Commit graph

22044 commits

Author SHA1 Message Date
Sandro
1956a52857
Merge pull request #126656 from jwoudenberg/add-system76-power 2021-06-23 12:54:22 +02:00
Niklas Hambüchen
959c4e82bc
Merge pull request #100255 from nh2/sshd-default-log-level-info
sshd service: Default to INFO logLevel (upstream default)
2021-06-23 02:06:54 +02:00
Niklas Hambüchen
4bd5f1115f
Merge pull request #127166 from nh2/xserver-config-mkAfter-docs
services.xorg.config: Extend docs
2021-06-23 01:55:58 +02:00
Niklas Hambüchen
a48fea4c5e sshd service: Default to INFO logLevel (upstream default).
The previous justification for using "VERBOSE" is incorrect,
because OpenSSH does use level INFO to log "which key was used
to log in" for sccessful logins, see:
6247812c76/auth.c (L323-L328)

Also update description to the wording of the sshd_config man page.

`fail2ban` needs, sshd to be "VERBOSE" to work well, thus
the `fail2ban` module sets it to "VERBOSE" if enabled.

The docs are updated accordingly.
2021-06-23 01:49:11 +02:00
Niklas Hambüchen
e85693afde
Merge pull request #127157 from nh2/xserver-readable-config-indentation
xserver: Generate readable config indentation
2021-06-23 01:16:50 +02:00
Ryan Mulligan
160831a5a8
Merge pull request #127783 from rnhmjoj/sshfs-doc
nixos/doc: add section on sshfs file systems
2021-06-22 12:13:56 -07:00
rnhmjoj
21a5268b26 nixos/doc: add section on sshfs file systems
This documents how to use sshfs a bit and how to set up an automatically
mounted sshfs filesystem in NixOS. Also it closes #125905.
2021-06-22 11:58:25 -07:00
Sandro
bb8c2116dd
Merge pull request #127599 from Ma27/bump-privacyidea 2021-06-22 18:26:45 +02:00
Ryan Mulligan
5fa785a60a
Merge pull request #127134 from blaggacao/da/convert-rel-notes-md
doc: convert rel notes to CommonMark
2021-06-22 08:15:26 -07:00
David Arnold
1f6969dd5e
docs: nixos release notes (w/o 2105 - separate PR)
docs: nixos release notes (revise code blocks)

docs: nixos release notes (fix opt links outside of code blocks)

docs: nixos release notes (fix opt links inside of code blocks)

went fishing with:

```console
rg -A1 \
   --multiline \
   --multiline-dotall \
   '<programlisting>[^</programlisting>]+' \
| rg linkend
```

docs: nixos release notes (prettier)

docs: nixos release notes (fix zonefile codeblocks)

docs: nixos release notes (restore admonition from prettier destriction)

docs: nixos release notes (recreate xml files)

docs: nixos release notes (fix trnslation error md -> xml)

admonition with a title seem not to work

docs: nixos release notes (fix code block indentation)

docs: nixos release notes (diff after converting with https://github.com/NixOS/nixpkgs/pull/127270)

docs: nixos release notes (fix remaingin '???')

Those where not catched i a previous iteration since they didn't satisfy
the then presumed search regex `#opt-.*`

doc: nixos release notes make docbook/md conversion consistent
2021-06-22 09:52:13 -05:00
Maximilian Bosch
5aad4e73b6
privacyIDEA: 3.5.2 -> 3.6
ChangeLog: https://github.com/privacyidea/privacyidea/releases/tag/v3.6

Unfortunately we have to use `sqlalchemy` at 1.3 for `sqlsoup`. As
`sqlalchemy` is required by a lot of packages, I decided to move this
package out of `pythonPackages` itself and instantiate a new
`pythonPackages` inside the expression where `sqlalchemy` points to
`sqlalchemy_1_3`.
2021-06-22 15:36:36 +02:00
Jacek Galowicz
243f958b40
Merge pull request #127763 from Mic92/test-driver-shell
nixos/test-driver: replace termlib with socat
2021-06-22 10:32:18 +02:00
Sandro
5f44b42bf4
Merge pull request #127641 from xfix/promethus-state-permissions 2021-06-22 10:23:56 +02:00
Jörg Thalheim
48aec70ea1
nixos/test-driver: replace termlib with socat
telnetlib does not handle unicode, which is annoying when using systemctl.
Also this gives us a nice readline with history.
2021-06-22 09:08:57 +02:00
Linus Heckemann
203e81e4ee
Merge pull request #125281 from zhaofengli/phosh-systemd
phosh: 0.10.2 -> 0.11.0
2021-06-22 08:23:29 +02:00
Robert Hensing
59bbfdf324
Merge pull request #127628 from blaggacao/da/fix-constant-nixos-revision
nixosTest: Force system.nixos.revision constant
2021-06-21 20:26:30 +02:00
David Arnold
8bbdff4581
nixosTest: Force system.nixos.revision constant
nixos tests are blended with other system configurations, hence
their settings must be either enforced or defaulted.

