public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
295,533 Commits 1 Branch 0 Tags 1.5 GiB
Commit Graph

2332 Commits

Author SHA1 Message Date
niten 6df5ca68f5 Correct indentation. 2021-11-08 17:06:05 -08:00
niten fb09cbd8f1 Shouldn't belong to a zone. 2021-11-08 16:52:11 -08:00
niten 116d999001 nsd: add stateDir option to nsd config. 
Previously, it was hardcoded to /var/lib/nsd, which remains the default
value.
 2021-11-08 16:00:17 -08:00
davidak 1fb9572267
Merge pull request #125221 from NixOS/backport-124404-to-release-21.05 
[Backport release-21.05] Small option type adjustments
 2021-08-03 06:33:12 +02:00
Martin Weinelt 0c50198047 nixos/bird: fix bird/bird6 description 
(cherry picked from commit d902365913fd65abc2d5d5298c2b9b0beda2f2ca)
 2021-07-30 06:44:37 +00:00
Marc 'risson' Schmitt 49cd45c508 nixos/unbound: fix define-tag option 
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
(cherry picked from commit 6b12cff0b5746af364066d1bcb2bc2563e978aa8)
 2021-07-21 20:12:10 +00:00
Martin Weinelt 6ee61426da nixos/solanum: implement reload and allow config changes 
Reload only works with a static configuration path as there is no way to
pass the dynamically generated config path to a running solanum
instance, therefore we symlink the configuration to
/etc/solanum/ircd.conf.

But that will prevent reloads of the ircd, because the systemd unit
wouldn't change when the configuration changes. That is why we add the
actual location of the config file to restartTriggers and enable
reloadIfChanged, so changes will not restart, but reload on changes.

(cherry picked from commit 60c62214f5a3c7db6aa30d8a8e02c863b6abcf0a)
 2021-06-16 02:09:04 +02:00
lassulus 0a8684cadd solanum: remove obsolete BANDB settings/patches 
(cherry picked from commit 8eb5701aaf0eb7ad842a67f09e2f80826ac1ce80)
 2021-06-16 02:09:00 +02:00
Robert Hensing 91d03cd360 nixos/ssh: Document authorizedKeysFiles properly 
(cherry picked from commit dab747106e20268e6d3a7c1a758185bc75507bef)
 2021-06-15 19:42:28 +00:00
Robert Hensing 89ecb51a6a nixos/ssh: Add an example of verbatim keys 
This confused someone on SO.

(cherry picked from commit 8352cc9a23a5fea11d467a5b8341b24cd162c62a)
 2021-06-15 19:42:27 +00:00
rnhmjoj f2c9d568c8 nixos/wireless: only warn for no interfaces 
A hard failure breaks the NixOS installer, which can't possibly
know the interface names in advance.

(cherry picked from commit be01320a6c39867eac0a20b4dfe04680d3b1ce26)
 2021-06-08 08:52:41 -07:00
rnhmjoj df9df54d63 Revert "nixos/wireless: make wireless.interfaces mandatory" 
This reverts commit 030a521adc9510207dd9f06b8d8b552ff7d999f9.

(cherry picked from commit eba5f5c1e5a61ef65a970c699b9f93aff87448bf)
 2021-06-08 08:52:41 -07:00
rnhmjoj 662f2d19b3 nixos/wireless: make wireless.interfaces mandatory 
This is the only way to solve issue #101963, for now.

(cherry picked from commit 030a521adc9510207dd9f06b8d8b552ff7d999f9)
 2021-06-06 08:38:28 +00:00
Daniel Nagy 4d837a7a98 nixos/monero: set port type to `types.port` 
(cherry picked from commit e57465a617f4cc993a7b32f90cb9e095f2b09596)
 2021-06-01 13:15:25 +00:00
Daniel Nagy fda7b06830 nixos/syncserver: set port type to `types.port` 
(cherry picked from commit 65b32a0afe69258e3fa2fb245ea2315c8683281f)
 2021-06-01 13:15:24 +00:00
Daniel Nagy 2c97740c47 nixos/gitDaemon: set port type to `types.port` 
(cherry picked from commit 048c45679fe6fda60b00bf45890e5990f0e6d9f2)
 2021-06-01 13:15:24 +00:00
Niklas Hambüchen b73e47d3d7 nixos/wireguard: Remove .path systemd unit for privkey. Fixes #123203 
As per `man systemd.path`:

> When a service unit triggered by a path unit terminates
> (regardless whether it exited successfully or failed),
> monitored paths are checked immediately again,
> **and the service accordingly restarted instantly**.

Thus the existence of the path unit made it impossible to stop the
wireguard service using e.g.

    systemctl stop wireguard-wg0.service

Systemd path units are not intended for program inputs such
as private key files.
This commit simply removes this usage; the private key is still
generated by the `generateKeyServiceUnit`.

