gador/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
837,090 Commits 9 Branches 0 Tags
8b9723146053ce5b4b067567f679e08098cb1512
Commit Graph

39181 Commits

Author SHA1 Message Date
frantathefranta
8b97231460 nixos/conman: init module 
Adding a service for the conman package

Changes to conman service as per review
 2025-08-13 08:26:35 -04:00
Yt
44759f48d7 nixos/meilisearch: harden (#427768) 2025-07-30 22:08:14 -04:00
Will Fancher
0894e88e99 bcachefs: Fix systemd dependencies (#422961) 2025-07-30 14:20:15 -04:00
nikstur
796b80f340 Improve security.audit{,d} (#429553) 2025-07-30 19:39:09 +02:00
Jhonas Wernery
92b504d2ff nixos/garage: set LimitNOFILE (#429633) 
Upstream uses 42000, see:
https://garagehq.deuxfleurs.fr/documentation/cookbook/systemd/
 2025-07-30 19:55:09 +03:00
Martin Weinelt
cdeff13765 nixos/lasuite-meet: serve admin ui static assets via nginx (#429362) 2025-07-30 17:40:00 +02:00
nikstur
50243c5d78 nixos/auditd: align with upstream 
Remove config that doesn't make senes at all or on NixOS specifically.
 2025-07-30 17:26:09 +02:00
nikstur
774f6ed203 nixos/audit: add proper enable flag 
Align with upstream and also remove unnecessary dependency on bash along
the way.
 2025-07-30 17:26:09 +02:00
Martin Weinelt
db53c11e02 nixos/tlsrpt: configure explicit http_script (#429244) 2025-07-30 15:02:29 +02:00
Franz Pletz
6dccd45677 nixos/nginx: add ssl_ecdh_curve to recommendedTlsSettings, remove ssl_stapling (#428594) 2025-07-30 14:32:38 +02:00
Will Fancher
0a53886700 nixos/{tmpfiles, wrappers}: explicitly set RestrictSUIDSGID false (#426882) 2025-07-30 04:31:21 -04:00
Pol Dellaiera
bb3b2d73e1 private-gpt: drop (#429137) 2025-07-30 09:34:27 +02:00
Pol Dellaiera
80661f912f nixos/private-gpt: drop 2025-07-30 08:20:28 +02:00
Thomas Gerbet
a3a0962f23 sudo: 1.9.17p1 -> 1.9.17p2 
Changes:
https://www.sudo.ws/releases/stable/#1.9.17p2
 2025-07-29 23:24:42 +02:00
Niklas Hambüchen
436a8a1152 umami: init at 2.19.0; nixos/umami: init (#380249) 2025-07-29 16:48:52 +02:00
Diogo Correia
6d61e7b089 nixos/umami: init module 2025-07-29 14:38:02 +00:00
Alexander Sieg
32ca49df92 nixos/lasuite-meet: serve admin ui static assets via nginx 2025-07-29 16:20:44 +02:00
xanderio
a70576d5ce nixos/lasuite-meet: fix preStart script for backend (#425556) 2025-07-29 16:09:19 +02:00
Sandro
781856bcb7 go-httpbin: init at 2.18.3, nixos/go-httpbin: init module (#427717) 2025-07-29 15:48:11 +02:00
Benedikt von Blomberg
4f6691c9ff nixos/ddclient: added assertions for passwordFile and secretsFile 
nix fmt
 2025-07-29 15:17:35 +02:00
Benedikt von Blomberg
38a03fc480 nixos/services.ddclient: make username optional 2025-07-29 15:17:35 +02:00
Benedikt von Blomberg
a1ed19f38d nixos/services.ddclient: add secretsFile option 2025-07-29 15:17:35 +02:00
Will Fancher
fa11c3e9d0 nixos/tests/systemd: Reuse intentional settings, not the entire Manager section 2025-07-29 02:27:30 -04:00
K900
ae766afdc2 nixos/display-managers: tty1 everywhere (#428972) 2025-07-29 07:32:42 +03:00
Martin Weinelt
e030814446 nixos/tlsrpt: configure explicit http_script 
Make sure we get curl into the system, since when the tlsrpt rua is an
HTTP URL we need to be able to deliver to that.
 2025-07-29 06:16:36 +02:00
Martin Weinelt
5dd6d1d43b kea: 2.6.3 -> 3.0.0 (#428872) 2025-07-29 03:51:17 +02:00
Martin Weinelt
66e035f411 kea: 2.6.3 -> 3.0.0 
https://gitlab.isc.org/isc-projects/kea/-/wikis/Release-Notes/release-notes-3.0.0
 2025-07-29 03:43:54 +02:00
Emily
1adf0f56ff nixos/systemd: convert extraConfig to rfc 42 (#426692) 2025-07-28 21:06:12 +01:00
Will Fancher
431a976182 nixos/display-managers: tty1 everywhere 2025-07-28 14:46:39 -04:00
Will Fancher
f8929b7381 nixos/lemurs: TTYVTDisallocate to clear VT 
Otherwise, when on VT1, the systemd status is still visible.
 2025-07-28 14:46:39 -04:00
Will Fancher
878c68dad3 nixos/xserver: Remove tty option 
Note about sddm: The MinimumVT option has been documented as unavailable since v0.20.
 2025-07-28 14:46:39 -04:00
Will Fancher
570ae8423d nixos/autovt: Pull in autovt@tty1 in Nix, not generateUnits 2025-07-28 14:46:39 -04:00
Sandro
fd61c702ff nixos/vaultwarden: Start after network-online.target (#428935) 2025-07-28 19:19:44 +02:00
Martin Weinelt
b438f32b2a nixos/tlsrpt: fix permissions to execute postdrop 
Calling to sendmail without AF_NETLINK causes:

