about summary refs log tree commit diff
path: root/nixos
AgeCommit message (Collapse)AuthorFilesLines
2024-04-04nixos/kernel: add hid_corsair to initrd modulesLorenz Brun1-0/+1
Same as all the other HID drivers, otherwise Corsair keyboards do not work before the switch to stage2 without custom configuration. (cherry picked from commit b8b53fdf37710b1c1b58b9a17e2649355dbee938)
2024-04-03Merge pull request #288083 from NixOS/backport-287856-to-release-23.11Emily1-0/+5
[Backport release-23.11] nixos/gitea: warn when using `services.gitea` with forgejo
2024-03-31Merge pull request #300420 from NixOS/backport-275257-to-release-23.11Doron Behar1-5/+2
[Backport release-23.11] musescore: 4.1.1 -> 4.2.0
2024-03-31nixos/gitlab: Rename workhorse binaryYaya1-1/+3
(cherry picked from commit 2e30c96c0afc0544227b8f9900f035f00668ffd4)
2024-03-31nixosTests.musescore: fix for version 4.2.0Doron Behar1-5/+2
(cherry picked from commit 06bec0d01b31197c4b5fb3f72cbab76f0c239475)
2024-03-26nixos/paperless: set OMP_NUM_THREADS=1 by default (#299289)Atemu1-0/+16
Fixes https://github.com/NixOS/nixpkgs/issues/240591 (cherry picked from commit 70fa188e175ab9d1034416374b2af15ad94decbc)
2024-03-25nixos/mediawiki: quote shell flags passed to installerJörg Thalheim1-7/+7
(cherry picked from commit f468e0d11180bdde888a7a16f9c043ec33dd284e)
2024-03-24Merge pull request #295584 from blakesmith/backport_295199Pol Dellaiera2-2/+2
[Backport release-23.11] gotosocial: 0.14.1 -> 0.14.2
2024-03-23Merge pull request #296724 from Lord-Valen/backport-296009-to-release-23.11Atemu1-0/+20
[Backport release-23.11] steam: add extraCompatPackages
2024-03-23nixos/gotosocial: add blakesmith as a maintainerBlake Smith2-2/+2
(cherry picked from commit b0529146b9cb07385b16bd828197d56505ed5ec0)
2024-03-21Add anchorjs script to add links on section headersDS1-0/+5
(cherry picked from commit ca8c594d92c201d345549262c164c8afb5fe9faa)
2024-03-21doc: fix and simplify stylesheets for the manuals, fix nrd bugDS1-2/+0
(cherry picked from commit de7eddb27e566a9fb4b6f152402a90be903a1c98)
2024-03-20nixos/gitlab: use workhorse package from option in pathajs1241-1/+1
(cherry picked from commit d179a5fd02ce415236e5c708e661397e44ec6184)
2024-03-20nixos/gitlab: switch from sidekiq to sidekiq-clusterajs1241-1/+8
(cherry picked from commit 956005226f0a7232bae04cdd2501e88c0685ed31)
2024-03-18nixos/steam: provide example in extraCompatPackagesAtemu1-0/+5
(cherry picked from commit bdc55d2f8671881b81d6797928b3e7569235b1ba)
2024-03-17nixos/steam: use steamcompattool output for extraCompatPackagesAtemu1-3/+5
This sets a standard for Steam compat tools in NixOS where they must have the compat tool in a special steamcompattool output. proton-ge-bin was adjusted to conform with it. (cherry picked from commit 2b619c23146b7b791ed25a174add5cc8d99c8654)
2024-03-17nixos/steam: fix eval after #293564K9001-1/+1
(cherry picked from commit 7b8d88fa059d2a945e17c800d4f2bbc958755e5c)
2024-03-17steam: add extraCompatPackagesShawn89011-0/+13
(cherry picked from commit 93a891f0e8e0feb96090eac48d9a2d5aaad28f20)
2024-03-15Merge pull request #295962 from NixOS/backport-295932-to-release-23.11Ilan Joselevich1-1/+0
[Backport release-23.11] nixos/nextcloud: remove opcache.enable_cli=1
2024-03-14Merge pull request #290195 from NixOS/backport-289754-to-release-23.11Yt1-1/+3
[Backport release-23.11] nixos/atuin: add services.atuin.package option
2024-03-14nixos/nextcloud: remove opcache.enable_cli=1Ilan Joselevich1-1/+0
