K900
4733c9feec
nixos/tests: set non-conflicting priority for logrotate disabling
...
CC https://github.com/NixOS/nixpkgs/pull/267880
2024-05-10 16:25:51 +03:00
Martin Weinelt
7da17ece76
Merge pull request #310366 from mweinelt/pretix-pretalx-homemode
...
pretix, pretalx: fixes, hardening
2024-05-10 14:50:24 +02:00
Franz Pletz
fb382c2628
Merge pull request #310452 from fpletz/nginx-acme-servername
...
nixos/nginx: fix reference to acme cert hostname
2024-05-10 14:04:24 +02:00
nu-nu-ko
1c0d10e4f4
nixos/navidrome: add nu-nu-ko to maintainers
2024-05-10 21:16:30 +12:00
nu-nu-ko
7519d230b5
nixos/navidrome: ensure data & cache dirs exist with valid permissions
2024-05-10 21:16:30 +12:00
nu-nu-ko
ffc0d8bf58
nixos/navidrome: remove apply from settings option
2024-05-10 21:16:30 +12:00
nu-nu-ko
da8cdc2782
nixos/navidrome: use lib.getExe
2024-05-10 21:16:30 +12:00
nu-nu-ko
4987663e27
nixos/navidrome: add user/group options
2024-05-10 21:16:29 +12:00
nu-nu-ko
bbba2bde44
nixos/navidrome: rfcfmt, rm mdDoc & with lib;
2024-05-10 21:16:29 +12:00
Franz Pletz
338a208e7d
Merge pull request #287505 from jpds/zfs-scrub-trim-randomizedDelaySec
2024-05-10 02:11:13 +02:00
Franz Pletz
7c520d4070
Merge pull request #287494 from jpds/zfs-autoscrub-monthly-default
2024-05-10 02:09:59 +02:00
Franz Pletz
04f0aed442
Merge pull request #267880 from Izorkin/update-nixos-tests-logrotate
2024-05-10 02:06:59 +02:00
Franz Pletz
b7d060d10d
nixos/nginx: fix reference to acme cert hostname
...
The change introduced in #308303 refers to the virtualHosts attrset
key which can be any string. The servername is the actual primary
hostname used for the certificate.
This fixes use cases like:
services.nginx.virualHosts.foobar.serverName = "my.fqdn.org";
2024-05-10 01:36:34 +02:00
Martin Weinelt
622af635bb
pretalx: adopt and set up code ownership
2024-05-09 18:20:14 +02:00
Martin Weinelt
9afcf733f3
nixos/pretix: update hardening
...
- Transition from world-readable to group-readable UMask
- Remove world permissions from state directory
2024-05-09 18:20:14 +02:00
Martin Weinelt
82f2cc7489
nixos/pretalx: set up hardening
2024-05-09 18:20:13 +02:00
Martin Weinelt
b4b3165619
nixos/pretalx: fix state directory mode
...
The state directory contains static files that need to be accessible by
a webserver, but homeMode defaults to 0750 and switching the generation
will always force the homeMode, thereby breaking access to the assets.
Instead, fully rely on systemd to provide the StateDirectory with the
correct mode.
2024-05-09 18:20:13 +02:00
Martin Weinelt
a4193dba8f
nixos/pretix: fix state directory mode
...
The state directory contains static files that need to be accessible by
a webserver, but homeMode defaults to 0750 and switching the generation
will always force the homeMode, thereby breaking access to the assets.
Instead, fully rely on systemd to provide the StateDirectory with the
correct mode.
2024-05-09 17:00:02 +02:00
Adam C. Stephens
215dd64e07
Merge pull request #307039 from adamcstephens/nixos-unstable
...
nixos/incus: add support for soft daemon restarts
2024-05-09 09:59:37 -04:00
Nick Cao
fe4d8b1b73
Merge pull request #310298 from rouven0/portunus-dex
...
nixos/portunus: fix dangling service files for dex
2024-05-09 09:50:54 -04:00
Adam Stephens
7d5b333dcd
nixos/incus: add support for soft daemon restart
...
This is a feature supported out of the box by upstream and allows the
incusd service to be restarted without impacting running
instances. While this does give up a bit of reproducibility, qemu and
lxc for example, there are clear benefits in allowing the host to
apply updates without impacting instances.
Modeled after the zabbly implementation: 2a67c3e260/systemd/incus-startup.service
This will now be the default.
2024-05-09 09:01:12 -04:00
Rouven Seifert
06667e028f
nixos/portunus: fix dangling service files for dex
2024-05-09 11:29:23 +02:00
Guillaume Girol
2931e934d0
Merge pull request #277368 from niklaskorz/nixos-mautrix-signal
...
nixos/mautrix-signal: add module
2024-05-08 22:33:29 +02:00
Linus Heckemann
a10842c7f0
Merge pull request #302300 from Ma27/kernel-zstd
...
linux kernel: prefer zstd where possible
2024-05-08 15:17:45 +02:00
Florian Klink
ddf728e50b
Merge pull request #306926 from tie/networkd-global-ipv6-privacy-extensions
...
nixos/networkd: allow IPv6PrivacyExtensions in networkd.conf
2024-05-08 14:41:08 +03:00
7c6f434c
55e9b296c1
Merge pull request #309696 from Uthar/lisp-removal-of-previous-variants
...
