| Commit message (Collapse) | Author | Age |
|---|
| |\ |
|
| | |
| |
| |
| | |
Fixes a regression introduced in #294754.
|
| | |
| |
| |
| |
| | |
1. Added openvswitch integration to incus service.
2. Added tests to test openvswitch functionality with incus.
|
| | |\
| | |
| | | |
nixos/oci-containers: ignore nonexistent container when stopping
|
| | | |
| | |
| | |
| | | |
Fixes #292551
|
| | |\ \
| | | |
| | | | |
virtualboxKvm: init
|
| | | |/ |
|
| |/ /
| |
| |
| |
| |
| |
| | |
Note that this list will stop being updated from now on.
Please use https://nixos.github.io/amis/ and https://nixos.github.io/amis/images.json instead.
We are working on integrating this in the https://nixos.org/ website
These get updated for every channel bump.
|
| |\ \
| | |
| | |
| | |
| | | |
RaitoBezarius/smm-works-for-something-else-than-x86-actually
OVMF: remove invalid `assert` on SMM
|
| | |/
| |
| |
| |
| |
| |
| |
| | |
The qemu module shouldn't implicitly (and for all architectures) enable
SSM when enabling Secure Boot.
Additionally, this breaks aarch64 Secure Boot tests because this module
doesn't use the right machine type for anything but X86.
|
| |\ \
| | |
| | | |
nixos/incus: assert nftables is used when firewall is enabled
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
incus manages its own firewall rules and prefers nftables. The
advantages of nftables for segmenting multiple tools managing firewall
rules is sufficient to require nftables with incus.
https://linuxcontainers.org/incus/docs/main/howto/network_bridge_firewalld/#use-incus-firewall
|
| |\ \ \
| |_|/
|/| | |
nixos/podman: pass proxy variables to podman API
|
| | | | |
|
| |\ \ \
| | | |
| | | | |
Enable MS-compatible secure boot with OVMF
|
| | | | |
| | | |
| | | |
| | | | |
Co-authored-by: Arthur Gautier <arthur.gautier@arista.com>
|
| |\ \ \ \
| | | | |
| | | | | |
treewide: remove deprecated grub.version references
|
| | | | | | |
|
| |\ \ \ \ \
| |/ / / /
|/| | | | |
nixos/filesystems: make supportedFilesystems an attrset
|
| | |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
this lets us *dis*able filesystem explicitly, as is required by e.g. the
zfs-less installer images. currently that specifically is only easily
possible by adding an overlay that stubs out `zfs`, with the obvious
side-effect of also removing tooling that could run without the kernel
module loaded.
|
| |\ \ \ \
| |_|_|/
|/| | | |
nixos/oci-containers: don't login if image exists locally
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: budimanjojo <budimanjojo@gmail.com>
|
| |\ \ \ \
| | | | |
| | | | | |
NixOS: Add support for CDI
|
| | | | | | |
|
| | | |/ /
| |/| | |
|
| | |_|/
|/| |
| | |
| | |
| | |
| | |
| | |
| | | |
Previously we were doing some parts like activation in the init script,
so linking to that works for non-systemd init
With boot.initrd.systemd.enable we no longer run activation in the init script,
but instead a new script named prepare-root, which is used instead.
|
| |/ / |
|
| |\ \
| |/
|/| |
nixos/docker: warn about changing storageDriver and remove `devicemapper` value
|
| | |
| |
| |
| |
| |
| | |
Add warning to the documentation of
`virtualisation.docker.storageDriver` that changing will cause any
existing containers and images to become inaccessible.
|
| |\ \
| | |
| | | |
doc: expand on parameters passed to QEMU VMs
|
| | | | |
|
| | | | |
|
| |\ \ \
| | | |
| | | | |
nixos/oci-containers: stop container using backend
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Make systemd actually call `podman stop` when stopping a container unit.
Fixes #249332
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
I am actively working on bringing back Amazon Images for 24.05.
Please track progress in https://github.com/nixos/amis
|
| |\ \ \ \ |
|
| | | |/ /
| |/| | |
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This change replaces the previously hard-coded `/boot` path with a
reference to `efiSysMountPoint` and more importantly this change makes
it possible to override these rules in scenarios in which they are not
desired.
One such scenario would be when `systemd-gpt-auto-generator(8)` is used
to automount the ESP. Consider this section from the mentioned manpage:
> The ESP is mounted to /boot/ if that directory exists and is not used
> for XBOOTLDR, and otherwise to /efi/. Same as for /boot/, an automount
> unit is used. The mount point will be created if necessary.
Prior to this change, the ESP would be automounted under `/efi` on first
boot, then the previous tmpfiles rules caused `/boot` to be created.
Following the quote above, this meant that the ESP is mounted under
`/boot` for each subsequent boot.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Incus needs to find zvol_id for some operations, but zfs does not put
this executable in the bin directory. Exposing lib/udev into the Incus
path solves discovery of the executable
https://github.com/lxc/incus/blob/e5690705e842d3961d8a1d18c0ec002c25345af8/internal/server/storage/drivers/driver_zfs_volumes.go#L1820C1-L1820C41
|
| |\ \ \ |
|
| | | | | |
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This was done by generating a truly hilarious configuration:
rg 'services\.[^.]+\.enable\t' opts-tags | cut -f1 > allonconfig.nix
The following were not tested due to other evaluation errors. They
should probably be manually audited.
services.amule
services.castopod
services.ceph
services.chatgpt-retrieval-plugin
services.clamsmtp
services.clight
services.dante
services.dex
services.discourse
services.dwm-status
services.engelsystem
services.foundationdb
services.frigate
services.frp
services.grocy
services.guacamole-client
services.hedgedoc
services.home-assistant
services.honk
services.imaginary
services.jitsi-meet
services.kerberos_server
services.limesurvey
services.mastodon
services.mediawiki
services.mobilizon
services.moodle
services.mosquitto
services.nextcloud
services.nullmailer
services.patroni
services.pfix-srsd
services.pgpkeyserver-lite
services.postfixadmin
services.roundcube
services.schleuder
services.self-deploy
services.slskd
services.spacecookie
services.statsd
services.step-ca
services.sympa
services.tsmBackup
services.vdirsyncer
services.vikunja
services.yandex-disk
services.zabbixWeb
|
| |\ \ \ \
| | | | |
| | | | | |
incus, lxd: ensure lxd->incus migration is supported and tested
|
| | | | | | |
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Add an option allowing packages containing out-of-tree vhost-user drivers for
QEMU to be specified. The relevant configurations are then linked at runtime
where libvirt expects them.
An example use case for this is virtiofs.
|
| |\ \ \ \ \
| |/ / / /
|/| | | | |
nixos/lxd: convert cfg.package and company to mkPackageOption
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Also fixes the documentation of `virtualisation.lxd.ui.package`, which currently says the package is `pkgs.ui`
|
| | | | | | |
|