public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
292,760 Commits 1 Branch 0 Tags 1.5 GiB
917357a287
Commit Graph

2323 Commits

Author SHA1 Message Date
ajs124
47598c476a nixos/iscsi/root-initiator: init 
Co-authored-by: Graham Christensen <graham@floxdev.com>
 2021-04-06 18:34:32 +00:00
ajs124
39b5040a4b nixos/iscsi/initiator: init 
Co-authored-by: Graham Christensen <graham@floxdev.com>
 2021-04-06 18:34:25 +00:00
ajs124
c2da1d7b53 nixos: iscsi/target: init module 
Co-authored-by: Graham Christensen <graham@floxdev.com>
 2021-04-06 18:33:50 +00:00
Ryan Horiguchi
5171c5c2ee
nixos/networkmanager: add missing kernel module for wpa authenticaion 2021-04-06 13:50:51 +02:00
Sandro Jäckel
9378fdf87e
iproute: deprecate alias 2021-04-04 01:43:46 +02:00
Doron Behar
c2b66f2702
Merge pull request from ju1m/zerobin 2021-03-29 17:18:29 +00:00
Xinglu Chen
273f5c38a3
nixos/privoxy: add missing "/" to "forward-socks5" option 
Without this, Privoxy will silently fail, meaning that no traffic
would be routed through Tor, giving users a false sense of privacy.
 2021-03-28 21:16:55 +02:00
Vladimír Čunát
56f308bb2f
nixos/kresd: trivial cleanup 2021-03-28 21:01:50 +02:00
Vladimír Čunát
6e562fd6a7
Merge : nixos/kresd: Listen on IPv4 wildcard, too 
This makes sense to me.  I can't see any reference (incl. PR )
why that commit of mine (ae74a0e27c) used 127.0.0.1 instead of 0.0.0.0
 2021-03-28 20:53:33 +02:00
Vladimír Čunát
0032a3fc81
Merge : nixos/kresd: Fix unportable regex 2021-03-28 20:27:49 +02:00
Maciej Krüger
c8d2f4a3a8 cjdns: reduce password length to 32 
Maximum password length per cjdns code is somehwhere less than that, see
ecd01e7681/client/AdminClient.c (L80)

Currently we generate 96 char long passwords that don't work

This changes it so password length is just 32 chars long
 2021-03-26 11:35:09 +01:00
Florian Klink
f3fa3a38a9
Merge pull request from flokli/bird-check-config-disable 
nixos/bird*: enable config files outside the store, propagate reload errors to systemd
 2021-03-25 23:01:09 +01:00
Maximilian Bosch
0ad1d526dc
Merge pull request from dotlambda/wireguard-noalias 
nixos/wireguard: don't use alias
 2021-03-24 11:43:13 +01:00
Robert Schütz
683f374529 nixos/wireguard: don't use alias 2021-03-24 11:27:36 +01:00
sternenseemann
76d9fe7629 !fixup add myself as maintainer for the module 2021-03-22 15:19:49 +01:00
sternenseemann
4048b39fc1 nixos/modules/inspircd: add simplistic module and nixos test 2021-03-22 14:38:57 +01:00
Florian Klink
2b03d3a1cf nixos/bird: check config during reload 
`birdc configure` seems to not return a nonzero exit code if the reload
failed.

Context: https://bird.network.cz/pipermail/bird-users/2018-January/011858.html

Co-Authored-By: Puck Meerburg <puck@puck.moe>
 2021-03-18 14:25:44 +01:00
Florian Klink
7d266264ce nixos/bird: add services.bird*.checkConfig option 
This is useful when the config doesn't entirely live in the Nix store,
but is configured to include mutable config files written at runtime.

