public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
229,521 Commits 1 Branch 0 Tags
Commit Graph

8650 Commits

Author SHA1 Message Date
Joachim Fasting
22d6c97855
unbound service: extend isLocalAddress to handle ipv6 2016-09-16 09:47:36 +02:00
zimbatm
7a6b860e1c Merge pull request #18437 from Mic92/telegraf 
Telegraf
 2016-09-15 23:21:08 +01:00
Robin Gloster
55b8430f6f
Merge branch 'prometheus-node-exporter' of https://github.com/teh/nixpkgs into prometheus-nixos-exporter 2016-09-15 20:59:17 +02:00
Robin Gloster
e43a15720d
prometheus module: add nodeExporter submodule 2016-09-15 20:31:03 +02:00
Joachim Fasting
5dc60051fa
unbound service: some pre-chroot isolation 
While entering the chroot should provide the same amount of isolation,
the preStart script will run with full root privileges and so would
benefit from some isolation as well (in particular due to
unbound-anchor, which can perform network I/O).
 2016-09-15 15:37:20 +02:00
Joachim Fasting
39f5182a30
unbound service: use auto-generated uid 
1. The preStart script ensures consistent ownership, even if the unbound
   user's uid has changed
2. The unbound daemon does not generate data that needs to be private to
   it, so it would not matter that a different service would end up
   owning its data (as long as unbound remains enabled, it should reclaim
   ownership soon enough anyway).

Thus, there's no clear benefit to allocate a dedicated uid for the
unbound service.  This releases uid/gid 48.

Also, because the preStart script creates the data directory, there's no
need to specify a homedir or ask for its creation.
 2016-09-15 15:37:19 +02:00
Joachim Fasting
0759e77dfd
unbound service: add reference to man:unbound.conf(8) 2016-09-15 15:37:19 +02:00
Joachim Fasting
52432ee63d
unbound service: non-blocking random in chroot 
/dev/random is an exhaustible resource. Presumably, unbound will not be
used to generate long-term encryption keys and so allowing it to use
/dev/random only increases the risk of entropy exhaustion for no
benefit.
 2016-09-15 15:37:19 +02:00
Joachim Fasting
7980523e00
unbound service: convenient handling of local forward addresses 
do-not-query-localhost defaults to yes; with this patch, unbound is
configured to query localhost if any of the forward addresses are local.
 2016-09-15 15:37:19 +02:00
Joachim F
fbcb93852c Merge pull request #18047 from Nadrieril/ttrss 
tt-rss service: Use nginx virtualhosts; improve config options
 2016-09-15 13:37:20 +02:00
Joachim F
c571a7f221 Merge pull request #18500 from tvon/fix/gocd-server-options 
gocd-server: add startupOptions, empty extraOptions
 2016-09-15 13:24:48 +02:00
Théophane Hufschmitt
0401260922 selfoss service: init 2016-09-14 09:23:56 +02:00
Jörg Thalheim
8fddcad3f9
telegraf: init at 1.0.0 
Signed-off-by: Jörg Thalheim <joerg@higgsboson.tk>
 2016-09-14 07:19:55 +02:00
Vladimír Čunát
aa0fa19373 gtk2: move gtk-update-icon-cache to gtk2.out 
... to be useful for regeneration when building nixos environments.
Fixes #18536 (hopefully).
 2016-09-13 23:51:57 +02:00
Tom Hunger
0ded9a63a3 prometheus-node-exporter: Add module. 2016-09-13 11:28:45 +01:00
Alexander Ried
8524df1259 networking.nat: replace network-interfaces.target 
We can replace this safely with network-pre because iptables does not
care whether the interfaces exist or not.
 2016-09-13 11:19:22 +02:00
Alexander Ried
60430b140c lshd service: remove use of network-interfaces.target 2016-09-13 11:19:22 +02:00
Alexander Ried
d43b2b9c85 openvpn service: network-interfaces.target -> network.target 2016-09-13 11:19:22 +02:00
Alexander Ried
97416eaeef gpve service: network-interfaces.target -> network.target 2016-09-13 11:19:22 +02:00
Alexander Ried
4231293010 cluster.kubernetes: fix service ordering 
Requires does NOT imply After, so I added the missing ordering.
 2016-09-13 11:19:22 +02:00
Alexander Ried
5481831263 misc.etcd: get closer to upstream service definition 
taken from
https://github.com/coreos/etcd/blob/master/contrib/systemd/etcd.service

