| Commit message (Collapse) | Author | Age |
|---|
| | |
|
| |
|
|
|
| |
Fixes https://github.com/NixOS/nixpkgs/issues/83108.
In the future we should make this configurable.
|
| |\
| |
| | |
nixos gerrit module
|
| | |
| |
| |
| |
| | |
Co-authored-by: edef <edef@edef.eu>
Co-authored-by: Florian Klink <flokli@flokli.de>
|
| |\ \
| | |
| | | |
nixos/nextcloud: fix upgrade path from 19.09 to 20.03
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
It's impossible to move two major-versions forward when upgrading
Nextcloud. This is an issue when comming from 19.09 (using Nextcloud 16)
and trying to upgrade to 20.03 (using Nextcloud 18 by default).
This patch implements the measurements discussed in #82056 and #82353 to
improve the update process and to circumvent similar issues in the
future:
* `pkgs.nextcloud` has been removed in favor of versioned attributes
(currently `pkgs.nextcloud17` and `pkgs.nextcloud18`). With that
approach we can safely backport major-releases in the future to
simplify those upgrade-paths and we can select one of the
major-releases as default depending on the configuration (helpful to
decide whether e.g. `pkgs.nextcloud17` or `pkgs.nextcloud18` should be
used on 20.03 and `master` atm).
* If `system.stateVersion` is older than `20.03`, `nextcloud17` will be
used (which is one major-release behind v16 from 19.09). When using a
package older than the latest major-release available (currently v18),
the evaluation will cause a warning which describes the issue and
suggests next steps.
To make those package-selections easier, a new option to define the
package to be used for the service (namely
`services.nextcloud.package`) was introduced.
* If `pkgs.nextcloud` exists (e.g. due to an overlay which was used to
provide more recent Nextcloud versions on older NixOS-releases), an
evaluation error will be thrown by default: this is to make sure that
`services.nextcloud.package` doesn't use an older version by accident
after checking the state-version. If `pkgs.nextcloud` is added
manually, it needs to be declared explicitly in
`services.nextcloud.package`.
* The `nixos/nextcloud`-documentation contains a
"Maintainer information"-chapter which describes how to roll out new
Nextcloud releases and how to deal with old (and probably unsafe)
versions.
Closes #82056
|
| |\ \ \
| | | |
| | | | |
Remove manual service
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Running the manual on a TTY is useless in the graphical ISOs and not
particularly useful in non-graphical ISOs (since you can also run
'nixos-help').
Fixes #83157.
|
| |\ \ \ \
| | | | |
| | | | | |
nixos/mate: use upstream session
|
| | | | | | |
|
| | | | | | |
|
| |\ \ \ \ \
| |_|_|_|/
|/| | | | |
nixos/mysql: fix service so it works with mysql80 package
|
| | | |_|/
| |/| | |
|
| | | | | |
|
| | |_|/
|/| | |
|
| | | | |
|
| |\ \ \
| | | |
| | | | |
nixos/duosec: replace insecure skey option with secure secretKeyFile option
|
| | | | | |
|
| | | | | |
|
| | |/ / |
|
| |\ \ \
| | | |
| | | | |
fail2ban: fix firewall warning
|
| | | | | |
|
| |\ \ \ \
| |/ / /
|/| | | |
kodi: fix lirc support
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
* adapted to the way kodi finds the lircd socket
* added lirc package to build support for lirc
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
While renaming `networking.defaultMailServer` directly to
`services.ssmtp` is shorter and probably clearer, it causes eval errors
due to the second rename (directDelivery -> enable) when using e.g. `lib.mkForce`.
For instance,
``` nix
{ lib, ... }: {
networking.defaultMailServer = {
hostName = "localhost";
directDelivery = lib.mkForce true;
domain = "example.org";
};
}
```
would break with the following (rather confusing) error:
```
error: The option value `services.ssmtp.enable' in `/home/ma27/Projects/nixpkgs/nixos/modules/programs/ssmtp.nix' is not of type `boolean'.
(use '--show-trace' to show detailed location information)
```
|
| |\ \ \ \
| | | | |
| | | | | |
nixos/supplicant: Don't *stop* supplicant on machine resume. Fixes #51582
|
| | | | | | |
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
nixos/fail2ban: add warning if work fail2ban without firewall
|
| | | | | | | |
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
wooting: init wootility, wooting-udev-rules and module
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Signed-off-by: David Wood <david.wood@codeplay.com>
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
* nixos/nixpkgs.nix: Allow just using config in system
This assertion requires system to work properly. We might not have
this in cases where the user just sets config and wants Nixpkgs to
infer system from that. This adds a default for when this happens,
using doubleFromSystem.
* parens
|
| |\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
nixos/netdata: add module package option
|
| | | | | | | | | |
|
| | |_|_|_|_|/ /
|/| | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Because there was absolutely no way of setting this without rewriting
parts of the module otherwise.
|
| | |_|_|/ / /
|/| | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
`$toplevel/system` of a system closure with `x86_64` kernel and `i686` userland should contain "x86_64-linux".
If `$toplevel/system` contains "i686-linux", the closure will be run using `qemu-system-i386`, which is able to run `x86_64` kernel on most Intel CPU, but fails on AMD.
So this fix is for a rare case of `x86_64` kernel + `i686` userland + AMD CPU
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | | |
This is needed when using the overlay from the Nix flake.
|
| | |_|_|/ /
|/| | | | |
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
module
Previously, systemd.network.links was only respected with networkd
enabled, but it's really udev taking care of links, no matter if
networkd is enabled or not.
With our module fixed, there's no need to manually manage the text file
anymore.
This was originally applied in 3d1079a20dafd82fac7ac857e63c91e787f4eaaa,
but was reverted due to 1115959a8d4d73ad73341563dc8bbf52230a281e causing
evaluation errors on hydra.
|
| | |_|/ /
|/| | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
systemd-networkd
This mirrors the behaviour of systemd - It's udev that parses `.link`
files, not `systemd-networkd`.
This was originally applied in 36ef112a477034fc6d1d9170bf1bcda0140a8d1d,
but was reverted due to 1115959a8d4d73ad73341563dc8bbf52230a281e causing
evaluation errors on hydra.
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Martin Baillie <martin@baillie.email>
|
| |\ \ \ \
| | | | |
| | | | | |
nixos/firewall: fix types in reverse path assertion
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Broken by 0f973e273c284a97a8dffeab7d9c0b09a88b7139 in #73533
The type of the checkReversePath option allows "strict" and "loose" as
well as boolean values.
|
| |\ \ \ \ \
| |/ / / /
|/| | | | |
nixos/supybot: switch to python3, enable systemd sandboxing, add option for installing plugins
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Python2 seems to be no longer supported by limnoria upstream.
|
| | | | | | |
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Moving the stateDir is needed in order to use ProtectSystem=strict
systemd option.
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
Iodine: ipv6 support, updates, hardening, nixos test....
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | | |
It should prevent copying the files to a store path
|