Commit graph

9538 commits

Author SHA1 Message Date
Izorkin
ef2eeb4d8f ejabberd: 20.01 -> 20.03 2020-03-30 07:42:26 +03:00
Mario Rodas
d79bc3ccec
Merge pull request #83707 from r-ryantm/auto-update/groonga
groonga: 9.1.2 -> 10.0.0
2020-03-29 19:07:24 -05:00
R. RyanTM
2d6afe6ba5 groonga: 9.1.2 -> 10.0.0 2020-03-29 19:59:16 +00:00
Jan Tojnar
22ada10aed
Merge pull request #82509 from Izorkin/samba4
samba: build with profiling enabled
2020-03-29 18:30:41 +02:00
Aaron Andersen
470d3c8bde
Merge pull request #83398 from r-ryantm/auto-update/solr
solr: 8.4.1 -> 8.5.0
2020-03-28 19:26:36 -04:00
Izorkin
4b2da39fff samba: add option enableProfiling 2020-03-28 19:16:05 +03:00
Izorkin
911179ef65 samba: add option enableKerberos 2020-03-28 19:16:05 +03:00
Izorkin
4a01c9433b samba: add needed packages 2020-03-28 19:16:03 +03:00
Izorkin
0c43bd4ef8 samba: remove unused packages 2020-03-28 18:56:34 +03:00
Izorkin
e1b3a529e1 samba: fix deps 2020-03-28 18:56:34 +03:00
Izorkin
a41d96f45f samba: cleanup build configuration 2020-03-28 18:56:34 +03:00
Robin Gloster
c273c38bad
Merge pull request #82499 from helsinki-systems/upd/atlassian-confluence
atlassian-confluence: 7.2.1 -> 7.3.4
2020-03-28 09:29:03 +00:00
vasy
758f81df44
atlassian-jira: 8.7.1 -> 8.8.0 (#83218)
fix not starting service when jdk is jdk11
2020-03-28 09:25:13 +00:00
Cole Mickens
d0fabe4e42 home-assistant: regenerate component-packages.nix (bravia-tv) 2020-03-28 08:09:40 +00:00
Jörg Thalheim
774ddebd87
Merge pull request #83472 from Mic92/propragate-darwin-go
Propragate darwin go
2020-03-28 06:57:59 +00:00
Jörg Thalheim
dc0d45999a
Merge pull request #82866 from Mic92/home-assistant
home-assistant: 0.106.6 -> 0.107.7
2020-03-28 06:51:58 +00:00
Cole Mickens
9cc44b7e33
home-assistant: 0.107.0 -> 0.107.7 2020-03-28 04:39:34 +00:00
Minijackson
3cff761a35 jellyfin: 10.5.0 -> 10.5.2 2020-03-27 20:43:30 -07:00
Mario Rodas
dccfefe372
Merge pull request #83463 from r-ryantm/auto-update/keycloak
keycloak: 9.0.0 -> 9.0.2
2020-03-27 22:15:16 -05:00
Jörg Thalheim
af2e41c4dd
home-assistant: 0.106.6 -> 0.107.0 2020-03-28 02:29:59 +00:00
Jörg Thalheim
f146d5fdbe
home-assistant-frontend: 20200220.5 -> 20200318.0 2020-03-28 02:29:58 +00:00
aszlig
e1d63ada02
nginx: Fix ETag patch to ignore realpath(3) error
While our ETag patch works pretty fine if it comes to serving data off
store paths, it unfortunately broke something that might be a bit more
common, namely when using regexes to extract path components of
location directives for example.

Recently, @devhell has reported a bug with a nginx location directive
like this:

  location ~^/\~([a-z0-9_]+)(/.*)?$" {
    alias /home/$1/public_html$2;
  }

While this might look harmless at first glance, it does however cause
issues with our ETag patch. The alias directive gets broken up by nginx
like this:

  *2 http script copy: "/home/"
  *2 http script capture: "foo"
  *2 http script copy: "/public_html/"
  *2 http script capture: "bar.txt"

In our patch however, we use realpath(3) to get the canonicalised path
from ngx_http_core_loc_conf_s.root, which returns the *configured* value
from the root or alias directive. So in the example above, realpath(3)
boils down to the following syscalls:

  lstat("/home", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
  lstat("/home/$1", 0x7ffd08da6f60) = -1 ENOENT (No such file or directory)

During my review[1] of the initial patch, I didn't actually notice that
what we're doing here is returning NGX_ERROR if the realpath(3) call
fails, which in turn causes an HTTP 500 error.

