about summary refs log tree commit diff
path: root/nixos
AgeCommit message (Collapse)AuthorFilesLines
2024-05-12Merge pull request #310194 from RaitoBezarius/lixRyan Lahfa1-161/+179
lix: init at 2.90-beta.1
2024-05-12Merge pull request #305586 from drupol/private-gpt/initPol Dellaiera5-0/+152
private-gpt: init at 0.5.0
2024-05-11nixos/pixiecore: fix apiServer exampleBjørn Forsman1-2/+2
Add missing http:// scheme. Without it pixiecore logs this and never contacts the API server: [DHCP] Couldn't get bootspec for [REDACTED_MAC_ADDR]: Get "localhost:8080/v1/boot/[REDACTED_MAC_ADDR]": unsupported protocol scheme "localhost"
2024-05-11nixos/private-gpt: initPol Dellaiera5-0/+152
2024-05-11nixos/tests/misc: rework and take ownershipRaito Bezarius1-161/+179
`nixosTests.misc` is an interesting smoketest as a last (cheap) line of defense against Nix regressions. We rework it to accept any arbitrary package manager for Lix. Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-05-10Merge pull request #309904 from superherointj/k3s-format-rfcsuperherointj5-242/+385
k3s: enforce rfc 0166 format
2024-05-11Merge pull request #310645 from gepbird/fix-firefox-testMartin Weinelt1-2/+2
nixosTests.firefox-{beta,devedition,esr,esr-115}: unbreak
2024-05-10k3s: format with nixfmt-rfc-stylesuperherointj5-242/+385
2024-05-10nixosTests.firefox-{beta,devedition,esr,esr-115}: unbreakGutyina Gergő1-2/+2
2024-05-10Merge pull request #310209 from emilylange/chromium-disable-drm-auto-downloadEmily1-0/+5
chromium: prevent automatic Widevine DRM download
2024-05-10nixos/rl-2405: mention chromium DRM changeemilylange1-0/+5
2024-05-10Merge pull request #310341 from adamcstephens/incus/6.1.0Adam C. Stephens10-26/+68
incus: 6.0.0 -> 6.1.0, enable non-LTS testing
2024-05-10nixos/tests: set non-conflicting priority for logrotate disablingK9001-1/+1
CC https://github.com/NixOS/nixpkgs/pull/267880
2024-05-10Merge pull request #310366 from mweinelt/pretix-pretalx-homemodeMartin Weinelt3-12/+53
pretix, pretalx: fixes, hardening
2024-05-10doc/release-notes: another batch of release note edits (#310538)Jacek Generowicz1-24/+24
* Another batch of release not edits * Elide mention of dub lockfiles Co-authored-by: Weijia Wang <9713184+wegank@users.noreply.github.com> * Qualify qtmultimedia with qt6 Co-authored-by: Weijia Wang <9713184+wegank@users.noreply.github.com> --------- Co-authored-by: Weijia Wang <9713184+wegank@users.noreply.github.com>
2024-05-10Merge pull request #310452 from fpletz/nginx-acme-servernameFranz Pletz2-13/+21
nixos/nginx: fix reference to acme cert hostname
2024-05-10nixos/navidrome: add nu-nu-ko to maintainersnu-nu-ko1-1/+2
2024-05-10nixos/navidrome: ensure data & cache dirs exist with valid permissionsnu-nu-ko1-54/+65
2024-05-10nixos/navidrome: remove apply from settings optionnu-nu-ko1-3/+1
2024-05-10nixos/navidrome: use lib.getExenu-nu-ko1-2/+2
2024-05-10nixos/navidrome: add user/group optionsnu-nu-ko1-2/+25
2024-05-10nixos/navidrome: rfcfmt, rm mdDoc & with lib;nu-nu-ko1-52/+73
2024-05-10Merge pull request #287505 from jpds/zfs-scrub-trim-randomizedDelaySecFranz Pletz1-1/+29
2024-05-10Merge pull request #287494 from jpds/zfs-autoscrub-monthly-defaultFranz Pletz1-2/+2
2024-05-10Merge pull request #267880 from Izorkin/update-nixos-tests-logrotateFranz Pletz2-41/+51
2024-05-10nixos/nginx: fix reference to acme cert hostnameFranz Pletz2-13/+21
The change introduced in #308303 refers to the virtualHosts attrset key which can be any string. The servername is the actual primary hostname used for the certificate. This fixes use cases like: services.nginx.virualHosts.foobar.serverName = "my.fqdn.org";
2024-05-09pretalx: adopt and set up code ownershipMartin Weinelt1-1/+1
2024-05-09nixos/pretix: update hardeningMartin Weinelt1-2/+4
- Transition from world-readable to group-readable UMask - Remove world permissions from state directory
2024-05-09nixos/tests/pretalx: test cli wrapper and print systemd unit securityMartin Weinelt1-0/+4
2024-05-09nixos/pretalx: set up hardeningMartin Weinelt1-0/+35
2024-05-09nixos/pretalx: fix state directory modeMartin Weinelt1-5/+7
The state directory contains static files that need to be accessible by a webserver, but homeMode defaults to 0750 and switching the generation will always force the homeMode, thereby breaking access to the assets. Instead, fully rely on systemd to provide the StateDirectory with the correct mode.