> sendmail: fatal: inet_addr_local[getifaddrs]: getifaddrs: Address family not supported by protocol

and without AF_INET/AF_INET6:

> sendmail: warning: inet_protocols: disabling IPv6 name/address support: Address family not supported by protocol
> sendmail: warning: inet_protocols: disabling IPv4 name/address support: Address family not supported by protocol

Move the configurePostfix option one level up, since it now also
reconfigures the reportd systemd unit.
 2025-07-28 15:06:25 +02:00
Martin Weinelt
c3c5a3bfd0 nixos/tlsrpt: fix restart trigger 
Triggering on a symlink target does not work.
 2025-07-28 15:06:25 +02:00
Martin Weinelt
1f9431801f nixos/tlsrpt: fix default postfix sendmail path 
It is not in the PATH for the reportd, since it is a SUID wrapper.
 2025-07-28 15:06:24 +02:00
Jennifer Graul
1918e3ced1 nixos/peering-manager: fix bgp session poller 
The "--all" flag from poll_bgp_sessions has been removed and is now the
default.
 2025-07-28 13:29:13 +02:00
Jennifer Graul
4c21b28447 nixos/peering-manager: add environmentFile option 2025-07-28 13:29:10 +02:00
Jennifer Graul
6f35ae801e nixos/peering-manager: remove enableOidc option since it is now builtin 2025-07-28 13:19:01 +02:00
Maximilian Bosch
c3da85f1bb Merge: nixos/nextcloud: fix eval (#428709) 2025-07-28 11:37:35 +02:00
Grimmauld
fad6dbb9e6 nixos/systemd: remove enableCgroupAccounting option 2025-07-28 11:26:44 +02:00
Grimmauld
84cbe9dce4 nixos/netdata: remove cgroup accounting enable 
cgroup accounting is enabled by default, and the option is scheduled for removal.
 2025-07-28 11:26:41 +02:00
Grimmauld
231c142766 nixos/systemd: remove obsolete DefaultCPUAccounting option 
This option is made uncondiotional in systemd 258 [1].
Earlier, it defaulted to true on kernels newer than 4.15,
which applies to all supported nixos kernels.
This means removing the option does not change behavior.

[1] 29da53dde3
 2025-07-28 11:26:37 +02:00
Grimmauld
f47b100763 nixos/systemd: remove obsolete DefaultBlockIOAccounting option 
This option is now being ignored by systemd,
so we do not need to explicitly define it.
 2025-07-28 11:26:34 +02:00
Grimmauld
265152f770 nixos/systemd: explicitly set systemd.settings.Manager.Default*Accounting 2025-07-28 11:26:30 +02:00
Grimmauld
9c429f004d nixos/systemd: remove obsolete definition for DefaultLimitCORE 
The limit was introduced in 2016 in 840f3230a2,
and broken iin 2019 in bafc256915. Since then,
it is the exact same as systemd itself sets as default.
 2025-07-28 11:26:27 +02:00
Grimmauld
69e833f187 nixos/systemd: set DefaultLimitCORE in systemd.settings.Manager explicitly 2025-07-28 11:26:24 +02:00
Grimmauld
62acc59148 nixos/systemd: move systemd.watchdog.* to systemd.settings.Manager 2025-07-28 11:26:21 +02:00
Grimmauld
493f1339b0 nixos/systemd: move systemd.watchdog.* to systemd.settings.Manager 2025-07-28 11:26:08 +02:00
Grimmauld
4d3ab0e8d3 nixos/systemd: make systemd.managerEnvironment affect systemd.settings.Manager 2025-07-28 11:24:39 +02:00