Age | Commit message (Collapse) | Author | Files | Lines |
|
zigbee2mqtt package & module
|
|
nixos/users-groups: don't consider a system with Google OS Login inaccessible
|
|
make-iso9660-image: produce stable GPT disk GUID
|
|
nixos/unit: add 'tmp' directory
|
|
nixos/gitlab: Drop sidekiq PID file
|
|
nixos/systemd: Implement a packages option for tmpfiles
|
|
|
|
|
|
The toplevel derivations of systems that have `networking.hostName`
set to `""` (because they want their hostname to be set by DHCP) used
to be all named
`nixos-system-unnamed-${config.system.nixos.label}`.
This makes them hard to distinguish.
A similar problem existed in NixOS tests where `vmName` is used in the
`testScript` to refer to the VM. It defaulted to the
`networking.hostName` which when set to `""` won't allow you to refer
to the machine from the `testScript`.
This commit makes the `system.name` configurable. It still defaults to:
```
if config.networking.hostName == ""
then "unnamed"
else config.networking.hostName;
```
but in case `networking.hostName` needs to be to `""` the
`system.name` can be set to a distinguishable name.
|
|
This makes the type of these functions more apparent from the name.
|
|
This modifies the `router` to not give out a range of IP addresses but
only give out a fixed address based on the MAC address using the
`services.dhcpd4.machines` option.
To get access to the MAC address the `qemuNicMac` function is defined
and exported from `qemu-flags.nix`.
|
|
|
|
nixos/resilio: fix directoryRoot configuration
|
|
The resilio module places the directoryRoot configuration in the webui
section. However, the generated configuration fails on the current
version of Resilio Sync with:
Invalid key context: 'directory_root' must be in global config section
This change places this key in the global configuration section to
solve this error.
|
|
By generating a version-5 GUID based on $out (which contains
the derivation hash) and preventing isohybrid from overwriting
the GPT table (which already is populated correctly by xorriso).
Tested by:
* booting from USB disk on a UEFI system
* booting from USB disk on a non-UEFI system
* booting from CD on a UEFI system
* booting from CD on a non-UEFI system
* booting from CD on an OSX system
Also tested that "nix-build ./nixos/release-combined.nix -A
nixos.iso_minimal.x86_64-linux -I nixpkgs=~/nixpkgs-r13y --check"
now succeeds.
Fixes #74047
|
|
The new release fixes one of the outstanding CVEs against oauth2_proxy:
https://github.com/oauth2-proxy/oauth2-proxy/security/advisories/GHSA-5m6c-jp6f-2vcv.
In addition, rename the owner and the project name to reflect the
changes upstream (it now belongs to the oauth2-proxy organization, and
the name is oauth2-proxy)
|
|
Build error introduced in fe7053f75a912197f312d890740dd3bdde0ed994:
parser error : Opening and ending tag mismatch: commmand line 6139 and command
escription><para>Base64 preshared key generated by <commmand>wg genpsk</command>
^
Writing "command" with only two "m" fixes building the NixOS manual.
Signed-off-by: aszlig <aszlig@nix.build>
|
|
|
|
Correct a small spelling slip up
|
|
|
|
This allows disabling users.mutableUsers without configuring any
authentication mechanisms (passwords, authorized SSH keys) other than
Google OS Login.
|
|
> WARNING: PID file creation will be removed in Sidekiq 6.0, see #4045.
Please use a proper process supervisor to start and manage your
services
Since NixOS uses a proper process supervisor AND does not use the PID
file anywhere, we can just drop it to be upwards compatible and fix that
warning.
|
|
|
|
|
|
nixos/manual: add a section about enabling OpenCL for AMD GPUs
|
|
This is analogous to #70447.
With security.lockKernelModules=true, docker commands result in the following
error without at least loading veth:
$ docker run hello-world
/nix/store/mr50kaan2vs4gc40ymwncb2vci25aq7z-docker-19.03.2/libexec/docker/docker: Error response from daemon: failed to create endpoint epic_kare on network bridge: failed to add the host (veth8b381f3) <=> sandbox (veth348e197) pair interfaces: operation not supported.
ERRO[0003] error waiting for container: context canceled
|
|
Also drop the `portables` tmpfiles because the file is missing in the
systemd derivation.
|
|
prometheus-modemmanager-exporter: init at 0.1.0, add NixOS module
|
|
Signed-off-by: Matt Layher <mdlayher@gmail.com>
|
|
|
|
nixos/moodle: add plugins
|
|
|
|
- Begin a new chapter "GPU Acceleration", this should also cover
VA-API, OpenGL, Vulkan, etc.
- Add a general blurb about OpenCL and how to check whether OpenCL
devices are found.
- Add a section about enabling OpenCL for AMD GPUs specifically.
|
|
use phpEnv to provide xmlrpc
|
|
dockerTools: Always set imageTag attribute
|
|
podman updates
|
|
|
|
This reverts commit 033ba9c73d4fe544db93fbf299cf7a4a0a786ea8.
|
|
stage-2: parameterized systemd executable
|
|
nixos/gitolite: provision data directory only before service begins
|
|
ceph: 14.2.10 -> 15.2.4
|
|
This lets users do sneaky things before systemd starts, and
permanently affect the environment in which systemd runs. For example,
we could start systemd in a non-default network namespace by setting
the systemdExecutable to a wrapper script containing:
#!/bin/sh
ip netns add virtual
touch /var/run/netns/physical
mount -o bind /proc/self/ns/net /var/run/netns/physical
exec ip netns exec virtual systemd
_note: the above example does literally work, but there are unresolved
problems with udev and dhcp._
|
|
nixosTests.gnome3: enable debug mode
|
|
|
|
The tests fail too often on Hydra without much of a hint what went wrong. Hopefully, this will provide some clue.
|
|
nixos/buildbot: enable configurable keepalive for buildbot worker
|
|
In the current implementation, there's no possibility to modify the default
parameter for keepalive. This is a number that indicates how frequently
keepalive messages should be sent from the worker to the buildmaster,
expressed in seconds. The default (600) causes a message to be sent to
the buildmaster at least once every 10 minutes.
If the worker is behind a NAT box or stateful firewall, these messages
may help to keep the connection alive: some NAT boxes tend to forget about
a connection if it has not been used in a while. When this happens, the
buildmaster will think that the worker has disappeared, and builds will
time out. Meanwhile the worker will not realize than anything is wrong.
|
|
|
|
This is required by (among others) Podman to run containers in rootless mode.
Other distributions such as Fedora and Ubuntu already set up these mappings.
The scheme with a start UID/GID offset starting at 100000 and increasing in 65536 increments is copied from Fedora.
|
|
See https://github.com/NixOS/nixpkgs/pull/92520#issuecomment-655157990.
In #85895 I accidentally introduced a comparison between an array reference
and an array, which can never be true. Fixed by dereferencing.
|