginx: sort test include order alphabetically 2023-07-28 20:30:43 +02:00
h7x4 25b7b82ee0
nixos/nginx: add test for status page 2023-07-28 20:29:09 +02:00
Emily d7937ece5b
Merge pull request #228815 from mweinelt/gitea-runner-test
nixos/tests/gitea: Tests actions runner registration
2023-07-28 19:58:45 +02:00
Martin Weinelt e68f793041
nixos/tests/gitea: Test actions runner registration 2023-07-28 19:51:41 +02:00
Ryan Lahfa 2a0aaa7e8f
Merge pull request #245413 from oddlama/fix-hostapd-mac-allow 2023-07-28 19:19:02 +02:00
Ryan Lahfa 3ac8c61e9d
Merge pull request #244883 from LibreCybernetics/linux_6_3_eol 2023-07-28 18:40:03 +02:00
ajs124 8d34cf8e7d
Merge pull request #245734 from helsinki-systems/upd/jenkins
jenkins: 2.401.2 -> 2.401.3
2023-07-28 16:34:57 +02:00
rnhmjoj 0bd475c296
nixos/tests/dnscrypt-wrapper: fix flakyness 2023-07-28 11:59:36 +02:00
Eric Wolf 318d8cc4c5 nixos/lemmy: limit impurity by secrets
Split `services.lemmy.secretFile` into
multiple options to allow only secrets.
2023-07-28 07:49:27 +00:00
ajs124 1d64486ba7 nixos/tests/jenkins: fix deprecation warning 2023-07-27 15:18:11 +02:00
nikstur 87ecda9a21 nixos/tests/appliance-repart-image: init 2023-07-26 23:33:33 +02:00
nikstur e6862fae8f nixos/tests/systemd-sysupdate: init 2023-07-26 20:33:33 +02:00
nikstur 5750660f25 nixos/tests: use sensible key type for gpg keyring
If someone blindly copies this code, at least they have a sensible key
type.
2023-07-26 20:32:51 +02:00
nikstur 7e522a81ef nixos/tests: refactor gpg-keyring test utility 2023-07-26 20:32:51 +02:00
oddlama 0ac2ba763f
nixos/hostapd: fix regression after refactoring to RFC42.
Switching from submodule notation from ({name, ...}: {}) to (submob: {}) seems to require a different accessing scheme.
2023-07-25 18:40:51 +02:00
asymmetric 46df012d2a
Merge pull request #244332 from SuperSandro2000/fonts-fonts
nixos/fonts: rename fonts.fonts option to fonts.packages, other cleanups
2023-07-25 09:49:25 +02:00
Sandro Jäckel 83793ca898
nixos/fonts: rename fonts.enableDefaultFonts to fonts.enableDefaultPackages
to better fit the renamed fonts.packages
2023-07-25 00:55:25 +02:00
Jacek Galowicz f59913bad8
Merge pull request #241949 from R-VdP/nixos_test_busybox
nixos/test-driver: use the short form argument to base64 for busybox compatibility.
2023-07-24 18:05:06 +02:00
Sandro Jäckel b0c67b4b6e
treewide: rename fonts.fonts to fonts.packages 2023-07-24 17:34:39 +02:00
github-actions[bot] aae1f8ef06
Merge master into staging-next 2023-07-24 06:01:13 +00:00
Nick Cao e598d5b773
Merge pull request #244953 from tomfitzhenry/less-maintainership
remove tomfitzhenry@ as maintainer for some packages
2023-07-23 18:57:35 -06:00
github-actions[bot] 449a683b10
Merge master into staging-next 2023-07-24 00:02:26 +00:00
Ryan Lahfa bba6788b37
Merge pull request #244702 from RaitoBezarius/nginx-maintenance 2023-07-23 23:53:17 +02:00
github-actions[bot] 6afe543aec
Merge master into staging-next 2023-07-23 18:01:33 +00:00
7c6f434c b02fd49f16
Merge pull request #194310 from lilyinstarlight/pkg/curl-impersonate
curl-impersonate: init at 0.5.4 and replace curl-impersonate-bin
2023-07-23 17:00:17 +00:00
oddlama d073105d6b
nixos/switch-to-configuration: fix ignoring of template unit specialization dropins 2023-07-23 13:16:58 +02:00
Tom Fitzhenry cb470d61c3 remove tomfitzhenry@ as maintainer for some packages
Motivation: Over the foreseeable future I'll have less time to do
maintenance, so I'm reducing the set of packages I maintain to just
those that I use.
