gador/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
874,514 Commits 9 Branches 0 Tags
0e9e2df87d2c6f45f4a46c4f26f53b51abe35b46
Commit Graph

1601 Commits

Author SHA1 Message Date
Felix Singer
d06389e317 nixos/uptime-kuma: Ensure proper permissions for state directory 
Signed-off-by: Felix Singer <felixsinger@posteo.net>
 2025-10-07 15:54:51 +02:00
Felix Singer
7b791e1de7 nixos/uptime-kuma: Enable MountAPIVFS hardening in service config 
This setting is already implied by others, but add it for completeness
as well. For documentation see
https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#MountAPIVFS=

Signed-off-by: Felix Singer <felixsinger@posteo.net>
 2025-10-07 15:54:51 +02:00
Felix Singer
18af20e2b2 nixos/uptime-kuma: Set ProtectControlGroups to strict 
For documentation see
https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#ProtectControlGroups=

Signed-off-by: Felix Singer <felixsinger@posteo.net>
 2025-10-07 15:54:51 +02:00
Felix Singer
606424d609 nixos/uptime-kuma: Set ProtectProc to invisible 
For documentation see
https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#ProtectProc=

Signed-off-by: Felix Singer <felixsinger@posteo.net>
 2025-10-07 15:54:51 +02:00
Felix Singer
749fd94d19 nixos/uptime-kuma: Enable PrivateUsers hardening in service config 
For documentation see
https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#PrivateUsers=

Signed-off-by: Felix Singer <felixsinger@posteo.net>
 2025-10-07 15:54:51 +02:00
Acid Bong
f418365067 maintainers: drop evils 2025-10-05 22:22:45 +03:00
Wolfgang Walther
91a8fee3aa treewide: remove redundant parentheses 
Auto-fixed by nixf-diagnose.
 2025-10-05 10:52:03 +02:00
Wolfgang Walther
c283f32d29 treewide: remove unused with 
Auto-fixed by nixf-diagnose.
 2025-10-05 10:50:41 +02:00
Wolfgang Walther
90e7159c55 treewide: remove unused rec 
Auto-fix by nixf-diagnose.
 2025-10-05 10:49:12 +02:00
xanderio
e3a3b32cc2 nixos/loki: refine option descriptions (#442975) 2025-09-27 12:33:33 +00:00
Dionysis Grigoropoulos
377847e3c8 nixos/prometheus/storagebox: Init module 2025-09-26 20:24:04 +03:00
dish
f4ac3ac7e4 {nixos/,}cockpit: add branding + small fixes (#413033) 2025-09-25 12:59:45 +00:00
jopejoe1
2032412fdb various: use more accurate int types (#445244) 2025-09-22 21:50:55 +00:00
h7x4
a0f9e8c8b9 nixos/statsd: use types.port 2025-09-22 16:47:32 +02:00
h7x4
57c3d1033d nixos/prometheus-exporters/fritzbox: use types.port 2025-09-22 16:32:58 +02:00
h7x4
32a008369e various: prefer ints.between over enum for int ranges 2025-09-22 15:34:47 +02:00
Felix Stupp
ef4b2e4f4b nixos/loki: refine option descriptions 
- on `.enabled` make clear that Grafana Loki is meant
- on `.configuration` link to documentation
- on `.configFile` & `.configuration` make clear that both cannot specified together
 2025-09-14 20:31:31 +02:00
Maximilian Bosch
5f44bfc59b nixos/grafana: document how to enable drilldown when using custom plugins 
IMHO, it's a bit surprising that drilldown doesn't show anything when
using `declarativePlugins` (and thus, the four apps are missing).

Add instructions on how to get these apps back.
 2025-09-14 13:42:22 +02:00
Jon Seager
cfdb1500e3 scrutiny: remove jnsgruk from maintainers 2025-09-10 14:32:15 +01:00
Haylin Moore
cf540f8c98 treewide/nixos: move number typed port options to types.port 2025-09-08 15:27:19 +02:00
andre4ik3
395b411240 nixos/cockpit: add SSH to wsinstance path and issue banner support 2025-09-05 17:57:23 +00:00
dish
2b2ff53811 prometheus-script-exporter: switch to maintained fork (#435767) 2025-09-05 11:57:06 -04:00
Maximilian Bosch
409107d2f5 nixos/grafana: don't set X-XSS-Protection anymore 
Part of #438800.

The OWASP recommentation[1] is:

> The X-XSS-Protection header has been deprecated by modern browsers
> and its use can introduce additional security issues on the client
> side. As such, it is recommended to set the header as X-XSS-Protection: 0
> in order to disable the XSS Auditor, and not allow it to take the default
> behavior of the browser handling the response. Please use
> Content-Security-Policy instead.

