Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
42 hours | nixos/authelia: Remove options incompatible with new settings | Nicolas Mémeint | 1 | -14/+34 | |
- Remove settings.server.{host,port} options - Replaced by settings.server.address - If any of settings.server.{host,port,path} are specified in the configuration, a warning is displayed and these values will be used instead of settings.server.address - Change what secrets.oidcIssuerPrivateKeyFile maps to - Previously: AUTHELIA_IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY_FILE - Now: identity_providers.oidc.jwks[0].key - Not done directly in the NixOS settings config but as a separate YAML config file - Done that way because Go templates are not correctly handled by the YAML generator (#319716) - Change secrets.jwtSecretFile env variable mapping - Previously: AUTHELIA_JWT_SECRET_FILE - Now: AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET_FILE | |||||
9 days | nixos/clamav: add package option | mib | 1 | -5/+5 | |
2024-07-04 | nixos/monetdb, nixos/sks: remove primeos from maintainers (#277366) | Michael Weiss | 1 | -1/+1 | |
Remove myself as maintainer from modules that I don't use anymore | |||||
2024-07-02 | maintainers: remove jwoudenberg | Jasper Woudenberg | 1 | -1/+1 | |
2024-06-25 | Merge pull request #316977 from eclairevoyant/fix-mkEnableOption | Sandro | 2 | -2/+2 | |
treewide: fix mkEnableOption usage | |||||
2024-06-25 | Merge pull request #318347 from caffineehacker/vaultwarden_backup | Sandro | 1 | -7/+11 | |
nixos/vaultwarden: backup all rsa_keys | |||||
2024-06-22 | treewide: remove wolfangaukang as maintainer | P. | 1 | -1/+1 | |
2024-06-21 | nixos/step-ca: remove mohe2015 as maintainer | Moritz Hedtke | 1 | -1/+1 | |
2024-06-18 | nixos/oauth2-proxy: prevent redirect loop when running on single domain ↵ | Enno Richter | 1 | -0/+1 | |
(#319305) | |||||
2024-06-16 | nixos/oauth2-proxy: restart service when keyFile option changes (#320325) | Sandro | 1 | -2/+2 | |
2024-06-15 | nixos/vaultwarden: backup all rsa_keys | Tim Waterhouse | 1 | -7/+11 | |
The official documentation mentions rsa_key* as what should be backed up (https://github.com/dani-garcia/vaultwarden/wiki/Backing-up-your-vault#the-rsa_key-files). My particular install has rsa_key.pem and rsa_key.pub.pem so the existing command fails when trying to copy rsa_key.der. This change better aligns with the official documentation. | |||||
2024-06-16 | nixos/vaultwarden: harden systemd unit | Martin Weinelt | 1 | -5/+34 | |
Drops the capability to bind to privileged ports. | |||||
2024-06-16 | nixos/vaultwarden: update state directory name | Martin Weinelt | 1 | -3/+5 | |
Align the state directory name with the module name based on the system state version. | |||||
2024-06-14 | treewide: fix mkEnableOption usage | éclairevoyant | 2 | -2/+2 | |
2024-05-24 | Merge pull request #307766 from SuperSandro2000/oauth2-proxy-fix-headers | K900 | 1 | -7/+11 | |
nixos/oauth2_proxy_nginx: fix proxy_set_header | |||||
2024-05-23 | Merge pull request #307499 from SuperSandro2000/bwdc-network-online | Sandro | 1 | -0/+1 | |
nixos/bitwarden-directory-connector-cli: add dependsOn network-online… | |||||
2024-05-23 | nixos/oauth2_proxy_nginx: fix proxy_set_header | Sandro Jäckel | 1 | -7/+11 | |
2024-05-15 | Merge pull request #250638 from benley/keycloak-systemd-notify | Jade Lovelace | 1 | -14/+16 | |
nixos/keycloak: Add systemd startup notification | |||||
2024-05-15 | nixos/oauth2_proxy: Conditionally depend on keycloak.service | Benjamin Staffin | 1 | -14/+16 | |
Co-Authored-By: Jade Lovelace <software@lfcode.ca> | |||||
2024-05-09 | nixos/oauth2-proxy: fix invalid comparison between list and attrset | oddlama | 1 | -3/+3 | |
2024-05-07 | Merge pull request #309424 from NixOS/ReadWriteDirectories-ReadWritePaths | Niklas Hambüchen | 1 | -1/+1 | |
nixos/{zoneminder,caddy,traefik}: ReadWriteDirectories -> ReadWritePaths | |||||
2024-05-07 | treewide: ReadWriteDirectories -> ReadWritePaths. | Niklas Hambüchen | 1 | -1/+1 | |
These were renamed in systemd v231: https://github.com/systemd/systemd/commit/2a624c36e646e9ef8d204a506b12e7dbd380e111 | |||||
2024-05-06 | nixos/oauth2-proxy: fix missing `lib.` | Bernardo Meurer | 1 | -1/+1 | |
2024-05-02 | Merge pull request #273233 from SuperSandro2000/oauth2-proxy | Sandro | 2 | -153/+151 | |
nixos/oauth2-proxy{,-nginx}: renamed from oauth2_proxy, also renamed the servi… | |||||
2024-05-01 | nixos/vault: change type and default of devRootTokenID | Lynn | 1 | -2/+2 | |
Previously you needed to set an devRootTokenID when dev=true despite the option being optional Caused by wrong default value and not allowing null as value | |||||
