| Commit message (Collapse) | Author | Age |
|---|
| |\ |
|
| | |\
| | |
| | | |
nixos/initrd-ssh: set more defensive pemissions on sshd test key
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
It looks like the test sshd key can never be used, because of too open
permissions. My guess is that the current test script works fine once
the user defined ssh-key has been copied into initrd.
At "nixos-install" however, the user specified host key is not present
in initrd yet and validation fails.
fixes #91486
|
| | |\ \
| | | |
| | | | |
gogs: 0.11.91 -> 0.12.3
|
| | | | | |
|
| | |\ \ \
| | | | |
| | | | | |
nixos/exwm: allow custom Emacs load script
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Add config option services.xserver.windowManager.exwm.loadScript,
which is passed to Emacs (as the -l option) to load after the user's init file.
|
| | |\ \ \ \
| | | | | |
| | | | | | |
home-assistant: add allowlist_external_dirs to systemd unit ReadWritePaths
|
| | | | | | | |
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | | |
option to add Disnix profile to the system PATH
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | | |
modules, eliminate import from derivation hack
|
| | |\ \ \ \ \
| | | | | | |
| | | | | | | |
nixos/proxychains: init
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | |_|_|/ /
| |/| | | | |
|
| |\| | | | | |
|
| | |\ \ \ \ \
| | | | | | |
| | | | | | | |
mosquitto: systemd service sandboxing
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
running the service in a sandbox. read-only root file system,
with tmpfs mounted in /tmp, hidden /root and /home,
temporary /dev. the only writeable path is the data directory,
which according to my experiments is enough for the service
to work correctly.
|
| |\| | | | | | |
|
| | |\ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
pipewire: 0.3.15 -> 0.3.16
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
This release replaces the libpulseaudio shim with a pipewire module that acts as a fake pulseaudio server along with a systemd service that loads that module on demand.
|
| | | | | | | | | |
|
| | | | | | | | | |
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
This allows capping the total amount of memory that will be used for
zram-swap, in addition to the percentage-based calculation, which is
useful when blanket-applying a configuration to many machines.
This is based off the strategy used by Fedora for their rollout of
zram-swap-by-default in Fedora 33
(https://fedoraproject.org/wiki/Changes/SwapOnZRAM), which caps the
maximum amount of memory used for zram at 4GiB.
In future it might be good to port this to the systemd zram-generator,
instead of using this separate infrastructure.
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
The `--no-build-output` flag that is added by default is only valid
for the old cli, which is not used when flakes are used.
Follow-up to c9daa81eff922d9f77d136cfcff0ea05d40024e0.
|
| | |\ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
nixos/stage-1: create /dev/std{in,out,err} symlinks
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
This used to be done by udev, but that was removed in
systemd/systemd@6b2229c. The links are created by systemd at the end of
stage-2, but activation scripts might need them earlier.
|
| | | | | | | | | | |
|
| | | | | | | | | | |
|
| | |\ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | | |
utillinux: rename to util-linux
|
| | | | | | | | | | | |
|
| | |\ \ \ \ \ \ \ \ \
| | |/ / / / / / / /
| |/| | | | | | | | |
pam_ssh_agent_auth: Honour services.openssh.authorizedKeysFiles
|
| | | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
If a system administrator has explicitly configured key locations this
should be taken into account by `sudo`.
|
| | | | | | | | | | | |
|
| | |\ \ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | | |
nixos/network-interfaces: fix typo in udev rule syntax
|
| | | | | | | | | | | | |
|
| | |\ \ \ \ \ \ \ \ \ \
| | |_|/ / / / / / / /
| |/| | | | | | | | | |
nixos.postfix: make postfix.enableSmtp work again
|
| | | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
This fixes issue #104715.
|
| |\| | | | | | | | | | |
|
| | |\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | |
| | | | | | | | | | | | |
wsdd: init at 0.6.2
|
| | | | | | | | | | | | | |
|
| | | | |_|_|/ / / / / /
| | |/| | | | | | | | |
|
| |\| | | | | | | | | | |
|
| | | | | | | | | | | | |
|
| | | | | | | | | | | | |
|
| | |\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | |
| | | | | | | | | | | | |
Refresh instance metadata on boot
|
| | | | | | | | | | | | | |
|