Since our patch actually made the canonicalisation (and thus additional
syscalls) necessary, we really shouldn't introduce an additional error
so let's - at least for now - silently skip return value if realpath(3)
has failed.

However since we're using the unaltered root from the config we have
another issue, consider this root:

  /nix/store/...-abcde/$1

Calling realpath(3) on this path will fail (except if there's a file
called "$1" of course), so even this fix is not enough because it
results in the ETag not being set to the store path hash.

While this is very ugly and we should fix this very soon, it's not as
serious as getting HTTP 500 errors for serving static files.

I added a small NixOS VM test, which uses the example above as a
regression test.

It seems that my memory is failing these days, since apparently I *knew*
about this issue since digging for existing issues in nixpkgs, I found
this similar pull request which I even reviewed:

https://github.com/NixOS/nixpkgs/pull/66532

However, since the comments weren't addressed and the author hasn't
responded to the pull request, I decided to keep this very commit and do
a follow-up pull request.

[1]: https://github.com/NixOS/nixpkgs/pull/48337

Signed-off-by: aszlig <aszlig@nix.build>
Reported-by: @devhell
Acked-by: @7c6f434c
Acked-by: @yorickvP
Merges: https://github.com/NixOS/nixpkgs/pull/80671
Fixes: https://github.com/NixOS/nixpkgs/pull/66532
2020-03-28 02:57:21 +01:00
Mario Rodas
1cfd2436e0
Merge pull request #83439 from r-ryantm/auto-update/clickhouse
clickhouse: 19.17.8.54 -> 19.17.9.60
2020-03-27 07:18:00 -05:00
Mario Rodas
8a774b7d56
keycloak: add platforms to meta 2020-03-27 04:20:00 -05:00
Jörg Thalheim
066db11215
Revert "Merge pull request #83099 from marsam/fix-buildGoModule-packages-darwin"
This reverts commit 4e6bf03504, reversing
changes made to afd997aab6.

Instead we propagate those frameworks from the compiler again
2020-03-27 07:33:21 +00:00
Jörg Thalheim
15755501c2
telegraf: 1.13.4 -> 1.14.0 2020-03-27 07:23:18 +00:00
R. RyanTM
b260826c9a keycloak: 9.0.0 -> 9.0.2 2020-03-27 04:07:13 +00:00
ajs124
5dbeb69154 atlassian-confluence: 7.2.1 -> 7.3.4 2020-03-26 23:57:19 +01:00
Maximilian Bosch
5bfc1d5110
mautrix-whatsapp: 2020-02-09 -> 2020-03-26 2020-03-26 23:45:33 +01:00
R. RyanTM
e45f5ee1df clickhouse: 19.17.8.54 -> 19.17.9.60 2020-03-26 18:18:13 +00:00
Maximilian Bosch
80e6da7bd3
mongodb: builds on aarch64 as well 2020-03-26 14:02:49 +01:00
Thibault Gagnaux
c2eee6ecdb
mongodb: 3.4.22 -> 3.4.24 & fix ssl
Reverts previous ssl fix commit and updates the mongodb version which fixes the ssl compile problem on darwin.
2020-03-26 14:02:49 +01:00
Nathan Smyth
de69821b54
mongodb-4_0: 4.0.11 -> 4.0.12 2020-03-26 14:02:49 +01:00
Nathan Smyth
44641ed00b
nixos/tests/mongodb: test against mongodb versions 3.4, 3.6, 4.0
Now has tests for 3.4, 3.6, 4.0. Has some duplication, but it appears to
work on my machine.
2020-03-26 14:02:49 +01:00
Nathan Smyth
165d8bda82
mongodb: 3.4.20 -> 3.4.22, 3.6.12 -> 3.6.13, 4.0.9 -> 4.0.11 2020-03-26 14:02:49 +01:00
Nathan Smyth
97c4dff158
mongodb: split packages to expose 3.4, 3.6 and 4.0 2020-03-26 14:02:48 +01:00
Nathan Smyth
e9bec1adf6
mongodb: 3.4.10 -> 4.0.4
fix: Adding libtool to allow darwin compiles

Libtool seems to be required for mongodb to compile on darwin.

