Parnell Springmeyer
9e36a58649
Merging against upstream master
2017-02-13 17:16:28 -06:00
Graham Christensen
b1a05a0865
nixos: drop references to kde4
...
Excluding modules/programs/environment.nix for PATHand QT_PLUGIN_PATH to allow the programs to continue running.
2017-02-11 14:01:13 -05:00
Profpatsch
ed8a0d8e5e
modules/searx: add package option ( #22636 )
...
The user should be able to specify a patched version of searx.
2017-02-10 22:44:10 +01:00
afranchuk
a5e041ac08
libreswan service: make EnvironmentFile optional ( #22591 )
...
Recent versions of libreswan seem to omit this file, but it may be added/changed in the future. It is silly to have the service fail because a file is missing that only enriches the environment.
2017-02-10 00:53:44 +01:00
Joachim F
ca8fb930b1
Merge pull request #22356 from Ekleog/redsocks
...
Redsocks
2017-02-09 22:39:43 +01:00
Léo Gaspard
7a32b96697
redsocks module: initialize
...
redsocks module: use separate user for redsocks daemon
2017-02-09 18:01:14 +01:00
Ricardo M. Correia
9293f86bf2
nixos.chrony: remove generatecommandkey option
...
It's deprecated and no longer used.
2017-02-07 18:01:58 +01:00
Ricardo M. Correia
e3fce56047
nixos.chrony: add extraFlags config option
2017-02-07 18:01:57 +01:00
Ricardo M. Correia
af4e6f155e
nixos.chrony: pass config file directly to daemon
...
This fixes an issue where `nixops deploy` wouldn't restart the chrony
service when the chrony configuration changed, because it wouldn't
detect that `/etc/chrony.conf` was a dependency of the chrony service.
2017-02-07 13:48:58 +01:00
Shea Levy
714fdb425a
firewall: Fix check for rpfilter on manual-config kernels
2017-02-06 16:43:23 -05:00
Shea Levy
67ef18d01a
supplicant nixos module: Allow not specifying the configFile path
2017-02-05 06:50:20 -05:00
Joachim Fasting
2628597e76
cjdns service: allow daemon to drop privileges
...
The service can run certain components with reduced privileges, but for
that it needs the setuid capability.
2017-02-05 04:54:26 +01:00
Joachim Fasting
a0338afe5f
cjdns service: allow writing keys to /etc
...
20e81f7c0d
prevented key generation in
`preStart`, leaving the service broken for the case where the user has
no pre-existing key.
Eventually, we ought to store the state elsewhere so that `/etc` can be
read-only but for now we fix this the easy way.
2017-02-05 04:54:18 +01:00
rnhmjoj
a3ff62d48c
namecoind: refactor nixos module
2017-02-03 20:06:45 +01:00
rnhmjoj
f7d49037a4
dnschain service: overhaul option interface & implementation
...
Closes https://github.com/NixOS/nixpkgs/pull/22041
2017-02-03 19:49:16 +01:00
Nikolay Amiantov
230c97c944
Merge pull request #22303 from abbradar/nfs4
...
NFS improvements
2017-02-03 20:04:25 +03:00
Yorick van Pelt
1b47bc9477
service.asterisk: add package option
2017-02-02 15:16:00 +01:00
Nikolay Amiantov
876a6d7f03
rpcbind service: use upstream systemd unit
2017-02-01 02:45:19 +03:00
Edward Tjörnhammar
b08524bf01
nixos: nylon, use named instances
2017-01-30 20:32:06 +01:00
Edward Tjörnhammar
e324c02aa5
nixos: i2pd, follow redirect
2017-01-29 18:00:58 +01:00
Parnell Springmeyer
628e6a83d0
More derp
2017-01-29 05:33:56 -06:00
Parnell Springmeyer
4aa0923009
Getting rid of the var indirection and using a bin path instead
2017-01-29 04:11:01 -06:00
Parnell Springmeyer
a8cb2afa98
Fixing a bunch of issues
2017-01-29 01:58:12 -06:00
Parnell Springmeyer
e92b8402b0
Addressing PR feedback
2017-01-28 20:48:03 -08:00
Parnell Springmeyer
a26a796d5c
Merging against master - updating smokingpig, rebase was going to be messy
2017-01-26 02:00:04 -08:00
Parnell Springmeyer
025555d7f1
More fixes and improvements
2017-01-26 00:05:40 -08:00
Parnell Springmeyer
bae00e8aa8
setcap-wrapper: Merging with upstream master and resolving conflicts
2017-01-25 11:08:05 -08:00
Vladimír Čunát
278bbe3b33
add kresd service with basic options
...
