public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
229,521 Commits 1 Branch 0 Tags
Commit Graph

8650 Commits

Author SHA1 Message Date
Daniel KT
4590a2380e nixos/nextcloud: add Strict-Transport-Security 
This commit adds a Strict-Transport-Security header to
the nginx config file generated by the nextcloud module.

The Strict-Transport-Security header is recommended in
official guide for hardening Nextcloud installations:
https://docs.nextcloud.com/server/16/admin_manual/installation/harden_server.html

Further, if it is not set, we see a warning in the security scan results
in the Nextcloud admin panel:

```
The "Strict-Transport-Security" HTTP header is not set to at least "15552000" seconds. For enhanced security, it is recommended to enable HSTS as described in the security tips

```
 2019-09-25 16:56:53 -04:00
Marek Mahut
a28f136bdb
Merge pull request #69297 from aanderse/zabbix 
nixos/zabbixServer: move pid file from default (/tmp) to /run/zabbix …
 2019-09-25 20:35:50 +02:00
edef
429644bf4c nixos/rabbitmq: use an attrset for example configItems 2019-09-25 17:38:00 +00:00
markuskowa
389c287b90
Merge pull request #69398 from Evils-Devils/fancontrol 
nixos/fancontrol: init
 2019-09-25 18:34:16 +02:00
Evils-Devils
6765f049f2
Update nixos/modules/services/hardware/fancontrol.nix 
Co-Authored-By: markuskowa <markus.kowalewski@gmail.com>
 2019-09-25 17:31:20 +02:00
Evils-Devils
44e2ff26b8
Update nixos/modules/services/hardware/fancontrol.nix 
Co-Authored-By: markuskowa <markus.kowalewski@gmail.com>
 2019-09-25 17:24:49 +02:00
Evils
401b0b0c7b fancontrol: load config from configuration.nix 2019-09-25 17:05:09 +02:00
Evils-Devils
5fe72ee446
Update nixos/modules/services/hardware/fancontrol.nix 
Co-Authored-By: markuskowa <markus.kowalewski@gmail.com>
 2019-09-25 14:49:28 +02:00
Evils
baa642e8b3 fancontrol: more cleanup 2019-09-25 14:42:22 +02:00
Markus Kowalewski
8b4ce06e63
nixos/orangefs: add modules for server and client 2019-09-25 14:17:08 +02:00
Evils
30f8bc974c update cfg to match section change 2019-09-25 13:43:06 +02:00
Evils-Devils
6c19673fef
Update nixos/modules/services/hardware/fancontrol.nix 
Co-Authored-By: markuskowa <markus.kowalewski@gmail.com>
 2019-09-25 13:28:16 +02:00
Evils
81b6dec3c8 fancontrol service init 2019-09-25 05:05:32 +02:00
Peter Hoeg
81cd220c67 nixos/pymks: log to journal 2019-09-25 06:33:34 +08:00
Peter Hoeg
4b34dd3120
Merge pull request #69300 from peterhoeg/f/ha2 
nixos/home-assistant: set bluetooth perms
 2019-09-25 04:49:31 +08:00
Janne Heß
aa27c1c664 nixos/memcached: Switch to a system user 2019-09-24 20:10:19 +02:00
talyz
58a7502421 nixos/gitlab: Only create the database when databaseHost is unset 
Make sure that we don't create a database if we're not going to
connect to it. Also, fix the assertion that usernames be equal to only
trig when peer authentication is used (databaseHost == "").
 2019-09-24 15:04:20 +02:00
talyz
ec958d46ac nixos/gitlab: Fix evaluation failure when postgresql is disabled 
config.services.postgresql.package is only defined when the postgresql
service is activated, which means we fail to evaluate when
databaseCreateLocally == false. Fix this by using the default
postgresql package when the postgresql service is disabled.
 2019-09-24 15:04:19 +02:00
Florian Klink
e813eb2b65
nixos/gitlab: Update release notes and documentation (#69313) 
nixos/gitlab: Update release notes and documentation
 2019-09-24 13:00:35 +02:00
Vladimír Čunát
192fb9d11b
Merge branch 'staging-next' into staging 2019-09-24 08:15:01 +02:00
Vladimír Čunát
eab41878ac
Merge branch 'master' into staging-next 2019-09-24 08:14:34 +02:00
Jörg Thalheim
bfed455de3
Merge pull request #68946 from volth/escape 
treewide: fix string escapes
 2019-09-24 04:19:12 +01:00
Jeff Slight
346a6ce265 nixos/mattermost: use database config if set to immutable 2019-09-23 14:56:41 -07:00
Notkea
981177e4dd nixos/postgresql-wal-receiver: remove restart limit (#67857) 
useful in case of network disruption
 2019-09-23 22:51:26 +03:00
talyz
dfc43f7d0a nixos/gitlab: Document the restriction introduced on statePath 
The state path now, since the transition from initialization in
preStart to using systemd-tmpfiles, has the following restriction: no
parent directory can be owned by any other user than root or the user
specified in services.gitlab.user. This is a potentially breaking
change and the cause of the error isn't immediately obvious, so
document it both in the release notes and statePath description.
 2019-09-23 17:55:58 +02:00
Peter Hoeg
e537a0a11e home-assistant: set capabilities for bluetooth 2019-09-23 21:54:16 +08:00
Aaron Andersen
32a38d50bb nixos/zabbixServer: move pid file from default (/tmp) to /run/zabbix to avoid issues with PrivateTmp=true 2019-09-23 09:35:51 -04:00
Florian Klink
6262e83f5f
nixos/gitlab: Add gnutar and gzip to gitlab-sidekiq's path (#68908) 
nixos/gitlab: Add gnutar and gzip to gitlab-sidekiq's path
 2019-09-23 06:40:52 +02:00
Peter Hoeg
55509279a9
Merge pull request #69260 from volth/patch-369 
nixos/mailcatcher: add bind capabilities
 2019-09-23 11:27:32 +08:00
Peter Hoeg
423eb16913
Merge pull request #15560 from peterhoeg/nm_dnsdhcp 
nixos/networkmanager: tiny cleanups
 2019-09-23 10:16:32 +08:00
volth
6c038cd409
nixos/mailcatcher: add bind capabilities 2019-09-22 19:49:26 +00:00
Minijackson
367cd2c7f8
nixos/shiori: init with test 2019-09-22 18:48:07 +02:00
Jan Tojnar
f2b9f5baa5
Merge branch 'staging-next' into staging 2019-09-22 16:39:56 +02:00
Jan Tojnar
11c2b06dd2
Merge branch 'master' into staging-next 2019-09-22 16:39:12 +02:00
Martin Milata
2adb03fdae nixos/wordpress: generate secrets locally 
Use /dev/urandom to generate keys and salts instead of downloading them
from https://api.wordpress.org/secret-key/1.1/salt/
 2019-09-22 14:33:08 +02:00
danbst
e557ad74ac move from 19.09 to 20.03 2019-09-22 12:27:39 +03:00
Jörg Thalheim
8c7667c325
Enable work variant firewall with iptables-compat (#66953) 
Enable work variant firewall with iptables-compat
 2019-09-22 09:28:16 +01:00
Jörg Thalheim
ffa80e75b7
nixos/firewall: rename iptables-compat to iptables-nftables-compat 2019-09-22 09:09:43 +01:00
Vladimír Čunát
6c567ed797
Merge branch 'staging-next' into staging 2019-09-22 10:06:45 +02:00
Vladimír Čunát
22a216849b
Re-Revert "Merge branch 'staging-next'" 
This reverts commit f8a8fc6c7c079de430fa528f688ddac781bcef16.
 2019-09-22 09:38:09 +02:00
Peter Hoeg
1c7aaf227c nixos/networkmanager: tiny cleanups 
These are the leftovers of an older PR.

