| Commit message (Collapse) | Author | Age |
|---|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
For now at least. I expect someone will find a working type later.
It's incorrect and was causing bad issues. Example test case:
nix-instantiate nixos/release.nix -A tests.xfce.x86_64-linux --dry-run
This is a partial revert of commit b2d803c from PR #162271.
|
| |\ \
| |/
|/| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Since b9cfbcafdf0ca9573de1cdc06137c020e70e44a8, the lack of hexdump in
the closure lead to the generation of empty cookie files. This empty
cookie file is making pleroma to crash at startup now we correctly
read it.
We introduce a migration forcing these empty cookies to be
re-generated to something not empty.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We inject the release cookie path to the pleroma derivation in order
to wrap pleroma_ctl with it. Doing this allows us to remove the
systemd-injected RELEASE_COOKIE path, which was sadly
buggy (RELEASE_COOKIE should point to the *content* of the cookie, not
the file containing it).
We take advantage of this to factor out the cookie path.
|
| | |
| |
| |
| |
| |
| | |
Add an exception to the `paperless-ng-server` service's
`SystemCallFilter` as the `mbind` syscall is needed when consuming a
document while having a classification model present.
|
| |\ \
| | |
| | | |
Throw an error for options without a type
|
| | | |
| | |
| | |
| | | |
Co-Authored-By: Janne Heß <janne@hess.ooo>
|
| |\ \ \
| | | |
| | | | |
nextcloud21: remove
|
| | | |/
| |/|
| | |
| | |
| | |
| | | |
EOLed by upstream in 2022-02[1].
[1] https://docs.nextcloud.com/server/23/admin_manual/release_schedule.html#older-versions
|
| |\ \ \ |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| |\ \ \ \
| |_|/ /
|/| | | |
pacemaker: init
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When `services.resolved.enable` is set to true, the file /etc/resolv.conf becomes a symlink to /etc/static/resolv.conf, which is a symlink to /run/systemd/resolve/stub-resolv.conf. Without this commit, tor does not have access to this file thanks to systemd confinement. This results in the following warning when tor starts:
```
[warn] Unable to stat resolver configuration in '/etc/resolv.conf': No such file or directory
[warn] Could not read your DNS config from '/etc/resolv.conf' - please investigate your DNS configuration. This is possibly a problem. Meanwhile, falling back to local DNS at 127.0.0.1.
```
To fix this, simply allow read-only access to the file when resolved is in use.
According to https://github.com/NixOS/nixpkgs/pull/161818#discussion_r824820462, the symlink may also point to /run/systemd/resolve/resolv.conf, so allow that as well.
|
| |\ \ \ \
| | | | |
| | | | | |
plantuml-server 1.2021.12 -> 1.2022.2
|
| | | |/ /
| |/| |
| | | |
| | | |
| | | | |
- changed JDK version to 17 (11+ required)
- added maven build reproducibility
|
| |\ \ \ \
| | | | |
| | | | | |
nixos/mate: allow remove any added package
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Only extra packages removable currently, but it's possible to run MATE without packages like caja or yelp
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
prometheus-dmarc-exporter: init at 0.5.1
|
| | | | | | | |
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
nixos/pantheon: enable xdg desktop integration
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
This prevents the embarrassing situation in https://github.com/NixOS/nixpkgs/pull/163828 from happening again.
|
| |\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
nixos/tomcat: configure default group and fix broken default package …
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Without this fix, evaluating a NixOS configuration with Tomcat enabled and the
default settings results in the following evaluation error:
Failed assertions:
- users.users.tomcat.group is unset. This used to default to
nogroup, but this is unsafe. For example you can create a group
for this user with:
users.users.tomcat.group = "tomcat";
users.groups.tomcat = {};
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
to be accessed
|
| | | | | | | | | |
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Also some cleanups.
|
| | | | | | | | | |
|
| |\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
pomerium: 0.15.7 -> 0.17.0
|
| | |/ / / / / / / |
|
| |\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
epgstation: 1.7.5 -> 2.6.20
|
| | | | | | | | | | |
|
| | | | | | | | | | |
|
| | |/ / / / / / / |
|
| |\ \ \ \ \ \ \ \
| |/ / / / / / /
|/| | | | | | | |
|
| | | |_|_|_|/ /
| |/| | | | |
| | | | | | |
| | | | | | | |
The amuleDaemon package was renamed to kebab-case in 81ef57d6.
|
| |\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
tox-node: fix config hash and url
|
| | | | | | | | | |
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
We spent a whole afternoon debugging this, because upstream has very
bad software quality and the error messages were incredibly
misleading.
So let’s document it for the sanity of other people.
Btw, I think the implementation of our module is pretty brittle,
especially the part about diffing tokens to check whether they
changed. We should rather just request a new builder registration
every time, it’s not that much overhead, and always set `replace` so
it is idempotent.
|
| |\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
nbd: add nbd service and test
|