fix: Marking MongoDB as broken on aarch64

fix: Adding libtools to the pkg imports

Update mongodb to 4.0.4
2020-03-26 14:02:48 +01:00
Maximilian Bosch
89bcf4b7e2
Merge pull request #82353 from Ma27/nextcloud-upgrade-path
nixos/nextcloud: fix upgrade path from 19.09 to 20.03
2020-03-26 11:00:23 +01:00
R. RyanTM
7613ae0ea7 solr: 8.4.1 -> 8.5.0 2020-03-26 02:06:27 +00:00
Maximilian Bosch
702f645aa8
nixos/nextcloud: implement a safe upgrade-path between 19.09 and 20.03
It's impossible to move two major-versions forward when upgrading
Nextcloud. This is an issue when comming from 19.09 (using Nextcloud 16)
and trying to upgrade to 20.03 (using Nextcloud 18 by default).

This patch implements the measurements discussed in #82056 and #82353 to
improve the update process and to circumvent similar issues in the
future:

* `pkgs.nextcloud` has been removed in favor of versioned attributes
  (currently `pkgs.nextcloud17` and `pkgs.nextcloud18`). With that
  approach we can safely backport major-releases in the future to
  simplify those upgrade-paths and we can select one of the
  major-releases as default depending on the configuration (helpful to
  decide whether e.g. `pkgs.nextcloud17` or `pkgs.nextcloud18` should be
  used on 20.03 and `master` atm).

* If `system.stateVersion` is older than `20.03`, `nextcloud17` will be
  used (which is one major-release behind v16 from 19.09). When using a
  package older than the latest major-release available (currently v18),
  the evaluation will cause a warning which describes the issue and
  suggests next steps.

  To make those package-selections easier, a new option to define the
  package to be used for the service (namely
  `services.nextcloud.package`) was introduced.

* If `pkgs.nextcloud` exists (e.g. due to an overlay which was used to
  provide more recent Nextcloud versions on older NixOS-releases), an
  evaluation error will be thrown by default: this is to make sure that
  `services.nextcloud.package` doesn't use an older version by accident
  after checking the state-version. If `pkgs.nextcloud` is added
  manually, it needs to be declared explicitly in
  `services.nextcloud.package`.

* The `nixos/nextcloud`-documentation contains a
  "Maintainer information"-chapter  which describes how to roll out new
  Nextcloud releases and how to deal with old (and probably unsafe)
  versions.

Closes #82056
2020-03-25 22:07:29 +01:00
Jörg Thalheim
74bf0135e0
rainloop: 1.13.0 -> 1.14.0 2020-03-25 08:25:11 +00:00
Graham Christensen
4c94930554
Merge pull request #83235 from helsinki-systems/upd/memcached
memcached: 1.5.22 -> 1.6.2
2020-03-24 21:02:27 -04:00
R. RyanTM
b7ae4d6bf8 meteor: 1.8.2 -> 1.9.3 2020-03-24 11:14:44 -07:00
Emily
7be86f3b3c openresty: 1.15.8.2 -> 1.15.8.3 2020-03-24 11:37:44 -05:00
Maximilian Bosch
b79a474044
prometheus-wireguard-exporter: 3.2.2 -> 3.2.4
https://github.com/MindFlavor/prometheus_wireguard_exporter/releases/tag/3.2.3
https://github.com/MindFlavor/prometheus_wireguard_exporter/releases/tag/3.2.4
2020-03-24 13:40:12 +01:00
Aneesh Agrawal
e6ffd4c8d1 radicale 1.x: remove aneeshusa as maintainer 2020-03-24 01:21:33 -04:00
Maximilian Bosch
5975794ab5
Merge pull request #83239 from helsinki-systems/upd/matrix-synapse
matrix-synapse: 1.12.0
2020-03-23 21:39:35 +01:00
ajs124
425efa54ef matrix-synapse: 1.11.1 -> 1.12.0 2020-03-23 20:11:47 +01:00
David Anderson
3fa813e820 tailscale: switch version and git ref to use a tag.
The tag points to the same commit hash, so the binary
is unchanged.

Signed-off-by: David Anderson <dave@natulte.net>
2020-03-23 12:11:14 -07:00
ajs124
58a491aa80 memcached: 1.5.22 -> 1.6.2
fixes remote DoS/possibly code execution, as described in
https://github.com/memcached/memcached/issues/629
2020-03-23 19:49:34 +01:00