This particular setting is set via lib.nixosSystem as
`system.nixos.revision = final.mkIf (self ? rev) self.rev;` which would
mean that without this change no flake generated nixos could be blended
with nixos testing.

This setting was made previously constant in 
169c6b4b14 in order to avoid pointless
rebuilds of the testing VMs, but was set without enforcing it.
2021-06-21 11:08:26 -05:00
Konrad Borowski
447b1cf03d nixos/prometheus: allow state access for service only
There is no reason for Prometheus state files to be
world-readable.
2021-06-21 10:16:47 +02:00
Bjørn Forsman
64c70a8c4c doc: point out that nixos-21.05 has gnuradio 3.9
Reading the release notes I got the impression that the latest (and
default) was GR3.8, but it is in fact 3.9. Make that more obvioius.
2021-06-21 09:33:22 +02:00
Jörg Thalheim
7c2d15627a
Merge pull request #92378 from jnetod/zfs-smb-share-fix
zfs: patch client path used in smb share
2021-06-21 07:11:43 +02:00
Sandro
0c72a4ffaf
Merge pull request #127545 from liff/antlr/v4-is-default
antlr: make 4.8 default
2021-06-20 23:22:35 +02:00
Bjørn Forsman
7afaacf9a8 doc: fix link to kodi-19.0 announcement 2021-06-20 19:54:08 +02:00
Sandro
84a79c2f0f
Merge pull request #126284 from aanderse/zabbix-user-params
zabbixAgent: add bash to $PATH
2021-06-20 17:58:43 +02:00
Sandro
e6a012fb00
Merge pull request #127063 from talyz/fail2ban-restart
nixos/fail2ban: Remove `reloadIfChanged = true`
2021-06-20 17:57:57 +02:00
Olli Helenius
b2bf2c6102
antlr: make 4.8 default 2021-06-20 14:06:47 +03:00
illustris
85aa4bf92b nixos/jitsi-meet: update nixos tests
- remove check for `connected .JID: focus@auth.server` because
	- log format was changed in c1945ea6cb
	- connection.getUser() in jicofo also appears to be broken, returning null instead of username
	- testing for this log line shouldn't be necessary, as we also test for "Authenticated as focus@auth.server"

- remove check for `External component successfully authenticated` because
	- [JVB no longer uses component](https://community.jitsi.org/t/jvb-not-connecting/91157/2)

- increase VM memory
2021-06-20 12:36:51 +02:00
illustris
e0089c38ca nixos/jitsi-meet: include jitsi prosody plugins in prosody extraPluginPaths 2021-06-20 12:36:51 +02:00
illustris
34b9ba2e61 nixos/jitsi-meet: Update jitsi prosody configs
Changes made as per b6f7f8fba7
2021-06-20 12:36:51 +02:00
Jörg Thalheim
a4cb90bdbd
Update nixos/tests/zfs.nix
Co-authored-by: jnetod <49963580+jnetod@users.noreply.github.com>
2021-06-18 22:19:16 +02:00
Martin Weinelt
af664bf942
Merge pull request #127127 from mweinelt/home-assistant
nixos/home-assistant: update hardening
2021-06-18 20:15:05 +02:00
Kim Lindberger
410496d0f3
Merge pull request #127309 from jakobrs/nixos-normalise-null
Resolve evaluation failure when filesystem device option is null
2021-06-18 17:15:08 +02:00
adisbladis
1394a33858
Merge pull request #125598 from zowoq/podman
podman: 3.1.2 -> 3.2.1
2021-06-18 09:59:48 -05:00
aszlig
bc0997489b
nixos/test-driver: Fix passing passthru attribute
Apparently this looks like it was forgotten when doing commit
3884ff70ba, which refactored the test
runner and driver a bit.

The passthru argument actually was correctly reintroduced in
setupDriverForTest, but the actual makeTest function didn't use it.

This fixes the nixpkgs tarball job, which previously failed with:

  attribute 'elkPackages' missing, at /build/source/pkgs/tools/misc/logstash/6.x.nix:58:30