(cherry picked from commit d344dccf3dc592242f11ef993acb9ecee8d84796)
 2021-05-28 18:28:35 -07:00
Sandro Jäckel 0b4994f714 nixos/kresd: tell resolveconf to use local resolver 
(cherry picked from commit 140828ce3843444a8536db884147ed5c4b941259)
 2021-05-26 17:24:55 +02:00
Martin Weinelt 71fb79ee6b
Merge pull request #123828 from Lassulus/solanum2 
nixos/solanum: init
 2021-05-21 23:23:01 +02:00
lassulus 48c16e48aa nixos/solanum: init 2021-05-21 23:06:38 +02:00
eyJhb 6000f420e8
nixos/znc: fixed chown not working after hardening (#123883) 2021-05-21 19:07:53 +02:00
ajs124 c455f3ccaf
Merge pull request #123084 from Yarny0/hylafax 
hylafaxplus & nixos/hylafax: small improvements
 2021-05-21 14:20:57 +02:00
Jonas Chevalier 30c021fa15
Merge pull request #123744 from hercules-ci/init-ghostunnel 
ghostunnel: init
 2021-05-20 20:58:41 +02:00
Robert Hensing dc9cb63de4 nixos/ghostunnel: init 2021-05-20 10:41:52 +02:00
Paul Schyska 69202853ea
nixos/nsd: make nsd-checkconf work when configuration contains keys 2021-05-19 18:21:10 +02:00
Michele Guerini Rocco 376eabdac3
Merge pull request #123254 from rnhmjoj/ipsec 
libreswan: 3.2 -> 4.4
 2021-05-19 13:36:04 +02:00
Maciej Krüger 7458dcd956
Merge pull request #75242 from mkg20001/cjdns-fix 
services.cjdns: add missing, optional login & peerName attribute
 2021-05-18 18:22:29 +02:00
Robert Schütz d189df235a
Merge pull request #122241 from dotlambda/znc-harden 
nixos/znc: harden systemd unit
 2021-05-18 17:44:14 +02:00
Maciej Krüger 7409f9bab3
services.cjdns: add missing, optional login & peerName attribute 2021-05-18 17:39:04 +02:00
rnhmjoj 1a4db01c84
nixos/libreswan: update for version 4.x 
- Use upstream unit files
- Remove deprecated config options
- Add option to disable redirects
- Add option to configure policies
 2021-05-18 08:13:36 +02:00
Jörg Thalheim b900661f6e
Merge pull request #122825 from Izorkin/update-duplicates-systemcallfilters 
treewide: remove duplicates SystemCallFilters
 2021-05-17 12:06:06 +01:00
Sandro 700942d2a5
Merge pull request #121119 from SuperSandro2000/remove-gnidorah 
treewide: remove gnidorah
 2021-05-17 02:42:24 +02:00
Yarny0 c2af1ff281 nixos/hylafax: enable `ProtectKernelLogs` for most services 
Also document that `ProtectClock` blocks access to serial line.
I couldn't found out why this is the case,
but faxgetty complains about the device file
not being accessible with `ProtectClock=true`.
 2021-05-14 22:55:50 +02:00
Robert Schütz e611d663f4
Merge pull request #120440 from dotlambda/radicale-settings 
nixos/radicale: add settings option
 2021-05-14 15:37:26 +02:00
Yarny0 4415846d5c nixos/hylafax: use `runtimeShell` where possible 
According to
https://github.com/NixOS/nixpkgs/pull/84556
this effort helps with cross-compilation.

This commit also renames a substituted variable `hylafax`
to `hylafaxplus` to permit substitution with `inherit`.
 2021-05-14 05:42:18 +02:00
Yarny0 89df33f882 nixos/hylafax: replace a nested expression with `lib.pipe` 
This avoids a tripple-nested function call,
and it looks slightly simpler (at least to me).
 2021-05-14 05:42:18 +02:00
Yarny0 449647daf5 nixos/hylafax: use `lib.types.ints.positive` 
I haven't realized earlier that there is
already an option type for postive integers.
 2021-05-14 05:42:17 +02:00
Izorkin feebe402f5
treewide: remove duplicates SystemCallFilters 2021-05-13 15:44:56 +03:00
Sandro f0bb4f066a
Merge pull request #95050 from paumr/bind-fmt 2021-05-10 19:06:00 +02:00
Michele Guerini Rocco d0cbcce8d4
Merge pull request #121395 from bjornfor/nixos-wpa-supplicant 
nixos/wpa_supplicant: prefer 'install' over 'touch/chmod/mkdir/chgrp'
 2021-05-10 08:16:39 +02:00
paumr 5390d4b946 nixos/bind: formatted with nixpkgs-fmt 2021-05-08 23:13:58 +02:00
Robert Schütz 314a64a026 nixos/znc: fix example 2021-05-08 22:54:19 +02:00
Robert Schütz 5986f233a6 nixos/znc: remove trailing slash from dataDir 2021-05-08 22:54:19 +02:00
Robert Schütz 4400ee83ec nixos/znc: harden systemd unit 2021-05-08 22:54:15 +02:00
Robert Hensing 4433ba90aa
Merge pull request #121927 from rissson/nixos-unbound-fix-top-level-include 
nixos/unbound: allow list of strings in top-level settings option type
 2021-05-08 22:00:57 +02:00
Marc 'risson' Schmitt 0340cd2abe
nixos/unbound: allow list of strings in top-level settings option type 
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
 2021-05-08 19:55:17 +02:00
Aaron Andersen 9254b82706
Merge pull request #121746 from j0hax/monero-options 
nixos/monero: add dataDir option
 2021-05-08 11:43:49 -04:00
Gemini Lasswell 28f51d7757 nixos/yggdrasil: set directory permissions before writing keys 
Remove the opportunity for someone to read the keys in between when
they are written and when the chmod is done.  Addresses #121293.
 2021-05-08 09:49:19 +02:00
Johannes Arnold c0853b6e2c nixos/monero: use isSystemUser = true 2021-05-08 02:13:25 +02:00
Maximilian Bosch a50b9e6c23
Merge pull request #113716 from Ma27/wpa_multiple 
wpa_supplicant: allow both imperative and declarative networks
 2021-05-06 11:01:35 +02:00