a. Send messages to auditd if auditing is enabled.
b. Add missing dbus configuration if dnsmasq is used for DNS
 2019-09-22 13:33:43 +08:00
Mario Rodas
54433c443b
nixos/spotifyd: update spotifyd flags 2019-09-21 17:10:00 -05:00
Vladimír Čunát
f8a8fc6c7c
Revert "Merge branch 'staging-next'" 
This reverts commit 41af38f3728bd64b80721c44ed1fb019978cbc1b, reversing
changes made to f0fec244ca380b9d3e617ee7b419c59758c8b0f1.

Let's delay this.  We have some serious regressions.
 2019-09-21 20:05:09 +02:00
Vladimír Čunát
41af38f372
Merge branch 'staging-next' 2019-09-21 13:14:09 +02:00
Elis Hirwing
89b0ef6589
Merge pull request #69195 from c0deaddict/fix/gitea-dump 
nixos/gitea: fix dump
 2019-09-21 10:02:41 +02:00
Jos van Bakel
86b83f37b8
nixos/gitea: fix dump 2019-09-21 09:28:53 +02:00
danbst
fb863fceea nixos/postgresql: switch default 9.6 -> 11 
This is designed for 19.09 release.
 2019-09-21 10:18:56 +03:00
yvt
832ede6514 nixos/do-agent: init 2019-09-21 13:16:25 +09:00
Matthew Bauer
d8b7b95ac6 Merge remote-tracking branch 'origin/master' into staging 2019-09-20 23:25:24 -04:00
Jeff Slight
366be2ea32 nixos/mattermost: unescape unicode characters in config.json 2019-09-19 16:41:37 -07:00