Signed-off-by: aszlig <aszlig@nix.build>
Acked-by: David Arnold <dar@xoe.solutions>
Fixes: https://github.com/NixOS/nixpkgs/issues/127274
Merges: https://github.com/NixOS/nixpkgs/pull/127346
2021-06-18 14:50:15 +02:00
jakobrs
7a0c1728ac nixos/lib: Handle null device correctly 2021-06-18 08:32:45 +02:00
zowoq
9edf2e0ffd nixos/podman/tests: add workaround for broken import 2021-06-18 15:43:24 +10:00
Jan Tojnar
f07dcbef64
nixos/doc: Synchronize the Markdown generator with Nixpkgs
Switch to CommonMark with our extensions.
2021-06-18 00:07:00 +02:00
Niklas Hambüchen
65d3180336 services.xorg.config: Extend docs 2021-06-17 04:08:21 +02:00
Niklas Hambüchen
685e8ff7dd xserver: Generate readable config indentation 2021-06-17 03:34:40 +02:00
Martin Weinelt
36659d1efa
nixos/home-assistant: update hardening
This makes access to serial devices contingent on using certain
components and restricts the default setup even further.
2021-06-16 21:31:24 +02:00
Jacek Galowicz
a6d8488c58
Merge pull request #125973 from blaggacao/nixos-test-ref/02-normalise-test-driver-nix-expressions
nixos test ref/02 normalise test driver nix expressions
2021-06-16 18:59:23 +02:00
Sandro
22a29f491a
Merge pull request #124566 from mweinelt/synapse-jemalloc 2021-06-16 17:52:56 +02:00
talyz
b4c069b147
nixos/fail2ban: Remove reloadIfChanged = true
This makes the service fail when upgrading the package, so let's
properly restart it instead.
2021-06-16 13:52:46 +02:00
Erik Skytthe
d1b4158155
nixos/grafana: Change services.grafana.provision.datasources.*.type to be open (#126831) 2021-06-16 11:12:51 +02:00
markuskowa
5ad54b5bc9
Merge pull request #126785 from oxzi/ucarp-1.5.2
ucarp: init at 1.5.2 / nixos/ucarp: init / nixos/test/ucarp: init
2021-06-16 10:54:23 +02:00
aszlig
6db890aff7
Merge pull request #127025 (fix overlayfs test)
This essentially fixes the overlayfs test, which was broken since a
while but since commit b7749c7671 was
pushed to master the error has actually surfaced.

The reason why I'm merging this immediately without additional review is
because the change is fixing something that's currently broken so the
worst that could happen is that things are still broken.

However, since I did open a pull request, the checks done by @ofborg at
least seem to suggest that this is indeed fixing the test.
2021-06-16 04:38:34 +02:00
aszlig
c55e00d8ff
nixos/tests/overlayfs: Use individual commands
This reverts the test to be similar to its original Perl version, where
the test steps were performed as individual commands instead of what we
have now, where commands are sent to the machine as one giant string.

While this change doesn't seem like it would make a big difference, it
makes a huge difference if the test fails because you then get an error
about which command has failed exactly instead of just knowing that
"something in there" has failed.

I also switched 2 spaces indentation, because it is more in line with
Nix coding conventions.

Signed-off-by: aszlig <aszlig@nix.build>
2021-06-16 04:12:18 +02:00
aszlig
9ecde9d165
nixos/tests/overlayfs: Fix erroneous backslashes
Since commit b7749c7671, commands run as
part of VM tests are exiting immediately if an error happens.

When converting the overlayfs test to Python in commit
5ae92144ba, the individual test commands
were crammed into one big string instead of using a series of test
commands like done in the Perl version.

Additionally, the backslash-escaped dollar signs were necessary in
Perl's double-quoted strings to avoid variable interpolation, for Python
however, this results in an actual backslash being inserted into the
command.

While this obviously results in an exit code of 1 (without an error
message, since it's using bash's expression evaluation command), the
test didn't fail because putting all these commands in one string will
result in only the last error code being relevant.

With the change to "set -e" for commands sent to test machines, this has
changed and with the exit code of all commands now relevant, the test
now fails because the errors from individual command substitutions that
were prevented by escaping the dollar sign are now actually visible.

This in turn also means that until now, we wouldn't have noticed if the
overlayfs test would have failed for real.

Signed-off-by: aszlig <aszlig@nix.build>
2021-06-16 04:12:04 +02:00
Sandro
973b16c79c
Merge pull request #126307 from ratsclub/dotnetPackages-cleanup
nixos/dotnetPackages: remove packages
2021-06-16 03:25:32 +02:00
Sandro
b8958bbfa6
Merge pull request #126874 from legendofmiracles/espanso-cleanup
espanso: add runtime dependencies correctly, nixos/espanso remove path hack
2021-06-16 03:01:18 +02:00
Martin Weinelt
60c62214f5
nixos/solanum: implement reload and allow config changes
Reload only works with a static configuration path as there is no way to
pass the dynamically generated config path to a running solanum
instance, therefore we symlink the configuration to
/etc/solanum/ircd.conf.

But that will prevent reloads of the ircd, because the systemd unit
wouldn't change when the configuration changes. That is why we add the
actual location of the config file to restartTriggers and enable
reloadIfChanged, so changes will not restart, but reload on changes.
2021-06-16 00:19:35 +02:00