2024-05-09nixos/pretix: fix state directory modeMartin Weinelt1-4/+2
The state directory contains static files that need to be accessible by a webserver, but homeMode defaults to 0750 and switching the generation will always force the homeMode, thereby breaking access to the assets. Instead, fully rely on systemd to provide the StateDirectory with the correct mode.
2024-05-09nixos/tests/incus: enable testing both LTS and non-LTSAdam Stephens10-26/+68
2024-05-09Merge pull request #307039 from adamcstephens/nixos-unstableAdam C. Stephens6-121/+229
nixos/incus: add support for soft daemon restarts
2024-05-09Merge pull request #310298 from rouven0/portunus-dexNick Cao1-6/+8
nixos/portunus: fix dangling service files for dex
2024-05-09nixos/incus: add support for soft daemon restartAdam Stephens6-121/+229
This is a feature supported out of the box by upstream and allows the incusd service to be restarted without impacting running instances. While this does give up a bit of reproducibility, qemu and lxc for example, there are clear benefits in allowing the host to apply updates without impacting instances. Modeled after the zabbly implementation: https://github.com/zabbly/incus/blob/2a67c3e260de5a5d1259ce598d7b4423c49403be/systemd/incus-startup.service This will now be the default.
2024-05-09nixos/portunus: fix dangling service files for dexRouven Seifert1-6/+8
2024-05-09Merge pull request #310110 from lheckemann/linux-modules-xzMaximilian Bosch1-1/+1
linux: always use xz for compressing modules
2024-05-09linux: always use xz for compressing modulesLinus Heckemann1-1/+1
The change I merged too hastily in #302300 increases the size by ~30%. This could be improved upon, but in the meantime let's go back to xz while keeping zstd-compressed firmware (only 4.4% larger) and _support_ for zstd-compressed modules.
2024-05-08Merge pull request #277368 from niklaskorz/nixos-mautrix-signalGuillaume Girol3-0/+252
nixos/mautrix-signal: add module
2024-05-08Merge pull request #302300 from Ma27/kernel-zstdLinus Heckemann2-4/+14
linux kernel: prefer zstd where possible
2024-05-08Merge pull request #306926 from tie/networkd-global-ipv6-privacy-extensionsFlorian Klink1-0/+2
nixos/networkd: allow IPv6PrivacyExtensions in networkd.conf
2024-05-08Merge pull request #302814 from paumr/auto-update/archiPeder Bergebakken Sundt1-1/+3
archi: 5.2.0 -> 5.3.0
2024-05-08Merge pull request #309696 from Uthar/lisp-removal-of-previous-variants7c6f434c2-1/+3
Lisp modules - removal of previous variants
2024-05-08Merge pull request #308291 from Ma27/nc-update-dbJonas Heinrich1-1/+16
nixos/nextcloud: add nextcloud-update-db.service, nextcloud-cron isn't oneshot
2024-05-08Merge pull request #302908 from kai-tub/nixos/restic/fix-checkCmdPascal Wittmann1-5/+14
nixos/restic: fix skipping of check command
2024-05-08Merge pull request #309608 from jmbaur/systemd-lib-range-or-one-ofFlorian Klink1-1/+2
nixos/systemd-lib: fix assertRangeOrOneOf when value is not comparable
2024-05-07Merge pull request #309052 from kira-bruneau/intel-gpu-toolsPascal Wittmann3-0/+28
nixos/intel-gpu-tools: init basic security wrapper
2024-05-07Merge pull request #308904 from SuperSandro2000/273761-follow-upSandro1-16/+5
nixos/openrazer: properly rename mouseBatteryNotifier option
2024-05-07Merge pull request #309838 from cyberus-technology/take-plausible-maintainershipnikstur1-1/+1
plausible: take take-plausible-maintainership
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-07 16:34:48 +0000