| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|\
| |
| | |
nixos/grub: allow multiple "nodev" devices for mirroredBoots
|
| |
| |
| |
| |
| |
| | |
For UEFI setups, "device" will generally be the special value "nodev"
which represents not running grub-install at all. Using "nodev" for
boot mirrors should therefore be allowed.
|
|\ \
| | |
| | | |
nixos/firejail: allow to pass options to firejail
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | |
| | | |
The output of the man-db command used to generate the caches is
irrelevant and can confuse users, let's hide it.
|
|\ \ \
| | | |
| | | | |
pipewire: 0.3.16 -> 0.3.17
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | | |
| | | |
| | | | |
Otherwise sound.extraConfig has no effect.
|
|\ \ \ \ |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
There was some issues with the fallback to passive mode on 2.3, but on
2.4 adaptive mode is always enabled upstream and thermald will fallback
to passive if necessary.
https://github.com/intel/thermal_daemon/blob/a6e68a65b53a3d7a023c9b45db31ceffbd7e5dfb/data/thermald.service.in#L9
|
|/ / / / |
|
|\ \ \ \
| | | | |
| | | | | |
Set DynamicUser=true for hoogle
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
I've also removed PrivateTmp = true because this is implied by dynamic user.
I've left ProtectHome = true because I believe this is stronger than
ProtectHome = "read-only" which DynamicUser implies.
|
|\ \ \ \ \
| | | | | |
| | | | | | |
nixos/vector: add module
|
| | | | | | |
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
nixos/sane: bump the MaxConnections to a reasonable amount
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Whenever I try to scan from another computer it has to establish >2
connections in order to succeed. With the connections being limited to 1
I can not scan any document.
This is also what other distributions ([Debian], [ArchLinux], …) have
done in one way or another.
[Debian]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850649#5
[ArchLinux]: no limit: https://github.com/archlinux/svntogit-packages/blob/99cba454bb0b69034bc45e97cde4a460bccfef4b/trunk/saned.socket#L4
|
|\ \ \ \ \ \ \ |
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Drop preStart script in favour of systemd StateDirectory parameter.
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
This simplifies testing changes to the tailscale service on a local
machine. You can use this as such:
```nix
let
tailscale_patched = magic {};
in {
services.tailscale = {
enable = true;
package = tailscale_patched;
};
};
```
Signed-off-by: Christine Dodrill <me@christine.website>
|
|\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
nixos/nat: support IPv6 NAT
|
| | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | | |
doas: 6.6.1 -> 6.8
|
| | | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \ \
| |_|_|_|_|_|/ / / /
|/| | | | | | | | | |
Staging next
|
| |\ \ \ \ \ \ \ \ \ |
|
| |\ \ \ \ \ \ \ \ \ \ |
|
| |\ \ \ \ \ \ \ \ \ \ \ |
|
| |\ \ \ \ \ \ \ \ \ \ \ \ |
|
| |\ \ \ \ \ \ \ \ \ \ \ \ \ |
|
| |\ \ \ \ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | |
systemd: switch to unified cgroup hierarchy by default
|
| | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | |
This gets automatically disabled by docker if the docker backend is
used, but the bundled containerd also doesn't seem to support cgroupsv2,
so disable it explicitly here, too.
|
| | | |_|_|_|_|_|_|_|_|_|_|/ /
| | |/| | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | |
See https://www.redhat.com/sysadmin/fedora-31-control-group-v2 for
details on why this is desirable, and how it impacts containers.
Users that need to keep using the old cgroup hierarchy can re-enable it
by setting `systemd.unifiedCgroupHierarchy` to `false`.
Well-known candidates not supporting that hierarchy, like docker and
hidepid=… will disable it automatically.
Fixes #73800
|
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | |
gitlab: 13.6.0 -> 13.6.1
|
| | |_|_|_|/ / / / / / / / / /
| |/| | | | | | | | | | | | | |
|
| |_|_|_|_|_|/ / / / / / / /
|/| | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
These three defaults must exist in the config now, otherwise
`mautrix-telegram` will refuse to start.
|
|\ \ \ \ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | |
nixos/initrd-ssh: set more defensive pemissions on sshd test key
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | |
It looks like the test sshd key can never be used, because of too open
permissions. My guess is that the current test script works fine once
the user defined ssh-key has been copied into initrd.
At "nixos-install" however, the user specified host key is not present
in initrd yet and validation fails.
fixes #91486
|
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \
| |_|_|_|_|_|_|_|_|_|_|_|_|/ /
|/| | | | | | | | | | | | | | |
gogs: 0.11.91 -> 0.12.3
|
| | |_|_|_|_|_|/ / / / / / /
| |/| | | | | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | |
nixos/exwm: allow custom Emacs load script
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | |
Add config option services.xserver.windowManager.exwm.loadScript,
which is passed to Emacs (as the -l option) to load after the user's init file.
|