Upstream no longer recommends enabling the opcache cli. See the following: - https://github.com/nextcloud/documentation/issues/1439 - https://github.com/nextcloud/server/pull/15468 (cherry picked from commit 9353fb2309902387c16130c97f27242ef24bc4c6)
2024-03-13nixos/binfmt: fix race condition between systemd-tmpfiles and systemd-binfmtArian van Putten1-0/+1
We need to make sure systemd-tmpfiles-setup.service ran before we start systemd-binft.service. Otherwise it might fail to start due to non-existant files Fixes #295365 (cherry picked from commit 16526f454fe534a809b3a0e4713c7fa70accb812)
2024-03-12nixos/murmur: fix writing registerPassword to configFelix Buehler1-1/+1
(cherry picked from commit 1e22e7d75ec50dbc106b2080a4f12ce47e547719)
2024-03-12Merge pull request #277395 from NixOS/backport-273443-to-release-23.11Maximilian Bosch1-2/+1
[Backport release-23.11] nixos/thanos: Changed query.replica-labels to a list parameter
2024-03-11nixos/ollama: add ollama service to release notesabysssol1-0/+2
2024-03-11nixosTests.prometheus-exporters.dnsmasq: wait for DNSMasq before testing the ↵Thomas Gerbet1-0/+3
exporter When DNSMasq is not yet completly started trying to call the exporter fails. (cherry picked from commit 21a671c1acd2225c3d4defcdd6298d83b6b89b40)
2024-03-11nixos/lldap: set service `UMask=0027` and `StateDirectoryMode=0750`emilylange1-0/+2
While `/var/lib/lldap` isn't technically accessible by unprivileged users thanks to `DynamicUser=true`, a user might prefer and change it to `DynamicUser=false`. There is currently also a PR open that intends to make `DynamicUser` configurable via module option. As such, `jwt_secret_file`, if bootstrapped by the service start procedure, might be rendered world-readable due to its permissions (`0644/-rw-r--r--`) defaulting to the service's umask (`022`) and `/var/lib/lldap` to `0755/drwxr-xr-x` due to `StateDirectoryMode=0755`. This would usually be fixed by using `(umask 027; openssl ...)` instead of just `openssl ...`. However, it was found that another file (`users.db`), this time bootstrapped by `lldap` itself, also had insufficient permissions (`0644/-rw-r--r--`) inherited by the global umask and would be left world-readable as well. Due to this, we instead change the service's to `027`. And to lower the impact for already bootstrapped files on existing instances like `users.db`, set `StateDirectoryMode=0750`. (cherry picked from commit 3a1e06218adc58a5a160efe11a814edb2c298b04)
2024-03-11nixos/lldap: bootstrap `jwt_secret` if not providedemilylange1-1/+14
If not provided, lldap defaults to `secretjwtsecret` as value which is hardcoded in the code base. See https://github.com/lldap/lldap/blob/v0.5.0/server/src/infra/configuration.rs#L76-L77 This is really bad, because it is trivially easy to generate an admin access token/cookie as attacker, if a `jwt_secret` is known. (cherry picked from commit 566fba2236ae3a55831ced25e731909d37623d58)
2024-03-10nixos/stargazer: add missing debugMode settinggaykitty1-1/+7
(cherry picked from commit 366147b86d7e9ab9081e9b077d7c0d3c5199a45f)
2024-03-10doc: add note in Partitioning and formatting sectionD3vil0p3r1-0/+3
(cherry picked from commit 67bfaf3d03df0a03aa3cf8722962c393e63f3713)
2024-03-07hercules-ci-agent_assume...: Override largely irrelevant CVE-2024-27297Robert Hensing1-1/+5
It is safe to use 2.16 for evaluation and talking to the daemon, which is how it's used when you're using a nix-daemon. Specifically, this means that it is safe on NixOS and on other multi-user installations.