Still celebrating today's 1.2.0 release!
2017-01-25 18:46:28 +01:00
Franz Pletz
8322a12ef2
firewall: disable conntrack helper autoloading by default
...
This was disabled in the Linux kernel since 4.7 and poses a security risk
if not configured properly.
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=486dcf43da7815baa615822f3e46883ccca5400f
2017-01-25 01:14:04 +01:00
Franz Pletz
403fdd737e
linux: remove canDisableNetfilterConntrackHelpers feature
...
This feature is available in all kernels in nixpkgs.
2017-01-25 00:28:55 +01:00
Michael Raskin
7516dbe35e
Merge pull request #22045 from rnhmjoj/recursor
...
PowerDNS Recursor: add package and service
2017-01-24 17:54:47 +00:00
Tristan Helmich
b3b300b6ff
smokeping: setuid for fping6
2017-01-24 12:40:21 +01:00
rnhmjoj
6bcf89f217
pdns-recursor: add service
2017-01-23 17:57:48 +01:00
Jaka Hudoklin
90e0ed32ef
Merge pull request #22043 from rnhmjoj/dnscrypt-wrapper
...
dnscrypt-wrapper: add service
2017-01-23 11:23:28 +01:00
rnhmjoj
9f2bb2ed42
dnscrypt-wrapper: add service
2017-01-23 07:06:07 +01:00
Robert Helgesson
cd9f709582
flannel service: fix enable expression
...
Need to surround the equality check in parentheses.
2017-01-22 21:58:39 +01:00
Franz Pletz
df0301f59b
nixos/networkmanager: trigger assertion instead of error
2017-01-22 20:32:24 +01:00
Michael Weiss
460b43dbfe
firewall: Improve the comments (documentation) ( #21862 )
...
* Fix the FW names
FW_REFUSE was removed and nixos-fw-input was renamed to nixos-fw.
* Update the comment (documentation) at the top
Order the chains of the main table alphabetically (like in the rest of
the file) and add nixos-fw-rpfilter (from the raw table) and nixos-drop
(used while reloading the firewall).
* Refactor the module (mainly comments)
- Move some attributes to the top for better visibility (that should
hopefully make it easier to read and understand this module without
jumping around too much).
- Add some missing examples and improve some descriptions.
- Reorder the mkOption attributes for consistency.
- Wrap lines at 72 characters.
- Use two spaces between sentences.
2017-01-18 17:18:11 +01:00
Svein Ove Aas
fec95a40f1
ddclient: Don't include blank server= lines.
2017-01-16 18:54:49 +01:00
Nikolay Amiantov
70a6628848
Merge pull request #21882 from abbradar/dhcp6
...
DHCPv6 improvements
2017-01-15 19:53:33 +03:00
Nikolay Amiantov
820b4cd067
firewall service: allow DHCPv6 client traffic
2017-01-15 19:38:54 +03:00
Nikolay Amiantov
1158eda66a
dhcpd service: add DHCPv6 support
2017-01-15 19:38:53 +03:00
Volth
ac0b6b9a2c
miredo: do not run miredo-checkconf
2017-01-12 14:30:58 +00:00
Svein Ove Aas
a4fca56897
ddclient: Write /etc/ddclient.conf when requested
...
Fixes #20101
From PR #21417
2017-01-09 06:29:15 +01:00
Valentin Shirokov
e138d3afdf
Added option networking.wireless.networks.*.priority
...
It is literal 'priority' option of wpa_supplicant.conf
2017-01-07 20:23:12 +08:00
Franz Pletz
e6708cea37
bind: fix collision of binaries in outputs
...
Using outputsToInstall the intended behaviour of including host and dnsutils
when bind is installed can be implemented instead of using symlinks to fix
installing all outputs individually with nix-env.
Fixes #19761 .
2017-01-07 02:44:54 +01:00
Franz Pletz
cdbffaa86e
Merge pull request #21625 from mayflower/smokeping
...
smokeping: Allow customization of cgiurl and imgurl
2017-01-04 21:56:12 +01:00
Joachim F
9e0dc9fa7c
Merge pull request #21592 from joachifm/cjdns-optional-extraHosts
...
cjdns service: optional extraHosts
2017-01-04 18:54:09 +01:00
Tristan Helmich
f808502aba
smokeping: cleanup (option ordering)
2017-01-03 23:10:59 +01:00
Tristan Helmich
b5703eaa80
smokeping: Allow full override of imgurl + cgiurl
2017-01-03 23:10:54 +01:00