Unverified Commit 4cf06515 authored by nixpkgs-ci[bot]'s avatar nixpkgs-ci[bot] Committed by GitHub
Browse files

Merge master into staging-nixos

parents 184ca6e5 eb21d125

nixos/doc/manual/release-notes/rl-2605.section.md

+2 −0
Original line number Diff line number Diff line
@@ -67,6 +67,8 @@ of pulling the upstream container image from Docker Hub. If you want the old beh 


- `services.cgit` before always had the git-http-backend and its "export all" setting enabled, which sidestepped any access control configured in cgit's settings. Now you have to make a decision and either enable or disable `services.cgit.gitHttpBackend.checkExportOkFiles` (or disable the git-http-backend).



- `rocmPackages_6` has been removed. `rocmPackages` has been updated to ROCm 7.x. Out of tree packages may rely on obsolete hipblas APIs or compile time constant warp size and need to be updated.



- The Bash implementation of the `nixos-rebuild` program is removed. All switchable systems now use the Python rewrite. Any prior usage of `system.rebuild.enableNg` must now be removed. If you have any outstanding issues with the new implementation, please open an issue on GitHub.



- `services.desktopManager.gnome` no longer installs the Geary e-mail client since it is not part of the GNOME [core applications](https://apps.gnome.org/) list. Geary's position in the default favorite apps section has been replaced by GNOME Text Editor. To keep it installed, add `programs.geary.enable = true;` to your configuration.

nixos/modules/services/display-managers/ly.nix

+2 −0
Original line number Diff line number Diff line
@@ -45,6 +45,8 @@ let 
    xauth_cmd = lib.optionalString xcfg.enable "${pkgs.xorg.xauth}/bin/xauth";

    x_cmd = lib.optionalString xcfg.enable xserverWrapper;

    setup_cmd = dmcfg.sessionData.wrapper;

    brightness_up_cmd = "${lib.getExe pkgs.brightnessctl} -q -n s +10%";

    brightness_down_cmd = "${lib.getExe pkgs.brightnessctl} -q -n s 10%-";

  };



  finalConfig = defaultConfig // cfg.settings;

nixos/modules/system/boot/resolved.nix

+67 −22
Original line number Diff line number Diff line
@@ -10,11 +10,13 @@ let 
  inherit (utils.systemdUtils.unitOptions) unitOption;



  inherit (lib)

    concatStringsSep

    elem

    isList

    literalExpression

    mkIf

    mkMerge

    mkOption

    mkOptionDefault

    mkOrder

    mkRenamedOptionModule

    mkRemovedOptionModule
@@ -26,7 +28,25 @@ let 


  dnsmasqResolve = config.services.dnsmasq.enable && config.services.dnsmasq.resolveLocalQueries;



  resolvedConf = settingsToSections cfg.settings;

  transformSettings =

    settings:

    lib.mapAttrs (

      key: value:

      # concat lists for options that should result in space-separated values

      if

        elem key [

          "DNS"

          "Domains"

          "FallbackDNS"

        ]

        && isList value

      then

        concatStringsSep " " value

      else

        value

    ) settings;



  resolvedConf = settingsToSections (transformSettings cfg.settings);

in

{

  imports = [
@@ -60,22 +80,56 @@ in 
  options = {

    services.resolved = {

      enable = lib.mkEnableOption "the Systemd DNS resolver daemon (systemd-resolved)";



      settings.Resolve = mkOption {

        description = ''

          Settings option for systemd-resolved.

          See {manpage}`resolved.conf(5)` for all available options.

        '';

        # Remember to keep this in sync to the actual settings at the bottom of the page.

        defaultText = literalExpression ''

          {

            DNS = config.networking.nameservers;

            DNSOverTLS = false;

            DNSSEC = false;

            Domains = config.networking.search;

            LLMNR = true;

          }

        default = { };

        type = types.submodule {

          freeformType = types.attrsOf unitOption;

          options = {

            DNS = mkOption {

              type = unitOption;

              default = config.networking.nameservers;

              defaultText = literalExpression "config.networking.nameservers";

              description = ''

                List of IP addresses to query as recursive DNS resolvers.

