0539ed4771
Add support for btsync 2.x branch
2015-04-06 15:31:40 +00:00
b3c423757e
nixos/rdnssd: Major refactoring
...
This updates rdnssd to the following:
* Using the systemd interfaces directly
* Using the rdnssd user instead of the root user
* Integrating with resolvconf instead of writing directly to /etc/resolv.conf
2015-04-04 21:20:07 -07:00
16f047a60f
nixos/networkmanager: support l2tp
2015-03-29 13:09:02 +03:00
5c6d86540b
nixos: use types.enum instead of ad-hoc check in sshd service
2015-03-26 12:43:42 +00:00
ff22e19fc4
Merge pull request #6893 from hrdinka/nsd-config-options
...
nsd: Fix automatic config options
2015-03-23 13:19:29 +03:00
664592561d
nixos: added aiccu service
2015-03-20 22:01:35 +01:00
d3a2edb8ce
nsd: Fix automatic config options
2015-03-19 12:10:55 +01:00
6db8155e37
nsd: Update from 4.1.0 -> 4.1.1
2015-03-18 21:01:35 +01:00
359bc60ec8
Merge pull request #6448 from eduarrrd/ddclient
...
ddclient module: fix module
2015-03-17 12:38:12 +01:00
fe79bf34a5
Merge pull request #6512 from bjornfor/nixos-haproxy-cleanup
...
nixos/haproxy: remove broken default 'config'
2015-03-11 16:29:06 +01:00
d31202fba2
sshd: Enable seccomp sandboxing
2015-03-09 11:27:19 +01:00
579159c72b
Add dispatcher configuration options to NetworkManager module
2015-03-08 20:24:53 +01:00
9ce0c1cb71
nixos/consul: Fix timeout bugs and json formatting
2015-02-25 15:42:43 -08:00
f27fa79aa9
nixos/dnsmasq: Fix service name typo
2015-02-25 09:22:16 -08:00
4bf66ba89c
ddclient module: fix module
...
* rewrite to systemd.services
* disable forking to give systemd better control
* verifiably run as ddclient user
* expose ssl option
* unset default value for dyndns server
* rename option "web" to "use" to be consistent with ddclient docs
* add descriptions
* add types to options
* clean up formatting
2015-02-23 22:37:20 -05:00
b70bd0879b
sshd: Generate a ed25519 host key
2015-02-23 17:00:07 +01:00
ffb4797dd3
nixos/haproxy: remove broken default 'config'
...
HAProxy fails to start with the default 'config'. Better disable it and
assert that the user provides a suitable 'config'. (AFAICS, there cannot
really be a default config file for HAProxy.)
2015-02-22 12:30:14 +01:00
419a4166a7
nixos/haproxy: small cleanup
...
* Add option types
* Rewrite option descriptions
* /var/run/haproxy.pid => /run/haproxy.pid (canonical location)
2015-02-22 12:29:34 +01:00
030895f075
nixos/dhcpcd: Only run resume commands if enabled.
...
The networkd implementation sets systemd.services.dhcpcd.enable to
false in nixos/modules/tasks/network-interfaces-systemd.nix. So we need
to respect that in the dhcpcd module.
If we don't, the resumeCommand is set nevertheless, which causes the
post-resume.service to fail after resuming:
Failed to reload dhcpcd.service: Unit dhcpcd.service is masked.
post-resume.service: main process exited, code=exited, status=1/FAILURE
Failed to start Post-Resume Actions.
Dependency failed for Post-Resume Actions.
Unit post-resume.service entered failed state.
post-resume.service failed.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-02-22 08:09:04 +01:00
f8dbd6f9ae
Merge pull request #6427 from grwlf/vsftpd-port
...
vsftpd.nix: add 'portPromiscuous' option
2015-02-18 19:18:34 +08:00
ac65a757f0
vsftpd.nix: add 'portPromiscuous' option
2015-02-18 11:51:43 +03:00
2fe44b95d0
nixos/wpa_supplicant: fix conflicting documentation
...
fixes #6298
2015-02-17 22:16:20 +01:00
33550b6efe
Merge pull request #5665 from joachifm/dnscrypt-proxy-apparmor-updates
...
dnscrypt-proxy service: update AppArmor profile
2015-02-14 22:02:31 -08:00
51a7277fac
Merge pull request #6312 from k0ral/sslh
...
sslh: added libwrap support + improved nixos module.