2023-07-23 12:39:57 +10:00
github-actions[bot] 86a73bdb86
Merge master into staging-next 2023-07-23 00:02:31 +00:00
Ilan Joselevich e29e8a71c8
nixos/twingate: improve test 2023-07-23 01:24:51 +03:00
Fabián Heredia Montiel ffba10cd9a linux_6_3: drop as EOL 2023-07-22 12:46:17 -06:00
github-actions[bot] 41e6556ad3
Merge master into staging-next 2023-07-22 18:01:06 +00:00
Ryan Lahfa c4ae17443e
Merge pull request #244233 from oddlama/init-typesense-bin 2023-07-22 18:47:45 +02:00
oddlama 234dd85da0
nixos/typesense: init at 0.24.1 2023-07-22 16:38:13 +02:00
github-actions[bot] 045f0259fe
Merge master into staging-next 2023-07-22 12:01:28 +00:00
1000101 f63d863fde
nixos/pgbouncer: init (#241578)
Co-authored-by: Marek Mahut <marek.mahut@gmail.com>
2023-07-22 12:49:23 +02:00
github-actions[bot] c05c2c2f5c
Merge master into staging-next 2023-07-22 00:02:13 +00:00
Lassulus f8ad4849c3
Merge pull request #233386 from Lassulus/syncthing-fix 2023-07-22 01:02:04 +02:00
Raito Bezarius 72cfcbebd6 nixos/tests/nginx-proxyprotocol: add raitobezarius as a maintainer
I added this feature, I will maintain it.
2023-07-21 21:13:28 +02:00
Lily Foster e28c49d86d
nixosTests.curl-impersonate: init 2023-07-21 14:37:48 -04:00
github-actions[bot] a400aea596
Merge master into staging-next 2023-07-21 12:01:17 +00:00
Maximilian Bosch 38823d15f4
Merge pull request #243883 from techknowlogick/gitea-1200
gitea: 1.19.4 -> 1.20.0
2023-07-21 09:41:07 +02:00
K900 f58e6874f3 nixos/tests/installer: fix after #244449 2023-07-21 10:36:29 +03:00
rnhmjoj 48a4a6bc5f
nixos/tests/jool: init 2023-07-21 09:07:54 +02:00
github-actions[bot] da1f279ece
Merge master into staging-next 2023-07-20 18:01:17 +00:00
Felix Bühler f7bb884c13
Merge pull request #243850 from mattchrist/nixos/freshrss_auth_type
nixos/freshrss: authType option
2023-07-20 18:58:45 +02:00
github-actions[bot] 37df58121d
Merge master into staging-next 2023-07-20 12:01:16 +00:00
Matt Christ c4d28ff161 nixos/freshrss: authType option
This patch adds an `authType` option to enable configuring FreshRSS's
`auth_type` parameter.
Upstream documentation for this feature is located here:
https://freshrss.github.io/FreshRSS/en/admins/09_AccessControl.html

An accompanying NixOS test is provided to confirm this feature works
as expected.
