| Commit message (Collapse) | Author | Age |
|---|
| | |
|
| |
|
|
| |
...or used correctly.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
This reverts commit d9e18f4e7f77fffde95384d36cc8ac5d1d51b356.
This change is broken, since it doesn't configure the proper database
username in keycloak when provisioning a local database with a custom
username. Its intended behavior is also potentially confusing and
dangerous, so rather than fixing it, let's revert to the old one.
|
| |
|
|
|
|
| |
On my system I have XWayland disabled and therefore only WAYLAND_DISPLAY
is set. This ensures that the graphical output will still be enabled on
such setups (both Wayland and X11 are supported by the viewer).
|
| |\
| |
| | |
searx: set settings.yml permissions using umask
|
| | |
| |
| |
| | |
This should solve a leakage of secrets as suggested in #121293
|
| |\ \
| | |
| | | |
nixos/slurm: 20.11.5.1 -> 20.11.6.1, improve security
|
| | | |
| | |
| | |
| | |
| | | |
replace cp/chmod by install to avoid security issues.
See https://github.com/NixOS/nixpkgs/issues/121293
|
| | | |
| | |
| | |
| | |
| | | |
Allows coercing lists to values. E.g.
formats.ini { listToValue = lib.concatMapStringsSep ", " (lib.generators.mkValueStringDefault {}); }
|
| |\ \ \
| | | |
| | | | |
metadata fetchers: use umask instead of fetch-and-chmod
|
| | | |/
| |/| |
|
| |\ \ \
| | | |
| | | | |
bookstack: 0.31.7 -> 21.04.3 + nixos/bookstack: use umask before echoing & clear cache before starting
|
| | | | | |
|
| |\ \ \ \
| | | | |
| | | | | |
prometheus-knot-exporter: add patch to fix stats
|
| | | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This is a patch I filed against upstream[1] a while ago. As it isn't
merged yet and fixes configurations with all stats enabled in knot
(otherwise it'd crash when sending a request to `localhost:9433`), I
decided that it makes sense to add it to the package directly.
I extended the test to make sure that it only passes with this patch.
[1] https://github.com/ghedo/knot_exporter/pull/6
|
| |\ \ \ \
| | | | |
| | | | | |
testing-python.nix: document runTests pos argument
|
| | | | | | |
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
nixos/unbound: add settings option, deprecate extraConfig
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Follow RFC 42 by having a settings option that is
then converted into an unbound configuration file
instead of having an extraConfig option.
Existing options have been renamed or kept if
possible.
An enableRemoteAccess has been added. It sets remote-control setting to
true in unbound.conf which in turn enables the new wrapping of
unbound-control to access the server locally. Also includes options
'remoteAccessInterfaces' and 'remoteAccessPort' for remote access.
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
airsonic: force use of jre8
|
| | | | | | | | |
|
| | | | | | | | |
|
| |\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
nixos/tests/jellyfin: enhanced test
|
| | | | | | | | | |
|
| |\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
undistract-me: init at unstable-2020-08-09
|
| | | | | | | | | | |
|
| | | | | | | | | | |
|
| |\ \ \ \ \ \ \ \ \
| |_|_|_|/ / / / /
|/| | | | | | | | |
nixos/bind: refactor zones from a list to attrset
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
This commit uses coercedTo to make zones a attrset instead of list.
Makes it easier to access/change zones in multiple places.
|
| | | | | | | | | | |
|
| |\ \ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | | |
matrix-dendrite: init at 0.3.11
|
| | | | | | | | | | | |
|
| |\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | | |
nixos/tests/rspamd: fix OOM flakyness
|
| | | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
rspamd seems to be consuming more memory now sometimes, causing OOMs in
the test.
Increase the memory given to these VMs to make the tests pass more
reliably.
|
| | | |_|_|_|_|_|/ / /
| |/| | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Postfix has started outputting an error on startup that it can't parse
the compatibility level 9999.
Instead, just set the compatibility level to be identical to the current
version, which seems to be the (new) intent for the compatibility level.
|
| |\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | | |
nixos/tests/gitdaemon: deflake by using systemd-tmpfiles
|
| | |/ / / / / / / / /
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
git-daemon won't start up if its project directory (here /git) doesn't
exist. If we try to create it using the test harness, then we're racing
whether we manage to connect to the backdoor vs. the startup speed of
git-daemon.
Instead, use systemd-tmpfiles, which is guaranteed(?) to run before
network.target and thus before git-daemon.service starts.
|
| |\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | | |
nixos/tests/installer: fix for i686-linux
|
| | |/ / / / / / / / /
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Currently, the installer tests just hang after the initial install phase
on i686 because qemu just quits because of the gic parameter.
Fix this by doing x86 things for both x86-64 and i686.
|
| |\ \ \ \ \ \ \ \ \ \ |
|
| | | | | | | | | | | | |
|
| | | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
The reaper, at this point, should not delete a freshly created paste.
|
| | | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
Easy way to revisit the hardening setup of the systemd unit.
|
| | | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
The reap function culls expired pastes outside of the process serving
the pastes. Previously the database could accumulate a large number of
pastes and while they were expired they would not be deleted unless
accessed from the frontend.
|
| | |/ / / / / / / / /
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Individual settings would previously overwrite the whole config, but
now individual values can be overwritten.
Fix missing slash to make the database path an absolute path per
https://docs.sqlalchemy.org/en/14/core/engines.html#sqlite.
Drop preferred_lexers, it's not set to anything meaningful anyway.
|
| |\ \ \ \ \ \ \ \ \ \
| |_|_|_|_|_|/ / / /
|/| | | | | | | | | |
nixos/xserver: set fs.inotify.max_user_instances too
|
| | | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
A too low number of inotify user instances causes similar problems as
max_user_watches. Without this, my workstation keeps running into things
like this:
$ sudo systemctl restart display-manager.service
Failed to allocate directory watch: Too many open files
|
| |\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | | |
nixos/tests: Replace QEMU_OPTS usages with virtualisation.qemu.options
|
| | | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
See [0]: "QEMU_OPTS is something that should be set by people running VM
tests interactively, to do port forwardings etc.
We really should not poke with it from the test script - that's what
virtualisation.qemu.options is for."
[0]: https://github.com/NixOS/nixpkgs/pull/119615#discussion_r624145020
Co-authored-by: Florian Klink <flokli@flokli.de>
|