Age | Commit message (Collapse) | Author | Files | Lines |
|
`error` and `warn` have always been valid log levels.
But because the upstream docs never mentioned those, we simply didn't
add them to the enum of our module option.
The upstream docs have been updated and now mention `error` and `warn`
as well.
Upstream PR: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/716
(cherry picked from commit 993083f0ab6663ca914177082f423acf4e1d46f9)
|
|
|
|
|
|
Polkit enables running 'reboot' and 'poweroff' in the installer without
being root, and non-root is the default login for a few NixOS releases
now.
There's no size increase in the minimal ISO:
$ git checkout nixpkgs-unstable
$ nix-build -A config.system.build.isoImage -I nixos-config=nixos/modules/installer/cd-dvd/installation-cd-minimal.nix nixos/default.nix && du -sc ./result/iso/*.iso
/nix/store/bfvbvrrqjmnqqhyqyxc0w32gagdz2rya-nixos-24.05.git.1149dab64e7-x86_64-linux.iso
998404 ./result/iso/nixos-24.05.git.1149dab64e7-x86_64-linux.iso
998404 total
$ git checkout THIS_COMMIT
$ nix-build -A config.system.build.isoImage -I nixos-config=nixos/modules/installer/cd-dvd/installation-cd-minimal.nix nixos/default.nix && du -sc ./result/iso/*.iso
/nix/store/l9x9rwlvfddnri70h1ifx865q0cvka5l-nixos-24.05.git.1149dab64e7-x86_64-linux.iso
998404 ./result/iso/nixos-24.05.git.1149dab64e7-x86_64-linux.iso
998404 total
(cherry picked from commit dadc54aabee276e3535e5bac85d906b07756363e)
|
|
redis to avoid restarts and races
Gitlab stays running at redis and postgresql restarts as if these
components were on a different host anyways. Handling reconnetctions is
part of the application logic.
Co-authored-by: Kim Lindberger <kim.lindberger@gmail.com>
for formatting fixes and test failure debugging.
(cherry picked from commit 13ba002dd0be470f182eee16f9e791d76875c771)
|
|
(cherry picked from commit 14a1f867916c39577e8512e2ff179872bec2c0b5)
|
|
A bootspec could remove the `initrdSecrets` attribute and is a perfectly valid bootspec, as can be seen
in the bootspec.cue.
This makes the builder not fail upon missing `initrdSecrets`.
|
|
[Backport release-23.11] Seafile 10
|
|
Incus needs to find zvol_id for some operations, but zfs does not put
this executable in the bin directory. Exposing lib/udev into the Incus
path solves discovery of the executable
https://github.com/lxc/incus/blob/e5690705e842d3961d8a1d18c0ec002c25345af8/internal/server/storage/drivers/driver_zfs_volumes.go#L1820C1-L1820C41
(cherry picked from commit 7585f26855f12bd56b82e170617454443eb39a4e)
|
|
This mitigates CVE-2023-6246, crucially without a mass-rebuild.
Change-Id: I762a0d489ade88dafd3775d54a09f555dc8c2527
(cherry picked from commit b4c9840652ec2fa8ac59b14a9b0349f5e474e07c)
Co-authored-by: edef <edef@edef.eu>
|
|
(cherry picked from commit a3f06727985162348e09baab2b076f5c1f759d12)
Co-authored-by: Yureka <yuka@yuka.dev>
|
|
(cherry picked from commit bb40443e7790d568058be9b8cd4a8e667b520f34)
|
|
(cherry picked from commit a312393f1432d5b39a7215ef8d847c13c007ede3)
|
|
Otherwise it'll be killed by systemd with
Main process exited, code=killed, status=31/SYS
Signed-off-by: Daniel Schaefer <git@danielschaefer.me>
(cherry picked from commit 6591d332f93422e388ef6337f6b362b4ff8d0724)
|
|
(cherry picked from commit 070bcf9da438a76495f624fc31b2be8036ee7a30)
|
|
The output is expected to be a list [ hostname, port, optional ipv6 scope ], but the
current regex only outputs [ port ], when only a port is given as address.
(cherry picked from commit 9abc79018cab8176643fbad06928b65760501cf7)
|
|
(cherry picked from commit 026757fe78f987768ca4e9a09a973d10d4461b81)
|
|
(cherry picked from commit 24930dadca021613f2a20a0fcdd656e5be371749)
|
|
[Backport release-23.11] nixos/resolved: add dnsovertls option
|
|
(cherry picked from commit dfc87b9048ebf19902077ce045d2e465880b35e1)
|
|
(cherry picked from commit ceeddc5b159fe20d4c186bf43e0c8e1c534db9ab)
|
|
[Backport release-23.11] incus: 0.2 -> 0.4, fix missing deps
|
|
It was added in 3.3.4. I'm not sure if it will be useful with NixOS
services, but I added it in the usual way anyway.