2023-07-19 19:43:55 -05:00
Antoine Eiche 8dff9f64ec nixos/tests/osquery: init 2023-07-19 16:57:05 +02:00
github-actions[bot] b110c513b2
Merge master into staging-next 2023-07-19 12:01:12 +00:00
Michele Guerini Rocco dfcc258054
Merge pull request #244174 from rnhmjoj/pr-fix-extra-layouts
xorg.xkeyboardconfig_custom: update for 2.39
2023-07-19 08:13:13 +02:00
github-actions[bot] acbec64db0
Merge master into staging-next 2023-07-18 18:01:26 +00:00
Martin Weinelt 549bc4bc66
nixos/tests/matrix-synapse: Test redis on postgres instance
This requires the module to pick up on the redis configuration, and add
the required extra packages for redis into the wrapper.
2023-07-18 17:53:29 +02:00
rnhmjoj e4ab8a7d1e
nixos/tests/keymap: add custom layouts test 2023-07-18 17:07:19 +02:00
Robert Hensing 8ad59ed1b2
Merge pull request #242098 from hercules-ci/nixos-no-nix-channel
nixos: Disable nix-channel
2023-07-18 15:27:24 +02:00
Robert Hensing 9d70dfd612
nixos/tests/nixos-test-driver/busybox: Improve name
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
2023-07-18 15:08:31 +02:00
github-actions[bot] 1e4fbbcda3
Merge master into staging-next 2023-07-18 12:01:37 +00:00
Sandro 065fd18e5c
Merge pull request #240452 from NickCao/bpftune 2023-07-18 12:43:02 +02:00
Nick Cao 3f751bfdf6
nixos/bpftune: drop flaky tests 2023-07-18 16:58:37 +08:00
Vladimír Čunát 8b0f52c6ae
Merge branch 'staging' into staging-next 2023-07-18 07:06:15 +02:00
Vladimír Čunát 9f6bb855c2
Merge #244006: linux_rt_5_4: fix build 2023-07-17 22:00:59 +02:00
github-actions[bot] 8717af0ce1
Merge staging-next into staging 2023-07-17 18:01:56 +00:00
Emily 00a7b91eac
Merge pull request #243366 from vamega/sambda-wsdd-firewall-config
nixos/samba-wsdd: add openFirewall option
2023-07-17 19:21:58 +02:00
Maximilian Bosch 10ff0a076b
nixos/tests/kernel-generic: also expose rt kernels and linux_libre 2023-07-17 18:47:01 +02:00
Varun Madiath d237a7318c nixos/samba-wsdd: add openFirewall option 2023-07-17 10:22:43 -04:00
Maximilian Bosch b8a8e973b0
nixos/tests/gitea: fix
* Since Gitea 1.20 the request to `/commits` requires at least one retry
  because it appears to take a moment until Gitea actually knows that
  this repo isn't empty anymore (previously on 1.20 this failed with
  HTTP 409 which occurs when the requested repo is empty).
* Remove `*.shutdown()`, for some reason they hang regularly for unknown
  reasons.
2023-07-17 11:59:35 +02:00
Nick Cao 4cd70e125d
nixos/bpftune: init basic test 2023-07-17 15:59:50 +08:00
github-actions[bot] 5b36eb4172
Merge staging-next into staging 2023-07-17 00:03:32 +00:00
Otavio Salvador 0a93242075 rio: add nixosTests support using terminal-emulators existing set
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
2023-07-16 20:20:04 -03:00
Jan Tojnar cea188cbbb Merge branch 'staging-next' into staging
Conflicts:
 - pkgs/tools/networking/shadowfox/default.nix between e989daa65f and 1c29673fcc
 - pkgs/tools/networking/wuzz/default.nix between 7d80417710 and 1c29673fcc
2023-07-16 02:20:49 +02:00
pennae 45ae0efbbc
Merge pull request #243271 from woojiq/keyd-support-multiple-configs
nixos/keyd: add support for multiple configuration in different files
2023-07-15 13:59:57 +02:00
woojiq 2d3bf20086 nixos/keyd: add support for multi-file configuration
Add `keyboards` option to define different configurations for different IDs. This creates the appropriate files in `/etc/keyd` instead of just `default.conf` as before.
