movefasta/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-07 11:05:30 +03:00
Code Activity
809875 commits 174 branches 129 tags 10 GiB
Commit graph

38259 commits

Author SHA1 Message Date
bstanderline
d784db18f2 nixos/osquery: set default database_path and logger_path 2025-03-04 09:43:07 +00:00
xanderio
8bc3ee6396
dependency-track: stop bundling frontend in jar (#386408) 2025-03-04 09:39:44 +01:00
Martin Weinelt
5c3df8025f
frigate: 0.14.1 -> 0.15.0 
https://github.com/blakeblackshear/frigate/releases/tag/v0.15.0
 2025-03-04 08:02:02 +01:00
Glib Shpychka
5e2119f033
nixos/wyoming-piper: Remove range validation for numerical options (#384315) 
Remove range validation for numerical options
 2025-03-04 07:43:39 +01:00
Chris Dombroski
63157e34d8 nixos/zwave-js-ui: Add chown to allowed syscalls 
Closes: #379850
 2025-03-03 21:34:09 -05:00
Felix Buehler
63b6df42de nixos/caddy: validate at build-time 2025-03-03 21:33:45 +01:00
Felix Buehler
1ef1bcec09 nixos/caddy: use lib.getExe 2025-03-03 21:33:44 +01:00
Joshua Kobschätzki
3403819b4d netbox_4_2: init 
Co-authored-by: SuperSandro2000 <sandro.jaeckel@gmail.com>
 2025-03-03 21:24:13 +01:00
Sandro Jäckel
7d99d5d3f4
nixos/nvidia: add a read only enabled option 
similar to the one from zfs
 2025-03-03 14:20:15 +01:00
Sefa Eyeoglu
dd82cce766
nixos/tandoor-recipes: fix default user and group creation 
Signed-off-by: Sefa Eyeoglu <contact@scrumplex.net>
 2025-03-03 10:04:50 +01:00
Technosophist
c063a28835 nixos/tlp: fix NetworkManager RDW dispatcher script location (again) 
As a result of #350268, the tlp NetworkManager dispatch script no longer worked.  It creates a broken
link to `/usr/lib/NetworkManager/dispatcher.d/99tlp-rdw-nm`.

This removes the `/usr/` prefix so the script is pointing to the right file.
 2025-03-02 16:54:42 -05:00
r-vdp
4e17c9546f
nixos/sudo-rs: align sudo and sudo-rs config 
Since the latest release, sudo-rs supports all what we need
 2025-03-02 17:42:18 +01:00
Alexander Sieg
8af0a5abfd dependency-track: don't bundle frontend in jar 
Bundling the frontend in the jar is deprecated by upstream and causes
the frontend from being serve after weeks of runtime.
 2025-03-02 16:50:01 +01:00
transcaffeine
0b483037f7
nixos/synapse-auto-compressor: init 2025-03-02 15:59:42 +01:00
Nick Cao
e7348801ed
nixos/dendrite: rename settings.sync_api.search.enable option to settings.sync_api.search.enabled 2025-03-02 09:46:56 -05:00
Maximilian Bosch
6e87867ee3
nixos/postgresql: allow customisations of SystemCallFilter 
Closes #385603

The problem described is that `wal-g` requires syscalls from `@resources`.
However, we don't have support for it in the module now and I don't
think it's reasonable to only support hardening adjustments for things
support by this module. Also, list is a bad datatype here since it
doesn't allow the level of customizations we need.

This is only for the syscall filterset since it's the option that's hard
to customize otherwise. For downstream configs, it's recommended to
adjust the hardening as needed in other cases.

Hence I decided to implement `services.postgresql.systemCallFilter` with
the following semantics:

* `systemCallFilter."~@resources" = true` adds `~@resources` to the
  filterset.

* Setting this to `false` (e.g. in a downstream configuration using
  `wal-g`) removes the entry `~@resources` from the filterset. In this
  case it's sufficient since `@system-service` implies `@resources` and
  the `~@resources` declaration after that discards that.

  I decided to not implement logic about negations in here, but to keep
  it rather simple by only allowing to set/unset entries.

As described in `systemd.exec(5)`, the ordering matters: e.g.
`@system-service` implies `@resources`, but `~@resources` _after_ that
reverts that. By default, the ordering of the keys is as follows:

* syscall groups (starting with `@`) come at first.
* negations of syscall groups (starting with `~@`) come after that.
* anything else at the end.