Lisp modules - removal of previous variants
2024-05-08 10:04:39 +00:00
Jonas Heinrich
4a451cb3ce
Merge pull request #308291 from Ma27/nc-update-db
...
nixos/nextcloud: add nextcloud-update-db.service, nextcloud-cron isn't oneshot
2024-05-08 11:29:45 +02:00
Pascal Wittmann
a751e2faa2
Merge pull request #302908 from kai-tub/nixos/restic/fix-checkCmd
...
nixos/restic: fix skipping of check command
2024-05-08 10:29:31 +02:00
Pascal Wittmann
b641bba3d7
Merge pull request #309052 from kira-bruneau/intel-gpu-tools
...
nixos/intel-gpu-tools: init basic security wrapper
2024-05-07 23:28:45 +02:00
Sandro
dc79d5b1b3
Merge pull request #308904 from SuperSandro2000/273761-follow-up
...
nixos/openrazer: properly rename mouseBatteryNotifier option
2024-05-07 22:18:31 +02:00
nikstur
951e023010
Merge pull request #309838 from cyberus-technology/take-plausible-maintainership
...
plausible: take take-plausible-maintainership
2024-05-07 18:34:24 +02:00
Leona Maroni
31be9134a2
Merge pull request #309836 from cyberus-technology/fix-nixos-plausible-unit
...
nixos/plausible: fix unit start script
2024-05-07 15:46:50 +02:00
Alexander Sieg
8edee82bc2
plausible: take take-plausible-maintainership
2024-05-07 15:35:22 +02:00
Alexander Sieg
3be1b16698
nixos/plausible: fix unit start script
...
In 8bb777ee37
a condition was added to
only execute the createdb.sh script if database setup was configurated.
However a superfluace " was added at the end of the line which cased an
escaping error the resulted in #309520 .
Fixes #309520
2024-05-07 15:27:08 +02:00
Basti
5132ef795e
Merge pull request #309572 from SuperSandro2000/307498-followup
...
nixos/containers: set storage.settings via mkDefault
2024-05-07 09:59:38 +00:00
Pol Dellaiera
9f3f549360
Merge pull request #309550 from linj-fork/pr/kanata-check-config-at-build-time
...
nixos/kanata: check the config file at build time
2024-05-07 09:59:18 +02:00
Pol Dellaiera
52b35c5833
Merge pull request #309534 from getchoo/nixos/fish/package-option
...
nixos/fish: add `package` option
2024-05-07 08:56:13 +02:00
seth
3056f09554
nixos/fish: add package
option
2024-05-07 00:34:38 -04:00
Lin Jian
50f535b067
Merge pull request #309609 from linj-fork/pr/kanata-module-doc
...
nixos/kanata: improve doc
2024-05-07 11:05:26 +08:00
Kasper Gałkowski
fc5b715e1a
nixos/clfswm: use sbclPackages - lispPackages was removed
2024-05-07 03:35:07 +02:00
Niklas Hambüchen
8907c1017d
Merge pull request #309424 from NixOS/ReadWriteDirectories-ReadWritePaths
...
nixos/{zoneminder,caddy,traefik}: ReadWriteDirectories -> ReadWritePaths
2024-05-07 01:13:06 +02:00
Niklas Hambüchen
9d7a729277
treewide: ReadWriteDirectories -> ReadWritePaths.
...
These were renamed in systemd v231:
2a624c36e6
2024-05-07 01:06:02 +02:00
Bernardo Meurer
40da51f2f0
Merge pull request #309611 from lovesegfault/fix-oauth2-proxy
...
nixos/oauth2-proxy: fix missing `lib.`
2024-05-06 15:15:45 -04:00
Artturin
5ce6ea92e3
Merge pull request #301827 from kampka/forbiddenDependenciesRegex
...
nixos/top-level: Turn `system.forbiddenDependenciesRegex` into a list
2024-05-06 21:07:03 +03:00
Bernardo Meurer
7c87bee77b
nixos/oauth2-proxy: fix missing lib.
2024-05-06 14:05:17 -04:00
Lin Jian
75a864edf1
nixos/kanata: replace deflayer with deflayermap in config example
...
IMHO, this style is more intuitive.
2024-05-07 01:52:08 +08:00
Lin Jian
4eafe1458d
nixos/kanata: improve links to the upstream documentation
2024-05-07 01:51:57 +08:00
Lin Jian
f7b50c3977
nixos/kanata: improve example of the package option
...
Before this patch, it is rendered as "Example: kanata-with-cmd".
With this patch applied, it is "Example: pkgs.kanata-with-cmd".
2024-05-07 01:51:51 +08:00
Sandro Jäckel
d8137e77ec
nixos/containers: set storage.settings via mkDefault
...
to make them easily overwriteable, aka without mkForce
2024-05-06 16:34:00 +02:00
Lin Jian
1d93534ec4
nixos/kanata: check the config file at build time
...
Before this patch, checking the config file is done at runtime.
Doing so at build time shortens the feedback loop[1][2].
[1]: https://github.com/NixOS/nixpkgs/issues/278135
[2]: https://github.com/jtroo/kanata/issues/689
2024-05-06 20:25:09 +08:00