Unverified Commit 7fe538fb authored by nixpkgs-ci[bot]'s avatar nixpkgs-ci[bot] Committed by GitHub
Browse files

Merge master into staging-next

parents 33a3fc81 0fae44bd

ci/github-script/bot.js

+0 −12
Original line number Diff line number Diff line
@@ -145,22 +145,10 @@ module.exports = async ({ github, context, core, dry }) => { 


    // This API request is important for the merge-conflict label, because it triggers the

    // creation of a new test merge commit. This is needed to actually determine the state of a PR.

    //

    // NOTE (2025-12-15): Temporarily skipping mergeability checks here

    // on GitHub’s request to measure the impact of the resulting ref

    // writes on their internal metrics; merge conflicts resulting from

    // changes to target branches will not have labels applied for the

    // duration. The label should still be updated on pushes.

    //

    // TODO: Restore mergeability checks in some form after a few days

    // or when we hear back from GitHub.

    const pull_request = (

      await github.rest.pulls.get({

        ...context.repo,

        pull_number,

        // Undocumented parameter (as of 2025-12-15), added by GitHub

        // for us; stability unclear.

        skip_mergeability_checks: true,

      })

    ).data

nixos/lib/testing/network.nix

+5 −11
Original line number Diff line number Diff line
@@ -32,14 +32,8 @@ let 
    let

      qemu-common = import ../qemu-common.nix { inherit (pkgs) lib stdenv; };



      # Convert legacy VLANs to named interfaces and merge with explicit interfaces.

      vlansNumbered = forEach (zipLists config.virtualisation.vlans (range 1 255)) (v: {

        name = "eth${toString v.snd}";

        vlan = v.fst;

        assignIP = true;

      });

      explicitInterfaces = lib.mapAttrsToList (n: v: v // { name = n; }) config.virtualisation.interfaces;

      interfaces = vlansNumbered ++ explicitInterfaces;

      interfaces = lib.attrValues config.virtualisation.allInterfaces;



      interfacesNumbered = zipLists interfaces (range 1 255);



      # Automatically assign IP addresses to requested interfaces.
@@ -67,10 +61,10 @@ let 
          { fst, snd }: qemu-common.qemuNICFlags snd fst.vlan config.virtualisation.test.nodeNumber

        )

      );

      udevRules = forEach interfacesNumbered (

        { fst, snd }:

      udevRules = forEach interfaces (

        interface:

        # MAC Addresses for QEMU network devices are lowercase, and udev string comparison is case-sensitive.

        ''SUBSYSTEM=="net",ACTION=="add",ATTR{address}=="${toLower (qemu-common.qemuNicMac fst.vlan config.virtualisation.test.nodeNumber)}",NAME="${fst.name}"''

        ''SUBSYSTEM=="net",ACTION=="add",ATTR{address}=="${toLower (qemu-common.qemuNicMac interface.vlan config.virtualisation.test.nodeNumber)}",NAME="${interface.name}"''

      );



      networkConfig = {

nixos/modules/security/acme/default.md

+1 −1
Original line number Diff line number Diff line
@@ -377,7 +377,7 @@ systemd-tmpfiles --create 
systemctl start acme-example.com.service

```



## Ensuring dependencies for services that need to be reloaded when a certificate challenges {#module-security-acme-reload-dependencies}

## Ensuring dependencies for services that need to be reloaded when a certificate changes {#module-security-acme-reload-dependencies}



Services that depend on ACME certificates and need to be reloaded can use one of two approaches to reload upon successfull certificate acquisition or renewal:

nixos/modules/services/networking/headscale.nix

+12 −4
Original line number Diff line number Diff line
@@ -19,8 +19,6 @@ let 
  };



  settingsFormat = pkgs.formats.yaml { };

  configFile = settingsFormat.generate "headscale.yaml" cfg.settings;

  cliConfigFile = settingsFormat.generate "headscale.yaml" cliConfig;



  assertRemovedOption = option: message: {

    assertion = !lib.hasAttrByPath option cfg;
@@ -35,6 +33,16 @@ in 


      package = lib.mkPackageOption pkgs "headscale" { };



      configFile = lib.mkOption {

        type = lib.types.path;

        readOnly = true;

        default = settingsFormat.generate "headscale.yaml" cfg.settings;

        defaultText = lib.literalExpression ''(pkgs.formats.yaml { }).generate "headscale.yaml" config.services.headscale.settings'';

        description = ''

          Path to the configuration file of headscale.

        '';

      };



      user = lib.mkOption {

        default = "headscale";

        type = lib.types.str;
@@ -621,7 +629,7 @@ in 
    environment = {

      # Headscale CLI needs a minimal config to be able to locate the unix socket

      # to talk to the server instance.

      etc."headscale/config.yaml".source = cliConfigFile;

      etc."headscale/config.yaml".source = settingsFormat.generate "headscale.yaml" cliConfig;



      systemPackages = [ cfg.package ];

    };
@@ -646,7 +654,7 @@ in 
          export HEADSCALE_DATABASE_POSTGRES_PASS="$(head -n1 ${lib.escapeShellArg cfg.settings.database.postgres.password_file})"

        ''}



        exec ${lib.getExe cfg.package} serve --config ${configFile}

        exec ${lib.getExe cfg.package} serve --config ${cfg.configFile}

      '';



      serviceConfig =

nixos/modules/services/networking/yggdrasil.nix

+1 −2
Original line number Diff line number Diff line
@@ -13,7 +13,6 @@ let 
    bool

    listOf

    str

    attrs

    submodule

    ;

  cfg = config.services.yggdrasil;
@@ -69,7 +68,7 @@ in 


      settings = mkOption {

        type = submodule {

          freeformType = attrs;

          freeformType = (pkgs.formats.json { }).type;

          options = {

            PrivateKeyPath = mkOption {

              type = nullOr path;