2015-02-13 10:03:48 +01:00
a17f5c8c9b
nixos/consul: add consul-alerts service
2015-02-12 19:16:50 +01:00
cb153cfca3
sslh: added libwrap support + improved nixos module.
2015-02-12 13:21:36 +01:00
93ebaafabe
Merge pull request #6170 from k0ral/sslh
...
New sslh module
2015-02-10 11:17:56 +01:00
9792b12e53
nixos/openntpd: Don't start until we have networking
...
This attempts to fix an issues where ntp is unable to resolve hostnames
because it came up before local nameservers or networking.
2015-02-06 14:45:47 -08:00
3e280f2089
nixos/tinc: Fix key generation behavior and use tinc 1.1 by default
2015-02-05 23:37:20 -08:00
1439e72147
New sslh module.
2015-02-05 13:30:39 +01:00
83925c33f6
i2pd: 0.6.0 -> 0.7.0
...
nixos: i2pd.service, fix string escaping
2015-02-05 12:09:59 +01:00
9ddb6c9cc9
nixos/tinc: Add daemon configuration
2015-02-04 18:19:04 -08:00
bae5faa82d
nixos/dhcpd: Also try restarting openntpd as it suffers the same dns resolution problem
2015-02-04 17:33:14 -08:00
43d8b1ef3c
openntpd: Fixes
2015-02-04 17:30:22 -08:00
a9f1329d2d
nixos/openntpd: Add openntpd to the environment for ntpctl
2015-02-04 17:27:03 -08:00
49b67bb9cb
Merge pull request #6078 from boothead/sabnzbd
...
sabnzbd Change service to systemd
2015-02-03 13:32:59 +01:00
c45372f038
Merge commit 'cfb29ab882323d379aba20a95020c7c24f883eae'
...
Partial staging merge, including cc-wrapper fixes
Conflicts:
pkgs/applications/audio/spotify/default.nix
pkgs/build-support/cc-wrapper/default.nix
pkgs/development/compilers/cryptol/1.8.x.nix
2015-02-02 21:14:28 -05:00
ee52a61e3a
nixos/tftpd: add option types and fixup descriptions
...
The first description is a (incorrect) copy/paste from the 'vsftpd'
module, and the second option lacks a 'dot' at the end.
2015-02-01 15:57:28 +01:00
52d4b9d982
Merge branch 'tlsdate' of git://github.com/4z3/nixpkgs
2015-01-30 01:07:59 -05:00
b61d4ac6a5
ntpd: Fork into the background
...
With -n, ntpd will write log messages to both syslog and stderr, which
is ugly.
2015-01-28 15:34:42 +01:00
11a0344e13
Merge pull request #5918 from robberer/openntpd
...
openntpd: add extraConfig and extraOptions
2015-01-23 16:43:15 +01:00
4fa5d1f626
openntpd: add extraConfig and extraOptions
2015-01-23 16:15:20 +01:00
3fdd925063
nixos: Add tlsdated service
2015-01-21 05:09:47 +01:00
7023e03d77
firewall service: fix pingLimit example value
...
The example uses single dashes, whereas iptables requires double dashes.
2015-01-20 08:47:11 +01:00
ec6b82a0c2
Merge branch 'master' into staging.
2015-01-19 18:41:17 +01:00
130f66b683
nixos/sync-server: Respect the enable option
2015-01-18 14:21:40 -08:00
3b174a4024
Merge pull request #5301 from nbp/syncserver
...
Add Firefox Sync service
2015-01-18 17:47:51 +01:00
8196727fad
Improve the documentation of the syncserver module.
2015-01-18 12:21:23 +01:00
0d13ea0131
Change default syncserver listen.port to a safer one.
