Commit graph

1226 commits

Author SHA1 Message Date
gitea-mq[bot]
f1406619a3
Merge c7447821f3 into gitea-mq/batch/8
Some checks are pending
Test / tests (push) Waiting to run
2026-07-04 14:13:09 +00:00
github-actions[bot]
1ebd417177
Merge pull request #964 from Mic92/dependabot/go_modules/golang.org/x/net-0.55.0
Bump golang.org/x/net from 0.52.0 to 0.55.0
2026-07-03 18:49:46 +00:00
dependabot[bot]
b1b7b1839d update vendorHash 2026-07-03 18:46:12 +00:00
dependabot[bot]
9d042d6b22
Bump golang.org/x/net from 0.52.0 to 0.55.0
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.52.0 to 0.55.0.
- [Commits](https://github.com/golang/net/compare/v0.52.0...v0.55.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-version: 0.55.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-07-03 18:44:55 +00:00
Mic92
c7447821f3 [create-pull-request] automated change 2026-06-28 06:46:52 +00:00
github-actions[bot]
56b24064fd
Merge pull request #961 from Mic92/dependabot/github_actions/actions/checkout-7
Bump actions/checkout from 6 to 7
2026-06-22 22:03:25 +00:00
dependabot[bot]
91e08ca055
Bump actions/checkout from 6 to 7
Bumps [actions/checkout](https://github.com/actions/checkout) from 6 to 7.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v6...v7)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-06-22 22:02:12 +00:00
github-actions[bot]
420f8d2e98
Merge pull request #960 from Mic92/dependabot/go_modules/go.mongodb.org/mongo-driver-1.17.7
Bump go.mongodb.org/mongo-driver from 1.13.1 to 1.17.7
2026-06-20 08:21:21 +00:00
dependabot[bot]
77043f5c30 update vendorHash 2026-06-20 08:10:39 +00:00
dependabot[bot]
9122c2cc01
Bump go.mongodb.org/mongo-driver from 1.13.1 to 1.17.7
Bumps [go.mongodb.org/mongo-driver](https://github.com/mongodb/mongo-go-driver) from 1.13.1 to 1.17.7.
- [Release notes](https://github.com/mongodb/mongo-go-driver/releases)
- [Commits](https://github.com/mongodb/mongo-go-driver/compare/v1.13.1...v1.17.7)

---
updated-dependencies:
- dependency-name: go.mongodb.org/mongo-driver
  dependency-version: 1.17.7
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-06-20 08:09:21 +00:00
Jörg Thalheim
9ed65852b6
Merge pull request #936 from r-vdp/systemctl-restart-units
sops-install-secrets: call systemctl directly when run as a systemd unit
2026-06-04 06:29:01 +02:00
r-vdp
81440e3757
sops-install-secrets: call systemctl directly when run as a systemd unit
When useSystemdActivation is enabled, sops-install-secrets.service runs
ordered Before=sysinit-reactivation.target, which switch-to-configuration
restarts *after* it has already consumed /run/nixos/activation-*-list.
Writing to those files from the service therefore does nothing on the
current switch and leaks into the next one.

NixOS 26.05 also deprecates the activation-list mechanism, printing a
warning whenever the files exist, with removal planned for 26.11.

The systemd unit now sets SOPS_RESTART_UNITS_VIA_SYSTEMCTL=1 so the
binary knows to call systemctl directly (try-restart /
try-reload-or-restart, --no-block to avoid deadlocking the sysinit
transaction). INVOCATION_ID cannot be used for this since
switch-to-configuration is almost always invoked from a process tree
rooted in some unit (sshd, getty, systemd-run), so the activation script
inherits it too. The legacy activation-script path keeps writing the
list files for backward compatibility.

Closes #934
2026-06-03 20:11:00 +03:00
github-actions[bot]
c591bf6657
Merge pull request #951 from Mic92/dependabot/go_modules/gopkg.in/ini.v1-1.67.2
Some checks failed
Test / tests (push) Has been cancelled
Bump gopkg.in/ini.v1 from 1.67.1 to 1.67.2
2026-05-05 01:36:12 +00:00
dependabot[bot]
9be8324eae update vendorHash 2026-05-05 01:29:49 +00:00
dependabot[bot]
329f64889c
Bump gopkg.in/ini.v1 from 1.67.1 to 1.67.2
Bumps gopkg.in/ini.v1 from 1.67.1 to 1.67.2.

