gador/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
887,532 Commits 9 Branches 0 Tags
fa21fb7cd8d51ecf2aaa9ad7e8a0f9b8ca45d092
Commit Graph

1193 Commits

Author SHA1 Message Date
h7x4
39e93806aa Revert "various: replace systemd.services.<name>.{script,preStart} with ExecStart{,Pre}" 2025-10-31 11:03:32 +01:00
Sandro
5b1cba1d4a nixos/doas: add package option (#444629) 2025-10-30 23:16:58 +00:00
Wolfgang Walther
c278e24945 {libtransmission_3,transmission_3{,-gtk,-qt,_noSystemd},torrential}: drop (#456060) 2025-10-30 12:35:21 +00:00
h7x4
23312527af nixos/sssd: migrate to rfc42-style settings (#448955) 2025-10-29 13:37:22 +00:00
Sandro
c32d974077 various: replace systemd.services.<name>.{script,preStart} with ExecStart{,Pre} (#448763) 2025-10-29 12:34:37 +00:00
Marcel
acbeb604ce nixos/sssd: migrate to rfc42-style settings 2025-10-29 09:43:34 +01:00
Emily
8b66d344c9 nixos/apparmor: use valueMeta to check submodule option definedness 2025-10-28 18:14:05 +00:00
Philip Taron
01898764b6 treewide: replace "yes" else "no" usages to lib.boolToYesNo (#442387) 2025-10-28 16:25:46 +00:00
h7x4
36386aa8b8 nixos/soteria: replace systemd script with ExecStart 2025-10-27 18:52:16 +09:00
h7x4
2e9d838795 nixos/rtkit: fix hardening 2025-10-24 14:24:14 +09:00
h7x4
bc715b8c52 nixos/rtkit: harden systemd service (#454127) 2025-10-22 02:05:52 +00:00
Aliaksandr
80f12557f5 treewide: replace "yes" else "no" usages to lib.boolToYesNo 2025-10-21 16:04:34 +03:00
h7x4
96be3f19b4 nixos/rtkit: harden systemd service 2025-10-21 16:59:54 +09:00
h7x4
5252726226 nixos/rngd: remove file, move warning to rename.nix 2025-10-19 21:21:24 +09:00
Sandro
2fa8510fd7 nixos/pam: do not define an empty supportedFilesystems list (#449291) 2025-10-16 22:36:24 +00:00
Scott Stephens
6367bb616b nixos/tpm2: add scottstephens as maintainer 2025-10-14 12:47:57 -04:00
Berk D. Demir
37874d4106 nixos/tpm2: Fix FAPI directory permission setting 
Use `tssUser` option value for FAPI log directory user in
systemd-tmpfiles rules, instead of hardcoding `tss`.

If `security.tpm2.abrmd.enable = false` (default), `tssUser` is root.

Fixes systemd-tmpfiles-resetup error:
  /etc/tmpfiles.d/00-nixos.conf:<ln>: Failed to resolve user 'tss': No such process
 2025-10-12 18:43:53 -07:00
Sandro Jäckel
db80d03091 nixos/pam: do not define an empty supportedFilesystems list 
this shows up in options.boot.supportedFilesystems.definitionsWithLocations and makes debugging harder
 2025-10-07 01:38:49 +02:00
K900
e93c560b79 Merge remote-tracking branch 'origin/master' into staging-next 2025-10-05 12:17:08 +03:00
Wolfgang Walther
91a8fee3aa treewide: remove redundant parentheses 
Auto-fixed by nixf-diagnose.
 2025-10-05 10:52:03 +02:00
Wolfgang Walther
c283f32d29 treewide: remove unused with 
Auto-fixed by nixf-diagnose.
 2025-10-05 10:50:41 +02:00
nixpkgs-ci[bot]
426796a389 Merge master into staging-next 2025-10-04 06:05:10 +00:00
Sandro
6c4f138b35 nixos/ipa: cleanup (#448060) 2025-10-04 02:11:39 +00:00
Marcel
0afff2b7a7 nixos/ipa: cleanup 2025-10-04 03:58:39 +02:00
Robert Schütz
d4257061d6 Merge branch 'master' into staging-next 2025-09-29 09:51:09 -07:00
Aleksana
9d3f5fcfcc dn42-cacert: init at 0-unstable-2016-01-16 (#415051) 2025-09-29 15:12:49 +00:00
nixpkgs-ci[bot]
e11e848c96 Merge master into staging-next 2025-09-25 18:05:56 +00:00
Benjamin Staffin
b558c287b2 nixos/ipa: fix path to ldap.conf (#435054) 2025-09-25 12:54:22 +00:00
nixpkgs-ci[bot]
2bc7207ed4 Merge master into staging-next 2025-09-25 12:07:10 +00:00
Wolfgang Walther
9b54e00268 google-guest-oslogin: 20230831.00 -> 20250821.00; nixos/google_oslogin: run as root (#445029) 2025-09-25 09:59:22 +00:00
nixpkgs-ci[bot]
f08a85f704 Merge master into staging-next 2025-09-22 12:07:05 +00:00
h7x4
4ba3f60b8a various: use mkPackageOption 2025-09-22 02:46:54 +02:00
Michael Daniels
b385068794 nixos/google_oslogin: run as root 
This is needed in order to read the files in /var/google-users.d, as the program
sets the permissions to 750 and the user and group to root.