2024-03-04nixos/ollama: add option for hardware accelerationabysssol1-11/+26
(cherry picked from commits: b8d8c1f207a8c80f7267920efa70db785e5d441e 5c143f03663eb59a7a1eac4b24b7c034abc4f483 87203977204d1c3a7c7ccd39147b17dadf3156e8)
2024-03-04nixos/ollama: Add listenAddressMarcus Ramberg1-0/+8
(cherry picked from commit 8d956b1725be2b21116ba8e267c0f892e1d08a76)
2024-03-04nixos/ollama: initJonas Heinrich2-0/+43
(cherry picked from commit 67a799c40f1e177950d70bb0ea1073c4b6273b0f)
2024-03-02Merge #292330: nixos/lib/testing: remove a source of rebuildsVladimír Čunát1-1/+4
...into release-23.11
2024-03-01Merge #291328: staging-next-23.11 iteration 5Vladimír Čunát1-8/+8
...into release-23.11
2024-03-01Merge release-23.11 into staging-next-23.11github-actions[bot]4-0/+105
2024-02-29nixos/podman: pass proxy variables to podman APIKiskae1-0/+2
(cherry picked from commit fe93ea4e8e83444f5258d0e593420aac71d0d177)
2024-02-29nixos/lib/testing: remove another source of unnecessary test rebuildsK9001-1/+4
(cherry picked from commit bde7471aa2d06b1562352677b12b493d0dd7a26c)
2024-02-29Merge pull request #292081 from Atemu/backport/mealieAtemu4-0/+105
[23.11] mealie: init at 1.2.0
2024-02-29Merge release-23.11 into staging-next-23.11github-actions[bot]2-1/+35
2024-02-28Merge pull request #287264 from NixOS/backport-286063-to-release-23.11Aaron Andersen1-1/+2
[Backport release-23.11] nixos/github-runners: only override pkg if it has a `nodeRuntimes` arg
2024-02-28nixos/mealie: init testsLitchi Pi2-0/+25
Signed-off-by: Litchi Pi <litchi.pi@proton.me> (cherry picked from commit aeb79caaf67e8aa73ac7b4b0a477f38b4d0cab09)
2024-02-28nixos/mealie: init moduleLitchi Pi2-0/+80
Signed-off-by: Litchi Pi <litchi.pi@proton.me> (cherry picked from commit 4ebf2b54b09589e35eccb1a565bfb124cb7d09ba)
2024-02-28Merge pull request #289922 from NixOS/backport-281520-to-release-23.11Robert Hensing1-0/+18
[Backport release-23.11] dockerTools: Fix chown in fakeRootCommands
2024-02-28Merge pull request #288893 from NixOS/backport-271976-to-release-23.11Robert Hensing1-0/+15
[Backport release-23.11] nixos/dockerTools: fix includeStorePaths when enableFakechroot
2024-02-26Merge release-23.11 into staging-next-23.11github-actions[bot]3-2/+8
2024-02-25Merge pull request #287514 from NixOS/backport-256709-to-release-23.11Nick Cao2-2/+4
[Backport release-23.11] nixos/lib/make-squashfs.nix: allow disabling compression
2024-02-23matomo_5: Init at 5.0.2Max Hausch1-0/+4
(cherry picked from commit 7e2ab60bc58d90ccd5e71678653f13a72dde2896)
2024-02-23Merge staging-next-23.11 into staging-23.11github-actions[bot]1-19/+32
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-17 18:29:16 +0000