---
updated-dependencies:
- dependency-name: gopkg.in/ini.v1
  dependency-version: 1.67.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-05-05 01:28:21 +00:00
github-actions[bot]
8eaee5c454
Merge pull request #949 from Mic92/dependabot/go_modules/github.com/Mic92/ssh-to-age-1.3.0
Some checks failed
Test / tests (push) Has been cancelled
Bump github.com/Mic92/ssh-to-age from 0.0.0-20240115094500-460a2109aaf0 to 1.3.0
2026-04-28 01:05:24 +00:00
dependabot[bot]
9841e329a6 update vendorHash 2026-04-28 00:58:54 +00:00
dependabot[bot]
71ea067569
Bump github.com/Mic92/ssh-to-age
Bumps [github.com/Mic92/ssh-to-age](https://github.com/Mic92/ssh-to-age) from 0.0.0-20240115094500-460a2109aaf0 to 1.3.0.
- [Release notes](https://github.com/Mic92/ssh-to-age/releases)
- [Commits](https://github.com/Mic92/ssh-to-age/commits/v1.3.0)

---
updated-dependencies:
- dependency-name: github.com/Mic92/ssh-to-age
  dependency-version: 1.3.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-04-28 00:57:37 +00:00
Jörg Thalheim
bef289e224
Merge pull request #928 from nicdumz/requires-mount
Some checks failed
Test / tests (push) Has been cancelled
fix(systemd): require mounts for encryption keys.
2026-04-21 13:43:06 +02:00
Nicolas Dumazet
fbedbb8cb1 fix(systemd): require mounts for encryption keys.
This helps address issues in https://github.com/nix-community/impermanence/issues/294 and in general also works for https://github.com/nix-community/preservation type of workflows which also rely on systemd mounts.
2026-04-21 12:13:56 +02:00
Nicolas Dumazet
bc02e2e5f6 chore: nix fmt sops/default.nix
(Removes formatting noise from follow-up change).
2026-04-21 12:13:56 +02:00
github-actions[bot]
d4971dd58c
Merge pull request #946 from Mic92/dependabot/go_modules/golang.org/x/crypto-0.50.0
Some checks failed
Test / tests (push) Has been cancelled
Bump golang.org/x/crypto from 0.49.0 to 0.50.0
2026-04-13 22:38:10 +00:00
dependabot[bot]
7f637c27cf update vendorHash 2026-04-13 22:33:10 +00:00
dependabot[bot]
462a352d32
Bump golang.org/x/crypto from 0.49.0 to 0.50.0
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.49.0 to 0.50.0.
- [Commits](https://github.com/golang/crypto/compare/v0.49.0...v0.50.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.50.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-04-13 22:31:28 +00:00
github-actions[bot]
31ac5fe5d0
Merge pull request #943 from Mic92/create-pull-request/patch
Some checks failed
Test / tests (push) Has been cancelled
Update flakes
2026-04-12 05:21:48 +00:00
Mic92
5f6848398c [create-pull-request] automated change 2026-04-12 05:13:20 +00:00
github-actions[bot]
d2e8438d58
Merge pull request #941 from Mic92/dependabot/go_modules/go.opentelemetry.io/otel/sdk-1.43.0
Some checks failed
Test / tests (push) Has been cancelled
Bump go.opentelemetry.io/otel/sdk from 1.40.0 to 1.43.0
2026-04-08 21:09:55 +00:00
dependabot[bot]
4976fdf2a7 update vendorHash 2026-04-08 21:04:49 +00:00
dependabot[bot]
24f2ba73b3
Bump go.opentelemetry.io/otel/sdk from 1.40.0 to 1.43.0
Bumps [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) from 1.40.0 to 1.43.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.40.0...v1.43.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/sdk
  dependency-version: 1.43.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-04-08 21:03:05 +00:00
github-actions[bot]
de5f2d596e
Merge pull request #939 from Mic92/dependabot/go_modules/github.com/aws/aws-sdk-go-v2/service/s3-1.97.3
Some checks are pending
Test / tests (push) Waiting to run
Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.96.0 to 1.97.3
2026-04-08 03:43:56 +00:00
dependabot[bot]
8355747b4f update vendorHash 2026-04-08 03:36:50 +00:00
dependabot[bot]
c80b5daca4
Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.96.0 to 1.97.3
Bumps [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2) from 1.96.0 to 1.97.3.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.96.0...service/s3/v1.97.3)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
  dependency-version: 1.97.3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-04-08 03:35:02 +00:00
github-actions[bot]
a4ee2de76e
Merge pull request #937 from Mic92/create-pull-request/patch
Some checks failed
Test / tests (push) Has been cancelled
Update flakes
2026-04-05 05:05:43 +00:00
Mic92
5bb247912c [create-pull-request] automated change 2026-04-05 05:02:56 +00:00
github-actions[bot]
8f093d0d2f
Merge pull request #935 from Mic92/dependabot/go_modules/github.com/go-jose/go-jose/v4-4.1.4
Some checks failed
Test / tests (push) Has been cancelled
Bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4
2026-04-03 03:52:11 +00:00
dependabot[bot]
49eb4fc8f6 update vendorHash 2026-04-03 03:46:20 +00:00
dependabot[bot]
259ec0a6ba
Bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4
Bumps [github.com/go-jose/go-jose/v4](https://github.com/go-jose/go-jose) from 4.1.3 to 4.1.4.
- [Release notes](https://github.com/go-jose/go-jose/releases)
- [Commits](https://github.com/go-jose/go-jose/compare/v4.1.3...v4.1.4)

