summary refs log tree commit diff
path: root/nixos
Commit message (Collapse)AuthorAge
...
| | * | | | | | | | | | nixos/miniflux: improve docsGuillaume Girol2022-01-25
| | | | | | | | | | | |
* | | | | | | | | | | | Merge master into staging-nextgithub-actions[bot]2022-01-31
|\| | | | | | | | | | |
| * | | | | | | | | | | Merge pull request #148695 from Mic92/nginxJanne Heß2022-01-31
| |\ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | nixos/nginx: fix mincore filtering
| | * \ \ \ \ \ \ \ \ \ \ Merge branch 'master' into nginxJörg Thalheim2022-01-31
| | |\ \ \ \ \ \ \ \ \ \ \
| | * | | | | | | | | | | | Update nixos/modules/services/web-servers/nginx/default.nixJörg Thalheim2022-01-31
| | | | | | | | | | | | | |
| | * | | | | | | | | | | | nixos/nginx: fix mincore filteringJörg Thalheim2021-12-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Mincore is a syscall, not a group.
* | | | | | | | | | | | | | Merge master into staging-nextgithub-actions[bot]2022-01-31
|\| | | | | | | | | | | | |
| * | | | | | | | | | | | | Merge pull request #157351 from SuperSandro2000/SuperSandro2000-patch-1Sandro2022-01-31
| |\ \ \ \ \ \ \ \ \ \ \ \ \
| | * | | | | | | | | | | | | enableRedistributableFirmware: only add rtw89-firmware when kernel older 5.16Sandro2022-01-30
| | | | | | | | | | | | | | |
| * | | | | | | | | | | | | | Merge pull request #157001 from 06kellyjac/opentelemetry-collectorUri Baghin2022-01-31
| |\ \ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | opentelemetry-collector: 0.40.0 -> 0.43.1, opentelemetry-collector-contrib: init at 0.43.0
| | * | | | | | | | | | | | | | opentelemetry-collector-contrib: init at 0.43.006kellyjac2022-01-28
| | | |_|_|_|_|_|_|/ / / / / / | | |/| | | | | | | | | | | |
| * | | | | | | | | | | | | | Merge pull request #155895 from rnhmjoj/pr-dhcpd-hardMichele Guerini Rocco2022-01-31
| |\ \ \ \ \ \ \ \ \ \ \ \ \ \ | | |_|_|_|/ / / / / / / / / / | |/| | | | | | | | | | | | | nixos/dhcpd: switch to DynamicUser [v2]
| | * | | | | | | | | | | | | docs/release-notes: document dhcpd hardeningrnhmjoj2022-01-20
| | | | | | | | | | | | | | |
| | * | | | | | | | | | | | | nixos/tests/systemd-networkd-ipv6-prefix-delegation: fixrnhmjoj2022-01-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since dhcpd has been hardened (DynamicUser → NoNewPrivileges) it can't use a setcap wrapper. Instead, we add the net_admin capability to it's ambient set and run `ip route` directly. This is also safer that giving everyone permisison to change the routing table.
| | * | | | | | | | | | | | | Revert "Revert "nixos/dhcpd: switch to DynamicUser""rnhmjoj2022-01-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 0e5dab9db7d183e762310478fc1da46a7db58778, thus bringing back dd9883b2fbd2b9ea01d53654d383b29b4d68d05a.
* | | | | | | | | | | | | | | Merge pull request #157350 from NixOS/gnomeJan Tojnar2022-01-31
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | |/ / / / / / / / / / / / / / |/| | | | | | | | | | | | | | GNOME: 41.2 → 41.3
| * | | | | | | | | | | | | | gnome.gdm: 41.0 → 41.3Jan Tojnar2022-01-30
| | |_|_|_|_|_|_|_|_|/ / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove nvidiaWayland NixOS option since it was severely out of date. https://ftp.gnome.org/pub/GNOME/sources/gdm/41/gdm-41.3.news
* | | | | | | | | | | | | | seahub: init at 8.0.8Greizgh2022-01-30
| | | | | | | | | | | | | |
* | | | | | | | | | | | | | Merge pull request #154130 from rnhmjoj/fix-wpaMichele Guerini Rocco2022-01-30
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | nixos/wireless: enable PMF by default
| * | | | | | | | | | | | | | nixos/wireless: implement opportunistic WPA3rnhmjoj2022-01-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It turns out it's actually possible to fall back to WPA2 in case the authentication fails with WPA3. This was suggested to me in the hostapd mailing list: add another network block with only WPA2 and lower priority, for each network with WPA3. For clients with missing/broken WPA3, wpa_supplicant will: 1. try the network block with higher priority first 2. fail and temporarily disable the network block 3. try the fallback network block and connect This takes a little more time (still <5s) because wpa_supplicant retries a couple times before disabling the network block, but it allows old client to gracefully fall back to WPA2 on mixed WPA2/WPA3 networks. To avoid downgrade attacks, clients with proper WPA3 should disable this; in the future we may want to disable this option by default.