2024-04-28 | nixos/bitwarden-directory-connector-cli: add wants network-online.target | Sandro Jäckel | 1 | -0/+1 | |
This fixes the following warning: trace: warning: bitwarden-directory-connector-cli.timer is ordered after 'network-online.target' but doesn't depend on it | |||||
2024-04-28 | nixos/oauth2-proxy{,-nginx}: remove with lib | Sandro Jäckel | 2 | -133/+131 | |
2024-04-28 | nixos/oauth2-proxy{,-nginx}: renamed from oauth2_proxy, also renamed the ↵ | Sandro Jäckel | 2 | -27/+27 | |
service, user, group | |||||
2024-04-27 | nixos/oauth2_proxy_nginx: fix URL escaping | K900 | 1 | -2/+2 | |
2024-04-26 | nixos/oauth2_proxy_nginx: allow passing parameters to auth endpoint | K900 | 1 | -6/+46 | |
2024-04-24 | nixos/vaultwarden: drop outdated ownership requirements for environmentFile ↵ | networkException | 1 | -12/+4 | |
(#304825) Co-authored-by: Sandro <sandro.jaeckel@gmail.com> | |||||
2024-04-21 | Merge pull request #303224 from 0z13/oauth2_proxy-add-issuer-url | Sandro | 1 | -0/+10 | |
nixos/oauth2_proxy: add oidc-issuer-url flag | |||||
2024-04-18 | nixos/oauth2_proxy: add oidc-issuer-url flag | Jonathan Zielinski | 1 | -0/+10 | |
2024-04-17 | nixos/oauth2-proxy-nginx: lift auth_request to http block | Sandro Jäckel | 1 | -12/+22 | |
With this change now all location blocks are protected by oauth2-proxy and not only / | |||||
2024-04-13 | nixos: remove all uses of lib.mdDoc | stuebinm | 40 | -419/+416 | |
these changes were generated with nixq 0.0.2, by running nixq ">> lib.mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> Inherit >> mdDoc[remove]" --batchmode nixos/**.nix two mentions of the mdDoc function remain in nixos/, both of which are inside of comments. Since lib.mdDoc is already defined as just id, this commit is a no-op as far as Nix (and the built manual) is concerned. | |||||
2024-04-09 | Merge pull request #301392 from McSinyx/yubi-pinentry-doc | Sandro | 1 | -1/+1 | |
2024-04-04 | nixos/yubikey-agent: update doc ref to pinentry | Nguyễn Gia Phong | 1 | -1/+1 | |
References: b437b19f5471 ("nixos/yubikey-agent: fix eval error") | |||||
2024-04-03 | Merge pull request #295016 from SuperSandro2000/vaultwarden-cleanup | Sandro | 1 | -40/+38 | |
nixos/vaultwarden: drop with lib over entire file, drop lib.mdDoc | |||||
2024-03-27 | Merge pull request #297346 from codingCoffee/usbguard-fix | Sandro | 1 | -2/+2 | |
usbguard: fix policy enums | |||||
2024-03-24 | Merge pull request #273234 from SuperSandro2000/oauth2-proxy-nginx | Sandro | 1 | -10/+25 | |
nixos/oauth2_proxy_nginx: allow placing the login page itself under a separate domain | |||||
2024-03-20 | usbguard: fix policy enums | Ameya Shenoy | 1 | -2/+2 | |
The available policies for `InsertedDevicePolicy` and `ImplicitPolicyTarget` differ from the defined policy enum. This change is to prevent users from configuring incorrect policies for `usbguard` Related `usbguard` documentation https://usbguard.github.io/documentation/configuration.html Signed-off-by: Ameya Shenoy <shenoy.ameya@gmail.com> | |||||
2024-03-11 | nixos/vaultwarden: drop lib.mdDoc | Sandro Jäckel | 1 | -6/+6 | |
2024-03-11 | nixos/vaultwarden: drop with lib over entire file | Sandro Jäckel | 1 | -35/+33 | |
2024-03-11 | nixos/esdm: simplify module | Markus Theil | 1 | -75/+26 | |
ESDM 1.0.1 fixed bugs related to Linux compatibility layer with CUSE. During these fixes, the compatibility layer was simplified behind a target in order to start the necessary services together or none of them (services.esdm.linuxCompatServices). Furthermore, a small helper was added to ESDM 1.0.1 in order to deal with resume/suspend/hibernate (FUSE needs to be unblocked). Removed options are marked. Signed-off-by: Markus Theil <theil.markus@gmail.com> | |||||
2024-03-10 | nixos/yubikey-agent: fix eval error | Florian Klink | 1 | -1/+1 | |
This has been refactored in https://github.com/NixOS/nixpkgs/ pull/133542, but this reference wasn't updated. | |||||
2024-03-09 | Merge pull request #133542 from fpletz/refactor/pinentry-remove-multiple-outputs | Sandro | 1 | -10/+2 | |
pinentry: remove multiple outputs | |||||
2024-03-04 | nixos/vaultwarden: set meta.maintainers to package maintainer | Sandro Jäckel | 1 | -2/+5 | |
2024-03-02 | nixos/oauth2_proxy_nginx: allow placing the login page itself under a ↵ | Sandro Jäckel | 1 | -10/+25 | |
separate domain OIDC provider usually requires a callback URL which can now be set to one domain when securing multiple virtualHosts under different (sub)domains | |||||
2024-03-02 | nixos/vaultwarden: drop aliases | Sandro Jäckel | 1 | -3/+0 | |
2024-03-02 | pinentry: remove multiple outputs package | Franz Pletz | 1 | -10/+2 | |
fixes #133156 #124753 |