              '';

            };



            DNSOverTLS = mkOption {

              type = unitOption;

              default = false;

              description = ''

                Whether to use TLS encryption for DNS queries. Requires

                nameservers that support DNS-over-TLS.

              '';

        type = types.attrsOf unitOption;

            };



            DNSSEC = mkOption {

              type = unitOption;

              default = false;

              description = ''

                Whether to validate DNSSEC for DNS lookups.

              '';

            };



            Domains = mkOption {

              type = unitOption;

              default = config.networking.search;

              defaultText = literalExpression "config.networking.search";

              example = [

                "scope.example.com"

                "example.com"

              ];

              description = ''

                List of search domains used to complete unqualified name lookups.

              '';

            };

          };

        };

      };



    };
@@ -101,15 +155,6 @@ in 
        }

      ];



      # If updating any of these attrs, also update the defaultText above.

      services.resolved.settings.Resolve = {

        DNS = config.networking.nameservers;

        DNSOverTLS = mkOptionDefault false;

        DNSSEC = mkOptionDefault false;

        Domains = mkOptionDefault config.networking.search;

        LLMNR = mkOptionDefault true;

      };



      users.users.systemd-resolve.group = "systemd-resolve";



      # add resolve to nss hosts database if enabled and nscd enabled

nixos/tests/dwl.nix

+3 −0
Original line number Diff line number Diff line
@@ -23,6 +23,9 @@ 
      services.displayManager.defaultSession = lib.mkForce "dwl";



      programs.dwl.enable = true;



      # Need to switch to a different GPU driver than the default one (-vga std) so that dwl works on aarch64-linux

      virtualisation.qemu.options = [ "-vga none -device virtio-gpu-pci" ];

    };



  testScript = ''

pkgs/applications/networking/cluster/terraform-providers/providers.json

+5 −5
Original line number Diff line number Diff line
@@ -110,11 +110,11 @@ 
    "vendorHash": null

  },

  "bpg_proxmox": {

    "hash": "sha256-d0v0a4t0sPkGQ9LGK7p5XZmuZBuBeLcWHBoslFu9Qs8=",

    "hash": "sha256-eRed1lShDIpQRCC/JvqT5uYbDU+mgpMfEPiSQFoV1QA=",

    "homepage": "https://registry.terraform.io/providers/bpg/proxmox",

    "owner": "bpg",

    "repo": "terraform-provider-proxmox",

    "rev": "v0.92.0",

    "rev": "v0.93.0",

    "spdx": "MPL-2.0",

    "vendorHash": "sha256-+UWPbNHoV3TdeMZdY0ZOLBe1/Dej37hHORatC9Kol58="

  },
@@ -1175,13 +1175,13 @@ 
    "vendorHash": "sha256-f3b4NULINH8XworCn46fiz4GmBM31ROdAJy1j4GKkx4="

  },

  "scaleway_scaleway": {

    "hash": "sha256-TekcGTYzpqFUVv0NYRGi71rgMD0okQpMPiPI8869cog=",

    "hash": "sha256-3p/g43WkVI3T2e2xSm/hwzu9aFqivszUtVcPsFSsx1o=",

    "homepage": "https://registry.terraform.io/providers/scaleway/scaleway",

    "owner": "scaleway",

    "repo": "terraform-provider-scaleway",

    "rev": "v2.66.0",

    "rev": "v2.67.1",

    "spdx": "MPL-2.0",

    "vendorHash": "sha256-2uqoiUdU8hVHm8Mc0dkS/qAuqZkhVVTKwf++CobRGtw="

    "vendorHash": "sha256-rT8ScPPnrbUBviiK03U96K5vvVEbcLra3MGSJ8+SYyE="

  },

  "scottwinkler_shell": {

    "hash": "sha256-LTWEdXxi13sC09jh+EFZ6pOi1mzuvgBz5vceIkNE/JY=",