diff options
author | github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> | 2023-02-28 00:03:08 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-02-28 00:03:08 +0000 |
commit | 387a5e220d4ddc69b31ec9b1c5f1f322ccd149a9 (patch) | |
tree | b06cb1799a188539869003123e414354ebae3827 /nixos | |
parent | 40707bbbb33378732235071c757d6aaef74754a2 (diff) | |
parent | 48c9797748f7e681dd4d0ca3145ecc1439767c62 (diff) | |
download | nixlib-387a5e220d4ddc69b31ec9b1c5f1f322ccd149a9.tar nixlib-387a5e220d4ddc69b31ec9b1c5f1f322ccd149a9.tar.gz nixlib-387a5e220d4ddc69b31ec9b1c5f1f322ccd149a9.tar.bz2 nixlib-387a5e220d4ddc69b31ec9b1c5f1f322ccd149a9.tar.lz nixlib-387a5e220d4ddc69b31ec9b1c5f1f322ccd149a9.tar.xz nixlib-387a5e220d4ddc69b31ec9b1c5f1f322ccd149a9.tar.zst nixlib-387a5e220d4ddc69b31ec9b1c5f1f322ccd149a9.zip |
Merge staging-next into staging
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/doc/manual/release-notes/rl-2305.section.md | 4 | ||||
-rw-r--r-- | nixos/modules/installer/tools/nix-fallback-paths.nix | 10 | ||||
-rw-r--r-- | nixos/modules/misc/ids.nix | 3 | ||||
-rw-r--r-- | nixos/modules/security/polkit.nix | 4 | ||||
-rw-r--r-- | nixos/modules/services/continuous-integration/gitlab-runner.nix | 4 | ||||
-rw-r--r-- | nixos/modules/services/mail/postfix.nix | 2 | ||||
-rw-r--r-- | nixos/modules/system/boot/systemd/coredump.nix | 4 | ||||
-rw-r--r-- | nixos/modules/system/boot/systemd/initrd.nix | 2 | ||||
-rw-r--r-- | nixos/tests/haproxy.nix | 1 |
9 files changed, 16 insertions, 18 deletions
diff --git a/nixos/doc/manual/release-notes/rl-2305.section.md b/nixos/doc/manual/release-notes/rl-2305.section.md index 6b9bb06fedc9..2eaedf852098 100644 --- a/nixos/doc/manual/release-notes/rl-2305.section.md +++ b/nixos/doc/manual/release-notes/rl-2305.section.md @@ -117,6 +117,8 @@ In addition to numerous new and upgraded packages, this release has the followin - The [services.wordpress.sites.<name>.plugins](#opt-services.wordpress.sites._name_.plugins) and [services.wordpress.sites.<name>.themes](#opt-services.wordpress.sites._name_.themes) options have been converted from sets to attribute sets to allow for consumers to specify explicit install paths via attribute name. +- `protonmail-bridge` package has been updated to v3.0 and the CLI executable is now named bridge instead of protonmail-bridge to be more in line with upstream. + - Nebula now runs as a system user and group created for each nebula network, using the `CAP_NET_ADMIN` ambient capability on launch rather than starting as root. Ensure that any files each Nebula instance needs to access are owned by the correct user and group, by default `nebula-${networkName}`. - In `mastodon` it is now necessary to specify location of file with `PostgreSQL` database password. In `services.mastodon.database.passwordFile` parameter default value `/var/lib/mastodon/secrets/db-password` has been changed to `null`. @@ -257,6 +259,8 @@ In addition to numerous new and upgraded packages, this release has the followin - The `unifi-poller` package and corresponding NixOS module have been renamed to `unpoller` to match