| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rootston is just a reference compositor so it doesn't make that much
sense to have a module for it. Upstream doesn't really like it as well:
"Rootston will never be intended for downstream packages, it's an
internal thing we use for testing." - SirCmpwn [0]
Removing the package and the module shouldn't cause much problems
because it was marked as broken until
886131c2434dfce5e3c8a3584467ae914b482ce9. If required the package can
still be accessed via wlroots.bin (could be useful for testing
purposes).
[0]: https://github.com/NixOS/nixpkgs/issues/38344#issuecomment-378449256
|
| | |
|
| |\
| |
| | |
dovecot: dovenull user should have its own group.
|
| | |
| |
| |
| |
| |
| |
| | |
Quoting from https://wiki.dovecot.org/UserIds#dovenulluser:
"It should belong to its own private dovenull group where no one else
belongs to..."
|
| |/
|
|
| |
Co-authored-by: Robin Gloster <mail@glob.in>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Nixpkgs' channel currently can't move forward so long as there is a
trace in evaluating the top-level arguments. Which means that it isn't
possible to add a warning message to warn users of future package
removal.
So the only way forward appears to be just removing the alias
altogether.
(cherry picked from commit b4133ebc17c2742a76d912f4f0bf46719bc7800e)
|
| |\
| |
| | |
nixos/munge: do not create unnecessary log dir
|
| | |
| |
| |
| | |
/var/log/munge is not used. All log messages go to syslog
|
| |/
|
|
|
|
| |
"machine.target" doesn't actually exist, it's misspelled version
of "machines.target". However, the "systemd-nspawn@.service"
unit already has a default dependency on "machines.target"
|
| |\
| |
| | |
nixos/tor: better support non-anonymous services
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Tor requires ``SOCKSPort 0`` when non-anonymous hidden services are
enabled. If the configuration doesn't enable Tor client features,
generate a configuration file that explicitly includes this disabling
to allow such non-anonymous hidden services to be created (note that
doing so still requires additional configuration). See #48622.
|
| | |
| |
| |
| |
| | |
NixOS is unable to boot using the RPi bootloader (w/o U-Boot) unless the initrd
is configured.
|
| | | |
|
| | |
| |
| |
| | |
Raspberry Pi Zero
|
| | | |
|
| |\ \
| | |
| | | |
Grafana: secrets outside of the nix store + smtp
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | | |
As mentioned in the code comments themselves, this was only necessary
for 16.09 -> 17.03 and as such is obsolete.
|
| |\ \ \
| | | |
| | | | |
nixos/munin: move from /var/run to /run
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
as using /var/run now emits a warning by systemd's tmpfiles.d.
As /var/run is already a symlink to /run, this can't break anything, and
data does not need to be migrated.
|
| |\ \ \ \
| | | | |
| | | | | |
nixos/tomcat: add aliases sub-option for virtual hosts
|
| | | | | | |
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This was overlooked on a rebase of mine on master, when I didn't realize
that in the time of me writing the znc changes this new option got
introduced.
|
| | | | | |
| | | | |
| | | | |
| | | | | |
This bug was introduced in https://github.com/NixOS/nixpkgs/pull/41467
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Similar to the prometheus.alertmanager.webExternalUrl option, but for
Prometheus itself.
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
nixos/compton: fix corrupt colours with Mesa 18 on AMD
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
On AMD hardware with Mesa 18, compton renders some colours incorrectly
when using the glx backend. This patch sets an environmental variable
for compton so colours are rendered correctly.
Topical bug: <https://bugs.freedesktop.org/show_bug.cgi?id=104597>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
zsh: patch `_setxkbmap` completion script
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Instead of searching `/usr` it should search for the `xkb`,
$XDG_DATA_DIRS will be searched. With this approach we allow compliance
on NixOS and non-NixOS systems to find `symbols` in the `xkb` directory.
The patch has been accepted by upstream, but isn't released yet, so this
is mainly a temporary fix until we can bump ZSH to the next stable version.
The `xserver` module links `/share/X11/xkb` to `/run/current-system` to
make this possible.
The fix can be tested inside the following VM:
```
{
zshtest = {
programs.zsh.enable = true;
users.extraUsers.vm = {
password = "vm";
isNormalUser = true;
};
services.xserver.enable = true;
};
}
```
Fixes #46025
|
| |\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
kvmgt module: add restart on failure
|
| | | | | | | | | |
|
| |\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
nixos/zfs: Hide useless errors when waiting for zpool to be ready
|
| | | | | | | | | | |
|
| | |_|_|/ / / / /
|/| | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
This breaks with networking backends enabled and
also creates large delays on boot when some services depends
on the network target. It is also not really required
because tinc does create those interfaces itself.
fixes #27070
|
| |\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
Openafs security updates
|
| | | | | | | | | | |
|
| | | | | | | | | | |
|
| |\ \ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | | |
nvidia_x11_beta: reinit at 410.57
|
| | | | | | | | | | | |
|
| |\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | | |
nixos/weechat: add setuid wrapper for `screen' to ensure true multiuser capabilities
|
| | | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
capabilities
Previously you either had to set the setuid bit yourself or workaround
`isSystemUser = true` (for a loginable shell) to access the weechat
screen.
`programs.screen` shouldn't do this by default to avoid taking too much
assumptions about the setup, however `services.weechat` explicitly
requires tihs.
See #45728
|
| |\ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | |
| | | | | | | | | | | | |
nixos lircd: fix deletion of lircd socket
|
| | | | | | | | | | | | | |
|
| |\ \ \ \ \ \ \ \ \ \ \ \
| |_|_|_|_|_|_|_|_|_|_|/
|/| | | | | | | | | | | |
postfix: add setgid wrapper for postqueue/postdrop
|
| | | |_|_|/ / / / / / /
| |/| | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
Both postqueue[1] and postdrop[2] implement a subset of administration
task that are supposed to be run unprivileged users
and require the setgid bit to full-fill this task.
[1] http://www.postfix.org/postqueue.1.html
[2] http://www.postfix.org/postdrop.1.html
|
| | | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
* nat/bind/dhcp.service:
Remove. Those services have nothing to do with a link-level service.
* sys-subsystem-net-devices-${if}.device:
Add as BindsTo dependency as this will make hostapd stop when the
device is unplugged.
* network-link-${if}.service:
Add hostapd as dependency for this service via requiredBy clause,
so that the network link is only considered to be established
only after hostapd has started.
* network.target:
Remove this from wantedBy clause as this is already implied from
dependencies stacked above hostapd. And if it's not implied than
starting hostapd is not required for this particular network
configuration.
|
| |\ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | |
| | | | | | | | | | | | |
nixos/znc: More flexible module, cleanups
|
| | | | | | | | | | | | | |
|
| | | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
This option represents the ZNC configuration as a Nix value. It will be
converted to a syntactically valid file. This provides:
- Flexibility: Any ZNC option can be used
- Modularity: These values can be set from any NixOS module and will be
merged correctly
- Overridability: Default values can be overridden
Also done:
Remove unused/unneeded options, mkRemovedOptionModule unfortunately doesn't work
inside submodules (yet). The options userName and modulePackages were never used
to begin with
|