| * | | | | | | | | | | | | | nixos/wireless: enable PMF by defaultrnhmjoj2022-01-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Alternative solution to PR #152443. This fixes authentication failures to WPA3 networks (issue #151729) by enabling protected management frames. Note: old client without 802.11w support will still fail.
* | | | | | | | | | | | | | | Merge pull request #157053 from lheckemann/systemd-optional-cryptsetupGuillaume Girol2022-01-30
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | nixos/systemd: only use cryptsetup units if systemd was built with it
| * | | | | | | | | | | | | | | nixos/systemd: only use cryptsetup units if systemd was built with itLinus Heckemann2022-01-30
| | | | | | | | | | | | | | | |
* | | | | | | | | | | | | | | | Merge pull request #157347 from mweinelt/smartctl-exporter-capab-fixajs1242022-01-30
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | nixos/smartctl-exporter: fix typo in rawio capab
| * | | | | | | | | | | | | | | | nixos/smartctl-exporter: fix typo in rawio capabMartin Weinelt2022-01-30
| | |_|/ / / / / / / / / / / / / | |/| | | | | | | | | | | | | |
* / | | | | | | | | | | | | | | nixos/nftables: Allow use with iptables (#121517)Jess Schallenberg2022-01-30
|/ / / / / / / / / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * nixos/nftables: Allow use with iptables Since iptables and nftables do not actually conflict with each other, there's no real reason to artificially prevent people from combining them. In fact, this practice is known to cause issues like #88643, which is fixed by this commit.
* | | | | | | | | | | | | | | Merge pull request #153596 from illustris/elasticsearchSandro2022-01-30
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | | | | | | nixos/elasticsearch: fix crashes on large datanodesillustris2022-01-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | https://github.com/NixOS/nixpkgs/commit/3a1e1f062432fbc867502187972b37f7a6f9fe63 adds a poststart script that checks if ES successfully started by curling the HTTP endpoint. On nodes with a lot of data or slower disks, this might take longer than the default systemd startup timeout of 90 seconds.
* | | | | | | | | | | | | | | | Merge pull request #157320 from andersk/gnome-switch-fixedJanne Heß2022-01-30
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | nixos/gnome: Remove warning for fixed nixos-rebuild switch bug
| * | | | | | | | | | | | | | | | nixos/gnome: Remove warning for fixed nixos-rebuild switch bugAnders Kaseorg2022-01-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | https://github.com/NixOS/nixpkgs/issues/44344 was fixed years ago. Signed-off-by: Anders Kaseorg <andersk@mit.edu>
* | | | | | | | | | | | | | | | | vimPlugins.onedark-nvim: etcSeong Yong-ju2022-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `vimPlugins.onedark-nvim` now refers to navarasu/onedark.nvim (formerly refers to olimorris/onedarkpro.nvim).
* | | | | | | | | | | | | | | | | Merge pull request #157261 from LeSuisse/mysql57-5.7.37Sandro2022-01-30
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | |_|_|_|_|_|_|/ / / / / / / / / / |/| | | | | | | | | | | | | | | |
| * | | | | | | | | | | | | | | | mysql57: 5.7.27 -> 5.7.37Thomas Gerbet2022-01-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-37.html https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-36.html https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-35.html https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-34.html https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-33.html https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-32.html https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-31.html https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-30.html https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-29.html https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-28.html
* | | | | | | | | | | | | | | | | Merge pull request #157310 from sternenseemann/nix-conf-validation-2.3Janne Heß2022-01-29
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | nixos/nix-daemon: fix config validation with 2.3
| * | | | | | | | | | | | | | | | | nixos/nix-daemon: fix config validation with 2.3sternenseemann2022-01-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | --option experimental-features is no understood by Nix 2.3.