upstream. +- `protonmail-bridge` package has been updated to v3.0 and the CLI executable is now named bridge instead of protonmail-bridge to be more in line with upstream. + - The new option `services.tailscale.useRoutingFeatures` controls various settings for using Tailscale features like exit nodes and subnet routers. If you wish to use your machine as an exit node, you can set this setting to `server`, otherwise if you wish to use an exit node you can set this setting to `client`. The strict RPF warning has been removed as the RPF will be loosened automatically based on the value of this setting. - `openjdk` from version 11 and above is not build with `openjfx` (i.e.: JavaFX) support by default anymore. You can re-enable it by overriding, e.g.: `openjdk11.override { enableJavaFX = true; };`. diff --git a/nixos/modules/installer/tools/nix-fallback-paths.nix b/nixos/modules/installer/tools/nix-fallback-paths.nix index c9cb65dbbe5a..1058a34133b1 100644 --- a/nixos/modules/installer/tools/nix-fallback-paths.nix +++ b/nixos/modules/installer/tools/nix-fallback-paths.nix @@ -1,7 +1,7 @@ { - x86_64-linux = "/nix/store/lsr79q5xqd9dv97wn87x12kzax8s8i1s-nix-2.13.2"; - i686-linux = "/nix/store/wky9xjwiwzpifgk0s3f2nrg8nr67bi7x-nix-2.13.2"; - aarch64-linux = "/nix/store/v8drr3x1ia6bdr8y4vl79mlz61xynrpm-nix-2.13.2"; - x86_64-darwin = "/nix/store/1l14si31p4aw7c1gwgjy0nq55k38j9nj-nix-2.13.2"; - aarch64-darwin = "/nix/store/6x7nr1r780fgn254zhkwhih3f3i8cr45-nix-2.13.2"; + x86_64-linux = "/nix/store/mc43d38fibi94pp5crfwacl5gbslccd0-nix-2.13.3"; + i686-linux = "/nix/store/09m966pj26cgd4ihlg8ihl1106j3vih8-nix-2.13.3"; + aarch64-linux = "/nix/store/7f191d125akld27gc6jl0r13l8pl7x0h-nix-2.13.3"; + x86_64-darwin = "/nix/store/1wn9jkvi2zqfjnjgg7lnp30r2q2y8whd-nix-2.13.3"; + aarch64-darwin = "/nix/store/8w0v2mffa10chrf1h66cbvbpw86qmh85-nix-2.13.3"; } diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix index 108ab5d4f318..17ea04cb4ecb 100644 --- a/nixos/modules/misc/ids.nix +++ b/nixos/modules/misc/ids.nix @@ -392,7 +392,7 @@ in tape = 25; video = 26; dialout = 27; - polkituser = 28; + #polkituser = 28; # currently unused, polkitd doesn't need a group utmp = 29; # ddclient = 30; # converted to DynamicUser = true davfs2 = 31; @@ -510,7 +510,6 @@ in #seeks = 148; # removed 2020-06-21 prosody = 149; i2pd = 150; - systemd-coredump = 151; systemd-network = 152; systemd-resolve = 153; systemd-timesync = 154; diff --git a/nixos/modules/security/polkit.nix b/nixos/modules/security/polkit.nix index 1b6594802277..de427ccb295b 100644 --- a/nixos/modules/security/polkit.nix +++ b/nixos/modules/security/polkit.nix @@ -113,9 +113,7 @@ in group = "polkituser"; }; - users.groups.polkituser = { - gid = mkIf (lib.versionAtLeast config.system.stateVersion "23.05") config.ids.gids.polkituser; - }; + users.groups.polkituser = {}; }; } diff --git a/nixos/modules/services/continuous-integration/gitlab-runner.nix b/nixos/modules/services/continuous-integration/gitlab-runner.nix index 6b44d39c224e..53f39f40daa5 100644 --- a/nixos/modules/services/continuous-integration/gitlab-runner.nix +++ b/nixos/modules/services/continuous-integration/gitlab-runner.nix @@ -577,7 +577,7 @@ in { }; }; # Enable periodic clear-docker-cache script - systemd.services.gitlab-runner-clear-docker-cache = { + systemd.services.gitlab-runner-clear-docker-cache = mkIf (cfg.clear-docker-cache.enable && (any (s: s.executor == "docker") (attrValues cfg.services))) { description = "Prune gitlab-runner docker resources"; restartIfChanged = false; unitConfig.X-StopOnRemoval = false; @@ -590,7 +590,7 @@ in { ${pkgs.gitlab-runner}/bin/clear-docker-cache ${toString cfg.clear-docker-cache.flags} ''; - startAt = optional cfg.clear-docker-cache.enable cfg.clear-docker-cache.dates; + startAt = cfg.clear-docker-cache.dates; }; # Enable docker if `docker` executor is used in any service virtualisation.docker.enable = mkIf ( diff --git a/nixos/modules/services/mail/postfix.nix b/nixos/modules/services/mail/postfix.nix index d01734d61e87..852340c05aa7 100644 --- a/nixos/modules/services/mail/postfix.nix +++ b/nixos/modules/services/mail/postfix.nix @@ -809,7 +809,7 @@ in // optionalAttrs (cfg.relayHost != "") { relayhost = if cfg.lookupMX then "${cfg.relayHost}:${toString cfg.relayPort}" else "[${cfg.relayHost}]:${toString cfg.relayPort}"; } - // optionalAttrs config.networking.enableIPv6 { inet_protocols = mkDefault "all"; } + // optionalAttrs (!config.networking.enableIPv6) { inet_protocols = mkDefault "ipv4"; } // optionalAttrs (cfg.networks != null) { mynetworks = cfg.networks; } // optionalAttrs (cfg.networksStyle != "") { mynetworks_style = cfg.networksStyle; } // optionalAttrs (cfg.hostname != "") { myhostname = cfg.hostname; } diff --git a/nixos/modules/system/boot/systemd/coredump.nix b/nixos/modules/system/boot/systemd/coredump.nix index deaaba9bbf85..03ef00e5683c 100644 --- a/nixos/modules/system/boot/systemd/coredump.nix +++ b/nixos/modules/system/boot/systemd/coredump.nix @@ -66,9 +66,7 @@ in { uid = config.ids.uids.systemd-coredump; group = "systemd-coredump"; }; - users.groups.systemd-coredump = { - gid = mkIf (lib.versionAtLeast config.system.stateVersion "23.05") config.ids.gids.systemd-coredump; - }; + users.groups.systemd-coredump = {}; }) (mkIf (!cfg.enable) { diff --git a/nixos/modules/system/boot/systemd/initrd.nix b/nixos/modules/system/boot/systemd/initrd.nix index 0c78eec8fde0..f937581b76f6 100644 --- a/nixos/modules/system/boot/systemd/initrd.nix +++ b/nixos/modules/system/boot/systemd/initrd.nix @@ -118,7 +118,7 @@ let name = "initrd-bin-env"; paths = map getBin cfg.initrdBin; pathsToLink = ["/bin" "/sbin"]; - postBuild = concatStringsSep "\n" (mapAttrsToList (n: v: "ln -s '${v}' $out/bin/'${n}'") cfg.extraBin); + postBuild = concatStringsSep "\n" (mapAttrsToList (n: v: "ln -sf '${v}' $out/bin/'${n}'") cfg.extraBin); }; initialRamdisk = pkgs.makeInitrdNG { diff --git a/nixos/tests/haproxy.nix b/nixos/tests/haproxy.nix index b6ff4102fe68..555474d7f299 100644 --- a/nixos/tests/haproxy.nix +++ b/nixos/tests/haproxy.nix @@ -2,7 +2,6 @@ import ./make-test-python.nix ({ pkgs, ...}: { name = "haproxy"; nodes = { machine = { ... }: { - imports = [ ../modules/profiles/minimal.nix ]; services.haproxy = { enable = true; config = '' |