Co-Authored-By: Puck Meerburg <puck@puck.moe>
 2021-03-18 14:24:55 +01:00
Julien Moutinho
a9ce4c4a0e zerobin: 20160108 -> 1.0.5 2021-03-13 13:06:06 +01:00
Aaron Andersen
47c5175f0c
Merge pull request from ju1m/croc 
nixos/croc: init
 2021-03-12 20:34:33 -05:00
rnhmjoj
7962df46fe
nixos/privoxy: make certificate-directory optional 
The tmpfiles.d rule should only be added if inspectHttps is enabled.
 2021-03-11 08:17:50 +01:00
rnhmjoj
df6d7f3142
nixos/privoxy: document repeated settings 2021-03-09 17:59:12 +01:00
rnhmjoj
8e21a1c51b
nixos/privoxy: set temporary directory 
This is needed for working external filters, otherwise privoxy will fail
without a clear error message.
 2021-03-09 11:02:59 +01:00
rnhmjoj
3673ded392
nixos/privoxy: add https and settings options 
This is a major rewrite of the Privoxy module:

- As per RFC0042, remove privoxy.extraConfig and replace it
  with a privoxy.settings option, which maps a NixOS freeform
  submodule to the Privoxy configuration format.

- Move all top-level options that mirrored a setting to
  the real ones in privoxy.settings. This still keeps the
  type-checking, default values and examples in places.

- Add two convenience options: userActions and userFilters, which
  simplify the operation of creating a file with pkgs.writeText,
  converting it to a string and adding it to the actionsfile/
  filterfile list.

- Add a privoxy.inspectHttps option to automagically setup TLS
  decryption support. I don't know how long have been waiting
  for this feature: can't believe it has just happened.

- Also add a privoxy.certsLifetime to control the periodical
  cleanup of the temporary certificates generate by Privoxy.
 2021-03-09 11:02:59 +01:00
Julien Moutinho
be6463cd9d nixos/croc: init 2021-03-08 01:34:32 +01:00
Johan Thomsen
7b5c38e973 nixos/kubernetes: docker -> containerd 
also, nixos/containerd: module init
 2021-03-07 12:51:14 +10:00
Tim Van Baak
002fe4f19d nixos/nebula: Add final newline to module and test 2021-03-04 21:39:04 -08:00
Tim Van Baak
e3f113abc2 nixos/nebula: Update systemd service to be more like the source repo's 2021-03-04 21:36:05 -08:00
taku0
61706fc470
Merge pull request from lourkeur/fix-string-escaping 
nixos/kresd, nixos/dokuwiki, tests/fpm, build-bazel-package, libcutl: fix string escaping
 2021-03-03 19:35:16 +09:00
Tim Van Baak
17430ea40a nixos/nebula: Remove default punch option in favor of setting it through the settings option 2021-03-01 20:21:27 -08:00
Tim Van Baak
511465ade0 nixos/nebula: Remove unnecessary package from service user 2021-02-28 18:35:16 -08:00
Tim Van Baak
9f1ebd0c10 nixos/nebula: Refactor module to allow for multiple nebula services on the same machine 2021-02-28 18:31:42 -08:00
Julien Moutinho
862481560c nixos/dnscrypt-proxy2: reallow @sync syscalls 2021-02-21 14:53:54 +01:00
rnhmjoj
15d6eacb15
nixos/{networkd,dhcpcd}: remove udev-settle hack 
systemd-udev-settle is a terrible hack[1] and should never[2] ever[3]
used, seriously it's very bad. It was used as a stop-gap solution for
issue , but thanks to PR  it can be removed now.

[1]: https://github.com/systemd/systemd/issues/7293#issuecomment-592941764
[2]: https://github.com/NixOS/nixpkgs/issues/73095
[3]: https://github.com/NixOS/nixpkgs/issues/107341
 2021-02-18 22:07:00 +01:00
Milan
3b77e7c967
nixos/jitsi-videobridge: add apis option () 
The `--apis=` command line parameter passed to Jitsi Videobridge is
required to monitor a Jitsi Meet instance for example via the prometheus
exporter [jitsiexporter](https://git.xsfx.dev/prometheus/jitsiexporter).
 2021-02-13 15:04:58 +01:00
Luke Granger-Brown
cfed3b8b22 treewide: update 21.03 to 21.05 
The NixOS 21.03 release has been delayed to 21.05. See .