2015-01-18 12:20:44 +01:00
88eae46455
rename occurrences of gcc.gcc to gcc.cc
2015-01-14 20:47:49 -08:00
837cfbb9ea
nixos: adding nylon service with uid,gid
2015-01-14 22:08:47 +01:00
72d2d59cd4
/etc/ssh/ssh_known_hosts: refactor and fix #5612
...
Generating the file was refactored to be completely in nix.
Functionally it should create the same content as before,
only adding the newlines.
CC recent updaters: @aszlig, @rickynils.
2015-01-11 22:14:25 +01:00
97bac259d0
dnscrypt-proxy service: update AppArmor profile
...
This patch fixes the AppArmor profile path clause and adds
(currently ignored) network rules.
The AppArmor profile used to be defined for the path sbin/dnscrypt-proxy,
but the real path is bin/dnscrypt-proxy (due to sbin now being a symlink
to bin), which permitted the service to run unconfined.
Adding the network rules has no effect other than improving correctness,
as the version of AppArmor in the NixOS kernel fails to enforce network
rules.
2015-01-09 15:08:07 +01:00
9a7766e054
nixos/network-interfaces: Add mstpd support for bridges
2015-01-07 14:49:24 -08:00
8627110091
icedtea: Make major version nonspecific attrs
2015-01-02 00:24:49 -08:00
c64257b8e5
Fix user-facing typos (mainly in descriptions)
2014-12-30 03:31:03 +01:00
43af22b2de
Merge pull request #5487 from luke-clifton/lc-btsync-group
...
btsync groups
2014-12-28 20:25:13 +01:00
ea9d391bb5
Fix ntpd
...
Since the 4.2.8 upgrade, ntpd is broken on NixOS:
Dec 28 19:06:54 hagbard ntpd[27723]: giving up resolving host 1.nixos.pool.ntp.org: Servname not supported for ai_socktype (-8)
This appears to be because DNS resolution doesn't work in chroots
anymore (due to /etc being missing). So disable chroots for now. It's
probably better to use systemd's containment facilities anyway.
2014-12-28 19:38:45 +01:00
61d9f06760
fix a typo from 2627198b0c
2014-12-28 10:44:50 +01:00
0c477eb38f
Documentation update
2014-12-28 17:26:59 +08:00
61ff1b2b0a
Moved UMask to correct location
2014-12-28 16:44:27 +08:00
5fdd6f6a66
Change umask
2014-12-28 16:39:56 +08:00
2627198b0c
nixos/firewall: Add ipset utility
2014-12-28 00:04:49 -08:00
5866a9df03
added group
2014-12-28 13:23:10 +08:00
fabcc2cf7b
Added btsync group to btsync user
2014-12-28 13:17:37 +08:00
ec5fcfa82c
network-manager: specify full path to sytemctl binary
...
(cherry picked from commit af8f76c2568ae9d842716d98673b3639292a920e)
Signed-off-by: Domen Kožar <domen@dev.si>
2014-12-27 11:53:07 +01:00
2b91b9b594
Strongswan: updown script uses ip and iptables utilities
2014-12-22 20:20:52 +00:00
d0fdad5f36
Merge pull request #5419 from ehmry/tox-bootstrapd
...
tox-bootstrapd
2014-12-22 11:16:44 +01:00
01910e84f9
nixos: tox-bootstrapd service
2014-12-20 18:20:27 -05:00
681ae2fa7f
nixos/consul: Don't timeout if start job has many retries
2014-12-16 15:42:08 -08:00
42c3c205c4
Merge remote-tracking branch 'origin/master' into syncserver
2014-12-14 14:17:56 +01:00
aba0d8a73d
Fix networkmanager resumeCommands
...
Small typo prevented the post resume script to restart network manager
2014-12-14 03:46:54 -08:00
1a1fc17957
Firefox Sync Server: Create the private config file as non-world readable.
2014-12-12 22:14:38 +01:00
a0154145d5
Firefox Sync Server: Fix copy&paste issue.
2014-12-12 22:13:03 +01:00
0570a08b83
Merge remote-tracking branch 'origin/master' into syncserver
2014-12-11 23:49:19 +01:00
01886aef22
Add Firefox Sync server module.
