gador/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
662,422 Commits 9 Branches 0 Tags
79686f97371ba217e9ddfc1a9cd386eceb51f881
Commit Graph

32043 Commits

Author SHA1 Message Date
Emily
477c3c6d5e Merge pull request #307962 from jpds/restic-snapshot-list-only-latest 
nixos/restic: Use cat config in pre-start repo initialization check
 2024-07-24 17:13:38 +02:00
Masum Reza
81cb83b07f Merge pull request #290008 from eum3l/add-opengfw 
opengfw: init at 0.4.0 (+NixOS module)
 2024-07-24 20:39:41 +05:30
Bobby Rong
3a422267eb Merge pull request #329199 from bobby285271/upd/cinnamon-by-name 
Move all packages out of cinnamon scope
 2024-07-24 22:04:34 +08:00
Peder Bergebakken Sundt
24899eea99 Merge pull request #327184 from bhankas/goatcounter 
nixos/goatcounter: init
 2024-07-24 15:38:27 +02:00
eum3l
86ae0fca93 nixos/opengfw: init 2024-07-24 15:11:23 +02:00
github-actions[bot]
8402add1f4 Merge master into staging-next 2024-07-24 12:01:12 +00:00
Silvan Mosberger
473e469d5a Merge pull request #328381 from tie/map-attrs-flatten 2024-07-24 13:32:34 +02:00
Yaya
feeb53a430 nixos/gitlab: Replace git package with bundled git 
This commit switches gitaly's git package from `pkgs.git` to the bundled
`git` package in order to maintain compatibility with the supported git
release by gitaly.
 2024-07-24 10:51:55 +02:00
TheRealGramdalf
d66d94b37b nixos/caddy: fix group option description (#328034) 2024-07-24 16:40:07 +08:00
Sven Slootweg
51a72a8271 nixos/caddy: fix module docs for new root syntax (#328444) 
Old syntax no longer works; `root` now takes two arguments. Updated example in module documentation to reflect this.
 2024-07-24 16:38:48 +08:00
Dominique Martinet
7c448e8d44 nixos/cryptpad: harden service 
cryptpad is not directly exposed to the network, but has plenty that can
be hardened more properly, so fix that.
 2024-07-24 16:17:32 +09:00
Dominique Martinet
b846e8762f nixos/cryptpad: init 
This is a full rewrite independent of the previously removed cryptpad
module, managing cryptpad's config in RFC0042 along with a shiny test.

Upstream cryptpad provides two nginx configs, with many optimizations
and complex settings; this uses the easier variant for now but
improvements (e.g. serving blocks and js files directly through nginx)
should be possible with a bit of work and care about http headers.

the /checkup page of cryptpad passes all tests except HSTS, we don't
seem to have any nginx config with HSTS enabled in nixpkgs so leave this
as is for now.