There are two instances of 21.03 which have been left as is, since they
are in stateVersion comparisons. This will ensure that existing user
configurations which refer to 21.03 will continue to work.
 2021-02-12 14:12:48 -08:00
Aaron Andersen
9f9e7c181c nixos/nebula: conditionally provision the nebula user 2021-02-09 20:48:23 -05:00
Aaron Andersen
b52a8f67dd nixos/nebula: simply service user logic 2021-02-09 20:45:17 -05:00
Aaron Andersen
e8eaea9627 nixos/nebula: replace extraConfig option with a settings option 2021-02-09 20:42:33 -05:00
Bernardo Meurer
c83a3d6fa7
Merge pull request from lovesegfault/firefox-no-flash 
treewide: cleanup Adobe Flash Player
 2021-02-09 01:35:24 +00:00
Guillaume Girol
2630a2df91
Merge pull request from snicket2100/more-dnscrypt-proxy-hardening 
nixos/dnscrypt-proxy2: more service hardening
 2021-02-08 19:22:44 +00:00
Bernardo Meurer
ecaefda84a
nixos.flashpolicyd: drop 2021-02-08 09:38:48 -08:00
Eric Bailey
35056b3b61 maintainers/teams: add beam team 2021-02-07 13:01:11 -06:00
Fritz Otlinghaus
d7ee2a16bd nixos/resilio: add sharedFolders type 2021-02-03 16:17:37 -08:00
Sandro
449b698a0b
Merge pull request from helsinki-systems/sabnzbd 
nixos/sabnzbd: add types
 2021-02-01 20:07:39 +01:00
Attila Lendvai
c61c0cc04f nixos/bee-clef: init at 0.4.7 2021-02-01 10:56:04 +01:00
Attila Lendvai
35a9d23b82 nixos/bee: init at 0.4.2 2021-02-01 10:56:04 +01:00
Tim Van Baak
35d79e894c nixos/nebula: add basic module 2021-01-31 18:42:57 -08:00
Sandro
4bb7e4fb63
Merge pull request from helsinki-systems/bind2 
nixos/bind: update zone file type
 2021-01-31 15:14:02 +01:00
Sandro
75281960c0
Merge pull request from helsinki-systems/shairport 
nixos/shairport-sync: add types
 2021-01-31 15:13:33 +01:00
Sandro
1b77b735ea
Merge pull request from helsinki-systems/prayer 
nixos/prayer: Add port type
 2021-01-31 15:05:59 +01:00
Sandro
49f5e8799b
Merge pull request from helsinki-systems/mailpile 
nixos/mailpile add types switch port to port type
 2021-01-31 15:04:01 +01:00
Sandro
60b597ad3b
Merge pull request from helsinki-systems/lshd 
nixos/lshd: add types
 2021-01-31 15:03:45 +01:00
Sandro
af78f11035
Merge pull request from helsinki-systems/ircd-hybrid 
nixos/ircd-hybrid: add types
 2021-01-31 15:02:07 +01:00
Fritz Otlinghaus
58ab3a3249
nixos/bind: update zone file type 2021-01-31 14:59:54 +01:00
Fritz Otlinghaus
54e7528009
nixos/radvd: add type () 2021-01-31 13:54:30 +01:00
Fritz Otlinghaus
821f19a975
nixos/quassel: add types () 2021-01-31 13:46:29 +01:00
Lassulus
4c181d179b
Merge pull request from helsinki-systems/bind_types 
bind: Add types for options
 2021-01-31 13:44:14 +01:00
Fritz Otlinghaus
a94c7ef24e
nixos/shairport-sync: add types 2021-01-31 12:14:01 +01:00
Fritz Otlinghaus
14a8446dc1
nixos/sabnzbd: add types 2021-01-31 12:12:59 +01:00
Fritz Otlinghaus
f0932a6c41
nixos/prayer: Add port type 2021-01-31 12:01:41 +01:00
Fritz Otlinghaus
295de63e90
nixos/lshd: add types 2021-01-31 11:27:20 +01:00
Fritz Otlinghaus
f50a26d257
nixos/mailpile add types switch port to port type 2021-01-31 11:26:07 +01:00
Fritz Otlinghaus
adacfb44cc
nixos/ircd-hybrid: add types 2021-01-31 11:17:03 +01:00
Sandro
532dd98cdb
Merge pull request from helsinki-systems/hostapd 
nixos/hostapd: add interface type
 2021-01-29 17:47:39 +01:00
Scriptkiddi
679e369ba2
nixos/hostapd: add interface type 2021-01-29 13:04:50 +01:00
Sandro
1f730f2918
Merge pull request from helsinki-systems/gogoclient 
nixos/gogoclient: add types
 2021-01-29 09:52:35 +01:00
Scriptkiddi
5f40e68c9c nixos/consul: add types 2021-01-29 00:32:32 -08:00
Scriptkiddi
f2764e1f71
nixos/gogoclient: add types 2021-01-29 08:39:51 +01:00
Scriptkiddi
103ea99b99 nixos/gvpe: add types 2021-01-28 13:58:33 -08:00
Scriptkiddi
f2ce0f543d nixos/flashpolicyd: add types 2021-01-27 11:44:15 -08:00
Ninjatrappeur
ab224b550c
Merge pull request from NinjaTrappeur/nin-pleroma 2021-01-27 13:28:44 +01:00
Robert Hensing
d2a41be2f3
Merge pull request from Infinisil/functionTo 
Bring back `types.functionTo`
 2021-01-27 10:50:13 +01:00
Scriptkiddi
26c4dcf8fa nixos/babeld: add type extraConfig 2021-01-26 20:06:29 -08:00
Scriptkiddi
5f472181f2 nixos/cntlm: add types 2021-01-26 13:17:19 -08:00
Félix Baylac-Jacqué
231c5a576a
nixos/pleroma: init 
Adding a new pleroma NixOS module and its associated documentation.

