diff options
| author | Sandro <sandro.jaeckel@gmail.com> | 2022-12-29 15:43:40 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-12-29 15:43:40 +0100 |
| commit | 2c421416dab30981940c31cc3c26bbb4f32daa66 (patch) | |
| tree | 0a74a36d77a626b66e69bfc1906db9c9ef1faff7 /nixos | |
| parent | f03f529febbaab7326e9e9b76babca20c73ea445 (diff) | |
| parent | 7e0588b2fba3dfedd583933eff8bd6820b073483 (diff) | |
| download | nixpkgs-2c421416dab30981940c31cc3c26bbb4f32daa66.tar nixpkgs-2c421416dab30981940c31cc3c26bbb4f32daa66.tar.gz nixpkgs-2c421416dab30981940c31cc3c26bbb4f32daa66.tar.bz2 nixpkgs-2c421416dab30981940c31cc3c26bbb4f32daa66.tar.lz nixpkgs-2c421416dab30981940c31cc3c26bbb4f32daa66.tar.xz nixpkgs-2c421416dab30981940c31cc3c26bbb4f32daa66.tar.zst nixpkgs-2c421416dab30981940c31cc3c26bbb4f32daa66.zip | |
Merge pull request #207913 from SuperSandro2000/grafana-localhost
Closes https://github.com/NixOS/nixpkgs/issues/207769
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/doc/manual/from_md/release-notes/rl-2305.section.xml | 8 | ||||
| -rw-r--r-- | nixos/doc/manual/release-notes/rl-2305.section.md | 2 | ||||
| -rw-r--r-- | nixos/modules/services/monitoring/grafana.nix | 10 |
3 files changed, 18 insertions, 2 deletions
diff --git a/nixos/doc/manual/from_md/release-notes/rl-2305.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2305.section.xml index b1c4745a3f5..23a39a52ab2 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2305.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2305.section.xml @@ -357,6 +357,14 @@ </listitem> <listitem> <para> + <literal>services.grafana</literal> listens only on localhost + by default again. This was changed to upstreams default of + <literal>0.0.0.0</literal> by accident in the freeform setting + conversion. + </para> + </listitem> + <listitem> + <para> A new <literal>virtualisation.rosetta</literal> module was added to allow running <literal>x86_64</literal> binaries through diff --git a/nixos/doc/manual/release-notes/rl-2305.section.md b/nixos/doc/manual/release-notes/rl-2305.section.md index 63015790167..3e4f0fd490f 100644 --- a/nixos/doc/manual/release-notes/rl-2305.section.md +++ b/nixos/doc/manual/release-notes/rl-2305.section.md @@ -99,6 +99,8 @@ In addition to numerous new and upgraded packages, this release has the followin - `nixos/lib/make-disk-image.nix` can now mutate EFI variables, run user-provided EFI firmware or variable templates. This is now extensively documented in the NixOS manual. +- `services.grafana` listens only on localhost by default again. This was changed to upstreams default of `0.0.0.0` by accident in the freeform setting conversion. + - A new `virtualisation.rosetta` module was added to allow running `x86_64` binaries through [Rosetta](https://developer.apple.com/documentation/apple-silicon/about-the-rosetta-translation-environment) inside virtualised NixOS guests on Apple silicon. This feature works by default with the [UTM](https://docs.getutm.app/) virtualisation [package](https://search.nixos.org/packages?channel=unstable&show=utm&from=0&size=1&sort=relevance&type=packages&query=utm). - The new option `users.motdFile` allows configuring a Message Of The Day that can be updated dynamically. diff --git a/nixos/modules/services/monitoring/grafana.nix b/nixos/modules/services/monitoring/grafana.nix index 9a9a0ab7553..9cce4c71d96 100644 --- a/nixos/modules/services/monitoring/grafana.nix +++ b/nixos/modules/services/monitoring/grafana.nix @@ -364,9 +364,15 @@ in { }; http_addr = mkOption { - description = lib.mdDoc "Listening address."; - default = ""; type = types.str; + default = "127.0.0.1"; + description = lib.mdDoc '' + Listening address. + + ::: {.note} + This setting intentionally varies from upstream's default to be a bit more secure by default. + ::: + ''; }; http_port = mkOption { |