| Age | Commit message (Collapse) | Author |
|---|
|
waagent's extension `Microsoft.OSTCExtensions.VMAccessForLinux` requires Python, otherwise it would be failed to install with the following error message in `/var/log/waagent.log`:
```
No Python interpreter found on the box
```
waagent's extension `Microsoft.CPlat.Core.RunCommandLinux` needs lsof, otherwise it would produce the following error message in `/var/log/waagent.log`:
```
/var/lib/waagent/Microsoft.Azure.Extensions.CustomScript-2.1.10/bin/custom-script-shim: line 60: lsof: command not found
```
|
|
This change enables CUDA support by allowing access to /dev/nvidia0.
|
|
netdata: 1.43.0 -> 1.43.2 and add systemd-journal plugin
|
|
nixos/initrd-ssh: Only warn about shell when using systemd initrd
|
|
Previously the module was only dynamically loaded on service startup,
this is needed in case security.lockKernelModules is enabled.
|
|
|
|
|
|
|
|
|
|
nixos/hardware: use mkEnableOption
|
|
While this can be added via `services.journald.extraConfig`, this option
provides proper type-checking and other modules can determine
where journal data is stored. This is relevant when using e.g. promtail
to send logs to Loki and it should read from `/run/log/journal` if
volatile storage is used.
|
|
fixes https://www.shellcheck.net/wiki/SC2002
Signed-off-by: Florian Brandes <florian.brandes@posteo.de>
|
|
|
|
nixos/restic: fix #264696 and add a regression test
|
|
|
|
|
|
zwave-js: module init, zwave-js-server: init at 1.33.0
|
|
Adds a postResumeCommands option to the initramfs to allow inserting
code to execute after the device has attempted to resume, and before
filesystems are mounted. This allows to inject code for operations like
wiping the rootfs on boot; if those were instead put in
postDeviceCommands, on a hibernated device, they would execute before
the device resumes from hibernation.
|
|
`environment.variables` gets sourced by shells & the x11 wrapper
through bash's `/etc/profile`, but not by systemd services, dbus
services, wayland sessions...
`environment.sessionVariables` sets these variables with PAM early in
the login process so it gets applied in all contexts.
I ran into a similar issue before in #109060.
|
|
upstream is in the process of renaming to `hickory-dns`.
a consequence of this is that the main binary has been renamed from
`trust-dns` to `hickory-dns` and the repository has been moved (though
for the time being the old repo is still usable on account that it
redirects to the new one).
see: <https://bluejekyll.github.io/blog/posts/announcing-hickory-dns/>
|
|
Modules built in to the kernel can attempt to load firmware before
init is started. To guarantee the firmware is accessible to them
where they expect, /lib has to exist in the initramfs — it can't be
created later by init, because by that point the module may already
have tried and given up.
|
|
The virtualisation.directBoot.initrd option was added for netboot
images, but the assertion to check directBoot enabled if it was used
caused an infinite recursion if it was. Minimal reproduction:
import nixos/tests/make-test-python.nix ({ pkgs, ... }: {
name = "";
nodes = {
machine = { config, ...}: {
imports = [ nixos/modules/installer/netboot/netboot-minimal.nix ];
virtualisation.directBoot = {
enable = true;
initrd = "${config.system.build.netbootRamdisk}/${config.system.boot.loader.initrdFile}";
};
};
};
testScript = "";
}) {}
The fix is to swap the two conditions, so that cfg.directBoot.enable
is checked first, and the initrd comparision will be short circuited.
This wasn't noticed during review because in earlier versions of the
virtualisation.directBoot patch, the assertion was accidentally in the
conditional above, so wasn't evaluated unless port forwarding was in
use.
|
|
|
|
tomfitzhenry/hostapd-optional-managementframeprotection
nixos/hostapd: remove managementFrameProtection in favour of clearer default
|
|
* leaving PrivateUsers=true appears to break when using zfs-2.2.0
|
|
|
|
nixos/matrix-sliding-sync: add dependency on matrix-synapse if running locally
|
|
nixos/virtualisation: add hostname option to oci-containers.
|
|
|
|
|
|
This is useful to configure services dependent on matrix-synapse regardless
of whether workers are enabled or not.
|
|
|
|
locally and restart
|
|
|
|
This makes the generated sudoers a touch easier to read.
|
|
|
|
prosody: remove deprecated libevent
|
|
|
|
The PAM service `greetd` creates now autostarts GNOME Keyring when it is
enabled via `services.gnome.gnome-keyring.enable`.
Should cause a lot fewer headaches for people like me who didn't know
why GNOME Keyring was complaining that it was never supplied with login details.
Fixes #246197
|
|
Revert "nixos/sway: add enableRealtime option"
|
|
nixos/plasma5: fix mismatch between nix and module system
|
|
In https://github.com/NixOS/nixpkgs/pull/254071, a mismatch between usage of
the Nix language and the NixOS module system was introduced. By merging the
kwin_wayland wrapper attrset into the mkIf representation, the former was
effectively ignored.
As a result, the capability wrapper for kwin_wayland stopped being installed,
leading to realtime scheduling being disabled. The issue was not detected
because the behavioral change is very subtle.
By consistently using language-level constructs, this mismatch is resolved.
The capability wrapper is thus installed again and realtime scheduling is
restored.
|
|
freshrss: 1.21.0 -> 1.22.1
|
|
nixos/throttled: load required kernel module
|
|
|
|
Was missed in #261474
|
|
nixos/incus: init module and tests
|
|
nixos/x11: move extraLayouts into xkb attrset
|
|
nixos/sudo: fix `security.sudo.package`
|
|
|
