Commit graph

392 commits

Author SHA1 Message Date
Félix Baylac-Jacqué
7020dc8eac
nixos/nsd: symlink conf file to /etc/nsd
We remove the configFile build flag override in the NixOS module.

Instead of embedding the conf file link to the binaries, we symlink it
to /etc/nsd/nsd.nix, the hardcoded config file location for the
various CLI nsd utilities.

This config file build option override is triggerring a nsd rebuild
for each configuration change. This prevent us to use the nixos cache
in many cases.

Co-authored-by: Erjo <erjo@cocoba.work>
2020-06-26 20:18:33 +02:00
Félix Baylac-Jacqué
15c8a4800e
nsd: set passthru.tests 2020-06-26 17:56:06 +02:00
Matt Layher
6b9c728ef9 coredns: 1.6.9 -> 1.7.0 2020-06-19 09:01:44 -04:00
Justin Humm
6cdbb1fb1f
bind: set BUILD_CC for cross compilation
This is due to a hint by @Ericson2314 in
https://github.com/NixOS/nixpkgs/pull/86166#issuecomment-633153996
2020-06-15 21:03:03 +02:00
Vladimír Čunát
da752902c1
knot-dns: 2.9.4 -> 2.9.5
There's a bugfix important for some auto-signer setups.
https://gitlab.labs.nic.cz/knot/knot-dns/-/tags/v2.9.5

$ nix build -f nixos/release-combined.nix nixos.tests.knot.x86_64-linux
2020-05-25 10:56:49 +02:00
Vladimír Čunát
d0d90908c8
knot-resolver: 5.1.0 -> 5.1.1 (security)
https://en.blog.nic.cz/2020/05/19/nxnsattack-upgrade-resolvers-to-stop-new-kind-of-random-subdomain-attack/
2020-05-19 11:29:33 +02:00
Vladimír Čunát
13c485d63d
bind: 9.14.11 -> 9.14.12 (security)
https://www.isc.org/blogs/bind9-vulnerabilities-2020-05/
$ nix build -f nixos/release.nix tests.bind.x86_64-linux
2020-05-19 11:21:25 +02:00
Vladimír Čunát
6bf49e3777
pdns-recursor: 4.3.0 -> 4.3.1 (security)
https://doc.powerdns.com/recursor/changelog/4.3.html#change-4.3.1
It fixes DoS CVEs; details e.g. on http://www.nxnsattack.com/

$ nix build -f nixos/release.nix tests.pdns-recursor.x86_64-linux
2020-05-19 11:20:51 +02:00
Colin L Rice
d6162dab50
go-modules: Update files to use vendorSha256 2020-05-14 07:22:21 +01:00
R. RyanTM
bf707710af nsd: 4.3.0 -> 4.3.1 2020-05-06 10:34:36 -07:00
Vladimír Čunát
2147dd0648
knot-dns: 2.9.3 -> 2.9.4
https://gitlab.labs.nic.cz/knot/knot-dns/-/tags/v2.9.4
2020-05-05 09:20:32 +02:00
Vladimír Čunát
26d3ae2f24
knot-resolver: 5.0.1 -> 5.1.0
https://gitlab.labs.nic.cz/knot/knot-resolver/-/tags/v5.1.0

The upcoming major version will contain reworked
hints/policy/prefill/rebinding/view modules and related functionalities.
Please participate in the following survey to ensure we do not forget
about your particular use-case:
https://www.knot-resolver.cz/survey/
It will help us to improve Knot Resolver. Thank you!
2020-04-29 17:38:21 +02:00
Peter Hoeg
53c14c4e65
Merge pull request #81365 from peterhoeg/p/https-dns
https-dns-proxy: init at unstable-20200419
2020-04-20 14:06:40 +08:00
Peter Hoeg
93df15d79a https-dns-proxy: init at unstable-20200419 2020-04-20 13:36:59 +08:00
Michael Reilly
84cf00f980
treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
R. RyanTM
8866b7d72f coredns: 1.6.7 -> 1.6.9 2020-04-01 10:17:44 +00:00
Jörg Thalheim
066db11215
Revert "Merge pull request #83099 from marsam/fix-buildGoModule-packages-darwin"
This reverts commit 4e6bf03504, reversing
changes made to afd997aab6.

Instead we propagate those frameworks from the compiler again
2020-03-27 07:33:21 +00:00
Mario Rodas
36ae531bc2 coredns: fix build on darwin 2020-03-21 04:46:00 -05:00
R. RyanTM
ad1aff582f nsd: 4.2.4 -> 4.3.0 2020-03-19 12:08:16 -07:00
Jörg Thalheim
c5967df712
Merge pull request #82531 from r-ryantm/auto-update/coredns
coredns: 1.6.6 -> 1.6.7
2020-03-16 15:34:21 +00:00
Vladimír Čunát
47f61c9d7f
bind: 9.14.10 -> 9.14.11 (small bugfix)
I see just a single small bugfix in the news:
https://downloads.isc.org/isc/bind9/9.14.11/RELEASE-NOTES-bind-9.14.11.html
2020-03-15 09:15:41 +01:00
R. RyanTM
5389e95ce0 coredns: 1.6.6 -> 1.6.7 2020-03-14 04:28:21 +00:00
R. RyanTM
2c76b3d8d7 pdns-recursor: 4.2.1 -> 4.3.0 2020-03-09 01:24:14 +00:00
Vladimír Čunát
b7f5450e4d
knot-resolver: apply upstream patch
Encrypted ZFS users were affected, in particular some NixOS users
who reported the issue upstream.  Close #81188.
2020-03-04 13:36:54 +01:00
Vladimír Čunát
29a7464115 knot-dns: 2.9.2 -> 2.9.3
https://gitlab.labs.nic.cz/knot/knot-dns/-/tags/v2.9.3
2020-03-03 11:18:02 +01:00
Jörg Thalheim
6adc09ed30
knot: put runtime paths outside the nix store
Otherwise knot tries to write to non-writable directories.
This for example breaks dnssec signing.
While it's possible to overwrite these path in the configuration,
having a sane defaults is nicer.
2020-02-12 16:27:38 +00:00
Frederik Rietdijk
419bc0a4cd Revert "Revert "Merge master into staging-next""
In 87a19e9048 I merged staging-next into master using the GitHub gui as intended.
In ac241fb7a5 I merged master into staging-next for the next staging cycle, however, I accidentally pushed it to master.
Thinking this may cause trouble, I reverted it in 0be87c7979. This was however wrong, as it "removed" master.