co-authored-by: duponin <duponin@locahlo.st>
 2021-01-26 18:11:38 +01:00
Florian Klink
b2f3bd4d79
Merge pull request from primeos/nixos-add-fqdn-option 
nixos/networking: Add a read-only option for the FQDN
 2021-01-25 16:45:45 +01:00
Bernardo Meurer
105b9eb1b8
Merge pull request from cpcloud/nomad-datadir-cleanup 
nixos/nomad: enforce specific data_dir semantics
 2021-01-24 18:20:08 +00:00
Bas van Dijk
8ac4b251c8
nixos: use functionTo to prevent evaluation errors while merging 
Without this patch merging options like
services.xserver.windowManager.xmonad.extraPackages
results in the evaluation error:

  error: value is a list while a set was expected, at nixpkgs/lib/options.nix:77:23

With this patch we get the desired merging behaviour that just concatenates the
resulting package lists.

(cherry picked from commit 6e99f9fdecb1f28308c8e0aed0fc851737354864)

Co-Authored-By: Silvan Mosberger <contact@infinisil.com>
 2021-01-24 17:18:37 +01:00
Sandro
81e3b9d15b
Merge pull request from siraben/double-quotes-fix 
treewide: fix double quoted strings in one-liners
 2021-01-24 16:17:14 +01:00
Sandro
0dd579a3e6
Merge pull request from helsinki-systems/chrony_types 
nixos/chrony: add types
 2021-01-24 14:18:51 +01:00
volth
bc0d605cf1 treewide: fix double quoted strings in meta.description 
Signed-off-by: Ben Siraphob <bensiraphob@gmail.com>
 2021-01-24 19:56:59 +07:00
Fritz Otlinghaus
31345193f0
nixos/chrony: add types 2021-01-24 13:50:35 +01:00
Fritz Otlinghaus
6054aa2bc1
nixos/amuled: add types 2021-01-24 13:37:09 +01:00
Phillip Cloud
c7c3b9e4ae nixos/nomad: remove User setting entirely 2021-01-23 19:44:37 -05:00
Phillip Cloud
2a3cb407b0 nixos/nomad: only set User if privileges are dropped 2021-01-23 19:44:37 -05:00
Phillip Cloud
5ce4ce6174 nixos/nomad: make formatting consistent in mkMerge call 2021-01-23 19:44:37 -05:00
Phillip Cloud
12b9249cf3 nixos/nomad: unconditionally set user to nomad 2021-01-23 19:44:37 -05:00
Phillip Cloud
5d0b3b7228 nixos/nomad: fix markup and remove suggestion 2021-01-23 19:44:37 -05:00
Phillip Cloud
bddb7ac406 nixos/nomad: fix typo and spell out ExecStartPre usage 2021-01-23 19:44:37 -05:00
Phillip Cloud
b72a46713f nixos/nomad: reformat SupplementaryGroups expression 2021-01-23 19:44:37 -05:00
Phillip Cloud
b80c454459 nixos/nomad: add mkIf for StateDirectory 2021-01-23 19:44:37 -05:00
Phillip Cloud
58fe45936e nixos/nomad: move serviceConfig into mkMerge and mkIf for docker SupplementaryGroups 2021-01-23 19:44:37 -05:00
Phillip Cloud
f3aa71b7ec nixos/nomad: describe the nomad cluster manager responsibilities 2021-01-23 19:44:37 -05:00
Phillip Cloud
3e00482ba8 nixos/nomad: add assertion for the value of dropPrivileges and its relation to data_dir 2021-01-23 19:44:37 -05:00
Phillip Cloud
f1778cd90e
nixos/nomad: add extraSettingsFiles option to nomad service () 2021-01-23 23:52:19 +01:00
Phillip Cloud
2861d26df5 nixos/nomad: move data_dir default setting to allow propagation of default 2021-01-23 12:50:01 -05:00
Phillip Cloud
0bbed1c273 nixos/nomad: add newline 2021-01-23 12:50:01 -05:00
Michael Weiss
237c20ac61
nixos/smokeping: Replace the tabs in cfg.targetConfig 
This was inconsistent with the rest of the module.
 2021-01-23 14:03:16 +01:00
Michael Weiss
87fb5d381f