(cherry picked from commit 7f979aeb86f2b3a31e02f06ce25496ebaaa2db38)
|
|
Also remove the 32-bit conditional as it already fails on 4GB.
(cherry picked from commit aa3cd9c9552880a7ce9e456631218b5e97a45a44)
|
|
|
|
|
|
|
|
Fixes CVE-2023-31417, CVE-2023-31418, CVE-2023-31419, CVE-2023-46673 and CVE-2023-46674.
Security announces:
https://www.elastic.co/guide/en/security/7.17/release-notes-header-7.17.0.html#release-notes-7.17.16
Release notes:
https://www.elastic.co/guide/en/elasticsearch/reference/7.17/release-notes-7.17.16.html
https://www.elastic.co/guide/en/elasticsearch/reference/7.17/release-notes-7.17.15.html
https://www.elastic.co/guide/en/elasticsearch/reference/7.17/release-notes-7.17.14.html
https://www.elastic.co/guide/en/elasticsearch/reference/7.17/release-notes-7.17.13.html
https://www.elastic.co/guide/en/elasticsearch/reference/7.17/release-notes-7.17.12.html
https://www.elastic.co/guide/en/elasticsearch/reference/7.17/release-notes-7.17.11.html
(cherry picked from commit afb57ff041463ed5586b2d350afa4fedf96c85e1)
|
|
This custom emacsclient desktop file was added[1] to Nixpkgs when
the upstream did not provide one.
Since an emacsclient desktop file is provided[2] by the upstream now,
we should remove our custom one from Nixpkgs to reduce maintenance
burden[3].
Fixes https://github.com/NixOS/nixpkgs/issues/245533
[1]: https://github.com/NixOS/nixpkgs/pull/35896
[2]: https://git.savannah.gnu.org/cgit/emacs.git/commit/etc/emacsclient.desktop?id=1a845a672dc73c8e98e6cb9bb734616e168e60ba
[3]: https://git.savannah.gnu.org/cgit/emacs.git/commit/etc/emacsclient.desktop?id=1500e4b4329d4d3d0141263230d74e1b314373b1
(cherry picked from commit 20f07b4aa90974a569b313e889c6d21df6612415)
|
|
(cherry picked from commit 71435c98696ec024e82c480defd31828309395d8)
|
|
(cherry picked from commit 38b27787654a6a8d429776bc91243cc2eb4dbb4c)
|
|
|
|
|
|
|
|
the bug causes a hard dependency on an underlying device which might not be
valid for all interfaces, also broke the example for networking.sits. this is
due to calling hasAttr first and checking for null afterwards, the bug was
made more apparent in commit 76a3c30
(cherry picked from commit 8314af158f26563abf1f3ff4b95812afe8521a37)
|
|
- Add note explaining why enabling the Kubo daemon won't fully work immediately and requires logging in again
- Use `builtins.isList addrIn` instead of `builtins.typeOf addrIn == "list"`
- Fix indentation
(cherry picked from commit a4c451fd3757a0920bc8d4f41b8979609c2ff2a8)
|
|
|
|
(cherry picked from commit ac345ff3906965f0a711a6e78f71a902130a0e2b)
Co-authored-by: Chris Moultrie <821688+tebriel@users.noreply.github.com>
|
|
|
|
(cherry picked from commit 7247d16af6a32d5bdc176d0be4858be2ad463d1f)
|
|
|
|
(cherry picked from commit 3306755683d7df4245184b2d414707ad04096b33)
|
|
|
|
[Backport release-23.11] nixos/guix: add Guix home support
|
|
(cherry picked from commit 2e06a69fb282529a3abf2e255a2bb3f61d4753c9)
Co-authored-by: Yureka <yuka@yuka.dev>
|
|
(#280393)
(cherry picked from commit d4e9e3c6ccb3127c80d6486194a6ce4ea0beb853)
Co-authored-by: Yureka <yuka@yuka.dev>
|
|
|
|
Netdata depends on the `logger` utility for dispatching health alarms to
syslog. This dependency was missing in the systemd units environment.
Issue: https://github.com/NixOS/nixpkgs/issues/272702
Docs: https://learn.netdata.cloud/docs/alerting/notifications/agent-dispatched-notifications/syslog
Docs, archived: https://archive.is/mkQa4
(cherry picked from commit 3f50868d1040827184d52173cfe59aeb8de96a50)
|
|
|
|
In commit 41ca9c1, the database config got an additional config entry
for a separate CI database connection [1]. Unfortunately, the main connection
must always be the first entry. The fix for this was only applied when
databasePasswordFile has been set.
This commit fixes the order of the config for deployments without a databasePasswordFile.
[1] https://docs.gitlab.com/ee/update/deprecations.html#single-database-connection-is-deprecated
(cherry picked from commit de1ecbb67e39fa531a4fd728529506c4bcdd8806)
|