2014-12-11 23:48:15 +01:00
0ec12d53e6
tcpcrypt: 2011.07.22 -> 0.3rc1, fix nixos service
2014-12-10 10:23:46 +01:00
c17eb7f0e6
nixos/consul: Make service definition more sane
2014-12-09 02:24:36 -08:00
159af942d5
nixos/unifi: Ensure stateDir is mounted before proceeding
2014-12-05 12:12:17 -08:00
8a94c06595
nixos: Add network-pre.target and adjust firewall start ordering
2014-12-01 17:19:44 -08:00
bcfe7b2200
Merge pull request #5043 from wkennington/master.networkd
...
nixos/networking: Revamp networking configuration and add an experimental networkd option.
2014-11-29 19:59:31 -08:00
c37611f3e5
nixos: Use vendor zones instead of N.pool.ntp.org.
...
Closes #4824 , thanks to @abh for processing my stupidity.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-11-28 19:37:03 +01:00
2249474632
nixos/sshd: Fix build if knownHosts is empty.
...
Introduced by 77ff279f27https://headcounter.org/hydra/build/583158/nixlog/5/raw
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-11-27 19:03:41 +01:00
77ff279f27
nixos/services.openssh: Allow knownHost keys to have multiple lines.
...
Useful for adding several public keys of different types for the same host.
2014-11-27 18:40:21 +01:00
91bdca38a0
NetworkManager.service -> network-manager.service
2014-11-27 12:10:20 +01:00
1860ee27b0
nixos/networking: Fixes
2014-11-26 16:29:24 -08:00
c417012c1b
nixos/dhcpcd: Respect per interface dhcp options
2014-11-26 11:22:03 -08:00
2057d9087f
nixos: Support network-online target in addition to ip-up
2014-11-26 11:22:03 -08:00
59f512ef7d
nixos/network-interfaces: Provide a networkd implementation
2014-11-26 11:22:02 -08:00
a332c4eac5
systemd: Enable more network services
2014-11-26 11:22:02 -08:00
dd2dedafa3
Style fixes
2014-11-25 16:01:27 +01:00
4c33004e1f
Added strongSwan service
2014-11-25 15:29:34 +01:00
f83aa6c0ea
nixos/unifi: Properly depend on mountpoints
2014-11-24 12:40:07 -08:00
fd5566da41
Merge pull request #5080 from joachifm/dnscrypt-refactor
...
dnscrypt-proxy: minor superficial improvements
2014-11-24 15:48:47 +03:00
8309aa04b2
unifi: Actually remove webapps at shutdown
2014-11-24 02:30:04 -08:00
8f0d65e2df
unifi: Clean all of webapps at start and stop
2014-11-24 00:22:24 -08:00
3f7b2bc70d
unifi: Fix typo
2014-11-24 00:06:42 -08:00
119d93e223
dnscrypt-proxy: minor superficial improvements
...
- Use upstream description and explicitly set platforms = all
- Coding conventions fix
2014-11-22 16:19:06 +01:00
826f5468ab
nixos/unifi: Remove old ROOT.war links before relinking
2014-11-14 11:45:38 -08:00
d0e15cc575
Merge pull request #4983 from bosu/fw-stop-fix
...
firewall: clear rpfilter on stop
2014-11-14 00:14:27 -08:00
Oliver Matthews
William A. Kennington III
Nikolay Amiantov
Jan Malakhovski
Arseniy Seroka
Edward Tjörnhammar
Christoph Hrdinka
lethalman
Eelco Dolstra
Nikita Mikhailov
Eduard Bachmakov
Bjørn Forsman
aszlig
Sou Bunnbu
Sergey Mironov
Mathijs Kwik
James Cook
Jaka Hudoklin
koral
Shea Levy
Longrin Wischnewski
tv
Joachim Fasting
Peter Simons
Domen Kožar
Nicolas B. Pierron
Eric Seidel
Vladimír Čunát
Tobias Geerinckx-Rice
Luke Clifton
Igor Pashev
Emery Hemingway
Sebastián Bernardo Galkin
Rickard Nilsson