Add `23.11` release note entry.
Add `mkRemovedOptionModule` for the old API with a note on how to revert the old behavior.
2023-07-15 11:33:41 +03:00
github-actions[bot] 8c2cf79031
Merge staging-next into staging 2023-07-14 18:02:05 +00:00
Sandro 01f286cb66
Merge pull request #242946 from LibreCybernetics/linux_6_4_hardened-init
linux/hardened/patches/6.4: init at 6.4.3-hardened1
2023-07-14 18:04:49 +02:00
github-actions[bot] 972652b656
Merge staging-next into staging 2023-07-14 12:02:21 +00:00
Sandro 9e010edec7
Merge pull request #243102 from yu-re-ka/peering-manager-meta 2023-07-14 12:08:05 +02:00
Pol Dellaiera 641b814a44
Merge pull request #243094 from jnsgruk/homepage
homepage: init at 0.6.21
2023-07-14 09:53:26 +02:00
github-actions[bot] c796e255b3
Merge staging-next into staging 2023-07-14 00:03:13 +00:00
Janik 91bd44ef44
Merge pull request #228581 from dtzitzon/dtz/k3s 2023-07-13 23:09:21 +02:00
Will Fancher 11fec97761
Merge pull request #183314 from DeterminateSystems/optional-swraid
Make swraid optional
2023-07-13 16:24:34 -04:00
Jan Tojnar 72bec397fa
Merge pull request #243217 from jtojnar/upower
upower: 1.90.0 → 1.90.2
2023-07-13 21:15:39 +02:00
Jan Tojnar d08e84b3be upower: Add installed tests 2023-07-13 19:12:22 +02:00
Philipp Bartsch 30ad9053ab nixos/murmur: add apparmor policy 2023-07-13 11:11:01 +02:00
Philipp Bartsch ced170c030 nixos/miniflux: add apparmor policy
This change also extends the test to ensure that normal operations
aren't denied.
2023-07-13 11:10:39 +02:00
Jon Seager f94b38be98
tests/homepage-dashboard: add tests for homepage 2023-07-13 09:38:27 +01:00
Yureka cc59ede272 nixos/tests/peering-manager: fix 'nodes.machine.config' eval warning 2023-07-12 19:05:41 +02:00
Felix Buehler bec27fabee treewide: use lib.optional instead of 'then []' 2023-07-12 09:36:28 +01:00
Fabián Heredia Montiel ad38070be8 linux/hardened/patches/6.4: init at 6.4.3-hardened1 2023-07-11 16:53:08 -06:00
nikstur ae55861ec2 nixos/tests: add myself to maintainers of erofs test 2023-07-10 22:02:36 +02:00
nikstur 0f9bf615a4 nixos/tests: add squashfs test 2023-07-10 22:02:36 +02:00
Linus Heckemann c0f963a338 boot.initrd.services.swraid -> boot.swraid
Since the option affects both stage-1 and stage-2, it does not make
sense to keep it within the boot.initrd namespace.
2023-07-10 20:20:08 +02:00
Linus Heckemann 0b277bcc2b nixos/swraid: make entire module optional
swraid support will now only be enabled by default if stateVersion is
older than 23.11. nixos-generate-config will now generate explicit
config for enabling support if needed.
2023-07-10 16:39:35 +02:00
Demitri Tzitzon d629ca54b2 k3s: symlinks for kubectl crictl & ctr 2023-07-09 20:40:36 +02:00
K900 2fc57ae670 nixos/tests: adjust everything I missed for sddm update
Also clean up a few warnings while we're at it.
