| Commit message (Collapse) | Author | Age |
|\
| |
| | |
nixos/shells-environment: Make ~/bin/ in $PATH optional
|
| | |
|
|\ \
| | |
| | | |
ec2-utils: init at 0.5.1, include in amazon-image profile
|
| | |
| | |
| | |
| | | |
This sets up device mappings like /dev/xvda -> /dev/nvme0n1
|
|\ \ \
| | | |
| | | | |
nixos/trickster: init
|
| | | | |
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | | |
nixos/gnupg: add dbus dependencies for gnome3 pinentry
|
| | | | | |
|
|\ \ \ \ \
| | | | | |
| | | | | | |
treewide: Switch to system users
|
| | | | | | |
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
nexus: 3.18.1-01 -> 3.19.1-01
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Relevant release notes:
* https://help.sonatype.com/repomanager3/release-notes/2019-release-notes#id-2019ReleaseNotes-RepositoryManager3.19.1
* https://help.sonatype.com/repomanager3/release-notes/2019-release-notes#id-2019ReleaseNotes-RepositoryManager3.19.0
Also added `preferLocalBuild = true;` to prevent builds on remote
machines as this only means elevated network access (tarball is fetched
locally and uploaded to the builder) and the build is fairly trivial.
To fix the startup I had to add the JVM parameter `java.endorsed.dirs`
to ensure that all libraries are loaded properly[1].
[1] https://issues.sonatype.org/browse/NEXUS-21603
|
|\ \ \ \ \ \ \
| |_|_|/ / / /
|/| | | | | | |
nixos/geoclue: minor cleanups
|
| | | | | | | |
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
- spawn the geoclue-agent directly instead of running it via bash
- document why we cannot use DynamicUser = true
- have systemd create the home directory instead of using an explicit
tmpfiles.d fragment
|
|\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
ec2-amis.nix: add 19.09 amis
|
| | |/ / / / /
| |/| | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
replace /home/deploy -> $HOME to allow running the script from outside
the bastion.
|
|\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
trezor-udev-rules: init at unstable-2019-07-17
|
| | | | | | | | |
|
|\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
nixos/orangefs: init at 2.9.7, add modules and test
|
| | | | | | | | | |
|
| | | | | | | | | |
|
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
mode
Upstream Pulseaudio has always stated that system-wide is not
recommended and comes with a number of usability and security drawbacks.
|
| | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | | |
nixos/acme: Custom ACME endpoint
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
The recent custom endpoint addition allows us to directly point
certbot to the custom Pebble directory endpoint.
Thanks to that, we can ditch the Pebble patch we were using so far;
making this test maintenance easier.
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Add a new option permitting to point certbot to an ACME Directory
Resource URI other than Let's Encrypt production/staging one.
In the meantime, we are deprecating the now useless Let's Encrypt
production flag.
|
|\ \ \ \ \ \ \ \ \ \
| |/ / / / / / / / /
|/| | | | | | | | | |
nixos/gnupg: fix pinentry in sway (fix a typo in 3c39093c0d1)
|
| | | | | | | | | | |
|
| | | | | | | | | | |
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
to be inline with the Nixpkgs manual. This makes navigating to
particular sections easier.
|
| | | | | | | | | | |
|
|/ / / / / / / / /
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
to reduce the amount of information presented.
|
|\ \ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | | |
Matomo (module, package) updates
|
| | | | | | | | | | |
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Fixes the phpfpm deprecation warnings about listen and extraConfig by
using fpm.socket and settings. Removes phpfpmProcessManagerConfig.
|
|\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | | |
go-shadowsocks2: init at 0.0.11
|
| | | | | | | | | | | |
|
| | | | | | | | | | | |
|
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
* lm_sensors: add fancontrol module + nixos test
fancontrol is a small script that checks temperature sensors and adapts
fan speeds accordingly. It reads a text config file that can be
auto-generated by running the pwmconfig wizard on the live system.
|
| |_|_|/ / / / / / /
|/| | | | | | | | | |
|
| |_|_|/ / / / / /
|/| | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
`LinkLocalAddressing`
Both options were introduced in systemd v243[1]. Those options can be
used to ensure that LinkLocalAddressing is only configured for a given
interface if DHCPv4 fails. To quote `systemd.network(5)`:
```
If "fallback" or "ipv4-fallback" is specified, then an IPv4
link-local address is configured only when DHCPv4 fails. If "fallback", an IPv6 link-local
address is always configured, and if "ipv4-fallback", the address is not configured. Note
that, the fallback mechanism works only when DHCPv4 client is enabled, that is, it requires
"DHCP=yes" or "DHCP=ipv4".
```
[1] https://github.com/systemd/systemd/commit/8bc17bb3f707c99b6c9ad295563c92b38141a1f4
|
| | | | | | | | | |
|
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Also, remove the old and unused PermissionsStartOnly definition in the
gitlab-workhorse systemd service.
|
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Default behavior is to continue executing the script even when one or
multiple steps fail. We want to abort early if any part of the
initialization fails to not run with a partially initialized state.
Default behavior also allows dereferencing non-existent variables,
potentially resulting in hard-to-find bugs.
|
|\ \ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | | |
nixos/zfs: add autoReplication to module list
|
| | | | | | | | | | |
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
fixes #72067
|
|\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | | |
Znapzend improvements
|