Hence, we turn this off, diverging from the upstream defaults here. An
upstream issue has been opened[2].

[1] https://owasp.org/www-project-secure-headers/#x-xss-protection
[2] https://github.com/grafana/grafana/issues/110369
 2025-08-31 15:22:16 +02:00
undefined
5365b3cdd9 gatus: 5.19.0 -> 5.23.2 2025-08-30 05:51:34 +08:00
Sandro
bab1ec5bd3 victoriametrics & vmagent: Make the config check optional (#419908) 2025-08-27 22:25:51 +02:00
dish
970dcca69c treewide: Fix links in module documentation 2025-08-25 12:55:11 -04:00
C4 Patino
4a80d00387 prometheus-script-exporter: switch to maintained fork 2025-08-22 23:47:48 -05:00
Maximilian Bosch
eb6a408547 Merge: nixos/grafana: add prune option to provision.datasources (#431775) 2025-08-22 21:48:35 +02:00
misuzu
4b66d476f3 kminion: 2.2.7 → 2.2.13, init module (#318792) 2025-08-18 19:30:40 +03:00
Sandro
b146c51ce7 vlagent: init at 1.25.0 (#424934) 2025-08-18 01:12:26 +02:00
Christina Sørensen
8373b65856 kminion: format source 
Signed-off-by: Christina Sørensen <ces@fem.gg>
 2025-08-17 14:07:18 +00:00
Jonathan Davies
314b467ac1 nixos/prometheus-exporters: Added kafka exporter 2025-08-17 14:07:13 +00:00
Maximilian Bosch
c7eb566c41 nixos/grafana: add prune option to provision.datasources 
Closes #430532
 2025-08-07 17:03:57 +02:00
Matthias Beyer
2c06381907 nixos/traccar: Rework configuration file creation. (#413653) 2025-08-04 10:26:00 +02:00
Martin Weinelt
56674702b0 nixos/postfix: modernize, cleanup (#416840) 2025-08-02 23:50:59 +02:00
Frédéric Christ
51462b8a68 nixos/traccar: Rework configuration file creation. 
Previously, a flat attribute set was expected. The new implementation
uses nested attribute sets. This is a breaking change.
 2025-08-01 21:25:45 +02:00
Franz Pletz
bec2364ee4 nixos/prometheus.exporters.bitcoin: fix SC2155 (#411022) 2025-07-31 17:18:43 +02:00
Martin Weinelt
7f52135a59 nixos/postfix: fold main and master config into settings attribute 2025-07-28 17:03:08 +02:00
Martin Weinelt
029f408b94 treewide: migrate postfix configurations to service.postfix.config 
The `services.postfix.config` option is a freeform type that represents
settings in `main.cf`. The top-level options on the postfix module were
replaced by these and that is the reason behind this migration.
 2025-07-28 16:42:17 +02:00
Grimmauld
84cbe9dce4 nixos/netdata: remove cgroup accounting enable 
cgroup accounting is enabled by default, and the option is scheduled for removal.
 2025-07-28 11:26:41 +02:00
Ryan Horiguchi
62d7be2954 nixos/netdata: fix module when withSystemdJournal = false 2025-07-27 07:32:56 +02:00
diniamo
5bb944c6f5 nixos/grafana: add openFirewall option 2025-07-25 10:02:17 +02:00
Shawn8901
37deae36ba nixos/vlagent: init 2025-07-24 19:55:02 +02:00
Wolfgang Walther
5a0711127c treewide: run nixfmt 1.0.0 2025-07-24 13:55:40 +02:00
Wolfgang Walther
62fe016519 treewide: run treefmt with mdcr/nixfmt 2025-07-24 13:52:31 +02:00
Wolfgang Walther
6c47e7d5da treewide: fix syntax errors in nix code blocks 
Fixes all code blocks with "nix" language in markdown files for syntax
errors to be able to run nixfmt in the next step.
 2025-07-24 13:52:29 +02:00
Felix Bargfeldt
4c6641db92 nixos/alertmanager-ntfy: improve documentation about topic option (#426956) 2025-07-23 19:35:42 +02:00
Maximilian Bosch
0bb1514207 nixos/alertmanager-ntfy: improve documentation about topic option 
This cannot be left unset, otherwise the evaluation would fail. However,
it should be treated as secret. Update description to reflect that.
 2025-07-23 18:51:19 +02:00
mivorasu
d80ed4cb91 treewide: conform descriptions to the standards 
Co-authored-by: Pol Dellaiera <pol.dellaiera@protonmail.com>
 2025-07-22 23:44:23 +00:00
nixpkgs-ci[bot]
adc74351e2 Merge staging-next into staging 2025-07-04 00:18:19 +00:00