2023-07-09 18:49:28 +03:00
Robert Hensing a1d0ee8c50
nixos/nix-channel: Apply suggestions from code review
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
2023-07-08 20:49:37 +02:00
Robert Hensing 3fd4ac8e82
Merge pull request #237040 from roberth/flexible-activation
nixos/system: Support pre-activated images
2023-07-08 16:06:25 +02:00
Ryan Lahfa 7be83143e8
Merge pull request #222536 from oddlama/master 2023-07-08 14:36:18 +02:00
Ryan Lahfa 49413e25e0
Merge pull request #241314 from jnsgruk/master 2023-07-08 13:58:20 +02:00
K900 400aafbdc9
Merge pull request #239389 from K900/sddm-0.20.0
sddm: 0.19.0 -> 0.20.0
2023-07-08 11:52:02 +03:00
adisbladis 8062626e0e lemmy-{server,ui}: 0.18.0 -> 0.18.1 2023-07-08 13:59:30 +12:00
Robert Hensing 61afc4d166 nixos/nix-channel: Take care of NIX_PATH's non-empty default when disabled 2023-07-07 23:12:39 +02:00
Janik e46ab54b68
Merge pull request #241783 from gmemstr/n8n-tweaks 2023-07-07 23:04:48 +02:00
Jon Seager 21e36654c8
nixos/tests/lxd-ui: init lxd-ui tests 2023-07-07 18:31:04 +01:00
Ilan Joselevich 160edcf2c5
nixos/twingate: add package option and test 2023-07-07 20:03:54 +03:00
Robert Hensing d00e242b80 nixos: Add nixos.channel.enable
For those who wish to get rid of nix-channel.
2023-07-07 19:00:06 +02:00
Robert Hensing faa1b3babc nixosTests.installer: Fix driverInteractive 2023-07-07 19:00:05 +02:00
Robert Hensing 218ef2f405 nixosTests.installer: Make sure we boot into the config we generated 2023-07-07 19:00:05 +02:00
Gabriel Simmer 4656163a04
nixos/n8n: add test for webhookUrl configuration 2023-07-07 16:20:03 +01:00
K900 c0132f22e9 sddm: 0.19.0 -> 0.20.0 2023-07-07 12:46:59 +03:00
r-vdp c05483d274
nixos/test-driver: add a test for #241938. 2023-07-07 10:58:13 +02:00
Martin Weinelt 048b14d40f
nixos/tests: Fix delegated prefix in prefix-delegation test
Prefix/pool validation since kea 2.4.0 is now complaining about
overlapping and not properly aligned prefix lengths.
2023-07-06 22:49:06 +02:00
Jan Tojnar 6bbcd65c44 gedit: Move out of GNOME
It has been moved out of GNOME core in favour of gnome-text-editor.
And it is not much of a GNOME app anymore either, using custom gtksourceview fork.
2023-07-05 14:56:27 +02:00
Emily 3a79936b45
Merge pull request #217536 from sephii/caddy-reload
nixos/caddy: add support for reload
2023-07-04 22:57:24 +02:00
Martin Weinelt 06f0af1f0a
firefox-esr-115-unwrapped: init at 115.0esr
The next major version of the Firefox Extended Support Release.

https://www.mozilla.org/en-US/firefox/115.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-22/

Fixes: CVE-2023-3482, CVE-2023-37201, CVE-2023-37202, CVE-2023-37203
       CVE-2023-37204, CVE-2023-37205, CVE-2023-37206, CVE-2023-37207,
       CVE-2023-37208, CVE-2023-37209, CVE-2023-37210, CVE-2023-37211,
       CVE-2023-37211, CVE-2023-37212
2023-07-04 16:07:25 +02:00
Sylvain Fankhauser 1f0ac736b4
nixos/caddy: add support for reload 2023-07-04 11:25:05 +02:00
Eric Wolf ee5cc38432 lemmy: Support secret options
This commit implements #101777 by merging
the config with an external file at startup.