I intentionally kept "After = network.target" because I think it's
missing upstream (https://github.com/coreos/etcd/pull/6388)
 2016-09-13 11:19:22 +02:00
Alexander Ried
23ca90b013 monitoring.monit: get closer to upstream service definition 
taken from
e02247e048/system/startup/monit.service.in
 2016-09-13 11:19:22 +02:00
Alexander Ried
fbf0abf4af softether: improve service dependencies 2016-09-13 11:19:22 +02:00
Alexander Ried
9819cdc71a wicd: get closer to upstream service definition 
taken from
http://bazaar.launchpad.net/~wicd-devel/wicd/experimental/view/head:/other/wicd.service
 2016-09-13 11:19:22 +02:00
Alexander Ried
3ada966bd5 treewide: minor format / style / documentation fixes 2016-09-13 11:19:22 +02:00
Alexander Ried
bc7710468d networking.dhcpcd: use upstream targets 2016-09-13 11:19:22 +02:00
Joachim Fasting
3dc69799b6 tomcat: remove use of network-interfaces.target 2016-09-13 11:19:22 +02:00
Joachim Fasting
c71bb91f66 peerflix: remove use of network-interfaces.target 2016-09-13 11:19:22 +02:00
Joachim Fasting
820b769fc8 oauth2_proxy: remove use of network-interfaces.target 2016-09-13 11:19:22 +02:00
Joachim Fasting
b5756c8660 kibana service: remove use of network-interfaces.target 2016-09-13 11:19:22 +02:00
Joachim Fasting
94ed3de09e elasticsearch service: remove use of network-interfaces.target 2016-09-13 11:19:22 +02:00
Joachim Fasting
b6e5c620a3 marathon service: remove use of network-interfaces.target 2016-09-13 11:19:22 +02:00
Joachim Fasting
3826c19392 chronos service: remove use of network-interfaces.target 2016-09-13 11:19:22 +02:00
Joachim Fasting
5a2a3510b9 zerobin service: remove use of network-interfaces.target 2016-09-13 11:19:22 +02:00
Joachim Fasting
c7ed675fe3 xinetd service: remove use of network-interfaces.target 2016-09-13 11:19:22 +02:00
Joachim Fasting
cda9af6eb8 wpa-supplicant service: remove use of network-interfaces.target 2016-09-13 11:19:22 +02:00
Joachim Fasting
768b333dc1 tinc service: remove use of network-interfaces.target 2016-09-13 11:19:22 +02:00
Joachim Fasting
795defaae0 tcpcrypt service: remove use of network-interfaces.target 2016-09-13 11:19:22 +02:00
Joachim Fasting
67d9369e5d radicale service: network-interfaces.target -> network{,-online}.target 2016-09-13 11:19:22 +02:00
Joachim Fasting
652e0b4b8a oidentd service: network-interfaces.target -> network.target 2016-09-13 11:19:22 +02:00
Joachim Fasting
ae71667451 cjdns service: network-interfaces.target -> network.target 2016-09-13 11:19:22 +02:00
Joachim Fasting
69e15b7ba5 bind service: network-interfaces.target -> network.target 2016-09-13 11:19:22 +02:00
Joachim Fasting
22976bc951 openafs-client service: network-interfaces.target -> network.target 2016-09-13 11:19:22 +02:00
Joachim Fasting
1a60210561 nagios service: network-interfaces.target -> network.target 2016-09-13 11:19:22 +02:00
Joachim Fasting
b38c0c94ab graphite service: network-interfaces.target -> network.target 2016-09-13 11:19:22 +02:00
Joachim Fasting
c2d007e0f7 zookeeper service: network-interfaces.target -> network.target 2016-09-13 11:19:22 +02:00
Joachim Fasting
4c7f53e9b4 svnserve service: network-interfaces.target -> network.target 2016-09-13 11:19:22 +02:00
Joachim Fasting
9b1177f69d mesos-slave service: network-interfaces.target -> network.target 2016-09-13 11:19:22 +02:00
Joachim Fasting
2d48f1c487 mesos-master service: network-interfaces.target -> network.target 2016-09-13 11:19:22 +02:00
Joachim Fasting
ebc8e082e9 folding-at-home service: network-interfaces.target -> network.target 2016-09-13 11:19:22 +02:00