* | | | | | | | | | | | | | | | | | Merge pull request #156731 from Ma27/bump-plausibleNiklas Hambüchen2022-01-29
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | plausible: 1.4.0 -> 1.4.3
| * | | | | | | | | | | | | | | | | | plausible: 1.4.0 -> 1.4.3Maximilian Bosch2022-01-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ChangeLog: https://github.com/plausible/analytics/blob/v1.4.3/CHANGELOG.md#unreleased Also makes the option `services.plausible.releaseCookiePath` mandatory[1]: since Elixir 1.13 the `RELEASE_COOKIE` env-var *must* be set, otherwise the startup fails[2]. Since we drop `$out/releases/COOKIE` in the `fixupPhase` of `mixRelease` and Elixir seems to always attempt to generate such a file[3], I figured it's reasonable to just make it mandatory now. Closes #155575 [1] https://nixos.org/manual/nixos/stable/options.html#opt-services.plausible.releaseCookiePath [2] https://github.com/elixir-lang/elixir/commit/f24eb2c1ef3cfb345e9420945c57f276148c0a89 / https://github.com/elixir-lang/elixir/issues/11114 [3] https://hexdocs.pm/mix/Mix.Tasks.Release.html, see `:cookie`
* | | | | | | | | | | | | | | | | | | ethercalc: init at latest master (b19627)Ingo Blechschmidt2022-01-29
| |_|_|_|_|_|_|_|_|_|_|_|_|_|/ / / / |/| | | | | | | | | | | | | | | | |
* | | | | | | | | | | | | | | | | | Merge pull request #151795 from pennae/dhcpcdpennae2022-01-29
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | |_|_|/ / / / / / / / / / / / / / / |/| | | | | | | | | | | | | | | | | dhcpcd: fix !enablePrivSep build, nixos/dhcpcd: assert if dhcpcd would crash
| * | | | | | | | | | | | | | | | | nixos/dhcpcd: assert if privSep && alternative mallocpennae2022-01-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | dhcpcd does not run properly with some of the hardened system mallocs that are currently available. assert when an incompatible configuration is detected, as a switch into such a config from eg auto-update can take hosts offline.
* | | | | | | | | | | | | | | | | | Merge pull request #157185 from mohe2015/patch-1Bernardo Meurer2022-01-28
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | nixos/nix-daemon: Fix misspelled old option name
| * | | | | | | | | | | | | | | | | | nixos/nix-daemon: Fix misspelled old option nameMoritz Hedtke2022-01-28
| | |_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|/ | |/| | | | | | | | | | | | | | | |
* | | | | | | | | | | | | | | | | | Merge pull request #156213 from chkno/fix-install-testspennae2022-01-29
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | nixos/tests/install: Fix after sandboxed-docs change fc614c3
| * | | | | | | | | | | | | | | | | | nixos/tests/installer: Fix after sandboxed-docs change fc614c3Scott Worley2022-01-23
| | | | | | | | | | | | | | | | | | |
* | | | | | | | | | | | | | | | | | | Merge pull request #156315 from lheckemann/promtail-packageMaximilian Bosch2022-01-28
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | |_|/ / / / / / / / / / / / / / / / / |/| | | | | | | | | | | | | | | | | | Promtail package
| * | | | | | | | | | | | | | | | | | nixos/promtail: use promtail packageLinus Heckemann2022-01-23
| | | | | | | | | | | | | | | | | | |
* | | | | | | | | | | | | | | | | | | Merge pull request #156855 from B4dM4n/breitbandmessung-initMartin Weinelt2022-01-28
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | | | | | | | | | | nixos/tests/breitbandmessung: use virtualisation.resolution optionFabian Möller2022-01-27
| | | | | | | | | | | | | | | | | | | |
| * | | | | | | | | | | | | | | | | | | breitbandmessung: init at 3.1.0Fabian Möller2022-01-27
| | | | | | | | | | | | | | | | | | | |
* | | | | | | | | | | | | | | | | | | | Merge pull request #156978 from rhendric/submit/gnome-2048Jan Tojnar2022-01-28
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | |_|_|_|_|_|/ / / / / / / / / / / / / / |/| | | | | | | | | | | | | | | | | | | gnome-2048: init at 3.38.2
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-02 07:20:04 +0000