nixos/smokeping: Add a PoC for using networking.fqdn 2021-01-23 14:03:16 +01:00
Anderson Torres
0f31f03f22
Merge pull request from ctem/feature/chrony 
nixos/chrony: add support for Network Time Security (NTS) authentication
 2021-01-22 09:36:08 -03:00
Fritz Otlinghaus
800b90ea3f
nixos/bitlbee: Add types to options () 2021-01-22 11:07:29 +01:00
Scriptkiddi
2800882b4b
bind: Add types for options 2021-01-20 14:34:34 +01:00
Scriptkiddi
1572940688
networking, chrony, ntpd, timesyncd: add timeServers option type 2021-01-20 10:54:24 +01:00
Jonathan Ringer
e2fcf81d2a nixos/modules: pkgconfig -> pkg-config 2021-01-19 01:16:25 -08:00
Bernardo Meurer
e1340190a9
nixos/nomad: default enableDocker to true 2021-01-17 18:54:06 -08:00
Bernardo Meurer
1f8d0d771c
nixos/nomad: init 
Co-authored-by: Niklas Hambüchen <mail@nh2.me>
 2021-01-17 15:11:16 -08:00
Michele Guerini Rocco
721a4ecfa6
Merge pull request from illustris/searx 
searx: 0.17.0 -> 0.18.0
 2021-01-14 10:15:37 +01:00
rnhmjoj
f741cccd45
nixos/searx: remove settings.yml merging script 
Starting with 0.18.0, searx can merge the settings.yml automatically
with the default values, so the script is obsolete.
 2021-01-14 09:48:02 +01:00
Silvan Mosberger
ffdefb66c0
Merge pull request from pstn/murmurPswitch 
nixos/murmur: Add overrideable package switch
 2021-01-14 01:07:56 +01:00
rnhmjoj
623664e84f
nixos/searx: add support for running in uWSGI 2021-01-11 08:41:15 +01:00
rnhmjoj
cce415c743
nixos/searx: declarative configuration 2021-01-11 08:41:15 +01:00
Philipp
06c0f16555
nixos/murmur: Add overrideable package switch 2021-01-11 00:08:23 +01:00
Jörg Thalheim
b815fb2fd9
Merge pull request from xaverdh/iwd-link-unit 2021-01-10 12:35:25 +00:00
Dominik Xaver Hörl
713b60460f nixos/iwd: add networkd link configuration matching the upstream .link unit file 
It is meant to fix the race condition between iwd and udev trying to
rename the interface.
 2021-01-09 10:26:57 +01:00
Ctem
54778551d6
nixos/chrony: add option to change package 2021-01-06 20:05:05 +09:00
Ctem
2aec205bd2
nixos/chrony: add option to change state directory 2021-01-06 20:04:50 +09:00
Ctem
2e131e1f45
nixos/chrony: add option to choose between two commonly used server directive options 2021-01-06 20:04:41 +09:00
Ctem
9550d865e9
nixos/chrony: add option to enable NTS authentication 2021-01-06 20:04:20 +09:00
Jörg Thalheim
a14ea3aecc
Merge pull request from ju1m/tor 
nixos/tor: improve type-checking and hardening
 2021-01-05 16:00:40 +00:00
Julien Moutinho
0ccdd6f2b0 nixos/tor: improve type-checking and hardening 
Fixes .
Fixes .
 2021-01-04 01:02:26 +01:00
snicket2100
2bab1a76c6 nixos/dnscrypt-proxy2: more service hardening 
added 'ProtectClock' and made the seccomp filter a bit more restrictive
have been running with these settings for a while with zero problems
 2021-01-02 18:09:49 +01:00
kvtb
0c8f5c0f15
kresd.nix: fix string escaping 
\+ has no effect in single quoted strings
 2020-12-31 23:48:05 +00:00
Silvan Mosberger
ff97a25fc6
Merge pull request from otavio/topic/shellhub 
shellhub-agent: Add service and package expressions
 2020-12-31 00:07:42 +01:00
Otavio Salvador
06edbabe06 nixos/shellhub-agent: initial service expression 
This provides the service to configure the ShellHub Agent.

Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
 2020-12-30 19:24:13 -03:00
Matt Layher
071c02a4b2
nixos/corerad: use pkgs.formats.toml to generate TOML configuration 
Signed-off-by: Matt Layher <mdlayher@gmail.com>
 2020-12-29 17:47:01 -05:00
Vladimír Čunát
2b131c97bb
nixos/kresd: set .stopIfChanged = false 
Since version 5.2.0 there's non-empty stop phase:
    ExecStopPost=/usr/bin/env rm -f "/run/knot-resolver/control/%i"
but it's perfectly OK to run that from a different version
(and typically it's no-op anyway).  Real-life example where this helps:
https://github.com/NixOS/nixpkgs/issues/49528#issuecomment-747723198
 2020-12-25 09:54:04 +01:00
rnhmjoj
9f52d1f234
Revert "nixos/wireless: fix failure with no interfaces" 
This reverts commit 8f177612b1.

Attempting to start any service from udev when systemd-udev-settle is
used at all hangs the boot for 2min. See issue .
 2020-12-22 10:17:32 +01:00
Silvan Mosberger
e52f705248
Merge pull request from Emantor/init/icecc_icemon 
Icecream support
 2020-12-19 17:54:28 +01:00
Michele Guerini Rocco
d7b52849f8
Merge pull request from martinetd/wakeonlan 
wakeonlan service: use powerUpCommands
 2020-12-18 08:39:02 +01:00
Alyssa Ross
e17d4b05a1 nixos/tor: don't do privoxy stuff by default 
It's very surprising that services.tor.client.enable would set
services.privoxy.enable.  This violates the principle of least
astonishment, because it's Privoxy that can integrate with Tor, rather
than the other way around.

So this patch moves the Privoxy Tor integration to the Privoxy module,
and it also disables it by default.  This change is documented in the
release notes.

Reported-by: V <v@anomalous.eu>
 2020-12-16 12:20:03 +00:00
Guillaume Girol
824d2c92bd
Merge pull request from Atemu/dnscrypt-default-config 
dnscrypt-proxy2: base settings on example config
 2020-12-15 19:47:43 +00:00
Michele Guerini Rocco
12f367b51c
Merge pull request from rnhmjoj/wpa-fix 
nixos/wireless: fix failure with no interfaces
 2020-12-15 08:37:33 +01:00
Linus Heckemann
c40f06022a
Merge pull request from minijackson/tinc-rfc42-and-tests 
nixos/tinc: rfc42 and tests
 2020-12-14 21:52:57 +01:00
Minijackson
499e366d7b
nixos/tinc: add settings and hostSettings for RFC42-style options 2020-12-13 21:33:38 +01:00
Atemu
e4c49db668 nixos/dnscrypt-proxy2: base settings on example config 
Dnscrypt-proxy needs some options to be set before it can do anything useful.

