Félix Baylac-Jacqué 353a8b58e6

nixos/prosody: leverage systemd sandbox features to harden service ...

We are leveraging the systemd sandboxing features to prevent the
service accessing locations it shouldn't do. Most notably, we are here
preventing the prosody service from accessing /home and providing it
with a private /dev and /tmp.

Please consult man systemd.exec for further informations.

2020-04-30 20:40:00 +02:00

..

config

Merge pull request #84242 from gnidorah/qt

2020-04-24 08:47:21 -04:00

hardware

libtxc_dxtn{,_s2tc}: remove from nixpkgs + hardware.opengl options

2020-04-20 03:19:41 +02:00

i18n/input-method

Revert "ibus: fix dconf db installation"

2020-04-24 18:22:59 -04:00

installer

installation-cd-graphical-gnome: don't run xorg default

2020-04-21 15:26:25 -04:00

misc

Update link in /etc/os-release (#85723)

2020-04-22 00:16:22 +02:00

profiles

Merge pull request #74378 from ttuegel/lxc-container

2020-04-25 16:25:15 +02:00

programs

Revert "ibus: fix dconf db installation"

2020-04-24 18:22:59 -04:00

security

Merge pull request #85365 from immae/fix_acme_postrun

2020-04-18 13:16:16 -04:00

services

nixos/prosody: leverage systemd sandbox features to harden service

2020-04-30 20:40:00 +02:00

system

Merge pull request #85735 from nh2/journald-storage-limit-logs

2020-04-23 13:35:12 +02:00

tasks

nixos/networking: move network-link-${i.name} to scripted networking

2020-04-13 22:03:35 +02:00

testing

nixos/service-runner.nix: Allow quotes in commands + test

2020-02-28 14:26:29 +01:00

virtualisation

Merge pull request #82414 from AmineChikhaoui/update-ec2-amis-19-09

2020-04-25 18:15:41 -04:00

module-list.nix

nixos.virtualisation.containers: Init common /etc/containers configuration module

2020-04-21 10:38:39 +01:00

rename.nix

nixos: fix module paths in rename.nix

2020-03-11 15:59:22 +01:00