---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v4
  dependency-version: 4.1.4
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-04-03 03:44:37 +00:00
github-actions[bot]
19bf3d8678
Merge pull request #933 from Mic92/dependabot/go_modules/github.com/ProtonMail/go-crypto-1.4.1
Some checks failed
Test / tests (push) Has been cancelled
Bump github.com/ProtonMail/go-crypto from 1.4.0 to 1.4.1
2026-03-30 22:43:54 +00:00
dependabot[bot]
fdb9ca0b28 update vendorHash 2026-03-30 22:36:49 +00:00
dependabot[bot]
a6222943fe
Bump github.com/ProtonMail/go-crypto from 1.4.0 to 1.4.1
Bumps [github.com/ProtonMail/go-crypto](https://github.com/ProtonMail/go-crypto) from 1.4.0 to 1.4.1.
- [Release notes](https://github.com/ProtonMail/go-crypto/releases)
- [Commits](https://github.com/ProtonMail/go-crypto/compare/v1.4.0...v1.4.1)

---
updated-dependencies:
- dependency-name: github.com/ProtonMail/go-crypto
  dependency-version: 1.4.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-03-30 22:35:02 +00:00
github-actions[bot]
8adb84861f
Merge pull request #932 from Mic92/create-pull-request/patch
Some checks failed
Test / tests (push) Has been cancelled
Update flakes
2026-03-29 05:06:24 +00:00
Mic92
03e7916136 [create-pull-request] automated change 2026-03-29 05:02:13 +00:00
github-actions[bot]
614e256310
Merge pull request #930 from Mic92/dependabot/go_modules/github.com/getsops/sops/v3-3.12.2
Some checks failed
Test / tests (push) Has been cancelled
Bump github.com/getsops/sops/v3 from 3.12.1 to 3.12.2
2026-03-23 22:10:11 +00:00
dependabot[bot]
7b7a9ed534 update vendorHash 2026-03-23 22:04:29 +00:00
dependabot[bot]
724b382005
Bump github.com/getsops/sops/v3 from 3.12.1 to 3.12.2
Bumps [github.com/getsops/sops/v3](https://github.com/getsops/sops) from 3.12.1 to 3.12.2.
- [Release notes](https://github.com/getsops/sops/releases)
- [Changelog](https://github.com/getsops/sops/blob/main/CHANGELOG.md)
- [Commits](https://github.com/getsops/sops/compare/v3.12.1...v3.12.2)

---
updated-dependencies:
- dependency-name: github.com/getsops/sops/v3
  dependency-version: 3.12.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-03-23 22:02:57 +00:00
github-actions[bot]
3e0d543e6b
Merge pull request #929 from Mic92/create-pull-request/patch
Some checks failed
Test / tests (push) Has been cancelled
Update flakes
2026-03-22 04:46:38 +00:00
Mic92
c1e5436ea2 [create-pull-request] automated change 2026-03-22 04:44:34 +00:00
github-actions[bot]
29b6519f3e
Merge pull request #926 from Mic92/dependabot/go_modules/golang.org/x/crypto-0.49.0
Some checks failed
Test / tests (push) Has been cancelled
Bump golang.org/x/crypto from 0.48.0 to 0.49.0
2026-03-19 03:07:54 +00:00
dependabot[bot]
d646f21a6b update vendorHash 2026-03-19 03:02:50 +00:00
dependabot[bot]
e84b14dd45
Bump golang.org/x/crypto from 0.48.0 to 0.49.0
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.48.0 to 0.49.0.
- [Commits](https://github.com/golang/crypto/compare/v0.48.0...v0.49.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.49.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-03-19 03:01:16 +00:00