If further ordering is needed, it can be done like this:

```
{
  services.postgresql.systemCallFilter."~@resources" = {
    enable = true; # whether or not it's part of the final SystemCallFilter
    priority = 23; # ordering priority in the filterset.
  };
}
```

The lower the priority, the higher up the entry will be in the final
filterset.
 2025-03-02 11:20:18 +01:00
โทสฺตัล
28aa290145 nixos/h2o: add access to listen.host 2025-03-02 15:57:09 +07:00
โทสฺตัล
dcee208a31 nixos/h2o: provide a settings example 2025-03-02 15:57:09 +07:00
K900
ed22fbec72
pgscv: init package + module (#386064) 2025-03-02 08:39:56 +03:00
K900
80b437dfa7 nixos/pgscv: init 2025-03-02 08:39:29 +03:00
SamLukeYes
04a0fa83b6
nixos/xonsh: add bash completions support 2025-03-02 12:31:56 +08:00
Jappie3
16cdde8008
nixos/kanidm: add extraJsonFile option to allow provisioning from a json file 2025-03-01 23:12:29 +01:00
happysalada
4fac925299 nixos/cloudflare-dyndns: fix missing home error 2025-03-01 16:03:52 -05:00
Hugo Cartigny (BlueskyFR)
f7548cccda nixos/light: add minBrightness option 
Make the minimum brightness level configurable instead of using an arbitrary value of 0.1.
 2025-03-01 20:33:31 +01:00
Faye Duxovni
87806c913c
nixos/syncthing: prevent enabling overrideFolders and autoAcceptFolders simultaneously (#321872) 
* syncthing: prevent enabling overrideFolders and autoAcceptFolders simultaneously

* Fix href in services.syncthing.overrideFolders default text
 2025-03-01 14:36:50 +01:00
Maximilian Bosch
2cf427c045
Merge: nextcloud31: init at 31.0.0 (#385060) 2025-03-01 13:47:45 +01:00
Kamillaova
a1226737a4
nixos/postfixadmin: use config.services.postgresql.settings.port instead of old ...postgresql.port 2025-03-01 15:09:35 +03:00
Kamillaova
bab7f1e99e
nixos/postfixadmin: add set -o pipefail for postfixadmin-postgres script 2025-03-01 15:09:34 +03:00
Kamillaova
2de264f209
nixos/postfixadmin: refactor 2025-03-01 15:09:13 +03:00
Kamillaova
c0c3fa6a78
nixos/postfixadmin: format with nixfmt-rfc-style 2025-03-01 15:08:14 +03:00
Maximilian Bosch
303bd80713
Merge: nixos/nginx: add locations."name".uwsgiPass option and use it (#346776) 2025-03-01 12:34:20 +01:00
Maximilian Bosch
be4fd8fdf2
nixos/nextcloud: update docs 
* Update related packages for pkg option.
* Add release notes.
 2025-03-01 11:58:54 +01:00
Bruno BELANYI
0c4bc741cf
nixos/radarr,lidarr,readarr,whisparr,prowlarr: add settings option (#384052) 2025-03-01 09:10:11 +00:00
Silvan Mosberger
b602f86829 nixos/users-groups: Catch invalid usernames early 
Prevents running into the problem from the parent commit in the first
place.
 2025-02-28 22:33:55 +01:00
Silvan Mosberger
8181d2a7c1 nixos/user-groups: Don't double-UTF8-encode subUidMapFile 
Because with it only being single-UTF8-decoded, this lead to the file
~doubling in size whenever it contained any non-ascii characters!
 2025-02-28 21:55:12 +01:00
Samuel Dionne-Riel
6ec6eae586
Revert "nixos/grub: generate BLS entries" 2025-02-28 14:30:10 -05:00
Michele Guerini Rocco
6bf084c4ea
nixos/grub: generate BLS entries (#95901) 2025-02-28 15:12:36 +01:00
zowoq
31782c65e2
rasdaemon: 0.8.0 -> 0.8.2 (#369375) 2025-02-28 21:47:15 +10:00
Bruno BELANYI
e44a5f7f21
tandoor_recipes: use static user and group instead of DynamicUser (#382858) 2025-02-28 10:11:21 +00:00
Matei Dibu
f91b6f3581 nixos/rasdaemon: add package option 2025-02-28 11:46:35 +02:00
rnhmjoj
435a72e469
nixos/grub: generate BLS entries 2025-02-28 09:51:20 +01:00
Pol Dellaiera
56e88da108
rebuilderd: init at 0.22.1 (#343334) 2025-02-28 09:14:08 +01:00
Sandro
32d2826f35
nixos/archtika: init at 1.0.1 (#365218) 2025-02-27 23:56:06 +01:00
Sandro
d1c535f62a
nixos/user-groups: add a toggle for user account creation (#358646) 2025-02-27 23:47:20 +01:00
Sandro
511e62f5ec
nixos/soju: add option to overwrite generated configFile (#340583) 2025-02-27 23:34:58 +01:00
Sandro
291fe081dc
netclient: add network-online dependency to get rid of warning (#371276) 2025-02-27 23:28:17 +01:00
Sandro Jäckel
36a3c6c11d
nixos/paperless: move paperless-manage to proper systemPackage 2025-02-27 21:47:35 +01:00
Pol Dellaiera
2c8bdd00fd nixos/rebuilderd: init 2025-02-27 21:18:46 +01:00
Maximilian Bosch
659f9ea390
Merge: nixos/oci-containers: support rootless containers & healthchecks (#368565) 2025-02-27 19:59:34 +01:00
Sandro
fd256f27b0
poppler-utils: rename from poppler_utils (#385503) 2025-02-27 19:35:38 +01:00