See: https://github.com/GoogleCloudPlatform/guest-oslogin/blob/20250821.00/src/oslogin_utils.cc#L1337-L1338
 2025-09-21 14:57:04 -04:00
Ryan Horiguchi
78df37f04d nixos/doas: add package option 2025-09-20 14:57:28 +02:00
K900
84f6097a6a audit: remove bash (#444275) 2025-09-19 17:24:10 +03:00
Grimmauld
1a1a196664 nixos/auditd: use service to ensure directory permissions 2025-09-19 11:01:44 +02:00
Grimmauld
8dd99d547d audit: don't install broken audit-rules.service 2025-09-19 11:00:30 +02:00
Philip Taron
f80753ee0f nixos/tpm2, tpm2-tss, tpm2-pytss: improve usability of TPM2 FAPI (#440251) 2025-09-18 22:54:00 +02:00
Scott Stephens
0509fb6f97 nixos/tpm2: use better method for udev trigger 2025-09-18 16:34:32 -04:00
Scott Stephens
95d8873397 nixos/tpm2: add comment describing purpose of script 2025-09-15 17:25:29 -04:00
Scott Stephens
db83ec4e2a nixos/tpm2: add manual entry 2025-09-15 17:25:29 -04:00
Scott Stephens
2b8e3c647e nixos/tpm2: improve module options documentation 2025-09-15 17:25:29 -04:00
Scott Stephens
94976dee91 nixos/tpm2: use redirection instead of cat 
Co-authored-by: Philip Taron <philip.taron@gmail.com>
 2025-09-15 17:25:29 -04:00
Scott Stephens
ddd27d1a4b nixos/tpm2: create directories for FAPI 2025-09-15 14:55:20 -04:00
Scott Stephens
058f41488e nixos/tpm2: start tpm2-abrmd after dev-tpm0.device 
tpm2-abrmd can't start up until /dev/tpm0 has been created and its
udev rules applied. This prevents a failure on startup by waiting
for that to happen.
 2025-09-15 14:55:20 -04:00
Scott Stephens
b293d9917a nixos/tpm2: trigger udev change on tpm devices 
The package changes udev rules. A device change must be triggered
in order for these changes to be picked up, otherwise services
which depend on the configuration will fail.
 2025-09-15 14:55:20 -04:00
Scott Stephens
1d1e46f478 nixos/tpm2: add fapi options section 
This allows a user to generate a fapi-config.json file and links
/etc/tpm2-tss/fapi-config.json to it.
 2025-09-15 14:55:20 -04:00
Scott Stephens
ee7bb85503 nixos/tpm2: add systemd tag to udev rules 
Updating the udev rules to match what is in recent versions of the
suggested rules from the tpm2-tss package. The old rules were based
on an old version of the suggested rules and never updated when
they were updated in subsequent version upgrades.
 2025-09-15 14:55:20 -04:00
nixpkgs-ci[bot]
85b587287b Merge staging-next into staging 2025-09-15 12:07:44 +00:00
Cryolitia PukNgae
43a1f18c34 nixos/pki: change certificateFiles's example to DN42 root cert 
The original example is not a good example, `pkgs.cacert` does not need to appear in `security.pki.certificateFiles`, instead, `certificateFiles` will eventually override the input of pkgs.cacert to build the final `caBundle`. Replacing the example with DN42 will both remind users that we are now packaging DN42's root certificates and eliminate the confusion in the previous example.
 2025-09-13 15:54:39 +08:00