This reverts commit 0be87c7979.
2020-02-05 19:41:25 +01:00
Frederik Rietdijk
0be87c7979 Revert "Merge master into staging-next"
I merged master into staging-next but accidentally pushed it to master.
This should get us back to 87a19e9048.

This reverts commit ac241fb7a5, reversing
changes made to 76a439239e.
2020-02-05 19:18:35 +01:00
Vladimír Čunát
baeed035ea
Merge #78628: knot-resolver: 4.3.0 -> 5.0.1
The service needed lots of changes. A few smaller changes
are added into the PR, e.g. replacement for PR #72014.
See the commit messages for details.
2020-02-05 16:57:02 +01:00
Vladimír Čunát
e3edb004c6
knot-resolver: 5.0.0 -> 5.0.1
https://gitlab.labs.nic.cz/knot/knot-resolver/tags/v5.0.1
2020-02-05 16:53:40 +01:00
Vladimír Čunát
ae74a0e27c
(nixos/)knot-resolver: 4.3.0 -> 5.0.0
Minor incompatibilities due to moving to upstream defaults:
  - capabilities are used instead of systemd.socket units
  - the control socket moved:
    /run/kresd/control -> /run/knot-resolver/control/1
  - cacheDir moved and isn't configurable anymore
  - different user+group names, without static IDs

Thanks Mic92 for multiple ideas.
2020-01-31 15:22:52 +01:00
Vladimír Čunát
93ad21dedd
knot-resolver: remove older lua path workarounds
Part of this is approximate revert of commit f0d2da43a7.
2020-01-31 15:06:20 +01:00
Vladimír Čunát
e980e7a3ab
knot-resolver: enable checks on aarch64
The cqueues fix is in nixpkgs already, so it works now.
2020-01-30 18:48:57 +01:00
Niklas Hambüchen
43a62af3a1
Merge pull request #78561 from r-ryantm/auto-update/bind
bind: 9.14.9 -> 9.14.10
2020-01-27 14:27:45 +01:00
R. RyanTM
0c59818ce7 bind: 9.14.9 -> 9.14.10 2020-01-26 15:58:22 +00:00
Vladimír Čunát
1ee3c7b405
Revert "knot-resolver: skip a broken test"
This reverts commit 5c0567dcc6.
The issue had been fixed but I forgot to remove this workaround.
2020-01-25 13:42:46 +01:00
Christoph Hrdinka
03c8eca08b
Merge pull request #76340 from r-ryantm/auto-update/nsd
nsd: 4.2.3 -> 4.2.4
2019-12-29 11:01:46 +01:00
Peter Simons
bc555a24af
Merge pull request #76209 from r-ryantm/auto-update/bind
bind: 9.14.8 -> 9.14.9
2019-12-27 12:17:36 +01:00
Ryan Mulligan
264f44b1d0
Merge pull request #76355 from r-ryantm/auto-update/pdns-recursor
pdns-recursor: 4.2.0 -> 4.2.1
2019-12-26 07:56:25 -08:00
R. RyanTM
cd795f7c0a pdns-recursor: 4.2.0 -> 4.2.1 2019-12-23 20:39:18 -08:00
R. RyanTM
0e168753c1 nsd: 4.2.3 -> 4.2.4 2019-12-23 17:38:11 -08:00
R. RyanTM
603e3b1345 bind: 9.14.8 -> 9.14.9 2019-12-22 20:05:23 -08:00
Jörg Thalheim
725f85e271
net-snmp: rename from net_snmp 2019-12-21 22:56:08 +00:00
Jörg Thalheim
0913701d47
dnsdist: 1.3.2 -> 1.4.0
- fixes build against boost
- also enable DoH
2019-12-21 22:56:01 +00:00
markuskowa
aef959ed93
Merge pull request #75292 from r-ryantm/auto-update/powerdns
powerdns: 4.2.0 -> 4.2.1
2019-12-20 12:18:16 +01:00
Oleksii Filonenko
03aa4ac48f
coredns: 1.3.1 -> 1.6.6 2019-12-16 14:07:43 +02:00
Vladimír Čunát
877eedec61
knot-dns: 2.9.1 -> 2.9.2 (bugfixes)
https://gitlab.labs.nic.cz/knot/knot-dns/tags/v2.9.2
2019-12-12 10:36:39 +01:00
R. RyanTM
394ec51d5c powerdns: 4.2.0 -> 4.2.1 2019-12-08 12:36:22 -08:00
Vladimír Čunát
24a4f45319
knot-resolver: 4.2.2 -> 4.3.0 (security)
Fixes CVE-2019-19331 (DoS), but other changes as well:
https://gitlab.labs.nic.cz/knot/knot-resolver/tags/v4.3.0
2019-12-04 16:22:49 +01:00
R. RyanTM
0fc8c727e2 nsd: 4.2.2 -> 4.2.3 2019-12-01 18:40:50 +01:00