2023-07-03 09:12:40 +08:00
Ryan Lahfa 7672c1e9ae
Merge pull request #201907 from Tom-Hubrecht/fail2ban 2023-07-02 13:57:47 +02:00
oddlama 1fa9f03eec
nixos/hostapd: rewrite to support multi-AP, password from file, and more
At this point this is basically a full rewrite of this module, which
is a breaking change and was necessary to properly expose the useful
parts of hostapd's config. The notable changes are:

- `hostapd` is now started with additional systemd sandbox/hardening options
- A single-daemon can now manage multiple distinct radios and BSSs, which is
  why all configuration had to be moved into `hostapd.radios`
- By default WPA3-SAE will be used, but WPA2 and WPA3-SAE-TRANSITION are
  supported, too
- Added passwordFile-like options for wpa and sae
- Add new relevant options for MAC ACL, WiFi5, WiFi6 and WiFi7 configuration
- Implements RFC42 as far as reasonable for hostapd
- Removes `with lib;`
2023-07-02 13:32:41 +02:00
figsoda a86a7dafdf
Merge pull request #226977 from mac-chaffee/sws-module 2023-07-01 19:58:40 -04:00
Pol Dellaiera b9b176f8b8
Merge pull request #240725 from eskytthe/apachekafka-3.5.0
apacheKafka: 3.5.0, 3.4.1, 3.3.1 -> 3.3.2
2023-07-01 23:25:54 +02:00
Mac Chaffee 61cb4170fd
nixos/static-web-server: create module which uses upstream systemd units
This commit creates a nixos module for static-web-server.
The module uses upstream systemd units to start static-web-server.
It also includes options for configuring static-web-server.
2023-07-01 12:51:13 -04:00
Jörg Thalheim cf2167b39e
Merge pull request #231609 from Mic92/bcachefs-tools
bcachefs-tools: unstable-2023-01-31 -> unstable-2023-05-13
2023-07-01 16:31:43 +01:00
Jörg Thalheim af57956199 nixos/test/bcachefs: fix password input 2023-07-01 17:10:11 +02:00
TQ Hirsch 8ab22ad2ad
nixos/tests/powerdns: Stop manually configuring config path 2023-07-01 18:55:50 +08:00
pennae 969b4d7ba9
Merge pull request #232454 from quentinmit/bridge-vlan
nixos/networkd: Fix typo in BridgeVLAN options
2023-07-01 00:19:37 +02:00
Tom Hubrecht 208ee8b2e2 nixos/fail2ban: use attrsets for settings instead of strings 2023-06-30 22:27:40 +02:00
Erik Skytthe c09a0a837a apacheKafka: 3.5.0, 3.4.1, 3.3.1 -> 3.3.2 2023-06-30 17:59:40 +02:00
Nick Cao f633ed072a
nixosTests.deepin: raise virtualisation.memorySize to 2048 2023-06-30 10:58:03 +08:00
Arthur Gautier 9338511350 nixosTest: provide a test for lib.extend in nixosTests & runNixOSTest 2023-06-29 09:14:58 -07:00
Doron Behar eef9190d2b nixosTests.syncthing-no-settings: init 2023-06-29 17:57:13 +03:00
lassulus c42a7b668c Revert "Merge pull request #233377 from ncfavier/revert-226088"
This reverts commit 7b28ea6783, reversing
changes made to 3009b12817.
2023-06-29 17:56:30 +03:00
Maximilian Bosch 089f26b5e2
Merge pull request #240397 from Ma27/linux-kernel-updates
Linux kernel updates 2023-06-28
2023-06-29 10:00:19 +02:00
Gaël Reyrol 1a821e7bf5
nixos/prometheus-exporters: add php-fpm 2023-06-28 22:11:36 +02:00
Maximilian Bosch 0b4e493e58
linux_6_3_hardened: expose package 2023-06-28 21:23:00 +02:00
Gaël Reyrol 3a4e234b07
services/calibre-server: Add new http & auth options (#216497)
nixos/doc: add calibre-server new options
2023-06-28 14:06:47 +02:00
Robert Hensing 772d6076e8 nixos: Add system.activatable flag for images that are pre-activated 2023-06-28 14:06:28 +02:00