Co-authored-by: Pol Dellaiera <pol.dellaiera@protonmail.com>
Co-authored-by: Michael Smith <shmitty@protonmail.com>
 2024-07-24 16:17:26 +09:00
Vladimír Čunát
cd346565bb Merge branch 'master' into staging-next 2024-07-24 07:19:19 +02:00
Payas Relekar
aebb3d3474 nixos/goatcounter: init 2024-07-24 10:17:44 +05:30
Masum Reza
13da3c09fb Merge pull request #327499 from max-privatevoid/pam-kanidm-package-option 
nixos/pam: use Kanidm's package option
 2024-07-24 09:24:09 +05:30
Franz Pletz
b865ea167d Merge pull request #321644 from pedorich-n/netdata-146 2024-07-23 23:23:30 +02:00
Franz Pletz
e6ae50bb83 Merge pull request #327986 from 7596ff/7596ff/airsonic-context-path 2024-07-23 23:15:27 +02:00
Franz Pletz
f1f5d9433b Merge pull request #329014 from n8henrie/n8henrie-espanso-maintainer 2024-07-23 23:14:53 +02:00
Kiskae
bfeb6e74cf nixos/nvidia: default open for version 560+ 2024-07-23 22:41:30 +02:00
Jan Tojnar
3178439a4e Merge pull request #282317 from dawidd6/gdm-autologin-unlocks-keyring 
nixos/gdm: autologin unlocks keyring when possible
 2024-07-23 21:04:35 +02:00
Bobby Rong
d2ec434026 nixos/cinnamon: Fix excludePackages example 
We don't ship blueberry and blueberry is in top-level.
 2024-07-23 22:12:42 +08:00
Bobby Rong
22b54a6e7f cinnamon-gsettings-overrides: Move from cinnamon scope to top-level 2024-07-23 22:12:42 +08:00
Bobby Rong
ab6606dfb8 cinnamon-screensaver: Move from cinnamon scope to top-level 2024-07-23 22:12:42 +08:00
Bobby Rong
d1a7acfc47 cinnamon-common: Move from cinnamon scope to top-level 2024-07-23 22:12:41 +08:00
Bobby Rong
6fd4a53e3e cinnamon-control-center: Move from cinnamon scope to top-level 2024-07-23 22:12:41 +08:00
Bobby Rong
bf4ffb38d0 cinnamon-session: Move from cinnamon scope to top-level 2024-07-23 22:12:41 +08:00
Bobby Rong
f3d0454e4a nemo-with-extensions: Move from cinnamon scope to top-level 2024-07-23 22:12:40 +08:00
Bobby Rong
925db507a8 nemo: Move from cinnamon scope to top-level 2024-07-23 22:00:19 +08:00
Bobby Rong
e5373c3e6c cinnamon-settings-daemon: Move from cinnamon scope to top-level 2024-07-23 22:00:18 +08:00
Bobby Rong
e8fd435f36 cinnamon-translations: Move from cinnamon scope to top-level 2024-07-23 22:00:18 +08:00
Bobby Rong
6f102799e7 cinnamon-menus: Move from cinnamon scope to top-level 2024-07-23 22:00:18 +08:00
Bobby Rong
3fba5befb1 cinnamon-desktop: Move from cinnamon scope to top-level 2024-07-23 22:00:18 +08:00
Franz Pletz
38953c157e Merge pull request #326369 from getchoo/nixos/nvidia/modesetting 2024-07-23 14:16:56 +02:00
github-actions[bot]
d284ef371e Merge master into staging-next 2024-07-23 12:01:18 +00:00
Gavin John
f73ef07680 nixos/immersed-vr: init module 2024-07-23 10:07:35 +01:00
Florian
a161b380a9 Merge pull request #328205 from litchipi/ifm 
ifm: init at 4.0.2
 2024-07-23 09:35:56 +02:00
Dawid Dziurla
097b63d424 nixos/gdm: autologin unlocks keyring when possible 2024-07-23 09:34:19 +02:00
Litchi Pi
0fb7268b9b Init IFM service at version 4.0.2 
Signed-off-by: Litchi Pi <litchi.pi@proton.me>
 2024-07-23 08:44:50 +02:00
github-actions[bot]
09a27d5bc1 Merge master into staging-next 2024-07-23 00:02:18 +00:00
Franz Pletz
b12aaa9f9b Merge pull request #316139 from Luflosi/bind-service-wait-for-ready-status 2024-07-23 00:19:53 +02:00
Pol Dellaiera
771c4624ed Merge pull request #328713 from mweinelt/ollama-sandbox-issue 
nixos/ollama: replace flawed sandboxing option
 2024-07-22 22:21:16 +02:00
Artturin
60e9cffe2c Merge branch 'master' into staging-next 2024-07-22 22:53:31 +03:00
nikstur
be0df72dfa Merge pull request #328926 from nikstur/sysusers-only-for-sysusers 
Sysusers only for sysusers
 2024-07-22 20:55:58 +02:00
Bruno BELANYI
87a80cdaf9 Merge pull request #329112 from ambroisie/tandoor-module 
nixos/tandoor-recipes: revert 'GUNICORN_MEDIA=1'
 2024-07-22 15:48:52 +01:00
Jonas Heinrich
4edef1362f sane-backends: configure and use lock dir 2024-07-22 16:46:30 +02:00
Bobby Rong
3e9b9159cb Merge pull request #327144 from bobby285271/upd/cinnamon-xapps-by-name 
Move various packages out of cinnamon scope
 2024-07-22 21:33:16 +08:00
Martin Weinelt
fe58e8856f nixos/ollama: make host example dualstack wildcard 
Binding to IPv6 wildcard generally binds dual-stack, which is also a
better example because the way to specify it is not always very clear.
 2024-07-22 14:51:40 +02:00
Martin Weinelt
12897b37a8 nixos/ollama: harden systemd unit 
Tested with CPU and CUDA acceleration. Researched for ROCm, but I have no
compatible card to test it with.
 2024-07-22 14:51:40 +02:00
Martin Weinelt
be7bce879f nixos/ollama: remove writablePaths option 
Making the models directory always writable is much simpler, than having
to watch out for an option to facilitate that.
 2024-07-22 14:51:39 +02:00
Martin Weinelt
809ea5c6bd nixos/ollama: replace flawed sandboxing option 
The ollama module in its default configuration relies on systemd's
`DynamicUser=` feature for user allocation. In #305076 that allocation
was made conditional and tied to the `sandboxing` option, that was
intended to fix access to model directories outside the allocated state
directory.

However, by disabling sandboxing ollama would inadvertently run as root,
given that `User=` and `Group=` are not required to be set.

The correct way to grant access to other paths is to allocate static
user and group, and grant permissions to the destination path to that
allocation.

We therefore replace the sandboxing option user and group options, that
default to `null`, which means they default to `DynamicUser=`, but can
be replaced with a statically allocated user/group, and thereby a stable
uid/gid.

Fixes: 552eb759 ("nixos/ollama: add options to bypass sandboxing")
 2024-07-22 14:51:39 +02:00