Currently, we only apply what the user configured which, by default, is nothing.

This leads to the dnscrypt-proxy2 service failing to start when you only set
`enable = true;` which is not a great user experience.

This patch makes the module take the example config from the upstream repo as a
base on top of which the user-specified settings are applied (it contains sane
defaults).

An option has been added to restore the old behaviour.
 2020-12-12 09:15:11 +01:00
Jörg Thalheim
2cdec00dd2
nixos/tinc: add reload command 2020-12-12 07:37:16 +01:00
Peng Mei Yu
3cd1a6706c unbound: Add AF_NETLINK to allowed address families. 
Unbound throws the following error:

--8<---------------cut here---------------start------------->8---
error: failed to list interfaces: getifaddrs: Address family not supported by protocol
fatal error: could not open ports
--8<---------------cut here---------------end--------------->8---

The solution is pulled from upstream:
https://github.com/NLnetLabs/unbound/pull/351
 2020-12-08 14:31:15 +08:00
Christine Dodrill
3d55480bf8
nixos/tailscale: add package as an option 
This simplifies testing changes to the tailscale service on a local
machine. You can use this as such:

```nix
let
  tailscale_patched = magic {};
in {
  services.tailscale = {
    enable = true;
    package = tailscale_patched;
  };
};
```

Signed-off-by: Christine Dodrill <me@christine.website>
 2020-12-01 12:30:31 +01:00
Silvan Mosberger
a87ab948d2
Merge pull request from ncfavier/master 
nixos/nat: support IPv6 NAT
 2020-12-01 04:40:09 +01:00
Valérian Galliat
b93a5a1746
nixos/nat: support IPv6 NAT 2020-12-01 00:51:58 +01:00
Sandro
a390213f85
Merge pull request from snicket2100/mosquitto-service-sandboxing 
mosquitto: systemd service sandboxing
 2020-11-27 18:53:36 +01:00
Graham Christensen
d9c3f13df3
Merge pull request from grahamc/utillinux 
utillinux: rename to util-linux
 2020-11-24 15:14:36 -05:00
Graham Christensen
bc49a0815a
utillinux: rename to util-linux 2020-11-24 12:42:06 -05:00
adisbladis
302df2a9a1
Merge pull request from adisbladis/ssh-pam-sudo-keys 
pam_ssh_agent_auth: Honour services.openssh.authorizedKeysFiles
 2020-11-24 16:06:47 +01:00
Artturin
4db239272c mullvad-vpn: add iproute2 2020-11-24 06:12:32 -08:00
adisbladis
ba1fa0c604
pam_ssh_agent_auth: Honour services.openssh.authorizedKeysFiles 
If a system administrator has explicitly configured key locations this
should be taken into account by `sudo`.
 2020-11-24 02:47:07 +01:00
rnhmjoj
8f177612b1
nixos/wireless: fix failure with no interfaces 
This resolves issue .

When the service is started and no interface is ready yet, wpa_supplicant
is being exec'd with no `-i` flags, thus failing. Once the interfaces
are ready, the udev rule would fire but wouldn't restart the unit because
it wasn't currently running (see systemctl(1) try-restart).

The solution is to exit (with a clear error message) but always restart
wpa_supplicant when the interfaces are modified.
 2020-11-24 00:18:18 +01:00
zowoq
dbbd289982 nixos/*: fix indentation 2020-11-23 08:42:51 +10:00
Vladimír Čunát
e61ef63e4e
kresd service: switch .listenDoH to new implementation 
Beware: extraFeatures are not needed *for this* anymore,
but their removal may still cause a regression in some configs
(example: prefill module).
 2020-11-17 20:04:56 +01:00