| Commit message (Collapse) | Author | Age |
| |
|
| |
|
|
|
|
|
|
|
|
| |
From @fpletz: Keep poolConfigs option for backwards-compatibility.
The original commit 6b3f5b5a421fe3422e9ef63a3fd690178c36163e was previously
reverted by c7860cae1a4b54f4b54339142472f00f861fa055 but the issues were
resolved.
|
|
|
| |
Fixes #13311
|
|\
| |
| | |
Factorio: 0.13.8 -> 0.13.13, mod support
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Closes #17460
Changed the wrapper derivation to produce a second output containing the sandbox.
Add a launch wrapper to try and locate the sandbox (either in /var/setuid-wrappers or in /nix/store).
This launch wrapper also sheds libredirect.so from LD_PRELOAD as Chromium does not tolerate it.
Does not trigger a Chromium rebuild.
cc @cleverca22 @joachifm @jasom
|
| |
| |
| |
| |
| |
| | |
The nvidia driver module directly sets the services.xserver.drivers
option, while still having nvidia/nvidiaBeta/... etc. in the
videoDrivers option.
|
|\ \
| | |
| | | |
ssh module: ignore exit code when socket activated
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
sshd will at times fail when exiting. When socket activated, this will
leave a number of sshd@ service instances in the failed state, so we
simply ignore the error code if we are running socket activated.
Recommended by upstream:
http://systemd-devel.freedesktop.narkive.com/d0eapMCG/socket-activated-sshd-service-showing-up-as-a-failure-when-the-client-connection-fails
Fixes: #3279
|
|\ \ \
| | | |
| | | | |
Warn for conflict between synaptics and libinput
|
| | | | |
|
| | | |
| | | |
| | | |
| | | | |
See #17487.
|
|\ \ \ \
| | | | |
| | | | | |
zsh: Added HELPDIR variable for interactive shells
|
| | | | |
| | | | |
| | | | |
| | | | | |
distribution specific, and will be useful for using `run-help`
|
|\ \ \ \ \
| | | | | |
| | | | | | |
gitlab: 8.5.12 -> 8.10.3, update module
|
| | | | | | |
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
The name gitlab-runner clashes with a component of Gitlab CI with the
same name and only confuses people. It's now called gitlab-bundle and
a convenience-script gitlab-rake for easier invocation of rake tasks
was added. This was the primary use case of gitlab-runner.
|
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Fixes #14795.
|
| | | | | | |
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
and --no-bootloader
Closes #17236
nix-build -A tests.installer.simple '<nixos/release.nix>' succeeds ✓
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
fix nixos-version --hash when building from git
|
| | | | | | | |
|
| |_|_|_|/ /
|/| | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
The varnish tools (varnishstat, varnishlog, ...) tried to load the VSM
file from a spurious var directory in the Nix store. Fix the default so
the tools "just work" when also keeping services.varnish.stateDir at the
default.
Notes:
- The tools use $localstatedir/$HOSTNAME so I've adapted the default for
stateDir as well to contain hostName.
- Added postStop action to remove the localstatedir. There is no point
in keeping it around when varnish does not run, as it regenerates it
on startup anyway.
Fixes #7495
|
|\ \ \ \ \ \
| |_|/ / / /
|/| | | | | |
offlineimap's module: change UI to syslog
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
The 'syslog' UI "allows better integration with systemd":
http://www.offlineimap.org/doc/Changelog.html#offlineimap-v660-rc2-2015-10-15
|
|\ \ \ \ \ \
| |_|_|_|/ /
|/| | | | | |
grsecurity module: disable EFI runtime services by default
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Enabling EFI runtime services provides a venue for injecting code into
the kernel.
When grsecurity is enabled, we close this by default by disabling access
to EFI runtime services. The upshot of this is that
/sys/firmware/efi/efivars will be unavailable by default (and attempts
to mount it will fail).
This is not strictly a grsecurity related option, it could be made into
a general option, but it seems to be of particular interest to
grsecurity users (for non-grsecurity users, there are other, more
immediate kernel injection attack dangers to contend with anyway).
|
|/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
In light of Emacs packaging improvements such as those mentioned
in #11503, and with the addition of a systemd service (#15807
and #16356), and considering that the wiki page is completely
out of date (#13217), it seems that some documentation is in order.
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Declarative nginx module with ACME support
|
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Adds ::1 as allowed host and turns of access_log for the status page.
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Revert httpConfig its old behaviour and make it mutually exclusive to
the new structured configuration. Adds appendHttpConfig to have the
ability to write custom config in the generated http block.
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|